Class: Rack::Jwt::Auth::Authenticate

Inherits:

Object

Object
Rack::Jwt::Auth::Authenticate

Defined in:: lib/rack/jwt/auth/authenticate.rb

Constant Summary collapse

DECODE_OPTIONS =

Set.new([:algorithm,
:verify_expiration,
:verify_not_before,
:verify_iss,
:iss,
:verify_iat,
:verify_aud,
:aud,
:verify_sub,
:sub,
:verify_jti,
:jti]).freeze

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, opts = {}) ⇒ Authenticate constructor

A new instance of Authenticate.

Constructor Details

#initialize(app, opts = {}) ⇒ `Authenticate`

Returns a new instance of Authenticate.

# File 'lib/rack/jwt/auth/authenticate.rb', line 20

def initialize(app, opts = {})
  @app  = app
  @opts = opts

  raise 'Secret must be provided' if opts[:secret].nil?

  # @see https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/
  # @see https://github.com/jwt/ruby-jwt/pull/184
  raise 'Algorithm must be provided for security reason' if opts[:algorithm].nil?

  @secret = opts[:secret]

  @authenticated_routes   = compile_paths(opts[:only])
  @unauthenticated_routes = compile_paths(opts[:except])
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rack/jwt/auth/authenticate.rb', line 36

def call(env)
  with_authorization(env) do |payload|
    env['rack.jwt.session'] = payload
    @app.call(env)
  end
end

Class: Rack::Jwt::Auth::Authenticate

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, opts = {}) ⇒ Authenticate

Instance Method Details

#call(env) ⇒ Object

#initialize(app, opts = {}) ⇒ `Authenticate`

#call(env) ⇒ `Object`