auther 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/README.md +47 -9
- data/app/assets/javascripts/auther/application.js +5 -0
- data/app/assets/stylesheets/auther/application.scss +1 -0
- data/app/assets/stylesheets/auther/foundation_and_overrides.scss +1191 -0
- data/app/controllers/auther/base_controller.rb +79 -0
- data/app/controllers/auther/session_controller.rb +4 -52
- data/app/models/auther/account.rb +44 -3
- data/app/views/auther/session/new.html.slim +31 -20
- data/app/views/layouts/auther/auth.html.slim +12 -9
- data/lib/auther/engine.rb +12 -0
- data/lib/auther/gatekeeper.rb +27 -17
- data/lib/auther/version.rb +1 -1
- metadata +47 -4
- metadata.gz.sig +0 -0
- data/app/assets/stylesheets/auther/application.css.scss +0 -45
- data/app/controllers/auther/application_controller.rb +0 -4
@@ -0,0 +1,79 @@
|
|
1
|
+
module Auther
|
2
|
+
class BaseController < ActionController::Base
|
3
|
+
def show
|
4
|
+
redirect_to settings[:auth_url]
|
5
|
+
end
|
6
|
+
|
7
|
+
def new
|
8
|
+
@account = Auther::Account.new
|
9
|
+
end
|
10
|
+
|
11
|
+
def create
|
12
|
+
if account.valid?
|
13
|
+
store_credentials
|
14
|
+
redirect_to session["auther_redirect_url"] || '/'
|
15
|
+
else
|
16
|
+
remove_credentials account.name
|
17
|
+
render template: new_template_path
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def destroy
|
22
|
+
remove_credentials params[:name]
|
23
|
+
redirect_to settings[:auth_url]
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def load_title
|
29
|
+
@title = settings[:title]
|
30
|
+
end
|
31
|
+
|
32
|
+
def load_label
|
33
|
+
@label = settings[:label]
|
34
|
+
end
|
35
|
+
|
36
|
+
def settings
|
37
|
+
Rails.application.config.auther_settings
|
38
|
+
end
|
39
|
+
|
40
|
+
def account
|
41
|
+
account_params = params.fetch :account
|
42
|
+
account_settings = find_account account_params.fetch(:name)
|
43
|
+
|
44
|
+
@account ||= Auther::Account.new name: account_params.fetch(:name),
|
45
|
+
login: account_params.fetch(:login),
|
46
|
+
secure_login: account_settings.fetch(:login),
|
47
|
+
password: account_params.fetch(:password),
|
48
|
+
secure_password: account_settings.fetch(:password),
|
49
|
+
secret: settings.fetch(:secret)
|
50
|
+
end
|
51
|
+
|
52
|
+
def name_options
|
53
|
+
@name_options = settings.fetch(:accounts).map do |account|
|
54
|
+
name = account.fetch :name
|
55
|
+
[name.capitalize, name]
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def new_template_path
|
60
|
+
raise NotImplementedError, "The method, #new_template_path, is not implemented."
|
61
|
+
end
|
62
|
+
|
63
|
+
def find_account name
|
64
|
+
settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
|
65
|
+
end
|
66
|
+
|
67
|
+
def store_credentials
|
68
|
+
keymaster = Auther::Keymaster.new account.name
|
69
|
+
session[keymaster.login_key] = account.secure_login
|
70
|
+
session[keymaster.password_key] = account.secure_password
|
71
|
+
end
|
72
|
+
|
73
|
+
def remove_credentials name
|
74
|
+
keymaster = Auther::Keymaster.new name
|
75
|
+
session.delete keymaster.login_key
|
76
|
+
session.delete keymaster.password_key
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
@@ -1,59 +1,11 @@
|
|
1
|
-
class Auther::SessionController <
|
1
|
+
class Auther::SessionController < Auther::BaseController
|
2
2
|
layout "auther/auth"
|
3
|
+
before_filter :load_title, :load_label
|
3
4
|
before_filter :name_options, only: [:new, :create]
|
4
5
|
|
5
|
-
def show
|
6
|
-
redirect_to action: :new
|
7
|
-
end
|
8
|
-
|
9
|
-
def new
|
10
|
-
@account = Auther::Account.new
|
11
|
-
end
|
12
|
-
|
13
|
-
def create
|
14
|
-
account_params = params.fetch(:account)
|
15
|
-
@account = Auther::Account.new find_account(account_params.fetch(:name))
|
16
|
-
|
17
|
-
if @account.valid?
|
18
|
-
store_credentials @account, account_params.fetch(:login), account_params.fetch(:password)
|
19
|
-
redirect_to session["auther_redirect_url"] || '/'
|
20
|
-
else
|
21
|
-
render template: "auther/session/new"
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
|
-
def destroy
|
26
|
-
remove_credentials params[:name]
|
27
|
-
redirect_to action: :new
|
28
|
-
end
|
29
|
-
|
30
6
|
private
|
31
7
|
|
32
|
-
def
|
33
|
-
|
34
|
-
end
|
35
|
-
|
36
|
-
def name_options
|
37
|
-
@name_options = settings.fetch(:accounts).map do |account|
|
38
|
-
name = account.fetch :name
|
39
|
-
[name.capitalize, name]
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
def find_account name
|
44
|
-
settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
|
45
|
-
end
|
46
|
-
|
47
|
-
def store_credentials account, login, password
|
48
|
-
keymaster = Auther::Keymaster.new account.name
|
49
|
-
cipher = Auther::Cipher.new settings.fetch(:secret)
|
50
|
-
session[keymaster.login_key] = cipher.encrypt login
|
51
|
-
session[keymaster.password_key] = cipher.encrypt password
|
52
|
-
end
|
53
|
-
|
54
|
-
def remove_credentials name
|
55
|
-
keymaster = Auther::Keymaster.new name
|
56
|
-
session.delete keymaster.login_key
|
57
|
-
session.delete keymaster.password_key
|
8
|
+
def new_template_path
|
9
|
+
"auther/session/new"
|
58
10
|
end
|
59
11
|
end
|
@@ -2,16 +2,57 @@ module Auther
|
|
2
2
|
class Account
|
3
3
|
include ActiveModel::Validations
|
4
4
|
|
5
|
-
attr_accessor :name, :login, :password, :paths
|
5
|
+
attr_accessor :name, :login, :secure_login, :password, :secure_password, :paths
|
6
6
|
|
7
|
-
validates :name,
|
7
|
+
validates :name, presence: true
|
8
8
|
validates :paths, presence: {unless: lambda { |account| account.paths.is_a? Array }, message: "must be an array"}
|
9
9
|
|
10
|
-
def initialize name: nil, login: nil, password: nil, paths: []
|
10
|
+
def initialize name: nil, login: nil, secure_login: nil, password: nil, secure_password: nil, paths: [], secret: nil
|
11
11
|
@name = name
|
12
12
|
@login = login
|
13
|
+
@secure_login = secure_login
|
13
14
|
@password = password
|
15
|
+
@secure_password = secure_password
|
14
16
|
@paths = paths
|
17
|
+
@secret = secret
|
18
|
+
end
|
19
|
+
|
20
|
+
def valid?
|
21
|
+
super && authorized_login? && authorized_password?
|
22
|
+
end
|
23
|
+
|
24
|
+
def invalid?
|
25
|
+
!valid?
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def secret
|
31
|
+
@secret
|
32
|
+
end
|
33
|
+
|
34
|
+
def decrypt attribute
|
35
|
+
if attribute.present? && secret.present?
|
36
|
+
cipher = Auther::Cipher.new secret
|
37
|
+
cipher.decrypt attribute
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def authorized? attribute, secure_attribute, error_name
|
42
|
+
if attribute == decrypt(secure_attribute)
|
43
|
+
true
|
44
|
+
else
|
45
|
+
errors.add error_name, "is invalid"
|
46
|
+
false
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def authorized_login?
|
51
|
+
authorized? login, secure_login, "login"
|
52
|
+
end
|
53
|
+
|
54
|
+
def authorized_password?
|
55
|
+
authorized? password, secure_password, "password"
|
15
56
|
end
|
16
57
|
end
|
17
58
|
end
|
@@ -1,25 +1,36 @@
|
|
1
|
+
- content_for(:title) { @title }
|
2
|
+
|
1
3
|
= form_for @account, as: :account, url: "/auther/session", html: {class: "auther-form"} do |form|
|
2
|
-
.
|
3
|
-
|
4
|
+
.small-12
|
5
|
+
.row
|
6
|
+
h1.text-center = @label
|
4
7
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
8
|
+
.row
|
9
|
+
.small-8
|
10
|
+
.row
|
11
|
+
.small-6.columns
|
12
|
+
= form.label :login, "Login:", class: "inline right"
|
13
|
+
.small-6.columns
|
14
|
+
= form.text_field :login
|
10
15
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
+
.row
|
17
|
+
.small-8
|
18
|
+
.row
|
19
|
+
.small-6.columns
|
20
|
+
= form.label :password, "Password:", class: "inline right"
|
21
|
+
.small-6.columns
|
22
|
+
= form.password_field :password
|
16
23
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
24
|
+
.row
|
25
|
+
.small-8
|
26
|
+
.row
|
27
|
+
.small-6.columns
|
28
|
+
= form.label :name, "Account:", class: "inline right"
|
29
|
+
.small-6.columns
|
30
|
+
= form.select :name, @name_options
|
22
31
|
|
23
|
-
|
24
|
-
|
25
|
-
|
32
|
+
.row
|
33
|
+
.small-8
|
34
|
+
.row
|
35
|
+
.small-6.right
|
36
|
+
= form.submit "Login", class: "button round expand"
|
@@ -1,10 +1,13 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
1
|
+
doctype html
|
2
|
+
html lang="en"
|
3
|
+
head
|
4
|
+
meta charset="utf-8"
|
5
|
+
meta name="viewport" content="width=device-width, initial-scale=1.0"
|
6
|
+
title = yield :title
|
5
7
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
8
|
+
= stylesheet_link_tag "auther/application", media: "all"
|
9
|
+
= javascript_include_tag :modernizr
|
10
|
+
= csrf_meta_tags
|
11
|
+
body
|
12
|
+
= yield
|
13
|
+
= javascript_include_tag "auther/application"
|
data/lib/auther/engine.rb
CHANGED
@@ -5,7 +5,19 @@ module Auther
|
|
5
5
|
# Set defaults. Can be overwritten in app config.
|
6
6
|
config.auther_settings = {}
|
7
7
|
|
8
|
+
# Add jQuery assets.
|
9
|
+
jquery_gem_path = Gem.loaded_specs["jquery-rails"].full_gem_path
|
10
|
+
config.assets.paths << "#{jquery_gem_path}/vendor/assets/javascripts"
|
11
|
+
|
12
|
+
# Add Zurb Foundation assets.
|
13
|
+
foundation_gem_path = Gem.loaded_specs["foundation-rails"].full_gem_path
|
14
|
+
config.assets.paths << "#{foundation_gem_path}/vendor/assets/stylesheets"
|
15
|
+
config.assets.paths << "#{foundation_gem_path}/vendor/assets/javascripts"
|
16
|
+
|
8
17
|
initializer "auther.initialize" do |app|
|
18
|
+
# Configure log filter parameters.
|
19
|
+
app.config.filter_parameters += [:login, :password]
|
20
|
+
|
9
21
|
# Initialize Gatekeeper middleware.
|
10
22
|
app.config.app_middleware.use Auther::Gatekeeper, app.config.auther_settings
|
11
23
|
end
|
data/lib/auther/gatekeeper.rb
CHANGED
@@ -1,30 +1,41 @@
|
|
1
1
|
module Auther
|
2
2
|
class Gatekeeper
|
3
|
-
attr_reader :application, :settings
|
3
|
+
attr_reader :application, :environment, :settings
|
4
4
|
|
5
5
|
def initialize application, settings = []
|
6
6
|
@application = application
|
7
7
|
@settings = settings
|
8
8
|
end
|
9
9
|
|
10
|
-
def call
|
11
|
-
|
12
|
-
request_path = env["PATH_INFO"]
|
10
|
+
def call environment
|
11
|
+
@environment = environment
|
13
12
|
|
14
|
-
if authorized?(
|
15
|
-
application.call
|
13
|
+
if authorized?(request.path)
|
14
|
+
application.call environment
|
16
15
|
else
|
17
|
-
session[Auther::Keymaster.redirect_url_key] =
|
18
|
-
|
19
|
-
|
20
|
-
|
16
|
+
session[Auther::Keymaster.redirect_url_key] = request.path
|
17
|
+
denied_response = response
|
18
|
+
denied_response.redirect settings[:auth_url]
|
19
|
+
denied_response.finish
|
21
20
|
end
|
22
21
|
end
|
23
22
|
|
24
23
|
private
|
25
24
|
|
26
|
-
def
|
27
|
-
|
25
|
+
def session
|
26
|
+
environment.fetch "rack.session"
|
27
|
+
end
|
28
|
+
|
29
|
+
def request
|
30
|
+
Rack::Request.new environment
|
31
|
+
end
|
32
|
+
|
33
|
+
def response
|
34
|
+
status, headers, body = application.call environment
|
35
|
+
Rack::Response.new body, status, headers
|
36
|
+
end
|
37
|
+
|
38
|
+
def find_account
|
28
39
|
session["auther_init"] = true # Force session to initialize.
|
29
40
|
account_name = Auther::Keymaster.get_account_name session
|
30
41
|
settings.fetch(:accounts).select { |account| account.fetch(:name) == account_name }.first
|
@@ -39,8 +50,7 @@ module Auther
|
|
39
50
|
account.fetch(:paths).include? path
|
40
51
|
end
|
41
52
|
|
42
|
-
def authenticated?
|
43
|
-
session = env.fetch "rack.session"
|
53
|
+
def authenticated? account
|
44
54
|
keymaster = Auther::Keymaster.new account.fetch(:name)
|
45
55
|
cipher = Auther::Cipher.new settings.fetch(:secret)
|
46
56
|
|
@@ -56,10 +66,10 @@ module Auther
|
|
56
66
|
end
|
57
67
|
end
|
58
68
|
|
59
|
-
def authorized?
|
69
|
+
def authorized? path
|
60
70
|
if blacklisted_path?(path)
|
61
|
-
account = find_account
|
62
|
-
account && authenticated?(
|
71
|
+
account = find_account
|
72
|
+
account && authenticated?(account) && !blacklisted_account?(account, path)
|
63
73
|
else
|
64
74
|
true
|
65
75
|
end
|
data/lib/auther/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: auther
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brooke Kuhlmann
|
@@ -30,7 +30,7 @@ cert_chain:
|
|
30
30
|
SJpzzzZ8gO6BKn4fhd+ENNQ333Qy3nuNk07TVIaNnlgeHhowUDuD9T7Z8Lka0pt3
|
31
31
|
4PteiTppsf0SSVAM9zSO5IuFngXMRwWgvjOfXE70f43RDuUVTCSyylc=
|
32
32
|
-----END CERTIFICATE-----
|
33
|
-
date: 2014-01-
|
33
|
+
date: 2014-01-20 00:00:00.000000000 Z
|
34
34
|
dependencies:
|
35
35
|
- !ruby/object:Gem::Dependency
|
36
36
|
name: rails
|
@@ -74,6 +74,48 @@ dependencies:
|
|
74
74
|
- - "~>"
|
75
75
|
- !ruby/object:Gem::Version
|
76
76
|
version: '4.0'
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: jquery-rails
|
79
|
+
requirement: !ruby/object:Gem::Requirement
|
80
|
+
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '3.0'
|
84
|
+
type: :runtime
|
85
|
+
prerelease: false
|
86
|
+
version_requirements: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - "~>"
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '3.0'
|
91
|
+
- !ruby/object:Gem::Dependency
|
92
|
+
name: modernizr-rails
|
93
|
+
requirement: !ruby/object:Gem::Requirement
|
94
|
+
requirements:
|
95
|
+
- - "~>"
|
96
|
+
- !ruby/object:Gem::Version
|
97
|
+
version: '2.7'
|
98
|
+
type: :runtime
|
99
|
+
prerelease: false
|
100
|
+
version_requirements: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - "~>"
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '2.7'
|
105
|
+
- !ruby/object:Gem::Dependency
|
106
|
+
name: foundation-rails
|
107
|
+
requirement: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - "~>"
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: '5.0'
|
112
|
+
type: :runtime
|
113
|
+
prerelease: false
|
114
|
+
version_requirements: !ruby/object:Gem::Requirement
|
115
|
+
requirements:
|
116
|
+
- - "~>"
|
117
|
+
- !ruby/object:Gem::Version
|
118
|
+
version: '5.0'
|
77
119
|
- !ruby/object:Gem::Dependency
|
78
120
|
name: rake
|
79
121
|
requirement: !ruby/object:Gem::Requirement
|
@@ -255,8 +297,9 @@ files:
|
|
255
297
|
- LICENSE.md
|
256
298
|
- README.md
|
257
299
|
- app/assets/javascripts/auther/application.js
|
258
|
-
- app/assets/stylesheets/auther/application.
|
259
|
-
- app/
|
300
|
+
- app/assets/stylesheets/auther/application.scss
|
301
|
+
- app/assets/stylesheets/auther/foundation_and_overrides.scss
|
302
|
+
- app/controllers/auther/base_controller.rb
|
260
303
|
- app/controllers/auther/session_controller.rb
|
261
304
|
- app/helpers/auther/application_helper.rb
|
262
305
|
- app/models/auther/account.rb
|