RubyGems - jwt_api_auth - Versions diffs - 0.0.1.pre.5 → 0.0.2 - Mend

jwt_api_auth 0.0.1.pre.5 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/app/controllers/jwt_api_auth/authentication_controller.rb +4 -1
data/lib/jwt_api_auth/authentication.rb +8 -1
data/lib/jwt_api_auth/version.rb +1 -1
data/lib/jwt_api_auth.rb +4 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5cb12ec56ae2eb4d3de12a3651610fd2f10068876e22a79f5d19b2a1e8c87f51
-  data.tar.gz: a7de6b200b4b09751e0d827d6414c1da15b11c601aa3c4d6a78a83db0a2eba26
+  metadata.gz: 82f4da01fc8302efb2f44ab509f436ed767aa8f92941bce504a4922513b4a13a
+  data.tar.gz: ed4e6b9cb3881688ee1d67e57c558c164c8ea240b226726663e5d20be488e376
 SHA512:
-  metadata.gz: 2b962f0af973fe0571454cd51182b9d15abf2dd6d78f8fb5a5dd27aac3864be14d1d80e2b6289b4b987cedae0955788b2b11ef5ad3e7336ad01e8b9b0a87ab1e
-  data.tar.gz: 57801bd10539344e71911a8bd68eb95927f9c89477d63bf11d904bab00228790512de04c2b71f120bcbe23864f72b2dbff1d9c9b88ce949e340a4a027149af26
+  metadata.gz: '08ecf5e7903324c82e6d4d8e9b7ae213fcab1f143a84e4c411cb6e8cfdc47a65a28e4d06a88a6c374a50722c5f535a3aeb7b835ca5f23f787b301f36cccdc77c'
+  data.tar.gz: 715cbb2ce9e0b3a7b2227e02e1ae6ad83a83050f6dcef93930271d25b231841d18488286ea009057711d39d7bf2696e87330a07fffb3485106457d77c032c6f3

data/app/controllers/jwt_api_auth/authentication_controller.rb CHANGED Viewed

@@ -54,7 +54,10 @@ module JwtApiAuth
     end
     def payload
-      { sub: resource.id }
+      {
+        sub: resource.id,
+        aud: JwtApiAuth.token_audience
+      }.delete_if { |_key, value| value.blank? }
     end
     def token

data/lib/jwt_api_auth/authentication.rb CHANGED Viewed

@@ -16,7 +16,14 @@ module JwtApiAuth
     def authenticate_user
       token = request.headers['Authorization']&.split('Bearer ')&.last
-      ::JWT.decode token, JwtApiAuth.token_secret.call, true, { algorithm: 'HS256' }
+      options = { algorithm: 'HS256' }
+      if JwtApiAuth.token_audience.present?
+        options[:aud] = JwtApiAuth.token_audience.map(&:to_s)
+        options[:verify_aud] = true
+      end
+      ::JWT.decode token, JwtApiAuth.token_secret.call, true, options
       head :unauthorized unless token
     end

data/lib/jwt_api_auth/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module JwtApiAuth
-  VERSION = '0.0.1.pre.5'
+  VERSION = '0.0.2'
 end

data/lib/jwt_api_auth.rb CHANGED Viewed

@@ -17,7 +17,7 @@ module JwtApiAuth
   self.refresh_token_lifetime = 1.week
   mattr_accessor :token_secret
-  self.token_secret = -> { Rails.application.secrets.secret_key_base }
+  self.token_secret = -> { Rails.application.secrets.secret_key_base || Rails.application.secret_key_base }
   mattr_accessor :model
   self.model = :user
@@ -25,6 +25,9 @@ module JwtApiAuth
   mattr_accessor :refresh_token_model
   self.refresh_token_model = :refresh_token
+  mattr_accessor :token_audience
+  self.token_audience = nil
   def self.setup
     yield self
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt_api_auth
 version: !ruby/object:Gem::Version
-  version: 0.0.1.pre.5
+  version: 0.0.2
 platform: ruby
 authors:
 - Cristian Stügelmayer
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-22 00:00:00.000000000 Z
+date: 2021-10-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -290,9 +290,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.0.8
 signing_key: