Project

rails_javascript_web_tokens

0.0
No release in over a year
rails_javascript_web_tokensispirett/rails_jwtHomepageDocumentationSource CodeBug TrackerWiki
Integrate jwt in your application with a few simple steps
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
1,655
Stars
2
Forks
0
Watchers
1
 Releases
Current version
0.1.0
Total releases
1
First release
2021-10-08
Latest release
2021-10-08
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
0
Merged Pull Requests
1
Pull Request Acceptance Rate
100%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2021-10-09
Reverse Dependencies
0

 Dependencies

Runtime

bcrypt
~> 3.1.16
jwt
>= 0
rails
~> 6.1.4, >= 6.1.4.1
rspec
>= 0
 Project Readme

RailsJwtApi

Work in progress

Simple jwt rails authentication

Features

Sign Up
Sign in
Authenticate any Controller action
Refresh Token
Expiration date for token => default 2.weeks
Phone verification using twilio

Installation

gem 'rails_jwt_api', github: "https://github.com/Ispirett/rails_jwt"
or 
gem 'rails_jwt_api'

then execute:

$ bundle
rails g rails_jwt_api:install

And then:

rails db:migrate

Usage

  • Use authorize_user! helper for authenticating user with token
:authorize_user!
class TomController < ApplicationController
before_action :authorize_user!, only: %w(create update)
end
  • Use current_user to access the current logged in user
class TomController < ApplicationController
  def create
    current_user.email 
  end
end

User model

  • This gem creates a user model and handle securing password with bcrypt.
  • After running the gem's install command you will see the code below.
  • The details method is important to the gem.
  • You can add or remove attributes which will affect the response.
def details
    as_json(only: [:id, :email,:created_at])
end

Routes

  • This gem adds routes to your routes file like so.
  • Sign Up /rails_jwt_api/auth/sign_up
  • Sign In /rails_jwt_api/auth/sign_in
  mount RailsJwtApi::Engine => "/rails_jwt_api", as: :rails_jwt

Making requests

Sign Up
rails_jwt_api/auth/sign_up
{ "user":{ "email":"hit@gmail.com", "password": "foobar", "password_confirmation": "foobar"}}
Response
{
    "status": "success",
    "token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJleHAiOjE2MzQxNzg2MDd9.eJmaV2_fP8P52LiI9tJx_UTI8nTPxepuADz6KYK_Pew",
    "user": {
        "id": 1,
        "email": "hit@gmail.com",
        "created_at": "2021-10-07T02:30:07.894Z",
    },
    "exp": "07 20 73 01:00"
}

Sign In

rails_jwt_api/auth/sign_in
{ "user":{ "email":"hit@gmail.com", "password": "foobar"}}
Response
{
    "status": "success",
    "user": {
        "id": 4,
        "email": "test@gmail.com",
        "created_at": "2021-10-07T17:20:28.592Z"
    },
    "token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE2MzM2Mjc2MjJ9.HjMN61WlujV9YYLZAQ3Xog53jbPTugwMrq0rxdNL_Qk",
    "exp": "07-21-73 06:52"
}

Request with token

  • Add token user "AuthToken": '.........' in headers
      const api_add_error = async (data) => {
        const token = 'eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2l.................'
          try {
              const response = await fetch('http://example.com/resource',{
                  method: 'POST',
                  headers: {
                      'Content-Type': 'application/json',
                      'AuthToken': token
                  },
                  body: JSON.stringify(data)
              });
              return  await response.json()
          }
          catch (e) {
                 console.log(e)
          }
      }

##Phone Verification

Phone verification sends a 5 digit number to the number of the user.
  • To enable phone verification edit the rails_jwt_api.rb in the initializers folder.
# Twilio configuration
  config.phone_verification = true # default: false
  # config.account_sid # default: Rails.application.credentials.dig(:twilio, :account_sid)
  # config.auth_token #  Rails.application.credentials.dig(:twilio, :auth_token)
  config.magic_number   # Rails.application.credentials.dig(:twilio, :magic_number)
  # config.verification_length = 5  # The length of the verification code
  • Configure twilio configuration in you credentials file like so
EDITOR="code --wait" rails:credentials edit --environment development
*Note you can also use ENV instead by replacing the configs in the inintialzer file.
twilio:
  account_sid: rerreqereqreqfdafdfd
  auth_token:  fdfadffdfjereqwrq
  magic_number: +2132545454

Request and Response phone verification

  • Sign Up
    http://localhost:3000/rails_jwt_api/auth/sign_up

*POST

{ "user":{ "phone": "18683292490","email":"le@gmail.com", 
  "password": "12345678", "password_confirmation": "12345678"}
}
  • User receives code
{
    "status": "success",
    "user": {
        "id": 1,
        "email": "boo@gmail.com",
        "created_at": "2021-10-13T19:49:25.178Z"
    },
    "msg": "Please verify phone number"}
  • Verify Phone
http://localhost:3000/rails_jwt_api/auth/verify_phone

*POST

{"user_id":"32", "verification_number": "70840"}
  • Return user and token
    {
  "status": "success",
  "token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjozNCwiZXhwIjoxNjM1MzY0MTE0fQ.D6NGW88tR6TlVz587Dbw9uFUHktX2HCFCtKCccb27i8",
  "user": {
    "id": 1,
    "email": "boo@gmail.com",
    "created_at": "2021-10-13T19:49:25.178Z"
  },
  "exp": "08 09 73 11:46"
}

Contributing

License

The gem is available as open source under the terms of the MIT License.