summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/api/authentications_controller.rb13
-rw-r--r--app/controllers/api/refresh_tokens_controller.rb22
-rw-r--r--app/controllers/concerns/token_generation_concern.rb9
-rw-r--r--config/routes.rb2
4 files changed, 34 insertions, 12 deletions
diff --git a/app/controllers/api/authentications_controller.rb b/app/controllers/api/authentications_controller.rb
index 0ab2cb7..3eb52c7 100644
--- a/app/controllers/api/authentications_controller.rb
+++ b/app/controllers/api/authentications_controller.rb
@@ -2,7 +2,7 @@
module Api
# The controller that handles authentications.
- class AuthenticationsController < ApplicationController
+ class AuthenticationsController < ApplicationController
def create
@token = logic(permitted_params).call
@@ -11,18 +11,15 @@ module Api
render json: { error_message: 'Credenciales incorrectas' }, status: :unauthorized
end
- def destroy; end
-
- def refresh; end
+ def destroy
+ current_user_account.session_key = nil
+ current_user_account.save
+ end
private
def permitted_params
params.require(:credentials).permit(:email, :password)
end
-
- def service
- @service = Services::AuthenticationService.new(permitted_params)
- end
end
end
diff --git a/app/controllers/api/refresh_tokens_controller.rb b/app/controllers/api/refresh_tokens_controller.rb
new file mode 100644
index 0000000..3b0843e
--- /dev/null
+++ b/app/controllers/api/refresh_tokens_controller.rb
@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Api
+ # The controller to generate new tokens.
+ class RefreshTokensController < AuthenticatedController
+ def create
+ @current_user_account.update_attribute(:session_key, SecureRandom.hex(16))
+ @token = { token: service.call(DateTime.current + 30), refresh: service.call(authentication_token[0]['exp']) }
+
+ render json: @token, status: :ok
+ end
+
+ def service_params
+ { email: @current_user_account.email, role: @current_user_account.role,
+ session_key: @current_user_account.session_key }
+ end
+
+ def service
+ @service ||= Services::TokenGenerationService.new(service_params)
+ end
+ end
+end
diff --git a/app/controllers/concerns/token_generation_concern.rb b/app/controllers/concerns/token_generation_concern.rb
index 7f43e4c..beab467 100644
--- a/app/controllers/concerns/token_generation_concern.rb
+++ b/app/controllers/concerns/token_generation_concern.rb
@@ -9,12 +9,15 @@ module TokenGenerationConcern
@service ||= Services::TokenGenerationService.new(service_params)
end
- def generate_user_session_key
- @user_account.session_key = SecureRandom.hex(16)
- @user_account.save
+ def generate_user_session_key(user)
+ user.update_attribute(:session_key, SecureRandom.hex(16))
end
def generate_token
{ token: service.call(DateTime.current + 30.minutes), refresh: service.call(DateTime.current + 3.days) }
end
+
+ def service_params
+ { email: @user_account.email, role: @user_account.role, session_key: @user_account.session_key }
+ end
end
diff --git a/config/routes.rb b/config/routes.rb
index 114d58b..8a789a2 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -6,10 +6,10 @@ Rails.application.routes.draw do
# Defines the root path route ("/")
# root "articles#index"
namespace :api do
- post '/refresh_token', to: 'authentications#refresh'
post '/authenticate', to: 'authentications#create'
delete '/logout', to: 'authentications#destroy'
get '/user_account', to: 'user_accounts#show'
resources :user_accounts, only: %i[create]
+ resources :refresh_tokens, only: %i[create]
end
end