Module: ApiGuard::JwtAuth::JsonWebToken
- Included in:
- Test::ControllerHelper
- Defined in:
- lib/api_guard/jwt_auth/json_web_token.rb
Overview
Common module for JWT operations
Instance Method Summary collapse
-
#create_token_and_set_header(resource, resource_name) ⇒ Object
Create tokens and set response headers.
- #current_time ⇒ Object
-
#decode(token, verify = true) ⇒ Object
Decode the JWT token and return the payload.
-
#encode(payload) ⇒ Object
Encode the payload with the secret key and return the JWT token.
-
#invalidate_old_jwt_tokens(resource) ⇒ Object
Set token issued at to current timestamp to restrict access to old access(JWT) tokens.
-
#jwt_and_refresh_token(resource, resource_name, expired_token = false) ⇒ Object
Create a JWT token with resource detail in payload.
-
#set_token_headers(token, refresh_token = nil) ⇒ Object
Set token details in response headers.
- #token_expire_at ⇒ Object
- #token_issued_at ⇒ Object
Instance Method Details
#create_token_and_set_header(resource, resource_name) ⇒ Object
Create tokens and set response headers
46 47 48 49 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 46 def create_token_and_set_header(resource, resource_name) access_token, refresh_token = jwt_and_refresh_token(resource, resource_name) set_token_headers(access_token, refresh_token) end |
#current_time ⇒ Object
7 8 9 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 7 def current_time @current_time ||= Time.now.utc end |
#decode(token, verify = true) ⇒ Object
Decode the JWT token and return the payload
25 26 27 28 29 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 25 def decode(token, verify = true) HashWithIndifferentAccess.new( JWT.decode(token, ApiGuard.token_signing_secret, verify, verify_iat: true)[0] ) end |
#encode(payload) ⇒ Object
Encode the payload with the secret key and return the JWT token
20 21 22 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 20 def encode(payload) JWT.encode(payload, ApiGuard.token_signing_secret) end |
#invalidate_old_jwt_tokens(resource) ⇒ Object
Set token issued at to current timestamp to restrict access to old access(JWT) tokens
60 61 62 63 64 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 60 def invalidate_old_jwt_tokens(resource) return unless ApiGuard.invalidate_old_tokens_on_password_change resource.token_issued_at = Time.at(token_issued_at).utc end |
#jwt_and_refresh_token(resource, resource_name, expired_token = false) ⇒ Object
Create a JWT token with resource detail in payload. Also, create refresh token if enabled for the resource.
This creates expired JWT token if the argument ‘expired_token’ is true which can be used for testing.
35 36 37 38 39 40 41 42 43 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 35 def jwt_and_refresh_token(resource, resource_name, expired_token = false) access_token = encode( "#{resource_name}_id": resource.id, exp: expired_token ? token_issued_at : token_expire_at, iat: token_issued_at ) [access_token, new_refresh_token(resource)] end |
#set_token_headers(token, refresh_token = nil) ⇒ Object
Set token details in response headers
52 53 54 55 56 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 52 def set_token_headers(token, refresh_token = nil) response.headers['Access-Token'] = token response.headers['Refresh-Token'] = refresh_token if refresh_token response.headers['Expire-At'] = token_expire_at.to_s end |
#token_expire_at ⇒ Object
11 12 13 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 11 def token_expire_at @expire_at ||= (current_time + ApiGuard.token_validity).to_i end |
#token_issued_at ⇒ Object
15 16 17 |
# File 'lib/api_guard/jwt_auth/json_web_token.rb', line 15 def token_issued_at @issued_at ||= current_time.to_i end |