jwt_api_auth 0.0.1.pre.2 → 0.0.1.pre.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 28b2ffb88b8c174666626ded4fd860ae53e959f5ea7175fa8da868082760f48c
|
|
4
|
+
data.tar.gz: fdd742dd754b19af9b1049d03a1ee808f8c1b6948c13f1edaa49aa59e2f07f48
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1fa57315afa1679b7697d3f9b89c31ff0b78477c20d357b1ae13d407fdc2484998ec3bb75d80cbc49e439eef08d84dc3a69a581af8107f453040113efa663ac8
|
|
7
|
+
data.tar.gz: 58bc3d32d241422879b91eae44926b6d4225422698dce01e0483b7bda0b3967731aefc562e13589d9cc214cc5017e8c3c38da16ae1159284bfed4c76c1b8cf7f
|
|
@@ -2,24 +2,12 @@
|
|
|
2
2
|
|
|
3
3
|
module JwtApiAuth
|
|
4
4
|
class ApplicationController < ActionController::Base
|
|
5
|
-
|
|
6
|
-
before_action :authenticate_user
|
|
5
|
+
include JwtApiAuth::Authentication
|
|
7
6
|
|
|
8
|
-
|
|
9
|
-
head :unauthorized
|
|
10
|
-
end
|
|
7
|
+
skip_before_action :verify_authenticity_token
|
|
11
8
|
|
|
12
9
|
rescue_from ActiveRecord::RecordNotFound do
|
|
13
10
|
head :not_found
|
|
14
11
|
end
|
|
15
|
-
|
|
16
|
-
private
|
|
17
|
-
|
|
18
|
-
def authenticate_user
|
|
19
|
-
token = request.headers['Authorization']&.split('Bearer ')&.last
|
|
20
|
-
JWT.decode token, JwtApiAuth.token_secret.call, true, { algorithm: 'HS256' }
|
|
21
|
-
|
|
22
|
-
head :unauthorized unless token
|
|
23
|
-
end
|
|
24
12
|
end
|
|
25
13
|
end
|
|
@@ -54,11 +54,14 @@ module JwtApiAuth
|
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
def payload
|
|
57
|
-
{
|
|
57
|
+
{
|
|
58
|
+
sub: resource.id,
|
|
59
|
+
aud: JwtApiAuth.token_audience
|
|
60
|
+
}.delete_if { |_key, value| value.blank? }
|
|
58
61
|
end
|
|
59
62
|
|
|
60
63
|
def token
|
|
61
|
-
JWT.encode payload, JwtApiAuth.token_secret.call, 'HS256'
|
|
64
|
+
::JWT.encode payload, JwtApiAuth.token_secret.call, 'HS256'
|
|
62
65
|
end
|
|
63
66
|
end
|
|
64
67
|
end
|
data/lib/jwt_api_auth.rb
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
require 'jwt'
|
|
4
4
|
require 'jwt_api_auth/engine'
|
|
5
5
|
require 'jwt_api_auth/helpers'
|
|
6
|
+
require 'jwt_api_auth/authentication'
|
|
6
7
|
|
|
7
8
|
module JwtApiAuth
|
|
8
9
|
ActiveSupport.on_load(:action_controller) do
|
|
@@ -23,4 +24,11 @@ module JwtApiAuth
|
|
|
23
24
|
|
|
24
25
|
mattr_accessor :refresh_token_model
|
|
25
26
|
self.refresh_token_model = :refresh_token
|
|
27
|
+
|
|
28
|
+
mattr_accessor :token_audience
|
|
29
|
+
self.token_audience = nil
|
|
30
|
+
|
|
31
|
+
def self.setup
|
|
32
|
+
yield self
|
|
33
|
+
end
|
|
26
34
|
end
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module JwtApiAuth
|
|
4
|
+
module Authentication
|
|
5
|
+
extend ActiveSupport::Concern
|
|
6
|
+
|
|
7
|
+
included do
|
|
8
|
+
before_action :authenticate_user
|
|
9
|
+
|
|
10
|
+
rescue_from ::JWT::DecodeError do
|
|
11
|
+
head :unauthorized
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
private
|
|
16
|
+
|
|
17
|
+
def authenticate_user
|
|
18
|
+
token = request.headers['Authorization']&.split('Bearer ')&.last
|
|
19
|
+
options = { algorithm: 'HS256' }
|
|
20
|
+
|
|
21
|
+
if JwtApiAuth.token_audience.present?
|
|
22
|
+
options[:aud] = JwtApiAuth.token_audience.map(&:to_s)
|
|
23
|
+
options[:verify_aud] = true
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
::JWT.decode token, JwtApiAuth.token_secret.call, true, options
|
|
27
|
+
|
|
28
|
+
head :unauthorized unless token
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
data/lib/jwt_api_auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt_api_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.1.pre.
|
|
4
|
+
version: 0.0.1.pre.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Cristian Stügelmayer
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-12-
|
|
11
|
+
date: 2020-12-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|
|
@@ -269,6 +269,7 @@ files:
|
|
|
269
269
|
- app/views/layouts/jwt_api_auth/application.html.erb
|
|
270
270
|
- config/routes.rb
|
|
271
271
|
- lib/jwt_api_auth.rb
|
|
272
|
+
- lib/jwt_api_auth/authentication.rb
|
|
272
273
|
- lib/jwt_api_auth/engine.rb
|
|
273
274
|
- lib/jwt_api_auth/helpers.rb
|
|
274
275
|
- lib/jwt_api_auth/version.rb
|