configuration to disable api key support (#123)

## Problem A user cannot use all the features of the library without also using the API Key auth features. ## Solution ```ruby Stitches.configure do |config| config.disable_api_key_support = true end ```
stitchfix · Jun 13, 2024 · b791d8e · b791d8e
1 parent a7b9d8b
commit b791d8e
Show file tree

Hide file tree

Showing 4 changed files with 265 additions and 226 deletions.
diff --git a/lib/stitches/api_key.rb b/lib/stitches/api_key.rb
@@ -23,6 +23,8 @@ class ApiKey < Stitches::AllowlistMiddleware
   protected
 
     def do_call(env)
+      return @app.call(env) if Stitches.configuration.disable_api_key_support
+
       authorization = env["HTTP_AUTHORIZATION"]
       if authorization
         if authorization =~ /#{configuration.custom_http_auth_scheme}\s+key=(.*)\s*$/

diff --git a/lib/stitches/configuration.rb b/lib/stitches/configuration.rb
@@ -17,9 +17,10 @@ def reset_to_defaults!
     @max_cache_size = NonNullInteger.new("max_cache_size", 0)
     @disabled_key_leniency_in_seconds = ActiveSupport::Duration.days(3)
     @disabled_key_leniency_error_log_threshold_in_seconds = ActiveSupport::Duration.days(2)
+    @disable_api_key_support = false
   end
 
-  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds
+  attr_accessor :disabled_key_leniency_in_seconds, :disabled_key_leniency_error_log_threshold_in_seconds, :disable_api_key_support
 
   # A RegExp that allows URLS around the mime type and api key requirements.
   # nil means that ever request must have a proper mime type and api key.