Initial commit

Gemfile

@@ -18,4 +18,7 @@ gem "simplecov", require: false, group: :test
 group :development do
   gem "bundler"
   gem "rake"
+  gem "activesupport"
+  gem "minitest"
+  gem 'minitest-reporters'
 end

MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2015 Arnaud MESUREUR
+Copyright 2015 MinuteMedia
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

README.md

@@ -1,10 +1,12 @@
-# knock
+# Doorbell
 [![Gem Version](https://badge.fury.io/rb/knock.svg)](http://badge.fury.io/rb/knock)
 [![Build Status](https://travis-ci.org/nsarno/knock.svg)](https://travis-ci.org/nsarno/knock)
 [![Test Coverage](https://codeclimate.com/github/nsarno/knock/badges/coverage.svg)](https://codeclimate.com/github/nsarno/knock/coverage)
 [![Code Climate](https://codeclimate.com/github/nsarno/knock/badges/gpa.svg)](https://codeclimate.com/github/nsarno/knock)
 [![Dependency Status](https://gemnasium.com/nsarno/knock.svg)](https://gemnasium.com/nsarno/knock)
 
+This project was forked from the original project Knock
+
 Seamless JWT authentication for Rails API
 
 ## Description
@@ -202,36 +204,6 @@ class User < ActiveRecord::Base
 end
 ```
 
-#### Via the initializer
-
-The initializer [config/initializers/knock.rb](https://github.com/nsarno/knock/blob/master/lib/generators/templates/knock.rb)
-is generated when `rails g knock:install` is executed. Each configuration variable is
-documented with comments in the initializer itself.
-
-### Authenticating from a web or mobile application
-
-Example request to get a token from your API:
-```
-POST /user_token
-{"auth": {"email": "[email protected]", "password": "secret"}}
-```
-
-Example response from the API:
-```
-201 Created
-{"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9"}
-```
-
-To make an authenticated request to your API, you need to pass the token via the request header:
-```
-Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9
-GET /my_resources
-```
-
-Knock responds with a `404 Not Found` when the user cannot be found or the password is invalid. This is a security best practice to avoid giving away information about the existence or not of a particular user.
-
-**NB:** HTTPS should always be enabled when sending a password or token in your request.
-
 ### Authenticated tests
 
 To authenticate within your tests:

Rakefile

@@ -16,14 +16,6 @@ RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_files.include('lib/**/*.rb')
 end
 
-APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
-load 'rails/tasks/engine.rake'
-
-
-load 'rails/tasks/statistics.rake'
-
-
-
 Bundler::GemHelper.install_tasks
 
 require 'rake/testtask'

knock.gemspec

@@ -5,19 +5,18 @@ require "knock/version"
 
 # Describe your gem and declare its dependencies:
 Gem::Specification.new do |s|
-  s.name        = "knock"
+  s.name        = "doorbell"
   s.version     = Knock::VERSION
-  s.authors     = ["Arnaud MESUREUR", "Ghjuvan-Carlu BIANCHI"]
-  s.email       = ["arnaud.mesureur@gmail.com"]
+  s.authors     = ["MinuteMedia"]
+  s.email       = ["tech@minutemedia.com"]
   s.homepage    = "https://github.com/nsarno/knock"
-  s.summary     = "Seamless JWT authentication for Rails API."
+  s.summary     = "Simple JWT authentication for Rails API."
   s.description = "Authentication solution for Rails based on JWT"
   s.license     = "MIT"
 
-  s.files = Dir["{app,config,db,lib}/**/*", "MIT-LICENSE", "Rakefile", "README.rdoc"]
+  s.files = Dir["{lib}/**/*", "MIT-LICENSE", "Rakefile", "README.rdoc"]
   s.test_files = Dir["test/**/*"]
 
-  s.add_dependency "rails", ">= 4.2"
   s.add_dependency "jwt", "~> 1.5"
   s.add_dependency "bcrypt", "~> 3.1"
 

lib/knock.rb

@@ -1,6 +1,10 @@
-require "knock/engine"
+require 'active_support/all'
+require 'knock/auth_service'
+require 'knock/authenticable'
 
 module Knock
+  class AuthenticationError < StandardError; end
+
   mattr_accessor :token_lifetime
   self.token_lifetime = 1.day
 

app/model/knock/auth_token.rb → lib/knock/auth_service.rb

@@ -1,35 +1,33 @@
 require 'jwt'
 
 module Knock
-  class AuthToken
+  class AuthService
     attr_reader :token
     attr_reader :payload
 
-    def initialize payload: {}, token: nil, verify_options: {}
-      if token.present?
-        @payload, _ = JWT.decode token.to_s, decode_key, true, options.merge(verify_options)
+    def initialize(token: nil, verify_options: {})
+        @payload, _ = decode_token token, verify_options
         @token = token
-      else
-        @payload = claims.merge(payload)
-        @token = JWT.encode @payload,
-          secret_key,
-          Knock.token_signature_algorithm
-      end
     end
-
-    def entity_for entity_class
+    
+    def entity_for(entity_class)
       if entity_class.respond_to? :from_token_payload
         entity_class.from_token_payload @payload
       else
         entity_class.find @payload['sub']
       end
     end
 
-    def to_json options = {}
-      {jwt: @token}.to_json
+    private
+
+    def decode_token(token, verify_options)
+      JWT.decode token.to_s, decode_key, true, system_verify_options.merge(verify_options)
+    rescue JWT::ExpiredSignature
+      raise AuthenticationError, 'Token has expired'
+    rescue 
+      raise AuthenticationError, 'Authentication failed'
     end
 
-  private
     def secret_key
       Knock.token_secret_signature_key.call
     end
@@ -38,7 +36,7 @@ def decode_key
       Knock.token_public_key || secret_key
     end
 
-    def options
+    def system_verify_options
       verify_claims.merge({
         algorithm: Knock.token_signature_algorithm
       })

lib/knock/authenticable.rb

@@ -2,13 +2,17 @@ module Knock::Authenticable
   def authenticate_for entity_class
     getter_name = "current_#{entity_class.to_s.parameterize.underscore}"
     define_current_entity_getter(entity_class, getter_name)
-    public_send(getter_name)
+    service
   end
 
   private
+
+  def service
+    Knock::AuthService.new(token: token)
+  end
 
   def token
-    params[:token] || token_from_request_headers
+    token_from_request_headers || params[:token]
   end
 
   def method_missing(method, *args)
@@ -47,7 +51,7 @@ def define_current_entity_getter entity_class, getter_name
         unless instance_variable_defined?(memoization_var_name)
           current =
             begin
-              Knock::AuthToken.new(token: token).entity_for(entity_class)
+              service.entity_for(entity_class)
             rescue Knock.not_found_exception_class, JWT::DecodeError
               nil
             end

lib/knock/version.rb

@@ -1,3 +1,3 @@
 module Knock
-  VERSION = "2.1.1"
+  VERSION = '1.0'
 end