zaikio-jwt_auth 2.1.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +21 -0
- data/lib/zaikio/jwt_auth/rack_middleware.rb +27 -0
- data/lib/zaikio/jwt_auth/token_data.rb +4 -0
- data/lib/zaikio/jwt_auth/version.rb +1 -1
- data/lib/zaikio/jwt_auth.rb +1 -0
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 10365dcb96c417de5f8226e97fc835334e5b6ed92868fead27d443565013c7d3
|
4
|
+
data.tar.gz: 5c66b0a5359ab1db156861650ccb142ec1e5572074000fb8c0c4c1740ccc833c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b52f0baddf61c6d418b0b82a1e003a82fde64484182485662111ec52a8d37275886db7c282ab9ab7d211888eb64c760d2541662905200e80f016c13dcb04566a
|
7
|
+
data.tar.gz: 815b388a900b8b3f6d10a46f9a0968f6c51c7227fe232ef44ecb2509f4c23d9dbea34482de4f9229af6de455e98bf3d31529ab86618d30685dcfcae2e4cc6881
|
data/README.md
CHANGED
@@ -134,6 +134,27 @@ class ResourcesControllerTest < ActionDispatch::IntegrationTest
|
|
134
134
|
end
|
135
135
|
```
|
136
136
|
|
137
|
+
### 8. Setup rack-attack for throttling
|
138
|
+
|
139
|
+
This gem ships with a rack middleware that should be used to throttle requests by app and/or subject. You can use the middleware with [rack-attack](https://github.com/rack/rack-attack) as described here:
|
140
|
+
|
141
|
+
```rb
|
142
|
+
# config/initializers/rack_attack.rb
|
143
|
+
|
144
|
+
MyApp::Application.config.middleware.insert_before Rack::Attack, Zaikio::JWTAuth::RackMiddleware
|
145
|
+
|
146
|
+
class Rack::Attack
|
147
|
+
Rack::Attack.throttled_response_retry_after_header = true
|
148
|
+
|
149
|
+
throttle("zaikio/by_app_sub", limit: 600, period: 1.minute) do |request|
|
150
|
+
next unless request.path.start_with?("/api/")
|
151
|
+
next unless request.env[Zaikio::JWTAuth::RackMiddleware::SUBJECT] # does not use zaikio JWT
|
152
|
+
|
153
|
+
"#{request.env[Zaikio::JWTAuth::RackMiddleware::AUDIENCE]}/#{request.env[Zaikio::JWTAuth::RackMiddleware::SUBJECT]}"
|
154
|
+
end
|
155
|
+
end
|
156
|
+
```
|
157
|
+
|
137
158
|
## Advanced
|
138
159
|
|
139
160
|
### `only` and `except`
|
@@ -0,0 +1,27 @@
|
|
1
|
+
module Zaikio
|
2
|
+
module JWTAuth
|
3
|
+
class RackMiddleware
|
4
|
+
AUDIENCE = "zaikio.jwt.audience".freeze
|
5
|
+
SUBJECT = "zaikio.jwt.subject".freeze
|
6
|
+
|
7
|
+
def initialize(app)
|
8
|
+
@app = app
|
9
|
+
end
|
10
|
+
|
11
|
+
def call(env)
|
12
|
+
token_data = begin
|
13
|
+
Zaikio::JWTAuth.extract(env["HTTP_AUTHORIZATION"])
|
14
|
+
rescue JWT::ExpiredSignature, JWT::DecodeError
|
15
|
+
nil
|
16
|
+
end
|
17
|
+
|
18
|
+
if token_data
|
19
|
+
env[AUDIENCE] = token_data.audience || :personal_token
|
20
|
+
env[SUBJECT] = token_data.subject
|
21
|
+
end
|
22
|
+
|
23
|
+
@app.call(env)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/lib/zaikio/jwt_auth.rb
CHANGED
@@ -6,6 +6,7 @@ require "zaikio/jwt_auth/configuration"
|
|
6
6
|
require "zaikio/jwt_auth/directory_cache"
|
7
7
|
require "zaikio/jwt_auth/jwk"
|
8
8
|
require "zaikio/jwt_auth/token_data"
|
9
|
+
require "zaikio/jwt_auth/rack_middleware"
|
9
10
|
require "zaikio/jwt_auth/engine"
|
10
11
|
require "zaikio/jwt_auth/test_helper"
|
11
12
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: zaikio-jwt_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- crispymtn
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2022-09-
|
13
|
+
date: 2022-09-28 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: activejob
|
@@ -88,6 +88,7 @@ files:
|
|
88
88
|
- lib/zaikio/jwt_auth/directory_cache.rb
|
89
89
|
- lib/zaikio/jwt_auth/engine.rb
|
90
90
|
- lib/zaikio/jwt_auth/jwk.rb
|
91
|
+
- lib/zaikio/jwt_auth/rack_middleware.rb
|
91
92
|
- lib/zaikio/jwt_auth/railtie.rb
|
92
93
|
- lib/zaikio/jwt_auth/test_helper.rb
|
93
94
|
- lib/zaikio/jwt_auth/token_data.rb
|