better_record 0.19.2 → 0.19.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2b405319c0fef778d9d17b501f38956676323948891f5d3312f99d5e8e6bf414
4
- data.tar.gz: e353080d407cf515a3263afaca719249029cc729c21a9bc93be66bd01f94038d
3
+ metadata.gz: 0633a14373cccb30674e55d090a3f7530c6be80f23e4884e38ac2a09f94d6d49
4
+ data.tar.gz: f11953ac897dfc56cdb3d2f95b094a5f61ef17c724d86df12c0446f75b625894
5
5
  SHA512:
6
- metadata.gz: 2cd804d2b4fb455d78214e7a3480d6cd2acd0e7dc22129337e1149a2ca6025f9813b4f08d491d4565ff2bc9d134cc1755c6108d92218964f6bc34457f686e64a
7
- data.tar.gz: b1535d080dec3185299b072f33135f0bd6ffdd6e9d0855ea7b8b3b28e814bb015deed9128a7f60e82769f3f74ab39a50a336efe0de4fb83292f0ccd81f4facff
6
+ metadata.gz: 81c92498fc3982a43e54ac93d0723c3ca05d3069c4c9525831b99fd6b10ddf75c7c97c13d2787e0491103c030c4394ad3fe8765190275131cd5dab0a2586720d
7
+ data.tar.gz: a4ddec5b642bf43dd6d1ce26ad4e2ef7433a58ccb729de2836e92e26b309a1c786329129ff7fa99824f2599ffdc4f602f3af388ccd63df8415580f2046c46c96
data/lib/better_record.rb CHANGED
@@ -29,6 +29,11 @@ module BetterRecord
29
29
  :certificate_session_user_method,
30
30
  :certificate_header,
31
31
  :certificate_is_hashed,
32
+ :certificate_cleaning_method,
33
+ :certificate_cleaning_send_as_arg,
34
+ :token_encryption_method,
35
+ :token_decryption_method,
36
+ :token_send_as_arg,
32
37
  ].freeze
33
38
 
34
39
  class << self
@@ -72,6 +77,11 @@ module BetterRecord
72
77
  self.certificate_session_user_method = (ENV.fetch('BR_CERTIFICATE_SESSION_USER_METHOD') { :user }).to_sym
73
78
  self.certificate_header = (ENV.fetch('BR_CERTIFICATE_HEADER') { :HTTP_X_SSL_CERT }).to_sym
74
79
  self.certificate_is_hashed = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_IS_HASHED') { false })
80
+ self.certificate_cleaning_method = (ENV.fetch('BR_CERTIFICATE_CLEANING_METHOD') { :clean_certificate }).to_sym
81
+ self.certificate_cleaning_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_CLEANING_AS_ARG') { false })
82
+ self.token_decryption_method = (ENV.fetch('BR_TOKEN_DECRYPTION_METHOD') { :to_s }).to_sym
83
+ self.token_encryption_method = (ENV.fetch('BR_TOKEN_ENCRYPTION_METHOD') { :to_s }).to_sym
84
+ self.token_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_TOKEN_AS_ARG') { false })
75
85
  end
76
86
 
77
87
  Dir.glob("#{File.expand_path(__dir__)}/better_record/*.rb").each do |d|
@@ -101,7 +101,8 @@ module BetterRecord
101
101
  data = nil
102
102
  data = session_data ? session_data.call(user) : {
103
103
  user_id: user.__send__(session_column),
104
- created_at: Time.now.to_i
104
+ created_at: Time.now.to_i,
105
+ device_id: requesting_device_id
105
106
  }
106
107
  BetterRecord::JWT.encode(data.merge(additional_headers.except(*data.keys)))
107
108
  end
@@ -111,9 +112,9 @@ module BetterRecord
111
112
  user = u_class.where.not(certificate_session_column => nil)
112
113
 
113
114
  if certificate_is_hashed
114
- user = user.find_by("#{certificate_session_column} = crypt(?, #{certificate_session_column})", cert.clean_certificate)
115
+ user = user.find_by("#{certificate_session_column} = crypt(?, #{certificate_session_column})", br_get_clean_cert(cert))
115
116
  else
116
- user = user.find_by(certificate_session_column => cert.clean_certificate)
117
+ user = user.find_by(certificate_session_column => br_get_clean_cert(cert))
117
118
  end
118
119
 
119
120
  if user
@@ -127,6 +128,16 @@ module BetterRecord
127
128
  end
128
129
  end
129
130
 
131
+ def br_get_clean_cert(certificate)
132
+ certificate_cleaning_send_as_arg ?
133
+ self.__send__(certificate_cleaning_method, certificate) :
134
+ certificate.
135
+ __send__(
136
+ certificate_cleaning_method,
137
+ *(certificate_cleaning_method_args)
138
+ )
139
+ end
140
+
130
141
  def current_user
131
142
  BetterRecord::Current.user || check_user
132
143
  end
@@ -135,19 +146,35 @@ module BetterRecord
135
146
  logged_in? ? JWT.decode(current_token).deep_symbolize_keys : {}
136
147
  end
137
148
 
149
+ def has_correct_origin?
150
+ true
151
+ end
152
+
153
+ def requesting_device_id
154
+ session[:requesting_device_id] ||= SecureRandom.uuid
155
+ end
156
+
138
157
  def logged_in?
139
- current_token.present? ||
140
- (
141
- certificate_header &&
142
- header_hash[certificate_header].present? &&
143
- create_session_from_certificate(header_hash[certificate_header])
158
+ current_token.present? || certificate_session_exists?
159
+ end
160
+
161
+ def certificate_string
162
+ @certificate_string ||= certificate_header &&
163
+ header_hash[certificate_header].presence
164
+ end
165
+
166
+ def certificate_session_exists?
167
+ !!(
168
+ certificate_string &&
169
+ has_correct_origin? &&
170
+ create_session_from_certificate(certificate_string)
144
171
  )
145
172
  end
146
173
 
