thecore_backend_commons 3.2.3 → 3.2.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/config/initializers/application_config.rb +4 -1
  3. data/config/initializers/concern_cable_connection.rb +11 -6
  4. data/lib/thecore_backend_commons/version.rb +1 -1
  5. metadata +3 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d49cad14dab24e49c18b425a25ba02bf80183ac74626cf3ef7858bfb71b969f6
4
- data.tar.gz: 923b24b8fcaf1b5dd36f5afdea8ec045074be9d9ca397b89b076cb1768c14a93
3
+ metadata.gz: f4cf64bb68e9bcccd605b40aa32460cbb7ced88874a6ffad06d17e8cc8146c71
4
+ data.tar.gz: 345dca267915d4fadbc63693309cfc8e143664cab7c6c4fa362bbf97aa9466d8
5
5
  SHA512:
6
- metadata.gz: f8a94044a00da96909a6003d672eb2945dc25792640002684581d305f02c1b1a1c8afede032b9340a73f0687b53a076bbfe4cdfc9b8f99361a078010df39db28
7
- data.tar.gz: 88ff40875bde193b3b88c226f56e922f40a2251ed8403864e0b5203f564e5d4bffe087a258aef8494a91479face853b2a6e951c8a35d884f349f9d34106e3dbd
6
+ metadata.gz: ac72482edd4c3e30c42429616411bf6851136ef970bda078a2026eacdbf1e07a31146d8235da56298988db2b83da69074f03efc3fee506afe4b5ebf55e95e6e6
7
+ data.tar.gz: '0181dd13da02d410a4508c93ecf0a93a8f183fd39676aff557dadc889dc19fc3b5a5296f97e46becc59497335bc4f7eedd0be84d062ddadb1d63a7016313a4c7'
data/config/initializers/application_config.rb CHANGED
@@ -1,3 +1,6 @@
1
+ Rails.application.config.relative_url_root = ENV.fetch("RAILS_RELATIVE_URL_ROOT", "/")
2
+ Rails.application.config.assets.prefix = "#{ENV.fetch("RAILS_RELATIVE_URL_ROOT", "")}/assets".gsub('//', '/')
3
+
1
4
  Rails.application.config.active_storage.configure :Disk, root: Rails.root.join("storage")
2
5
  Rails.application.config.action_mailer.delivery_method = :smtp
3
- Rails.application.config.action_cable.allowed_request_origins = [/http:\/\/*/, /https:\/\/*/, /file:\/\/*/, 'file://', nil]
6
+ Rails.application.config.action_cable.allowed_request_origins = [/http:\/\/*/, /https:\/\/*/, /file:\/\/*/, 'file://', nil]
data/config/initializers/concern_cable_connection.rb CHANGED
@@ -16,12 +16,17 @@ module CableConnectionConcern
16
16
  # It looks for a token in the query parameters, or in the headers
17
17
  m = request.query_parameters["token"].presence || request.headers["Authorization"].split(" ").second.strip rescue nil
18
18
 
19
- body = ::HashWithIndifferentAccess.new(::JWT.decode(m, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"], false)[0]) rescue nil
20
- if verified_user = (env['warden'].user.presence || User.find_by(id: body[:user_id]) rescue false)
21
- verified_user
22
- else
23
- reject_unauthorized_connection
24
- end
19
+ # check for m2m token
20
+ user = User.where.not(encrypted_access_token: nil).find { |u| BCrypt::Password.new(u.encrypted_access_token) == m } rescue false
21
+ return user if user
22
+
23
+ # check for JWT token
24
+ body = (::HashWithIndifferentAccess.new(::JWT.decode(m, ::Rails.application.credentials.dig(:secret_key_base).presence||ENV["SECRET_KEY_BASE"], false)[0]) rescue nil)
25
+ verified_user = env['warden'].user.presence || User.find_by(id: body[:user_id]) rescue false
26
+ return verified_user if verified_user
27
+
28
+ # The Token is not m2m nor JWT, fail
29
+ return reject_unauthorized_connection
25
30
  end
26
31
  end
27
32
  end
data/lib/thecore_backend_commons/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ThecoreBackendCommons
2
- VERSION = "3.2.3"
2
+ VERSION = "3.2.5"
3
3
  end
metadata CHANGED
@@ -1,14 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thecore_backend_commons
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.3
4
+ version: 3.2.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gabriele Tassoni
8
- autorequire:
9
8
  bindir: bin
10
9
  cert_chain: []
11
- date: 2024-09-11 00:00:00.000000000 Z
10
+ date: 2025-01-16 00:00:00.000000000 Z
12
11
  dependencies:
13
12
  - !ruby/object:Gem::Dependency
14
13
  name: thecore_auth_commons
@@ -201,7 +200,6 @@ metadata:
201
200
  homepage_uri: https://github.com/gabrieletassoni/thecore_backend_commons
202
201
  source_code_uri: https://github.com/gabrieletassoni/thecore_backend_commons
203
202
  changelog_uri: https://github.com/gabrieletassoni/thecore_backend_commons/blob/master/CHANGELOG.md
204
- post_install_message:
205
203
  rdoc_options: []
206
204
  require_paths:
207
205
  - lib
@@ -216,8 +214,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
216
214
  - !ruby/object:Gem::Version
217
215
  version: '0'
218
216
  requirements: []
219
- rubygems_version: 3.5.16
220
- signing_key:
217
+ rubygems_version: 3.6.2
221
218
  specification_version: 4
222
219
  summary: Thecore 3 foundations for the Web UI Backend.
223
220
  test_files: []