authpwn_rails 0.22.0 → 0.22.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +10 -8
- data/VERSION +1 -1
- data/authpwn_rails.gemspec +3 -3
- data/lib/authpwn_rails/session.rb +27 -14
- data/lib/authpwn_rails/session_controller.rb +9 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 75f430d9d34595c1fbdd30b4c8cc9ade713895c2
|
4
|
+
data.tar.gz: 83bf2b35d4960625b8e1dc0bca3075b6a9fec247
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c74711682104f368df523a7583cefd7fc553f9eddbba01efc5978064f7f05fca4cc277566923cc8249d2b2748ea3c68e43ada1c44a91fd0b51ccb5b3340b4be9
|
7
|
+
data.tar.gz: 6c6580a0920cc7ddc3850d9ca41564f8e3a19af32ffa95a4bbd2ecea268e1b09f12cdb1384d6b51881db6c77f05f57fd3092947c2d5eeaedf9f673b426dc0980
|
data/Gemfile.lock
CHANGED
@@ -51,22 +51,24 @@ GEM
|
|
51
51
|
multipart-post (>= 1.2, < 3)
|
52
52
|
ffi2-generators (0.1.1)
|
53
53
|
git (1.3.0)
|
54
|
-
github_api (0.
|
55
|
-
addressable (~> 2.
|
56
|
-
descendants_tracker (~> 0.0.
|
54
|
+
github_api (0.11.3)
|
55
|
+
addressable (~> 2.3)
|
56
|
+
descendants_tracker (~> 0.0.1)
|
57
57
|
faraday (~> 0.8, < 0.10)
|
58
|
-
hashie (>=
|
59
|
-
|
58
|
+
hashie (>= 1.2)
|
59
|
+
multi_json (>= 1.7.5, < 2.0)
|
60
|
+
nokogiri (~> 1.6.0)
|
61
|
+
oauth2
|
60
62
|
globalid (0.3.7)
|
61
63
|
activesupport (>= 4.1.0)
|
62
64
|
hashie (3.4.6)
|
63
65
|
highline (1.7.8)
|
64
66
|
i18n (0.7.0)
|
65
|
-
jeweler (2.1.
|
67
|
+
jeweler (2.1.2)
|
66
68
|
builder
|
67
69
|
bundler (>= 1.0)
|
68
70
|
git (>= 1.2.5)
|
69
|
-
github_api
|
71
|
+
github_api (~> 0.11.0)
|
70
72
|
highline (>= 1.6.15)
|
71
73
|
nokogiri (>= 1.5.10)
|
72
74
|
rake
|
@@ -90,7 +92,7 @@ GEM
|
|
90
92
|
multi_json (1.12.1)
|
91
93
|
multi_xml (0.5.5)
|
92
94
|
multipart-post (2.0.0)
|
93
|
-
mysql2 (0.4.
|
95
|
+
mysql2 (0.4.5)
|
94
96
|
nio4r (1.2.1)
|
95
97
|
nokogiri (1.6.8.1)
|
96
98
|
mini_portile2 (~> 2.1.0)
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.22.
|
1
|
+
0.22.1
|
data/authpwn_rails.gemspec
CHANGED
@@ -2,16 +2,16 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: authpwn_rails 0.22.
|
5
|
+
# stub: authpwn_rails 0.22.1 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "authpwn_rails"
|
9
|
-
s.version = "0.22.
|
9
|
+
s.version = "0.22.1"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib"]
|
13
13
|
s.authors = ["Victor Costan"]
|
14
|
-
s.date = "2016-10-
|
14
|
+
s.date = "2016-10-23"
|
15
15
|
s.description = "Works with Facebook."
|
16
16
|
s.email = "victor@costan.us"
|
17
17
|
s.extra_rdoc_files = [
|
@@ -1,16 +1,15 @@
|
|
1
1
|
require 'action_controller'
|
2
|
+
require 'active_support'
|
2
3
|
|
3
|
-
# :nodoc:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
before_action :authenticate_using_session, options
|
13
|
-
end
|
4
|
+
# :nodoc: namespace
|
5
|
+
module Authpwn
|
6
|
+
|
7
|
+
# Included in ActionController::Base.
|
8
|
+
#
|
9
|
+
# Can be included manually in controllers that don't inherit from
|
10
|
+
# ActionController::Base, such as rails-api controllers.
|
11
|
+
module ControllerBaseExtensions
|
12
|
+
extend ActiveSupport::Concern
|
14
13
|
|
15
14
|
# True for controllers belonging to the authentication implementation.
|
16
15
|
#
|
@@ -19,10 +18,20 @@ class ActionController::Base
|
|
19
18
|
def auth_controller?
|
20
19
|
false
|
21
20
|
end
|
22
|
-
end
|
23
21
|
|
24
|
-
#
|
25
|
-
module
|
22
|
+
# Class methds on classes that include Authpwn::ControllerBaseExtensions
|
23
|
+
module ClassMethods
|
24
|
+
# Keeps track of the currently authenticated user via the session.
|
25
|
+
#
|
26
|
+
# Assumes the existence of a User model. A bare ActiveModel model will do the
|
27
|
+
# trick. Model instances must implement id, and the model class must implement
|
28
|
+
# find_by_id.
|
29
|
+
def authenticates_using_session(options = {})
|
30
|
+
include Authpwn::ControllerInstanceMethods
|
31
|
+
before_action :authenticate_using_session, options
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
26
35
|
|
27
36
|
# Included in controllers that call authenticates_using_session.
|
28
37
|
module ControllerInstanceMethods
|
@@ -94,3 +103,7 @@ module ControllerInstanceMethods
|
|
94
103
|
end # module Authpwn::ControllerInstanceMethods
|
95
104
|
|
96
105
|
end # namespace Authpwn
|
106
|
+
|
107
|
+
class ActionController::Base
|
108
|
+
include Authpwn::ControllerBaseExtensions
|
109
|
+
end
|
@@ -15,7 +15,15 @@ module SessionController
|
|
15
15
|
authenticates_using_session except: [:create, :reset_password, :token]
|
16
16
|
|
17
17
|
# NOTE: The Omniauth callback uses POST in some cases.
|
18
|
-
|
18
|
+
begin
|
19
|
+
skip_before_action :verify_authenticity_token, only: [:omniauth]
|
20
|
+
rescue ArgumentError => e
|
21
|
+
# Catch the case where the controller doesn't use protect_from_forgery.
|
22
|
+
unless e.message.match(/:verify_authenticity_token/i) &&
|
23
|
+
e.message.match(/has not been defined/i)
|
24
|
+
raise
|
25
|
+
end
|
26
|
+
end
|
19
27
|
|
20
28
|
# If set, every successful login will cause a database purge.
|
21
29
|
class_attribute :auto_purge_sessions
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authpwn_rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.22.
|
4
|
+
version: 0.22.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Victor Costan
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-10-
|
11
|
+
date: 2016-10-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: base32
|