Farmbot-Web-App/app/lib/session_token.rb

# Generates a JSON Web Token (JWT) for a given user. Typically placed in the
# `Authorization` header, or used a password to gain access to the MQTT server.
class SessionToken < AbstractJwtToken
  MUST_VERIFY = "Verify account first"
  MQTT = ENV.fetch("MQTT_HOST")
  # No beta URL provided? Then provide the latest stable.
  DEFAULT_BETA_URL =
    "https://api.github.com/repos/FarmBot/farmbot_os/releases/latest"
  # If you are not using the standard MQTT broker (eg: you use a 3rd party
  # MQTT vendor), you will need to change this line.
  DEFAULT_MQTT_WS =
    "#{ENV["FORCE_SSL"] ? "wss://" : "ws://"}#{ENV.fetch("MQTT_HOST")}:3002/ws"
  MQTT_WS = ENV["MQTT_WS"] || DEFAULT_MQTT_WS
  EXPIRY = 40.days
  VHOST = ENV.fetch("MQTT_VHOST") { "/" }
  BETA_OS_URL   = ENV["BETA_OTA_URL"] || DEFAULT_BETA_URL
  DEFAULT_OS    = "https://api.github.com/repos/farmbot/farmbot_os/releases" +
  "/latest"
  # Originally imported from `CalculateVersion` mutation (check source control
  # for context) - RC
  OS_RELEASE_SERVER = ENV.fetch("OS_UPDATE_SERVER", DEFAULT_OS)

  def self.issue_to(user,
                    iat: Time.now.to_i,
                    exp: EXPIRY.from_now.to_i,
                    iss: $API_URL,
                    aud: AbstractJwtToken::UNKNOWN_AUD,
                    fbos_version:) # Gem::Version
    unless user.verified?
      Rollbar.info("Verification Error", email: user.email)
      raise Errors::Forbidden, MUST_VERIFY
    end
    jti = SecureRandom.uuid
    TokenIssuance.create!(device_id: user.device.id, exp: exp, jti: jti)
    self.new([{ aud: aud,
               sub: user.id,
               iat: iat,
               jti: jti,
               iss: iss,
               exp: exp,
               mqtt: MQTT,
               bot: "device_#{user.device.id}",
               vhost: VHOST,
               mqtt_ws: MQTT_WS,
               os_update_server: OS_RELEASE_SERVER,
               beta_os_update_server: BETA_OS_URL }])
  end

  def self.as_json(user, aud, fbos_version, exp = EXPIRY.from_now.to_i)
    { token: SessionToken.issue_to(user, iss: $API_URL,
                                         aud: aud,
                                         exp: exp,
                                         fbos_version: fbos_version),
      user: user }
  end
end
Add doc comments to classes and modules in /lib. NEXT: Markdown docs. 2016-12-27 11:19:35 -07:00			`# Generates a JSON Web Token (JWT) for a given user. Typically placed in the`
			# `Authorization` header, or used a password to gain access to the MQTT server.
Fix failing user registration test 2016-12-01 13:19:00 -07:00			`class SessionToken < AbstractJwtToken`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`MUST_VERIFY = "Verify account first"`
			`MQTT = ENV.fetch("MQTT_HOST")`
Fix same origin errors 2018-02-20 09:15:45 -07:00			`# No beta URL provided? Then provide the latest stable.`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`DEFAULT_BETA_URL =`
Fix same origin errors 2018-02-20 09:15:45 -07:00			`"https://api.github.com/repos/FarmBot/farmbot_os/releases/latest"`
Documentation for new mqtt_ws claim 2017-10-05 15:42:46 -06:00			`# If you are not using the standard MQTT broker (eg: you use a 3rd party`
			`# MQTT vendor), you will need to change this line.`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`DEFAULT_MQTT_WS =`
Introduce a "Flat IR" for sequence nodes (#655) This is the first release of the Flat IR storage mechanism. 2018-02-11 12:33:46 -07:00			`"#{ENV["FORCE_SSL"] ? "wss://" : "ws://"}#{ENV.fetch("MQTT_HOST")}:3002/ws"`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`MQTT_WS = ENV["MQTT_WS"] \|\| DEFAULT_MQTT_WS`
			`EXPIRY = 40.days`
			`VHOST = ENV.fetch("MQTT_VHOST") { "/" }`
Missing constants 2019-04-04 07:37:52 -06:00			`BETA_OS_URL = ENV["BETA_OTA_URL"] \|\| DEFAULT_BETA_URL`
			`DEFAULT_OS = "https://api.github.com/repos/farmbot/farmbot_os/releases" +`
			`"/latest"`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			# Originally imported from `CalculateVersion` mutation (check source control
			`# for context) - RC`
Missing constants 2019-04-04 07:37:52 -06:00			`OS_RELEASE_SERVER = ENV.fetch("OS_UPDATE_SERVER", DEFAULT_OS)`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00
Change `iss` to point to servers URL 2016-03-24 09:02:48 -06:00			`def self.issue_to(user,`
			`iat: Time.now.to_i,`
			`exp: EXPIRY.from_now.to_i,`
Add aud claim 2017-10-04 13:10:29 -06:00			`iss: $API_URL,`
Add fbos_version as a param to token creation 2017-12-05 15:17:22 -07:00			`aud: AbstractJwtToken::UNKNOWN_AUD,`
			`fbos_version:) # Gem::Version`
Rollbar on verification error 2017-08-30 09:43:06 -06:00			`unless user.verified?`
			`Rollbar.info("Verification Error", email: user.email)`
Test: prevent unverified users from minting session tokens 2017-10-08 20:06:10 -06:00			`raise Errors::Forbidden, MUST_VERIFY`
Rollbar on verification error 2017-08-30 09:43:06 -06:00			`end`
Token issuance table (DRAFT) 2018-03-28 15:28:21 -06:00			`jti = SecureRandom.uuid`
			`TokenIssuance.create!(device_id: user.device.id, exp: exp, jti: jti)`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`self.new([{ aud: aud,`
			`sub: user.id,`
			`iat: iat,`
			`jti: jti,`
			`iss: iss,`
			`exp: exp,`
			`mqtt: MQTT,`
			`bot: "device_#{user.device.id}",`
			`vhost: VHOST,`
			`mqtt_ws: MQTT_WS,`
			`os_update_server: OS_RELEASE_SERVER,`
			`beta_os_update_server: BETA_OS_URL }])`
[UNSTABLE] Working JWTs on /api/tokens. Need to write tests and handle edge cases 2015-12-11 10:17:45 -07:00			`end`
[STABLE] Done with user email verification (API only) 2016-12-07 16:07:21 -07:00
Updates to help_customer helper 2020-03-25 13:56:43 -06:00			`def self.as_json(user, aud, fbos_version, exp = EXPIRY.from_now.to_i)`
Add fbos_version as a param to token creation 2017-12-05 15:17:22 -07:00			`{ token: SessionToken.issue_to(user, iss: $API_URL,`
			`aud: aud,`
Updates to help_customer helper 2020-03-25 13:56:43 -06:00			`exp: exp,`
Add fbos_version as a param to token creation 2017-12-05 15:17:22 -07:00			`fbos_version: fbos_version),`
Legacy support removals, Part I 2019-03-11 16:54:39 -06:00			`user: user }`
[STABLE] Done with user email verification (API only) 2016-12-07 16:07:21 -07:00			`end`
[UNSTABLE] Working JWTs on /api/tokens. Need to write tests and handle edge cases 2015-12-11 10:17:45 -07:00			`end`