lib/devise_token_auth/url.rb
# frozen_string_literal: true
module DeviseTokenAuth::Url
def self.generate(url, params = {})
uri = URI(url)
res = "#{uri.scheme}://#{uri.host}"
res += ":#{uri.port}" if (uri.port && uri.port != 80 && uri.port != 443)
res += uri.path.to_s if uri.path
query = [uri.query, params.to_query].reject(&:blank?).join('&')
res += "?#{query}"
res += "##{uri.fragment}" if uri.fragment
# repeat any query params after the fragment to deal with Angular eating any pre fragment query params, used
# in the reset password redirect url
res += "?#{query}" if uri.fragment
res
end
def self.whitelisted?(url)
url.nil? || \
!!DeviseTokenAuth.redirect_whitelist.find do |pattern|
!!Wildcat.new(pattern).match(url)
end
end
# wildcard convenience class
class Wildcat
def self.parse_to_regex(str)
escaped = Regexp.escape(str).gsub('\*','.*?')
Regexp.new("^#{escaped}$", Regexp::IGNORECASE)
end
def initialize(str)
@regex = self.class.parse_to_regex(str)
end
def match(str)
!!@regex.match(str)
end
end
end