autoconfigurar airbrake

app/controllers/api/v1/notices_controller.rb

@@ -10,7 +10,7 @@ module Api
       # solo si la API key es verificable.  Del otro lado siempre
       # respondemos con lo mismo.
       def create
-        if verify_api_key
+        if site&.airbrake_valid? airbrake_token
           BacktraceJob.perform_later site_id: params[:site_id],
                                      params: airbrake_params.to_h
         end
@@ -31,12 +31,6 @@ module Api
       rescue ActiveRecord::RecordNotFound
       end
 
-      def verify_api_key
-        site&.verifier&.verify(airbrake_token, purpose: :airbrake) === Site::Api::AIRBRAKE_SECRET
-      rescue ActiveSupport::MessageVerifier::InvalidSignature
-        false
-      end
-
       def airbrake_token
         @airbrake_token ||= params[:key]
       end

app/controllers/env_controller.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class EnvController < ActionController::Base
+  skip_before_action :verify_authenticity_token
+
+  def index
+    @site = Site.find_by_name('panel')
+    stale? @site
+  end
+end

app/javascript/packs/application.js

@@ -18,9 +18,9 @@
 import { Notifier } from '@airbrake/browser'
 
 window.airbrake = new Notifier({
-  projectId: process.env.AIRBRAKE_SITE_ID,
-  projectKey: process.env.AIRBRAKE_API_KEY,
-  host: process.env.PANEL_URL
+  projectId: window.env.AIRBRAKE_SITE_ID,
+  projectKey: window.env.AIRBRAKE_API_KEY,
+  host: window.env.PANEL_URL
 })
 
 import 'core-js/stable'

app/models/site/api.rb

@@ -22,6 +22,12 @@ class Site
         @airbrake_api_key ||= verifier.generate(airbrake_secret, purpose: :airbrake)
       end
 
+      def airbrake_valid?(token)
+        ActiveSupport::SecurityUtils.secure_compare(verifier.verify(token, purpose: :airbrake), airbrake_secret)
+      rescue ActiveSupport::MessageVerifier::InvalidSignature
+        false
+      end
+
       private
 
       def airbrake_secret

app/views/env/index.js.haml

@@ -0,0 +1,7 @@
+= cache @site do
+  :plain
+    window.env = {
+      AIRBRAKE_SITE_ID: #{@site&.id || 1},
+      AIRBRAKE_API_KEY: "#{@site&.airbrake_api_key}",
+      PANEL_URL: "#{ENV['PANEL_URL']}"
+    }

app/views/layouts/application.html.haml

@@ -11,18 +11,13 @@
 
     %title Sutty
 
+    %script{ type: 'text/javascript', src: '/env.js' }
     = csrf_meta_tags
-    = stylesheet_link_tag 'application', media: 'all',
-      'data-turbolinks-track': 'reload'
-    = javascript_pack_tag 'application',
-      'data-turbolinks-track': 'reload'
-    = stylesheet_pack_tag 'application',
-      'data-turbolinks-track': 'reload'
-    = javascript_include_tag 'application',
-      'data-turbolinks-track': 'reload'
-
-    = favicon_link_tag 'sutty_cuadrada.png',
-      rel: 'apple-touch-icon', type: 'image/png'
+    = stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload'
+    = javascript_pack_tag 'application', 'data-turbolinks-track': 'reload'
+    = stylesheet_pack_tag 'application', 'data-turbolinks-track': 'reload'
+    = javascript_include_tag 'application', 'data-turbolinks-track': 'reload'
+    = favicon_link_tag 'sutty_cuadrada.png', rel: 'apple-touch-icon', type: 'image/png'
 
   %body{ class: yield(:body) }
     .container-fluid#sutty

config/routes.rb

@@ -34,6 +34,7 @@ Rails.application.routes.draw do
   get '/sites/private/:site_id(*file)', to: 'private#show', constraints: { site_id: %r{[^/]+} }
   # Obtener archivos estáticos desde el directorio público
   get '/sites/:site_id/static_file/(*file)', to: 'sites#static_file', as: 'site_static_file', constraints: { site_id: %r{[^/]+} }
+  get '/env.js', to: 'env#index'
 
   match '/api/v3/projects/:site_id/notices' => 'api/v1/notices#create', via: %i[post]