model_driven_api 2.3.12 → 2.3.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/api/v2/application_controller.rb +0 -5
- data/lib/json_web_token.rb +2 -2
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a5497bdb2727e103fa3727595ca62bbaf065b9135dd9bfbc8674f21506929dd0
|
4
|
+
data.tar.gz: ad09cdae9730b0f5c7983eb478c660ef8cc1c13d1d2c1cb13cd9a143b67f4029
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 719fcf3175dced8eaea5e238551d7d143edc185e9131c44ae9bf5358509de252da07491c27c16f485644c782f73c8f351379744c60f20bc803b074f024ecdbb8
|
7
|
+
data.tar.gz: ad157de69fbd575e5a9197594901b811a0cb1e74f25eb49146c011fbec9d32ebd6874e8712f2ef8edff4799d9e46cd04e2040c5cbe7c48b3a04e7f428917ab5a
|
@@ -128,20 +128,15 @@ class Api::V2::ApplicationController < ActionController::API
|
|
128
128
|
end
|
129
129
|
|
130
130
|
def authenticate_request
|
131
|
-
Rails.logger.info request.headers.inspect
|
132
131
|
@current_user = nil
|
133
|
-
Rails.logger.info "Are there webhooks headers to check for? #{Settings.ns(:security).allowed_authorization_headers}"
|
134
132
|
Settings.ns(:security).allowed_authorization_headers.split(",").each do |header|
|
135
133
|
# puts "Found header #{header}: #{request.headers[header.underscore.dasherize]}"
|
136
134
|
check_authorization("Authorize#{header}".constantize.call(request.headers, request.raw_post)) if request.headers[header.underscore.dasherize]
|
137
135
|
end
|
138
136
|
|
139
|
-
Rails.logger.info "This is the default one, if the header doesn't have a valid form for one of the other Auth methods, then use this Auth Class"
|
140
137
|
check_authorization AuthorizeApiRequest.call(request.headers) unless @current_user
|
141
|
-
Rails.logger.info "Inspect @current_user: #{@current_user} if nil, then returns unauthenticated"
|
142
138
|
return unauthenticated!(OpenStruct.new({message: @auth_errors})) unless @current_user
|
143
139
|
|
144
|
-
Rails.logger.info "We are here, so the user authenticated"
|
145
140
|
current_user = @current_user
|
146
141
|
params[:current_user_id] = @current_user.id
|
147
142
|
# Now every time the user fires off a successful GET request,
|
data/lib/json_web_token.rb
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
class JsonWebToken
|
2
2
|
class << self
|
3
3
|
def encode(payload, expiry = 15.minutes.from_now.to_i)
|
4
|
-
::JWT.encode(payload.merge(exp: expiry), ::Rails.application.credentials.dig(:secret_key_base))
|
4
|
+
::JWT.encode(payload.merge(exp: expiry), ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])
|
5
5
|
end
|
6
6
|
|
7
7
|
def decode(token)
|
8
|
-
body = ::JWT.decode(token, ::Rails.application.credentials.dig(:secret_key_base))[0]
|
8
|
+
body = ::JWT.decode(token, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])[0]
|
9
9
|
::HashWithIndifferentAccess.new body
|
10
10
|
rescue
|
11
11
|
nil
|