JWT Setup for Authentication - ios App feature#4901
Merged
FireLemons merged 10 commits intorubyforgood:mainfrom Jun 28, 2023
Merged
JWT Setup for Authentication - ios App feature#4901FireLemons merged 10 commits intorubyforgood:mainfrom
FireLemons merged 10 commits intorubyforgood:mainfrom
Conversation
github-actions
Bot
added
dependencies
compwron
reviewed
Jun 22, 2023
Collaborator
compwron
left a comment
compwron
left a comment
There was a problem hiding this comment.
seems reasonable. :) @FireLemons how does it look to you?
compwron
approved these changes
Jun 22, 2023
Collaborator
|
🥇 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What github issue is this PR for, if any?
This PR will set up the JWT authentication as part of the ios app codethechange is building.
It isn't linked to any issue in this repo - we forked a copy of this repo and are working on that forked copy.
Now we want to merge what we have done for the authentication.
What changed, and why?
Set up JWT with Devise.
I had to extend Devise sessions controller's create action to return a custom response for JSON requests.
I also extend respond_to_on_destroy method so sign out responds in json.
Additionally, I had to modify the accessible module so JSON requests don't get redirected to the root path.
How is this tested? (please write tests!) 💖💪
I created request specs for good/bad login to verify correct headers were sent (e.x authorization, content-type...etc) and also JSON data.
I also made specs for the sign out route -> testing JWT is moved to denylist and a 200 response.
Postman was used to make changes (i.e unassign a case assignment) in the portal provided a JWT was present.
I also did a live test where I ran the rails server on a ngrok tunnel and frontend app using expo go side by side.
See screenshots below.
Screenshots please :)
Live test using Ngrok and my android phone running the frontend with Expo go.
Postman: Success login means auth JWT in header
Postman: Failed login means auth JWT not in header
Postman: Unassign a case assignment using auth token passed in request header
Postman: Unassign a case assignment with no auth token
Postman: Sign out returns 200 response + JWT is moved to denylist
Feedback please? (optional)
We are very interested in your feedback! Please give us some :) https://forms.gle/1D5ACNgTs2u9gSdh9