scarhand / devise-jwt-cookie Goto Github PK
View Code? Open in Web Editor NEWCookie-based JWT authentication for devise
devise-jwt-cookie's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
davidwparker 4itosik roomzilla userlot kida001 nayya-com out-fund snapdocs crnastena absolute-boi thczzz lefermierperso atif claudiosikeda abrunner94 jomno rillatile drange11 hisashiq deyaphdevise-jwt-cookie's Issues
Pinned version of dry causing bundle error...
Hello @scarhand,
I am getting a bundle error when using the latest version of this gem with the latest devise-jwt gem.
Versions:
devise-jwt - 0.9.0
devise-jwt-cookie - 0.5.1
Bundler could not find compatible versions for gem "dry-configurable":
In snapshot (Gemfile.lock):
dry-configurable (= 0.15.0)
In Gemfile:
devise-jwt-cookie was resolved to 0.5.1, which depends on
dry-configurable (~> 0.9, < 0.11)
devise-jwt was resolved to 0.9.0, which depends on
warden-jwt_auth (~> 0.6) was resolved to 0.6.0, which depends on
dry-configurable (~> 0.13)
Running `bundle update` will rebuild your snapshot from scratch, using only
the gems in your Gemfile, which may resolve the conflict.
When I fork your repo and remove the pinned versions for the dry-auto_inject and dry-configurable dependencies in the devise-jwt-cookie.gemspec, bundle, and point to the forked repo, all works well. Can you please remove those pinned dry versions and push up a new version of your gem? I wanted to use your gem versus forking the repo and removing the pinned version myself.
Please let me know if you have any questions or concerns about my request. Appreciate your time. Thanks.
Does not account for devise-jwt's revocation strategy
This gem works great! One thing that I noticed was that using standard devise-jwt and their revocation strategies, when I send a logout request (set via config.jwt.revocation_requests) it removes the token from the database based upon the strategy chosen.
After I installed devise-jwt-cookie the logout call was made, but the revocation strategy did not run. I'm newer to this, but taking a brief look at the source code for devise-jwt it seems to expect there to be an HTTP_AUTHORIZATION header such that the proper database entry can be revoked. As after you install this gem, we no longer send that header (and rather use cookies) it does not seem to know to revoke it.
For the time being, a quick workaround seems to be to add some middleware that injects it back in. Something like:
def call(env)
if Devise::JWT::Cookie::Middleware.new(app).token_should_be_revoked?(env)
request = Rack::Request.new(env)
env['HTTP_AUTHORIZATION'] = "Bearer #{request.cookies[Devise::JWT::Cookie.config.name]}"
end
status, headers, response = app.call(env)
[status, headers, response]
end
This does work, but I'm wondering whether there's a better way? Or whether we should build this into the library itself?
Thanks !
Couldn't use due to being out of date
Bundler could not find compatible versions for gem "dry-configurable":
In snapshot (Gemfile.lock):
dry-configurable (= 0.12.1)
In Gemfile:
devise-jwt-cookie (~> 0.2.0) x86_64-linux was resolved to 0.2.0, which depends on
dry-configurable (< 0.11, ~> 0.9) x86_64-linux
devise-jwt x86_64-linux was resolved to 0.8.1, which depends on
warden-jwt_auth (~> 0.5) x86_64-linux was resolved to 0.5.0, which depends on
dry-auto_inject (~> 0.6) x86_64-linux was resolved to 0.7.0, which depends on
dry-container (>= 0.3.4) x86_64-linux was resolved to 0.7.2, which depends on
dry-configurable (~> 0.1, >= 0.1.3) x86_64-linux
devise-jwt x86_64-linux was resolved to 0.8.1, which depends on
warden-jwt_auth (~> 0.5) x86_64-linux was resolved to 0.5.0, which depends on
dry-configurable (~> 0.9) x86_64-linux
Can this be used cross domain?
Please note this issue: waiting-for-dev/devise-jwt#126
The problem (which is not a problem, but a security measure) with cookies is that they can't be shared cross-domain.
undefined method `call' for {:default=>#<Dry::Container::Registry:0x0000000110f1a570 @_mutex=#<Thread::Mutex:0x0000000110f1a4f8>>}:Hash (NoMethodError)
getting this error after installing devise-jwt-cookie (had already previously set up devise-jwt and was working), but cannot even start app now, due to this error (undefined method call, coming from dry-configurable
. A little later down the line, I see this: cannot load such file -- devise-jwt (LoadError)
ENV: ruby 3.1.1, rails 7, mac & linux both
full trace:
bundler: failed to load command: bin/rails (bin/rails)
/Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-container-0.10.0/lib/dry/container/mixin.rb:151:in `register': undefined method `call' for {:default=>#<Dry::Container::Registry:0x0000000110f1a570 @_mutex=#<Thread::Mutex:0x0000000110f1a4f8>>}:Hash (NoMethodError)
config.registry.call(_container, key, item, options)
^^^^^
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:72:in `<class:Strategies>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:8:in `<module:AutoInject>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:7:in `<module:Dry>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies/args.rb:6:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/strategies.rb:19:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject/builder.rb:3:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/dry-auto_inject-0.9.0/lib/dry/auto_inject.rb:3:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/warden-jwt_auth-0.5.0/lib/warden/jwt_auth.rb:4:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/devise-jwt-0.8.1/lib/devise/jwt.rb:6:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:73:in `rescue in block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:51:in `block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler.rb:187:in `require'
from /Users/eddie/Projects/Paubox/pb_iam/config/application.rb:7:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:22:in `require_application!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:14:in `require_application_and_environment!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands/console/console_command.rb:101:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/base.rb:87:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command.rb:48:in `invoke'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands.rb:18:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from bin/rails:4:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `kernel_load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:23:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:483:in `exec'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:31:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:25:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:48:in `block in <top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/friendly_errors.rb:120:in `with_friendly_errors'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:36:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `<main>'
/Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:15:in `require': cannot load such file -- devise-jwt (LoadError)
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:15:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:60:in `block (2 levels) in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:55:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:55:in `block in require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `each'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/runtime.rb:44:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler.rb:187:in `require'
from /Users/eddie/Projects/Paubox/pb_iam/config/application.rb:7:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:22:in `require_application!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/actions.rb:14:in `require_application_and_environment!'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands/console/console_command.rb:101:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command/base.rb:87:in `perform'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/command.rb:48:in `invoke'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/railties-7.0.3.1/lib/rails/commands.rb:18:in `<main>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bootsnap-1.12.0/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:30:in `require'
from bin/rails:4:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:58:in `kernel_load'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli/exec.rb:23:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:483:in `exec'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/invocation.rb:127:in `invoke_command'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor.rb:392:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:31:in `dispatch'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/vendor/thor/lib/thor/base.rb:485:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/cli.rb:25:in `start'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:48:in `block in <top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/lib/bundler/friendly_errors.rb:120:in `with_friendly_errors'
from /Users/eddie/.rbenv/versions/3.1.1/lib/ruby/gems/3.1.0/gems/bundler-2.3.18/exe/bundle:36:in `<top (required)>'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `load'
from /Users/eddie/.rbenv/versions/3.1.1/bin/bundle:25:in `<main>'
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.