Gris::Middleware::JsonWebTokenDecoder

The cleverly named Gris::Middleware::JsonWebTokenDecoder is a simple middleware for decoding JWT token headers in your Gris app's Grape endpoints.

It uses the Ruby jwt gem to do the heavy lifting.

Gris::Middleware::JsonWebTokenDecoder is alpha software and only presently supports HS256.

---

Installation

Gris::Middleware::JsonWebTokenDecoder is available as a gem on rubygems, to install it run:

gem install gris-middleware-json_web_token_decoder

Otherwise, if your project uses Bundler, add gris-middleware-decoder to your Gemfile:

gem 'gris-middleware-json_web_token_decoder'

And run:

$ bundle install

---

Usage

Set a value for hmac_secret in your Gris config/secrets.yml file.

default: &default
  service_name: smithson
  hmac_secret: <%= ENV['HMAC_SECRET'] || 'https://www.youtube.com/watch?v=F5bAa6gFvLs' %>
  base_url: <%= ENV['BASE_URL'] || 'http://localhost:9292' %>

development:
  <<: *default

test:
  <<: *default

production:
  <<: *default

Add the middleware to your endpoint:

class ApplicationEndpoint < Grape::API
  use Gris::Middleware::JsonWebTokenDecoder

For requests that include HTTP_AUTHORIZATION headers in the format of "Bearer: ENCODED_TOKEN", Gris::Middleware::JsonWebTokenDecoder will return a GRIS_JWT_PAYLOAD along with the @env.

You can choose how to make use of this in your applications.