RubyGems - cow_auth - Versions diffs - 0.2.0 → 0.3.0 - Mend

cow_auth 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/README.md +109 -11
data/lib/cow_auth.rb +6 -5
data/lib/cow_auth/session_auth/authenticate_request.rb +17 -0
data/lib/cow_auth/session_auth/session_endpoints.rb +32 -0
data/lib/cow_auth/token_auth/authenticate_request.rb +20 -0
data/lib/cow_auth/token_auth/session_endpoints.rb +26 -0
data/lib/cow_auth/user.rb +3 -3
data/lib/cow_auth/version.rb +1 -1
metadata +7 -5
data/lib/cow_auth/authentication.rb +0 -34
data/lib/cow_auth/session.rb +0 -24

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c476f86eb5beb51e9d81ea1231eadc99342b2154
-  data.tar.gz: ff572095c33410d3dd61a6df889e082f104c7083
+  metadata.gz: 2ef0a48dce112adc6dfba038831d871c13a577f6
+  data.tar.gz: 607ad6d1172eaba966ef85410cb706a5afc6b2e7
 SHA512:
-  metadata.gz: 7775f24a1b6af4004d0ce7ea14aaf17c45ed1be2f569d7ffddcc604a0bda176934574ce8a3399e270b5ef846d5bde13e7b247e934503dcb322db56ea16b5014f
-  data.tar.gz: e497095730f0964547c3d1cb339250e5273270ef0bb8c3c2a90acd5db819cb8df5d08a008b0886fc2d898c82edf608d35cae9e4d0cbb3d9d16cd55ffd8bc8f0d
+  metadata.gz: 0f2e1bb17673d7c0cd102e00132054d59c73fa8e8381d67b1646f0a3ac9911c71be4baa35f9c82ef78c2a49f3293795360fac91698917ad6c1faf16da370ff8f
+  data.tar.gz: c8886526b41df9a13cf605eb2d53fae28288505a50393f209bc97eb020cdfffbcec76d12da7cfc5b64adf578effdd89e476ca652091f7f5a970b38eecb10562b

data/README.md CHANGED Viewed

@@ -1,7 +1,5 @@
 # CowAuth
-WARNING: This gem is in early development, which means you probably shouldn't use it yet for critical applications.
 The main goal of this gem is to provide API authentication for Rails (or Rails-like) web applications.
 ## Installation
@@ -20,38 +18,139 @@ Or install it yourself as:
     $ gem install cow_auth
-## Usage
-TODO: Write usage instructions here
+## Model
 Example Rails model generator command:
     $ bundle exec rails generate model user email:string sid:string encrypted_password:string first_name:string last_name:string sign_in_count:integer
-    # Modified migration; includes indexes.
+    # Modified migration; includes indexes and other stuff you might not want.
     class CreateUsers < ActiveRecord::Migration[5.0]
       def change
         create_table :users do |t|
+          t.string :uuid, null: false
           t.string :email, null: false
           t.string :sid, null: false
-          t.string :encrypted_password
+          t.string :encrypted_password, null: false
           t.string :first_name
           t.string :last_name
-          t.integer :sign_in_count
+          t.integer :sign_in_count, default: 0, null: false
+          t.boolean :is_approved, default: false, null: false
+          t.boolean :is_deleted, default: false, null: false
           t.timestamps
         end
+        add_index :users, :uuid, unique: true
         add_index :users, :email, unique: true
         add_index :users, :sid, unique: true
       end
     end
+### Create User
+    User.create! email: 'email', password: 'password'
+## Session Authentication
+### Sign In View Example
+    <%= form_tag '/sessions' do %>
+      <%= label_tag(:email) %><br>
+      <%= text_field_tag(:email) %><br>
+      <%= label_tag(:password) %><br>
+      <%= password_field_tag(:password) %><br>
+      <%= submit_tag('Sign In') %>
+    <% end %>
+### Routes Example
+    get 'sessions/new' => 'sessions#new'
+    post 'sessions' => 'sessions#create'
+    delete 'sessions' => 'sessions#destroy'
+### Controllers
+Add the following lines in the controller(s) that you want to enforce authentication for.
+    include CowAuth::SessionAuth::AuthenticateRequest
+    before_action :authenticate_user
+### Application Controller Example
+    class ApplicationController < ActionController::Base
+      include CowAuth::SessionAuth::AuthenticateRequest
+      protect_from_forgery with: :exception
+      before_action :authenticate_user
+      rescue_from CowAuth::NotAuthenticatedError, with: :user_not_authenticated
+    private
+      def user_not_authenticated(exception)
+        flash[:notice] = exception.message
+        render sessions_new_path
+      end
+    end
+### Sessions Controller Example
+    class SessionsController < ApplicationController
+      include CowAuth::SessionAuth::SessionEndpoints
+      skip_before_action :authenticate_user, only: [:new, :create]
+      def sign_in_success_path
+        flash[:notice] = 'Successfully signed in.'
+        return home_path
+      end
+      def sign_out_success_path
+        return sessions_new_path
+      end
+    end
+## Token Authentication
+### Authenticated Request
+Note that token and sid are both required.
+Example GET:
+    curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=b5503c9b85b881f8b3ddbd82f511912c,sid=C3281846f3976809796f91cf6bbb35c53"
 ### Controllers
-Add the following lines in the controller(s) that you want to enforce authenticatication for.
+Add the following lines in the controller(s) that you want to enforce authentication for.
-    include CowAuth::Authentication
+    include CowAuth::TokenAuth::AuthenticateRequest
     before_action :authenticate_user
+### Application Controller Example
+    class ApplicationController < ActionController::API
+      include CowAuth::TokenAuth::AuthenticateRequest
+      before_action :authenticate_user
+      rescue_from CowAuth::NotAuthenticatedError, with: :user_not_authenticated
+    private
+      def user_not_authenticated(exception)
+        @message = exception.message
+        render 'errors/unauthorized', status: :unauthorized
+      end
+    end
+### Sessions Controller Example
+    class Api::V1::SessionsController < ApplicationController
+      include CowAuth::TokenAuth::SessionEndpoints
+      skip_before_action :authenticate_user, only: [:create]
+    end
 ## Development
@@ -70,4 +169,3 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/mickey
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/lib/cow_auth.rb CHANGED Viewed

@@ -1,13 +1,14 @@
 require 'cow_auth/version'
 require 'cow_auth/user'
-require 'cow_auth/session'
-require 'cow_auth/authentication'
 require 'cow_auth/not_authenticated_error'
+require 'cow_auth/session_auth/session_endpoints'
+require 'cow_auth/session_auth/authenticate_request'
+require 'cow_auth/token_auth/session_endpoints'
+require 'cow_auth/token_auth/authenticate_request'
 module CowAuth
   def self.moo
-    user = CowAuth::User.new
-    puts user
-    return user
+    puts 'Moo Cow: ' + CowAuth::VERSION
+    return CowAuth::User.new
   end
 end

data/lib/cow_auth/session_auth/authenticate_request.rb ADDED Viewed

@@ -0,0 +1,17 @@
+require 'cow_auth/not_authenticated_error'
+module CowAuth
+  module SessionAuth
+    module AuthenticateRequest
+      extend ActiveSupport::Concern
+    private
+      def authenticate_user
+        @current_user = User.find_by(uuid: session[:current_user])
+        raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
+        return true
+      end
+    end
+  end
+end

data/lib/cow_auth/session_auth/session_endpoints.rb ADDED Viewed

@@ -0,0 +1,32 @@
+require 'cow_auth/not_authenticated_error'
+module CowAuth
+  module SessionAuth
+    module SessionEndpoints
+      extend ActiveSupport::Concern
+      def new
+      end
+      def create
+        user = User.find_by(email: params[:email])
+        if user.try(:authenticate, params[:password])
+          session[:current_user] = user.uuid
+          redirect_to sign_in_success_path
+        else
+          session[:current_user] = nil
+          raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
+        end
+      end
+      def destroy
+        if @current_user.present?
+          session[:current_user] = nil
+          redirect_to sign_out_success_path
+        else
+          raise CowAuth::StandardError.new('Could not sign user out.')
+        end
+      end
+    end
+  end
+end

data/lib/cow_auth/token_auth/authenticate_request.rb ADDED Viewed

@@ -0,0 +1,20 @@
+require 'cow_auth/not_authenticated_error'
+module CowAuth
+  module TokenAuth
+    module AuthenticateRequest
+      extend ActiveSupport::Concern
+      include ActionController::HttpAuthentication::Token::ControllerMethods
+    private
+      def authenticate_user
+        authenticate_or_request_with_http_token do |token, options|
+          @current_user = User.authenticate_from_token(options[:sid], token)
+          raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
+          return true
+        end
+      end
+    end
+  end
+end

data/lib/cow_auth/token_auth/session_endpoints.rb ADDED Viewed

@@ -0,0 +1,26 @@
+require 'cow_auth/not_authenticated_error'
+module CowAuth
+  module TokenAuth
+    module SessionEndpoints
+      extend ActiveSupport::Concern
+      def create
+        @user = User.find_by(email: params[:email])
+        if @user.try(:authenticate, params[:password])
+          @user.api_sign_in
+        else
+          raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
+        end
+      end
+      def destroy
+        if @current_user.try(:api_sign_out)
+          head :ok
+        else
+          raise CowAuth::NotAuthenticatedError.new('Could not sign user out.')
+        end
+      end
+    end
+  end
+end

data/lib/cow_auth/user.rb CHANGED Viewed

@@ -30,7 +30,7 @@ module CowAuth
     def api_sign_in
       $redis.set(self.redis_key, {
-        auth_token: User.generate_random_hex_string,
+        auth_token: User.generate_auth_token,
         expires_at: User.generate_token_expires_at
       }.to_json)
     end
@@ -64,8 +64,8 @@ module CowAuth
       return true
     end
-    def self.generate_random_hex_string
-      return SecureRandom.hex(16)
+    def self.generate_auth_token
+      return SecureRandom.hex(32)
     end
     def self.generate_token_expires_at

data/lib/cow_auth/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module CowAuth
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cow_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Mickey Cowden
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-04-19 00:00:00.000000000 Z
+date: 2016-07-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -84,9 +84,11 @@ files:
 - bin/setup
 - cow_auth.gemspec
 - lib/cow_auth.rb
-- lib/cow_auth/authentication.rb
 - lib/cow_auth/not_authenticated_error.rb
-- lib/cow_auth/session.rb
+- lib/cow_auth/session_auth/authenticate_request.rb
+- lib/cow_auth/session_auth/session_endpoints.rb
+- lib/cow_auth/token_auth/authenticate_request.rb
+- lib/cow_auth/token_auth/session_endpoints.rb
 - lib/cow_auth/user.rb
 - lib/cow_auth/version.rb
 homepage: https://github.com/mickey13/cow_auth
@@ -109,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.2
+rubygems_version: 2.6.6
 signing_key:
 specification_version: 4
 summary: Summary

data/lib/cow_auth/authentication.rb DELETED Viewed

@@ -1,34 +0,0 @@
-require 'cow_auth/not_authenticated_error'
-module CowAuth
-  module Authentication
-    extend ActiveSupport::Concern
-    include ActionController::HttpAuthentication::Token::ControllerMethods
-  private
-    def authenticate_user
-      authenticate_or_request_with_http_token do |token, options|
-        puts options
-        # sid, auth_token = api_key.match(/sid=([[:alnum:]]*)&auth_token=([[:alnum:]]*)/).try(:captures)
-        @current_user = User.authenticate_from_token(options[:sid], token)
-        raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
-        return true
-      end
-    end
-    # def authenticate_user
-    #   authenticate_or_request_with_http_token do |api_key, options|
-    #     sid, auth_token = api_key.match(/sid=([[:alnum:]]*)&auth_token=([[:alnum:]]*)/).try(:captures)
-    #     @current_user = User.authenticate_from_token(sid, auth_token)
-    #     raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
-    #     return true
-    #   end
-    # end
-  end
-end
-# curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=sid=C3281845f3976809796f91cf6bbb35c53&auth_token=b5503c9b85b881f8b3ddbd82f511912c"
-# curl -X GET http://api.local.dev:3000/v1/test -i -H "Authorization: Token token=b5503c9b85b881f8b3ddbd82f511912c,sid=C3281845f3976809796f91cf6bbb35c53"

data/lib/cow_auth/session.rb DELETED Viewed

@@ -1,24 +0,0 @@
-require 'cow_auth/not_authenticated_error'
-module CowAuth
-  module Session
-    extend ActiveSupport::Concern
-    def create
-      @user = User.find_by(email: params[:email])
-      if @user.try(:authenticate, params[:password])
-        @user.api_sign_in
-      else
-        raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
-      end
-    end
-    def destroy
-      if @current_user.try(:api_sign_out)
-        head :ok
-      else
-        raise CowAuth::NotAuthenticatedError.new('Could not sign user out.')
-      end
-    end
-  end
-end