module Tokenable::Authable

Public Instance Methods

current_user() click to toggle source
# File lib/tokenable/authable.rb, line 16
def current_user
  @current_user ||= user_class.find_by(id: jwt_user_id)
rescue Tokenable::Unauthorized
  nil
end
require_tokenable_user!() click to toggle source
# File lib/tokenable/authable.rb, line 22
def require_tokenable_user!
  raise Tokenable::Unauthorized, 'User not found in JWT token' unless jwt_user_id
  raise Tokenable::Unauthorized, 'User is not signed in' unless user_signed_in?
  raise Tokenable::Unauthorized, 'Token verifier is invalid' unless valid_token?
end
user_signed_in?() click to toggle source
# File lib/tokenable/authable.rb, line 12
def user_signed_in?
  current_user.present?
end

Private Instance Methods

jwt() click to toggle source
# File lib/tokenable/authable.rb, line 72
def jwt
  raise Tokenable::Unauthorized, 'Bearer token not provided' unless token_from_header.present?

  @jwt ||= JWT.decode(token_from_header, jwt_secret, true, { algorithm: 'HS256' }).first.to_h
rescue JWT::ExpiredSignature
  raise Tokenable::Unauthorized, 'Token has expired'
rescue JWT::VerificationError
  raise Tokenable::Unauthorized, 'The tokenable secret used in this token does not match the one supplied in Tokenable::Config.secret'
rescue JWT::DecodeError
  raise Tokenable::Unauthorized, 'JWT exception thrown'
end
jwt_expiry_time() click to toggle source
# File lib/tokenable/authable.rb, line 84
def jwt_expiry_time
  Tokenable::Config.lifespan ? Tokenable::Config.lifespan.from_now.to_i : nil
end
jwt_secret() click to toggle source
# File lib/tokenable/authable.rb, line 88
def jwt_secret
  Tokenable::Config.secret
end
jwt_user_id() click to toggle source
# File lib/tokenable/authable.rb, line 64
def jwt_user_id
  jwt.dig('data', 'user_id')
end
jwt_verifier() click to toggle source
# File lib/tokenable/authable.rb, line 68
def jwt_verifier
  jwt.dig('data', 'verifier')
end
token_from_header() click to toggle source
# File lib/tokenable/authable.rb, line 44
def token_from_header
  request.authorization.to_s.split.last
end
token_from_user(user) click to toggle source
# File lib/tokenable/authable.rb, line 48
def token_from_user(user)
  jwt_data = {
    data: {
      user_id: user.id,
    },
  }

  jwt_data[:exp] = jwt_expiry_time if jwt_expiry_time

  jwt_data[:data][:verifier] = user.current_verifier if verifier_enabled?

  raise Tokenable::Unauthorized, 'No secret key was provided' unless jwt_secret

  JWT.encode(jwt_data, jwt_secret, 'HS256')
end
user_class() click to toggle source
# File lib/tokenable/authable.rb, line 40
def user_class
  Tokenable::Config.user_class
end
valid_token?() click to toggle source
# File lib/tokenable/authable.rb, line 34
def valid_token?
  return true unless verifier_enabled?

  current_user.valid_verifier?(jwt_verifier)
end
verifier_enabled?() click to toggle source
# File lib/tokenable/authable.rb, line 30
def verifier_enabled?
  user_class.included_modules.include?(Tokenable::Verifier)
end