GrisAccounts
GrisAccounts provides helpers for handling account resource authorization with decoded Gris JSON Web Tokens. It is likely best used with Gris::Middleware::JsonWebTokenDecoder.
GrisAccounts is alpha software.
Installation
GrisAccounts is available as a gem on rubygems, to install it run:
gem install gris_accounts
Otherwise, if your project uses Bundler, add GrisAccounts to your Gemfile:
gem 'gris_accounts'
And run:
$ bundle install
Usage
The example below includes GrisAccounts::AuthorizationHelper
in a Grape endpoint and makes use of user_id_from_payload
and require_access_to_account
helpers to provide some resource authorization.
class AccountsEndpoint < Grape::API
format :json
formatter :json, Grape::Formatter::Roar
content_type :json, 'application/hal+json'
use Gris::Middleware::JsonWebTokenDecoder
helpers GrisAccounts::AuthorizationHelper
namespace :accounts do
desc 'Create new account.'
params do
requires :account, type: Hash do
requires :name, type: String
end
end
post do
# Get current user ID from decoded JSON Web Token.
# Returns @user_id
#
user_id_from_payload
account = AccountCreatorService.call params[:account][:name], @user_id
present account, with: AccountPresenter
end
desc 'Retrieve existing account.'
params do
requires :id
end
get ':id' do
# Ensure that decoded JSON Web Token includes current account.
# Raises error unless decoded token includes account_ids with params[:id]
#
require_access_to_account params[:id]
account = Account.find params[:id]
present account, with: AccountPresenter
end
end
end