auther 10.2.2 → 11.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 32547d6c3a2597c9d6e1a1d0dc0718c048b93789cbbf959ef64981b7987019db
-  data.tar.gz: af955de27027b76bb27936574e2accdd247fbedc7c3b533b034326b3642210e0
+  metadata.gz: dbd0ee00b8f8fab0f81b2ac0457c43330a5b4816d5ed12bae73d63fd0a58479f
+  data.tar.gz: bc6f67e62676d69904ed282508c6b54fe9eeec82ed040639ab5a8eec03a305f7
 SHA512:
-  metadata.gz: 35434a38a9f57cd5f3ac2e7b985c7bc845403fc50c7a9f8cdefbc49d13dd448dcc4ed7796533be8dc3c89d29157a404761c566948c8dadf6718fa264b267d7b1
-  data.tar.gz: 49d587c3660bf922b60495fdc85d4ccf9a29f029e2c83e987e433f7351b2284d152caeefd572704c3cd177d6918db90fdaaccd7897a24a22fc147369f45a341f
+  metadata.gz: 01bc552384bc51754c651231ddc6913cce5b12783f09556fa2a1080b3ef2339501ee362c9d1e83567165b349ee6840e11e7d2c107926f2aea325224b36d8f00e
+  data.tar.gz: c71b34c77ed24855bc04da513bd0fcc4af224c6afba9437075e058032180a1a882437e402afcb404b32bdb90ee12d6239e699d60227b220c056bb43ff991fb9b

data/{LICENSE.md → LICENSE.adoc}

@@ -1,4 +1,4 @@
-# Apache License
+= Apache License
 
 Version 2.0, January 2004
 
@@ -6,7 +6,7 @@ http://www.apache.org/licenses
 
 TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
-## 1. Definitions
+== 1. Definitions
 
 "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by
 Sections 1 through 9 of this document.
@@ -54,14 +54,14 @@ Contribution."
 "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a
 Contribution has been received by Licensor and subsequently incorporated within the Work.
 
-## 2. Grant of Copyright License
+== 2. Grant of Copyright License
 
 Subject to the terms and conditions of this License, each Contributor hereby grants to You a
 perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to
 reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and
 distribute the Work and such Derivative Works in Source or Object form.
 
-## 3. Grant of Patent License
+== 3. Grant of Patent License
 
 Subject to the terms and conditions of this License, each Contributor hereby grants to You a
 perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this
@@ -74,39 +74,38 @@ a Contribution incorporated within the Work constitutes direct or contributory p
 then any patent licenses granted to You under this License for that Work shall terminate as of the
 date such litigation is filed.
 
-## 4. Redistribution
+== 4. Redistribution
 
 You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with
 or without modifications, and in Source or Object form, provided that You meet the following
 conditions:
 
-1. You must give any other recipients of the Work or Derivative Works a copy of this License; and
+. You must give any other recipients of the Work or Derivative Works a copy of this License; and
 
-2. You must cause any modified files to carry prominent notices stating that You changed the
-   files; and
+. You must cause any modified files to carry prominent notices stating that You changed the files;
+  and
 
-3. You must retain, in the Source form of any Derivative Works that You distribute, all copyright,
-   patent, trademark, and attribution notices from the Source form of the Work, excluding those
-   notices that do not pertain to any part of the Derivative Works; and
+. You must retain, in the Source form of any Derivative Works that You distribute, all copyright,
+  patent, trademark, and attribution notices from the Source form of the Work, excluding those
+  notices that do not pertain to any part of the Derivative Works; and
 
-4. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative
-   Works that You distribute must include a readable copy of the attribution notices contained
-   within such NOTICE file, excluding those notices that do not pertain to any part of the
-   Derivative Works, in at least one of the following places: within a NOTICE text file
-   distributed as part of the Derivative Works; within the Source form or documentation, if
-   provided along with the Derivative Works; or, within a display generated by the Derivative
-   Works, if and wherever such third-party notices normally appear. The contents of the NOTICE
-   file are for informational purposes only and do not modify the License. You may add Your own
-   attribution notices within Derivative Works that You distribute, alongside or as an addendum to
-   the NOTICE text from the Work, provided that such additional attribution notices cannot be
-   construed as modifying the License.
+. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works
+  that You distribute must include a readable copy of the attribution notices contained within such
+  NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in
+  at least one of the following places: within a NOTICE text file distributed as part of the
+  Derivative Works; within the Source form or documentation, if provided along with the Derivative
+  Works; or, within a display generated by the Derivative Works, if and wherever such third-party
+  notices normally appear. The contents of the NOTICE file are for informational purposes only and
+  do not modify the License. You may add Your own attribution notices within Derivative Works that
+  You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such
+  additional attribution notices cannot be construed as modifying the License.
 
 You may add Your own copyright statement to Your modifications and may provide additional or
 different license terms and conditions for use, reproduction, or distribution of Your modifications,
 or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of
 the Work otherwise complies with the conditions stated in this License.
 
-## 5. Submission of Contributions
+== 5. Submission of Contributions
 
 Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the
 Work by You to the Licensor shall be under the terms and conditions of this License, without any
@@ -114,13 +113,13 @@ additional terms or conditions. Notwithstanding the above, nothing herein shall
 the terms of any separate license agreement you may have executed with Licensor regarding such
 Contributions.
 
-## 6. Trademarks
+== 6. Trademarks
 
 This License does not grant permission to use the trade names, trademarks, service marks, or product
 names of the Licensor, except as required for reasonable and customary use in describing the origin
 of the Work and reproducing the content of the NOTICE file.
 
-## 7. Disclaimer of Warranty
+== 7. Disclaimer of Warranty
 
 Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each
 Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -129,7 +128,7 @@ TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. Y
 responsible for determining the appropriateness of using or redistributing the Work and assume any
 risks associated with Your exercise of permissions under this License.
 
-## 8. Limitation of Liability
+== 8. Limitation of Liability
 
 In no event and under no legal theory, whether in tort (including negligence), contract, or
 otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or
@@ -139,7 +138,7 @@ License or out of the use or inability to use the Work (including but not limite
 loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial
 damages or losses), even if such Contributor has been advised of the possibility of such damages.
 
-## 9. Accepting Warranty or Additional Liability
+== 9. Accepting Warranty or Additional Liability
 
 While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee
 for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights
@@ -151,11 +150,11 @@ additional liability.
 
 END OF TERMS AND CONDITIONS
 
-Copyright 2014 [Alchemists](https://www.alchemists.io).
+Copyright link:https://www.alchemists.io[Alchemists].
 
 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in
-compliance with the License. You may obtain a [copy](http://www.apache.org/licenses/LICENSE-2.0) of
-the License.
+compliance with the License. You may obtain a link:https://www.apache.org/licenses/LICENSE-2.0[copy]
+of the License.
 
 Unless required by applicable law or agreed to in writing, software distributed under the License is
 distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or

data/README.adoc

@@ -0,0 +1,287 @@
+:toc: macro
+:toclevels: 5
+:figure-caption!:
+
+= Auther
+
+[link=http://badge.fury.io/rb/auther]
+image::https://badge.fury.io/rb/auther.svg[Gem Version]
+[link=https://circleci.com/gh/bkuhlmann/auther]
+image::https://circleci.com/gh/bkuhlmann/auther.svg?style=svg[Circle CI Status]
+
+Provides simple, form-based authentication for apps that need security but don't want to deal with
+the clunky UI of HTTP Basic Authentication or something as heavyweight as
+link:https://github.com/plataformatec/devise[Devise]. It doesn't require a database and is
+compatible with password managers like link:https://agilebits.com/onepassword[1Password] making for
+a pleasant user experience.
+
+toc::[]
+
+== Features
+
+* Supports form-based authentication compatible with password managers like
+  link:https://agilebits.com/onepassword[1Password].
+
+image::https://www.alchemists.io/images/projects/auther/screenshots/form-without_errors.png[Form Without Errors Screenshot]
+image::https://www.alchemists.io/images/projects/auther/screenshots/form-with_errors.png[Form With Errors Screenshot]
+
+* Uses CSS Flexbox for lightweight styling.
+* Uses encrypted account credentials to keep sensitive information secure.
+* Supports multiple accounts with optional path exclude lists.
+* Supports customizable routes, models, presenters, views, controllers, and loggers.
+* Provides a generator for easy install and setup within an existing project.
+* Provides auto-redirection to requested path for verified credentials.
+
+== Requirements
+
+. link:https://www.ruby-lang.org[Ruby]
+. link:https://rubyonrails.org[Ruby on Rails]
+
+== Setup
+
+=== Production
+
+To install, run:
+
+[source,bash]
+----
+gem install auther
+----
+
+Add the following to your Gemfile:
+
+[source,ruby]
+----
+gem "auther"
+----
+
+Run the install generator to configure and initialize your application:
+
+[source,bash]
+----
+rails generate auther:install
+----
+
+Run the credentials generator to generate credentials for your application:
+
+[source,bash]
+----
+rails generate auther:credentials
+----
+
+If using link:https://direnv.net[direnv], for example, you can copy and paste the generated
+credentials into your `.envrc` file. Example:
+
+image::https://www.alchemists.io/images/projects/auther/screenshots/credentials_generator.jpg[Credentials Generator Screenshot]
+
+=== Development
+
+To contribute, run:
+
+[source,bash]
+----
+git clone https://github.com/bkuhlmann/auther.git
+cd auther
+bin/setup
+----
+
+You can also use the IRB console for direct access to all objects:
+
+[source,bash]
+----
+bin/console
+----
+
+== Usage
+
+Launch your Rails application and visit the following: `http://localhost:3000/login`. Enter your
+login and password as used for the `rails generate auther:credentials` generator and you'll be
+logged in.
+
+=== Initializer
+
+The initializer (installed during setup) can be found here: `config/initializers/auther.rb`. The
+initializer comes installed with the following settings:
+
+[source,ruby]
+----
+Rails.application.config.auther_settings = {
+  accounts: [
+    {
+      name: "admin",
+      encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
+      encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
+      paths: ["/admin"]
+    }
+  ],
+  secret: ENV["AUTHER_SECRET"]
+}
+----
+
+To encrypt/decrypt account credentials, launch a rails console and run the following:
+
+[source,ruby]
+----
+# The secret as defined in `auther_settings` and/or produced by the credentials generator.
+secret = SecureRandom.hex 16 # "426a7f46548a1a4518676a8e246517d8"
+
+# The cipher for encrypting/decrypting values.
+cipher = Auther::Cipher.new secret
+
+# Use the following to encrypt an unecrypted value.
+cipher.encrypt "test@test.com"
+
+# Use the following to decrypt an encrypted value.
+cipher.decrypt "hWToltdpl+uZJBPELKNC7Ij++jPkTuo=--nEdbOYL9fIRh14hY--fU+VSCd4+DDOhOmG1gzRfQ=="
+----
+
+The initializer can be customized as follows:
+
+* `title` - Optional. The HTML page title (as rendered within a browser tab). Default:
+  `"Authorization"`.
+* `label` - Optional. The page label (what would appear above the form). Default: `"Authorization"`.
+* `secret` - Required. The secret passphrase used to encrypt/decrypt account credentials.
+* `accounts` - Required. The array of accounts with different or similar access to the application.
+** `name` - Required. The account name that uniquely identifies the account.
+** `encrypted_login` - Required. The encrypted account login.
+** `encrypted_password` - Required. The encrypted account password.
+** `paths` - Required. The array of excluded paths for which only this account has access to.
+** `authorized_url` - Optional. The URL to redirect to upon successful authorization. Authorized
+    redirection works in the order defined:
+*** The excluded path (if requested prior to authorization but now authorized).
+*** The authorized URL (if defined and the excluded path wasn't requested).
+*** The root path (if none of the above).
+** `deauthorized_url` - Optional. The URL to redirect to upon successful deauthorization (i.e.
+    logout). Deauthorized redirections works as follows (in the order defined):
+*** The deauthorized URL (if defined).
+*** The auth URL.
+* `url` - Optional. The URL to redirect to when enforcing authentication. Default: `"/login"`.
+* `logger` - Optional. The logger used to log path/account authorization messages. Default:
+  `Auther::NullLogger`.
+
+=== Routes
+
+The routes can be customized as follows (installed, by default, via the install generator):
+
+[source,ruby]
+----
+Rails.application.routes.draw do
+  mount Auther::Engine => "/auther"
+  get "/login", to: "auther/session#new", as: "login"
+  delete "/logout", to: "auther/session#destroy", as: "logout"
+end
+----
+
+=== Model
+
+The `Auther::Account` is a struct that uses ActiveModel validations to aid in attribute validation.
+This model could potentially be replaced with a database-backed object (would require controller
+customization)...but you should question if you have outgrown the use of this gem and need a
+different solution altogether if it comes to that.
+
+=== Presenter
+
+The `Auther::Presenter::Account` is a plain old Ruby object that uses ActiveModel validations to aid
+in form validation. This presenter makes it easy to construct form data for input and validation.
+
+=== View
+
+The view can be customized by creating the following file within your Rails application (assumes
+that the default `Auther::SessionController` implementation is sufficient):
+`app/views/auther/session/new.html`.
+
+The form uses the `@account` instance variable which is an instance of the
+`Auther::Presenter::Account` presenter (as mentioned above). The form can be stylized by modifying
+the styles found in the `auther.scss` stylesheet.
+
+=== Controller
+
+The `Auther::SessionController` inherits from the `Auther::BaseController`. To customize, it is
+recommended that you add a controller to your app that inherits from the `Auther::BaseController`.
+Example:
+
+[source,ruby]
+----
+# Example Path:  app/controllers/session_controller.rb
+class SessionController < Auther::BaseController
+  layout "example"
+end
+----
+
+This allows customization of session controller behavior to serve any special business needs. See
+the `Auther::BaseController` for additional details or the `Auther::SessionController` for default
+implementation.
+
+=== Logging
+
+As mentioned in the setup above, the logger can be customized as follows:
+
+[source,ruby]
+----
+# This is the default logger silences all logging attempts.
+Auther::NullLogger.new
+
+# Can be used to log to the environment log.
+ActiveSupport::Logger.new "log/#{Rails.env}.log"
+
+# Can be used to log to standard output.
+Logger.new STDOUT
+----
+
+When logging is enabled, you'll be able to see the following information in the server logs to help
+debug custom Auther settings:
+
+* Requested path and excluded path detection.
+* Finding (or not finding) of account.
+* Account authentication pass/fail.
+* Account and path authorization pass/fail.
+
+=== Troubleshooting
+
+* If upgrading Rails, changing the cookie/session settings, generating a new secret base key, etc.
+  this might cause Auther authentication to fail. Make sure to clear your browser cookies in this
+  situation or use Google Chrome (incognito mode) to verify.
+* If the authentication view/form looks broken (stylewise) this could be due to custom
+  `ActionView::Base.field_error_proc` settings defined by your app (usually via an initializer).
+  Auther uses this configuration `ActionView::Base.field_error_proc = proc { |html_tag, _|
+  html_tag.html_safe }` so that no additional markup is added to the DOM when errors are raised. If
+  you have customized this to something else, you might want to read the usage documentation
+  (mentioned above) to rebuild the authentication view/form for your specific business needs.
+
+== Tests
+
+To test, run:
+
+[source,bash]
+----
+bundle exec rake
+----
+
+== Versioning
+
+Read link:https://semver.org[Semantic Versioning] for details. Briefly, it means:
+
+* Major (X.y.z) - Incremented for any backwards incompatible public API changes.
+* Minor (x.Y.z) - Incremented for new, backwards compatible, public API enhancements/fixes.
+* Patch (x.y.Z) - Incremented for small, backwards compatible, bug fixes.
+
+== Code of Conduct
+
+Please note that this project is released with a link:CODE_OF_CONDUCT.adoc[CODE OF CONDUCT]. By
+participating in this project you agree to abide by its terms.
+
+== Contributions
+
+Read link:CONTRIBUTING.adoc[CONTRIBUTING] for details.
+
+== License
+
+Read link:LICENSE.adoc[LICENSE] for details.
+
+== History
+
+Read link:CHANGES.adoc[CHANGES] for details.
+
+== Credits
+
+Engineered by link:https://www.alchemists.io/team/brooke_kuhlmann[Brooke Kuhlmann].

data/app/controllers/auther/base_controller.rb

@@ -6,7 +6,7 @@ module Auther
     protect_from_forgery with: :exception
 
     def show
-      redirect_to settings.auth_url
+      redirect_to settings.url
     end
 
     def new
@@ -15,7 +15,7 @@ module Auther
 
     # rubocop:disable Metrics/AbcSize
     def create
-      @account = Auther::Presenter::Account.new account_params.to_h.symbolize_keys
+      @account = Auther::Presenter::Account.new(**account_params.to_h.symbolize_keys)
       account = Auther::Account[settings.find_account(@account.name)]
       authenticator = Auther::Authenticator.new settings.secret, account, @account
 
@@ -30,7 +30,7 @@ module Auther
     # rubocop:enable Metrics/AbcSize
 
     def destroy
-      account = Auther::Account[settings.find_account(params[:name])]
+      account = Auther::Account[**settings.find_account(params[:name])]
       remove_credentials account
       redirect_to deauthorized_url(account)
     end
@@ -69,7 +69,7 @@ module Auther
     end
 
     def deauthorized_url account
-      account.deauthorized_url || settings.auth_url
+      account.deauthorized_url || settings.url
     end
 
     def store_credentials account

data/lib/auther/authenticator.rb

@@ -36,7 +36,7 @@ module Auther
         account_presenter.errors.add error_name, "is invalid"
         false
       end
-    rescue ActiveSupport::MessageVerifier::InvalidSignature
+    rescue ActiveSupport::MessageEncryptor::InvalidMessage
       log_info %(Authentication failed! Invalid credential(s) for "#{account_model.name}" account.)
       false
     end

data/lib/auther/gatekeeper.rb

@@ -21,7 +21,7 @@ module Auther
       else
         session[Auther::Keymaster.redirect_url_key] = request.path
         denied_response = response
-        denied_response.redirect settings.auth_url
+        denied_response.redirect settings.url
         denied_response.finish
       end
     end
@@ -108,7 +108,7 @@ module Auther
       authenticated = account_authenticated? account
       log_authentication authenticated, account.fetch(:name)
       authenticated
-    rescue ActiveSupport::MessageVerifier::InvalidSignature
+    rescue ActiveSupport::MessageEncryptor::InvalidMessage
       log_info %(Authentication failed! Invalid credential(s) for "#{account.fetch :name}" account.)
       false
     end

data/lib/auther/identity.rb

@@ -3,20 +3,9 @@
 module Auther
   # Gem identity information.
   module Identity
-    def self.name
-      "auther"
-    end
-
-    def self.label
-      "Auther"
-    end
-
-    def self.version
-      "10.2.2"
-    end
-
-    def self.version_label
-      "#{label} #{version}"
-    end
+    NAME = "auther"
+    LABEL = "Auther"
+    VERSION = "11.2.0"
+    VERSION_LABEL = "#{LABEL} #{VERSION}"
   end
 end

data/lib/auther/settings.rb

@@ -2,25 +2,17 @@
 
 module Auther
   # Represents Auther settings.
-  class Settings
-    attr_reader :title, :label, :secret, :accounts, :auth_url, :logger
+  Settings = Struct.new :title, :label, :secret, :accounts, :url, :logger, keyword_init: true do
+    def initialize *arguments
+      super
 
-    # rubocop:disable Metrics/ParameterLists
-    def initialize title: "Authorization",
-                   label: "Authorization",
-                   secret: "",
-                   accounts: [],
-                   auth_url: "/login",
-                   logger: Auther::NullLogger.new(STDOUT)
-
-      @title = title
-      @label = label
-      @secret = secret
-      @accounts = accounts
-      @auth_url = auth_url
-      @logger = logger
+      self[:title] ||= "Authorization"
+      self[:label] ||= "Authorization"
+      self[:secret] ||= ""
+      self[:accounts] ||= []
+      self[:url] ||= "/login"
+      self[:logger] ||= Auther::NullLogger.new STDOUT
     end
-    # rubocop:enable Metrics/ParameterLists
 
     def find_account name
       accounts.find { |account| account.fetch(:name) == name }

data/lib/generators/auther/templates/config/initializers/auther.rb

@@ -2,10 +2,12 @@
 
 Rails.application.config.auther_settings = {
   accounts: [
-    name: "admin",
-    encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
-    encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
-    paths: ["/admin"]
+    {
+      name: "admin",
+      encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
+      encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
+      paths: ["/admin"]
+    }
   ],
   secret: ENV["AUTHER_SECRET"]
 }

metadata

@@ -1,18 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: auther
 version: !ruby/object:Gem::Version
-  version: 10.2.2
+  version: 11.2.0
 platform: ruby
 authors:
 - Brooke Kuhlmann
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
-  MIIC/jCCAeagAwIBAgIBAjANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpicm9v
-  a2UvREM9YWxjaGVtaXN0cy9EQz1pbzAeFw0xOTAyMTcxNjAxMTFaFw0yMDAyMTcx
-  NjAxMTFaMCUxIzAhBgNVBAMMGmJyb29rZS9EQz1hbGNoZW1pc3RzL0RDPWlvMIIB
+  MIIC/jCCAeagAwIBAgIBAzANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDDBpicm9v
+  a2UvREM9YWxjaGVtaXN0cy9EQz1pbzAeFw0yMDAzMTUxNDQ1MzJaFw0yMTAzMTUx
+  NDQ1MzJaMCUxIzAhBgNVBAMMGmJyb29rZS9EQz1hbGNoZW1pc3RzL0RDPWlvMIIB
   IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6l1qpXTiomH1RfMRloyw7MiE
   xyVx/x8Yc3EupdH7uhNaTXQGyORN6aOY//1QXXMHIZ9tW74nZLhesWMSUMYy0XhB
   brs+KkurHnc9FnEJAbG7ebGvl/ncqZt72nQvaxpDxvuCBHgJAz+8i5wl6FhLw+oT
@@ -20,15 +20,15 @@ cert_chain:
   D5vkU0YlAm1r98BymuJlcQ1qdkVEI1d48ph4kcS0S0nv1RiuyVb6TCAR3Nu3VaVq
   3fPzZKJLZBx67UvXdbdicWPiUR75elI4PXpLIic3xytaF52ZJYyKZCNZJhNwfQID
   AQABozkwNzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHQ4EFgQU0nzow9vc
-  2CdikiiE3fJhP/gY4ggwDQYJKoZIhvcNAQELBQADggEBANgfX7kPZkJvsbdWMvbe
-  DUUYxRTqTUzCDpLd2p3sQvgLMKjTNSKt6CFq/kh+98b6RCgO6DqiVfxvOEq02dvf
-  ebMN/ylQqan2FgiAs1rpP0/D4C0MlBjoDktsT+2IyLol1KmkDB20ExJ4Sf1GRNdA
-  hpWOtcgqHtmrc7xzgB6BuyoYufrKKUlCO3ewTM4C375D2qO7hIdKuMOO3CdPMtSk
-  OrWpbzCL+nbbXqeoqiHgZaUvcyyQrGj5sQRxMTzuMXzzQxtHnuTuKrcz16HMTX/O
-  dKvURM+1PwDCzC5tvRwjhUJIizau6+MtkFCvJHmaAj1aZL3odcPejHj5Hxt/0CUW
-  y84=
+  2CdikiiE3fJhP/gY4ggwDQYJKoZIhvcNAQELBQADggEBAIHhAlD3po4sTYqacXaQ
+  XI9jIhrfMy//2PgbHWcETtlJPBeNUbbSNBABcllUHKqYsVDlSvSmss034KSWNR8F
+  bF1GcloicyvcCC4y6IoW4it0COAcdeaaxkxiBSgKdQFpff9REnDlIKK4uQ9lLxIo
+  Y2G5xubiziKZkyfWFuSr67PIjW3Bu673D1JVBArhA1qbgQmYQcy1CkGOjo+iO8Nf
+  7u/QSfBHb+r/bXhKscDgPpnKwbUmvgO2+94zJG9KsrmIydlzYfsD09aXKx0t6Xy4
+  2XV8FRa7/JimI07sPLC13eLY3xd/aYTi85Z782KIA4j0G8XEEWAX0ouBhlXPocZv
+  QWc=
   -----END CERTIFICATE-----
-date: 2019-09-01 00:00:00.000000000 Z
+date: 2020-07-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -36,42 +36,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: sass-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: slim-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '3.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '3.2'
 - !ruby/object:Gem::Dependency
   name: ammeter
   requirement: !ruby/object:Gem::Requirement
@@ -86,34 +86,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
-- !ruby/object:Gem::Dependency
-  name: awesome_print
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.8'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.8'
-- !ruby/object:Gem::Dependency
-  name: bond
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.5'
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -134,28 +106,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.5'
+        version: '14.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '13.5'
+        version: '14.2'
 - !ruby/object:Gem::Dependency
-  name: git-cop
+  name: git-lint
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '1.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '1.0'
 - !ruby/object:Gem::Dependency
   name: guard-rspec
   requirement: !ruby/object:Gem::Requirement
@@ -170,185 +142,171 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '4.7'
-- !ruby/object:Gem::Dependency
-  name: hirb
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.7'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.7'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.2'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
   name: pry-byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.9'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: reek
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.4'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.4'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.8'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.8'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.73'
+        version: '0.83'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.73'
+        version: '0.83'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '1.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '1.5'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.33'
+        version: '0.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.33'
+        version: '0.5'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '1.39'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '1.39'
 - !ruby/object:Gem::Dependency
-  name: wirb
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '0.18'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
-description: 
+        version: '0.18'
+description:
 email:
 - brooke@alchemists.io
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.md
-- LICENSE.md
+- README.adoc
+- LICENSE.adoc
 files:
-- LICENSE.md
-- README.md
+- LICENSE.adoc
+- README.adoc
 - app/assets/stylesheets/auther/application.scss
 - app/assets/stylesheets/auther/auther.scss
 - app/controllers/auther/base_controller.rb
@@ -370,14 +328,15 @@ files:
 - lib/generators/auther/credentials/credentials_generator.rb
 - lib/generators/auther/install/install_generator.rb
 - lib/generators/auther/templates/config/initializers/auther.rb
-homepage: https://github.com/bkuhlmann/auther
+homepage: https://www.alchemists.io/projects/auther
 licenses:
 - Apache-2.0
 metadata:
-  source_code_uri: https://github.com/bkuhlmann/auther
-  changelog_uri: https://github.com/bkuhlmann/auther/blob/master/CHANGES.md
   bug_tracker_uri: https://github.com/bkuhlmann/auther/issues
-post_install_message: 
+  changelog_uri: https://www.alchemists.io/projects/auther/changes.html
+  documentation_uri: https://www.alchemists.io/projects/auther
+  source_code_uri: https://github.com/bkuhlmann/auther
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -385,15 +344,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - "~>"
     - !ruby/object:Gem::Version
-      version: '2.6'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
-signing_key: 
+rubygems_version: 3.1.4
+signing_key:
 specification_version: 4
 summary: Enhances Rails with multi-account, form-based, database-less, application-wide
   authentication.

data/README.md

@@ -1,265 +0,0 @@
-<p align="center">
-  <img src="auther.png" alt="Auther Icon"/>
-</p>
-
-# Auther
-
-[![Gem Version](https://badge.fury.io/rb/auther.svg)](http://badge.fury.io/rb/auther)
-[![Code Climate Maintainability](https://api.codeclimate.com/v1/badges/3172d51796930fcdfad8/maintainability)](https://codeclimate.com/github/bkuhlmann/auther/maintainability)
-[![Code Climate Test Coverage](https://api.codeclimate.com/v1/badges/3172d51796930fcdfad8/test_coverage)](https://codeclimate.com/github/bkuhlmann/auther/test_coverage)
-[![Circle CI Status](https://circleci.com/gh/bkuhlmann/auther.svg?style=svg)](https://circleci.com/gh/bkuhlmann/auther)
-
-Provides simple, form-based authentication for apps that need security but don't want to deal with
-the clunky UI of HTTP Basic Authentication or something as heavyweight as
-[Devise](https://github.com/plataformatec/devise). It doesn't require a database and is compatible
-with password managers like [1Password](https://agilebits.com/onepassword) making for a pleasant
-user experience.
-
-<!-- Tocer[start]: Auto-generated, don't remove. -->
-
-## Table of Contents
-
-  - [Features](#features)
-  - [Requirements](#requirements)
-  - [Setup](#setup)
-  - [Usage](#usage)
-    - [Initializer](#initializer)
-    - [Routes](#routes)
-    - [Model](#model)
-    - [Presenter](#presenter)
-    - [View](#view)
-    - [Controller](#controller)
-    - [Logging](#logging)
-    - [Troubleshooting](#troubleshooting)
-  - [Tests](#tests)
-  - [Versioning](#versioning)
-  - [Code of Conduct](#code-of-conduct)
-  - [Contributions](#contributions)
-  - [License](#license)
-  - [History](#history)
-  - [Credits](#credits)
-
-<!-- Tocer[finish]: Auto-generated, don't remove. -->
-
-## Features
-
-- Supports form-based authentication compatible with password managers like
-  [1Password](https://agilebits.com/onepassword).
-
-![Form Without Errors Screenshot](doc/screenshots/form-without_errors.png)
-![Form With Errors Screenshot](doc/screenshots/form-with_errors.png)
-
-- Uses CSS Flexbox for lightweight styling.
-- Uses encrypted account credentials to keep sensitive information secure.
-- Supports multiple accounts with optional path exclude lists.
-- Supports customizable routes, models, presenters, views, controllers, and loggers.
-- Provides a generator for easy install and setup within an existing project.
-- Provides auto-redirection to requested path for verified credentials.
-
-## Requirements
-
-1. [Ruby 2.6.x](https://www.ruby-lang.org).
-1. [Ruby on Rails 5.x.x](http://rubyonrails.org).
-
-## Setup
-
-Type the following to install:
-
-    gem install auther
-
-Add the following to your Gemfile:
-
-    gem "auther"
-
-Run the install generator to configure and initialize your application:
-
-    rails generate auther:install
-
-Run the credentials generator to generate credentials for your application:
-
-    rails generate auther:credentials
-
-If using [direnv](https://direnv.net), for example, you can copy and paste the generated credentials
-into your `.envrc` file. Example:
-
-![Credentials Generator Screenshot](doc/screenshots/credentials_generator.jpg)
-
-## Usage
-
-Launch your Rails application and visit the following:
-
-    http://localhost:3000/login
-
-Enter your login and password as used for the `rails generate auther:credentials` generator and
-you'll be logged in.
-
-### Initializer
-
-The initializer (installed during setup) can be found here:
-
-    config/initializers/auther.rb
-
-The initializer comes installed with the following settings:
-
-    Rails.application.config.auther_settings = {
-      accounts: [
-        name: "admin",
-        encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
-        encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
-        paths: ["/admin"]
-      ],
-      secret: ENV["AUTHER_SECRET"]
-    }
-
-To encrypt/decrypt account credentials, launch a rails console and run the following:
-
-    # The secret as defined in `auther_settings` and/or produced by the credentials generator.
-    secret = SecureRandom.hex 16 # "426a7f46548a1a4518676a8e246517d8"
-
-    # The cipher for encrypting/decrypting values.
-    cipher = Auther::Cipher.new secret
-
-    # Use the following to encrypt an unecrypted value.
-    cipher.encrypt "test@test.com"
-
-    # Use the following to decrypt an encrypted value.
-    cipher.decrypt "hWToltdpl+uZJBPELKNC7Ij++jPkTuo=--nEdbOYL9fIRh14hY--fU+VSCd4+DDOhOmG1gzRfQ=="
-
-The initializer can be customized as follows:
-
-- *title* - Optional. The HTML page title (as rendered within a browser tab). Default:
-  "Authorization".
-- *label* - Optional. The page label (what would appear above the form). Default: "Authorization".
-- *secret* - Required. The secret passphrase used to encrypt/decrypt account credentials.
-- *accounts* - Required. The array of accounts with different or similar access to the application.
-  - *name* - Required. The account name that uniquely identifies the account.
-  - *encrypted_login* - Required. The encrypted account login.
-  - *encrypted_password* - Required. The encrypted account password.
-  - *paths* - Required. The array of excluded paths for which only this account has access to.
-  - *authorized_url* - Optional. The URL to redirect to upon successful authorization. Authorized
