devise_jwt_auth 0.1.4 → 0.2.0

data/app/controllers/devise_jwt_auth/refresh_token_controller.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 module DeviseJwtAuth
+  # Controller that handles sending refresh tokens.
   class RefreshTokenController < DeviseJwtAuth::ApplicationController
     before_action :set_user_by_refresh_token
 
@@ -14,6 +15,7 @@ module DeviseJwtAuth
     end
 
     protected
+
     def resource_data
       response_data = @resource.as_json
       response_data['type'] = @resource.class.name.parameterize if json_api?
@@ -23,10 +25,11 @@ module DeviseJwtAuth
     def render_refresh_token_success
       response_data = {
         status: 'success',
-        data:   resource_data
+        data: resource_data
       }
 
       response_data.merge!(@resource.create_named_token_pair) if active_for_authentication?
+
       render json: response_data
     end
 

data/app/controllers/devise_jwt_auth/registrations_controller.rb

@@ -28,10 +28,17 @@ module DeviseJwtAuth
       end
 
       # if whitelist is set, validate redirect_url against whitelist
-      return render_create_error_redirect_url_not_allowed if blacklisted_redirect_url?(@redirect_url)
+      if blacklisted_redirect_url?(@redirect_url)
+        return render_create_error_redirect_url_not_allowed
+      end
 
       # override email confirmation, must be sent manually from ctrl
-      callback_name = defined?(ActiveRecord) && resource_class < ActiveRecord::Base ? :commit : :create
+      callback_name = if defined?(ActiveRecord) && resource_class < ActiveRecord::Base
+                        :commit
+                      else
+                        :create
+                      end
+
       resource_class.set_callback(callback_name, :after, :send_on_create_confirmation_instructions)
       resource_class.skip_callback(callback_name, :after, :send_on_create_confirmation_instructions)
 
@@ -46,9 +53,9 @@ module DeviseJwtAuth
         unless @resource.confirmed?
           # user will require email authentication
           @resource.send_confirmation_instructions({
-            client_config: params[:config_name],
-            redirect_url: @redirect_url
-          })
+                                                     client_config: params[:config_name],
+                                                     redirect_url: @redirect_url
+                                                   })
         end
 
         update_refresh_token_cookie if active_for_authentication?
@@ -98,17 +105,17 @@ module DeviseJwtAuth
       @resource.provider   = provider
 
       # honor devise configuration for case_insensitive_keys
-      if resource_class.case_insensitive_keys.include?(:email)
-        @resource.email = sign_up_params[:email].try(:downcase)
-      else
-        @resource.email = sign_up_params[:email]
-      end
+      @resource.email = if resource_class.case_insensitive_keys.include?(:email)
+                          sign_up_params[:email].try(:downcase)
+                        else
+                          sign_up_params[:email]
+                        end
     end
 
     def render_create_error_missing_confirm_success_url
       response = {
         status: 'error',
-        data:   resource_data
+        data: resource_data
       }
       message = I18n.t('devise_jwt_auth.registrations.missing_confirm_success_url')
       render_error(422, message, response)
@@ -117,26 +124,30 @@ module DeviseJwtAuth
     def render_create_error_redirect_url_not_allowed
       response = {
         status: 'error',
-        data:   resource_data
+        data: resource_data
       }
-      message = I18n.t('devise_jwt_auth.registrations.redirect_url_not_allowed', redirect_url: @redirect_url)
+      message = I18n.t(
+        'devise_jwt_auth.registrations.redirect_url_not_allowed',
+        redirect_url: @redirect_url
+      )
       render_error(422, message, response)
     end
 
     def render_create_success
       response_data = {
         status: 'success',
-        data:   resource_data
+        data: resource_data
       }
 
       response_data.merge!(@resource.create_named_token_pair) if active_for_authentication?
+
       render json: response_data
     end
 
     def render_create_error
       render json: {
         status: 'error',
-        data:   resource_data,
+        data: resource_data,
         errors: resource_errors
       }, status: 422
     end
@@ -144,7 +155,7 @@ module DeviseJwtAuth
     def render_update_success
       render json: {
         status: 'success',
-        data:   resource_data
+        data: resource_data
       }
     end
 
@@ -162,12 +173,17 @@ module DeviseJwtAuth
     def render_destroy_success
       render json: {
         status: 'success',
-        message: I18n.t('devise_jwt_auth.registrations.account_with_uid_destroyed', uid: @resource.uid)
+        message: I18n.t(
+          'devise_jwt_auth.registrations.account_with_uid_destroyed',
+          uid: @resource.uid
+        )
       }
     end
 
     def render_destroy_error
-      render_error(404, I18n.t('devise_jwt_auth.registrations.account_to_destroy_not_found'), status: 'error')
+      render_error(404,
+                   I18n.t('devise_jwt_auth.registrations.account_to_destroy_not_found'),
+                   status: 'error')
     end
 
     private
@@ -175,7 +191,8 @@ module DeviseJwtAuth
     def resource_update_method
       if DeviseJwtAuth.check_current_password_before_update == :attributes
         'update_with_password'
-      elsif DeviseJwtAuth.check_current_password_before_update == :password && account_update_params.key?(:password)
+      elsif DeviseJwtAuth.check_current_password_before_update == :password &&
+            account_update_params.key?(:password)
         'update_with_password'
       elsif account_update_params.key?(:current_password)
         'update_with_password'
@@ -189,10 +206,12 @@ module DeviseJwtAuth
     end
 
     def validate_account_update_params
-      validate_post_data account_update_params, I18n.t('errors.messages.validate_account_update_params')
+      validate_post_data account_update_params, I18n.t(
+        'errors.messages.validate_account_update_params'
+      )
     end
 
-    def validate_post_data which, message
+    def validate_post_data(which, message)
       render_error(:unprocessable_entity, message, status: 'error') if which.empty?
     end
 

data/app/controllers/devise_jwt_auth/sessions_controller.rb

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
 
-# see http://www.emilsoman.com/blog/2013/05/18/building-a-tested/
 module DeviseJwtAuth
   class SessionsController < DeviseJwtAuth::ApplicationController
     before_action :set_user_by_token, only: [:destroy]
@@ -21,11 +20,17 @@ module DeviseJwtAuth
         @resource = find_resource(field, q_value)
       end
 
-      if @resource && valid_params?(field, q_value) && (!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
+      if @resource &&
+         valid_params?(field, q_value) &&
+         (!@resource.respond_to?(:active_for_authentication?) ||
+          @resource.active_for_authentication?)
         valid_password = @resource.valid_password?(resource_params[:password])
-        if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password
+        if (@resource.respond_to?(:valid_for_authentication?) &&
+           !@resource.valid_for_authentication? { valid_password }) ||
+           !valid_password
           return render_create_error_bad_credentials
         end
+
         @token = @resource.create_token
         @resource.save
 
@@ -35,7 +40,9 @@ module DeviseJwtAuth
 
         update_refresh_token_cookie
         render_create_success
-      elsif @resource && !(!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
+      elsif @resource &&
+            !(!@resource.respond_to?(:active_for_authentication?) ||
+              @resource.active_for_authentication?)
         if @resource.respond_to?(:locked_at) && @resource.locked_at
           render_create_error_account_locked
         else
@@ -48,18 +55,13 @@ module DeviseJwtAuth
 
     def destroy
       # TODO: logout? update token version?
-      
+
       # remove auth instance variables so that after_action does not run
       user = remove_instance_variable(:@resource) if @resource
-      # client = @token.client if @token.client
-      # @token.clear!
-
-      if user # && client && user.tokens[client]
-        # user.tokens.delete(client)
-        # user.save!
 
