module AuthJwt::ControllerAdditions::InstanceMethods
InstanceMethods
to be included
Attributes
current_user[R]
The current user or nil if not authenticated
Public Instance Methods
login_user(credentials)
click to toggle source
Sets up a method to check a user credentials
return the authenticated user or raise AuthJwt::Unauthorized
“‘ruby
class AnyController < ApplicationController def login login_user(credentials) end end
“‘
# File lib/auth_jwt/controller_additions.rb, line 28 def login_user(credentials) user_class = AuthJwt.configuration.user_class.constantize login_field = AuthJwt.configuration.login_field.to_sym password_field = AuthJwt.configuration.password_field.to_sym user = user_class.find_by(login_field => credentials[login_field]) if user fail AuthJwt::Unauthorized, 'Invalid credentials' unless user.authenticate(credentials[password_field]) @current_user = user else fail AuthJwt::Unauthorized, 'Invalid user' end end
require_auth()
click to toggle source
Sets up a method to check if the user is authenticated
-
if the user is authenticated setup
current_user
-
if the user is not authenticated, raise
AuthJwt::Unauthorized
“‘ruby
class AnyController < ApplicationController before_filter :require_auth end
“‘
# File lib/auth_jwt/controller_additions.rb, line 52 def require_auth fail 'not in a controller scope' if request.nil? fail AuthJwt::Unauthorized, 'No Auth' if request.authorization.nil? user_class = AuthJwt.configuration.user_class.constantize begin user = user_class.from_jwe request.authorization if user @current_user = user else fail 'Not Found' end rescue raise AuthJwt::Unauthorized, 'Invalid token' end end