api_guard_grape 0.5.2 → 0.5.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +35 -35
- data/Rakefile +1 -1
- data/app/controllers/{api_guard → api_guard_grape}/application_controller.rb +1 -1
- data/app/controllers/{api_guard → api_guard_grape}/authentication_controller.rb +6 -6
- data/app/controllers/{api_guard → api_guard_grape}/passwords_controller.rb +4 -4
- data/app/controllers/{api_guard → api_guard_grape}/registration_controller.rb +4 -4
- data/app/controllers/{api_guard → api_guard_grape}/tokens_controller.rb +6 -6
- data/config/locales/en.yml +1 -1
- data/config/routes.rb +2 -2
- data/lib/{api_guard.rb → api_guard_grape.rb} +9 -9
- data/lib/{api_guard → api_guard_grape}/app_secret_key.rb +1 -1
- data/lib/{api_guard → api_guard_grape}/engine.rb +4 -4
- data/lib/{api_guard → api_guard_grape}/jwt_auth/authentication.rb +7 -7
- data/lib/{api_guard → api_guard_grape}/jwt_auth/blacklist_token.rb +1 -1
- data/lib/{api_guard → api_guard_grape}/jwt_auth/json_web_token.rb +11 -11
- data/lib/{api_guard → api_guard_grape}/jwt_auth/refresh_jwt_token.rb +1 -1
- data/lib/api_guard_grape/models/concerns.rb +27 -0
- data/lib/api_guard_grape/modules.rb +26 -0
- data/lib/{api_guard → api_guard_grape}/resource_mapper.rb +3 -3
- data/lib/{api_guard → api_guard_grape}/response_formatters/renderer.rb +3 -3
- data/lib/{api_guard → api_guard_grape}/route_mapper.rb +10 -10
- data/lib/api_guard_grape/test/controller_helper.rb +13 -0
- data/lib/api_guard_grape/version.rb +5 -0
- data/lib/generators/{api_guard → api_guard_grape}/controllers/USAGE +1 -1
- data/lib/generators/{api_guard → api_guard_grape}/controllers/controllers_generator.rb +1 -1
- data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/authentication_controller.rb +5 -5
- data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/passwords_controller.rb +3 -3
- data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/registration_controller.rb +3 -3
- data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/tokens_controller.rb +5 -5
- data/lib/generators/{api_guard → api_guard_grape}/initializer/USAGE +2 -2
- data/lib/generators/{api_guard → api_guard_grape}/initializer/initializer_generator.rb +2 -2
- data/lib/generators/{api_guard → api_guard_grape}/initializer/templates/initializer.rb +1 -1
- metadata +30 -30
- data/lib/api_guard/models/concerns.rb +0 -27
- data/lib/api_guard/modules.rb +0 -26
- data/lib/api_guard/test/controller_helper.rb +0 -13
- data/lib/api_guard/version.rb +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4381e38e78427908ffe9ee0597a0ce30393d2495fc21054d8457fc51726cbc96
|
4
|
+
data.tar.gz: dc228c65bcdc551b54074d0bd09afafe261009a878a201da48dd783a14c3dc44
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c507254d38f3d3f71fa02ab3c973e1b7eaa06f2adc75214be6bacc97f2a4bcf34b1e66e22b28e1139808ea3a2c70db8e86553f8bd98d7470a88c659a5b8508ca
|
7
|
+
data.tar.gz: 8f602a2ac573fabe7bed9ff8a6206ad147e6d683bbb825942f767e4c7acb112c80a96b32d2fa108b91811739a5d2514f217a7ed99c06c2c0b7486f6735eaa271
|
data/README.md
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
# API Guard
|
2
2
|
|
3
|
-
[![Version](https://img.shields.io/gem/v/
|
4
|
-
[![Build Status](https://github.com/prateeksinghbundela/
|
5
|
-
[![Maintainability](https://api.codeclimate.com/v1/badges/ced3e74a26a66ed915cb/maintainability)](https://codeclimate.com/github/prateeksinghbundela/
|
3
|
+
[![Version](https://img.shields.io/gem/v/api_guard_grape.svg?color=green)](https://rubygems.org/gems/api_guard_grape_grape)
|
4
|
+
[![Build Status](https://github.com/prateeksinghbundela/api_guard_grape_grape/workflows/build/badge.svg?branch=master)](https://github.com/prateeksinghbundela/api_guard_grape_grape/actions?query=workflow%3Abuild)
|
5
|
+
[![Maintainability](https://api.codeclimate.com/v1/badges/ced3e74a26a66ed915cb/maintainability)](https://codeclimate.com/github/prateeksinghbundela/api_guard_grape_grape/maintainability)
|
6
6
|
|
7
7
|
|
8
8
|
[JSON Web Token (JWT)](https://jwt.io/) based authentication solution with token refreshing & blacklisting for APIs
|
@@ -38,8 +38,8 @@ for cryptographic signing.
|
|
38
38
|
* [Override finding resource](#override-finding-resource)
|
39
39
|
* [Customizing / translating response messages using I18n](#customizing--translating-response-messages-using-i18n)
|
40
40
|
* [Testing](#testing)
|
41
|
-
* [Wiki](https://github.com/prateeksinghbundela/
|
42
|
-
* [Using API Guard with Devise](https://github.com/prateeksinghbundela/
|
41
|
+
* [Wiki](https://github.com/prateeksinghbundela/api_guard_grape_grape/wiki)
|
42
|
+
* [Using API Guard with Devise](https://github.com/prateeksinghbundela/api_guard_grape_grape/wiki/Using-API-Guard-with-Devise)
|
43
43
|
* [Contributing](#contributing)
|
44
44
|
* [License](#license)
|
45
45
|
|
@@ -82,7 +82,7 @@ $ rails db:migrate
|
|
82
82
|
Add [has_secure_password](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password)
|
83
83
|
in `User` model for password authentication.
|
84
84
|
|
85
|
-
> Refer [this Wiki](https://github.com/prateeksinghbundela/
|
85
|
+
> Refer [this Wiki](https://github.com/prateeksinghbundela/api_guard_grape_grape/wiki/Using-API-Guard-with-Devise#authentication) for configuring API Guard authentication to work with Devise instead of using `has_secure_password`.
|
86
86
|
|
87
87
|
```ruby
|
88
88
|
class User < ApplicationRecord
|
@@ -109,12 +109,12 @@ $ bundle install
|
|
109
109
|
Add this line to the application routes (`config/routes.rb`) file:
|
110
110
|
|
111
111
|
```ruby
|
112
|
-
|
112
|
+
api_guard_grape_routes for: 'users'
|
113
113
|
```
|
114
114
|
|
115
115
|
This will generate default routes such as sign up, sign in, sign out, token refresh, password change for User.
|
116
116
|
|
117
|
-
> Refer [this Wiki](https://github.com/prateeksinghbundela/
|
117
|
+
> Refer [this Wiki](https://github.com/prateeksinghbundela/api_guard_grape_grape/wiki/Using-API-Guard-with-Devise#routes) for configuring API Guard routes to work with Devise.
|
118
118
|
|
119
119
|
### Registration
|
120
120
|
|
@@ -128,7 +128,7 @@ POST "/users/sign_up"
|
|
128
128
|
|
129
129
|
# Request body
|
130
130
|
{
|
131
|
-
"email": "user@
|
131
|
+
"email": "user@ApiGuardGrape.com",
|
132
132
|
"password": "api_password",
|
133
133
|
"password_confirmation": "api_password"
|
134
134
|
}
|
@@ -174,7 +174,7 @@ POST "/users/sign_in"
|
|
174
174
|
|
175
175
|
# Request body
|
176
176
|
{
|
177
|
-
"email": "user@
|
177
|
+
"email": "user@ApiGuardGrape.com",
|
178
178
|
"password": "api_password"
|
179
179
|
}
|
180
180
|
```
|
@@ -347,18 +347,18 @@ Example response:
|
|
347
347
|
To configure the API Guard you need to first create an initializer using
|
348
348
|
|
349
349
|
```bash
|
350
|
-
$ rails generate
|
350
|
+
$ rails generate api_guard_grape:initializer
|
351
351
|
```
|
352
352
|
|
353
|
-
This will generate an initializer named **
|
353
|
+
This will generate an initializer named **api_guard_grape.rb** in your app **config/initializers** directory with default
|
354
354
|
configurations.
|
355
355
|
|
356
356
|
### Default configuration
|
357
357
|
|
358
|
-
**config/initializers/
|
358
|
+
**config/initializers/api_guard_grape.rb**
|
359
359
|
|
360
360
|
```ruby
|
361
|
-
|
361
|
+
ApiGuardGrape.setup do |config|
|
362
362
|
# Validity of the JWT access token
|
363
363
|
# Default: 1 day
|
364
364
|
# config.token_validity = 1.day
|
@@ -434,11 +434,11 @@ $ rails db:migrate
|
|
434
434
|
>**Note:** Replace `user` in the above command with your model name if your model is not User.
|
435
435
|
|
436
436
|
After creating model and table for refresh token configure the association in the resource model using
|
437
|
-
`
|
437
|
+
`api_guard_grape_associations` method
|
438
438
|
|
439
439
|
```ruby
|
440
440
|
class User < ApplicationRecord
|
441
|
-
|
441
|
+
api_guard_grape_associations refresh_token: 'refresh_tokens'
|
442
442
|
has_many :refresh_tokens, dependent: :delete_all
|
443
443
|
end
|
444
444
|
```
|
@@ -446,7 +446,7 @@ end
|
|
446
446
|
If you also have token blacklisting enabled you need to specify both associations as below
|
447
447
|
|
448
448
|
```ruby
|
449
|
-
|
449
|
+
api_guard_grape_associations refresh_token: 'refresh_tokens', blacklisted_token: 'blacklisted_tokens'
|
450
450
|
```
|
451
451
|
|
452
452
|
### Token blacklisting
|
@@ -470,11 +470,11 @@ $ rails db:migrate
|
|
470
470
|
>**Note:** Replace `user` in the above command with your model name if your model is not User.
|
471
471
|
|
472
472
|
After creating model and table for blacklisted token configure the association in the resource model using
|
473
|
-
`
|
473
|
+
`api_guard_grape_associations` method
|
474
474
|
|
475
475
|
```ruby
|
476
476
|
class User < ApplicationRecord
|
477
|
-
|
477
|
+
api_guard_grape_associations blacklisted_token: 'blacklisted_tokens'
|
478
478
|
has_many :blacklisted_tokens, dependent: :delete_all
|
479
479
|
end
|
480
480
|
```
|
@@ -482,7 +482,7 @@ end
|
|
482
482
|
If you also have token refreshing enabled you need to specify both associations as below
|
483
483
|
|
484
484
|
```ruby
|
485
|
-
|
485
|
+
api_guard_grape_associations refresh_token: 'refresh_tokens', blacklisted_token: 'blacklisted_tokens'
|
486
486
|
```
|
487
487
|
|
488
488
|
And, as this creates rows in `blacklisted_tokens` table you need to have a mechanism to delete the expired blacklisted
|
@@ -506,7 +506,7 @@ You can override the default API Guard controllers and customize the code as you
|
|
506
506
|
your app
|
507
507
|
|
508
508
|
```bash
|
509
|
-
$ rails generate
|
509
|
+
$ rails generate api_guard_grape:controllers users
|
510
510
|
```
|
511
511
|
|
512
512
|
In above command `users` is the scope of the controllers. If needed, you can replace `users` with your own scope.
|
@@ -516,7 +516,7 @@ This will generate all default controllers for `users` in the directory **app/co
|
|
516
516
|
Then, configure this controller in the routes
|
517
517
|
|
518
518
|
```ruby
|
519
|
-
|
519
|
+
api_guard_grape_routes for: 'users', controller: {
|
520
520
|
registration: 'users/registration',
|
521
521
|
authentication: 'users/authentication',
|
522
522
|
passwords: 'users/passwords',
|
@@ -527,7 +527,7 @@ api_guard_routes for: 'users', controller: {
|
|
527
527
|
You can also specify the controllers that you need to generate using `-c` or `--controllers` option.
|
528
528
|
|
529
529
|
```bash
|
530
|
-
$ rails generate
|
530
|
+
$ rails generate api_guard_grape:controllers users -c registration authentication
|
531
531
|
```
|
532
532
|
|
533
533
|
>**Available controllers:** registration, authentication, tokens, passwords
|
@@ -537,7 +537,7 @@ $ rails generate api_guard:controllers users -c registration authentication
|
|
537
537
|
You can skip specific controller routes generated by API Guard
|
538
538
|
|
539
539
|
```ruby
|
540
|
-
|
540
|
+
api_guard_grape_routes for: 'users', except: [:registration]
|
541
541
|
```
|
542
542
|
|
543
543
|
Above config will skip registration related API Guard controller routes for the resource user.
|
@@ -546,21 +546,21 @@ Above config will skip registration related API Guard controller routes for the
|
|
546
546
|
You can also specify only the controller routes you need,
|
547
547
|
|
548
548
|
```ruby
|
549
|
-
|
549
|
+
api_guard_grape_routes for: 'users', only: [:authentication]
|
550
550
|
```
|
551
551
|
|
552
552
|
>**Available controllers:** registration, authentication, tokens, passwords
|
553
553
|
|
554
554
|
**Customizing the route path:**
|
555
555
|
|
556
|
-
You can customize the path of the default routes of the API Guard using the `
|
556
|
+
You can customize the path of the default routes of the API Guard using the `api_guard_grape_scope` as below,
|
557
557
|
|
558
558
|
```ruby
|
559
|
-
|
559
|
+
api_guard_grape_routes for: 'users', except: [:registration]
|
560
560
|
|
561
|
-
|
562
|
-
post 'account/create' => '
|
563
|
-
delete 'account/delete' => '
|
561
|
+
api_guard_grape_scope 'users' do
|
562
|
+
post 'account/create' => 'api_guard_grape/registration#create'
|
563
|
+
delete 'account/delete' => 'api_guard_grape/registration#destroy'
|
564
564
|
end
|
565
565
|
```
|
566
566
|
|
@@ -626,14 +626,14 @@ locale file and customize the messages for any language.
|
|
626
626
|
|
627
627
|
```yaml
|
628
628
|
en:
|
629
|
-
|
629
|
+
api_guard_grape:
|
630
630
|
authentication:
|
631
631
|
signed_in: 'Signed in successfully'
|
632
632
|
signed_out: 'Signed out successfully'
|
633
633
|
```
|
634
634
|
|
635
635
|
You can find the complete list of available keys in this file:
|
636
|
-
https://github.com/prateeksinghbundela/
|
636
|
+
https://github.com/prateeksinghbundela/api_guard_grape_grape/blob/master/config/locales/en.yml
|
637
637
|
|
638
638
|
## Testing
|
639
639
|
|
@@ -648,7 +648,7 @@ If you're using RSpec as your test framework then include the helper in **spec/r
|
|
648
648
|
|
649
649
|
```ruby
|
650
650
|
RSpec.configure do |config|
|
651
|
-
config.include
|
651
|
+
config.include ApiGuardGrape::Test::ControllerHelper
|
652
652
|
end
|
653
653
|
```
|
654
654
|
|
@@ -657,7 +657,7 @@ end
|
|
657
657
|
If you're using Minitest as your test framework then include the helper in your test file
|
658
658
|
|
659
659
|
```ruby
|
660
|
-
include
|
660
|
+
include ApiGuardGrape::Test::ControllerHelper
|
661
661
|
```
|
662
662
|
|
663
663
|
After including the helper, you can use this method to create the JWT access token and refresh token for the resource
|
@@ -680,7 +680,7 @@ Then, you can set the access token and refresh token in appropriate request head
|
|
680
680
|
|
681
681
|
## Contributing
|
682
682
|
|
683
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/prateeksinghbundela/
|
683
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/prateeksinghbundela/api_guard_grape_grape.
|
684
684
|
This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
|
685
685
|
the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
|
686
686
|
|
data/Rakefile
CHANGED
@@ -10,7 +10,7 @@ require 'rdoc/task'
|
|
10
10
|
|
11
11
|
RDoc::Task.new(:rdoc) do |rdoc|
|
12
12
|
rdoc.rdoc_dir = 'rdoc'
|
13
|
-
rdoc.title = '
|
13
|
+
rdoc.title = 'ApiGuardGrape'
|
14
14
|
rdoc.options << '--line-numbers'
|
15
15
|
rdoc.rdoc_files.include('README.md')
|
16
16
|
rdoc.rdoc_files.include('lib/**/*.rb')
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_dependency '
|
3
|
+
require_dependency 'api_guard_grape/application_controller'
|
4
4
|
|
5
|
-
module
|
5
|
+
module ApiGuardGrape
|
6
6
|
class AuthenticationController < ApplicationController
|
7
7
|
before_action :find_resource, only: [:create]
|
8
8
|
before_action :authenticate_resource, only: [:destroy]
|
@@ -10,22 +10,22 @@ module ApiGuard
|
|
10
10
|
def create
|
11
11
|
if resource.authenticate(params[:password])
|
12
12
|
create_token_and_set_header(resource, resource_name)
|
13
|
-
render_success(message: I18n.t('
|
13
|
+
render_success(message: I18n.t('api_guard_grape.authentication.signed_in'))
|
14
14
|
else
|
15
|
-
render_error(422, message: I18n.t('
|
15
|
+
render_error(422, message: I18n.t('api_guard_grape.authentication.invalid_login_credentials'))
|
16
16
|
end
|
17
17
|
end
|
18
18
|
|
19
19
|
def destroy
|
20
20
|
blacklist_token
|
21
|
-
render_success(message: I18n.t('
|
21
|
+
render_success(message: I18n.t('api_guard_grape.authentication.signed_out'))
|
22
22
|
end
|
23
23
|
|
24
24
|
private
|
25
25
|
|
26
26
|
def find_resource
|
27
27
|
self.resource = resource_class.find_by(email: params[:email].downcase.strip) if params[:email].present?
