card-mod-api_key 0.11.5 → 0.11.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5daaebf767ad08b753f43f8719e8edab3c6e59182881730ff2c2f076cb98b71f
4
- data.tar.gz: 4bb4036a442f5661be9d22b000a58c69fe9913936fe6a807aa5a164abcf81ed6
3
+ metadata.gz: 65037d50899033317101ca09b8e3ae47ea9694161e713f3010ba549972d9382b
4
+ data.tar.gz: c6ccc6353c51abc65adc90d5ca682b8a03bef2fe95a785e9dcf23aefb4799e26
5
5
  SHA512:
6
- metadata.gz: fff127e7b01bb657bff22c2f0d79ce9d4ec03787cf2fd49d4922c537c301de0f319f98879fbc873c0bd65209ed2de752a53e19761805fe5db665f33efb65e731
7
- data.tar.gz: 4e9d53b8591fa6dee79cd7d91d4c23cbe2c4857d96f8984dad9c83d8c81c6fe0fde900bec8daab44b7c9752f073bb99bafaa4abe1cb7d79d8c6f662b0b2d9f92
6
+ metadata.gz: 1b4b07798f385a10c682e609a8ff7bf8ccbffe32863a1c8d243ffa0fbdc15e2c33272ea16197b7108f6ec8ede8017931ac8a9b2c8c44264ee90efd6219b1a564
7
+ data.tar.gz: 5d917ddd48d4c6304b27f498c2e9af4aaec820b9d6d9ef6d7d37e6e60b653d994cdc87bd8b18b6d60afef57d1944c27cf4195d12da2d9c483b21e7eb10797419
data/README.md CHANGED
@@ -0,0 +1,55 @@
1
+ <!--
2
+ # @title README - mod: API key
3
+ -->
4
+
5
+ # API key Mod
6
+ Enable Decko users to perform authorized web requests associated with their account
7
+ without a session.
8
+
9
+ ## Cards with codenames
10
+
11
+ | codename | default name | purpose |
12
+ |:--------:|:------------:|:-------:|
13
+ | :api_key | *api key | key for authenticating/authorizing API usage |
14
+
15
+ ## Sets with code rules
16
+
17
+ ### {Card::Set::Right::ApiKey [account card]+:api_key}
18
+ This is where the API key is stored. By default it is visible to and editable by
19
+ the account holder and to users with the "Help Desk" role.
20
+
21
+ #### Events
22
+
23
+ | event name | when | purpose |
24
+ |:---------:|:------:|:-------:|
25
+ | generate_api_key | triggered | creates a new, random key |
26
+ | validate_api_key | on save | ensures content is comprised of 20+ alphanumerics (only) |
27
+
28
+ #### Views
29
+
30
+ | view name | format | purpose |
31
+ |:---------:|:------:|:-------:|
32
+ | core | HTML | show key to permitted user and provide form to generate new one |
33
+ | generate_button | HTML | button for generating new API Key |
34
+ | token_link | HTML | links to json view returning a JWT token |
35
+ | token | JSON | return a JWT token for rapid authentication |
36
+
37
+ ### {Card::Set::Right::Account [accounted card]+:account}
38
+
39
+ #### Views
40
+
41
+ | view name | format | purpose |
42
+ |:---------:|:------:|:-------:|
43
+ | api_key | HTML | nests api_key card |
44
+
45
+ ## Card::Auth
46
+
47
+ Extends `Card::Auth.signin_with` to accept `api_key: myapikey`
48
+
49
+ ## API Usage
50
+
51
+ API users can add the api_key param to query strings or to request headers. Or, for
52
+ faster authentication, they can use their api key to get a JWT token. Card sharks can
53
+ provide a link for this token with the `token_link` view (see above). The token can
54
+ then be passed via the token param. By default tokens last for two days. This can be
55
+ configured in application.rb or environment config files using `config.token_expiry`.
@@ -1 +1,3 @@
1
+ # Adds {Card::Auth::ApiKey} methods to Card::Auth class
2
+
1
3
  Card::Auth.extend Card::Auth::ApiKey
data/set/right/api_key.rb CHANGED
@@ -1,18 +1,20 @@
1
1
  include_set Abstract::AccountField
2
2
 
3
+ # triggerable event to generate new API Key
3
4
  event :generate_api_key, :prepare_to_validate, trigger: :required do
4
5
  generate
5
6
  end
6
7
 
7
- event :validate_api_key, :validate do
8
+ event :validate_api_key, :validate, on: :save, changed: :content do
8
9
  errors.add :content, t(:api_key_invalid) unless content.match?(/^\w{20,}$/)
9
10
  errors.add :content, t(:api_key_taken) if api_key_taken?
10
11
  end
11
12
 
13
+ # checks availability of API key
12
14
  def api_key_taken?
13
15
  return false unless (acct = Card::Auth.find_account_by_api_key content)
14
16
 
15
- acct.id == left_id
17
+ acct.id != left_id
16
18
  end
17
19
 
18
20
  def history?
@@ -27,6 +29,7 @@ def ok_to_create
27
29
  own_account? || super
28
30
  end
29
31
 
32
+ # @return [True/False] checks whether key matches content
30
33
  def authenticate_api_key api_key
31
34
  return true unless (error = api_key_validation_error api_key)
32
35
 
@@ -65,6 +68,7 @@ end
65
68
 
66
69
  format :html do
67
70
  view :core, unknown: true, template: :haml
71
+ view(:content, unknown: true) { super() }
68
72
 
69
73
  %i[titled titled_content].each do |viewname|
70
74
  view(viewname, unknown: true) { super() }
@@ -83,4 +87,8 @@ format :html do
83
87
  ]
84
88
  end
85
89
  end
90
+
91
+ def input_type
92
+ :text_field
93
+ end
86
94
  end
@@ -6,6 +6,6 @@
6
6
 
7
7
  = text_field_tag :current_api_key, card.content, readonly: true
8
8
  - else
9
- %em No key.
9
+ %em= t('api_key_no_key')
10
10
  .api-key-generate-button
11
11
  = render_generate_button
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: card-mod-api_key
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.5
4
+ version: 0.11.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ethan McCutchen
@@ -10,7 +10,7 @@ authors:
10
10
  autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2021-05-10 00:00:00.000000000 Z
13
+ date: 2021-05-21 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: card
@@ -18,28 +18,28 @@ dependencies:
18
18
  requirements:
19
19
  - - '='
20
20
  - !ruby/object:Gem::Version
21
- version: 1.101.5
21
+ version: 1.101.6
22
22
  type: :runtime
23
23
  prerelease: false
24
24
  version_requirements: !ruby/object:Gem::Requirement
25
25
  requirements:
26
26
  - - '='
27
27
  - !ruby/object:Gem::Version
28
- version: 1.101.5
28
+ version: 1.101.6
29
29
  - !ruby/object:Gem::Dependency
30
30
  name: card-mod-account
31
31
  requirement: !ruby/object:Gem::Requirement
32
32
  requirements:
33
33
  - - '='
34
34
  - !ruby/object:Gem::Version
35
- version: 0.11.5
35
+ version: 0.11.6
36
36
  type: :runtime
37
37
  prerelease: false
38
38
  version_requirements: !ruby/object:Gem::Requirement
39
39
  requirements:
40
40
  - - '='
41
41
  - !ruby/object:Gem::Version
42
- version: 0.11.5
42
+ version: 0.11.6
43
43
  description: ''
44
44
  email:
45
45
  - info@decko.org