147
174
  def current_token
148
175
  if use_bearer_token
149
176
  @current_token ||= authenticate_with_http_token do |token, **options|
150
- token
177
+ decrypt_token(token, options)
151
178
  end
152
179
  else
153
180
  @current_token ||= session[:current_user]
@@ -173,9 +200,22 @@ module BetterRecord
173
200
  end
174
201
 
175
202
  def set_auth_header
176
- response.set_header("AUTH_TOKEN", current_token)
203
+ response.set_header("AUTH_TOKEN", encrypt_token) if current_token.present?
204
+ end
205
+
206
+ def decrypt_token(t, **options)
207
+ token_send_as_arg ?
208
+ __send__(token_decryption_method, t, options) :
209
+ t.__send__(token_decryption_method)
177
210
  end
178
211
 
212
+ def encrypt_token
213
+ token_send_as_arg ?
214
+ __send__(token_encryption_method, current_token) :
215
+ current_token.__send__(token_encryption_method)
216
+ end
217
+
218
+
179
219
  def set_user(user)
180
220
  BetterRecord::Current.set(user, get_ip_address)
181
221
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module BetterRecord
4
- VERSION = '0.19.2'
4
+ VERSION = '0.19.4'
5
5
  end
@@ -1,25 +1,30 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module BetterRecord
4
- ##########################################################################
5
- # THE FOLLOWING SETTINGS CAN ALSO BE SET THROUGH ENVIRONMENT VARIABLES #
6
- # #
7
- # strict_booleans: BR_STRICT_BOOLEANS #
8
- # default_polymorphic_method: BR_DEFAULT_POLYMORPHIC_METHOD #
9
- # db_audit_schema: BR_DB_AUDIT_SCHEMA #
10
- # has_auditing_relation_by_default: BR_ADD_HAS_MANY #
11
- # audit_relation_name: BR_AUDIT_RELATION_NAME #
12
- # layout_template: BR_LAYOUT_TEMPLATE #
13
- # app_domain_name: APP_DOMAIN_NAME #
14
- # after_login_path: BR_AFTER_LOGIN_PATH #
15
- # use_bearer_token: BR_USE_BEARER_TOKEN #
16
- # session_column: BR_SESSION_COLUMN #
17
- # session_authenticate_method: BR_SESSION_AUTHENTICATE_METHOD #
18
- # certificate_session_column: BR_CERTIFICATE_SESSION_COLUMN #
19
- # certificate_session_user_method: BR_CERTIFICATE_SESSION_USER_METHOD #
20
- # certificate_header: BR_CERTIFICATE_HEADER #
21
- # certificate_is_hashed: BR_CERTIFICATE_IS_HASHED #
22
- ##########################################################################
4
+ ##############################################################################
5
+ # THE FOLLOWING SETTINGS CAN ALSO BE SET THROUGH ENVIRONMENT VARIABLES #
6
+ # #
7
+ # strict_booleans: BR_STRICT_BOOLEANS #
8
+ # default_polymorphic_method: BR_DEFAULT_POLYMORPHIC_METHOD #
9
+ # db_audit_schema: BR_DB_AUDIT_SCHEMA #
10
+ # has_auditing_relation_by_default: BR_ADD_HAS_MANY #
11
+ # audit_relation_name: BR_AUDIT_RELATION_NAME #
12
+ # layout_template: BR_LAYOUT_TEMPLATE #
13
+ # app_domain_name: APP_DOMAIN_NAME #
14
+ # after_login_path: BR_AFTER_LOGIN_PATH #
15
+ # use_bearer_token: BR_USE_BEARER_TOKEN #
16
+ # session_column: BR_SESSION_COLUMN #
17
+ # session_authenticate_method: BR_SESSION_AUTHENTICATE_METHOD #
18
+ # certificate_session_column: BR_CERTIFICATE_SESSION_COLUMN #
19
+ # certificate_session_user_method: BR_CERTIFICATE_SESSION_USER_METHOD #
20
+ # certificate_header: BR_CERTIFICATE_HEADER #
21
+ # certificate_is_hashed: BR_CERTIFICATE_IS_HASHED #
22
+ # certificate_cleaning_method: BR_CERTIFICATE_CLEANING_METHOD #
23
+ # certificate_cleaning_send_as_arg: BR_CERTIFICATE_CLEANING_AS_ARG #
24
+ # token_send_as_arg: BR_TOKEN_AS_ARG #
25
+ # token_encryption_method: BR_TOKEN_ENCRYPTION_METHOD #
26
+ # token_decryption_method: BR_TOKEN_DECRYPTION_METHOD #
27
+ ##############################################################################
23
28
 
24
29
  # uncomment the following line to disable three-state booleans in models
25
30
 
@@ -93,6 +98,16 @@ module BetterRecord
93
98
  # self.certificate_header = :HTTP_X_CERTIFICATE
94
99
 
95
100
  # self.certificate_is_hashed = true
101
+
102
+ # self.certificate_cleaning_method = :to_s
103
+
104
+ # self.certificate_cleaning_send_as_arg = []
105
+
106
+ # self.token_send_as_arg = false
107
+
108
+ # self.token_encryption_method = :to_s
109
+
110
+ # self.token_decryption_method = :to_s
96
111
  # end
97
112
 
98
113
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: better_record
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.19.2
4
+ version: 0.19.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sampson Crowley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-02-14 00:00:00.000000000 Z
11
+ date: 2019-03-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails