passkeys-rails 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +4 -4
- data/app/controllers/concerns/{passkeys/rails → passkeys_rails}/authentication.rb +6 -6
- data/app/controllers/passkeys_rails/application_controller.rb +22 -0
- data/app/controllers/passkeys_rails/passkeys_controller.rb +61 -0
- data/app/interactors/{passkeys/rails → passkeys_rails}/begin_authentication.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/begin_challenge.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/begin_registration.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/finish_authentication.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/finish_registration.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/generate_auth_token.rb +4 -4
- data/app/interactors/{passkeys/rails → passkeys_rails}/refresh_token.rb +1 -1
- data/app/interactors/{passkeys/rails → passkeys_rails}/validate_auth_token.rb +3 -3
- data/app/models/concerns/{passkeys/rails → passkeys_rails}/authenticatable.rb +1 -1
- data/app/models/{passkeys/rails → passkeys_rails}/agent.rb +1 -1
- data/app/models/{passkeys/rails → passkeys_rails}/application_record.rb +1 -1
- data/app/models/{passkeys/rails → passkeys_rails}/error.rb +1 -1
- data/app/models/{passkeys/rails → passkeys_rails}/passkey.rb +1 -1
- data/config/initializers/application_controller.rb +5 -5
- data/config/routes.rb +1 -1
- data/lib/generators/passkeys_rails/USAGE +1 -1
- data/lib/generators/passkeys_rails/install_generator.rb +12 -14
- data/lib/generators/passkeys_rails/templates/README +1 -1
- data/lib/generators/passkeys_rails/templates/passkeys_rails_config.rb +1 -1
- data/lib/passkeys-rails.rb +21 -23
- data/lib/{passkeys/rails → passkeys_rails}/engine.rb +2 -2
- data/lib/passkeys_rails/railtie.rb +17 -0
- data/lib/passkeys_rails/version.rb +3 -0
- metadata +20 -23
- data/app/assets/config/passkeys_rails_manifest.js +0 -1
- data/app/assets/stylesheets/passkeys_rails/application.css +0 -15
- data/app/controllers/passkeys/rails/application_controller.rb +0 -24
- data/app/controllers/passkeys/rails/passkeys_controller.rb +0 -63
- data/app/views/layouts/passkeys/rails/application.html.erb +0 -15
- data/lib/passkeys/rails/railtie.rb +0 -19
- data/lib/passkeys/rails/version.rb +0 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2eb3101d4ecba95639b4cc95adfa6a86939b7bdc3e6db0e3c26ed9e154d9fa97
|
|
4
|
+
data.tar.gz: 86cc744ced315cb5a662743f2cbf44fa20a05f7fbe444103b62a82281b009edd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f2b55ac5a4aea2f969ab32cff126f6cab53f2a0b819a998668d58b794231a4f6ca378247af0e2561fbf0062760ea0724641c36b4915c2bd2a9f24aedf2909a23
|
|
7
|
+
data.tar.gz: 115f5c9c098da302f13d45e6871ae0152a8bd454d4d5281effc29afcc7e1dfacf0b838322bb55ff5f9b17caf2f846917e1596c0f8e4fc8a525bf710e986e7a5f
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
[](https://badge.fury.io/rb/passkeys-rails)
|
|
2
2
|
[](https://travis-ci.org/alliedcode/passkeys-rails)
|
|
3
3
|
[](https://codecov.io/gh/alliedcode/passkeys-rails)
|
|
4
4
|
|
|
5
|
-
#
|
|
5
|
+
# PasskeysRails
|
|
6
6
|
Devise is awesome, but we don't need all that UI/UX for PassKeys. This gem is to make it easy to provide a back end that authenticates a mobile front end with PassKeys.
|
|
7
7
|
|
|
8
8
|
## Usage
|
|
9
9
|
rails passkeys-rails::install
|
|
10
|
-
|
|
10
|
+
PasskeysRails maintains an Agent model and related Passeys. If you have a user model, add `include PasskeysRails::Authenticatable` to your model and include the name of that class (e.g. "User") in the authenticatable_class param when calling the register API.
