class Api::BaseController

Base controller for API

Protected Instance Methods

authenticate_request!() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 10
def authenticate_request!
  unless user_id_in_token?
    render json: { errors: ['Unauthorized'] }, status: :unauthorized
    return
  end
  @current_user = User.find(auth_token[:user_id])
rescue JWT::VerificationError, JWT::DecodeError
  render json: { errors: ['Unauthorized'] }, status: :unauthorized
end

Private Instance Methods

auth_token() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 28
def auth_token
  @auth_token ||= JsonWebToken.decode(http_token)
rescue JWT::ExpiredSignature
  render json: { error: 'token expired' }
end
http_token() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 22
def http_token
  @http_token ||= if request.headers['Authorization'].present?
                    request.headers['Authorization'].split.last
                  end
end
jti_matches?() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 34
def jti_matches?
  @current_user = User.find(auth_token[:user_id])
  !@current_user.jti.nil? && @current_user.jti == auth_token[:jti]
end
user_id_in_token?() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 39
def user_id_in_token?
  http_token && auth_token && auth_token[:user_id].to_i && jti_matches?
end
user_reset_token_in_params?() click to toggle source
# File lib/generators/jwt_api/templates/api/base_controller.rb, line 43
def user_reset_token_in_params?
  params[:reset_password_token]
end