Initial setup of knock

Gemfile

@@ -8,6 +8,7 @@ gem 'rails-api'
 gem 'spring', :group => :development
 gem 'bcrypt'
 gem 'jsonapi-resources'
+gem 'knock'
 
 
 gem 'sqlite3'

Gemfile.lock

@@ -47,6 +47,11 @@ GEM
     json (1.8.3)
     jsonapi-resources (0.7.0)
       rails (>= 4.0)
+    jwt (1.5.4)
+    knock (1.4.2)
+      bcrypt (~> 3.1)
+      jwt (~> 1.5)
+      rails (>= 4.2)
     loofah (2.0.3)
       nokogiri (>= 1.5.9)
     mail (2.6.4)
@@ -109,6 +114,7 @@ PLATFORMS
 DEPENDENCIES
   bcrypt
   jsonapi-resources
+  knock
   rails (= 4.2.6)
   rails-api
   spring

app/controllers/application_controller.rb

@@ -1,2 +1,3 @@
 class ApplicationController < ActionController::API
+  include Knock::Authenticable
 end

config/initializers/knock.rb

@@ -0,0 +1,86 @@
+Knock.setup do |config|
+
+  ## User handle attribute
+  ## ---------------------
+  ##
+  ## The attribute used to uniquely identify a user.
+  ##
+  ## Default:
+  # config.handle_attr = :email
+
+  ## Current user retrieval from handle when signing in
+  ## --------------------------------------------------
+  ##
+  ## This is where you can configure how to retrieve the current user when
+  ## signing in.
+  ##
+  ## Knock uses the `handle_attr` variable to retrieve the handle from the
+  ## AuthTokenController parameters. It also uses the same variable to enforce
+  ## permitted values in the controller.
+  ##
+  ## You must raise ActiveRecord::RecordNotFound if the resource cannot be retrieved.
+  ##
+  ## Default:
+  # config.current_user_from_handle = -> (handle) { User.find_by! Knock.handle_attr => handle }
+
+  ## Current user retrieval when validating token
+  ## --------------------------------------------
+  ##
+  ## This is how you can tell Knock how to retrieve the current_user.
+  ## By default, it assumes you have a model called `User` and that
+  ## the user_id is stored in the 'sub' claim.
+  ##
+  ## You must raise ActiveRecord::RecordNotFound if the resource cannot be retrieved.
+  ##
+  ## Default:
+  # config.current_user_from_token = -> (claims) { User.find claims['sub'] }
+
+
+  ## Expiration claim
+  ## ----------------
+  ##
+  ## How long before a token is expired.
+  ##
+  ## Default:
+  # config.token_lifetime = 1.day
+
+
+  ## Audience claim
+  ## --------------
+  ##
+  ## Configure the audience claim to identify the recipients that the token
+  ## is intended for.
+  ##
+  ## Default:
+  # config.token_audience = nil
+
+  ## If using Auth0, uncomment the line below
+  # config.token_audience = -> { Rails.application.secrets.auth0_client_id }
+
+  ## Signature algorithm
+  ## -------------------
+  ##
+  ## Configure the algorithm used to encode the token
+  ##
+  ## Default:
+  # config.token_signature_algorithm = 'HS256'
+
+  ## Signature key
+  ## -------------
+  ##
+  ## Configure the key used to sign tokens.
+  ##
+  ## Default:
+  # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  ## If using Auth0, uncomment the line below
+  # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
+
+  ## Public key
+  ## ----------
+  ##
+  ## Configure the public key used to decode tokens, if required.
+  ##
+  ## Default:
+  # config.token_public_key = nil
+end

config/routes.rb

@@ -1,4 +1,5 @@
 Rails.application.routes.draw do
+  mount Knock::Engine => "/knock"
   jsonapi_resources :public_posts
   # The priority is based upon order of creation: first created -> highest priority.
   # See how all your routes lay out with "rake routes".