|
28
|
-
render_error(422, message: I18n.t('
|
28
|
+
render_error(422, message: I18n.t('api_guard_grape.authentication.invalid_login_credentials')) unless resource
|
29
29
|
end
|
30
30
|
end
|
31
31
|
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_dependency '
|
3
|
+
require_dependency 'api_guard_grape/application_controller'
|
4
4
|
|
5
|
-
module
|
5
|
+
module ApiGuardGrape
|
6
6
|
class PasswordsController < ApplicationController
|
7
7
|
before_action :authenticate_resource, only: [:update]
|
8
8
|
|
@@ -10,11 +10,11 @@ module ApiGuard
|
|
10
10
|
invalidate_old_jwt_tokens(current_resource)
|
11
11
|
|
12
12
|
if current_resource.update(password_params)
|
13
|
-
blacklist_token unless
|
13
|
+
blacklist_token unless ApiGuardGrape.invalidate_old_tokens_on_password_change
|
14
14
|
destroy_all_refresh_tokens(current_resource)
|
15
15
|
|
16
16
|
create_token_and_set_header(current_resource, resource_name)
|
17
|
-
render_success(message: I18n.t('
|
17
|
+
render_success(message: I18n.t('api_guard_grape.password.changed'))
|
18
18
|
else
|
19
19
|
render_error(422, object: current_resource)
|
20
20
|
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_dependency '
|
3
|
+
require_dependency 'api_guard_grape/application_controller'
|
4
4
|
|
5
|
-
module
|
5
|
+
module ApiGuardGrape
|
6
6
|
class RegistrationController < ApplicationController
|
7
7
|
before_action :authenticate_resource, only: [:destroy]
|
8
8
|
|
@@ -10,7 +10,7 @@ module ApiGuard
|
|
10
10
|
init_resource(sign_up_params)
|
11
11
|
if resource.save
|
12
12
|
create_token_and_set_header(resource, resource_name)
|
13
|
-
render_success(message: I18n.t('
|
13
|
+
render_success(message: I18n.t('api_guard_grape.registration.signed_up'))
|
14
14
|
else
|
15
15
|
render_error(422, object: resource)
|
16
16
|
end
|
@@ -18,7 +18,7 @@ module ApiGuard
|
|
18
18
|
|
19
19
|
def destroy
|
20
20
|
current_resource.destroy
|
21
|
-
render_success(message: I18n.t('
|
21
|
+
render_success(message: I18n.t('api_guard_grape.registration.account_deleted'))
|
22
22
|
end
|
23
23
|
|
24
24
|
private
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require_dependency '
|
3
|
+
require_dependency 'api_guard_grape/application_controller'
|
4
4
|
|
5
|
-
module
|
5
|
+
module ApiGuardGrape
|
6
6
|
class TokensController < ApplicationController
|
7
7
|
before_action :authenticate_resource, only: [:create]
|
8
8
|
before_action :find_refresh_token, only: [:create]
|
@@ -11,9 +11,9 @@ module ApiGuard
|
|
11
11
|
create_token_and_set_header(current_resource, resource_name)
|
12
12
|
|
13
13
|
@refresh_token.destroy
|
14
|
-
blacklist_token if
|
14
|
+
blacklist_token if ApiGuardGrape.blacklist_token_after_refreshing
|
15
15
|
|
16
|
-
render_success(message: I18n.t('
|
16
|
+
render_success(message: I18n.t('api_guard_grape.access_token.refreshed'))
|
17
17
|
end
|
18
18
|
|
19
19
|
private
|
@@ -23,9 +23,9 @@ module ApiGuard
|
|
23
23
|
|
24
24
|
if refresh_token_from_header
|
25
25
|
@refresh_token = find_refresh_token_of(current_resource, refresh_token_from_header)
|
26
|
-
return render_error(401, message: I18n.t('
|
26
|
+
return render_error(401, message: I18n.t('api_guard_grape.refresh_token.invalid')) unless @refresh_token
|
27
27
|
else
|
28
|
-
render_error(401, message: I18n.t('
|
28
|
+
render_error(401, message: I18n.t('api_guard_grape.refresh_token.missing'))
|
29
29
|
end
|
30
30
|
end
|
31
31
|
end
|
data/config/locales/en.yml
CHANGED
data/config/routes.rb
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require '
|
4
|
-
require '
|
5
|
-
require '
|
3
|
+
require 'api_guard_grape/engine'
|
4
|
+
require 'api_guard_grape/route_mapper'
|
5
|
+
require 'api_guard_grape/modules'
|
6
6
|
|
7
|
-
module
|
8
|
-
autoload :AppSecretKey, '
|
7
|
+
module ApiGuardGrape
|
8
|
+
autoload :AppSecretKey, 'api_guard_grape/app_secret_key'
|
9
9
|
|
10
10
|
module Test
|
11
|
-
autoload :ControllerHelper, '
|
11
|
+
autoload :ControllerHelper, 'api_guard_grape/test/controller_helper'
|
12
12
|
end
|
13
13
|
|
14
14
|
mattr_accessor :token_validity
|
@@ -23,8 +23,8 @@ module ApiGuard
|
|
23
23
|
mattr_accessor :blacklist_token_after_refreshing
|
24
24
|
self.blacklist_token_after_refreshing = false
|
25
25
|
|
26
|
-
mattr_accessor :
|
27
|
-
self.
|
26
|
+
mattr_accessor :api_guard_grape_associations
|
27
|
+
self.api_guard_grape_associations = {}
|
28
28
|
|
29
29
|
mattr_reader :mapped_resource do
|
30
30
|
{}
|
@@ -35,6 +35,6 @@ module ApiGuard
|
|
35
35
|
end
|
36
36
|
|
37
37
|
def self.map_resource(routes_for, class_name)
|
38
|
-
mapped_resource[routes_for.to_sym] =
|
38
|
+
mapped_resource[routes_for.to_sym] = ApiGuardGrape::ResourceMapper.new(routes_for, class_name)
|
39
39
|
end
|
40
40
|
end
|
@@ -1,8 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuardGrape
|
4
4
|
class Engine < ::Rails::Engine
|
5
|
-
isolate_namespace
|
5
|
+
isolate_namespace ApiGuardGrape
|
6
6
|
|
7
7
|
config.generators do |g|
|
8
8
|
g.test_framework :rspec
|
@@ -10,8 +10,8 @@ module ApiGuard
|
|
10
10
|
end
|
11
11
|
|
12
12
|
# Use 'secret_key_base' from Rails secrets if 'token_signing_secret' is not configured
|
13
|
-
initializer '
|
14
|
-
|
13
|
+
initializer 'ApiGuardGrape.token_signing_secret' do |app|
|
14
|
+
ApiGuardGrape.token_signing_secret ||= ApiGuardGrape::AppSecretKey.new(app).detect
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuardGrape
|
4
4
|
module JwtAuth
|
5
5
|
# Common module for API authentication
|
6
6
|
module Authentication
|
@@ -25,17 +25,17 @@ module ApiGuard
|
|
25
25
|
@resource_name = resource_name
|
26
26
|
|
27
27
|
@token = request.headers['Authorization']&.split('Bearer ')&.last
|
28
|
-
return render_error(401, message: I18n.t('
|
28
|
+
return render_error(401, message: I18n.t('api_guard_grape.access_token.missing')) unless @token
|
29
29
|
|
30
30
|
authenticate_token
|
31
31
|
|
32
32
|
# Render error response only if no resource found and no previous render happened
|
33
|
-
render_error(401, message: I18n.t('
|
33
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid')) if !current_resource && !performed?
|
34
34
|
rescue JWT::DecodeError => e
|
35
35
|
if e.message == 'Signature has expired'
|
36
|
-
render_error(401, message: I18n.t('
|
36
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.expired'))
|
37
37
|
else
|
38
|
-
render_error(401, message: I18n.t('
|
38
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid'))
|
39
39
|
end
|
40
40
|
end
|
41
41
|
|
@@ -50,7 +50,7 @@ module ApiGuard
|
|
50
50
|
# Returns whether the JWT token is issued after the last password change
|
51
51
|
# Returns true if password hasn't changed by the user
|
52
52
|
def self.valid_issued_at?(resource)
|
53
|
-
return true unless
|
53
|
+
return true unless ApiGuardGrape.invalidate_old_tokens_on_password_change
|
54
54
|
|
55
55
|
!resource.token_issued_at || @decoded_token[:iat] >= resource.token_issued_at.to_i
|
56
56
|
end
|
@@ -77,7 +77,7 @@ module ApiGuard
|
|
77
77
|
if resource && valid_issued_at?(resource) && !blacklisted?(resource)
|
78
78
|
define_current_resource_accessors(resource)
|
79
79
|
else
|
80
|
-
render_error(401, message: I18n.t('
|
80
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid'))
|
81
81
|
end
|
82
82
|
end
|
83
83
|
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
require 'jwt'
|
4
4
|
|
5
|
-
module
|
5
|
+
module ApiGuardGrape
|
6
6
|
module JwtAuth
|
7
7
|
# Common module for JWT operations
|
8
8
|
module JsonWebToken
|
@@ -11,7 +11,7 @@ module ApiGuard
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.token_expire_at
|
14
|
-
@token_expire_at ||= (current_time +
|
14
|
+
@token_expire_at ||= (current_time + ApiGuardGrape.token_validity).to_i
|
15
15
|
end
|
16
16
|
|
17
17
|
def self.token_issued_at
|
@@ -20,13 +20,13 @@ module ApiGuard
|
|
20
20
|
|
21
21
|
# Encode the payload with the secret key and return the JWT token
|
22
22
|
def self.encode(payload)
|
23
|
-
JWT.encode(payload,
|
23
|
+
JWT.encode(payload, ApiGuardGrape.token_signing_secret)
|
24
24
|
end
|
25
25
|
|
26
26
|
# Decode the JWT token and return the payload
|
27
27
|
def self.decode(token, verify = true)
|
28
28
|
HashWithIndifferentAccess.new(
|
29
|
-
JWT.decode(token,
|
29
|
+
JWT.decode(token, ApiGuardGrape.token_signing_secret, verify, verify_iat: true)[0]
|
30
30
|
)
|
31
31
|
end
|
32
32
|
|
@@ -63,7 +63,7 @@ module ApiGuard
|
|
63
63
|
# Set token issued at to current timestamp
|
64
64
|
# to restrict access to old access(JWT) tokens
|
65
65
|
def self.invalidate_old_jwt_tokens(resource)
|
66
|
-
return unless
|
66
|
+
return unless ApiGuardGrape.invalidate_old_tokens_on_password_change
|
67
67
|
|
68
68
|
resource.token_issued_at = Time.at(token_issued_at).utc
|
69
69
|
end
|
@@ -160,17 +160,17 @@ module ApiGuard
|
|
160
160
|
@resource_name = resource_name
|
161
161
|
|
162
162
|
@token = request.headers['Authorization']&.split('Bearer ')&.last
|
163
|
-
return render_error(401, message: I18n.t('
|
163
|
+
return render_error(401, message: I18n.t('api_guard_grape.access_token.missing')) unless @token
|
164
164
|
|
165
165
|
authenticate_token
|
166
166
|
|
167
167
|
# Render error response only if no resource found and no previous render happened
|
168
|
-
render_error(401, message: I18n.t('
|
168
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid')) if !current_resource && !performed?
|
169
169
|
rescue JWT::DecodeError => e
|
170
170
|
if e.message == 'Signature has expired'
|
171
|
-
render_error(401, message: I18n.t('
|
171
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.expired'))
|
172
172
|
else
|
173
|
-
render_error(401, message: I18n.t('
|
173
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid'))
|
174
174
|
end
|
175
175
|
end
|
176
176
|
|
@@ -185,7 +185,7 @@ module ApiGuard
|
|
185
185
|
# Returns whether the JWT token is issued after the last password change
|
186
186
|
# Returns true if password hasn't changed by the user
|
187
187
|
def self.valid_issued_at?(resource)
|
188
|
-
return true unless
|
188
|
+
return true unless ApiGuardGrape.invalidate_old_tokens_on_password_change
|
189
189
|
|
190
190
|
!resource.token_issued_at || @decoded_token[:iat] >= resource.token_issued_at.to_i
|
191
191
|
end
|
@@ -212,7 +212,7 @@ module ApiGuard
|
|
212
212
|
if resource && valid_issued_at?(resource) && !blacklisted?(resource)
|
213
213
|
define_current_resource_accessors(resource)
|
214
214
|
else
|
215
|
-
render_error(401, message: I18n.t('
|
215
|
+
render_error(401, message: I18n.t('api_guard_grape.access_token.invalid'))
|
216
216
|
end
|
217
217
|
end
|
218
218
|
|
@@ -0,0 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module ApiGuardGrape
|
4
|
+
module Models
|
5
|
+
module Concerns
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
class_methods do
|
9
|
+
def api_guard_grape_associations(refresh_token: nil, blacklisted_token: nil)
|
10
|
+
return if ApiGuardGrape.api_guard_grape_associations[name]
|
11
|
+
|
12
|
+
ApiGuardGrape.api_guard_grape_associations[name] = {}
|
13
|
+
ApiGuardGrape.api_guard_grape_associations[name][:refresh_token] = refresh_token
|
14
|
+
ApiGuardGrape.api_guard_grape_associations[name][:blacklisted_token] = blacklisted_token
|
15
|
+
end
|
16
|
+
|
17
|
+
def refresh_token_association
|
18
|
+
ApiGuardGrape.api_guard_grape_associations.dig(name, :refresh_token)
|
19
|
+
end
|
20
|
+
|
21
|
+
def blacklisted_token_association
|
22
|
+
ApiGuardGrape.api_guard_grape_associations.dig(name, :blacklisted_token)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard_grape/resource_mapper'
|
4
|
+
require 'api_guard_grape/jwt_auth/json_web_token'
|
5
|
+
require 'api_guard_grape/jwt_auth/authentication'
|
6
|
+
require 'api_guard_grape/jwt_auth/refresh_jwt_token'
|
7
|
+
require 'api_guard_grape/jwt_auth/blacklist_token'
|
8
|
+
require 'api_guard_grape/response_formatters/renderer'
|
9
|
+
require 'api_guard_grape/models/concerns'
|
10
|
+
|
11
|
+
module ApiGuardGrape
|
12
|
+
module Modules
|
13
|
+
ActiveSupport.on_load(:action_controller) do
|
14
|
+
include ApiGuardGrape::Resource
|
15
|
+
include ApiGuardGrape::JwtAuth::JsonWebToken
|
16
|
+
include ApiGuardGrape::JwtAuth::Authentication
|
17
|
+
include ApiGuardGrape::JwtAuth::RefreshJwtToken
|
18
|
+
include ApiGuardGrape::JwtAuth::BlacklistToken
|
19
|
+
include ApiGuardGrape::ResponseFormatters::Renderer
|
20
|
+
end
|
21
|
+
|
22
|
+
ActiveSupport.on_load(:active_record) do
|
23
|
+
include ApiGuardGrape::Models::Concerns
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuardGrape
|
4
4
|
class ResourceMapper
|
5
5
|
attr_reader :resource_name, :resource_class, :resource_instance_name
|
6
6
|
|
7
7
|
def initialize(routes_for, class_name)
|
8
8
|
@resource_name = routes_for.singularize
|
9
9
|
@resource_class = class_name.constantize
|
10
|
-
@resource_instance_name = "@
|
10
|
+
@resource_instance_name = "@api_guard_grape_#{routes_for}"
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
@@ -21,7 +21,7 @@ module ApiGuard
|
|
21
21
|
end
|
22
22
|
|
23
23
|
def current_resource_mapping
|
24
|
-
request.env['
|
24
|
+
request.env['api_guard_grape.mapping']
|
25
25
|
end
|
26
26
|
|
27
27
|
def resource_name
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuardGrape
|
4
4
|
module ResponseFormatters
|
5
5
|
module Renderer
|
6
6
|
def render_success(data: nil, message: nil)
|
7
|
-
resp_data = { status: I18n.t('
|
7
|
+
resp_data = { status: I18n.t('api_guard_grape.response.success') }
|
8
8
|
resp_data[:message] = message if message
|
9
9
|
resp_data[:data] = data if data
|
10
10
|
|
@@ -12,7 +12,7 @@ module ApiGuard
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def render_error(status, options = {})
|
15
|
-
data = { status: I18n.t('
|
15
|
+
data = { status: I18n.t('api_guard_grape.response.error') }
|
16
16
|
data[:error] = options[:object] ? options[:object].errors.full_messages[0] : options[:message]
|
17
17
|
|
18
18
|
render json: data, status: status
|
@@ -7,7 +7,7 @@
|
|
7
7
|
module ActionDispatch
|
8
8
|
module Routing
|
9
9
|
class Mapper
|
10
|
-
def
|
10
|
+
def api_guard_grape_routes(options = {})
|
11
11
|
routes_for = options.delete(:for).to_s || 'users'
|
12
12
|
|
13
13
|
controllers = default_controllers(options[:only], options[:except])
|
@@ -16,19 +16,19 @@ module ActionDispatch
|
|
16
16
|
options[:as] = options[:as] || routes_for.singularize
|
17
17
|
options[:path] = options[:path] || routes_for
|
18
18
|
|
19
|
-
|
19
|
+
api_guard_grape_scope(routes_for) do |mapped_resource|
|
20
20
|
scope options do
|
21
21
|
generate_routes(mapped_resource, controller_options, controllers)
|
22
22
|
end
|
23
23
|
end
|
24
24
|
end
|
25
25
|
|
26
|
-
def
|
27
|
-
mapped_resource =
|
28
|
-
|
26
|
+
def api_guard_grape_scope(routes_for)
|
27
|
+
mapped_resource = ApiGuardGrape.mapped_resource[routes_for.to_sym].presence ||
|
28
|
+
ApiGuardGrape.map_resource(routes_for, routes_for.classify)
|
29
29
|
|
30
30
|
constraint = lambda do |request|
|
31
|
-
request.env['
|
31
|
+
request.env['api_guard_grape.mapping'] = mapped_resource
|
32
32
|
true
|
33
33
|
end
|
34
34
|
|
@@ -56,27 +56,27 @@ module ActionDispatch
|
|
56
56
|
end
|
57
57
|
|
58
58
|
def authentication_routes(controller_name = nil)
|
59
|
-
controller_name ||= '
|
59
|
+
controller_name ||= 'api_guard_grape/authentication'
|
60
60
|
|
61
61
|
post 'sign_in' => "#{controller_name}#create"
|
62
62
|
delete 'sign_out' => "#{controller_name}#destroy"
|
63
63
|
end
|
64
64
|
|
65
65
|
def registration_routes(controller_name = nil)
|
66
|
-
controller_name ||= '
|
66
|
+
controller_name ||= 'api_guard_grape/registration'
|
67
67
|
|
68
68
|
post 'sign_up' => "#{controller_name}#create"
|
69
69
|
delete 'delete' => "#{controller_name}#destroy"
|
70
70
|
end
|
71
71
|
|
72
72
|
def passwords_routes(controller_name = nil)
|
73
|
-
controller_name ||= '
|
73
|
+
controller_name ||= 'api_guard_grape/passwords'
|
74
74
|
|
75
75
|
patch 'passwords' => "#{controller_name}#update"
|
76
76
|
end
|
77
77
|
|
78
78
|
def tokens_routes(controller_name = nil)
|
79
|
-
controller_name ||= '
|
79
|
+
controller_name ||= 'api_guard_grape/tokens'
|
80
80
|
|
81
81
|
post 'tokens' => "#{controller_name}#create"
|
82
82
|
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'api_guard_grape/jwt_auth/json_web_token'
|
4
|
+
require 'api_guard_grape/jwt_auth/refresh_jwt_token'
|
5
|
+
|
6
|
+
module ApiGuardGrape
|
7
|
+
module Test
|
8
|
+
module ControllerHelper
|
9
|
+
include ApiGuardGrape::JwtAuth::JsonWebToken
|
10
|
+
include ApiGuardGrape::JwtAuth::RefreshJwtToken
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/authentication_controller.rb
RENAMED
@@ -1,27 +1,27 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class AuthenticationController <
|
2
|
+
class AuthenticationController < ApiGuardGrape::AuthenticationController
|
3
3
|
# before_action :find_resource, only: [:create]
|
4
4
|
# before_action :authenticate_resource, only: [:destroy]
|
5
5
|
|
6
6
|
# def create
|
7
7
|
# if resource.authenticate(params[:password])
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard_grape.authentication.signed_in'))
|
10
10
|
# else
|
11
|
-
# render_error(422, message: I18n.t('
|
11
|
+
# render_error(422, message: I18n.t('api_guard_grape.authentication.invalid_login_credentials'))
|
12
12
|
# end
|
13
13
|
# end
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# blacklist_token
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard_grape.authentication.signed_out'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
