rails_jwt_auth 0.23.2 → 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +77 -219
- data/app/controllers/concerns/rails_jwt_auth/authenticable_helper.rb +31 -0
- data/app/controllers/rails_jwt_auth/confirmations_controller.rb +3 -6
- data/app/controllers/rails_jwt_auth/invitations_controller.rb +5 -8
- data/app/controllers/rails_jwt_auth/passwords_controller.rb +3 -7
- data/app/controllers/rails_jwt_auth/sessions_controller.rb +13 -9
- data/app/mailers/rails_jwt_auth/mailer.rb +32 -47
- data/app/models/concerns/rails_jwt_auth/authenticatable.rb +31 -25
- data/app/models/concerns/rails_jwt_auth/confirmable.rb +54 -47
- data/app/models/concerns/rails_jwt_auth/invitable.rb +10 -11
- data/app/models/concerns/rails_jwt_auth/recoverable.rb +29 -28
- data/app/models/concerns/rails_jwt_auth/trackable.rb +1 -1
- data/app/views/rails_jwt_auth/mailer/confirmation_instructions.html.erb +2 -2
- data/app/views/rails_jwt_auth/mailer/reset_password_instructions.html.erb +2 -2
- data/app/views/rails_jwt_auth/mailer/send_invitation.html.erb +2 -2
- data/app/views/rails_jwt_auth/mailer/set_password_instructions.html.erb +2 -2
- data/lib/generators/rails_jwt_auth/install_generator.rb +4 -5
- data/lib/generators/rails_jwt_auth/migrate_generator.rb +17 -0
- data/lib/generators/templates/initializer.rb +15 -18
- data/lib/generators/templates/migration.rb +29 -0
- data/lib/rails_jwt_auth.rb +54 -20
- data/lib/rails_jwt_auth/engine.rb +0 -21
- data/lib/rails_jwt_auth/jwt_manager.rb +33 -0
- data/lib/rails_jwt_auth/spec_helpers.rb +15 -0
- data/lib/rails_jwt_auth/version.rb +1 -1
- metadata +8 -10
- data/app/controllers/concerns/rails_jwt_auth/warden_helper.rb +0 -29
- data/lib/rails_jwt_auth/jwt/manager.rb +0 -41
- data/lib/rails_jwt_auth/jwt/request.rb +0 -34
- data/lib/rails_jwt_auth/spec/helpers.rb +0 -17
- data/lib/rails_jwt_auth/spec/not_authorized.rb +0 -6
- data/lib/rails_jwt_auth/strategies/jwt.rb +0 -17
- data/lib/tasks/rails_token_jwt_tasks.rake +0 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f63639f1e2a7e76f1cc66542856d1830315f24b1e372410ee0b96bac84396c20
|
4
|
+
data.tar.gz: 128da4d690fb05962cec78e8d4be797d66aa52945ca1b6524fcda05c17627c51
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: db297edd6467c31e019b55a092a207042f5f7fbecfe7b5fede45d7163a66f3731e37b39bfe3e02b4313da96464310c8e00db1c0f4a311e48d3f302ed03b05718
|
7
|
+
data.tar.gz: ed60a1e8d6dced010c39d64c9bcedd5d0231049b09725de346c0ef17581d72a18b57ba6efc96d7da7709b41ef39365da295a3857d42e5894e874ffda787c39ec
|
data/README.md
CHANGED
@@ -1,8 +1,12 @@
|
|
1
1
|
# RailsJwtAuth
|
2
|
+
|
2
3
|
[](https://badge.fury.io/rb/rails_jwt_auth)
|
3
4
|

|
4
5
|
|
5
|
-
Rails-API authentication solution based on
|
6
|
+
Rails-API authentication solution based on JWT and inspired by Devise.
|
7
|
+
|
8
|
+
This is documentation for version `1.x`. If you are using `0.x` version use this
|
9
|
+
[link](https://github.com/rjurado01/rails_jwt_auth/tree/0.x)
|
6
10
|
|
7
11
|
## Installation
|
8
12
|
|
@@ -30,228 +34,83 @@ Finally execute:
|
|
30
34
|
rails g rails_jwt_auth:install
|
31
35
|
```
|
32
36
|
|
33
|
-
|
34
|
-
|
35
|
-
You can edit configuration options into `config/initializers/auth_token_auth.rb` file created by generator.
|
36
|
-
|
37
|
-
| Option | Default value | Description |
|
38
|
-
| ------------------------------ | ----------------- | --------------------------------------------------------------------- |
|
39
|
-
| model_name | 'User' | Authentication model name |
|
40
|
-
| auth_field_name | 'email' | Field used to authenticate user with password |
|
41
|
-
| auth_field_email | true | Validate auth field email format |
|
42
|
-
| email_regex | see config file | Regex used to Validate email format |
|
43
|
-
| jwt_expiration_time | 7.days | Tokens expiration time |
|
44
|
-
| jwt_issuer | 'RailsJwtAuth' | The "iss" (issuer) claim identifies the principal that issued the JWT |
|
45
|
-
| simultaneous_sessions | 2 | Number of simultaneous sessions for an user |
|
46
|
-
| mailer_sender | | E-mail address which will be shown in RailsJwtAuth::Mailer |
|
47
|
-
| confirmation_url | confirmation_path | Url used to create email link with confirmation token |
|
48
|
-
| confirmation_expiration_time | 1.day | Confirmation token expiration time |
|
49
|
-
| reset_password_url | password_path | Url used to create email link with reset password token |
|
50
|
-
| reset_password_expiration_time | 1.day | Confirmation token expiration time |
|
51
|
-
| set_password_url | password_path | Url used to create email link with set password token |
|
52
|
-
| deliver_later | false | Uses `deliver_later` method to send emails |
|
53
|
-
| invitation_expiration_time | 2.days | Time an invitation is valid and can be accepted |
|
54
|
-
| accept_invitation_url | invitations_path | URL used to create email link with invitation token |
|
55
|
-
|
56
|
-
## Authenticatable
|
57
|
-
|
58
|
-
Hashes and stores a password in the database to validate the authenticity of a user while signing in.
|
59
|
-
|
60
|
-
### ActiveRecord
|
61
|
-
|
62
|
-
Include `RailsJwtAuth::Authenticatable` module into your User class:
|
63
|
-
|
64
|
-
```ruby
|
65
|
-
# app/models/user.rb
|
66
|
-
class User < ApplicationRecord
|
67
|
-
include RailsJwtAuth::Authenticatable
|
68
|
-
end
|
69
|
-
```
|
70
|
-
|
71
|
-
and create a migration to add authenticable fields to User model:
|
72
|
-
|
73
|
-
```ruby
|
74
|
-
# example migration
|
75
|
-
create_table :users do |t|
|
76
|
-
t.string :email
|
77
|
-
t.string :password_digest
|
78
|
-
t.string :auth_tokens
|
79
|
-
end
|
80
|
-
```
|
81
|
-
|
82
|
-
### Mongoid
|
83
|
-
|
84
|
-
Include `RailsJwtAuth::Authenticatable` module into your User class:
|
37
|
+
Only for ActiveRecord, generate migrations:
|
85
38
|
|
86
|
-
```
|
87
|
-
|
88
|
-
class User
|
89
|
-
include Mongoid::Document
|
90
|
-
include RailsJwtAuth::Authenticatable
|
91
|
-
end
|
39
|
+
```bash
|
40
|
+
rails g rails_jwt_auth:migrate
|
92
41
|
```
|
93
42
|
|
94
|
-
|
95
|
-
|
96
|
-
## Confirmable
|
97
|
-
|
98
|
-
Sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
|
43
|
+
## Configuration
|
99
44
|
|
100
|
-
|
45
|
+
You can edit configuration options into `config/initializers/auth_token_auth.rb` file created by generator.
|
101
46
|
|
102
|
-
|
47
|
+
| Option | Default value | Description |
|
48
|
+
| ------------------------------ | ----------------- | ---------------------------------------------------------------------- |
|
49
|
+
| model_name | 'User' | Authentication model name |
|
50
|
+
| auth_field_name | 'email' | Field used to authenticate user with password |
|
51
|
+
| email_auth_field | 'email' | Field used to send emails |
|
52
|
+
| jwt_expiration_time | 7.days | Tokens expiration time |
|
53
|
+
| jwt_issuer | 'RailsJwtAuth' | The "iss" (issuer) claim identifies the principal that issued the JWT |
|
54
|
+
| simultaneous_sessions | 2 | Number of simultaneous sessions for an user. Set 0 to disable sessions |
|
55
|
+
| mailer_sender | | E-mail address which will be shown in RailsJwtAuth::Mailer |
|
56
|
+
| confirmation_expiration_time | 1.day | Confirmation token expiration time |
|
57
|
+
| reset_password_expiration_time | 1.day | Confirmation token expiration time |
|
58
|
+
| deliver_later | false | Uses `deliver_later` method to send emails |
|
59
|
+
| invitation_expiration_time | 2.days | Time an invitation is valid and can be accepted |
|
60
|
+
| confirmations_url | nil | Url used to create email link with confirmation token |
|
61
|
+
| reset_passwords_url | nil | Url used to create email link with reset password token |
|
62
|
+
| set_passwords_url | nil | Url used to create email link with set password token |
|
63
|
+
| invitationss_url | nil | Url used to create email link with invitation token |
|
64
|
+
|
65
|
+
## Modules
|
66
|
+
|
67
|
+
| Module | Description |
|
68
|
+
| ------------- | --------------------------------------------------------------------------------------------------------------- |
|
69
|
+
| Authenticable | Hashes and stores a password in the database to validate the authenticity of a user while signing in |
|
70
|
+
| Confirmable | Sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in |
|
71
|
+
| Recoverable | Resets the user password and sends reset instructions |
|
72
|
+
| Trackable | Tracks sign in timestamps and IP address |
|
73
|
+
| Invitable | Allows you to invite an user to your application sending an invitation mail |
|
74
|
+
|
75
|
+
### Examples
|
76
|
+
|
77
|
+
For next examples `auth_field_name` and `email_field_name` are configured to use the field `email`.
