forked from akabiru/todos-api
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request akabiru#11 from akabiru/part-three
Let 'Master' include all branches.
- Loading branch information
Showing
32 changed files
with
739 additions
and
173 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
class AuthenticateUser | ||
def initialize(email, password) | ||
@email = email | ||
@password = password | ||
end | ||
|
||
# Service entry point | ||
def call | ||
JsonWebToken.encode(user_id: user.id) if user | ||
end | ||
|
||
private | ||
|
||
attr_reader :email, :password | ||
|
||
# verify user credentials | ||
def user | ||
user = User.find_by(email: email) | ||
return user if user && user.authenticate(password) | ||
# raise Authentication error if credentials are invalid | ||
raise(ExceptionHandler::AuthenticationError, Message.invalid_credentials) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
class AuthorizeApiRequest | ||
def initialize(headers = {}) | ||
@headers = headers | ||
end | ||
|
||
# Service entry point - return valid user object | ||
def call | ||
{ | ||
user: user | ||
} | ||
end | ||
|
||
private | ||
|
||
attr_reader :headers | ||
|
||
def user | ||
# check if user is in the database | ||
# memoize user object | ||
@user ||= User.find(decoded_auth_token[:user_id]) if decoded_auth_token | ||
# handle user not found | ||
rescue ActiveRecord::RecordNotFound => e | ||
# raise custom error | ||
raise( | ||
ExceptionHandler::InvalidToken, | ||
("#{Message.invalid_token} #{e.message}") | ||
) | ||
end | ||
|
||
# decode authentication token | ||
def decoded_auth_token | ||
@decoded_auth_token ||= JsonWebToken.decode(http_auth_header) | ||
end | ||
|
||
# check for token in `Authorization` header | ||
def http_auth_header | ||
if headers['Authorization'].present? | ||
return headers['Authorization'].split(' ').last | ||
end | ||
raise(ExceptionHandler::MissingToken, Message.missing_token) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,15 @@ | ||
class ApplicationController < ActionController::API | ||
include Response | ||
include ExceptionHandler | ||
|
||
# called before every action on controllers | ||
before_action :authorize_request | ||
attr_reader :current_user | ||
|
||
private | ||
|
||
# Check for valid request token and return user | ||
def authorize_request | ||
@current_user = (AuthorizeApiRequest.new(request.headers).call)[:user] | ||
end | ||
end |
Oops, something went wrong.