auther 2.2.0 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a723b61c8ea5e2e91454740901106c8ec8848c99
-  data.tar.gz: 51ab5d8928d887e9b57c4c9c3e4855b279a6113a
+  metadata.gz: a66114fa344f0e0ce5003e241ee5a157b4e4abf1
+  data.tar.gz: 5689ed9bba3ed4dde0d4c084b64dcf4f8757e831
 SHA512:
-  metadata.gz: 41ed68e6d661e6e782d08b55b1c82110a40774f86b5b5005dbb1cc678cfa5af42a78d5919784ffdec84187a94f98d0843bae53711468efa03db1672ebc5a0f9f
-  data.tar.gz: 8dcaf09300d02c88e27872912c56e7dd14a06b18fbe1423fc10a3ffa3024f11098e1ecf0396b93d81ab4c6354c7c254ad436655aee8460ec88604b7448b7f6eb
+  metadata.gz: e0a3ac57b79d582af11f16b5678675c028194179c5b311f5e539061fe5c9b2eff73d9fbdcba186fcb6f7e321de46da93c42d21888abeaca4372f79c06dbf3440
+  data.tar.gz: fdf67d939a5225fb5841250014c22b6c3fc2754eede0b0727195699ba55e5fe5f03db03cf11441936b9653be616b0fd744df88ae4a2cf5b971a7e234ca601ede

data/README.md

@@ -59,12 +59,18 @@ Run the generator to configure and initialize your application:
 
 # Usage
 
-Launch your Rails application and visit either of the following routes:
+Assuming you are using the excellent [dotenv](https://github.com/bkeepers/dotenv) gem, add the following to your `.env`
+settings:
+
+    AUTHER_SECRET=66is2tB4EbekG74DPGRmyQkdtZkQyNWZY6yeeNsmQ4Rpu42esdnP9X6puxpKfs64Gy2ghPu6QGTKsvQ73wXuDyWzDr
+    AUTHER_ADMIN_LOGIN=aHdMWUhiVGRyVHBPMmhTRWNRR082MFhNdVFkL2ZaSGpvY2VoVS90dGRpRT0tLXFBWWZDRkJ4aDR3Qy9aamNOeU1JekE9PQ==--bf077a68a8e654ed9e480851c9597dae57ec34b8
+    AUTHER_ADMIN_PASSWORD=VTloc285SVNrbnlHN0xhOTlMVEx6WnZ0VnFOMjFNWWdkZlRKdGVjZ1FtUT0tLTkrSDdweU1meVdFV1FIRnhpenZiK1E9PQ==--85c415da879ffab2491d37d767d108254d1ed57e
+
+Launch your Rails application and visit the following:
 
     http://localhost:3000/login
-    http://localhost:3000/admin/example # Assumes this route exists. Will redirect to /login if not authorized.
 
-Use the following credentials to login:
+Use these credentials to login:
 
 * Login: test@test.com
 * Password: password
@@ -80,17 +86,17 @@ The initializer (installed during setup) can be found here:
 The initializer comes installed with the following settings:
 
     Rails.application.config.auther_settings = {
-      secret: "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb",
+      secret: ENV["AUTHER_SECRET"],
       accounts: [
         name: "admin",
-        encrypted_login: "N3JzR213WlBISDZsMjJQNkRXbEVmYVczbVdnMHRYVHRud29lOWRCekp6ST0tLWpFMkROekUvWDBkOHZ4ZngxZHV6clE9PQ==--cd863c39991fa4bb9a35de918aa16da54514e331",
-        encrypted_password: "cHhFSStjRm9KbEYwK3ZJVlF2MmpTTWVVZU5acEdlejZsZEhjWFJoQWxKND0tLTE3cmpXZVBQdW5VUW1jK0ZSSDdLUnc9PQ==--f51171174fa77055540420f205e0dd9d499cfeb6",
+        encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
+        encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
         paths: ["/admin"]
       ]
     }
 
-**IMPORTANT**: The encrypted login/password credentials must be changed and re-encrypted before deploying to production!
-To encrypt/decrypt account credentials, launch a rails console and run the following:
+**IMPORTANT**: The encrypted secret, login, and password credentials used in the `.env` setup above must be re-encrypted
+before deploying to production! To encrypt/decrypt account credentials, launch a rails console and run the following:
 
     # Best if more than 150 characters and gibberish to read. Must be the same as defined in auther settings.
     cipher = Auther::Cipher.new "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb"
@@ -108,8 +114,8 @@ The initializer can be customized as follows:
 * *secret* - Required. The secret passphrase used to encrypt/decrypt account credentials.
 * *accounts* - Required. The array of accounts with different or similar access to the application.
     * *name* - Required. The account name. The name that uniquely identifies each account.
-    * *encrypted_login* - Required. The encrypted account login. For example, the above decrypts to: *test@test.com*.
-    * *encrypted_password* - Required. The encrypted account password. For example, the above decrypts to: *password*.
+    * *encrypted_login* - Required. The encrypted account login.
+    * *encrypted_password* - Required. The encrypted account password.
     * *paths* - Required. The array of blacklisted paths for which only this account has access to.
     * *authorized_url* - Optional. The URL to redirect to upon successful authorization. Authorized redirection works
       as follows (in the order defined):

data/lib/auther/version.rb

@@ -1,3 +1,3 @@
 module Auther
-  VERSION = "2.2.0"
+  VERSION = "3.0.0"
 end

data/lib/generators/auther/templates/config/initializers/auther.rb

@@ -1,9 +1,9 @@
 Rails.application.config.auther_settings = {
-  secret: "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb",
+  secret: ENV["AUTHER_SECRET"],
   accounts: [
     name: "admin",
-    encrypted_login: "N3JzR213WlBISDZsMjJQNkRXbEVmYVczbVdnMHRYVHRud29lOWRCekp6ST0tLWpFMkROekUvWDBkOHZ4ZngxZHV6clE9PQ==--cd863c39991fa4bb9a35de918aa16da54514e331",
-    encrypted_password: "cHhFSStjRm9KbEYwK3ZJVlF2MmpTTWVVZU5acEdlejZsZEhjWFJoQWxKND0tLTE3cmpXZVBQdW5VUW1jK0ZSSDdLUnc9PQ==--f51171174fa77055540420f205e0dd9d499cfeb6",
+    encrypted_login: ENV["AUTHER_ADMIN_LOGIN"],
+    encrypted_password: ENV["AUTHER_ADMIN_PASSWORD"],
     paths: ["/admin"]
   ]
 }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auther
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 3.0.0
 platform: ruby
 authors:
 - Brooke Kuhlmann
@@ -30,7 +30,7 @@ cert_chain:
   fMlZDUGx3lQarp/vPjK+6XH7DLXjBEKqeIGBIpLthYUvDxJRp23C+T3liGSL32vg
   mSpxxwmK95GDFuEy2mNPaxnazdkw8c+7DbrSpzd/CnNZkRgitxOavs8=
   -----END CERTIFICATE-----
-date: 2014-07-07 00:00:00.000000000 Z
+date: 2014-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: pry-byebug