|
78
|
+
|
79
|
+
**ActiveRecord**
|
103
80
|
|
104
81
|
```ruby
|
105
82
|
# app/models/user.rb
|
106
83
|
class User < ApplicationRecord
|
107
84
|
include RailsJwtAuth::Authenticatable
|
108
85
|
include RailsJwtAuth::Confirmable
|
109
|
-
end
|
110
|
-
```
|
111
|
-
|
112
|
-
and create a migration to add confirmation fields to User model:
|
113
|
-
|
114
|
-
```ruby
|
115
|
-
# example migration
|
116
|
-
change_table :users do |t|
|
117
|
-
t.string :email # if it doesn't exist yet
|
118
|
-
t.string :unconfirmed_email
|
119
|
-
t.string :confirmation_token
|
120
|
-
t.datetime :confirmation_sent_at
|
121
|
-
t.datetime :confirmed_at
|
122
|
-
end
|
123
|
-
```
|
124
|
-
|
125
|
-
### Mongoid
|
126
|
-
|
127
|
-
Include `RailsJwtAuth::Confirmable` module into your User class:
|
128
|
-
|
129
|
-
```ruby
|
130
|
-
# app/models/user.rb
|
131
|
-
class User
|
132
|
-
include Mongoid::Document
|
133
|
-
include RailsJwtAuth::Authenticatable
|
134
|
-
include RailsJwtAuth::Confirmable
|
135
|
-
end
|
136
|
-
```
|
137
|
-
|
138
|
-
This module needs that model has `email` field.
|
139
|
-
|
140
|
-
## Recoverable
|
141
|
-
|
142
|
-
Resets the user password and sends reset instructions
|
143
|
-
|
144
|
-
### ActiveRecord
|
145
|
-
|
146
|
-
Include `RailsJwtAuth::Recoverable` module into your User class:
|
147
|
-
|
148
|
-
```ruby
|
149
|
-
# app/models/user.rb
|
150
|
-
class User < ApplicationRecord
|
151
|
-
include RailsJwtAuth::Authenticatable
|
152
86
|
include RailsJwtAuth::Recoverable
|
153
|
-
end
|
154
|
-
```
|
155
|
-
|
156
|
-
and create a migration to add recoverable fields to User model:
|
157
|
-
|
158
|
-
```ruby
|
159
|
-
# example migration
|
160
|
-
change_table :users do |t|
|
161
|
-
t.string :reset_password_token
|
162
|
-
t.datetime :reset_password_sent_at
|
163
|
-
end
|
164
|
-
```
|
165
|
-
|
166
|
-
### Mongoid
|
167
|
-
|
168
|
-
Include `RailsJwtAuth::Recoverable` module into your User class:
|
169
|
-
|
170
|
-
```ruby
|
171
|
-
# app/models/user.rb
|
172
|
-
class User
|
173
|
-
include Mongoid::Document
|
174
|
-
include RailsJwtAuth::Authenticatable
|
175
|
-
include RailsJwtAuth::Recoverable
|
176
|
-
end
|
177
|
-
```
|
178
|
-
|
179
|
-
## Trackable
|
180
|
-
|
181
|
-
Tracks sign in timestamps and IP address.
|
182
|
-
|
183
|
-
### ActiveRecord
|
184
|
-
|
185
|
-
Include `RailsJwtAuth::Trackable` module into your User class:
|
186
|
-
|
187
|
-
```ruby
|
188
|
-
# app/models/user.rb
|
189
|
-
class User < ApplicationRecord
|
190
|
-
include RailsJwtAuth::Authenticatable
|
191
87
|
include RailsJwtAuth::Trackable
|
192
|
-
|
193
|
-
```
|
194
|
-
|
195
|
-
and create a migration to add recoverable fields to User model:
|
88
|
+
include RailsJwtAuth::Invitable
|
196
89
|
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
t.string :last_sign_in_ip
|
201
|
-
t.datetime :last_sign_in_at
|
90
|
+
validates :email, presence: true,
|
91
|
+
uniqueness: true,
|
92
|
+
format: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
202
93
|
end
|
203
94
|
```
|
204
95
|
|
205
|
-
|
96
|
+
Ensure you have executed migrate task: `rails g rails_jwt_auth:migrate` and you have uncomented all modules fields.
|
206
97
|
|
207
|
-
|
98
|
+
**Mongoid**
|
208
99
|
|
209
100
|
```ruby
|
210
|
-
# app/models/user.rb
|
211
101
|
class User
|
212
102
|
include Mongoid::Document
|
213
103
|
include RailsJwtAuth::Authenticatable
|
104
|
+
include RailsJwtAuth::Confirmable
|
105
|
+
include RailsJwtAuth::Recoverable
|
214
106
|
include RailsJwtAuth::Trackable
|
215
|
-
end
|
216
|
-
```
|
217
|
-
|
218
|
-
## Invitable
|
219
|
-
|
220
|
-
This module allows you to invite an user to your application sending an invitation mail with a unique link and complete registration by setting user's password.
|
221
|
-
|
222
|
-
### ActiveRecord
|
223
|
-
|
224
|
-
Include `RailsJwtAuth::Invitable` module in your User model:
|
225
|
-
|
226
|
-
```ruby
|
227
|
-
# app/models/user.rb
|
228
|
-
class User < ApplicationRecord
|
229
|
-
include RailsJwtAuth::Authenticatable
|
230
107
|
include RailsJwtAuth::Invitable
|
231
|
-
end
|
232
|
-
```
|
233
108
|
|
234
|
-
|
109
|
+
field :email, type: String
|
235
110
|
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
t.string :invitation_token
|
240
|
-
t.datetime :invitation_sent_at
|
241
|
-
t.datetime :invitation_accepted_at
|
242
|
-
t.datetime :invitation_created_at
|
243
|
-
end
|
244
|
-
```
|
245
|
-
|
246
|
-
### Mongoid
|
247
|
-
|
248
|
-
Include `RailsJwtAuth::Invitable` module in your User model:
|
249
|
-
|
250
|
-
```ruby
|
251
|
-
# app/models/user.rb
|
252
|
-
class User < ApplicationRecord
|
253
|
-
include RailsJwtAuth::Authenticatable
|
254
|
-
include RailsJwtAuth::Invitable
|
111
|
+
validates :email, presence: true,
|
112
|
+
uniqueness: true,
|
113
|
+
format: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
255
114
|
end
|
256
115
|
```
|
257
116
|
|
@@ -259,12 +118,12 @@ end
|
|
259
118
|
|
260
119
|
RailsJwtAuth will create some helpers to use inside your controllers.
|
261
120
|
|
262
|
-
To use this helpers we need to include `
|
121
|
+
To use this helpers we need to include `AuthenticableHelper` into `ApplicationController`:
|
263
122
|
|
264
123
|
```ruby
|
265
124
|
# app/controllers/application_controller.rb
|
266
125
|
class ApplicationController < ActionController::API
|
267
|
-
include RailsJwtAuth::
|
126
|
+
include RailsJwtAuth::AuthenticableHelper
|
268
127
|
end
|
269
128
|
```
|
270
129
|
|
@@ -292,7 +151,7 @@ end
|
|
292
151
|
|
293
152
|
### Session
|
294
153
|
|
295
|
-
Session api is defined by RailsJwtAuth::SessionsController
|
154
|
+
Session api is defined by `RailsJwtAuth::SessionsController`.
|
296
155
|
|
297
156
|
1. Get session token:
|
298
157
|
|
@@ -321,7 +180,7 @@ Session api is defined by RailsJwtAuth::SessionsController.
|
|
321
180
|
|
322
181
|
### Registration
|
323
182
|
|
324
|
-
Registration api is defined by RailsJwtAuth::RegistrationsController
|
183
|
+
Registration api is defined by `RailsJwtAuth::RegistrationsController`.
|
325
184
|
|
326
185
|
1. Register user:
|
327
186
|
|
@@ -350,7 +209,7 @@ Registration api is defined by RailsJwtAuth::RegistrationsController.
