capcoauth 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 044a5432917dc3dcf800b665080c2ff0e68ef7ee
-  data.tar.gz: ed80f5118d7afcadfed3629b0f7359d8e3e7598e
+  metadata.gz: a0f67e3a83ec6473b07b2457266900eb0e27e395
+  data.tar.gz: b08ab8274f0602d1f3b1a09dabf04a1a2283df99
 SHA512:
-  metadata.gz: df69c54c64cb65e34351f91f688d8e35d28dd8ef4e3afcf19b9d29e4c7b72c0d540b585c3af7d9c361f25150c47999a0bfc14438f5f3e5cbfbbea703d0464beb
-  data.tar.gz: 75161dc7136c45a3092a2c9bcfcf3d5b9b98c3b34c8d73212b9bbc16bc0d2ed24cb5b8d96172b5022640a71508d5cba9d294610234e15769abdc58f460ba4b83
+  metadata.gz: f838187c0c67626ab8a390de889ce6cdef44b1a0baf9bf4cca81d17012359d3058de45c3f6be92f25c93bc582a3062d96fe1cba2e8f1c993a8804402f64dc76d
+  data.tar.gz: 13ca517c867d28b3b376159a4872b12e887d72ffe363499ba90f52a13409077935deedebeaf483dd7c11f618a7c2bcd3cf7f9858dd204ae504f5c7ebfaa8941d

data/README.md

@@ -1,3 +1,84 @@
 # capcoauth-gem
 
-Ruby Gem for integrating with CapcOAuth
+Ruby Gem for integrating a Rails project with CapcOAuth
+
+Currently, this only supports session-based authentication, but can easily be adapted to accept bearer tokens if needed.
+
+## Installation
+
+1.  Add to your gemfile:
+
+```ruby
+gem 'capcoauth'
+```
+
+2.  Run the following from your console to install the gem:
+
+```sh
+bundle install
+```
+
+3.  Run the following from your console to install the initializer in `config/initializers/capcoauth.rb`:
+
+```sh
+rails generate capcoauth:install
+```
+
+## Configure
+
+### Enter your client_id and client_secret into initializer
+
+You'll need to obtain an OAuth client ID and client secret for your application, which can then be entered into your
+initializer in `config/initializers/capcoauth.rb`.
+
+### Authorize your routes!
+
+In your controllers, just call the helper method `verify_authorized!` for all protected resources.  This is easiest done
+by adding it as a before_action:
+
+```ruby
+class ApplicationController < ActionController::Base
+  before_action :verify_authorized
+end
+```
+
+You may exclude/include for specific actions:
+
+```ruby
+class ApplicationController < ActionController::Base
+  before_action :verify_authorized, only: [:my_super_secret_action], except: [:my_publicly_accessible_action]
+end
+```
+
+Or even skip it entirely for specific actions:
+
+```ruby
+class PublicStuffController < ApplicationController
+  skip_before_action :verify_authorized
+end
+```
+
+## How it works
+
+The installation script will add `use_capcoauth` to your `routes.rb` file, which creates these routes for you:
+
+```
+       Prefix Verb URI Pattern              Controller#Action
+   auth_login GET  /auth/login(.:format)    capcoauth/login#show
+  auth_logout GET  /auth/logout(.:format)   capcoauth/logout#show
+auth_callback GET  /auth/callback(.:format) capcoauth/callback#show
+```
+
+These are very important, as they implement the core functionality of this gem.  The `login` route will generate a
+CapcOAuth authorization URL appropriate for your application, and redirect the user to it.  Upon successful login and 
+authorization of your application, they will be redirected to the `callback` route, which will exchange their code with
+an access token, and will store that and the user's ID in the session.
+
+Verification of the access token happens when `verify_authorized!` is executed, which caches the success response for
+whatever TTL value you set in your initializer.  This saves time by preventing every request from calling home to 
+CapcOAuth for approval.  This can be increased or decreased at your discretion, but should be kept to a relatively low
+value.
+
+## Bugs? Feature requests? Pull requests?
+
+Email me or submit via issue/pull request.

data/lib/capcoauth/version.rb

@@ -1,3 +1,3 @@
 module Capcoauth
-  VERSION = '0.1.2'
+  VERSION = '0.1.3'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: capcoauth
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Adam Robertson