devise-jwt 0.5.6 → 0.5.7

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: a1dcf5432b3eca3682d6eda74ea8659a4de99692
4
- data.tar.gz: 98ca51ba3d3e16558f3e2690504f517fffe45b73
3
+ metadata.gz: ce25f0119df28a2ff0682ec57b228e7cd3d0d24a
4
+ data.tar.gz: f86dd338edbeb3e38992d1a3407888405e566a3d
5
5
  SHA512:
6
- metadata.gz: 5f4a10c20c6dd4638f7fdf661f7715d93a7337dc1e7458f507a2c0f0dcebc80ca58108783a2ded9cbf3c6efda25773e6ce8916a17029b542726ea512eb2ce161
7
- data.tar.gz: 930058ffefc9dfcfcf47143fbbb27cc81ad10e5528ec99e860d8d0e64ee144fee8b0ed5684ade1f83f28fe1e397cc9a63038ff77f0c5acb0058583bc08634754
6
+ metadata.gz: d92f20f3d3a4dff6b9eacb4bc2f00633be267e2d0835ed3b50beb22c0c0a720cc9200ca16d9399877927d3249efb43d1644543e9f57496f5107c6351a309dfee
7
+ data.tar.gz: 0431acb342abb8d861c9750fa5fa3b121a7b0c05b01ac15bfa407564c0442107f3f93c72ab800da6b86aac7290f377f80a421072b159042fb563664a19cac18e
@@ -1,9 +1,10 @@
1
1
  sudo: false
2
2
  language: ruby
3
3
  rvm:
4
- - 2.2.6
5
- - 2.3.3
6
- - 2.4.0
4
+ - 2.2.9
5
+ - 2.3.6
6
+ - 2.4.3
7
+ - 2.5.0
7
8
  before_install:
8
9
  - gem update --system --no-doc
9
10
  - bundle install --gemfile=.overcommit_gems.rb
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
4
4
  The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
5
  and this project adheres to [Semantic Versioning](http://semver.org/).
6
6
 
7
+ ## [0.5.7] - 2018-06-22
8
+ ### Added
9
+ - Use `primary_key` instead of `id` to fetch resource.
10
+
7
11
  ## [0.5.6] - 2018-02-22
8
12
  ### Fixed
9
13
  - Work with more than one `sign_out_via` configured
data/README.md CHANGED
@@ -26,7 +26,7 @@ You can read about which security concerns this library takes into account and a
26
26
  Add this line to your application's Gemfile:
27
27
 
28
28
  ```ruby
29
- gem 'devise-jwt', '~> 0.5.6'
29
+ gem 'devise-jwt', '~> 0.5.7'
30
30
  ```
31
31
 
32
32
  And then execute:
@@ -182,7 +182,7 @@ Then, you have to add the strategy to the model class and configure it according
182
182
  ```ruby
183
183
  class User < ApplicationRecord
184
184
  include Devise::JWT::RevocationStrategies::JTIMatcher
185
-
185
+
186
186
  devise :database_authenticatable,
187
187
  :jwt_authenticatable, jwt_revocation_strategy: self
188
188
  end
@@ -276,13 +276,13 @@ def change
276
276
  # If you want to leverage the `aud` claim, add to it a `NOT NULL` constraint:
277
277
  # t.string :aud, null: false
278
278
  t.datetime :exp, null: false
279
- t.references :your_user_table, foreign_key: true
279
+ t.references :your_user_table, foreign_key: { on_delete: :cascade }, null: false
280
280
  end
281
-
281
+
282
282
  add_index :whitelisted_jwts, :jti, unique: true
283
283
  end
284
284
  ```
285
- Important: You are encouraged to set a unique index in the jti column. This way we can be sure at the database level that there aren't two valid tokens with same jti at the same time.
285
+ Important: You are encouraged to set a unique index in the jti column. This way we can be sure at the database level that there aren't two valid tokens with same jti at the same time. Definining `foreign_key: { on_delete: :cascade }, null: false` on `t.references :your_user_table` helps to keep referential integrity of your database.
286
286
 
287
287
  And then, the model:
288
288
 
@@ -291,12 +291,12 @@ class WhitelistedJwt < ApplicationRecord
291
291
  end
292
292
  ```
293
293
 
294
- Finally, include de strategy in the model and configure it:
294
+ Finally, include the strategy in the model and configure it:
295
295
 
296
296
  ```ruby
297
297
  class User < ApplicationRecord
298
298
  include Devise::JWT::RevocationStrategies::Whitelist
299
-
299
+
300
300
  devise :database_authenticatable,
301
301
  :jwt_authenticatable, jwt_revocation_strategy: self
302
302
  end
@@ -333,7 +333,7 @@ module MyCustomStrategy
333
333
  def self.jwt_revoked?(payload, user)
334
334
  # Does something to check whether the JWT token is revoked for given user
335
335
  end
336
-
336
+
337
337
  def self.revoke_jwt(payload, user)
338
338
  # Does something to revoke the JWT token for given user
339
339
  end
@@ -378,9 +378,9 @@ require 'devise/jwt/test_helpers'
378
378
  headers = { 'Accept' => 'application/json', 'Content-Type' => 'application/json' }
379
379
  # This will add a valid token for `user` in the `Authorization` header
380
380
  auth_headers = Devise::JWT::TestHelpers.auth_headers(headers, user)
381
-
381
+
382
382
  get '/my/end_point', headers: auth_headers
383
-
383
+
384
384
  expect_something()
385
385
  end
386
386
  ```
@@ -425,7 +425,7 @@ jwt.dispatch_requests = [
425
425
 
426
426
  **Important**: You are encouraged to delimit your regular expression with `^` and `$` to avoid unintentional matches.
427
427
 
428
- #### revocation_requests
428
+ #### revocation_requests
429
429
 
430
430
  Besides the destroy session one, additional requests where JWT tokens should be revoked.
431
431
 
@@ -0,0 +1,28 @@
1
+ Please, for a bug report fill in the following template. Before that, make sure to read the whole [README](https://github.com/waiting-for-dev/devise-jwt/blob/master/README.md) and check if your issue is not related with [CORS](https://github.com/waiting-for-dev/devise-jwt#model-configuration).
2
+
3
+ Feature requests and questions about `devise-jwt` are also accepted. It isn't the place for generic questions about using `devise` with an API. For that, read our [wiki page](https://github.com/waiting-for-dev/devise-jwt/wiki/Configuring-devise-for-APIs) or ask somewhere else like [stackoverflow](https://stackoverflow.com/)
4
+
5
+ ## Expected behavior
6
+
7
+ ## Actual behavior
8
+
9
+ ## Steps to Reproduce the Problem
10
+
11
+ 1.
12
+ 2.
13
+ 3.
14
+
15
+ ## Debugging information
16
+
17
+ Provide following information. Please, format pasted output as code. Feel free to remove the secret key value.
18
+
19
+ - Version of `devise-jwt` in use
20
+ - Version of `rails` in use
21
+ - Output of `Devise::JWT.config`
22
+ - Output of `Warden::JWTAuth.config`
23
+ - Output of `Devise.mappings`
24
+ - If your issue is related with not getting a JWT from the server:
25
+ - Involved request path, method and request headers
26
+ - Response headers for that request
27
+ - If your issue is related with not being able to revoke a JWT:
28
+ - Involved request path, method and request headers
@@ -17,7 +17,7 @@ module Devise
17
17
 
18
18
  included do
19
19
  def self.find_for_jwt_authentication(sub)
20
- find_by(id: sub)
20
+ find_by(primary_key => sub)
21
21
  end
22
22
  end
23
23
 
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Devise
4
4
  module JWT
5
- VERSION = '0.5.6'
5
+ VERSION = '0.5.7'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.6
4
+ version: 0.5.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-02-22 00:00:00.000000000 Z
11
+ date: 2018-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -190,6 +190,7 @@ files:
190
190
  - bin/setup
191
191
  - devise-jwt.gemspec
192
192
  - docker-compose.yml
193
+ - issue_template.md
193
194
  - lib/devise/jwt.rb
194
195
  - lib/devise/jwt/defaults_generator.rb
195
196
  - lib/devise/jwt/mapping_inspector.rb