jwt-auth 2.1.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8095c74014d970773a09234afe5a12fa932f9ecd
4
- data.tar.gz: 521e99eba63ccb44626c5955fc3abdf5b1d5c5ee
3
+ metadata.gz: 4fc903bec961f43790b39851ed465e98ee4db262
4
+ data.tar.gz: 2c54dc88944789086ec0ef2cfb11f33b3ec63520
5
5
  SHA512:
6
- metadata.gz: 6e046e9d8bfe47c4366e1302285a4d94a9b4774739b3097e607670a247563775b9a607950fe98bc037cd12652dc624e33b8fa0cbe96a8e83ae6d356334ff3c99
7
- data.tar.gz: d8264bfd3fc7b48f1a9166e626c831df2dfece0790dd4aa288e4a943d80923079ae6f4502ce1df6f04e534c26059d5d72a0bdacf47e5fe82f80e1375b9caa764
6
+ metadata.gz: 6caaeac87553b3fb5fc3ab08e7c0806cb01ba40cac74e8b11bf739517383687289dd9f157a22b81b9571029c58ff04cc8f499abb6e0059a2f32016d5c05aa13d
7
+ data.tar.gz: 89da2604d876f84c21836acfb6cf11e47c3d542a01514ee2d2d6d4b653c5f081f60ce670e1dfb67a3f532f8d3f9ae803af65e9bd3f65b1a19105cee23b62f8e4
data/README.md CHANGED
@@ -77,11 +77,15 @@ class ApplicationController < ActionController::API
77
77
  end
78
78
  ```
79
79
 
80
- Set `before_action` on routes:
80
+ Set callbacks on routes:
81
81
 
82
82
  ```ruby
83
83
  class MyController < ApplicationController
84
+ # Authenticates user from request header
84
85
  before_action :authenticate_user
86
+
87
+ # Renew token and set response header
88
+ after_action :renew_token
85
89
  end
86
90
  ```
87
91
 
@@ -29,4 +29,5 @@ Gem::Specification.new do |spec|
29
29
  spec.add_development_dependency 'rake', '~> 12.0'
30
30
  spec.add_development_dependency 'rspec', '~> 3.5'
31
31
  spec.add_development_dependency 'rspec-rails', '~> 3.5'
32
+ spec.add_development_dependency 'byebug'
32
33
  end
@@ -20,15 +20,12 @@ module JWT
20
20
  #
21
21
  def authenticate_user
22
22
  raise JWT::Auth::UnauthorizedError unless jwt&.valid?
23
-
24
- # Regenerate token (renews expiration date)
25
- add_token_to_response
26
23
  end
27
24
 
28
25
  ##
29
26
  # Add JWT header to response
30
27
  #
31
- def add_token_to_response
28
+ def renew_token
32
29
  return unless jwt&.valid?
33
30
  jwt.renew!
34
31
  response.headers['Authorization'] = "Bearer #{jwt.to_jwt}"
@@ -10,21 +10,26 @@ module JWT
10
10
  # In-memory representation of JWT
11
11
  #
12
12
  class Token
13
- attr_accessor :expiration, :subject
13
+ attr_accessor :expiration, :subject, :token_version
14
14
 
15
15
  def valid?
16
- !subject.nil? && !expiration.nil? && Time.at(expiration).future?
16
+ return false if subject.nil? || expiration.nil? || token_version.nil?
17
+ return false if Time.at(expiration).past?
18
+ return false if token_version != subject.token_version
19
+
20
+ true
17
21
  end
18
22
 
19
23
  def renew!
20
24
  self.expiration = nil
25
+ self.token_version = nil
21
26
  end
22
27
 
23
28
  def to_jwt
24
29
  payload = {
25
30
  :exp => expiration || JWT::Auth.token_lifetime.from_now.to_i,
26
31
  :sub => subject.id,
27
- :ver => subject.token_version
32
+ :ver => token_version || subject.token_version
28
33
  }
29
34
  JWT.encode payload, JWT::Auth.secret
30
35
  end
@@ -41,6 +46,7 @@ module JWT
41
46
 
42
47
  token = JWT::Auth::Token.new
43
48
  token.expiration = payload['exp']
49
+ token.token_version = payload['ver']
44
50
 
45
51
  find_method = JWT::Auth.model.respond_to?(:find_by_token) ? :find_by_token : :find_by
46
52
  token.subject = JWT::Auth.model.send find_method, :id => payload['sub'], :token_version => payload['ver']
@@ -2,6 +2,6 @@
2
2
 
3
3
  module JWT
4
4
  module Auth
5
- VERSION = '2.1.2'
5
+ VERSION = '3.0.0'
6
6
  end
7
7
  end
@@ -1,7 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'jwt/auth'
4
- require 'rails'
4
+ # require 'rails'
5
+
6
+ require 'dummy/config/environment'
5
7
 
6
8
  # This file was generated by the `rspec --init` command. Conventionally, all
7
9
  # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt-auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.2
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Florian Dejonckheere
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-05-02 00:00:00.000000000 Z
11
+ date: 2017-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt
@@ -108,6 +108,20 @@ dependencies:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
110
  version: '3.5'
111
+ - !ruby/object:Gem::Dependency
112
+ name: byebug
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
111
125
  description: Authentication middleware for Rails API that uses JWTs, without depending
112
126
  on Devise
113
127
  email: