rails_jwt_auth 0.18.1 → 1.3.1

data/app/models/concerns/rails_jwt_auth/recoverable.rb

@@ -1,13 +1,34 @@
 module RailsJwtAuth
   module Recoverable
+    def self.included(base)
+      base.class_eval do
+        if defined?(Mongoid) && base.ancestors.include?(Mongoid::Document)
+          # include GlobalID::Identification to use deliver_later method
+          # http://edgeguides.rubyonrails.org/active_job_basics.html#globalid
+          include GlobalID::Identification if RailsJwtAuth.deliver_later
+
+          field :reset_password_token,   type: String
+          field :reset_password_sent_at, type: Time
+        end
+
+        validate :validate_reset_password_token, if: :password_digest_changed?
+
+        before_update do
+          self.reset_password_token = nil if password_digest_changed? && reset_password_token
+        end
+      end
+    end
+
     def send_reset_password_instructions
+      email_field = RailsJwtAuth.email_field_name! # ensure email field es valid
+
       if self.class.ancestors.include?(RailsJwtAuth::Confirmable) && !confirmed?
-        errors.add(:email, I18n.t('rails_jwt_auth.errors.unconfirmed'))
+        errors.add(email_field, :unconfirmed)
         return false
       end
 
       self.reset_password_token = SecureRandom.base58(24)
-      self.reset_password_sent_at = Time.now
+      self.reset_password_sent_at = Time.current
       return false unless save
 
       mailer = Mailer.reset_password_instructions(self)
@@ -15,6 +36,7 @@ module RailsJwtAuth
     end
 
     def set_and_send_password_instructions
+      RailsJwtAuth.email_field_name! # ensure email field es valid
       return if password.present?
 
       self.password = SecureRandom.base58(48)
@@ -22,7 +44,7 @@ module RailsJwtAuth
       self.skip_confirmation! if self.class.ancestors.include?(RailsJwtAuth::Confirmable)
 
       self.reset_password_token = SecureRandom.base58(24)
-      self.reset_password_sent_at = Time.now
+      self.reset_password_sent_at = Time.current
       return false unless save
 
       mailer = Mailer.set_password_instructions(self)
@@ -30,33 +52,12 @@ module RailsJwtAuth
       true
     end
 
-    def self.included(base)
-      base.class_eval do
-        if base.ancestors.include? Mongoid::Document
-          # include GlobalID::Identification to use deliver_later method
-          # http://edgeguides.rubyonrails.org/active_job_basics.html#globalid
-          include GlobalID::Identification if RailsJwtAuth.deliver_later
-
-          field :reset_password_token,   type: String
-          field :reset_password_sent_at, type: Time
-        end
-
-        validate :validate_reset_password_token, if: :password_digest_changed?
-
-        before_update do
-          if password_digest_changed? && reset_password_token
-            self.reset_password_token = nil
-          end
-        end
-      end
-    end
-
-    private
+    protected
 
     def validate_reset_password_token
       if reset_password_sent_at &&
-         (reset_password_sent_at < (Time.now - RailsJwtAuth.reset_password_expiration_time))
-        errors.add(:reset_password_token, I18n.t('rails_jwt_auth.errors.expired'))
+         (reset_password_sent_at < (Time.current - RailsJwtAuth.reset_password_expiration_time))
+        errors.add(:reset_password_token, :expired)
       end
     end
   end

data/app/models/concerns/rails_jwt_auth/trackable.rb

@@ -1,7 +1,7 @@
 module RailsJwtAuth
   module Trackable
     def update_tracked_fields!(request)
-      self.last_sign_in_at = Time.now.utc
+      self.last_sign_in_at = Time.current
       self.last_sign_in_ip = request.respond_to?(:remote_ip) ? request.remote_ip : request.ip
       save(validate: false)
     end

data/app/views/rails_jwt_auth/mailer/confirmation_instructions.html.erb

@@ -1,5 +1,5 @@
-<p>Welcome <%= @user.email %>!</p>
+<p>Welcome <%= @user[RailsJwtAuth.email_field_name] %>!</p>
 
