Merge branch 'master' into issue-28_store-lat/lng-as-strings

matievisthekat · web-flow · commit 1dac3d6d4bf7 · 2022-06-10T13:04:16.000+02:00
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -2,6 +2,7 @@ class ApplicationController < ActionController::API
   before_action :user_checks
 
   include RSAUtil
+  include JWTUtil
 
   def user_checks
     @token = get_current_token
@@ -11,13 +12,14 @@ def user_checks
   def get_current_user
     if @token
       begin
-        decoded_token = JWT.decode(@token, OpenSSL::PKey::RSA::new(RSAUtil::Keys::priv, ENV['PASSPHRASE']), true, { algorithm: 'RS256' })
+        decoded_token = JWTUtil::decode(@token)
       rescue JWT::DecodeError
       end
 
       if decoded_token == nil
         render json: { error: 'Invalid token' }, status: :unauthorized
       else
+        print decoded_token
         subject = decoded_token[0]['sub']
 
         token = Token.find_by(user_id: subject.split('.')[0])
@@ -59,7 +61,7 @@ def is_valid_token(token)
 
     token.sub!('Bearer ','')
     begin
-      JWT.decode(token, OpenSSL::PKey::RSA::new(RSAUtil::Keys::pub, ENV['PASSPHRASE']), true, { algorithm: 'RS256' })
+      JWTUtil::decode(token)
       return true
     rescue JWT::DecodeError
       Rails.logger.warn 'Error decoding the JWT: ' + e.to_s
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -8,6 +8,7 @@ class User < ApplicationRecord
   after_create :generate_token, :create_confirm_email_key
 
   include RSAUtil
+  include JWTUtil
 
   def hike_events
     HikeEvent.where(user_id: self.id)
@@ -23,27 +24,11 @@ def remove_token
 
   def generate_token (overwrite = false)
     if !self.token.nil? && overwrite
-      self.token.token = JWT.encode(
-        {
-          iss: 'probably digitalocean or some shit',
-          iat: Time.now.to_i,
-          sub: self.id
-        },
-        OpenSSL::PKey::RSA.new(RSAUtil::Keys::priv, ENV['PASSPHRASE']),
-        'RS256'
-      )
+      self.token.token = JWTUtil::encode(self)
       self.token.save
     elsif self.token.nil?
       self.token = Token.new(
-        token: JWT.encode(
-          {
-            iss: 'probably digitalocean or some shit',
-            iat: Time.now.to_i,
-            sub: self.id + Time.now.to_s
-          },
-          OpenSSL::PKey::RSA.new(RSAUtil::Keys::priv, ENV['PASSPHRASE']),
-          'RS256'
-        ),
+        token: JWTUtil::encode(self),
         user_id: self.id
       )
       self.token.save
diff --git a/config/initializers/util.rb b/config/initializers/util.rb
@@ -1,2 +1,3 @@
 require 'rsa_util.rb'
-require 'str_util.rb'
+require 'str_util.rb'
+require 'jwt_util.rb'
diff --git a/lib/jwt_util.rb b/lib/jwt_util.rb
@@ -0,0 +1,28 @@
+module JWTUtil
+  include RSAUtil
+
+  def self::encode(user)
+    JWT.encode(
+      {
+        iss: 'probably digitalocean or some shit',
+        iat: Time.now.to_i,
+        sub: user.id + '.' + Time.now.to_s
+      },
+      OpenSSL::PKey::RSA.new(RSAUtil::Keys::priv, ENV['PASSPHRASE']),
+      'RS256'
+    )
+  end
+
+  def self::decode(token)
+    begin
+      JWT.decode(
+        token,
+        OpenSSL::PKey::RSA.new(RSAUtil::Keys::pub, ENV['PASSPHRASE']),
+        true,
+        { algorithm: 'RS256' }
+      )
+    rescue JWT::DecodeError
+      return nil
+    end
+  end
+end
