api_guard_grape 0.5.4 → 0.5.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +37 -37
- data/Rakefile +1 -1
- data/app/controllers/{api_guard_grape → api_guard}/application_controller.rb +1 -1
- data/app/controllers/{api_guard_grape → api_guard}/authentication_controller.rb +6 -6
- data/app/controllers/{api_guard_grape → api_guard}/passwords_controller.rb +4 -4
- data/app/controllers/{api_guard_grape → api_guard}/registration_controller.rb +4 -4
- data/app/controllers/{api_guard_grape → api_guard}/tokens_controller.rb +6 -6
- data/config/locales/en.yml +1 -1
- data/config/routes.rb +2 -2
- data/lib/{api_guard_grape.rb → api_guard.rb} +9 -9
- data/lib/{api_guard_grape → api_guard}/app_secret_key.rb +1 -1
- data/lib/{api_guard_grape → api_guard}/engine.rb +4 -4
- data/lib/{api_guard_grape → api_guard}/jwt_auth/authentication.rb +16 -16
- data/lib/{api_guard_grape → api_guard}/jwt_auth/blacklist_token.rb +1 -1
- data/lib/api_guard/jwt_auth/json_web_token.rb +143 -0
- data/lib/{api_guard_grape/jwt_auth/json_web_token.rb → api_guard/jwt_auth/refresh_jwt_token.rb} +10 -107
- data/lib/api_guard/models/concerns.rb +27 -0
- data/lib/api_guard/modules.rb +26 -0
- data/lib/{api_guard_grape → api_guard}/resource_mapper.rb +3 -3
- data/lib/{api_guard_grape → api_guard}/response_formatters/renderer.rb +3 -3
- data/lib/{api_guard_grape → api_guard}/route_mapper.rb +10 -10
- data/lib/api_guard/test/controller_helper.rb +13 -0
- data/lib/api_guard/version.rb +5 -0
- data/lib/generators/{api_guard_grape → api_guard}/controllers/USAGE +1 -1
- data/lib/generators/{api_guard_grape → api_guard}/controllers/controllers_generator.rb +1 -1
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/authentication_controller.rb +5 -5
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/passwords_controller.rb +3 -3
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/registration_controller.rb +3 -3
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/tokens_controller.rb +5 -5
- data/lib/generators/{api_guard_grape → api_guard}/initializer/USAGE +2 -2
- data/lib/generators/{api_guard_grape → api_guard}/initializer/initializer_generator.rb +2 -2
- data/lib/generators/{api_guard_grape → api_guard}/initializer/templates/initializer.rb +1 -1
- metadata +30 -30
- data/lib/api_guard_grape/jwt_auth/refresh_jwt_token.rb +0 -46
- data/lib/api_guard_grape/models/concerns.rb +0 -27
- data/lib/api_guard_grape/modules.rb +0 -26
- data/lib/api_guard_grape/test/controller_helper.rb +0 -13
- data/lib/api_guard_grape/version.rb +0 -5
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard/resource_mapper'
|
4
|
+
require 'api_guard/jwt_auth/json_web_token'
|
5
|
+
require 'api_guard/jwt_auth/authentication'
|
6
|
+
require 'api_guard/jwt_auth/refresh_jwt_token'
|
7
|
+
require 'api_guard/jwt_auth/blacklist_token'
|
8
|
+
require 'api_guard/response_formatters/renderer'
|
9
|
+
require 'api_guard/models/concerns'
|
10
|
+
|
11
|
+
module ApiGuard
|
12
|
+
module Modules
|
13
|
+
ActiveSupport.on_load(:action_controller) do
|
14
|
+
include ApiGuard::Resource
|
15
|
+
include ApiGuard::JwtAuth::JsonWebToken
|
16
|
+
include ApiGuard::JwtAuth::Authentication
|
17
|
+
include ApiGuard::JwtAuth::RefreshJwtToken
|
18
|
+
include ApiGuard::JwtAuth::BlacklistToken
|
19
|
+
include ApiGuard::ResponseFormatters::Renderer
|
20
|
+
end
|
21
|
+
|
22
|
+
