researchable_jwt-authenticable 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +11 -2
- data/README.md +28 -6
- data/lib/jwt_authenticable/auth.rb +10 -3
- data/lib/jwt_authenticable/version.rb +1 -1
- data/lib/jwt_authenticable.rb +4 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/invalid-version-file/lib/test-gem/version.rb +5 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/prerelease/lib/test-gem/version.rb +5 -0
- data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb +5 -0
- metadata +8 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e4b4d435b56dec20b1d25bb55500516d5e2087159b7645bdba55eaa7208a7fb
|
|
4
|
+
data.tar.gz: c8456c71943a94ab2d7d1539ea187f1ececfdb90e23394134e4c1a1ad1667221
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 469c94c6b1b18896508d2b4657e81780c252eb226eecb82416bae2eb8bed7b1e6beadc19daf98d9490bd057b537d590cd1503781f2564d08761a5e6dd11c0e43
|
|
7
|
+
data.tar.gz: 5955c0be8af0285233e47f060962266edd047e4481f53e96ae3ecc144ce32461377cde35becba9e897300aeeac3e1b7c6bc07726b56d8bbe3f2e000cff13d4dc
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
## [1.0.1](https://gitlab.com/researchable/general/gems/jwt-authenticable/compare/v1.0.0...v1.0.1) (2023-06-14)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Bug Fixes
|
|
5
|
+
|
|
6
|
+
* algorithm configuration parameter not being used ([b41ad24](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/b41ad24a5c9e58c3237160b531c8eab351c389eb))
|
|
7
|
+
|
|
8
|
+
# 1.0.0 (2023-04-14)
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
### Bug Fixes
|
|
12
|
+
|
|
13
|
+
* added a small info function for debugging ([f9428a8](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/f9428a8e77f9a52634d536327a78f771943fa226))
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
### Features
|
|
17
|
+
|
|
18
|
+
* **init:** initialize gem ([42c2c85](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/42c2c853ca705343c55b5f31edac394fab6b9237))
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
researchable_jwt-authenticable (0.
|
|
4
|
+
researchable_jwt-authenticable (1.0.0)
|
|
5
5
|
dry-configurable (~> 0.16)
|
|
6
6
|
jwt (~> 2.6)
|
|
7
7
|
|
|
@@ -14,7 +14,11 @@ GEM
|
|
|
14
14
|
minitest (>= 5.1)
|
|
15
15
|
tzinfo (~> 2.0)
|
|
16
16
|
ast (2.4.2)
|
|
17
|
+
byebug (11.1.3)
|
|
17
18
|
concurrent-ruby (1.2.2)
|
|
19
|
+
debase (0.2.5.beta2)
|
|
20
|
+
debase-ruby_core_source (>= 0.10.12)
|
|
21
|
+
debase-ruby_core_source (3.2.1)
|
|
18
22
|
diff-lcs (1.5.0)
|
|
19
23
|
dry-configurable (0.16.1)
|
|
20
24
|
dry-core (~> 0.6)
|
|
@@ -75,6 +79,8 @@ GEM
|
|
|
75
79
|
rubocop-rails (= 2.12.4)
|
|
76
80
|
rubocop-rake (= 0.6.0)
|
|
77
81
|
rubocop-rspec (= 2.6.0)
|
|
82
|
+
ruby-debug-ide (0.7.3)
|
|
83
|
+
rake (>= 0.8.1)
|
|
78
84
|
ruby-progressbar (1.13.0)
|
|
79
85
|
tzinfo (2.0.6)
|
|
80
86
|
concurrent-ruby (~> 1.0)
|
|
@@ -85,10 +91,13 @@ PLATFORMS
|
|
|
85
91
|
x86_64-linux
|
|
86
92
|
|
|
87
93
|
DEPENDENCIES
|
|
94
|
+
byebug
|
|
95
|
+
debase
|
|
88
96
|
rake (~> 13.0)
|
|
89
97
|
researchable_jwt-authenticable!
|
|
90
98
|
rspec (~> 3.0)
|
|
91
99
|
ruboguide (~> 1.0)
|
|
100
|
+
ruby-debug-ide
|
|
92
101
|
|
|
93
102
|
BUNDLED WITH
|
|
94
|
-
2.
|
|
103
|
+
2.4.6
|
data/README.md
CHANGED
|
@@ -1,15 +1,13 @@
|
|
|
1
1
|
# JwtAuthenticable
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
TODO: Delete this and the text above, and describe your gem
|
|
3
|
+
Researchable's JWT Authenticable gem. This gem provides a standard way of authenticating users using JWT tokens.
|
|
6
4
|
|
|
7
5
|
## Installation
|
|
8
6
|
|
|
9
7
|
Add this line to your application's Gemfile:
|
|
10
8
|
|
|
11
9
|
```ruby
|
|
12
|
-
gem '
|
|
10
|
+
gem 'researchable_jwt-authenticable'
|
|
13
11
|
```
|
|
14
12
|
|
|
15
13
|
And then execute:
|
|
@@ -18,12 +16,36 @@ And then execute:
|
|
|
18
16
|
|
|
19
17
|
Or install it yourself as:
|
|
20
18
|
|
|
21
|
-
$ gem
|
|
19
|
+
$ gem researchable_jwt-authenticable
|
|
22
20
|
|
|
23
21
|
## Usage
|
|
24
22
|
|
|
25
|
-
|
|
23
|
+
Simply add the following to your `ApplicationController`:
|
|
26
24
|
|
|
25
|
+
```ruby
|
|
26
|
+
class ApplicationController < ActionController::API
|
|
27
|
+
include JwtAuthenticable::Auth
|
|
28
|
+
|
|
29
|
+
before_action :authenticate_user!
