devise-jwt 0.5.6 → 0.5.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a1dcf5432b3eca3682d6eda74ea8659a4de99692
4
- data.tar.gz: 98ca51ba3d3e16558f3e2690504f517fffe45b73
3
+ metadata.gz: ce25f0119df28a2ff0682ec57b228e7cd3d0d24a
4
+ data.tar.gz: f86dd338edbeb3e38992d1a3407888405e566a3d
5
5
  SHA512:
6
- metadata.gz: 5f4a10c20c6dd4638f7fdf661f7715d93a7337dc1e7458f507a2c0f0dcebc80ca58108783a2ded9cbf3c6efda25773e6ce8916a17029b542726ea512eb2ce161
7
- data.tar.gz: 930058ffefc9dfcfcf47143fbbb27cc81ad10e5528ec99e860d8d0e64ee144fee8b0ed5684ade1f83f28fe1e397cc9a63038ff77f0c5acb0058583bc08634754
6
+ metadata.gz: d92f20f3d3a4dff6b9eacb4bc2f00633be267e2d0835ed3b50beb22c0c0a720cc9200ca16d9399877927d3249efb43d1644543e9f57496f5107c6351a309dfee
7
+ data.tar.gz: 0431acb342abb8d861c9750fa5fa3b121a7b0c05b01ac15bfa407564c0442107f3f93c72ab800da6b86aac7290f377f80a421072b159042fb563664a19cac18e
@@ -1,9 +1,10 @@
1
1
  sudo: false
2
2
  language: ruby
3
3
  rvm:
4
- - 2.2.6
5
- - 2.3.3
6
- - 2.4.0
4
+ - 2.2.9
5
+ - 2.3.6
6
+ - 2.4.3
7
+ - 2.5.0
7
8
  before_install:
8
9
  - gem update --system --no-doc
9
10
  - bundle install --gemfile=.overcommit_gems.rb
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
4
4
  The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
5
  and this project adheres to [Semantic Versioning](http://semver.org/).
6
6
 
7
+ ## [0.5.7] - 2018-06-22
8
+ ### Added
9
+ - Use `primary_key` instead of `id` to fetch resource.
10
+
7
11
  ## [0.5.6] - 2018-02-22
8
12
  ### Fixed
9
13
  - Work with more than one `sign_out_via` configured
data/README.md CHANGED
@@ -26,7 +26,7 @@ You can read about which security concerns this library takes into account and a
26
26
  Add this line to your application's Gemfile:
27
27
 
28
28
  ```ruby
29
- gem 'devise-jwt', '~> 0.5.6'
29
+ gem 'devise-jwt', '~> 0.5.7'
30
30
  ```
31
31
 
32
32
  And then execute:
@@ -182,7 +182,7 @@ Then, you have to add the strategy to the model class and configure it according
182
182
  ```ruby
183
183
  class User < ApplicationRecord
184
184
  include Devise::JWT::RevocationStrategies::JTIMatcher
185
-
185
+
186
186
  devise :database_authenticatable,
187
187
  :jwt_authenticatable, jwt_revocation_strategy: self
188
188
  end
@@ -276,13 +276,13 @@ def change
276
276
  # If you want to leverage the `aud` claim, add to it a `NOT NULL` constraint:
277
277
  # t.string :aud, null: false
278
278
  t.datetime :exp, null: false
279
- t.references :your_user_table, foreign_key: true
279
+ t.references :your_user_table, foreign_key: { on_delete: :cascade }, null: false
280
280
  end
281
-
281
+
282
282
  add_index :whitelisted_jwts, :jti, unique: true
283
283
  end
284
284
  ```
285
- Important: You are encouraged to set a unique index in the jti column. This way we can be sure at the database level that there aren't two valid tokens with same jti at the same time.
285
+ Important: You are encouraged to set a unique index in the jti column. This way we can be sure at the database level that there aren't two valid tokens with same jti at the same time. Definining `foreign_key: { on_delete: :cascade }, null: false` on `t.references :your_user_table` helps to keep referential integrity of your database.
286
286
 
287
287
  And then, the model:
288
288
 
@@ -291,12 +291,12 @@ class WhitelistedJwt < ApplicationRecord
291
291
  end
292
292
  ```
293
293
 
294
- Finally, include de strategy in the model and configure it:
294
+ Finally, include the strategy in the model and configure it:
295
295
 
296
296
  ```ruby
297
297
  class User < ApplicationRecord
298
298
  include Devise::JWT::RevocationStrategies::Whitelist
299
-
299
+
300
300
  devise :database_authenticatable,
301
301
  :jwt_authenticatable, jwt_revocation_strategy: self
302
302
  end
@@ -333,7 +333,7 @@ module MyCustomStrategy
333
333
  def self.jwt_revoked?(payload, user)
334
334
  # Does something to check whether the JWT token is revoked for given user
335
335
  end
336
-
336
+
337
337
  def self.revoke_jwt(payload, user)
338
338
  # Does something to revoke the JWT token for given user
339
339
  end
@@ -378,9 +378,9 @@ require 'devise/jwt/test_helpers'
378
378
  headers = { 'Accept' => 'application/json', 'Content-Type' => 'application/json' }
379
379
  # This will add a valid token for `user` in the `Authorization` header
380
380
  auth_headers = Devise::JWT::TestHelpers.auth_headers(headers, user)
381
-
381
+
382
382
  get '/my/end_point', headers: auth_headers
383
-
383
+
384
384
  expect_something()
385
385
  end
386
386
  ```
@@ -425,7 +425,7 @@ jwt.dispatch_requests = [
425
425
 
426
426
  **Important**: You are encouraged to delimit your regular expression with `^` and `$` to avoid unintentional matches.
427
427
 
428
- #### revocation_requests
428
+ #### revocation_requests
429
429
 
430
430
  Besides the destroy session one, additional requests where JWT tokens should be revoked.
431
431
 
@@ -0,0 +1,28 @@
1
+ Please, for a bug report fill in the following template. Before that, make sure to read the whole [README](https://github.com/waiting-for-dev/devise-jwt/blob/master/README.md) and check if your issue is not related with [CORS](https://github.com/waiting-for-dev/devise-jwt#model-configuration).
2
+
3
+ Feature requests and questions about `devise-jwt` are also accepted. It isn't the place for generic questions about using `devise` with an API. For that, read our [wiki page](https://github.com/waiting-for-dev/devise-jwt/wiki/Configuring-devise-for-APIs) or ask somewhere else like [stackoverflow](https://stackoverflow.com/)
4
+
5
+ ## Expected behavior
6
+
7
+ ## Actual behavior
8
+
9
+ ## Steps to Reproduce the Problem
10
+
11
+ 1.
12
+ 2.
13
+ 3.
14
+
15
+ ## Debugging information
16
+
17
+ Provide following information. Please, format pasted output as code. Feel free to remove the secret key value.
18
+
19
+ - Version of `devise-jwt` in use
20
+ - Version of `rails` in use
21
+ - Output of `Devise::JWT.config`
22
+ - Output of `Warden::JWTAuth.config`
23
+ - Output of `Devise.mappings`
24
+ - If your issue is related with not getting a JWT from the server:
25
+ - Involved request path, method and request headers
26
+ - Response headers for that request
27
+ - If your issue is related with not being able to revoke a JWT:
28
+ - Involved request path, method and request headers
@@ -17,7 +17,7 @@ module Devise
17
17
 
18
18
  included do
19
19
  def self.find_for_jwt_authentication(sub)
20
- find_by(id: sub)
20
+ find_by(primary_key => sub)
21
21
  end
22
22
  end
23
23
 
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Devise
4
4
  module JWT
5
- VERSION = '0.5.6'
5
+ VERSION = '0.5.7'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.6
4
+ version: 0.5.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-02-22 00:00:00.000000000 Z
11
+ date: 2018-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -190,6 +190,7 @@ files:
190
190
  - bin/setup
191
191
  - devise-jwt.gemspec
192
192
  - docker-compose.yml
193
+ - issue_template.md
193
194
  - lib/devise/jwt.rb
194
195
  - lib/devise/jwt/defaults_generator.rb
195
196
  - lib/devise/jwt/mapping_inspector.rb