Class: Dscf::Core::AuthController

Inherits:
ApplicationController show all
Includes:
RoleAssignable
Defined in:
app/controllers/dscf/core/auth_controller.rb

Instance Method Summary collapse

Methods included from RoleAssignable

#assign_default_role

Methods included from Authorizable

#authorize, #authorize_action!, #policy_scope, #pundit_user

Methods included from JsonResponse

#render_error, #render_success, #serialize

Methods included from TokenAuthenticatable

#require_valid_refresh_token, #validate_device_consistency, #validate_token_expiry

Methods included from Authenticatable

#authenticate_user, #authenticate_user!, #current_user, #refresh_token, #sign_in, #sign_out

Instance Method Details

#loginObject 



11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'app/controllers/dscf/core/auth_controller.rb', line 11

def 
  skip_authorization
  email_or_phone = params[:email_or_phone].presence || params.dig(:auth, :email_or_phone).presence
  password = params[:password].presence || params.dig(:auth, :password).presence

  return render_error("auth.errors.missing_credentials", status: :bad_request) unless email_or_phone && password

  user = AuthService.authenticate_user(email_or_phone, password)

  if user&.valid_for_authentication?
    tokens = (user, request)
    user_with_includes = User.includes(roles: :permissions, user_profile: {}).find(user.id)
    render_success(
      "auth.success.login",
      data: {
        user: user_with_includes,
        access_token: tokens[:access_token],
        refresh_token: tokens[:refresh_token].refresh_token
      },
      serializer_options: {
        user: {
          serializer: Dscf::Core::UserAuthSerializer,
          include: [:user_profile, roles: [:permissions]]
        }
      }
    )
  else
    render_error("auth.errors.invalid_credentials", status: :unauthorized)
  end
end

#logoutObject 



75
76
77
78
 
# File 'app/controllers/dscf/core/auth_controller.rb', line 75

def logout
  sign_out
  render_success("auth.success.logout")
end

#meObject 



80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'app/controllers/dscf/core/auth_controller.rb', line 80

def me
  user = User.includes(roles: :permissions, user_profile: {}).find(current_user.id)
  render_success(
    "auth.success.me",
    data: {
      user: user
    },
    serializer_options: {
      user: {
        serializer: Dscf::Core::UserAuthSerializer,
        include: [:user_profile, roles: [:permissions]]
      }
    }
  )
end

#refreshObject 



96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
# File 'app/controllers/dscf/core/auth_controller.rb', line 96

def refresh
  skip_authorization
  new_tokens = refresh_token
  if new_tokens
    render_success(
      "auth.success.refresh",
      data: {
        access_token: new_tokens[:access_token]
      }
    )
  else
    render_error("auth.errors.invalid_token", status: :unauthorized)
  end
end

#signupObject 



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'app/controllers/dscf/core/auth_controller.rb', line 42

def 
  skip_authorization
  user = User.new(user_params)

  return render_error("auth.errors.missing_email_or_phone") unless user.email.present? || user.phone.present?

  ActiveRecord::Base.transaction do
    if user.save
      assign_default_role(user)
      user_with_includes = User.includes(roles: :permissions, user_profile: {}).find(user.id)
      render_success(
        "auth.success.signup",
        data: {
          user: user_with_includes
        },
        status: :created,
        serializer_options: {
          user: {
            serializer: Dscf::Core::UserAuthSerializer,
            include: [:user_profile, roles: [:permissions]]
          }
        }
      )
    else
      render_error(
        "auth.errors.signup_failed",
        errors: user.errors.full_messages,
        status: :unprocessable_entity
      )
    end
  end
end