feature(api): add ensure_token_is_not_expired to api_controller v1 and v2

2024-01-17 09:31:21 +01:00 · 2024-01-17 09:31:21 +01:00 · 7e8555923f
commit 7e8555923f
parent 28e4e1be2e
5 changed files with 46 additions and 4 deletions
--- a/app/controllers/api/v2/base_controller.rb
+++ b/app/controllers/api/v2/base_controller.rb
@ -3,6 +3,7 @@ class API::V2::BaseController < ApplicationController
  skip_before_action :setup_tracking
  before_action :authenticate_from_token
  before_action :ensure_authorized_network, if: -> { @api_token.present? }
+  before_action :ensure_token_is_not_expired, if: -> { @api_token.present? }

  before_action do
    Current.browser = 'api'
@ -54,4 +55,10 @@ class API::V2::BaseController < ApplicationController
      render json: { errors: ["request issued from a forbidden network. Add #{address.to_string}/#{address.prefix} to your allowed adresses in your /profil"] }, status: :forbidden
    end
  end
+
+  def ensure_token_is_not_expired
+    if @api_token.expired?
+      render json: { errors: ['token expired'] }, status: :unauthorized
+    end
+  end
 end
--- a/app/controllers/api_controller.rb
+++ b/app/controllers/api_controller.rb
@ -2,6 +2,7 @@ class APIController < ApplicationController
  before_action :default_format_json
  before_action :authenticate_from_token
  before_action :ensure_authorized_network, if: -> { @api_token.present? }
+  before_action :ensure_token_is_not_expired, if: -> { @api_token.present? }

  before_action do
    Current.browser = 'api'
@ -41,4 +42,10 @@ class APIController < ApplicationController
      render json: { errors: ["request issued from a forbidden network. Add #{address.to_string}/#{address.prefix} to your allowed adresses in your /profil"] }, status: :forbidden
    end
  end
+
+  def ensure_token_is_not_expired
+    if @api_token.expired?
+      render json: { errors: ['token expired'] }, status: :unauthorized
+    end
+  end
 end