Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sinatra 4.90s TTFB #344

Closed
dcalixto opened this issue Jan 15, 2020 · 0 comments
Closed

Sinatra 4.90s TTFB #344

dcalixto opened this issue Jan 15, 2020 · 0 comments

Comments

@dcalixto
Copy link

Hello after setup a simple auth, with a verification token after login, Sinatra is taking on
average 4. something seconds to check the token.
Is the jwt config?

verify
ttfb

middleware
JwtAuth

# frozen_string_literal: true

class JwtAuth
  def initialize(app)
    @app = app
  end
 
  def call(env)
    begin
    auth_token = env.fetch('HTTP_AUTHORIZATION', '')
  
    payload = JsonWebToken.decode(auth_token)

    unless User.exists?(email: payload['user']['email'])
      raise JWT::InvalidPayload
     end

    #raise JWT::InvalidPayload unless User.exists?(email: payload['user']['email'])
    env[:user] = User.find_by(email: payload['user']['email'])


    # puts headers # show headers on this request

    @app.call env
  rescue JWT::DecodeError
    [401, { 'Content-Type' => 'text/plain' }, ['A token must be passed.']]
  rescue JWT::ExpiredSignature
    [403, { 'Content-Type' => 'text/plain' }, ['The token has expired.']]
  rescue JWT::InvalidIssuerError
    [403, { 'Content-Type' => 'text/plain' }, ['The token does not have a valid issuer.']]
  rescue JWT::InvalidIatError
    [403, { 'Content-Type' => 'text/plain' }, ['The token does not have a valid "issued at" time.']]
  rescue JWT::InvalidIatError
    [403, { 'Content-Type' => 'text/plain' }, ['Invalid token']]
  end
  end
end

the JsonWebToken

class JsonWebToken
  class << self
    def encode(email)
     
      JWT.encode payload(email), ENV['JWT_SECRET'], 'HS256' 
    end
  
    def decode(auth_token)
      options = { algorithm: 'HS256', iss: ENV['JWT_ISSUER'] }

      JWT.decode(auth_token, ENV['JWT_SECRET'],  true, options)[0]
    end

    def payload(email)
      {
        exp: 24.hours.from_now.to_i,
        iat: Time.now.to_i,
        iss: ENV['JWT_ISSUER'],
        user: {
          email: email
        }
       # user_id: user.id
      }
    end
  end
end

ApiController

class ApiController < Sinatra::Base
  use JwtAuth
  before do
    content_type :json, charset: 'utf-8'
  end
  

 

  get '/verify' do
    # add token to Authorization Header

    auth_token = JsonWebToken.encode(@email)
  
    if auth_token
      {  message: 'verified',tatus: 200 }.to_json
    
    else
      halt 401, { message: 'Token failed verification' }.to_json

    end
  end

  def current_user
    @current_user ||= request.env[:user]
  #  request.env[:user]
  end
end

config.ru

use Rack::Deflater
use Rack::MethodOverride


run Rack::URLMap.new(
  '/' => PublicController,
  '/api' => ApiController

)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dcalixto