wor-authentication 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e28959f4b22ee0d7e9e845be60500c49ce91d631
+  data.tar.gz: 38a0c50a898809ed6d3f5ce05a880316908748ca
+SHA512:
+  metadata.gz: 231e7a6cede8153f8b09873200364b7a70daf04a1e9a96e93e6639c0bfb3c46a0bad32b865f69952a57ac028e6420ea1efdcf5a2490bd0fa1ecec05b1f67e2e9
+  data.tar.gz: 88141b32c3f2eac550785a86ade9e7a0d10bb20a3404e994e2572288b07eae450e4ce01709c882dfb25f29aa67f53cbeae9732489cc78207d406f53724192c70

data/.gitignore

@@ -0,0 +1,331 @@
+spec/dummy/db/*.sqlite3
+spec/dummy/db/*.sqlite3-journal
+spec/dummy/log/*.log
+spec/dummy/tmp/
+
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.gem
+
+# Created by https://www.gitignore.io/api/ruby,rubymine,rails,emacs,vim,sublimetext,osx,macos,linux,windows
+
+### Emacs ###
+# -*- mode: gitignore; -*-
+*~
+\#*\#
+/.emacs.desktop
+/.emacs.desktop.lock
+*.elc
+auto-save-list
+tramp
+.\#*
+
+# Org-mode
+.org-id-locations
+*_archive
+
+# flymake-mode
+*_flymake.*
+
+# eshell files
+/eshell/history
+/eshell/lastdir
+
+# elpa packages
+/elpa/
+
+# reftex files
+*.rel
+
+# AUCTeX auto folder
+/auto/
+
+# cask packages
+.cask/
+dist/
+
+# Flycheck
+flycheck_*.el
+
+# server auth directory
+/server/
+
+# projectiles files
+.projectile
+
+# directory configuration
+.dir-locals.el
+
+### Linux ###
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+### macOS ###
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### OSX ###
+
+# Icon must end with two \r
+
+
+# Thumbnails
+
+# Files that might appear in the root of a volume
+
+# Directories potentially created on remote AFP share
+
+### Rails ###
+*.rbc
+capybara-*.html
+.rspec
+/log
+/tmp
+/db/*.sqlite3
+/db/*.sqlite3-journal
+/public/system
+/coverage/
+/spec/tmp
+**.orig
+rerun.txt
+pickle-email-*.html
+
+# TODO Comment out this rule if you are OK with secrets being uploaded to the repo
+config/initializers/secret_token.rb
+
+# Only include if you have production secrets in this file, which is no longer a Rails default
+# config/secrets.yml
+
+# dotenv
+# TODO Comment out this rule if environment variables can be committed
+.env
+
+## Environment normalization:
+/.bundle
+/vendor/bundle
+
+# these should all be checked in to normalize the environment:
+# Gemfile.lock, .ruby-version, .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc
+
+# if using bower-rails ignore default bower_components path bower.json files
+/vendor/assets/bower_components
+*.bowerrc
+bower.json
+
+# Ignore pow environment settings
+.powenv
+
+# Ignore Byebug command history file.
+.byebug_history
+
+### Ruby ###
+*.gem
+/.config
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+# Used by dotenv library to load environment variables.
+# .env
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+# Gemfile.lock
+# .ruby-version
+# .ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+
+### RubyMine ###
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff:
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+
+# Sensitive or high-churn files:
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.xml
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+
+# Gradle:
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+/out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+### RubyMine Patch ###
+# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
+
+# *.iml
+# modules.xml
+# .idea/misc.xml
+# *.ipr
+
+### SublimeText ###
+# cache files for sublime text
+*.tmlanguage.cache
+*.tmPreferences.cache
+*.stTheme.cache
+
+# workspace files are user-specific
+*.sublime-workspace
+
+# project files should be checked into the repository, unless a significant
+# proportion of contributors will probably not be using SublimeText
+# *.sublime-project
+
+# sftp configuration file
+sftp-config.json
+
+# Package control specific files
+Package Control.last-run
+Package Control.ca-list
+Package Control.ca-bundle
+Package Control.system-ca-bundle
+Package Control.cache/
+Package Control.ca-certs/
+Package Control.merged-ca-bundle
+Package Control.user-ca-bundle
+oscrypto-ca-bundle.crt
+bh_unicode_properties.cache
+
+# Sublime-github package stores a github token in this file
+# https://packagecontrol.io/packages/sublime-github
+GitHub.sublime-settings
+
+### Vim ###
+# swap
+[._]*.s[a-v][a-z]
+[._]*.sw[a-p]
+[._]s[a-v][a-z]
+[._]sw[a-p]
+# session
+Session.vim
+# temporary
+.netrwhist
+# auto-generated tag files
+tags
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.gitignore.io/api/ruby,rubymine,rails,emacs,vim,sublimetext,osx,macos,linux,windows

