class Api::BaseController
Base controller for API
Protected Instance Methods
authenticate_request!()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 10 def authenticate_request! unless user_id_in_token? render json: { errors: ['Unauthorized'] }, status: :unauthorized return end @current_user = User.find(auth_token[:user_id]) rescue JWT::VerificationError, JWT::DecodeError render json: { errors: ['Unauthorized'] }, status: :unauthorized end
Private Instance Methods
auth_token()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 28 def auth_token @auth_token ||= JsonWebToken.decode(http_token) rescue JWT::ExpiredSignature render json: { error: 'token expired' } end
http_token()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 22 def http_token @http_token ||= if request.headers['Authorization'].present? request.headers['Authorization'].split.last end end
jti_matches?()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 34 def jti_matches? @current_user = User.find(auth_token[:user_id]) !@current_user.jti.nil? && @current_user.jti == auth_token[:jti] end
user_id_in_token?()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 39 def user_id_in_token? http_token && auth_token && auth_token[:user_id].to_i && jti_matches? end
user_reset_token_in_params?()
click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 43 def user_reset_token_in_params? params[:reset_password_token] end