arcadex 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/Rakefile +34 -0
- data/app/assets/javascripts/arcadex/application.js +13 -0
- data/app/assets/stylesheets/arcadex/application.css +13 -0
- data/app/controllers/arcadex/application_controller.rb +4 -0
- data/app/helpers/arcadex/application_helper.rb +4 -0
- data/app/models/arcadex/token.rb +17 -0
- data/app/views/layouts/arcadex/application.html.erb +14 -0
- data/config/routes.rb +2 -0
- data/db/migrate/20140806194834_create_arcadex_tokens.rb +11 -0
- data/db/migrate/20140806202340_add_index_to_token.rb +5 -0
- data/lib/arcadex.rb +168 -0
- data/lib/arcadex/engine.rb +5 -0
- data/lib/arcadex/version.rb +3 -0
- data/lib/tasks/arcadex_tasks.rake +4 -0
- data/test/arcadex_test.rb +7 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/javascripts/application.js +13 -0
- data/test/dummy/app/assets/stylesheets/application.css +13 -0
- data/test/dummy/app/controllers/application_controller.rb +5 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +29 -0
- data/test/dummy/config/environments/production.rb +80 -0
- data/test/dummy/config/environments/test.rb +36 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +5 -0
- data/test/dummy/config/initializers/secret_token.rb +12 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +4 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/schema.rb +26 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/log/development.log +16 -0
- data/test/dummy/log/test.log +22 -0
- data/test/dummy/public/404.html +58 -0
- data/test/dummy/public/422.html +58 -0
- data/test/dummy/public/500.html +57 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/fixtures/arcadex/tokens.yml +11 -0
- data/test/integration/navigation_test.rb +10 -0
- data/test/models/arcadex/token_test.rb +9 -0
- data/test/test_helper.rb +15 -0
- metadata +185 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 76d7606a57e1a5ec7c7cb64b8dde2bba67086e87
|
4
|
+
data.tar.gz: c04a13f9712b001f4c27149e4e2289e4b9310e69
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 547e1fed79f10cc9100970f3aa7523dfc8625afa47e8fe6df81aacb6a797c13b85fe1ca17bf07d7f8cab22008ebda08c701cf5e337bfe24c5da1871b23fb3026
|
7
|
+
data.tar.gz: 76ab77ba76a7696c7ad8b17229f8f73ba2f5ba051bbe72faccb80ef37a348cb998ddc392c7efa57e1d2d6c2a69709a8b2be69183845c481966e4011825862b54
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2014 YOURNAME
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
begin
|
2
|
+
require 'bundler/setup'
|
3
|
+
rescue LoadError
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
5
|
+
end
|
6
|
+
|
7
|
+
require 'rdoc/task'
|
8
|
+
|
9
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
10
|
+
rdoc.rdoc_dir = 'rdoc'
|
11
|
+
rdoc.title = 'Arcadex'
|
12
|
+
rdoc.options << '--line-numbers'
|
13
|
+
rdoc.rdoc_files.include('README.rdoc')
|
14
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
15
|
+
end
|
16
|
+
|
17
|
+
APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
|
18
|
+
load 'rails/tasks/engine.rake'
|
19
|
+
|
20
|
+
|
21
|
+
|
22
|
+
Bundler::GemHelper.install_tasks
|
23
|
+
|
24
|
+
require 'rake/testtask'
|
25
|
+
|
26
|
+
Rake::TestTask.new(:test) do |t|
|
27
|
+
t.libs << 'lib'
|
28
|
+
t.libs << 'test'
|
29
|
+
t.pattern = 'test/**/*_test.rb'
|
30
|
+
t.verbose = false
|
31
|
+
end
|
32
|
+
|
33
|
+
|
34
|
+
task default: :test
|
@@ -0,0 +1,13 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Arcadex
|
2
|
+
class Token < ActiveRecord::Base
|
3
|
+
before_validation :generate_hash, on: :create
|
4
|
+
|
5
|
+
belongs_to :imageable, :polymorphic => true
|
6
|
+
|
7
|
+
validates :imageable_id, presence: true
|
8
|
+
validates :imageable_type, presence: true
|
9
|
+
validates :auth_token, presence: true
|
10
|
+
#This also needs to exist at the database level
|
11
|
+
validates :auth_token, uniqueness: true
|
12
|
+
|
13
|
+
def generate_hash
|
14
|
+
self.auth_token = ::Arcadex.generate_auth_token
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Arcadex</title>
|
5
|
+
<%= stylesheet_link_tag "arcadex/application", media: "all" %>
|
6
|
+
<%= javascript_include_tag "arcadex/application" %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|
data/config/routes.rb
ADDED
data/lib/arcadex.rb
ADDED
@@ -0,0 +1,168 @@
|
|
1
|
+
require "arcadex/engine"
|
2
|
+
|
3
|
+
module Arcadex
|
4
|
+
|
5
|
+
################Below are authentication methods###########################
|
6
|
+
############This should be called by the user##############################
|
7
|
+
def self.full_authentication(params,request,should_use_email)
|
8
|
+
auth_token = grab_token(params,request)
|
9
|
+
email = grab_email(params,request)
|
10
|
+
if should_use_email
|
11
|
+
return authenticate_with_email_token(auth_token,email)
|
12
|
+
else
|
13
|
+
return authenticate_with_only_token(auth_token)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
##########Below are authentication helper methods##########################
|
18
|
+
#########These dont normally need to be called by the user#################
|
19
|
+
#authenticate_with methods return nil if not authenticated and make a hash
|
20
|
+
#if things go fine.
