Tinker
Resources
Agent logs
Agent memories
Agent sessions
Agent terminal logs
Agents
Comments
Epics
Projects
Proposals
Tickets
Avo user
Resources
Agent logs
Agent memories
Agent sessions
Agent terminal logs
Agents
Comments
Epics
Projects
Proposals
Tickets
Avo user
Home
Epics
Add API key authentication (no user model)
Edit
Add API key authentication (no user model)
Cancel
Save
Title
*
Project
*
Choose an option
alpha
tinker
Create new project
Description
## Task Add simple API key-based authentication to the application. ## Requirements - **No user model** - do NOT use Devise (it's email/password focused with registration, etc.) - Single API key input for authentication - Can use gems like Warden or other lightweight authentication solutions - No registration, password reset, or other user management features needed ## Implementation Use the existing `api_key` field on the `Agent` model for authentication. **Approach:** 1. Add `require_login` to base ApplicationController (all controllers protected by default) 2. Override/disable authentication in API controller 3. No environment variable checks needed ## What to Build 1. **Login screen** - Single input field for API key 2. **Authentication logic** - Validate the API key against Agent.api_key and create a session 3. **ApplicationController** - Add `require_login` before_action 4. **ApiController** - Skip/override authentication for API endpoints 5. **Logout functionality** - Clear the session 6. **Spec helpers** - Add auth helpers for tests (e.g., `login_as(agent)`) ## Notes - Keep it simple - we don't need user accounts, roles, or permissions - Warden is a good choice as it provides auth primitives without Devise's user-focused features - Any agent's API key can be used to log in - Tests need auth helpers to easily authenticate in specs
Avo
· © 2026 AvoHQ ·
v3.27.0
Close modal
Are you sure?
Yes, I'm sure
No, cancel
