auther 0.2.0 → 0.3.0

data/app/controllers/auther/base_controller.rb

@@ -0,0 +1,79 @@
+module Auther
+  class BaseController < ActionController::Base
+    def show
+      redirect_to settings[:auth_url]
+    end
+
+    def new
+      @account = Auther::Account.new
+    end
+
+    def create
+      if account.valid?
+        store_credentials
+        redirect_to session["auther_redirect_url"] || '/'
+      else
+        remove_credentials account.name
+        render template: new_template_path
+      end
+    end
+
+    def destroy
+      remove_credentials params[:name]
+      redirect_to settings[:auth_url]
+    end
+
+    private
+
+    def load_title
+      @title = settings[:title]
+    end
+
+    def load_label
+      @label = settings[:label]
+    end
+
+    def settings
+      Rails.application.config.auther_settings
+    end
+
+    def account
+      account_params = params.fetch :account
+      account_settings = find_account account_params.fetch(:name)
+
+      @account ||= Auther::Account.new name: account_params.fetch(:name),
+        login: account_params.fetch(:login),
+        secure_login: account_settings.fetch(:login),
+        password: account_params.fetch(:password),
+        secure_password: account_settings.fetch(:password),
+        secret: settings.fetch(:secret)
+    end
+
+    def name_options
+      @name_options = settings.fetch(:accounts).map do |account|
+        name = account.fetch :name
+        [name.capitalize, name]
+      end
+    end
+
+    def new_template_path
+      raise NotImplementedError, "The method, #new_template_path, is not implemented."
+    end
+
+    def find_account name
+      settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
+    end
+
+    def store_credentials
+      keymaster = Auther::Keymaster.new account.name
+      session[keymaster.login_key] = account.secure_login
+      session[keymaster.password_key] = account.secure_password
+    end
+
+    def remove_credentials name
+      keymaster = Auther::Keymaster.new name
+      session.delete keymaster.login_key
+      session.delete keymaster.password_key
+    end
+  end
+end

data/app/controllers/auther/session_controller.rb

@@ -1,59 +1,11 @@
-class Auther::SessionController < ApplicationController
+class Auther::SessionController < Auther::BaseController
   layout "auther/auth"
+  before_filter :load_title, :load_label
   before_filter :name_options, only: [:new, :create]
 
-  def show
-    redirect_to action: :new
-  end
-
-  def new
-    @account = Auther::Account.new
-  end
-
-  def create
-    account_params = params.fetch(:account)
-    @account = Auther::Account.new find_account(account_params.fetch(:name))
-
-    if @account.valid?
-      store_credentials @account, account_params.fetch(:login), account_params.fetch(:password)
-      redirect_to session["auther_redirect_url"] || '/'
-    else
-      render template: "auther/session/new"
-    end
-  end
-
-  def destroy
-    remove_credentials params[:name]
-    redirect_to action: :new
-  end
-
   private
 
-  def settings
-    Rails.application.config.auther_settings
-  end
-
-  def name_options
-    @name_options = settings.fetch(:accounts).map do |account|
-      name = account.fetch :name
-      [name.capitalize, name]
-    end
-  end
-
-  def find_account name
-    settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
-  end
-
-  def store_credentials account, login, password
-    keymaster = Auther::Keymaster.new account.name
-    cipher = Auther::Cipher.new settings.fetch(:secret)
-    session[keymaster.login_key] = cipher.encrypt login
-    session[keymaster.password_key] = cipher.encrypt password
-  end
-
-  def remove_credentials name
-    keymaster = Auther::Keymaster.new name
-    session.delete keymaster.login_key
-    session.delete keymaster.password_key
+  def new_template_path
+    "auther/session/new"
   end
 end

data/app/models/auther/account.rb

@@ -2,16 +2,57 @@ module Auther
   class Account
     include ActiveModel::Validations
 
-    attr_accessor :name, :login, :password, :paths
+    attr_accessor :name, :login, :secure_login, :password, :secure_password, :paths
 
-    validates :name, :login, :password, presence: true
+    validates :name, presence: true
     validates :paths, presence: {unless: lambda { |account| account.paths.is_a? Array }, message: "must be an array"}
 
-    def initialize name: nil, login: nil, password: nil, paths: []
+    def initialize name: nil, login: nil, secure_login: nil, password: nil, secure_password: nil, paths: [], secret: nil
       @name = name
       @login = login
+      @secure_login = secure_login
       @password = password
+      @secure_password = secure_password
       @paths = paths
+      @secret = secret
+    end
+
+    def valid?
+      super && authorized_login? && authorized_password?
+    end
+
+    def invalid?
+      !valid?
+    end
+
+    private
+
+    def secret
+      @secret
+    end
+
+    def decrypt attribute
+      if attribute.present? && secret.present?
+        cipher = Auther::Cipher.new secret
+        cipher.decrypt attribute
+      end
+    end
+
+    def authorized? attribute, secure_attribute, error_name
+      if attribute == decrypt(secure_attribute)
+        true
+      else
+        errors.add error_name, "is invalid"
+        false
+      end
+    end
+
+    def authorized_login?
+      authorized? login, secure_login, "login"
+    end
+
+    def authorized_password?
+      authorized? password, secure_password, "password"
     end
   end
 end

data/app/views/auther/session/new.html.slim

@@ -1,25 +1,36 @@
+- content_for(:title) { @title }
+
 = form_for @account, as: :account, url: "/auther/session", html: {class: "auther-form"} do |form|
-  .row
-    h1.title Authorization
+  .small-12
+    .row
+      h1.text-center = @label
 
-  .row
-    .label
-      = form.label :login, "Login:"
-    .input
-      = form.text_field :login
+    .row
+      .small-8
+        .row
+          .small-6.columns
+            = form.label :login, "Login:", class: "inline right"
+          .small-6.columns
+            = form.text_field :login
 
-  .row
-    .label
-      = form.label :password, "Password:"
-    .input
-      = form.password_field :password
+    .row
+      .small-8
+        .row
+          .small-6.columns
+            = form.label :password, "Password:", class: "inline right"
+          .small-6.columns
+            = form.password_field :password
 
-  .row
-    .label
-      = form.label :name, "Account:"
-    .input
-      = form.select :name, @name_options
+    .row
+      .small-8
+        .row
+          .small-6.columns
+            = form.label :name, "Account:", class: "inline right"
+          .small-6.columns
+            = form.select :name, @name_options
 
-  .row
-    .actions
-      = form.submit "Login"
+    .row
+      .small-8
+        .row
+          .small-6.right
+            = form.submit "Login", class: "button round expand"

data/app/views/layouts/auther/auth.html.slim

@@ -1,10 +1,13 @@
-head
-  meta charset="utf-8"
-  meta name="viewport" content="width=device-width, initial-scale=1.0"
-  title Authorization
+doctype html
+html lang="en"
+  head
+    meta charset="utf-8"
+    meta name="viewport" content="width=device-width, initial-scale=1.0"
+    title = yield :title
 
-  = stylesheet_link_tag "auther/application", media: "all"
-  = csrf_meta_tags
-body
-  = yield
-  = javascript_include_tag "auther/application"
+    = stylesheet_link_tag "auther/application", media: "all"
+    = javascript_include_tag :modernizr
+    = csrf_meta_tags
+  body
+    = yield
+    = javascript_include_tag "auther/application"

data/lib/auther/engine.rb

@@ -5,7 +5,19 @@ module Auther
     # Set defaults. Can be overwritten in app config.
     config.auther_settings = {}
 
+    # Add jQuery assets.
+    jquery_gem_path = Gem.loaded_specs["jquery-rails"].full_gem_path
+    config.assets.paths << "#{jquery_gem_path}/vendor/assets/javascripts"
+
+    # Add Zurb Foundation assets.
+    foundation_gem_path = Gem.loaded_specs["foundation-rails"].full_gem_path
+    config.assets.paths << "#{foundation_gem_path}/vendor/assets/stylesheets"
+    config.assets.paths << "#{foundation_gem_path}/vendor/assets/javascripts"
+
     initializer "auther.initialize" do |app|
+      # Configure log filter parameters.
+      app.config.filter_parameters += [:login, :password]
+
       # Initialize Gatekeeper middleware.
       app.config.app_middleware.use Auther::Gatekeeper, app.config.auther_settings
     end

data/lib/auther/gatekeeper.rb

@@ -1,30 +1,41 @@
 module Auther
   class Gatekeeper
-    attr_reader :application, :settings
+    attr_reader :application, :environment, :settings
 
     def initialize application, settings = []
       @application = application
       @settings = settings
     end
 
-    def call env
-      session = env.fetch "rack.session"
-      request_path = env["PATH_INFO"]
+    def call environment
+      @environment = environment
 
-      if authorized?(env, request_path)
-        application.call env
+      if authorized?(request.path)
+        application.call environment
       else
-        session[Auther::Keymaster.redirect_url_key] = request_path
-        response = Rack::Response.new
-        response.redirect settings[:auth_url]
-        response.finish
+        session[Auther::Keymaster.redirect_url_key] = request.path
+        denied_response = response
+        denied_response.redirect settings[:auth_url]
+        denied_response.finish
       end
     end
 
     private
 
-    def find_account env
-      session = env.fetch "rack.session"
+    def session
+      environment.fetch "rack.session"
+    end
+
+    def request
+      Rack::Request.new environment
+    end
+
+    def response
+      status, headers, body = application.call environment
+      Rack::Response.new body, status, headers
+    end
+
+    def find_account
       session["auther_init"] = true # Force session to initialize.
       account_name = Auther::Keymaster.get_account_name session
       settings.fetch(:accounts).select { |account| account.fetch(:name) == account_name }.first
@@ -39,8 +50,7 @@ module Auther
       account.fetch(:paths).include? path
     end
 
-    def authenticated? env, account
-      session = env.fetch "rack.session"
+    def authenticated? account
       keymaster = Auther::Keymaster.new account.fetch(:name)
       cipher = Auther::Cipher.new settings.fetch(:secret)
 
@@ -56,10 +66,10 @@ module Auther
       end
     end
 
-    def authorized? env, path
+    def authorized? path
       if blacklisted_path?(path)
-        account = find_account env
-        account && authenticated?(env, account) && !blacklisted_account?(account, path)
+        account = find_account
+        account && authenticated?(account) && !blacklisted_account?(account, path)
       else
         true
       end

data/lib/auther/version.rb

@@ -1,3 +1,3 @@
 module Auther
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auther
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Brooke Kuhlmann
@@ -30,7 +30,7 @@ cert_chain:
   SJpzzzZ8gO6BKn4fhd+ENNQ333Qy3nuNk07TVIaNnlgeHhowUDuD9T7Z8Lka0pt3
   4PteiTppsf0SSVAM9zSO5IuFngXMRwWgvjOfXE70f43RDuUVTCSyylc=
   -----END CERTIFICATE-----
-date: 2014-01-13 00:00:00.000000000 Z
+date: 2014-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -74,6 +74,48 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: jquery-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: modernizr-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: foundation-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -255,8 +297,9 @@ files:
 - LICENSE.md
 - README.md
 - app/assets/javascripts/auther/application.js
-- app/assets/stylesheets/auther/application.css.scss
-- app/controllers/auther/application_controller.rb
+- app/assets/stylesheets/auther/application.scss
+- app/assets/stylesheets/auther/foundation_and_overrides.scss
+- app/controllers/auther/base_controller.rb
 - app/controllers/auther/session_controller.rb
 - app/helpers/auther/application_helper.rb
 - app/models/auther/account.rb