Header override

[sqlninja]

Is it possible to use an alternative header for authentication? I use stitches to protect the API routes from unauthorized requests based on the API key, but I use devise-jwt to authenticate/authorize user access. Devise-jwt uses a Bearer token in the Authorization header, so being able to override the header used by stitches to almost anything else would let these two gems play nice together.

[davetron5000]

This behavior is part of the ApiKey middleware. You can either remove it or include the norailtie version of Stitches and configure it yourself.

You could create a middleware exactly like ApiKey but does whatever you need for JWT.

Note that if you generated an app from this gem, the ApiController will assume that the ApiKey middleware has been used:

https://github.com/stitchfix/stitches/blob/cef2b5d3d556d49cf4bd0810868e7a8f32565df5/lib/stitches/generator_files/app/controllers/api/api_controller.rb#L25-L29

Since that is generated, you can remove or change that method to do whatever you need.