Class: Devise::JWT::Cookie::Middleware
- Inherits:
-
Object
- Object
- Devise::JWT::Cookie::Middleware
- Defined in:
- lib/devise/jwt/cookie/middleware.rb
Constant Summary collapse
- ENV_KEY =
'warden-jwt_auth.token'
Instance Attribute Summary collapse
-
#app ⇒ Object
readonly
Returns the value of attribute app.
-
#config ⇒ Object
readonly
Returns the value of attribute config.
Instance Method Summary collapse
- #call(env) ⇒ Object
-
#initialize(app) ⇒ Middleware
constructor
A new instance of Middleware.
- #token_should_be_revoked?(env) ⇒ Boolean
Constructor Details
#initialize(app) ⇒ Middleware
Returns a new instance of Middleware.
9 10 11 12 |
# File 'lib/devise/jwt/cookie/middleware.rb', line 9 def initialize(app) @app = app @config = Warden::JWTAuth.config end |
Instance Attribute Details
#app ⇒ Object (readonly)
Returns the value of attribute app.
7 8 9 |
# File 'lib/devise/jwt/cookie/middleware.rb', line 7 def app @app end |
#config ⇒ Object (readonly)
Returns the value of attribute config.
7 8 9 |
# File 'lib/devise/jwt/cookie/middleware.rb', line 7 def config @config end |
Instance Method Details
#call(env) ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/devise/jwt/cookie/middleware.rb', line 14 def call(env) token_should_be_revoked = token_should_be_revoked?(env) if token_should_be_revoked # add the Authorization header, devise-jwt needs this to revoke tokens # we need to make sure this is done before the other middleware is run request = ActionDispatch::Request.new(env) env['HTTP_AUTHORIZATION'] = "Bearer #{CookieHelper.new.read_from(request.)}" end status, headers, response = app.call(env) if headers['Authorization'] && env[ENV_KEY] name, = CookieHelper.new.build(env[ENV_KEY]) Rack::Utils.(headers, name, ) elsif token_should_be_revoked name, = CookieHelper.new.build(nil) Rack::Utils.(headers, name, ) end [status, headers, response] end |
#token_should_be_revoked?(env) ⇒ Boolean
34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/devise/jwt/cookie/middleware.rb', line 34 def token_should_be_revoked?(env) path_info = env['PATH_INFO'] || '' method = env['REQUEST_METHOD'] revocation_requests = config.revocation_requests revocation_requests.each do |tuple| revocation_method, revocation_path = tuple return true if path_info.match(revocation_path) && method == revocation_method end false end |