rails_javascript_web_tokens 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e485184d3005717b26ffcd61cb61642ade757d0ab14b6aaf242ac75b20681eec
+  data.tar.gz: 67cbe0eb438167409ec1924094b156cd0d8e4f32722abe79ba113ec22c78b0fd
+SHA512:
+  metadata.gz: 85394f3df196be8d67a13432bd3fc0b849a5e1f44c40a77ae0f052975377fb4e2801a7fda604dd5660293670909eac961d6e89840a44ecf6b61ea9f31a5c70ad
+  data.tar.gz: 0fe4cc779a9ca450ee7ec2f0ecdccd2f462d420faf3500c071b680915ad36a91fa2a8cad14e0b35937d420b9490d4c9dfb18b193f330618c5e7769c0b34da12f

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2021 ispirett
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,149 @@
+# rails_javascript_web_tokens
+
+## Work in progress
+Simple jwt rails authentication
+
+## Features
+##### Sign Up
+##### Sign in
+##### Authenticate any Controller action
+##### Refresh Token
+##### Expiration date for token => default 1.month
+
+
+## Installation
+```ruby
+gem 'rails_javascript_web_tokens', github: "https://github.com/Ispirett/rails_jwt"
+or 
+gem 'rails_javascript_web_tokens'
+```
+then execute:
+```bash
+$ bundle
+```
+```bash
+rails g rails_jwt:install
+```
+And then:
+
+```bash
+rails db:migrate
+```
+## Usage
+* Use authorize_user! helper for authenticating user with token 
+```ruby
+:authorize_user!
+```
+```ruby
+class TomController < ApplicationController
+before_action :authorize_user!, only: %w(create update)
+end 
+```
+* Use current_user to access the current logged in user
+```ruby
+class TomController < ApplicationController
+  def create
+    current_user.email 
+  end
+end 
+```
+## User model 
+* This gem creates a user model and handle securing password with bcrypt.
+* After running the gem's install command you will see the code below.
+* The details method is important to the gem.
+* You can add or remove attributes which will affect the response.
+
+```ruby
+def details
+    as_json(only: [:id, :email,:created_at])
+end
+```
+
+## Routes
+* This gem adds routes to your routes file like so.
+* Sign Up /rails_jwt/auth/sign_up
+* Sign In /rails_jwt/auth/sign_in
+
+```ruby
+  mount RailsJwt::Engine => "/rails_jwt", as: :rails_jwt
+```
+
+
+
+
+
+## Making  requests
+##### Sign Up
+
+```html
+rails_jwt/auth/sign_up
+```
+
+```json
+{ "user":{ "email":"hit@gmail.com", "password": "foobar", "password_confirmation": "foobar"}}
+```
+##### Response
+```json
+{
+    "status": "success",
+    "token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJleHAiOjE2MzQxNzg2MDd9.eJmaV2_fP8P52LiI9tJx_UTI8nTPxepuADz6KYK_Pew",
+    "user": {
+        "id": 1,
+        "email": "hit@gmail.com",
+        "created_at": "2021-10-07T02:30:07.894Z",
+    },
+    "exp": "07 20 73 01:00"
+}
+```
+
+## Sign In
+```html
+rails_jwt/auth/sign_in
+
+```
+
+```json
+{ "user":{ "email":"hit@gmail.com", "password": "foobar"}}
+```
+##### Response
+```json
+{
+    "status": "success",
+    "user": {
+        "id": 4,
+        "email": "test@gmail.com",
+        "created_at": "2021-10-07T17:20:28.592Z"
+    },
+    "token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE2MzM2Mjc2MjJ9.HjMN61WlujV9YYLZAQ3Xog53jbPTugwMrq0rxdNL_Qk",
+    "exp": "07-21-73 06:52"
+}
+```
+
+## Request with token
+* Add token user "AuthToken": '.........' in  headers
+```js
+      const api_add_error = async (data) => {
+        const token = 'eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2l.................'
+          try {
+              const response = await fetch('http://example.com/resource',{
+                  method: 'POST',
+                  headers: {
+                      'Content-Type': 'application/json',
+                      'AuthToken': token
+                  },
+                  body: JSON.stringify(data)
+              });
+              return  await response.json()
+          }
+          catch (e) {
+                 console.log(e)
+          }
+      }
+```
+
+
+## Contributing
+
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("spec/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"

