has_jwt_token 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 445d49f22461e8ad189d361639f786cea6723f1e7126a8510e0089879e6c9272
-  data.tar.gz: '03580907964370e9611b4aff79526bf2f0ef2aa59e4c8728d8770d3e4448af45'
+  metadata.gz: 2ad68b66dda0ed71107ef9ee9437ab28c22ac3a67fd1748a93c16ccf5bc3441e
+  data.tar.gz: 638f7aafcad887e610ee30db1146c41ebe7d436444a2a34aa87985beee99adc0
 SHA512:
-  metadata.gz: a6d5ab98751e620b5f0f46b4283e127a9e7151e4d615d60bb194186d28cf24a36c426fe0612df17d7d40eee26f30e0a53904034694003d5184a83a669e5d67d7
-  data.tar.gz: d2d841bdb59c585d0bd52aa90b94b6d69d64ac309a1753431c954172b0996455290cef3411d2811ea59216a3184cea9de736d5eb92ad95fdec109b2696428b0d
+  metadata.gz: ccc67e129726ec0e7c5b78a46db992051b55d37c405f366cdf6477d333f685dedf5599288561fc30d5ee6bb4d29a7cbe714169544ef268635cc7c21d148ef868
+  data.tar.gz: '08efd1b82ccdf00f5459c02a64e845e2eba02bb1b582b2a5c3abe8f13769c0dc53f82e4b9ecdd9208daac06bc13d49bfd10023e313996afc2615056296b81f8b'

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    has_jwt_token (0.2.1)
+    has_jwt_token (0.2.2)
       bcrypt
       jwt
       rails (>= 5.0, < 7.0)

data/README.md

@@ -2,7 +2,7 @@
 
 HasJwtToken provides JWT authetication for models which are kean to use `has_secure_password` in Rails app and wants to use it to grant jwt tokens.
 
-This gem is build on top of [Ruby's JWT](https://github.com/jwt/ruby-jwt) gem and it implements `JWT.encode` and `JWT.decode` methods.
+This gem is build on top of [Ruby's JWT](https://github.com/jwt/ruby-jwt) gem and it implements `JWT.encode` and `JWT.decode` (with validation enabled) methods.
 
 ## Installation
 
@@ -53,7 +53,7 @@ end
 user = User.last
 
 user.authenicate(password) # => user with @token
-user.auhtenticate_with_jwt(token) # => user with @token
+User.find_with_jwt(token) # => user with @token
 ```
 
 ## Roadmap

data/lib/has_jwt_token.rb

@@ -2,4 +2,5 @@
 
 require 'active_support/core_ext/module/delegation'
 require 'has_jwt_token/version'
+require 'has_jwt_token/errors'
 require 'has_jwt_token/model'

data/lib/has_jwt_token/authenticatable.rb

@@ -1,22 +1,63 @@
 # frozen_string_literal: true
 
-module Authenticatable
-  def authenticate(password)
-    super(password).tap do |authenticated|
-      @token = authenticated && encode || nil
+require 'has_jwt_token/jwt_proxy'
+
+module HasJwtToken
+  module Authenticatable
+    module ClassMethods
+      def find_with_jwt(jwt_token)
+        payload = decode!(jwt_token)
+        find_by(authenticate_by => payload[authenticate_by])
+          &.tap { |model| model.token = model.encode }
+      rescue JWT::DecodeError
+        raise HasJwtToken::InvalidToken, 'Invalid token has been provided.'
+      end
+
+      private
+
+      def authenticate_by
+        @authenticate_by ||= begin
+          auth_by_attr = has_jwt_token.authenticate_by.to_s
+          return auth_by_attr if column_names.include?(auth_by_attr)
+
+          raise HasJwtToken::BadConfiguration, "#{auth_by_attr.inspect} must be one of model attributes."
+        end
+      end
+
+      def decode!(token)
+        HasJwtToken::JwtProxy.decode!(
+          token: token,
+          algorithm: has_jwt_token.algorithm,
+          secret: has_jwt_token.secret
+        )
+      end
     end
-  end
 
-  def authenticate_with_jwt(jwt_token)
-    authenticated = decode!(jwt_token)
+    def self.included(base)
+      base.extend(ClassMethods)
+    end
+
+    def authenticate(password)
+      super(password).tap do |authenticated|
+        @token = authenticated && encode || nil
+      end
+    end
+
+    def encode
+      HasJwtToken::JwtProxy.encode(
+        algorithm: algorithm,
+        payload: model_payload.merge(claims_payload),
+        secret: secret,
+        header_fields: header_fields
+      )
+    end
+
+    private
+
+    delegate :algorithm, :secret, :model_payload, :claims_payload, :header_fields, to: :has_jwt_token
 
-    if authenticated
-      @token = encode
-      self
-    else
-      @token = nil
+    def has_jwt_token
+      @has_jwt_token ||= self.class.has_jwt_token(self)
     end
-  rescue JWT::DecodeError
-    nil
   end
 end

data/lib/has_jwt_token/errors.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module HasJwtToken
+  HasJwtTokenError = Class.new(StandardError)
+
+  class InvalidToken < HasJwtTokenError; end
+  class BadConfiguration < HasJwtTokenError; end
+end

data/lib/has_jwt_token/has_jwt_model_configuration.rb

@@ -7,9 +7,7 @@ module HasJwtToken
     def has_jwt_token(model = nil)
       @has_jwt_token ||= JwtConfiguration.new
       yield(@has_jwt_token) if block_given?
-      @has_jwt_token.tap do |config|
-        config.model = model if model
-      end
+      @has_jwt_token.tap { |jwt| jwt.model = model if model }
     end
   end
 end

data/lib/has_jwt_token/jwt_configuration.rb

@@ -2,6 +2,7 @@
 
 module HasJwtToken
   class JwtConfiguration
+    DEFAULT_AUTH_ATTRIBUTE = :id
     CLAIMS = {
       expiration_time: :exp,
       not_before_time: :nbf,
@@ -57,7 +58,8 @@ module HasJwtToken
       end
     end
 
-    def payload(name = nil, value = nil)
+    def payload(name = nil, value: nil, auth_by: false)
+      @authenticate_by = name if auth_by
       @payload[name] = value || ->(model) { model.respond_to?(name) && model.public_send(name) } if name
     end
 
@@ -77,5 +79,9 @@ module HasJwtToken
         val.is_a?(Proc) ? val.call : val
       end
     end
+
+    def authenticate_by
+      @authenticate_by || DEFAULT_AUTH_ATTRIBUTE
+    end
   end
 end

data/lib/has_jwt_token/jwt_proxy.rb

@@ -4,31 +4,14 @@ require 'jwt'
 
 module HasJwtToken
   class JwtProxy
-    attr_reader :algorithm, :payload, :secret, :header_fields
+    class << self
+      def encode(payload:, secret: '', algorithm: '', header_fields: {})
+        JWT.encode(payload, secret, algorithm, header_fields)
+      end
 
-    def initialize(algorithm: '', payload: {}, secret: '', header_fields: {})
-      @algorithm = algorithm
-      @payload = payload
-      @secret = secret
-      @header_fields = header_fields
-    end
-
-    def encode
-      JWT.encode(payload, secret, algorithm, header_fields)
-    end
-
-    def decode(token)
-      JWT.decode(token, secret, false, algorithm: algorithm)[0]
-    end
-
-    def decode!(token)
-      JWT.decode(token, secret, true, algorithm: algorithm)[0]
-    end
-
-    def valid?(token)
-      decode!(token) && true
-    rescue JWT::DecodeError
-      false
+      def decode!(token:, secret: '', algorithm: '')
+        JWT.decode(token, secret, true, algorithm: algorithm)[0]
+      end
     end
   end
 end

data/lib/has_jwt_token/model.rb

@@ -4,18 +4,16 @@ require 'active_model'
 require 'bcrypt'
 require 'has_jwt_token/authenticatable'
 require 'has_jwt_token/has_jwt_model_configuration'
-require 'has_jwt_token/jwt_tokenable'
 
 module HasJwtToken
   module Model
-    attr_reader :token
+    attr_accessor :token
 
     def self.included(base)
       base.include(ActiveModel::SecurePassword)
       base.has_secure_password
       base.include(Authenticatable)
       base.extend(HasJwtModelConfiguration)
-      base.include(JwtTokenable)
     end
   end
 end

data/lib/has_jwt_token/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module HasJwtToken
-  VERSION = '0.2.1'
+  VERSION = '0.2.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: has_jwt_token
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Jokūbas Pučinskas
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-11-06 00:00:00.000000000 Z
+date: 2021-01-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -167,10 +167,10 @@ files:
 - has_jwt_token.gemspec
 - lib/has_jwt_token.rb
 - lib/has_jwt_token/authenticatable.rb
+- lib/has_jwt_token/errors.rb
 - lib/has_jwt_token/has_jwt_model_configuration.rb
 - lib/has_jwt_token/jwt_configuration.rb
 - lib/has_jwt_token/jwt_proxy.rb
-- lib/has_jwt_token/jwt_tokenable.rb
 - lib/has_jwt_token/model.rb
 - lib/has_jwt_token/version.rb
 homepage: https://github.com/pucinsk/has_jwt_token

data/lib/has_jwt_token/jwt_tokenable.rb

@@ -1,44 +0,0 @@
-# frozen_string_literal: true
-
-require 'has_jwt_token/jwt_proxy'
-
-module HasJwtToken
-  module JwtTokenable
-    delegate :algorithm, :secret, :claims_payload, :header_fields, to: :has_jwt_token
-
-    def encode
-      with_jwt_configuration(&:encode)
-    end
-
-    def decode(token)
-      with_jwt_configuration { |jwt| jwt.decode(token) }
-    end
-
-    def decode!(token)
-      with_jwt_configuration { |jwt| jwt.decode!(token) }
-    end
-
-    def has_jwt_token
-      self.class.has_jwt_token(self)
-    end
-
-    private
-
-    def payload
-      @payload ||= has_jwt_token.model_payload.merge(claims_payload)
-    end
-
-    def with_jwt_configuration
-      yield(jwt_proxy)
-    end
-
-    def jwt_proxy
-      @jwt_proxy ||= JwtProxy.new(
-        algorithm: algorithm,
-        payload: payload,
-        secret: secret,
-        header_fields: header_fields
-      )
-    end
-  end
-end