rails_jwt_auth 1.4.1 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2c14c4018d6e871d503f3573886bdc7822a620859aef7b32f0a719a2252b5aa8
|
|
4
|
+
data.tar.gz: 4d4e2c16de9787f6c7b940274a3583e112b81cd438623528e0b4cdbc5840b6a5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6c4caceaa1fdcb313994525a8d734df570202beccd88f9f76131e5d5ba46c4c551a87ac3091261e92feb46339e6a52b3fe407c4768b62f6c834508b1193713dc
|
|
7
|
+
data.tar.gz: 427687273a0d51fc837cac6ed841363d707ef87790b1a0d52283ca33bc9a1484e16ae1c5c4691b3649687b1cd2ce9e3a83827aa61afe1757a589b416f2b1d05b
|
data/README.md
CHANGED
|
@@ -59,7 +59,7 @@ rails g rails_jwt_auth:migrate
|
|
|
59
59
|
|
|
60
60
|
## Configuration
|
|
61
61
|
|
|
62
|
-
You can edit configuration options into `config/initializers/
|
|
62
|
+
You can edit configuration options into `config/initializers/rails_jwt_auth.rb` file created by generator.
|
|
63
63
|
|
|
64
64
|
| Option | Default value | Description |
|
|
65
65
|
| ------------------------------- | ----------------- | ---------------------------------------------------------------------- |
|
|
@@ -187,6 +187,10 @@ end
|
|
|
187
187
|
|
|
188
188
|
Return current signed-in user.
|
|
189
189
|
|
|
190
|
+
- **jwt_payload**
|
|
191
|
+
|
|
192
|
+
Return current jwt payload.
|
|
193
|
+
|
|
190
194
|
- **signed_in?**
|
|
191
195
|
|
|
192
196
|
Verify if a user is signed in.
|
|
@@ -205,8 +209,8 @@ Session api is defined by `RailsJwtAuth::SessionsController`.
|
|
|
205
209
|
method: POST,
|
|
206
210
|
data: {
|
|
207
211
|
session: {
|
|
208
|
-
email:
|
|
209
|
-
password:
|
|
212
|
+
email: 'user@email.com',
|
|
213
|
+
password: '12345678'
|
|
210
214
|
}
|
|
211
215
|
}
|
|
212
216
|
}
|
|
@@ -234,8 +238,8 @@ Registration api is defined by `RailsJwtAuth::RegistrationsController`.
|
|
|
234
238
|
method: POST,
|
|
235
239
|
data: {
|
|
236
240
|
user: {
|
|
237
|
-
email:
|
|
238
|
-
password:
|
|
241
|
+
email: 'user@email.com',
|
|
242
|
+
password: '12345678'
|
|
239
243
|
}
|
|
240
244
|
}
|
|
241
245
|
}
|
|
@@ -245,6 +249,8 @@ Registration api is defined by `RailsJwtAuth::RegistrationsController`.
|
|
|
245
249
|
|
|
246
250
|
Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
247
251
|
|
|
252
|
+
It is necessary to set a value for `confirmations_url` option into `config/initializers/rails_jwt_auth.rb`.
|
|
253
|
+
|
|
248
254
|
1. Confirm user:
|
|
249
255
|
|
|
250
256
|
```js
|
|
@@ -252,7 +258,7 @@ Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
|
252
258
|
url: host/confirmation,
|
|
253
259
|
method: PUT
|
|
254
260
|
data: {
|
|
255
|
-
confirmation_token:
|
|
261
|
+
confirmation_token: 'token'
|
|
256
262
|
}
|
|
257
263
|
}
|
|
258
264
|
```
|
|
@@ -265,7 +271,7 @@ Confirmation api is defined by `RailsJwtAuth::ConfirmationsController`.
|
|
|
265
271
|
method: POST,
|
|
266
272
|
data: {
|
|
267
273
|
confirmation: {
|
|
268
|
-
email:
|
|
274
|
+
email: 'user@example.com'
|
|
269
275
|
}
|
|
270
276
|
}
|
|
271
277
|
}
|
|
@@ -283,7 +289,7 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
|
|
|
283
289
|
method: POST,
|
|
284
290
|
data: {
|
|
285
291
|
password: {
|
|
286
|
-
email:
|
|
292
|
+
email: 'user@example.com'
|
|
287
293
|
}
|
|
288
294
|
}
|
|
289
295
|
}
|
|
@@ -296,7 +302,7 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
|
|
|
296
302
|
url: host/password,
|
|
297
303
|
method: PUT,
|
|
298
304
|
data: {
|
|
299
|
-
reset_password_token:
|
|
305
|
+
reset_password_token: 'token',
|
|
300
306
|
password: {
|
|
301
307
|
password: '1234',
|
|
302
308
|
password_confirmation: '1234'
|
|
@@ -317,7 +323,7 @@ Invitations api is provided by `RailsJwtAuth::InvitationsController`.
|
|
|
317
323
|
method: POST,
|
|
318
324
|
data: {
|
|
319
325
|
invitation: {
|
|
320
|
-
email:
|
|
326
|
+
email: 'user@example.com',
|
|
321
327
|
// More fields of your user
|
|
322
328
|
}
|
|
323
329
|
}
|
|
@@ -426,7 +432,10 @@ class CurrentUserController < ApplicationController
|
|
|
426
432
|
|
|
427
433
|
def update
|
|
428
434
|
if update_params[:password]
|
|
429
|
-
|
|
435
|
+
# update password and remove other sessions tokens
|
|
436
|
+
current_user.update_with_password(
|
|
437
|
+
update_params.merge(auth_tokens: [jwt_payload['auth_token']])
|
|
438
|
+
)
|
|
430
439
|
else
|
|
431
440
|
current_user.update_attributes(update_params)
|
|
432
441
|
end
|
|
@@ -471,7 +480,7 @@ require 'rails_jwt_auth/spec_helpers'
|
|
|
471
480
|
...
|
|
472
481
|
RSpec.configure do |config|
|
|
473
482
|
...
|
|
474
|
-
config.include RailsJwtAuth::SpecHelpers, :
|
|
483
|
+
config.include RailsJwtAuth::SpecHelpers, type: :controller
|
|
475
484
|
end
|
|
476
485
|
```
|
|
477
486
|
|
|
@@ -479,11 +488,11 @@ And then we can just call sign_in(user) to sign in as a user:
|
|
|
479
488
|
|
|
480
489
|
```ruby
|
|
481
490
|
describe ExampleController
|
|
482
|
-
it
|
|
483
|
-
expect { get :index }.to raise_error(RailsJwtAuth::
|
|
491
|
+
it 'blocks unauthenticated access' do
|
|
492
|
+
expect { get :index }.to raise_error(RailsJwtAuth::NotAuthorized)
|
|
484
493
|
end
|
|
485
494
|
|
|
486
|
-
it
|
|
495
|
+
it 'allows authenticated access' do
|
|
487
496
|
sign_in user
|
|
488
497
|
get :index
|
|
489
498
|
expect(response).to be_success
|
|
@@ -6,18 +6,22 @@ module RailsJwtAuth
|
|
|
6
6
|
@current_user
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
+
def jwt_payload
|
|
10
|
+
@jwt_payload
|
|
11
|
+
end
|
|
12
|
+
|
|
9
13
|
def signed_in?
|
|
10
14
|
!current_user.nil?
|
|
11
15
|
end
|
|
12
16
|
|
|
13
17
|
def authenticate!
|
|
14
18
|
begin
|
|
15
|
-
|
|
19
|
+
@jwt_payload = RailsJwtAuth::JwtManager.decode_from_request(request).first
|
|
16
20
|
rescue JWT::ExpiredSignature, JWT::VerificationError, JWT::DecodeError
|
|
17
21
|
unauthorize!
|
|
18
22
|
end
|
|
19
23
|
|
|
20
|
-
if !@current_user = RailsJwtAuth.model.from_token_payload(
|
|
24
|
+
if !@current_user = RailsJwtAuth.model.from_token_payload(@jwt_payload)
|
|
21
25
|
unauthorize!
|
|
22
26
|
elsif @current_user.respond_to? :update_tracked_fields!
|
|
23
27
|
@current_user.update_tracked_fields!(request)
|
|
@@ -26,8 +30,8 @@ module RailsJwtAuth
|
|
|
26
30
|
|
|
27
31
|
def authenticate
|
|
28
32
|
begin
|
|
29
|
-
|
|
30
|
-
@current_user = RailsJwtAuth.model.from_token_payload(
|
|
33
|
+
@jwt_payload = RailsJwtAuth::JwtManager.decode_from_request(request).first
|
|
34
|
+
@current_user = RailsJwtAuth.model.from_token_payload(@jwt_payload)
|
|
31
35
|
rescue JWT::ExpiredSignature, JWT::VerificationError, JWT::DecodeError
|
|
32
36
|
@current_user = nil
|
|
33
37
|
end
|
|
@@ -14,7 +14,10 @@ module RailsJwtAuth
|
|
|
14
14
|
validate :validate_reset_password_token, if: :password_digest_changed?
|
|
15
15
|
|
|
16
16
|
before_update do
|
|
17
|
-
|
|
17
|
+
if password_digest_changed? && reset_password_token
|
|
18
|
+
self.reset_password_token = nil
|
|
19
|
+
self.auth_tokens = []
|
|
20
|
+
end
|
|
18
21
|
end
|
|
19
22
|
end
|
|
20
23
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- rjurado
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-02-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bcrypt
|