RubyGems - authie - Versions diffs - 4.0.0.rc9 → 4.0.0 - Mend

authie 4.0.0.rc9 → 4.0.0

Files changed (16) hide show

checksums.yaml +4 -4
data/db/migrate/20141012174250_create_authie_sessions.rb +2 -2
data/db/migrate/20141013115205_add_indexes_to_authie_sessions.rb +1 -1
data/db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb +2 -2
data/db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb +1 -1
data/db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb +1 -1
data/db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb +1 -1
data/db/migrate/20180215152200_add_host_to_authie_sessions.rb +1 -1
data/db/migrate/20220502180100_add_two_factor_required_to_sessions.rb +1 -1
data/lib/authie/config.rb +4 -4
data/lib/authie/controller_delegate.rb +13 -14
data/lib/authie/controller_extension.rb +2 -1
data/lib/authie/session.rb +25 -18
data/lib/authie/session_model.rb +11 -9
metadata +5 -194
data/lib/authie/event_manager.rb +0 -32

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f06ec249cc2efa9d4924d524769752cc9702cf017a1d0020d010e8d4a9eae9f8
-  data.tar.gz: f056af849c503c3870f69a707a4409428d6b200cff4df73237cd21e3ca5ce2ed
+  metadata.gz: 3fc31edba5c9cfea934c40b4ac410c942f5d0fcb75a236a9a0f8bd671556058a
+  data.tar.gz: 6ebbf8156b7092e358c4ed08f2d403a002c4f8930cc7e5b5bfc375cd5bc6e718
 SHA512:
-  metadata.gz: 55baf7050e12a28da721b94764740a9267b1ea6b16cb7fe515cf306bfa695463055fae8b2aa16badf47b541f470cb6357b40611d5965d8d51c03a18f7cf985db
-  data.tar.gz: 4853c8cafca07ec918c2d5f1e3ccfa01988432021ded6350470be15f369561aa534bc1a845521107f8e5d2a5a602d37e160a556d936b09e9b4f8573b9fa70ccb
+  metadata.gz: 21b86b8a69c1878736de93952f5b4e88bcb1080470f3b3df9f1e12087a29996f71dc39177020747b2e31fff6a39da88ff560e168b35ce61e602e77eb68c7e45b
+  data.tar.gz: 4cf16e7b8af0f80d68cae494c59f7f0c3722c92475c80b47ad2ea4f7b719099ad8e053deb708ee90fe1996db4065869f1f98c92121987cbf68bcae159001465e

data/db/migrate/20141012174250_create_authie_sessions.rb CHANGED Viewed

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
-class CreateAuthieSessions < ActiveRecord::Migration[4.2]
+class CreateAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     create_table :authie_sessions do |t|
       t.string :token, :browser_id
-      t.integer :user_id
+      t.bigint :user_id
       t.boolean :active, default: true
       t.text :data
       t.datetime :expires_at

data/db/migrate/20141013115205_add_indexes_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddIndexesToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddIndexesToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :user_type, :string
     add_index :authie_sessions, :token, length: 10

data/db/migrate/20150109144120_add_parent_id_to_authie_sessions.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
-class AddParentIdToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddParentIdToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
-    add_column :authie_sessions, :parent_id, :integer
+    add_column :authie_sessions, :parent_id, :bigint
   end
 end

data/db/migrate/20150305135400_add_two_factor_auth_fields_to_authie.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration[4.2]
+class AddTwoFactorAuthFieldsToAuthie < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :two_factored_at, :datetime
     add_column :authie_sessions, :two_factored_ip, :string

data/db/migrate/20170417170000_add_token_hashes_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTokenHashesToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddTokenHashesToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :token_hash, :string
   end

data/db/migrate/20170421174100_add_index_to_token_hashes_on_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[4.2]
+class AddIndexToTokenHashesOnAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_index :authie_sessions, :token_hash, length: 10
   end

data/db/migrate/20180215152200_add_host_to_authie_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddHostToAuthieSessions < ActiveRecord::Migration[4.2]
+class AddHostToAuthieSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :host, :string
   end

data/db/migrate/20220502180100_add_two_factor_required_to_sessions.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class AddTwoFactorRequiredToSessions < ActiveRecord::Migration[4.2]
+class AddTwoFactorRequiredToSessions < ActiveRecord::Migration[6.1]
   def change
     add_column :authie_sessions, :skip_two_factor, :boolean, default: false
   end

data/lib/authie/config.rb CHANGED Viewed

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
-require 'authie/event_manager'
 module Authie
   class Config
     attr_accessor :session_inactivity_timeout
@@ -10,7 +8,6 @@ module Authie
     attr_accessor :browser_id_cookie_name
     attr_accessor :session_token_length
     attr_accessor :extend_session_expiry_on_touch
-    attr_accessor :events
     def initialize
       @session_inactivity_timeout = 12.hours
@@ -19,7 +16,6 @@ module Authie
       @browser_id_cookie_name = :browser_id
       @session_token_length = 64
       @extend_session_expiry_on_touch = false
-      @events = EventManager.new
     end
   end
@@ -32,5 +28,9 @@ module Authie
       block.call(config)
       config
     end
+    def notify(event, args = {}, &block)
+      ActiveSupport::Notifications.instrument("#{event}.authie", args, &block)
+    end
   end
 end

data/lib/authie/controller_delegate.rb CHANGED Viewed

@@ -34,7 +34,9 @@ module Authie
           httponly: true,
           secure: @controller.request.ssl?
         }
-        Authie.config.events.dispatch(:set_browser_id, proposed_browser_id)
+        Authie.notify(:set_browser_id,
+                      browser_id: proposed_browser_id,
+                      controller: @controller)
       end
       proposed_browser_id
     end
@@ -44,9 +46,9 @@ module Authie
     #
     # @return [Authie::Session, false]
     def validate_auth_session
-      return auth_session.validate if logged_in?
+      return false unless logged_in?
-      false
+      auth_session.validate
     end
     # Touch the session to update details on the latest activity.
@@ -72,13 +74,12 @@ module Authie
     #
     # @return [Authie::Session, nil]
     def create_auth_session(user, **kwargs)
-      if user
-        @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
-        return @auth_session
+      if user.nil?
+        invalidate_auth_session
+        return nil
       end
-      invalidate_auth_session
-      nil
+      @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
     end
     # Invalidate the existing auth session if one exists. Return true if a sesion has been invalidated
@@ -86,13 +87,11 @@ module Authie
     #
     # @return [Boolean]
     def invalidate_auth_session
-      if logged_in?
-        auth_session.invalidate
-        @auth_session = nil
-        return true
-      end
+      return false unless logged_in?
-      false
+      auth_session.invalidate
+      @auth_session = nil
+      true
     end
     # Is anyone currently logged in? Return true if there is an auth session present.

data/lib/authie/controller_extension.rb CHANGED Viewed

@@ -6,7 +6,8 @@ module Authie
   module ControllerExtension
     class << self
       def included(base)
-        base.helper_method :logged_in?, :current_user, :auth_session
+        base.helper_method :logged_in?, :current_user, :auth_session if base.respond_to?(:helper_method)
         base.before_action :set_browser_id, :validate_auth_session
         base.around_action :touch_auth_session

data/lib/authie/session.rb CHANGED Viewed

@@ -13,7 +13,14 @@ module Authie
     attr_reader :session
     # A parent class that encapsulates all session validity errors.
-    class ValidityError < Error; end
+    class ValidityError < Error
+      attr_reader :session
+      def initialize(message, session = nil)
+        super(message)
+        @session = session
+      end
+    end
     # Raised when a session is used but it is no longer active
     class InactiveSession < ValidityError; end
@@ -94,7 +101,7 @@ module Authie
       @session.requests += 1
       extend_session_expiry_if_appropriate
       @session.save!
-      Authie.config.events.dispatch(:session_touched, self)
+      Authie.notify(:touch, session: self)
       self
     end
@@ -105,7 +112,7 @@ module Authie
     def see_password
       @session.password_seen_at = Time.now
       @session.save!
-      Authie.config.events.dispatch(:seen_password, self)
+      Authie.notify(:see_password, session: self)
       self
     end
@@ -119,7 +126,7 @@ module Authie
       @session.two_factored_ip = @controller.request.ip
       @session.skip_two_factor = skip unless skip.nil?
       @session.save!
-      Authie.config.events.dispatch(:marked_as_two_factor, self)
+      Authie.notify(:mark_as_two_factor, session: self)
       self
     end
@@ -130,7 +137,7 @@ module Authie
     # @return [Authie::Session]
     def start
       set_cookie
-      Authie.config.events.dispatch(:start_session, session)
+      Authie.notify(:session_start, session: self)
       self
     end
@@ -145,7 +152,6 @@ module Authie
     private
-    # rubocop:disable Naming/AccessorMethodName
     def set_cookie(value = @session.temporary_token)
       cookies[:user_session] = {
         value: value,
@@ -153,10 +159,9 @@ module Authie
         httponly: true,
         expires: @session.expires_at
       }
-      Authie.config.events.dispatch(:session_cookie_updated, self)
+      Authie.notify(:cookie_updated, session: session)
       true
     end
-    # rubocop:enable Naming/AccessorMethodName
     def cookies
       @controller.send(:cookies)
@@ -164,9 +169,9 @@ module Authie
     def validate_browser_id
       if cookies[:browser_id] != @session.browser_id
+        Authie.notify(:browser_id_mismatch_error, session: self)
         invalidate
-        Authie.config.events.dispatch(:browser_id_mismatch_error, self)
-        raise BrowserMismatch, 'Browser ID mismatch'
+        raise BrowserMismatch.new('Browser ID mismatch', self)
       end
       self
@@ -175,8 +180,8 @@ module Authie
     def validate_active
       unless @session.active?
         invalidate
-        Authie.config.events.dispatch(:invalid_session_error, self)
-        raise InactiveSession, 'Session is no longer active'
+        Authie.notify(:invalid_session_error, session: self)
+        raise InactiveSession.new('Session is no longer active', self)
       end
       self
@@ -185,8 +190,8 @@ module Authie
     def validate_expiry
       if @session.expired?
         invalidate
-        Authie.config.events.dispatch(:expired_session_error, self)
-        raise ExpiredSession, 'Persistent session has expired'
+        Authie.notify(:expired_session_error, session: self)
+        raise ExpiredSession.new('Persistent session has expired', self)
       end
       self
@@ -195,8 +200,8 @@ module Authie
     def validate_inactivity
       if @session.inactive?
         invalidate
-        Authie.config.events.dispatch(:inactive_session_error, self)
-        raise InactiveSession, 'Non-persistent session has expired'
+        Authie.notify(:inactive_session_error, session: self)
+        raise InactiveSession.new('Non-persistent session has expired', self)
       end
       self
@@ -205,8 +210,9 @@ module Authie
     def validate_host
       if @session.host && @session.host != @controller.request.host
         invalidate
-        Authie.config.events.dispatch(:host_mismatch_error, self)
-        raise HostMismatch, "Session was created on #{@session.host} but accessed using #{@controller.request.host}"
+        Authie.notify(:host_mismatch_error, session: self)
+        raise HostMismatch.new("Session was created on #{@session.host} but accessed using #{@controller.request.host}",
+                               self)
       end
       self
@@ -264,6 +270,7 @@ module Authie
       end
       delegate :hash_token, to: SessionModel
+      delegate :cleanup, to: SessionModel
     end
     # Backwards compatibility with Authie < 4.0. These methods were all available on sessions

data/lib/authie/session_model.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-require 'active_record/base'
+require 'active_record'
 require 'securerandom'
 require 'authie/config'
@@ -63,8 +63,10 @@ module Authie
     end
     def invalidate!
+      active_now = active?
       self.active = false
       save!
+      Authie.notify(:session_invalidate, session: self) if active_now
       true
     end
@@ -79,7 +81,7 @@ module Authie
     end
     def invalidate_others!
-      self.class.where('id != ?', id).for_user(user).each(&:invalidate!).inspect
+      self.class.where('id != ?', id).active.for_user(user).each(&:invalidate!)
     end
     # Have we seen the user's password recently in this sesion?
@@ -136,13 +138,13 @@ module Authie
       # Cleanup any old sessions.
       def cleanup
-        Authie.config.events.dispatch(:before_cleanup)
-        # Invalidate transient sessions that haven't been used
-        active.where('expires_at IS NULL AND last_activity_at < ?',
-                     Authie.config.session_inactivity_timeout.ago).each(&:invalidate!)
-        # Invalidate persistent sessions that have expired
-        active.where('expires_at IS NOT NULL AND expires_at < ?', Time.now).each(&:invalidate!)
-        Authie.config.events.dispatch(:after_cleanup)
+        Authie.notify(:cleanup) do
+          # Invalidate transient sessions that haven't been used
+          active.where('expires_at IS NULL AND last_activity_at < ?',
+                       Authie.config.session_inactivity_timeout.ago).each(&:invalidate!)
+          # Invalidate persistent sessions that have expired
+          active.where('expires_at IS NOT NULL AND expires_at < ?', Time.now).each(&:invalidate!)
+        end
         true
       end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authie
 version: !ruby/object:Gem::Version
-  version: 4.0.0.rc9
+  version: 4.0.0
 platform: ruby
 authors:
 - Adam Cooke
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-03 00:00:00.000000000 Z
+date: 2023-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -30,194 +30,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '8.0'
-- !ruby/object:Gem::Dependency
-  name: appraisal
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.4.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 2.4.1
-- !ruby/object:Gem::Dependency
-  name: rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '8.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '8.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-core
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-expectations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-mocks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec-rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.17.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.17.0
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov-console
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: solargraph
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: sqlite3
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.4.2
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.4.2
-- !ruby/object:Gem::Dependency
-  name: timecop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: A Rails library for storing user sessions in a backend database
 email:
 - me@adamcooke.io
@@ -239,7 +51,6 @@ files:
 - lib/authie/controller_extension.rb
 - lib/authie/engine.rb
 - lib/authie/error.rb
-- lib/authie/event_manager.rb
 - lib/authie/rack_controller.rb
 - lib/authie/session.rb
 - lib/authie/session_model.rb
@@ -260,11 +71,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.3.26
 signing_key:
 specification_version: 4
 summary: A Rails library for storing user sessions in a backend database

data/lib/authie/event_manager.rb DELETED Viewed

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-module Authie
-  class EventManager
-    attr_reader :callbacks
-    def initialize
-      @callbacks = {}
-    end
-    def dispatch(event, *args)
-      callbacks = @callbacks[event.to_sym]
-      return if callbacks.nil?
-      callbacks.each do |cb|
-        cb.call(*args)
-      end
-    end
-    def on(event, &block)
-      @callbacks[event.to_sym] ||= []
-      @callbacks[event.to_sym] << block
-    end
-    def remove(event, block)
-      cb = @callbacks[event.to_sym]
-      return if cb.nil?
-      cb.delete(block)
-    end
-  end
-end