Class: ApiEngineBase::Jwt::AuthenticateUser

Inherits:
ServiceBase
  • Object
show all
Defined in:
app/services/api_engine_base/jwt/authenticate_user.rb

Constant Summary

Constants inherited from ServiceBase

ServiceBase::ON_ARGUMENT_VALIDATION

Instance Method Summary collapse

Methods inherited from ServiceBase

inherited, #internal_validate, #service_base_logging, #validate!

Methods included from ArgumentValidation

included

Methods included from ServiceLogging

#aletered_message, #class_name, #log, #log_error, #log_info, #log_prefix, #log_warn, #logger, #service_id

Instance Method Details

#callObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'app/services/api_engine_base/jwt/authenticate_user.rb', line 9

def call
  result = Decode.(token:)

  if result.failure?
    context.fail!(msg: "Unauthorized Access. Invalid Authorization token")
  end
  payload = result.payload

  validate_expires_at!(expires_at: payload[:expires_at])

  user = User.find(payload[:user_id]) rescue nil
  if user.nil?
    log_warn("user_id [#{payload[:user_id]}] was not found. Cannot Continue")
    context.fail!(msg: "Unauthorized Access. Invalid Authorization token")
  end

  if user.verifier_token == payload[:verifier_token]
    context.user = user
  else
    context.fail!(msg: "Unauthorized Access. Token is no longer valid")
  end

  email_validation_required!(user:)
end

#email_validation_required!(user:) ⇒ Object 



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'app/services/api_engine_base/jwt/authenticate_user.rb', line 53

def email_validation_required!(user:)
  return unless ApiEngineBase.config..plain_text.email_verify?

  if bypass_email_validation
    log_info("Bypassing email validation without checking if user should be able to continue")
    return
  end

  return if user.email_validated

  log_info("User's email is not yet validated.")
  result = ApiEngineBase::LoginStrategy::PlainText::EmailVerification::Required.(user:)

  if result.required
    context.fail!(msg: "User's Email must be validated before they can continue")
  end
end

#validate_expires_at!(expires_at:) ⇒ Object 



34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'app/services/api_engine_base/jwt/authenticate_user.rb', line 34

def validate_expires_at!(expires_at:)
  if expires_at.nil?
    log_warn("expires_at payload is missing from the JWT token. Cannot continue")
    context.fail!(msg: "Unauthorized Access. Invalid Authorization token")
  end

  expires_time = Time.at(expires_at) rescue nil

  if expires_time.nil?
    log_warn("expires_at payload cannot be parsed. Cannot continue")
    context.fail!(msg: "Unauthorized Access. Invalid Authorization token")
  end

  if expires_time < Time.now
    log_warn("expires_at is no longer valid. Must request new token")
    context.fail!(msg: "Unauthorized Access. Invalid Authorization token")
  end
end