RubyGems - authem - Versions diffs - 1.5.0 → 2.0.0 - Mend

authem 1.5.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

checksums.yaml +4 -4
data/.gitignore +3 -0
data/.rspec +2 -0
data/.ruby-gemset +1 -0
data/.ruby-version +1 -0
data/.travis.yml +6 -0
data/Appraisals +12 -0
data/CHANGELOG.md +42 -0
data/Gemfile +10 -0
data/README.markdown +15 -1
data/Rakefile +11 -5
data/authem.gemspec +25 -0
data/gemfiles/rails_4.0.gemfile +16 -0
data/gemfiles/rails_4.1.gemfile +15 -0
data/lib/authem.rb +4 -10
data/lib/authem/controller.rb +50 -0
data/lib/authem/errors/ambigous_role.rb +8 -0
data/lib/authem/errors/unknown_role.rb +7 -0
data/lib/authem/railtie.rb +12 -0
data/lib/authem/role.rb +62 -0
data/lib/authem/session.rb +41 -0
data/lib/authem/support.rb +129 -0
data/lib/authem/token.rb +5 -5
data/lib/authem/user.rb +27 -13
data/lib/authem/version.rb +1 -1
data/lib/generators/authem/session/session_generator.rb +12 -0
data/lib/generators/authem/session/templates/create_sessions.rb +15 -0
data/lib/generators/authem/user/templates/create_table_migration.rb +22 -0
data/lib/generators/authem/user/templates/model.rb +11 -0
data/lib/generators/authem/user/user_generator.rb +13 -0
data/spec/controller_spec.rb +413 -0
data/spec/session_spec.rb +52 -0
data/spec/spec_helper.rb +4 -0
data/spec/support/active_record.rb +45 -0
data/spec/support/i18n.rb +1 -0
data/spec/support/time.rb +1 -0
data/spec/token_spec.rb +10 -0
data/spec/user_spec.rb +115 -0
metadata +42 -112
data/lib/authem/base_user.rb +0 -54
data/lib/authem/config.rb +0 -21
data/lib/authem/controller_support.rb +0 -51
data/lib/authem/sorcery_user.rb +0 -24
data/lib/generators/authem/model/model_generator.rb +0 -23

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0a94ea5cf81c75464c3a4c15f8cad8380967c225
-  data.tar.gz: 7506a4ded4f2de14fdbecc411192a1a90fada85d
+  metadata.gz: 67a264031f3e96725f18dc7e77c427ebd4708716
+  data.tar.gz: 09c0291510e6909b13ea9c5a3efa473e3054020b
 SHA512:
-  metadata.gz: 57c5091384d69b193e710fe349d1d35cd18671a58e90ae0055c6cc9a527cca8a0c36495a3ad1baeaa889813a03de67ca338629f131a20fa7c8762c69bf202383
-  data.tar.gz: 45a4f7c51d2518cf67746989e35d9912b70d49cfc47a8832d2266602bc8f7860f52fe8fb189af45b18fca7b90920414b17f043a7f2e94a1675f50b429b2657b4
+  metadata.gz: 771d1413927363e3c2426d0cee8d28fabf08389ce16a4aa6eefd06c6da6499177213f271fbc5ef2c111e48a2433c9695c1747877a6bb1b32e15aca99e4f491b7
+  data.tar.gz: 6e3adc3d207f865439888550c6aeb1d8f84f202e6a2ec31f132a23e4a254a218d5bd905a148309966e6917426cb89544cc4501c0208a81a955ab6ee7c198cf81

data/.gitignore ADDED

@@ -0,0 +1,3 @@
+pkg
+Gemfile.lock
+gemfiles/*.lock

data/.rspec ADDED

	@@ -0,0 +1,2 @@
1	+ --colour
2	+ --format progress

data/.ruby-gemset ADDED

	@@ -0,0 +1 @@
1	+ authem

data/.ruby-version ADDED

	@@ -0,0 +1 @@
1	+ ruby-2.1.2

data/.travis.yml ADDED

@@ -0,0 +1,6 @@
+gemfile:
+  - gemfiles/rails_4.0.gemfile
+  - gemfiles/rails_4.1.gemfile
+rvm:
+  - 2.0.0
+  - 2.1.1

data/Appraisals ADDED

@@ -0,0 +1,12 @@
+appraise "rails-4.1" do
+  gem "activerecord", "~> 4.1.0", require: "active_record"
+  gem "bcrypt", "~> 3.1"
+  gem "railties", "~> 4.0"
+end
+appraise "rails-4.0" do
+  gem "activerecord", "~> 4.0.0", require: "active_record"
+  gem "bcrypt", "~> 3.1"
+  gem "railties", "~> 4.0"
+  gem "protected_attributes"
+end

data/CHANGELOG.md ADDED

@@ -0,0 +1,42 @@
+### 2.0.0 ###
+* Complete rewrite from scratch
+* Store sessions in the database
+* Multiple sessions and models support
+* Drop Sorcery support
+* Initializer is no longer needed
+### 1.4.0 ###
+* Use SecureRandom for token generation
+* Lots of support file cleanup
+* Some code cleanup
+* All of this is thanks to Pavel Pravosud (@rwz). This guy is fantastic.
+### 1.3.3 ###
+* Regenerate session token when user signs out (Issue #21)
+### 1.3.2 ###
+* Prevent duplicate password validations on Authem::User
+### 1.3.1 ###
+* Bump bcrypt dependency for Rails 4.0.1 compatibility
+### 1.3.0 ###
+* Check for presence of password in authenticate
+* Reconstantize user class when requested
+* Add remember token to generated migrations
+* Remove weird commas from generated migrations
+### 1.2.0 ###
+* Use `sign_in?` helper in `require_user` (Issue #13)
+* Update rails dependencies to final release versions
+### 1.1.1 ###
+* Lock down bcrypt version per Rails' requirements

data/Gemfile ADDED

@@ -0,0 +1,10 @@
+source "https://rubygems.org"
+gem "appraisal"
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "rake",  "~> 10.3"
+  gem "sqlite3"
+  gem "pry"
+end

data/README.markdown CHANGED

@@ -6,7 +6,7 @@ Authem is an email-based authentication library for ruby web apps.
 ## Compatibility
-Authem is tested against Ruby 1.9.3, 2.0.0, and Rubinius.
+Authem requires Ruby 2.0.0 or newer
 [![Build Status](https://secure.travis-ci.org/paulelliott/authem.png)](http://travis-ci.org/paulelliott/authem)
 [![Code Climate](https://codeclimate.com/github/paulelliott/authem.png)](https://codeclimate.com/github/paulelliott/authem)
@@ -14,3 +14,17 @@ Authem is tested against Ruby 1.9.3, 2.0.0, and Rubinius.
 ## Documentation
 Please see the Authem website for up-to-date documentation: http://authem.org
+## Upgrading to 2.0
+- Specify the latest alpha release in your Gemfile: `gem 'authem', '2.0.0.alpha.3'`
+- Remove references to the old Authem::Config object.
+- Create the new sessions table with `rails g authem:session`.
+- Replace `include Authem::ControllerSupport` with `authem_for :user`.
+- Rename `signed_in?` to `user_signed_in? OR `alias_method :signed_in?, :user_signed_in?` in your controller.
+- Rename column `User#reset_password_token` to `User#password_reset_token` OR `alias_attribute :password_reset_token, :reset_password_token` in your `User` model.
+- Replace calls to `user#reset_password_token!` with `user#password_reset_token`. Tokens are now generated automatically and the bang method is deprecated.
+- Rename `sign_out` to `sign_out_user` OR `alias_method :sign_out, :sign_out_user`
+- If you were passing a remember flag as the second argument to `sign_in`, you need to provide an options hash instead. For example, `sign_in(user, params[:remember])` would become `sign_in(user, remember: params[:remember])`.
+- Blank email addresses will now produce the proper "can't be blank" validation message". Update your tests accordingly.
+- Email addresses are no longer automatically downcased when calling `find_by_email` on your model. You will need to downcase the value manually if you wish to retain this behavior.

data/Rakefile CHANGED

@@ -1,6 +1,12 @@
-require "rspec/core/rake_task"
-RSpec::Core::RakeTask.new(:spec) do |spec|
-  spec.pattern = "spec/**/*_spec.rb"
-end
+require "bundler/setup"
+require "bundler/gem_tasks"
-task :default => :spec
+if !ENV["APPRAISAL_INITIALIZED"] && !ENV["TRAVIS"]
+  require "appraisal/task"
+  Appraisal::Task.new
+  task default: :appraisal
+else
+  require "rspec/core/rake_task"
+  RSpec::Core::RakeTask.new
+  task default: :spec
+end

data/authem.gemspec ADDED

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'authem/version'
+Gem::Specification.new do |spec|
+  spec.name                  = "authem"
+  spec.version               = Authem::VERSION
+  spec.authors               = ["Paul Elliott", "Pavel Pravosud"]
+  spec.email                 = ["paul@codingfrontier.com", "pavel@pravosud.com"]
+  spec.summary               = "Authem authenticates them by email"
+  spec.description           = "Authem provides a simple solution for email-based authentication"
+  spec.homepage              = "https://github.com/paulelliott/authem"
+  spec.license               = "MIT"
+  spec.required_ruby_version = ">= 2.0.0"
+  spec.files                 = `git ls-files`.split($/)
+  spec.test_files            = spec.files.grep("spec")
+  spec.require_path          = "lib"
+  spec.add_dependency "activesupport",  ">= 4.0.4"
+  spec.add_dependency "railties",       "~> 4.0"
+  spec.add_dependency "bcrypt",         "~> 3.1"
+end

data/gemfiles/rails_4.0.gemfile ADDED

@@ -0,0 +1,16 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "appraisal"
+gem "activerecord", "~> 4.0.0", :require => "active_record"
+gem "bcrypt", "~> 3.1"
+gem "railties", "~> 4.0"
+gem "protected_attributes"
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "rake", "~> 10.3"
+  gem "sqlite3"
+  gem "pry"
+end

data/gemfiles/rails_4.1.gemfile ADDED

@@ -0,0 +1,15 @@
+# This file was generated by Appraisal
+source "https://rubygems.org"
+gem "appraisal"
+gem "activerecord", "~> 4.1.0", :require => "active_record"
+gem "bcrypt", "~> 3.1"
+gem "railties", "~> 4.0"
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "rake", "~> 10.3"
+  gem "sqlite3"
+  gem "pry"
+end

data/lib/authem.rb CHANGED

@@ -1,12 +1,6 @@
-module Authem
-  autoload :BaseUser,          'authem/base_user'
-  autoload :User,              'authem/user'
-  autoload :SorceryUser,       'authem/sorcery_user'
-  autoload :Config,            'authem/config'
-  autoload :ControllerSupport, 'authem/controller_support'
-  autoload :Token,             'authem/token'
+require "authem/railtie"
+require "authem/user"
+require "authem/version"
-  def self.configure(&block)
-    Config.configure(&block)
-  end
+module Authem
 end

data/lib/authem/controller.rb ADDED

@@ -0,0 +1,50 @@
+require "active_support/concern"
+require "authem/role"
+module Authem
+  module Controller
+    extend ActiveSupport::Concern
+    included{ class_attribute :authem_roles }
+    module SessionManagementMethods
+      def sign_in(model, **options)
+        role = options.fetch(:as){ self.class.authem_role_for(model) }
+        public_send "sign_in_#{role}", model, options
+      end
+      def sign_out(model, **options)
+        role = options.fetch(:as){ self.class.authem_role_for(model) }
+        public_send "sign_out_#{role}"
+      end
+      def clear_all_sessions_for(model, **options)
+        role = options.fetch(:as){ self.class.authem_role_for(model) }
+        public_send "clear_all_#{role}_sessions_for", model
+      end
+      def redirect_back_or_to(url, **options)
+        url = session.delete(:return_to_url) || url
+        redirect_to url, options
+      end
+    end
+    module ClassMethods
+      def authem_for(role_name, **options)
+        include SessionManagementMethods
+        Authem::Role.new(self, role_name, options).setup!
+      end
+      def authem_role_for(record)
+        fail ArgumentError if record.nil?
+        matches = authem_roles.select{ |role| record.class == role.klass }
+        fail UnknownRoleError.build(record) if matches.empty?
+        fail AmbigousRoleError.build(record, matches) unless matches.one?
+        matches.first.name
+      end
+    end
+  end
+end

data/lib/authem/errors/ambigous_role.rb ADDED

@@ -0,0 +1,8 @@
+module Authem
+  class AmbigousRoleError < StandardError
+    def self.build(record, roles)
+      role_names = roles.map(&:name) * ", "
+      new("Ambigous match for #{record.inspect}: #{role_names}")
+    end
+  end
+end

data/lib/authem/errors/unknown_role.rb ADDED

@@ -0,0 +1,7 @@
+module Authem
+  class UnknownRoleError < StandardError
+    def self.build(record)
+      new("Unknown authem role: #{record.inspect}")
+    end
+  end
+end

data/lib/authem/railtie.rb ADDED

@@ -0,0 +1,12 @@
+require "authem/controller"
+require "rails/railtie"
+module Authem
+  class Railtie < ::Rails::Railtie
+    initializer "authem.controller" do
+      ActiveSupport.on_load :action_controller do
+        include Authem::Controller
+      end
+    end
+  end
+end

data/lib/authem/role.rb ADDED

@@ -0,0 +1,62 @@
+require "authem/support"
+module Authem
+  class Role
+    attr_reader :controller, :name, :options
+    METHODS = %i[current sign_in signed_in? require sign_out clear_for deny_access]
+    METHODS.each do |method_name|
+      define_method method_name do |controller, *args|
+        Support.new(self, controller).public_send(method_name, *args)
+      end
+    end
+    def initialize(controller, name, **options)
+      @controller, @name, @options = controller, name.to_s, options
+    end
+    def klass
+      @klass ||= options.fetch(:model){ name.classify.constantize }
+    end
+    def setup!
+      setup_controller_settings
+      setup_controller_instance_methods
+      setup_view_helpers
+    end
+    private
+    def setup_controller_settings
+      controller.authem_roles ||= []
+      controller.authem_roles += [self]
+    end
+    def setup_controller_instance_methods
+      role = self
+      method_mapping.each do |inner_method, exposed_method|
+        define_controller_method exposed_method do |*args|
+          role.public_send(inner_method, self, *args)
+        end
+      end
+    end
+    def setup_view_helpers
+      controller.helper_method *%I[current_#{name} #{name}_signed_in?]
+    end
+    def define_controller_method(*args, &block)
+      controller.instance_eval{ define_method *args, &block }
+    end
+    def method_mapping
+      exposed_methods = %I[current_#{name} sign_in_#{name}
+        #{name}_signed_in? require_#{name} sign_out_#{name}
+        clear_all_#{name}_sessions_for deny_#{name}_access]
+      Hash[[METHODS, exposed_methods].transpose]
+    end
+  end
+end

data/lib/authem/session.rb ADDED

@@ -0,0 +1,41 @@
+require "active_record"
+require "authem/token"
+module Authem
+  class Session < ::ActiveRecord::Base
+    self.table_name = :authem_sessions
+    belongs_to :subject, polymorphic: true
+    before_create do
+      self.token ||= Authem::Token.generate
+      self.ttl ||= 30.days
+      self.expires_at ||= ttl_from_now
+    end
+    class << self
+      def by_subject(record)
+        where(subject_type: record.class.name, subject_id: record.id)
+      end
+      def active
+        where(arel_table[:expires_at].gteq(Time.zone.now))
+      end
+      def expired
+        where(arel_table[:expires_at].lt(Time.zone.now))
+      end
+    end
+    def refresh
+      self.expires_at = ttl_from_now
+      save!
+    end
+    private
+    def ttl_from_now
+      ttl.to_i.seconds.from_now
+    end
+  end
+end

data/lib/authem/support.rb ADDED

@@ -0,0 +1,129 @@
+require "active_support/core_ext/module/delegation"
+require "authem/session"
+require "authem/errors/ambigous_role"
+require "authem/errors/unknown_role"
+module Authem
+  class Support
+    attr_reader :role, :controller
+    def initialize(role, controller)
+      @role, @controller = role, controller
+    end
+    def current
+      if ivar_defined?
+        ivar_get
+      else
+        ivar_set fetch_subject_by_token
+      end
+    end
+    def sign_in(record, **options)
+      check_record! record
+      ivar_set record
+      auth_session = create_auth_session(record, options)
+      save_session auth_session
+      save_cookie auth_session if options[:remember]
+      auth_session
+    end
+    def signed_in?
+      current.present?
+    end
+    def sign_out
+      ivar_set nil
+      Authem::Session.where(role: role_name, token: current_auth_token).delete_all
+      cookies.delete key, domain: :all
+      session.delete key
+    end
+    def clear_for(record)
+      check_record! record
+      sign_out
+      Authem::Session.by_subject(record).where(role: role_name).delete_all
+    end
+    def require
+      unless signed_in?
+        session[:return_to_url] = request.url unless request.xhr?
+        controller.send "deny_#{role_name}_access"
+      end
+    end
+    def deny_access
+      # default landing point for deny_#{role_name}_access
+      fail NotImplementedError, "No strategy for require_#{role_name} defined. Please define `deny_#{role_name}_access` method in your controller"
+    end
+    private
+    delegate :name, to: :role, prefix: true
+    def check_record!(record)
+      fail ArgumentError if record.nil?
+    end
+    def fetch_subject_by_token
+      return if current_auth_token.blank?
+      auth_session = get_auth_session_by_token(current_auth_token)
+      return nil unless auth_session
+      auth_session.refresh
+      save_cookie auth_session if cookies.signed[key].present?
+      auth_session.subject
+    end
+    def current_auth_token
+      session[key] || cookies.signed[key]
+    end
+    def create_auth_session(record, options)
+      Authem::Session.create!(role: role_name, subject: record, ttl: options[:ttl])
+    end
+    def save_session(auth_session)
+      session[key] = auth_session.token
+    end
+    def save_cookie(auth_session)
+      cookie_value = {
+        value:   auth_session.token,
+        expires: auth_session.expires_at,
+        domain:  :all
+      }
+      cookies.signed[key] = cookie_value
+    end
+    def get_auth_session_by_token(token)
+      Authem::Session.active.find_by(role: role_name, token: token)
+    end
+    def key
+      "_authem_current_#{role_name}"
+    end
+    def ivar_defined?
+      controller.instance_variable_defined?(ivar_name)
+    end
+    def ivar_set(value)
+      controller.instance_variable_set ivar_name, value
+    end
+    def ivar_get
+      controller.instance_variable_get ivar_name
+    end
+    def ivar_name
+      @ivar_name ||= "@_#{key}".to_sym
+    end
+    # exposing private controller methods
+    %i[cookies session redirect_to request].each do |method_name|
+      define_method method_name do |*args|
+        controller.send(method_name, *args)
+      end
+    end
+  end
+end