This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::API | |
include ActionController::Cookies | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Rails.application.config.middleware.insert_before 0, Rack::Cors, debug: true do | |
allow do | |
origins 'http://client.your-domain-here.ngrok.io' | |
resource '*', | |
headers: :any, | |
methods: [:get, :post, :put, :patch, :delete, :options, :head] | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require_relative 'boot' | |
require "rails" | |
require "active_model/railtie" | |
require "active_job/railtie" | |
require "active_record/railtie" | |
require "active_storage/engine" | |
require "action_controller/railtie" | |
require "action_mailer/railtie" | |
require "action_mailbox/engine" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module CoreModules::JsonWebToken | |
require 'jwt' | |
JWT_SECRET = Rails.application.secrets.secret_key_base | |
def self.encode(payload, exp = 24.hours.from_now) | |
payload[:exp] = exp.to_i | |
JWT.encode(payload, JWT_SECRET) | |
end | |
def self.decode(token) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require_relative 'boot' | |
require "rails" | |
require "active_model/railtie" | |
require "active_job/railtie" | |
require "active_record/railtie" | |
require "active_storage/engine" | |
require "action_controller/railtie" | |
require "action_mailer/railtie" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class ApplicationController < ActionController::API | |
include ActionController::Cookies | |
def authenticate_cookie | |
token = cookies.signed[:jwt] | |
decoded_token = CoreModules::JsonWebToken.decode(token) | |
if decoded_token | |
user = User.find_by(id: decoded_token["user_id"]) | |
end | |
if user then return true else render json: {status: 'unauthorized', code: 401} end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Api::V1::SessionsController < ApplicationController | |
before_action only: [:destroy] do | |
authenticate_cookie | |
end | |
def destroy | |
user = current_user | |
if user | |
cookies.delete(:jwt) | |
render json: {status: 'OK', code: 200} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#tunnel requests that hit api.your-subdomain.ngrok.io to http://localhost:5500 | |
./ngrok http 5500 -subdomain api.your-subdomain |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class User < ApplicationRecord | |
has_secure_password | |
validates_format_of :email, :with => /\A[^@\s]+@([^@\s]+\.)+[^@\s]+\z/ | |
def generate_email_confirmation_link | |
path = ENV["CLIENT_APPLICATION_ROOT"] | |
token = CoreModules::JsonWebToken.encode({user_id: self.id}, 30.minutes.from_now) | |
return "#{path}/users/confirmations/#{token}?type=#{'email'}" | |
end | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'rails_helper' | |
RSpec.describe User, type: :model do | |
it 'can generate an expirable email confirmation link' do | |
user = create(:user) | |
link = user.generate_email_confirmation_link | |
token = link.split('/')[5].split('?')[0] | |
expect(CoreModules::JsonWebToken.decode(token)[:user_id]).to eql user.id | |
expiration_time = Time.now + 31.minutes | |
Timecop.travel(expiration_time) do |
OlderNewer