class GrapeDeviseTokenAuth::Middleware

Attributes

authorizer_data[R]
request_start[R]
resource[R]
token_authorizer[R]

Public Class Methods

new(app, resource_name) click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 5
def initialize(app, resource_name)
  @app = app
  @resource_name = resource_name
end

Public Instance Methods

call(env) click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 10
def call(env)
  setup(env)
  begin
    auth_all
    responses_with_auth_headers(*@app.call(env))
  rescue Unauthorized => _e
    return unauthorized
  end
end

Private Instance Methods

auth_all() click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 25
def auth_all
  return if skip_auth_all?
  user = token_authorizer.authenticate_from_token(@resource_name)
  fail Unauthorized unless user
  sign_in_user(user)
end
responses_with_auth_headers(status, headers, response) click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 48
def responses_with_auth_headers(status, headers, response)
  auth_headers = AuthHeaders.new(warden, @resource_name, request_start, authorizer_data)
  [
    status,
    headers.merge(auth_headers.headers),
    response
  ]
end
setup(env) click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 36
def setup(env)
  @request_start    = Time.now
  @authorizer_data  = AuthorizerData.from_env(env)
  @devise_interface = DeviseInterface.new(@authorizer_data)
  @token_authorizer = TokenAuthorizer.new(@authorizer_data,
                                          @devise_interface)
end
sign_in_user(user) click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 44
def sign_in_user(user)
  @devise_interface.set_user_in_warden(@resource_name, user)
end
skip_auth_all?() click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 32
def skip_auth_all?
  !GrapeDeviseTokenAuth.configuration.auth_all?
end
unauthorized() click to toggle source
# File lib/grape_devise_token_auth/middleware.rb, line 57
def unauthorized
  [401,
   { 'Content-Type' => 'application/json'
   },
   []
  ]
end