model_driven_api 3.2.12 → 3.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0751f2c240c15ab7130628b14469555a3fb1abf74e80fba20c86b6a588c4d2db
|
|
4
|
+
data.tar.gz: 573b9acc768a3162a449e3c70890a1ab5be0e2b124eca9d0d3f6a25fc9928aba
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ace22af5f8fd756d69b251d4576997e907e38c275706960aa3b31a2149c63744506792f5995e604b0ec68fd08f8bae2f256e4013a43af7ae10a10474c018eaba
|
|
7
|
+
data.tar.gz: 961a3a7b3378981df8078b6b7369cc8eb1fb3cada953553de4e2cf2f677583ec6050a968bd3d6d85b483279ca9d24b9796ae06f5d8448bec944f6ca2fc601d2a
|
|
@@ -25,16 +25,16 @@ class AuthorizeApiRequest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def decoded_auth_token
|
|
28
|
-
Rails.logger.debug "AuthorizeApiRequest: http_auth_header -> #{http_auth_header}"
|
|
28
|
+
Rails.logger.debug "AuthorizeApiRequest: decoded_auth_token -> http_auth_header -> #{http_auth_header}"
|
|
29
29
|
@decoded_auth_token ||= JsonWebToken.decode(http_auth_header)
|
|
30
30
|
@decoded_auth_token
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def http_auth_header
|
|
34
|
-
Rails.logger.debug "AuthorizeApiRequest: Authorization -> #{headers['Authorization']}"
|
|
34
|
+
Rails.logger.debug "AuthorizeApiRequest: http_auth_header - Authorization -> #{headers['Authorization']}"
|
|
35
35
|
if headers['Authorization'].present?
|
|
36
36
|
token = headers['Authorization'].split(' ').last
|
|
37
|
-
Rails.logger.debug "AuthorizeApiRequest: token -> #{token}"
|
|
37
|
+
Rails.logger.debug "AuthorizeApiRequest: http_auth_header - token -> #{token}"
|
|
38
38
|
return token
|
|
39
39
|
else
|
|
40
40
|
errors.add(:token, "Missing token")
|
|
@@ -61,15 +61,18 @@ class Api::V2::InfoController < Api::V2::ApplicationController
|
|
|
61
61
|
end
|
|
62
62
|
|
|
63
63
|
def compute_type(model, key)
|
|
64
|
+
Rails.logger.debug "compute_type #{model} #{key}"
|
|
64
65
|
# if it's a file, a date or a text, then return string
|
|
65
66
|
instance = model.new
|
|
66
67
|
# If it's a method, it is a peculiar case, in which we have to return "object" and additionalProperties: true
|
|
67
68
|
return "method" if model.methods.include?(:json_attrs) && model.json_attrs && model.json_attrs.include?(:methods) && model.json_attrs[:methods].include?(key.to_sym)
|
|
68
69
|
# If it's not the case of a method, then it's a field
|
|
69
70
|
method_class = instance.send(key).class.to_s
|
|
71
|
+
Rails.logger.debug "compute_type #{model} #{key} #{method_class}"
|
|
70
72
|
method_key = model.columns_hash[key]
|
|
71
73
|
|
|
72
74
|
# Not columns
|
|
75
|
+
return nil if method_key.nil?
|
|
73
76
|
return "object" if method_class == "ActiveStorage::Attached::One"
|
|
74
77
|
return "array" if method_class == "ActiveStorage::Attached::Many" || method_class == "Array" || method_class.ends_with?("Array") || method_class.ends_with?("Collection") || method_class.ends_with?("Relation") || method_class.ends_with?("Set") || method_class.ends_with?("List") || method_class.ends_with?("Queue") || method_class.ends_with?("Stack") || method_class.ends_with?("ActiveRecord_Associations_CollectionProxy")
|
|
75
78
|
|
|
@@ -132,7 +135,7 @@ class Api::V2::InfoController < Api::V2::ApplicationController
|
|
|
132
135
|
[k, { "type": "array", "items": { "type": "object", "properties": properties } }] rescue nil
|
|
133
136
|
else
|
|
134
137
|
[k, { "type": type }]
|
|
135
|
-
end
|
|
138
|
+
end unless type.blank?
|
|
136
139
|
end.compact.to_h
|
|
137
140
|
end
|
|
138
141
|
|
data/config/routes.rb
CHANGED
data/lib/json_web_token.rb
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class JsonWebToken
|
|
2
2
|
class << self
|
|
3
|
-
def encode(payload, expiry =
|
|
3
|
+
def encode(payload, expiry = ENV.fetch('SESSION_TIMEOUT_IN_MINUTES', 31).to_i.minutes.from_now.to_i)
|
|
4
4
|
result = ::JWT.encode(payload.merge(exp: expiry), ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])
|
|
5
5
|
# Store the created token into the DB for later checks if is invalid
|
|
6
6
|
# In a public environment management, without login, it has no interest, so I don't pollute the DB
|
|
@@ -10,11 +10,12 @@ class JsonWebToken
|
|
|
10
10
|
|
|
11
11
|
def decode(token)
|
|
12
12
|
# Check if the passed token is present and valid into the UsedToken
|
|
13
|
-
raise "Token is invalidated by new login"
|
|
13
|
+
raise "Token is invalidated by new login" if !UsedToken.exists?(token: token, is_valid: true) && ENV["ALLOW_MULTISESSIONS"] == "false"
|
|
14
14
|
body = ::JWT.decode(token, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"])[0]
|
|
15
|
+
Rails.logger.debug "JsonWebToken: decode -> body -> #{body}"
|
|
15
16
|
::HashWithIndifferentAccess.new body
|
|
16
|
-
rescue
|
|
17
|
-
|
|
17
|
+
# rescue
|
|
18
|
+
# nil
|
|
18
19
|
end
|
|
19
20
|
end
|
|
20
21
|
end
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: model_driven_api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gabriele Tassoni
|
|
8
8
|
bindir: bin
|
|
9
9
|
cert_chain: []
|
|
10
|
-
date:
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
11
|
dependencies:
|
|
12
12
|
- !ruby/object:Gem::Dependency
|
|
13
13
|
name: thecore_backend_commons
|
|
@@ -167,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
167
167
|
- !ruby/object:Gem::Version
|
|
168
168
|
version: '0'
|
|
169
169
|
requirements: []
|
|
170
|
-
rubygems_version: 3.6.
|
|
170
|
+
rubygems_version: 3.6.7
|
|
171
171
|
specification_version: 4
|
|
172
172
|
summary: Convention based RoR engine which uses DB schema introspection to create
|
|
173
173
|
REST APIs.
|