active_model_secure_token 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a6735c5897ecc1dc3567ae74a81f82ed0bc022cf
+  data.tar.gz: d3ac27f6aa5f67b8d4df64f920b5c9f9df9893b8
+SHA512:
+  metadata.gz: 1222fbec657f3ce0aba6b9a2f75b03f9626dd7e0da7be63a895df6f29f3a5f18ef93524cb6e866c1878f460fd504b5369917eedb78c7d91ff9ce31f087258f76
+  data.tar.gz: bbe427cc5aaf58b91e0175d4b144743ecc5eb0c4f481844d6c7239958f1986e60d1ee5bd65354dce73d45ad963199fa0f3fe211abc3dc044fb90f5a2c2a85f32

data/.gitignore

@@ -0,0 +1,22 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/.travis.yml

@@ -0,0 +1,13 @@
+language: ruby
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1
+  - 2.2
+gemfile:
+  - gemfiles/rails3.gemfile
+  - gemfiles/rails4_0.gemfile
+  - gemfiles/rails4_1.gemfile
+  - gemfiles/rails4_2.gemfile
+notifications:
+  email: false

data/Gemfile

@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 robertomiranda
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,91 @@
+# active_model_secure_token
+
+Provides an easy way to generate uniques random tokens for any ActiveModel. **SecureRandom::base58** is used to generate the 24-character unique tokens, so collisions are highly unlikely.
+
+**Note** If you're worried about possible collissions, there's a way to generate a race condition in the database in the same way that [validates_uniqueness_of](http://api.rubyonrails.org/classes/ActiveRecord/Validations/ClassMethods.html) can. You're encouraged to add an unique index in the database to deal
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'active_model_secure_token'
+
+And then run:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install active_model_secure_token
+
+This gem does not depend on ActiveRecord, only on ActiveModel. It works fine with ActiveRecord and Mongoid. You will need to `include ActiveModel::SecureToken` in your model/document before you can use it.
+
+## Setting your ActiveRecord model
+
+The first step is to generate a migration in order to add the token key field.
+
+```ruby
+rails g migration AddTokenToUsers token:string
+=>
+   invoke  active_record
+   create    db/migrate/20150424010931_add_token_to_users.rb
+```
+
+Then run `rake db:migrate` in order to update users table in the database. The next step is to add `has_secure_token`
+ to the model:
+```ruby
+# Schema: User(token:string, auth_token:string)
+class User < ActiveRecord::Base
+  include ActiveModel::SecureToken
+  has_secure_token
+end
+
+user = User.new
+user.save
+user.token # => "pX27zsMN2ViQKta1bGfLmVJE"
+user.regenerate_token # => true
+```
+
+To use a custom column to store the token key field you can specify the column_name option. See example above (e.g: auth_token):
+
+```ruby
+# Schema: User(token:string, auth_token:string)
+class User < ActiveRecord::Base
+  include ActiveModel::SecureToken
+  has_secure_token :auth_token
+end
+
+user = User.new
+user.save
+user.auth_token # => "pX27zsMN2ViQKta1bGfLmVJE"
+user.regenerate_auth_token # => true
+```
+
+## Setting your Mongoid document
+
+Add the field, include this gem and enable it like so:
+
+```ruby
+class User
+  include Mongoid::Document
+  include ActiveModel::SecureToken
+  field :token, type: String
+  has_secure_token
+end
+```
+
+The Mongoid document has all the same methods as the ActiveRecord model.
+
+## Running tests
+
+Running
+
+```shell
+$ rake test
+```
+
+Should return
+
+```shell
+8 runs, 14 assertions, 0 failures, 0 errors, 0 skips
+```

data/Rakefile

@@ -0,0 +1,22 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+Bundler::GemHelper.install_tasks
+
+task :help do
+  puts "Available rake tasks: "
+  puts "rake console - Run a IRB console with all enviroment loaded"
+  puts "rake test - Run tests"
+end
+
+task :test do
+  Dir.chdir('test')
+end
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << '../lib'
+  t.libs << '../test'
+  t.test_files = FileList['*_test.rb']
+  t.verbose = false
+end
+
+task :default => :test

data/active_model_secure_token.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'active_model_secure_token/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "active_model_secure_token"
+  spec.version       = HasSecureToken::VERSION
+  spec.authors       = ["Roberto Miranda Altamar", "Joost Baaij"]
+  spec.email         = ["rjmaltamar@gmail.com", "joost@spacebabies.nl"]
+  spec.summary       = %q{Create uniques random tokens for any model in ruby on rails. Backport of ActiveRecord::SecureToken 5 to AR 3.x and 4.x}
+  spec.description   = %q{HasSecureToken provides you an easily way to geneatre uniques random tokens for any model in ruby on rails. **SecureRandom::base58** is used to generate the 24-character unique token, so collisions are highly unlikely.}
+  spec.homepage      = "https://github.com/sign2pay/active_model_secure_token"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "activemodel"
+  spec.add_development_dependency "mongoid"
+  spec.add_development_dependency "activerecord", [">= 3.0",  "< 5.0"]
+
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency 'sqlite3'
+end

