jwt_api_auth 0.0.1.pre.3 → 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/jwt_api_auth/application_controller.rb +2 -14
  3. data/app/controllers/jwt_api_auth/authentication_controller.rb +4 -1
  4. data/lib/jwt_api_auth.rb +8 -0
  5. data/lib/jwt_api_auth/authentication.rb +31 -0
  6. data/lib/jwt_api_auth/version.rb +1 -1
  7. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed0ceb76ea7d4dddf1e1d38c5ffd79b40a1df043bf0c2e41e2fe22257d7f0121
4
- data.tar.gz: a9d5bbee9fa0306909fc1f82df818429028c441caf12ecbf1d84298f90f463c9
3
+ metadata.gz: 7441f7b62410f35d8fc01fcafd27930b0dbc2fd3db708ca0e21ebea89e2c27b8
4
+ data.tar.gz: 7f936398e7b8d7e448817664c4e5ac4534bd6aa50029d5cd897bcc66281ffc20
5
5
  SHA512:
6
- metadata.gz: 34360291d4cd06e99cd5bbf8024fef71e061f306b61c593503b03be7a422ca301765c01c8593eb9f2cf6f7f52bbd92822daca87f162c0fe659454fa9b5ae3396
7
- data.tar.gz: 58c750eef7a477774a57b98e9a3ec221dbd28540aa7b0750e8a27456b97c314c108f20243e77c5f1bf2fe079921b13ea6ec1bc9cc59f1318f06146085f80fb63
6
+ metadata.gz: f67477f665a448748c2e043495208ce5d27c1ac9079504cf4818640fc2c00f99832c83537cb5a7eeba52d6dc0318d9b84f1f61bd244dc88cb4c7bf1e0fb41eb4
7
+ data.tar.gz: ad95ac8d77cc31a108647ad1a057f1c15f77112e25d57e91cbfc53b3f9504ebf484023ab9e4cac4f86a97c599698e62b56f50f37abb70c7178ca7943ad9763f5
data/app/controllers/jwt_api_auth/application_controller.rb CHANGED
@@ -2,24 +2,12 @@
2
2
 
3
3
  module JwtApiAuth
4
4
  class ApplicationController < ActionController::Base
5
- skip_before_action :verify_authenticity_token
6
- before_action :authenticate_user
5
+ include JwtApiAuth::Authentication
7
6
 
8
- rescue_from ::JWT::DecodeError do
9
- head :unauthorized
10
- end
7
+ skip_before_action :verify_authenticity_token
11
8
 
12
9
  rescue_from ActiveRecord::RecordNotFound do
13
10
  head :not_found
14
11
  end
15
-
16
- private
17
-
18
- def authenticate_user
19
- token = request.headers['Authorization']&.split('Bearer ')&.last
20
- ::JWT.decode token, JwtApiAuth.token_secret.call, true, { algorithm: 'HS256' }
21
-
22
- head :unauthorized unless token
23
- end
24
12
  end
25
13
  end
data/app/controllers/jwt_api_auth/authentication_controller.rb CHANGED
@@ -54,7 +54,10 @@ module JwtApiAuth
54
54
  end
55
55
 
56
56
  def payload
57
- { sub: resource.id }
57
+ {
58
+ sub: resource.id,
59
+ aud: JwtApiAuth.token_audience
60
+ }.delete_if { |_key, value| value.blank? }
58
61
  end
59
62
 
60
63
  def token
data/lib/jwt_api_auth.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  require 'jwt'
4
4
  require 'jwt_api_auth/engine'
5
5
  require 'jwt_api_auth/helpers'
6
+ require 'jwt_api_auth/authentication'
6
7
 
7
8
  module JwtApiAuth
8
9
  ActiveSupport.on_load(:action_controller) do
@@ -23,4 +24,11 @@ module JwtApiAuth
23
24
 
24
25
  mattr_accessor :refresh_token_model
25
26
  self.refresh_token_model = :refresh_token
27
+
28
+ mattr_accessor :token_audience
29
+ self.token_audience = nil
30
+
31
+ def self.setup
32
+ yield self
33
+ end
26
34
  end
data/lib/jwt_api_auth/authentication.rb ADDED
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module JwtApiAuth
4
+ module Authentication
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ before_action :authenticate_user
9
+
10
+ rescue_from ::JWT::DecodeError do
11
+ head :unauthorized
12
+ end
13
+ end
14
+
15
+ private
16
+
17
+ def authenticate_user
18
+ token = request.headers['Authorization']&.split('Bearer ')&.last
19
+ options = { algorithm: 'HS256' }
20
+
21
+ if JwtApiAuth.token_audience.present?
22
+ options[:aud] = JwtApiAuth.token_audience.map(&:to_s)
23
+ options[:verify_aud] = true
24
+ end
25
+
26
+ ::JWT.decode token, JwtApiAuth.token_secret.call, true, options
27
+
28
+ head :unauthorized unless token
29
+ end
30
+ end
31
+ end
data/lib/jwt_api_auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JwtApiAuth
4
- VERSION = '0.0.1.pre.3'
4
+ VERSION = '0.0.1'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt_api_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1.pre.3
4
+ version: 0.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cristian Stügelmayer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-21 00:00:00.000000000 Z
11
+ date: 2020-12-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt
@@ -269,6 +269,7 @@ files:
269
269
  - app/views/layouts/jwt_api_auth/application.html.erb
270
270
  - config/routes.rb
271
271
  - lib/jwt_api_auth.rb
272
+ - lib/jwt_api_auth/authentication.rb
272
273
  - lib/jwt_api_auth/engine.rb
273
274
  - lib/jwt_api_auth/helpers.rb
274
275
  - lib/jwt_api_auth/version.rb
@@ -289,9 +290,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
289
290
  version: '0'
290
291
  required_rubygems_version: !ruby/object:Gem::Requirement
291
292
  requirements:
292
- - - ">"
293
+ - - ">="
293
294
  - !ruby/object:Gem::Version
294
- version: 1.3.1
295
+ version: '0'
295
296
  requirements: []
296
297
  rubygems_version: 3.0.8
297
298
  signing_key: