jwt_keeper 3.0.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.travis.yml +12 -7
- data/Gemfile +2 -0
- data/README.md +18 -10
- data/Rakefile +2 -0
- data/jwt_keeper.gemspec +8 -8
- data/lib/generators/jwt_keeper/install/install_generator.rb +1 -1
- data/lib/generators/templates/jwt_keeper.rb +5 -0
- data/lib/jwt_keeper.rb +0 -2
- data/lib/jwt_keeper/controller.rb +11 -6
- data/lib/jwt_keeper/datastore.rb +18 -2
- data/lib/jwt_keeper/engine.rb +1 -2
- data/lib/jwt_keeper/token.rb +12 -3
- data/lib/jwt_keeper/version.rb +1 -1
- data/spec/lib/jwt_keeper/controller_spec.rb +1 -1
- data/spec/lib/jwt_keeper/token_spec.rb +23 -9
- data/spec/spec_helper.rb +6 -8
- metadata +34 -63
- data/example/.gitignore +0 -15
- data/example/Gemfile +0 -15
- data/example/Rakefile +0 -6
- data/example/app/controllers/application_controller.rb +0 -27
- data/example/app/controllers/sessions_controller.rb +0 -52
- data/example/bin/bundle +0 -3
- data/example/bin/rails +0 -9
- data/example/bin/rake +0 -9
- data/example/bin/setup +0 -29
- data/example/bin/spring +0 -15
- data/example/config.ru +0 -4
- data/example/config/application.rb +0 -32
- data/example/config/boot.rb +0 -3
- data/example/config/environment.rb +0 -5
- data/example/config/environments/development.rb +0 -24
- data/example/config/environments/production.rb +0 -63
- data/example/config/environments/test.rb +0 -42
- data/example/config/initializers/backtrace_silencer.rb +0 -1
- data/example/config/initializers/cookies_serializer.rb +0 -3
- data/example/config/initializers/filter_parameter_logging.rb +0 -4
- data/example/config/initializers/jwt_keeper.rb +0 -11
- data/example/config/initializers/session_store.rb +0 -3
- data/example/config/initializers/wrap_parameters.rb +0 -9
- data/example/config/locales/en.yml +0 -23
- data/example/config/routes.rb +0 -3
- data/example/config/secrets.yml +0 -22
- data/example/example.env +0 -1
- data/example/log/.keep +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 8e0b54e0b218b816c8bd261c723ec33c054d085ef521d0dbe145cbc51ae9805c
|
4
|
+
data.tar.gz: 30b605d2628612a0810897528ea73d8fbf907d15d59cb01f7172bd282382ac00
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8caacceede25c63e353a17ab39bed5b06581e2013c66ca9af22c29b312a61fc7fff079e270befadaaaf5a8488d64a1851344a9609b5b1335a81d15358cda2756
|
7
|
+
data.tar.gz: 22ade2f9b71c1cf0eed4f15967cde19731c533002445e3fefd2013838a1ef4628071c9ce72b8dd600d75d3f9f1b37160ea35dc225a96eebb396cdf10f3cc14d7
|
data/.travis.yml
CHANGED
@@ -1,21 +1,26 @@
|
|
1
1
|
language: ruby
|
2
2
|
cache: bundler
|
3
3
|
rvm:
|
4
|
-
- 2.
|
5
|
-
- 2.
|
6
|
-
- 2.
|
7
|
-
- 2.3.0
|
4
|
+
- 2.4.5
|
5
|
+
- 2.5.3
|
6
|
+
- 2.6.1
|
8
7
|
- ruby-head
|
9
8
|
matrix:
|
10
9
|
allow_failures:
|
11
10
|
- rvm: ruby-head
|
12
|
-
addons:
|
13
|
-
code_climate:
|
14
|
-
repo_token: f69bb189f348c1d7992d8ed8690d0a2c9c885c1aac45e2f4d48732034592b37b
|
15
11
|
services:
|
16
12
|
- redis-server
|
17
13
|
env:
|
18
14
|
global:
|
19
15
|
- REDIS_URL=redis://localhost:6379
|
16
|
+
- CC_TEST_REPORTER_ID=f69bb189f348c1d7992d8ed8690d0a2c9c885c1aac45e2f4d48732034592b37b
|
17
|
+
before_script:
|
18
|
+
- curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
|
19
|
+
- chmod +x ./cc-test-reporter
|
20
|
+
- ./cc-test-reporter before-build
|
21
|
+
script:
|
22
|
+
- bundle exec rspec
|
23
|
+
after_script:
|
24
|
+
- ./cc-test-reporter after-build --exit-code $TRAVIS_TEST_RESULT
|
20
25
|
notifications:
|
21
26
|
email: false
|
data/Gemfile
CHANGED
data/README.md
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
# JWT Keeper
|
2
|
+
[![Gem Version](https://img.shields.io/gem/v/jwt_keeper.svg?maxAge=2592000)](https://rubygems.org/gems/jwt_keeper)
|
2
3
|
[![Build Status](https://img.shields.io/travis/sirwolfgang/jwt_keeper/master.svg)](https://travis-ci.org/sirwolfgang/jwt_keeper)
|
3
4
|
[![Dependency Status](https://img.shields.io/gemnasium/sirwolfgang/jwt_keeper.svg)](https://gemnasium.com/sirwolfgang/jwt_keeper)
|
4
5
|
[![Code Climate](https://img.shields.io/codeclimate/github/sirwolfgang/jwt_keeper.svg)](https://codeclimate.com/github/sirwolfgang/jwt_keeper)
|
@@ -8,7 +9,7 @@
|
|
8
9
|
An managing interface layer for handling the creation and validation of JWTs.
|
9
10
|
|
10
11
|
## Setup
|
11
|
-
- Add `gem 'jwt_keeper'
|
12
|
+
- Add `gem 'jwt_keeper'` to Gemfile
|
12
13
|
- Run `rails generate keeper:install`
|
13
14
|
- Configure `config/initializers/jwt_keeper.rb`
|
14
15
|
- Done
|
@@ -28,13 +29,17 @@ raw_token_string = token.to_jwt
|
|
28
29
|
```
|
29
30
|
|
30
31
|
## Rails Usage
|
31
|
-
The designed rails token flow is to receive and respond to requests with the token being present in the `Authorization` part of the header. This is to allow us to seamlessly rotate the tokens on the fly without having to rebuff the request as part of the user flow. Automatic rotation happens as part of the `require_authentication` action, meaning that you will always get the latest token data as
|
32
|
-
|
32
|
+
The designed rails token flow is to receive and respond to requests with the token being present in the `Authorization` part of the header. This is to allow us to seamlessly rotate the tokens on the fly without having to rebuff the request as part of the user flow. Automatic rotation happens as part of the `require_authentication` action, meaning that you will always get the latest token data as created by `generate_claims` in your controllers. This new token is added to the response with the `write_authentication_token` action.
|
33
|
+
|
34
|
+
```bash
|
35
|
+
rails generate jwt_keeper:install
|
36
|
+
```
|
33
37
|
|
34
38
|
```ruby
|
35
39
|
class ApplicationController < ActionController::Base
|
40
|
+
include JWTKeeper::Controller
|
41
|
+
|
36
42
|
before_action :require_authentication
|
37
|
-
after_action :respond_with_authentication
|
38
43
|
|
39
44
|
def not_authenticated
|
40
45
|
# Overload to return status 401
|
@@ -46,7 +51,7 @@ class ApplicationController < ActionController::Base
|
|
46
51
|
|
47
52
|
def regenerate_claims(old_token)
|
48
53
|
# Overload to update claims on automatic rotation.
|
49
|
-
current_user = User.find(
|
54
|
+
current_user = User.find(old_token.claims[:uid])
|
50
55
|
{ uid: current_user.id, usn: current_user.email }
|
51
56
|
end
|
52
57
|
end
|
@@ -55,22 +60,25 @@ end
|
|
55
60
|
```ruby
|
56
61
|
class SessionsController < ApplicationController
|
57
62
|
skip_before_action :require_authentication, only: :create
|
58
|
-
skip_after_action :respond_with_authentication, only: :destroy
|
59
63
|
|
60
64
|
# POST /sessions
|
61
65
|
def create
|
62
|
-
|
66
|
+
token = JWTKeeper::Token.create(uid: @user.id, usn: @user.email)
|
67
|
+
write_authentication_token(token)
|
63
68
|
end
|
64
69
|
|
65
70
|
# PATCH/PUT /sessions
|
66
71
|
def update
|
67
|
-
|
72
|
+
token = read_authentication_token
|
73
|
+
token.rotate
|
74
|
+
write_authentication_token(token)
|
68
75
|
end
|
69
76
|
|
70
77
|
# DELETE /sessions
|
71
78
|
def destroy
|
72
|
-
|
73
|
-
|
79
|
+
token = read_authentication_token
|
80
|
+
token.revoke
|
81
|
+
clear_authentication_token
|
74
82
|
end
|
75
83
|
```
|
76
84
|
|
data/Rakefile
CHANGED
data/jwt_keeper.gemspec
CHANGED
@@ -9,11 +9,11 @@ Gem::Specification.new do |spec|
|
|
9
9
|
spec.authors = ['David Rivera', 'Zane Wolfgang Pickett']
|
10
10
|
spec.email = ['david.r.rivera193@gmail.com', 'sirwolfgang@users.noreply.github.com']
|
11
11
|
spec.summary = 'JWT for Rails made easy'
|
12
|
-
spec.description = '
|
12
|
+
spec.description = 'A managing interface layer for handling the creation and validation of JWTs'
|
13
13
|
spec.homepage = 'https://github.com/sirwolfgang/jwt_keeper'
|
14
14
|
spec.license = 'MIT'
|
15
15
|
|
16
|
-
spec.files = `git ls-files -z`.split("\x0")
|
16
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(/^example\//) }
|
17
17
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
18
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
19
|
spec.require_paths = ['lib']
|
@@ -23,14 +23,14 @@ Gem::Specification.new do |spec|
|
|
23
23
|
spec.add_development_dependency 'yard'
|
24
24
|
spec.add_development_dependency 'rubocop'
|
25
25
|
spec.add_development_dependency 'dotenv'
|
26
|
+
spec.add_development_dependency 'pry'
|
26
27
|
|
27
|
-
spec.add_development_dependency 'rspec', '~> 3.
|
28
|
+
spec.add_development_dependency 'rspec', '~> 3.8'
|
28
29
|
spec.add_development_dependency 'fuubar'
|
29
30
|
spec.add_development_dependency 'simplecov'
|
30
|
-
spec.add_development_dependency 'codeclimate-test-reporter'
|
31
31
|
|
32
|
-
spec.add_dependency 'redis'
|
33
|
-
spec.add_dependency 'rails'
|
34
|
-
spec.add_dependency 'activesupport'
|
35
|
-
spec.add_dependency 'jwt', '
|
32
|
+
spec.add_dependency 'redis'
|
33
|
+
spec.add_dependency 'rails'
|
34
|
+
spec.add_dependency 'activesupport'
|
35
|
+
spec.add_dependency 'jwt', '>= 1.5'
|
36
36
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
JWTKeeper.configure do |config|
|
2
4
|
# The time to expire for the tokens
|
3
5
|
# config.expiry = 1.hour
|
@@ -26,6 +28,9 @@ JWTKeeper.configure do |config|
|
|
26
28
|
|
27
29
|
# the location of redis config file
|
28
30
|
# config.redis_connection = Redis.new(connection_options)
|
31
|
+
# config.redis_connection = ConnectionPool.new(size: ENV.fetch('RAILS_MAX_THREADS', 5)) do
|
32
|
+
# Redis.new(url: ENV['REDISCLOUD_URL'] || 'redis://localhost:6379/')
|
33
|
+
# end
|
29
34
|
|
30
35
|
# A unique idenfitier for the token version.
|
31
36
|
# config.version = 1
|
data/lib/jwt_keeper.rb
CHANGED
@@ -2,11 +2,9 @@ module JWTKeeper
|
|
2
2
|
module Controller
|
3
3
|
extend ActiveSupport::Concern
|
4
4
|
|
5
|
-
module ClassMethods
|
6
|
-
end
|
7
|
-
|
8
5
|
# Available to be used as a before_action by the application's controllers. This is
|
9
6
|
# the main logical section for decoding, and automatically rotating tokens
|
7
|
+
# @return [void]
|
10
8
|
def require_authentication
|
11
9
|
token = read_authentication_token
|
12
10
|
|
@@ -25,44 +23,51 @@ module JWTKeeper
|
|
25
23
|
end
|
26
24
|
|
27
25
|
# Decodes and returns the token
|
26
|
+
# @return [Token] the token read from request
|
28
27
|
def read_authentication_token
|
29
28
|
return nil unless request.headers['Authorization']
|
30
29
|
@authentication_token ||=
|
31
30
|
JWTKeeper::Token.find(
|
32
31
|
request.headers['Authorization'].split.last,
|
33
|
-
cookies.signed['jwt_keeper']
|
32
|
+
defined?(cookies) && cookies.signed['jwt_keeper']
|
34
33
|
)
|
35
34
|
end
|
36
35
|
|
37
36
|
# Encodes and writes the token
|
37
|
+
# @param token [Token] The token to be written
|
38
|
+
# @return [Token] the token written to response
|
38
39
|
def write_authentication_token(token)
|
39
40
|
return clear_authentication_token if token.nil?
|
40
41
|
response.headers['Authorization'] = "Bearer #{token.to_jwt}"
|
41
|
-
cookies.signed['jwt_keeper'] = token.to_cookie
|
42
|
+
defined?(cookies) && cookies.signed['jwt_keeper'] = token.to_cookie
|
42
43
|
@authentication_token = token
|
43
44
|
end
|
44
45
|
|
45
46
|
# delets the authentication token
|
47
|
+
# @return [void]
|
46
48
|
def clear_authentication_token
|
47
49
|
response.headers['Authorization'] = nil
|
48
|
-
cookies.delete('jwt_keeper')
|
50
|
+
defined?(cookies) && cookies.delete('jwt_keeper')
|
49
51
|
@authentication_token = nil
|
50
52
|
end
|
51
53
|
|
52
54
|
# The default action for denying non-authenticated connections.
|
53
55
|
# You can override this method in your controllers
|
56
|
+
# @return [void]
|
54
57
|
def not_authenticated
|
55
58
|
redirect_to root_path
|
56
59
|
end
|
57
60
|
|
58
61
|
# The default action for accepting authenticated connections.
|
59
62
|
# You can override this method in your controllers
|
63
|
+
# @return [void]
|
60
64
|
def authenticated(token)
|
61
65
|
end
|
62
66
|
|
63
67
|
# Invoked by the require_authentication method as part of the automatic rotation
|
64
68
|
# process. The application should override this method to include the necessary
|
65
69
|
# claims.
|
70
|
+
# @return [void]
|
66
71
|
def regenerate_claims(old_token)
|
67
72
|
end
|
68
73
|
end
|
data/lib/jwt_keeper/datastore.rb
CHANGED
@@ -27,12 +27,28 @@ module JWTKeeper
|
|
27
27
|
|
28
28
|
# @!visibility private
|
29
29
|
def set_with_expiry(jti, seconds, type)
|
30
|
-
JWTKeeper.configuration.redis_connection
|
30
|
+
redis = JWTKeeper.configuration.redis_connection
|
31
|
+
|
32
|
+
if redis.is_a?(Redis)
|
33
|
+
redis.setex(jti, seconds, type)
|
34
|
+
elsif defined?(ConnectionPool) && redis.is_a?(ConnectionPool)
|
35
|
+
redis.with { |conn| conn.setex(jti, seconds, type) }
|
36
|
+
else
|
37
|
+
throw 'Bad Redis Connection'
|
38
|
+
end
|
31
39
|
end
|
32
40
|
|
33
41
|
# @!visibility private
|
34
42
|
def get(jti)
|
35
|
-
JWTKeeper.configuration.redis_connection
|
43
|
+
redis = JWTKeeper.configuration.redis_connection
|
44
|
+
|
45
|
+
if redis.is_a?(Redis)
|
46
|
+
redis.get(jti)
|
47
|
+
elsif defined?(ConnectionPool) && redis.is_a?(ConnectionPool)
|
48
|
+
redis.with { |conn| conn.get(jti) }
|
49
|
+
else
|
50
|
+
throw 'Bad Redis Connection'
|
51
|
+
end
|
36
52
|
end
|
37
53
|
end
|
38
54
|
end
|
data/lib/jwt_keeper/engine.rb
CHANGED
@@ -2,8 +2,7 @@ require 'jwt_keeper'
|
|
2
2
|
require 'rails'
|
3
3
|
|
4
4
|
module JWTKeeper
|
5
|
-
#
|
6
|
-
# With the plugin logic.
|
5
|
+
# Includes JWTKeeper into ActionController
|
7
6
|
class Engine < ::Rails::Engine
|
8
7
|
initializer 'extend Controller with jwt_keeper' do |_app|
|
9
8
|
ActionController::Base.send(:include, JWTKeeper::Controller)
|
data/lib/jwt_keeper/token.rb
CHANGED
@@ -1,9 +1,13 @@
|
|
1
1
|
module JWTKeeper
|
2
|
+
# This class acts as the main interface to wrap the concerns of JWTs. Handling everything from
|
3
|
+
# encoding to invalidation.
|
2
4
|
class Token
|
3
5
|
attr_accessor :claims, :cookie_secret
|
4
6
|
|
5
7
|
# Initalizes a new web token
|
6
8
|
# @param private_claims [Hash] the custom claims to encode
|
9
|
+
# @param cookie_secret [String] the cookie secret to use during encoding
|
10
|
+
# @return [void]
|
7
11
|
def initialize(private_claims = {}, cookie_secret = nil)
|
8
12
|
@cookie_secret = cookie_secret
|
9
13
|
@claims = {
|
@@ -13,6 +17,7 @@ module JWTKeeper
|
|
13
17
|
}
|
14
18
|
@claims.merge!(JWTKeeper.configuration.base_claims)
|
15
19
|
@claims.merge!(private_claims)
|
20
|
+
@claims[:exp] = @claims[:exp].to_i if @claims[:exp].is_a?(Time)
|
16
21
|
end
|
17
22
|
|
18
23
|
# Creates a new web token
|
@@ -25,6 +30,7 @@ module JWTKeeper
|
|
25
30
|
|
26
31
|
# Decodes and validates an existing token
|
27
32
|
# @param raw_token [String] the raw token
|
33
|
+
# @param cookie_secret [String] the cookie secret
|
28
34
|
# @return [Token] token object
|
29
35
|
def self.find(raw_token, cookie_secret = nil)
|
30
36
|
claims = decode(raw_token, cookie_secret)
|
@@ -39,12 +45,14 @@ module JWTKeeper
|
|
39
45
|
# is inherently ignored by the token's exp check and then rewritten with the revokation on
|
40
46
|
# rotate.
|
41
47
|
# @param token_jti [String] the token unique id
|
48
|
+
# @return [void]
|
42
49
|
def self.rotate(token_jti)
|
43
50
|
Datastore.rotate(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
44
51
|
end
|
45
52
|
|
46
53
|
# Revokes a web token
|
47
54
|
# @param token_jti [String] the token unique id
|
55
|
+
# @return [void]
|
48
56
|
def self.revoke(token_jti)
|
49
57
|
Datastore.revoke(token_jti, JWTKeeper.configuration.expiry.from_now.to_i)
|
50
58
|
end
|
@@ -57,7 +65,7 @@ module JWTKeeper
|
|
57
65
|
|
58
66
|
# Revokes and creates a new web token
|
59
67
|
# @param new_claims [Hash] Used to override and update claims during rotation
|
60
|
-
# @return [
|
68
|
+
# @return [Token]
|
61
69
|
def rotate(new_claims = nil)
|
62
70
|
revoke
|
63
71
|
|
@@ -70,6 +78,7 @@ module JWTKeeper
|
|
70
78
|
end
|
71
79
|
|
72
80
|
# Revokes a web token
|
81
|
+
# @return [void]
|
73
82
|
def revoke
|
74
83
|
return if invalid?
