Method: ForestLiana::ApplicationController#authenticate_user_from_jwt

Defined in:
app/controllers/forest_liana/application_controller.rb

#authenticate_user_from_jwtObject 



60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
 
# File 'app/controllers/forest_liana/application_controller.rb', line 60

def authenticate_user_from_jwt
  begin
    if request.headers
      if request.headers['Authorization']
        token = request.headers['Authorization'].split.second
      # NOTICE: Necessary for downloads authentication.
      elsif request.headers['cookie']
        match = REGEX_COOKIE_SESSION_TOKEN.match(request.headers['cookie'])
        token = match[1] if match && match[1]
      end

      @jwt_decoded_token = JWT.decode(token, ForestLiana.auth_secret, true,
        { algorithm: 'HS256' }).try(:first)

      # NOTICE: Automatically logs out the users that use tokens having an old data format.
      if @jwt_decoded_token['data']
        raise ForestLiana::Errors::HTTP401Error.new("Your token format is invalid, please login again.")
      end

      @rendering_id = @jwt_decoded_token['rendering_id']
    else
      head :unauthorized
    end
  rescue JWT::ExpiredSignature, JWT::VerificationError
    render json: { error: 'expired_token' }, status: :unauthorized,
      serializer: nil
  rescue
    head :unauthorized
  end
end