Neeto JWT Engine
Neeto JWT Engine is a Rails engine that provides JWT-based authentication for Neeto products. It is designed to be a flexible and extensible authentication solution that can be easily integrated into any Rails application.
Installation
Add this line to your application's Gemfile:
gem 'neeto-jwt-engine'
And then execute:
$ bundle install
Or install it yourself as:
$ gem install neeto-jwt-engine
Usage
1. Mount the engine
Add the following line to your application's config/routes.rb
file:
mount NeetoJwtEngine::Engine => "/neeto_jwt"
2. Run the migrations
Run the following command to create the necessary tables in your database:
$ rails neeto_jwt_engine:install:migrations
$ rails db:migrate
How to generate public-private key pairs
Neeto JWT Engine provides a way to generate public-private key pairs for secure authentication.
Create a public-private key pair for an organization
To generate a new key pair, you can make a POST
request to the /neeto_jwt_engine/configurations
endpoint. This will create a new configuration with a public-private key pair and return a one-time link to download the private key.
You must include a NEETO-JWT-X-TOKEN
header in the request, and its value should match the NEETO_JWT_X_TOKEN
environment variable set in your application. Search for "NeetoJWT X-Token" in 1Password to obtain this token.
Request:
curl \
--request POST \
--header 'Content-Type: application/json' \
--header 'NEETO-JWT-X-TOKEN: <your-token>' \
https://<workspace>.neetoauth.com/neeto_jwt/configurations
Response:
{
"message": "This is a one-time link. DO NOT click on the link yourself. In case the link is expired, whether by accident or by mis-use, create a fresh public-private key pair using the /neeto-jwt/configurations/create route.",
"onetime_link": "http://example.com/neeto_jwt_engine/configurations/your-onetime-token"
}
Download private key using a one-time link
To download the private key, you can make a GET
request to the one-time link provided in the create
API response. This will download the private key as a file and expire the link.
Request:
GET https://<workspace>.neetoauth.com/neeto_jwt/configurations/your-onetime-token
Response:
The private key will be downloaded as a file named neeto-jwt-<subdomain>-private.key
.
Development
After checking out the repo, run bin/setup
to install dependencies. Then, run rake test
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.