better_record 0.19.2 → 0.19.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2b405319c0fef778d9d17b501f38956676323948891f5d3312f99d5e8e6bf414
4
- data.tar.gz: e353080d407cf515a3263afaca719249029cc729c21a9bc93be66bd01f94038d
3
+ metadata.gz: 0633a14373cccb30674e55d090a3f7530c6be80f23e4884e38ac2a09f94d6d49
4
+ data.tar.gz: f11953ac897dfc56cdb3d2f95b094a5f61ef17c724d86df12c0446f75b625894
5
5
  SHA512:
6
- metadata.gz: 2cd804d2b4fb455d78214e7a3480d6cd2acd0e7dc22129337e1149a2ca6025f9813b4f08d491d4565ff2bc9d134cc1755c6108d92218964f6bc34457f686e64a
7
- data.tar.gz: b1535d080dec3185299b072f33135f0bd6ffdd6e9d0855ea7b8b3b28e814bb015deed9128a7f60e82769f3f74ab39a50a336efe0de4fb83292f0ccd81f4facff
6
+ metadata.gz: 81c92498fc3982a43e54ac93d0723c3ca05d3069c4c9525831b99fd6b10ddf75c7c97c13d2787e0491103c030c4394ad3fe8765190275131cd5dab0a2586720d
7
+ data.tar.gz: a4ddec5b642bf43dd6d1ce26ad4e2ef7433a58ccb729de2836e92e26b309a1c786329129ff7fa99824f2599ffdc4f602f3af388ccd63df8415580f2046c46c96
data/lib/better_record.rb CHANGED
@@ -29,6 +29,11 @@ module BetterRecord
29
29
  :certificate_session_user_method,
30
30
  :certificate_header,
31
31
  :certificate_is_hashed,
32
+ :certificate_cleaning_method,
33
+ :certificate_cleaning_send_as_arg,
34
+ :token_encryption_method,
35
+ :token_decryption_method,
36
+ :token_send_as_arg,
32
37
  ].freeze
33
38
 
34
39
  class << self
@@ -72,6 +77,11 @@ module BetterRecord
72
77
  self.certificate_session_user_method = (ENV.fetch('BR_CERTIFICATE_SESSION_USER_METHOD') { :user }).to_sym
73
78
  self.certificate_header = (ENV.fetch('BR_CERTIFICATE_HEADER') { :HTTP_X_SSL_CERT }).to_sym
74
79
  self.certificate_is_hashed = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_IS_HASHED') { false })
80
+ self.certificate_cleaning_method = (ENV.fetch('BR_CERTIFICATE_CLEANING_METHOD') { :clean_certificate }).to_sym
81
+ self.certificate_cleaning_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_CERTIFICATE_CLEANING_AS_ARG') { false })
82
+ self.token_decryption_method = (ENV.fetch('BR_TOKEN_DECRYPTION_METHOD') { :to_s }).to_sym
83
+ self.token_encryption_method = (ENV.fetch('BR_TOKEN_ENCRYPTION_METHOD') { :to_s }).to_sym
84
+ self.token_send_as_arg = Boolean.strict_parse(ENV.fetch('BR_TOKEN_AS_ARG') { false })
75
85
  end
76
86
 
77
87
  Dir.glob("#{File.expand_path(__dir__)}/better_record/*.rb").each do |d|
@@ -101,7 +101,8 @@ module BetterRecord
101
101
  data = nil
102
102
  data = session_data ? session_data.call(user) : {
103
103
  user_id: user.__send__(session_column),
104
- created_at: Time.now.to_i
104
+ created_at: Time.now.to_i,
105
+ device_id: requesting_device_id
105
106
  }
106
107
  BetterRecord::JWT.encode(data.merge(additional_headers.except(*data.keys)))
107
108
  end
@@ -111,9 +112,9 @@ module BetterRecord
111
112
  user = u_class.where.not(certificate_session_column => nil)
112
113
 
113
114
  if certificate_is_hashed
114
- user = user.find_by("#{certificate_session_column} = crypt(?, #{certificate_session_column})", cert.clean_certificate)
115
+ user = user.find_by("#{certificate_session_column} = crypt(?, #{certificate_session_column})", br_get_clean_cert(cert))
115
116
  else
116
- user = user.find_by(certificate_session_column => cert.clean_certificate)
117
+ user = user.find_by(certificate_session_column => br_get_clean_cert(cert))
117
118
  end
118
119
 
119
120
  if user
@@ -127,6 +128,16 @@ module BetterRecord
127
128
  end
128
129
  end
129
130
 
131
+ def br_get_clean_cert(certificate)
132
+ certificate_cleaning_send_as_arg ?
133
+ self.__send__(certificate_cleaning_method, certificate) :
134
+ certificate.
135
+ __send__(
136
+ certificate_cleaning_method,
137
+ *(certificate_cleaning_method_args)
138
+ )
139
+ end
140
+
130
141
  def current_user
131
142
  BetterRecord::Current.user || check_user
132
143
  end
@@ -135,19 +146,35 @@ module BetterRecord
135
146
  logged_in? ? JWT.decode(current_token).deep_symbolize_keys : {}
136
147
  end
137
148
 
149
+ def has_correct_origin?
150
+ true
151
+ end
152
+
153
+ def requesting_device_id
154
+ session[:requesting_device_id] ||= SecureRandom.uuid
155
+ end
156
+
138
157
  def logged_in?
139
- current_token.present? ||
140
- (
141
- certificate_header &&
142
- header_hash[certificate_header].present? &&
143
- create_session_from_certificate(header_hash[certificate_header])
158
+ current_token.present? || certificate_session_exists?
159
+ end
160
+
161
+ def certificate_string
162
+ @certificate_string ||= certificate_header &&
163
+ header_hash[certificate_header].presence
164
+ end
165
+
166
+ def certificate_session_exists?
167
+ !!(
168
+ certificate_string &&
169
+ has_correct_origin? &&
170
+ create_session_from_certificate(certificate_string)
144
171
  )
145
172
  end
146
173
 
