Merge pull request #5 from vladislavbakan/feature_security_cache_cont…

…enttype

Features: security, cache, default content type

README.md

@@ -175,6 +175,47 @@ You can configure it as follows:
 
 Even if you provide a authentication_value you can later change it from the ui.
 
+Access authorization
+--------------
+
+Swaggard supports access authorization.
+
+You can configure it as follows:
+
+    # config/initializers/swaggard.rb
+    Swaggard.configure do |config|
+      config.access_username  = 'admin'
+      config.access_password   = 'password'
+    end
+
+If you not set `access_username`, everyone will have access to Swagger documentation.
+
+Default content type
+--------------
+
+You can set default content type in Swaggard configuration as follows:
+
+    # config/initializers/swaggard.rb
+    Swaggard.configure do |config|
+      config.default_content_type = 'application/json'
+    end
+
+If you set `default_content_type`, Swagger will use it in example request.
+
+Caching
+--------------
+
+You can improve Swagger performance by using caching. You can enable `use_cache` in Swaggard configuration as follows:
+
+    # config/initializers/swaggard.rb
+    Swaggard.configure do |config|
+      config.use_cache = Rails.env.production?
+    end
+
+If you set `use_cache` as `Rails.env.production?`, Swagger will use cache only in production mode.
+
+Note. For cache clearing you can execute `rake swaggard:clear_cache`.
+
 Documentation Scoping
 ---------------------
 Its possible to only generate Swagger documentation for a subset of your application controllers

app/assets/javascripts/swaggard/swaggard.js

@@ -21,6 +21,10 @@ $(function () {
       $('pre code').each(function(i, e) {
         hljs.highlightBlock(e)
       });
+
+      // set default content type
+      $('select[name="responseContentType"]').val(window.default_content_type);
+      $('select[name="parameterContentType"]').val(window.default_content_type);
     },
     onFailure: function(data) {
       log("Unable to Load SwaggerUI");

app/controllers/swaggard/swagger_controller.rb

@@ -1,23 +1,48 @@
 module Swaggard
   class SwaggerController < ApplicationController
 
+    before_filter :authorize
+
     def index
       respond_to do |format|
         format.html do
           @authentication_type = Swaggard.configuration.authentication_type
           @authentication_key = Swaggard.configuration.authentication_key
           @authentication_value = Swaggard.configuration.authentication_value
 
-          render :index
+          render :index, layout: false
         end
 
         format.json do
-          doc = Swaggard.get_doc(request.host_with_port)
+          doc = get_swaggard_doc
 
           render json: doc
         end
       end
     end
 
+    protected
+
+    def authorize
+      unless Swaggard.configuration.access_username.blank?
+        authenticate_or_request_with_http_basic do |username, password|
+          username == Swaggard.configuration.access_username && password == Swaggard.configuration.access_password
+        end
+      end
+    end
+
+    def get_swaggard_doc
+      if Swaggard.configuration.use_cache
+        doc = Rails.cache.fetch('swagger_doc')
+        if doc.blank?
+          doc = Swaggard.get_doc(request.host_with_port)
+          Rails.cache.write('swagger_doc', doc)
+        end
+        doc
+      else
+        Swaggard.get_doc(request.host_with_port)
+      end
+    end
+
   end
 end

app/views/swaggard/swagger/index.html.erb

@@ -10,6 +10,10 @@
     <%= stylesheet_link_tag    'swaggard/application_print', media: :print %>
     <%= javascript_include_tag 'swaggard/application' %>
 
+    <%= javascript_tag do %>
+        window.default_content_type = '<%= Swaggard.configuration.default_content_type %>';
+    <% end %>
+
   </head>
 
   <body class='swagger-section'>

lib/swaggard/configuration.rb

@@ -16,7 +16,8 @@ class Configuration
 
     attr_writer :swagger_version, :api_base_path, :api_version, :api_path, :api_formats, :title,
                 :description, :tos, :contact_email, :contact_name, :contact_url, :host,
-                :authentication_type, :authentication_key, :authentication_value
+                :authentication_type, :authentication_key, :authentication_value,
+                :access_username, :access_password, :default_content_type, :use_cache
 
     def swagger_version
       @swagger_version ||= '2.0'
@@ -90,5 +91,21 @@ def authentication_value
       @authentication_value ||= ''
     end
 
+    def access_username
+      @access_username ||= ''
+    end
+
+    def access_password
+      @access_password ||= ''
+    end
+
+    def default_content_type
+      @default_content_type ||= ''
+    end
+
+    def use_cache
+      @use_cache ||= false
+    end
+
   end
 end

lib/tasks/swaggard.rake

@@ -0,0 +1,9 @@
+namespace :swaggard do
+
+  desc 'Clear swaggard cache'
+  task :clear_cache => :environment do
+    Rails.cache.delete('swagger_doc')
+    puts 'Swaggard cache has been cleared'
+  end
+
+end