|
|
11
11
|
|
|
12
12
|
## Installation
|
|
13
13
|
Add this line to your application's Gemfile:
|
|
@@ -34,7 +34,7 @@ Depending on your application's configuration some manual setup may be required:
|
|
|
34
34
|
|
|
35
35
|
before_action :authenticate_passkey!, except: [:index]
|
|
36
36
|
|
|
37
|
-
2. Optionally include
|
|
37
|
+
2. Optionally include PasskeysRails::Authenticatable to the model(s) you are using as
|
|
38
38
|
your user model(s). For example, the User model.
|
|
39
39
|
|
|
40
40
|
3. See the reference mobile applications for how to use passkeys-rails for passkey
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
module
|
|
1
|
+
module PasskeysRails
|
|
2
2
|
module Authentication
|
|
3
3
|
extend ActiveSupport::Concern
|
|
4
4
|
|
|
5
5
|
included do
|
|
6
|
-
rescue_from
|
|
6
|
+
rescue_from PasskeysRails::Error do |e|
|
|
7
7
|
render json: e.to_h, status: :unauthorized
|
|
8
8
|
end
|
|
9
9
|
end
|
|
@@ -17,13 +17,13 @@ module Passkeys::Rails
|
|
|
17
17
|
def authenticate_passkey!
|
|
18
18
|
return if validated_auth_token.success?
|
|
19
19
|
|
|
20
|
-
raise
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
raise PasskeysRails::Error.new(:authentication,
|
|
21
|
+
code: :unauthorized,
|
|
22
|
+
message: "You are not authorized to access this resource.")
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def validated_auth_token
|
|
26
|
-
@validated_auth_token ||=
|
|
26
|
+
@validated_auth_token ||= PasskeysRails::ValidateAuthToken.call(auth_token: request.headers['HTTP_X_AUTH'])
|
|
27
27
|
end
|
|
28
28
|
end
|
|
29
29
|
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
module PasskeysRails
|
|
2
|
+
class ApplicationController < ActionController::Base
|
|
3
|
+
rescue_from ::Interactor::Failure, with: :handle_interactor_failure
|
|
4
|
+
rescue_from ActionController::ParameterMissing, with: :handle_missing_parameter
|
|
5
|
+
|
|
6
|
+
protected
|
|
7
|
+
|
|
8
|
+
def handle_missing_parameter(error)
|
|
9
|
+
render_error(:authentication, 'missing_parameter', error.message)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def handle_interactor_failure(failure)
|
|
13
|
+
render_error(:authentication, failure.context.code, failure.context.message)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
private
|
|
17
|
+
|
|
18
|
+
def render_error(context, code, message, status: :unprocessable_entity)
|
|
19
|
+
render json: { error: { context:, code:, message: } }, status:
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
module PasskeysRails
|
|
2
|
+
class PasskeysController < ApplicationController
|
|
3
|
+
def challenge
|
|
4
|
+
result = PasskeysRails::BeginChallenge.call!(username: challenge_params[:username])
|
|
5
|
+
|
|
6
|
+
# Store the challenge so we can verify the future register or authentication request
|
|
7
|
+
session[:passkeys_rails] = result.session_data
|
|
8
|
+
|
|
9
|
+
render json: result.response.as_json
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def register
|
|
13
|
+
result = PasskeysRails::FinishRegistration.call!(credential: attestation_credential_params.to_h,
|
|
14
|
+
authenticatable_class:,
|
|
15
|
+
username: session.dig(:passkeys_rails, :username),
|
|
16
|
+
challenge: session.dig(:passkeys_rails, :challenge))
|
|
17
|
+
|
|
18
|
+
render json: { username: result.username, auth_token: result.auth_token }
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def authenticate
|
|
22
|
+
result = PasskeysRails::FinishAuthentication.call!(credential: authentication_params.to_h,
|
|
23
|
+
challenge: session.dig(:passkeys_rails, :challenge))
|
|
24
|
+
|
|
25
|
+
render json: { username: result.username, auth_token: result.auth_token }
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def refresh
|
|
29
|
+
result = PasskeysRails::RefreshToken.call!(token: refresh_params[:auth_token])
|
|
30
|
+
render json: { username: result.username, auth_token: result.auth_token }
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
protected
|
|
34
|
+
|
|
35
|
+
def challenge_params
|
|
36
|
+
params.permit(:username)
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def attestation_credential_params
|
|
40
|
+
credential = params.require(:credential)
|
|
41
|
+
credential.require(%i[id rawId type response])
|
|
42
|
+
