Token from header (#3)

* Adding JWT gem, and fetching user from that JWT token

* Adding empty test

* Make rubocop happy

* More rubocop

* Only run tests on push

* Raise an exception if the JWT is missing, or the user is missing

We catch the exception in user_signed_in?, since that should just be a boolean

* Throw our own raise when JWT errors out

* jwt_user_id should return nil in the case of being unauthorized

* current_user should return nil if Unauthorized is thrown

* Delete authable_test.rb

Author: scottrobertson

.github/workflows/test.yml

@@ -1,6 +1,6 @@
 name: Ruby
 
-on: [push, pull_request]
+on: push
 
 jobs:
   test:

lib/tokenable.rb

@@ -1,9 +1,12 @@
 # frozen_string_literal: true
 
 require_relative 'tokenable/version'
+require_relative 'tokenable/authable'
 require_relative 'tokenable/railtie' if defined?(Rails)
 
 module Tokenable
   class Error < StandardError; end
+  class Unauthorized < Error; end
+
   # Your code goes here...
 end

lib/tokenable/authable.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
 # The main controller concern that will be injected to the application
+
+require 'jwt'
+require 'active_support/concern'
+
 module Tokenable
   module Authable
     extend ActiveSupport::Concern
@@ -9,11 +13,45 @@ module Authable
     end
 
     def user_signed_in?
-      true
+      current_user.present?
+    rescue Tokenable::Unauthorized
+      false
     end
 
     def current_user
-      User.first
+      @current_user ||= user_class.find(jwt_user_id)
+    rescue Tokenable::Unauthorized
+      nil
+    end
+
+    def require_tokenable_user!
+      raise Tokenable::Unauthorized unless user_signed_in?
+    end
+
+    private
+
+    def user_class
+      User
+    end
+
+    def token_from_header
+      headers['Authorization'].to_s.split(' ').last
+    end
+
+    def jwt_user_id
+      jwt['data']['user_id']
+    end
+
+    def jwt
+      raise Tokenable::Unauthorized unless token_from_header.present?
+
+      @jwt ||= JWT.decode(token_from_header, jwt_secret, true, { algorithm: 'HS256' }).first
+    rescue JWT::ExpiredSignature, JWT::DecodeError
+      raise Tokenable::Unauthorized
+    end
+
+    def jwt_secret
+      Rails.application.secret_key_base
     end
   end
 end

tokenable.gemspec

@@ -27,5 +27,6 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'jwt', '~> 2.2', '< 3'
   spec.add_dependency 'rails', '~> 6.0', '< 6.2'
 end