RubyGems - challah - Versions diffs - 1.5.0 → 2.0.0.beta2 - Mend

challah 1.5.0 → 2.0.0.beta2

Files changed (47) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +32 -0
data/README.md +6 -39
data/VERSION +1 -1
data/app/controllers/sessions_controller.rb +11 -10
data/app/models/authorization.rb +2 -0
data/lib/challah/audit.rb +38 -36
data/lib/challah/authenticators/api_key.rb +4 -2
data/lib/challah/authenticators/password.rb +3 -1
data/lib/challah/authenticators.rb +5 -3
data/lib/challah/concerns/authorizeable.rb +4 -0
data/lib/challah/concerns/user/attributeable.rb +37 -29
data/lib/challah/concerns/user/authenticateable.rb +4 -2
data/lib/challah/concerns/user/authorizable.rb +16 -12
data/lib/challah/concerns/user/findable.rb +13 -10
data/lib/challah/concerns/user/passwordable.rb +5 -3
data/lib/challah/concerns/user/provideable.rb +22 -20
data/lib/challah/concerns/user/statusable.rb +3 -21
data/lib/challah/concerns/user/validateable.rb +3 -1
data/lib/challah/concerns/userable.rb +1 -3
data/lib/challah/controller.rb +69 -65
data/lib/challah/cookie_store.rb +7 -5
data/lib/challah/encrypter.rb +4 -2
data/lib/challah/engine.rb +5 -18
data/lib/challah/providers/password_provider.rb +9 -7
data/lib/challah/providers.rb +3 -1
data/lib/challah/random.rb +6 -4
data/lib/challah/routes.rb +6 -6
data/lib/challah/session.rb +27 -25
data/lib/challah/signup.rb +5 -3
data/lib/challah/simple_cookie_store.rb +82 -80
data/lib/challah/techniques/api_key_technique.rb +2 -2
data/lib/challah/techniques/password_technique.rb +2 -1
data/lib/challah/techniques/token_technique.rb +3 -1
data/lib/challah/techniques.rb +2 -0
data/lib/challah/test.rb +6 -0
data/lib/challah/validators/email_validator.rb +2 -0
data/lib/challah/validators/password_validator.rb +5 -3
data/lib/challah/version.rb +3 -1
data/lib/challah.rb +2 -5
data/lib/generators/challah_generator.rb +17 -0
data/lib/generators/templates/migration.erb +39 -0
data/lib/tasks/setup.rake +7 -3
metadata +63 -26
data/db/migrate/20120127150433_create_users.rb +0 -29
data/db/migrate/20121116210759_create_authorizations.rb +0 -22
data/lib/challah/plugins.rb +0 -54

data/lib/challah/simple_cookie_store.rb CHANGED Viewed

@@ -4,6 +4,7 @@ module Challah
   # To use a different storage method for persisting a session, just create
   # a new class that responds to +read+, +save+ and +destroy+
   class SimpleCookieStore
     def initialize(session)
       @session = session
     end
@@ -13,7 +14,7 @@ module Challah
     end
     def inspect
-      "#<SimpleCookieStore:0x#{object_id.to_s(16)} valid=#{existing?}>"
+      "#<SimpleCookieStore:0x#{ object_id.to_s(16) } valid=#{ existing? }>"
     end
     def read
@@ -29,107 +30,108 @@ module Challah
     private
-    def clear
-      cookies.delete(session_cookie_name, domain: domain)
-      cookies.delete(validation_cookie_name, domain: domain)
-    end
+      def clear
+        cookies.delete(session_cookie_name, domain: domain)
+        cookies.delete(validation_cookie_name, domain: domain)
+      end
-    def cookie_values
-      session_cookie && session_cookie.to_s.split(joiner)
-    end
+      def cookie_values
+        session_cookie && session_cookie.to_s.split(joiner)
+      end
-    def cookies
-      request.cookie_jar
-    end
+      def cookies
+        request.cookie_jar
+      end
-    def default_cookie_prefix
-      Challah.options[:cookie_prefix]
-    end
+      def default_cookie_prefix
+        Challah.options[:cookie_prefix]
+      end
-    def domain
-      request.session_options[:domain]
-    end
+      def domain
+        request.session_options[:domain]
+      end
-    # Do the cookies exist, and are they valid?
-    def existing?
-      exists = false
+      # Do the cookies exist, and are they valid?
+      def existing?
+        exists = false
-      if session_cookie and validation_cookie
-        session_tmp = session_cookie.to_s
-        validation_tmp = validation_cookie.to_s
+        if session_cookie && validation_cookie
+          session_tmp = session_cookie.to_s
+          validation_tmp = validation_cookie.to_s
-        if validation_tmp == validation_cookie_value(session_tmp)
-          exists = true
+          if validation_tmp == validation_cookie_value(session_tmp)
+            exists = true
+          end
         end
+        exists
       end
-      exists
-    end
+      def expiration
+        @expiration ||= 1.month.from_now
+      end
-    def expiration
-      @expiration ||= 1.month.from_now
-    end
+      def joiner
+        "@"
+      end
-    def joiner
-      '@'
-    end
+      def prefix
+        @prefix ||= [ default_cookie_prefix, user_model_id ].compact.join("-")
+      end
-    def prefix
-      @prefix ||= [ default_cookie_prefix, user_model_id ].compact.join('-')
-    end
+      def request
+        raise "No Request Provided" unless @session && @session.request
+        @session.request
+      end
-    def request
-      raise "No Request Provided" unless @session and @session.request
-      @session.request
-    end
+      def session_cookie
+        cookies[session_cookie_name]
+      end
-    def session_cookie
-      cookies[session_cookie_name]
-    end
+      def session_cookie_name
+        "#{ prefix }-s"
+      end
-    def session_cookie_name
-      "#{prefix}-s"
-    end
+      def session_cookie_value
+        "#@token#{ joiner }#@user_id"
+      end
-    def session_cookie_value
-      "#@token#{joiner}#@user_id"
-    end
+      def user_model_id
+        if @session && @session.user_model && @session.user_model.table_name != "users"
+          Encrypter.md5(@session.user_model.table_name).slice(0..5)
+        end
+      end
-    def user_model_id
-      if @session && @session.user_model && @session.user_model.table_name != 'users'
-        Encrypter.md5(@session.user_model.table_name).slice(0..5)
+      def validation_cookie
+        cookies[validation_cookie_name]
       end
-    end
-    def validation_cookie
-      cookies[validation_cookie_name]
-    end
+      def validation_cookie_name
+        "#{ prefix }-v"
+      end
-    def validation_cookie_name
-      "#{prefix}-v"
-    end
+      def validation_cookie_value(value = nil)
+        value = session_cookie_value unless value
+        Encrypter.md5(value)
+      end
-    def validation_cookie_value(value = nil)
-      value = session_cookie_value unless value
-      Encrypter.md5(value)
-    end
+      def write_cookies!
+        cookies[session_cookie_name] = {
+          value:      session_cookie_value,
+          expires:    expiration,
+          secure:     false,
+          httponly:   true,
+          domain:     domain
+        }
+        cookies[validation_cookie_name] = {
+          value:      validation_cookie_value,
+          expires:    expiration,
+          secure:     false,
+          httponly:   true,
+          domain:     domain
+        }
+      end
-    def write_cookies!
-      cookies[session_cookie_name] = {
-        value:      session_cookie_value,
-        expires:    expiration,
-        secure:     false,
-        httponly:   true,
-        domain:     domain
-      }
-      cookies[validation_cookie_name] = {
-        value:      validation_cookie_value,
-        expires:    expiration,
-        secure:     false,
-        httponly:   true,
-        domain:     domain
-      }
-    end
   end
 end

data/lib/challah/techniques/api_key_technique.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module Challah
     attr_accessor :user_model
     def initialize(session)
-      @key        = session.key? ? session.key : nil
+      @key = session.key? ? session.key : nil
     end
     def authenticate
@@ -16,7 +16,7 @@ module Challah
       unless @key.to_s.blank?
         user = user_model.find_by_api_key(@key)
-        if user and user.valid_session?
+        if user && user.valid_session?
           return user
         end
       end

data/lib/challah/techniques/password_technique.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module Challah
     # if we can successfully authenticate, return a User instance, otherwise nil
     def authenticate
-      if username? and password?
+      if username? && password?
         user = user_model.find_for_session(username)
         if user
@@ -49,5 +49,6 @@ module Challah
     def username
       @username
     end
   end
 end

data/lib/challah/techniques/token_technique.rb CHANGED Viewed

@@ -18,6 +18,8 @@ module Challah
       # This is turned off by default and must be manually enabled for security reasons.
       return nil unless Challah.options[:token_enabled]
+      return nil unless token.present?
       if user = user_model.where(api_key: token).first
         if user.valid_session?
           return user
@@ -41,7 +43,7 @@ module Challah
     private
-    attr_reader :token
+      attr_reader :token
   end
 end

data/lib/challah/techniques.rb CHANGED Viewed

@@ -54,6 +54,7 @@ module Challah
   # +ApiKeyTechnique+.
   #
   module Techniques
     # Register a new technique class. Pass in a name as an identifier, and the class to use
     # when attempting to authenticate.
     def register_technique(name, klass)
@@ -69,5 +70,6 @@ module Challah
     def techniques
       @techniques.dup
     end
   end
 end

data/lib/challah/test.rb CHANGED Viewed

@@ -1,7 +1,9 @@
 module Challah
   # Used to persist session data in test mode instead of using cookies. Stores the session
   # data lazily in a global var, accessible across the testing environment.
   class TestSessionStore
     def initialize(session = nil)
       @session = session
     end
@@ -22,6 +24,7 @@ module Challah
       $challah_test_session = "#{ token }@#{ user_id }"
       true
     end
   end
   module Testing
@@ -39,17 +42,20 @@ module Challah
     alias_method :logout, :signout
   end
 end
 if defined?(ActionController::TestCase)
   Challah.options[:storage_class] = Challah::TestSessionStore
   class ActionController::TestCase
     include Challah::Testing
     setup do
       $challah_test_session = nil
     end
   end
 end

data/lib/challah/validators/email_validator.rb CHANGED Viewed

@@ -6,6 +6,7 @@ module Challah
   #       validates :email, :presence => true, :email => true
   #     end
   class EmailValidator < ActiveModel::EachValidator
     # Called automatically by ActiveModel validation..
     def validate_each(record, attribute, value)
       unless value =~ EmailValidator.pattern
@@ -17,5 +18,6 @@ module Challah
     def self.pattern
       /\b[A-Z0-9._%a-z\-]+@(?:[A-Z0-9a-z\-]+\.)+[A-Za-z]{2,}\z/
     end
   end
 end

data/lib/challah/validators/password_validator.rb CHANGED Viewed

@@ -1,9 +1,10 @@
 module Challah
   class PasswordValidator < ActiveModel::Validator
     # Check to make sure a valid password and confirmation were set
     def validate(record)
-      if record.password_provider? or options[:force]
-        if record.new_record? and record.password.to_s.blank? and !record.password_changed?
+      if record.password_provider? || options[:force]
+        if record.new_record? && record.password.to_s.blank? && !record.password_changed?
           record.errors.add :password, :blank
         elsif record.password_changed?
           if record.password.to_s.size < 4
@@ -14,5 +15,6 @@ module Challah
         end
       end
     end
   end
-end
+end

data/lib/challah/version.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 module Challah
   unless defined?(Challah::VERSION)
-    VERSION = File.read(File.expand_path('../../../VERSION', __FILE__)).strip.freeze
+    VERSION = File.read(File.expand_path("../../../VERSION", __FILE__)).strip.freeze
   end
 end

data/lib/challah.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require "challah/version"
 module Challah
   autoload :Audit,                            "challah/audit"
   autoload :CookieStore,                      "challah/cookie_store"
@@ -9,7 +10,6 @@ module Challah
   autoload :Authenticators,                   "challah/authenticators"
   autoload :Controller,                       "challah/controller"
   autoload :Encrypter,                        "challah/encrypter"
-  autoload :Plugins,                          "challah/plugins"
   autoload :Providers,                        "challah/providers"
   autoload :Random,                           "challah/random"
   autoload :Session,                          "challah/session"
@@ -74,10 +74,6 @@ module Challah
   register_technique :password,       PasswordTechnique
   register_technique :token,          TokenTechnique
-  # Set up plugin registering capability
-  extend Plugins
-  @plugins ||= {}
   # Set up authenticators
   extend Authenticators
   @authenticators ||= {}
@@ -91,6 +87,7 @@ module Challah
   @providers ||= {}
   register_provider :password, PasswordProvider
 end
 require "challah/engine" if defined?(Rails)

data/lib/generators/challah_generator.rb ADDED Viewed

@@ -0,0 +1,17 @@
+require "rails/generators/active_record"
+class ChallahGenerator < Rails::Generators::Base
+  include ActiveRecord::Generators::Migration
+  source_root File.expand_path("../templates", __FILE__)
+  def copy_migration
+    migration_template "migration.erb", "db/migrate/challah_create_users.rb", migration_version: migration_version
+  end
+  def migration_version
+    "[#{ Rails::VERSION::MAJOR }.#{ Rails::VERSION::MINOR }]"
+  end
+end

data/lib/generators/templates/migration.erb ADDED Viewed

@@ -0,0 +1,39 @@
+class ChallahCreateUsers < ActiveRecord::Migration<%= migration_version %>
+  def change
+     create_table :users do |t|
+      t.string      :first_name
+      t.string      :last_name
+      t.string      :email
+      t.string      :email_hash
+      t.string      :persistence_token
+      t.string      :api_key
+      t.datetime    :last_session_at
+      t.integer     :session_count, default: 0
+      t.integer     :failed_auth_count, default: 0
+      t.bigint      :created_by, default: 0
+      t.bigint      :updated_by, default: 0
+      t.integer     :status, default: 0 # defaults to :active
+      t.timestamps  null: true
+    end
+    add_index :users, :first_name
+    add_index :users, :last_name
+    add_index :users, :email
+    add_index :users, :api_key
+    create_table :authorizations do |t|
+      t.references  :user
+      t.string      :provider, limit: 50
+      t.string      :uid
+      t.string      :token, limit: 500
+      t.datetime    :expires_at
+      t.datetime    :last_session_at
+      t.integer     :session_count, default: 0
+      t.timestamps  null: true
+    end
+    add_index :authorizations, [ :user_id, :provider ]
+    add_index :authorizations, :uid
+    add_index :authorizations, :token
+  end
+end

data/lib/tasks/setup.rake CHANGED Viewed

@@ -3,6 +3,10 @@ namespace :challah do
   task :setup => [ "challah:setup:migrations", "challah:unpack:user", "db:migrate", "challah:banner" ]
   task :banner do
+    is_rails5 = Rails.version.start_with? "5"
+    cmd = is_rails5 ? "rails" : "rake"
     banner = <<-str
   ==========================================================================
@@ -15,7 +19,7 @@ namespace :challah do
   If you want to create a new user now, just run:
-  rails challah:users:create
+  #{ cmd } challah:users:create
   ==========================================================================
@@ -26,8 +30,8 @@ namespace :challah do
   namespace :setup do
     task :migrations do
-      puts "Copying migrations..."
-      Rake::Task["challah_engine:install:migrations"].invoke
+      puts "Setting up migrations..."
+      sh "rails generate challah"
     end
   end
 end

metadata CHANGED Viewed

@@ -1,51 +1,57 @@
 --- !ruby/object:Gem::Specification
 name: challah
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0.beta2
 platform: ruby
 authors:
 - John Tornow
 - Phillip Ridlen
 - Nathaniel Watts
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-01-04 00:00:00.000000000 Z
+date: 2022-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.7'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.7.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.7'
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.7.1
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
+        version: 5.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
+        version: 5.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -80,28 +86,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
-  name: factory_girl_rails
+  name: factory_bot_rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.6'
+        version: '6.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.6'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -116,7 +122,35 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
-description: A simple gem for authorization and session management in Rails.
+- !ruby/object:Gem::Dependency
+  name: rspec_junit_formatter
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Authorization and session management for Rails apps
 email:
 - john@johntornow.com
 - p@rdln.net
@@ -134,8 +168,6 @@ files:
 - app/views/sessions/access_denied.html.erb
 - app/views/sessions/new.html.erb
 - config/locales/en.yml
-- db/migrate/20120127150433_create_users.rb
-- db/migrate/20121116210759_create_authorizations.rb
 - lib/challah.rb
 - lib/challah/audit.rb
 - lib/challah/authenticators.rb
@@ -155,7 +187,6 @@ files:
 - lib/challah/cookie_store.rb
 - lib/challah/encrypter.rb
 - lib/challah/engine.rb
-- lib/challah/plugins.rb
 - lib/challah/providers.rb
 - lib/challah/providers/password_provider.rb
 - lib/challah/random.rb
@@ -171,14 +202,21 @@ files:
 - lib/challah/validators/email_validator.rb
 - lib/challah/validators/password_validator.rb
 - lib/challah/version.rb
+- lib/generators/challah_generator.rb
+- lib/generators/templates/migration.erb
 - lib/tasks/crud.rake
 - lib/tasks/setup.rake
 - lib/tasks/unpack.rake
 homepage: https://github.com/jdtornow/challah
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  bug_tracker_uri: https://github.com/jdtornow/challah/issues
+  changelog_uri: https://github.com/jdtornow/challah/releases
+  homepage_uri: https://github.com/jdtornow/challah
+  source_code_uri: https://github.com/jdtornow/challah
+  wiki_uri: https://github.com/jdtornow/challah/wiki
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -186,16 +224,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.2
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: 1.8.11
 requirements: []
-rubyforge_project:
-rubygems_version: 2.5.2
-signing_key:
+rubygems_version: 3.2.32
+signing_key:
 specification_version: 4
 summary: Rails authentication and sessions
 test_files: []