auther 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +47 -9
- data/app/assets/javascripts/auther/application.js +5 -0
- data/app/assets/stylesheets/auther/application.scss +1 -0
- data/app/assets/stylesheets/auther/foundation_and_overrides.scss +1191 -0
- data/app/controllers/auther/base_controller.rb +79 -0
- data/app/controllers/auther/session_controller.rb +4 -52
- data/app/models/auther/account.rb +44 -3
- data/app/views/auther/session/new.html.slim +31 -20
- data/app/views/layouts/auther/auth.html.slim +12 -9
- data/lib/auther/engine.rb +12 -0
- data/lib/auther/gatekeeper.rb +27 -17
- data/lib/auther/version.rb +1 -1
- metadata +47 -4
- metadata.gz.sig +0 -0
- data/app/assets/stylesheets/auther/application.css.scss +0 -45
- data/app/controllers/auther/application_controller.rb +0 -4
@@ -0,0 +1,79 @@
|
|
1
|
+
module Auther
|
2
|
+
class BaseController < ActionController::Base
|
3
|
+
def show
|
4
|
+
redirect_to settings[:auth_url]
|
5
|
+
end
|
6
|
+
|
7
|
+
def new
|
8
|
+
@account = Auther::Account.new
|
9
|
+
end
|
10
|
+
|
11
|
+
def create
|
12
|
+
if account.valid?
|
13
|
+
store_credentials
|
14
|
+
redirect_to session["auther_redirect_url"] || '/'
|
15
|
+
else
|
16
|
+
remove_credentials account.name
|
17
|
+
render template: new_template_path
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def destroy
|
22
|
+
remove_credentials params[:name]
|
23
|
+
redirect_to settings[:auth_url]
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def load_title
|
29
|
+
@title = settings[:title]
|
30
|
+
end
|
31
|
+
|
32
|
+
def load_label
|
33
|
+
@label = settings[:label]
|
34
|
+
end
|
35
|
+
|
36
|
+
def settings
|
37
|
+
Rails.application.config.auther_settings
|
38
|
+
end
|
39
|
+
|
40
|
+
def account
|
41
|
+
account_params = params.fetch :account
|
42
|
+
account_settings = find_account account_params.fetch(:name)
|
43
|
+
|
44
|
+
@account ||= Auther::Account.new name: account_params.fetch(:name),
|
45
|
+
login: account_params.fetch(:login),
|
46
|
+
secure_login: account_settings.fetch(:login),
|
47
|
+
password: account_params.fetch(:password),
|
48
|
+
secure_password: account_settings.fetch(:password),
|
49
|
+
secret: settings.fetch(:secret)
|
50
|
+
end
|
51
|
+
|
52
|
+
def name_options
|
53
|
+
@name_options = settings.fetch(:accounts).map do |account|
|
54
|
+
name = account.fetch :name
|
55
|
+
[name.capitalize, name]
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def new_template_path
|
60
|
+
raise NotImplementedError, "The method, #new_template_path, is not implemented."
|
61
|
+
end
|
62
|
+
|
63
|
+
def find_account name
|
64
|
+
settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
|
65
|
+
end
|
66
|
+
|
67
|
+
def store_credentials
|
68
|
+
keymaster = Auther::Keymaster.new account.name
|
69
|
+
session[keymaster.login_key] = account.secure_login
|
70
|
+
session[keymaster.password_key] = account.secure_password
|
71
|
+
end
|
72
|
+
|
73
|
+
def remove_credentials name
|
74
|
+
keymaster = Auther::Keymaster.new name
|
75
|
+
session.delete keymaster.login_key
|
76
|
+
session.delete keymaster.password_key
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
@@ -1,59 +1,11 @@
|
|
1
|
-
class Auther::SessionController <
|
1
|
+
class Auther::SessionController < Auther::BaseController
|
2
2
|
layout "auther/auth"
|
3
|
+
before_filter :load_title, :load_label
|
3
4
|
before_filter :name_options, only: [:new, :create]
|
4
5
|
|
5
|
-
def show
|
6
|
-
redirect_to action: :new
|
7
|
-
end
|
8
|
-
|
9
|
-
def new
|
10
|
-
@account = Auther::Account.new
|
11
|
-
end
|
12
|
-
|
13
|
-
def create
|
14
|
-
account_params = params.fetch(:account)
|
15
|
-
@account = Auther::Account.new find_account(account_params.fetch(:name))
|
16
|
-
|
17
|
-
if @account.valid?
|
18
|
-
store_credentials @account, account_params.fetch(:login), account_params.fetch(:password)
|
19
|
-
redirect_to session["auther_redirect_url"] || '/'
|
20
|
-
else
|
21
|
-
render template: "auther/session/new"
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def destroy
|
26
|
-
remove_credentials params[:name]
|
27
|
-
redirect_to action: :new
|
28
|
-
end
|
29
|
-
|
30
6
|
private
|
31
7
|
|
32
|
-
def
|
33
|
-
|
34
|
-
end
|
35
|
-
|
36
|
-
def name_options
|
37
|
-
@name_options = settings.fetch(:accounts).map do |account|
|
38
|
-
name = account.fetch :name
|
39
|
-
[name.capitalize, name]
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
def find_account name
|
44
|
-
settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
|
45
|
-
end
|
46
|
-
|
47
|
-
def store_credentials account, login, password
|
48
|
-
keymaster = Auther::Keymaster.new account.name
|
49
|
-
cipher = Auther::Cipher.new settings.fetch(:secret)
|
50
|
-
session[keymaster.login_key] = cipher.encrypt login
|
51
|
-
session[keymaster.password_key] = cipher.encrypt password
|
52
|
-
end
|
53
|
-
|
54
|
-
def remove_credentials name
|
55
|
-
keymaster = Auther::Keymaster.new name
|
56
|
-
session.delete keymaster.login_key
|
57
|
-
session.delete keymaster.password_key
|
8
|
+
def new_template_path
|
9
|
+
"auther/session/new"
|
58
10
|
end
|
59
11
|
end
|
@@ -2,16 +2,57 @@ module Auther
|
|
2
2
|
class Account
|
3
3
|
include ActiveModel::Validations
|
4
4
|
|
5
|
-
attr_accessor :name, :login, :password, :paths
|
5
|
+
attr_accessor :name, :login, :secure_login, :password, :secure_password, :paths
|
6
6
|
|
7
|
-
validates :name,
|
7
|
+
validates :name, presence: true
|
8
8
|
validates :paths, presence: {unless: lambda { |account| account.paths.is_a? Array }, message: "must be an array"}
|
9
9
|
|
10
|
-
def initialize name: nil, login: nil, password: nil, paths: []
|
10
|
+
def initialize name: nil, login: nil, secure_login: nil, password: nil, secure_password: nil, paths: [], secret: nil
|
11
11
|
@name = name
|
12
12
|
@login = login
|
13
|
+
@secure_login = secure_login
|
13
14
|
@password = password
|
15
|
+
@secure_password = secure_password
|
14
16
|
@paths = paths
|
17
|
+
@secret = secret
|
18
|
+
end
|
19
|
+
|
20
|
+
def valid?
|
21
|
+
super && authorized_login? && authorized_password?
|
22
|
+
end
|
23
|
+
|
24
|
+
def invalid?
|
25
|
+
!valid?
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def secret
|
31
|
+
@secret
|
32
|
+
end
|
33
|
+
|
34
|
+
def decrypt attribute
|
35
|
+
if attribute.present? && secret.present?
|
36
|
+
cipher = Auther::Cipher.new secret
|
37
|
+
cipher.decrypt attribute
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def authorized? attribute, secure_attribute, error_name
|
42
|
+
if attribute == decrypt(secure_attribute)
|
43
|
+
true
|
44
|
+
else
|
45
|
+
errors.add error_name, "is invalid"
|
46
|
+
false
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def authorized_login?
|
51
|
+
authorized? login, secure_login, "login"
|
52
|
+
end
|
53
|
+
|
54
|
+
def authorized_password?
|
55
|
+
authorized? password, secure_password, "password"
|
15
56
|
end
|
16
57
|
end
|
17
58
|
end
|
@@ -1,25 +1,36 @@
|
|
1
|
+
- content_for(:title) { @title }
|
2
|
+
|
1
3
|
= form_for @account, as: :account, url: "/auther/session", html: {class: "auther-form"} do |form|
|
2
|
-
.
|
3
|
-
|
4
|
+
.small-12
|
5
|
+
.row
|
6
|
+
h1.text-center = @label
|
4
7
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
8
|
+
.row
|
9
|
+
.small-8
|
10
|
+
.row
|
11
|
+
.small-6.columns
|
12
|
+
= form.label :login, "Login:", class: "inline right"
|
13
|
+
.small-6.columns
|
14
|
+
= form.text_field :login
|
10
15
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
+
.row
|
17
|
+
.small-8
|
18
|
+
.row
|
19
|
+
.small-6.columns
|
20
|
+
= form.label :password, "Password:", class: "inline right"
|
21
|
+
.small-6.columns
|
22
|
+
= form.password_field :password
|
16
23
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
24
|
+
.row
|
25
|
+
.small-8
|
26
|
+
.row
|
27
|
+
.small-6.columns
|
28
|
+
= form.label :name, "Account:", class: "inline right"
|
29
|
+
.small-6.columns
|
30
|
+
= form.select :name, @name_options
|
22
31
|
|
23
|
-
|
24
|
-
|
25
|
-
|
32
|
+
.row
|
33
|
+
.small-8
|
34
|
+
.row
|
35
|
+
.small-6.right
|
36
|
+
= form.submit "Login", class: "button round expand"
|
@@ -1,10 +1,13 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
1
|
+
doctype html
|
2
|
+
html lang="en"
|
3
|
+
head
|
4
|
+
meta charset="utf-8"
|
5
|
+
meta name="viewport" content="width=device-width, initial-scale=1.0"
|
6
|
+
title = yield :title
|
5
7
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
8
|
+
= stylesheet_link_tag "auther/application", media: "all"
|
9
|
+
= javascript_include_tag :modernizr
|
10
|
+
= csrf_meta_tags
|
11
|
+
body
|
12
|
+
= yield
|
13
|
+
= javascript_include_tag "auther/application"
|
data/lib/auther/engine.rb
CHANGED
@@ -5,7 +5,19 @@ module Auther
|
|
5
5
|
# Set defaults. Can be overwritten in app config.
|
6
6
|
config.auther_settings = {}
|
7
7
|
|
8
|
+
# Add jQuery assets.
|
9
|
+
jquery_gem_path = Gem.loaded_specs["jquery-rails"].full_gem_path
|
10
|
+
config.assets.paths << "#{jquery_gem_path}/vendor/assets/javascripts"
|
11
|
+
|
12
|
+
# Add Zurb Foundation assets.
|
13
|
+
foundation_gem_path = Gem.loaded_specs["foundation-rails"].full_gem_path
|
14
|
+
config.assets.paths << "#{foundation_gem_path}/vendor/assets/stylesheets"
|
15
|
+
config.assets.paths << "#{foundation_gem_path}/vendor/assets/javascripts"
|
16
|
+
|
8
17
|
initializer "auther.initialize" do |app|
|
18
|
+
# Configure log filter parameters.
|
19
|
+
app.config.filter_parameters += [:login, :password]
|
20
|
+
|
9
21
|
# Initialize Gatekeeper middleware.
|
10
22
|
app.config.app_middleware.use Auther::Gatekeeper, app.config.auther_settings
|
11
23
|
end
|
data/lib/auther/gatekeeper.rb
CHANGED
@@ -1,30 +1,41 @@
|
|
1
1
|
module Auther
|
2
2
|
class Gatekeeper
|
3
|
-
attr_reader :application, :settings
|
3
|
+
attr_reader :application, :environment, :settings
|
4
4
|
|
5
5
|
def initialize application, settings = []
|
6
6
|
@application = application
|
7
7
|
@settings = settings
|
8
8
|
end
|
9
9
|
|
10
|
-
def call
|
11
|
-
|
12
|
-
request_path = env["PATH_INFO"]
|
10
|
+
def call environment
|
11
|
+
@environment = environment
|
13
12
|
|
14
|
-
if authorized?(
|
15
|
-
application.call
|
13
|
+
if authorized?(request.path)
|
14
|
+
application.call environment
|
16
15
|
else
|
17
|
-
session[Auther::Keymaster.redirect_url_key] =
|
18
|
-
|
19
|
-
|
20
|
-
|
16
|
+
session[Auther::Keymaster.redirect_url_key] = request.path
|
17
|
+
denied_response = response
|
18
|
+
denied_response.redirect settings[:auth_url]
|
19
|
+
denied_response.finish
|
21
20
|
end
|
22
21
|
end
|
23
22
|
|
24
23
|
private
|
25
24
|
|
26
|
-
def
|
27
|
-
|
25
|
+
def session
|
26
|
+
environment.fetch "rack.session"
|
27
|
+
end
|
28
|
+
|
29
|
+
def request
|
30
|
+
Rack::Request.new environment
|
31
|
+
end
|
32
|
+
|
33
|
+
def response
|
34
|
+
status, headers, body = application.call environment
|
35
|
+
Rack::Response.new body, status, headers
|
36
|
+
end
|
37
|
+
|
38
|
+
def find_account
|
28
39
|
session["auther_init"] = true # Force session to initialize.
|
29
40
|
account_name = Auther::Keymaster.get_account_name session
|
30
41
|
settings.fetch(:accounts).select { |account| account.fetch(:name) == account_name }.first
|
@@ -39,8 +50,7 @@ module Auther
|
|
39
50
|
account.fetch(:paths).include? path
|
40
51
|
end
|
41
52
|
|
42
|
-
def authenticated?
|
43
|
-
session = env.fetch "rack.session"
|
53
|
+
def authenticated? account
|
44
54
|
keymaster = Auther::Keymaster.new account.fetch(:name)
|
45
55
|
cipher = Auther::Cipher.new settings.fetch(:secret)
|
46
56
|
|
@@ -56,10 +66,10 @@ module Auther
|
|
56
66
|
end
|
57
67
|
end
|
58
68
|
|
59
|
-
def authorized?
|
69
|
+
def authorized? path
|
60
70
|
if blacklisted_path?(path)
|
61
|
-
account = find_account
|
62
|
-
account && authenticated?(
|
71
|
+
account = find_account
|
72
|
+
account && authenticated?(account) && !blacklisted_account?(account, path)
|
63
73
|
else
|
64
74
|
true
|
65
75
|
end
|
data/lib/auther/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: auther
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brooke Kuhlmann
|
@@ -30,7 +30,7 @@ cert_chain:
|
|
30
30
|
SJpzzzZ8gO6BKn4fhd+ENNQ333Qy3nuNk07TVIaNnlgeHhowUDuD9T7Z8Lka0pt3
|
31
31
|
4PteiTppsf0SSVAM9zSO5IuFngXMRwWgvjOfXE70f43RDuUVTCSyylc=
|
32
32
|
-----END CERTIFICATE-----
|
33
|
-
date: 2014-01-
|
33
|
+
date: 2014-01-20 00:00:00.000000000 Z
|
34
34
|
dependencies:
|
35
35
|
- !ruby/object:Gem::Dependency
|
36
36
|
name: rails
|
@@ -74,6 +74,48 @@ dependencies:
|
|
74
74
|
- - "~>"
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '4.0'
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: jquery-rails
|
79
|
+
requirement: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '3.0'
|
84
|
+
type: :runtime
|
85
|
+
prerelease: false
|
86
|
+
version_requirements: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - "~>"
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '3.0'
|
91
|
+
- !ruby/object:Gem::Dependency
|
92
|
+
name: modernizr-rails
|
93
|
+
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - "~>"
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '2.7'
|
98
|
+
type: :runtime
|
99
|
+
prerelease: false
|
100
|
+
version_requirements: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - "~>"
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '2.7'
|
105
|
+
- !ruby/object:Gem::Dependency
|
106
|
+
name: foundation-rails
|
107
|
+
requirement: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - "~>"
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '5.0'
|
112
|
+
type: :runtime
|
113
|
+
prerelease: false
|
114
|
+
version_requirements: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '5.0'
|
77
119
|
- !ruby/object:Gem::Dependency
|
78
120
|
name: rake
|
79
121
|
requirement: !ruby/object:Gem::Requirement
|
@@ -255,8 +297,9 @@ files:
|
|
255
297
|
- LICENSE.md
|
256
298
|
- README.md
|
257
299
|
- app/assets/javascripts/auther/application.js
|
258
|
-
- app/assets/stylesheets/auther/application.
|
259
|
-
- app/
|
300
|
+
- app/assets/stylesheets/auther/application.scss
|
301
|
+
- app/assets/stylesheets/auther/foundation_and_overrides.scss
|
302
|
+
- app/controllers/auther/base_controller.rb
|
260
303
|
- app/controllers/auther/session_controller.rb
|
261
304
|
- app/helpers/auther/application_helper.rb
|
262
305
|
- app/models/auther/account.rb
|