get JWT token from a header

bump version
damianham · May 15, 2019 · da0a998 · da0a998
1 parent 4c96a5f
commit da0a998
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/app/src/pipes/authenticate_jwt.cr.lqd b/app/src/pipes/authenticate_jwt.cr.lqd
@@ -5,17 +5,21 @@ end
 class AuthenticateJWT < Amber::Pipe::Base
   PUBLIC_PATHS = ["/", "/signin", "/session", "/signup", "/registration", "/me"]
 
-  # add the names of the app modules
+  # add the regular expressions of paths that have public access
+  # e.g. add paths to view instances of certain models or all paths
+  # within the support tree
   REGEX_PATHS = [
     %r(/categories(/\d+)?$),
     %r(/products(/\d+)?$),
     %r(/comments(/\d+)?$),
     %r(/some_model_name(/\d+)?$),
+    %r(/support/.*$/),
   ]
 
   def call(context)
-    if context.params["token"]?
-      payload, header = JWT.decode(context.params["token"], Amber.settings.secret_key_base, "HS256")
+    token = context.params["token"]? || context.request.headers["x-jwt-token"]?
+    if token
+      payload, header = JWT.decode(token, Amber.settings.secret_key_base, "HS256")
       user = User.find_by(email: payload["email"].to_s) unless payload["email"]?.nil?
     elsif user_id = context.session["user_id"]?
       user = User.find user_id

diff --git a/shard.yml b/shard.yml
@@ -1,5 +1,5 @@
 name: amber_react_sidebar
-version: 1.0.3
+version: 1.0.4
 
 authors:
    - Damian Hamill <damianham@gmail.com>