authifer 0.0.1rc1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8d5fca606d9cc2e2a117e9f453aa91bc2dccca57
+  data.tar.gz: e98a59759f13e73a33bc75cb7b56a15811a06c69
+SHA512:
+  metadata.gz: b11cd52286bbb36c085e9ee5ef3651839f3487e593f64152ec9ad88f080810096642ff518861aaa1e742609e9cae11e89a314a582ab89c924551773b2bc93a50
+  data.tar.gz: 3719253f7317fd67c26d084f91146ede71f7a57ac748442434dae7922c2fabf839ffee4933a7e0455464fc04044c10372fe2eebed0bde31bee976dddfde7014e

data/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2013 Zee Spencer
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,34 @@
+# Authifer
+
+`Trust me Authifer, I'm not half as think as you drunk I am!`
+
+One obstacles to chiseling away a monolithic application architecture is
+managing user authentication on several smaller apps.
+
+Authifer abstracts authentication into it's own application so you can focus
+your attention on adding useful features for your customers instead of managing
+user identities.
+
+## Usage
+
+Gimme a second. I'll figure it out.
+
+## Contributing
+
+We love pull requests and issues!
+
+### For enhancements
+
+Create an issue or pull request with:
+
+1. A good name
+2. Tests where applicable
+3. 
+
+### For bug fixes
+
+Create an issue with:
+
+1. Reproduction steps
+2. Stack trace if applicable
+3. Proposed fix if applicable

data/lib/authifer.rb

@@ -0,0 +1,21 @@
+require_relative 'authifer/schema'
+
+module Authifer
+  def self.connect_to_database(database_url)
+    require_relative 'authifer/app'
+    Authifer::App.set :database, database_url
+    require_relative 'authifer/user'
+  end
+
+  def self.views_path=views_path
+    @views_path = views_path
+  end
+
+  def self.views_path
+     @views_path ||= File.join(base_path, 'views')
+  end
+
+  def self.base_path
+    @base_path ||= File.join(File.dirname(File.expand_path(__FILE__)), 'authifer')
+  end
+end

data/lib/authifer/app.rb

@@ -0,0 +1,85 @@
+require 'sinatra/base'
+require 'sinatra/activerecord'
+require 'songkick/oauth2/provider'
+require_relative 'authentication_helper'
+require_relative 'renderer'
+require_relative 'oauth_helper'
+require_relative 'data_helper'
+require_relative 'paths'
+
+module Authifer
+  class App < Sinatra::Base
+    register Sinatra::ActiveRecordExtension
+
+    set :views, Authifer.views_path
+    enable :sessions
+    extend Authifer::Paths
+
+    helpers do
+      include Authifer::AuthenticationHelper
+      include Authifer::OAuthHelper
+      include Authifer::DataHelper
+      include Authifer::Paths
+
+
+      def display
+        @renderer ||= Renderer.new(self)
+      end
+
+      def redirect_url
+        @redirect_url ||= params[:redirect_url] || "/"
+      end
+    end
+
+    post users_path do
+      user = create_user(params[:user])
+      if user.persisted?
+        login(user)
+        redirect redirect_url
+      else
+        display.register(user)
+      end
+    end
+
+    get new_user_path do
+      display.register(build_user)
+    end
+
+    post sessions_path do
+      user = authenticate_user(params[:user])
+      if user.errors.empty?
+        login(user)
+        redirect redirect_url
+      else
+        display.login(user)
+      end
+    end
+
+    get new_session_path do
+      display.login(build_user)
+    end
+
+    [{ method: :get, path: delete_session_path},
+     { method: :delete, path: sessions_path    }].each do |route|
+      __send__(route[:method], route[:path]) do
+        logout
+        display.login(build_user)
+      end
+    end
+
+    before "/oauth/authorize" do
+      ensure_logged_in!
+    end
+
+    [:get, :post].each do |method|
+      __send__(method, '/oauth/token') { handle_oauth }
+      __send__(method, '/oauth/authorize') { handle_oauth }
+    end
+
+    post '/oauth/allow' do
+      @auth = Songkick::OAuth2::Provider::Authorization.new(current_user, params)
+      @auth.grant_access!
+      redirect @auth.redirect_uri, @auth.response_status
+    end
+  end
+end

data/lib/authifer/authentication_helper.rb

@@ -0,0 +1,38 @@
+module Authifer
+  module AuthenticationHelper
+    def ensure_logged_in!
+      unless logged_in?
+        @redirect_url = request.fullpath
+        halt display.login(build_user)
+      end
+    end
+
+    def current_user
+      @current_user ||= logged_in? ? find_user(id: session[:user_id]) : build_user
+    end
+
+    def login(user)
+      session[:user_id] = user.id
+    end
+
+    def logged_in?
+      !session[:user_id].nil?
+    end
+
+    def logout
+      session[:user_id] = nil
+    end
+
+    def authenticate_user(user_attributes)
+      user = find_user(email: user_attributes[:email])
+
+      user = build_user if !user
+
+      if user.password != user_attributes[:password] || user.password.nil?
+        user.errors.add(:credentials, "are invalid. We don't have any users with that email/password combination")
+      end
+
+      user
+    end
+  end
+end

data/lib/authifer/data_helper.rb

@@ -0,0 +1,15 @@
+module Authifer
+  module DataHelper
+    def find_user(attributes)
+      User.find_by(attributes)
+    end
+
+    def create_user(user_attributes)
+      User.create(user_attributes)
+    end
+
+    def build_user(attributes={})
+      User.new(attributes)
+    end
+  end
+end

data/lib/authifer/oauth_helper.rb

@@ -0,0 +1,28 @@
+module Authifer
+  module OAuthHelper
+    def resource_owner
+      @resource_owner ||= current_user.persisted? ? current_user : :implicit
+    end
+
+    def oauth2
+      @oauth2 ||= Songkick::OAuth2::Provider.parse(resource_owner, env)
+    end
+
+    def handle_oauth
+      if oauth2.redirect?
+        redirect oauth2.redirect_uri, oauth2.response_status
+      end
+
+      headers oauth2.response_headers
+      status  oauth2.response_status
+
+      if body = oauth2.response_body
+        body
+      elsif oauth2.valid?
+        erb :authorize, locals: { authorization_request: oauth2 }
+      else
+        raise "Error Will Robinson"
+      end
+    end
+  end
+end

data/lib/authifer/paths.rb

@@ -0,0 +1,23 @@
+module Authifer
+  module Paths
+    def users_path
+      "/users"
+    end
+
+    def new_user_path
+      "#{users_path}/new"
+    end
+
+    def sessions_path
+      "/sessions"
+    end
+
+    def new_session_path
+      "#{sessions_path}/new"
+    end
+
+    def delete_session_path
+      "#{sessions_path}/delete"
+    end
+  end
+end

data/lib/authifer/renderer.rb

@@ -0,0 +1,25 @@
+module Authifer
+  class Renderer
+    attr_reader :app
+
+    def initialize(app)
+      @app = app
+    end
+
+    def login(user)
+      if app.logged_in?
+        app.redirect app.redirect_url
+      else
+        app.erb :new_session, locals: { user: user }
+      end
+    end
+
+    def register(user)
+      if app.logged_in?
+        app.redirect app.redirect_url
+      else
+        app.erb :new_user, locals: { user: user }
+      end
+    end
+  end
+end

data/lib/authifer/schema.rb

@@ -0,0 +1,9 @@
+module Authifer
+  module Schema
+    def self.migrate
+      require 'songkick/oauth2/provider'
+      Songkick::OAuth2::Model::Schema.migrate
+      ActiveRecord::Migrator.up(File.join(Authifer.base_path,'schema'))
+    end
+  end
+end

data/lib/authifer/schema/20131029055507_create_users.rb

@@ -0,0 +1,8 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :email, :password_digest
+      t.timestamps
+    end
+  end
+end

data/lib/authifer/tasks.rb

@@ -0,0 +1,9 @@
+namespace :authifer do
+  namespace :db do
+    desc "Migrate up the database"
+    task :migrate do
+      require_relative 'schema'
+      Authifer::Schema.migrate
+    end
+  end
+end

data/lib/authifer/user.rb

@@ -0,0 +1,29 @@
+require 'protected_attributes'
+require 'bcrypt'
+
+module Authifer
+  class User < ActiveRecord::Base
+    include Songkick::OAuth2::Model::ResourceOwner
+    include Songkick::OAuth2::Model::ClientOwner
+
+    validates :password, confirmation: true
+    validate :password_is_set
+    validates :email, uniqueness: true
+
+    def password=password
+      @password = BCrypt::Password.create(password)
+      self.password_digest = @password
+    end
+
+    def password
+      @password ||= BCrypt::Password.new(password_digest) if password_digest
+    end
+
+    def password_is_set
+      if !password || password == ""
+        errors.add(:password, "can't be blank")
+      end
+    end
+  end
+
+end

data/lib/authifer/views/_error.erb

@@ -0,0 +1,5 @@
+<% if model.errors.has_key? field %>
+  <% model.errors.messages[field].each do |m|%>
+    <p class="error"><%= field.to_s.capitalize %> <%= m %></p>
+  <% end %>
+<% end %>

data/lib/authifer/views/_redirect_url_fields.erb

@@ -0,0 +1 @@
+<input type="hidden" name="redirect_url" value="<%=redirect_url%>" />

data/lib/authifer/views/authorize.erb

@@ -0,0 +1,9 @@
+<h2>You're about to grant access to <%= authorization_request.client.name %></h2>
+<form method="POST" action="/oauth/allow">
+  <% authorization_request.params.each do |key, value| %>
+    <input type="hidden" name="<%= key %>" value="<%= value %>">
+  <% end %>
+  <button>It's cool. I dig it</button>
+</form>
+<a href="http://calmingmanatee.com/">No thanks. I'd rather see a picture of a
+  manatee</a>

data/lib/authifer/views/layout.erb

@@ -0,0 +1,5 @@
+<!DOCTYPE html>
+<body>
+  <%= yield %>
+</body>
+</html>

data/lib/authifer/views/new_session.erb

@@ -0,0 +1,13 @@
+<div id="login_form">
+  <form method="POST" action="<%= sessions_path %>">
+    <%= erb :_error, locals: { model: user, field: :credentials } %>
+    <label>Email: <input type="email" name="user[email]" value="<%=user.email%>"></label>
+    <%= erb :_error, locals: { model: user, field: :email } %>
+
+    <label>Password: <input type="password" name="user[password]"></label>
+    <%= erb :_error, locals: { model: user, field: :password } %>
+
+    <%= erb :_redirect_url_fields %>
+    <button>Log in</button>
+  </form>
+</div>

data/lib/authifer/views/new_user.erb

@@ -0,0 +1,15 @@
+<div id="registration_form">
+  <form method="POST" action="<%= users_path %>">
+    <label>Email: <input type="email" name="user[email]" value="<%=user.email%>"></label>
+    <%= erb :_error, locals: { model: user, field: :email } %>
+
+    <label>Password: <input type="password" name="user[password]"></label>
+    <%= erb :_error, locals: { model: user, field: :password } %>
+
+    <label>Confirm Password: <input type="password" name="user[password_confirmation]"></label>
+    <%= erb :_error, locals: { model: user, field: :password_confirmation } %>
+
+    <%= erb :_redirect_url_fields %>
+    <button>Register</button>
+  </form>
+</div>

metadata

@@ -0,0 +1,230 @@
+--- !ruby/object:Gem::Specification
+name: authifer
+version: !ruby/object:Gem::Version
+  version: 0.0.1rc1
+platform: ruby
+authors:
+- Zee Spencer
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-11-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: sinatra-activerecord
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.2'
+- !ruby/object:Gem::Dependency
+  name: songkick-oauth2-provider
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.10'
+- !ruby/object:Gem::Dependency
+  name: bcrypt-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: protected_attributes
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: dotenv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pg
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Run your own Authentication provider!
+email: zee@zeespencer.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/authifer/views/_error.erb
+- lib/authifer/views/_redirect_url_fields.erb
+- lib/authifer/views/authorize.erb
+- lib/authifer/views/layout.erb
+- lib/authifer/views/new_session.erb
+- lib/authifer/views/new_user.erb
+- lib/authifer/app.rb
+- lib/authifer/authentication_helper.rb
+- lib/authifer/data_helper.rb
+- lib/authifer/oauth_helper.rb
+- lib/authifer/paths.rb
+- lib/authifer/renderer.rb
+- lib/authifer/schema/20131029055507_create_users.rb
+- lib/authifer/schema.rb
+- lib/authifer/tasks.rb
+- lib/authifer/user.rb
+- lib/authifer.rb
+- README.md
+- LICENSE
+homepage: https://github.com/makeheadspace/authifer
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>'
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Run your own Authentication provider!
+test_files: []