Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

@ErisDS
Created March 7, 2019 16:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ErisDS/0d55dc5240b7f183e667bfa8ebf90c4d to your computer and use it in GitHub Desktop.
Save ErisDS/0d55dc5240b7f183e667bfa8ebf90c4d to your computer and use it in GitHub Desktop.
Ruby Example of Ghost JWT Auth

Demo of generating a JWT and authenticating with Ghost's Admin API.

Usage:

  • Save ghost-auth.rb locally
  • gem install httparty jwt first
  • With Ghost running on localhost:2368
  • ruby ghost-auth.rb {admin api key} to run

Gotchas:

Designed to authenticate with a local install, change the line 18 if your Ghost install is elsewhere

require 'httparty'
require 'jwt'
api_key = ARGV[0]
kid, secret = api_key.split(':')
iat = Time.now.to_i
header = {alg: 'HS256', typ: 'JWT', kid: kid}
payload = {
iat: iat,
exp: iat + 5 * 3600,
aud: '/v2/admin/'
}
token = JWT.encode payload, [secret].pack('H*'), 'HS256', header
url = 'http://localhost:2368/ghost/api/v2/admin/posts/?limit=1'
headers = {Authorization: "Ghost #{token}"}
puts HTTParty.get(url, headers: headers)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment