api_user_auth 0.0.12

data/lib/api_user_auth/providers/google.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+module ApiUserAuth
+  module Providers
+    # Get info from Google token
+    class Google
+      API_PATH = 'https://www.googleapis.com/plus/v1/people/me'.freeze
+
+      def initialize(token)
+        @token = token
+        @data = {}
+      end
+
+      def api_info_url
+        params = {
+          access_token: @token
+        }
+        URI("#{API_PATH}?#{params.to_query}")
+      end
+
+      def get_user_data
+        api_get_request
+        user_data
+      end
+
+      def user_data
+        {
+          id: @data[:id], name: @data[:displayName],
+          email: @data[:emails].first.try(:[], :value),
+          img_url: (@data[:image] || {}).try(:[], :url),
+          info: {
+            birthday: @data[:birthday],
+            city: (@data[:hometown] || {}).try(:[], :name),
+            gender: @data[:gender]
+          }
+        }
+      end
+
+      def self.get_user(token)
+        g = Google.new(token)
+        g.get_user_data
+      end
+
+      private
+
+      def api_get_request
+        response = ::Net::HTTP.get_response(api_info_url)
+        case response.code.to_i
+        when 200
+          @data = JSON.parse(response.body, symbolize_names: true)
+        when 400
+          raise ApiUserAuth::Exceptions::InvalidToken, 'Invalid Token'
+        else
+          raise ApiUserAuth::Exceptions::ProviderError, 'Provider Error'
+        end
+      end
+    end
+  end
+end

data/lib/api_user_auth/providers/instagram.rb

@@ -0,0 +1,53 @@
+module ApiUserAuth
+  module Providers
+    # Instagram
+    class Instagram
+      API_PATH = 'https://api.instagram.com/v1/users/self/'.freeze
+
+      def initialize(token)
+        @token = token
+        @data = {}
+      end
+
+      def api_info_url
+        params = {
+          access_token: @token
+        }
+        URI("#{API_PATH}?#{params.to_query}")
+      end
+
+      def get_user_data
+        api_get_request
+        user_data
+      end
+
+      def user_data
+        {
+          id: @data[:id], name: @data[:full_name],
+          email: "#{@data[:username]}@instagram.com",
+          img_url: @data[:profile_picture],
+          info: {}
+        }
+      end
+
+      def self.get_user(token)
+        inst = Instagram.new(token)
+        inst.get_user_data
+      end
+
+      private
+
+      def api_get_request
+        response = ::Net::HTTP.get_response(api_info_url)
+        case response.code.to_i
+        when 200
+          @data = JSON.parse(response.body, symbolize_names: true)[:data]
+        when 400
+          raise ApiUserAuth::Exceptions::InvalidToken, 'Invalid Token'
+        else
+          raise ApiUserAuth::Exceptions::ProviderError, 'Provider Error'
+        end
+      end
+    end
+  end
+end

data/lib/api_user_auth/version.rb

@@ -0,0 +1,3 @@
+module ApiUserAuth
+  VERSION = '0.0.12'.freeze
+end

data/lib/api_user_auth.rb

@@ -0,0 +1,11 @@
+require 'api_user_auth/engine'
+require 'api_user_auth/exceptions'
+require 'api_user_auth/providers/facebook'
+require 'api_user_auth/providers/google'
+require 'api_user_auth/providers/instagram'
+require 'api_user_auth/controller'
+require 'net/https'
+
+module ApiUserAuth
+  UUID_REGEX = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/
+end

data/lib/generators/api_user_auth_generator.rb

@@ -0,0 +1,7 @@
+# Rails generator
+class ApiUserAuthGenerator < Rails::Generators::Base
+  def create_initializer_file
+    # create_file "config/initializers/initializer.rb"
+    # Add initialization content here
+  end
+end

data/lib/tasks/api_user_auth_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :api_user_auth do
+#   # Task goes here
+# end

data/spec/controllers/api_user_auth/auth_controller_spec.rb

@@ -0,0 +1,344 @@
+require 'rails_helper'
+
+module ApiUserAuth
+  RSpec.describe AuthController, type: :controller do
+    routes { ApiUserAuth::Engine.routes }
+
+    context 'Create' do
+      it 'Valid' do
+        expect(AuthUser.count).to eq(0)
+        post :create, params: { email: 'user@mail.com', password: '123456' }
+        expect(AuthUser.count).to eq(1)
+
+        expect(response).to have_http_status(201)
+        expect(resp_json[:email]).to eq('user@mail.com')
+        expect(resp_json[:auth_token]).not_to be_blank
+        expect(resp_json[:id]).to eq(AuthUser.last.id)
+        expect(resp_json[:is_new]).to be_truthy
+        # expect(AuthUser.count).to eq(1)
+        # post :create, params: { email: 'user@mail.com', password: '123456' }
+        # expect(AuthUser.count).to eq(1)
+        # expect(response).to have_http_status(200)
+        # expect(resp_json[:email]).to eq('user@mail.com')
+        # expect(resp_json[:auth_token]).not_to be_blank
+      end
+
+      it 'Invalid' do
+        expect(AuthUser.count).to eq(0)
+
+        post :create, params: { email: 'user@mail.com' }
+        expect(response).to have_http_status(422)
+        expect(AuthUser.count).to eq(0)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :create, params: { password: '123456' }
+        expect(response).to have_http_status(422)
+        expect(AuthUser.count).to eq(0)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :create, params: { email: 'user@mail.com', password: '' }
+        expect(response).to have_http_status(422)
+        expect(AuthUser.count).to eq(0)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :create, params: { password: '123456', email: '' }
+        expect(response).to have_http_status(422)
+        expect(AuthUser.count).to eq(0)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :create, params: { email: 'user@mail.com', password: '123456' }
+        expect(AuthUser.count).to eq(1)
+        expect(response).to have_http_status(201)
+
+        post :create, params: { email: 'user@mail.com', password: '123456' }
+        expect(AuthUser.count).to eq(1)
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+      end
+    end
+
+    context 'Login' do
+      before do
+        AuthUser.create_by_params(email: 'user@mail.com', password: '123456')
+      end
+
+      it 'Valid' do
+        expect(AuthUser.count).to eq(1)
+        expect(AuthUser.last.email).to eq('user@mail.com')
+
+        post :login, params: { email: 'user@mail.com', password: '123456' }
+        expect(response).to have_http_status(200)
+        expect(resp_json[:email]).to eq('user@mail.com')
+        expect(resp_json[:auth_token]).not_to be_blank
+        expect(resp_json[:id]).to eq(AuthUser.last.id)
+      end
+
+      it 'Invalid' do
+        expect(AuthUser.count).to eq(1)
+        expect(AuthUser.last.email).to eq('user@mail.com')
+
+        post :login, params: { email: 'user@mail.com' }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :login, params: { password: '123456' }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :login, params: { email: 'user2@mail.com', password: '123456' }
+        expect(response).to have_http_status(401)
+        expect(resp_json[:message]).not_to be_blank
+
+        post :login, params: { email: 'user@mail.com', password: '123457' }
+        expect(response).to have_http_status(401)
+        expect(resp_json[:message]).not_to be_blank
+      end
+    end
+
+    context 'Password' do
+      let(:auth_user) do
+        AuthUser.create_by_params(email: 'user@mail.com', password: '123456')
+      end
+
+      it 'Valid' do
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        auth_user.update(code: '123456')
+
+        patch :password, params: {
+          email: 'user@mail.com', password: '123457', code: '123456'
+        }
+        expect(response).to have_http_status(200)
+        auth_user.reload
+        expect(auth_user.valid_password?('123456')).to be_falsey
+        expect(auth_user.valid_password?('123457')).to be_truthy
+      end
+
+      it 'Invalid' do
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        auth_user.update(code: '123456')
+
+        patch :password, params: {
+          email: 'user1@mail.com', password: '123457', code: '123456'
+        }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+
+        patch :password, params: {
+          email: 'user@mail.com', password: '123457', code: '123457'
+        }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+
+        patch :password, params: {
+          email: 'user@mail.com', password: '123457'
+        }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+
+        patch :password, params: {
+          code: '123457', password: '123457'
+        }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+      end
+    end
+
+    context 'Provider' do
+      context 'Google' do
+        it 'Valid' do
+          allow(ApiUserAuth::Providers::Google).to(
+            receive_message_chain(:get_user).and_return(
+              email: 'user@mail.com', name: 'User Name'
+            )
+          )
+
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'google', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+          expect(response).to have_http_status(200)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_truthy
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+
+          post :provider, params: { provider: 'google', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_falsey
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+        end
+
+        it 'Invalid' do
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'google', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'google2', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'google' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+        end
+      end
+
+      context 'Facebook' do
+        it 'Valid' do
+          allow(ApiUserAuth::Providers::Facebook).to(
+            receive_message_chain(:get_user).and_return(
+              email: 'user@mail.com', name: 'User Name'
+            )
+          )
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'facebook', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+
+          expect(response).to have_http_status(200)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_truthy
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+
+          post :provider, params: { provider: 'facebook', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_falsey
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+        end
+
+        it 'Invalid' do
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'facebook', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'facebook2', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'facebook' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+        end
+      end
+
+      context 'Instagram' do
+        it 'Valid' do
+          allow(ApiUserAuth::Providers::Instagram).to(
+            receive_message_chain(:get_user).and_return(
+              email: 'user@mail.com', name: 'User Name'
+            )
+          )
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'instagram', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+
+          expect(response).to have_http_status(200)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_truthy
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+
+          post :provider, params: { provider: 'instagram', token: 'token' }
+          expect(AuthUser.count).to eq(1)
+          expect(resp_json[:email]).to eq('user@mail.com')
+          expect(resp_json[:auth_token]).not_to be_blank
+          expect(resp_json[:is_new]).to be_falsey
+          expect(resp_json[:id]).to eq(AuthUser.last.id)
+        end
+
+        it 'Invalid' do
+          expect(AuthUser.count).to eq(0)
+          post :provider, params: { provider: 'instagram', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'instagram2', token: 'token' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+
+          post :provider, params: { provider: 'instagram' }
+          expect(AuthUser.count).to eq(0)
+          expect(response).to have_http_status(422)
+          expect(resp_json[:message]).not_to be_blank
+        end
+      end
+    end
+
+    context 'Forgot password' do
+      it 'Valid' do
+        auth_user = AuthUser.create_by_params(
+          email: 'user@mail.com', password: '123456'
+        )
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        expect(auth_user.code).to be_blank
+
+        patch :forgot_password, params: {
+          email: 'user@mail.com'
+        }
+        expect(response).to have_http_status(200)
+        auth_user.reload
+        expect(auth_user.code).not_to be_blank
+      end
+
+      it 'Invalid' do
+        auth_user = AuthUser.create_by_params(
+          email: 'user@mail.com', password: '123456'
+        )
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        expect(auth_user.code).to be_blank
+
+        patch :forgot_password, params: {
+          email: 'user1@mail.com'
+        }
+        expect(response).to have_http_status(422)
+        expect(resp_json[:message]).not_to be_blank
+        auth_user.reload
+        expect(auth_user.code).to be_blank
+      end
+    end
+
+    context 'Logout' do
+      let(:auth_user) do
+        AuthUser.create_by_params(email: 'user@mail.com', password: '123456')
+      end
+
+      it 'Valid' do
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        expect(auth_user.auth_tokens.count).to eq(1)
+        token = auth_user.auth_tokens.last
+
+        request.headers['HTTP_AUTHORIZATION'] = "Bearer #{token}"
+        delete :logout
+        expect(response).to have_http_status(200)
+        auth_user.reload
+        expect(auth_user.auth_tokens.count).to eq(0)
+      end
+
+      it 'Invalid' do
+        expect(auth_user.valid_password?('123456')).to be_truthy
+        expect(auth_user.auth_tokens.count).to eq(1)
+        token = auth_user.auth_tokens.last
+
+        request.headers['HTTP_AUTHORIZATION'] = "Bearer #{SecureRandom.uuid}"
+        delete :logout
+        expect(response).to have_http_status(400)
+        auth_user.reload
+        expect(auth_user.auth_tokens.count).to eq(1)
+      end
+
+    end
+  end
+end

data/spec/controllers/api_user_auth/controller_spec.rb

@@ -0,0 +1,39 @@
+require 'rails_helper'
+
+module ApiUserAuth
+  RSpec.describe TestController, type: :controller do
+    context 'Test functional' do
+      before(:example) do
+        AuthUser.create_by_params(
+          email: 'user@mail.com', password: '123456'
+        )
+      end
+
+      let(:auth_user) { AuthUser.last }
+
+      it 'Valid' do
+        expect(AuthUser.count).to eq(1)
+        request.headers.merge!({ 'HTTP_AUTHORIZATION' => "Bearer #{auth_user.auth_tokens.last}" })
+        get :index
+        expect(response).to have_http_status(200)
+      end
+
+      it 'Invalid' do
+        expect(AuthUser.count).to eq(1)
+        get :index
+        expect(response).to have_http_status(401)
+        expect(resp_json[:message]).to_not be_blank
+
+        request.headers.merge!({ 'HTTP_AUTHORIZATION' => 'Bearer token_goes_here' })
+        get :index
+        expect(response).to have_http_status(401)
+        expect(resp_json[:message]).to_not be_blank
+
+        request.headers.merge!({ 'HTTP_AUTHORIZATION' => "Bearer #{SecureRandom.uuid}" })
+        get :index
+        expect(response).to have_http_status(401)
+        expect(resp_json[:message]).to_not be_blank
+      end
+    end
+  end
+end

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require_relative 'config/application'
+
+Rails.application.load_tasks

data/spec/dummy/app/assets/config/manifest.js

@@ -0,0 +1,4 @@
+//= link_tree ../images
+//= link_directory ../javascripts .js
+//= link_directory ../stylesheets .css
+//= link api_user_auth_manifest.js

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file. JavaScript code in this file should be added after the last require_* statement.
+//
+// Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require rails-ujs
+//= require activestorage
+//= require_tree

data/spec/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,15 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
+ * files in this directory. Styles in this file should be added after the last require_* statement.
+ * It is generally better to create a new file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ */

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,2 @@
+class ApplicationController < ActionController::Base
+end

data/spec/dummy/app/controllers/test_controller.rb

@@ -0,0 +1,8 @@
+class TestController < ActionController::API
+  include ActionController::HttpAuthentication::Token::ControllerMethods
+  include ApiUserAuth::Controller
+
+  def index
+    render json: { ok: 200 }, status: 200
+  end
+end

data/spec/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy/app/jobs/application_job.rb

@@ -0,0 +1,2 @@
+class ApplicationJob < ActiveJob::Base
+end

data/spec/dummy/app/mailers/application_mailer.rb

@@ -0,0 +1,4 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: 'from@example.com'
+  layout 'mailer'
+end

data/spec/dummy/app/models/application_record.rb

@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  self.abstract_class = true
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Dummy</title>
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <%= stylesheet_link_tag    'application', media: 'all' %>
+    <%= javascript_include_tag 'application' %>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/spec/dummy/app/views/layouts/mailer.html.erb

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <style>
+      /* Email styles need to be inline */
+    </style>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/spec/dummy/app/views/layouts/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

data/spec/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../config/application', __dir__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run