researchable_jwt-authenticable 1.0.1 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -0
  3. data/lib/jwt_authenticable/auth.rb +8 -3
  4. data/lib/jwt_authenticable/exceptions.rb +7 -0
  5. data/lib/jwt_authenticable/version.rb +1 -1
  6. data/lib/jwt_authenticable.rb +3 -0
  7. data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb +1 -1
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4e4b4d435b56dec20b1d25bb55500516d5e2087159b7645bdba55eaa7208a7fb
4
- data.tar.gz: c8456c71943a94ab2d7d1539ea187f1ececfdb90e23394134e4c1a1ad1667221
3
+ metadata.gz: abeaaf5f3a590567cc0e31b701204f3fea0ef6598fddfa03eb97dcb34beb4436
4
+ data.tar.gz: e72942114fc0c82482d01d8a6e9b8c4083fc2223466290de06e2b6ffb4c4397e
5
5
  SHA512:
6
- metadata.gz: 469c94c6b1b18896508d2b4657e81780c252eb226eecb82416bae2eb8bed7b1e6beadc19daf98d9490bd057b537d590cd1503781f2564d08761a5e6dd11c0e43
7
- data.tar.gz: 5955c0be8af0285233e47f060962266edd047e4481f53e96ae3ecc144ce32461377cde35becba9e897300aeeac3e1b7c6bc07726b56d8bbe3f2e000cff13d4dc
6
+ metadata.gz: '00519275b196a8d5b2dd2d75c1a1951ed8b91076e937ed34285f768eec98365468aaa4881c9a7084c03b5d0d495b0ce70bc7ffc6ebd19148f8335a3def579ef9'
7
+ data.tar.gz: ba644ed5e3a31da8d29ca334d393857ae3abf97e9d694613b850d9ee98ddb4d27e16be5113450d9859dda256fafbb582594a9af78c07275a50d33cb4305ab63f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,10 @@
1
+ # [1.1.0](https://gitlab.com/researchable/general/gems/jwt-authenticable/compare/v1.0.1...v1.1.0) (2023-06-30)
2
+
3
+
4
+ ### Features
5
+
6
+ * enforce 2fa ([a65aed5](https://gitlab.com/researchable/general/gems/jwt-authenticable/commit/a65aed5e2ae0ad180239e51aa20dd9d2aa588e81))
7
+
1
8
  ## [1.0.1](https://gitlab.com/researchable/general/gems/jwt-authenticable/compare/v1.0.0...v1.0.1) (2023-06-14)
2
9
 
3
10
 
data/lib/jwt_authenticable/auth.rb CHANGED
@@ -13,7 +13,8 @@ module JwtAuthenticable
13
13
  # @raise MissingAuthScope if the jwt does not have the right scope
14
14
  def authenticate_user!
15
15
  validate_jwt_token! token: authorization_token!
16
- rescue MissingAuth, MissingAuthScope, InvalidAuthScheme, JWT::VerificationError, JWT::ExpiredSignature => e
16
+ rescue MissingAuth, MissingAuthScope, InvalidAuthScheme, TwoFANotEnabledError, JWT::VerificationError,
17
+ JWT::ExpiredSignature => e
17
18
  unauthorized(e.message)
18
19
  end
19
20
 
@@ -28,8 +29,12 @@ module JwtAuthenticable
28
29
  # @return [Hash] the JWT payload
29
30
  def validate_jwt_token!(token:)
30
31
  # NOTE: it is still safe if JWT_SECRET_KEY is not set. The method will trigger a JWT exception
31
- JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
32
- { algorithm: algorithm }).first
32
+ payload = JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
33
+ { algorithm: algorithm }).first
34
+
35
+ raise TwoFANotEnabledError if JwtAuthenticable.config.enforce_2fa && !payload['2fa']
36
+
37
+ payload
33
38
  end
34
39
 
35
40
  # Extracts the authorization token from the Authorization header
data/lib/jwt_authenticable/exceptions.rb CHANGED
@@ -47,5 +47,12 @@ module JwtAuthenticable
47
47
  "Authorization error: #{@msg}"
48
48
  end
49
49
  end
50
+
51
+ # Exception to raise when 2fa enforce is enabled but user has not enabled 2fa
52
+ class TwoFANotEnabledError < StandardError
53
+ def message
54
+ '2FA must be enabled'
55
+ end
56
+ end
50
57
  end
51
58
  end
data/lib/jwt_authenticable/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JwtAuthenticable
4
- VERSION = '1.0.1'
4
+ VERSION = '1.1.0'
5
5
  end
data/lib/jwt_authenticable.rb CHANGED
@@ -11,6 +11,9 @@ module JwtAuthenticable
11
11
  # Note that for RSA algorithms this will actually be the public key
12
12
  setting :jwt_secret_key, default: nil
13
13
 
14
+ # If set to true, a jwt will only be considered valid if 2fa has been enabled
15
+ setting :enforce_2fa, default: false
16
+
14
17
  SUPPORTED_ALGOS = [JWT::Algos::Hmac, JWT::Algos::Rsa].freeze
15
18
 
16
19
  class Error < StandardError; end
data/node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module TestGem
4
- VERSION = '1.0.1'
4
+ VERSION = '1.1.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: researchable_jwt-authenticable
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Researchable
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-06-14 00:00:00.000000000 Z
11
+ date: 2023-06-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dry-configurable
@@ -67,7 +67,7 @@ files:
67
67
  - node_modules/semantic-release-rubygem/src/__tests__/fixtures/prerelease/lib/test-gem/version.rb
68
68
  - node_modules/semantic-release-rubygem/src/__tests__/fixtures/valid/lib/test-gem/version.rb
69
69
  - sig/jwt_authenticable.rbs
70
- homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.0.1/README.md
70
+ homepage: https://gitlab.com/researchable/general/gems/jwt-authenticable/-/blob/v1.1.0/README.md
71
71
  licenses:
72
72
  - MIT
73
73
  metadata: