balrog 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d547df9399a56595525e88ceedc04c00d5cb8f85cee27416207936a073c7dd1a
-  data.tar.gz: '075180b9db86f64cc1f158d03e9b7207979b9cf0641af2d849f1cdc64b7117b8'
+  metadata.gz: 5139f44e15d64bc7e7138716bd2f94078345981281415b3ac40bf4408c8181b0
+  data.tar.gz: 014f03129ad8f39feac850621f6a581138419b6933341e09a3feae2273736b0d
 SHA512:
-  metadata.gz: 8b2232fc4ef9d7f6f520e6b38f9d495d192258429451fe664ba526f49859f089682219b998dcc0ae5f1d3170cb3943a048a5638475d7869162f2ed63b44f3612
-  data.tar.gz: b7a2f314a0b1cd7afd0ff667c2d6799f760ac0c91be8e1f204c108a2a10ffb09df9f99aa594e161168782f03926c95ae012f02b508c1e2fe62bd88e2b8169fc3
+  metadata.gz: 7cfe1ba81b99825b54f41d0116c819d968bfcac4f5a85940676e4b583dee45fb80598e06deb8126c127e2879c7ff55713eb99aac484dc4ab1b8b84a4583b7c90
+  data.tar.gz: 8ba157eb6b60d32e272f09b508883fa5a0637810e5142e9dc5368cb1bd676bacc6952d559841c4b5f57e19965ebfff5f12ea1591cdc39633c939f2b0531d5871

data/.circleci/config.yml

@@ -0,0 +1,55 @@
+version: 2.1
+
+jobs:
+  build:
+    docker:
+      - image: circleci/ruby:2.6.2-node-browsers
+
+    working_directory: ~/repo/spec/dummy-rails-app
+
+    steps:
+      - checkout:
+          path: ~/repo
+
+      # Download and cache dependencies
+      - restore_cache:
+          name: Restore Rubygems cache
+          keys:
+          - v1-rubygems-{{ checksum "Gemfile.lock" }}
+          # fallback to using the latest cache if no exact match is found
+          - v1-rubygems-
+
+      - run:
+          name: Install bundler
+          command: |
+            gem install bundler:2.0.1
+      - run:
+          name: Install Ruby dependencies
+          command: |
+            bundle install --jobs=4 --retry=3 --path vendor/bundle
+
+      - save_cache:
+          name: Save Rubygems cache
+          paths:
+            - ./vendor/bundle
+          key: v1-rubygems-{{ checksum "Gemfile.lock" }}
+
+      # run tests!
+      - run:
+          name: run tests
+          command: |
+            mkdir /tmp/test-results
+            TEST_FILES="$(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)"
+            
+            bundle exec rspec --format progress \
+                              --format RspecJunitFormatter \
+                              --out /tmp/test-results/rspec.xml \
+                              --format progress \
+                              $TEST_FILES
+
+      # collect reports
+      - store_test_results:
+          path: /tmp/test-results
+      - store_artifacts:
+          path: /tmp/test-results
+          destination: test-results

data/Gemfile.lock

@@ -1,14 +1,107 @@
 PATH
   remote: .
   specs:
-    balrog (0.1.0)
+    balrog (0.2.0)
       bcrypt (~> 3.0)
+      rails (>= 4.2)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actioncable (5.2.3)
+      actionpack (= 5.2.3)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailer (5.2.3)
+      actionpack (= 5.2.3)
+      actionview (= 5.2.3)
+      activejob (= 5.2.3)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.2.3)
+      actionview (= 5.2.3)
+      activesupport (= 5.2.3)
+      rack (~> 2.0)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (5.2.3)
+      activesupport (= 5.2.3)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    activejob (5.2.3)
+      activesupport (= 5.2.3)
+      globalid (>= 0.3.6)
+    activemodel (5.2.3)
+      activesupport (= 5.2.3)
+    activerecord (5.2.3)
+      activemodel (= 5.2.3)
+      activesupport (= 5.2.3)
+      arel (>= 9.0)
+    activestorage (5.2.3)
+      actionpack (= 5.2.3)
+      activerecord (= 5.2.3)
+      marcel (~> 0.3.1)
+    activesupport (5.2.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+    arel (9.0.0)
     bcrypt (3.1.12)
+    builder (3.2.3)
+    concurrent-ruby (1.1.5)
+    crass (1.0.4)
     diff-lcs (1.3)
+    erubi (1.8.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
+    i18n (1.6.0)
+      concurrent-ruby (~> 1.0)
+    loofah (2.2.3)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (0.3.3)
+      mimemagic (~> 0.3.2)
+    method_source (0.9.2)
+    mimemagic (0.3.3)
+    mini_mime (1.0.1)
+    mini_portile2 (2.4.0)
+    minitest (5.11.3)
+    nio4r (2.3.1)
+    nokogiri (1.10.3)
+      mini_portile2 (~> 2.4.0)
+    rack (2.0.7)
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rails (5.2.3)
+      actioncable (= 5.2.3)
+      actionmailer (= 5.2.3)
+      actionpack (= 5.2.3)
+      actionview (= 5.2.3)
+      activejob (= 5.2.3)
+      activemodel (= 5.2.3)
+      activerecord (= 5.2.3)
+      activestorage (= 5.2.3)
+      activesupport (= 5.2.3)
+      bundler (>= 1.3.0)
+      railties (= 5.2.3)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
+    railties (5.2.3)
+      actionpack (= 5.2.3)
+      activesupport (= 5.2.3)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.19.0, < 2.0)
     rake (10.5.0)
     rspec (3.8.0)
       rspec-core (~> 3.8.0)
@@ -16,13 +109,27 @@ GEM
       rspec-mocks (~> 3.8.0)
     rspec-core (3.8.0)
       rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.2)
+    rspec-expectations (3.8.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-mocks (3.8.0)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.0)
+    sprockets (3.7.2)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.1)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    thor (0.20.3)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    websocket-driver (0.7.0)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.3)
 
 PLATFORMS
   ruby

data/README.md

@@ -2,8 +2,12 @@
 
 ![Balrog logo](https://user-images.githubusercontent.com/32128719/55335192-9566a000-5492-11e9-9449-746de68fbe94.png)
 
-Balrog is a lightweight authorization library for Ruby on Rails that can
-protect your routes with a single username & password combination.
+[![Gem Version](https://badge.fury.io/rb/balrog.svg)](https://badge.fury.io/rb/balrog)
+[![CircleCI](https://circleci.com/gh/pixielabs/balrog.svg?style=svg)](https://circleci.com/gh/pixielabs/balrog)
+
+Balrog is a lightweight authorization library for Ruby on Rails written by
+[Pixie Labs](https://pixielabs.io) that can protect your routes with a single
+username & password combination.
 
 Balrog is an alternative to `http_basic_authentication_with` that provides some
 advantages:
@@ -14,11 +18,6 @@ advantages:
 * Better support for password managers (which often don't support basic
   authentication dialog boxes).
 
-## Requirements
-
-Balrog is designed to be used with Ruby on Rails applications, and has been
-tested against Ruby on Rails 5.
-
 ## Installation
 
 Add the gem to your Gemfile:
@@ -60,8 +59,44 @@ class AdminController < ApplicationController
 end
 ```
 
+## Logout button
+
+To add a logout button, you can call the `balrog_logout_button` view helper
+method and pass in a hash of HTML options to style it. After logout, the user
+will be redirected to the root of the app.
+
+For example, in your view:
+
+```erb
+<ul class='nav'>
+  <li>....</li>
+  <li><%= balrog_logout_button 'Admin Logout' %></li>
+  <li>....</li>
+</ul>
+```
+
+Other usage examples:
+
+```erb
+<%= balrog_logout_button %>
+<%= balrog_logout_button "Leave this place" %>
+<%= balrog_logout_button "Click me", class: 'fancy-button--with-custom-text' %>
+<%= balrog_logout_button class: 'fancy-button--with-default-text' %>
+```
+
+
 ## Contributing
 
+### Running the tests
+
+Tests are part of the dummy Rails app within the spec folder:
+
+```
+$ cd spec/dummy-rails-app
+$ bundle
+$ rspec
+```
+
 Before contributing, please read the [code of conduct](CODE_OF_CONDUCT.md).
 - Check out the latest master to make sure the feature hasn't been implemented
   or the bug hasn't been fixed yet.
@@ -78,7 +113,6 @@ Before contributing, please read the [code of conduct](CODE_OF_CONDUCT.md).
 ## TODO
 
  * Restricting access via `routes.rb`
- * Logout
  * Test coverage
  * Check it's OK with Ruby on Rails 6
  * Expire sessions

data/balrog.gemspec

@@ -24,6 +24,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "bcrypt", "~> 3.0"
+  spec.add_dependency "rails", ">=4.2"
 
   spec.add_development_dependency "bundler", "~> 2.0"
   spec.add_development_dependency "rake", "~> 10.0"

data/bin/console

@@ -1,7 +1,7 @@
 #!/usr/bin/env ruby
 
 require "bundler/setup"
-require "balrog"
+require_relative "../lib/balrog"
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.

data/lib/balrog.rb

@@ -1,5 +1,7 @@
-require_relative "balrog/version"
+require 'rails'
+
 module Balrog 
+  require_relative 'balrog/version'
   require_relative 'balrog/middleware'
   require_relative 'balrog/engine'
   require_relative 'balrog/rake_tasks'

data/lib/balrog/engine.rb

@@ -1,13 +1,20 @@
-require_relative 'helpers'
-
 class Balrog::Engine < Rails::Engine
-  # Make the Balrog helpers available in any controller.
-  initializer "balrog.configure_rails_initialization" do 
+  # Make authenticate_with_balrog! available.
+  initializer "balrog.action_controller" do 
     ActiveSupport.on_load(:action_controller) do
+      require_relative 'helpers'
       include Balrog::Helpers
     end
   end
 
+  # Add balrog_logout_button as a global view helper.
+  initializer "balrog.action_view" do
+    ActiveSupport.on_load(:action_view) do
+      require_relative 'view_helpers'
+      include Balrog::ViewHelpers
+    end
+  end
+
   # Precompile the Balrog assets
   initializer "balrog.assets.precompile" do |app|
     app.config.assets.precompile += %w( 

data/lib/balrog/middleware.rb

@@ -21,6 +21,8 @@ class Balrog::Middleware
     method = env["REQUEST_METHOD"]
     if method == 'POST' && path == '/balrog/signin'
       handle_login(env)
+    elsif method == "DELETE" && path == '/balrog/logout'
+      handle_logout(env)
     else
       @app.call(env)
     end
@@ -62,5 +64,10 @@ class Balrog::Middleware
     [302, {"Location" => referer}, [""]]
   end
 
+  def handle_logout(env)
+    env['rack.session'].delete(:balrog)
+    [302, {"Location" => '/'}, [""]]
+  end
+
 end
 

data/lib/balrog/version.rb

@@ -1,3 +1,3 @@
 module Balrog
-  VERSION = "0.1.0"
+  VERSION = "0.2.0"
 end

data/lib/balrog/view_helpers.rb

@@ -0,0 +1,16 @@
+# ViewHelpers methods are made available in all controllers by the code in engine.rb.
+module Balrog::ViewHelpers
+  def balrog_logout_button(options = nil, html_options = nil)
+    name = 'Logout'
+    html_options ||= {}
+    html_options[:method] = 'delete'
+
+    if options.is_a?(String)
+      name = options
+    elsif options.is_a?(Hash)
+      html_options = html_options.merge(options)
+    end 
+
+    button_to(name, '/balrog/logout', html_options)
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: balrog
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Pixie Labs
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-04-01 00:00:00.000000000 Z
+date: 2019-05-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -24,6 +24,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -74,6 +88,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".circleci/config.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -99,6 +114,7 @@ files:
 - lib/balrog/rake_tasks.rb
 - lib/balrog/tasks/generate_hash.rake
 - lib/balrog/version.rb
+- lib/balrog/view_helpers.rb
 homepage: https://github.com/pixielabs/balrog
 licenses:
 - MIT
@@ -118,7 +134,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: An alternative to HTTP basic auth