29. Token Authentication
Articles
• An Introduction to Using JWT Authentication in Rails
• Authenticate Your Rails API with JWT from Scratch
• Token-based authentication with Ruby on Rails 5 API
• JWT Auth in Rails, From Scratch
• Implementing JWT in Ruby on Rails-based API
• Authenticate Your Rails API with JWT
• Rails Api Backed With JWT
• Rails, Devise, JWT and the forgotten Warden
75. require "roda"
class RodauthApp < Roda
# If using Rodauth in a non-Roda application
# plugin :middleware
plugin :rodauth do
enable :login, :logout, :change_password
end
route do |r|
r.rodauth
rodauth.require_authentication
# If using Rodauth in a Roda application
# Your app code here
end
end
# If using Rodauth in a non-Roda application
# use RodauthApp
# If using Rodauth in a Roda application
run RodauthApp
76. require "roda"
class RodauthApp < Roda
# If using Rodauth in a non-Roda application
# plugin :middleware
plugin :rodauth do
enable :login, :logout, :change_password
end
route do |r|
r.rodauth
rodauth.require_authentication
# If using Rodauth in a Roda application
# Your app code here
end
end
# If using Rodauth in a non-Roda application
# use RodauthApp
# If using Rodauth in a Roda application
run RodauthApp
78. require 'simple_ldap_authenticator'
plugin :rodauth do
enable :login, :logout
# Don't require the bcrypt library, since using LDAP for auth
require_bcrypt? false
# Treat the login itself as the account
account_from_login{|l| l.to_s}
# Use the login provided as the session value
account_session_value{account}
# Store session value in :login key, since the :account_id
# default wouldn't make sense
session_key :login
password_match? do |password|
SimpleLdapAuthenticator.valid?(account, password)
end
end
81. module Auth
class Rodauth < Roda
plugin :rodauth do
enable :login
end
route do |r|
r.post 'login' do
# Custom POST /login handling here
end
r.rodauth
end
end
end
87. Setup With Postgresql
create_table(:accounts) do
primary_key :id, :type=>:Bignum
foreign_key :status_id, :account_statuses, :null=>false, :default=>1
if db.database_type == :postgres
citext :email, :null=>false
constraint :valid_email, :email=>/^[^,;@ rn]+@[^,@; rn]+.[^,@; rn]+$/
index :email, :unique=>true, :where=>{:status_id=>[1, 2]}
else
String :email, :null=>false
index :email, :unique=>true
end
end
case database_type
when :postgres
user = get{Sequel.lit('current_user')} + '_password'
run "GRANT REFERENCES ON accounts TO #{user}"
end
88. Define Rodauth Features
plugin :rodauth, :json=>true, :csrf=>false, :flash=>false do
enable :change_password, :close_account, :create_account,
:login, :logout, :remember, :reset_password, :verify_account,
:otp, :recovery_codes, :sms_codes, :password_complexity,
:disallow_password_reuse, :password_grace_period,
:account_expiration, :single_session, :jwt, :session_expiration,
max_invalid_logins 2
allow_password_change_after 60
verify_account_grace_period 300
jwt_secret secret
sms_send do |phone_number, message|
MUTEX.synchronize{SMS[session_value] = "..."}
end
end
93. Registration
module Auth
class Rodauth < Roda
DB = Sequel.connect(ENV['DATABASE_URL'])
plugin :middleware
plugin :rodauth, json: :only do
enable :login, :logout, :jwt, :create_account
jwt_session_hash do
super().merge(exp: SmartTaskApi::Utils.jwt_expiration)
end
jwt_secret ENV['JWT_SECRET']
end
route do |r|
r.rodauth
env['rodauth'] = rodauth
end
end
end
94. Token Authentication
module Api
class Rodauth < Roda
DB = Sequel.connect(ENV['DATABASE_URL'])
plugin :middleware
plugin :rodauth, json: :only do
enable :jwt
jwt_secret ENV['JWT_SECRET']
end
route do |r|
r.rodauth
rodauth.require_authentication
env['rodauth'] = rodauth
end
end
end