Class: JwtAuthCognito::RedisService

Inherits:

Object

• Object
• JwtAuthCognito::RedisService

Defined in:

lib/jwt_auth_cognito/redis_service.rb

Constant Summary

BLACKLIST_PREFIX =

'jwt_blacklist:'

USER_TOKENS_PREFIX =

'user_tokens:'

Instance Method Summary

• #clear_revoked_tokens ⇒ Object
• #generate_token_id(token) ⇒ Object
• #initialize(config = JwtAuthCognito.configuration) ⇒ RedisService constructor

  A new instance of RedisService.

• #invalidate_user_tokens(user_id) ⇒ Object
• #is_token_revoked?(token_id) ⇒ Boolean
• #save_revoked_token(token_id, ttl = nil) ⇒ Object
• #track_user_token(user_id, token_id, ttl = nil) ⇒ Object

Constructor Details

#initialize(config = JwtAuthCognito.configuration) ⇒ RedisService

Returns a new instance of RedisService.

# File 'lib/jwt_auth_cognito/redis_service.rb', line 12

def initialize(config = JwtAuthCognito.configuration)
  @config = config
  @redis = nil
end

Instance Method Details

#clear_revoked_tokens ⇒ Object

# File 'lib/jwt_auth_cognito/redis_service.rb', line 42

def clear_revoked_tokens
  connect_redis
  keys = @redis.keys("#{BLACKLIST_PREFIX}*")
  @redis.del(*keys) if keys.any?
  keys.length
rescue Redis::BaseError => e
  raise BlacklistError, "Failed to clear revoked tokens: #{e.message}"
end

#generate_token_id(token) ⇒ Object

# File 'lib/jwt_auth_cognito/redis_service.rb', line 86

def generate_token_id(token)
  # Try to extract jti from token first
  begin
    payload = JWT.decode(token, nil, false).first
    return payload['jti'] if payload['jti']
  rescue JWT::DecodeError
    # Fall back to hash if token can't be decoded
  end

  # Generate hash-based ID
  Digest::SHA256.hexdigest(token)[0, 16]
end

#invalidate_user_tokens(user_id) ⇒ Object

# File 'lib/jwt_auth_cognito/redis_service.rb', line 51

def invalidate_user_tokens(user_id)
  connect_redis

  # Get all tokens for the user
  user_key = "#{USER_TOKENS_PREFIX}#{user_id}"
  token_ids = @redis.smembers(user_key)

  # Add all tokens to blacklist
  token_ids.each do |token_id|
    save_revoked_token(token_id)
  end

  # Clear the user's token set
  @redis.del(user_key)

  token_ids.length
rescue Redis::BaseError => e
  raise BlacklistError, "Failed to invalidate user tokens: #{e.message}"
end

#is_token_revoked?(token_id) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/jwt_auth_cognito/redis_service.rb', line 32

def is_token_revoked?(token_id)
  connect_redis
  key = "#{BLACKLIST_PREFIX}#{token_id}"
  result = @redis.exists?(key)
  result.is_a?(Integer) ? result.positive? : result
rescue Redis::BaseError
  # Graceful degradation - if Redis is down, don't block validation
  false
end

#save_revoked_token(token_id, ttl = nil) ⇒ Object

# File 'lib/jwt_auth_cognito/redis_service.rb', line 17

def save_revoked_token(token_id, ttl = nil)
  connect_redis
  key = "#{BLACKLIST_PREFIX}#{token_id}"

  if ttl
    @redis.setex(key, ttl, 'revoked')
  else
    @redis.set(key, 'revoked')
  end

  true
rescue Redis::BaseError => e
  raise BlacklistError, "Failed to save revoked token: #{e.message}"
end

#track_user_token(user_id, token_id, ttl = nil) ⇒ Object

# File 'lib/jwt_auth_cognito/redis_service.rb', line 71

def track_user_token(user_id, token_id, ttl = nil)
  connect_redis

  user_key = "#{USER_TOKENS_PREFIX}#{user_id}"
  @redis.sadd(user_key, token_id)

  # Set expiration on the user's token set
  @redis.expire(user_key, ttl) if ttl

  true
rescue Redis::BaseError
  # Non-critical operation, log but don't fail
  false
end