|
21
|
+
#current_owner = @instance_hash["current_user"]
|
22
|
+
#current_token = @instance_hash["current_token"]
|
23
|
+
|
24
|
+
#Gets the auth_token from either the url or header
|
25
|
+
def self.grab_token(params,request)
|
26
|
+
#Header token has preference
|
27
|
+
if !params["auth_token"].blank?
|
28
|
+
auth_token = params["auth_token"]
|
29
|
+
end
|
30
|
+
if !request.headers["Auth-Token"].blank?
|
31
|
+
auth_token = request.headers["Auth-Token"]
|
32
|
+
end
|
33
|
+
return auth_token
|
34
|
+
end
|
35
|
+
#Gets the email from either the url or header
|
36
|
+
def self.grab_email(params,request)
|
37
|
+
#Header email has preference
|
38
|
+
if !params["email"].blank?
|
39
|
+
email = params["email"]
|
40
|
+
end
|
41
|
+
if !request.headers["Email"].blank?
|
42
|
+
email = request.headers["Email"]
|
43
|
+
end
|
44
|
+
return email
|
45
|
+
end
|
46
|
+
#This should be used in the application_controller before all actions
|
47
|
+
def self.authenticate_with_email_token(auth_token,email)
|
48
|
+
#Find token from auth_token and owner from token
|
49
|
+
token = ::Arcadex.find_token_by_auth_token(auth_token)
|
50
|
+
owner = ::Arcadex.find_owner_by_token(token)
|
51
|
+
#This assumes that the owner of the token is indeed a user
|
52
|
+
if !token.nil?
|
53
|
+
user = Object.const_get(token.imageable_type).find_by(email: email)
|
54
|
+
#user = ::People::User.find_by(email: email)
|
55
|
+
end
|
56
|
+
#This is to mitigate timing attacks
|
57
|
+
::Devise.secure_compare(auth_token,auth_token)
|
58
|
+
if owner.nil? || user.nil? || user.id != owner.id
|
59
|
+
return nil
|
60
|
+
else
|
61
|
+
#These are the variables available to every controller that inherits
|
62
|
+
instance_hash = {"current_user" => owner, "current_token" => token}
|
63
|
+
return instance_hash
|
64
|
+
end
|
65
|
+
end
|
66
|
+
#This should be used in the application_controller before all actions
|
67
|
+
def self.authenticate_with_only_token(auth_token)
|
68
|
+
#Find token from auth_token and owner from token
|
69
|
+
token = ::Arcadex.find_token_by_auth_token(auth_token)
|
70
|
+
owner = ::Arcadex.find_owner_by_token(token)
|
71
|
+
#This is to mitigate timing attacks
|
72
|
+
::Devise.secure_compare(auth_token,auth_token)
|
73
|
+
if owner.nil?
|
74
|
+
return nil
|
75
|
+
else
|
76
|
+
#These are the variables available to every controller that inherits
|
77
|
+
instance_hash = {"current_user" => owner, "current_token" => token}
|
78
|
+
return instance_hash
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
####################Below are helper methods###############################
|
83
|
+
############These dont need to be called by the user#######################
|
84
|
+
|
85
|
+
#This is now called by the token when it's first saved
|
86
|
+
#token = instance.tokens.new
|
87
|
+
#token.auth_token = Arcadex.generate_auth_token
|
88
|
+
#token.save
|
89
|
+
def self.generate_auth_token
|
90
|
+
token = ::Devise.friendly_token
|
91
|
+
while Token.exists?(token)
|
92
|
+
token = ::Devise.friendly_token
|
93
|
+
end
|
94
|
+
return token
|
95
|
+
end
|
96
|
+
#Arcadex.create_token(instance.id,instance.class.to_s)
|
97
|
+
def self.create_token(id,type)
|
98
|
+
token = Token.new
|
99
|
+
token.imageable_id = id
|
100
|
+
token.imageable_type = type
|
101
|
+
#token.auth_token = generate_auth_token
|
102
|
+
token.save
|
103
|
+
return token
|
104
|
+
end
|
105
|
+
|
106
|
+
|
107
|
+
#Arcadex.find_token_by_auth_token(token.auth_token)
|
108
|
+
def self.find_token_by_auth_token(auth_token_string)
|
109
|
+
token = Token.find_by(auth_token: auth_token_string)
|
110
|
+
if token.nil?
|
111
|
+
return nil
|
112
|
+
end
|
113
|
+
if token_expired?(token)
|
114
|
+
destroy_token(token)
|
115
|
+
return nil
|
116
|
+
else
|
117
|
+
return token
|
118
|
+
end
|
119
|
+
end
|
120
|
+
|
121
|
+
|
122
|
+
#Arcadex.destroy_token(token.auth_token)
|
123
|
+
def self.destroy_auth_token(auth_token)
|
124
|
+
token = find_token_by_auth_token(auth_token)
|
125
|
+
destroy_token(token)
|
126
|
+
end
|
127
|
+
def self.destroy_token(token)
|
128
|
+
if token.nil?
|
129
|
+
return nil
|
130
|
+
end
|
131
|
+
token.destroy
|
132
|
+
end
|
133
|
+
#Arcadex.destroy_all_tokens(instance.id,instance.class.to_s)
|
134
|
+
def self.destroy_all_tokens(id,type)
|
135
|
+
if Object.const_get(type).exists?(id)
|
136
|
+
instance = Object.const_get(type).find(id)
|
137
|
+
instance.tokens.destroy_all
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
|
142
|
+
#Arcadex.find_owner_by_auth_token(auth_token)
|
143
|
+
def self.find_owner_by_auth_token(auth_token)
|
144
|
+
token = Arcadex.find_token_by_auth_token(auth_token)
|
145
|
+
return Arcadex.find_owner_by_token(token)
|
146
|
+
end
|
147
|
+
#Arcadex.find_owner_by_token(token)
|
148
|
+
def self.find_owner_by_token(token)
|
149
|
+
if token.nil?
|
150
|
+
return nil
|
151
|
+
end
|
152
|
+
if token_expired?(token)
|
153
|
+
destroy_token(token)
|
154
|
+
return nil
|
155
|
+
else
|
156
|
+
instance = Object.const_get(token.imageable_type).find(token.imageable_id)
|
157
|
+
return instance
|
158
|
+
end
|
159
|
+
end
|
160
|
+
|
161
|
+
|
162
|
+
#Arcadex.token_expired?(token)
|
163
|
+
#How long should tokens last? A day if not rememberable
|
164
|
+
#And a month if you are?
|
165
|
+
def self.token_expired?(token)
|
166
|
+
return false
|
167
|
+
end
|
168
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
== README
|
2
|
+
|
3
|
+
This README would normally document whatever steps are necessary to get the
|
4
|
+
application up and running.
|
5
|
+
|
6
|
+
Things you may want to cover:
|
7
|
+
|
8
|
+
* Ruby version
|
9
|
+
|
10
|
+
* System dependencies
|
11
|
+
|
12
|
+
* Configuration
|
13
|
+
|
14
|
+
* Database creation
|
15
|
+
|
16
|
+
* Database initialization
|
17
|
+
|
18
|
+
* How to run the test suite
|
19
|
+
|
20
|
+
* Services (job queues, cache servers, search engines, etc.)
|
21
|
+
|
22
|
+
* Deployment instructions
|
23
|
+
|
24
|
+
* ...
|
25
|
+
|
26
|
+
|
27
|
+
Please feel free to use a different markup language if you do not plan to run
|
28
|
+
<tt>rake doc:app</tt>.
|
data/test/dummy/Rakefile
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>Dummy</title>
|
5
|
+
<%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track" => true %>
|
6
|
+
<%= javascript_include_tag "application", "data-turbolinks-track" => true %>
|
7
|
+
<%= csrf_meta_tags %>
|
8
|
+
</head>
|
9
|
+
<body>
|
10
|
+
|
11
|
+
<%= yield %>
|
12
|
+
|
13
|
+
</body>
|
14
|
+
</html>
|