authie 4.0.0.rc9 → 4.0.0.rc10

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f06ec249cc2efa9d4924d524769752cc9702cf017a1d0020d010e8d4a9eae9f8
4
- data.tar.gz: f056af849c503c3870f69a707a4409428d6b200cff4df73237cd21e3ca5ce2ed
3
+ metadata.gz: c2ba869656ec43ca7b92803584ad2361ad2a7c443b2b69bc7f7bac2c0e991218
4
+ data.tar.gz: 67340e7ab60e5fafb35a17a8760611d5f1c25a3ae67abf75363f7210ec3cb181
5
5
  SHA512:
6
- metadata.gz: 55baf7050e12a28da721b94764740a9267b1ea6b16cb7fe515cf306bfa695463055fae8b2aa16badf47b541f470cb6357b40611d5965d8d51c03a18f7cf985db
7
- data.tar.gz: 4853c8cafca07ec918c2d5f1e3ccfa01988432021ded6350470be15f369561aa534bc1a845521107f8e5d2a5a602d37e160a556d936b09e9b4f8573b9fa70ccb
6
+ metadata.gz: b6f3604a227d448f0d2724eb6566f83c4b665121fd3d9075691bdccd4e72370a230b4916ae1a8fd8b68fff893e81b5bd39170be2c5ebe244817fa33c5365daf7
7
+ data.tar.gz: fcde4d28afbc7bab2727150c69be0baa527a89e65bb1047159499247771b2284bec104f54bbd7adf7db52f18dacac58ab0817085d8b42ff8f07e226b201bffe6
data/lib/authie/config.rb CHANGED
@@ -1,7 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'authie/event_manager'
4
-
5
3
  module Authie
6
4
  class Config
7
5
  attr_accessor :session_inactivity_timeout
@@ -10,7 +8,6 @@ module Authie
10
8
  attr_accessor :browser_id_cookie_name
11
9
  attr_accessor :session_token_length
12
10
  attr_accessor :extend_session_expiry_on_touch
13
- attr_accessor :events
14
11
 
15
12
  def initialize
16
13
  @session_inactivity_timeout = 12.hours
@@ -19,7 +16,6 @@ module Authie
19
16
  @browser_id_cookie_name = :browser_id
20
17
  @session_token_length = 64
21
18
  @extend_session_expiry_on_touch = false
22
- @events = EventManager.new
23
19
  end
24
20
  end
25
21
 
@@ -32,5 +28,9 @@ module Authie
32
28
  block.call(config)
33
29
  config
34
30
  end
31
+
32
+ def notify(event, args = {}, &block)
33
+ ActiveSupport::Notifications.instrument("#{event}.authie", args, &block)
34
+ end
35
35
  end
36
36
  end
@@ -34,7 +34,9 @@ module Authie
34
34
  httponly: true,
35
35
  secure: @controller.request.ssl?
36
36
  }
37
- Authie.config.events.dispatch(:set_browser_id, proposed_browser_id)
37
+ Authie.notify(:set_browser_id,
38
+ browser_id: proposed_browser_id,
39
+ controller: @controller)
38
40
  end
39
41
  proposed_browser_id
40
42
  end
@@ -94,7 +94,7 @@ module Authie
94
94
  @session.requests += 1
95
95
  extend_session_expiry_if_appropriate
96
96
  @session.save!
97
- Authie.config.events.dispatch(:session_touched, self)
97
+ Authie.notify(:touch, session: self)
98
98
  self
99
99
  end
100
100
 
@@ -105,7 +105,7 @@ module Authie
105
105
  def see_password
106
106
  @session.password_seen_at = Time.now
107
107
  @session.save!
108
- Authie.config.events.dispatch(:seen_password, self)
108
+ Authie.notify(:see_password, session: self)
109
109
  self
110
110
  end
111
111
 
@@ -119,7 +119,7 @@ module Authie
119
119
  @session.two_factored_ip = @controller.request.ip
120
120
  @session.skip_two_factor = skip unless skip.nil?
121
121
  @session.save!
122
- Authie.config.events.dispatch(:marked_as_two_factor, self)
122
+ Authie.notify(:mark_as_two_factor, session: self)
123
123
  self
124
124
  end
125
125
 
@@ -130,7 +130,7 @@ module Authie
130
130
  # @return [Authie::Session]
131
131
  def start
132
132
  set_cookie
133
- Authie.config.events.dispatch(:start_session, session)
133
+ Authie.notify(:session_start, session: self)
134
134
  self
135
135
  end
136
136
 
@@ -153,7 +153,7 @@ module Authie
153
153
  httponly: true,
154
154
  expires: @session.expires_at
155
155
  }
156
- Authie.config.events.dispatch(:session_cookie_updated, self)
156
+ Authie.notify(:cookie_updated, session: session)
157
157
  true
158
158
  end
159
159
  # rubocop:enable Naming/AccessorMethodName
@@ -165,7 +165,7 @@ module Authie
165
165
  def validate_browser_id
166
166
  if cookies[:browser_id] != @session.browser_id
167
167
  invalidate
168
- Authie.config.events.dispatch(:browser_id_mismatch_error, self)
168
+ Authie.notify(:browser_id_mismatch_error, session: self)
169
169
  raise BrowserMismatch, 'Browser ID mismatch'
170
170
  end
171
171
 
@@ -175,7 +175,7 @@ module Authie
175
175
  def validate_active
176
176
  unless @session.active?
177
177
  invalidate
178
- Authie.config.events.dispatch(:invalid_session_error, self)
178
+ Authie.notify(:invalid_session_error, session: self)
179
179
  raise InactiveSession, 'Session is no longer active'
180
180
  end
181
181
 
@@ -185,7 +185,7 @@ module Authie
185
185
  def validate_expiry
186
186
  if @session.expired?
187
187
  invalidate
188
- Authie.config.events.dispatch(:expired_session_error, self)
188
+ Authie.notify(:expired_session_error, session: self)
189
189
  raise ExpiredSession, 'Persistent session has expired'
190
190
  end
191
191
 
@@ -195,7 +195,7 @@ module Authie
195
195
  def validate_inactivity
196
196
  if @session.inactive?
197
197
  invalidate
198
- Authie.config.events.dispatch(:inactive_session_error, self)
198
+ Authie.notify(:inactive_session_error, session: self)
199
199
  raise InactiveSession, 'Non-persistent session has expired'
200
200
  end
201
201
 
@@ -205,7 +205,7 @@ module Authie
205
205
  def validate_host
206
206
  if @session.host && @session.host != @controller.request.host
207
207
  invalidate
208
- Authie.config.events.dispatch(:host_mismatch_error, self)
208
+ Authie.notify(:host_mismatch_error, session: self)
209
209
  raise HostMismatch, "Session was created on #{@session.host} but accessed using #{@controller.request.host}"
210
210
  end
211
211
 
@@ -264,6 +264,7 @@ module Authie
264
264
  end
265
265
 
266
266
  delegate :hash_token, to: SessionModel
267
+ delegate :cleanup, to: SessionModel
267
268
  end
268
269
 
269
270
  # Backwards compatibility with Authie < 4.0. These methods were all available on sessions
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- require 'active_record/base'
3
+ require 'active_record'
4
4
  require 'securerandom'
5
5
  require 'authie/config'
6
6
 
@@ -136,13 +136,13 @@ module Authie
136
136
 
137
137
  # Cleanup any old sessions.
138
138
  def cleanup
139
- Authie.config.events.dispatch(:before_cleanup)
140
- # Invalidate transient sessions that haven't been used
141
- active.where('expires_at IS NULL AND last_activity_at < ?',
142
- Authie.config.session_inactivity_timeout.ago).each(&:invalidate!)
143
- # Invalidate persistent sessions that have expired
144
- active.where('expires_at IS NOT NULL AND expires_at < ?', Time.now).each(&:invalidate!)
145
- Authie.config.events.dispatch(:after_cleanup)
139
+ Authie.notify(:cleanup) do
140
+ # Invalidate transient sessions that haven't been used
141
+ active.where('expires_at IS NULL AND last_activity_at < ?',
142
+ Authie.config.session_inactivity_timeout.ago).each(&:invalidate!)
143
+ # Invalidate persistent sessions that have expired
144
+ active.where('expires_at IS NOT NULL AND expires_at < ?', Time.now).each(&:invalidate!)
145
+ end
146
146
  true
147
147
  end
148
148
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authie
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.0.rc9
4
+ version: 4.0.0.rc10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Cooke
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-05-03 00:00:00.000000000 Z
11
+ date: 2022-05-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -239,7 +239,6 @@ files:
239
239
  - lib/authie/controller_extension.rb
240
240
  - lib/authie/engine.rb
241
241
  - lib/authie/error.rb
242
- - lib/authie/event_manager.rb
243
242
  - lib/authie/rack_controller.rb
244
243
  - lib/authie/session.rb
245
244
  - lib/authie/session_model.rb
@@ -1,32 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module Authie
4
- class EventManager
5
- attr_reader :callbacks
6
-
7
- def initialize
8
- @callbacks = {}
9
- end
10
-
11
- def dispatch(event, *args)
12
- callbacks = @callbacks[event.to_sym]
13
- return if callbacks.nil?
14
-
15
- callbacks.each do |cb|
16
- cb.call(*args)
17
- end
18
- end
19
-
20
- def on(event, &block)
21
- @callbacks[event.to_sym] ||= []
22
- @callbacks[event.to_sym] << block
23
- end
24
-
25
- def remove(event, block)
26
- cb = @callbacks[event.to_sym]
27
- return if cb.nil?
28
-
29
- cb.delete(block)
30
- end
31
- end
32
- end