Skip to content

There is something I don't get #1

New issue
New issue
Open
Open
There is something I don't get#1
@gordielachance

Description

@gordielachance
gordielachance
opened on Feb 27, 2020

Hi !
Thanks for your nice tutorial. There is something I don't get, though.

At this line

JWT-Auth-with-Rails/app/auth/authenticate_user.rb

Line 21 in 46163e2

return user if user && user.authenticate(password)
, user.authenticate(password)_ is called.

the function authenticate(email, password) gets AuthenticateUser.call(email, password) at

JWT-Auth-with-Rails/app/auth/authenticate_user.rb

Line 13 in 46163e2

def call

I just don't see where in there the password is checked. Just looks like a weird loop to me, we are boucing from authenticate_user.rb > users_controller.rb > authenticate_user.rb.

Could you explain a bit ?

Thing is, i'm trying to adapt your code to validate the user in another manner : I want to compare the current date to the expires_at datetime stored in the user row.
If the difference is negative (it IS expired), I want to fire a specific authentification error ("api key has expired")

So is my updated function OK ?

def user
  user = User.find_by api_key: api_key

  if user
    a = DateTime.now
    b = user.expires_at.to_datetime
    seconds = ((b - a) * 24 * 60 * 60).to_i

    if seconds <= 0
      errors.add :user_authentication, 'API key has expired'
      return
    else
      return user
    end

  end

  errors.add :user_authentication, 'Invalid credentials'
  nil
end

Thanks !

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions