devise-jwt-revocation_strategies-redis 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.rspec +3 -0
- data/.rubocop.yml +8 -0
- data/README.md +42 -0
- data/Rakefile +12 -0
- data/lib/devise/jwt/revocation_strategies/redis/jwt_dispatcher.rb +35 -0
- data/lib/devise/jwt/revocation_strategies/redis/version.rb +11 -0
- data/lib/devise/jwt/revocation_strategies/redis.rb +51 -0
- data/sig/devise/jwt/revocation_strategies/redis.rbs +10 -0
- metadata +69 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: b985ed2d07aeaf7d71a47caed6106f0edfd69b0fa34072aece1e078628535b8a
|
|
4
|
+
data.tar.gz: 7453be272908b15a497b0b5eb66241d3d46a7577f05320d30b4feaa99a39e122
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: e6a9f89f7d83cac478f913424be105e95926794480f639422abaccefab86762e4bd1776d8e5dc7a6b253b2c382d960c86178d0ea847934a2eae0bcfec54965d3
|
|
7
|
+
data.tar.gz: eae47c2ad8be287a8f98cb14f9e7c90942d7099bdb37b25d114ce2fff35b73f5eb428f8f9465e84d99760a4d0481fa172925150aec2159359d4f61d7d42753ec
|
data/.rspec
ADDED
data/.rubocop.yml
ADDED
data/README.md
ADDED
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# Devise::Jwt::RevocationStrategies::Redis
|
|
2
|
+
|
|
3
|
+
## Installation
|
|
4
|
+
|
|
5
|
+
TODO: Replace `UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG` with your gem name right after releasing it to RubyGems.org. Please do not do it earlier due to security reasons. Alternatively, replace this section with instructions to install your gem from git if you don't plan to release to RubyGems.org.
|
|
6
|
+
|
|
7
|
+
Install the gem and add to the application's Gemfile by executing:
|
|
8
|
+
|
|
9
|
+
$ bundle add UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
|
|
10
|
+
|
|
11
|
+
If bundler is not being used to manage dependencies, install the gem by executing:
|
|
12
|
+
|
|
13
|
+
$ gem install UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
|
|
14
|
+
|
|
15
|
+
## Usage
|
|
16
|
+
|
|
17
|
+
### Configuration
|
|
18
|
+
- Setting up Redis
|
|
19
|
+
Ensure that you have Redis installed and running. You can configure the Redis connection URL in your environment variables. For example:
|
|
20
|
+
```#.env
|
|
21
|
+
REDIS_AUTH_URL=redis://localhost:6379/0
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
Setup your devise model:
|
|
25
|
+
```ruby
|
|
26
|
+
class User < ApplicationRecord
|
|
27
|
+
include Devise::Jwt::RevocationStrategies::Redis::JwtDispatcher
|
|
28
|
+
|
|
29
|
+
devise :database_authenticatable, # your enabled modules
|
|
30
|
+
:jwt_authenticatable, jwt_revocation_strategy: Devise::Jwt::RevocationStrategies::Redis
|
|
31
|
+
end
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
## Development
|
|
35
|
+
|
|
36
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
37
|
+
|
|
38
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
39
|
+
|
|
40
|
+
## Contributing
|
|
41
|
+
|
|
42
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/devise-jwt-revocation_strategies-redis.
|
data/Rakefile
ADDED
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
require 'json'
|
|
2
|
+
require 'active_support/concern'
|
|
3
|
+
|
|
4
|
+
module Devise
|
|
5
|
+
module Jwt
|
|
6
|
+
module RevocationStrategies
|
|
7
|
+
module Redis
|
|
8
|
+
module JwtDispatcher
|
|
9
|
+
extend ActiveSupport::Concern
|
|
10
|
+
|
|
11
|
+
included do
|
|
12
|
+
def on_jwt_dispatch(token, payload)
|
|
13
|
+
raise ArgumentError, 'payload cannot be nil' if payload.nil?
|
|
14
|
+
|
|
15
|
+
jti = payload['jti']
|
|
16
|
+
save_token_in_redis(jti, payload['sub'], payload['exp'])
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
private
|
|
21
|
+
|
|
22
|
+
def save_token_in_redis(jti, user_id, exp)
|
|
23
|
+
raise ArgumentError, 'sub cannot be nil' if user_id.nil? || user_id.empty?
|
|
24
|
+
raise ArgumentError, 'jti cannot be nil' if jti.nil? || jti.empty?
|
|
25
|
+
raise ArgumentError, 'exp cannot be nil' if exp.nil?
|
|
26
|
+
|
|
27
|
+
redis_key = "jwt:#{user_id}"
|
|
28
|
+
$redis_auth.sadd(redis_key, jti)
|
|
29
|
+
$redis_auth.expireat(redis_key, exp)
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require_relative "redis/version"
|
|
4
|
+
require_relative 'redis/jwt_dispatcher'
|
|
5
|
+
require 'redis'
|
|
6
|
+
require 'dotenv-rails'
|
|
7
|
+
|
|
8
|
+
module Devise
|
|
9
|
+
module Jwt
|
|
10
|
+
module RevocationStrategies
|
|
11
|
+
module Redis
|
|
12
|
+
Dotenv.load
|
|
13
|
+
$redis_auth ||= ::Redis.new(url: ENV.fetch('REDIS_AUTH_URL') { 'redis://localhost:6379/0' })
|
|
14
|
+
|
|
15
|
+
class Error < StandardError; end
|
|
16
|
+
# Checks if the JWT has been revoked.
|
|
17
|
+
#
|
|
18
|
+
# @param payload [Hash] the payload of the JWT, which includes the 'jti' (JWT ID).
|
|
19
|
+
# @param _user [Object] the user object (unused in this method).
|
|
20
|
+
# @return [Boolean] true if the JWT has been revoked or if there is an error accessing Redis, false otherwise.
|
|
21
|
+
def self.jwt_revoked?(payload, _user)
|
|
22
|
+
return true if payload.nil? || payload['jti'].nil? || payload['sub'].nil? # Check if JTI or user ID is nil
|
|
23
|
+
|
|
24
|
+
redis_key = "jwt:#{payload['sub']}" # Using user ID to get the Set
|
|
25
|
+
!$redis_auth.sismember(redis_key, payload['jti'])
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Revokes a JWT by deleting its entry from Redis.
|
|
29
|
+
#
|
|
30
|
+
# @param payload [Hash] The payload of the JWT, which should include the 'jti' (JWT ID).
|
|
31
|
+
# @param _user [Object] The user object (not used in this method).
|
|
32
|
+
#
|
|
33
|
+
# @return nil
|
|
34
|
+
def self.revoke_jwt(payload, _user)
|
|
35
|
+
user_id = payload['sub'] rescue nil
|
|
36
|
+
jti = payload['jti'] rescue nil
|
|
37
|
+
|
|
38
|
+
return if user_id.nil?
|
|
39
|
+
|
|
40
|
+
redis_key = "jwt:#{user_id}"
|
|
41
|
+
$redis_auth.srem(redis_key, jti) # Remove the specific JWT from the Set
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def self.revoke_all_jwts_for_user(user_id)
|
|
45
|
+
redis_key = "jwt:#{user_id}"
|
|
46
|
+
$redis_auth.del(redis_key) # Delete the entire Set to revoke all tokens
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: devise-jwt-revocation_strategies-redis
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- kokorolx
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: exe
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2024-09-28 00:00:00.000000000 Z
|
|
12
|
+
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: redis
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: '0'
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: '0'
|
|
27
|
+
description: This gem provides a strategy for revoking JWT tokens in a Rails application
|
|
28
|
+
using Devise, utilizing Redis for token storage and revocation management.
|
|
29
|
+
email:
|
|
30
|
+
- kokoro.lehoang@gmail.com
|
|
31
|
+
executables: []
|
|
32
|
+
extensions: []
|
|
33
|
+
extra_rdoc_files: []
|
|
34
|
+
files:
|
|
35
|
+
- ".rspec"
|
|
36
|
+
- ".rubocop.yml"
|
|
37
|
+
- README.md
|
|
38
|
+
- Rakefile
|
|
39
|
+
- lib/devise/jwt/revocation_strategies/redis.rb
|
|
40
|
+
- lib/devise/jwt/revocation_strategies/redis/jwt_dispatcher.rb
|
|
41
|
+
- lib/devise/jwt/revocation_strategies/redis/version.rb
|
|
42
|
+
- sig/devise/jwt/revocation_strategies/redis.rbs
|
|
43
|
+
homepage: https://github.com/kokorolx/devise-jwt-revocation_strategies-redis
|
|
44
|
+
licenses: []
|
|
45
|
+
metadata:
|
|
46
|
+
allowed_push_host: https://rubygems.org
|
|
47
|
+
homepage_uri: https://github.com/kokorolx/devise-jwt-revocation_strategies-redis
|
|
48
|
+
source_code_uri: https://github.com/kokorolx/devise-jwt-revocation_strategies-redis
|
|
49
|
+
changelog_uri: https://github.com/kokorolx/devise-jwt-revocation_strategies-redis/CHANGELOG.md
|
|
50
|
+
post_install_message:
|
|
51
|
+
rdoc_options: []
|
|
52
|
+
require_paths:
|
|
53
|
+
- lib
|
|
54
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
55
|
+
requirements:
|
|
56
|
+
- - ">="
|
|
57
|
+
- !ruby/object:Gem::Version
|
|
58
|
+
version: 3.0.0
|
|
59
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
60
|
+
requirements:
|
|
61
|
+
- - ">="
|
|
62
|
+
- !ruby/object:Gem::Version
|
|
63
|
+
version: '0'
|
|
64
|
+
requirements: []
|
|
65
|
+
rubygems_version: 3.5.16
|
|
66
|
+
signing_key:
|
|
67
|
+
specification_version: 4
|
|
68
|
+
summary: A gem to revoke JWT tokens using Redis for Devise.
|
|
69
|
+
test_files: []
|