Module: PropelAuthenticationConcern

Extended by:

ActiveSupport::Concern

Defined in:

lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb

Instance Method Summary

• #authenticate_user ⇒ Object
• #current_agency_ids ⇒ Object
• #current_organization ⇒ Object
• #current_organization_id ⇒ Object
• #current_user ⇒ Object
• #extract_jwt_token ⇒ Object
• #has_agency_access?(agency_id) ⇒ Boolean

Instance Method Details

#authenticate_user ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 6

def authenticate_user
  token = extract_jwt_token
  
  unless token
    render json: { error: 'No token provided' }, status: :unauthorized
    return false
  end
  
  begin
    @current_user = User.find_by_jwt_token(token)
    unless @current_user
      render json: { error: 'Invalid token' }, status: :unauthorized
      return false
    end
    
    # Extract organization context from JWT payload
    extract_organization_context(token)
    
  rescue JWT::ExpiredSignature
    render json: { error: 'Token expired' }, status: :unauthorized
    return false
  rescue JWT::DecodeError, JWT::InvalidSignature
    render json: { error: 'Invalid token' }, status: :unauthorized
    return false
  end
  
  true
end

#current_agency_ids ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 47

def current_agency_ids
  return [] unless current_user
  
  # Request-scoped memoization for performance without security risk
  @current_agency_ids ||= current_user.agency_ids
end

#current_organization ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 43

def current_organization
  @current_organization ||= Organization.find_by(id: current_organization_id) if current_organization_id
end

#current_organization_id ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 39

def current_organization_id
  @current_organization_id
end

#current_user ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 35

def current_user
  @current_user
end

#extract_jwt_token ⇒ Object

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 58

def extract_jwt_token
  auth_header = request.headers['Authorization']
  return nil unless auth_header
  
  # Extract token from "Bearer <token>" format
  auth_header.split(' ').last if auth_header.start_with?('Bearer ')
end

#has_agency_access?(agency_id) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/generators/propel_authentication/templates/concerns/propel_authentication_concern.rb', line 54

def has_agency_access?(agency_id)
  current_agency_ids.include?(agency_id.to_i)
end