jwt_api_auth 0.0.1.pre.3 → 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/jwt_api_auth/application_controller.rb +2 -14
  3. data/app/controllers/jwt_api_auth/authentication_controller.rb +4 -1
  4. data/lib/jwt_api_auth.rb +8 -0
  5. data/lib/jwt_api_auth/authentication.rb +31 -0
  6. data/lib/jwt_api_auth/version.rb +1 -1
  7. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ed0ceb76ea7d4dddf1e1d38c5ffd79b40a1df043bf0c2e41e2fe22257d7f0121
4
- data.tar.gz: a9d5bbee9fa0306909fc1f82df818429028c441caf12ecbf1d84298f90f463c9
3
+ metadata.gz: 7441f7b62410f35d8fc01fcafd27930b0dbc2fd3db708ca0e21ebea89e2c27b8
4
+ data.tar.gz: 7f936398e7b8d7e448817664c4e5ac4534bd6aa50029d5cd897bcc66281ffc20
5
5
  SHA512:
6
- metadata.gz: 34360291d4cd06e99cd5bbf8024fef71e061f306b61c593503b03be7a422ca301765c01c8593eb9f2cf6f7f52bbd92822daca87f162c0fe659454fa9b5ae3396
7
- data.tar.gz: 58c750eef7a477774a57b98e9a3ec221dbd28540aa7b0750e8a27456b97c314c108f20243e77c5f1bf2fe079921b13ea6ec1bc9cc59f1318f06146085f80fb63
6
+ metadata.gz: f67477f665a448748c2e043495208ce5d27c1ac9079504cf4818640fc2c00f99832c83537cb5a7eeba52d6dc0318d9b84f1f61bd244dc88cb4c7bf1e0fb41eb4
7
+ data.tar.gz: ad95ac8d77cc31a108647ad1a057f1c15f77112e25d57e91cbfc53b3f9504ebf484023ab9e4cac4f86a97c599698e62b56f50f37abb70c7178ca7943ad9763f5
data/app/controllers/jwt_api_auth/application_controller.rb CHANGED
@@ -2,24 +2,12 @@
2
2
 
3
3
  module JwtApiAuth
4
4
  class ApplicationController < ActionController::Base
5
- skip_before_action :verify_authenticity_token
6
- before_action :authenticate_user
5
+ include JwtApiAuth::Authentication
7
6
 
8
- rescue_from ::JWT::DecodeError do
9
- head :unauthorized
10
- end
7
+ skip_before_action :verify_authenticity_token
11
8
 
12
9
  rescue_from ActiveRecord::RecordNotFound do
13
10
  head :not_found
14
11
  end
15
-
16
- private
17
-
18
- def authenticate_user
19
- token = request.headers['Authorization']&.split('Bearer ')&.last
20
- ::JWT.decode token, JwtApiAuth.token_secret.call, true, { algorithm: 'HS256' }
21
-
22
- head :unauthorized unless token
23
- end
24
12
  end
25
13
  end
data/app/controllers/jwt_api_auth/authentication_controller.rb CHANGED
@@ -54,7 +54,10 @@ module JwtApiAuth
54
54
  end
55
55
 
56
56
  def payload
57
- { sub: resource.id }
57
+ {
58
+ sub: resource.id,
59
+ aud: JwtApiAuth.token_audience
60
+ }.delete_if { |_key, value| value.blank? }
58
61
  end
59
62
 
60
63
  def token
data/lib/jwt_api_auth.rb CHANGED
@@ -3,6 +3,7 @@
3
3
  require 'jwt'
4
4
  require 'jwt_api_auth/engine'
5
5
  require 'jwt_api_auth/helpers'
6
+ require 'jwt_api_auth/authentication'
6
7
 
7
8
  module JwtApiAuth
8
9
  ActiveSupport.on_load(:action_controller) do
@@ -23,4 +24,11 @@ module JwtApiAuth
23
24
 
24
25
  mattr_accessor :refresh_token_model
25
26
  self.refresh_token_model = :refresh_token
27
+
28
+ mattr_accessor :token_audience
29
+ self.token_audience = nil
30
+
31
+ def self.setup
32
+ yield self
33
+ end
26
34
  end
data/lib/jwt_api_auth/authentication.rb ADDED
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ module JwtApiAuth
4
+ module Authentication
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ before_action :authenticate_user
9
+
10
+ rescue_from ::JWT::DecodeError do
11
+ head :unauthorized
12
+ end
13
+ end
14
+
15
+ private
16
+
17
+ def authenticate_user
18
+ token = request.headers['Authorization']&.split('Bearer ')&.last
19
+ options = { algorithm: 'HS256' }
20
+
21
+ if JwtApiAuth.token_audience.present?
22
+ options[:aud] = JwtApiAuth.token_audience.map(&:to_s)
23
+ options[:verify_aud] = true
24
+ end
25
+
26
+ ::JWT.decode token, JwtApiAuth.token_secret.call, true, options
27
+
28
+ head :unauthorized unless token
29
+ end
30
+ end
31
+ end
data/lib/jwt_api_auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JwtApiAuth
4
- VERSION = '0.0.1.pre.3'
4
+ VERSION = '0.0.1'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt_api_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1.pre.3
4
+ version: 0.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Cristian Stügelmayer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-12-21 00:00:00.000000000 Z
11
+ date: 2020-12-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt
@@ -269,6 +269,7 @@ files:
269
269
  - app/views/layouts/jwt_api_auth/application.html.erb
270
270
  - config/routes.rb
271
271
  - lib/jwt_api_auth.rb
272
+ - lib/jwt_api_auth/authentication.rb
272
273
  - lib/jwt_api_auth/engine.rb
273
274
  - lib/jwt_api_auth/helpers.rb
274
275
  - lib/jwt_api_auth/version.rb
@@ -289,9 +290,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
289
290
  version: '0'
290
291
  required_rubygems_version: !ruby/object:Gem::Requirement
291
292
  requirements:
292
- - - ">"
293
+ - - ">="
293
294
  - !ruby/object:Gem::Version
294
- version: 1.3.1
295
+ version: '0'
295
296
  requirements: []
296
297
  rubygems_version: 3.0.8
297
298
  signing_key: