api_guard 0.2.1 → 0.5.1

data/lib/api_guard/jwt_auth/authentication.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
   module JwtAuth
     # Common module for API authentication
@@ -14,22 +16,26 @@ module ApiGuard
         end
       end
 
+      def respond_to_missing?(method_name, include_private = false)
+        method_name.to_s.start_with?('authenticate_and_set_') || super
+      end
+
       # Authenticate the JWT token and set resource
       def authenticate_and_set_resource(resource_name)
         @resource_name = resource_name
 
         @token = request.headers['Authorization']&.split('Bearer ')&.last
-        return render_error(401, message: 'Access token is missing in the request') unless @token
+        return render_error(401, message: I18n.t('api_guard.access_token.missing')) unless @token
 
         authenticate_token
 
         # Render error response only if no resource found and no previous render happened
-        render_error(401, message: 'Invalid access token') if !current_resource && !performed?
+        render_error(401, message: I18n.t('api_guard.access_token.invalid')) if !current_resource && !performed?
       rescue JWT::DecodeError => e
         if e.message == 'Signature has expired'
-          render_error(401, message: 'Access token expired')
+          render_error(401, message: I18n.t('api_guard.access_token.expired'))
         else
-          render_error(401, message: 'Invalid access token')
+          render_error(401, message: I18n.t('api_guard.access_token.invalid'))
         end
       end
 
@@ -43,9 +49,19 @@ module ApiGuard
 
       # Returns whether the JWT token is issued after the last password change
       # Returns true if password hasn't changed by the user
-      def valid_issued_at?
+      def valid_issued_at?(resource)
         return true unless ApiGuard.invalidate_old_tokens_on_password_change
-        !current_resource.token_issued_at || @decoded_token[:iat] >= current_resource.token_issued_at.to_i
+
+        !resource.token_issued_at || @decoded_token[:iat] >= resource.token_issued_at.to_i
+      end
+
+      # Defines "current_{{resource_name}}" method and "@current_{{resource_name}}" instance variable
+      # that returns "resource" value
+      def define_current_resource_accessors(resource)
+        define_singleton_method("current_#{@resource_name}") do
+          instance_variable_get("@current_#{@resource_name}") ||
+            instance_variable_set("@current_#{@resource_name}", resource)
+        end
       end
 
       # Authenticate the resource with the '{{resource_name}}_id' in the decoded JWT token
@@ -54,21 +70,27 @@ module ApiGuard
       # Also, set "current_{{resource_name}}" method and "@current_{{resource_name}}" instance variable
       # for accessing the authenticated resource
       def authenticate_token
-        return unless decode_token && @decoded_token[:"#{@resource_name}_id"].present?
+        return unless decode_token
 
-        resource = @resource_name.classify.constantize.find_by(id: @decoded_token[:"#{@resource_name}_id"])
+        resource = find_resource_from_token(@resource_name.classify.constantize)
 
-        self.class.send(:define_method, "current_#{@resource_name}") do
-          instance_variable_get("@current_#{@resource_name}") || instance_variable_set("@current_#{@resource_name}", resource)
+        if resource && valid_issued_at?(resource) && !blacklisted?(resource)
+          define_current_resource_accessors(resource)
+        else
+          render_error(401, message: I18n.t('api_guard.access_token.invalid'))
         end
+      end
 
-        return if current_resource && valid_issued_at? && !blacklisted?
+      def find_resource_from_token(resource_class)
+        resource_id = @decoded_token[:"#{@resource_name}_id"]
+        return if resource_id.blank?
 
-        render_error(401, message: 'Invalid access token')
+        resource_class.find_by(id: resource_id)
       end
 
       def current_resource
         return unless respond_to?("current_#{@resource_name}")
+
         public_send("current_#{@resource_name}")
       end
     end

data/lib/api_guard/jwt_auth/blacklist_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
   module JwtAuth
     # Common module for token blacklisting functionality
@@ -16,14 +18,16 @@ module ApiGuard
       end
 
       # Returns whether the JWT token is blacklisted or not
-      def blacklisted?
-        return false unless token_blacklisting_enabled?(current_resource)
-        blacklisted_tokens_for(current_resource).exists?(token: @token)
+      def blacklisted?(resource)
+        return false unless token_blacklisting_enabled?(resource)
+
+        blacklisted_tokens_for(resource).exists?(token: @token)
       end
 
       # Blacklist the current JWT token from future access
       def blacklist_token
         return unless token_blacklisting_enabled?(current_resource)
+
         blacklisted_tokens_for(current_resource).create(token: @token, expire_at: Time.at(@decoded_token[:exp]).utc)
       end
     end

data/lib/api_guard/jwt_auth/json_web_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'jwt'
 
 module ApiGuard
@@ -9,11 +11,11 @@ module ApiGuard
       end
 
       def token_expire_at
-        @expire_at ||= (current_time + ApiGuard.token_validity).to_i
+        @token_expire_at ||= (current_time + ApiGuard.token_validity).to_i
       end
 
       def token_issued_at
-        @issued_at ||= current_time.to_i
+        @token_issued_at ||= current_time.to_i
       end
 
       # Encode the payload with the secret key and return the JWT token
@@ -33,13 +35,16 @@ module ApiGuard
       #
       # This creates expired JWT token if the argument 'expired_token' is true which can be used for testing.
       def jwt_and_refresh_token(resource, resource_name, expired_token = false)
-        access_token = encode(
+        payload = {
           "#{resource_name}_id": resource.id,
           exp: expired_token ? token_issued_at : token_expire_at,
           iat: token_issued_at
-        )
+        }
 
-        [access_token, new_refresh_token(resource)]
+        # Add custom data in the JWT token payload
+        payload.merge!(resource.jwt_token_payload) if resource.respond_to?(:jwt_token_payload)
+
+        [encode(payload), new_refresh_token(resource)]
       end
 
       # Create tokens and set response headers
@@ -59,6 +64,7 @@ module ApiGuard
       # to restrict access to old access(JWT) tokens
       def invalidate_old_jwt_tokens(resource)
         return unless ApiGuard.invalidate_old_tokens_on_password_change
+
         resource.token_issued_at = Time.at(token_issued_at).utc
       end
     end

data/lib/api_guard/jwt_auth/refresh_jwt_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
   module JwtAuth
     # Common module for refresh token functionality
@@ -30,11 +32,13 @@ module ApiGuard
       # Create a new refresh_token for the current resource
       def new_refresh_token(resource)
         return unless refresh_token_enabled?(resource)
+
         refresh_tokens_for(resource).create(token: uniq_refresh_token(resource)).token
       end
 
       def destroy_all_refresh_tokens(resource)
         return unless refresh_token_enabled?(resource)
+
         refresh_tokens_for(resource).destroy_all
       end
     end

data/lib/api_guard/models/concerns.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
   module Models
     module Concerns
@@ -5,19 +7,19 @@ module ApiGuard
 
       class_methods do
         def api_guard_associations(refresh_token: nil, blacklisted_token: nil)
-          return if ApiGuard.api_guard_associations[self.name]
+          return if ApiGuard.api_guard_associations[name]
 
-          ApiGuard.api_guard_associations[self.name] = {}
-          ApiGuard.api_guard_associations[self.name][:refresh_token] = refresh_token
-          ApiGuard.api_guard_associations[self.name][:blacklisted_token] = blacklisted_token
+          ApiGuard.api_guard_associations[name] = {}
+          ApiGuard.api_guard_associations[name][:refresh_token] = refresh_token
+          ApiGuard.api_guard_associations[name][:blacklisted_token] = blacklisted_token
         end
 
         def refresh_token_association
-          ApiGuard.api_guard_associations.dig(self.name, :refresh_token)
+          ApiGuard.api_guard_associations.dig(name, :refresh_token)
         end
 
         def blacklisted_token_association
-          ApiGuard.api_guard_associations.dig(self.name, :blacklisted_token)
+          ApiGuard.api_guard_associations.dig(name, :blacklisted_token)
         end
       end
     end

data/lib/api_guard/modules.rb

@@ -1,24 +1,26 @@
-require "api_guard/resource_mapper"
-require "api_guard/jwt_auth/json_web_token"
-require "api_guard/jwt_auth/authentication"
-require "api_guard/jwt_auth/refresh_jwt_token"
-require "api_guard/jwt_auth/blacklist_token"
-require "api_guard/response_formatters/renderer"
-require "api_guard/models/concerns"
+# frozen_string_literal: true
+
+require 'api_guard/resource_mapper'
+require 'api_guard/jwt_auth/json_web_token'
+require 'api_guard/jwt_auth/authentication'
+require 'api_guard/jwt_auth/refresh_jwt_token'
+require 'api_guard/jwt_auth/blacklist_token'
+require 'api_guard/response_formatters/renderer'
+require 'api_guard/models/concerns'
 
 module ApiGuard
   module Modules
-    ActiveSupport.on_load(:action_controller) {
+    ActiveSupport.on_load(:action_controller) do
       include ApiGuard::Resource
       include ApiGuard::JwtAuth::JsonWebToken
       include ApiGuard::JwtAuth::Authentication
       include ApiGuard::JwtAuth::RefreshJwtToken
       include ApiGuard::JwtAuth::BlacklistToken
       include ApiGuard::ResponseFormatters::Renderer
-    }
+    end
 
-    ActiveSupport.on_load(:active_record) {
+    ActiveSupport.on_load(:active_record) do
       include ApiGuard::Models::Concerns
-    }
+    end
   end
 end

data/lib/api_guard/resource_mapper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
   class ResourceMapper
     attr_reader :resource_name, :resource_class, :resource_instance_name
@@ -19,7 +21,7 @@ module ApiGuard
     end
 
     def current_resource_mapping
-      request.env["api_guard.mapping"]
+      request.env['api_guard.mapping']
     end
 
     def resource_name

data/lib/api_guard/response_formatters/renderer.rb

@@ -1,15 +1,18 @@
+# frozen_string_literal: true
+
 module ApiGuard
   module ResponseFormatters
     module Renderer
       def render_success(data: nil, message: nil)
-        resp_data = { status: 'success' }
+        resp_data = { status: I18n.t('api_guard.response.success') }
         resp_data[:message] = message if message
+        resp_data[:data] = data if data
 
         render json: resp_data, status: 200
       end
 
       def render_error(status, options = {})
-        data = { status: 'error' }
+        data = { status: I18n.t('api_guard.response.error') }
         data[:error] = options[:object] ? options[:object].errors.full_messages[0] : options[:message]
 
         render json: data, status: status

data/lib/api_guard/route_mapper.rb

@@ -1,81 +1,85 @@
+# frozen_string_literal: true
+
 # Referenced from devise gem:
 # https://github.com/plataformatec/devise/blob/master/lib/devise/rails/routes.rb
 #
 # Customizable API routes
-module ActionDispatch::Routing
-  class Mapper
-    def api_guard_routes(options = {})
-      routes_for = options.delete(:for).to_s || 'users'
-
-      controllers = default_controllers(options[:only], options[:except])
-      controller_options = options.delete(:controller)
-
-      options[:as] = options[:as] || routes_for.singularize
-      options[:path] = options[:path] || routes_for
-
-      api_guard_scope(routes_for) do |mapped_resource|
-        scope options do
-          generate_routes(mapped_resource, controller_options, controllers)
+module ActionDispatch
+  module Routing
+    class Mapper
+      def api_guard_routes(options = {})
+        routes_for = options.delete(:for).to_s || 'users'
+
+        controllers = default_controllers(options[:only], options[:except])
+        controller_options = options.delete(:controller)
+
+        options[:as] = options[:as] || routes_for.singularize
+        options[:path] = options[:path] || routes_for
+
+        api_guard_scope(routes_for) do |mapped_resource|
+          scope options do
+            generate_routes(mapped_resource, controller_options, controllers)
+          end
         end
       end
-    end
 
-    def api_guard_scope(routes_for)
-      mapped_resource = ApiGuard.mapped_resource[routes_for.to_sym].presence || ApiGuard.map_resource(routes_for, routes_for.classify)
+      def api_guard_scope(routes_for)
+        mapped_resource = ApiGuard.mapped_resource[routes_for.to_sym].presence ||
+                          ApiGuard.map_resource(routes_for, routes_for.classify)
 
-      constraint = lambda do |request|
-        request.env["api_guard.mapping"] = mapped_resource
-        true
-      end
+        constraint = lambda do |request|
+          request.env['api_guard.mapping'] = mapped_resource
+          true
+        end
 
-      constraints(constraint) do
-        yield(mapped_resource)
+        constraints(constraint) do
+          yield(mapped_resource)
+        end
       end
-    end
 