ActiveSupport.on_load(:active_record) do
|
23
|
+
include ApiGuard::Models::Concerns
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
class ResourceMapper
|
5
5
|
attr_reader :resource_name, :resource_class, :resource_instance_name
|
6
6
|
|
7
7
|
def initialize(routes_for, class_name)
|
8
8
|
@resource_name = routes_for.singularize
|
9
9
|
@resource_class = class_name.constantize
|
10
|
-
@resource_instance_name = "@
|
10
|
+
@resource_instance_name = "@api_guard_#{routes_for}"
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
@@ -21,7 +21,7 @@ module ApiGuardGrape
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def current_resource_mapping
|
24
|
-
request.env['
|
24
|
+
request.env['api_guard.mapping']
|
25
25
|
end
|
26
26
|
|
27
27
|
def resource_name
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
module ResponseFormatters
|
5
5
|
module Renderer
|
6
6
|
def render_success(data: nil, message: nil)
|
7
|
-
resp_data = { status: I18n.t('
|
7
|
+
resp_data = { status: I18n.t('api_guard.response.success') }
|
8
8
|
resp_data[:message] = message if message
|
9
9
|
resp_data[:data] = data if data
|
10
10
|
|
@@ -12,7 +12,7 @@ module ApiGuardGrape
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def render_error(status, options = {})
|
15
|
-
data = { status: I18n.t('
|
15
|
+
data = { status: I18n.t('api_guard.response.error') }
|
16
16
|
data[:error] = options[:object] ? options[:object].errors.full_messages[0] : options[:message]
|
17
17
|
|
18
18
|
render json: data, status: status
|
@@ -7,7 +7,7 @@
|
|
7
7
|
module ActionDispatch
|
8
8
|
module Routing
|
9
9
|
class Mapper
|
10
|
-
def
|
10
|
+
def api_guard_routes(options = {})
|
11
11
|
routes_for = options.delete(:for).to_s || 'users'
|
12
12
|
|
13
13
|
controllers = default_controllers(options[:only], options[:except])
|
@@ -16,19 +16,19 @@ module ActionDispatch
|
|
16
16
|
options[:as] = options[:as] || routes_for.singularize
|
17
17
|
options[:path] = options[:path] || routes_for
|
18
18
|
|
19
|
-
|
19
|
+
api_guard_scope(routes_for) do |mapped_resource|
|
20
20
|
scope options do
|
21
21
|
generate_routes(mapped_resource, controller_options, controllers)
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
|
-
def
|
27
|
-
mapped_resource =
|
28
|
-
|
26
|
+
def api_guard_scope(routes_for)
|
27
|
+
mapped_resource = ApiGuard.mapped_resource[routes_for.to_sym].presence ||
|
28
|
+
ApiGuard.map_resource(routes_for, routes_for.classify)
|
29
29
|
|
30
30
|
constraint = lambda do |request|
|
31
|
-
request.env['
|
31
|
+
request.env['api_guard.mapping'] = mapped_resource
|
32
32
|
true
|
33
33
|
end
|
34
34
|
|
@@ -56,27 +56,27 @@ module ActionDispatch
|
|
56
56
|
end
|
57
57
|
|
58
58
|
def authentication_routes(controller_name = nil)
|
59
|
-
controller_name ||= '
|
59
|
+
controller_name ||= 'api_guard/authentication'
|
60
60
|
|
61
61
|
post 'sign_in' => "#{controller_name}#create"
|
62
62
|
delete 'sign_out' => "#{controller_name}#destroy"
|
63
63
|
end
|
64
64
|
|
65
65
|
def registration_routes(controller_name = nil)
|
66
|
-
controller_name ||= '
|
66
|
+
controller_name ||= 'api_guard/registration'
|
67
67
|
|
68
68
|
post 'sign_up' => "#{controller_name}#create"
|
69
69
|
delete 'delete' => "#{controller_name}#destroy"
|
70
70
|
end
|
71
71
|
|
72
72
|
def passwords_routes(controller_name = nil)
|
73
|
-
controller_name ||= '
|
73
|
+
controller_name ||= 'api_guard/passwords'
|
74
74
|
|
75
75
|
patch 'passwords' => "#{controller_name}#update"
|
76
76
|
end
|
77
77
|
|
78
78
|
def tokens_routes(controller_name = nil)
|
79
|
-
controller_name ||= '
|
79
|
+
controller_name ||= 'api_guard/tokens'
|
80
80
|
|
81
81
|
post 'tokens' => "#{controller_name}#create"
|
82
82
|
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard/jwt_auth/json_web_token'
|
4
|
+
require 'api_guard/jwt_auth/refresh_jwt_token'
|
5
|
+
|
6
|
+
module ApiGuard
|
7
|
+
module Test
|
8
|
+
module ControllerHelper
|
9
|
+
include ApiGuard::JwtAuth::JsonWebToken
|
10
|
+
include ApiGuard::JwtAuth::RefreshJwtToken
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/authentication_controller.rb
RENAMED
@@ -1,27 +1,27 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class AuthenticationController <
|
2
|
+
class AuthenticationController < ApiGuard::AuthenticationController
|
3
3
|
# before_action :find_resource, only: [:create]
|
4
4
|
# before_action :authenticate_resource, only: [:destroy]
|
5
5
|
|
6
6
|
# def create
|
7
7
|
# if resource.authenticate(params[:password])
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard.authentication.signed_in'))
|
10
10
|
# else
|
11
|
-
# render_error(422, message: I18n.t('
|
11
|
+
# render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials'))
|
12
12
|
# end
|
13
13
|
# end
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# blacklist_token
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard.authentication.signed_out'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
21
21
|
|
22
22
|
# def find_resource
|
23
23
|
# self.resource = resource_class.find_by(email: params[:email].downcase.strip) if params[:email].present?
|
24
|
-
# render_error(422, message: I18n.t('
|
24
|
+
# render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials')) unless resource
|
25
25
|
# end
|
26
26
|
end
|
27
27
|
end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/passwords_controller.rb
RENAMED
@@ -1,16 +1,16 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class PasswordsController <
|
2
|
+
class PasswordsController < ApiGuard::PasswordsController
|
3
3
|
# before_action :authenticate_resource, only: [:update]
|
4
4
|
|
5
5
|
# def update
|
6
6
|
# invalidate_old_jwt_tokens(current_resource)
|
7
7
|
#
|
8
8
|
# if current_resource.update_attributes(password_params)
|
9
|
-
# blacklist_token unless
|
9
|
+
# blacklist_token unless ApiGuard.invalidate_old_tokens_on_password_change
|
10
10
|
# destroy_all_refresh_tokens(current_resource)
|
11
11
|
#
|
12
12
|
# create_token_and_set_header(current_resource, resource_name)
|
13
|
-
# render_success(message: I18n.t('
|
13
|
+
# render_success(message: I18n.t('api_guard.password.changed'))
|
14
14
|
# else
|
15
15
|
# render_error(422, object: current_resource)
|
16
16
|
# end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/registration_controller.rb
RENAMED
@@ -1,12 +1,12 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class RegistrationController <
|
2
|
+
class RegistrationController < ApiGuard::RegistrationController
|
3
3
|
# before_action :authenticate_resource, only: [:destroy]
|
4
4
|
|
5
5
|
# def create
|
6
6
|
# init_resource(sign_up_params)
|
7
7
|
# if resource.save
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard.registration.signed_up'))
|
10
10
|
# else
|
11
11
|
# render_error(422, object: resource)
|
12
12
|
# end
|
@@ -14,7 +14,7 @@ module <%= @controller_scope %>
|
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# current_resource.destroy
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard.registration.account_deleted'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/tokens_controller.rb
RENAMED
@@ -1,5 +1,5 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class TokensController <
|
2
|
+
class TokensController < ApiGuard::TokensController
|
3
3
|
# before_action :authenticate_resource, only: [:create]
|
4
4
|
# before_action :find_refresh_token, only: [:create]
|
5
5
|
|
@@ -7,9 +7,9 @@ module <%= @controller_scope %>
|
|
7
7
|
# create_token_and_set_header(current_resource, resource_name)
|
8
8
|
#
|
9
9
|
# @refresh_token.destroy
|
10
|
-
# blacklist_token if
|
10
|
+
# blacklist_token if ApiGuard.blacklist_token_after_refreshing
|
11
11
|
#
|
12
|
-
# render_success(message: I18n.t('
|
12
|
+
# render_success(message: I18n.t('api_guard.access_token.refreshed'))
|
13
13
|
# end
|
14
14
|
|
15
15
|
# private
|
@@ -19,9 +19,9 @@ module <%= @controller_scope %>
|
|
19
19
|
#
|
20
20
|
# if refresh_token_from_header
|
21
21
|
# @refresh_token = find_refresh_token_of(current_resource, refresh_token_from_header)
|
22
|
-
# return render_error(401, message: I18n.t('
|
22
|
+
# return render_error(401, message: I18n.t('api_guard.refresh_token.invalid')) unless @refresh_token
|
23
23
|
# else
|
24
|
-
# render_error(401, message: I18n.t('
|
24
|
+
# render_error(401, message: I18n.t('api_guard.refresh_token.missing'))
|
25
25
|
# end
|
26
26
|
# end
|
27
27
|
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
class InitializerGenerator < Rails::Generators::Base
|
5
5
|
source_root File.expand_path('templates', __dir__)
|
6
6
|
|
7
7
|
desc 'Creates initializer for configuring API Guard'
|
8
8
|
|
9
9
|
def create_initializer
|
10
|
-
copy_file 'initializer.rb', 'config/initializers/
|
10
|
+
copy_file 'initializer.rb', 'config/initializers/api_guard.rb'
|
11
11
|
end
|
12
12
|
end
|
13
13
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: api_guard_grape
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Prateek Singh
|
@@ -146,36 +146,36 @@ files:
|
|
146
146
|
- MIT-LICENSE
|
147
147
|
- README.md
|
148
148
|
- Rakefile
|
149
|
-
- app/controllers/
|
150
|
-
- app/controllers/
|
151
|
-
- app/controllers/
|
152
|
-
- app/controllers/
|
153
|
-
- app/controllers/
|
149
|
+
- app/controllers/api_guard/application_controller.rb
|
150
|
+
- app/controllers/api_guard/authentication_controller.rb
|
151
|
+
- app/controllers/api_guard/passwords_controller.rb
|
152
|
+
- app/controllers/api_guard/registration_controller.rb
|
153
|
+
- app/controllers/api_guard/tokens_controller.rb
|
154
154
|
- config/locales/en.yml
|
155
155
|
- config/routes.rb
|
156
|
-
- lib/
|
157
|
-
- lib/
|
158
|
-
- lib/
|
159
|
-
- lib/
|
160
|
-
- lib/
|
161
|
-
- lib/
|
162
|
-
- lib/
|
163
|
-
- lib/
|
164
|
-
- lib/
|
165
|
-
- lib/
|
166
|
-
- lib/
|
167
|
-
- lib/
|
168
|
-
- lib/
|
169
|
-
- lib/
|
170
|
-
- lib/generators/
|
171
|
-
- lib/generators/
|
172
|
-
- lib/generators/
|
173
|
-
- lib/generators/
|
174
|
-
- lib/generators/
|
175
|
-
- lib/generators/
|
176
|
-
- lib/generators/
|
177
|
-
- lib/generators/
|
178
|
-
- lib/generators/
|
156
|
+
- lib/api_guard.rb
|
157
|
+
- lib/api_guard/app_secret_key.rb
|
158
|
+
- lib/api_guard/engine.rb
|
159
|
+
- lib/api_guard/jwt_auth/authentication.rb
|
160
|
+
- lib/api_guard/jwt_auth/blacklist_token.rb
|
161
|
+
- lib/api_guard/jwt_auth/json_web_token.rb
|
162
|
+
- lib/api_guard/jwt_auth/refresh_jwt_token.rb
|
163
|
+
- lib/api_guard/models/concerns.rb
|
164
|
+
- lib/api_guard/modules.rb
|
165
|
+
- lib/api_guard/resource_mapper.rb
|
166
|
+
- lib/api_guard/response_formatters/renderer.rb
|
167
|
+
- lib/api_guard/route_mapper.rb
|
168
|
+
- lib/api_guard/test/controller_helper.rb
|
169
|
+
- lib/api_guard/version.rb
|
170
|
+
- lib/generators/api_guard/controllers/USAGE
|
171
|
+
- lib/generators/api_guard/controllers/controllers_generator.rb
|
172
|
+
- lib/generators/api_guard/controllers/templates/authentication_controller.rb
|
173
|
+
- lib/generators/api_guard/controllers/templates/passwords_controller.rb
|
174
|
+
- lib/generators/api_guard/controllers/templates/registration_controller.rb
|
175
|
+
- lib/generators/api_guard/controllers/templates/tokens_controller.rb
|
176
|
+
- lib/generators/api_guard/initializer/USAGE
|
177
|
+
- lib/generators/api_guard/initializer/initializer_generator.rb
|
178
|
+
- lib/generators/api_guard/initializer/templates/initializer.rb
|
179
179
|
homepage: https://github.com/prateeksinghbundela/api_guard_grape
|
180
180
|
licenses:
|
181
181
|
- MIT
|
@@ -195,7 +195,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
195
195
|
- !ruby/object:Gem::Version
|
196
196
|
version: '0'
|
197
197
|
requirements: []
|
198
|
-
rubygems_version: 3.
|
198
|
+
rubygems_version: 3.1.4
|
199
199
|
signing_key:
|
200
200
|
specification_version: 4
|
201
201
|
summary: Rails API authentication made easy
|
@@ -1,46 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module ApiGuardGrape
|
4
|
-
module JwtAuth
|
5
|
-
# Common module for refresh token functionality
|
6
|
-
module RefreshJwtToken
|
7
|
-
def self.refresh_token_association(resource)
|
8
|
-
resource.class.refresh_token_association
|
9
|
-
end
|
10
|
-
|
11
|
-
def self.refresh_token_enabled?(resource)
|
12
|
-
refresh_token_association(resource).present?
|
13
|
-
end
|
14
|
-
|
15
|
-
def self.refresh_tokens_for(resource)
|
16
|
-
refresh_token_association = refresh_token_association(resource)
|
17
|
-
resource.send(refresh_token_association)
|
18
|
-
end
|
19
|
-
|
20
|
-
def self.find_refresh_token_of(resource, refresh_token)
|
21
|
-
refresh_tokens_for(resource).find_by_token(refresh_token)
|
22
|
-
end
|
23
|
-
|
24
|
-
# Generate and return unique refresh token for the resource
|
25
|
-
def self.uniq_refresh_token(resource)
|
26
|
-
loop do
|
27
|
-
random_token = SecureRandom.urlsafe_base64
|
28
|
-
return random_token unless refresh_tokens_for(resource).exists?(token: random_token)
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
# Create a new refresh_token for the current resource
|
33
|
-
def self.new_refresh_token(resource)
|
34
|
-
return unless refresh_token_enabled?(resource)
|
35
|
-
|
36
|
-
refresh_tokens_for(resource).create(token: uniq_refresh_token(resource)).token
|
37
|
-
end
|
38
|
-
|
39
|
-
def self.destroy_all_refresh_tokens(resource)
|
40
|
-
return unless refresh_token_enabled?(resource)
|
41
|
-
|
42
|
-
refresh_tokens_for(resource).destroy_all
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|