-    redirection works in the order defined:
-    - The excluded path (if requested prior to authorization but now authorized).
-    - The authorized URL (if defined and the excluded path wasn't requested).
-    - The root path (if none of the above).
-  - *deauthorized_url* - Optional. The URL to redirect to upon successful deauthorization (i.e.
-    logout). Deauthorized redirections works as follows (in the order defined):
-    - The deauthorized URL (if defined).
-    - The auth URL.
-- *auth_url* - Optional. The URL to redirect to when enforcing authentication. Default: “/login”.
-- *logger* - Optional. The logger used to log path/account authorization messages. Default:
-  `Auther::NullLogger`.
-
-### Routes
-
-The routes can be customized as follows (installed, by default, via the install generator):
-
-    Rails.application.routes.draw do
-      mount Auther::Engine => "/auther"
-      get "/login", to: "auther/session#new", as: "login"
-      delete "/logout", to: "auther/session#destroy", as: "logout"
-    end
-
-### Model
-
-The [Auther::Account](app/models/auther/account.rb) is a struct that uses ActiveModel validations to
-aid in attribute validation. This model could potentially be replaced with a database-backed object
-(would require controller customization)...but you should question if you have outgrown the use of
-this gem and need a different solution altogether if it comes to that.
-
-### Presenter
-
-The [Auther::Presenter::Account](app/presenters/auther/account.rb) is a plain old Ruby object that
-uses ActiveModel validations to aid in form validation. This presenter makes it easy to construct
-form data for input and validation.
-
-### View
-
-The view can be customized by creating the following file within your Rails application (assumes
-that the default Auther::SessionController implementation is sufficient):
-
-    app/views/auther/session/new.html
-
-The form uses the `@account` instance variable which is an instance of the
-Auther::Presenter::Account presenter (as mentioned above). The form can be stylized by modifying the
-styles found in the [auther.scss](app/assets/stylesheets/auther/auther.scss) stylesheet.
-
-### Controller
-
-The [Auther::SessionController](app/controllers/auther/session_controller.rb) inherits from the
-[Auther::BaseController](app/controllers/auther/base_controller.rb). To customize, it is recommended
-that you add a controller to your app that inherits from the Auther::BaseController. Example:
-
-    # Example Path:  app/controllers/session_controller.rb
-    class SessionController < Auther::BaseController
-      layout "example"
-    end
-
-This allows customization of session controller behavior to serve any special business needs. See
-the `Auther::BaseController` for additional details or the `Auther::SessionController` for default
-implementation.
-
-### Logging
-
-As mentioned in the setup above, the logger can be customized as follows:
-
-    Auther::NullLogger.new # This is the default logger (which is no logging at all).
-    ActiveSupport::Logger.new("log/#{Rails.env}.log") # Can be used to log to the environment log.
-    Logger.new(STDOUT) # Can be used to log to standard output.
-
-When logging is enabled, you'll be able to see the following information in the server logs to help
-debug custom Auther settings:
-
-- Requested path and excluded path detection.
-- Finding (or not finding) of account.
-- Account authentication pass/fail.
-- Account and path authorization pass/fail.
-
-### Troubleshooting
-
-- If upgrading Rails, changing the cookie/session settings, generating a new secret base key, etc.
-  this might cause Auther authentication to fail. Make sure to clear your browser cookies in this
-  situation or use Google Chrome (incognito mode) to verify.
-- If the authentication view/form looks broken (stylewise) this could be due to custom
-  `ActionView::Base.field_error_proc` settings defined by your app (usually via an initializer).
-  Auther uses this configuration `ActionView::Base.field_error_proc = proc { |html_tag, _|
-  html_tag.html_safe }` so that no additional markup is added to the DOM when errors are raised. If
-  you have customized this to something else, you might want to read the usage documentation
-  (mentioned above) to rebuild the authentication view/form for your specific business needs.
-
-## Tests
-
-To test, run:
-
-    bundle exec rake
-
-## Versioning
-
-Read [Semantic Versioning](https://semver.org) for details. Briefly, it means:
-
-- Major (X.y.z) - Incremented for any backwards incompatible public API changes.
-- Minor (x.Y.z) - Incremented for new, backwards compatible, public API enhancements/fixes.
-- Patch (x.y.Z) - Incremented for small, backwards compatible, bug fixes.
-
-## Code of Conduct
-
-Please note that this project is released with a [CODE OF CONDUCT](CODE_OF_CONDUCT.md). By
-participating in this project you agree to abide by its terms.
-
-## Contributions
-
-Read [CONTRIBUTING](CONTRIBUTING.md) for details.
-
-## License
-
-Copyright 2014 [Alchemists](https://www.alchemists.io).
-Read [LICENSE](LICENSE.md) for details.
-
-## History
-
-Read [CHANGES](CHANGES.md) for details.
-Built with [Gemsmith](https://github.com/bkuhlmann/gemsmith).
-
-## Credits
-
-Developed by [Brooke Kuhlmann](https://www.alchemists.io) at
-[Alchemists](https://www.alchemists.io).