alpha_api 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a7ebf33759d9ccdcffa80c9fcb6692936b0b2f0cd9231b6b2cc0a7b93d0db04
-  data.tar.gz: 5e4265a8e6d4d18037b4a73bd4820760de8af5b4a6d2cdebb204cf209587aaff
+  metadata.gz: 21aff10319f03b60f38c86b3f9655710d6d2a4e19914edd5e1ccd1c547f8fce7
+  data.tar.gz: 2856e2ef1792a1820adcb1c900004bad978b4d655f1a4383f4636973a5162f1a
 SHA512:
-  metadata.gz: ed39edc56bf7dfe36028147842a4b35e96993fbb68055a839f5718978be44140e16b8bd9b58debe4be4278d52061e26c5a1445498b6fa93999d1350ad35b4077
-  data.tar.gz: ba00720279c4317cb6eb3c0a8b49dddbe52750a84bf5304ab3ad9de9c17f48d144099727c969f03a1c94f45afde3491f35e78d27a33bb51e5a5cfeedc96f8ab8
+  metadata.gz: 6039fa1d787a8411148fe07a79bfcba4cd1b18423865a6dfffc60ae7398a04c945fc34112cba9d25e8c9a06b3032865582ff1857a2fd10031a64cd88f7a93f5f
+  data.tar.gz: fb6560099437d58ae4d247aba933dbc4c8e963d659c59dc15c8de7408d283c3a86aa3ee0267a0c2bd0bbf803d682315b431232a04935673db6aead6994e9e4ae

data/Gemfile

@@ -8,10 +8,3 @@ gemspec
 gem "rake", "~> 13.0"
 
 gem "rubocop", "~> 0.80"
-
-gem "fast_jsonapi"
-
-# For actual pagination
-gem 'kaminari'
-# For rest pagination, using kaminari automatically
-gem 'api-pagination'

data/Gemfile.lock

@@ -1,15 +1,24 @@
 PATH
   remote: .
   specs:
-    alpha_api (0.1.0)
-      activesupport
+    alpha_api (0.1.1)
       api-pagination
+      cancancan
+      devise
+      devise-jwt
       fast_jsonapi
       kaminari
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actionpack (6.1.4.1)
+      actionview (= 6.1.4.1)
+      activesupport (= 6.1.4.1)
+      rack (~> 2.0, >= 2.0.9)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionview (6.1.4.1)
       activesupport (= 6.1.4.1)
       builder (~> 3.1)
@@ -29,14 +38,36 @@ GEM
       zeitwerk (~> 2.3)
     api-pagination (4.8.2)
     ast (2.4.2)
+    bcrypt (3.1.16)
     builder (3.2.4)
+    cancancan (3.3.0)
     concurrent-ruby (1.1.9)
     crass (1.0.6)
+    devise (4.8.0)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
+    devise-jwt (0.8.1)
+      devise (~> 4.0)
+      warden-jwt_auth (~> 0.5)
+    dry-auto_inject (0.7.0)
+      dry-container (>= 0.3.4)
+    dry-configurable (0.12.1)
+      concurrent-ruby (~> 1.0)
+      dry-core (~> 0.5, >= 0.5.0)
+    dry-container (0.7.2)
+      concurrent-ruby (~> 1.0)
+      dry-configurable (~> 0.1, >= 0.1.3)
+    dry-core (0.6.0)
+      concurrent-ruby (~> 1.0)
     erubi (1.10.0)
     fast_jsonapi (1.5)
       activesupport (>= 4.2)
     i18n (1.8.10)
       concurrent-ruby (~> 1.0)
+    jwt (2.2.3)
     kaminari (1.2.1)
       activesupport (>= 4.1.0)
       kaminari-actionview (= 1.2.1)
@@ -52,21 +83,35 @@ GEM
     loofah (2.12.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
+    method_source (1.0.0)
     minitest (5.14.4)
     nokogiri (1.12.4-x86_64-darwin)
       racc (~> 1.4)
+    orm_adapter (0.5.0)
     parallel (1.20.1)
     parser (3.0.2.0)
       ast (~> 2.4.1)
     racc (1.5.2)
+    rack (2.2.3)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.4.2)
       loofah (~> 2.3)
+    railties (6.1.4.1)
+      actionpack (= 6.1.4.1)
+      activesupport (= 6.1.4.1)
+      method_source
+      rake (>= 0.13)
+      thor (~> 1.0)
     rainbow (3.0.0)
     rake (13.0.6)
     regexp_parser (2.1.1)
+    responders (3.0.1)
+      actionpack (>= 5.0)
+      railties (>= 5.0)
     rexml (3.2.5)
     rubocop (0.93.1)
       parallel (~> 1.10)
@@ -80,9 +125,17 @@ GEM
     rubocop-ast (1.11.0)
       parser (>= 3.0.1.1)
     ruby-progressbar (1.11.0)
+    thor (1.1.0)
     tzinfo (2.0.4)
       concurrent-ruby (~> 1.0)
     unicode-display_width (1.7.0)
+    warden (1.2.9)
+      rack (>= 2.0.9)
+    warden-jwt_auth (0.5.0)
+      dry-auto_inject (~> 0.6)
+      dry-configurable (~> 0.9)
+      jwt (~> 2.1)
+      warden (~> 1.2)
     zeitwerk (2.4.2)
 