+      if user
         yield user if block_given?
-
+        clear_refresh_token_cookie
         render_destroy_success
       else
         render_destroy_error
@@ -78,17 +80,15 @@ module DeviseJwtAuth
 
       # iterate thru allowed auth keys, use first found
       resource_class.authentication_keys.each do |k|
-        if resource_params[k]
-          auth_val = resource_params[k]
-          auth_key = k
-          break
-        end
+        next unless resource_params[k]
+
+        auth_val = resource_params[k]
+        auth_key = k
+        break
       end
 
       # honor devise configuration for case_insensitive_keys
-      if resource_class.case_insensitive_keys.include?(auth_key)
-        auth_val.downcase!
-      end
+      auth_val.downcase! if resource_class.case_insensitive_keys.include?(auth_key)
 
       { key: auth_key, val: auth_val }
     end
@@ -118,7 +118,7 @@ module DeviseJwtAuth
 
     def render_destroy_success
       render json: {
-        success:true
+        success: true
       }, status: 200
     end
 

data/app/controllers/devise_jwt_auth/unlocks_controller.rb

@@ -22,7 +22,7 @@ module DeviseJwtAuth
         )
 
         if @resource.errors.empty?
-          return render_create_success
+          render_create_success
         else
           render_create_error @resource.errors
         end
@@ -38,8 +38,8 @@ module DeviseJwtAuth
         yield @resource if block_given?
 
         redirect_header_options = { unlock: true }
-        redirect_headers = @resource.create_named_token_pair.
-                             merge(redirect_header_options)
+        redirect_headers = @resource.create_named_token_pair
+                             .merge(redirect_header_options)
 
         update_refresh_token_cookie
         redirect_url = after_unlock_path_for(@resource)
@@ -52,7 +52,8 @@ module DeviseJwtAuth
     end
 
     private
-    def after_unlock_path_for(resource)
+
+    def after_unlock_path_for(_resource)
       # TODO: This should probably be a configuration option at the very least.
       # Use confirmation controller / tests as a template for building out this feature.
       '/'

data/app/models/devise_jwt_auth/concerns/active_record_support.rb

@@ -1,5 +1,8 @@
+# frozen_string_literal: true
+
 require_relative 'tokens_serialization'
 
+# ActiveSupport Concern for serializing tokens
 module DeviseJwtAuth::Concerns::ActiveRecordSupport
   extend ActiveSupport::Concern
 

data/app/models/devise_jwt_auth/concerns/confirmable_support.rb

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+
+# ActiveSupport Concern for confirming users
 module DeviseJwtAuth::Concerns::ConfirmableSupport
   extend ActiveSupport::Concern
 
@@ -6,22 +9,12 @@ module DeviseJwtAuth::Concerns::ConfirmableSupport
     # for not to use `will_save_change_to_email?` & `email_changed?` methods.
     def postpone_email_change?
       postpone = self.class.reconfirmable &&
-        email_value_in_database != email &&
-        !@bypass_confirmation_postpone &&
-        self.email.present? &&
-        (!@skip_reconfirmation_in_callback || !email_value_in_database.nil?)
+                 email_was != email &&
+                 !@bypass_confirmation_postpone &&
+                 email.present? &&
+                 (!@skip_reconfirmation_in_callback || !email_was.nil?)
       @bypass_confirmation_postpone = false
       postpone
     end
   end
-
-  protected
-
-  def email_value_in_database
-    if Devise.rails51? && respond_to?(:email_in_database)
-      email_in_database
-    else
-      email_was
-    end
-  end
 end

data/app/models/devise_jwt_auth/concerns/mongoid_support.rb

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+
+# ActiveSupport Concern for Mongoid support
 module DeviseJwtAuth::Concerns::MongoidSupport
   extend ActiveSupport::Concern
 

data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb

@@ -1,7 +1,10 @@
+# frozen_string_literal: true
+
+# Dumping and loading serialized tokens in JSON format.
 module DeviseJwtAuth::Concerns::TokensSerialization
   # Serialization hash to json
   def self.dump(object)
-    object.each_value(&:compact!) unless object.nil?
+    object&.each_value(&:compact!)
     JSON.generate(object)
   end
 

data/app/models/devise_jwt_auth/concerns/user.rb

@@ -22,14 +22,20 @@ module DeviseJwtAuth::Concerns::User
       include DeviseJwtAuth::Concerns::MongoidSupport
     end
 
-    if DeviseJwtAuth.default_callbacks
-      include DeviseJwtAuth::Concerns::UserOmniauthCallbacks
-    end
+    include DeviseJwtAuth::Concerns::UserOmniauthCallbacks if DeviseJwtAuth.default_callbacks
 
     # don't use default devise email validation
-    def email_required?; false; end
-    def email_changed?; false; end
-    def will_save_change_to_email?; false; end
+    def email_required?
+      false
+    end
+
+    def email_changed?
+      false
+    end
+
+    def will_save_change_to_email?
+      false
+    end
 
     if DeviseJwtAuth.send_confirmation_email && devise_modules.include?(:confirmable)
       include DeviseJwtAuth::Concerns::ConfirmableSupport
@@ -37,6 +43,7 @@ module DeviseJwtAuth::Concerns::User
 
     def password_required?
       return false unless provider == 'email'
+
       super
     end
 
@@ -77,11 +84,11 @@ module DeviseJwtAuth::Concerns::User
     end
 
     def create_token(token_options = {})
-      DeviseJwtAuth::TokenFactory.create_access_token({sub: uid}.merge(token_options))
+      DeviseJwtAuth::TokenFactory.create_access_token({ sub: uid }.merge(token_options))
     end
 
     def create_refresh_token(token_options = {})
-      DeviseJwtAuth::TokenFactory.create_refresh_token({sub: uid}.merge(token_options))
+      DeviseJwtAuth::TokenFactory.create_refresh_token({ sub: uid }.merge(token_options))
     end
   end
 
@@ -93,12 +100,12 @@ module DeviseJwtAuth::Concerns::User
 
   # this must be done from the controller so that additional params
   # can be passed on from the client
-  def send_confirmation_notification?; false; end
+  def send_confirmation_notification?
+    false
+  end
 
   def build_auth_url(base_url, args)
     args[:uid]    = uid
-    args[:expiry] = tokens[args[:client_id]]['expiry']
-
     DeviseJwtAuth::Url.generate(base_url, args)
   end
 

data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb

@@ -4,12 +4,20 @@ module DeviseJwtAuth::Concerns::UserOmniauthCallbacks
   extend ActiveSupport::Concern
 
   included do
-    validates :email, presence: true,if: :email_provider?
-    validates :email, :devise_jwt_auth_email => true, allow_nil: true, allow_blank: true, if: :email_provider?
+    validates :email, presence: true, if: :email_provider?
+    validates :email,
+              devise_jwt_auth_email: true,
+              allow_nil: true,
+              allow_blank: true,
+              if: :email_provider?
+
     validates_presence_of :uid, unless: :email_provider?
 
     # only validate unique emails among email registration users
-    validates :email, uniqueness: { case_sensitive: false, scope: :provider }, on: :create, if: :email_provider?
+    validates :email,
+              uniqueness: { case_sensitive: false, scope: :provider },
+              on: :create,
+              if: :email_provider?
 
     # keep uid in sync with email
     before_save :sync_uid

data/app/validators/devise_jwt_auth_email_validator.rb

@@ -1,9 +1,19 @@
 # frozen_string_literal: true
 
+# Email field validator.
 class DeviseJwtAuthEmailValidator < ActiveModel::EachValidator
+  EMAIL_REGEXP = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+
+  class << self
+    def validate?(email)
+      email =~ EMAIL_REGEXP
+    end
+  end
+
   def validate_each(record, attribute, value)
-    unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
-      record.errors[attribute] << email_invalid_message
+    unless DeviseJwtAuthEmailValidator.validate?(value)
+      # record.errors[attribute] << email_invalid_message
+      record.errors.add(attribute, email_invalid_message)
     end
   end
 

data/app/views/devise/mailer/reset_password_instructions.html.erb

@@ -2,7 +2,7 @@
 
 <p><%= t '.request_reset_link_msg' %></p>
 
-<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
+<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, redirect_url: message['redirect-url'].to_s).html_safe %></p>
 
