策略引擎>> shared_authentication_devise_and_jwt>> 返回
项目作者: sugbuv

项目描述 :
Rails 6 Shared Authentication with Devise and Devise-JWT (Vanila Web Page AND RestAPI)
高级语言: Ruby
项目地址: git://github.com/sugbuv/shared_authentication_devise_and_jwt.git
创建时间: 2020-05-11T13:02:04Z
项目社区:https://github.com/sugbuv/shared_authentication_devise_and_jwt
开源协议:MIT License
下载


Goal

  • Web application shall create a shared authentication platform with Devise for both API and non-API usage.
  • Web application shall handle 4 type of users.
    • Guest user (No login required)
    • Clients (Login required and allowed to deal with some models)
    • Supervisior (Login required and allowed to view, export all the records. No create and delete is allowed)
    • Super admin (Full control including record deletion through rails-admin dashboard)
  • Super admin shall create user and user can reset password or access forgot password option.

Live demo:

https://still-journey-99004.herokuapp.com/

Gems used:

Authentication

  1. - devise
  2. - devise-jwt
  3. - cancancan
  4. - rack-cors

Dashboard

  1. - rails_admin

UI

  1. - jquery-rails
  2. - toastr-rails
  3. - devise-i18n
  4. - gravatar_image_tag
  5. - font-awesome-sass
  6. - bootstrap

Setup:

  1. - Rails version : 6.0.2.2
  2. - Ruby version  : 2.6.3
  3. - Database      : sqlite3

Development environment setup

  1. - yarn install --check-files
  2. - rake db:drop
  3. - rake db:create
  4. - rake db:migrate
  5. - rake db:seed
  6. - rake assets:precompile

Start the appilcation

rails s

Default credentials

Super Admin

  1. - Usename  : test_admin@mydomain.com
  2. - Password : default

Client

  1. - Username : test@mydomain.com
  2. - Password : default

Supervisor

  1. - Username : test_supervisor@mydomain.com
  2. - Password : default

Setup email credential (for dev puposes only)

  1. - EDITOR="vim --wait" rails credentials:edit --environment development

Edit the below content as per your gmail creditials. Gmail is used as SMTP gateway.

  1. gmail:
  2.   mail_username: your_email_id@gmail.com
  3.   mail_password: your_password

Turn on Gmail “Less secure app access” to use Gmail as gateway. For more details, please go through this (https://support.google.com/cloudidentity/answer/6260879?hl=en). Please note, “Your account is vulnerable because you allow apps and devices that use less secure sign-in technology to access your account.” (Copied from Google).

Testing:

To open the website : http://127.0.0.1:3000

API test using CuRL

  1. Sign in
  2. -------
  3. curl -X POST -v -H 'Content-Type: application/json' https://still-journey-99004.herokuapp.com/api/auth/sign_in -d '{"user" : {"email": "test_admin@mydomain.com", "password": "default" }}'
  5. Access Customers.json
  6. ----------------------
  7. curl -X GET -v -H 'Content-Type: application/json' -H 'Authorization: Bearer <Token returned from sign_in api>' https://still-journey-99004.herokuapp.com/api/v1/customers
  9. Sign out
  10. --------
  11. curl -X DELETE -v -H 'Content-Type: application/json' https://still-journey-99004.herokuapp.com/api/auth/sign_out -d '{"authenticity_token" : "<Token returned from sign_in api>" }'
  13. Note : Replace the token returned from 'api/auth/sign_in' to <Token returned from sign_in api>

API test using AJAX

  1.   Sign in
  2.   -------
  3.   $.ajax({
  4.     type: "POST",
  5.     dataType: "json",
  6.     url: "http://127.0.0.1:3000/api/auth/sign_in",
  7.     data: {
  8.       user: {
  9.         email: "test@mydomain.com",
  10.         password: "default"
  11.       }
  12.     },
  13.     success: function(data, textStatus, request) {
  14.       localStorage.token = data.token;
  15.       console.log('Got a token from the server! Token: ' + data.resource.email + " " + localStorage.token);
  16.     },
  17.     error: function() {
  18.       alert("Login Failed");
  19.     }
  20.   });
  22.   Access Customers.json
  23.   ---------------------
  25.   $.ajax({
  26.     type: 'GET',
  27.     url: 'http://127.0.0.1:3000/api/v1/customers',
  28.     beforeSend: function(xhr) {
  29.       if (localStorage.token) {
  30.         xhr.setRequestHeader('Authorization', 'Bearer ' + localStorage.token);
  31.       }
  32.     },
  33.     success: function(data) {
  34.       console.log('Hello ' + JSON.stringify(data) + '! You have successfully accessed to /api/v1/customers.');
  35.     },
  36.     error: function() {
  37.       alert("Sorry, you are not logged in.");
  38.     }
  39.   });
  41.   Sign out
  42.   --------
  44.   $.post(
  45.       "http://127.0.0.1:3000/api/auth/sign_out",
  46.       {
  47.           'authenticity_token': localStorage.token,
  48.           '_method': 'DELETE'
  49.       }
  50.   ).done(function(data) {
  51.       localStorage.clear();
  52.       console.log('sign_out status : ' + data.status);
  53.   }).fail(function() {
  54.       alert("Logout Failed");
  55.   });

Please use the html file, available in “misc_test” folder for AJAX based API test.

TODOs:

  1. *) Dockerize the application for development environment
  2. *) Dockerize the production application with heroku support