gambosite/app/controllers/game_controller.rb

class GameController < ApplicationController
  respond_to? :json
  def index
    @recent_games = Game.order(timestamp: :desc).limit(20)
  end

  def show
    @game = Game.find(params[:id])
  end

  def create
    unless authenticate_api_key?
      unauthorized_response
      return
    end

    game_params[:timestamp] = Time.at(params[:timestamp].to_i).utc if params[:timestamp].present?
    if Game.find_by(timestamp: game_params[:timestamp])
      already_reported_response
      return
    end

    players = []
    params[:players].each do | name, _pos |
      player = Player.find_by(name: name)
      if player.nil?
        player = Player.new(name: name, wins: 0, losses: 0, purse: 0)
        player.save
      end
      players << player
    end

    @game = Game.create(game_params)
    @game.client = @apikey.client

    if @game.save
      players.each do | player |
        if @game.winner == player.name
          player.purse += @game.payout
          player.wins += 1
          player.save
        elsif @game.loser == player.name
          player.purse -= @game.payout
          player.losses += 1
          player.save
        end
      end
      render json: {}, status: :ok
    else
      render json: { error: "Unable to process input" }, status: :unprocessable_content
    end
  end


  private
  def game_params
    params.require(:game).permit(:timestamp, :gametype, :wager, :winner, :loser, :high_roll, :low_roll, :payout)
  end

  def authenticate_api_key?
    api_key = request.headers["X-API-KEY"]
    if api_key.present? && ApiKey.exists?(key: api_key)
      @apikey = ApiKey.find_by(key: api_key)
      return true
    end
    false
  end

  def unauthorized_response
    render json: { error: "API key is missing or empty" }, status: :unauthorized
  end

  def already_reported_response
    render json: { error: "Already reported this gambo" }, status: :already_reported
  end
end