RubyGems - authie - Versions diffs - 4.0.0.rc10 → 4.1.0 - Mend

authie 4.0.0.rc10 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c2ba869656ec43ca7b92803584ad2361ad2a7c443b2b69bc7f7bac2c0e991218
-  data.tar.gz: 67340e7ab60e5fafb35a17a8760611d5f1c25a3ae67abf75363f7210ec3cb181
+  metadata.gz: 1b35fefc8e1d77c5dc713e70d46d29a2e6de782e3d3c6cb35a89f8a31f416406
+  data.tar.gz: f4bfa5628f66ef549e2cb0e74b87c2a503a0d49916d1a93aba7af299bc0e7d29
 SHA512:
-  metadata.gz: b6f3604a227d448f0d2724eb6566f83c4b665121fd3d9075691bdccd4e72370a230b4916ae1a8fd8b68fff893e81b5bd39170be2c5ebe244817fa33c5365daf7
-  data.tar.gz: fcde4d28afbc7bab2727150c69be0baa527a89e65bb1047159499247771b2284bec104f54bbd7adf7db52f18dacac58ab0817085d8b42ff8f07e226b201bffe6
+  metadata.gz: 47793da24b501a3e3a5f26652cde36431c90f6f43b8d0e1fa8477e366b2ba6f6ee524e989dd5d2520f15b61c567320f701c29caa5c62bf1acfafc1ad1d096415
+  data.tar.gz: 98e9993d49250765b479e7bd37703652f381d3dc6fb2cf1d1792498b5c95f81c200bb0ea68ff09be6fe072e7141ed49876b43a0953a94fed012370bbbce5c36f

data/db/migrate/20141012174250_create_authie_sessions.rb CHANGED Viewed

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
-class CreateAuthieSessions < ActiveRecord::Migration[4.2]
+class CreateAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     create_table :authie_sessions do |t|
       t.string :token, :browser_id
-      t.integer :user_id
+      t.bigint :user_id
       t.boolean :active, default: true
       t.text :data
       t.datetime :expires_at

data/db/migrate/20141013115205_add_indexes_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddIndexesToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddIndexesToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :user_type, :string
     add_index :authie_sessions, :token, length: 10

data/db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
-class AddParentIdToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddParentIdToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
-    add_column :authie_sessions, :parent_id, :integer
+    add_column :authie_sessions, :parent_id, :bigint
   end
 end

data/db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration[4.2]
+class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :two_factored_at, :datetime
     add_column :authie_sessions, :two_factored_ip, :string

data/db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTokenHashesToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddTokenHashesToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :token_hash, :string
   end

data/db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[4.2]
+class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_index :authie_sessions, :token_hash, length: 10
   end

data/db/migrate/20180215152200_add_host_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddHostToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddHostToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :host, :string
   end

data/db/migrate/20220502180100_add_two_factor_required_to_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTwoFactorRequiredToSessions < ActiveRecord::Migration[4.2]
+class AddTwoFactorRequiredToSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :skip_two_factor, :boolean, default: false
   end

data/db/migrate/20230627165500_add_countries_to_authie_sessions.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class AddCountriesToAuthieSessions < ActiveRecord::Migration[6.1]
+  def change
+    add_column :authie_sessions, :login_ip_country, :string
+    add_column :authie_sessions, :two_factored_ip_country, :string
+    add_column :authie_sessions, :last_activity_ip_country, :string
+  end
+end

data/lib/authie/config.rb CHANGED Viewed

@@ -8,6 +8,7 @@ module Authie
     attr_accessor :browser_id_cookie_name
     attr_accessor :session_token_length
     attr_accessor :extend_session_expiry_on_touch
+    attr_accessor :ip_lookup
     def initialize
       @session_inactivity_timeout = 12.hours
@@ -16,6 +17,13 @@ module Authie
       @browser_id_cookie_name = :browser_id
       @session_token_length = 64
       @extend_session_expiry_on_touch = false
+      @lookup_ip_country_backend = nil
+    end
+    def lookup_ip_country(ip)
+      return nil if @lookup_ip_country_backend.nil?
+      @lookup_ip_country_backend.call(ip)
     end
   end

data/lib/authie/controller_delegate.rb CHANGED Viewed

@@ -46,9 +46,9 @@ module Authie
     #
     # @return [Authie::Session, false]
     def validate_auth_session
-      return auth_session.validate if logged_in?
+      return false unless logged_in?
-      false
+      auth_session.validate
     end
     # Touch the session to update details on the latest activity.
@@ -74,13 +74,12 @@ module Authie
     #
     # @return [Authie::Session, nil]
     def create_auth_session(user, **kwargs)
-      if user
-        @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
-        return @auth_session
+      if user.nil?
+        invalidate_auth_session
+        return nil
       end
-      invalidate_auth_session
-      nil
+      @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
     end
     # Invalidate the existing auth session if one exists. Return true if a sesion has been invalidated
@@ -88,13 +87,11 @@ module Authie
     #
     # @return [Boolean]
     def invalidate_auth_session
-      if logged_in?
-        auth_session.invalidate
-        @auth_session = nil
-        return true
-      end
+      return false unless logged_in?
-      false
+      auth_session.invalidate
+      @auth_session = nil
+      true
     end
     # Is anyone currently logged in? Return true if there is an auth session present.

data/lib/authie/controller_extension.rb CHANGED Viewed

@@ -6,7 +6,8 @@ module Authie
   module ControllerExtension
     class << self
       def included(base)
-        base.helper_method :logged_in?, :current_user, :auth_session
+        base.helper_method :logged_in?, :current_user, :auth_session if base.respond_to?(:helper_method)
         base.before_action :set_browser_id, :validate_auth_session
         base.around_action :touch_auth_session

data/lib/authie/session.rb CHANGED Viewed

@@ -13,7 +13,14 @@ module Authie
     attr_reader :session
     # A parent class that encapsulates all session validity errors.
-    class ValidityError < Error; end
+    class ValidityError < Error
+      attr_reader :session
+      def initialize(message, session = nil)
+        super(message)
+        @session = session
+      end
+    end
     # Raised when a session is used but it is no longer active
     class InactiveSession < ValidityError; end
@@ -89,7 +96,11 @@ module Authie
     # @return [Authie::Session]
     def touch
       @session.last_activity_at = Time.now
+      if @controller.request.ip != @session.last_activity_ip
+        @session.last_activity_ip_country = Authie.config.lookup_ip_country(@controller.request.ip)
+      end
       @session.last_activity_ip = @controller.request.ip
       @session.last_activity_path = @controller.request.path
       @session.requests += 1
       extend_session_expiry_if_appropriate
@@ -117,6 +128,7 @@ module Authie
     def mark_as_two_factored(skip: nil)
       @session.two_factored_at = Time.now
       @session.two_factored_ip = @controller.request.ip
+      @session.two_factored_ip_country = Authie.config.lookup_ip_country(@controller.request.ip)
       @session.skip_two_factor = skip unless skip.nil?
       @session.save!
       Authie.notify(:mark_as_two_factor, session: self)
@@ -145,7 +157,6 @@ module Authie
     private
-    # rubocop:disable Naming/AccessorMethodName
     def set_cookie(value = @session.temporary_token)
       cookies[:user_session] = {
         value: value,
@@ -156,7 +167,6 @@ module Authie
       Authie.notify(:cookie_updated, session: session)
       true
     end
-    # rubocop:enable Naming/AccessorMethodName
     def cookies
       @controller.send(:cookies)
@@ -164,9 +174,9 @@ module Authie
     def validate_browser_id
       if cookies[:browser_id] != @session.browser_id
-        invalidate
         Authie.notify(:browser_id_mismatch_error, session: self)
-        raise BrowserMismatch, 'Browser ID mismatch'
+        invalidate
+        raise BrowserMismatch.new('Browser ID mismatch', self)
       end
       self
@@ -176,7 +186,7 @@ module Authie
       unless @session.active?
         invalidate
         Authie.notify(:invalid_session_error, session: self)
-        raise InactiveSession, 'Session is no longer active'
+        raise InactiveSession.new('Session is no longer active', self)
       end
       self
@@ -186,7 +196,7 @@ module Authie
       if @session.expired?
         invalidate
         Authie.notify(:expired_session_error, session: self)
-        raise ExpiredSession, 'Persistent session has expired'
+        raise ExpiredSession.new('Persistent session has expired', self)
       end
       self
@@ -195,8 +205,8 @@ module Authie
     def validate_inactivity
       if @session.inactive?
         invalidate
-        Authie.notify(:inactive_session_error, session:  self)
-        raise InactiveSession, 'Non-persistent session has expired'
+        Authie.notify(:inactive_session_error, session: self)
+        raise InactiveSession.new('Non-persistent session has expired', self)
       end
       self
@@ -206,7 +216,8 @@ module Authie
       if @session.host && @session.host != @controller.request.host
         invalidate
         Authie.notify(:host_mismatch_error, session: self)
-        raise HostMismatch, "Session was created on #{@session.host} but accessed using #{@controller.request.host}"
+        raise HostMismatch.new("Session was created on #{@session.host} but accessed using #{@controller.request.host}",
+                               self)
       end
       self
@@ -238,6 +249,7 @@ module Authie
         session.browser_id = cookies[:browser_id]
         session.login_at = Time.now
         session.login_ip = controller.request.ip
+        session.login_ip_country = Authie.config.lookup_ip_country(session.login_ip)
         session.host = controller.request.host
         session.user_agent = controller.request.user_agent
         session.expires_at = Time.now + Authie.config.persistent_session_length if persistent
@@ -292,9 +304,11 @@ module Authie
     delegate :invalidate_others!, to: :session
     delegate :last_activity_at, to: :session
     delegate :last_activity_ip, to: :session
+    delegate :last_activity_ip_country, to: :session
     delegate :last_activity_path, to: :session
     delegate :login_at, to: :session
     delegate :login_ip, to: :session
+    delegate :login_ip_country, to: :session
     delegate :password_seen_at, to: :session
     delegate :persisted?, to: :session
     delegate :persistent?, to: :session
@@ -305,6 +319,7 @@ module Authie
     delegate :token_hash, to: :session
     delegate :two_factored_at, to: :session
     delegate :two_factored_ip, to: :session
+    delegate :two_factored_ip_country, to: :session
     delegate :two_factored?, to: :session
     delegate :skip_two_factor?, to: :session
     delegate :update, to: :session

data/lib/authie/session_model.rb CHANGED Viewed

@@ -63,8 +63,10 @@ module Authie
     end
     def invalidate!
+      active_now = active?
       self.active = false
       save!
+      Authie.notify(:session_invalidate, session: self) if active_now
       true
     end
@@ -79,7 +81,7 @@ module Authie
     end
     def invalidate_others!
-      self.class.where('id != ?', id).for_user(user).each(&:invalidate!).inspect
+      self.class.where('id != ?', id).active.for_user(user).each(&:invalidate!)
     end
     # Have we seen the user's password recently in this sesion?

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authie
 version: !ruby/object:Gem::Version
-  version: 4.0.0.rc10
+  version: 4.1.0
 platform: ruby
 authors:
 - Adam Cooke
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-20 00:00:00.000000000 Z
+date: 2023-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -30,194 +30,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '8.0'
-- !ruby/object:Gem::Dependency
-  name: appraisal
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.4.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.4.1
-- !ruby/object:Gem::Dependency
-  name: rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '8.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '8.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-core
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-expectations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-mocks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.17.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.17.0
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov-console
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: solargraph
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: sqlite3
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.4.2
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.4.2
-- !ruby/object:Gem::Dependency
-  name: timecop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: A Rails library for storing user sessions in a backend database
 email:
 - me@adamcooke.io
@@ -233,6 +45,7 @@ files:
 - db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb
 - db/migrate/20180215152200_add_host_to_authie_sessions.rb
 - db/migrate/20220502180100_add_two_factor_required_to_sessions.rb
+- db/migrate/20230627165500_add_countries_to_authie_sessions.rb
 - lib/authie.rb
 - lib/authie/config.rb
 - lib/authie/controller_delegate.rb
@@ -259,11 +72,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: A Rails library for storing user sessions in a backend database