From 2fd20fce149887ce7cc4a7f3de0551eab210c528 Mon Sep 17 00:00:00 2001 From: Ryan LaBouve Date: Tue, 12 Apr 2016 22:07:10 -0500 Subject: [PATCH] Initial setup of knock --- Gemfile | 1 + Gemfile.lock | 6 ++ app/controllers/application_controller.rb | 1 + config/initializers/knock.rb | 86 +++++++++++++++++++++++ config/routes.rb | 1 + 5 files changed, 95 insertions(+) create mode 100644 config/initializers/knock.rb diff --git a/Gemfile b/Gemfile index 7e3120f..c4af506 100644 --- a/Gemfile +++ b/Gemfile @@ -8,6 +8,7 @@ gem 'rails-api' gem 'spring', :group => :development gem 'bcrypt' gem 'jsonapi-resources' +gem 'knock' gem 'sqlite3' diff --git a/Gemfile.lock b/Gemfile.lock index 117cf3d..f1aef2b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -47,6 +47,11 @@ GEM json (1.8.3) jsonapi-resources (0.7.0) rails (>= 4.0) + jwt (1.5.4) + knock (1.4.2) + bcrypt (~> 3.1) + jwt (~> 1.5) + rails (>= 4.2) loofah (2.0.3) nokogiri (>= 1.5.9) mail (2.6.4) @@ -109,6 +114,7 @@ PLATFORMS DEPENDENCIES bcrypt jsonapi-resources + knock rails (= 4.2.6) rails-api spring diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 4ac8823..9a27c3f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,2 +1,3 @@ class ApplicationController < ActionController::API + include Knock::Authenticable end diff --git a/config/initializers/knock.rb b/config/initializers/knock.rb new file mode 100644 index 0000000..bbd00e6 --- /dev/null +++ b/config/initializers/knock.rb @@ -0,0 +1,86 @@ +Knock.setup do |config| + + ## User handle attribute + ## --------------------- + ## + ## The attribute used to uniquely identify a user. + ## + ## Default: + # config.handle_attr = :email + + ## Current user retrieval from handle when signing in + ## -------------------------------------------------- + ## + ## This is where you can configure how to retrieve the current user when + ## signing in. + ## + ## Knock uses the `handle_attr` variable to retrieve the handle from the + ## AuthTokenController parameters. It also uses the same variable to enforce + ## permitted values in the controller. + ## + ## You must raise ActiveRecord::RecordNotFound if the resource cannot be retrieved. + ## + ## Default: + # config.current_user_from_handle = -> (handle) { User.find_by! Knock.handle_attr => handle } + + ## Current user retrieval when validating token + ## -------------------------------------------- + ## + ## This is how you can tell Knock how to retrieve the current_user. + ## By default, it assumes you have a model called `User` and that + ## the user_id is stored in the 'sub' claim. + ## + ## You must raise ActiveRecord::RecordNotFound if the resource cannot be retrieved. + ## + ## Default: + # config.current_user_from_token = -> (claims) { User.find claims['sub'] } + + + ## Expiration claim + ## ---------------- + ## + ## How long before a token is expired. + ## + ## Default: + # config.token_lifetime = 1.day + + + ## Audience claim + ## -------------- + ## + ## Configure the audience claim to identify the recipients that the token + ## is intended for. + ## + ## Default: + # config.token_audience = nil + + ## If using Auth0, uncomment the line below + # config.token_audience = -> { Rails.application.secrets.auth0_client_id } + + ## Signature algorithm + ## ------------------- + ## + ## Configure the algorithm used to encode the token + ## + ## Default: + # config.token_signature_algorithm = 'HS256' + + ## Signature key + ## ------------- + ## + ## Configure the key used to sign tokens. + ## + ## Default: + # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base } + + ## If using Auth0, uncomment the line below + # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret } + + ## Public key + ## ---------- + ## + ## Configure the public key used to decode tokens, if required. + ## + ## Default: + # config.token_public_key = nil +end diff --git a/config/routes.rb b/config/routes.rb index 665f469..bcdc6f3 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,4 +1,5 @@ Rails.application.routes.draw do + mount Knock::Engine => "/knock" jsonapi_resources :public_posts # The priority is based upon order of creation: first created -> highest priority. # See how all your routes lay out with "rake routes".