{"id":25436709,"url":"https://github.com/hayfever/sorcery-jwt","last_synced_at":"2025-11-01T04:30:22.638Z","repository":{"id":33207043,"uuid":"155005047","full_name":"hayfever/sorcery-jwt","owner":"hayfever","description":"JWT extension for the Sorcery authentication gem","archived":false,"fork":false,"pushed_at":"2024-07-04T11:14:46.000Z","size":50,"stargazers_count":19,"open_issues_count":3,"forks_count":15,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-11-15T05:19:28.876Z","etag":null,"topics":["authentication","jwt","rails","rails-api","ruby","sorcery"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hayfever.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-27T20:12:42.000Z","updated_at":"2023-06-19T15:55:57.000Z","dependencies_parsed_at":"2023-02-10T18:00:28.999Z","dependency_job_id":null,"html_url":"https://github.com/hayfever/sorcery-jwt","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hayfever%2Fsorcery-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hayfever%2Fsorcery-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hayfever%2Fsorcery-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hayfever%2Fsorcery-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hayfever","download_url":"https://codeload.github.com/hayfever/sorcery-jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239255559,"owners_count":19608303,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","jwt","rails","rails-api","ruby","sorcery"],"created_at":"2025-02-17T08:21:50.536Z","updated_at":"2025-11-01T04:30:22.598Z","avatar_url":"https://github.com/hayfever.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Sorcery::Jwt\n\nJwt extension for the Sorcery authentication library\n\n# NOTE: Sorcery v1 is being developed and JWT is being implemented as a core plugin. See https://github.com/Sorcery/sorcery-rework/issues/9 for more.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'sorcery-jwt'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install sorcery-jwt\n\n## Usage\n\nFirst, include the `:jwt` submodule in your list of configured Sorcery submodules:\n\n```\nRails.application.config.sorcery.submodules = [:jwt, ...]\n```\n\nNext, in the Sorcery `user_config`, set the secret and algorithm that will be used to sign your tokens. You can also set length of time in seconds that the token will be valid for. Note that this is configured separately from the `:session_timeout` submodule.\n\n```\nRails.application.config.sorcery.configure do |config|\n  # ...\n  config.user_config do |user|\n    # ...\n    user.jwt_secret = Rails.application.secrets.secret_key_base\n    user.jwt_algorithm = \"HS256\" # HS256 is used by default.\n    user.session_expiry = 60 * 60 * 24 * 7 * 2 # 2 weeks is used by default.\n  end\nend\n```\n\nAvailable algorithms are listed at https://github.com/jwt/ruby-jwt.\n\nYou're now ready to start using the library. By including the submodule, each request will check for an authorization header with a JWT as the value. If the JWT is valid, it will set the `current_user` in the controller to the matching user. It is up to you to handle what happens when a token is invalid or JWTs need to be revoked. Some ideas here: http://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies.\n\nTo login a user and issue a token, use the `login_and_issue_token` method from a controller. This method takes the same `email` and `password` arguments that the Sorcery `authenticate` method does.\n\nExample:\n\n```\ndef login\n  token = login_and_issue_token(params[:email], params[:password])\n\n  render json: {\n    user: serialize(current_user),\n    token: token\n  }\nend\n```\n\nBy using `login_and_issue_token` with valid credentials, you're also setting `current_user` in your controller.\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\nTo install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/hayfever/sorcery-jwt. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the Sorcery::Jwt project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/hayfever/sorcery-jwt/blob/master/CODE_OF_CONDUCT.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhayfever%2Fsorcery-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhayfever%2Fsorcery-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhayfever%2Fsorcery-jwt/lists"}