{"id":14969831,"url":"https://github.com/metabronx/mais-access","last_synced_at":"2025-10-26T10:30:37.783Z","repository":{"id":56882645,"uuid":"202657334","full_name":"metabronx/mais-access","owner":"metabronx","description":"Enforced HTTP/JWT authentication middleware for MAIS.","archived":false,"fork":false,"pushed_at":"2023-02-16T16:01:29.000Z","size":29,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":16,"default_branch":"main","last_synced_at":"2025-01-31T18:07:11.006Z","etag":null,"topics":["authentication","gem","jwt","mais","middleware","rails","ruby","ruby-on-rails","rubygems","security"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/metabronx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-08-16T04:17:22.000Z","updated_at":"2023-01-24T12:30:38.000Z","dependencies_parsed_at":"2023-02-08T19:46:27.282Z","dependency_job_id":null,"html_url":"https://github.com/metabronx/mais-access","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/metabronx%2Fmais-access","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/metabronx%2Fmais-access/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/metabronx%2Fmais-access/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/metabronx%2Fmais-access/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/metabronx","download_url":"https://codeload.github.com/metabronx/mais-access/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238310129,"owners_count":19450798,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","gem","jwt","mais","middleware","rails","ruby","ruby-on-rails","rubygems","security"],"created_at":"2024-09-24T13:42:27.860Z","updated_at":"2025-10-26T10:30:32.508Z","avatar_url":"https://github.com/metabronx.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MAIS Access\n\nmais-access provides a simple yet secure HTTP/JWT authentication middleware for applications developed within the MAIS system. After initial connection, sessions for authenticated clients are validated by JSON Web Tokens for reduced overhead and improved security.\n\n## How it works\n\nAt the core of MAIS Access is a Railtie (`lib/access.rb`). Upon load, it mutates `ApplicationController` by adding, among other helper methods, a `before_action` that either checks for a valid JSON Web Token (JWT) or requires HTTP Basic Authentication.\n\nIf there is a valid JWT cookie attached to the request, that token is sent to MAIS Accounts for verification. If successful, the user's information is parsed from it and passed along to the app.\n\nIf there isn't a valid JWT (it's either missing or expired), the user is prompted for their credentials. Those credentials are encrypted and sent to MAIS Accounts, which compares them against known users. If successful, the user is authenticated like above and a JWT cookie is passed back and written to the user's browser for future requests. If it's not successful, the user is prompted again.\n\nIn flowchart form:\n\n```mermaid\n%%{init: { \"flowchart\": { \"curve\": \"linear\" } } }%%\nflowchart TD\n    A(CAN THE USER ACCESS?) --\u003e B{Is there a JWT cookie?}\n    B -- No --\u003e C[[Ask for credentials]]\n    B -- Yes ---\u003e D{Is it valid?}\n    C --\u003e E{Are they valid?}\n\n    subgraph MAIS Accounts\n    AA[[GET /verify]]\n    BB[[POST /authenticate]]\n    end\n\n    D -.-\u003e AA\n    E -.-\u003e BB\n\n    AA -- No --\u003eC\n    BB -- No --\u003eC\n    BB -- Yes --\u003e F[[Set JWT cookie]] --\u003e G\n    AA -- Yes --\u003e G((ALLOW))\n    \n    style G fill:#2D882D\n```\n\n## License\n\nCopyright (c) 2023 [Elias Gabriel](https://eliasfgabriel.com/), [sdbase](http://sdbase.com/)\n\nThis work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.\n\nTo view a copy of this license, visit \u003chttp://creativecommons.org/licenses/by-nc-sa/4.0/\u003e or send a letter to Creative Commons, PO Box 1866, Mountain View, CA 94042, USA.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmetabronx%2Fmais-access","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmetabronx%2Fmais-access","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmetabronx%2Fmais-access/lists"}