 <p>You can confirm your account email through the link below:</p>
 
-<p><%= link_to 'Confirm my account', @confirmation_url.html_safe %></p>
+<p><%= link_to 'Confirm my account', @confirmations_url.html_safe %></p>

data/app/views/rails_jwt_auth/mailer/email_changed.html.erb

@@ -0,0 +1,3 @@
+<p>Hello <%= @user[RailsJwtAuth.email_field_name] %>!</p>
+
+<p>We're contacting you to notify you that your email is being changed to <%= @user.unconfirmed_email %>.</p>

data/app/views/rails_jwt_auth/mailer/reset_password_instructions.html.erb

@@ -1,8 +1,8 @@
-<p>Hello <%= @user.email %>!</p>
+<p>Hello <%= @user[RailsJwtAuth.email_field_name] %>!</p>
 
 <p>Someone has requested a link to change your password. You can do this through the link below.</p>
 
-<p><%= link_to 'Change my password', @reset_password_url.html_safe %></p>
+<p><%= link_to 'Change my password', @reset_passwords_url.html_safe %></p>
 
 <p>If you didn't request this, please ignore this email.</p>
 <p>Your password won't change until you access the link above and create a new one.</p>

data/app/views/rails_jwt_auth/mailer/send_invitation.html.erb

@@ -1,6 +1,6 @@
-<p>Hello <%= @user.email %>!</p>
+<p>Hello <%= @user[RailsJwtAuth.email_field_name] %>!</p>
 
 <p>Someone has sent you an invitation to App.</p>
 <p>To complete registration setting a password, please click the following link.</p>
 
-<p><%= link_to "Accept invitation", @accept_invitation_url.html_safe %></p>
+<p><%= link_to "Accept invitation", @invitations_url.html_safe %></p>

data/app/views/rails_jwt_auth/mailer/set_password_instructions.html.erb

@@ -1,5 +1,5 @@
-<p>Hello <%= @user.email %>!</p>
+<p>Hello <%= @user[RailsJwtAuth.email_field_name] %>!</p>
 
 <p>You need to define your password to complete registration. You can do this through the link below.</p>
 
-<p><%= link_to 'Set my password', @reset_password_url.html_safe %></p>
+<p><%= link_to 'Set my password', @reset_passwords_url.html_safe %></p>

data/config/locales/en.yml

@@ -9,20 +9,5 @@ en:
         subject: "Set password instructions"
       send_invitation:
         subject: "Someone has sent you an invitation!"
-
-    errors:
-      unconfirmed: "unconfirmed email"
-      already_confirmed: "was already confirmed, please try signing in"
-      create_session: "invalid %{field} / password"
-      expired: "has expired, please request a new one"
-      invalid: "invalid"
-      blank: "blank"
-      not_found: "not found"
-      missing: "is missing"
-      email:
-        invalid: "is not an email"
-      current_password:
-        blank: "blank"
-        invalid: "invalid"
-      password:
-        blank: "blank"
+      email_changed:
+        subject: "Email changed"

data/lib/generators/rails_jwt_auth/install_generator.rb

@@ -2,16 +2,15 @@ class RailsJwtAuth::InstallGenerator < Rails::Generators::Base
   source_root File.expand_path('../../templates', __FILE__)
 
   def create_initializer_file
-    copy_file "initializer.rb", "config/initializers/rails_jwt_auth.rb"
+    copy_file 'initializer.rb', 'config/initializers/rails_jwt_auth.rb'
   end
 
   def create_routes
-    route "resource :session, controller: 'rails_jwt_auth/sessions', only: [:create, :destroy]"
-    route "resource :registration, controller: 'rails_jwt_auth/registrations', only: [:create, :update, :destroy]"
+    route "resources :session, controller: 'rails_jwt_auth/sessions', only: [:create, :destroy]"
+    route "resources :registration, controller: 'rails_jwt_auth/registrations', only: [:create, :update, :destroy]"
 
-    route "resource :confirmation, controller: 'rails_jwt_auth/confirmations', only: [:create, :update]"
-    route "resource :password, controller: 'rails_jwt_auth/passwords', only: [:create, :update]"
-
-    route "resource :invitation, controller: 'rails_jwt_auth/invitations', only: [:create, :update]"
+    route "resources :confirmations, controller: 'rails_jwt_auth/confirmations', only: [:create, :update]"
+    route "resources :passwords, controller: 'rails_jwt_auth/passwords', only: [:create, :update]"
+    route "resources :invitations, controller: 'rails_jwt_auth/invitations', only: [:create, :update]"
   end
 end

data/lib/generators/rails_jwt_auth/migrate_generator.rb

@@ -0,0 +1,17 @@
+class RailsJwtAuth::MigrateGenerator < Rails::Generators::Base
+  include Rails::Generators::Migration
+
+  source_root File.expand_path('../templates', __dir__)
+
+  def self.next_migration_number(_dir)
+    Time.current.strftime('%Y%m%d%H%M%S')
+  end
+
+  def create_initializer_file
+    migration_template 'migration.rb', "db/migrate/create_#{RailsJwtAuth.table_name}.rb"
+  end
+
+  def migration_version
+    "[#{Rails.version.split('.')[0..1].join('.')}]"
+  end
+end

data/lib/generators/templates/initializer.rb

@@ -5,11 +5,8 @@ RailsJwtAuth.setup do |config|
   # field name used to authentication with password
   #config.auth_field_name = 'email'
 
-  # set to true to validate auth_field email format
-  #config.auth_field_email = true
-
-  # regex used to Validate email format
-  #config.email_regex = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+  # define email field name used to send emails
+  #config.email_field_name = 'email'
 
   # expiration time for generated tokens
   #config.jwt_expiration_time = 7.days
@@ -18,34 +15,33 @@ RailsJwtAuth.setup do |config|
   #config.jwt_issuer = 'RailsJwtAuth'
 
   # number of simultaneously sessions for an user
-  #config.simultaneously_sessions = 2
+  #config.simultaneous_sessions = 2
 
   # mailer sender
   #config.mailer_sender = 'initialize-mailer_sender@example.com'
 
-  # url used to create email link with confirmation token
-  #config.confirmation_url = 'http://frontend.com/confirmation'
-
   # expiration time for confirmation tokens
   #config.confirmation_expiration_time = 1.day
 
+  # expiration time for reset password tokens
+  #config.reset_password_expiration_time = 1.day
+
+  # time an invitation is valid after sent
+  # config.invitation_expiration_time = 2.days
+
+  # url used to create email link with confirmation token
+  #config.confirmations_url = 'http://frontend.com/confirmation'
+
   # url used to create email link with reset password token
-  #config.reset_password_url = 'http://frontend.com/reset_password'
+  #config.reset_passwords_url = 'http://frontend.com/reset_password'
 
   # url used to create email link with set password token
-  #config.set_password_url = 'http://frontend.com/set_password'
+  # by set_and_send_password_instructions method
+  #config.set_passwords_url = 'http://frontend.com/set_password'
 
-  # expiration time for reset password tokens
-  #config.reset_password_expiration_time = 1.day
+  # url used to create email link with activation token parameter to accept invitation
+  #config.invitations_url = 'http://frontend.com/accept_invitation'
 
   # uses deliver_later to send emails instead of deliver method
   #config.deliver_later = false
-
-  # Invitable configuration
-  # 
-  # Time an invitation is valid after sent
-  # config.invitation_expiration_time = 2.days
-  #
-  # URL used to create email link to activate invitation
-  # config.accept_invitation_url = 'http://frontend.com/accept_invitation'
 end

data/lib/generators/templates/migration.rb

@@ -0,0 +1,29 @@
+class Create<%= RailsJwtAuth.model_name.pluralize %> < ActiveRecord::Migration<%= migration_version %>
+  def change
+    create_table :<%= RailsJwtAuth.table_name %> do |t|
+      t.string :email
+      t.string :password_digest
+      t.string :auth_tokens
+
+      ## Confirmable
+      # t.string :unconfirmed_email
+      # t.string :confirmation_token
+      # t.datetime :confirmation_sent_at
+      # t.datetime :confirmed_at
+
+      ## Recoverable
+      # t.string :reset_password_token
+      # t.datetime :reset_password_sent_at
+
+      ## Trackable
+      # t.string :last_sign_in_ip
+      # t.datetime :last_sign_in_at
+
+      ## Invitable
+      # t.string :invitation_token
+      # t.datetime :invitation_sent_at
+      # t.datetime :invitation_accepted_at
+      # t.datetime :invitation_created_at
+    end
+  end
+end

data/lib/rails_jwt_auth/engine.rb

@@ -1,25 +1,4 @@
 module RailsJwtAuth
   class Engine < ::Rails::Engine
-    require 'rails_jwt_auth/strategies/jwt'
-
-    config.generators do |g|
-      g.test_framework :rspec
-      g.fixture_replacement :factory_girl, dir: 'spec/factories'
-    end
-
-    initializer 'rails_jwt_auth.warden' do |app|
-      app.middleware.insert_after ActionDispatch::Callbacks, Warden::Manager do |manager|
-        manager.default_strategies :authentication_token
-        manager.failure_app = UnauthorizedController
-      end
-
-      Warden::Strategies.add(:authentication_token, Strategies::Jwt)
-
-      Warden::Manager.after_set_user except: :fetch do |record, warden, options|
-        if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope])
-          record.update_tracked_fields!(warden.request)
-        end
-      end
-    end
   end
 end

data/lib/rails_jwt_auth/jwt_manager.rb

@@ -0,0 +1,33 @@
+require 'jwt'
+
+module RailsJwtAuth
+  module JwtManager
+    def self.secret_key_base
+      Rails.application.secrets.secret_key_base || Rails.application.credentials.secret_key_base
+    end
+
+    # Encodes and signs JWT Payload with expiration
+    def self.encode(payload)
+      payload.reverse_merge!(meta)
+      JWT.encode(payload, secret_key_base)
+    end
+
+    # Decodes the JWT with the signed secret
+    # [{"auth_token"=>"xxx", "exp"=>148..., "iss"=>"RJA"}, {"typ"=>"JWT", "alg"=>"HS256"}]
+    def self.decode(token)
+      JWT.decode(token, secret_key_base)
+    end
+
+    # Default options to be encoded in the token
+    def self.meta
+      {
+        exp: RailsJwtAuth.jwt_expiration_time.from_now.to_i,
+        iss: RailsJwtAuth.jwt_issuer
+      }
+    end
+
+    def self.decode_from_request(request)
+      decode(request.env['HTTP_AUTHORIZATION']&.split&.last)
+    end
+  end
+end

data/lib/rails_jwt_auth/spec_helpers.rb

@@ -0,0 +1,19 @@
+module RailsJwtAuth
+  module SpecHelpers
+    def sign_in(user)
+      allow_any_instance_of(RailsJwtAuth::AuthenticableHelper)
+        .to receive(:authenticate!).and_return(true)
+
+      allow_any_instance_of(RailsJwtAuth::AuthenticableHelper)
+        .to receive(:current_user).and_return(user.class.find(user.id))
+    end
+
+    def sign_out
+      allow_any_instance_of(RailsJwtAuth::AuthenticableHelper)
+        .to receive(:authenticate!).and_call_original
+
+      allow_any_instance_of(RailsJwtAuth::AuthenticableHelper)
+        .to receive(:current_user).and_call_original
+    end
+  end
+end

data/lib/rails_jwt_auth/version.rb

@@ -1,3 +1,3 @@
 module RailsJwtAuth
-  VERSION = '0.18.1'
+  VERSION = '1.3.1'
 end

data/lib/rails_jwt_auth.rb

@@ -1,62 +1,99 @@
-require "warden"
-require "bcrypt"
+require 'bcrypt'
 
-require "rails_jwt_auth/engine"
+require 'rails_jwt_auth/engine'
+require 'rails_jwt_auth/jwt_manager'
 
 module RailsJwtAuth
+  InvalidEmailField = Class.new(StandardError)
+  InvalidAuthField = Class.new(StandardError)
+  NotConfirmationsUrl = Class.new(StandardError)
+  NotInvitationsUrl = Class.new(StandardError)
+  NotResetPasswordsUrl = Class.new(StandardError)
+  NotSetPasswordsUrl = Class.new(StandardError)
+
   mattr_accessor :model_name
-  @@model_name = 'User'
+  self.model_name = 'User'
 
   mattr_accessor :auth_field_name
-  @@auth_field_name = 'email'
-
-  mattr_accessor :auth_field_email
-  @@auth_field_email = true
+  self.auth_field_name = 'email'
 
-  mattr_accessor :email_regex
-  @@email_regex = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+  mattr_accessor :email_field_name
+  self.email_field_name = 'email'
 
   mattr_accessor :jwt_expiration_time
-  @@jwt_expiration_time = 7.days
+  self.jwt_expiration_time = 7.days
 
   mattr_accessor :jwt_issuer
-  @@jwt_issuer = 'RailsJwtAuth'
+  self.jwt_issuer = 'RailsJwtAuth'
 
   mattr_accessor :simultaneous_sessions
-  @@simultaneous_sessions = 2
+  self.simultaneous_sessions = 2
 
   mattr_accessor :mailer_sender
-  @@mailer_sender = 'initialize-mailer_sender@example.com'
+  self.mailer_sender = 'initialize-mailer_sender@example.com'
 
-  mattr_accessor :confirmation_url
-  @@confirmation_url = nil
+  mattr_accessor :send_email_changed_notification
+  self.send_email_changed_notification = true
 
   mattr_accessor :confirmation_expiration_time
-  @@confirmation_expiration_time = 1.day
+  self.confirmation_expiration_time = 1.day
 
-  mattr_accessor :reset_password_url
-  @@reset_password_url = nil
+  mattr_accessor :reset_password_expiration_time
+  self.reset_password_expiration_time = 1.day
 
-  mattr_accessor :set_password_url
-  @@set_password_url = nil
+  mattr_accessor :invitation_expiration_time
+  self.invitation_expiration_time = 2.days
 
-  mattr_accessor :reset_password_expiration_time
-  @@reset_password_expiration_time = 1.day
+  mattr_accessor :confirmations_url
+  self.confirmations_url = nil
 
-  mattr_accessor :deliver_later
-  @@deliver_later = false
+  mattr_accessor :reset_passwords_url
+  self.reset_passwords_url = nil
 
-  mattr_accessor :invitation_expiration_time
-  @@invitation_expiration_time = 2.days
+  mattr_accessor :set_passwords_url
+  self.set_passwords_url = nil
 
-  mattr_accessor :invitation_url
-  @@invitation_url = nil
+  mattr_accessor :invitations_url
+  self.invitations_url = nil
+
+  mattr_accessor :deliver_later
+  self.deliver_later = false
 
   def self.model
-    @@model_name.constantize
+    model_name.constantize
+  end
+
+  def self.table_name
+    model_name.underscore.pluralize
   end
 
   def self.setup
     yield self
   end
+
+  def self.auth_field_name!
+    field_name = RailsJwtAuth.auth_field_name
+    klass = RailsJwtAuth.model
+
+    unless field_name.present? &&
+           (klass.respond_to?(:column_names) && klass.column_names.include?(field_name) ||
+            klass.respond_to?(:fields) && klass.fields[field_name])
+      raise RailsJwtAuth::InvalidAuthField
+    end
+
+    field_name
+  end
+
+  def self.email_field_name!
+    field_name = RailsJwtAuth.email_field_name
+    klass = RailsJwtAuth.model
+
+    unless field_name.present? &&
+           (klass.respond_to?(:column_names) && klass.column_names.include?(field_name) ||
+            klass.respond_to?(:fields) && klass.fields[field_name])
+      raise RailsJwtAuth::InvalidEmailField
+    end
+
+    field_name
+  end
 end

metadata

@@ -1,71 +1,63 @@
 --- !ruby/object:Gem::Specification
 name: rails_jwt_auth
 version: !ruby/object:Gem::Version
-  version: 0.18.1
+  version: 1.3.1
 platform: ruby
 authors:
 - rjurado
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-12-19 00:00:00.000000000 Z
+date: 2019-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.0'
-- !ruby/object:Gem::Dependency
-  name: warden
+  name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '3.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '3.1'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
-  name: bcrypt
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.1'
 description: Rails authentication solution based on Warden and JWT and inspired by
   Devise.
 email:
@@ -77,9 +69,9 @@ files:
 - MIT-LICENSE
 - README.md
 - Rakefile
+- app/controllers/concerns/rails_jwt_auth/authenticable_helper.rb
 - app/controllers/concerns/rails_jwt_auth/params_helper.rb
 - app/controllers/concerns/rails_jwt_auth/render_helper.rb
-- app/controllers/concerns/rails_jwt_auth/warden_helper.rb
 - app/controllers/rails_jwt_auth/confirmations_controller.rb
 - app/controllers/rails_jwt_auth/invitations_controller.rb
 - app/controllers/rails_jwt_auth/passwords_controller.rb
@@ -92,23 +84,21 @@ files:
 - app/models/concerns/rails_jwt_auth/invitable.rb
 - app/models/concerns/rails_jwt_auth/recoverable.rb
 - app/models/concerns/rails_jwt_auth/trackable.rb
-- app/validators/email_validator.rb
 - app/views/rails_jwt_auth/mailer/confirmation_instructions.html.erb
+- app/views/rails_jwt_auth/mailer/email_changed.html.erb
 - app/views/rails_jwt_auth/mailer/reset_password_instructions.html.erb
 - app/views/rails_jwt_auth/mailer/send_invitation.html.erb
 - app/views/rails_jwt_auth/mailer/set_password_instructions.html.erb
 - config/locales/en.yml
 - lib/generators/rails_jwt_auth/install_generator.rb
+- lib/generators/rails_jwt_auth/migrate_generator.rb
 - lib/generators/templates/initializer.rb
+- lib/generators/templates/migration.rb
 - lib/rails_jwt_auth.rb
 - lib/rails_jwt_auth/engine.rb
-- lib/rails_jwt_auth/jwt/manager.rb
-- lib/rails_jwt_auth/jwt/request.rb
-- lib/rails_jwt_auth/spec/helpers.rb
-- lib/rails_jwt_auth/spec/not_authorized.rb
-- lib/rails_jwt_auth/strategies/jwt.rb
+- lib/rails_jwt_auth/jwt_manager.rb
+- lib/rails_jwt_auth/spec_helpers.rb
 - lib/rails_jwt_auth/version.rb
-- lib/tasks/rails_token_jwt_tasks.rake
 homepage: https://github.com/rjurado01/rails_jwt_auth
 licenses:
 - MIT
@@ -129,7 +119,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.7.3
 signing_key: 
 specification_version: 4
 summary: Rails jwt authentication.