model_driven_api 3.0.5 → 3.0.6
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1ba0922c4a172c2281c46307ba065d30ef787167503aeaa468731c939e277904
|
|
4
|
+
data.tar.gz: 9ec7f34e99684acf9f978d6fed80f8cd14cf82ae41a06366b4ee9b6ce89232c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d16adf2aacce296e357c96ac4ca923850c9bb106f996bcde912d504d0df3991d7c52963fadc928fd08f86ab64f2e3aa1bee1d1c6eec243643f7854ace4495f44
|
|
7
|
+
data.tar.gz: 4333524807337ded6bb5eba120b558e6c342914450287a3fcd7867f82486c693467cbf5ebf77fa884a089a5c0b755ba6bf9a7026253949662873cc73fa8e6a51
|
data/README.md
CHANGED
|
@@ -480,8 +480,6 @@ Once loaded the tests inside the insomnia application, please right click on the
|
|
|
480
480
|
|
|
481
481
|
## TODO
|
|
482
482
|
|
|
483
|
-
* Document the new feature (from version 2.3.3) to add Authentication methods which override the JWT described above. Useful for Webhooks and machine2machine trusted dialogues.
|
|
484
|
-
|
|
485
483
|
## References
|
|
486
484
|
Thanks to all these people for ideas:
|
|
487
485
|
|
|
@@ -11,8 +11,6 @@ class AuthenticateUser
|
|
|
11
11
|
if !first_arg[:email].blank? && !first_arg[:password].blank?
|
|
12
12
|
@email = first_arg[:email]
|
|
13
13
|
@password = first_arg[:password]
|
|
14
|
-
elsif !first_arg[:access_token].blank?
|
|
15
|
-
@access_token = first_arg[:access_token]
|
|
16
14
|
end
|
|
17
15
|
end
|
|
18
16
|
|
|
@@ -30,15 +28,13 @@ class AuthenticateUser
|
|
|
30
28
|
|
|
31
29
|
private
|
|
32
30
|
|
|
33
|
-
attr_accessor :email, :password
|
|
31
|
+
attr_accessor :email, :password
|
|
34
32
|
|
|
35
33
|
def api_user
|
|
36
34
|
if !email.blank? && !password.blank?
|
|
37
35
|
user = User.find_by(email: email)
|
|
38
36
|
# Verify the password.
|
|
39
37
|
user = nil if user.blank? || user.authenticate(password).blank?
|
|
40
|
-
elsif !access_token.blank?
|
|
41
|
-
user = User.find_by(access_token: access_token)
|
|
42
38
|
end
|
|
43
39
|
|
|
44
40
|
raise AccessDenied unless user.present?
|
|
@@ -2,7 +2,7 @@ class Api::V2::AuthenticationController < ActionController::API
|
|
|
2
2
|
include ::ApiExceptionManagement
|
|
3
3
|
|
|
4
4
|
def authenticate
|
|
5
|
-
command =
|
|
5
|
+
command = AuthenticateUser.call(email: params[:auth][:email], password: params[:auth][:password])
|
|
6
6
|
|
|
7
7
|
if command.success?
|
|
8
8
|
response.headers['Token'] = command.result[:jwt]
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: model_driven_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.0.
|
|
4
|
+
version: 3.0.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-02-
|
|
11
|
+
date: 2023-02-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: thecore_backend_commons
|
|
@@ -121,7 +121,6 @@ files:
|
|
|
121
121
|
- Rakefile
|
|
122
122
|
- app/commands/authenticate_user.rb
|
|
123
123
|
- app/commands/authorize_api_request.rb
|
|
124
|
-
- app/commands/authorize_machine_2_machine.rb
|
|
125
124
|
- app/controllers/api/v2/application_controller.rb
|
|
126
125
|
- app/controllers/api/v2/authentication_controller.rb
|
|
127
126
|
- app/controllers/api/v2/info_controller.rb
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
class AuthorizeMachine2Machine
|
|
2
|
-
prepend SimpleCommand
|
|
3
|
-
|
|
4
|
-
def initialize(headers = {})
|
|
5
|
-
@headers = headers
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
def call
|
|
9
|
-
api_user
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
private
|
|
13
|
-
|
|
14
|
-
attr_reader :headers
|
|
15
|
-
|
|
16
|
-
def api_user
|
|
17
|
-
token = http_auth_header
|
|
18
|
-
user = User.find_by(access_token: token) unless token.blank?
|
|
19
|
-
@api_user = user if user
|
|
20
|
-
@api_user || errors.add(:token, "Invalid token") && nil
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def http_auth_header
|
|
24
|
-
if headers['Authorization'].present?
|
|
25
|
-
return headers['Authorization'].split(' ').last
|
|
26
|
-
else
|
|
27
|
-
errors.add(:token, "Missing token")
|
|
28
|
-
end
|
|
29
|
-
nil
|
|
30
|
-
end
|
|
31
|
-
end
|