Generating and authenticating by API keys

If your site is like most, API keys are handed out to users. So it
would probably be best to just store the key on the user model, and
then do a User.find_by_api_key(..etc...) in your before_filter.

--Matt Jones