Class: Warden::JWTAuth::Hooks

Inherits:

Object

• Object
• Warden::JWTAuth::Hooks

Defined in:

lib/warden/jwt_auth/hooks.rb

Overview

Warden hooks

Constant Summary

PREPARED_TOKEN_ENV_KEY =

‘env` key where JWT is added

'warden-jwt_auth.token'

Class Method Summary

• .after_fetch(_user, auth, opts) ⇒ Object

  Sign out a JWT scope if it comes from the session.

• .after_set_user(user, auth, opts) ⇒ Object

  Adds a token for the signed in user to the request ‘env` if current path and verb match with configuration.

Class Method Details

.after_fetch(_user, auth, opts) ⇒ Object

Sign out a JWT scope if it comes from the session.

If a user is meant to be authenticated via JWT, then if it is fetched from the session it must be something not intended to happen and a security threat.

Workaround until github.com/hassox/warden/pull/118 is fixed

# File 'lib/warden/jwt_auth/hooks.rb', line 28

def self.after_fetch(_user, auth, opts)
  new.send(:logout_scope, auth, opts)
end

.after_set_user(user, auth, opts) ⇒ Object

Adds a token for the signed in user to the request ‘env` if current path and verb match with configuration. This will be picked up later on by a rack middleware which will add it to the response headers.

See Also:

• https://github.com/hassox/warden/wiki/Callbacks

# File 'lib/warden/jwt_auth/hooks.rb', line 17

def self.after_set_user(user, auth, opts)
  new.send(:prepare_token, user, auth, opts)
end