Commit 854556c

mo <mo.khan@gmail.com>
2018-01-13 23:09:14
generate separate key pair for signing jwts.
main
1 parent 707ad20
Changed files (3)
app
models
bearer_token.rb
user.rb
config
initializers
jwt.rb
app/models/bearer_token.rb
@@ -1,5 +1,5 @@
 class BearerToken
-  def initialize(private_key = Saml::Kit.configuration.private_keys(use: :signing).last)
+  def initialize(private_key = Rails.application.config.x.jwt.private_key)
     @private_key = private_key
     @public_key = private_key.public_key
   end
app/models/user.rb
@@ -14,15 +14,6 @@ class User < ApplicationRecord
     request.trusted? ? trusted_attributes : {}
   end
 
-  def self.login(email, password)
-    return if email.blank? || password.blank?
-
-    user = User.find_by!(email: email)
-    user.authenticate(password) ? user : nil
-  rescue ActiveRecord::RecordNotFound
-    nil
-  end
-
   def to_scim(url_helpers)
     Scim::Shady::User.build do |x|
       x.id = uuid
@@ -34,6 +25,15 @@ class User < ApplicationRecord
     end
   end
 
+  def self.login(email, password)
+    return if email.blank? || password.blank?
+
+    user = User.find_by!(email: email)
+    user.authenticate(password) ? user : nil
+  rescue ActiveRecord::RecordNotFound
+    nil
+  end
+
   private
 
   def access_token
config/initializers/jwt.rb
@@ -0,0 +1,1 @@
+Rails.application.config.x.jwt.private_key = OpenSSL::PKey::RSA.new(2048)