use JWTUtil instead of calling JWT.encode/decode

matievisthekat · matievisthekat · commit 90e17b9b8212 · 2022-06-10T12:35:32.000+02:00
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -2,6 +2,7 @@ class ApplicationController < ActionController::API
   before_action :user_checks
 
   include RSAUtil
+  include JWTUtil
 
   def user_checks
     @token = get_current_token
@@ -11,13 +12,14 @@ def user_checks
   def get_current_user
     if @token
       begin
-        decoded_token = JWT.decode(@token, OpenSSL::PKey::RSA::new(RSAUtil::Keys::priv, ENV['PASSPHRASE']), true, { algorithm: 'RS256' })
+        decoded_token = JWTUtil::decode(@token)
       rescue JWT::DecodeError
       end
 
       if decoded_token == nil
         render json: { error: 'Invalid token' }, status: :unauthorized
       else
+        print decoded_token
         subject = decoded_token[0]['sub']
 
         token = Token.find_by(user_id: subject.split('.')[0])
@@ -59,7 +61,7 @@ def is_valid_token(token)
 
     token.sub!('Bearer ','')
     begin
-      JWT.decode(token, OpenSSL::PKey::RSA::new(RSAUtil::Keys::pub, ENV['PASSPHRASE']), true, { algorithm: 'RS256' })
+      JWTUtil::decode(token)
       return true
     rescue JWT::DecodeError
       Rails.logger.warn 'Error decoding the JWT: ' + e.to_s
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -8,6 +8,7 @@ class User < ApplicationRecord
   after_create :generate_token, :create_confirm_email_key
 
   include RSAUtil
+  include JWTUtil
 
   def hike_events
     HikeEvent.where(user_id: self.id)
@@ -23,27 +24,11 @@ def remove_token
 
   def generate_token (overwrite = false)
     if !self.token.nil? && overwrite
-      self.token.token = JWT.encode(
-        {
-          iss: 'probably digitalocean or some shit',
-          iat: Time.now.to_i,
-          sub: self.id
-        },
-        OpenSSL::PKey::RSA.new(RSAUtil::Keys::priv, ENV['PASSPHRASE']),
-        'RS256'
-      )
+      self.token.token = JWTUtil::encode(self)
       self.token.save
     elsif self.token.nil?
       self.token = Token.new(
-        token: JWT.encode(
-          {
-            iss: 'probably digitalocean or some shit',
-            iat: Time.now.to_i,
-            sub: self.id + Time.now.to_s
-          },
-          OpenSSL::PKey::RSA.new(RSAUtil::Keys::priv, ENV['PASSPHRASE']),
-          'RS256'
-        ),
+        token: JWTUtil::encode(self),
         user_id: self.id
       )
       self.token.save
