From e0ec5e2c51566ed38a667636852d8a9322d03d83 Mon Sep 17 00:00:00 2001 From: GitAlexei Date: Wed, 25 Mar 2015 10:27:52 +0200 Subject: [PATCH] Update README.md --- README.md | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index d06ec04..daa42c8 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ JWT Authentication [jwt-gem]: https://github.com/progrium/ruby-jwt [sta-gem]: https://github.com/gonzalo-bulnes/simple_token_authentication -This is mix of [Simple Token Authentication][sta-gem] and [JWT][jwt-gem], based on [Devise][devise]. +This is a mix of [Simple Token Authentication][sta-gem] and [JWT][jwt-gem], based on [Devise][devise]. @@ -31,7 +31,7 @@ Using ### Models -Make models token authenticatable +Make the models token authenticatable #### ActiveRecord @@ -58,15 +58,15 @@ end ``` Method `acts_as_jwt_authenticatable` extends Model with several methods: `:jwt_token`, `:generate_authentication_token!` -and some others. Obviously, `jwt_token` returns token for current record and `:generate_authentication_token!` updates record with new authentication_token. +and some others. Obviously, `:jwt_token` returns token for current record and `:generate_authentication_token!` updates record with new authentication_token. -If the model or models you chose have no `:authentication_token` attribute, add them one (with an index): +If the model or models that you have chosen does not contain `:authentication_token` column, then add the new column onto it (with index): ```bash rails g jwt_authentication MODEL ``` This will add 'acts_as_jwt_authenticatable' to specified MODEL. Also, this will generate migration for adding 'authentication_token' to MODEL. -To skip generating migration, add '-m' parameter: rails g jwt_authentication User -m. +To skip generating migration add '-m' parameter: rails g jwt_authentication User -m. Migration looks like: ```ruby def change @@ -100,12 +100,12 @@ Define controllers, which will handle jwt authentication (typ. `HomeController`) end ``` -Method `acts_as_jwt_authentication_handler` extends controller with methods: `:jwt_authenticate_user`, `::jwt_authenticate_user!` and some others. +Method `acts_as_jwt_authentication_handler` extends controller with methods: `:jwt_authenticate_user`, `:jwt_authenticate_user!` and with another ones. Instead of _user_ there will be specified model names, pair of methods for each model. See detailed parameters and methods description in [Authentication](#authentication) -Atfer controller was extended with jwt_authentication helpers, you may authenticate entity in actions or in before filter: +Atfer controller was extended with jwt_authentication helpers, you may authenticate entity in _actions_ or in _before filter_: ```ruby class TerminalsController < ActionController @@ -147,8 +147,8 @@ JwtAuthentication.configure do |config| # # # Configure models, that will be default for `acts_as_jwt_authentication_handler` calling. # # Note: specified model should have `authentication_token` attribute (Model should "act as jwt authenticatable") - # # header_name - name of header to search auth_token in request - # # param_name - name of parameters to search auth_token in request + # # header_name - name of header to search auth_token within request + # # param_name - name of parameters to search auth_token within request # # sign_in - method to be executed if authentication success, possible values: :devise, :simplified # # if :devise selected, devises method sign_in() will be called at success authentication, # # if :simplified selected, instance variable with name of resource will be set (@user or @terminal) @@ -162,20 +162,20 @@ JwtAuthentication.configure do |config| # # Configure jwt timeout leeway (value in seconds) # config.jwt_timeout_leeway = 60 # - # # Configure jwt timeout for simple login (without "remember me) + # # Configure jwt timeout for simple login (without "remember me") # # Devise SessionsController generates jwt according to this parameter # # * This parameter may be overridden in each model: # # acts_as_jwt_authenticatable jwt_timeout: 10.minutes # config.jwt_timeout = 20.minutes # - # # Configure jwt timeout for session login (with "remember me) + # # Configure jwt timeout for session login (with "remember me") # # Devise SessionsController generates jwt according to this parameter # # * This parameter may be overridden in each model: # # acts_as_jwt_authenticatable jwt_timeout_remember_me: 1.week # config.jwt_timeout_remember_me = 1.month # - # # Configure list of model keys, to be stored in jwt payload. - # # Also, record we be searched by this fields at authentication. + # # Configure list of model keys to be stored in jwt payload. + # # Also, record will be searched by this fields at authentication. # # * This parameter may be overridden in each model: # # acts_as_jwt_authenticatable key_fields: [:email, :id] # config.key_fields = [:email] @@ -187,13 +187,13 @@ end Authentication ----- -As there was mentioned in [Using](#using), method `acts_as_jwt_authentication_handler` add to controller two methods: +As there was mentioned in [Using](#using), method `acts_as_jwt_authentication_handler` adds to controller two methods: `:jwt_authenticate_user` and `:jwt_authenticate_user!`. Method with bang raises error, if authentication falls, method without bang do nothing if authentication falls. - Authentication process in primitive simple: -* Analize request - try to find token in params or header. If token not found, authentication falls. + Authentication process is pretty simple: +* Analize request - try to find token either in params or header. If token is not found, authentication falls. * Read payload from jwt -* Search for entity by field, that payload contains. If entity not found, authentication falls. +* Search for entity by field, that payload contains. If entity is not found, authentication falls. * Decode jwt with entities `authentication_token` (private key, that is stored as entities field). If `jwt_timeout_verify` specified, timeout verification will take place also. * If token successfully verified - _sign_in handler_ will be called, otherwise authentication falls. @@ -213,8 +213,8 @@ Devise ----- JwtAuthentication inherits devise controllers: Registrations, Confirmations, Sessions, Passwords. -So, you can extend this functionality with inheritance or overriding some of them. -Note, that you need to specify routes to this inherited controllers, like this: +So, you can extend this functionality with inheritance or override of some of them. +Note, that you need to specify routes to this inherited controllers, like here: ```ruby # config/routes.rb ... @@ -224,4 +224,4 @@ devise_for :users, module: :jwt_authentication ``` _Note: request format will be set to `:json` by before filter `:set_request_format!`, that is plugged to each inherited devise controller. It is necessary for process action if `warder.authenticate!` falls. It will render view for sessions creating by default, -by in our case, we need json response :unauthorized_ +but in our case we need json response :unauthorized_