api_guard_grape 0.5.4 → 0.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +37 -37
- data/Rakefile +1 -1
- data/app/controllers/{api_guard_grape → api_guard}/application_controller.rb +1 -1
- data/app/controllers/{api_guard_grape → api_guard}/authentication_controller.rb +6 -6
- data/app/controllers/{api_guard_grape → api_guard}/passwords_controller.rb +4 -4
- data/app/controllers/{api_guard_grape → api_guard}/registration_controller.rb +4 -4
- data/app/controllers/{api_guard_grape → api_guard}/tokens_controller.rb +6 -6
- data/config/locales/en.yml +1 -1
- data/config/routes.rb +2 -2
- data/lib/{api_guard_grape.rb → api_guard.rb} +9 -9
- data/lib/{api_guard_grape → api_guard}/app_secret_key.rb +1 -1
- data/lib/{api_guard_grape → api_guard}/engine.rb +4 -4
- data/lib/{api_guard_grape → api_guard}/jwt_auth/authentication.rb +16 -16
- data/lib/{api_guard_grape → api_guard}/jwt_auth/blacklist_token.rb +1 -1
- data/lib/api_guard/jwt_auth/json_web_token.rb +143 -0
- data/lib/{api_guard_grape/jwt_auth/json_web_token.rb → api_guard/jwt_auth/refresh_jwt_token.rb} +10 -107
- data/lib/api_guard/models/concerns.rb +27 -0
- data/lib/api_guard/modules.rb +26 -0
- data/lib/{api_guard_grape → api_guard}/resource_mapper.rb +3 -3
- data/lib/{api_guard_grape → api_guard}/response_formatters/renderer.rb +3 -3
- data/lib/{api_guard_grape → api_guard}/route_mapper.rb +10 -10
- data/lib/api_guard/test/controller_helper.rb +13 -0
- data/lib/api_guard/version.rb +5 -0
- data/lib/generators/{api_guard_grape → api_guard}/controllers/USAGE +1 -1
- data/lib/generators/{api_guard_grape → api_guard}/controllers/controllers_generator.rb +1 -1
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/authentication_controller.rb +5 -5
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/passwords_controller.rb +3 -3
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/registration_controller.rb +3 -3
- data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/tokens_controller.rb +5 -5
- data/lib/generators/{api_guard_grape → api_guard}/initializer/USAGE +2 -2
- data/lib/generators/{api_guard_grape → api_guard}/initializer/initializer_generator.rb +2 -2
- data/lib/generators/{api_guard_grape → api_guard}/initializer/templates/initializer.rb +1 -1
- metadata +30 -30
- data/lib/api_guard_grape/jwt_auth/refresh_jwt_token.rb +0 -46
- data/lib/api_guard_grape/models/concerns.rb +0 -27
- data/lib/api_guard_grape/modules.rb +0 -26
- data/lib/api_guard_grape/test/controller_helper.rb +0 -13
- data/lib/api_guard_grape/version.rb +0 -5
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard/resource_mapper'
|
4
|
+
require 'api_guard/jwt_auth/json_web_token'
|
5
|
+
require 'api_guard/jwt_auth/authentication'
|
6
|
+
require 'api_guard/jwt_auth/refresh_jwt_token'
|
7
|
+
require 'api_guard/jwt_auth/blacklist_token'
|
8
|
+
require 'api_guard/response_formatters/renderer'
|
9
|
+
require 'api_guard/models/concerns'
|
10
|
+
|
11
|
+
module ApiGuard
|
12
|
+
module Modules
|
13
|
+
ActiveSupport.on_load(:action_controller) do
|
14
|
+
include ApiGuard::Resource
|
15
|
+
include ApiGuard::JwtAuth::JsonWebToken
|
16
|
+
include ApiGuard::JwtAuth::Authentication
|
17
|
+
include ApiGuard::JwtAuth::RefreshJwtToken
|
18
|
+
include ApiGuard::JwtAuth::BlacklistToken
|
19
|
+
include ApiGuard::ResponseFormatters::Renderer
|
20
|
+
end
|
21
|
+
|
22
|
+
ActiveSupport.on_load(:active_record) do
|
23
|
+
include ApiGuard::Models::Concerns
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
class ResourceMapper
|
5
5
|
attr_reader :resource_name, :resource_class, :resource_instance_name
|
6
6
|
|
7
7
|
def initialize(routes_for, class_name)
|
8
8
|
@resource_name = routes_for.singularize
|
9
9
|
@resource_class = class_name.constantize
|
10
|
-
@resource_instance_name = "@
|
10
|
+
@resource_instance_name = "@api_guard_#{routes_for}"
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
@@ -21,7 +21,7 @@ module ApiGuardGrape
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def current_resource_mapping
|
24
|
-
request.env['
|
24
|
+
request.env['api_guard.mapping']
|
25
25
|
end
|
26
26
|
|
27
27
|
def resource_name
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
module ResponseFormatters
|
5
5
|
module Renderer
|
6
6
|
def render_success(data: nil, message: nil)
|
7
|
-
resp_data = { status: I18n.t('
|
7
|
+
resp_data = { status: I18n.t('api_guard.response.success') }
|
8
8
|
resp_data[:message] = message if message
|
9
9
|
resp_data[:data] = data if data
|
10
10
|
|
@@ -12,7 +12,7 @@ module ApiGuardGrape
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def render_error(status, options = {})
|
15
|
-
data = { status: I18n.t('
|
15
|
+
data = { status: I18n.t('api_guard.response.error') }
|
16
16
|
data[:error] = options[:object] ? options[:object].errors.full_messages[0] : options[:message]
|
17
17
|
|
18
18
|
render json: data, status: status
|
@@ -7,7 +7,7 @@
|
|
7
7
|
module ActionDispatch
|
8
8
|
module Routing
|
9
9
|
class Mapper
|
10
|
-
def
|
10
|
+
def api_guard_routes(options = {})
|
11
11
|
routes_for = options.delete(:for).to_s || 'users'
|
12
12
|
|
13
13
|
controllers = default_controllers(options[:only], options[:except])
|
@@ -16,19 +16,19 @@ module ActionDispatch
|
|
16
16
|
options[:as] = options[:as] || routes_for.singularize
|
17
17
|
options[:path] = options[:path] || routes_for
|
18
18
|
|
19
|
-
|
19
|
+
api_guard_scope(routes_for) do |mapped_resource|
|
20
20
|
scope options do
|
21
21
|
generate_routes(mapped_resource, controller_options, controllers)
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
|
-
def
|
27
|
-
mapped_resource =
|
28
|
-
|
26
|
+
def api_guard_scope(routes_for)
|
27
|
+
mapped_resource = ApiGuard.mapped_resource[routes_for.to_sym].presence ||
|
28
|
+
ApiGuard.map_resource(routes_for, routes_for.classify)
|
29
29
|
|
30
30
|
constraint = lambda do |request|
|
31
|
-
request.env['
|
31
|
+
request.env['api_guard.mapping'] = mapped_resource
|
32
32
|
true
|
33
33
|
end
|
34
34
|
|
@@ -56,27 +56,27 @@ module ActionDispatch
|
|
56
56
|
end
|
57
57
|
|
58
58
|
def authentication_routes(controller_name = nil)
|
59
|
-
controller_name ||= '
|
59
|
+
controller_name ||= 'api_guard/authentication'
|
60
60
|
|
61
61
|
post 'sign_in' => "#{controller_name}#create"
|
62
62
|
delete 'sign_out' => "#{controller_name}#destroy"
|
63
63
|
end
|
64
64
|
|
65
65
|
def registration_routes(controller_name = nil)
|
66
|
-
controller_name ||= '
|
66
|
+
controller_name ||= 'api_guard/registration'
|
67
67
|
|
68
68
|
post 'sign_up' => "#{controller_name}#create"
|
69
69
|
delete 'delete' => "#{controller_name}#destroy"
|
70
70
|
end
|
71
71
|
|
72
72
|
def passwords_routes(controller_name = nil)
|
73
|
-
controller_name ||= '
|
73
|
+
controller_name ||= 'api_guard/passwords'
|
74
74
|
