authlane 1.0.0 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5d433f29ea95649c1f3c82327cdf25585028d774
-  data.tar.gz: 4a2e2944a3a75b5d263ecbf74cbc55e3327df5e0
+  metadata.gz: e1d5209e59fc6178372d91056feaa7f88db1c320
+  data.tar.gz: 03b19e3f8ccffee0f4d3452f4eb4a398f94c9913
 SHA512:
-  metadata.gz: 070797815dead62c30f657efc56c5dfb3abdf8f0c792d68062469dcb67de9480907b204391a62b2a48bcf85e08f18e017b290fda9787bc0b3f6bd29bf762a280
-  data.tar.gz: f2191d60b1b6f4e4f6acdf7f393c9e9bbf375a7214edd0ff986f2183f4f7f513c9bb4e8508ddb73355b6491007c9ac41528a77dcbdc80e86b93bb02e0b12417c
+  metadata.gz: 62780ea9f8bf9756688a915d84718f2da5326c042467e3fa4cca395b77e6d6fad7ec6cb132237b1e6a23240e19cd5e6f9284924eaee22fff75c94cb63a5719bd
+  data.tar.gz: 52c700e8b936048bdd8c8c2d992b20527226dc52301e1579be95b1a34b025496d2f59d23ce1f698a7e08f47f99464debdcd68b511c98d2cf731df5f174d1494a

data/README.md

@@ -4,7 +4,47 @@ The **AuthLane** Sinatra Extension allows easy User authentication with support
 
 The actual authentication logic (*strategy*) is defined by the Application using a namespaced DSL provided by this extension, while the general Extension configuration is handled with Sinatra's `set` method, which will be described in more detail below.
 
-# Configuring *AuthLane*
+## Setting up *Sinatra*
+
+**AuthLane** utilizes the standard Sinatra Extension format for *classic*-style applications:
+
+```
+require 'sinatra'
+require 'sinatra/authlane'
+
+get '/user' do
+  protect!
+
+  # Application stuff for signed in users ....
+end
+```
+
+As well as `modular`-style applications:
+
+```
+require 'sinatra/base'
+require 'sinatra/cookies'
+require 'sinatra/authlane'
+
+class App < Sinatra::Base
+  register Sinatra::AuthLane
+  helpers Sinatra::Cookies
+
+  get '/user' do
+    protect!
+
+    # Application stuff for signed in users ....
+  end
+end
+ ```
+
+Both setups however require a separate **Session** *Rack middleware*, like `Rack::Session::Cookies`, which you need to provide for your *Sinatra* application (refer to [Sinatra's documentation](http://www.sinatrarb.com/intro.html#Using%20Sessions) on using Sessions).
+
+> **Note:** The inclusion of `sinatra/cookies` helper methods is a requirement by *AuthLane*, which currently it - at least when used modular - does not do automatically.
+
+## Configuring *AuthLane*
+
+### General configuration values
 
 **AuthLane**'s configuration data is available under Sinatra's `settings` object with the key `:authlane` as a Hash, so changing config values is simply done with Sinatra's `set` method.
 
@@ -16,23 +56,23 @@ The following settings can be customize (the used values are their defaults):
 
 ```
 set :authlane, :failed_route    => '/user/unauthorized',
-              :session_key     => :authlane,
-              :remember_cookie => :authlane_token,
-              :serialize_user  => [:id]
+               :session_key     => :authlane,
+               :remember_cookie => :authlane_token,
+               :serialize_user  => [:id]
 ```
 
-### `:failed_route`
+#### `:failed_route`
 
-The `:failed_route` sets the route String, where AuthLane should redirect to in case a route requires authorisation and the User ist not logged in. It typically is the route to display the login form, but can be set to anything that is needed, as long the it is not protected by authorisation as well.
+The `:failed_route` sets the route String, where AuthLane should redirect to in case a route requires authorization and the User is not logged in. It typically is the route to display the login form, but can be set to anything that is needed, as long the it is not protected by authorization as well.
 
-### `:seession_key`
+#### `:session_key`
 
 The `:session_key` sets the name (as a Symbol) of the Session variable where User credentials of a logged in User are stored. The stored User data are wrapped inside a `SerializedUser` object and can be retrieved by using Sinatra's `session` helper and giving it the key that is defined here `session[:authlane]`. Alternatively, the AuthLane Helper exposes the method `current_user` to provide easy access to User data.
