devise_token_authenticatable 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 4275b7871fcc7e2710d5d2011d4fa8c0844d74ec2bbb717714c4ed741e79d150
+  data.tar.gz: 8c9f52885cdb7a686b2d465b3ccbc0d2c210973feb78975c1b682f922367c2ce
+SHA512:
+  metadata.gz: a8407d2558934e2b4db0365728aea93a3f12c1b4e67b871747c5793d392332fc73f6b5a4ecf526af0f292bff4b34fa0646479af534a90d9ab7c60cd21c971c61
+  data.tar.gz: 6891b6fde487ccc1045aa1012b5c6eaedb0c38f44e7fc8e14a2e093bcfff8202c53eeead214f45e87d2893bdce1373b73bfa74b7946fd14a97e2d1517e6993f9

data/.gitignore

@@ -0,0 +1,8 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/Gemfile

@@ -0,0 +1,5 @@
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Jonathan PHILIPPE
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,45 @@
+# DeviseTokenable
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise_token_authenticatable'
+```
+
+install it yourself as:
+
+Customize Devise::SessionsController. You need to create and return token in #create
+
+```ruby
+class Users::SessionsController < Devise::SessionsController
+  def create
+    super do
+      set_user_access_token!
+    end
+  end
+end
+```
+
+Customize Devise::RegistrationsController. add this code
+
+```ruby
+class Users::RegistrationsController < Devise::RegistrationsController
+  prepend_before_action :set_user_access_token!, only: %i[edit update destroy]
+end
+```
+
+Add this in your application controller
+
+```ruby
+class ApplicationController < ActionController::Base
+  include Devise::Controllers::TokenAuthenticatable
+end
+```
+
+Use "before_action :token_authenticate_user!" instead of "before_action :authenticate_user!"
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,3 @@
+require 'bundler/gem_tasks'
+
+task default: :spec

data/devise_token_authenticatable.gemspec

@@ -0,0 +1,25 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise_token_authenticatable/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'devise_token_authenticatable'
+  spec.version       = DeviseTokenAuthenticatable::VERSION
+  spec.authors       = ['Jonathan PHILIPPE']
+  spec.email         = ['pretrine@gmail.com']
+
+  spec.summary       = %q{Write a short summary, because RubyGems requires one.}
+  spec.description   = %q{Write a longer description or delete this line.}
+  spec.homepage      = ''
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.require_paths = ['lib']
+
+  spec.add_dependency('devise', '~> 4.4', '>= 4.4.3')
+  spec.add_dependency('jwt', '~> 2.1')
+  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'rake', '~> 10.0'
+end

data/lib/devise_token_authenticatable/controllers/token_authenticatable.rb

@@ -0,0 +1,25 @@
+require 'jwt'
+
+module Devise
+  module Controllers
+    module TokenAuthenticatable
+      extend ActiveSupport::Concern
+
+      included do
+        Devise.mappings.keys.each do |mapping|
+          class_eval <<-METHODS, __FILE__, __LINE__ + 1
+            def set_#{mapping}_access_token!
+              return unless #{mapping}_signed_in?
+              response.set_header("X-#{mapping.to_s.split('_').map(&:capitalize).join('-')}-Token", current_#{mapping}.access_token)
+            end
+
+            def token_authenticate_#{mapping}!(opts={})
+              authenticate_#{mapping}!(opts)
+              set_#{mapping}_access_token!
+            end
+          METHODS
+        end
+      end
+    end
+  end
+end

data/lib/devise_token_authenticatable/models/token_authenticatable.rb

@@ -0,0 +1,17 @@
+require 'jwt'
+
+module Devise
+  module Models
+    module TokenAuthenticatable
+      extend ActiveSupport::Concern
+
+      def self.required_fields(klass)
+        []
+      end
+
+      def access_token
+        Base64.strict_encode64(JWT.encode({ id: id, last_request_at: respond_to?(:timedout?) && Time.now.utc }, Devise.secret_key, 'HS256'))
+      end
+    end
+  end
+end

data/lib/devise_token_authenticatable/strategies/token_authenticatable.rb

@@ -0,0 +1,59 @@
+require 'devise/strategies/authenticatable'
+require 'jwt'
+
+module Devise
+  module Strategies
+    class TokenAuthenticatable < Authenticatable
+      attr_accessor :user_id, :last_request_at
+
+      def authenticate!
+        env['devise.skip_trackable'] = true
+
+        resource = user_id.present? && mapping.to.find_for_database_authentication(authentication_hash)
+
+        if validate(resource) { !resource.respond_to?(:timedout?) || !resource.timedout?(last_request_at) }
+          success!(resource)
+        end
+
+        fail(:timeout) unless resource
+      end
+
+      def valid?
+        valid_for_http_auth?
+      end
+
+      def store?
+        super && !mapping.to.skip_session_storage.include?(authentication_type)
+      end
+
+    private
+
+      def valid_for_http_auth?
+        request.authorization && with_authentication_hash(:http_auth, http_auth_hash)
+      end
+
+      def with_authentication_hash(auth_type, auth_values)
+        self.authentication_hash, self.authentication_type = {}, auth_type
+        self.user_id = auth_values['id']
+        self.last_request_at = auth_values['last_request_at']
+
+        parse_authentication_key_values(auth_values, ['id'])
+      end
+
+      def http_auth_hash
+        decode_credentials
+      end
+
+      def decode_credentials
+        return {} unless request.authorization && request.authorization =~ /^Bearer (.*)/mi
+
+        payload = JWT.decode(Base64.decode64($1), Devise.secret_key, true, { algorithm: 'HS256' }).first
+        payload.merge('payload' => Time.parse(payload['last_request_at'])) if payload['last_request_at'].present?
+      rescue JWT::DecodeError
+        {}
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)

data/lib/devise_token_authenticatable/version.rb

@@ -0,0 +1,3 @@
+module DeviseTokenAuthenticatable
+  VERSION = '0.1.0'
+end

data/lib/devise_token_authenticatable.rb

@@ -0,0 +1,5 @@
+require 'devise_token_authenticatable/controllers/token_authenticatable'
+require 'devise_token_authenticatable/models/token_authenticatable'
+require 'devise_token_authenticatable/strategies/token_authenticatable'
+
+Devise.add_module :token_authenticatable, controller: true, model: true, strategy: true, no_input: true

metadata

@@ -0,0 +1,117 @@
+--- !ruby/object:Gem::Specification
+name: devise_token_authenticatable
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Jonathan PHILIPPE
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-10-02 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.4'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.4.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '4.4'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.4.3
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+description: Write a longer description or delete this line.
+email:
+- pretrine@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- devise_token_authenticatable.gemspec
+- lib/devise_token_authenticatable.rb
+- lib/devise_token_authenticatable/controllers/token_authenticatable.rb
+- lib/devise_token_authenticatable/models/token_authenticatable.rb
+- lib/devise_token_authenticatable/strategies/token_authenticatable.rb
+- lib/devise_token_authenticatable/version.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: Write a short summary, because RubyGems requires one.
+test_files: []