authie 3.0.0 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/db/migrate/20141012174250_create_authie_sessions.rb +1 -1
- data/db/migrate/20141013115205_add_indexes_to_authie_sessions.rb +3 -3
- data/db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb +1 -1
- data/db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb +1 -1
- data/db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb +1 -1
- data/db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb +2 -2
- data/db/migrate/20180215152200_add_host_to_authie_sessions.rb +5 -0
- data/lib/authie/controller_delegate.rb +3 -6
- data/lib/authie/session.rb +7 -0
- data/lib/authie/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: d0803a1a80e3d9702dbbc903b0143f912fea8d15485468842b3e92ec6017a8ef
|
4
|
+
data.tar.gz: 7e66c2b179f45749b608c1bb47a3c41d20bf16215d1ce683bb9ac6fe0a170262
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a23bc816329aac99bde28bfc97591b159e3112db22d7ef44da4fd2c8b0119ecca4a2eb2398e88033506878226074702a36b5169c0159eb7ec7f7588ef57d480a
|
7
|
+
data.tar.gz: 42ee0beacab3278edd1259b6ca8c8c8777875bac36a34456c16e54ee6c911fde3bb862e4019a38b196023d1e233259438836b546db5569a4d159c0a6b3e38d88
|
@@ -1,8 +1,8 @@
|
|
1
|
-
class AddIndexesToAuthieSessions < ActiveRecord::Migration
|
1
|
+
class AddIndexesToAuthieSessions < ActiveRecord::Migration[4.2]
|
2
2
|
def change
|
3
3
|
add_column :authie_sessions, :user_type, :string
|
4
|
-
add_index :authie_sessions, :token
|
5
|
-
add_index :authie_sessions, :browser_id
|
4
|
+
add_index :authie_sessions, :token, :length => 10
|
5
|
+
add_index :authie_sessions, :browser_id, :length => 10
|
6
6
|
add_index :authie_sessions, :user_id
|
7
7
|
end
|
8
8
|
end
|
@@ -1,5 +1,5 @@
|
|
1
|
-
class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration
|
1
|
+
class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[4.2]
|
2
2
|
def change
|
3
|
-
add_index :authie_sessions, :token_hash
|
3
|
+
add_index :authie_sessions, :token_hash, :length => 10
|
4
4
|
end
|
5
5
|
end
|
@@ -30,13 +30,10 @@ module Authie
|
|
30
30
|
# Set the currently logged in user
|
31
31
|
def current_user=(user)
|
32
32
|
if user
|
33
|
-
|
34
|
-
@auth_session = Session.start(@controller, :user => user)
|
35
|
-
end
|
36
|
-
@current_user = user
|
33
|
+
@auth_session = Session.start(@controller, :user => user)
|
37
34
|
else
|
38
|
-
auth_session.
|
39
|
-
@
|
35
|
+
auth_session.invalidate! if logged_in?
|
36
|
+
@auth_session = nil
|
40
37
|
end
|
41
38
|
end
|
42
39
|
|
data/lib/authie/session.rb
CHANGED
@@ -6,6 +6,7 @@ module Authie
|
|
6
6
|
class ExpiredSession < Error; end
|
7
7
|
class BrowserMismatch < Error; end
|
8
8
|
class NoParentSessionForRevert < Error; end
|
9
|
+
class HostMismatch < Error; end
|
9
10
|
|
10
11
|
# Set table name
|
11
12
|
self.table_name = "authie_sessions"
|
@@ -90,6 +91,11 @@ module Authie
|
|
90
91
|
invalidate!
|
91
92
|
raise InactiveSession, "Non-persistent session has expired"
|
92
93
|
end
|
94
|
+
|
95
|
+
if self.host && self.host != controller.request.host
|
96
|
+
invalidate!
|
97
|
+
raise HostMismatch, "Session was created on #{self.host} but accessed using #{controller.request.host}"
|
98
|
+
end
|
93
99
|
end
|
94
100
|
end
|
95
101
|
|
@@ -223,6 +229,7 @@ module Authie
|
|
223
229
|
session.browser_id = cookies[:browser_id]
|
224
230
|
session.login_at = Time.now
|
225
231
|
session.login_ip = controller.request.ip
|
232
|
+
session.host = controller.request.host
|
226
233
|
session.save!
|
227
234
|
session
|
228
235
|
end
|
data/lib/authie/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authie
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Cooke
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-02-15 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: A Rails library for storing user sessions in a backend database
|
14
14
|
email:
|
@@ -23,6 +23,7 @@ files:
|
|
23
23
|
- db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb
|
24
24
|
- db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb
|
25
25
|
- db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb
|
26
|
+
- db/migrate/20180215152200_add_host_to_authie_sessions.rb
|
26
27
|
- lib/authie.rb
|
27
28
|
- lib/authie/config.rb
|
28
29
|
- lib/authie/controller_delegate.rb
|
@@ -52,9 +53,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
53
|
version: '0'
|
53
54
|
requirements: []
|
54
55
|
rubyforge_project:
|
55
|
-
rubygems_version: 2.
|
56
|
+
rubygems_version: 2.7.4
|
56
57
|
signing_key:
|
57
58
|
specification_version: 4
|
58
59
|
summary: A Rails library for storing user sessions in a backend database
|
59
60
|
test_files: []
|
60
|
-
has_rdoc:
|