feat: Add Public APIs for API Channel (#2375)

2021-06-15 20:09:17 +05:30
parent 0f377da109
commit 853db60f8e
29 changed files with 404 additions and 11 deletions
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -85,4 +85,7 @@ Rails.application.configure do
      resource '*', headers: :any, methods: :any, expose: ['access-token', 'client', 'uid', 'expiry']
    end
  end
+
+  # ref : https://medium.com/@emikaijuin/connecting-to-action-cable-without-rails-d39a8aaa52d5
+  config.action_cable.disable_request_forgery_protection = true
 end
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -42,9 +42,12 @@ Rails.application.configure do
  # Mount Action Cable outside main process or domain
  # config.action_cable.mount_path = nil
  # config.action_cable.url = 'wss://example.com/cable'
-  if ENV['FRONTEND_URL'].present?
-    config.action_cable.allowed_request_origins = [ENV['FRONTEND_URL'], %r{https?://#{URI.parse(ENV['FRONTEND_URL']).host}(:[0-9]+)?}]
-  end
+
+  # to enable connecting to the API channel public APIs
+  config.action_cable.disable_request_forgery_protection = true
+  # if ENV['FRONTEND_URL'].present?
+  #   config.action_cable.allowed_request_origins = [ENV['FRONTEND_URL'], %r{https?://#{URI.parse(ENV['FRONTEND_URL']).host}(:[0-9]+)?}]
+  # end

  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
  config.force_ssl = ActiveModel::Type::Boolean.new.cast(ENV.fetch('FORCE_SSL', false))