devise_token_authenticatable 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +8 -0
- data/Gemfile +5 -0
- data/LICENSE.txt +21 -0
- data/README.md +45 -0
- data/Rakefile +3 -0
- data/devise_token_authenticatable.gemspec +25 -0
- data/lib/devise_token_authenticatable/controllers/token_authenticatable.rb +25 -0
- data/lib/devise_token_authenticatable/models/token_authenticatable.rb +17 -0
- data/lib/devise_token_authenticatable/strategies/token_authenticatable.rb +59 -0
- data/lib/devise_token_authenticatable/version.rb +3 -0
- data/lib/devise_token_authenticatable.rb +5 -0
- metadata +117 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 4275b7871fcc7e2710d5d2011d4fa8c0844d74ec2bbb717714c4ed741e79d150
|
4
|
+
data.tar.gz: 8c9f52885cdb7a686b2d465b3ccbc0d2c210973feb78975c1b682f922367c2ce
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a8407d2558934e2b4db0365728aea93a3f12c1b4e67b871747c5793d392332fc73f6b5a4ecf526af0f292bff4b34fa0646479af534a90d9ab7c60cd21c971c61
|
7
|
+
data.tar.gz: 6891b6fde487ccc1045aa1012b5c6eaedb0c38f44e7fc8e14a2e093bcfff8202c53eeead214f45e87d2893bdce1373b73bfa74b7946fd14a97e2d1517e6993f9
|
data/.gitignore
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2018 Jonathan PHILIPPE
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
13
|
+
all copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
21
|
+
THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
# DeviseTokenable
|
2
|
+
|
3
|
+
## Installation
|
4
|
+
|
5
|
+
Add this line to your application's Gemfile:
|
6
|
+
|
7
|
+
```ruby
|
8
|
+
gem 'devise_token_authenticatable'
|
9
|
+
```
|
10
|
+
|
11
|
+
install it yourself as:
|
12
|
+
|
13
|
+
Customize Devise::SessionsController. You need to create and return token in #create
|
14
|
+
|
15
|
+
```ruby
|
16
|
+
class Users::SessionsController < Devise::SessionsController
|
17
|
+
def create
|
18
|
+
super do
|
19
|
+
set_user_access_token!
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
```
|
24
|
+
|
25
|
+
Customize Devise::RegistrationsController. add this code
|
26
|
+
|
27
|
+
```ruby
|
28
|
+
class Users::RegistrationsController < Devise::RegistrationsController
|
29
|
+
prepend_before_action :set_user_access_token!, only: %i[edit update destroy]
|
30
|
+
end
|
31
|
+
```
|
32
|
+
|
33
|
+
Add this in your application controller
|
34
|
+
|
35
|
+
```ruby
|
36
|
+
class ApplicationController < ActionController::Base
|
37
|
+
include Devise::Controllers::TokenAuthenticatable
|
38
|
+
end
|
39
|
+
```
|
40
|
+
|
41
|
+
Use "before_action :token_authenticate_user!" instead of "before_action :authenticate_user!"
|
42
|
+
|
43
|
+
## License
|
44
|
+
|
45
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
data/Rakefile
ADDED
@@ -0,0 +1,25 @@
|
|
1
|
+
lib = File.expand_path('../lib', __FILE__)
|
2
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
3
|
+
require 'devise_token_authenticatable/version'
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = 'devise_token_authenticatable'
|
7
|
+
spec.version = DeviseTokenAuthenticatable::VERSION
|
8
|
+
spec.authors = ['Jonathan PHILIPPE']
|
9
|
+
spec.email = ['pretrine@gmail.com']
|
10
|
+
|
11
|
+
spec.summary = %q{Write a short summary, because RubyGems requires one.}
|
12
|
+
spec.description = %q{Write a longer description or delete this line.}
|
13
|
+
spec.homepage = ''
|
14
|
+
spec.license = 'MIT'
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
17
|
+
f.match(%r{^(test|spec|features)/})
|
18
|
+
end
|
19
|
+
spec.require_paths = ['lib']
|
20
|
+
|
21
|
+
spec.add_dependency('devise', '~> 4.4', '>= 4.4.3')
|
22
|
+
spec.add_dependency('jwt', '~> 2.1')
|
23
|
+
spec.add_development_dependency 'bundler', '~> 1.16'
|
24
|
+
spec.add_development_dependency 'rake', '~> 10.0'
|
25
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'jwt'
|
2
|
+
|
3
|
+
module Devise
|
4
|
+
module Controllers
|
5
|
+
module TokenAuthenticatable
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
included do
|
9
|
+
Devise.mappings.keys.each do |mapping|
|
10
|
+
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
11
|
+
def set_#{mapping}_access_token!
|
12
|
+
return unless #{mapping}_signed_in?
|
13
|
+
response.set_header("X-#{mapping.to_s.split('_').map(&:capitalize).join('-')}-Token", current_#{mapping}.access_token)
|
14
|
+
end
|
15
|
+
|
16
|
+
def token_authenticate_#{mapping}!(opts={})
|
17
|
+
authenticate_#{mapping}!(opts)
|
18
|
+
set_#{mapping}_access_token!
|
19
|
+
end
|
20
|
+
METHODS
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'jwt'
|
2
|
+
|
3
|
+
module Devise
|
4
|
+
module Models
|
5
|
+
module TokenAuthenticatable
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
def self.required_fields(klass)
|
9
|
+
[]
|
10
|
+
end
|
11
|
+
|
12
|
+
def access_token
|
13
|
+
Base64.strict_encode64(JWT.encode({ id: id, last_request_at: respond_to?(:timedout?) && Time.now.utc }, Devise.secret_key, 'HS256'))
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'devise/strategies/authenticatable'
|
2
|
+
require 'jwt'
|
3
|
+
|
4
|
+
module Devise
|
5
|
+
module Strategies
|
6
|
+
class TokenAuthenticatable < Authenticatable
|
7
|
+
attr_accessor :user_id, :last_request_at
|
8
|
+
|
9
|
+
def authenticate!
|
10
|
+
env['devise.skip_trackable'] = true
|
11
|
+
|
12
|
+
resource = user_id.present? && mapping.to.find_for_database_authentication(authentication_hash)
|
13
|
+
|
14
|
+
if validate(resource) { !resource.respond_to?(:timedout?) || !resource.timedout?(last_request_at) }
|
15
|
+
success!(resource)
|
16
|
+
end
|
17
|
+
|
18
|
+
fail(:timeout) unless resource
|
19
|
+
end
|
20
|
+
|
21
|
+
def valid?
|
22
|
+
valid_for_http_auth?
|
23
|
+
end
|
24
|
+
|
25
|
+
def store?
|
26
|
+
super && !mapping.to.skip_session_storage.include?(authentication_type)
|
27
|
+
end
|
28
|
+
|
29
|
+
private
|
30
|
+
|
31
|
+
def valid_for_http_auth?
|
32
|
+
request.authorization && with_authentication_hash(:http_auth, http_auth_hash)
|
33
|
+
end
|
34
|
+
|
35
|
+
def with_authentication_hash(auth_type, auth_values)
|
36
|
+
self.authentication_hash, self.authentication_type = {}, auth_type
|
37
|
+
self.user_id = auth_values['id']
|
38
|
+
self.last_request_at = auth_values['last_request_at']
|
39
|
+
|
40
|
+
parse_authentication_key_values(auth_values, ['id'])
|
41
|
+
end
|
42
|
+
|
43
|
+
def http_auth_hash
|
44
|
+
decode_credentials
|
45
|
+
end
|
46
|
+
|
47
|
+
def decode_credentials
|
48
|
+
return {} unless request.authorization && request.authorization =~ /^Bearer (.*)/mi
|
49
|
+
|
50
|
+
payload = JWT.decode(Base64.decode64($1), Devise.secret_key, true, { algorithm: 'HS256' }).first
|
51
|
+
payload.merge('payload' => Time.parse(payload['last_request_at'])) if payload['last_request_at'].present?
|
52
|
+
rescue JWT::DecodeError
|
53
|
+
{}
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)
|
@@ -0,0 +1,5 @@
|
|
1
|
+
require 'devise_token_authenticatable/controllers/token_authenticatable'
|
2
|
+
require 'devise_token_authenticatable/models/token_authenticatable'
|
3
|
+
require 'devise_token_authenticatable/strategies/token_authenticatable'
|
4
|
+
|
5
|
+
Devise.add_module :token_authenticatable, controller: true, model: true, strategy: true, no_input: true
|
metadata
ADDED
@@ -0,0 +1,117 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: devise_token_authenticatable
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Jonathan PHILIPPE
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2018-10-02 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: devise
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '4.4'
|
20
|
+
- - ">="
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 4.4.3
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '4.4'
|
30
|
+
- - ">="
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: 4.4.3
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
name: jwt
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - "~>"
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: '2.1'
|
40
|
+
type: :runtime
|
41
|
+
prerelease: false
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - "~>"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '2.1'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: bundler
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
requirements:
|
51
|
+
- - "~>"
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '1.16'
|
54
|
+
type: :development
|
55
|
+
prerelease: false
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
requirements:
|
58
|
+
- - "~>"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: '1.16'
|
61
|
+
- !ruby/object:Gem::Dependency
|
62
|
+
name: rake
|
63
|
+
requirement: !ruby/object:Gem::Requirement
|
64
|
+
requirements:
|
65
|
+
- - "~>"
|
66
|
+
- !ruby/object:Gem::Version
|
67
|
+
version: '10.0'
|
68
|
+
type: :development
|
69
|
+
prerelease: false
|
70
|
+
version_requirements: !ruby/object:Gem::Requirement
|
71
|
+
requirements:
|
72
|
+
- - "~>"
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '10.0'
|
75
|
+
description: Write a longer description or delete this line.
|
76
|
+
email:
|
77
|
+
- pretrine@gmail.com
|
78
|
+
executables: []
|
79
|
+
extensions: []
|
80
|
+
extra_rdoc_files: []
|
81
|
+
files:
|
82
|
+
- ".gitignore"
|
83
|
+
- Gemfile
|
84
|
+
- LICENSE.txt
|
85
|
+
- README.md
|
86
|
+
- Rakefile
|
87
|
+
- devise_token_authenticatable.gemspec
|
88
|
+
- lib/devise_token_authenticatable.rb
|
89
|
+
- lib/devise_token_authenticatable/controllers/token_authenticatable.rb
|
90
|
+
- lib/devise_token_authenticatable/models/token_authenticatable.rb
|
91
|
+
- lib/devise_token_authenticatable/strategies/token_authenticatable.rb
|
92
|
+
- lib/devise_token_authenticatable/version.rb
|
93
|
+
homepage: ''
|
94
|
+
licenses:
|
95
|
+
- MIT
|
96
|
+
metadata: {}
|
97
|
+
post_install_message:
|
98
|
+
rdoc_options: []
|
99
|
+
require_paths:
|
100
|
+
- lib
|
101
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
102
|
+
requirements:
|
103
|
+
- - ">="
|
104
|
+
- !ruby/object:Gem::Version
|
105
|
+
version: '0'
|
106
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ">="
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '0'
|
111
|
+
requirements: []
|
112
|
+
rubyforge_project:
|
113
|
+
rubygems_version: 2.7.7
|
114
|
+
signing_key:
|
115
|
+
specification_version: 4
|
116
|
+
summary: Write a short summary, because RubyGems requires one.
|
117
|
+
test_files: []
|