lib/rodauth/features/oauth_jwt.rb in rodauth-oauth-0.5.0 vs lib/rodauth/features/oauth_jwt.rb in rodauth-oauth-0.5.1

@@ -60,9 +60,18 @@
       token_scopes = authorization_token["scope"].split(" ")
 
       authorization_required unless scopes.any? { |scope| token_scopes.include?(scope) }
     end
 
+    # Overrides session_value, so that a valid authorization token also authenticates a request
+    def session_value
+      super || begin
+        return unless authorization_token
+
+        authorization_token["sub"]
+      end
+    end
+
     private
 
     unless method_defined?(:last_account_login_at)
       def last_account_login_at
         nil