Module: JwtRest::Authenticable

Defined in:

lib/jwt_rest/authenticable.rb

Instance Attribute Summary

• #current_user ⇒ Object readonly

  To be defined by the developer def handle_user_identity(jwt_payload) true if the users is valid end.

Instance Method Summary

• #demand_api_key ⇒ Object
• #demand_application_json ⇒ Object
• #demand_current_user ⇒ Object

Instance Attribute Details

#current_user ⇒ Object (readonly)

To be defined by the developer def handle_user_identity(jwt_payload)

true if the users is valid

end

# File 'lib/jwt_rest/authenticable.rb', line 28

def current_user
  @current_user
end

Instance Method Details

#demand_api_key ⇒ Object

# File 'lib/jwt_rest/authenticable.rb', line 9

def demand_api_key
  api_key = request.headers["HTTP_X_API_KEY"]
  unless JwtRest::Secrets.valid_api_key?(api_key)
    render status: :unauthorized, json: { error: "invalid api key" }
  end
end

#demand_application_json ⇒ Object

# File 'lib/jwt_rest/authenticable.rb', line 3

def demand_application_json
  unless request.format.symbol == :json
    render status: :not_acceptable, json: { error: "only application/json Content-Tyle is allowed" }
  end
end

#demand_current_user ⇒ Object

# File 'lib/jwt_rest/authenticable.rb', line 16

def demand_current_user
  header = JwtRest::AuthHeader.new(request.headers["HTTP_AUTHORIZATION"])
  unless header.is_token? && header.token && handle_user_identity(header.token.payload)
    render status: :unauthorized, json: { error: "invalid authorization token" }
  end
end