|
75
84
|
Datastore.revoke(id, claims[:exp] - DateTime.now.to_i)
|
@@ -106,14 +115,14 @@ module JWTKeeper
|
|
106
115
|
end
|
107
116
|
|
108
117
|
# Encodes the jwt
|
109
|
-
# @return [String]
|
118
|
+
# @return [String] the encoded jwt
|
110
119
|
def to_jwt
|
111
120
|
encode
|
112
121
|
end
|
113
122
|
alias to_s to_jwt
|
114
123
|
|
115
124
|
# Encodes the cookie
|
116
|
-
# @return [Hash]
|
125
|
+
# @return [Hash] the cookie options
|
117
126
|
def to_cookie
|
118
127
|
{
|
119
128
|
value: cookie_secret,
|
data/lib/jwt_keeper/version.rb
CHANGED
@@ -4,7 +4,7 @@ RSpec.describe JWTKeeper do
|
|
4
4
|
describe 'Controller' do
|
5
5
|
include_context 'initialize config'
|
6
6
|
|
7
|
-
let(:token) { JWTKeeper::Token.create(claim: "
|
7
|
+
let(:token) { JWTKeeper::Token.create(claim: "The Earth is Flat") }
|
8
8
|
subject(:test_controller) do
|
9
9
|
cookies_klass = Class.new(Hash) do
|
10
10
|
def signed
|
@@ -3,7 +3,7 @@ require 'spec_helper'
|
|
3
3
|
module JWTKeeper
|
4
4
|
RSpec.describe Token do
|
5
5
|
include_context 'initialize config'
|
6
|
-
let(:private_claims) { { claim: "
|
6
|
+
let(:private_claims) { { claim: "The Earth is Flat" } }
|
7
7
|
let(:token) { described_class.create(private_claims) }
|
8
8
|
let(:raw_token) { token.to_jwt }
|
9
9
|
|
@@ -17,6 +17,13 @@ module JWTKeeper
|
|
17
17
|
before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
|
18
18
|
it { expect(subject.cookie_secret).not_to be_empty }
|
19
19
|
end
|
20
|
+
|
21
|
+
context 'when overiding default claims' do
|
22
|
+
let(:private_claims) { { exp: 1.minute.from_now.to_i } }
|
23
|
+
|
24
|
+
it { is_expected.to be_instance_of described_class }
|
25
|
+
it { expect(subject.claims[:exp]).to eql private_claims[:exp] }
|
26
|
+
end
|
20
27
|
end
|
21
28
|
|
22
29
|
describe '.find' do
|
@@ -35,16 +42,23 @@ module JWTKeeper
|
|
35
42
|
it { is_expected.to be nil }
|
36
43
|
end
|
37
44
|
|
38
|
-
context 'with
|
39
|
-
subject { described_class.find(raw_token, 'BAD_COOKIE') }
|
40
|
-
it { is_expected.to be nil }
|
41
|
-
end
|
42
|
-
|
43
|
-
context 'with valid cookie' do
|
45
|
+
context 'describe with cookie locking' do
|
44
46
|
before { JWTKeeper.configure(JWTKeeper::Configuration.new(config.merge(cookie_lock: true))) }
|
45
|
-
subject { described_class.find(raw_token, token.cookie_secret) }
|
46
47
|
|
47
|
-
|
48
|
+
context 'with no cookie' do
|
49
|
+
subject { described_class.find(raw_token, nil) }
|
50
|
+
it { is_expected.to be nil }
|
51
|
+
end
|
52
|
+
|
53
|
+
context 'with bad cookie' do
|
54
|
+
subject { described_class.find(raw_token, 'BAD_COOKIE') }
|
55
|
+
it { is_expected.to be nil }
|
56
|
+
end
|
57
|
+
|
58
|
+
context 'with valid cookie' do
|
59
|
+
subject { described_class.find(raw_token, token.cookie_secret) }
|
60
|
+
it { is_expected.to be_instance_of described_class }
|
61
|
+
end
|
48
62
|
end
|
49
63
|
end
|
50
64
|
|
data/spec/spec_helper.rb
CHANGED
@@ -1,15 +1,13 @@
|
|
1
|
+
require 'pry'
|
1
2
|
require 'dotenv'
|
2
3
|
Dotenv.load
|
3
4
|
|
4
5
|
require 'simplecov'
|
5
|
-
|
6
|
-
|
7
|
-
SimpleCov.
|
8
|
-
|
9
|
-
|
10
|
-
CodeClimate::TestReporter::Formatter
|
11
|
-
])
|
12
|
-
SimpleCov.start
|
6
|
+
|
7
|
+
SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
|
8
|
+
SimpleCov.start do
|
9
|
+
add_filter '/spec/'
|
10
|
+
end
|
13
11
|
|
14
12
|
require 'rails'
|
15
13
|
require 'jwt_keeper'
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt_keeper
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Rivera
|
8
8
|
- Zane Wolfgang Pickett
|
9
|
-
autorequire:
|
9
|
+
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2020-12-15 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -82,35 +82,35 @@ dependencies:
|
|
82
82
|
- !ruby/object:Gem::Version
|
83
83
|
version: '0'
|
84
84
|
- !ruby/object:Gem::Dependency
|
85
|
-
name:
|
85
|
+
name: pry
|
86
86
|
requirement: !ruby/object:Gem::Requirement
|
87
87
|
requirements:
|
88
|
-
- - "
|
88
|
+
- - ">="
|
89
89
|
- !ruby/object:Gem::Version
|
90
|
-
version: '
|
90
|
+
version: '0'
|
91
91
|
type: :development
|
92
92
|
prerelease: false
|
93
93
|
version_requirements: !ruby/object:Gem::Requirement
|
94
94
|
requirements:
|
95
|
-
- - "
|
95
|
+
- - ">="
|
96
96
|
- !ruby/object:Gem::Version
|
97
|
-
version: '
|
97
|
+
version: '0'
|
98
98
|
- !ruby/object:Gem::Dependency
|
99
|
-
name:
|
99
|
+
name: rspec
|
100
100
|
requirement: !ruby/object:Gem::Requirement
|
101
101
|
requirements:
|
102
|
-
- - "
|
102
|
+
- - "~>"
|
103
103
|
- !ruby/object:Gem::Version
|
104
|
-
version: '
|
104
|
+
version: '3.8'
|
105
105
|
type: :development
|
106
106
|
prerelease: false
|
107
107
|
version_requirements: !ruby/object:Gem::Requirement
|
108
108
|
requirements:
|
109
|
-
- - "
|
109
|
+
- - "~>"
|
110
110
|
- !ruby/object:Gem::Version
|
111
|
-
version: '
|
111
|
+
version: '3.8'
|
112
112
|
- !ruby/object:Gem::Dependency
|
113
|
-
name:
|
113
|
+
name: fuubar
|
114
114
|
requirement: !ruby/object:Gem::Requirement
|
115
115
|
requirements:
|
116
116
|
- - ">="
|
@@ -124,7 +124,7 @@ dependencies:
|
|
124
124
|
- !ruby/object:Gem::Version
|
125
125
|
version: '0'
|
126
126
|
- !ruby/object:Gem::Dependency
|
127
|
-
name:
|
127
|
+
name: simplecov
|
128
128
|
requirement: !ruby/object:Gem::Requirement
|
129
129
|
requirements:
|
130
130
|
- - ">="
|
@@ -141,59 +141,60 @@ dependencies:
|
|
141
141
|
name: redis
|
142
142
|
requirement: !ruby/object:Gem::Requirement
|
143
143
|
requirements:
|
144
|
-
- - "
|
144
|
+
- - ">="
|
145
145
|
- !ruby/object:Gem::Version
|
146
|
-
version: '
|
146
|
+
version: '0'
|
147
147
|
type: :runtime
|
148
148
|
prerelease: false
|
149
149
|
version_requirements: !ruby/object:Gem::Requirement
|
150
150
|
requirements:
|
151
|
-
- - "
|
151
|
+
- - ">="
|
152
152
|
- !ruby/object:Gem::Version
|
153
|
-
version: '
|
153
|
+
version: '0'
|
154
154
|
- !ruby/object:Gem::Dependency
|
155
155
|
name: rails
|
156
156
|
requirement: !ruby/object:Gem::Requirement
|
157
157
|
requirements:
|
158
|
-
- - "
|
158
|
+
- - ">="
|
159
159
|
- !ruby/object:Gem::Version
|
160
|
-
version: '
|
160
|
+
version: '0'
|
161
161
|
type: :runtime
|
162
162
|
prerelease: false
|
163
163
|
version_requirements: !ruby/object:Gem::Requirement
|
164
164
|
requirements:
|
165
|
-
- - "
|
165
|
+
- - ">="
|
166
166
|
- !ruby/object:Gem::Version
|
167
|
-
version: '
|
167
|
+
version: '0'
|
168
168
|
- !ruby/object:Gem::Dependency
|
169
169
|
name: activesupport
|
170
170
|
requirement: !ruby/object:Gem::Requirement
|
171
171
|
requirements:
|
172
|
-
- - "
|
172
|
+
- - ">="
|
173
173
|
- !ruby/object:Gem::Version
|
174
|
-
version: '
|
174
|
+
version: '0'
|
175
175
|
type: :runtime
|
176
176
|
prerelease: false
|
177
177
|
version_requirements: !ruby/object:Gem::Requirement
|
178
178
|
requirements:
|
179
|
-
- - "
|
179
|
+
- - ">="
|
180
180
|
- !ruby/object:Gem::Version
|
181
|
-
version: '
|
181
|
+
version: '0'
|
182
182
|
- !ruby/object:Gem::Dependency
|
183
183
|
name: jwt
|
184
184
|
requirement: !ruby/object:Gem::Requirement
|
185
185
|
requirements:
|
186
|
-
- - "
|
186
|
+
- - ">="
|
187
187
|
- !ruby/object:Gem::Version
|
188
188
|
version: '1.5'
|
189
189
|
type: :runtime
|
190
190
|
prerelease: false
|
191
191
|
version_requirements: !ruby/object:Gem::Requirement
|
192
192
|
requirements:
|
193
|
-
- - "
|
193
|
+
- - ">="
|
194
194
|
- !ruby/object:Gem::Version
|
195
195
|
version: '1.5'
|
196
|
-
description:
|
196
|
+
description: A managing interface layer for handling the creation and validation of
|
197
|
+
JWTs
|
197
198
|
email:
|
198
199
|
- david.r.rivera193@gmail.com
|
199
200
|
- sirwolfgang@users.noreply.github.com
|
@@ -212,34 +213,6 @@ files:
|
|
212
213
|
- Rakefile
|
213
214
|
- docker-compose.yml
|
214
215
|
- example.env
|
215
|
-
- example/.gitignore
|
216
|
-
- example/Gemfile
|
217
|
-
- example/Rakefile
|
218
|
-
- example/app/controllers/application_controller.rb
|
219
|
-
- example/app/controllers/sessions_controller.rb
|
220
|
-
- example/bin/bundle
|
221
|
-
- example/bin/rails
|
222
|
-
- example/bin/rake
|
223
|
-
- example/bin/setup
|
224
|
-
- example/bin/spring
|
225
|
-
- example/config.ru
|
226
|
-
- example/config/application.rb
|
227
|
-
- example/config/boot.rb
|
228
|
-
- example/config/environment.rb
|
229
|
-
- example/config/environments/development.rb
|
230
|
-
- example/config/environments/production.rb
|
231
|
-
- example/config/environments/test.rb
|
232
|
-
- example/config/initializers/backtrace_silencer.rb
|
233
|
-
- example/config/initializers/cookies_serializer.rb
|
234
|
-
- example/config/initializers/filter_parameter_logging.rb
|
235
|
-
- example/config/initializers/jwt_keeper.rb
|
236
|
-
- example/config/initializers/session_store.rb
|
237
|
-
- example/config/initializers/wrap_parameters.rb
|
238
|
-
- example/config/locales/en.yml
|
239
|
-
- example/config/routes.rb
|
240
|
-
- example/config/secrets.yml
|
241
|
-
- example/example.env
|
242
|
-
- example/log/.keep
|
243
216
|
- jwt_keeper.gemspec
|
244
217
|
- lib/generators/jwt_keeper/install/install_generator.rb
|
245
218
|
- lib/generators/templates/jwt_keeper.rb
|
@@ -261,7 +234,7 @@ homepage: https://github.com/sirwolfgang/jwt_keeper
|
|
261
234
|
licenses:
|
262
235
|
- MIT
|
263
236
|
metadata: {}
|
264
|
-
post_install_message:
|
237
|
+
post_install_message:
|
265
238
|
rdoc_options: []
|
266
239
|
require_paths:
|
267
240
|
- lib
|
@@ -276,9 +249,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
276
249
|
- !ruby/object:Gem::Version
|
277
250
|
version: '0'
|
278
251
|
requirements: []
|
279
|
-
|
280
|
-
|
281
|
-
signing_key:
|
252
|
+
rubygems_version: 3.1.4
|
253
|
+
signing_key:
|
282
254
|
specification_version: 4
|
283
255
|
summary: JWT for Rails made easy
|
284
256
|
test_files:
|
@@ -288,4 +260,3 @@ test_files:
|
|
288
260
|
- spec/lib/jwt_keeper/token_spec.rb
|
289
261
|
- spec/lib/jwt_keeper_spec.rb
|
290
262
|
- spec/spec_helper.rb
|
291
|
-
has_rdoc:
|
data/example/.gitignore
DELETED
@@ -1,15 +0,0 @@
|
|
1
|
-
# See https://help.github.com/articles/ignoring-files for more about ignoring files.
|
2
|
-
#
|
3
|
-
# If you find yourself ignoring temporary files generated by your text editor
|
4
|
-
# or operating system, you probably want to add a global ignore instead:
|
5
|
-
# git config --global core.excludesfile '~/.gitignore_global'
|
6
|
-
|
7
|
-
# Ignore bundler config.
|
8
|
-
/.bundle
|
9
|
-
|
10
|
-
# Ignore all logfiles and tempfiles.
|
11
|
-
/log/*
|
12
|
-
!/log/.keep
|
13
|
-
/tmp
|
14
|
-
|
15
|
-
.env
|
data/example/Gemfile
DELETED
data/example/Rakefile
DELETED
@@ -1,27 +0,0 @@
|
|
1
|
-
class ApplicationController < ActionController::Base
|
2
|
-
protect_from_forgery with: :exception
|
3
|
-
skip_before_action :verify_authenticity_token
|
4
|
-
|
5
|
-
before_action :default_format_json
|
6
|
-
before_action :require_authentication
|
7
|
-
|
8
|
-
private
|
9
|
-
|
10
|
-
def default_format_json
|
11
|
-
request.format ||= 'json'
|
12
|
-
end
|
13
|
-
|
14
|
-
def not_authenticated
|
15
|
-
respond_to do |format|
|
16
|
-
format.json { head :unauthorized }
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
def authenticated(decoded_token)
|
21
|
-
@current_user_id = decoded_token.claims[:uid] # Hold off on database calls until necessary
|
22
|
-
end
|
23
|
-
|
24
|
-
def current_user
|
25
|
-
@current_user ||= { id: @current_user_id }
|
26
|
-
end
|
27
|
-
end
|
@@ -1,52 +0,0 @@
|
|
1
|
-
class SessionsController < ApplicationController
|
2
|
-
skip_before_action :require_authentication, only: :create
|
3
|
-
|
4
|
-
# GET /session
|
5
|
-
def show
|
6
|
-
token = read_authentication_token
|
7
|
-
|
8
|
-
respond_to do |format|
|
9
|
-
format.json { render json: token }
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
# POST /session
|
14
|
-
def create
|
15
|
-
@user = { id: 1 }
|
16
|
-
|
17
|
-
respond_to do |format|
|
18
|
-
if @user
|
19
|
-
write_authentication_token(JWTKeeper::Token.create(uid: @user[:id]))
|
20
|
-
format.json { head :created }
|
21
|
-
else
|
22
|
-
clear_authentication_token
|
23
|
-
format.json { head :unauthorized }
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
# PATCH/PUT /session
|
29
|
-
def update
|
30
|
-
token = read_authentication_token
|
31
|
-
|
32
|
-
respond_to do |format|
|
33
|
-
if token.rotate
|
34
|
-
write_authentication_token(token)
|
35
|
-
format.json { head :created }
|
36
|
-
else
|
37
|
-
clear_authentication_token
|
38
|
-
format.json { head :unauthorized }
|
39
|
-
end
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
# DELETE /session
|
44
|
-
def destroy
|
45
|
-
read_authentication_token.revoke
|
46
|
-
|
47
|
-
respond_to do |format|
|
48
|
-
clear_authentication_token
|
49
|
-
format.json { head :no_content }
|
50
|
-
end
|
51
|
-
end
|
52
|
-
end
|
data/example/bin/bundle
DELETED
data/example/bin/rails
DELETED
@@ -1,9 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
begin
|
3
|
-
load File.expand_path('../spring', __FILE__)
|
4
|
-
rescue LoadError => e
|
5
|
-
raise unless e.message.include?('spring')
|
6
|
-
end
|
7
|
-
APP_PATH = File.expand_path('../../config/application', __FILE__)
|
8
|
-
require_relative '../config/boot'
|
9
|
-
require 'rails/commands'
|
data/example/bin/rake
DELETED
data/example/bin/setup
DELETED
@@ -1,29 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
require 'pathname'
|
3
|
-
|
4
|
-
# path to your application root.
|
5
|
-
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
|
6
|
-
|
7
|
-
Dir.chdir APP_ROOT do
|
8
|
-
# This script is a starting point to setup your application.
|
9
|
-
# Add necessary setup steps to this file:
|
10
|
-
|
11
|
-
puts '== Installing dependencies =='
|
12
|
-
system 'gem install bundler --conservative'
|
13
|
-
system 'bundle check || bundle install'
|
14
|
-
|
15
|
-
# puts "\n== Copying sample files =="
|
16
|
-
# unless File.exist?("config/database.yml")
|
17
|
-
# system "cp config/database.yml.sample config/database.yml"
|
18
|
-
# end
|
19
|
-
|
20
|
-
puts "\n== Preparing database =="
|
21
|
-
system 'bin/rake db:setup'
|
22
|
-
|
23
|
-
puts "\n== Removing old logs and tempfiles =="
|
24
|
-
system 'rm -f log/*'
|
25
|
-
system 'rm -rf tmp/cache'
|
26
|
-
|
27
|
-
puts "\n== Restarting application server =="
|
28
|
-
system 'touch tmp/restart.txt'
|
29
|
-
end
|
data/example/bin/spring
DELETED
@@ -1,15 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
# This file loads spring without using Bundler, in order to be fast.
|
4
|
-
# It gets overwritten when you run the `spring binstub` command.
|
5
|
-
|
6
|
-
unless defined?(Spring)
|
7
|
-
require 'rubygems'
|
8
|
-
require 'bundler'
|
9
|
-
|
10
|
-
if (match = Bundler.default_lockfile.read.match(/^GEM$.*?^ (?: )*spring \((.*?)\)$.*?^$/m))
|
11
|
-
Gem.paths = { 'GEM_PATH' => [Bundler.bundle_path.to_s, *Gem.path].uniq.join(Gem.path_separator) }
|
12
|
-
gem 'spring', match[1]
|
13
|
-
require 'spring/binstub'
|
14
|
-
end
|
15
|
-
end
|
data/example/config.ru
DELETED
@@ -1,32 +0,0 @@
|
|
1
|
-
require File.expand_path('../boot', __FILE__)
|
2
|
-
|
3
|
-
require 'rails'
|
4
|
-
# Pick the frameworks you want:
|
5
|
-
# require "active_model/railtie"
|
6
|
-
# require "active_job/railtie"
|
7
|
-
# require "active_record/railtie"
|
8
|
-
require 'action_controller/railtie'
|
9
|
-
# require "action_mailer/railtie"
|
10
|
-
require 'action_view/railtie'
|
11
|
-
# require "sprockets/railtie"
|
12
|
-
# require "rails/test_unit/railtie"
|
13
|
-
|
14
|
-
# Require the gems listed in Gemfile, including any gems
|
15
|
-
# you've limited to :test, :development, or :production.
|
16
|
-
Bundler.require(*Rails.groups)
|
17
|
-
|
18
|
-
module Example
|
19
|
-
class Application < Rails::Application
|
20
|
-
# Settings in config/environments/* take precedence over those specified here.
|
21
|
-
# Application configuration should go into files in config/initializers
|
22
|
-
# -- all .rb files in that directory are automatically loaded.
|
23
|
-
|
24
|
-
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
|
25
|
-
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
|
26
|
-
# config.time_zone = 'Central Time (US & Canada)'
|
27
|
-
|
28
|
-
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
29
|
-
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
30
|
-
# config.i18n.default_locale = :de
|
31
|
-
end
|
32
|
-
end
|
data/example/config/boot.rb
DELETED
@@ -1,24 +0,0 @@
|
|
1
|
-
Rails.application.configure do
|
2
|
-
# Settings specified here will take precedence over those in config/application.rb.
|
3
|
-
|
4
|
-
# In the development environment your application's code is reloaded on
|
5
|
-
# every request. This slows down response time but is perfect for development
|
6
|
-
# since you don't have to restart the web server when you make code changes.
|
7
|
-
config.cache_classes = false
|
8
|
-
|
9
|
-
# Do not eager load code on boot.
|
10
|
-
config.eager_load = false
|
11
|
-
|
12
|
-
# Show full error reports and disable caching.
|
13
|
-
config.consider_all_requests_local = true
|
14
|
-
config.action_controller.perform_caching = false
|
15
|
-
|
16
|
-
# Don't care if the mailer can't send.
|
17
|
-
# config.action_mailer.raise_delivery_errors = false
|
18
|
-
|
19
|
-
# Print deprecation notices to the Rails logger.
|
20
|
-
config.active_support.deprecation = :log
|
21
|
-
|
22
|
-
# Raises error for missing translations
|
23
|
-
# config.action_view.raise_on_missing_translations = true
|
24
|
-
end
|
@@ -1,63 +0,0 @@
|
|
1
|
-
Rails.application.configure do
|
2
|
-
# Settings specified here will take precedence over those in config/application.rb.
|
3
|
-
|
4
|
-
# Code is not reloaded between requests.
|
5
|
-
config.cache_classes = true
|
6
|
-
|
7
|
-
# Eager load code on boot. This eager loads most of Rails and
|
8
|
-
# your application in memory, allowing both threaded web servers
|
9
|
-
# and those relying on copy on write to perform better.
|
10
|
-
# Rake tasks automatically ignore this option for performance.
|
11
|
-
config.eager_load = true
|
12
|
-
|
13
|
-
# Full error reports are disabled and caching is turned on.
|
14
|
-
config.consider_all_requests_local = false
|
15
|
-
config.action_controller.perform_caching = true
|
16
|
-
|
17
|
-
# Enable Rack::Cache to put a simple HTTP cache in front of your application
|
18
|
-
# Add `rack-cache` to your Gemfile before enabling this.
|
19
|
-
# For large-scale production use, consider using a caching reverse proxy like
|
20
|
-
# NGINX, varnish or squid.
|
21
|
-
# config.action_dispatch.rack_cache = true
|
22
|
-
|
23
|
-
# Disable serving static files from the `/public` folder by default since
|
24
|
-
# Apache or NGINX already handles this.
|
25
|
-
config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
|
26
|
-
|
27
|
-
# Specifies the header that your server uses for sending files.
|
28
|
-
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
|
29
|
-
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
|
30
|
-
|
31
|
-
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
|
32
|
-
# config.force_ssl = true
|
33
|
-
|
34
|
-
# Use the lowest log level to ensure availability of diagnostic information
|
35
|
-
# when problems arise.
|
36
|
-
config.log_level = :debug
|
37
|
-
|
38
|
-
# Prepend all log lines with the following tags.
|
39
|
-
# config.log_tags = [ :subdomain, :uuid ]
|
40
|
-
|
41
|
-
# Use a different logger for distributed setups.
|
42
|
-
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
|
43
|
-
|
44
|
-
# Use a different cache store in production.
|
45
|
-
# config.cache_store = :mem_cache_store
|
46
|
-
|
47
|
-
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
48
|
-
# config.action_controller.asset_host = 'http://assets.example.com'
|
49
|
-
|
50
|
-
# Ignore bad email addresses and do not raise email delivery errors.
|
51
|
-
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
52
|
-
# config.action_mailer.raise_delivery_errors = false
|
53
|
-
|
54
|
-
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
|
55
|
-
# the I18n.default_locale when a translation cannot be found).
|
56
|
-
config.i18n.fallbacks = true
|
57
|
-
|
58
|
-
# Send deprecation notices to registered listeners.
|
59
|
-
config.active_support.deprecation = :notify
|
60
|
-
|
61
|
-
# Use default logging formatter so that PID and timestamp are not suppressed.
|
62
|
-
config.log_formatter = ::Logger::Formatter.new
|
63
|
-
end
|
@@ -1,42 +0,0 @@
|
|
1
|
-
Rails.application.configure do
|
2
|
-
# Settings specified here will take precedence over those in config/application.rb.
|
3
|
-
|
4
|
-
# The test environment is used exclusively to run your application's
|
5
|
-
# test suite. You never need to work with it otherwise. Remember that
|
6
|
-
# your test database is "scratch space" for the test suite and is wiped
|
7
|
-
# and recreated between test runs. Don't rely on the data there!
|
8
|
-
config.cache_classes = true
|
9
|
-
|
10
|
-
# Do not eager load code on boot. This avoids loading your whole application
|
11
|
-
# just for the purpose of running a single test. If you are using a tool that
|
12
|
-
# preloads Rails for running tests, you may have to set it to true.
|
13
|
-
config.eager_load = false
|
14
|
-
|
15
|
-
# Configure static file server for tests with Cache-Control for performance.
|
16
|
-
config.serve_static_files = true
|
17
|
-
config.static_cache_control = 'public, max-age=3600'
|
18
|
-
|
19
|
-
# Show full error reports and disable caching.
|
20
|
-
config.consider_all_requests_local = true
|
21
|
-
config.action_controller.perform_caching = false
|
22
|
-
|
23
|
-
# Raise exceptions instead of rendering exception templates.
|
24
|
-
config.action_dispatch.show_exceptions = false
|
25
|
-
|
26
|
-
# Disable request forgery protection in test environment.
|
27
|
-
config.action_controller.allow_forgery_protection = false
|
28
|
-
|
29
|
-
# Tell Action Mailer not to deliver emails to the real world.
|
30
|
-
# The :test delivery method accumulates sent emails in the
|
31
|
-
# ActionMailer::Base.deliveries array.
|
32
|
-
# config.action_mailer.delivery_method = :test
|
33
|
-
|
34
|
-
# Randomize the order test cases are executed.
|
35
|
-
config.active_support.test_order = :random
|
36
|
-
|
37
|
-
# Print deprecation notices to the stderr.
|
38
|
-
config.active_support.deprecation = :stderr
|
39
|
-
|
40
|
-
# Raises error for missing translations
|
41
|
-
# config.action_view.raise_on_missing_translations = true
|
42
|
-
end
|
@@ -1 +0,0 @@
|
|
1
|
-
Rails.backtrace_cleaner.remove_silencers!
|
@@ -1,11 +0,0 @@
|
|
1
|
-
JWTKeeper.configure do |config|
|
2
|
-
config.expiry = 1.hour
|
3
|
-
config.algorithm = 'HS512'
|
4
|
-
config.secret = 'secret'
|
5
|
-
config.issuer = '.localhost'
|
6
|
-
config.audience = 'localhost'
|
7
|
-
config.redis_connection = Redis.new(url: ENV['REDIS_URL'])
|
8
|
-
config.version = 1
|
9
|
-
config.cookie_lock = true
|
10
|
-
config.cookie_secure = !(Rails.env.test? || Rails.env.development?)
|
11
|
-
end
|
@@ -1,9 +0,0 @@
|
|
1
|
-
# Be sure to restart your server when you modify this file.
|
2
|
-
|
3
|
-
# This file contains settings for ActionController::ParamsWrapper which
|
4
|
-
# is enabled by default.
|
5
|
-
|
6
|
-
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
|
7
|
-
ActiveSupport.on_load(:action_controller) do
|
8
|
-
wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
|
9
|
-
end
|
@@ -1,23 +0,0 @@
|
|
1
|
-
# Files in the config/locales directory are used for internationalization
|
2
|
-
# and are automatically loaded by Rails. If you want to use locales other
|
3
|
-
# than English, add the necessary files in this directory.
|
4
|
-
#
|
5
|
-
# To use the locales, use `I18n.t`:
|
6
|
-
#
|
7
|
-
# I18n.t 'hello'
|
8
|
-
#
|
9
|
-
# In views, this is aliased to just `t`:
|
10
|
-
#
|
11
|
-
# <%= t('hello') %>
|
12
|
-
#
|
13
|
-
# To use a different locale, set it with `I18n.locale`:
|
14
|
-
#
|
15
|
-
# I18n.locale = :es
|
16
|
-
#
|
17
|
-
# This would use the information in config/locales/es.yml.
|
18
|
-
#
|
19
|
-
# To learn more, please read the Rails Internationalization guide
|
20
|
-
# available at http://guides.rubyonrails.org/i18n.html.
|
21
|
-
|
22
|
-
en:
|
23
|
-
hello: "Hello world"
|
data/example/config/routes.rb
DELETED
data/example/config/secrets.yml
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
# Be sure to restart your server when you modify this file.
|
2
|
-
|
3
|
-
# Your secret key is used for verifying the integrity of signed cookies.
|
4
|
-
# If you change this key, all old signed cookies will become invalid!
|
5
|
-
|
6
|
-
# Make sure the secret is at least 30 characters and all random,
|
7
|
-
# no regular words or you'll be exposed to dictionary attacks.
|
8
|
-
# You can use `rake secret` to generate a secure secret key.
|
9
|
-
|
10
|
-
# Make sure the secrets in this file are kept private
|
11
|
-
# if you're sharing your code publicly.
|
12
|
-
|
13
|
-
development:
|
14
|
-
secret_key_base: 82e9f5f97a6b624896c35b930acb75d5d5d9df9aa363a21b4173e8a370480ffd7f329a280223a22f03fc07afd2d28c15fae09087eef781506ffea4954e16e12f
|
15
|
-
|
16
|
-
test:
|
17
|
-
secret_key_base: 516e709c30b7198b27d1b2c724e6eaffb13ac2ef0b7d22da67771afdf36f0c6d995e788d12e1da042e739be29d4b2c29ced96d6153f0ad296749570689d9bb4e
|
18
|
-
|
19
|
-
# Do not keep production secrets in the repository,
|
20
|
-
# instead read values from the environment.
|
21
|
-
production:
|
22
|
-
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
data/example/example.env
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
REDIS_URL=redis://:password@localhost:port
|
data/example/log/.keep
DELETED
File without changes
|