cow_auth 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c476f86eb5beb51e9d81ea1231eadc99342b2154
4
- data.tar.gz: ff572095c33410d3dd61a6df889e082f104c7083
3
+ metadata.gz: 2ef0a48dce112adc6dfba038831d871c13a577f6
4
+ data.tar.gz: 607ad6d1172eaba966ef85410cb706a5afc6b2e7
5
5
  SHA512:
6
- metadata.gz: 7775f24a1b6af4004d0ce7ea14aaf17c45ed1be2f569d7ffddcc604a0bda176934574ce8a3399e270b5ef846d5bde13e7b247e934503dcb322db56ea16b5014f
7
- data.tar.gz: e497095730f0964547c3d1cb339250e5273270ef0bb8c3c2a90acd5db819cb8df5d08a008b0886fc2d898c82edf608d35cae9e4d0cbb3d9d16cd55ffd8bc8f0d
6
+ metadata.gz: 0f2e1bb17673d7c0cd102e00132054d59c73fa8e8381d67b1646f0a3ac9911c71be4baa35f9c82ef78c2a49f3293795360fac91698917ad6c1faf16da370ff8f
7
+ data.tar.gz: c8886526b41df9a13cf605eb2d53fae28288505a50393f209bc97eb020cdfffbcec76d12da7cfc5b64adf578effdd89e476ca652091f7f5a970b38eecb10562b
data/README.md CHANGED
@@ -1,7 +1,5 @@
1
1
  # CowAuth
2
2
 
3
- WARNING: This gem is in early development, which means you probably shouldn't use it yet for critical applications.
4
-
5
3
  The main goal of this gem is to provide API authentication for Rails (or Rails-like) web applications.
6
4
 
7
5
  ## Installation
@@ -20,38 +18,139 @@ Or install it yourself as:
20
18
 
21
19
  $ gem install cow_auth
22
20
 
23
- ## Usage
24
-
25
- TODO: Write usage instructions here
21
+ ## Model
26
22
 
27
23
  Example Rails model generator command:
28
24
 
29
25
  $ bundle exec rails generate model user email:string sid:string encrypted_password:string first_name:string last_name:string sign_in_count:integer
30
26
 
31
- # Modified migration; includes indexes.
27
+ # Modified migration; includes indexes and other stuff you might not want.
32
28
  class CreateUsers < ActiveRecord::Migration[5.0]
33
29
  def change
34
30
  create_table :users do |t|
31
+ t.string :uuid, null: false
35
32
  t.string :email, null: false
36
33
  t.string :sid, null: false
37
- t.string :encrypted_password
34
+ t.string :encrypted_password, null: false
38
35
  t.string :first_name
39
36
  t.string :last_name
40
- t.integer :sign_in_count
37
+ t.integer :sign_in_count, default: 0, null: false
38
+ t.boolean :is_approved, default: false, null: false
39
+ t.boolean :is_deleted, default: false, null: false
41
40
  t.timestamps
42
41
  end
42
+ add_index :users, :uuid, unique: true
43
43
  add_index :users, :email, unique: true
44
44
  add_index :users, :sid, unique: true
45
45
  end
46
46
  end
47
47
 
48
+ ### Create User
49
+
50
+ User.create! email: 'email', password: 'password'
51
+
52
+ ## Session Authentication
53
+
54
+ ### Sign In View Example
55
+
56
+ <%= form_tag '/sessions' do %>
57
+ <%= label_tag(:email) %><br>
58
+ <%= text_field_tag(:email) %><br>
59
+ <%= label_tag(:password) %><br>
60
+ <%= password_field_tag(:password) %><br>
61
+ <%= submit_tag('Sign In') %>
62
+ <% end %>
63
+
64
+ ### Routes Example
65
+
66
+ get 'sessions/new' => 'sessions#new'
67
+ post 'sessions' => 'sessions#create'
68
+ delete 'sessions' => 'sessions#destroy'
69
+
70
+ ### Controllers
71
+
72
+ Add the following lines in the controller(s) that you want to enforce authentication for.
73
+
74
+ include CowAuth::SessionAuth::AuthenticateRequest
75
+ before_action :authenticate_user
76
+
77
+ ### Application Controller Example
78
+
79
+ class ApplicationController < ActionController::Base
80
+ include CowAuth::SessionAuth::AuthenticateRequest
81
+
82
+ protect_from_forgery with: :exception
83
+
84
+ before_action :authenticate_user
85
+
86
+ rescue_from CowAuth::NotAuthenticatedError, with: :user_not_authenticated
87
+
88
+ private
89
+
90
+ def user_not_authenticated(exception)
91
+ flash[:notice] = exception.message
92
+ render sessions_new_path
93
+ end
94
+ end
95
+
96
+ ### Sessions Controller Example
97
+
98
+ class SessionsController < ApplicationController
99
+ include CowAuth::SessionAuth::SessionEndpoints
100
+
101
+ skip_before_action :authenticate_user, only: [:new, :create]
102
+
103
+ def sign_in_success_path
104
+ flash[:notice] = 'Successfully signed in.'
105
+ return home_path
106
+ end
107
+
108
+ def sign_out_success_path
109
+ return sessions_new_path
110
+ end
111
+ end
112
+
113
+ ## Token Authentication
114
+
115
+ ### Authenticated Request
116
+
117
+ Note that token and sid are both required.
118
+
119
+ Example GET:
120
+
121
+ curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=b5503c9b85b881f8b3ddbd82f511912c,sid=C3281846f3976809796f91cf6bbb35c53"
122
+
48
123
  ### Controllers
49
124
 
50
- Add the following lines in the controller(s) that you want to enforce authenticatication for.
125
+ Add the following lines in the controller(s) that you want to enforce authentication for.
51
126
 
52
- include CowAuth::Authentication
127
+ include CowAuth::TokenAuth::AuthenticateRequest
53
128
  before_action :authenticate_user
54
129
 
130
+ ### Application Controller Example
131
+
132
+ class ApplicationController < ActionController::API
133
+ include CowAuth::TokenAuth::AuthenticateRequest
134
+
135
+ before_action :authenticate_user
136
+
137
+ rescue_from CowAuth::NotAuthenticatedError, with: :user_not_authenticated
138
+
139
+ private
140
+
141
+ def user_not_authenticated(exception)
142
+ @message = exception.message
143
+ render 'errors/unauthorized', status: :unauthorized
144
+ end
145
+ end
146
+
147
+ ### Sessions Controller Example
148
+
149
+ class Api::V1::SessionsController < ApplicationController
150
+ include CowAuth::TokenAuth::SessionEndpoints
151
+
152
+ skip_before_action :authenticate_user, only: [:create]
153
+ end
55
154
 
56
155
  ## Development
57
156
 
@@ -70,4 +169,3 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/mickey
70
169
  ## License
71
170
 
72
171
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
73
-
data/lib/cow_auth.rb CHANGED
@@ -1,13 +1,14 @@
1
1
  require 'cow_auth/version'
2
2
  require 'cow_auth/user'
3
- require 'cow_auth/session'
4
- require 'cow_auth/authentication'
5
3
  require 'cow_auth/not_authenticated_error'
4
+ require 'cow_auth/session_auth/session_endpoints'
5
+ require 'cow_auth/session_auth/authenticate_request'
6
+ require 'cow_auth/token_auth/session_endpoints'
7
+ require 'cow_auth/token_auth/authenticate_request'
6
8
 
7
9
  module CowAuth
8
10
  def self.moo
9
- user = CowAuth::User.new
10
- puts user
11
- return user
11
+ puts 'Moo Cow: ' + CowAuth::VERSION
12
+ return CowAuth::User.new
12
13
  end
13
14
  end
@@ -0,0 +1,17 @@
1
+ require 'cow_auth/not_authenticated_error'
2
+
3
+ module CowAuth
4
+ module SessionAuth
5
+ module AuthenticateRequest
6
+ extend ActiveSupport::Concern
7
+
8
+ private
9
+
10
+ def authenticate_user
11
+ @current_user = User.find_by(uuid: session[:current_user])
12
+ raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
13
+ return true
14
+ end
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,32 @@
1
+ require 'cow_auth/not_authenticated_error'
2
+
3
+ module CowAuth
4
+ module SessionAuth
5
+ module SessionEndpoints
6
+ extend ActiveSupport::Concern
7
+
8
+ def new
9
+ end
10
+
11
+ def create
12
+ user = User.find_by(email: params[:email])
13
+ if user.try(:authenticate, params[:password])
14
+ session[:current_user] = user.uuid
15
+ redirect_to sign_in_success_path
16
+ else
17
+ session[:current_user] = nil
18
+ raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
19
+ end
20
+ end
21
+
22
+ def destroy
23
+ if @current_user.present?
24
+ session[:current_user] = nil
25
+ redirect_to sign_out_success_path
26
+ else
27
+ raise CowAuth::StandardError.new('Could not sign user out.')
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,20 @@
1
+ require 'cow_auth/not_authenticated_error'
2
+
3
+ module CowAuth
4
+ module TokenAuth
5
+ module AuthenticateRequest
6
+ extend ActiveSupport::Concern
7
+ include ActionController::HttpAuthentication::Token::ControllerMethods
8
+
9
+ private
10
+
11
+ def authenticate_user
12
+ authenticate_or_request_with_http_token do |token, options|
13
+ @current_user = User.authenticate_from_token(options[:sid], token)
14
+ raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
15
+ return true
16
+ end
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,26 @@
1
+ require 'cow_auth/not_authenticated_error'
2
+
3
+ module CowAuth
4
+ module TokenAuth
5
+ module SessionEndpoints
6
+ extend ActiveSupport::Concern
7
+
8
+ def create
9
+ @user = User.find_by(email: params[:email])
10
+ if @user.try(:authenticate, params[:password])
11
+ @user.api_sign_in
12
+ else
13
+ raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
14
+ end
15
+ end
16
+
17
+ def destroy
18
+ if @current_user.try(:api_sign_out)
19
+ head :ok
20
+ else
21
+ raise CowAuth::NotAuthenticatedError.new('Could not sign user out.')
22
+ end
23
+ end
24
+ end
25
+ end
26
+ end
data/lib/cow_auth/user.rb CHANGED
@@ -30,7 +30,7 @@ module CowAuth
30
30
 
31
31
  def api_sign_in
32
32
  $redis.set(self.redis_key, {
33
- auth_token: User.generate_random_hex_string,
33
+ auth_token: User.generate_auth_token,
34
34
  expires_at: User.generate_token_expires_at
35
35
  }.to_json)
36
36
  end
@@ -64,8 +64,8 @@ module CowAuth
64
64
  return true
65
65
  end
66
66
 
67
- def self.generate_random_hex_string
68
- return SecureRandom.hex(16)
67
+ def self.generate_auth_token
68
+ return SecureRandom.hex(32)
69
69
  end
70
70
 
71
71
  def self.generate_token_expires_at
@@ -1,3 +1,3 @@
1
1
  module CowAuth
2
- VERSION = '0.2.0'
2
+ VERSION = '0.3.0'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cow_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mickey Cowden
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-04-19 00:00:00.000000000 Z
11
+ date: 2016-07-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -84,9 +84,11 @@ files:
84
84
  - bin/setup
85
85
  - cow_auth.gemspec
86
86
  - lib/cow_auth.rb
87
- - lib/cow_auth/authentication.rb
88
87
  - lib/cow_auth/not_authenticated_error.rb
89
- - lib/cow_auth/session.rb
88
+ - lib/cow_auth/session_auth/authenticate_request.rb
89
+ - lib/cow_auth/session_auth/session_endpoints.rb
90
+ - lib/cow_auth/token_auth/authenticate_request.rb
91
+ - lib/cow_auth/token_auth/session_endpoints.rb
90
92
  - lib/cow_auth/user.rb
91
93
  - lib/cow_auth/version.rb
92
94
  homepage: https://github.com/mickey13/cow_auth
@@ -109,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
109
111
  version: '0'
110
112
  requirements: []
111
113
  rubyforge_project:
112
- rubygems_version: 2.6.2
114
+ rubygems_version: 2.6.6
113
115
  signing_key:
114
116
  specification_version: 4
115
117
  summary: Summary
@@ -1,34 +0,0 @@
1
- require 'cow_auth/not_authenticated_error'
2
-
3
- module CowAuth
4
- module Authentication
5
- extend ActiveSupport::Concern
6
- include ActionController::HttpAuthentication::Token::ControllerMethods
7
-
8
- private
9
-
10
- def authenticate_user
11
- authenticate_or_request_with_http_token do |token, options|
12
- puts options
13
-
14
- # sid, auth_token = api_key.match(/sid=([[:alnum:]]*)&auth_token=([[:alnum:]]*)/).try(:captures)
15
- @current_user = User.authenticate_from_token(options[:sid], token)
16
- raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
17
- return true
18
- end
19
- end
20
-
21
- # def authenticate_user
22
- # authenticate_or_request_with_http_token do |api_key, options|
23
- # sid, auth_token = api_key.match(/sid=([[:alnum:]]*)&auth_token=([[:alnum:]]*)/).try(:captures)
24
- # @current_user = User.authenticate_from_token(sid, auth_token)
25
- # raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
26
- # return true
27
- # end
28
- # end
29
- end
30
- end
31
-
32
- # curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=sid=C3281845f3976809796f91cf6bbb35c53&auth_token=b5503c9b85b881f8b3ddbd82f511912c"
33
-
34
- # curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=b5503c9b85b881f8b3ddbd82f511912c,sid=C3281845f3976809796f91cf6bbb35c53"
@@ -1,24 +0,0 @@
1
- require 'cow_auth/not_authenticated_error'
2
-
3
- module CowAuth
4
- module Session
5
- extend ActiveSupport::Concern
6
-
7
- def create
8
- @user = User.find_by(email: params[:email])
9
- if @user.try(:authenticate, params[:password])
10
- @user.api_sign_in
11
- else
12
- raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
13
- end
14
- end
15
-
16
- def destroy
17
- if @current_user.try(:api_sign_out)
18
- head :ok
19
- else
20
- raise CowAuth::NotAuthenticatedError.new('Could not sign user out.')
21
- end
22
- end
23
- end
24
- end