foobara-auth 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/src/refresh_login.rb +14 -17
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 451c9723c4313a390e97e6fe35bdd3bc206884d56ce2e79be20fc0f79bf3009a
4
- data.tar.gz: b22db603ba6809fc5dca30a2f8e399f9566dbad2d01efbc79d6fe7e9e703176b
3
+ metadata.gz: 2294ad68967bcfb48ae829b39b3926d163c6652c918d9fc2b68e5df2f4b74cff
4
+ data.tar.gz: a0203c7d78f6720fb988779fa0ce7a8d72102a8dea69d91347b7b2eead8c6c6e
5
5
  SHA512:
6
- metadata.gz: 26d1575261570eac9162959e3724043a018961ecaa6fcde48739722800ee18a7e4c584756d7d3b83e81b3cc6cb96b60785d084c7726d93636464d7356e3d2c01
7
- data.tar.gz: a641df324a05554c870d812ead5a7d632b8b135419aede674e785c9f5dd7ecfb3fe2482dda39c96feb919da0e9cc5f7beb9b37f803c4a0e055b81122c58ffe5e
6
+ metadata.gz: 11827d66647dc3ccc4c8ed5a9aa77b4d6ffeb92d17d43cf286c2bcc3b5ddcb1bb85b287621e44f761b5aa95e765dc3f0e4f6c32299099ea8cab9ccdda55a5bee
7
+ data.tar.gz: d006943c733372ddbed6cd7d5714dc7f968c4bb69ccd376691d9f260575813ff70c503beedfdb0e0d310606c8c113b107fd4f29c4e553dd1307e23f9f18037a3
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## [0.0.4] - 2025-03-29
2
+
3
+ - Do not pass user into RefreshLogin
4
+
1
5
  ## [0.0.3] - 2025-03-28
2
6
 
3
7
  - Allow not having an email
data/src/refresh_login.rb CHANGED
@@ -18,10 +18,10 @@ module Foobara
18
18
  end
19
19
 
20
20
  depends_on CreateToken, VerifyToken
21
+ depends_on_entities Types::Token
21
22
 
22
23
  inputs do
23
- user Types::User, :required
24
- refresh_token_text :string, :required, :sensitive
24
+ refresh_token :string, :required, :sensitive
25
25
  # Can we get these TTLs off of the refresh token?
26
26
  token_ttl :integer, default: 30 * 60
27
27
  refresh_token_ttl :integer, default: 7 * 24 * 60 * 60
@@ -34,8 +34,7 @@ module Foobara
34
34
 
35
35
  def execute
36
36
  determine_refresh_token_id_and_secret
37
- load_refresh_token
38
- validate_refresh_token_belongs_to_user
37
+ load_refresh_token_record
39
38
  verify_refresh_token
40
39
  # Delete it instead maybe?
41
40
  mark_refresh_token_as_used
@@ -49,25 +48,19 @@ module Foobara
49
48
  tokens
50
49
  end
51
50
 
52
- attr_accessor :access_token, :new_refresh_token, :now, :expires_at, :refresh_token,
51
+ attr_accessor :access_token, :new_refresh_token, :now, :expires_at, :refresh_token_record,
53
52
  :refresh_token_id, :refresh_token_secret, :token_group
54
53
 
55
54
  def determine_refresh_token_id_and_secret
56
- self.refresh_token_id, self.refresh_token_secret = refresh_token_text.split("_")
55
+ self.refresh_token_id, self.refresh_token_secret = refresh_token.split("_")
57
56
  end
58
57
 
59
- def load_refresh_token
60
- self.refresh_token = Types::Token.load(refresh_token_id)
61
- end
62
-
63
- def validate_refresh_token_belongs_to_user
64
- unless user.refresh_tokens.any? { |token| token.id == refresh_token_id }
65
- add_runtime_error(RefreshTokenNotOwnedByUser.new(context: { refresh_token_id: }))
66
- end
58
+ def load_refresh_token_record
59
+ self.refresh_token_record = Types::Token.load(refresh_token_id)
67
60
  end
68
61
 
69
62
  def verify_refresh_token
70
- valid = run_subcommand!(VerifyToken, token_string: refresh_token_text)
63
+ valid = run_subcommand!(VerifyToken, token_string: refresh_token)
71
64
 
72
65
  unless valid[:verified]
73
66
  add_runtime_error(InvalidRefreshTokenError.new(context: { refresh_token_id: }))
@@ -75,7 +68,7 @@ module Foobara
75
68
  end
76
69
 
77
70
  def mark_refresh_token_as_used
78
- refresh_token.use_up!
71
+ refresh_token_record.use_up!
79
72
  end
80
73
 
81
74
  def determine_timestamps
@@ -93,6 +86,10 @@ module Foobara
93
86
  self.access_token = JWT.encode(payload, jwt_secret, "HS256")
94
87
  end
95
88
 
89
+ def user
90
+ @user ||= Types::User.that_owns(refresh_token_record, "refresh_tokens")
91
+ end
92
+
96
93
  def jwt_secret
97
94
  jwt_secret_text = ENV.fetch("JWT_SECRET", nil)
98
95
 
@@ -106,7 +103,7 @@ module Foobara
106
103
  end
107
104
 
108
105
  def determine_token_group
109
- self.token_group = refresh_token&.token_group || SecureRandom.uuid
106
+ self.token_group = refresh_token_record&.token_group || SecureRandom.uuid
110
107
  end
111
108
 
112
109
  def generate_new_refresh_token
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: foobara-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miles Georgi