devise-api 0.0.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rspec +2 -0
- data/.rubocop.yml +3 -0
- data/Gemfile +30 -2
- data/Gemfile.lock +80 -2
- data/README.md +193 -5
- data/Rakefile +3 -7
- data/app/controllers/devise/api/tokens_controller.rb +146 -0
- data/app/services/devise/api/base_service.rb +20 -0
- data/app/services/devise/api/resource_owner_service/authenticate.rb +28 -0
- data/app/services/devise/api/resource_owner_service/sign_in.rb +31 -0
- data/app/services/devise/api/resource_owner_service/sign_up.rb +35 -0
- data/app/services/devise/api/tokens_service/create.rb +45 -0
- data/app/services/devise/api/tokens_service/refresh.rb +26 -0
- data/app/services/devise/api/tokens_service/revoke.rb +19 -0
- data/config/locales/en.yml +22 -0
- data/devise-api.gemspec +12 -4
- data/lib/devise/api/configuration.rb +44 -0
- data/lib/devise/api/controllers/helpers.rb +93 -0
- data/lib/devise/api/generators/install_generator.rb +62 -0
- data/lib/devise/api/generators/templates/migration.rb.erb +16 -0
- data/lib/devise/api/rails/engine.rb +11 -0
- data/lib/devise/api/rails/routes.rb +24 -0
- data/lib/devise/api/responses/error_response.rb +120 -0
- data/lib/devise/api/responses/token_response.rb +76 -0
- data/lib/devise/api/token.rb +88 -0
- data/lib/devise/api/version.rb +1 -1
- data/lib/devise/api.rb +44 -3
- metadata +104 -15
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'active_record'
|
|
4
|
+
|
|
5
|
+
module Devise
|
|
6
|
+
module Api
|
|
7
|
+
class Token < ::ActiveRecord::Base
|
|
8
|
+
self.table_name = 'devise_api_tokens'
|
|
9
|
+
|
|
10
|
+
# associations
|
|
11
|
+
belongs_to :resource_owner,
|
|
12
|
+
polymorphic: true,
|
|
13
|
+
optional: false
|
|
14
|
+
belongs_to :previous_refresh,
|
|
15
|
+
class_name: Devise.api.config.base_token_model,
|
|
16
|
+
foreign_key: :previous_refresh_token,
|
|
17
|
+
primary_key: :refresh_token,
|
|
18
|
+
optional: true
|
|
19
|
+
has_many :refreshes,
|
|
20
|
+
class_name: Devise.api.config.base_token_model,
|
|
21
|
+
foreign_key: :previous_refresh_token,
|
|
22
|
+
primary_key: :refresh_token
|
|
23
|
+
|
|
24
|
+
# validations
|
|
25
|
+
validates :access_token, presence: true, uniqueness: true
|
|
26
|
+
validates :refresh_token,
|
|
27
|
+
presence: true,
|
|
28
|
+
uniqueness: true,
|
|
29
|
+
if: -> { Devise.api.config.refresh_token.enabled }
|
|
30
|
+
validates :expires_in,
|
|
31
|
+
presence: true,
|
|
32
|
+
numericality: { greater_than: 0 },
|
|
33
|
+
unless: -> { Devise.api.config.access_token.expires_in_infinite.call(resource_owner) }
|
|
34
|
+
|
|
35
|
+
def revoked?
|
|
36
|
+
revoked_at.present?
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def active?
|
|
40
|
+
!inactive?
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def inactive?
|
|
44
|
+
revoked? && expired?
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def expired?
|
|
48
|
+
return false if Devise.api.config.access_token.expires_in_infinite.call(resource_owner)
|
|
49
|
+
|
|
50
|
+
!!(expires_in && Time.now.utc > expires_at)
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def refresh_token_expired?
|
|
54
|
+
return false unless Devise.api.config.refresh_token.expires_in_infinite.call(resource_owner)
|
|
55
|
+
|
|
56
|
+
Time.now.utc > refresh_token_expires_at
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def self.generate_uniq_access_token(resource_owner)
|
|
60
|
+
loop do
|
|
61
|
+
token = Devise.api.config.access_token.generator.call(resource_owner)
|
|
62
|
+
|
|
63
|
+
break token unless Devise.api.config.base_token_model.constantize.exists?(access_token: token)
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def self.generate_uniq_refresh_token(resource_owner)
|
|
68
|
+
return nil unless Devise.api.config.refresh_token.enabled
|
|
69
|
+
|
|
70
|
+
loop do
|
|
71
|
+
token = Devise.api.config.refresh_token.generator.call(resource_owner)
|
|
72
|
+
|
|
73
|
+
break token unless Devise.api.config.base_token_model.constantize.exists?(refresh_token: token)
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
private
|
|
78
|
+
|
|
79
|
+
def expires_at
|
|
80
|
+
created_at + expires_in.seconds
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def refresh_token_expires_at
|
|
84
|
+
created_at + Devise.api.config.refresh_token.expires_in.seconds
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
data/lib/devise/api/version.rb
CHANGED
data/lib/devise/api.rb
CHANGED
|
@@ -1,10 +1,51 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'devise'
|
|
4
|
+
require 'active_support/concern'
|
|
5
|
+
require_relative 'api/configuration'
|
|
3
6
|
require_relative 'api/version'
|
|
7
|
+
require_relative 'api/controllers/helpers'
|
|
8
|
+
require_relative 'api/responses/error_response'
|
|
9
|
+
require_relative 'api/responses/token_response'
|
|
10
|
+
require_relative 'api/generators/install_generator'
|
|
4
11
|
|
|
12
|
+
# rubocop:disable Style/ClassVars
|
|
5
13
|
module Devise
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
14
|
+
mattr_accessor :api
|
|
15
|
+
@@api = Devise::Api::Configuration.new
|
|
16
|
+
|
|
17
|
+
module Models
|
|
18
|
+
module Api
|
|
19
|
+
extend ActiveSupport::Concern
|
|
20
|
+
|
|
21
|
+
included do
|
|
22
|
+
has_many :access_tokens,
|
|
23
|
+
class_name: Devise.api.config.base_token_model,
|
|
24
|
+
dependent: :destroy,
|
|
25
|
+
as: :resource_owner
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
class_methods do
|
|
29
|
+
def supported_devise_modules
|
|
30
|
+
devise_modules.inquiry
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
9
34
|
end
|
|
35
|
+
|
|
36
|
+
module Api; end
|
|
37
|
+
|
|
38
|
+
add_module :api,
|
|
39
|
+
strategy: false,
|
|
40
|
+
controller: :tokens,
|
|
41
|
+
route: { api: %i[revoke refresh sign_up sign_in info] }
|
|
42
|
+
end
|
|
43
|
+
# rubocop:enable Style/ClassVars
|
|
44
|
+
|
|
45
|
+
ActiveSupport.on_load(:action_controller) do
|
|
46
|
+
include Devise::Api::Controllers::Helpers
|
|
10
47
|
end
|
|
48
|
+
|
|
49
|
+
require_relative 'api/token'
|
|
50
|
+
require_relative 'api/rails/engine'
|
|
51
|
+
require_relative 'api/rails/routes'
|
metadata
CHANGED
|
@@ -1,52 +1,119 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nejdetkadir
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-01-
|
|
11
|
+
date: 2023-01-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: devise
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 4.7.2
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: 4.7.2
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
|
-
name:
|
|
28
|
+
name: dry-configurable
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
|
+
- - "~>"
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '1.0'
|
|
31
34
|
- - ">="
|
|
32
35
|
- !ruby/object:Gem::Version
|
|
33
|
-
version:
|
|
36
|
+
version: 1.0.1
|
|
34
37
|
type: :runtime
|
|
35
38
|
prerelease: false
|
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
40
|
requirements:
|
|
41
|
+
- - "~>"
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
version: '1.0'
|
|
38
44
|
- - ">="
|
|
39
45
|
- !ruby/object:Gem::Version
|
|
40
|
-
version:
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
46
|
+
version: 1.0.1
|
|
47
|
+
- !ruby/object:Gem::Dependency
|
|
48
|
+
name: dry-initializer
|
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
|
50
|
+
requirements:
|
|
51
|
+
- - ">="
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: 3.1.1
|
|
54
|
+
type: :runtime
|
|
55
|
+
prerelease: false
|
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
57
|
+
requirements:
|
|
58
|
+
- - ">="
|
|
59
|
+
- !ruby/object:Gem::Version
|
|
60
|
+
version: 3.1.1
|
|
61
|
+
- !ruby/object:Gem::Dependency
|
|
62
|
+
name: dry-monads
|
|
63
|
+
requirement: !ruby/object:Gem::Requirement
|
|
64
|
+
requirements:
|
|
65
|
+
- - ">="
|
|
66
|
+
- !ruby/object:Gem::Version
|
|
67
|
+
version: 1.6.0
|
|
68
|
+
type: :runtime
|
|
69
|
+
prerelease: false
|
|
70
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
71
|
+
requirements:
|
|
72
|
+
- - ">="
|
|
73
|
+
- !ruby/object:Gem::Version
|
|
74
|
+
version: 1.6.0
|
|
75
|
+
- !ruby/object:Gem::Dependency
|
|
76
|
+
name: dry-types
|
|
77
|
+
requirement: !ruby/object:Gem::Requirement
|
|
78
|
+
requirements:
|
|
79
|
+
- - ">="
|
|
80
|
+
- !ruby/object:Gem::Version
|
|
81
|
+
version: 1.7.0
|
|
82
|
+
type: :runtime
|
|
83
|
+
prerelease: false
|
|
84
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
85
|
+
requirements:
|
|
86
|
+
- - ">="
|
|
87
|
+
- !ruby/object:Gem::Version
|
|
88
|
+
version: 1.7.0
|
|
89
|
+
- !ruby/object:Gem::Dependency
|
|
90
|
+
name: rails
|
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
|
92
|
+
requirements:
|
|
93
|
+
- - ">="
|
|
94
|
+
- !ruby/object:Gem::Version
|
|
95
|
+
version: 6.0.0
|
|
96
|
+
type: :runtime
|
|
97
|
+
prerelease: false
|
|
98
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
99
|
+
requirements:
|
|
100
|
+
- - ">="
|
|
101
|
+
- !ruby/object:Gem::Version
|
|
102
|
+
version: 6.0.0
|
|
103
|
+
description: The devise-api gem is a convenient way to add authentication to your
|
|
104
|
+
Ruby on Rails application using the devise gem. It provides support for access tokens
|
|
105
|
+
and refresh tokens, which allow you to authenticate API requests and keep the user's
|
|
106
|
+
session active for a longer period of time on the client side. It can be installed
|
|
107
|
+
by adding the gem to your Gemfile, running migrations, and adding the :api module
|
|
108
|
+
to your devise model. The gem is fully configurable, allowing you to set things
|
|
109
|
+
like token expiration times and token generators.
|
|
44
110
|
email:
|
|
45
111
|
- nejdetkadir.550@gmail.com
|
|
46
112
|
executables: []
|
|
47
113
|
extensions: []
|
|
48
114
|
extra_rdoc_files: []
|
|
49
115
|
files:
|
|
116
|
+
- ".rspec"
|
|
50
117
|
- ".rubocop.yml"
|
|
51
118
|
- CHANGELOG.md
|
|
52
119
|
- CODE_OF_CONDUCT.md
|
|
@@ -55,8 +122,26 @@ files:
|
|
|
55
122
|
- LICENSE
|
|
56
123
|
- README.md
|
|
57
124
|
- Rakefile
|
|
125
|
+
- app/controllers/devise/api/tokens_controller.rb
|
|
126
|
+
- app/services/devise/api/base_service.rb
|
|
127
|
+
- app/services/devise/api/resource_owner_service/authenticate.rb
|
|
128
|
+
- app/services/devise/api/resource_owner_service/sign_in.rb
|
|
129
|
+
- app/services/devise/api/resource_owner_service/sign_up.rb
|
|
130
|
+
- app/services/devise/api/tokens_service/create.rb
|
|
131
|
+
- app/services/devise/api/tokens_service/refresh.rb
|
|
132
|
+
- app/services/devise/api/tokens_service/revoke.rb
|
|
133
|
+
- config/locales/en.yml
|
|
58
134
|
- devise-api.gemspec
|
|
59
135
|
- lib/devise/api.rb
|
|
136
|
+
- lib/devise/api/configuration.rb
|
|
137
|
+
- lib/devise/api/controllers/helpers.rb
|
|
138
|
+
- lib/devise/api/generators/install_generator.rb
|
|
139
|
+
- lib/devise/api/generators/templates/migration.rb.erb
|
|
140
|
+
- lib/devise/api/rails/engine.rb
|
|
141
|
+
- lib/devise/api/rails/routes.rb
|
|
142
|
+
- lib/devise/api/responses/error_response.rb
|
|
143
|
+
- lib/devise/api/responses/token_response.rb
|
|
144
|
+
- lib/devise/api/token.rb
|
|
60
145
|
- lib/devise/api/version.rb
|
|
61
146
|
- sig/devise/api.rbs
|
|
62
147
|
homepage: https://github.com/nejdetkadir/devise-api
|
|
@@ -81,10 +166,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
81
166
|
- !ruby/object:Gem::Version
|
|
82
167
|
version: '0'
|
|
83
168
|
requirements: []
|
|
84
|
-
rubygems_version: 3.
|
|
169
|
+
rubygems_version: 3.3.3
|
|
85
170
|
signing_key:
|
|
86
171
|
specification_version: 4
|
|
87
|
-
summary:
|
|
88
|
-
|
|
89
|
-
|
|
172
|
+
summary: The devise-api gem is a convenient way to add authentication to your Ruby
|
|
173
|
+
on Rails application using the devise gem. It provides support for access tokens
|
|
174
|
+
and refresh tokens, which allow you to authenticate API requests and keep the user's
|
|
175
|
+
session active for a longer period of time on the client side. It can be installed
|
|
176
|
+
by adding the gem to your Gemfile, running migrations, and adding the :api module
|
|
177
|
+
to your devise model. The gem is fully configurable, allowing you to set things
|
|
178
|
+
like token expiration times and token generators.
|
|
90
179
|
test_files: []
|