authpwn_rails 0.22.0 → 0.22.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b4d2ef2f022f0291e7f6907421c3fa9e97c7927a
-  data.tar.gz: b7e5855908c7f21b066de25fa94c718551d93ec5
+  metadata.gz: 75f430d9d34595c1fbdd30b4c8cc9ade713895c2
+  data.tar.gz: 83bf2b35d4960625b8e1dc0bca3075b6a9fec247
 SHA512:
-  metadata.gz: 8644d47e59cc1741668b00e7fd8481e83746df0f4a3b91d5a334365d4e07cee4c4caa8dfef9fccb730781aa782ab0c549ecfa0ed1f43db3f6fcc50b16c7175fc
-  data.tar.gz: d9336b5c8e5e901d85311a8ac1c79a7e99c363c4dbd3cae4f556425e4cbdb1ee4598ffd39dd902e6b6e11deb23a45395fcd3117f3b224d1cd25e397e92b6f145
+  metadata.gz: c74711682104f368df523a7583cefd7fc553f9eddbba01efc5978064f7f05fca4cc277566923cc8249d2b2748ea3c68e43ada1c44a91fd0b51ccb5b3340b4be9
+  data.tar.gz: 6c6580a0920cc7ddc3850d9ca41564f8e3a19af32ffa95a4bbd2ecea268e1b09f12cdb1384d6b51881db6c77f05f57fd3092947c2d5eeaedf9f673b426dc0980

data/Gemfile.lock

@@ -51,22 +51,24 @@ GEM
       multipart-post (>= 1.2, < 3)
     ffi2-generators (0.1.1)
     git (1.3.0)
-    github_api (0.14.5)
-      addressable (~> 2.4.0)
-      descendants_tracker (~> 0.0.4)
+    github_api (0.11.3)
+      addressable (~> 2.3)
+      descendants_tracker (~> 0.0.1)
       faraday (~> 0.8, < 0.10)
-      hashie (>= 3.4)
-      oauth2 (~> 1.0)
+      hashie (>= 1.2)
+      multi_json (>= 1.7.5, < 2.0)
+      nokogiri (~> 1.6.0)
+      oauth2
     globalid (0.3.7)
       activesupport (>= 4.1.0)
     hashie (3.4.6)
     highline (1.7.8)
     i18n (0.7.0)
-    jeweler (2.1.1)
+    jeweler (2.1.2)
       builder
       bundler (>= 1.0)
       git (>= 1.2.5)
-      github_api
+      github_api (~> 0.11.0)
       highline (>= 1.6.15)
       nokogiri (>= 1.5.10)
       rake
@@ -90,7 +92,7 @@ GEM
     multi_json (1.12.1)
     multi_xml (0.5.5)
     multipart-post (2.0.0)
-    mysql2 (0.4.4)
+    mysql2 (0.4.5)
     nio4r (1.2.1)
     nokogiri (1.6.8.1)
       mini_portile2 (~> 2.1.0)

data/VERSION

@@ -1 +1 @@
-0.22.0
+0.22.1

data/authpwn_rails.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: authpwn_rails 0.22.0 ruby lib
+# stub: authpwn_rails 0.22.1 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "authpwn_rails"
-  s.version = "0.22.0"
+  s.version = "0.22.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["Victor Costan"]
-  s.date = "2016-10-18"
+  s.date = "2016-10-23"
   s.description = "Works with Facebook."
   s.email = "victor@costan.us"
   s.extra_rdoc_files = [

data/lib/authpwn_rails/session.rb

@@ -1,16 +1,15 @@
 require 'action_controller'
+require 'active_support'
 
-# :nodoc: adds authenticates_using_session
-class ActionController::Base
-  # Keeps track of the currently authenticated user via the session.
-  #
-  # Assumes the existence of a User model. A bare ActiveModel model will do the
-  # trick. Model instances must implement id, and the model class must implement
-  # find_by_id.
-  def self.authenticates_using_session(options = {})
-    include Authpwn::ControllerInstanceMethods
-    before_action :authenticate_using_session, options
-  end
+# :nodoc: namespace
+module Authpwn
+
+# Included in ActionController::Base.
+#
+# Can be included manually in controllers that don't inherit from
+# ActionController::Base, such as rails-api controllers.
+module ControllerBaseExtensions
+  extend ActiveSupport::Concern
 
   # True for controllers belonging to the authentication implementation.
   #
@@ -19,10 +18,20 @@ class ActionController::Base
   def auth_controller?
     false
   end
-end
 
-# :nodoc: namespace
-module Authpwn
+  # Class methds on classes that include Authpwn::ControllerBaseExtensions
+  module ClassMethods
+    # Keeps track of the currently authenticated user via the session.
+    #
+    # Assumes the existence of a User model. A bare ActiveModel model will do the
+    # trick. Model instances must implement id, and the model class must implement
+    # find_by_id.
+    def authenticates_using_session(options = {})
+      include Authpwn::ControllerInstanceMethods
+      before_action :authenticate_using_session, options
+    end
+  end
+end
 
 # Included in controllers that call authenticates_using_session.
 module ControllerInstanceMethods
@@ -94,3 +103,7 @@ module ControllerInstanceMethods
 end  # module Authpwn::ControllerInstanceMethods
 
 end  # namespace Authpwn
+
+class ActionController::Base
+  include Authpwn::ControllerBaseExtensions
+end

data/lib/authpwn_rails/session_controller.rb

@@ -15,7 +15,15 @@ module SessionController
     authenticates_using_session except: [:create, :reset_password, :token]
 
     # NOTE: The Omniauth callback uses POST in some cases.
-    skip_before_action :verify_authenticity_token, only: [:omniauth]
+    begin
+      skip_before_action :verify_authenticity_token, only: [:omniauth]
+    rescue ArgumentError => e
+      # Catch the case where the controller doesn't use protect_from_forgery.
+      unless e.message.match(/:verify_authenticity_token/i) &&
+          e.message.match(/has not been defined/i)
+        raise
+      end
+    end
 
     # If set, every successful login will cause a database purge.
     class_attribute :auto_purge_sessions

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authpwn_rails
 version: !ruby/object:Gem::Version
-  version: 0.22.0
+  version: 0.22.1
 platform: ruby
 authors:
 - Victor Costan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-10-18 00:00:00.000000000 Z
+date: 2016-10-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: base32