57 lines
2.2 KiB
Ruby
57 lines
2.2 KiB
Ruby
# Generates a JSON Web Token (JWT) for a given user. Typically placed in the
|
|
# `Authorization` header, or used a password to gain access to the MQTT server.
|
|
class SessionToken < AbstractJwtToken
|
|
MUST_VERIFY = "Verify account first"
|
|
MQTT = ENV.fetch("MQTT_HOST")
|
|
# No beta URL provided? Then provide the latest stable.
|
|
DEFAULT_BETA_URL =
|
|
"https://api.github.com/repos/FarmBot/farmbot_os/releases/latest"
|
|
# If you are not using the standard MQTT broker (eg: you use a 3rd party
|
|
# MQTT vendor), you will need to change this line.
|
|
DEFAULT_MQTT_WS =
|
|
"#{ENV["FORCE_SSL"] ? "wss://" : "ws://"}#{ENV.fetch("MQTT_HOST")}:3002/ws"
|
|
MQTT_WS = ENV["MQTT_WS"] || DEFAULT_MQTT_WS
|
|
EXPIRY = 40.days
|
|
VHOST = ENV.fetch("MQTT_VHOST") { "/" }
|
|
BETA_OS_URL = ENV["BETA_OTA_URL"] || DEFAULT_BETA_URL
|
|
DEFAULT_OS = "https://api.github.com/repos/farmbot/farmbot_os/releases" +
|
|
"/latest"
|
|
# Originally imported from `CalculateVersion` mutation (check source control
|
|
# for context) - RC
|
|
OS_RELEASE_SERVER = ENV.fetch("OS_UPDATE_SERVER", DEFAULT_OS)
|
|
|
|
def self.issue_to(user,
|
|
iat: Time.now.to_i,
|
|
exp: EXPIRY.from_now.to_i,
|
|
iss: $API_URL,
|
|
aud: AbstractJwtToken::UNKNOWN_AUD,
|
|
fbos_version:) # Gem::Version
|
|
unless user.verified?
|
|
Rollbar.info("Verification Error", email: user.email)
|
|
raise Errors::Forbidden, MUST_VERIFY
|
|
end
|
|
jti = SecureRandom.uuid
|
|
TokenIssuance.create!(device_id: user.device.id, exp: exp, jti: jti)
|
|
self.new([{ aud: aud,
|
|
sub: user.id,
|
|
iat: iat,
|
|
jti: jti,
|
|
iss: iss,
|
|
exp: exp,
|
|
mqtt: MQTT,
|
|
bot: "device_#{user.device.id}",
|
|
vhost: VHOST,
|
|
mqtt_ws: MQTT_WS,
|
|
os_update_server: OS_RELEASE_SERVER,
|
|
beta_os_update_server: BETA_OS_URL }])
|
|
end
|
|
|
|
def self.as_json(user, aud, fbos_version, exp = EXPIRY.from_now.to_i)
|
|
{ token: SessionToken.issue_to(user, iss: $API_URL,
|
|
aud: aud,
|
|
exp: exp,
|
|
fbos_version: fbos_version),
|
|
user: user }
|
|
end
|
|
end
|