wolox / wor-authentication Goto Github PK

View Code? Open in Web Editor NEW

62.0 28.0 7.0 75 KB

Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens!

License: MIT License

Ruby 86.35% JavaScript 2.21% CSS 1.43% HTML 10.01%

rails jwt authentication api wolox wor ruby ruby-on-rails ruby-gem

wor-authentication's People

Stargazers

Watchers

Forkers

leamotta meelrossi dinuuu plandino zoomarg victorzw3

wor-authentication's Issues

Nil entity in entity_custom_validation_value

When I redefine this method entity_custom_validation_value in my api controller, if the entity is nil, it's impossible to do anything like entity.some_value, because it throws 500.

Devise Integration Documentation

Add a new entrance to the Wiki so the users know how to use this gem together with Devise.

Create test helpers & tooling for that

According to the experience that @Dinuuu & @santyalcala had in the training, it's hard to test controllers that uses this gems, we need to fix this in some way

Configure the time expiration variables from initializer

Lost of generalization

I think that the gem was created to add Authentication to any model that we want to, but in the README you are always talking about Users which may mislead some persons, for example:

"User tracking and custom validations"
"Keeping track of users? Override..."
"Invalidating all tokens for a user? "

Social

Add badges to README, travis and code climate

Change in README

def new_token_expiration_date
  (Time.zone.now + 2.days).to_i
end

def token_maximum_useful_date
  (Time.zone.now + 30.days).to_i
end

In the methods listed above I wouldn't use .to_i because if you use it, you are not returning dates, just an integer, and also I would use the from_now method, for example, 2.days.from_now

Password recovery

Wrong example in README

In the README file there is an example for authenticate_entity that is

# authentication_controller.rb
def authenticate_entity(params)
  user ||= User.find_by(email: params[:email])
  return nil unless user.present? && user.valid_password?(params[:password])
end

This method uses memoization when it shouldn't (in my opinion) and also returns nil always

Comment about some sort of `current_entity` method

Add to readme about a possible implementation of current_entity method

Remove generate_access_token call from spec_helper.rb

  let!(:access_data) { AuthenticationController.new.generate_access_token({}) }

When Authorization token is missing, is raising an exception.

in:

 def authentication_token
    request.headers['Authorization'].split(' ').last
 end

If Authorization header is not present, it explodes with:
NoMethodError: undefined method 'split' for nil:NilClass

Add a method to create an access token from a user

You should be able to do something like this:

Wor::Authentication::SessionsController.generate_access_token(User.first)

But it fails in the line 33 -> renew_id = token_renew_id, because token_renew_id is a method from: Wor::Authentication::Controller

We shall move this method inside Wor::Authentication::SessionsController, because it's the only place where it's used

wolox / wor-authentication Goto Github PK

wor-authentication's People

Stargazers

Watchers

Forkers

wor-authentication's Issues

Recommend Projects

Recommend Topics

Recommend Org