0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
Rack middleware to decode JWT and append it to the rack environment
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.8
~> 0.11
~> 1.7
~> 0.6
~> 10.0
~> 3.2
~> 1.4

Runtime

~> 1.4
~> 1.6
 Project Readme

Rack::Indicium

Build Status

If a JSON Web Token (JWT) is sent in the header, it will be decoded and available in the jwt.payload and jwt.header rack env variables.

Optional integration with Sentry Raven for jwt-context to exceptions.

Installation

Add this line to your application's Gemfile:

gem 'rack-indicium'

And then execute:

$ bundle

Or install it yourself as:

$ gem install rack-indicium

Usage

require "rack/indicium"
require "rack/indicium/sentry" # Optional to add jwt context to Sentry
use Rack::Indicium, ENV.fetch("JWT_SECRET")
use Rack::Indicium::Sentry # Add after use Raven::Rack
run App

Once the middleware is included you get access to jwt.header and jwt.payload in the env object.

# It will only be set if there's a valid JWT that is verified with the jwt secret
payload = env.fetch("jwt.payload") { nil }

This could then be used for authorization

# Only allow requests from our clients
def authorized?
  payload = env.fetch("jwt.payload") { {} }
  payload["aud"] == ENV.fetch("CLIENT_ID")
end

If you need custom options to decode JWT, override the decoder:

require "rack/indicium"

unsafe_decoder = lambda { |jwt, secret| JWT.decode(jwt, secret, true, verify_expiration: false) }

use Rack::Indicium, ENV.fetch("JWT_SECRET"), unsafe_decoder
run App

Contributing

  1. Fork it ( https://github.com/twingly/rack-indicium/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

Release workflow

Build the gem.

gem build rack-indicium.gemspec

Publish the gem.

gem push rack-indicium-x.y.z.gem