Module: APIGuard::HelperMethods

Defined in:
lib/api/api_guard.rb

Overview

Helper Methods for Grape Endpoint

Instance Method Summary collapse

Instance Method Details

#current_userObject


78
79
80
# File 'lib/api/api_guard.rb', line 78

def current_user
  @current_user
end

#doorkeeper_guard(scopes: []) ⇒ Object


60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# File 'lib/api/api_guard.rb', line 60

def doorkeeper_guard(scopes: [])
  if access_token = find_access_token
    case validate_access_token(access_token, scopes)
    when Oauth2::AccessTokenValidationService::INSUFFICIENT_SCOPE
      raise InsufficientScopeError.new(scopes)

    when Oauth2::AccessTokenValidationService::EXPIRED
      raise ExpiredError

    when Oauth2::AccessTokenValidationService::REVOKED
      raise RevokedError

    when Oauth2::AccessTokenValidationService::VALID
      @current_user = User.find(access_token.resource_owner_id)
    end
  end
end

#doorkeeper_guard!(scopes: []) ⇒ Object

Invokes the doorkeeper guard.

If token is presented and valid, then it sets @current_user.

If the token does not have sufficient scopes to cover the requred scopes, then it raises InsufficientScopeError.

If the token is expired, then it raises ExpiredError.

If the token is revoked, then it raises RevokedError.

If the token is not found (nil), then it raises TokenNotFoundError.

Arguments:

scopes: (optional) scopes required for this guard.
        Defaults to empty array.

42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# File 'lib/api/api_guard.rb', line 42

def doorkeeper_guard!(scopes: [])
  if (access_token = find_access_token).nil?
    raise TokenNotFoundError

  else
    case validate_access_token(access_token, scopes)
    when Oauth2::AccessTokenValidationService::INSUFFICIENT_SCOPE
      raise InsufficientScopeError.new(scopes)
    when Oauth2::AccessTokenValidationService::EXPIRED
      raise ExpiredError
    when Oauth2::AccessTokenValidationService::REVOKED
      raise RevokedError
    when Oauth2::AccessTokenValidationService::VALID
      @current_user = User.find(access_token.resource_owner_id)
    end
  end
end