better_record 0.8.4 → 0.8.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/better_record.rb +2 -0
- data/lib/better_record/concerns/controllers/authenticatable.rb +3 -17
- data/lib/better_record/concerns/controllers/sessionable.rb +27 -17
- data/lib/better_record/jwt.rb +52 -5
- data/lib/better_record/version.rb +1 -1
- data/lib/generators/better_record/setup/templates/initializer.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0c74ce4cc2b32ee6daae476f67ee6ef3a8c3446749eb7a62bac00d9b3acca5d4
|
|
4
|
+
data.tar.gz: 0c7275ae95cda50bd041deaedf8cadfe1f39998f9bd2f75912b7dcfb750fcf6e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d4ca2c297bd1c0b56edee22fd172257c4fb709796ee3f87a93cea0a006f2aa59d38ec0901e1a28ff0c64c16491d554f4ab53905c2ff9698f7c9fc49aeb556658
|
|
7
|
+
data.tar.gz: ec802533dc25ae1639a91c51e6f3d6b0eb373d6d5d174951a13e345a4850a593ab80a5e0ccf0aa61350bab21ba319967ca2934c0e486fe6d1f57ae0d71edfead
|
data/lib/better_record.rb
CHANGED
|
@@ -19,6 +19,7 @@ module BetterRecord
|
|
|
19
19
|
:layout_template,
|
|
20
20
|
:app_domain_name,
|
|
21
21
|
:after_login_path,
|
|
22
|
+
:use_bearer_token,
|
|
22
23
|
:session_class,
|
|
23
24
|
:session_column,
|
|
24
25
|
:session_data,
|
|
@@ -49,6 +50,7 @@ module BetterRecord
|
|
|
49
50
|
self.layout_template = (ENV.fetch('BR_LAYOUT_TEMPLATE') { 'better_record/layout' }).to_s
|
|
50
51
|
self.app_domain_name = (ENV.fetch('APP_DOMAIN_NAME') { 'non_existant_domain.com' }).to_s
|
|
51
52
|
self.after_login_path = (ENV.fetch('BR_AFTER_LOGIN_PATH') { nil })
|
|
53
|
+
self.use_bearer_token = Boolean.strict_parse(ENV.fetch('BR_USE_BEARER_TOKEN') { false })
|
|
52
54
|
self.session_column = (ENV.fetch('BR_SESSION_COLUMN') { :id }).to_sym
|
|
53
55
|
self.session_authenticate_method = (ENV.fetch('BR_SESSION_AUTHENTICATE_METHOD') { :authenticate }).to_sym
|
|
54
56
|
self.certificate_session_column = (ENV.fetch('BR_CERTIFICATE_SESSION_COLUMN') { :certificate }).to_sym
|
|
@@ -5,28 +5,14 @@ require 'active_support/concern'
|
|
|
5
5
|
module BetterRecord
|
|
6
6
|
module Authenticatable
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
|
-
include BetterRecord::JWT::ControllerMethods
|
|
9
8
|
|
|
10
9
|
included do
|
|
10
|
+
include BetterRecord::JWT::ControllerMethods
|
|
11
11
|
before_action :check_user
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
def method_missing(method, *args)
|
|
15
|
-
begin
|
|
16
|
-
if BetterRecord.attributes[method.to_sym]
|
|
17
|
-
m = method.to_sym
|
|
18
|
-
self.class.define_method m do
|
|
19
|
-
BetterRecord.__send__ m
|
|
20
|
-
end
|
|
21
|
-
BetterRecord.__send__ m
|
|
22
|
-
else
|
|
23
|
-
raise NoMethodError
|
|
24
|
-
end
|
|
25
|
-
rescue NoMethodError
|
|
26
|
-
super(method, *args)
|
|
12
|
+
if use_bearer_token
|
|
13
|
+
after_action :set_auth_header
|
|
27
14
|
end
|
|
28
15
|
end
|
|
29
16
|
|
|
30
|
-
|
|
31
17
|
end
|
|
32
18
|
end
|
|
@@ -5,31 +5,41 @@ require 'active_support/concern'
|
|
|
5
5
|
module BetterRecord
|
|
6
6
|
module Sessionable
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
|
-
include BetterRecord::JWT::ControllerMethods
|
|
9
8
|
|
|
10
9
|
included do
|
|
10
|
+
include BetterRecord::JWT::ControllerMethods
|
|
11
11
|
skip_before_action :check_user, raise: false
|
|
12
|
-
end
|
|
13
12
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
p session[:referrer], request.referrer
|
|
17
|
-
if (header_hash = request.headers.to_h.deep_symbolize_keys)[:HTTP_X_SSL_CERT].present?
