arcadex 1.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 76d7606a57e1a5ec7c7cb64b8dde2bba67086e87
+  data.tar.gz: c04a13f9712b001f4c27149e4e2289e4b9310e69
+SHA512:
+  metadata.gz: 547e1fed79f10cc9100970f3aa7523dfc8625afa47e8fe6df81aacb6a797c13b85fe1ca17bf07d7f8cab22008ebda08c701cf5e337bfe24c5da1871b23fb3026
+  data.tar.gz: 76ab77ba76a7696c7ad8b17229f8f73ba2f5ba051bbe72faccb80ef37a348cb998ddc392c7efa57e1d2d6c2a69709a8b2be69183845c481966e4011825862b54

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2014 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,34 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Arcadex'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/assets/javascripts/arcadex/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/app/assets/stylesheets/arcadex/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/app/controllers/arcadex/application_controller.rb

@@ -0,0 +1,4 @@
+module Arcadex
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/helpers/arcadex/application_helper.rb

@@ -0,0 +1,4 @@
+module Arcadex
+  module ApplicationHelper
+  end
+end

data/app/models/arcadex/token.rb

@@ -0,0 +1,17 @@
+module Arcadex
+  class Token < ActiveRecord::Base
+  	before_validation :generate_hash, on: :create
+
+		belongs_to :imageable, :polymorphic => true
+
+    validates :imageable_id, presence: true
+    validates :imageable_type, presence: true
+    validates :auth_token, presence: true
+    #This also needs to exist at the database level
+    validates :auth_token, uniqueness: true
+
+    def generate_hash
+    	self.auth_token = ::Arcadex.generate_auth_token
+    end	
+  end
+end

data/app/views/layouts/arcadex/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Arcadex</title>
+  <%= stylesheet_link_tag    "arcadex/application", media: "all" %>
+  <%= javascript_include_tag "arcadex/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/routes.rb

@@ -0,0 +1,2 @@
+Arcadex::Engine.routes.draw do
+end

data/db/migrate/20140806194834_create_arcadex_tokens.rb

@@ -0,0 +1,11 @@
+class CreateArcadexTokens < ActiveRecord::Migration
+  def change
+    create_table :arcadex_tokens do |t|
+      t.integer :imageable_id
+      t.string :imageable_type
+      t.string :auth_token
+
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20140806202340_add_index_to_token.rb

@@ -0,0 +1,5 @@
+class AddIndexToToken < ActiveRecord::Migration
+  def change
+  	add_index :arcadex_tokens, :auth_token, unique: true
+  end
+end

data/lib/arcadex.rb

@@ -0,0 +1,168 @@
+require "arcadex/engine"
+
+module Arcadex
+
+################Below are authentication methods###########################
+############This should be called by the user##############################
+	def self.full_authentication(params,request,should_use_email)
+		auth_token = grab_token(params,request)
+		email = grab_email(params,request)
+		if should_use_email
+			return authenticate_with_email_token(auth_token,email)
+		else
+			return authenticate_with_only_token(auth_token)
+		end
+	end
+
+##########Below are authentication helper methods##########################
+#########These dont normally need to be called by the user#################
+#authenticate_with methods return nil if not authenticated and make a hash
+#if things go fine.     
+#current_owner = @instance_hash["current_user"]
+#current_token = @instance_hash["current_token"]
+
+  #Gets the auth_token from either the url or header
+  def self.grab_token(params,request)
+    #Header token has preference
+    if !params["auth_token"].blank?
+      auth_token = params["auth_token"]
+    end
+    if !request.headers["Auth-Token"].blank?
+      auth_token = request.headers["Auth-Token"]
+    end
+    return auth_token
+  end
+  #Gets the email from either the url or header
+  def self.grab_email(params,request)
+    #Header email has preference
+    if !params["email"].blank?
+      email = params["email"]
+    end
+    if !request.headers["Email"].blank?
+      email = request.headers["Email"]
+    end
+    return email
+  end
+	#This should be used in the application_controller before all actions
+	def self.authenticate_with_email_token(auth_token,email)
+    #Find token from auth_token and owner from token
+    token = ::Arcadex.find_token_by_auth_token(auth_token)
+    owner = ::Arcadex.find_owner_by_token(token)
+    #This assumes that the owner of the token is indeed a user
+    if !token.nil?
+    	user = Object.const_get(token.imageable_type).find_by(email: email)
+    	#user = ::People::User.find_by(email: email)
+    end
+		#This is to mitigate timing attacks
+    ::Devise.secure_compare(auth_token,auth_token)
+    if owner.nil? || user.nil? || user.id != owner.id
+      return nil
+    else
+      #These are the variables available to every controller that inherits
+     	instance_hash = {"current_user" => owner, "current_token" => token}
+      return instance_hash
+    end
+	end
+	#This should be used in the application_controller before all actions
+	def self.authenticate_with_only_token(auth_token)
+    #Find token from auth_token and owner from token
+    token = ::Arcadex.find_token_by_auth_token(auth_token)
+    owner = ::Arcadex.find_owner_by_token(token)
+    #This is to mitigate timing attacks
+    ::Devise.secure_compare(auth_token,auth_token)
+    if owner.nil?
+      return nil
+    else
+      #These are the variables available to every controller that inherits
+      instance_hash = {"current_user" => owner, "current_token" => token}
+      return instance_hash
+    end
+	end
+
+####################Below are helper methods###############################
+############These dont need to be called by the user#######################
+
+	#This is now called by the token when it's first saved
+	#token = instance.tokens.new
+	#token.auth_token = Arcadex.generate_auth_token
+	#token.save
+	def self.generate_auth_token
+		token = ::Devise.friendly_token
+		while Token.exists?(token)
+			token = ::Devise.friendly_token
+		end
+		return token
+	end
+	#Arcadex.create_token(instance.id,instance.class.to_s)
+	def self.create_token(id,type)
+		token = Token.new
+		token.imageable_id = id
+		token.imageable_type = type
+		#token.auth_token = generate_auth_token
+		token.save
+		return token
+	end
+
+
+	#Arcadex.find_token_by_auth_token(token.auth_token)
+	def self.find_token_by_auth_token(auth_token_string)
+		token = Token.find_by(auth_token: auth_token_string)
+		if token.nil?
+			return nil
+		end
+		if token_expired?(token)
+			destroy_token(token)
+			return nil
+		else
+			return token
+		end
+	end
+
+
+	#Arcadex.destroy_token(token.auth_token)
+	def self.destroy_auth_token(auth_token)
+		token = find_token_by_auth_token(auth_token)
+		destroy_token(token)
+	end
+	def self.destroy_token(token)
+		if token.nil?
+			return nil
+		end
+		token.destroy
+	end
+	#Arcadex.destroy_all_tokens(instance.id,instance.class.to_s)
+	def self.destroy_all_tokens(id,type)
+		if Object.const_get(type).exists?(id)
+			instance = Object.const_get(type).find(id)
+			instance.tokens.destroy_all
+		end
+	end
+
+
+	#Arcadex.find_owner_by_auth_token(auth_token)
+	def self.find_owner_by_auth_token(auth_token)
+		token = Arcadex.find_token_by_auth_token(auth_token)
+		return Arcadex.find_owner_by_token(token)
+	end
+	#Arcadex.find_owner_by_token(token)
+	def self.find_owner_by_token(token)
+		if token.nil?
+			return nil
+		end
+		if token_expired?(token)
+			destroy_token(token)
+			return nil
+		else
+			instance = Object.const_get(token.imageable_type).find(token.imageable_id)
+			return instance
+		end
+	end
+
+
+	#Arcadex.token_expired?(token)
+	#How long should tokens last? A day if not rememberable
+	#And a month if you are?
+	def self.token_expired?(token)
+		return false
+	end
+end

data/lib/arcadex/engine.rb

@@ -0,0 +1,5 @@
+module Arcadex
+  class Engine < ::Rails::Engine
+    isolate_namespace Arcadex
+  end
+end

data/lib/arcadex/version.rb

@@ -0,0 +1,3 @@
+module Arcadex
+  VERSION = "1.0.1"
+end

data/lib/tasks/arcadex_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :arcadex do
+#   # Task goes here
+# end

data/test/arcadex_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class ArcadexTest < ActiveSupport::TestCase
+  test "truth" do
+    assert_kind_of Module, Arcadex
+  end
+end

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/test/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/test/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
+  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>