|
|
30
|
+
before_action :set_profile!
|
|
31
|
+
|
|
32
|
+
attr_accessor :current_profile
|
|
33
|
+
|
|
34
|
+
# rest of your controller
|
|
35
|
+
|
|
36
|
+
private
|
|
37
|
+
|
|
38
|
+
# @note authorization_token! will raise an error if the token is invalid, but this is called after
|
|
39
|
+
# authenticate_user! which will raise the same error. Therefore we don't need to rescue the error here.
|
|
40
|
+
def set_profile!
|
|
41
|
+
uuid = authorization_token!['sub']
|
|
42
|
+
@current_profile = Profile.find_by uuid: uuid
|
|
43
|
+
# If current_profile is nil, it is the first time the user is talking to base-backend. If the token is valid we
|
|
44
|
+
# can simply create a new profile.
|
|
45
|
+
@current_profile ||= Profile.create uuid: uuid
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
```
|
|
27
49
|
## Development
|
|
28
50
|
|
|
29
51
|
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
|
@@ -9,8 +9,6 @@ module JwtAuthenticable
|
|
|
9
9
|
include Exceptions
|
|
10
10
|
include Responses
|
|
11
11
|
|
|
12
|
-
ALGORITHM = JwtAuthenticable.config.algorithm
|
|
13
|
-
|
|
14
12
|
# Authenticates a user.
|
|
15
13
|
# @raise MissingAuthScope if the jwt does not have the right scope
|
|
16
14
|
def authenticate_user!
|
|
@@ -30,7 +28,8 @@ module JwtAuthenticable
|
|
|
30
28
|
# @return [Hash] the JWT payload
|
|
31
29
|
def validate_jwt_token!(token:)
|
|
32
30
|
# NOTE: it is still safe if JWT_SECRET_KEY is not set. The method will trigger a JWT exception
|
|
33
|
-
JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
|
|
31
|
+
JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
|
|
32
|
+
{ algorithm: algorithm }).first
|
|
34
33
|
end
|
|
35
34
|
|
|
36
35
|
# Extracts the authorization token from the Authorization header
|
|
@@ -49,5 +48,13 @@ module JwtAuthenticable
|
|
|
49
48
|
|
|
50
49
|
auth_token[7..]
|
|
51
50
|
end
|
|
51
|
+
|
|
52
|
+
def algorithm
|
|
53
|
+
supported_algos.find { |algo| algo == JwtAuthenticable.config.algorithm } || 'HS256'
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def supported_algos
|
|
57
|
+
SUPPORTED_ALGOS.flat_map { |algo_class| algo_class.const_get(:SUPPORTED) }
|
|
58
|
+
end
|
|
52
59
|
end
|
|
53
60
|
end
|
data/lib/jwt_authenticable.rb
CHANGED
|
@@ -1,14 +1,18 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'dry-configurable'
|
|
4
|
+
require 'jwt'
|
|
4
5
|
|
|
5
6
|
# The module 'JwtAuth' provides jwt authentication for rails using the jwt gem
|
|
6
7
|
# @author Researchable
|
|
7
8
|
module JwtAuthenticable
|
|
8
9
|
extend Dry::Configurable
|
|
9
10
|
setting :algorithm
|
|
11
|
+
# Note that for RSA algorithms this will actually be the public key
|
|
10
12
|
setting :jwt_secret_key, default: nil
|
|
11
13
|
|
|
14
|
+
SUPPORTED_ALGOS = [JWT::Algos::Hmac, JWT::Algos::Rsa].freeze
|
|
15
|
+
|
|
12
16
|
class Error < StandardError; end
|
|
13
17
|
end
|
|
14
18
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: researchable_jwt-authenticable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Researchable
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dry-configurable
|
|
@@ -51,6 +51,7 @@ files:
|
|
|
51
51
|
- ".rubocop.yml"
|
|
52
52
|
- ".ruby-gemset"
|
|
53
53
|
- ".ruby-version"
|
|
54
|
+
- CHANGELOG.md
|
|
54
55
|
- Gemfile
|
|
55
56
|
- Gemfile.lock
|
|
56
57
|
- LICENSE.txt
|
|
@@ -62,8 +63,11 @@ files:
|
|
|
62
63
|
- lib/jwt_authenticable/info.rb
|
|
63
64
|
- lib/jwt_authenticable/responses.rb
|
|
64
65
|
- lib/jwt_authenticable/version.rb
|
|
66
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/invalid-version-file/lib/test-gem/version.rb
|
|
67
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/prerelease/lib/test-gem/version.rb
|
|
68
|
+
- node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb
|
|
65
69
|
- sig/jwt_authenticable.rbs
|
|
66
|
-
homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.0.
|
|
70
|
+
homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.0.1/README.md
|
|
67
71
|
licenses:
|
|
68
72
|
- MIT
|
|
69
73
|
metadata:
|
|
@@ -83,7 +87,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
83
87
|
- !ruby/object:Gem::Version
|
|
84
88
|
version: '0'
|
|
85
89
|
requirements: []
|
|
86
|
-
rubygems_version: 3.
|
|
90
|
+
rubygems_version: 3.4.10
|
|
87
91
|
signing_key:
|
|
88
92
|
specification_version: 4
|
|
89
93
|
summary: Researchable's gem to deal with JWT authentication
|