Toktok

Build Status codecov Code Climate Gem Version

JWT Authentication for Ruby

Installation

Add this line to your application's Gemfile:

gem 'toktok'

And then execute:

$ bundle

Or install it yourself as:

$ gem install toktok

Usage

TODO: Improve

Configuration

# 'none' | 'HS256' | 'RS256' | 'ES256'
Toktok.algorithm = 'HS256'

# REQUIRED unless algorithm = 'none'
Toktok.secret_key = ENV['TOKTOK_SECRET_KEY'] 

# OPTIONAL – in seconds
Toktok.lifetime = nil

Encode/Decode

token = Toktok::Token.new(identity: 'guzart', payload: { message: 'Hola' })
puts token.jwt # 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1...'

token = Toktok::Token.new(jwt: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1...')
puts token.identity # 'guzart'
puts token.payload # { sub: 'guzart', message: 'Hola' }

Claims

Subject Claim

Toktok uses the required identity argument as the payload sub attribute defined by the JWT Subject Claim.

Expiration Time Claim

Toktok automatically calculates the token expiration using the Toktok.lifetime configuration value and sets the exp attribute defined by the JWT Expiration Time Claim

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake test to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/guzart/toktok.

License

The gem is available as open source under the terms of the MIT License.