 
-### `:remember_cookie`
+#### `:remember_cookie`
 
-Customize the Cookie's name that stores the token hash used for the *Remember Me* functionality. The setting (and creation) of the token needs to be implemented by the Extension user in both the Auth and Remember Strategy.
+Customize the Cookie's name that stores the token hash used for the *Remember Me* functionality. The setting (and creation) of the token needs to be implemented by the Extension user in both the *auth* and *remember* strategy.
 
-### `:serialize_user`
+#### `:serialize_user`
 
-The `:serialized_user` settings contains an Array of Symbols telling AuthLane which attributes of the User model that is used to identify Application useres should be serialized into `SerializedUser`. It is recommended to not store the whole User object, but note that the *id* (or however the unique identifier of the object is named) attribute is required.
+The `:serialized_user` settings contains an Array of Symbols telling AuthLane which attributes of the User model that is used to identify Application users should be serialized into `SerializedUser`. It is recommended to not store the whole User object, but note that the *id* (or however the unique identifier of the object is named) attribute is required.

data/authlane.gemspec

@@ -8,9 +8,11 @@ Gem::Specification.new do |spec|
   spec.version       = Authlane::VERSION
   spec.authors       = ['Patrick Lam']
   spec.email         = ['zidizei@gmail.com']
-  spec.summary       = 'Easy User authentication and roles for Sinatra.'
-  spec.description   = 'The AuthLane Sinatra Extension allows easy User authentication with support for different User roles.'
-  spec.homepage      = ''
+  spec.summary       = 'Simple User authentication and roles for Sinatra.'
+  spec.description   = <<-EOF
+    The AuthLane Sinatra Extension allows simple User authentication with support
+    for different User roles. It comes with Sinatra helpers for easy integration into routes.
+  EOF
   spec.license       = 'MIT'
 
   spec.files         = `git ls-files -z`.split("\x0")
@@ -18,11 +20,13 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(/^(test|spec|features)\//)
   spec.require_paths = ['lib']
 
+  spec.required_ruby_version = '>= 2.0.0'
+
   spec.add_dependency 'sinatra'
   spec.add_dependency 'sinatra-contrib'
 
   spec.add_development_dependency 'bundler', '~> 1.5'
   spec.add_development_dependency 'rake', '~> 10.1'
   spec.add_development_dependency 'rspec', '~> 2.6'
-  spec.add_development_dependency 'yard'
+  spec.add_development_dependency 'yard', '~> 0.8'
 end

data/lib/authlane/helper.rb

@@ -75,7 +75,8 @@ module Sinatra
         # we're home, otherwise, see if the 'Remember Me' strategy
         # can come up with some User credentials.
         if session[settings.authlane[:session_key]].nil?
-          remember_strat = self.instance_eval(&settings.authlane[:remember_strategy])
+          remember_token = cookies[settings.authlane[:remember_cookie]]
+          remember_strat = self.instance_exec(remember_token, &settings.authlane[:remember_strategy])
 
           if remember_strat
             user = Sinatra::AuthLane::SerializedUser.new(remember_strat, settings.authlane[:serialize_user])

data/lib/authlane/serializeduser.rb

@@ -24,7 +24,11 @@ module Sinatra
           @user = Hash.new
 
           attributes.each do |attrs|
-            @user[attrs] = user.__send__(attrs.to_sym) if user.respond_to? attrs
+            if user.respond_to? attrs
+              @user[attrs] = user.__send__(attrs.to_sym)
+            elsif user.is_a?(Hash) and user.key? attrs
+              @user[attrs] = user[attrs]
+            end
           end
         end
       end
@@ -63,7 +67,11 @@ module Sinatra
       ##
       # Return a Hash representing the serialized object's attributes and values.
       #
-      # If the whole Object was stored its `to_h` will be called.
+      # If the whole Object that was stored is a Hash itself, its `to_h` will be called.
+      # Otherwise, the Object's instance methods are called and mapped to a Hash. This is
+      # only the case when the passed user object is not a Hash and no specific **attributes**
+      # for storage are set (see {#initialize})
+      #
       # In either case, attribute names can be accessed by Symbol or String
       # key alike.
       #
@@ -71,7 +79,16 @@ module Sinatra
       #
       def to_h
         universal_hash = Hash.new
-        hash = @user.to_h
+
+        if @user.is_a? Hash
+          hash = @user.to_h
+        else
+          hash = {}
+          @user.class.instance_methods(false).each do |key|
+            hash[key] = @user.__send__ key
+          end
+        end
+
         hash.each_pair do |key, value|
           universal_hash[key.to_s] = value if key.is_a? Symbol
 

data/lib/authlane/version.rb

@@ -2,5 +2,5 @@
 module Authlane
   ##
   # Current AuthLane version number.
-  VERSION = '1.0.0'
+  VERSION = '1.2.0'
 end

data/lib/sinatra/authlane.rb

@@ -42,7 +42,7 @@ module Sinatra
   # to display the login form, but can be set to anything that is needed, as long the it is
   # not protected by authorisation as well.
   #
-  # ## `:seession_key`
+  # ## `:session_key`
   #
   # The `:session_key` sets the name (as a Symbol) of the Session variable where User credentials of a logged in
   # User are stored. The stored User data are wrapped inside a {Sinatra::AuthLane::SerializedUser SerializedUser}
@@ -84,7 +84,7 @@ module Sinatra
       app.set :authlane,
         :failed_route      => '/user/unauthorized',   # route to redirect to if the user is required to login
         :session_key       => :authlane,              # name of the Session key to store the login data
-        :remember_cookie   => :authlane_token,        # Cookie name to store 'Remember Me' token
+        :remember_cookie   => :'authlane.token',      # Cookie name to store 'Remember Me' token
         :auth_strategy     => Proc.new { false },     # strategy to be executed to log in users
         :role_strategy     => Proc.new { true },      # strategy to be executed to check permissions and roles
         :remember_strategy => Proc.new { false },     # strategy to be executed to log in users via 'Remember Me' token
@@ -166,12 +166,11 @@ module Sinatra
       # required by the implemented strategy to follow these to be usable by AuthLane.
       #
       # @note The **Remember** Strategy is only responsible for automatically logging in a user.
-      #   The necessary Cookie token (or whatever technique) is usually set in the **Auth** Strategy.
+      #   The necessary Cookie token (plus any additional logic) is usually set in the **Auth** Strategy.
       #
       # @example
-      #   Sinatra::AuthLane.create_remember_strategy do
-      #     remember_token  = cookies[:authlane_token]
-      #     remembered_user = User.find_by_token(remember_token)
+      #   Sinatra::AuthLane.create_remember_strategy do |token|
+      #     remembered_user = User.find_by_token(token)
       #
       #     (remembered_user.nil?) ? false : remembered_user
       #   end

data/spec/authlane_helper_spec.rb

@@ -1,14 +1,19 @@
-require File.expand_path '../helper.rb', __FILE__
+require File.expand_path '../spec_helper.rb', __FILE__
 
 describe Sinatra::AuthLane::Helpers do
   before :all do
+    build_rack_test_session 'rspec'
+
     mock_app do
       helpers Sinatra::Cookies
       register Sinatra::AuthLane
 
       use Rack::Session::Cookie, :secret => 'rspec'
 
-      Sinatra::AuthLane.create_auth_strategy { { id: 1 } }
+      Sinatra::AuthLane.create_auth_strategy do
+        cookies[:'authlane.token'] = 'rspec'
+        { id: '1' }
+      end
 
       get '/protected' do
         protect!
@@ -35,13 +40,30 @@ describe Sinatra::AuthLane::Helpers do
       get '/user' do
         protect!
