auther 2.0.0 → 2.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 18370adb7c20520b5fe1a95290e6d0ebc387e26f
-  data.tar.gz: 83be7320485a4b859bd51ba040145baad8bfd597
+  metadata.gz: 18b92be2eec96e15a96b6b5948d50047ca931f84
+  data.tar.gz: cc5ff3d9525debbaffa8fdcffc62699f3043f48f
 SHA512:
-  metadata.gz: c83a3d37bebb80fe575e2961b4ba54c775cf2f9af45275d8f135417620b0e767255b85233ec542caf16d22f031c8b7491235d13dd6deccba1a47a8b5018ee94a
-  data.tar.gz: 2a0ed3ede21308c3870e038a4bdad28a8a041fe5777114b3f115996a1371b95da7a549f437b2bab9e88a5c984c0d85a25593b8f6c605ca4db1f221cd01a67311
+  metadata.gz: 30217fb220fd13516234275e3c13e9da8e03b76b38fdde89b43f840804fd68ecc89860e4b40382c460cefde19192af186043ec38f94e1eb2fafb440869c4a3fb
+  data.tar.gz: fbd2f2b8e4d6a9ab9767a1a8332657c2e74f51b1d37cbb47d90b4f5b59c81387b649f5d9246dbbb853e9a5489f04be4113e2c2ad8ba672ff7dbfb556526ccda3

data/README.md

@@ -55,11 +55,11 @@ Add the following to your Gemfile:
 
 Run the generator to configure and initialize your application:
 
-    bin/rails generate auther:install
+    rails generate auther:install
 
 # Usage
 
-Using the setup examples, from above, launch your Rails application and visit either of the following routes:
+Launch your Rails application and visit either of the following routes:
 
     http://localhost:3000/login
     http://localhost:3000/admin/example # Assumes this route exists. Will redirect to /login if not authorized.
@@ -69,17 +69,6 @@ Use the following credentials to login:
 * Login: test@test.com
 * Password: password
 
-To encrypt/decrypt account credentials, launch a rails console and type the following:
-
-    # Best if more than 150 characters and gibberish to read. Must be the same as defined in auther settings.
-    cipher = Auther::Cipher.new "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb"
-
-    # Do this to encrypt an unecrypted value.
-    cipher.encrypt "test@test.com"
-
-    # Do this to decrypt an encrypted value.
-    cipher.decrypt "N3JzR213WlBISDZsMjJQNkRXbEVmYVczbVdnMHRYVHRud29lOWRCekp6ST0tLWpFMkROekUvWDBkOHZ4ZngxZHV6clE9PQ==--cd863c39991fa4bb9a35de918aa16da54514e331"
-
 # Customization
 
 ## Initializer
@@ -100,6 +89,18 @@ The initializer comes installed with the following settings:
       ]
     }
 
+**IMPORTANT**: The encrypted login/password credentials must be changed and re-encrypted before deploying to production!
+To encrypt/decrypt account credentials, launch a rails console and run the following:
+
+    # Best if more than 150 characters and gibberish to read. Must be the same as defined in auther settings.
+    cipher = Auther::Cipher.new "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb"
+
+    # Do this to encrypt an unecrypted value.
+    cipher.encrypt "test@test.com"
+
+    # Do this to decrypt an encrypted value.
+    cipher.decrypt "N3JzR213WlBISDZsMjJQNkRXbEVmYVczbVdnMHRYVHRud29lOWRCekp6ST0tLWpFMkROekUvWDBkOHZ4ZngxZHV6clE9PQ==--cd863c39991fa4bb9a35de918aa16da54514e331"
+
 The initializer can be customized as follows:
 
 * *title* - Optional. The HTML page title (as rendered within a browser tab). Default: "Authorization".
@@ -187,11 +188,18 @@ Auther settings:
 
 # Tests
 
-To test, do the following:
+To test, run:
+
+    bundle exec rspec spec
+
+# Upgrading
+
+For those using Auther 1.x.x, there are a few minor changes to be applied in order to upgrade to 2.x.x:
 
-0. cd to the gem root.
-0. bundle install
-0. bundle exec rspec spec
+0. Move the old Auther settings (i.e. `config/application.rb`) into an Auther initilizer (i.e.
+   `config/initializers/auther.rb`). Read the *Customization* section above for additional instruction.
+0. All account settings have changed from `login` and `password` to `encrypted_login` and `encrypted_password` keys.
+0. The `success_url` account settings have been renamed to `authorized_url`.
 
 # Troubleshooting
 
@@ -208,7 +216,7 @@ To test, do the following:
 
 # Contributions
 
-Read CONTRIBUTING for details.
+Read [CONTRIBUTING](CONTRIBUTING.md) for details.
 
 # Credits
 
@@ -217,9 +225,9 @@ Developed by [Brooke Kuhlmann](http://www.alchemists.io) at [Alchemists](http://
 # License
 
 Copyright (c) 2014 [Alchemists](http://www.alchemists.io).
-Read the LICENSE for details.
+Read the [LICENSE](LICENSE.md) for details.
 
 # History
 
-Read the CHANGELOG for details.
+Read the [CHANGELOG](CHANGELOG.md) for details.
 Built with [Gemsmith](https://github.com/bkuhlmann/gemsmith).

data/lib/auther/gatekeeper.rb

@@ -54,9 +54,9 @@ module Auther
       details = %(Account: "#{account_name}". Blacklist: #{blacklist}. Request Path: "#{request_path}".)
 
       if authorized
-        log_info %(Authorization failed! #{details})
-      else
         log_info %(Authorization passed. #{details})
+      else
+        log_info %(Authorization failed! #{details})
       end
     end
 
@@ -73,14 +73,13 @@ module Auther
       paths.map { |path| path.chomp '/' }
     end
 
-    def blacklisted_paths accounts
-      paths = accounts.map { |account| clean_paths account.fetch(:paths) }
+    def blacklisted_paths
+      paths = settings.accounts.map { |account| clean_paths account.fetch(:paths) }
       paths.flatten.uniq
     end
 
-    def blacklisted_matched_paths accounts, path
-      paths = blacklisted_paths accounts
-      paths.select { |blacklisted_path| path.include? blacklisted_path }
+    def blacklisted_matched_paths path
+      blacklisted_paths.select { |blacklisted_path| path.include? blacklisted_path }
     end
 
     def authenticated? account
@@ -103,21 +102,20 @@ module Auther
     end
 
     def account_authorized? account, path
-      paths = clean_paths account.fetch(:paths)
+      all_paths = blacklisted_paths
+      account_paths = clean_paths account.fetch(:paths)
+      restricted_paths = all_paths - account_paths
 
-      authorized = paths.include? path
-      log_authorization authorized, account.fetch(:name), paths, request.path
+      authorized = !restricted_paths.include?(path)
+      log_authorization authorized, account.fetch(:name), all_paths, request.path
       authorized
     end
 
     def authorized? path
-      accounts = settings.accounts
-      all_blacklisted_paths = blacklisted_paths settings.accounts
-
-      if blacklisted_matched_paths(accounts, path).any?
-        log_info %(Requested path "#{request.path}" found in blacklisted paths: #{all_blacklisted_paths}.)
+      if blacklisted_matched_paths(path).any?
+        log_info %(Requested path "#{request.path}" found in blacklisted paths: #{blacklisted_paths}.)
         account = find_account
-        account && authenticated?(account) && !account_authorized?(account, path)
+        account && authenticated?(account) && account_authorized?(account, path)
       else
         true
       end

data/lib/auther/version.rb

@@ -1,3 +1,3 @@
 module Auther
-  VERSION = "2.0.0"
+  VERSION = "2.1.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auther
 version: !ruby/object:Gem::Version
-  version: 2.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Brooke Kuhlmann
@@ -30,7 +30,7 @@ cert_chain:
   SJpzzzZ8gO6BKn4fhd+ENNQ333Qy3nuNk07TVIaNnlgeHhowUDuD9T7Z8Lka0pt3
   4PteiTppsf0SSVAM9zSO5IuFngXMRwWgvjOfXE70f43RDuUVTCSyylc=
   -----END CERTIFICATE-----
-date: 2014-06-12 00:00:00.000000000 Z
+date: 2014-06-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pry-byebug