thecore_backend_commons 3.2.3 → 3.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/config/initializers/concern_cable_connection.rb +11 -6
  3. data/lib/thecore_backend_commons/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d49cad14dab24e49c18b425a25ba02bf80183ac74626cf3ef7858bfb71b969f6
4
- data.tar.gz: 923b24b8fcaf1b5dd36f5afdea8ec045074be9d9ca397b89b076cb1768c14a93
3
+ metadata.gz: 5cc9f4d227b130ad6e8690995a4ae462d2c5057f6165cf22b01b8d4c5e925a92
4
+ data.tar.gz: dfeec1c2c1813b6037016ac37d67477bdc3eab3e7b1f31e4ee7f5f4f10465853
5
5
  SHA512:
6
- metadata.gz: f8a94044a00da96909a6003d672eb2945dc25792640002684581d305f02c1b1a1c8afede032b9340a73f0687b53a076bbfe4cdfc9b8f99361a078010df39db28
7
- data.tar.gz: 88ff40875bde193b3b88c226f56e922f40a2251ed8403864e0b5203f564e5d4bffe087a258aef8494a91479face853b2a6e951c8a35d884f349f9d34106e3dbd
6
+ metadata.gz: 1439fbd5039ca4b2266e2ec5a5d2ce161fc3198824de0a5c755e093bff224b0b7811ae0181df4256b53a5ba0575e709d50aa22f843ba2d05a417e0b6051ba059
7
+ data.tar.gz: f14d63913cad95459d5e8c963b766346da10936e5f9d10662fbabcbeeccedd3f39690d4f232ecda34ecc1d612dec95eb1acc892c5ea6122d34981225b710bc22
data/config/initializers/concern_cable_connection.rb CHANGED
@@ -16,12 +16,17 @@ module CableConnectionConcern
16
16
  # It looks for a token in the query parameters, or in the headers
17
17
  m = request.query_parameters["token"].presence || request.headers["Authorization"].split(" ").second.strip rescue nil
18
18
 
19
- body = ::HashWithIndifferentAccess.new(::JWT.decode(m, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"], false)[0]) rescue nil
20
- if verified_user = (env['warden'].user.presence || User.find_by(id: body[:user_id]) rescue false)
21
- verified_user
22
- else
23
- reject_unauthorized_connection
24
- end
19
+ # check for m2m token
20
+ user = User.where.not(encrypted_access_token: nil).find { |u| BCrypt::Password.new(u.encrypted_access_token) == m } rescue false
21
+ return user if user
22
+
23
+ # check for JWT token
24
+ body = (::HashWithIndifferentAccess.new(::JWT.decode(m, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"], false)[0]) rescue nil)
25
+ verified_user = env['warden'].user.presence || User.find_by(id: body[:user_id]) rescue false
26
+ return verified_user if verified_user
27
+
28
+ # The Token is not m2m nor JWT, fail
29
+ return reject_unauthorized_connection
25
30
  end
26
31
  end
27
32
  end
data/lib/thecore_backend_commons/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ThecoreBackendCommons
2
- VERSION = "3.2.3"
2
+ VERSION = "3.2.4"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thecore_backend_commons
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.3
4
+ version: 3.2.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-11 00:00:00.000000000 Z
11
+ date: 2024-10-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: thecore_auth_commons