api_guard_grape 0.5.1

data/lib/api_guard/jwt_auth/refresh_jwt_token.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  module JwtAuth
+    # Common module for refresh token functionality
+    module RefreshJwtToken
+      def refresh_token_association(resource)
+        resource.class.refresh_token_association
+      end
+
+      def refresh_token_enabled?(resource)
+        refresh_token_association(resource).present?
+      end
+
+      def refresh_tokens_for(resource)
+        refresh_token_association = refresh_token_association(resource)
+        resource.send(refresh_token_association)
+      end
+
+      def find_refresh_token_of(resource, refresh_token)
+        refresh_tokens_for(resource).find_by_token(refresh_token)
+      end
+
+      # Generate and return unique refresh token for the resource
+      def uniq_refresh_token(resource)
+        loop do
+          random_token = SecureRandom.urlsafe_base64
+          return random_token unless refresh_tokens_for(resource).exists?(token: random_token)
+        end
+      end
+
+      # Create a new refresh_token for the current resource
+      def new_refresh_token(resource)
+        return unless refresh_token_enabled?(resource)
+
+        refresh_tokens_for(resource).create(token: uniq_refresh_token(resource)).token
+      end
+
+      def destroy_all_refresh_tokens(resource)
+        return unless refresh_token_enabled?(resource)
+
+        refresh_tokens_for(resource).destroy_all
+      end
+    end
+  end
+end

data/lib/api_guard/models/concerns.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  module Models
+    module Concerns
+      extend ActiveSupport::Concern
+
+      class_methods do
+        def api_guard_associations(refresh_token: nil, blacklisted_token: nil)
+          return if ApiGuard.api_guard_associations[name]
+
+          ApiGuard.api_guard_associations[name] = {}
+          ApiGuard.api_guard_associations[name][:refresh_token] = refresh_token
+          ApiGuard.api_guard_associations[name][:blacklisted_token] = blacklisted_token
+        end
+
+        def refresh_token_association
+          ApiGuard.api_guard_associations.dig(name, :refresh_token)
+        end
+
+        def blacklisted_token_association
+          ApiGuard.api_guard_associations.dig(name, :blacklisted_token)
+        end
+      end
+    end
+  end
+end

data/lib/api_guard/modules.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+require 'api_guard/resource_mapper'
+require 'api_guard/jwt_auth/json_web_token'
+require 'api_guard/jwt_auth/authentication'
+require 'api_guard/jwt_auth/refresh_jwt_token'
+require 'api_guard/jwt_auth/blacklist_token'
+require 'api_guard/response_formatters/renderer'
+require 'api_guard/models/concerns'
+
+module ApiGuard
+  module Modules
+    ActiveSupport.on_load(:action_controller) do
+      include ApiGuard::Resource
+      include ApiGuard::JwtAuth::JsonWebToken
+      include ApiGuard::JwtAuth::Authentication
+      include ApiGuard::JwtAuth::RefreshJwtToken
+      include ApiGuard::JwtAuth::BlacklistToken
+      include ApiGuard::ResponseFormatters::Renderer
+    end
+
+    ActiveSupport.on_load(:active_record) do
+      include ApiGuard::Models::Concerns
+    end
+  end
+end

data/lib/api_guard/resource_mapper.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  class ResourceMapper
+    attr_reader :resource_name, :resource_class, :resource_instance_name
+
+    def initialize(routes_for, class_name)
+      @resource_name = routes_for.singularize
+      @resource_class = class_name.constantize
+      @resource_instance_name = "@api_guard_#{routes_for}"
+    end
+  end
+
+  module Resource
+    def resource
+      instance_variable_get(mapped_resource_instance)
+    end
+
+    def resource=(new_resource)
+      instance_variable_set(mapped_resource_instance, new_resource)
+    end
+
+    def current_resource_mapping
+      request.env['api_guard.mapping']
+    end
+
+    def resource_name
+      current_resource_mapping.resource_name
+    end
+
+    def resource_class
+      current_resource_mapping.resource_class
+    end
+
+    def mapped_resource_instance
+      current_resource_mapping.resource_instance_name
+    end
+
+    def init_resource(params)
+      self.resource = resource_class.new(params)
+    end
+  end
+end

data/lib/api_guard/response_formatters/renderer.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  module ResponseFormatters
+    module Renderer
+      def render_success(data: nil, message: nil)
+        resp_data = { status: I18n.t('api_guard.response.success') }
+        resp_data[:message] = message if message
+        resp_data[:data] = data if data
+
+        render json: resp_data, status: 200
+      end
+
+      def render_error(status, options = {})
+        data = { status: I18n.t('api_guard.response.error') }
+        data[:error] = options[:object] ? options[:object].errors.full_messages[0] : options[:message]
+
+        render json: data, status: status
+      end
+    end
+  end
+end