data/.rubocop.yml

@@ -0,0 +1,12 @@
+AllCops:
+  Exclude:
+    - wor-requests.gemspec
+
+Documentation:
+  Enabled: false
+
+LineLength:
+  Max: 99
+
+FrozenStringLiteralComment:
+  Enabled: false

data/.travis.yml

@@ -0,0 +1,19 @@
+language: ruby
+rvm:
+  - 2.0
+  - 2.1
+  - 2.2
+  - 2.3.3
+  - 2.4.0
+
+install:
+  - gem install bundler
+  - bundle install --retry=3
+
+script:
+  - bundle exec rspec
+  - bundle exec rubocop -R --format simple
+
+addons:
+    code_climate:
+        repo_token:

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in wor-authentication.gemspec
+gemspec

data/LICENSE.md

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2017 Alejandro Bezdjian, aka alebian
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,163 @@
+# Wolox on Rails - Authentication
+[![Build Status](https://travis-ci.org/Wolox/wor-authentication.svg)](https://travis-ci.org/Wolox/wor-authentication)
+[![Code Climate](https://codeclimate.com/github/Wolox/wor-authentication/badges/gpa.svg)](https://codeclimate.com/github/Wolox/wor-authentication)
+[![Test Coverage](https://codeclimate.com/github/Wolox/wor-authentication/badges/coverage.svg)](https://codeclimate.com/github/Wolox/wor-authentication/coverage)
+[![Issue Count](https://codeclimate.com/github/Wolox/wor-authentication/badges/issue_count.svg)](https://codeclimate.com/github/Wolox/wor-authentication)
+
+Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens!
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'wor-authentication'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install wor-authentication
+
+## Usage
+
+### Basic configuration
+
+The first step is to define a parent controller from which all other controllers will have to extend to have only-authenticated routes. So, let's do that in our `ApplicationController.rb`:
+```ruby
+class ApplicationController < ActionController::Base
+  include Wor::Authentication::Controller
+  before_action :authenticate_request
+end
+```
+> To know which exceptions can be thrown by the gem, please check the [exceptions file](./lib/wor/authentication/exceptions.rb).
+
+Second and last step, we have to define the routes to achieve authentication and a controller to handle them.
+```ruby
+# routes.rb
+Rails.application.routes.draw do
+  # your routes go here
+  post '/' => 'authentication#create'
+  post '/renew' => 'authentication#renew'
+  post '/invalidate_all' => 'authentication#invalidate_all'
+end
+
+# authentication_controller.rb
+class AuthenticationController < ApplicationController
+  include Wor::Authentication::SessionsController
+  skip_before_action :authenticate_request, only: [:create]
+end
+```
+> Note that our controller extends from ApplicationController.
+
+### <a name='custom-validations'> User tracking and custom validations
+
+#### Validations before giving out a token? Override `authenticate_entity`:
+
+```ruby
+# authentication_controller.rb
+def authenticate_entity(params)
+  user ||= User.find_by(email: params[:email])
+  return nil unless user.present? && user.valid_password?(params[:password])
+end
+```
+> Returning no value or false won't create the authentication token.
+
+#### Keeping track of users? Override: `entity_payload`:
+
+```ruby
+# authentication_controller.rb
+ENTITY_KEY = :user_id
+
+def entity_payload(user)
+  { ENTITY_KEY => user.id }
+end
+
+def find_authenticable_entity(entity_payload_returned_object)
+  User.find_by(id: entity_payload_returned_object.fetch(ENTITY_KEY))
+end
+```
+
+#### Validations in every request? Override `entity_custom_validation_value` to get it verified as the following:
+
+```ruby
+# authentication_controller.rb
+def entity_custom_validation_value(user)
+   user.some_value_that_shouldnt_change
+end
+```
+This method will be called before creating the token and in every request to compare if the returned values are the same. If values mismatch, the token won't be valid anymore. If values are the same, expiration validations will be checked.
+> If it is desired to update this value when renewing the token, override: `entity_custom_validation_renew_value`.
+
+#### Invalidating all tokens for a user? Override `entity_custom_validation_invalidate_all_value` as the following:
+
+```ruby
+# authentication_controller.rb
+def entity_custom_validation_invalidate_all_value(user)
+   user.some_value_that_shouldnt_change = 'some-new-value'
+   user.save
+end
+```
+This method is the one executed when we want to invalidate sessions for the authenticated user. An option to achieve that can be to override the value that will be then compared in every request with `entity_custom_validation_value` method, so that initial stored value mismatch with the new different value.
+> This works only if `entity_custom_validation_value` has been overridden.
+
+
+### Some other useful configurations
+
+#### Want to modify tokens ttl? Override `new_token_expiration_date` as the following:
+
+```ruby
+def new_token_expiration_date
+  (Time.zone.now + 2.days).to_i
+end
+```
+
+#### Want to modify tokens maximum useful day? Override `token_maximum_useful_date` as the following:
+
+```ruby
+def token_maximum_useful_date
+  (Time.zone.now + 30.days).to_i
+end
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Run rubocop lint (`rubocop -R --format simple`)
+5. Run rspec tests (`bundle exec rspec`)
+6. Push your branch (`git push origin my-new-feature`)
+7. Create a new Pull Request
+
+## About ##
+
+This project is maintained by [Alejandro Bezdjian](https://github.com/alebian) along with [Michel Agopian](https://github.com/mishuagopian) and it was written by [Wolox](http://www.wolox.com.ar).
+![Wolox](https://raw.githubusercontent.com/Wolox/press-kit/master/logos/logo_banner.png)
+
+## License
+
+**wor-authentication** is available under the MIT [license](https://raw.githubusercontent.com/Wolox/wor-authentication/master/LICENSE.md).
+
+    Copyright (c) 2017 Alejandro Bezdjian (aka alebian), Michel Agopian (aka mishuagopian)
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/lib/wor/authentication.rb