data/gemfiles/rails3.gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+gemspec :path => '../'
+
+group :development, :test do
+  gem 'activerecord', '~> 3.2.0'
+end

data/gemfiles/rails4_0.gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+gemspec :path => '../'
+
+group :development, :test do
+  gem 'activerecord', '~> 4.0.0'
+  gem 'minitest', '~> 4.2'
+end

data/gemfiles/rails4_1.gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+gemspec :path => '../'
+
+group :development, :test do
+  gem 'activerecord', '~> 4.1.0'
+end

data/gemfiles/rails4_2.gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+gemspec :path => '../'
+
+group :development, :test do
+  gem 'activerecord', '~> 4.2.0'
+end

data/lib/active_model_secure_token.rb

@@ -0,0 +1,39 @@
+require 'active_support'
+module ActiveModel
+  module SecureToken
+    extend ActiveSupport::Concern
+
+    module ClassMethods
+      # Example using has_secure_token
+      #
+      #   # Schema: User(token:string, auth_token:string)
+      #   class User < ActiveRecord::Base
+      #     has_secure_token
+      #     has_secure_token :auth_token
+      #   end
+      #
+      #   user = User.new
+      #   user.save
+      #   user.token # => "pX27zsMN2ViQKta1bGfLmVJE"
+      #   user.auth_token # => "77TMHrHJFvFDwodq8w7Ev2m7"
+      #   user.regenerate_token # => true
+      #   user.regenerate_auth_token # => true
+      #
+      # SecureRandom::base58 is used to generate the 24-character unique token, so collisions are highly unlikely.
+      #
+      # Note that it's still possible to generate a race condition in the database in the same way that
+      # <tt>validates_uniqueness_of</tt> can. You're encouraged to add a unique index in the database to deal
+      # with this even more unlikely scenario.
+      def has_secure_token(attribute = :token)
+        # Load securerandom only when has_secure_token is used.
+        require 'active_support/core_ext/securerandom'
+        define_method("regenerate_#{attribute}") { update_attributes attribute => self.class.generate_unique_secure_token }
+        before_create { self.send("#{attribute}=", self.class.generate_unique_secure_token) unless self.send("#{attribute}?")}
+      end
+
+      def generate_unique_secure_token
+        SecureRandom.base58(24)
+      end
+    end
+  end
+end

data/lib/active_model_secure_token/version.rb

@@ -0,0 +1,3 @@
+module HasSecureToken
+  VERSION = "1.0.0"
+end

data/lib/active_support/core_ext/securerandom.rb

@@ -0,0 +1,23 @@
+require 'securerandom'
+
+module SecureRandom
+  BASE58_ALPHABET = ('0'..'9').to_a  + ('A'..'Z').to_a + ('a'..'z').to_a - ['0', 'O', 'I', 'l']
+  # SecureRandom.base58 generates a random base58 string.
+  #
+  # The argument _n_ specifies the length, of the random string to be generated.
+  #
+  # If _n_ is not specified or is nil, 16 is assumed. It may be larger in the future.
+  #
+  # The result may contain alphanumeric characters except 0, O, I and l
+  #
+  #   p SecureRandom.base58 #=> "4kUgL2pdQMSCQtjE"
+  #   p SecureRandom.base58(24) #=> "77TMHrHJFvFDwodq8w7Ev2m7"
+  #
+  def self.base58(n = 16)
+    SecureRandom.random_bytes(n).unpack("C*").map do |byte|
+      idx = byte % 64
+      idx = SecureRandom.random_number(58) if idx >= 58
+      BASE58_ALPHABET[idx]
+    end.join
+  end
+end

data/test/active_record_test.rb

@@ -0,0 +1,31 @@
+require "test_helper"
+
+class ActiveRecordSecureTokenTest < MiniTest::Unit::TestCase
+  def setup
+    @user = User.new
+  end
+
+  def test_token_values_are_generated_for_specified_attributes_and_persisted_on_save
+    @user.save
+    refute_nil @user.token
+    refute_nil @user.auth_token
+  end
+
+  def test_regenerating_the_secure_token
+    @user.save
+    old_token = @user.token
+    old_auth_token = @user.auth_token
+    @user.regenerate_token
+    @user.regenerate_auth_token
+
+    refute_equal @user.token, old_token
+    refute_equal @user.auth_token, old_auth_token
+  end
+
+  def test_token_value_not_overwritten_when_present
+    @user.token = "custom-secure-token"
+    @user.save
+
+    assert_equal @user.token, "custom-secure-token"
+  end
+end

data/test/config/mongoid.yml

@@ -0,0 +1,6 @@
+test:
+  sessions:
+    default:
+      database: active_model_secure_token
+      hosts:
+        - localhost:27017

