Skip to content

Instantly share code, notes, and snippets.

Avatar
🤖
Building products

Shashike Jayatunge donrestarone

🤖
Building products
View GitHub Profile
@donrestarone
donrestarone / application_controller.rb
Last active Mar 4, 2020
add cookies to Rails API controller
View application_controller.rb
class ApplicationController < ActionController::API
include ActionController::Cookies
end
@donrestarone
donrestarone / cors.rb
Created Mar 4, 2020
cors setup for http-only cookies
View cors.rb
Rails.application.config.middleware.insert_before 0, Rack::Cors, debug: true do
allow do
origins 'http://client.your-domain-here.ngrok.io'
resource '*',
headers: :any,
methods: [:get, :post, :put, :patch, :delete, :options, :head]
end
end
@donrestarone
donrestarone / application.rb
Last active Mar 4, 2020
Adding cookies to Rails 6 API only app
View application.rb
require_relative 'boot'
require "rails"
require "active_model/railtie"
require "active_job/railtie"
require "active_record/railtie"
require "active_storage/engine"
require "action_controller/railtie"
require "action_mailer/railtie"
require "action_mailbox/engine"
@donrestarone
donrestarone / json_web_token.rb
Created Mar 4, 2020
simple module for encoding and decoding JWT's using the jwt gem
View json_web_token.rb
module CoreModules::JsonWebToken
require 'jwt'
JWT_SECRET = Rails.application.secrets.secret_key_base
def self.encode(payload, exp = 24.hours.from_now)
payload[:exp] = exp.to_i
JWT.encode(payload, JWT_SECRET)
end
def self.decode(token)
@donrestarone
donrestarone / application.rb
Created Mar 4, 2020
rails autoload /lib folder
View application.rb
require_relative 'boot'
require "rails"
require "active_model/railtie"
require "active_job/railtie"
require "active_record/railtie"
require "active_storage/engine"
require "action_controller/railtie"
require "action_mailer/railtie"
@donrestarone
donrestarone / application_controller.rb
Created Mar 4, 2020
simple cookie authentication helpers in application controller
View application_controller.rb
class ApplicationController < ActionController::API
include ActionController::Cookies
def authenticate_cookie
token = cookies.signed[:jwt]
decoded_token = CoreModules::JsonWebToken.decode(token)
if decoded_token
user = User.find_by(id: decoded_token["user_id"])
end
if user then return true else render json: {status: 'unauthorized', code: 401} end
@donrestarone
donrestarone / sessions_controller.rb
Created Mar 4, 2020
simple sessions controller for authenticating in a rails application with cookies
View sessions_controller.rb
class Api::V1::SessionsController < ApplicationController
before_action only: [:destroy] do
authenticate_cookie
end
def destroy
user = current_user
if user
cookies.delete(:jwt)
render json: {status: 'OK', code: 200}
@donrestarone
donrestarone / login.js
Created Mar 5, 2020
sample login and logout with fetch and cookie based authentication
View login.js
export const login = (email, password) => {
return new Promise((resolve, reject) => {
let endpoint = `http://api.your-domain-here.ngrok.io/api/core/v1/sessions`;
fetch(endpoint, {
method: "POST",
credentials: "include",
headers: {
"Content-Type": "application/json",
"Accept": "application/json",
},
@donrestarone
donrestarone / ngrok-subdomain.sh
Created Mar 13, 2020
route ngrok subdomain requests to localhost
View ngrok-subdomain.sh
#tunnel requests that hit api.your-subdomain.ngrok.io to http://localhost:5500
./ngrok http 5500 -subdomain api.your-subdomain
@donrestarone
donrestarone / user.rb
Last active Mar 14, 2020
a simple user model that generates a unique token for a newly signed up user.
View user.rb
class User < ApplicationRecord
has_secure_password
validates_format_of :email, :with => /\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/
def generate_email_confirmation_link
path = ENV["CLIENT_APPLICATION_ROOT"]
token = CoreModules::JsonWebToken.encode({user_id: self.id}, 30.minutes.from_now)
return "#{path}/users/confirmations/#{token}?type=#{'email'}"
end