auther 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,79 @@
1
+ module Auther
2
+ class BaseController < ActionController::Base
3
+ def show
4
+ redirect_to settings[:auth_url]
5
+ end
6
+
7
+ def new
8
+ @account = Auther::Account.new
9
+ end
10
+
11
+ def create
12
+ if account.valid?
13
+ store_credentials
14
+ redirect_to session["auther_redirect_url"] || '/'
15
+ else
16
+ remove_credentials account.name
17
+ render template: new_template_path
18
+ end
19
+ end
20
+
21
+ def destroy
22
+ remove_credentials params[:name]
23
+ redirect_to settings[:auth_url]
24
+ end
25
+
26
+ private
27
+
28
+ def load_title
29
+ @title = settings[:title]
30
+ end
31
+
32
+ def load_label
33
+ @label = settings[:label]
34
+ end
35
+
36
+ def settings
37
+ Rails.application.config.auther_settings
38
+ end
39
+
40
+ def account
41
+ account_params = params.fetch :account
42
+ account_settings = find_account account_params.fetch(:name)
43
+
44
+ @account ||= Auther::Account.new name: account_params.fetch(:name),
45
+ login: account_params.fetch(:login),
46
+ secure_login: account_settings.fetch(:login),
47
+ password: account_params.fetch(:password),
48
+ secure_password: account_settings.fetch(:password),
49
+ secret: settings.fetch(:secret)
50
+ end
51
+
52
+ def name_options
53
+ @name_options = settings.fetch(:accounts).map do |account|
54
+ name = account.fetch :name
55
+ [name.capitalize, name]
56
+ end
57
+ end
58
+
59
+ def new_template_path
60
+ raise NotImplementedError, "The method, #new_template_path, is not implemented."
61
+ end
62
+
63
+ def find_account name
64
+ settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
65
+ end
66
+
67
+ def store_credentials
68
+ keymaster = Auther::Keymaster.new account.name
69
+ session[keymaster.login_key] = account.secure_login
70
+ session[keymaster.password_key] = account.secure_password
71
+ end
72
+
73
+ def remove_credentials name
74
+ keymaster = Auther::Keymaster.new name
75
+ session.delete keymaster.login_key
76
+ session.delete keymaster.password_key
77
+ end
78
+ end
79
+ end
@@ -1,59 +1,11 @@
1
- class Auther::SessionController < ApplicationController
1
+ class Auther::SessionController < Auther::BaseController
2
2
  layout "auther/auth"
3
+ before_filter :load_title, :load_label
3
4
  before_filter :name_options, only: [:new, :create]
4
5
 
5
- def show
6
- redirect_to action: :new
7
- end
8
-
9
- def new
10
- @account = Auther::Account.new
11
- end
12
-
13
- def create
14
- account_params = params.fetch(:account)
15
- @account = Auther::Account.new find_account(account_params.fetch(:name))
16
-
17
- if @account.valid?
18
- store_credentials @account, account_params.fetch(:login), account_params.fetch(:password)
19
- redirect_to session["auther_redirect_url"] || '/'
20
- else
21
- render template: "auther/session/new"
22
- end
23
- end
24
-
25
- def destroy
26
- remove_credentials params[:name]
27
- redirect_to action: :new
28
- end
29
-
30
6
  private
31
7
 
32
- def settings
33
- Rails.application.config.auther_settings
34
- end
35
-
36
- def name_options
37
- @name_options = settings.fetch(:accounts).map do |account|
38
- name = account.fetch :name
39
- [name.capitalize, name]
40
- end
41
- end
42
-
43
- def find_account name
44
- settings.fetch(:accounts).select { |account| account.fetch(:name) == name }.first
45
- end
46
-
47
- def store_credentials account, login, password
48
- keymaster = Auther::Keymaster.new account.name
49
- cipher = Auther::Cipher.new settings.fetch(:secret)
50
- session[keymaster.login_key] = cipher.encrypt login
51
- session[keymaster.password_key] = cipher.encrypt password
52
- end
53
-
54
- def remove_credentials name
55
- keymaster = Auther::Keymaster.new name
56
- session.delete keymaster.login_key
57
- session.delete keymaster.password_key
8
+ def new_template_path
9
+ "auther/session/new"
58
10
  end
59
11
  end
@@ -2,16 +2,57 @@ module Auther
2
2
  class Account
3
3
  include ActiveModel::Validations
4
4
 
5
- attr_accessor :name, :login, :password, :paths
5
+ attr_accessor :name, :login, :secure_login, :password, :secure_password, :paths
6
6
 
7
- validates :name, :login, :password, presence: true
7
+ validates :name, presence: true
8
8
  validates :paths, presence: {unless: lambda { |account| account.paths.is_a? Array }, message: "must be an array"}
9
9
 
10
- def initialize name: nil, login: nil, password: nil, paths: []
10
+ def initialize name: nil, login: nil, secure_login: nil, password: nil, secure_password: nil, paths: [], secret: nil
11
11
  @name = name
12
12
  @login = login
13
+ @secure_login = secure_login
13
14
  @password = password
15
+ @secure_password = secure_password
14
16
  @paths = paths
17
+ @secret = secret
18
+ end
19
+
20
+ def valid?
21
+ super && authorized_login? && authorized_password?
22
+ end
23
+
24
+ def invalid?
25
+ !valid?
26
+ end
27
+
28
+ private
29
+
30
+ def secret
31
+ @secret
32
+ end
33
+
34
+ def decrypt attribute
35
+ if attribute.present? && secret.present?
36
+ cipher = Auther::Cipher.new secret
37
+ cipher.decrypt attribute
38
+ end
39
+ end
40
+
41
+ def authorized? attribute, secure_attribute, error_name
42
+ if attribute == decrypt(secure_attribute)
43
+ true
44
+ else
45
+ errors.add error_name, "is invalid"
46
+ false
47
+ end
48
+ end
49
+
50
+ def authorized_login?
51
+ authorized? login, secure_login, "login"
52
+ end
53
+
54
+ def authorized_password?
55
+ authorized? password, secure_password, "password"
15
56
  end
16
57
  end
17
58
  end
@@ -1,25 +1,36 @@
1
+ - content_for(:title) { @title }
2
+
1
3
  = form_for @account, as: :account, url: "/auther/session", html: {class: "auther-form"} do |form|
2
- .row
3
- h1.title Authorization
4
+ .small-12
5
+ .row
6
+ h1.text-center = @label
4
7
 
5
- .row
6
- .label
7
- = form.label :login, "Login:"
8
- .input
9
- = form.text_field :login
8
+ .row
9
+ .small-8
10
+ .row
11
+ .small-6.columns
12
+ = form.label :login, "Login:", class: "inline right"
13
+ .small-6.columns
14
+ = form.text_field :login
10
15
 
11
- .row
12
- .label
13
- = form.label :password, "Password:"
14
- .input
15
- = form.password_field :password
16
+ .row
17
+ .small-8
18
+ .row
19
+ .small-6.columns
20
+ = form.label :password, "Password:", class: "inline right"
21
+ .small-6.columns
22
+ = form.password_field :password
16
23
 
17
- .row
18
- .label
19
- = form.label :name, "Account:"
20
- .input
21
- = form.select :name, @name_options
24
+ .row
25
+ .small-8
26
+ .row
27
+ .small-6.columns
28
+ = form.label :name, "Account:", class: "inline right"
29
+ .small-6.columns
30
+ = form.select :name, @name_options
22
31
 
23
- .row
24
- .actions
25
- = form.submit "Login"
32
+ .row
33
+ .small-8
34
+ .row
35
+ .small-6.right
36
+ = form.submit "Login", class: "button round expand"
@@ -1,10 +1,13 @@
1
- head
2
- meta charset="utf-8"
3
- meta name="viewport" content="width=device-width, initial-scale=1.0"
4
- title Authorization
1
+ doctype html
2
+ html lang="en"
3
+ head
4
+ meta charset="utf-8"
5
+ meta name="viewport" content="width=device-width, initial-scale=1.0"
6
+ title = yield :title
5
7
 
6
- = stylesheet_link_tag "auther/application", media: "all"
7
- = csrf_meta_tags
8
- body
9
- = yield
10
- = javascript_include_tag "auther/application"
8
+ = stylesheet_link_tag "auther/application", media: "all"
9
+ = javascript_include_tag :modernizr
10
+ = csrf_meta_tags
11
+ body
12
+ = yield
13
+ = javascript_include_tag "auther/application"
@@ -5,7 +5,19 @@ module Auther
5
5
  # Set defaults. Can be overwritten in app config.
6
6
  config.auther_settings = {}
7
7
 
8
+ # Add jQuery assets.
9
+ jquery_gem_path = Gem.loaded_specs["jquery-rails"].full_gem_path
10
+ config.assets.paths << "#{jquery_gem_path}/vendor/assets/javascripts"
11
+
12
+ # Add Zurb Foundation assets.
13
+ foundation_gem_path = Gem.loaded_specs["foundation-rails"].full_gem_path
14
+ config.assets.paths << "#{foundation_gem_path}/vendor/assets/stylesheets"
15
+ config.assets.paths << "#{foundation_gem_path}/vendor/assets/javascripts"
16
+
8
17
  initializer "auther.initialize" do |app|
18
+ # Configure log filter parameters.
19
+ app.config.filter_parameters += [:login, :password]
20
+
9
21
  # Initialize Gatekeeper middleware.
10
22
  app.config.app_middleware.use Auther::Gatekeeper, app.config.auther_settings
11
23
  end
@@ -1,30 +1,41 @@
1
1
  module Auther
2
2
  class Gatekeeper
3
- attr_reader :application, :settings
3
+ attr_reader :application, :environment, :settings
4
4
 
5
5
  def initialize application, settings = []
6
6
  @application = application
7
7
  @settings = settings
8
8
  end
9
9
 
10
- def call env
11
- session = env.fetch "rack.session"
12
- request_path = env["PATH_INFO"]
10
+ def call environment
11
+ @environment = environment
13
12
 
14
- if authorized?(env, request_path)
15
- application.call env
13
+ if authorized?(request.path)
14
+ application.call environment
16
15
  else
17
- session[Auther::Keymaster.redirect_url_key] = request_path
18
- response = Rack::Response.new
19
- response.redirect settings[:auth_url]
20
- response.finish
16
+ session[Auther::Keymaster.redirect_url_key] = request.path
17
+ denied_response = response
18
+ denied_response.redirect settings[:auth_url]
19
+ denied_response.finish
21
20
  end
22
21
  end
23
22
 
24
23
  private
25
24
 
26
- def find_account env
27
- session = env.fetch "rack.session"
25
+ def session
26
+ environment.fetch "rack.session"
27
+ end
28
+
29
+ def request
30
+ Rack::Request.new environment
31
+ end
32
+
33
+ def response
34
+ status, headers, body = application.call environment
35
+ Rack::Response.new body, status, headers
36
+ end
37
+
38
+ def find_account
28
39
  session["auther_init"] = true # Force session to initialize.
29
40
  account_name = Auther::Keymaster.get_account_name session
30
41
  settings.fetch(:accounts).select { |account| account.fetch(:name) == account_name }.first
@@ -39,8 +50,7 @@ module Auther
39
50
  account.fetch(:paths).include? path
40
51
  end
41
52
 
42
- def authenticated? env, account
43
- session = env.fetch "rack.session"
53
+ def authenticated? account
44
54
  keymaster = Auther::Keymaster.new account.fetch(:name)
45
55
  cipher = Auther::Cipher.new settings.fetch(:secret)
46
56
 
@@ -56,10 +66,10 @@ module Auther
56
66
  end
57
67
  end
58
68
 
59
- def authorized? env, path
69
+ def authorized? path
60
70
  if blacklisted_path?(path)
61
- account = find_account env
62
- account && authenticated?(env, account) && !blacklisted_account?(account, path)
71
+ account = find_account
72
+ account && authenticated?(account) && !blacklisted_account?(account, path)
63
73
  else
64
74
  true
65
75
  end
@@ -1,3 +1,3 @@
1
1
  module Auther
2
- VERSION = "0.2.0"
2
+ VERSION = "0.3.0"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: auther
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Brooke Kuhlmann
@@ -30,7 +30,7 @@ cert_chain:
30
30
  SJpzzzZ8gO6BKn4fhd+ENNQ333Qy3nuNk07TVIaNnlgeHhowUDuD9T7Z8Lka0pt3
31
31
  4PteiTppsf0SSVAM9zSO5IuFngXMRwWgvjOfXE70f43RDuUVTCSyylc=
32
32
  -----END CERTIFICATE-----
33
- date: 2014-01-13 00:00:00.000000000 Z
33
+ date: 2014-01-20 00:00:00.000000000 Z
34
34
  dependencies:
35
35
  - !ruby/object:Gem::Dependency
36
36
  name: rails
@@ -74,6 +74,48 @@ dependencies:
74
74
  - - "~>"
75
75
  - !ruby/object:Gem::Version
76
76
  version: '4.0'
77
+ - !ruby/object:Gem::Dependency
78
+ name: jquery-rails
79
+ requirement: !ruby/object:Gem::Requirement
80
+ requirements:
81
+ - - "~>"
82
+ - !ruby/object:Gem::Version
83
+ version: '3.0'
84
+ type: :runtime
85
+ prerelease: false
86
+ version_requirements: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - "~>"
89
+ - !ruby/object:Gem::Version
90
+ version: '3.0'
91
+ - !ruby/object:Gem::Dependency
92
+ name: modernizr-rails
93
+ requirement: !ruby/object:Gem::Requirement
94
+ requirements:
95
+ - - "~>"
96
+ - !ruby/object:Gem::Version
97
+ version: '2.7'
98
+ type: :runtime
99
+ prerelease: false
100
+ version_requirements: !ruby/object:Gem::Requirement
101
+ requirements:
102
+ - - "~>"
103
+ - !ruby/object:Gem::Version
104
+ version: '2.7'
105
+ - !ruby/object:Gem::Dependency
106
+ name: foundation-rails
107
+ requirement: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - "~>"
110
+ - !ruby/object:Gem::Version
111
+ version: '5.0'
112
+ type: :runtime
113
+ prerelease: false
114
+ version_requirements: !ruby/object:Gem::Requirement
115
+ requirements:
116
+ - - "~>"
117
+ - !ruby/object:Gem::Version
118
+ version: '5.0'
77
119
  - !ruby/object:Gem::Dependency
78
120
  name: rake
79
121
  requirement: !ruby/object:Gem::Requirement
@@ -255,8 +297,9 @@ files:
255
297
  - LICENSE.md
256
298
  - README.md
257
299
  - app/assets/javascripts/auther/application.js
258
- - app/assets/stylesheets/auther/application.css.scss
259
- - app/controllers/auther/application_controller.rb
300
+ - app/assets/stylesheets/auther/application.scss
301
+ - app/assets/stylesheets/auther/foundation_and_overrides.scss
302
+ - app/controllers/auther/base_controller.rb
260
303
  - app/controllers/auther/session_controller.rb
261
304
  - app/helpers/auther/application_helper.rb
262
305
  - app/models/auther/account.rb