RubyGems - api_guard - Versions diffs - 0.1.3 → 0.2.0 - Mend

api_guard 0.1.3 → 0.2.0

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6163657dcf0320abbfc8e4bde50f0e991ec68a6f
-  data.tar.gz: 33fc35d38fd11c550108008c9878bf5461b2e089
+  metadata.gz: d220d5bf204e5a090dc71fc977101de4f3d431f4
+  data.tar.gz: bac634e2197010b0de248d247382d38679de8f16
 SHA512:
-  metadata.gz: f8cc3aa3863bd6f2e7ff3e54004c4af9ab7c053d21554af98f4f38d75494833b541472b8ed3327540f608b5efc70cbd4bfa84e641a90e7a58ab80a001e73f9cc
-  data.tar.gz: 7cc0936550701a8fcfccf9953d6cb30d4d03269d7478a3f62ea4bb6774696ac97acdad59cfc02a740a37fad7a58c4f8687586ce00e185b4d6f65257d54e7f775
+  metadata.gz: 5a45df067c41509e759f0cd0ca200c6948192cf0f7a69fe7872ba6636c0cfd48e37ce0fa023579a4a2512fa36f6377b196cc4a5f854d3feb5392271bc46e6089
+  data.tar.gz: 81ad551d87c7fd35a3ab80c3b8f20f9f6b7e51056a865a436767703c93f4767361349a8cabe5c2c9a6820cdcab9dc4a3d0b73dda47186c76984d80284ef91134

data/README.md CHANGED Viewed

@@ -362,6 +362,10 @@ ApiGuard.setup do |config|
   # Invalidate old tokens on changing the password
   # Default: false
   config.invalidate_old_tokens_on_password_change = false
+  # Blacklist JWT access token after refreshing
+  # Default: false
+  config.blacklist_token_after_refreshing = false
 end
 ```
@@ -473,6 +477,15 @@ And, as this creates rows in `blacklisted_tokens` table you need to have a mecha
 tokens to prevent this table from growing. One option is to have a CRON job to run a task daily that deletes the
 blacklisted tokens that are expired i.e. `expire_at < DateTime.now`.
+**Blacklisting after refreshing token**
+By default, the JWT access token will not be blacklisted on refreshing the JWT access token. To enable this, you can
+configure it in API Guard initializer as below,
+```ruby
+config.blacklist_token_after_refreshing = true
+```
 ## Overriding defaults
 ### Controllers

@@ -6,8 +6,11 @@ module ApiGuard
     before_action :find_refresh_token, only: [:create]
     def create
-      @refresh_token.destroy
       create_token_and_set_header(current_resource, resource_name)
+      @refresh_token.destroy
+      blacklist_token if ApiGuard.blacklist_token_after_refreshing
       render_success(message: 'Token refreshed successfully')
     end

data/lib/api_guard.rb CHANGED Viewed

@@ -16,6 +16,9 @@ module ApiGuard
   mattr_accessor :invalidate_old_tokens_on_password_change
   self.invalidate_old_tokens_on_password_change = false
+  mattr_accessor :blacklist_token_after_refreshing
+  self.blacklist_token_after_refreshing = false
   mattr_accessor :api_guard_associations
   self.api_guard_associations = {}

data/lib/api_guard/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ApiGuard
-  VERSION = '0.1.3'
+  VERSION = '0.2.0'
 end

@@ -10,4 +10,8 @@ ApiGuard.setup do |config|
   # Invalidate old tokens on changing the password
   # Default: false
   config.invalidate_old_tokens_on_password_change = false
+  # Blacklist JWT access token after refreshing
+  # Default: false
+  config.blacklist_token_after_refreshing = false
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: api_guard
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors:
 - Gokul Murali
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-03-26 00:00:00.000000000 Z
+date: 2019-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt