Minato::Rails::Auth
Minato Rails Auth is a library designed to be an authentication layer in Rails applications. It has a JWT module, that can be included in Rails Controllers to authenticate requests. And has a RSpec shared contexts, to simplify authentication in automated tests.
Installation
The recommended installation way is by Gem or Bundler:
By Gem
$ gem install minato-rails-auth
By Bundler
$ bundle add minato-rails-auth
Or just add the following line on your Gemfile file:
gem 'minato-rails-auth'
And you can specify the version:
gem 'minato-rails-auth', '~> 0.1.0'
Configuration
To configure the Minato Rails Auth lib on your Rails application, is necessary to follow the steps:
- Create a configuration file: - [rails-app]/config/initializers/minato_rails_auth.rb
- Add the following content in the file: - require 'minato/rails/auth' Minato::Rails::Auth.configure do |conf| conf.jwt.issuer = Settings.api.secure.issuer conf.jwt.jwks_uri = Settings.api.secure.jwks_uri end
- Each option specs:
    - `conf.jwt`  
        - stores all jwt configuration
    - `conf.jwt.issuer` 
        - example: 'http://localhost'  
        - is the jwt issuer, when the system uses Ory, it's the gateway host
    - `conf.jwt.jwks_uri` 
        - example: 'http://localhost:4456/.well-known/jwks.json' 
        - is the jwks obtetion uri, when the system uses Ory, it's the direct gateway host
    - `conf.jwt.jwks` 
        - default: nil   
        - this is the jwks data, if this is specified it will not be necessary the conf.jwt.jwks_uri attribute
    - `conf.jwt.algorithms` 
        - default:  'RS256'
        - alghorithm used to decode the jwt
    - `conf.jwt.verify_iss` 
        - default:  true   
        - this specify if the issuer should be checked
    - `conf.jwt.verify_token_signature` 
        - default: true   
        - this specify if the token signature should be checked
    - `conf.jwt.hmac_secret` 
        - default: nil
        - hmac secret, is necessary only in HMAC algorithms
    - `conf.jwt.additional_params` 
        - default: {}
        - is JWT.decode additional options
        - docs: https://github.com/jwt/ruby-jwt/blob/main/README.md
And now, the library was configured in your Rails application.
Usage
Auth system
To add the JWT authentication system in your Rails application, just follow the steps:
- Include the JWT module in your - ApplicationController:- class ApplicationController < ActionController::API include Minato::Rails::Auth::JWT end
- Now it is available the method - authenticate_request!in your controllers, and you can call it when you want to auth a controller:- class FooController < ApplicationController before_action :authenticate_request! end
- Now the variable - current_useris availabe in your controller, containing the following methods:
- .machine?- This will return a boolean value that will tell you if the client is a machine or not
 
- .human?- This works like the .machine?method, but tells you if the client is human.
 
- This works like the 
- .session- This returns a object containing the JWT payload, if the client is human.
 
- .machine- This returns a string with the machine name, when the client is a machine.
 
Testing tools
The Minato Rails Auth makes available the RSpec shared contexts, to make it available you can include the module in your [rails-app]/spec/spec_helper.rb:
require 'minato/rails/auth/spec'
And now it will be available the following shared contexts, that you can use following the docs:
- with jwt authentication:- Just create a jwt with empty payload. To set the payload you should create a jwt_payloadvariable usinglet.
 
- Just create a jwt with empty payload. To set the payload you should create a 
- with human jwt authentication:- Creates a jwt with human payload. You set the user attributes with variables jwt_email,jwt_account_id,jwt_session_id,jwt_identity_idandjwt_payload.
 
- Creates a jwt with human payload. You set the user attributes with variables 
- with machine jwt authentication:- Creates a jwt with machine payload. You can set the machine name with the variable jwt_machine.
 
- Creates a jwt with machine payload. You can set the machine name with the variable 
- with missing jwt authentication:- Raise a ::JWT::VerificationError, simulating when the user is not authenticated.
 
- Raise a 
Development
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and the created tag, and push the .gem file to rubygems.org.
Contributing
Bug reports and pull requests are welcome on GitLab at https://gitlab.com/ferreri/minato/minato-rails-auth.