 PLATFORMS
@@ -90,9 +143,6 @@ PLATFORMS
 
 DEPENDENCIES
   alpha_api!
-  api-pagination
-  fast_jsonapi
-  kaminari
   rake (~> 13.0)
   rubocop (~> 0.80)
 

data/alpha_api.gemspec

@@ -29,9 +29,14 @@ Gem::Specification.new do |spec|
 
   # Uncomment to register a new dependency of your gem
   # spec.add_dependency "example-gem", "~> 1.0"
-  spec.add_dependency 'activesupport'
+  spec.add_dependency 'devise-jwt'
+
   spec.add_dependency 'fast_jsonapi'
+  spec.add_dependency 'devise'
+  spec.add_dependency 'cancancan'
+  # For actual pagination
   spec.add_dependency 'kaminari'
+  # For rest pagination, using kaminari automatically
   spec.add_dependency 'api-pagination'
 
   # For more information and examples about making a new gem, checkout our

data/lib/alpha_api/application.rb

@@ -43,7 +43,7 @@ module AlphaApi
 
     # Runs before the app's initializer
     def before_initializer!
-      puts 'before initializer'
+      # puts 'before initializer'
       ApiPagination.configure do |config|
         config.page_param do |params|
           if params[:page].is_a?(ActionController::Parameters) && params[:page].include?(:number)
@@ -65,7 +65,7 @@ module AlphaApi
 
     # Runs after the app's initializer
     def after_initializer!
-      puts 'after initializer'
+      # puts 'after initializer'
     end
 
     private

data/lib/alpha_api/base_controller.rb

@@ -0,0 +1,186 @@
+module AlphaApi
+  class BaseController < ActionController::API
+    before_action :verify_auth_token
+
+    rescue_from StandardError do |exception|
+      AlphaApi.logger.error(exception.message)
+      AlphaApi.logger.error(exception.backtrace.join("\n"))
+
+      error = error_generator(
+        'Internal Server Error',
+        'Internal server error.'
+      )
+      render json: { errors: [error] }, status: :internal_server_error
+    end
+
+    rescue_from ActiveRecord::DeleteRestrictionError do |exception|
+      error = error_generator(
+        'Bad Request',
+        exception.message
+      )
+      render json: { errors: [error] }, status: :bad_request
+    end
+
+    rescue_from ActionController::ParameterMissing do |exception|
+      error = error_generator(
+        'Bad Request',
+        "Required parameter '#{exception.param}' is missing."
+      )
+      render json: { errors: [error] }, status: :bad_request
+    end
+
+    rescue_from ActionController::UnpermittedParameters do |exception|
+      errors = exception.params.map do |param|
+        error_generator(
+          'Bad Request',
+          "Parameter '#{param}' is not permitted."
+        )
+      end
+      render json: { errors: errors }, status: :bad_request
+    end
+
+    rescue_from ActiveRecord::RecordNotFound, with: :not_found
+
+    rescue_from CanCan::AccessDenied, with: :deny_access
+
+    rescue_from AlphaApi::Exceptions::MethodNotAllowed, with: :method_not_allowed
+
+    rescue_from AlphaApi::Exceptions::InvalidRequest do |exception|
+      error = error_generator('Bad Request', exception.message)
+      render json: { errors: [error] }, status: :bad_request
+    end
+
+    rescue_from AlphaApi::Exceptions::ValidationErrors, with: :render_validation_errors
+
+    attr_reader :current_auth_token, :current_auth_token_payload, :current_user
+
+    def error_generator(title, detail, source = nil)
+      error = { title: title, detail: detail }
+      if source
+        key_mapper = {
+          organisation: 'organisation_id',
+          splash: 'splash_id',
+          box_hardware: 'box_hardware_id'
+        }
+        error[:source] = { pointer: "/data/attributes/#{key_mapper[source] || source}" }
+      end
+      error
+    end
+
+    def unsupported_media_type
+      head :unsupported_media_type
+    end
+
+    def not_found
+      error = error_generator(
+        'Not Found',
+        "Resource #{request.path} is not found"
+      )
+      render json: { errors: [error] }, status: :not_found
+    end
+
+    def method_not_allowed
+      error = error_generator(
+        'Method Not Allowed',
+        "Method #{request.method} is not allowed on #{request.path}"
+      )
+      render json: { errors: [error] }, status: :method_not_allowed
+    end
+
+    alias create method_not_allowed
+    alias destroy method_not_allowed
+    alias index method_not_allowed
+    alias update method_not_allowed
+    alias show not_found
+
+    def version
+      render json: Constants::VERSION
+    end
+
+    protected
+
+    def bad_request(reason)
+      error = error_generator('Bad Request', reason)
+      render json: { errors: [error] }, status: :bad_request
+    end
+
+    def forbidden(reason)
+      error = error_generator('Forbidden', reason)
+      render json: { errors: [error] }, status: :forbidden
+    end
+
+    def set_content_type_jsonapi
+      response.headers['Content-Type'] = 'application/vnd.api+json; charset=utf-8'
+    end
+
+    def set_content_type_json
+      response.headers['Content-Type'] = 'application/json; charset=utf-8'
+    end
+
+    def unauthorized(reason)
+      error = error_generator('Unauthorized', reason)
+      render json: { errors: [error] }, status: :unauthorized
+    end
+
+    def unprocessable_entity(errors)
+      errors = errors.map do |attr, message|
+        error_generator('Validation Error', message, attr)
+      end
+      render json: { errors: errors }, status: :unprocessable_entity
+    end
+
+    def verify_auth_token
+      # Check for HTTP Authorization header
+      authorization = request.headers['Authorization']
+      AlphaApi.logger.warn "verify_auth_token: authorization #{authorization}"
+      return unauthorized '缺少Authorization头文件' unless authorization.present?
+
+      # Extract token from header
+      matches = authorization.match(/^Bearer (.+)/)
+      token = matches.captures[0] if matches
+      return unauthorized 'Authorization头文件错误' unless token.present?
+
+      check_auth_token(token) do |user, payload|
+        @current_auth_token = token
+        @current_auth_token_payload = payload
+        @current_user = user
+        nil
+      end
+    end
+
+    private
+
+    def check_auth_token(token)
+      # Attempt to decode the auth token payload
+      payload = nil
+      begin
+        payload = Warden::JWTAuth::TokenDecoder.new.call token
+      rescue JWT::ExpiredSignature
+        payload = JWT.decode(token, nil, false)[0]
+        unless payload['aud'] == 'mobile'
+          return unauthorized '验证信息已经过期，请重新登陆.'
+        end
+      rescue StandardError => e
+        AlphaApi.logger.warn "Failed to decode authentication token: #{e.message}, token: #{token}"
+        return unauthorized '验证信息错误'
+      end
+
+      return unauthorized '验证信息错误' unless payload
+
+      # Check that token is still valid
+      user = User.find_by(id: payload['user_id'])
+      return unauthorized '验证信息错误' unless user
+      return unauthorized '验证信息已无效' if DenylistedToken.jwt_revoked?(payload, user)
+
+      yield user, payload
+    end
+
+    def render_validation_errors(exception)
+      unprocessable_entity(exception.errors)
+    end
+
+    def deny_access
+      forbidden '没有权限访问该资源'
+    end
+  end
+end

data/lib/alpha_api/concerns/actionable.rb

@@ -1,4 +1,6 @@
-require "active_support/concern"
+require 'active_support/concern'
+require 'active_record'
+require_relative '../exceptions'
 
 module AlphaApi
   module Concerns
@@ -14,7 +16,7 @@ module AlphaApi
           render status: :created, json: resource_serializer.new(new_resource).serializable_hash
         else
           errors = reformat_validation_error(new_resource)
-          raise Exceptions::ValidationErrors.new(errors), 'Validation Errors'
+          raise AlphaApi::Exceptions::ValidationErrors.new(errors), 'Validation Errors'
         end
       end
 
@@ -50,7 +52,7 @@ module AlphaApi
           render json: resource_serializer.new(updated_resource, options).serializable_hash
         else
           errors = reformat_validation_error(resource)
-          raise Exceptions::ValidationErrors.new(errors), 'Validation Errors'
+          raise AlphaApi::Exceptions::ValidationErrors.new(errors), 'Validation Errors'
         end
       end
 
@@ -61,10 +63,10 @@ module AlphaApi
           if resource.destroy
             head :no_content
           else
-            raise Exceptions::ValidationErrors.new(resource.errors), 'Validation Errors'
+            raise AlphaApi::Exceptions::ValidationErrors.new(resource.errors), 'Validation Errors'
           end
         else
-          raise Exceptions::MethodNotAllowed, 'Method Not Allowed'
+          raise AlphaApi::Exceptions::MethodNotAllowed, 'Method Not Allowed'
         end
       end
 
@@ -92,7 +94,7 @@ module AlphaApi
       # @override customised filters
       def apply_filter(query)
         if filterable_fields.empty?
-          raise Exceptions::InvalidFilter, 'Filters are not supported for this resource type'
+          raise AlphaApi::Exceptions::InvalidFilter, 'Filters are not supported for this resource type'
         else
           query
         end
@@ -128,7 +130,7 @@ module AlphaApi
           elsif valid_boolean?(field, value)
             query = query.where(field => value == 'true')
           else
-            raise Exceptions::InvalidFilter, 'Only type of string and uuid fields are supported'
+            raise AlphaApi::Exceptions::InvalidFilter, 'Only type of string and uuid fields are supported'
           end
         end
         query
@@ -153,10 +155,10 @@ module AlphaApi
         if allow_all && page_size == -1
           params[:page] = nil
         else
-          raise Exceptions::InvalidRequest, 'Page number must be positive' unless page_number.positive?
-          raise Exceptions::InvalidRequest, 'Page offset must be non-negative' if page_offset.negative?
-          raise Exceptions::InvalidRequest, 'Page size must be positive' unless page_size.positive?
-          raise Exceptions::InvalidRequest, 'Page size cannot be greater than 100' if page_size > 100
+          raise AlphaApi::Exceptions::InvalidRequest, 'Page number must be positive' unless page_number.positive?
+          raise AlphaApi::Exceptions::InvalidRequest, 'Page offset must be non-negative' if page_offset.negative?
+          raise AlphaApi::Exceptions::InvalidRequest, 'Page size must be positive' unless page_size.positive?
+          raise AlphaApi::Exceptions::InvalidRequest, 'Page size cannot be greater than 100' if page_size > 100
 
           params[:page] = {
             number: page_number,
@@ -173,13 +175,13 @@ module AlphaApi
       def apply_sorting(query)
         sort_params = params['sort']
         return query.order(default_sorting) unless sort_params.present?
-        raise Exceptions::InvalidRequest, 'Sort parameter must be a string' unless sort_params.is_a? String
+        raise AlphaApi::Exceptions::InvalidRequest, 'Sort parameter must be a string' unless sort_params.is_a? String
         sorting = []
 
         sorts = sort_params.split(',').map(&:strip).map do |sort|
           is_desc = sort.start_with?('-')
           sort = is_desc ? sort[1..-1] : sort
-          raise Exceptions::InvalidRequest, "Sorting by #{sort} is not allowed" unless allowed_sortings.include?(sort.to_sym)
+          raise AlphaApi::Exceptions::InvalidRequest, "Sorting by #{sort} is not allowed" unless allowed_sortings.include?(sort.to_sym)
           sort = association_mapper(sort)
 
           # have to includes the association to be able to sort on
@@ -213,7 +215,7 @@ module AlphaApi
       def reconcile_nested_attributes(existing_items, items_in_update)
         item_ids_in_update = items_in_update.map { |item| item['id'] }.compact
         if item_ids_in_update.uniq.length != item_ids_in_update.length
-          raise(Exceptions::InvalidRequest, 'Nested attribute IDs must be unique')
+          raise(AlphaApi::Exceptions::InvalidRequest, 'Nested attribute IDs must be unique')
         end
 
         nested_attributes = []
@@ -246,7 +248,7 @@ module AlphaApi
         invalid_resources = []
         nested_resources.each { |res| invalid_resources.push(res) unless allowed_associations.include?(res.to_sym) }
         unless invalid_resources.empty?
-          raise Exceptions::InvalidArgument, "Invalid value for include: #{invalid_resources.join(', ')}"
+          raise AlphaApi::Exceptions::InvalidArgument, "Invalid value for include: #{invalid_resources.join(', ')}"
         end
 
         nested_resources
@@ -291,7 +293,7 @@ module AlphaApi
       def reconcile_nested_attributes(existing_items, items_in_update)
         item_ids_in_update = items_in_update.map { |item| item['id'] }.compact
         if item_ids_in_update.uniq.length != item_ids_in_update.length
-          raise(Exceptions::InvalidRequest, 'Nested attribute IDs must be unique')
+          raise(AlphaApi::Exceptions::InvalidRequest, 'Nested attribute IDs must be unique')
         end
 
         nested_attributes = []
@@ -336,7 +338,7 @@ module AlphaApi
           "#{association.table_name}.#{attr_name} #{order}"
         else
           # could potencially support that as well by includes deeply nested associations
-          raise Exceptions::InvalidRequest, 'Sorting on deeply nested association is not supported'
+          raise AlphaApi::Exceptions::InvalidRequest, 'Sorting on deeply nested association is not supported'
         end
       end
 

data/lib/alpha_api/exceptions.rb

@@ -0,0 +1,16 @@
+module AlphaApi
+  module Exceptions
+    class InvalidRequest < StandardError; end
+    class InvalidFilter < InvalidRequest; end
+    class InvalidArgument < InvalidRequest; end
+    class MethodNotAllowed < StandardError; end
+    class ValidationErrors < StandardError
+      attr_reader :errors
+
+      def initialize(errors = [])
+        super
+        @errors = errors
+      end
+    end
+  end
+end

data/lib/alpha_api/logger.rb

@@ -0,0 +1,13 @@
+require 'logger'
+
+module AlphaApi
+  class << self
+    attr_writer :logger
+
+    def logger
+      @logger ||= Logger.new($stdout).tap do |log|
+        log.progname = self.name
+      end
+    end
+  end
+end

data/lib/alpha_api/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AlphaApi
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/alpha_api.rb

@@ -1,12 +1,25 @@
 # frozen_string_literal: true
 
+require 'active_support'
+require 'action_pack'
+require 'fast_jsonapi'
+require 'devise'
+require 'devise/jwt'
+require 'cancancan'
+require 'kaminari'
+require 'api-pagination'
+require 'active_record'
+require 'active_record/associations'
+
 require_relative "alpha_api/version"
 require_relative "alpha_api/application"
 require_relative "generators/resource/resource_generator"
 require_relative "generators/install/install_generator"
 require_relative 'alpha_api/application_settings'
 require_relative 'alpha_api/concerns/actionable'
+require_relative 'alpha_api/base_controller'
 require_relative 'alpha_api/serializers/application_record_serializer'
+require_relative 'alpha_api/exceptions'
 
 module AlphaApi
   class Error < StandardError; end
@@ -30,3 +43,4 @@ module AlphaApi
     end
   end
 end
+

data/lib/generators/install/install_generator.rb

@@ -1,8 +1,11 @@
 # frozen_string_literal: true
-#
+
+require 'rails/generators/active_record'
+
 module AlphaApi
   module Generators
     class InstallGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
       desc "Installs AlphaApi"
 
       source_root File.expand_path("templates", __dir__)
@@ -11,8 +14,50 @@ module AlphaApi
         template "alpha_api.rb.erb", "config/initializers/alpha_api.rb"
       end
 