         user = current_user
-        user
+        user[:id]
       end
     end
   end
 
+  before :each do
+    clear_cookies
+  end
+
+
+  it "should authorize a User" do
+    get '/authorize'
+    last_response.should be_ok
+  end
+
+  it "should remember a User by setting the token cookie" do
+    expect(rack_mock_session.cookie_jar['authlane.token']).to be(nil)
+    get '/authorize'
+    expect(rack_mock_session.cookie_jar['authlane.token']).to eq('rspec')
+  end
+
   it "should be able to recognize authorized states" do
-    get '/authorized', {}, { 'rack.session' => { authlane: { id: 1 } } }
+    get '/authorize'
+    get '/authorized'
     expect(last_response.body).to eq('authorized')
   end
 
@@ -55,23 +77,33 @@ describe Sinatra::AuthLane::Helpers do
     expect(last_response.headers['location']).to eq('http://example.org/user/unauthorized')
   end
 
-  it "should display protected route when logged in" do
-    get '/protected', {}, { 'rack.session' => { authlane: '1' } }
-    last_response.should be_ok
-  end
-
-  it "should authorize a User" do
+  it "should show protected route when logged in" do
     get '/authorize'
+    get '/protected'
     last_response.should be_ok
   end
 
   it "should unauthorize a User" do
-    get '/unauthorize', {}, { 'rack.session' => { authlane: '1' } }
+    get '/authorize'
+    get '/authorized'
+    expect(last_response.body).to eq('authorized')
+    get '/unauthorize'
     expect(last_response.headers['location']).to eq('http://example.org/user/unauthorized')
+    get '/authorized'
+    expect(last_response.body).to eq('unauthorized')
+  end
+
+  it "should forget a User's remember token" do
+    get '/authorize'
+    expect(rack_mock_session.cookie_jar['authlane.token']).to eq('rspec')
+
+    get '/unauthorize'
+    expect(rack_mock_session.cookie_jar['authlane.token']).to eq('')
   end
 
   it "should be able to get the current User's serialized credentials" do
-    get '/user', {}, { 'rack.session' => { authlane: '1' } }
+    get '/authorize'
+    get '/user'#, {}, { 'rack.session' => { authlane: '1' } }
     expect(last_response.body).to eq('1')
   end
 end

data/spec/authlane_serializeduser_spec.rb

@@ -1,38 +1,56 @@
-require File.expand_path '../helper.rb', __FILE__
+require File.expand_path '../spec_helper.rb', __FILE__
 
 describe Sinatra::AuthLane::SerializedUser do
-  def mock_user
-    Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' })
+  class MockUser
+    def id
+      1
+    end
+
+    def name
+      'rspec'
+    end
   end
 
   it 'can be accessed like a Hash' do
-    user = mock_user
+    user = Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' })
     user.should respond_to(:[])
     user[:id].should eql(1)
     user[:name].should eql('rspec')
   end
 
   it 'can be accessed like an Object' do
-    user = mock_user
+    user = Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' })
     user.should respond_to(:method_missing)
     user.id.should eql(1)
     user.name.should eql('rspec')
   end
 
   it 'should return Hash of the serialized User object' do
-    user = mock_user
+    user = Sinatra::AuthLane::SerializedUser.new(MockUser.new)
     user.to_h.should be_a(Hash)
   end
 
   it 'should return Hash of the serialized User object with String keys' do
-    user = mock_user.to_h
+    user = Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' }).to_h
     user['id'].should eql(1)
     user['name'].should eql('rspec')
   end
 
   it 'should return Hash of the serialized User object with Symbol keys' do
-    user = mock_user.to_h
+    user = Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' }).to_h
     user[:id].should eql(1)
     user[:name].should eql('rspec')
   end
+
+  it 'can serialize specific attribute names from a Hash' do
+    user = Sinatra::AuthLane::SerializedUser.new({ id: 1, name: 'rspec' }, [:id])
+    user[:id].should eql(1)
+    user[:name].should be(nil)
+  end
+
+  it 'can serialize specific attribute names from an Object' do
+    user = Sinatra::AuthLane::SerializedUser.new(MockUser.new, [:id])
+    user[:id].should eql(1)
+    user[:name].should be(nil)
+  end
 end

data/spec/sinatra_authlane_spec.rb

@@ -1,4 +1,4 @@
-require File.expand_path '../helper.rb', __FILE__
+require File.expand_path '../spec_helper.rb', __FILE__
 
 describe Sinatra::AuthLane do
   def strategy(type, &block)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authlane
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Patrick Lam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-01-08 00:00:00.000000000 Z
+date: 2015-01-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
@@ -84,18 +84,19 @@ dependencies:
   name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: The AuthLane Sinatra Extension allows easy User authentication with support
-  for different User roles.
+        version: '0.8'
+description: |2
+      The AuthLane Sinatra Extension allows simple User authentication with support
+      for different User roles. It comes with Sinatra helpers for easy integration into routes.
 email:
 - zidizei@gmail.com
 executables: []
@@ -115,9 +116,9 @@ files:
 - lib/sinatra/authlane.rb
 - spec/authlane_helper_spec.rb
 - spec/authlane_serializeduser_spec.rb
-- spec/helper.rb
 - spec/sinatra_authlane_spec.rb
-homepage: ''
+- spec/spec_helper.rb
+homepage: 
 licenses:
 - MIT
 metadata: {}
@@ -129,7 +130,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -137,13 +138,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.1
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
-summary: Easy User authentication and roles for Sinatra.
+summary: Simple User authentication and roles for Sinatra.
 test_files:
 - spec/authlane_helper_spec.rb
 - spec/authlane_serializeduser_spec.rb
-- spec/helper.rb
 - spec/sinatra_authlane_spec.rb
+- spec/spec_helper.rb
 has_rdoc: