add api key

app/controllers/game_controller.rb

@@ -9,9 +9,15 @@ class GameController < ApplicationController
   end
 
   def create
+    unless authenticate_api_key?
+      unauthorized_response
+      return
+    end
+
     game_params[:timestamp] = Time.at(params[:timestamp].to_i).utc if params[:timestamp].present?
     if Game.find_by(timestamp: game_params[:timestamp])
-      return head 208 # HTTP 208: Already reported
+      already_reported_response
+      return
     end
 
     players = []
@@ -25,6 +31,7 @@ class GameController < ApplicationController
     end
 
     @game = Game.create(game_params)
+    @game.client = @apikey.client
 
     if @game.save
       players.each do | player |
@@ -38,9 +45,9 @@ class GameController < ApplicationController
           player.save
         end
       end
-      head :ok
+      render json: {}, status: :ok
     else
-      head :unprocessable_entity
+      render json: { error: "Unable to process input" }, status: :unprocessable_content
     end
   end
 
@@ -49,4 +56,21 @@ class GameController < ApplicationController
   def game_params
     params.require(:game).permit(:timestamp, :gametype, :wager, :winner, :loser, :high_roll, :low_roll, :payout)
   end
+
+  def authenticate_api_key?
+    api_key = request.headers["X-API-KEY"]
+    if api_key.present? && ApiKey.exists?(key: api_key)
+      @apikey = ApiKey.find_by(key: api_key)
+      return true
+    end
+    false
+  end
+
+  def unauthorized_response
+    render json: { error: "API key is missing or empty" }, status: :unauthorized
+  end
+
+  def already_reported_response
+    render json: { error: "Already reported this gambo" }, status: :already_reported
+  end
 end

app/models/api_key.rb

@@ -0,0 +1,2 @@
+class ApiKey < ApplicationRecord
+end