daveyholler · December 2, 2021 17:04
diff --git a/application_controller.rb b/application_controller.rb
 # frozen_string_literal: true

 class ApplicationController < ActionController::API
  before_action :authorized

  def encode_token(payload)
    JWT.encode(payload, 'mySuperSecretKey')
  end

  def auth_header
    # { Authorization: 'Bearer <token>' }
    request.headers['Authorization']
  end

  def decoded_token
    if auth_header
      token = auth_header.split(' ')[1]
      # header: { 'Authorization': 'Bearer <token>' }
      begin
        JWT.decode(token, 'mySuperSecretKey', true, algorithm: 'HS256')
      rescue JWT::DecodeError
        nil
      end
    end
  end

  def logged_in_user
    if decoded_token
      user_id = decoded_token[0]['user_id']
      @user = User.find_by(id: user_id)
    end
  end

  def logged_in?
    !!logged_in_user
  end

  def authorized
    render json: { message: 'Please log in' }, status: :unauthorized unless logged_in?
  end
 end
diff --git a/cors.rb b/cors.rb
 # initializers/cors.rb
 # frozen_string_literal: true

 Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins '*'

    resource '*',
      headers: :any,
      methods: [:get, :post, :put, :patch, :delete, :options, :head]
  end
 end
diff --git a/routes.rb b/routes.rb
 # frozen_string_literal: true

 Rails.application.routes.draw do
  resource :users, only: [:create]
  post '/login', to: 'users#login'
  get '/authenticate', to: 'users#authenticate'
 end
diff --git a/user.rb b/user.rb
 # frozen_string_literal: true

 class User < ApplicationRecord
  has_secure_password
 end
diff --git a/users_controller.rb b/users_controller.rb
 # frozen_string_literal: true

 # Defines the UsersController class
 class UsersController < ApplicationController
  before_action :authorized, only: [:authenticate]

  # REGISTER
  def create
    @user = User.create(user_params)
    if @user.valid?
      token = encode_token({ user_id: @user.id })
      render json: { user: @user, token: token }
    else
      render json: { error: 'Invalid username or password' }
    end
  end

  # LOGGING IN
  def login
    @user = User.find_by(email: params[:email])

    if @user && @user.authenticate(params[:password])
      token = encode_token({ user_id: @user.id })
      render json: { user: @user, token: token }
    else
      render json: { error: 'Invalid username or password' }, status: :unauthorized
    end
  end

  def authenticate
    render json: @user
  end

  private

  def user_params
    params.permit(:username, :password, :age)
  end
 end
	# frozen_string_literal: true

	class ApplicationController < ActionController::API
	before_action :authorized

	def encode_token(payload)
	JWT.encode(payload, 'mySuperSecretKey')
	end

	def auth_header
	# { Authorization: 'Bearer <token>' }
	request.headers['Authorization']
	end

	def decoded_token
	if auth_header
	token = auth_header.split(' ')[1]
	# header: { 'Authorization': 'Bearer <token>' }
	begin
	JWT.decode(token, 'mySuperSecretKey', true, algorithm: 'HS256')
	rescue JWT::DecodeError
	nil
	end
	end
	end

	def logged_in_user
	if decoded_token
	user_id = decoded_token[0]['user_id']
	@user = User.find_by(id: user_id)
	end
	end

	def logged_in?
	!!logged_in_user
	end

	def authorized
	render json: { message: 'Please log in' }, status: :unauthorized unless logged_in?
	end
	end
	# initializers/cors.rb
	# frozen_string_literal: true

	Rails.application.config.middleware.insert_before 0, Rack::Cors do
	allow do
	origins '*'

	resource '*',
	headers: :any,
	methods: [:get, :post, :put, :patch, :delete, :options, :head]
	end
	end
	# frozen_string_literal: true

	Rails.application.routes.draw do
	resource :users, only: [:create]
	post '/login', to: 'users#login'
	get '/authenticate', to: 'users#authenticate'
	end
	# frozen_string_literal: true

	class User < ApplicationRecord
	has_secure_password
	end
	# frozen_string_literal: true

	# Defines the UsersController class
	class UsersController < ApplicationController
	before_action :authorized, only: [:authenticate]

	# REGISTER
	def create
	@user = User.create(user_params)
	if @user.valid?
	token = encode_token({ user_id: @user.id })
	render json: { user: @user, token: token }
	else
	render json: { error: 'Invalid username or password' }
	end
	end

	# LOGGING IN
	def login
	@user = User.find_by(email: params[:email])

	if @user && @user.authenticate(params[:password])
	token = encode_token({ user_id: @user.id })
	render json: { user: @user, token: token }
	else
	render json: { error: 'Invalid username or password' }, status: :unauthorized
	end
	end

	def authenticate
	render json: @user
	end

	private

	def user_params
	params.permit(:username, :password, :age)
	end
	end