rails_jwt_auth 1.4.1 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2c14c4018d6e871d503f3573886bdc7822a620859aef7b32f0a719a2252b5aa8
|
|
4
|
+
data.tar.gz: 4d4e2c16de9787f6c7b940274a3583e112b81cd438623528e0b4cdbc5840b6a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c4caceaa1fdcb313994525a8d734df570202beccd88f9f76131e5d5ba46c4c551a87ac3091261e92feb46339e6a52b3fe407c4768b62f6c834508b1193713dc
|
|
7
|
+
data.tar.gz: 427687273a0d51fc837cac6ed841363d707ef87790b1a0d52283ca33bc9a1484e16ae1c5c4691b3649687b1cd2ce9e3a83827aa61afe1757a589b416f2b1d05b
|
data/README.md
CHANGED
|
@@ -59,7 +59,7 @@ rails g rails_jwt_auth:migrate
|
|
|
59
59
|
|
|
60
60
|
## Configuration
|
|
61
61
|
|
|
62
|
-
You can edit configuration options into `config/initializers/
|
|
62
|
+
You can edit configuration options into `config/initializers/rails_jwt_auth.rb` file created by generator.
|
|
63
63
|
|
|
64
64
|
| Option | Default value | Description |
|
|
65
65
|
| ------------------------------- | ----------------- | ---------------------------------------------------------------------- |
|
|
@@ -187,6 +187,10 @@ end
|
|
|
187
187
|
|
|
188
188
|
Return current signed-in user.
|
|
189
189
|
|
|
190
|
+
- **jwt_payload**
|
|
191
|
+
|
|
192
|
+
Return current jwt payload.
|
|
193
|
+
|
|
190
194
|
- **signed_in?**
|
|
191
195
|
|
|
192
196
|
Verify if a user is signed in.
|
|
@@ -205,8 +209,8 @@ Session api is defined by `RailsJwtAuth::SessionsController`.
|
|
|
205
209
|
method: POST,
|
|
206
210
|
data: {
|
|
207
211
|
session: {
|
|
208
|
-
email:
|
|
209
|
-
password:
|
|
212
|
+
email: 'user@email.com',
|
|
213
|
+
password: '12345678'
|
|
210
214
|
}
|
|
211
215
|
}
|
|
212
216
|
}
|
|
@@ -234,8 +238,8 @@ Registration api is defined by `RailsJwtAuth::RegistrationsController`.
|
|
|
234
238
|
method: POST,
|
|
235
239
|
data: {
|
|
236
240
|
user: {
|
|
237
|
-
email:
|
|
238
|
-
password:
|
|
241
|
+
email: 'user@email.com',
|
|
242
|
+
password: '12345678'
|
|
239
243
|
}
|
|
240
244
|
}
|
|
241
245
|
}
|
|
@@ -245,6 +249,8 @@ Registration api is defined by `RailsJwtAuth::RegistrationsController`.
|
|
|
245
249
|
|
|
246
250
|
Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
247
251
|
|
|
252
|
+
It is necessary to set a value for `confirmations_url` option into `config/initializers/rails_jwt_auth.rb`.
|
|
253
|
+
|
|
248
254
|
1. Confirm user:
|
|
249
255
|
|
|
250
256
|
```js
|
|
@@ -252,7 +258,7 @@ Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
|
252
258
|
url: host/confirmation,
|
|
253
259
|
method: PUT
|
|
254
260
|
data: {
|
|
255
|
-
confirmation_token:
|
|
261
|
+
confirmation_token: 'token'
|
|
256
262
|
}
|
|
257
263
|
}
|
|
258
264
|
```
|
|
@@ -265,7 +271,7 @@ Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
|
265
271
|
method: POST,
|
|
266
272
|
data: {
|
|
267
273
|
confirmation: {
|
|
268
|
-
email:
|
|
274
|
+
email: 'user@example.com'
|
|
269
275
|
}
|
|
270
276
|
}
|
|
271
277
|
}
|
|
@@ -283,7 +289,7 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
|
|
|
283
289
|
method: POST,
|
|
284
290
|
data: {
|
|
285
291
|
password: {
|
|
286
|
-
email:
|
|
292
|
+
email: 'user@example.com'
|
|
287
293
|
}
|
|
288
294
|
}
|
|
289
295
|
}
|
|
@@ -296,7 +302,7 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
|
|
|
296
302
|
url: host/password,
|
|
297
303
|
method: PUT,
|
|
298
304
|
data: {
|
|
299
|
-
reset_password_token:
|
|
305
|
+
reset_password_token: 'token',
|
|
300
306
|
password: {
|
|
301
307
|
password: '1234',
|
|
302
308
|
password_confirmation: '1234'
|
|
@@ -317,7 +323,7 @@ Invitations api is provided by `RailsJwtAuth::InvitationsController`.
