Module: Card::Auth::Token

Included in:

Card::Auth

Defined in:

lib/card/auth/token.rb

Overview

methods for setting current account

Constant Summary

SECRET_KEY =

Rails.application.secrets.secret_key_base.to_s

Class Method Summary

• .decode(token) ⇒ Object
• .encode(user_id, extra_payload = {}) ⇒ Object
• .expiration ⇒ Object
• .validate!(token) ⇒ Object

  returns Hash if valid, String error message if not.

Instance Method Summary

• #signin_with_token(token) ⇒ Object

  set the current user based on token.

Class Method Details

.decode(token) ⇒ Object

# File 'lib/card/auth/token.rb', line 25

def decode token
  decoded = JWT.decode(token, SECRET_KEY)[0]
  HashWithIndifferentAccess.new decoded
rescue StandardError => e
  e.message
end

.encode(user_id, extra_payload = {}) ⇒ Object

# File 'lib/card/auth/token.rb', line 10

def encode user_id, extra_payload={}
  payload = { user_id: user_id, exp: expiration }.merge(extra_payload)

  JWT.encode payload, SECRET_KEY
end

.expiration ⇒ Object

# File 'lib/card/auth/token.rb', line 32

def expiration
  Card.config.token_expiry.from_now.to_i
end

.validate!(token) ⇒ Object

returns Hash if valid, String error message if not

Raises:

• (Card::Error::PermissionDenied)

# File 'lib/card/auth/token.rb', line 18

def validate! token
  payload = decode token
  raise Card::Error::PermissionDenied, payload if payload.is_a? String

  payload
end

Instance Method Details

#signin_with_token(token) ⇒ Object

set the current user based on token

# File 'lib/card/auth/token.rb', line 38

def signin_with_token token
  payload = Token.validate! token
  signin payload[:anonymous] ? Card::AnonymousID : payload[:user_id]
end