blob: 56be1ad014ed153d344b2720c7418445cf15dc60 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# frozen_string_literal: true
# The father class of all the controllers that require authentication.
class AuthenticatedController < ApplicationController
before_action :validate_jwt
private
def validate_jwt
return if valid_token
render json: { error_message: 'Token inválido' }, status: :unauthorized
end
def valid_token
!(decoded_token.nil? || current_user_account&.session_key.nil? || invalid_jti)
end
def invalid_jti
return false if current_user_account.nil? || decoded_token.nil?
current_user_account.session_key != decoded_token[0]['jti']
end
end
|
