module JwtRest::Authenticable

Attributes

current_user[R]

To be defined by the developer def handle_user_identity(jwt_payload)

true if the users is valid

end

Public Instance Methods

demand_api_key() click to toggle source
# File lib/jwt_rest/authenticable.rb, line 9
def demand_api_key
  api_key = request.headers["HTTP_X_API_KEY"]
  unless JwtRest::Secrets.valid_api_key?(api_key)
    render status: :unauthorized, json: { error: "invalid api key" }
  end
end
demand_application_json() click to toggle source
# File lib/jwt_rest/authenticable.rb, line 3
def demand_application_json
  unless request.format.symbol == :json
    render status: :not_acceptable, json: { error: "only application/json Content-Tyle is allowed" }
  end
end
demand_current_user() click to toggle source
# File lib/jwt_rest/authenticable.rb, line 16
def demand_current_user
  header = JwtRest::AuthHeader.new(request.headers["HTTP_AUTHORIZATION"])
  unless header.is_token? && header.token && handle_user_identity(header.token.payload)
    render status: :unauthorized, json: { error: "invalid authorization token" }
  end
end