diff options
-rw-r--r-- | app/controllers/api/authentications_controller.rb | 13 | ||||
-rw-r--r-- | app/controllers/api/refresh_tokens_controller.rb | 22 | ||||
-rw-r--r-- | app/controllers/concerns/token_generation_concern.rb | 9 | ||||
-rw-r--r-- | config/routes.rb | 2 |
4 files changed, 34 insertions, 12 deletions
diff --git a/app/controllers/api/authentications_controller.rb b/app/controllers/api/authentications_controller.rb index 0ab2cb7..3eb52c7 100644 --- a/app/controllers/api/authentications_controller.rb +++ b/app/controllers/api/authentications_controller.rb @@ -2,7 +2,7 @@ module Api # The controller that handles authentications. - class AuthenticationsController < ApplicationController + class AuthenticationsController < ApplicationController def create @token = logic(permitted_params).call @@ -11,18 +11,15 @@ module Api render json: { error_message: 'Credenciales incorrectas' }, status: :unauthorized end - def destroy; end - - def refresh; end + def destroy + current_user_account.session_key = nil + current_user_account.save + end private def permitted_params params.require(:credentials).permit(:email, :password) end - - def service - @service = Services::AuthenticationService.new(permitted_params) - end end end diff --git a/app/controllers/api/refresh_tokens_controller.rb b/app/controllers/api/refresh_tokens_controller.rb new file mode 100644 index 0000000..3b0843e --- /dev/null +++ b/app/controllers/api/refresh_tokens_controller.rb @@ -0,0 +1,22 @@ +# frozen_string_literal: true + +module Api + # The controller to generate new tokens. + class RefreshTokensController < AuthenticatedController + def create + @current_user_account.update_attribute(:session_key, SecureRandom.hex(16)) + @token = { token: service.call(DateTime.current + 30), refresh: service.call(authentication_token[0]['exp']) } + + render json: @token, status: :ok + end + + def service_params + { email: @current_user_account.email, role: @current_user_account.role, + session_key: @current_user_account.session_key } + end + + def service + @service ||= Services::TokenGenerationService.new(service_params) + end + end +end diff --git a/app/controllers/concerns/token_generation_concern.rb b/app/controllers/concerns/token_generation_concern.rb index 7f43e4c..beab467 100644 --- a/app/controllers/concerns/token_generation_concern.rb +++ b/app/controllers/concerns/token_generation_concern.rb @@ -9,12 +9,15 @@ module TokenGenerationConcern @service ||= Services::TokenGenerationService.new(service_params) end - def generate_user_session_key - @user_account.session_key = SecureRandom.hex(16) - @user_account.save + def generate_user_session_key(user) + user.update_attribute(:session_key, SecureRandom.hex(16)) end def generate_token { token: service.call(DateTime.current + 30.minutes), refresh: service.call(DateTime.current + 3.days) } end + + def service_params + { email: @user_account.email, role: @user_account.role, session_key: @user_account.session_key } + end end diff --git a/config/routes.rb b/config/routes.rb index 114d58b..8a789a2 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,10 +6,10 @@ Rails.application.routes.draw do # Defines the root path route ("/") # root "articles#index" namespace :api do - post '/refresh_token', to: 'authentications#refresh' post '/authenticate', to: 'authentications#create' delete '/logout', to: 'authentications#destroy' get '/user_account', to: 'user_accounts#show' resources :user_accounts, only: %i[create] + resources :refresh_tokens, only: %i[create] end end |