# lib/authentications/authentication.rb# @api auth# Authentication base class

1. # lib/authentications/authentication.rb
2. # @api auth
3. # Authentication base class
4. #
5.  
6. module Authentication
7. def self.included(base)
8. base.class_eval do
9. before :authenticate!
10. expose :current_user
11. end
12. end
13.  
14. def authenticate!
15. halt 401 unless authenticated?
16. end
17.  
18. def current_user
19. @current_user ||= authenticate_user
20. end
21.  
22. private
23. def authenticated?
24. !!current_user
25. end
26.  
27. def authenticate_user
28. # Every api request has an access_token in the header
29. # Find the user and verify they exist
30. jwt = JWT.decode(payload, HANAMI_ENV['HMAC_SECRET'], algorithm: 'HS256')
31. #user = User.with_token(headers['Authentication'])
32. user = UserRepository.find(jwt.user_id)
33. if user && !user.revoked
34. return @current_user = user
35. end
36. end
37.  
38. end