Challah JWT

Authenticate your Challah users with JSON Web Tokens (JWT).


  1. Add this line to your application's Gemfile and then bundle install:
gem 'challah-jwt'
  1. In your Challah initializer, add the following line:
Challah.register_technique :jwt, Challah::Jwt::Technique
  1. Include the tokenizer concern in your user model:
class User < ApplicationRecord
  include Challah::Userable
  include Challah::Jwt::Tokenizer


You'll need to include the JWT in your sign in response, e.g.:

  "user": {
    "jwt": "adi8e98uie.saxbbbgudinocgeigc84y9834.8ui9odeion",
    "id": "1",
    "first_name": "Slick",
    "last_name": "McSpeedy",

Send the JWT in the Authorization header like this:

Authorization: Bearer adi8e98uie.saxbbbgudinocgeigc84y9834.8ui9odeion


Challah-JWT adds a few methods to your User model that make it easy to tokenize and look up users:

user = User.first
# => #<User id=1...>

# Convert the user to a JWT
jwt = user.to_jwt

# Look up user by JWT
user = User.find_by_jwt(jwt)

The tokenizer only includes the user's ID in the payload by deafult, to override this behavior, override the jwt_attrs method in your user model:

class User < ApplicationRecord
  include Challah::Jwt::Tokenizer
  def jwt_attrs
    # make sure you include id, otherwise the lookup will fail
    serializable_hash.slice("id", "email", "status")


After checking out the repo, run bin/setup to install dependencies. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.


Bug reports and pull requests are welcome on GitHub at https://github.com/philtr/challah-jwt.