data/lib/api_guard/route_mapper.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+# Referenced from devise gem:
+# https://github.com/plataformatec/devise/blob/master/lib/devise/rails/routes.rb
+#
+# Customizable API routes
+module ActionDispatch
+  module Routing
+    class Mapper
+      def api_guard_routes(options = {})
+        routes_for = options.delete(:for).to_s || 'users'
+
+        controllers = default_controllers(options[:only], options[:except])
+        controller_options = options.delete(:controller)
+
+        options[:as] = options[:as] || routes_for.singularize
+        options[:path] = options[:path] || routes_for
+
+        api_guard_scope(routes_for) do |mapped_resource|
+          scope options do
+            generate_routes(mapped_resource, controller_options, controllers)
+          end
+        end
+      end
+
+      def api_guard_scope(routes_for)
+        mapped_resource = ApiGuard.mapped_resource[routes_for.to_sym].presence ||
+                          ApiGuard.map_resource(routes_for, routes_for.classify)
+
+        constraint = lambda do |request|
+          request.env['api_guard.mapping'] = mapped_resource
+          true
+        end
+
+        constraints(constraint) do
+          yield(mapped_resource)
+        end
+      end
+
+      private
+
+      def default_controllers(only, except)
+        return only if only
+
+        controllers = %i[registration authentication tokens passwords]
+        except ? (controllers - except) : controllers
+      end
+
+      def generate_routes(mapped_resource, options, controllers)
+        options ||= {}
+        controllers -= %i[tokens] unless mapped_resource.resource_class.refresh_token_association
+
+        controllers.each do |controller|
+          send("#{controller}_routes", options[controller])
+        end
+      end
+
+      def authentication_routes(controller_name = nil)
+        controller_name ||= 'api_guard/authentication'
+
+        post 'sign_in' => "#{controller_name}#create"
+        delete 'sign_out' => "#{controller_name}#destroy"
+      end
+
+      def registration_routes(controller_name = nil)
+        controller_name ||= 'api_guard/registration'
+
+        post 'sign_up' => "#{controller_name}#create"
+        delete 'delete' => "#{controller_name}#destroy"
+      end
+
+      def passwords_routes(controller_name = nil)
+        controller_name ||= 'api_guard/passwords'
+
+        patch 'passwords' => "#{controller_name}#update"
+      end
+
+      def tokens_routes(controller_name = nil)
+        controller_name ||= 'api_guard/tokens'
+
+        post 'tokens' => "#{controller_name}#create"
+      end
+    end
+  end
+end

data/lib/api_guard/test/controller_helper.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require 'api_guard/jwt_auth/json_web_token'
+require 'api_guard/jwt_auth/refresh_jwt_token'
+
+module ApiGuard
+  module Test
+    module ControllerHelper
+      include ApiGuard::JwtAuth::JsonWebToken
+      include ApiGuard::JwtAuth::RefreshJwtToken
+    end
+  end
+end

data/lib/api_guard/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  VERSION = '0.5.1'
+end

data/lib/generators/api_guard/controllers/USAGE

@@ -0,0 +1,11 @@
+Description:
+    Generates all API Guard controllers in app/controllers/
+
+Example:
+    rails generate api_guard:controllers users
+
+    This will create:
+        app/controllers/users/registration_controller.rb
+        app/controllers/users/authentication_controller.rb
+        app/controllers/users/tokens_controller.rb
+        app/controllers/users/passwords_controller.rb

data/lib/generators/api_guard/controllers/controllers_generator.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  class ControllersGenerator < Rails::Generators::Base
+    CONTROLLERS = %i[registration authentication tokens passwords].freeze
+
+    desc 'Generates API Guard controllers in app/controllers/'
+    source_root File.expand_path('templates', __dir__)
+
+    argument :scope, required: true, desc: 'The scope to create controllers in, e.g. users, admins'
+
+    class_option :controllers, aliases: '-c', type: :array,
+                               desc: "Specify the controllers to generate (#{CONTROLLERS.join(', ')})"
+
+    def create_controllers
+      @controller_scope = scope.camelize
+      controllers = options[:controllers] || CONTROLLERS
+
+      controllers.each do |controller_name|
+        template "#{controller_name}_controller.rb",
+                 "app/controllers/#{scope}/#{controller_name}_controller.rb"
+      end
+    end
+  end
+end

data/lib/generators/api_guard/controllers/templates/authentication_controller.rb

@@ -0,0 +1,27 @@
+module <%= @controller_scope %>
+  class AuthenticationController < ApiGuard::AuthenticationController
+    # before_action :find_resource, only: [:create]
+    # before_action :authenticate_resource, only: [:destroy]
+
+    # def create
+    #   if resource.authenticate(params[:password])
+    #     create_token_and_set_header(resource, resource_name)
+    #     render_success(message: I18n.t('api_guard.authentication.signed_in'))
+    #   else
+    #     render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials'))
+    #   end
+    # end
+
+    # def destroy
+    #   blacklist_token
+    #   render_success(message: I18n.t('api_guard.authentication.signed_out'))
+    # end
+
+    # private
+
+    # def find_resource
+    #   self.resource = resource_class.find_by(email: params[:email].downcase.strip) if params[:email].present?
+    #   render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials')) unless resource
+    # end
+  end
+end

data/lib/generators/api_guard/controllers/templates/passwords_controller.rb

@@ -0,0 +1,25 @@
+module <%= @controller_scope %>
+  class PasswordsController < ApiGuard::PasswordsController
+    # before_action :authenticate_resource, only: [:update]
+
+    # def update
+    #   invalidate_old_jwt_tokens(current_resource)
+    #
+    #   if current_resource.update_attributes(password_params)
+    #     blacklist_token unless ApiGuard.invalidate_old_tokens_on_password_change
+    #     destroy_all_refresh_tokens(current_resource)
+    #
+    #     create_token_and_set_header(current_resource, resource_name)
+    #     render_success(message: I18n.t('api_guard.password.changed'))
+    #   else
+    #     render_error(422, object: current_resource)
+    #   end
+    # end
+
+    # private
+
+    # def password_params
+    #   params.permit(:password, :password_confirmation)
+    # end
+  end
+end

data/lib/generators/api_guard/controllers/templates/registration_controller.rb

@@ -0,0 +1,26 @@
+module <%= @controller_scope %>
+  class RegistrationController < ApiGuard::RegistrationController
+    # before_action :authenticate_resource, only: [:destroy]
+
+    # def create
+    #   init_resource(sign_up_params)
+    #   if resource.save
+    #     create_token_and_set_header(resource, resource_name)
+    #     render_success(message: I18n.t('api_guard.registration.signed_up'))
+    #   else
+    #     render_error(422, object: resource)
+    #   end
+    # end
+
+    # def destroy
+    #   current_resource.destroy
+    #   render_success(message: I18n.t('api_guard.registration.account_deleted'))
+    # end
+
+    # private
+
+    # def sign_up_params
+    #   params.permit(:email, :password, :password_confirmation)
+    # end
+  end
+end

data/lib/generators/api_guard/controllers/templates/tokens_controller.rb

@@ -0,0 +1,28 @@
+module <%= @controller_scope %>
+  class TokensController < ApiGuard::TokensController
+    # before_action :authenticate_resource, only: [:create]
+    # before_action :find_refresh_token, only: [:create]
+
+    # def create
+    #   create_token_and_set_header(current_resource, resource_name)
+    #
+    #   @refresh_token.destroy
+    #   blacklist_token if ApiGuard.blacklist_token_after_refreshing
+    #
+    #   render_success(message: I18n.t('api_guard.access_token.refreshed'))
+    # end
+
+    # private
+
+    # def find_refresh_token
+    #   refresh_token_from_header = request.headers['Refresh-Token']
+    #
+    #   if refresh_token_from_header
+    #     @refresh_token = find_refresh_token_of(current_resource, refresh_token_from_header)
+    #     return render_error(401, message: I18n.t('api_guard.refresh_token.invalid')) unless @refresh_token
+    #   else
+    #     render_error(401, message: I18n.t('api_guard.refresh_token.missing'))
+    #   end
+    # end
+  end
+end

data/lib/generators/api_guard/initializer/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Creates initializer for configuring API Guard
+
+Example:
+    rails generate api_guard:initializer
+
+    This will create:
+        config/initializers/api_guard.rb

data/lib/generators/api_guard/initializer/initializer_generator.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+module ApiGuard
+  class InitializerGenerator < Rails::Generators::Base
+    source_root File.expand_path('templates', __dir__)
+
+    desc 'Creates initializer for configuring API Guard'
+
+    def create_initializer
+      copy_file 'initializer.rb', 'config/initializers/api_guard.rb'
+    end
+  end
+end