147
174
  def current_token
148
175
  if use_bearer_token
149
176
  @current_token ||= authenticate_with_http_token do |token, **options|
150
- token
177
+ decrypt_token(token, options)
151
178
  end
152
179
  else
153
180
  @current_token ||= session[:current_user]
@@ -173,9 +200,22 @@ module BetterRecord
173
200
  end
174
201
 
175
202
  def set_auth_header
176
- response.set_header("AUTH_TOKEN", current_token)
203
+ response.set_header("AUTH_TOKEN", encrypt_token) if current_token.present?
204
+ end
205
+
206
+ def decrypt_token(t, **options)
207
+ token_send_as_arg ?
208
+ __send__(token_decryption_method, t, options) :
209
+ t.__send__(token_decryption_method)
177
210
  end
178
211
 
212
+ def encrypt_token
213
+ token_send_as_arg ?
214
+ __send__(token_encryption_method, current_token) :
215
+ current_token.__send__(token_encryption_method)
216
+ end
217
+
218
+
179
219
  def set_user(user)
180
220
  BetterRecord::Current.set(user, get_ip_address)
181
221
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module BetterRecord
4
- VERSION = '0.19.2'
4
+ VERSION = '0.19.4'
5
5
  end
@@ -1,25 +1,30 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module BetterRecord
4
- ##########################################################################
5
- # THE FOLLOWING SETTINGS CAN ALSO BE SET THROUGH ENVIRONMENT VARIABLES #
6
- # #
7
- # strict_booleans: BR_STRICT_BOOLEANS #
8
- # default_polymorphic_method: BR_DEFAULT_POLYMORPHIC_METHOD #
9
- # db_audit_schema: BR_DB_AUDIT_SCHEMA #
10
- # has_auditing_relation_by_default: BR_ADD_HAS_MANY #
11
- # audit_relation_name: BR_AUDIT_RELATION_NAME #
12
- # layout_template: BR_LAYOUT_TEMPLATE #
13
- # app_domain_name: APP_DOMAIN_NAME #
14
- # after_login_path: BR_AFTER_LOGIN_PATH #
15
- # use_bearer_token: BR_USE_BEARER_TOKEN #
16
- # session_column: BR_SESSION_COLUMN #
17
- # session_authenticate_method: BR_SESSION_AUTHENTICATE_METHOD #
18
- # certificate_session_column: BR_CERTIFICATE_SESSION_COLUMN #
19
- # certificate_session_user_method: BR_CERTIFICATE_SESSION_USER_METHOD #
20
- # certificate_header: BR_CERTIFICATE_HEADER #
21
- # certificate_is_hashed: BR_CERTIFICATE_IS_HASHED #
22
- ##########################################################################
4
+ ##############################################################################
5
+ # THE FOLLOWING SETTINGS CAN ALSO BE SET THROUGH ENVIRONMENT VARIABLES #
6
+ # #
7
+ # strict_booleans: BR_STRICT_BOOLEANS #
8
+ # default_polymorphic_method: BR_DEFAULT_POLYMORPHIC_METHOD #
9
+ # db_audit_schema: BR_DB_AUDIT_SCHEMA #
10
+ # has_auditing_relation_by_default: BR_ADD_HAS_MANY #
11
+ # audit_relation_name: BR_AUDIT_RELATION_NAME #
12
+ # layout_template: BR_LAYOUT_TEMPLATE #
13
+ # app_domain_name: APP_DOMAIN_NAME #
14
+ # after_login_path: BR_AFTER_LOGIN_PATH #
15
+ # use_bearer_token: BR_USE_BEARER_TOKEN #
16
+ # session_column: BR_SESSION_COLUMN #
17
+ # session_authenticate_method: BR_SESSION_AUTHENTICATE_METHOD #
18
+ # certificate_session_column: BR_CERTIFICATE_SESSION_COLUMN #
19
+ # certificate_session_user_method: BR_CERTIFICATE_SESSION_USER_METHOD #
20
+ # certificate_header: BR_CERTIFICATE_HEADER #
21
+ # certificate_is_hashed: BR_CERTIFICATE_IS_HASHED #
22
+ # certificate_cleaning_method: BR_CERTIFICATE_CLEANING_METHOD #
23
+ # certificate_cleaning_send_as_arg: BR_CERTIFICATE_CLEANING_AS_ARG #
24
+ # token_send_as_arg: BR_TOKEN_AS_ARG #
25
+ # token_encryption_method: BR_TOKEN_ENCRYPTION_METHOD #
26
+ # token_decryption_method: BR_TOKEN_DECRYPTION_METHOD #
27
+ ##############################################################################
23
28
 
24
29
  # uncomment the following line to disable three-state booleans in models
25
30
 
@@ -93,6 +98,16 @@ module BetterRecord
93
98
  # self.certificate_header = :HTTP_X_CERTIFICATE
94
99
 
95
100
  # self.certificate_is_hashed = true
101
+
102
+ # self.certificate_cleaning_method = :to_s
103
+
104
+ # self.certificate_cleaning_send_as_arg = []
105
+
106
+ # self.token_send_as_arg = false
107
+
108
+ # self.token_encryption_method = :to_s
109
+
110
+ # self.token_decryption_method = :to_s
96
111
  # end
97
112
 
98
113
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: better_record
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.19.2
4
+ version: 0.19.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sampson Crowley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-02-14 00:00:00.000000000 Z
11
+ date: 2019-03-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails