Project

mumsnet_jwt

0.0
No commit activity in last 3 years
No release in over 3 years
mumsnet_jwtmumsnet/jwt_gemDocumentationSource CodeBug TrackerWiki
JSON web token lib
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
9,631
Stars
0
Forks
0
Watchers
12
 Releases
Current version
2.3.0
Total releases
5
First release
2018-07-11
Latest release
2018-07-11
 Development
Primary Language
Ruby
Average date of last 50 commits
2018-08-07
Reverse Dependencies
1

 Dependencies

Runtime

jwt
>= 1.5
 Project Readme

CircleCI

Mumsnet JWT Gem

This gem will be used for all api jwt token creation and verification

Installation

Please add to your gem file:

gem 'mumsnet_jwt'

Requirements

The following Enviromental Variables Must be defined in order to use this gem.

Your .env file should look something like this

JWT_CLIENT_ID=service_name
JWT_SECRETS=[{"client_id": "service_name","secret": "678910"}, {"client_id": "other_service_name","secret": "12345"}]

The JWT_SECRETS key is an array of client id's and their related secrets. By adding a client_id item to the json array you are granting whoever has those credentials access to your micro service

Usage

So the gem it's self is very basic but it needs to be a gem as it will be reused across our API projects.

Generating a basic token:

MumsnetJWT.tokenify
# => "eyJhbGciOiJIUzI1NiJ9.eyJhY2Nlc3NfdG9rZW4iOiJkNmI3YmYwODE3NWZmOWQ5MjhiYmYxOTVmODEyYjc5ZDEzZDdkNmRhIiwiaXNzIjoiTXVtc25ldCBMaW1pdGVkIiwiZXhwIjoxNTMxNDc4MjI3fQ.Jxe_V3GbRnmg4uE1xtaBZkJodldr1OoQgRLRwEz0dpQ"

Generating a token with extra variables:

MumsnetJWT.tokenify(extra_payload: {user_id: 1})

Checking if a token is valid:

token = MumsnetJWT.tokenify
MumsnetJWT.check_token(token)
# => true
MumsnetJWT.check_token("#{token}1")
# => false

Retriving extra data:

token = MumsnetJWT.tokenify(extra_payload: {user_id: 1})
user_id = MumsnetJWT.decode_token(token: token, key: user_id)
# => 1

API Usage: in a before_action :check_token in your base api controller add a method like so

def check_token
  head :unauthorized, content_type: 'text/html' unless MumsnetJWT.check_authorization_header(request.headers['Authorization'])
end

If you have a before action for a user specific function such as update_account you would need to use a before action like this:

def set_user_via_token
  @user = User.find(MumsnetJWT.decode_token(token: request.headers['Authorization'].split(' ').last, key: 'user_id'))
rescue StandardError
  head :unauthorized, content_type: 'text/html'
end

Testing

In order to run the tests just run the below command

rspec

You need the rspec installed on your computer. If you don't simply run

gem install rspec