 <p><%= t '.ignore_mail_msg' %></p>
 <p><%= t '.no_changes_msg' %></p>

data/lib/devise_jwt_auth/blacklist.rb

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 # don't serialize tokens
-Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens
+Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION << :tokens

data/lib/devise_jwt_auth/controllers/url_helpers.rb

@@ -3,8 +3,7 @@
 module DeviseJwtAuth
   module Controllers
     module UrlHelpers
-      def self.define_helpers(mapping)
-      end
+      def self.define_helpers(mapping); end
     end
   end
 end

data/lib/devise_jwt_auth/engine.rb

@@ -33,7 +33,7 @@ module DeviseJwtAuth
 
   self.send_new_access_token_on_each_request     = false
   self.refresh_token_lifespan                    = 1.week
-  self.access_token_lifespan                     = 1.day
+  self.access_token_lifespan                     = 15.minutes
   self.refresh_token_name                        = 'refresh-token'
   self.access_token_name                         = 'access-token'
   self.refresh_token_encryption_key              = 'your-refresh-token-secret-key-here'
@@ -51,12 +51,12 @@ module DeviseJwtAuth
   self.send_confirmation_email                   = false
   self.require_client_password_reset_token       = false
 
-  def self.setup(&block)
+  def self.setup
     yield self
 
     Rails.application.config.after_initialize do
       if defined?(::OmniAuth)
-        ::OmniAuth::config.path_prefix = Devise.omniauth_path_prefix = omniauth_prefix
+        ::OmniAuth.config.path_prefix = Devise.omniauth_path_prefix = omniauth_prefix
 
         # Omniauth currently does not pass along omniauth.params upon failure redirect
         # see also: https://github.com/intridea/omniauth/issues/626
@@ -84,7 +84,7 @@ module DeviseJwtAuth
               fail!(mocked_auth)
             else
               @env['omniauth.auth'] = mocked_auth
-              OmniAuth.config.before_callback_phase.call(@env) if OmniAuth.config.before_callback_phase
+              OmniAuth.config.before_callback_phase&.call(@env)
               call_app!
             end
           end

data/lib/devise_jwt_auth/rails/routes.rb

@@ -8,14 +8,13 @@ module ActionDispatch::Routing
       opts[:skip]        ||= []
 
       # check for ctrl overrides, fall back to defaults
-      sessions_ctrl          = opts[:controllers][:sessions] || 'devise_jwt_auth/sessions'
-      registrations_ctrl     = opts[:controllers][:registrations] || 'devise_jwt_auth/registrations'
-      passwords_ctrl         = opts[:controllers][:passwords] || 'devise_jwt_auth/passwords'
-      confirmations_ctrl     = opts[:controllers][:confirmations] || 'devise_jwt_auth/confirmations'
-      # token_validations_ctrl = opts[:controllers][:token_validations] || 'devise_jwt_auth/token_validations'
-      refresh_token_ctrl     = opts[:controllers][:refresh_token] || 'devise_jwt_auth/refresh_token'
-      omniauth_ctrl          = opts[:controllers][:omniauth_callbacks] || 'devise_jwt_auth/omniauth_callbacks'
-      unlocks_ctrl           = opts[:controllers][:unlocks] || 'devise_jwt_auth/unlocks'
+      sessions_ctrl      = opts[:controllers][:sessions] || 'devise_jwt_auth/sessions'
+      registrations_ctrl = opts[:controllers][:registrations] || 'devise_jwt_auth/registrations'
+      passwords_ctrl     = opts[:controllers][:passwords] || 'devise_jwt_auth/passwords'
+      confirmations_ctrl = opts[:controllers][:confirmations] || 'devise_jwt_auth/confirmations'
+      refresh_token_ctrl = opts[:controllers][:refresh_token] || 'devise_jwt_auth/refresh_token'
+      omniauth_ctrl      = opts[:controllers][:omniauth_callbacks] || 'devise_jwt_auth/omniauth_callbacks'
+      unlocks_ctrl       = opts[:controllers][:unlocks] || 'devise_jwt_auth/unlocks'
 
       # define devise controller mappings
       controllers = { sessions: sessions_ctrl,
@@ -26,7 +25,7 @@ module ActionDispatch::Routing
       controllers[:unlocks] = unlocks_ctrl if unlocks_ctrl
 
       # remove any unwanted devise modules
-      opts[:skip].each{ |item| controllers.delete(item) }
+      opts[:skip].each { |item| controllers.delete(item) }
 
       devise_for resource.pluralize.underscore.gsub('/', '_').to_sym,
                  class_name: resource,
@@ -44,12 +43,12 @@ module ActionDispatch::Routing
 
         # clear scope so controller routes aren't namespaced
         @scope = ActionDispatch::Routing::Mapper::Scope.new(
-          path:         '',
+          path: '',
           shallow_path: '',
-          constraints:  {},
-          defaults:     {},
-          options:      {},
-          parent:       nil
+          constraints: {},
+          defaults: {},
+          options: {},
+          parent: nil
         )
 
         mapping_name = resource.underscore.gsub('/', '_')
@@ -57,22 +56,34 @@ module ActionDispatch::Routing
 
         devise_scope mapping_name.to_sym do
           # path to refresh access tokens
-          get "#{full_path}/refresh_token", controller: refresh_token_ctrl.to_s, action: 'show' if !opts[:skip].include?(:refresh_token)
-          # get "#{full_path}/validate_token", controller: token_validations_ctrl.to_s, action: 'validate_token' if !opts[:skip].include?(:token_validations)
+          unless opts[:skip].include?(:refresh_token)
+            get "#{full_path}/refresh_token", controller: refresh_token_ctrl.to_s, action: 'show'
+          end
 
           # omniauth routes. only define if omniauth is installed and not skipped.
           if defined?(::OmniAuth) && !opts[:skip].include?(:omniauth_callbacks)
-            match "#{full_path}/failure",             controller: omniauth_ctrl, action: 'omniauth_failure', via: [:get]
-            match "#{full_path}/:provider/callback",  controller: omniauth_ctrl, action: 'omniauth_success', via: [:get]
-
-            match "#{DeviseJwtAuth.omniauth_prefix}/:provider/callback", controller: omniauth_ctrl, action: 'redirect_callbacks', via: [:get, :post]
-            match "#{DeviseJwtAuth.omniauth_prefix}/failure", controller: omniauth_ctrl, action: 'omniauth_failure', via: [:get, :post]
+            match "#{full_path}/failure",
+                  controller: omniauth_ctrl,
+                  action: 'omniauth_failure',
+                  via: [:get]
+            match "#{full_path}/:provider/callback",
+                  controller: omniauth_ctrl,
+                  action: 'omniauth_success',
+                  via: [:get]
+            match "#{DeviseJwtAuth.omniauth_prefix}/:provider/callback",
+                  controller: omniauth_ctrl,
+                  action: 'redirect_callbacks',
+                  via: [:get, :post]
+            match "#{DeviseJwtAuth.omniauth_prefix}/failure",
+                  controller: omniauth_ctrl,
+                  action: 'omniauth_failure',
+                  via: [:get, :post]
 
             # preserve the resource class thru oauth authentication by setting name of
             # resource as "resource_class" param
-            match "#{full_path}/:provider", to: redirect{ |params, request|
+            match "#{full_path}/:provider", to: redirect { |params, request|
               # get the current querystring
-              qs = CGI::parse(request.env['QUERY_STRING'])
+              qs = CGI.parse(request.env['QUERY_STRING'])
 
               # append name of current resource
               qs['resource_class'] = [resource]
@@ -80,7 +91,7 @@ module ActionDispatch::Routing
 
               set_omniauth_path_prefix!(DeviseJwtAuth.omniauth_prefix)
 
-              redirect_params = {}.tap { |hash| qs.each{ |k, v| hash[k] = v.first } }
+              redirect_params = {}.tap { |hash| qs.each { |k, v| hash[k] = v.first } }
 
               if DeviseJwtAuth.redirect_whitelist
                 redirect_url = request.params['auth_origin_url']

data/lib/devise_jwt_auth/token_factory.rb

@@ -1,9 +1,10 @@
+# frozen_string_literal: true
+
 require 'jwt'
 
 module DeviseJwtAuth
   # A token management factory which allow generate token objects and check them.
   module TokenFactory
-
     def self.create_refresh_token(payload)
       if payload[:exp].blank? && payload['exp'].blank?
         payload[:exp] = (Time.zone.now + DeviseJwtAuth.refresh_token_lifespan).to_i
@@ -33,7 +34,7 @@ module DeviseJwtAuth
     rescue TypeError
       {}
     end
-    
+
     def self.decode_access_token(token)
       JWT.decode(token, DeviseJwtAuth.access_token_encryption_key).first
     rescue JWT::ExpiredSignature