Module: RailsJwtAuth::Authenticatable

Defined in:
app/models/concerns/rails_jwt_auth/authenticatable.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(base) ⇒ Object 



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 5

def self.included(base)
  base.extend(ClassMethods)

  base.class_eval do
    if defined?(Mongoid) && ancestors.include?(Mongoid::Document)
      field :password_digest, type: String
      field :auth_tokens, type: Array, default: [] if RailsJwtAuth.simultaneous_sessions > 0
    elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
      serialize :auth_tokens, Array
    end

    has_secure_password

    before_validation do
      if RailsJwtAuth.downcase_auth_field &&
         public_send("#{RailsJwtAuth.auth_field_name}_changed?")
        self[RailsJwtAuth.auth_field_name]&.downcase!
      end
    end
  end
end

Instance Method Details

#destroy_auth_token(token) ⇒ Object 



46
47
48
49
50
51
52
53
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 46

def destroy_auth_token(token)
  if RailsJwtAuth.simultaneous_sessions > 1
    tokens = auth_tokens || []
    update_attribute(:auth_tokens, tokens - [token])
  else
    update_attribute(:auth_tokens, [])
  end
end

#load_auth_tokenObject 



27
28
29
30
31
32
33
34
35
36
37
38
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 27

def load_auth_token
  new_token = SecureRandom.base58(24)

  if RailsJwtAuth.simultaneous_sessions > 1
    tokens = (auth_tokens || []).last(RailsJwtAuth.simultaneous_sessions - 1)
    self.auth_tokens = (tokens + [new_token]).uniq
  else
    self.auth_tokens = [new_token]
  end

  new_token
end

#regenerate_auth_token(token = nil) ⇒ Object 



40
41
42
43
44
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 40

def regenerate_auth_token(token=nil)
  self.auth_tokens -= [token] if token
  token = load_auth_token
  save ? token : false
end

#save_without_passwordObject 



63
64
65
66
67
68
69
70
71
72
73
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 63

def save_without_password
  # when set password to nil only password_digest is setted to nil
  # https://github.com/rails/rails/blob/master/activemodel/lib/active_model/secure_password.rb#L97
  instance_variable_set("@password", nil)
  self.password_confirmation = nil
  self.password_digest = nil

  return false unless valid_without_password?

  save(validate: false)
end

#to_token_payload(_request = nil) ⇒ Object 



55
56
57
58
59
60
61
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 55

def to_token_payload(_request=nil)
  if RailsJwtAuth.simultaneous_sessions > 0
    auth_tokens&.last ? {auth_token: auth_tokens.last} : false
  else
    {id: id.to_s}
  end
end

#update_password(params) ⇒ Object 



82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 82

def update_password(params)
  current_password_error = if (current_password = params.delete(:current_password)).blank?
                             'blank'
                           elsif !authenticate(current_password)
                             'invalid'
                           end

  # if recoberable module is enabled ensure clean recovery to allow save
  if self.respond_to? :reset_password_token
    self.reset_password_token = self.reset_password_sent_at = nil
  end

  # close all sessions or other sessions when pass current_auth_token
  current_auth_token = params.delete :current_auth_token
  self.auth_tokens = current_auth_token ? [current_auth_token] : []

  assign_attributes(params)
  valid? # validates first other fields
  errors.add(:current_password, current_password_error) if current_password_error
  errors.add(:password, 'blank') if params[:password].blank?

  return false unless errors.empty?
  return false unless save

  deliver_password_changed_notification

  true
end

#valid_without_password?Boolean

Returns:

  • (Boolean) 


75
76
77
78
79
80
 
# File 'app/models/concerns/rails_jwt_auth/authenticatable.rb', line 75

def valid_without_password?
  valid?
  errors.delete(:password) # allow register without pass
  errors.delete(:password_confirmation)
  errors.empty?
end