@@ -0,0 +1,12 @@
+require_relative 'authentication/controller'
+require_relative 'authentication/decoded_token'
+require_relative 'authentication/exceptions'
+require_relative 'authentication/sessions_controller'
+require_relative 'authentication/token_manager'
+require_relative 'authentication/version'
+
+module Wor
+  module Authentication
+    # Your code goes here...
+  end
+end

data/lib/wor/authentication/controller.rb

@@ -0,0 +1,60 @@
+require 'devise'
+
+module Wor
+  module Authentication
+    module Controller
+
+      def authenticate_request
+        entity = find_authenticable_entity(decoded_token)
+        decoded_token.validate!(entity_custom_validation_value(entity))
+      end
+
+      def decoded_token
+        @decoded_token ||= Wor::Authentication::TokenManager.new(token_key).decode(authentication_token)
+      end
+
+      ##
+      # Helpers which may be overrided
+      ##
+
+      def token_renew_id
+        Devise.friendly_token(32)
+      end
+
+      def new_token_expiration_date
+        (Time.zone.now + 2.days).to_i
+      end
+
+      def token_maximum_useful_date
+        (Time.zone.now + 30.days).to_i
+      end
+
+      def authentication_token
+        request.headers['Authorization'].split(' ').last
+      end
+
+      def entity_custom_validation_value(entity)
+        nil
+      end
+
+      def entity_custom_validation_renew_value(entity)
+        entity_custom_validation_value(entity)
+      end
+
+      def entity_custom_validation_invalidate_all_value(entity)
+        nil
+      end
+
+      # Explain in README
+      def token_key
+        raise Wor::Authentication::Exceptions::SubclassMustImplementError unless defined?(Rails)
+        raise Wor::Authentication::Exceptions::NoKeyProvidedError unless Rails.application.secrets.secret_key_base.present?
+        Rails.application.secrets.secret_key_base
+      end
+
+      def authenticate_entity(params) {} end
+      def find_authenticable_entity(decoded_token) {} end
+      def entity_payload(entity) {} end
+    end
+  end
+end

data/lib/wor/authentication/decoded_token.rb

@@ -0,0 +1,47 @@
+module Wor
+  module Authentication
+    class DecodedToken
+      attr_reader :payload
+
+      def initialize(payload)
+        @payload = payload
+      end
+
+      def validate!(entity_custom_validation = nil)
+        raise Wor::Authentication::Exceptions::EntityCustomValidationError unless valid_entity_custom_validation?(entity_custom_validation)
+        raise Wor::Authentication::Exceptions::NotRenewableTokenError unless able_to_renew?
+        raise Wor::Authentication::Exceptions::ExpiredTokenError if expired?
+      end
+
+      def fetch(key)
+        return payload[key.to_sym] if payload[key.to_sym]
+        return payload[key.to_s] if payload[key.to_s]
+        nil
+      end
+
+      def expired?
+        return false unless fetch(:expiration_date).present?
+        # TODO: Use a ruby standard library for time
+        Time.zone.now.to_i > fetch(:expiration_date)
+      end
+
+      def able_to_renew?
+        return false unless fetch(:maximum_useful_date).present?
+        # TODO: Use a ruby standard library for time
+        Time.zone.now.to_i < fetch(:maximum_useful_date)
+      end
+
+      def valid_renew_id?(renew_id)
+        return true unless fetch(:renew_id).present? && renew_id.present?
+        renew_id == fetch(:renew_id)
+      end
+
+      private
+
+      def valid_entity_custom_validation?(entity_custom_validation)
+        return true unless fetch(:entity_custom_validation).present?
+        entity_custom_validation == fetch(:entity_custom_validation)
+      end
+    end
+  end
+end

data/lib/wor/authentication/exceptions.rb

@@ -0,0 +1,11 @@
+module Wor
+  module Authentication
+    module Exceptions
+      class SubclassMustImplementError < StandardError ; end
+      class NoKeyProvidedError < StandardError ; end
+      class ExpiredTokenError < StandardError ; end
+      class NotRenewableTokenError < StandardError ; end
+      class EntityCustomValidationError < StandardError ; end
+    end
+  end
+end

data/lib/wor/authentication/sessions_controller.rb

@@ -0,0 +1,82 @@
+module Wor
+  module Authentication
+    module SessionsController
+
+      def create
+        entity = authenticate_entity(authenticate_params)
+        if entity
+          token_data = generate_access_token(entity)
+          render json: {
+            access_token: token_data[:token], renew_id: token_data[:renew_id]
+          }, status: :ok
+        else
+          render_error('Invalid authentication credentials', :unauthorized)
+        end
+      end
+
+      def renew
+        if !decoded_token.valid_renew_id?(renew_token_params[:renew_id])
+          render_error('Invalid renew_id', :unauthorized)
+        else
+          render json: { access_token: renew_access_token(current_entity) }, status: :ok
+        end
+      end
+
+      def invalidate_all
+        # should we rescue anything here ?
+        # if invalidating uses db and fails, or something like that
+        entity_custom_validation_invalidate_all_value(current_entity)
+        head :ok
+      end
+
+      def generate_access_token(entity)
+        renew_id = token_renew_id
+        payload = entity_payload(entity).merge(
+          entity_custom_validation: entity_custom_validation_value(entity),
+          expiration_date: new_token_expiration_date,
+          maximum_useful_date: token_maximum_useful_date,
+          renew_id: renew_id
+        )
+        { token: Wor::Authentication::TokenManager.new(token_key).encode(payload), renew_id: renew_id }
+      end
+
+      def renew_access_token(entity)
+        payload = decoded_token.payload
+        payload[:expiration_date] = new_token_expiration_date
+        payload[:entity_custom_validation] = entity_custom_validation_renew_value(entity)
+        Wor::Authentication::TokenManager.new(token_key).encode(payload)
+      end
+
+      private
+
+      def current_entity
+        current_entity ||= find_authenticable_entity(decoded_token)
+      end
+
+      def render_error(error_message, status)
+        render json: { error: error_message }, status: status
+      end
+
+      # I'm pretty sure this should be set by gems users and not us
+      def authenticate_params
+        params.require(:session).permit(:email, :password)
+      end
+      # I'm pretty sure this should be set by gems users and not us
+      def renew_token_params
+        params.require(:session).permit(:renew_id)
+      end
+
+      def render_not_renewable_token
+        render_error('Access token is not valid anymore', :unauthorized)
+      end
+
+      def render_expired_token
+        render_error('Expired token', :unauthorized)
+      end
+
+      def render_entity_invalid_custom_validation
+        render_error('Entity invalid custom validation', :unauthorized)
+      end
+    end
+  end
+end