21
21
|
|
22
22
|
# def find_resource
|
23
23
|
# self.resource = resource_class.find_by(email: params[:email].downcase.strip) if params[:email].present?
|
24
|
-
# render_error(422, message: I18n.t('
|
24
|
+
# render_error(422, message: I18n.t('api_guard_grape.authentication.invalid_login_credentials')) unless resource
|
25
25
|
# end
|
26
26
|
end
|
27
27
|
end
|
data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/passwords_controller.rb
RENAMED
@@ -1,16 +1,16 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class PasswordsController <
|
2
|
+
class PasswordsController < ApiGuardGrape::PasswordsController
|
3
3
|
# before_action :authenticate_resource, only: [:update]
|
4
4
|
|
5
5
|
# def update
|
6
6
|
# invalidate_old_jwt_tokens(current_resource)
|
7
7
|
#
|
8
8
|
# if current_resource.update_attributes(password_params)
|
9
|
-
# blacklist_token unless
|
9
|
+
# blacklist_token unless ApiGuardGrape.invalidate_old_tokens_on_password_change
|
10
10
|
# destroy_all_refresh_tokens(current_resource)
|
11
11
|
#
|
12
12
|
# create_token_and_set_header(current_resource, resource_name)
|
13
|
-
# render_success(message: I18n.t('
|
13
|
+
# render_success(message: I18n.t('api_guard_grape.password.changed'))
|
14
14
|
# else
|
15
15
|
# render_error(422, object: current_resource)
|
16
16
|
# end
|
data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/registration_controller.rb
RENAMED
@@ -1,12 +1,12 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class RegistrationController <
|
2
|
+
class RegistrationController < ApiGuardGrape::RegistrationController
|
3
3
|
# before_action :authenticate_resource, only: [:destroy]
|
4
4
|
|
5
5
|
# def create
|
6
6
|
# init_resource(sign_up_params)
|
7
7
|
# if resource.save
|
8
8
|
# create_token_and_set_header(resource, resource_name)
|
9
|
-
# render_success(message: I18n.t('
|
9
|
+
# render_success(message: I18n.t('api_guard_grape.registration.signed_up'))
|
10
10
|
# else
|
11
11
|
# render_error(422, object: resource)
|
12
12
|
# end
|
@@ -14,7 +14,7 @@ module <%= @controller_scope %>
|
|
14
14
|
|
15
15
|
# def destroy
|
16
16
|
# current_resource.destroy
|
17
|
-
# render_success(message: I18n.t('
|
17
|
+
# render_success(message: I18n.t('api_guard_grape.registration.account_deleted'))
|
18
18
|
# end
|
19
19
|
|
20
20
|
# private
|
data/lib/generators/{api_guard → api_guard_grape}/controllers/templates/tokens_controller.rb
RENAMED
@@ -1,5 +1,5 @@
|
|
1
1
|
module <%= @controller_scope %>
|
2
|
-
class TokensController <
|
2
|
+
class TokensController < ApiGuardGrape::TokensController
|
3
3
|
# before_action :authenticate_resource, only: [:create]
|
4
4
|
# before_action :find_refresh_token, only: [:create]
|
5
5
|
|
@@ -7,9 +7,9 @@ module <%= @controller_scope %>
|
|
7
7
|
# create_token_and_set_header(current_resource, resource_name)
|
8
8
|
#
|
9
9
|
# @refresh_token.destroy
|
10
|
-
# blacklist_token if
|
10
|
+
# blacklist_token if ApiGuardGrape.blacklist_token_after_refreshing
|
11
11
|
#
|
12
|
-
# render_success(message: I18n.t('
|
12
|
+
# render_success(message: I18n.t('api_guard_grape.access_token.refreshed'))
|
13
13
|
# end
|
14
14
|
|
15
15
|
# private
|
@@ -19,9 +19,9 @@ module <%= @controller_scope %>
|
|
19
19
|
#
|
20
20
|
# if refresh_token_from_header
|
21
21
|
# @refresh_token = find_refresh_token_of(current_resource, refresh_token_from_header)
|
22
|
-
# return render_error(401, message: I18n.t('
|
22
|
+
# return render_error(401, message: I18n.t('api_guard_grape.refresh_token.invalid')) unless @refresh_token
|
23
23
|
# else
|
24
|
-
# render_error(401, message: I18n.t('
|
24
|
+
# render_error(401, message: I18n.t('api_guard_grape.refresh_token.missing'))
|
25
25
|
# end
|
26
26
|
# end
|
27
27
|
end
|
@@ -1,13 +1,13 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
module
|
3
|
+
module ApiGuardGrape
|
4
4
|
class InitializerGenerator < Rails::Generators::Base
|
5
5
|
source_root File.expand_path('templates', __dir__)
|
6
6
|
|
7
7
|
desc 'Creates initializer for configuring API Guard'
|
8
8
|
|
9
9
|
def create_initializer
|
10
|
-
copy_file 'initializer.rb', 'config/initializers/
|
10
|
+
copy_file 'initializer.rb', 'config/initializers/api_guard_grape.rb'
|
11
11
|
end
|
12
12
|
end
|
13
13
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: api_guard_grape
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Prateek Singh
|
@@ -146,37 +146,37 @@ files:
|
|
146
146
|
- MIT-LICENSE
|
147
147
|
- README.md
|
148
148
|
- Rakefile
|
149
|
-
- app/controllers/
|
150
|
-
- app/controllers/
|
151
|
-
- app/controllers/
|
152
|
-
- app/controllers/
|
153
|
-
- app/controllers/
|
149
|
+
- app/controllers/api_guard_grape/application_controller.rb
|
150
|
+
- app/controllers/api_guard_grape/authentication_controller.rb
|
151
|
+
- app/controllers/api_guard_grape/passwords_controller.rb
|
152
|
+
- app/controllers/api_guard_grape/registration_controller.rb
|
153
|
+
- app/controllers/api_guard_grape/tokens_controller.rb
|
154
154
|
- config/locales/en.yml
|
155
155
|
- config/routes.rb
|
156
|
-
- lib/
|
157
|
-
- lib/
|
158
|
-
- lib/
|
159
|
-
- lib/
|
160
|
-
- lib/
|
161
|
-
- lib/
|
162
|
-
- lib/
|
163
|
-
- lib/
|
164
|
-
- lib/
|
165
|
-
- lib/
|
166
|
-
- lib/
|
167
|
-
- lib/
|
168
|
-
- lib/
|
169
|
-
- lib/
|
170
|
-
- lib/generators/
|
171
|
-
- lib/generators/
|
172
|
-
- lib/generators/
|
173
|
-
- lib/generators/
|
174
|
-
- lib/generators/
|
175
|
-
- lib/generators/
|
176
|
-
- lib/generators/
|
177
|
-
- lib/generators/
|
178
|
-
- lib/generators/
|
179
|
-
homepage: https://github.com/prateeksinghbundela/
|
156
|
+
- lib/api_guard_grape.rb
|
157
|
+
- lib/api_guard_grape/app_secret_key.rb
|
158
|
+
- lib/api_guard_grape/engine.rb
|
159
|
+
- lib/api_guard_grape/jwt_auth/authentication.rb
|
160
|
+
- lib/api_guard_grape/jwt_auth/blacklist_token.rb
|
161
|
+
- lib/api_guard_grape/jwt_auth/json_web_token.rb
|
162
|
+
- lib/api_guard_grape/jwt_auth/refresh_jwt_token.rb
|
163
|
+
- lib/api_guard_grape/models/concerns.rb
|
164
|
+
- lib/api_guard_grape/modules.rb
|
165
|
+
- lib/api_guard_grape/resource_mapper.rb
|
166
|
+
- lib/api_guard_grape/response_formatters/renderer.rb
|
167
|
+
- lib/api_guard_grape/route_mapper.rb
|
168
|
+
- lib/api_guard_grape/test/controller_helper.rb
|
169
|
+
- lib/api_guard_grape/version.rb
|
170
|
+
- lib/generators/api_guard_grape/controllers/USAGE
|
171
|
+
- lib/generators/api_guard_grape/controllers/controllers_generator.rb
|
172
|
+
- lib/generators/api_guard_grape/controllers/templates/authentication_controller.rb
|
173
|
+
- lib/generators/api_guard_grape/controllers/templates/passwords_controller.rb
|
174
|
+
- lib/generators/api_guard_grape/controllers/templates/registration_controller.rb
|
175
|
+
- lib/generators/api_guard_grape/controllers/templates/tokens_controller.rb
|
176
|
+
- lib/generators/api_guard_grape/initializer/USAGE
|
177
|
+
- lib/generators/api_guard_grape/initializer/initializer_generator.rb
|
178
|
+
- lib/generators/api_guard_grape/initializer/templates/initializer.rb
|
179
|
+
homepage: https://github.com/prateeksinghbundela/api_guard_grape
|
180
180
|
licenses:
|
181
181
|
- MIT
|
182
182
|
metadata: {}
|
@@ -1,27 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module ApiGuard
|
4
|
-
module Models
|
5
|
-
module Concerns
|
6
|
-
extend ActiveSupport::Concern
|
7
|
-
|
8
|
-
class_methods do
|
9
|
-
def api_guard_associations(refresh_token: nil, blacklisted_token: nil)
|
10
|
-
return if ApiGuard.api_guard_associations[name]
|
11
|
-
|
12
|
-
ApiGuard.api_guard_associations[name] = {}
|
13
|
-
ApiGuard.api_guard_associations[name][:refresh_token] = refresh_token
|
14
|
-
ApiGuard.api_guard_associations[name][:blacklisted_token] = blacklisted_token
|
15
|
-
end
|
16
|
-
|
17
|
-
def refresh_token_association
|
18
|
-
ApiGuard.api_guard_associations.dig(name, :refresh_token)
|
19
|
-
end
|
20
|
-
|
21
|
-
def blacklisted_token_association
|
22
|
-
ApiGuard.api_guard_associations.dig(name, :blacklisted_token)
|
23
|
-
end
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
data/lib/api_guard/modules.rb
DELETED
@@ -1,26 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'api_guard/resource_mapper'
|
4
|
-
require 'api_guard/jwt_auth/json_web_token'
|
5
|
-
require 'api_guard/jwt_auth/authentication'
|
6
|
-
require 'api_guard/jwt_auth/refresh_jwt_token'
|
7
|
-
require 'api_guard/jwt_auth/blacklist_token'
|
8
|
-
require 'api_guard/response_formatters/renderer'
|
9
|
-
require 'api_guard/models/concerns'
|
10
|
-
|
11
|
-
module ApiGuard
|
12
|
-
module Modules
|
13
|
-
ActiveSupport.on_load(:action_controller) do
|
14
|
-
include ApiGuard::Resource
|
15
|
-
include ApiGuard::JwtAuth::JsonWebToken
|
16
|
-
include ApiGuard::JwtAuth::Authentication
|
17
|
-
include ApiGuard::JwtAuth::RefreshJwtToken
|
18
|
-
include ApiGuard::JwtAuth::BlacklistToken
|
19
|
-
include ApiGuard::ResponseFormatters::Renderer
|
20
|
-
end
|
21
|
-
|
22
|
-
ActiveSupport.on_load(:active_record) do
|
23
|
-
include ApiGuard::Models::Concerns
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
@@ -1,13 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'api_guard/jwt_auth/json_web_token'
|
4
|
-
require 'api_guard/jwt_auth/refresh_jwt_token'
|
5
|
-
|
6
|
-
module ApiGuard
|
7
|
-
module Test
|
8
|
-
module ControllerHelper
|
9
|
-
include ApiGuard::JwtAuth::JsonWebToken
|
10
|
-
include ApiGuard::JwtAuth::RefreshJwtToken
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|