-      def something
-        puts 'h1'
+      def add_device_initializer
+        puts 'Setup device'
+        system 'bundle exec rails generate devise:install'
+      end
+
+      def create_user_model
+        migration_template "create_devise_users.rb", "db/migrate/create_devise_users.rb", migration_version: migration_version
+      end
+
+      def add_denylisted_token_model
+        template "denylisted_token.rb.erb", "app/models/denylisted_token.rb"
+      end
+
+      def add_denylisted_token_migration
+        migration_template "add_denylisted_token.rb", "db/migrate/add_denylisted_token.rb", migration_version: migration_version
+      end
+
+      def append_jwt_devise_initializer
+        inject_into_file 'config/initializers/devise.rb', after: "Devise.setup do |config|\n" do
+        <<~HEREDOC
+
+            config.jwt do |jwt|
+              jwt.secret = Rails.application.secrets.secret_key_base
+              jwt.expiration_time = 24.hours.to_i
+            end
+
+        HEREDOC
+        end
+      end
+
+      def initialize_cancancan
+        puts 'Setup Cancancan ability class'
+        system 'bundle exec rails generate cancan:ability'
+      end
+
+      private
+
+      def self.next_migration_number(dirname)
+        next_migration_number = current_migration_number(dirname) + 1
+        ActiveRecord::Migration.next_migration_number(next_migration_number)
+      end
+
+      def migration_version
+        "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
       end
     end
   end

data/lib/generators/install/templates/add_denylisted_token.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class AddDenylistedToken < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :denylisted_tokens do |t|
+      t.string :jti, null: false
+      t.datetime :exp, null: false
+    end
+    add_index :denylisted_tokens, :jti
+  end
+end

data/lib/generators/install/templates/create_devise_users.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+class CreateDeviseUsers < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :users do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ''
+      t.string :encrypted_password, null: false, default: ''
+
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+
+      ## Rememberable
+      t.datetime :remember_created_at
+
+      ## Trackable
+      # t.integer  :sign_in_count, default: 0, null: false
+      # t.datetime :current_sign_in_at
+      # t.datetime :last_sign_in_at
+      # t.inet     :current_sign_in_ip
+      # t.inet     :last_sign_in_ip
+
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+
+      t.timestamps null: false
+    end
+
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
+  end
+end
+
+

data/lib/generators/install/templates/denylisted_token.rb.erb

@@ -0,0 +1,4 @@
+class DenylistedToken < ApplicationRecord
+  include Devise::JWT::RevocationStrategies::Denylist
+end
+

data/lib/generators/resource/templates/controller.rb.erb

@@ -1,4 +1,4 @@
-class <%= @boilerplate.module_name %>::<%= class_name.pluralize %>Controller < <%= @boilerplate.module_name %>::BaseController
+class <%= @boilerplate.module_name %>::<%= class_name.pluralize %>Controller < AlphaApi::BaseController
   include AlphaApi::Concerns::Actionable
 
   protected

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: alpha_api
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Alba Hoo
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-09-12 00:00:00.000000000 Z
+date: 2021-09-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: activesupport
+  name: devise-jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -38,6 +38,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: cancancan
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: kaminari
   requirement: !ruby/object:Gem::Requirement
@@ -88,16 +116,22 @@ files:
 - lib/alpha_api.rb
 - lib/alpha_api/application.rb
 - lib/alpha_api/application_settings.rb
+- lib/alpha_api/base_controller.rb
 - lib/alpha_api/concerns/actionable.rb
 - lib/alpha_api/dynamic_setting.rb
 - lib/alpha_api/dynamic_settings_node.rb
+- lib/alpha_api/exceptions.rb
+- lib/alpha_api/logger.rb
 - lib/alpha_api/namespace_settings.rb
 - lib/alpha_api/resource_collection.rb
 - lib/alpha_api/serializers/application_record_serializer.rb
 - lib/alpha_api/settings_node.rb
 - lib/alpha_api/version.rb
 - lib/generators/install/install_generator.rb
+- lib/generators/install/templates/add_denylisted_token.rb
 - lib/generators/install/templates/alpha_api.rb.erb
+- lib/generators/install/templates/create_devise_users.rb
+- lib/generators/install/templates/denylisted_token.rb.erb
 - lib/generators/resource/resource_generator.rb
 - lib/generators/resource/templates/controller.rb.erb
 - lib/generators/resource/templates/serializer.rb.erb