|
|
18
|
-
create_session_from_certificate(header_hash[:HTTP_X_SSL_CERT])
|
|
19
|
-
redirect_to (session.delete(:referrer) || __send__(after_login_path) || root_path)
|
|
20
|
-
end
|
|
21
|
-
end
|
|
13
|
+
def new
|
|
14
|
+
session[:referrer] ||= request.referrer unless use_bearer_token
|
|
22
15
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
16
|
+
if (header_hash = request.headers.to_h.deep_symbolize_keys)[:HTTP_X_SSL_CERT].present?
|
|
17
|
+
create_session_from_certificate(header_hash[:HTTP_X_SSL_CERT])
|
|
18
|
+
return respond_to_login
|
|
19
|
+
end
|
|
26
20
|
end
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
21
|
+
|
|
22
|
+
def create
|
|
23
|
+
if(user = session_class.__send__(session_authenticate_method, params))
|
|
24
|
+
current_token = create_jwt(user)
|
|
25
|
+
set_user(user)
|
|
31
26
|
end
|
|
27
|
+
return respond_to_login
|
|
32
28
|
end
|
|
29
|
+
|
|
30
|
+
private
|
|
31
|
+
def respond_to_login
|
|
32
|
+
respond_to do |format|
|
|
33
|
+
format.json
|
|
34
|
+
format.html do
|
|
35
|
+
return redirect_to (
|
|
36
|
+
(!use_bearer_token && session.delete(:referrer)) ||
|
|
37
|
+
__send__(after_login_path) ||
|
|
38
|
+
root_path
|
|
39
|
+
)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
33
43
|
end
|
|
34
44
|
end
|
|
35
45
|
end
|
data/lib/better_record/jwt.rb
CHANGED
|
@@ -60,6 +60,24 @@ module BetterRecord
|
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
module ControllerMethods
|
|
63
|
+
include ActionController::HttpAuthentication::Token::ControllerMethods
|
|
64
|
+
|
|
65
|
+
def method_missing(method, *args)
|
|
66
|
+
begin
|
|
67
|
+
if BetterRecord.attributes[method.to_sym]
|
|
68
|
+
m = method.to_sym
|
|
69
|
+
self.class.define_method m do
|
|
70
|
+
BetterRecord.__send__ m
|
|
71
|
+
end
|
|
72
|
+
BetterRecord.__send__ m
|
|
73
|
+
else
|
|
74
|
+
raise NoMethodError
|
|
75
|
+
end
|
|
76
|
+
rescue NoMethodError
|
|
77
|
+
super(method, *args)
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
63
81
|
protected
|
|
64
82
|
def check_user
|
|
65
83
|
if logged_in?
|
|
@@ -68,7 +86,7 @@ module BetterRecord
|
|
|
68
86
|
if !data[:created_at] ||
|
|
69
87
|
(data[:created_at].to_i > 14.days.ago.to_i)
|
|
70
88
|
if user = session_class.find_by(session_column => data[:user_id])
|
|
71
|
-
|
|
89
|
+
current_token = create_jwt(user, data) if data[:created_at] < 1.hour.ago
|
|
72
90
|
set_user(user)
|
|
73
91
|
else
|
|
74
92
|
throw 'User Not Found'
|
|
@@ -77,7 +95,7 @@ module BetterRecord
|
|
|
77
95
|
throw 'Token Expired'
|
|
78
96
|
end
|
|
79
97
|
rescue
|
|
80
|
-
|
|
98
|
+
current_token = nil
|
|
81
99
|
BetterRecord::Current.drop_values
|
|
82
100
|
end
|
|
83
101
|
end
|
|
@@ -105,7 +123,8 @@ module BetterRecord
|
|
|
105
123
|
user = user.__send__(certificate_session_user_method)
|
|
106
124
|
end
|
|
107
125
|
|
|
108
|
-
|
|
126
|
+
current_token = create_jwt(user, { has_certificate: true })
|
|
127
|
+
set_user(user)
|
|
109
128
|
end
|
|
110
129
|
end
|
|
111
130
|
|
|
@@ -114,11 +133,39 @@ module BetterRecord
|
|
|
114
133
|
end
|
|
115
134
|
|
|
116
135
|
def current_user_session_data
|
|
117
|
-
logged_in? ? JWT.decode(
|
|
136
|
+
logged_in? ? JWT.decode(current_token).deep_symbolize_keys : {}
|
|
118
137
|
end
|
|
119
138
|
|
|
120
139
|
def logged_in?
|
|
121
|
-
|
|
140
|
+
current_token.present?
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
def current_token
|
|
144
|
+
if use_bearer_token
|
|
145
|
+
@current_token ||= authenticate_with_http_token do |token, **options|
|
|
146
|
+
token
|
|
147
|
+
end
|
|
148
|
+
else
|
|
149
|
+
@current_token ||= session[:current_user]
|
|
150
|
+
end
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
def current_token=(value)
|
|
154
|
+
@current_token = value
|
|
155
|
+
if use_bearer_token
|
|
156
|
+
set_auth_header
|
|
157
|
+
else
|
|
158
|
+
if value.blank?
|
|
159
|
+
session.delete(:current_user)
|
|
160
|
+
else
|
|
161
|
+
session[:current_user] = value
|
|
162
|
+
end
|
|
163
|
+
end
|
|
164
|
+
@current_token
|
|
165
|
+
end
|
|
166
|
+
|
|
167
|
+
def set_auth_header
|
|
168
|
+
response.set_header("AUTH_TOKEN", current_token)
|
|
122
169
|
end
|
|
123
170
|
|
|
124
171
|
def set_user(user)
|
|
@@ -12,6 +12,7 @@ module BetterRecord
|
|
|
12
12
|
# layout_template: BR_LAYOUT_TEMPLATE #
|
|
13
13
|
# app_domain_name: APP_DOMAIN_NAME #
|
|
14
14
|
# after_login_path: BR_AFTER_LOGIN_PATH #
|
|
15
|
+
# use_bearer_token: BR_USE_BEARER_TOKEN #
|
|
15
16
|
# session_column: BR_SESSION_COLUMN #
|
|
16
17
|
# session_authenticate_method: BR_SESSION_AUTHENTICATE_METHOD #
|
|
17
18
|
# certificate_session_column: BR_CERTIFICATE_SESSION_COLUMN #
|
|
@@ -59,6 +60,9 @@ module BetterRecord
|
|
|
59
60
|
|
|
60
61
|
# OPTIONAL #
|
|
61
62
|
|
|
63
|
+
# set to true to use Auth headers instead of session cookies
|
|
64
|
+
# self.use_bearer_token = true
|
|
65
|
+
|
|
62
66
|
# self.after_login_path = Rails.application.routes.url_helpers.root_path
|
|
63
67
|
|
|
64
68
|
# self.session_column = :uuid
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: better_record
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sampson Crowley
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-08-
|
|
11
|
+
date: 2018-08-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|