-    private
+      private
 
-    def default_controllers(only, except)
-      return only if only
-
-      controllers = %i[registration authentication tokens passwords]
-      except ? (controllers - except) : controllers
-    end
+      def default_controllers(only, except)
+        return only if only
 
-    def generate_routes(mapped_resource, options, controllers)
-      options ||= {}
+        controllers = %i[registration authentication tokens passwords]
+        except ? (controllers - except) : controllers
+      end
 
-      controllers -= %i[tokens] unless mapped_resource.resource_class.refresh_token_association
+      def generate_routes(mapped_resource, options, controllers)
+        options ||= {}
+        controllers -= %i[tokens] unless mapped_resource.resource_class.refresh_token_association
 
-      controllers.each do |controller|
-        send("#{controller.to_s}_routes", options[controller])
+        controllers.each do |controller|
+          send("#{controller}_routes", options[controller])
+        end
       end
-    end
 
-    def authentication_routes(controller_name = nil)
-      controller_name = controller_name || 'api_guard/authentication'
+      def authentication_routes(controller_name = nil)
+        controller_name ||= 'api_guard/authentication'
 
-      post 'sign_in' => "#{controller_name}#create"
-      delete 'sign_out' => "#{controller_name}#destroy"
-    end
+        post 'sign_in' => "#{controller_name}#create"
+        delete 'sign_out' => "#{controller_name}#destroy"
+      end
 
-    def registration_routes(controller_name = nil)
-      controller_name = controller_name || 'api_guard/registration'
+      def registration_routes(controller_name = nil)
+        controller_name ||= 'api_guard/registration'
 
-      post 'sign_up' => "#{controller_name}#create"
-      delete 'delete' => "#{controller_name}#destroy"
-    end
+        post 'sign_up' => "#{controller_name}#create"
+        delete 'delete' => "#{controller_name}#destroy"
+      end
 
-    def passwords_routes(controller_name = nil)
-      controller_name = controller_name || 'api_guard/passwords'
+      def passwords_routes(controller_name = nil)
+        controller_name ||= 'api_guard/passwords'
 
-      patch 'passwords' => "#{controller_name}#update"
-    end
+        patch 'passwords' => "#{controller_name}#update"
+      end
 
-    def tokens_routes(controller_name = nil)
-      controller_name = controller_name || 'api_guard/tokens'
+      def tokens_routes(controller_name = nil)
+        controller_name ||= 'api_guard/tokens'
 
-      post 'tokens' => "#{controller_name}#create"
+        post 'tokens' => "#{controller_name}#create"
+      end
     end
   end
 end

data/lib/api_guard/test/controller_helper.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'api_guard/jwt_auth/json_web_token'
 require 'api_guard/jwt_auth/refresh_jwt_token'
 

data/lib/api_guard/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module ApiGuard
-  VERSION = '0.2.1'
+  VERSION = '0.5.1'
 end

data/lib/generators/api_guard/controllers/controllers_generator.rb

@@ -1,22 +1,24 @@
+# frozen_string_literal: true
+
 module ApiGuard
   class ControllersGenerator < Rails::Generators::Base
-    CONTROLLERS = %i[registration authentication tokens passwords]
+    CONTROLLERS = %i[registration authentication tokens passwords].freeze
 
     desc 'Generates API Guard controllers in app/controllers/'
-    source_root File.expand_path('../templates', __FILE__)
+    source_root File.expand_path('templates', __dir__)
 
-    argument :scope, required: true,
-             desc: "The scope to create controllers in, e.g. users, admins"
+    argument :scope, required: true, desc: 'The scope to create controllers in, e.g. users, admins'
 
-    class_option :controllers, aliases: "-c", type: :array,
-                 desc: "Specify the controllers to generate (#{CONTROLLERS.join(', ')})"
+    class_option :controllers, aliases: '-c', type: :array,
+                               desc: "Specify the controllers to generate (#{CONTROLLERS.join(', ')})"
 
     def create_controllers
       @controller_scope = scope.camelize
       controllers = options[:controllers] || CONTROLLERS
 
       controllers.each do |controller_name|
-        template "#{controller_name}_controller.rb", "app/controllers/#{scope}/#{controller_name}_controller.rb"
+        template "#{controller_name}_controller.rb",
+                 "app/controllers/#{scope}/#{controller_name}_controller.rb"
       end
     end
   end