researchable_jwt-authenticable 1.0.0 → 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +11 -2
- data/README.md +28 -6
- data/lib/jwt_authenticable/auth.rb +10 -3
- data/lib/jwt_authenticable/version.rb +1 -1
- data/lib/jwt_authenticable.rb +4 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/invalid-version-file/lib/test-gem/version.rb +5 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/prerelease/lib/test-gem/version.rb +5 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb +5 -0
- metadata +8 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e4b4d435b56dec20b1d25bb55500516d5e2087159b7645bdba55eaa7208a7fb
|
|
4
|
+
data.tar.gz: c8456c71943a94ab2d7d1539ea187f1ececfdb90e23394134e4c1a1ad1667221
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 469c94c6b1b18896508d2b4657e81780c252eb226eecb82416bae2eb8bed7b1e6beadc19daf98d9490bd057b537d590cd1503781f2564d08761a5e6dd11c0e43
|
|
7
|
+
data.tar.gz: 5955c0be8af0285233e47f060962266edd047e4481f53e96ae3ecc144ce32461377cde35becba9e897300aeeac3e1b7c6bc07726b56d8bbe3f2e000cff13d4dc
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
## [1.0.1](https://gitlab.com/researchable/general/gems/jwt-authenticable/compare/v1.0.0...v1.0.1) (2023-06-14)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* algorithm configuration parameter not being used ([b41ad24](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/b41ad24a5c9e58c3237160b531c8eab351c389eb))
|
|
7
|
+
|
|
8
|
+
# 1.0.0 (2023-04-14)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Bug Fixes
|
|
12
|
+
|
|
13
|
+
* added a small info function for debugging ([f9428a8](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/f9428a8e77f9a52634d536327a78f771943fa226))
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
### Features
|
|
17
|
+
|
|
18
|
+
* **init:** initialize gem ([42c2c85](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/42c2c853ca705343c55b5f31edac394fab6b9237))
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
researchable_jwt-authenticable (0.
|
|
4
|
+
researchable_jwt-authenticable (1.0.0)
|
|
5
5
|
dry-configurable (~> 0.16)
|
|
6
6
|
jwt (~> 2.6)
|
|
7
7
|
|
|
@@ -14,7 +14,11 @@ GEM
|
|
|
14
14
|
minitest (>= 5.1)
|
|
15
15
|
tzinfo (~> 2.0)
|
|
16
16
|
ast (2.4.2)
|
|
17
|
+
byebug (11.1.3)
|
|
17
18
|
concurrent-ruby (1.2.2)
|
|
19
|
+
debase (0.2.5.beta2)
|
|
20
|
+
debase-ruby_core_source (>= 0.10.12)
|
|
21
|
+
debase-ruby_core_source (3.2.1)
|
|
18
22
|
diff-lcs (1.5.0)
|
|
19
23
|
dry-configurable (0.16.1)
|
|
20
24
|
dry-core (~> 0.6)
|
|
@@ -75,6 +79,8 @@ GEM
|
|
|
75
79
|
rubocop-rails (= 2.12.4)
|
|
76
80
|
rubocop-rake (= 0.6.0)
|
|
77
81
|
rubocop-rspec (= 2.6.0)
|
|
82
|
+
ruby-debug-ide (0.7.3)
|
|
83
|
+
rake (>= 0.8.1)
|
|
78
84
|
ruby-progressbar (1.13.0)
|
|
79
85
|
tzinfo (2.0.6)
|
|
80
86
|
concurrent-ruby (~> 1.0)
|
|
@@ -85,10 +91,13 @@ PLATFORMS
|
|
|
85
91
|
x86_64-linux
|
|
86
92
|
|
|
87
93
|
DEPENDENCIES
|
|
94
|
+
byebug
|
|
95
|
+
debase
|
|
88
96
|
rake (~> 13.0)
|
|
89
97
|
researchable_jwt-authenticable!
|
|
90
98
|
rspec (~> 3.0)
|
|
91
99
|
ruboguide (~> 1.0)
|
|
100
|
+
ruby-debug-ide
|
|
92
101
|
|
|
93
102
|
BUNDLED WITH
|
|
94
|
-
2.
|
|
103
|
+
2.4.6
|
data/README.md
CHANGED
|
@@ -1,15 +1,13 @@
|
|
|
1
1
|
# JwtAuthenticable
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
|
3
|
+
Researchable's JWT Authenticable gem. This gem provides a standard way of authenticating users using JWT tokens.
|
|
6
4
|
|
|
7
5
|
## Installation
|
|
8
6
|
|
|
9
7
|
Add this line to your application's Gemfile:
|
|
10
8
|
|
|
11
9
|
```ruby
|
|
12
|
-
gem '
|
|
10
|
+
gem 'researchable_jwt-authenticable'
|
|
13
11
|
```
|
|
14
12
|
|
|
15
13
|
And then execute:
|
|
@@ -18,12 +16,36 @@ And then execute:
|
|
|
18
16
|
|
|
19
17
|
Or install it yourself as:
|
|
20
18
|
|
|
21
|
-
$ gem
|
|
19
|
+
$ gem researchable_jwt-authenticable
|
|
22
20
|
|
|
23
21
|
## Usage
|
|
24
22
|
|
|
25
|
-
|
|
23
|
+
Simply add the following to your `ApplicationController`:
|
|
26
24
|
|
|
25
|
+
```ruby
|
|
26
|
+
class ApplicationController < ActionController::API
|
|
27
|
+
include JwtAuthenticable::Auth
|
|
28
|
+
|
|
29
|
+
before_action :authenticate_user!
|
|
30
|
+
before_action :set_profile!
|
|
31
|
+
|
|
32
|
+
attr_accessor :current_profile
|
|
33
|
+
|
|
34
|
+
# rest of your controller
|
|
35
|
+
|
|
36
|
+
private
|
|
37
|
+
|
|
38
|
+
# @note authorization_token! will raise an error if the token is invalid, but this is called after
|
|
39
|
+
# authenticate_user! which will raise the same error. Therefore we don't need to rescue the error here.
|
|
40
|
+
def set_profile!
|
|
41
|
+
uuid = authorization_token!['sub']
|
|
42
|
+
@current_profile = Profile.find_by uuid: uuid
|
|
43
|
+
# If current_profile is nil, it is the first time the user is talking to base-backend. If the token is valid we
|
|
44
|
+
# can simply create a new profile.
|
|
45
|
+
@current_profile ||= Profile.create uuid: uuid
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
```
|
|
27
49
|
## Development
|
|
28
50
|
|
|
29
51
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -9,8 +9,6 @@ module JwtAuthenticable
|
|
|
9
9
|
include Exceptions
|
|
10
10
|
include Responses
|
|
11
11
|
|
|
12
|
-
ALGORITHM = JwtAuthenticable.config.algorithm
|
|
13
|
-
|
|
14
12
|
# Authenticates a user.
|
|
15
13
|
# @raise MissingAuthScope if the jwt does not have the right scope
|
|
16
14
|
def authenticate_user!
|
|
@@ -30,7 +28,8 @@ module JwtAuthenticable
|
|
|
30
28
|
# @return [Hash] the JWT payload
|
|
31
29
|
def validate_jwt_token!(token:)
|
|
32
30
|
# NOTE: it is still safe if JWT_SECRET_KEY is not set. The method will trigger a JWT exception
|
|
33
|
-
JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
|
|
31
|
+
JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
|
|
32
|
+
{ algorithm: algorithm }).first
|
|
34
33
|
end
|
|
35
34
|
|
|
36
35
|
# Extracts the authorization token from the Authorization header
|
|
@@ -49,5 +48,13 @@ module JwtAuthenticable
|
|
|
49
48
|
|
|
50
49
|
auth_token[7..]
|
|
51
50
|
end
|
|
51
|
+
|
|
52
|
+
def algorithm
|
|
53
|
+
supported_algos.find { |algo| algo == JwtAuthenticable.config.algorithm } || 'HS256'
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def supported_algos
|
|
57
|
+
SUPPORTED_ALGOS.flat_map { |algo_class| algo_class.const_get(:SUPPORTED) }
|
|
58
|
+
end
|
|
52
59
|
end
|
|
53
60
|
end
|
data/lib/jwt_authenticable.rb
CHANGED
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'dry-configurable'
|
|
4
|
+
require 'jwt'
|
|
4
5
|
|
|
5
6
|
# The module 'JwtAuth' provides jwt authentication for rails using the jwt gem
|
|
6
7
|
# @author Researchable
|
|
7
8
|
module JwtAuthenticable
|
|
8
9
|
extend Dry::Configurable
|
|
9
10
|
setting :algorithm
|
|
11
|
+
# Note that for RSA algorithms this will actually be the public key
|
|
10
12
|
setting :jwt_secret_key, default: nil
|
|
11
13
|
|
|
14
|
+
SUPPORTED_ALGOS = [JWT::Algos::Hmac, JWT::Algos::Rsa].freeze
|
|
15
|
+
|
|
12
16
|
class Error < StandardError; end
|
|
13
17
|
end
|
|
14
18
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: researchable_jwt-authenticable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Researchable
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dry-configurable
|
|
@@ -51,6 +51,7 @@ files:
|
|
|
51
51
|
- ".rubocop.yml"
|
|
52
52
|
- ".ruby-gemset"
|
|
53
53
|
- ".ruby-version"
|
|
54
|
+
- CHANGELOG.md
|
|
54
55
|
- Gemfile
|
|
55
56
|
- Gemfile.lock
|
|
56
57
|
- LICENSE.txt
|
|
@@ -62,8 +63,11 @@ files:
|
|
|
62
63
|
- lib/jwt_authenticable/info.rb
|
|
63
64
|
- lib/jwt_authenticable/responses.rb
|
|
64
65
|
- lib/jwt_authenticable/version.rb
|
|
66
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/invalid-version-file/lib/test-gem/version.rb
|
|
67
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/prerelease/lib/test-gem/version.rb
|
|
68
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb
|
|
65
69
|
- sig/jwt_authenticable.rbs
|
|
66
|
-
homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.0.
|
|
70
|
+
homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.0.1/README.md
|
|
67
71
|
licenses:
|
|
68
72
|
- MIT
|
|
69
73
|
metadata:
|
|
@@ -83,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
83
87
|
- !ruby/object:Gem::Version
|
|
84
88
|
version: '0'
|
|
85
89
|
requirements: []
|
|
86
|
-
rubygems_version: 3.
|
|
90
|
+
rubygems_version: 3.4.10
|
|
87
91
|
signing_key:
|
|
88
92
|
specification_version: 4
|
|
89
93
|
summary: Researchable's gem to deal with JWT authentication
|