|
|
|
317
323
|
method: POST,
|
|
318
324
|
data: {
|
|
319
325
|
invitation: {
|
|
320
|
-
email:
|
|
326
|
+
email: 'user@example.com',
|
|
321
327
|
// More fields of your user
|
|
322
328
|
}
|
|
323
329
|
}
|
|
@@ -426,7 +432,10 @@ class CurrentUserController < ApplicationController
|
|
|
426
432
|
|
|
427
433
|
def update
|
|
428
434
|
if update_params[:password]
|
|
429
|
-
|
|
435
|
+
# update password and remove other sessions tokens
|
|
436
|
+
current_user.update_with_password(
|
|
437
|
+
update_params.merge(auth_tokens: [jwt_payload['auth_token']])
|
|
438
|
+
)
|
|
430
439
|
else
|
|
431
440
|
current_user.update_attributes(update_params)
|
|
432
441
|
end
|
|
@@ -471,7 +480,7 @@ require 'rails_jwt_auth/spec_helpers'
|
|
|
471
480
|
...
|
|
472
481
|
RSpec.configure do |config|
|
|
473
482
|
...
|
|
474
|
-
config.include RailsJwtAuth::SpecHelpers, :
|
|
483
|
+
config.include RailsJwtAuth::SpecHelpers, type: :controller
|
|
475
484
|
end
|
|
476
485
|
```
|
|
477
486
|
|
|
@@ -479,11 +488,11 @@ And then we can just call sign_in(user) to sign in as a user:
|
|
|
479
488
|
|
|
480
489
|
```ruby
|
|
481
490
|
describe ExampleController
|
|
482
|
-
it
|
|
483
|
-
expect { get :index }.to raise_error(RailsJwtAuth::
|
|
491
|
+
it 'blocks unauthenticated access' do
|
|
492
|
+
expect { get :index }.to raise_error(RailsJwtAuth::NotAuthorized)
|
|
484
493
|
end
|
|
485
494
|
|
|
486
|
-
it
|
|
495
|
+
it 'allows authenticated access' do
|
|
487
496
|
sign_in user
|
|
488
497
|
get :index
|
|
489
498
|
expect(response).to be_success
|
|
@@ -6,18 +6,22 @@ module RailsJwtAuth
|
|
|
6
6
|
@current_user
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
+
def jwt_payload
|
|
10
|
+
@jwt_payload
|
|
11
|
+
end
|
|
12
|
+
|
|
9
13
|
def signed_in?
|
|
10
14
|
!current_user.nil?
|
|
11
15
|
end
|
|
12
16
|
|
|
13
17
|
def authenticate!
|
|
14
18
|
begin
|
|
15
|
-
|
|
19
|
+
@jwt_payload = RailsJwtAuth::JwtManager.decode_from_request(request).first
|
|
16
20
|
rescue JWT::ExpiredSignature, JWT::VerificationError, JWT::DecodeError
|
|
17
21
|
unauthorize!
|
|
18
22
|
end
|
|
19
23
|
|
|
20
|
-
if !@current_user = RailsJwtAuth.model.from_token_payload(
|
|
24
|
+
if !@current_user = RailsJwtAuth.model.from_token_payload(@jwt_payload)
|
|
21
25
|
unauthorize!
|
|
22
26
|
elsif @current_user.respond_to? :update_tracked_fields!
|
|
23
27
|
@current_user.update_tracked_fields!(request)
|
|
@@ -26,8 +30,8 @@ module RailsJwtAuth
|
|
|
26
30
|
|
|
27
31
|
def authenticate
|
|
28
32
|
begin
|
|
29
|
-
|
|
30
|
-
@current_user = RailsJwtAuth.model.from_token_payload(
|
|
33
|
+
@jwt_payload = RailsJwtAuth::JwtManager.decode_from_request(request).first
|
|
34
|
+
@current_user = RailsJwtAuth.model.from_token_payload(@jwt_payload)
|
|
31
35
|
rescue JWT::ExpiredSignature, JWT::VerificationError, JWT::DecodeError
|
|
32
36
|
@current_user = nil
|
|
33
37
|
end
|
|
@@ -14,7 +14,10 @@ module RailsJwtAuth
|
|
|
14
14
|
validate :validate_reset_password_token, if: :password_digest_changed?
|
|
15
15
|
|
|
16
16
|
before_update do
|
|
17
|
-
|
|
17
|
+
if password_digest_changed? && reset_password_token
|
|
18
|
+
self.reset_password_token = nil
|
|
19
|
+
self.auth_tokens = []
|
|
20
|
+
end
|
|
18
21
|
end
|
|
19
22
|
end
|
|
20
23
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- rjurado
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-02-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bcrypt
|