|
75
75
|
patch 'passwords' => "#{controller_name}#update"
|
76
76
|
end
|
77
77
|
|
78
78
|
def tokens_routes(controller_name = nil)
|
79
|
-
controller_name ||= '
|
79
|
+
controller_name ||= 'api_guard/tokens'
|
80
80
|
|
81
81
|
post 'tokens' => "#{controller_name}#create"
|
82
82
|
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard/jwt_auth/json_web_token'
|
4
|
+
require 'api_guard/jwt_auth/refresh_jwt_token'
|
5
|
+
|
6
|
+
module ApiGuard
|
7
|
+
module Test
|
8
|
+
module ControllerHelper
|
9
|
+
include ApiGuard::JwtAuth::JsonWebToken
|
10
|
+
include ApiGuard::JwtAuth::RefreshJwtToken
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/authentication_controller.rb
RENAMED
@@ -1,27 +1,27 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class AuthenticationController <
|
2
|
+
class AuthenticationController < ApiGuard::AuthenticationController
|
3
3
|
# before_action :find_resource, only: [:create]
|
4
4
|
# before_action :authenticate_resource, only: [:destroy]
|
5
5
|
|
6
6
|
# def create
|
7
7
|
# if resource.authenticate(params[:password])
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard.authentication.signed_in'))
|
10
10
|
# else
|
11
|
-
# render_error(422, message: I18n.t('
|
11
|
+
# render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials'))
|
12
12
|
# end
|
13
13
|
# end
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# blacklist_token
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard.authentication.signed_out'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
21
21
|
|
22
22
|
# def find_resource
|
23
23
|
# self.resource = resource_class.find_by(email: params[:email].downcase.strip) if params[:email].present?
|
24
|
-
# render_error(422, message: I18n.t('
|
24
|
+
# render_error(422, message: I18n.t('api_guard.authentication.invalid_login_credentials')) unless resource
|
25
25
|
# end
|
26
26
|
end
|
27
27
|
end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/passwords_controller.rb
RENAMED
@@ -1,16 +1,16 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class PasswordsController <
|
2
|
+
class PasswordsController < ApiGuard::PasswordsController
|
3
3
|
# before_action :authenticate_resource, only: [:update]
|
4
4
|
|
5
5
|
# def update
|
6
6
|
# invalidate_old_jwt_tokens(current_resource)
|
7
7
|
#
|
8
8
|
# if current_resource.update_attributes(password_params)
|
9
|
-
# blacklist_token unless
|
9
|
+
# blacklist_token unless ApiGuard.invalidate_old_tokens_on_password_change
|
10
10
|
# destroy_all_refresh_tokens(current_resource)
|
11
11
|
#
|
12
12
|
# create_token_and_set_header(current_resource, resource_name)
|
13
|
-
# render_success(message: I18n.t('
|
13
|
+
# render_success(message: I18n.t('api_guard.password.changed'))
|
14
14
|
# else
|
15
15
|
# render_error(422, object: current_resource)
|
16
16
|
# end
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/registration_controller.rb
RENAMED
@@ -1,12 +1,12 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class RegistrationController <
|
2
|
+
class RegistrationController < ApiGuard::RegistrationController
|
3
3
|
# before_action :authenticate_resource, only: [:destroy]
|
4
4
|
|
5
5
|
# def create
|
6
6
|
# init_resource(sign_up_params)
|
7
7
|
# if resource.save
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard.registration.signed_up'))
|
10
10
|
# else
|
11
11
|
# render_error(422, object: resource)
|
