pacarvalho/videos_controller.rb

## videos_controller.rb
class Api::VideosController < Api::ApplicationController
  skip_before_action :authenticate_user, only: %i[derivative]
  # POST /api/videos
  def create
    @video = current_user.videos.new
    if @video.save
      render json: VideoSerializer.render(@video, view: :with_upload_details), status: :ok
    else
      render json: @video.errors, status: :bad_request
    end
  end
  # GET /api/videos
  def show
    @video = current_user.videos.find(params[:id])
    render json: VideoSerializer.render(@video), status: :ok
  end
  # PUT /api/videos/derivative
  def derivative
    # Only allow requests from our internal services
    return head :forbidden unless ENV['LAMBDA_SHARED_SECRET'] == request.headers['Authorization']
    @video = Video.find_by(key: params[:key])

    if @video.update(safe_derivative_params)
      head :ok
    else
      render json: @video.errors, status: :bad_request
    end
  end
  private
  def safe_derivative_params
    params.permit(:low_res_key)
  end
end
	class Api::VideosController < Api::ApplicationController
	skip_before_action :authenticate_user, only: %i[derivative]
	# POST /api/videos
	def create
	@video = current_user.videos.new
	if @video.save
	render json: VideoSerializer.render(@video, view: :with_upload_details), status: :ok
	else
	render json: @video.errors, status: :bad_request
	end
	end
	# GET /api/videos
	def show
	@video = current_user.videos.find(params[:id])
	render json: VideoSerializer.render(@video), status: :ok
	end
	# PUT /api/videos/derivative
	def derivative
	# Only allow requests from our internal services
	return head :forbidden unless ENV['LAMBDA_SHARED_SECRET'] == request.headers['Authorization']
	@video = Video.find_by(key: params[:key])

	if @video.update(safe_derivative_params)
	head :ok
	else
	render json: @video.errors, status: :bad_request
	end
	end
	private
	def safe_derivative_params
	params.permit(:low_res_key)
	end
	end