Add JWT authentication to the Manager app

2026-01-10 17:21:38 -05:00 · 2025-02-26 22:08:12 +01:00 · 2025-02-26 22:08:12 +01:00 · e368df4e10
commit e368df4e10
parent 95717db1bf
4 changed files with 20 additions and 2 deletions
--- a/1
+++ b/1
@ -37,6 +37,7 @@ gem 'strong_migrations'
 gem 'tailwindcss-rails'
 gem 'turbo-rails'
 gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
+gem 'jwt'

 group :development, :test do
  gem 'debug', platforms: %i[mri mingw x64_mingw]
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -167,6 +167,8 @@ GEM
    json (2.9.1)
    json-schema (5.0.1)
      addressable (~> 2.8)
+    jwt (2.10.1)
+      base64
    kaminari (1.2.2)
      activesupport (>= 4.1.0)
      kaminari-actionview (= 1.2.2)
@ -466,6 +468,7 @@ DEPENDENCIES
  groupdate
  httparty
  importmap-rails
+  jwt
  kaminari
  lograge
  oj
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -99,6 +99,20 @@ class User < ApplicationRecord
    end
  end

+  # Generates a secure token for cross-application authentication with the subscription app
+  # @return [String] JWT token containing user identity information
+  def generate_subscription_token
+    payload = {
+      user_id: id,
+      email: email,
+      exp: 30.minutes.from_now.to_i
+    }
+
+    secret_key = ENV['JWT_SECRET_KEY']
+
+    JWT.encode(payload, secret_key, 'HS256')
+  end
+
  private

  def create_api_key
--- a/app/views/settings/subscriptions/index.html.erb
+++ b/app/views/settings/subscriptions/index.html.erb
@ -16,13 +16,13 @@
            Your subscription will be valid for the next <span class="text-accent"><%= 365 %> days</span> and will be <span class="text-accent"><%= current_user.active? ? 'renewed automatically' : 'renewed manually' %></span>.
          </p>

-          <%= link_to 'Manage subscription', '#', class: 'btn btn-primary my-4' %>
+          <%= link_to 'Manage subscription', "#{ENV['SUBSCRIPTION_URL']}/auth/dawarich?token=#{current_user.generate_subscription_token}", class: 'btn btn-primary my-4' %>
        <% else %>
          <p class="py-6">
            You are currently not subscribed to Dawarich. How about we fix that?
          </p>

-          <%= link_to 'Manage subscription', '#', class: 'btn btn-primary my-4' %>
+          <%= link_to 'Manage subscription', "#{ENV['SUBSCRIPTION_URL']}/auth/dawarich?token=#{current_user.generate_subscription_token}", class: 'btn btn-primary my-4' %>
        <% end %>
      </div>
    </div>