app/models/api_client.rb
class ApiClient < ApplicationRecord
belongs_to :user
accepts_nested_attributes_for :user
validates_presence_of :description
#TODO add JWT expiration and api client invalidation
#TODO rename toke to encoded_token
before_create :set_encoded_token!
def verify!
self.class.invalid_token! 'Invalid Api Client' if Mumukit::Auth::Token.decode(token).uid != user.uid
end
def self.verify_token!(token)
client = find_by token: token
invalid_token! 'No Api Client found for Token' unless client
client.verify!
end
private
def set_encoded_token!
self.token = Mumukit::Auth::Token.encode user.uid, {}
end
def self.invalid_token!(message)
raise Mumukit::Auth::InvalidTokenError, message
end
end