Module: Fridge::RailsHelpers

Defined in:

lib/fridge/rails_helpers.rb

Instance Method Summary

• #bearer_token ⇒ Object
• #clear_session_cookie ⇒ Object
• #current_token ⇒ Object
• #fridge_cookie_name ⇒ Object
• #fridge_cookie_options ⇒ Object
• #session_cookie ⇒ Object
• #session_cookie=(cookie) ⇒ Object
• #session_subject ⇒ Object
• #session_token ⇒ Object
• #sessionize_token(access_token) ⇒ Object
• #token_scope ⇒ Object
• #token_subject ⇒ Object
• #validate_token(access_token) ⇒ Object

  Validates token, and returns the token, or nil.

• #validate_token!(access_token) ⇒ Object

  Validates token, and raises an exception if invalid.

Instance Method Details

#bearer_token ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 18

def bearer_token
  header = request.env['HTTP_AUTHORIZATION']
  header.gsub(/^Bearer /, '') unless header.nil?
end

#clear_session_cookie ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 73

def clear_session_cookie
  cookies.delete fridge_cookie_name, domain: :all
  nil
end

#current_token ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 11

def current_token
  return unless bearer_token
  @current_token ||= AccessToken.new(bearer_token).tap do |token|
    validate_token!(token)
  end
end

#fridge_cookie_name ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 78

def fridge_cookie_name
  Fridge.configuration.cookie_name
end

#fridge_cookie_options ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 82

def fridge_cookie_options
  secure = !Rails.env.development?
  options = { domain: :all, secure: secure, httponly: true }
  options.merge(Fridge.configuration.cookie_options)
end

#session_cookie ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 65

def session_cookie
  cookies[fridge_cookie_name]
end

#session_cookie=(cookie) ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 69

def session_cookie=(cookie)
  cookies[fridge_cookie_name] = cookie
end

#session_subject ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 23

def session_subject
  session_token.subject if session_token
end

#session_token ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 27

def session_token
  return unless session_cookie
  @session_token ||= AccessToken.new(session_cookie).tap do |token|
    validate_token!(token)
  end
rescue
  clear_session_cookie
end

#sessionize_token(access_token) ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 54

def sessionize_token(access_token)
  # Ensure that any cookie-persisted tokens are read-only
  access_token.scope = 'read'

  jwt = access_token.serialize
  self.session_cookie = {
    value: jwt,
    expires: access_token.expires_at
  }.merge(fridge_cookie_options)
end

#token_scope ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 3

def token_scope
  current_token.scope if current_token
end

#token_subject ⇒ Object

# File 'lib/fridge/rails_helpers.rb', line 7

def token_subject
  current_token.subject if current_token
end

#validate_token(access_token) ⇒ Object

Validates token, and returns the token, or nil

# File 'lib/fridge/rails_helpers.rb', line 37

def validate_token(access_token)
  validator = Fridge.configuration.validator
  validator.call(access_token) && access_token
rescue
  false
end

#validate_token!(access_token) ⇒ Object

Validates token, and raises an exception if invalid

# File 'lib/fridge/rails_helpers.rb', line 45

def validate_token!(access_token)
  validator = Fridge.configuration.validator
  if validator.call(access_token)
    access_token
  else
    fail InvalidToken
  end
end