data/app/controllers/concerns/controller_helpers.rb

@@ -0,0 +1,42 @@
+require 'active_support/concern'
+
+module ControllerHelpers
+  extend ActiveSupport::Concern
+  included do
+    def authorize_user!
+      header = request.headers[:AuthToken]
+      begin
+        @decoded = decode(header)
+        @current_user = User.find(@decoded[:user_id])
+
+      rescue ActiveRecord::RecordNotFound => e
+        render json: {status: :failed, msg: e.message}, status: :not_found
+
+      rescue JWT::DecodeError => e
+        render json: {status: :failed, refresh_token: refresh_jwt_user(header), msg: e.message}, status: :not_found
+      end
+    end
+
+
+    def refresh_jwt_user(token)
+      begin
+        user_id = Jwt.find_by(token: token).user_id
+        #=> generate new token
+        token = encode(user_id: user_id)
+        replace_token = Jwt.find_by(user_id: user_id)
+        replace_token.update_attribute(:token, token)
+        replace_token.token
+      rescue  => e
+        e
+      end
+    end
+  end
+
+
+  # module ClassMethods
+  #
+  #
+  # end
+  #
+  # extend ClassMethods
+end

data/app/controllers/rails_jwt/application_controller.rb

@@ -0,0 +1,4 @@
+module RailsJwt
+  class ApplicationController < ::ActionController::Base
+  end
+  end

data/app/controllers/rails_jwt/users_controller.rb

@@ -0,0 +1,67 @@
+require_dependency "rails_jwt/application_controller"
+
+module RailsJwt
+  class UsersController < ApplicationController
+    include RailsJwt::Controllers::Authentication
+    skip_before_action :verify_authenticity_token
+    before_action :check_passwords, only: :create
+    # gem 'rails_jwt', path:'/Users/ispirett/RubymineProjects/engines/rails_jwt'
+
+    def create
+      @user = User.new(user_params)
+      if @user.save
+        token = encode(user_id: @user.id)
+        # refactor to allow users to configure
+        time =  Time.now +  1.week.from_now.to_i
+        render json: {status: 'success', token: token,user: @user.details, exp: time.strftime('%m %d %y %H:%M')}, status: :ok
+      else
+        render json: {status: :failed, msg: @user.errors.full_messages}, status: :unauthorized
+      end
+    end
+
+    def sign_in
+      @user = User.find_by(email: params[:email].downcase)
+      if @user&.authenticate(params[:password])
+        #=> create new token from JwtAuth
+        token = encode(user_id: @user.id)
+        time = Time.now + 1.week.from_now.to_i
+
+        #=> create or update user to jwt model
+        if @logged_user = Jwt.find_by(user_id: @user.id)
+          @logged_user.update_attribute(:token, token)
+        else
+          Jwt.create(user_id: @user.id, token: token)
+        end
+
+        render json: {status: :success,user: @user.details, token:token, exp: time.strftime('%m-%d-%y %H:%M')},status: :ok
+      else
+        render json: {status: :failed, msg: 'email or password is incorrect'}, status: :unauthorized
+      end
+    end
+
+
+
+    private
+    def refresh_token
+      header = request.headers[:AuthToken]
+      render json: {status: :success, refresh_token: refresh_jwt_user(header)}
+    end
+
+    def user_params
+      params.require(:user).permit(:email,:password, :password_confirmation )
+    end
+
+    def check_passwords
+        if !user_params.include?(:password_confirmation)
+          render json: {status: :failed, msg: "Password confirmation can't be black", status: :unauthorize}
+        elsif user_params[:password] != user_params[:password_confirmation]
+        render json: {status: :failed, msg: "Your passwords do not match." , status: :unauthorize}
+      end
+    end
+  end
+
+
+
+
+end
+

data/app/mailers/rails_jwt/application_mailer.rb

@@ -0,0 +1,6 @@
+module RailsJwt
+  class ApplicationMailer < ActionMailer::Base
+    default from: 'from@example.com'
+    layout 'mailer'
+  end
+end

data/config/routes.rb

@@ -0,0 +1,4 @@
+RailsJwt::Engine.routes.draw do
+  match '/auth/sign_in' => "users#sign_in", via: :get, as: :sign_in
+  match '/auth/sign_up' => "users#create", via: :post, as: :sign_up
+end

data/lib/generators/rails_jwt/install_generator.rb

@@ -0,0 +1,43 @@
+module RailsJwt
+  class InstallGenerator < Rails::Generators::Base
+    source_root File.expand_path('templates', __dir__)
+
+    def install_route
+      route 'mount RailsJwt::Engine => "/rails_jwt", as: :rails_jwt'
+    end
+
+    def copy_user_model
+      copy_file "user.rb", "app/models/user.rb"
+    end
+
+    def copy_jwt_model
+      copy_file "jwt.rb", "app/models/jwt.rb"
+    end
+
+    def copy_migrations
+      # migration_template 'create_users.rb', 'db/migrate/rails_jtw_create_user.rb', migration_version
+      # migration_template 'create_jwts.rb', 'db/migrate/rails_jtw_create_jwts.rb', migration_version
+
+      copy_file "20211007002206_create_users.rb",
+                "db/migrate/20211007002206_create_users.rb"
+      copy_file "20211007002344_create_jwts.rb",
+                "db/migrate/20211007002344_create_jwts.rb"
+
+    end
+
+
+
+    private
+
+    def rails5_and_up?
+      Rails::VERSION::MAJOR >= 5
+    end
+
+    def migration_version
+      if rails5_and_up?
+        "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
+      end
+    end
+
+  end
+end

data/lib/generators/rails_jwt/templates/20211007002206_create_users.rb

@@ -0,0 +1,10 @@
+class CreateUsers < ActiveRecord::Migration[6.1]
+  def change
+    create_table :users do |t|
+      t.string :email
+      t.string :password_digest
+      t.timestamps
+    end
+    add_index :users, :email, unique: true
+  end
+end

data/lib/generators/rails_jwt/templates/20211007002344_create_jwts.rb

@@ -0,0 +1,10 @@
+class CreateJwts < ActiveRecord::Migration[6.1]
+  def change
+    create_table :jwts do |t|
+      t.string :token
+      t.integer :user_id, null: false, foreign_key: true
+
+      t.timestamps
+    end
+  end
+end

data/lib/generators/rails_jwt/templates/jwt.rb

@@ -0,0 +1,4 @@
+class Jwt < ApplicationRecord
+    belongs_to :user
+end
+

data/lib/generators/rails_jwt/templates/user.rb

@@ -0,0 +1,11 @@
+class User < ApplicationRecord
+  has_secure_password
+  EMAIL_REGEX =  /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i
+  validates :email, presence: true, format: {with: EMAIL_REGEX}, uniqueness: true
+  # validates :name, presence: true, length: {minimum: 3, maximum: 25}
+  # validates :username, presence: true,length:{minimum: 3, maximum: 25}
+
+  def details
+    as_json(only: [:id, :email,:created_at])
+  end
+end

data/lib/rails_jwt/controllers/authentication.rb

@@ -0,0 +1,19 @@
+module RailsJwt
+  module Controllers
+    module Authentication
+
+      SECRET_KEY =  ENV.fetch("RAILS_JWT_TOKEN", 'development')
+      # TODO refactor to allow users to ad there own expiration date
+      def encode(payout, exp = 1.month.from_now)
+        payout[:exp] = exp.to_i
+        JWT.encode(payout, SECRET_KEY)
+    
+      end
+    
+      def decode(token)
+        decode = JWT.decode(token, SECRET_KEY)[0]
+        HashWithIndifferentAccess.new decode
+      end
+    end 
+  end
+end

data/lib/rails_jwt/controllers/helpers.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+module RailsJwt
+  module Controllers
+    module Helpers
+      extend ActiveSupport::Concern
+      include RailsJwt::Controllers::Authentication
+
+      included do
+        def authorize_user!
+          header = request.headers[:AuthToken]
+          begin
+            @decoded = decode(header)
+            @current_user = User.find(@decoded[:user_id])
+
+          rescue ActiveRecord::RecordNotFound => e
+            render json: {status: :failed, msg: e.message}, status: :not_found
+
+          rescue JWT::DecodeError => e
+            render json: {status: :failed, refresh_token: refresh_jwt_user(header), msg: e.message}, status: :not_found
+          end
+        end
+
+
+        def refresh_jwt_user(token)
+          begin
+            user_id = Jwt.find_by(token: token).user_id
+            #=> generate new token
+            token = encode(user_id: user_id)
+            replace_token = Jwt.find_by(user_id: user_id)
+            replace_token.update_attribute(:token, token)
+            replace_token.token
+          rescue  => e
+            e
+          end
+        end
+
+        def current_user
+           @current_user
+        end
+
+      end
+
+    end
+  end
+end

data/lib/rails_jwt/engine.rb

@@ -0,0 +1,14 @@
+module RailsJwt
+  class Engine < ::Rails::Engine
+    isolate_namespace RailsJwt
+
+    config.generators do |g|
+      g.test_framework :rspec, fixture: false
+      g.fixture_replacement :factory_girl, dir: 'spec/factories'
+      g.assets false
+      g.helper false
+      g.template_engine false
+    end
+    ActionController::Base.send :include, RailsJwt::Controllers::Helpers
+  end
+end

data/lib/rails_jwt/version.rb

@@ -0,0 +1,3 @@
+module RailsJwt
+  VERSION = '0.1.0'
+end

data/lib/rails_jwt.rb

@@ -0,0 +1,13 @@
+require "rails_jwt/version"
+require 'Jwt'
+require 'bcrypt'
+require 'rails_jwt/controllers/authentication'
+require 'rails_jwt/controllers/helpers'
+require "rails_jwt/engine"
+
+module RailsJwt
+  module Controllers
+    autoload :Authentication, 'rails_jwt/controllers/authentication'
+    autoload :Helpers, 'rails_jwt/controllers/helpers'
+  end
+end

data/lib/tasks/rails_jwt_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :rails_jwt do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: rails_javascript_web_tokens
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- ispirett
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-10-08 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.1.4.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 6.1.4
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 6.1.4.1
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.16
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.16
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Integrate jwt in your application with a few simple steps
+email:
+- ispirett@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/concerns/controller_helpers.rb
+- app/controllers/rails_jwt/application_controller.rb
+- app/controllers/rails_jwt/users_controller.rb
+- app/mailers/rails_jwt/application_mailer.rb
+- config/routes.rb
+- lib/generators/rails_jwt/install_generator.rb
+- lib/generators/rails_jwt/templates/20211007002206_create_users.rb
+- lib/generators/rails_jwt/templates/20211007002344_create_jwts.rb
+- lib/generators/rails_jwt/templates/jwt.rb
+- lib/generators/rails_jwt/templates/user.rb
+- lib/rails_jwt.rb
+- lib/rails_jwt/controllers/authentication.rb
+- lib/rails_jwt/controllers/helpers.rb
+- lib/rails_jwt/engine.rb
+- lib/rails_jwt/version.rb
+- lib/tasks/rails_jwt_tasks.rake
+homepage: https://github.com/Ispirett/rails_jwt
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/Ispirett/rails_jwt
+  source_code_uri: https://github.com/Ispirett/rails_jwt
+  changelog_uri: https://github.com/Ispirett/rails_jwt/CHANGELOG.md
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key: 
+specification_version: 4
+summary: Use jwt with rails no code
+test_files: []