credential.require(:response).require(%i[attestationObject clientDataJSON])
|
|
43
|
+
credential.permit(:id, :rawId, :type, { response: %i[attestationObject clientDataJSON] })
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def authenticatable_class
|
|
47
|
+
params[:authenticatable_class]
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def authentication_params
|
|
51
|
+
params.require(%i[id rawId type response])
|
|
52
|
+
params.require(:response).require(%i[authenticatorData clientDataJSON signature userHandle])
|
|
53
|
+
params.permit(:id, :rawId, :type, { response: %i[authenticatorData clientDataJSON signature userHandle] })
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def refresh_params
|
|
57
|
+
params.require(:auth_token)
|
|
58
|
+
params.permit(:auth_token)
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
module
|
|
1
|
+
module PasskeysRails
|
|
2
2
|
class GenerateAuthToken
|
|
3
3
|
include Interactor
|
|
4
4
|
|
|
@@ -12,12 +12,12 @@ module Passkeys::Rails
|
|
|
12
12
|
|
|
13
13
|
def generate_auth_token
|
|
14
14
|
JWT.encode(jwt_payload,
|
|
15
|
-
|
|
16
|
-
|
|
15
|
+
PasskeysRails.auth_token_secret,
|
|
16
|
+
PasskeysRails.auth_token_algorithm)
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def jwt_payload
|
|
20
|
-
expiration = (Time.current +
|
|
20
|
+
expiration = (Time.current + PasskeysRails.auth_token_expires_in).to_i
|
|
21
21
|
|
|
22
22
|
payload = { agent_id: agent.id }
|
|
23
23
|
payload[:exp] = expiration unless expiration.zero?
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
module
|
|
1
|
+
module PasskeysRails
|
|
2
2
|
class ValidateAuthToken
|
|
3
3
|
include Interactor
|
|
4
4
|
|
|
@@ -21,9 +21,9 @@ module Passkeys::Rails
|
|
|
21
21
|
|
|
22
22
|
def payload
|
|
23
23
|
JWT.decode(auth_token,
|
|
24
|
-
|
|
24
|
+
PasskeysRails.auth_token_secret,
|
|
25
25
|
true,
|
|
26
|
-
{ required_claims: %w[exp agent_id], algorithm:
|
|
26
|
+
{ required_claims: %w[exp agent_id], algorithm: PasskeysRails.auth_token_algorithm }).first
|
|
27
27
|
rescue JWT::ExpiredSignature
|
|
28
28
|
context.fail!(code: :expired_token, message: "The token has expired")
|
|
29
29
|
rescue StandardError => e
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# These should be autoloaded, but if these aren't required here, apps using this
|
|
2
|
-
# gem will throw an exception that
|
|
3
|
-
require_relative '../../app/controllers/concerns/
|
|
4
|
-
require_relative '../../app/models/
|
|
2
|
+
# gem will throw an exception that PasskeysRails::Authentication can't be found
|
|
3
|
+
require_relative '../../app/controllers/concerns/passkeys_rails/authentication'
|
|
4
|
+
require_relative '../../app/models/passkeys_rails/error'
|
|
5
5
|
|
|
6
6
|
class ActionController::Base
|
|
7
|
-
include
|
|
7
|
+
include PasskeysRails::Authentication
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
class ActionController::API
|
|
11
|
-
include
|
|
11
|
+
include PasskeysRails::Authentication
|
|
12
12
|
end
|
data/config/routes.rb
CHANGED
|
@@ -1,22 +1,20 @@
|
|
|
1
1
|
require 'rails/generators'
|
|
2
2
|
|
|
3
|
-
module
|
|
4
|
-
module
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
source_root File.expand_path("templates", __dir__)
|
|
3
|
+
module PasskeysRails
|
|
4
|
+
module Generators
|
|
5
|
+
class InstallGenerator < ::Rails::Generators::Base
|
|
6
|
+
source_root File.expand_path("templates", __dir__)
|
|
8
7
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
8
|
+
def copy_config
|
|
9
|
+
template 'passkeys_rails_config.rb', "config/initializers/passkeys_rails.rb"
|
|
10
|
+
end
|
|
12
11
|
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
12
|
+
def add_routes
|
|
13
|
+
route 'mount PasskeysRails::Engine => "/passkeys_rails"'
|
|
14
|
+
end
|
|
16
15
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
end
|
|
16
|
+
def show_readme
|
|
17
|
+
readme "README" if behavior == :invoke
|
|
20
18
|
end
|
|
21
19
|
end
|
|
22
20
|
end
|
|
@@ -8,7 +8,7 @@ Depending on your application's configuration some manual setup may be required:
|
|
|
8
8
|
|
|
9
9
|
before_action :authenticate_passkey!, except: [:index]
|
|
10
10
|
|
|
11
|
-
2. Optionally include
|
|
11
|
+
2. Optionally include PasskeysRails::Authenticatable to the model(s) you are using as
|
|
12
12
|
your user model(s). For example, the User model.
|
|
13
13
|
|
|
14
14
|
3. See the reference mobile applications for how to use passkeys-rails for passkey
|
data/lib/passkeys-rails.rb
CHANGED
|
@@ -1,36 +1,34 @@
|
|
|
1
1
|
# rubocop:disable Naming/FileName
|
|
2
|
-
require '
|
|
3
|
-
require '
|
|
2
|
+
require 'passkeys_rails/engine'
|
|
3
|
+
require 'passkeys_rails/version'
|
|
4
4
|
require_relative "generators/passkeys_rails/install_generator"
|
|
5
5
|
|
|
6
|
-
module
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
mattr_accessor(:auth_token_secret)
|
|
6
|
+
module PasskeysRails
|
|
7
|
+
# Secret used to encode the auth token.
|
|
8
|
+
# Rails.application.secret_key_base is used if none is defined here.
|
|
9
|
+
# Changing this value will invalidate all tokens that have been fetched
|
|
10
|
+
# through the API.
|
|
11
|
+
mattr_accessor(:auth_token_secret)
|
|
13
12
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
13
|
+
# Algorithm used to generate the auth token.
|
|
14
|
+
# Changing this value will invalidate all tokens that have been fetched
|
|
15
|
+
# through the API.
|
|
16
|
+
mattr_accessor :auth_token_algorithm, default: "HS256"
|
|
18
17
|
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
18
|
+
# How long the auth token is valid before requiring a refresh or new login.
|
|
19
|
+
# Set it to 0 for no expiration (not recommended in production).
|
|
20
|
+
mattr_accessor :auth_token_expires_in, default: 30.days
|
|
22
21
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
end
|
|
22
|
+
class << self
|
|
23
|
+
def config
|
|
24
|
+
yield self
|
|
27
25
|
end
|
|
28
|
-
|
|
29
|
-
require 'passkeys/rails/railtie' if defined?(Rails)
|
|
30
26
|
end
|
|
27
|
+
|
|
28
|
+
require 'passkeys_rails/railtie' if defined?(Rails)
|
|
31
29
|
end
|
|
32
30
|
|
|
33
31
|
ActiveSupport.on_load(:before_initialize) do
|
|
34
|
-
|
|
32
|
+
PasskeysRails.auth_token_secret ||= Rails.application.secret_key_base
|
|
35
33
|
end
|
|
36
34
|
# rubocop:enable Naming/FileName
|
|
@@ -6,9 +6,9 @@ require "interactor"
|
|
|
6
6
|
require "jwt"
|
|
7
7
|
require "webauthn"
|
|
8
8
|
|
|
9
|
-
module
|
|
9
|
+
module PasskeysRails
|
|
10
10
|
class Engine < ::Rails::Engine
|
|
11
|
-
isolate_namespace
|
|
11
|
+
isolate_namespace PasskeysRails
|
|
12
12
|
|
|
13
13
|
config.generators do |g|
|
|
14
14
|
g.test_framework :rspec
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
require 'passkeys-rails'
|
|
2
|
+
require 'rails'
|
|
3
|
+
|
|
4
|
+
module PasskeysRails
|
|
5
|
+
class Railtie < ::Rails::Railtie
|
|
6
|
+
railtie_name :passkeys_rails
|
|
7
|
+
|
|
8
|
+
rake_tasks do
|
|
9
|
+
path = File.expand_path(__dir__)
|
|
10
|
+
Dir.glob("#{path}/tasks/**/*.rake").each { |f| load f }
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
generators do
|
|
14
|
+
require "generators/passkeys_rails/install_generator"
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: passkeys-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Troy Anderson
|
|
@@ -351,25 +351,22 @@ files:
|
|
|
351
351
|
- MIT-LICENSE
|
|
352
352
|
- README.md
|
|
353
353
|
- Rakefile
|
|
354
|
-
- app/
|
|
355
|
-
- app/
|
|
356
|
-
- app/controllers/
|
|
357
|
-
- app/
|
|
358
|
-
- app/
|
|
359
|
-
- app/interactors/
|
|
360
|
-
- app/interactors/
|
|
361
|
-
- app/interactors/
|
|
362
|
-
- app/interactors/
|
|
363
|
-
- app/interactors/
|
|
364
|
-
- app/interactors/
|
|
365
|
-
- app/
|
|
366
|
-
- app/
|
|
367
|
-
- app/models/
|
|
368
|
-
- app/models/
|
|
369
|
-
- app/models/
|
|
370
|
-
- app/models/passkeys/rails/error.rb
|
|
371
|
-
- app/models/passkeys/rails/passkey.rb
|
|
372
|
-
- app/views/layouts/passkeys/rails/application.html.erb
|
|
354
|
+
- app/controllers/concerns/passkeys_rails/authentication.rb
|
|
355
|
+
- app/controllers/passkeys_rails/application_controller.rb
|
|
356
|
+
- app/controllers/passkeys_rails/passkeys_controller.rb
|
|
357
|
+
- app/interactors/passkeys_rails/begin_authentication.rb
|
|
358
|
+
- app/interactors/passkeys_rails/begin_challenge.rb
|
|
359
|
+
- app/interactors/passkeys_rails/begin_registration.rb
|
|
360
|
+
- app/interactors/passkeys_rails/finish_authentication.rb
|
|
361
|
+
- app/interactors/passkeys_rails/finish_registration.rb
|
|
362
|
+
- app/interactors/passkeys_rails/generate_auth_token.rb
|
|
363
|
+
- app/interactors/passkeys_rails/refresh_token.rb
|
|
364
|
+
- app/interactors/passkeys_rails/validate_auth_token.rb
|
|
365
|
+
- app/models/concerns/passkeys_rails/authenticatable.rb
|
|
366
|
+
- app/models/passkeys_rails/agent.rb
|
|
367
|
+
- app/models/passkeys_rails/application_record.rb
|
|
368
|
+
- app/models/passkeys_rails/error.rb
|
|
369
|
+
- app/models/passkeys_rails/passkey.rb
|
|
373
370
|
- config/initializers/application_controller.rb
|
|
374
371
|
- config/routes.rb
|
|
375
372
|
- db/migrate/20230620012530_create_passkeys_rails_agents.rb
|
|
@@ -379,9 +376,9 @@ files:
|
|
|
379
376
|
- lib/generators/passkeys_rails/templates/README
|
|
380
377
|
- lib/generators/passkeys_rails/templates/passkeys_rails_config.rb
|
|
381
378
|
- lib/passkeys-rails.rb
|
|
382
|
-
- lib/
|
|
383
|
-
- lib/
|
|
384
|
-
- lib/
|
|
379
|
+
- lib/passkeys_rails/engine.rb
|
|
380
|
+
- lib/passkeys_rails/railtie.rb
|
|
381
|
+
- lib/passkeys_rails/version.rb
|
|
385
382
|
- lib/tasks/passkeys_rails_tasks.rake
|
|
386
383
|
homepage: https://github.com/alliedcode/passkeys-rails
|
|
387
384
|
licenses:
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
//= link_directory ../stylesheets/passkeys_rails .css
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
|
3
|
-
* listed below.
|
|
4
|
-
*
|
|
5
|
-
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
|
6
|
-
* or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
|
|
7
|
-
*
|
|
8
|
-
* You're free to add application-wide styles to this file and they'll appear at the bottom of the
|
|
9
|
-
* compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
|
|
10
|
-
* files in this directory. Styles in this file should be added after the last require_* statement.
|
|
11
|
-
* It is generally better to create a new file per style scope.
|
|
12
|
-
*
|
|
13
|
-
*= require_tree .
|
|
14
|
-
*= require_self
|
|
15
|
-
*/
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
module Passkeys
|
|
2
|
-
module Rails
|
|
3
|
-
class ApplicationController < ActionController::Base
|
|
4
|
-
rescue_from ::Interactor::Failure, with: :handle_interactor_failure
|
|
5
|
-
rescue_from ActionController::ParameterMissing, with: :handle_missing_parameter
|
|
6
|
-
|
|
7
|
-
protected
|
|
8
|
-
|
|
9
|
-
def handle_missing_parameter(error)
|
|
10
|
-
render_error(:authentication, 'missing_parameter', error.message)
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def handle_interactor_failure(failure)
|
|
14
|
-
render_error(:authentication, failure.context.code, failure.context.message)
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
private
|
|
18
|
-
|
|
19
|
-
def render_error(context, code, message, status: :unprocessable_entity)
|
|
20
|
-
render json: { error: { context:, code:, message: } }, status:
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
end
|
|
@@ -1,63 +0,0 @@
|
|
|
1
|
-
module Passkeys
|
|
2
|
-
module Rails
|
|
3
|
-
class PasskeysController < ApplicationController
|
|
4
|
-
def challenge
|
|
5
|
-
result = Passkeys::Rails::BeginChallenge.call!(username: challenge_params[:username])
|
|
6
|
-
|
|
7
|
-
# Store the challenge so we can verify the future register or authentication request
|
|
8
|
-
session[:passkeys_rails] = result.session_data
|
|
9
|
-
|
|
10
|
-
render json: result.response.as_json
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def register
|
|
14
|
-
result = Passkeys::Rails::FinishRegistration.call!(credential: attestation_credential_params.to_h,
|
|
15
|
-
authenticatable_class:,
|
|
16
|
-
username: session.dig(:passkeys_rails, :username),
|
|
17
|
-
challenge: session.dig(:passkeys_rails, :challenge))
|
|
18
|
-
|
|
19
|
-
render json: { username: result.username, auth_token: result.auth_token }
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def authenticate
|
|
23
|
-
result = Passkeys::Rails::FinishAuthentication.call!(credential: authentication_params.to_h,
|
|
24
|
-
challenge: session.dig(:passkeys_rails, :challenge))
|
|
25
|
-
|
|
26
|
-
render json: { username: result.username, auth_token: result.auth_token }
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
def refresh
|
|
30
|
-
result = Passkeys::Rails::RefreshToken.call!(token: refresh_params[:auth_token])
|
|
31
|
-
render json: { username: result.username, auth_token: result.auth_token }
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
protected
|
|
35
|
-
|
|
36
|
-
def challenge_params
|
|
37
|
-
params.permit(:username)
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
def attestation_credential_params
|
|
41
|
-
credential = params.require(:credential)
|
|
42
|
-
credential.require(%i[id rawId type response])
|
|
43
|
-
credential.require(:response).require(%i[attestationObject clientDataJSON])
|
|
44
|
-
credential.permit(:id, :rawId, :type, { response: %i[attestationObject clientDataJSON] })
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
def authenticatable_class
|
|
48
|
-
params[:authenticatable_class]
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def authentication_params
|
|
52
|
-
params.require(%i[id rawId type response])
|
|
53
|
-
params.require(:response).require(%i[authenticatorData clientDataJSON signature userHandle])
|
|
54
|
-
params.permit(:id, :rawId, :type, { response: %i[authenticatorData clientDataJSON signature userHandle] })
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def refresh_params
|
|
58
|
-
params.require(:auth_token)
|
|
59
|
-
params.permit(:auth_token)
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
end
|
|
63
|
-
end
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
require 'passkeys-rails'
|
|
2
|
-
require 'rails'
|
|
3
|
-
|
|
4
|
-
module Passkeys
|
|
5
|
-
module Rails
|
|
6
|
-
class Railtie < ::Rails::Railtie
|
|
7
|
-
railtie_name :passkeys_rails
|
|
8
|
-
|
|
9
|
-
rake_tasks do
|
|
10
|
-
path = File.expand_path(__dir__)
|
|
11
|
-
Dir.glob("#{path}/tasks/**/*.rake").each { |f| load f }
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
generators do
|
|
15
|
-
require "generators/passkeys_rails/install_generator"
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
end
|