red_token_auth 0.4.0 → 0.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 37698c3c846ac9b834f5e54f61f0740d47aba30f
-  data.tar.gz: 648bfbe72f80db915cba1b00ccf01e197a5bb2a0
+  metadata.gz: 9ca882c5a5384b2e8610afd2f87e645db9012cd0
+  data.tar.gz: 7b0bd783c3dac1bb81472204cfe9b171c8243d88
 SHA512:
-  metadata.gz: 9abfc95f64dfd0c248ae7515809981613e73b71565953a628c65d57795982b68babd05ad87b0bae43fdb419e576c49fbbd0a9966ecfddef6dd4941a3dfc4b8fc
-  data.tar.gz: b2b27205515f131d53154def7d88871c95e6ac1d897c399ede2329a04e909a8df4cc492524d09c67d44371455424b8e5017712c9a3a3e0da98a8330e93b7eff9
+  metadata.gz: 66b21b4b9f5eb419ba9e0ca09bae649298599b7bd135e58f7f5d37347cd373d0bb43d63cd9466ea384c6b908b64a922e421cd818d29dfd6160614618fadb6789
+  data.tar.gz: fd38b9fe4b29b7cd228144fd6b96a94217cecb8c98ea46a1c3ab681b2d3de1682f32102cd96f0e74e9f6093bcb48a43793d191749c23474de1e3d794052eefa0

data/README.md

@@ -74,7 +74,7 @@ By using the `authenticate!(:user)` in your controller, you'll have access to `c
 ### Included methods
 * `User#sign_in`
 
-  It'll return `true` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
+  It'll return `User#create_new_authentication_token` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
 
   ```ruby
   user.sign_in("password")
@@ -110,6 +110,17 @@ By using the `authenticate!(:user)` in your controller, you'll have access to `c
   user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
   ```
 
+* `User#create_new_authentication_token`
+
+  This method will create new authentication token for the user and will return a hash that can be appended to the headers.
+  ```ruby
+    user.create_new_authentication_token
+    #=> {"access-token" => "==wei2989896756-_", "uid" => "email@email.com", "token-type" => "Bearer"}
+
+    # In controller scope:
+    request.headers.merge!(user.create_new_authentication_token)
+  ```
+
 ### Configuring
 ```ruby
 RedTokenAuth.configure do |config|
@@ -121,3 +132,4 @@ end
 
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/lib/red_token_auth/authentication.rb

@@ -4,7 +4,22 @@ module RedTokenAuth
 
     included do
       def authenticate_token(token)
-        token == authentication_token
+        BCrypt::Password.new(authentication_token) == token
+      end
+
+      def create_new_authentication_token
+        token        = SecureRandom.urlsafe_base64(nil, true)
+        token_hash   = BCrypt::Password.create(token)
+
+        self.authentication_token = token_hash
+
+        save!
+
+        {
+          "access-token" => token,
+          "uid"          => email,
+          "token-type"   => "Bearer"
+        }
       end
     end
   end

data/lib/red_token_auth/sign_in_out.rb

@@ -7,9 +7,10 @@ module RedTokenAuth
     included do
       def sign_in(password)
         if authenticate(password)
-          update(authentication_token: random_token)
+          create_new_authentication_token
         else
           errors.add(:password, :wrong_password)
+          false
         end
       end
 

data/lib/red_token_auth/version.rb

@@ -1,3 +1,3 @@
 module RedTokenAuth
-  VERSION = '0.4.0'
+  VERSION = '0.4.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: red_token_auth
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors:
 - Caio Ergos