jwt-auth 2.1.2 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +5 -1
- data/jwt-auth.gemspec +1 -0
- data/lib/jwt/auth/authentication.rb +1 -4
- data/lib/jwt/auth/token.rb +9 -3
- data/lib/jwt/auth/version.rb +1 -1
- data/spec/spec_helper.rb +3 -1
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4fc903bec961f43790b39851ed465e98ee4db262
|
4
|
+
data.tar.gz: 2c54dc88944789086ec0ef2cfb11f33b3ec63520
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6caaeac87553b3fb5fc3ab08e7c0806cb01ba40cac74e8b11bf739517383687289dd9f157a22b81b9571029c58ff04cc8f499abb6e0059a2f32016d5c05aa13d
|
7
|
+
data.tar.gz: 89da2604d876f84c21836acfb6cf11e47c3d542a01514ee2d2d6d4b653c5f081f60ce670e1dfb67a3f532f8d3f9ae803af65e9bd3f65b1a19105cee23b62f8e4
|
data/README.md
CHANGED
@@ -77,11 +77,15 @@ class ApplicationController < ActionController::API
|
|
77
77
|
end
|
78
78
|
```
|
79
79
|
|
80
|
-
Set
|
80
|
+
Set callbacks on routes:
|
81
81
|
|
82
82
|
```ruby
|
83
83
|
class MyController < ApplicationController
|
84
|
+
# Authenticates user from request header
|
84
85
|
before_action :authenticate_user
|
86
|
+
|
87
|
+
# Renew token and set response header
|
88
|
+
after_action :renew_token
|
85
89
|
end
|
86
90
|
```
|
87
91
|
|
data/jwt-auth.gemspec
CHANGED
@@ -20,15 +20,12 @@ module JWT
|
|
20
20
|
#
|
21
21
|
def authenticate_user
|
22
22
|
raise JWT::Auth::UnauthorizedError unless jwt&.valid?
|
23
|
-
|
24
|
-
# Regenerate token (renews expiration date)
|
25
|
-
add_token_to_response
|
26
23
|
end
|
27
24
|
|
28
25
|
##
|
29
26
|
# Add JWT header to response
|
30
27
|
#
|
31
|
-
def
|
28
|
+
def renew_token
|
32
29
|
return unless jwt&.valid?
|
33
30
|
jwt.renew!
|
34
31
|
response.headers['Authorization'] = "Bearer #{jwt.to_jwt}"
|
data/lib/jwt/auth/token.rb
CHANGED
@@ -10,21 +10,26 @@ module JWT
|
|
10
10
|
# In-memory representation of JWT
|
11
11
|
#
|
12
12
|
class Token
|
13
|
-
attr_accessor :expiration, :subject
|
13
|
+
attr_accessor :expiration, :subject, :token_version
|
14
14
|
|
15
15
|
def valid?
|
16
|
-
|
16
|
+
return false if subject.nil? || expiration.nil? || token_version.nil?
|
17
|
+
return false if Time.at(expiration).past?
|
18
|
+
return false if token_version != subject.token_version
|
19
|
+
|
20
|
+
true
|
17
21
|
end
|
18
22
|
|
19
23
|
def renew!
|
20
24
|
self.expiration = nil
|
25
|
+
self.token_version = nil
|
21
26
|
end
|
22
27
|
|
23
28
|
def to_jwt
|
24
29
|
payload = {
|
25
30
|
:exp => expiration || JWT::Auth.token_lifetime.from_now.to_i,
|
26
31
|
:sub => subject.id,
|
27
|
-
:ver => subject.token_version
|
32
|
+
:ver => token_version || subject.token_version
|
28
33
|
}
|
29
34
|
JWT.encode payload, JWT::Auth.secret
|
30
35
|
end
|
@@ -41,6 +46,7 @@ module JWT
|
|
41
46
|
|
42
47
|
token = JWT::Auth::Token.new
|
43
48
|
token.expiration = payload['exp']
|
49
|
+
token.token_version = payload['ver']
|
44
50
|
|
45
51
|
find_method = JWT::Auth.model.respond_to?(:find_by_token) ? :find_by_token : :find_by
|
46
52
|
token.subject = JWT::Auth.model.send find_method, :id => payload['sub'], :token_version => payload['ver']
|
data/lib/jwt/auth/version.rb
CHANGED
data/spec/spec_helper.rb
CHANGED
@@ -1,7 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
require 'jwt/auth'
|
4
|
-
require 'rails'
|
4
|
+
# require 'rails'
|
5
|
+
|
6
|
+
require 'dummy/config/environment'
|
5
7
|
|
6
8
|
# This file was generated by the `rspec --init` command. Conventionally, all
|
7
9
|
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Florian Dejonckheere
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-05-
|
11
|
+
date: 2017-05-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -108,6 +108,20 @@ dependencies:
|
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
110
|
version: '3.5'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: byebug
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - ">="
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0'
|
118
|
+
type: :development
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - ">="
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: '0'
|
111
125
|
description: Authentication middleware for Rails API that uses JWTs, without depending
|
112
126
|
on Devise
|
113
127
|
email:
|