Module: JWTSessions

Extended by:
JWTSessions
Included in:
JWTSessions
Defined in:
lib/jwt_sessions.rb,
lib/jwt_sessions/token.rb,
lib/jwt_sessions/errors.rb,
lib/jwt_sessions/session.rb,
lib/jwt_sessions/version.rb,
lib/jwt_sessions/csrf_token.rb,
lib/jwt_sessions/access_token.rb,
lib/jwt_sessions/authorization.rb,
lib/jwt_sessions/refresh_token.rb,
lib/jwt_sessions/redis_token_store.rb,
lib/jwt_sessions/rails_authorization.rb

Defined Under Namespace

Modules: Authorization, Errors, RailsAuthorization Classes: AccessToken, CSRFToken, JWTOptions, RedisTokenStore, RefreshToken, Session, Token

Constant Summary collapse

NONE =
'none'
DEFAULT_SETTINGS_KEYS =
i[access_cookie
access_exp_time
access_header
csrf_header
redis_db_name
redis_host
redis_port
refresh_cookie
refresh_exp_time
refresh_header
token_prefix].freeze
DEFAULT_REDIS_HOST =
'127.0.0.1'
DEFAULT_REDIS_PORT =
'6379'
DEFAULT_REDIS_DB_NAME =
'0'
DEFAULT_TOKEN_PREFIX =
'jwt_'
DEFAULT_ALGORITHM =
'HS256'
DEFAULT_ACCESS_EXP_TIME =

1 hour in seconds

3600
DEFAULT_REFRESH_EXP_TIME =

1 week in seconds

604800
'jwt_access'
DEFAULT_ACCESS_HEADER =
'Authorization'
'jwt_refresh'
DEFAULT_REFRESH_HEADER =
'X-Refresh-Token'
DEFAULT_CSRF_HEADER =
'X-CSRF-Token'
VERSION =
'2.2.2'

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#token_storeObject


92
93
94
# File 'lib/jwt_sessions.rb', line 92

def token_store
  RedisTokenStore.instance(redis_url, token_prefix)
end

Instance Method Details

#access_expirationObject


120
121
122
# File 'lib/jwt_sessions.rb', line 120

def access_expiration
  Time.now.to_i + access_exp_time.to_i
end

#algorithmObject


88
89
90
# File 'lib/jwt_sessions.rb', line 88

def algorithm
  @algorithm ||= DEFAULT_ALGORITHM
end

#algorithm=(algo) ⇒ Object


83
84
85
86
# File 'lib/jwt_sessions.rb', line 83

def algorithm=(algo)
  raise Errors::Malconfigured, "algorithm #{algo} is not supported" unless supported_algos.include?(algo)
  @algorithm = algo
end

132
133
134
# File 'lib/jwt_sessions.rb', line 132

def cookie_by(token_type)
  send("#{token_type}_cookie")
end

#encryption_key=(key) ⇒ Object

should be used for hmac only


115
116
117
118
# File 'lib/jwt_sessions.rb', line 115

def encryption_key=(key)
  @public_key  = key
  @private_key = key
end

#header_by(token_type) ⇒ Object


128
129
130
# File 'lib/jwt_sessions.rb', line 128

def header_by(token_type)
  send("#{token_type}_header")
end

#jwt_optionsObject


79
80
81
# File 'lib/jwt_sessions.rb', line 79

def jwt_options
  @jwt_options ||= JWTOptions.new(*JWT::DefaultOptions::DEFAULT_OPTIONS.values)
end

#redis_urlObject


68
69
70
71
72
73
# File 'lib/jwt_sessions.rb', line 68

def redis_url
  @redis_url ||= begin
    redis_base_url = ENV['REDIS_URL'] || "redis://#{redis_host}:#{redis_port}"
    URI.join(redis_base_url, redis_db_name).to_s
  end
end

#redis_url=(url) ⇒ Object


75
76
77
# File 'lib/jwt_sessions.rb', line 75

def redis_url=(url)
  @redis_url = URI.join(url, redis_db_name).to_s
end

#refresh_expirationObject


124
125
126
# File 'lib/jwt_sessions.rb', line 124

def refresh_expiration
  Time.now.to_i + refresh_exp_time.to_i
end

#validate?Boolean

Returns:

  • (Boolean)

96
97
98
# File 'lib/jwt_sessions.rb', line 96

def validate?
  algorithm != NONE
end