authorio 0.8.0 → 0.8.4

data/config/routes.rb

@@ -1,7 +1,17 @@
+# frozen_string_literal: true
+
 Authorio::Engine.routes.draw do
-	get Authorio.configuration.authorization_endpoint, controller: 'auth', action: 'authorization_interface'
-	post Authorio.configuration.authorization_endpoint, controller: 'auth', action: 'send_profile'
-	post '/authorize_user', controller: 'auth', action: 'authorize_user'
-	get Authorio.configuration.token_endpoint, controller: 'auth', action: 'verify_token'
-	post Authorio.configuration.token_endpoint, controller: 'auth', action: 'issue_token'
+  root to: 'authorio#index'
+
+  get Authorio.configuration.authorization_endpoint, controller: 'auth', action: 'authorization_interface'
+  resources :users, only: %i[show edit update]
+  post 'user/authorize', to: 'auth#authorize_user', as: 'authorize_user'
+  resource :session, only: %i[new create]
+  get 'session', to: 'sessions#destroy', as: 'logout'
+  get 'user/(:id)/verify', to: 'users#verify', as: 'verify_user'
+  defaults format: :json do
+    post Authorio.configuration.authorization_endpoint, controller: 'auth', action: 'send_profile'
+    get Authorio.configuration.token_endpoint, controller: 'auth', action: 'verify_token'
+    post Authorio.configuration.token_endpoint, controller: 'auth', action: 'issue_token'
+  end
 end

data/db/migrate/20210723161041_add_expiry_to_tokens.rb

@@ -0,0 +1,5 @@
+class AddExpiryToTokens < ActiveRecord::Migration[6.1]
+  def change
+    add_column :authorio_tokens, :expires_at, :datetime
+  end
+end

data/db/migrate/20210726164625_create_authorio_sessions.rb

@@ -0,0 +1,12 @@
+class CreateAuthorioSessions < ActiveRecord::Migration[6.1]
+  def change
+    create_table :authorio_sessions do |t|
+      t.references :authorio_user, null: false, foreign_key: true
+      t.string :selector
+      t.string :hashed_token
+      t.datetime :expires_at
+      t.timestamps
+    end
+  end
+end
+

data/db/migrate/20210801184120_add_profile_to_users.rb

@@ -0,0 +1,8 @@
+class AddProfileToUsers < ActiveRecord::Migration[6.1]
+  def change
+    add_column :authorio_users, :email, :string
+    add_column :authorio_users, :full_name, :string
+    add_column :authorio_users, :url, :string
+    add_column :authorio_users, :photo, :string
+  end
+end

data/db/migrate/20210817010101_change_path_to_username_in_users.rb

@@ -0,0 +1,7 @@
+class ChangePathToUsernameInUsers < ActiveRecord::Migration[6.1]
+  def change
+    change_table :authorio_users do |t|
+      t.rename :profile_path, :username
+    end
+  end
+end

data/lib/authorio/configuration.rb

@@ -1,12 +1,17 @@
-module Authorio
-	class Configuration
+# frozen_string_literal: true
 
-		attr_accessor :authorization_endpoint, :token_endpoint, :mount_point
+module Authorio
+  class Configuration
+    attr_accessor :authorization_endpoint, :token_endpoint, :mount_point, :token_expiration,
+                  :local_session_lifetime, :multiuser
 
-		def initialize
-			@authorization_endpoint = "auth"
-			@token_endpoint = "token"
-			@mount_point = "authorio"
-		end
-	end
+    def initialize
+      @authorization_endpoint = 'auth'
+      @token_endpoint = 'token'
+      @mount_point = 'authorio'
+      @token_expiration = 4.weeks
+      @local_session_lifetime = nil
+      @multiuser = false
+    end
+  end
 end

data/lib/authorio/engine.rb

@@ -1,14 +1,17 @@
+# frozen_string_literal: true
+
 module Authorio
   class Engine < ::Rails::Engine
-		isolate_namespace Authorio
-
-		initializer "authorio.load_helpers" do |app|
-			ActionController::Base.send :include, Authorio::Helpers
-		end
+    isolate_namespace Authorio
 
-		initializer "authorio.assets.precompile" do |app|
-			app.config.assets.precompile += %w( authorio/auth.css )
-		end
+    initializer 'authorio.load_helpers' do
+      Rails.application.reloader.to_prepare do
+        ActionView::Base.send :include, Authorio::TagHelper
+      end
+    end
 
+    initializer 'authorio.assets.precompile' do |app|
+      app.config.assets.precompile += %w[authorio/auth.css authorio/application.css]
+    end
   end
 end

data/lib/authorio/exceptions.rb

@@ -1,5 +1,22 @@
+# frozen_string_literal: true
+
 module Authorio
-	module Exceptions
-		class InvalidGrant < RuntimeError; end
-	end
+  module Exceptions
+    class InvalidGrant < RuntimeError; end
+
+    class InvalidPassword < RuntimeError; end
+
+    class SessionReplayAttack < StandardError
+      attr_accessor :session
+
+      def initialize(session)
+        super("Session replay attack on user account #{session.authorio_user.id}")
+        @session = session
+      end
+    end
+
+    class UserNotFound < StandardError; end
+
+    class TokenExpired < StandardError; end
+  end
 end

data/lib/authorio/routes.rb

@@ -1,9 +1,12 @@
-module ActionDispatch::Routing
-	class Mapper
+# frozen_string_literal: true
 
-		# Provide a custom mounting command, just so we can track our own mount point
-		def authorio_routes
-			mount Authorio::Engine, at: Authorio.configuration.mount_point
-		end
-	end
+module ActionDispatch
+  module Routing
+    class Mapper
+      # Provide a custom mounting command, just so we can track our own mount point
+      def authorio_routes
+        mount Authorio::Engine, at: Authorio.configuration.mount_point
+      end
+    end
+  end
 end

data/lib/authorio/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Authorio
-  VERSION = '0.8.0'
+  VERSION = '0.8.4'
 end

data/lib/authorio.rb

@@ -1,27 +1,21 @@
-require "authorio/version"
-require "authorio/engine"
-require "authorio/configuration"
-require "authorio/routes"
-require "authorio/exceptions"
+# frozen_string_literal: true
 
-module Authorio
-	class << self
-		attr_accessor :configuration, :authorization_path
-	end
+Dir[File.join(__dir__, 'authorio', '*.rb')].sort.each { |f| require f }
 
-	def self.configuration
-		@configuration ||= Configuration.new
- 	end
+module Authorio
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
 
-  	def self.configure
-		yield configuration
-	end
+  def self.configure
+    yield configuration
+  end
 
-	def self.authorization_path
-		return [Authorio.configuration.mount_point, Authorio.configuration.authorization_endpoint].join("/")
-	end
+  def self.authorization_path
+    [Authorio.configuration.mount_point, Authorio.configuration.authorization_endpoint].join('/')
+  end
 
-	def self.token_path
-		return [Authorio.configuration.mount_point, Authorio.configuration.token_endpoint].join("/")
-	end
+  def self.token_path
+    [Authorio.configuration.mount_point, Authorio.configuration.token_endpoint].join('/')
+  end
 end

data/lib/generators/authorio/install/install_generator.rb

@@ -1,17 +1,17 @@
+# frozen_string_literal: true
+
 module Authorio
   class InstallGenerator < Rails::Generators::Base
-
     def self.source_paths
       paths = []
       paths << File.expand_path('../templates', "../../#{__FILE__}")
       paths << File.expand_path('../templates', "../#{__FILE__}")
-      paths << File.expand_path('../templates', __FILE__)
+      paths << File.expand_path('templates', __dir__)
       paths.flatten
     end
 
     def add_files
       template 'authorio.rb', 'config/initializers/authorio.rb'
     end
-
   end
 end

data/lib/generators/authorio/install/templates/authorio.rb

@@ -1,15 +1,29 @@
+# frozen_string_literal: true
+
 # Configuration for Authorio IndieAuth authentication
 
 Authorio.configure do |config|
+  # Mount point for Authorio URLs. Typically you would call this in your routes.rb
+  # as mount Authorio::Engine, at: mount_point
+  # But Authorio needs to know its own mount point, so we define it here and use a custom mount command in the config
+  # config.mount_point = "authorio"
+
+  # The path where clients will be redirected to provide authentication
+  # config.authorization_endpoint = "auth"
+
+  # The path for token requests
+  # config.token_endpoint = "token"
 
-	# Mount point for Authorio URLs. Typically you would call this in your routes.rb
-	# as mount Authorio::Engine, at: mount_point
-	# But Authorio needs to know its own mount point, so we define it here and use a custom mount command in the config
-	# config.mount_point = "authorio"
+  # Set to true to enable multiple user accounts. By default (in single user mode)
+  # there is only one user, and therefore you do not need to enter a username
+  # config.multiuser = false
 
-	# The path where clients will be redirected to provide authentication
-	# config.authorization_endpoint = "auth"
+  # How long tokens will last before expiring
+  # config.token_expiration = 4.weeks
 
-	# The path for token requests
-	# config.token_endpoint = "token"
+  # Enable local session lifetime to keep yourself "logged in" to your own server
+  # If set to eg:
+  #  config.local_session_lifetime = 30.days
+  # then you will only have to enter your password every 30 days. Default is off (nil)
+  # config.local_session_lifetime = nil
 end

data/lib/tasks/authorio_tasks.rake

@@ -1,18 +1,19 @@
+# frozen_string_literal: true
+
 namespace :authorio do
-	desc "Set password for initial Authorio user"
-	require 'io/console'
+  desc 'Set password for initial Authorio user'
+  require 'io/console'
 
-	def input_no_echo(prompt)
-		print("\n#{prompt}")
-		STDIN.noecho(&:gets).chop
-	end
+  def input_no_echo(prompt)
+    print("\n#{prompt}")
+    $stdin.noecho(&:gets).chop
+  end
 
-	task :password => :environment do
-		passwd = input_no_echo("Enter new password: ")
-		passwd_confirm = input_no_echo("Confirm password: ")
-		user = Authorio::User.
-			create_with(password: passwd, password_confirmation:passwd_confirm).
-			find_or_create_by!(profile_path: '/')
-		puts("\nPassword set")
-	end
+  task password: :environment do
+    passwd = input_no_echo('Enter new password: ')
+    passwd_confirm = input_no_echo('Confirm password: ')
+    Authorio::User.create_with(password: passwd, password_confirmation: passwd_confirm)
+                  .find_or_create_by!(profile_path: '/')
+    puts("\nPassword set")
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authorio
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.8.4
 platform: ruby
 authors:
 - Michael Meckler
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-07-11 00:00:00.000000000 Z
+date: 2021-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -34,73 +34,87 @@ dependencies:
   name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: jbuilder
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: factory_bot_rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '11.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-description: Rails engine to add IndieAuth authentication endpoiont functionality
+        version: '11.0'
+description: Rails engine to add IndieAuth authentication endpoint functionality
 email:
 - rattroupe@reiterate-app.com
 executables: []
@@ -113,22 +127,36 @@ files:
 - app/assets/config/authorio_manifest.js
 - app/assets/stylesheets/authorio/application.css
 - app/assets/stylesheets/authorio/auth.css
-- app/controllers/authorio/application_controller.rb
 - app/controllers/authorio/auth_controller.rb
-- app/controllers/authorio/helpers.rb
-- app/helpers/authorio/application_helper.rb
-- app/helpers/authorio/test_helper.rb
+- app/controllers/authorio/authorio_controller.rb
+- app/controllers/authorio/sessions_controller.rb
+- app/controllers/authorio/users_controller.rb
+- app/helpers/authorio/tag_helper.rb
 - app/jobs/authorio/application_job.rb
 - app/models/authorio/application_record.rb
 - app/models/authorio/request.rb
+- app/models/authorio/session.rb
 - app/models/authorio/token.rb
 - app/models/authorio/user.rb
 - app/views/authorio/auth/authorization_interface.html.erb
-- app/views/layouts/authorio/application.html.erb
+- app/views/authorio/auth/issue_token.json.jbuilder
+- app/views/authorio/auth/send_profile.json.jbuilder
+- app/views/authorio/auth/verify_token.json.jbuilder
+- app/views/authorio/sessions/new.html.erb
+- app/views/authorio/users/_profile.json.jbuilder
+- app/views/authorio/users/edit.html.erb
+- app/views/authorio/users/show.html.erb
+- app/views/authorio/users/verify.html.erb
+- app/views/layouts/authorio/main.html.erb
+- app/views/shared/_login_form.html.erb
 - config/routes.rb
 - db/migrate/20210627230156_create_authorio_users.rb
 - db/migrate/20210627230416_create_authorio_requests.rb
 - db/migrate/20210707230416_create_authorio_tokens.rb
+- db/migrate/20210723161041_add_expiry_to_tokens.rb
+- db/migrate/20210726164625_create_authorio_sessions.rb
+- db/migrate/20210801184120_add_profile_to_users.rb
+- db/migrate/20210817010101_change_path_to_username_in_users.rb
 - lib/authorio.rb
 - lib/authorio/configuration.rb
 - lib/authorio/engine.rb
@@ -138,12 +166,12 @@ files:
 - lib/generators/authorio/install/install_generator.rb
 - lib/generators/authorio/install/templates/authorio.rb
 - lib/tasks/authorio_tasks.rake
-homepage: https://rubygems.org/gems/authorio
+homepage: 
 licenses:
 - MIT
 metadata:
-  homepage_uri: https://rubygems.org/gems/authorio
   source_code_uri: https://github.com/reiterate-app/authorio
+  changelog_uri: https://github.com/reiterate-app/authorio/blob/master/CHANGELOG.md
 post_install_message: 
 rdoc_options: []
 require_paths: