authentication-logic 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e3ea405dd232236ede943193d4e88d29b71325cfbd49792a1172d9ffa7d61f3a
+  data.tar.gz: 0e4feb942a405eeca6c22b6ccfe0aa435652b8ec725945ba04a1fba309482de8
+SHA512:
+  metadata.gz: b656538ef705d09b62b9f8ac6cf710814f549d6a0d74459076ff37be764ad2a61b518696a337d8c37670fa83d2f679eb158e2fab03550f7d06ca9a7e8e9534f9
+  data.tar.gz: c7780765733051e7c3317497bddce4dcf87415a029301170c54ee7c64ae001b99edb66239e28db0871b81de6a3216c9c84c87ef91935af2b4a92dfdfa1590e09

data/bin/console

@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "auth/logic"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/auth/logic/acts_as_authentic/base.rb

@@ -0,0 +1,118 @@
+# frozen_string_literal: true
+
+module Authentication
+  module Logic
+    module ActsAsAuthentic
+      # Provides the base functionality for acts_as_authentic
+      module Base
+        def self.included(klass)
+          klass.class_eval do
+            class_attribute :acts_as_authentic_modules
+            self.acts_as_authentic_modules ||= []
+            extend Authentication::Logic::Config
+            extend Config
+          end
+        end
+
+        # The primary configuration of a model (often, `User`) for use with
+        # auth-logic. These methods become class methods of ::ActiveRecord::Base.
+        module Config
+          # This includes a lot of helpful methods for authenticating records
+          # which the Authentication::Logic::Session module relies on. To use it just do:
+          #
+          #   class User < ApplicationRecord
+          #     acts_as_authentic
+          #   end
+          #
+          # Configuration is easy:
+          #
+          #   acts_as_authentic do |c|
+          #     c.my_configuration_option = my_value
+          #   end
+          #
+          # See the various sub modules for the configuration they provide.
+          def acts_as_authentic
+            yield self if block_given?
+            return unless db_setup?
+
+            acts_as_authentic_modules.each { |mod| include mod }
+          end
+
+          # Since this part of Authentication::Logic deals with another class, ActiveRecord,
+          # we can't just start including things in ActiveRecord itself. A lot of
+          # these module includes need to be triggered by the acts_as_authentic
+          # method call. For example, you don't want to start adding in email
+          # validations and what not into a model that has nothing to do with
+          # Authentication::Logic.
+          #
+          # That being said, this is your tool for extending Authentication::Logic and
+          # "hooking" into the acts_as_authentic call.
+          def add_acts_as_authentic_module(mod, action = :append)
+            modules = acts_as_authentic_modules.clone
+            case action
+            when :append
+              modules << mod
+            when :prepend
+              modules = [mod] + modules
+            end
+            modules.uniq!
+            self.acts_as_authentic_modules = modules
+          end
+
+          # This is the same as add_acts_as_authentic_module, except that it
+          # removes the module from the list.
+          def remove_acts_as_authentic_module(mod)
+            modules = acts_as_authentic_modules.clone
+            modules.delete(mod)
+            self.acts_as_authentic_modules = modules
+          end
+
+          # Some Authentication::Logic modules requires a database connection with a existing
+          # users table by the moment when you call the `acts_as_authentic`
+          # method. If you try to call `acts_as_authentic` without a database
+          # connection, it will raise a `Authentication::Logic::ModelSetupError`.
+          #
+          # If you rely on the User model before the database is setup correctly,
+          # set this field to false.
+          # * <tt>Default:</tt> false
+          # * <tt>Accepts:</tt> Boolean
+          def raise_on_model_setup_error(value = nil)
+            rw_config(:raise_on_model_setup_error, value, false)
+          end
+          alias raise_on_model_setup_error= raise_on_model_setup_error
+
+          private
+
+          def db_setup?
+            column_names
+            true
+          rescue StandardError
+            raise ModelSetupError if raise_on_model_setup_error
+
+            false
+          end
+
+          def first_column_to_exist(*columns_to_check)
+            if db_setup?
+              columns_to_check.each do |column_name|
+                return column_name.to_sym if column_names.include?(column_name.to_s)
+              end
+            end
+            columns_to_check.first&.to_sym
+          end
+        end
+      end
+    end
+  end
+end
+
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::Base
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::Email
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::LoggedInStatus
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::Login
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::MagicColumns
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::Password
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::PerishableToken
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::PersistenceToken
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::SessionMaintenance
+::ActiveRecord::Base.include Authentication::Logic::ActsAsAuthentic::SingleAccessToken

data/lib/auth/logic/acts_as_authentic/email.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Authentication
+  module Logic
+    module ActsAsAuthentic
+      # Sometimes models won't have an explicit "login" or "username" field.
+      # Instead they want to use the email field. In this case, auth-logic provides
+      # validations to make sure the email submited is actually a valid email.
+      # Don't worry, if you do have a login or username field, Authentication::Logic will
+      # still validate your email field. One less thing you have to worry about.
+      module Email
+        def self.included(klass)
+          klass.class_eval do
+            extend Config
+          end
+        end
+
+        # Configuration to modify how Authentication::Logic handles the email field.
+        module Config
+          # The name of the field that stores email addresses.
+          #
+          # * <tt>Default:</tt> :email, if it exists
+          # * <tt>Accepts:</tt> Symbol
+          def email_field(value = nil)
+            rw_config(:email_field, value, first_column_to_exist(nil, :email, :email_address))
+          end
+          alias email_field= email_field
+        end
+      end
+    end
+  end
+end

data/lib/auth/logic/acts_as_authentic/logged_in_status.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+module Authentication
+  module Logic
+    module ActsAsAuthentic
+      # Since web applications are stateless there is not sure fire way to tell if
+      # a user is logged in or not, from the database perspective. The best way to
+      # do this is to provide a "timeout" based on inactivity. So if that user is
+      # inactive for a certain amount of time we assume they are logged out.
+      # That's what this module is all about.
+      module LoggedInStatus
+        def self.included(klass)
+          klass.class_eval do
+            extend Config
+            add_acts_as_authentic_module(Methods)
+          end
+        end
+
+        # All configuration for the logged in status feature set.
+        module Config
+          # The timeout to determine when a user is logged in or not.
+          #
+          # * <tt>Default:</tt> 10.minutes
+          # * <tt>Accepts:</tt> Fixnum
+          def logged_in_timeout(value = nil)
+            rw_config(:logged_in_timeout, (!value.nil? && value.to_i) || value, 10.minutes.to_i)
+          end
+          alias logged_in_timeout= logged_in_timeout
+        end
+
+        # All methods for the logged in status feature seat.
+        module Methods
+          def self.included(klass)
+            return unless klass.column_names.include?("last_request_at")
+
+            klass.class_eval do
+              include InstanceMethods
+              scope(
+                :logged_in,
+                lambda do
+                  where(
+                    "last_request_at > ? and current_login_at IS NOT NULL",
+                    logged_in_timeout.seconds.ago
+                  )
+                end
+              )
+              scope(
+                :logged_out,
+                lambda do
+                  where(
+                    "last_request_at is NULL or last_request_at <= ?",
+                    logged_in_timeout.seconds.ago
+                  )
+                end
+              )
+            end
+          end
+
+          # :nodoc:
+          module InstanceMethods
+            # Returns true if the last_request_at > logged_in_timeout.
+            def logged_in?
+              unless respond_to?(:last_request_at)
+                raise(
+                  "Can not determine the records login state because " \
+                    "there is no last_request_at column"
+                )
+              end
+              !last_request_at.nil? && last_request_at > logged_in_timeout.seconds.ago
+            end
+
+            # Opposite of logged_in?
+            def logged_out?
+              !logged_in?
+            end
+
+            private
+
+            def logged_in_timeout
+              self.class.logged_in_timeout
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/auth/logic/acts_as_authentic/login.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require "auth/logic/acts_as_authentic/queries/case_sensitivity"
+require "auth/logic/acts_as_authentic/queries/find_with_case"
+
+module Authentication
+  module Logic
+    module ActsAsAuthentic
+      # Handles everything related to the login field.
+      module Login
+        def self.included(klass)
+          klass.class_eval do
+            extend Config
+          end
+        end
+
+        # Configuration for the login field.
+        module Config
+          # The name of the login field in the database.
+          #
+          # * <tt>Default:</tt> :login or :username, if they exist
+          # * <tt>Accepts:</tt> Symbol
+          def login_field(value = nil)
+            rw_config(:login_field, value, first_column_to_exist(nil, :login, :username))
+          end
+          alias login_field= login_field
+
+          # This method allows you to find a record with the given login. If you
+          # notice, with Active Record you have the UniquenessValidator class.
+          # They give you a :case_sensitive option. I handle this in the same
+          # manner that they handle that. If you are using the login field, set
+          # false for the :case_sensitive option in
+          # validates_uniqueness_of_login_field_options and the column doesn't
+          # have a case-insensitive collation, this method will modify the query
+          # to look something like:
+          #
+          #   "LOWER(#{quoted_table_name}.#{login_field}) = LOWER(#{login})"
+          #
+          # If you don't specify this it just uses a regular case-sensitive search
+          # (with the binary modifier if necessary):
+          #
+          #   "BINARY #{login_field} = #{login}"
+          #
+          # The above also applies for using email as your login, except that you
+          # need to set the :case_sensitive in
+          # validates_uniqueness_of_email_field_options to false.
+          #
+          # @api public
+          def find_by_smart_case_login_field(login)
+            field = login_field || email_field
+            sensitive = Queries::CaseSensitivity.new(self, field).sensitive?
+            find_with_case(field, login, sensitive)
+          end
+
+          private
+
+          # @api private
+          def find_with_case(field, value, sensitive)
+            Queries::FindWithCase.new(self, field, value, sensitive).execute
+          end
+        end
+      end
+    end
+  end
+end

data/lib/auth/logic/acts_as_authentic/magic_columns.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+module Authentication
+  module Logic
+    module ActsAsAuthentic
+      # Magic columns are like ActiveRecord's created_at and updated_at columns.
+      # They are "magically" maintained for you. Authentication::Logic has the same thing, but
+      # these are maintained on the session side. Please see "Magic Columns" in
+      # `Session::Base` for more details. This module merely adds validations for
+      # the magic columns if they exist.
+      module MagicColumns
+        def self.included(klass)
+          klass.class_eval do
+            add_acts_as_authentic_module(Methods)
+          end
+        end
+
+        # Methods relating to the magic columns
+        module Methods
+          def self.included(klass)
+            klass.class_eval do
+              if column_names.include?("login_count")
+                validates_numericality_of :login_count,
+                                          only_integer: true,
+                                          greater_than_or_equal_to: 0,
+                                          allow_nil: true
+              end
+              if column_names.include?("failed_login_count")
+                validates_numericality_of :failed_login_count,
+                                          only_integer: true,
+                                          greater_than_or_equal_to: 0,
+                                          allow_nil: true
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end