kbe/aperonight
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

refactor: Improve code quality and add comprehensive documentation

Browse Source 
- Remove unused create_stripe_session method from TicketsController
- Replace hardcoded API key with environment variable for security
- Fix typo in ApplicationHelper comment
- Improve User model validation constraints for better UX
- Add comprehensive YARD-style documentation across models, controllers, services, and helpers
- Enhance error handling in cleanup jobs with proper exception handling
- Suppress Prawn font warnings in PDF generator
- Update refactoring summary with complete change documentation

All tests pass (200 tests, 454 assertions, 0 failures)
RuboCop style issues resolved automatically

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
kbe
2025-09-05 17:30:13 +02:00
parent 1daeee0eb1
commit cb0de11de1
9 changed files with 179 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/api_controller.rb
View File

@@ -16,8 +16,10 @@ class ApiController < ApplicationController
# Extract API key from header or query parameter
api_key = request.headers["X-API-Key"] || params[:api_key]
# Validate against hardcoded key (in production, use environment variable)
unless api_key == "aperonight-api-key-2025"
# Validate against environment variable for security
expected_key = Rails.application.credentials.api_key || ENV["API_KEY"]
unless expected_key.present? && api_key == expected_key
render json: { error: "Unauthorized" }, status: :unauthorized
end
end