data/test/config/schema.rb

@@ -0,0 +1,6 @@
+ActiveRecord::Schema.define(:version => 1) do
+  create_table :users do |t|
+    t.string :token
+    t.string :auth_token
+  end
+end

data/test/models/post.rb

@@ -0,0 +1,10 @@
+class Post
+  include Mongoid::Document
+  include ActiveModel::SecureToken
+
+  field :token, type: String
+  field :auth_token, type: String
+
+  has_secure_token
+  has_secure_token :auth_token
+end

data/test/models/user.rb

@@ -0,0 +1,5 @@
+class User < ActiveRecord::Base
+  include ActiveModel::SecureToken
+  has_secure_token
+  has_secure_token :auth_token
+end

data/test/mongoid_test.rb

@@ -0,0 +1,35 @@
+require "test_helper"
+
+class MongoidSecureTokenTest < MiniTest::Unit::TestCase
+  def setup
+    @post = Post.new
+  end
+
+  def teardown
+    Mongoid.purge!
+  end
+
+  def test_token_values_are_generated_for_specified_attributes_and_persisted_on_save
+    @post.save
+    refute_nil @post.token
+    refute_nil @post.auth_token
+  end
+
+  def test_regenerating_the_secure_token
+    @post.save
+    old_token = @post.token
+    old_auth_token = @post.auth_token
+    @post.regenerate_token
+    @post.regenerate_auth_token
+
+    refute_equal @post.token, old_token
+    refute_equal @post.auth_token, old_auth_token
+  end
+
+  def test_token_value_not_overwritten_when_present
+    @post.token = "custom-secure-token"
+    @post.save
+
+    assert_equal @post.token, "custom-secure-token"
+  end
+end

data/test/securerandom_test.rb

@@ -0,0 +1,19 @@
+require "test_helper"
+
+class SecureRandomTest < MiniTest::Unit::TestCase
+  def test_base58
+    s1 = SecureRandom.base58
+    s2 = SecureRandom.base58
+
+    refute_equal s1, s2
+    assert_equal 16, s1.length
+  end
+
+  def test_base58_with_length
+    s1 = SecureRandom.base58(24)
+    s2 = SecureRandom.base58(24)
+
+    refute_equal s1, s2
+    assert_equal 24, s1.length
+  end
+end

data/test/test_helper.rb

@@ -0,0 +1,21 @@
+testdir = File.dirname(__FILE__)
+$LOAD_PATH.unshift testdir unless $LOAD_PATH.include?(testdir)
+
+libdir = File.dirname(File.dirname(__FILE__)) + '/lib'
+$LOAD_PATH.unshift libdir unless $LOAD_PATH.include?(libdir)
+
+require "rubygems"
+require "active_model_secure_token"
+require "active_record"
+require "mongoid"
+require "minitest/autorun"
+require "minitest/unit"
+
+ENV['MONGOID_ENV'] = 'test'
+Mongoid.load!('./config/mongoid.yml')
+
+Dir["models/*.rb"].each {|file| require file }
+
+ActiveRecord::Base.establish_connection :adapter => 'sqlite3', :database => ":memory:"
+
+load './config/schema.rb'

metadata

@@ -0,0 +1,184 @@
+--- !ruby/object:Gem::Specification
+name: active_model_secure_token
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Roberto Miranda Altamar
+- Joost Baaij
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-06-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: mongoid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: HasSecureToken provides you an easily way to geneatre uniques random
+  tokens for any model in ruby on rails. **SecureRandom::base58** is used to generate
+  the 24-character unique token, so collisions are highly unlikely.
+email:
+- rjmaltamar@gmail.com
+- joost@spacebabies.nl
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- active_model_secure_token.gemspec
+- gemfiles/rails3.gemfile
+- gemfiles/rails4_0.gemfile
+- gemfiles/rails4_1.gemfile
+- gemfiles/rails4_2.gemfile
+- lib/active_model_secure_token.rb
+- lib/active_model_secure_token/version.rb
+- lib/active_support/core_ext/securerandom.rb
+- test/active_record_test.rb
+- test/config/mongoid.yml
+- test/config/schema.rb
+- test/models/post.rb
+- test/models/user.rb
+- test/mongoid_test.rb
+- test/securerandom_test.rb
+- test/test_helper.rb
+homepage: https://github.com/sign2pay/active_model_secure_token
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.5
+signing_key: 
+specification_version: 4
+summary: Create uniques random tokens for any model in ruby on rails. Backport of
+  ActiveRecord::SecureToken 5 to AR 3.x and 4.x
+test_files:
+- test/active_record_test.rb
+- test/config/mongoid.yml
+- test/config/schema.rb
+- test/models/post.rb
+- test/models/user.rb
+- test/mongoid_test.rb
+- test/securerandom_test.rb
+- test/test_helper.rb
+has_rdoc: