module OTP::JWT::ActionController

ActionController

concern.

Private Instance Methods

jwt_from_otp(model, otp) { |model| ... } click to toggle source

Authenticates a model and responds with a [JWT] token

@return [String] with authentication token and country shop ID.

# File lib/otp/jwt/action_controller.rb, line 9
def jwt_from_otp(model, otp)
  # Send the OTP if the model is trying to authenticate.
  if model.present? && otp.blank?
    job = model.deliver_otp
    return render(json: { job_id: job.job_id }, status: :bad_request)
  elsif model.present? && otp.present? && !model.verify_otp(otp)
    return head(:forbidden)
  elsif model.blank?
    return head(:forbidden)
  end

  return yield(model) if block_given?

  render json: { token: model.to_jwt }, status: :created
end
request_authorization_header() click to toggle source

Extracts a token from the authorization header

@return [String] the token present in the header or nothing.

# File lib/otp/jwt/action_controller.rb, line 28
def request_authorization_header
  return if request.headers['Authorization'].blank?

  request.headers['Authorization'].split.last
end