12
12
|
# end
|
@@ -14,7 +14,7 @@ module <%= @controller_scope %>
|
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# current_resource.destroy
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard.registration.account_deleted'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
data/lib/generators/{api_guard_grape → api_guard}/controllers/templates/tokens_controller.rb
RENAMED
@@ -1,5 +1,5 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class TokensController <
|
2
|
+
class TokensController < ApiGuard::TokensController
|
3
3
|
# before_action :authenticate_resource, only: [:create]
|
4
4
|
# before_action :find_refresh_token, only: [:create]
|
5
5
|
|
@@ -7,9 +7,9 @@ module <%= @controller_scope %>
|
|
7
7
|
# create_token_and_set_header(current_resource, resource_name)
|
8
8
|
#
|
9
9
|
# @refresh_token.destroy
|
10
|
-
# blacklist_token if
|
10
|
+
# blacklist_token if ApiGuard.blacklist_token_after_refreshing
|
11
11
|
#
|
12
|
-
# render_success(message: I18n.t('
|
12
|
+
# render_success(message: I18n.t('api_guard.access_token.refreshed'))
|
13
13
|
# end
|
14
14
|
|
15
15
|
# private
|
@@ -19,9 +19,9 @@ module <%= @controller_scope %>
|
|
19
19
|
#
|
20
20
|
# if refresh_token_from_header
|
21
21
|
# @refresh_token = find_refresh_token_of(current_resource, refresh_token_from_header)
|
22
|
-
# return render_error(401, message: I18n.t('
|
22
|
+
# return render_error(401, message: I18n.t('api_guard.refresh_token.invalid')) unless @refresh_token
|
23
23
|
# else
|
24
|
-
# render_error(401, message: I18n.t('
|
24
|
+
# render_error(401, message: I18n.t('api_guard.refresh_token.missing'))
|
25
25
|
# end
|
26
26
|
# end
|
27
27
|
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuard
|
4
4
|
class InitializerGenerator < Rails::Generators::Base
|
5
5
|
source_root File.expand_path('templates', __dir__)
|
6
6
|
|
7
7
|
desc 'Creates initializer for configuring API Guard'
|
8
8
|
|
9
9
|
def create_initializer
|
10
|
-
copy_file 'initializer.rb', 'config/initializers/
|
10
|
+
copy_file 'initializer.rb', 'config/initializers/api_guard.rb'
|
11
11
|
end
|
12
12
|
end
|
13
13
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: api_guard_grape
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Prateek Singh
|
@@ -146,36 +146,36 @@ files:
|
|
146
146
|
- MIT-LICENSE
|
147
147
|
- README.md
|
148
148
|
- Rakefile
|
149
|
-
- app/controllers/
|
150
|
-
- app/controllers/
|
151
|
-
- app/controllers/
|
152
|
-
- app/controllers/
|
153
|
-
- app/controllers/
|
149
|
+
- app/controllers/api_guard/application_controller.rb
|
150
|
+
- app/controllers/api_guard/authentication_controller.rb
|
151
|
+
- app/controllers/api_guard/passwords_controller.rb
|
152
|
+
- app/controllers/api_guard/registration_controller.rb
|
153
|
+
- app/controllers/api_guard/tokens_controller.rb
|
154
154
|
- config/locales/en.yml
|
155
155
|
- config/routes.rb
|
156
|
-
- lib/
|
157
|
-
- lib/
|
158
|
-
- lib/
|
159
|
-
- lib/
|
160
|
-
- lib/
|
161
|
-
- lib/
|
162
|
-
- lib/
|
163
|
-
- lib/
|
164
|
-
- lib/
|
165
|
-
- lib/
|
166
|
-
- lib/
|
167
|
-
- lib/
|
168
|
-
- lib/
|
169
|
-
- lib/
|
170
|
-
- lib/generators/
|
171
|
-
- lib/generators/
|
172
|
-
- lib/generators/
|
173
|
-
- lib/generators/
|
174
|
-
- lib/generators/
|
175
|
-
- lib/generators/
|
176
|
-
- lib/generators/
|
177
|
-
- lib/generators/
|
178
|
-
- lib/generators/
|
156
|
+
- lib/api_guard.rb
|
157
|
+
- lib/api_guard/app_secret_key.rb
|
158
|
+
- lib/api_guard/engine.rb
|
159
|
+
- lib/api_guard/jwt_auth/authentication.rb
|
160
|
+
- lib/api_guard/jwt_auth/blacklist_token.rb
|
161
|
+
- lib/api_guard/jwt_auth/json_web_token.rb
|
162
|
+
- lib/api_guard/jwt_auth/refresh_jwt_token.rb
|
163
|
+
- lib/api_guard/models/concerns.rb
|
164
|
+
- lib/api_guard/modules.rb
|
165
|
+
- lib/api_guard/resource_mapper.rb
|
166
|
+
- lib/api_guard/response_formatters/renderer.rb
|
167
|
+
- lib/api_guard/route_mapper.rb
|
168
|
+
- lib/api_guard/test/controller_helper.rb
|
169
|
+
- lib/api_guard/version.rb
|
170
|
+
- lib/generators/api_guard/controllers/USAGE
|
171
|
+
- lib/generators/api_guard/controllers/controllers_generator.rb
|
172
|
+
- lib/generators/api_guard/controllers/templates/authentication_controller.rb
|
173
|
+
- lib/generators/api_guard/controllers/templates/passwords_controller.rb
|
174
|
+
- lib/generators/api_guard/controllers/templates/registration_controller.rb
|
175
|
+
- lib/generators/api_guard/controllers/templates/tokens_controller.rb
|
176
|
+
- lib/generators/api_guard/initializer/USAGE
|
177
|
+
- lib/generators/api_guard/initializer/initializer_generator.rb
|
178
|
+
- lib/generators/api_guard/initializer/templates/initializer.rb
|
179
179
|
homepage: https://github.com/prateeksinghbundela/api_guard_grape
|
180
180
|
licenses:
|
181
181
|
- MIT
|
@@ -195,7 +195,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
195
195
|
- !ruby/object:Gem::Version
|
196
196
|
version: '0'
|
197
197
|
requirements: []
|
198
|
-
rubygems_version: 3.
|
198
|
+
rubygems_version: 3.1.4
|
199
199
|
signing_key:
|
200
200
|
specification_version: 4
|
201
201
|
summary: Rails API authentication made easy
|
@@ -1,46 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module ApiGuardGrape
|
4
|
-
module JwtAuth
|
5
|
-
# Common module for refresh token functionality
|
6
|
-
module RefreshJwtToken
|
7
|
-
def self.refresh_token_association(resource)
|
8
|
-
resource.class.refresh_token_association
|
9
|
-
end
|
10
|
-
|
11
|
-
def self.refresh_token_enabled?(resource)
|
12
|
-
refresh_token_association(resource).present?
|
13
|
-
end
|
14
|
-
|
15
|
-
def self.refresh_tokens_for(resource)
|
16
|
-
refresh_token_association = refresh_token_association(resource)
|
17
|
-
resource.send(refresh_token_association)
|
18
|
-
end
|
19
|
-
|
20
|
-
def self.find_refresh_token_of(resource, refresh_token)
|
21
|
-
refresh_tokens_for(resource).find_by_token(refresh_token)
|
22
|
-
end
|
23
|
-
|
24
|
-
# Generate and return unique refresh token for the resource
|
25
|
-
def self.uniq_refresh_token(resource)
|
26
|
-
loop do
|
27
|
-
random_token = SecureRandom.urlsafe_base64
|
28
|
-
return random_token unless refresh_tokens_for(resource).exists?(token: random_token)
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
# Create a new refresh_token for the current resource
|
33
|
-
def self.new_refresh_token(resource)
|
34
|
-
return unless refresh_token_enabled?(resource)
|
35
|
-
|
36
|
-
refresh_tokens_for(resource).create(token: uniq_refresh_token(resource)).token
|
37
|
-
end
|
38
|
-
|
39
|
-
def self.destroy_all_refresh_tokens(resource)
|
40
|
-
return unless refresh_token_enabled?(resource)
|
41
|
-
|
42
|
-
refresh_tokens_for(resource).destroy_all
|
43
|
-
end
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|