Gather Client Domain from Rails API GET Request

940 Views Asked by Brit200313 At 19 April 2025 at 04:01

What is the easiest way to capture the domain of a client request on a Rails API?

Example:

If I use https://www.hurl.it/ to post a GET request to:

https://staging.mysite.com/api/v1/products?access_token=7b9f3cddd3914a6f45fa692997fe6dc9

How do I capture that the request is coming from hurl.it? I've tried:

request.host
request.url
request.referer
request.headers['origin']

I need this since I check the access token and that the request is coming from the domain that the access token is registered with.

API Controller:

module Api
  module V1
    class ApiController < ApplicationController
      respond_to :json
      before_filter :restrict_access

      private

      def restrict_access
        api_app = ApiApp.find_by_access_token(params[:access_token])
        binding.pry
        head :unauthorized unless (api_app && (api_app.request_origin.include? request.host.split('?').first))
      end
    end
  end
end

Rails version: 4.2

Original Q&A

There are 1 best solutions below

Brit200313 On 16 June 2015 at 20:20

I ended up sticking with the IP address:

head :unauthorized unless (api_app && (api_app.request_origin == request.env["HTTP_X_REAL_IP"] ||= request.env["REMOTE_ADDR"]))

Gather Client Domain from Rails API GET Request

There are 1 best solutions below

Related Questions in RUBY-ON-RAILS

Related Questions in REQUEST

Related Questions in GET

Related Questions in HTTP-HEADERS

Trending Questions

Popular # Hahtags

Popular Questions