今していること
rails5にてknockを使用し、jwtを用いた認証機能作成
ruby 2.4.5
Rails 5.2.1
実現したこと
login時にuserが無い場合、error messageを返す
問題点
user無い場合404が返ってくる
Knock responds with a 404 Not Found when the user cannot be found or the password is invalid ```との記載 →knock.rbにexception class追加、しかし404が返ってくる
Knock.setup do |config|
Expiration claim
----------------
How long before a token is expired. If nil is provided, token will
last forever.
Default:
config.token_lifetime = 1.day
Audience claim
--------------
Configure the audience claim to identify the recipients that the token
is intended for.
Default:
config.token_audience = nil
If using Auth0, uncomment the line below
config.token_audience = -> { Rails.application.secrets.auth0_client_id }
Signature algorithm
-------------------
Configure the algorithm used to encode the token
Default:
config.token_signature_algorithm = 'HS256'
Signature key
-------------
Configure the key used to sign tokens.
Default:
config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
config.token_secret_signature_key = -> { Rails.application.credentials.fetch(:secret_key_base) }
If using Auth0, uncomment the line below
config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
Public key
----------
Configure the public key used to decode tokens, if required.
Default:
config.token_public_key = nil
Exception Class
---------------
Configure the exception to be used when user cannot be found.
Default:
config.not_found_exception_class_name = 'ActiveRecord::RecordNotFound' ←ここ追加!!
end
//routes.rb
Rails.application.routes.draw do
post 'user_token' => 'user_token#create'
resources :users
For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
end
//user_token_controller.rb
class UserTokenController < Knock::AuthTokenController
#skip_before_action :verify_authenticity_token, raise: false
end
//application_controller.rb
class ApplicationController < ActionController::API
include Knock::Authenticable
#undef_method :current_user
end
//user.rb
class User < ApplicationRecord
has_secure_password
validates :firstName, {presence: true}
validates :lastName, {presence: true}
validates :email, {presence: true, uniqueness: true}
validates :password, {presence: true}
def to_token_payload
{
sub: id,
email: email
}
end
end
よろしくお願いいたします。
あなたの回答
tips
プレビュー