-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from KanzaTahreem/feature/authentication
User Authentication
- Loading branch information
Showing
14 changed files
with
229 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,24 @@ | ||
class ApplicationController < ActionController::API | ||
before_action :authorize_request, except: %i[login signup] | ||
|
||
def not_found | ||
render json: { message: 'Unable to access token', error: 'Token not found' }, status: :unauthorized | ||
end | ||
|
||
# rubocop:disable Lint/UselessAssignment | ||
|
||
def authorize_request | ||
header = request.headers['Authorization'] | ||
header = header.split.last if header | ||
begin | ||
@decoded = JsonWebToken.decode(header) | ||
@current_user = User.find(@decoded[:user_id]) | ||
rescue ActiveRecord::RecordNotFound => e | ||
render json: { errors: e.message }, status: :unauthorized | ||
rescue JWT::DecodeError => e | ||
not_found | ||
end | ||
end | ||
|
||
# rubocop:enable Lint/UselessAssignment | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
class AuthenticationController < ApplicationController | ||
# rubocop:disable Metrics/MethodLength | ||
|
||
def signup | ||
@user = User.find_by_email(signup_params[:email]) | ||
if @user.present? | ||
render json: { message: 'Failed to create a user', error: 'User already exists' }, status: :conflict | ||
else | ||
@user = User.new(signup_params) | ||
if @user.save | ||
token = JsonWebToken.encode(user_id: @user.id) | ||
time = Time.now + 24.hours.to_i | ||
render json: { | ||
token: token, | ||
exp: time.strftime('%m-%d-%Y %H:%M'), | ||
user: { | ||
id: @user.id, | ||
name: @user.name, | ||
email: @user.email | ||
} | ||
}, status: :ok | ||
elsif @user | ||
render json: { message: 'Failed to create an account', error: 'Password cannot be less than 6 letters' }, | ||
status: :unprocessable_entity | ||
else | ||
render json: { message: 'Failed to create an account', error: 'Validation failed' }, | ||
status: :unprocessable_entity | ||
end | ||
end | ||
end | ||
|
||
# rubocop:enable Metrics/MethodLength | ||
|
||
def login | ||
@user = User.find_by_email(login_params[:email]) | ||
if @user&.authenticate(login_params[:password]) | ||
token = JsonWebToken.encode(user_id: @user.id) | ||
time = Time.now + 24.hours.to_i | ||
render json: { | ||
token: token, | ||
exp: time.strftime('%m-%d-%Y %H:%M'), | ||
user: { | ||
id: @user.id, | ||
name: @user.name, | ||
email: @user.email | ||
} | ||
}, status: :ok | ||
elsif @user | ||
render json: { message: 'You are not authorize to access this account', error: 'Incorrect password' }, | ||
status: :unauthorized | ||
else | ||
render json: { message: 'You are not authorize to access this account', error: 'Incorrect email' }, | ||
status: :unauthorized | ||
end | ||
end | ||
|
||
private | ||
|
||
def signup_params | ||
params.require(:user).permit(:name, :email, :password) | ||
end | ||
|
||
def login_params | ||
params.require(:user).permit(:email, :password) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
class UsersController < ApplicationController | ||
before_action :authorize_request | ||
before_action :find_user | ||
|
||
def index | ||
@users = User.all | ||
render json: @users, status: :ok | ||
end | ||
|
||
def show | ||
render json: @user, status: :ok | ||
end | ||
|
||
def update | ||
return if @user.update(user_params) | ||
|
||
render json: { errors: @user.errors.full_messages }, | ||
status: :unprocessable_entity | ||
end | ||
|
||
def destroy | ||
if @user.destroy | ||
render json: { success: 'User destroyed successfully' }, status: :ok | ||
else | ||
render :json, { error: 'Unable to destroy a user' }, status: :unprocessable_entity | ||
end | ||
end | ||
|
||
private | ||
|
||
def find_user | ||
@user = User.find_by_id(params[:id]) | ||
rescue ActiveRecord::RecordNotFound | ||
render json: { errors: 'User not found' }, status: :not_found | ||
end | ||
|
||
def user_params | ||
params.permit(:name, :email, :password) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
class JsonWebToken | ||
SECRET_KEY = Rails.application.secrets.secret_key_base.to_s | ||
|
||
def self.encode(payload, exp = 24.hours.from_now) | ||
payload[:exp] = exp.to_i | ||
JWT.encode(payload, SECRET_KEY) | ||
end | ||
|
||
def self.decode(token) | ||
decoded = JWT.decode(token, SECRET_KEY)[0] | ||
HashWithIndifferentAccess.new decoded | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
class User < ApplicationRecord | ||
has_secure_password | ||
validates :email, presence: true, uniqueness: true | ||
validates :email, format: { with: URI::MailTo::EMAIL_REGEXP } | ||
validates :password, | ||
length: { minimum: 6 }, | ||
if: -> { new_record? || !password.nil? } | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,10 @@ | ||
Rails.application.routes.draw do | ||
# Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html | ||
|
||
resources :users | ||
post '/auth/login', to: 'authentication#login' | ||
post '/auth/signup', to: 'authentication#signup' | ||
|
||
# Defines the root path route ("/") | ||
# root "articles#index" | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
class CreateUsers < ActiveRecord::Migration[7.0] | ||
def change | ||
create_table :users do |t| | ||
t.string :name | ||
t.string :email | ||
t.string :password_digest | ||
|
||
t.timestamps | ||
end | ||
end | ||
end |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
require 'test_helper' | ||
|
||
class AuthenticationControllerTest < ActionDispatch::IntegrationTest | ||
# test "the truth" do | ||
# assert true | ||
# end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
require 'test_helper' | ||
|
||
class UsersControllerTest < ActionDispatch::IntegrationTest | ||
# test "the truth" do | ||
# assert true | ||
# end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html | ||
|
||
one: | ||
name: MyString | ||
email: MyString | ||
password_digest: MyString | ||
|
||
two: | ||
name: MyString | ||
email: MyString | ||
password_digest: MyString |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
require 'test_helper' | ||
|
||
class UserTest < ActiveSupport::TestCase | ||
# test "the truth" do | ||
# assert true | ||
# end | ||
end |