authie 3.0.0 → 3.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 9d1aceff4f3015b34c0f529d573ba5b38342a995
-  data.tar.gz: 4fcfced43fd5b139af44c8b2cdf0a5dd664eb8ad
+SHA256:
+  metadata.gz: d0803a1a80e3d9702dbbc903b0143f912fea8d15485468842b3e92ec6017a8ef
+  data.tar.gz: 7e66c2b179f45749b608c1bb47a3c41d20bf16215d1ce683bb9ac6fe0a170262
 SHA512:
-  metadata.gz: 5156c899cbfa6dd8175790aec3f3b11ea4efb0dd05e28d1af6cd5334928ad3d0fce4a0f78f465a9be883a9f2fa3ae47ce2641b34019ec752cc497c8238b43bcb
-  data.tar.gz: 9a9865e44ea9fc20e7c5d2c3c1dd3f8bc0677837fd388a3f6a49c31667384273af913ca2cfe4de9a6f7430b321da216774714da85d96417108a95d643e610391
+  metadata.gz: a23bc816329aac99bde28bfc97591b159e3112db22d7ef44da4fd2c8b0119ecca4a2eb2398e88033506878226074702a36b5169c0159eb7ec7f7588ef57d480a
+  data.tar.gz: 42ee0beacab3278edd1259b6ca8c8c8777875bac36a34456c16e54ee6c911fde3bb862e4019a38b196023d1e233259438836b546db5569a4d159c0a6b3e38d88

data/db/migrate/20141012174250_create_authie_sessions.rb

@@ -1,4 +1,4 @@
-class CreateAuthieSessions < ActiveRecord::Migration
+class CreateAuthieSessions < ActiveRecord::Migration[4.2]
   def change
     create_table :authie_sessions do |t|
       t.string :token, :browser_id

data/db/migrate/20141013115205_add_indexes_to_authie_sessions.rb

@@ -1,8 +1,8 @@
-class AddIndexesToAuthieSessions < ActiveRecord::Migration
+class AddIndexesToAuthieSessions < ActiveRecord::Migration[4.2]
   def change
     add_column :authie_sessions, :user_type, :string
-    add_index :authie_sessions, :token
-    add_index :authie_sessions, :browser_id
+    add_index :authie_sessions, :token, :length => 10
+    add_index :authie_sessions, :browser_id, :length => 10
     add_index :authie_sessions, :user_id
   end
 end

data/db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb

@@ -1,4 +1,4 @@
-class AddParentIdToAuthieSessions < ActiveRecord::Migration
+class AddParentIdToAuthieSessions < ActiveRecord::Migration[4.2]
   def change
     add_column :authie_sessions, :parent_id, :integer
   end

data/db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb

@@ -1,4 +1,4 @@
-class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration
+class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration[4.2]
   def change
     add_column :authie_sessions, :two_factored_at, :datetime
     add_column :authie_sessions, :two_factored_ip, :string

data/db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb

@@ -1,4 +1,4 @@
-class AddTokenHashesToAuthieSessions < ActiveRecord::Migration
+class AddTokenHashesToAuthieSessions < ActiveRecord::Migration[4.2]
   def change
     add_column :authie_sessions, :token_hash, :string
   end

data/db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb

@@ -1,5 +1,5 @@
-class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration
+class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[4.2]
   def change
-    add_index :authie_sessions, :token_hash
+    add_index :authie_sessions, :token_hash, :length => 10
   end
 end

data/db/migrate/20180215152200_add_host_to_authie_sessions.rb

@@ -0,0 +1,5 @@
+class AddHostToAuthieSessions < ActiveRecord::Migration[4.2]
+  def change
+    add_column :authie_sessions, :host, :string
+  end
+end

data/lib/authie/controller_delegate.rb

@@ -30,13 +30,10 @@ module Authie
     # Set the currently logged in user
     def current_user=(user)
       if user
-        unless logged_in?
-          @auth_session = Session.start(@controller, :user => user)
-        end
-        @current_user = user
+        @auth_session = Session.start(@controller, :user => user)
       else
-        auth_session.destroy if logged_in?
-        @current_user = nil
+        auth_session.invalidate! if logged_in?
+        @auth_session = nil
       end
     end
 

data/lib/authie/session.rb

@@ -6,6 +6,7 @@ module Authie
     class ExpiredSession < Error; end
     class BrowserMismatch < Error; end
     class NoParentSessionForRevert < Error; end
+    class HostMismatch < Error; end
 
     # Set table name
     self.table_name = "authie_sessions"
@@ -90,6 +91,11 @@ module Authie
           invalidate!
           raise InactiveSession, "Non-persistent session has expired"
         end
+
+        if self.host && self.host != controller.request.host
+          invalidate!
+          raise HostMismatch, "Session was created on #{self.host} but accessed using #{controller.request.host}"
+        end
       end
     end
 
@@ -223,6 +229,7 @@ module Authie
       session.browser_id = cookies[:browser_id]
       session.login_at = Time.now
       session.login_ip = controller.request.ip
+      session.host = controller.request.host
       session.save!
       session
     end

data/lib/authie/version.rb

@@ -1,3 +1,3 @@
 module Authie
-  VERSION = '3.0.0'
+  VERSION = '3.1.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authie
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.1.0
 platform: ruby
 authors:
 - Adam Cooke
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-21 00:00:00.000000000 Z
+date: 2018-02-15 00:00:00.000000000 Z
 dependencies: []
 description: A Rails library for storing user sessions in a backend database
 email:
@@ -23,6 +23,7 @@ files:
 - db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb
 - db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb
 - db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb
+- db/migrate/20180215152200_add_host_to_authie_sessions.rb
 - lib/authie.rb
 - lib/authie/config.rb
 - lib/authie/controller_delegate.rb
@@ -52,9 +53,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.7.4
 signing_key: 
 specification_version: 4
 summary: A Rails library for storing user sessions in a backend database
 test_files: []
-has_rdoc: