module AuthJwt::ControllerAdditions::InstanceMethods

InstanceMethods to be included

Attributes

current_user[R]

The current user or nil if not authenticated

Public Instance Methods

login_user(credentials) click to toggle source

Sets up a method to check a user credentials

return the authenticated user or raise AuthJwt::Unauthorized

“‘ruby

class AnyController < ApplicationController
  def login
    login_user(credentials)
  end
end

“‘

# File lib/auth_jwt/controller_additions.rb, line 28
def login_user(credentials)
  user_class = AuthJwt.configuration.user_class.constantize
  login_field = AuthJwt.configuration.login_field.to_sym
  password_field = AuthJwt.configuration.password_field.to_sym

  user = user_class.find_by(login_field => credentials[login_field])
  if user
    fail AuthJwt::Unauthorized, 'Invalid credentials' unless user.authenticate(credentials[password_field])
    @current_user = user
  else
    fail AuthJwt::Unauthorized, 'Invalid user'
  end
end
require_auth() click to toggle source

Sets up a method to check if the user is authenticated

“‘ruby

class AnyController < ApplicationController
  before_filter :require_auth
end

“‘

# File lib/auth_jwt/controller_additions.rb, line 52
def require_auth
  fail 'not in a controller scope' if request.nil?
  fail AuthJwt::Unauthorized, 'No Auth' if request.authorization.nil?
  user_class = AuthJwt.configuration.user_class.constantize
  begin
    user = user_class.from_jwe request.authorization
    if user
      @current_user = user
    else
      fail 'Not Found'
    end
  rescue
    raise AuthJwt::Unauthorized, 'Invalid token'
  end
end