data/lib/wor/authentication/token_manager.rb

@@ -0,0 +1,22 @@
+require 'jwt'
+
+module Wor
+  module Authentication
+    class TokenManager
+      def initialize(key)
+        @key = key
+      end
+
+      def encode(payload)
+        JWT.encode(payload, @key)
+      end
+
+      def decode(token)
+        payload = JWT.decode(token, @key)[0]
+        Wor::Authentication::DecodedToken.new(payload)
+      rescue
+        nil
+      end
+    end
+  end
+end

data/lib/wor/authentication/version.rb

@@ -0,0 +1,5 @@
+module Wor
+  module Authentication
+    VERSION = '0.1.0'.freeze
+  end
+end

data/wor-authentication.gemspec

@@ -0,0 +1,40 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'wor/authentication/version'
+require 'date'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'wor-authentication'
+  spec.version       = Wor::Authentication::VERSION
+  spec.platform      = Gem::Platform::RUBY
+  spec.date          = Date.today
+  spec.authors       = ['alebian', 'mishuagopian']
+  spec.email         = ['alejandro.bezdjian@wolox.com.ar', 'michel.agopian@wolox.com.ar']
+
+  spec.summary       = 'Gem to add authentication to your application.'
+  spec.description   = 'Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens.'
+  spec.homepage      = 'https://github.com/Wolox/wor-authentication'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec)/}) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec)/})
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'railties', '>= 4.1.0', '< 5.1'
+  spec.add_dependency 'devise', '>= 4.2.0'
+  spec.add_dependency 'jwt', '>= 1.5'
+  spec.add_dependency 'rails', '>= 4.0'
+
+  spec.add_development_dependency 'byebug', '~> 9.0'
+  spec.add_development_dependency 'rubocop', '~> 0.47'
+  spec.add_development_dependency 'bundler', '~> 1.13'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'rspec-rails', '~> 3.5'
+  spec.add_development_dependency 'codeclimate-test-reporter', '~> 1.0.0'
+  spec.add_development_dependency 'generator_spec'
+  spec.add_development_dependency 'simplecov'
+  spec.add_development_dependency 'timecop'
+  spec.add_development_dependency 'sqlite3'
+end

metadata

@@ -0,0 +1,278 @@
+--- !ruby/object:Gem::Specification
+name: wor-authentication
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- alebian
+- mishuagopian
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-04-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.1'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 4.2.0
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9.0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.47'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.47'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.13'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.5'
+- !ruby/object:Gem::Dependency
+  name: codeclimate-test-reporter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: generator_spec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Gem to add authentication to your application using JWT, with expirable,
+  renewable and customizable tokens.
+email:
+- alejandro.bezdjian@wolox.com.ar
+- michel.agopian@wolox.com.ar
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rubocop.yml"
+- ".travis.yml"
+- Gemfile
+- LICENSE.md
+- README.md
+- Rakefile
+- lib/wor/authentication.rb
+- lib/wor/authentication/controller.rb
+- lib/wor/authentication/decoded_token.rb
+- lib/wor/authentication/exceptions.rb
+- lib/wor/authentication/sessions_controller.rb
+- lib/wor/authentication/token_manager.rb
+- lib/wor/authentication/version.rb
+- wor-authentication.gemspec
+homepage: https://github.com/Wolox/wor-authentication
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.7
+signing_key: 
+specification_version: 4
+summary: Gem to add authentication to your application.
+test_files: []