|
|
350
209
|
|
351
210
|
### Confirmation
|
352
211
|
|
353
|
-
Confirmation api is defined by RailsJwtAuth::ConfirmationsController
|
212
|
+
Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
354
213
|
|
355
214
|
1. Confirm user:
|
356
215
|
|
@@ -380,7 +239,7 @@ Confirmation api is defined by RailsJwtAuth::ConfirmationsController.
|
|
380
239
|
|
381
240
|
### Password
|
382
241
|
|
383
|
-
Password api is defined by RailsJwtAuth::PasswordsController
|
242
|
+
Password api is defined by `RailsJwtAuth::PasswordsController`.
|
384
243
|
|
385
244
|
1. Send reset password email:
|
386
245
|
|
@@ -414,7 +273,7 @@ Password api is defined by RailsJwtAuth::PasswordsController.
|
|
414
273
|
|
415
274
|
### Invitations
|
416
275
|
|
417
|
-
Invitations api is provided by RailsJwtAuth::InvitationsController
|
276
|
+
Invitations api is provided by `RailsJwtAuth::InvitationsController`.
|
418
277
|
|
419
278
|
1. Create an invitation and send email:
|
420
279
|
|
@@ -555,29 +414,28 @@ end
|
|
555
414
|
Require the RailsJwtAuth::Spec::Helpers helper module in `rails_helper.rb`.
|
556
415
|
|
557
416
|
```ruby
|
558
|
-
|
417
|
+
require 'rails_jwt_auth/spec_helpers'
|
418
|
+
...
|
419
|
+
RSpec.configure do |config|
|
559
420
|
...
|
560
|
-
|
561
|
-
|
562
|
-
config.include RailsJwtAuth::Spec::Helpers, :type => :controller
|
563
|
-
end
|
421
|
+
config.include RailsJwtAuth::Spec::Helpers, :type => :controller
|
422
|
+
end
|
564
423
|
```
|
565
424
|
|
566
|
-
And then we can just call sign_in(user) to sign in as a user
|
425
|
+
And then we can just call sign_in(user) to sign in as a user:
|
567
426
|
|
568
427
|
```ruby
|
569
|
-
|
570
|
-
|
571
|
-
|
572
|
-
|
573
|
-
end
|
428
|
+
describe ExampleController
|
429
|
+
it "blocks unauthenticated access" do
|
430
|
+
expect { get :index }.to raise_error(RailsJwtAuth::Errors::NotAuthorized)
|
431
|
+
end
|
574
432
|
|
575
|
-
|
576
|
-
|
577
|
-
|
578
|
-
|
579
|
-
end
|
433
|
+
it "allows authenticated access" do
|
434
|
+
sign_in user
|
435
|
+
get :index
|
436
|
+
expect(response).to be_success
|
580
437
|
end
|
438
|
+
end
|
581
439
|
```
|
582
440
|
|
583
441
|
## Locales
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module RailsJwtAuth
|
2
|
+
NotAuthorized = Class.new(StandardError)
|
3
|
+
|
4
|
+
module AuthenticableHelper
|
5
|
+
def current_user
|
6
|
+
@current_user
|
7
|
+
end
|
8
|
+
|
9
|
+
def signed_in?
|
10
|
+
!current_user.nil?
|
11
|
+
end
|
12
|
+
|
13
|
+
def authenticate!
|
14
|
+
begin
|
15
|
+
payload = RailsJwtAuth::JwtManager.decode_from_request(request).first
|
16
|
+
rescue JWT::ExpiredSignature, JWT::VerificationError, JWT::DecodeError
|
17
|
+
unauthorize!
|
18
|
+
end
|
19
|
+
|
20
|
+
if !@current_user = RailsJwtAuth.model.from_token_payload(payload)
|
21
|
+
unauthorize!
|
22
|
+
elsif @current_user.respond_to? :update_tracked_fields!
|
23
|
+
@current_user.update_tracked_fields!(request)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def unauthorize!
|
28
|
+
raise NotAuthorized
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -11,12 +11,9 @@ module RailsJwtAuth
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def update
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
user = RailsJwtAuth.model.where(confirmation_token: params[:confirmation_token]).first
|
19
|
-
return render_422(confirmation_token: [{error: :not_found}]) unless user
|
14
|
+
return render_404 unless
|
15
|
+
params[:id] &&
|
16
|
+
(user = RailsJwtAuth.model.where(confirmation_token: params[:id]).first)
|
20
17
|
|
21
18
|
user.confirm! ? render_204 : render_422(user.errors.details)
|
22
19
|
end
|