cow_auth 0.4.2 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: dff8fe9127d7933119a7bc9e1a394b63459347b8
-  data.tar.gz: 044fe42d8ab52301dcb26d555b2249a2e361469b
+SHA256:
+  metadata.gz: '0855a2ef21dbcf97962fa31e9ebd51bd7b121c518b44eff213f0c220681e23e3'
+  data.tar.gz: fd087dde4492f753d7a6615513642a1c998d52fac85c45d38205d43cd2e33721
 SHA512:
-  metadata.gz: 6470c86664faba0fa3e5900666cb3222a91b2516331809d642f3c6398317ed5a9814be3e8eab0aadb188a0387ff7254ca81f3757bc58566e5af834d384f44a75
-  data.tar.gz: ce090243601ce2a58903a1881419837be92c0edb65b6681f5459c900c7baf7823d66d3eb118ed877d35b705712090898b3d58483c9617533ebcce5c06fb629f8
+  metadata.gz: ac2539f24adb657aa18bd40c508bc1a4076348db89c36f4a31ea25c5dc8b504b130e9462336b5d362de70958f471e73d1503e5535a14b028cb7e8091b705e535
+  data.tar.gz: 87a6185f361579d1b73e046fea742f5bae8b428ca8112afc5523a14f87cded892c9ccdfdd4eb002c0580eb5fa1659010b794d1488ab72493176461d01b9d4ae6

data/README.md

@@ -1,6 +1,6 @@
 # CowAuth
 
-The main goal of this gem is to provide session and / or API authentication for Rails (or Rails-like) web applications.
+The main goal of this gem is to provide token-based authentication for Rails (or Rails-like) web applications.
 
 ## Installation
 
@@ -22,102 +22,43 @@ Or install it yourself as:
 
 ### Generator (Example)
 
-    $ bundle exec rails generate model user uuid:string:uniq email:string:uniq sid:string:uniq encrypted_password:string first_name:string last_name:string sign_in_count:integer is_approved:boolean is_deleted:boolean
+    $ bundle exec rails generate model user uuid:string:uniq email:string:uniq sid:string:uniq encrypted_password:string locale:string first_name:string last_name:string role:integer sign_in_count:integer is_approved:boolean is_deleted:boolean
 
 ### Migration (Example)
 
     # Modified migration; includes indexes and other stuff you might not want.
-    class CreateUsers < ActiveRecord::Migration[5.1]
+    class CreateUsers < ActiveRecord::Migration[5.2]
       def change
         create_table :users do |t|
           t.string :uuid, null: false
           t.string :email, null: false
           t.string :sid, null: false
           t.string :encrypted_password, null: false
+          t.string :locale, null: false
           t.string :first_name
           t.string :last_name
+          t.integer :role, default: 0, null: false
           t.integer :sign_in_count, default: 0, null: false
           t.boolean :is_approved, default: false, null: false
           t.boolean :is_deleted, default: false, null: false
           t.timestamps
+          t.index [:uuid], unique: true
+          t.index [:email], unique: true
+          t.index [:sid], unique: true
         end
-        add_index :users, :uuid, unique: true
-        add_index :users, :email, unique: true
-        add_index :users, :sid, unique: true
       end
     end
 
-### Model Inheritance
+### Model Concern
 
-    class User < CowAuth::User
+    class User < ApplicationRecord
+      include CowAuth::User
     end
 
-
 ### Create User
 
     User.create! email: 'email', password: 'password'
 
-## Session Authentication
-
-### Sign In View Example
-
-    <%= form_tag '/sessions' do %>
-      <%= label_tag(:email) %><br>
-      <%= text_field_tag(:email) %><br>
-      <%= label_tag(:password) %><br>
-      <%= password_field_tag(:password) %><br>
-      <%= submit_tag('Sign In') %>
-    <% end %>
-
-### Routes Example
-
-    get 'sessions/new' => 'sessions#new'
-    post 'sessions' => 'sessions#create'
-    delete 'sessions' => 'sessions#destroy'
-
-### Controllers
-
-Add the following lines in the controller(s) that you want to enforce authentication for.
-
-    include CowAuth::SessionAuth::AuthenticateRequest
-    before_action :authenticate_user
-
-### Application Controller Example
-
-    class ApplicationController < ActionController::Base
-      include CowAuth::SessionAuth::AuthenticateRequest
-
-      protect_from_forgery with: :exception
-
-      before_action :authenticate_user
-
-      rescue_from CowAuth::NotAuthenticatedError, with: :user_not_authenticated
-
-    private
-
-      def user_not_authenticated(exception)
-        flash[:notice] = exception.message
-        render sessions_new_path
-      end
-    end
-
-### Sessions Controller Example
-
-    class SessionsController < ApplicationController
-      include CowAuth::SessionAuth::SessionEndpoints
-
-      skip_before_action :authenticate_user, only: [:new, :create]
-
-      def sign_in_success_path
-        flash[:notice] = 'Successfully signed in.'
-        return home_path
-      end
-
-      def sign_out_success_path
-        return sessions_new_path
-      end
-    end
-
 ## Token Authentication
 
 ### Authenticate (Example)
@@ -141,6 +82,12 @@ Add the following lines in the controller(s) that you want to enforce authentica
     include CowAuth::TokenAuth::AuthenticateRequest
     before_action :authenticate_user
 
+Add the following private method to the ApplicationController (assuming User is the correct model).
+
+    def authentication_class
+      return User
+    end
+
 ### Application Controller Example
 
     class ApplicationController < ActionController::API
@@ -155,6 +102,10 @@ Add the following lines in the controller(s) that you want to enforce authentica
       def user_not_authenticated(exception)
         render json: { error: exception.message }, status: :unauthorized
       end
+
+      def authentication_class
+        return User
+      end
     end
 
 ### Sessions Controller Example

data/cow_auth.gemspec

@@ -21,9 +21,8 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '~> 2.3'
 
-  spec.add_development_dependency 'bundler', '~> 1.14'
-  spec.add_development_dependency 'rake', '~> 12.0'
+  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'rake', '~> 12.3'
   spec.add_development_dependency 'minitest', '~> 5.10'
-  spec.add_runtime_dependency 'active_model_serializers', '~> 0.10'
   spec.add_runtime_dependency 'scrypt', '~> 3.0'
 end

data/lib/cow_auth/token_auth/authenticate_request.rb

@@ -10,7 +10,8 @@ module CowAuth
 
       def authenticate_user
         authenticate_or_request_with_http_token do |token, options|
-          @current_user = User.authenticate_from_token(options[:sid], token)
+          user = authentication_class.find_by(sid: options[:sid])
+          @current_user = user.try(:authenticate_with_token, token) ? user : nil
           raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
           return true
         end

data/lib/cow_auth/token_auth/session_endpoints.rb

@@ -1,4 +1,3 @@
-require 'cow_auth/user_serializer'
 require 'cow_auth/exceptions'
 
 module CowAuth
@@ -7,10 +6,10 @@ module CowAuth
       extend ActiveSupport::Concern
 
       def create
-        @user = User.find_by(email: params[:email])
-        if @user.try(:authenticate, params[:password])
-          @user.api_sign_in
-          render json: UserSerializer.new(@user), status: :ok
+        user = authentication_class.find_by(email: params[:email])
+        if user.try(:authenticate_with_password, params[:password])
+          user.api_sign_in
+          render json: { sid: user.sid, auth_token: user.auth_token }, status: :ok
         else
           raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
         end

data/lib/cow_auth/user.rb

@@ -1,24 +1,22 @@
 require 'scrypt'
+require 'cow_auth/exceptions'
 
 module CowAuth
-  class User < ActiveRecord::Base
-    after_initialize :generate_sid_if_necessary
-
-    validates :email, presence: true
-    validates :email, uniqueness: true
-    validates :encrypted_password, presence: true
-    validates :sid, presence: true
-    validates :sid, uniqueness: true
-    validates :sid, format: { with: /\AC[a-z0-9]{32}\z/ }
-
-    def password=(new_password)
-      return false if new_password.blank?
-      salt = SCrypt::Engine.generate_salt
-      self.encrypted_password = SCrypt::Engine.hash_secret(new_password, salt)
-      return true
+  module User
+    extend ActiveSupport::Concern
+
+    included do
+      after_initialize :generate_sid_if_necessary
+
+      validates :email, presence: true
+      validates :email, uniqueness: true
+      validates :encrypted_password, presence: true
+      validates :sid, presence: true
+      validates :sid, uniqueness: true
+      validates :sid, format: { with: /\AC[a-z0-9]{32}\z/ }
     end
 
-    def authenticate(password)
+    def authenticate_with_password(password)
       return false if self.encrypted_password.blank?
       if SCrypt::Password.new(self.encrypted_password) == password
         self.update(sign_in_count: self.sign_in_count + 1)
@@ -27,43 +25,66 @@ module CowAuth
       return false
     end
 
+    def authenticate_with_token(auth_token)
+      api_key = self.fetch_api_key_from_redis(sid)
+      if api_key.present? &&
+          api_key.key?(:auth_token) &&
+          api_key.key?(:expires_at) &&
+          api_key[:auth_token] == auth_token &&
+          api_key[:expires_at] > Time.zone.now
+        return true
+      end
+      return false
+    end
+
     def api_sign_in
-      User.assert_redis_handle_present
-      $redis.set(self.redis_key, {
-        auth_token: self.token_valid? ? self.auth_token : User.generate_auth_token,
-        expires_at: User.generate_token_expires_at
+      self.redis_handle.set(self.redis_key, {
+        auth_token: self.token_valid? ? self.auth_token : self.generate_auth_token,
+        expires_at: self.generate_token_expires_at
       }.to_json)
     end
 
     def api_sign_out
-      User.assert_redis_handle_present
-      $redis.del(self.redis_key)
+      self.redis_handle.del(self.redis_key)
     end
 
     def auth_token
-      return User.fetch_api_key_from_redis(self.sid).try(:[], :auth_token)
+      return self.fetch_api_key_from_redis(self.sid).try(:[], :auth_token)
     end
 
-    def self.authenticate_from_token(sid, auth_token)
-      api_key = User.fetch_api_key_from_redis(sid)
-      if api_key.present? &&
-          api_key.key?(:auth_token) &&
-          api_key.key?(:expires_at) &&
-          api_key[:auth_token] == auth_token &&
-          api_key[:expires_at] > Time.zone.now
-        return User.find_by(sid: sid)
-      end
-      return nil
+    def password=(new_password)
+      return false if new_password.blank?
+      salt = SCrypt::Engine.generate_salt
+      self.encrypted_password = SCrypt::Engine.hash_secret(new_password, salt)
+      return true
     end
 
   protected
 
+    def fetch_api_key_from_redis(sid)
+      api_key = self.redis_handle.get(self.redis_key)
+      return api_key.present? ? JSON.parse(api_key).try(:symbolize_keys) : nil
+    end
+
+    def generate_auth_token
+      return SecureRandom.hex(64)
+    end
+
+    def generate_token_expires_at
+      return 1.month.from_now
+    end
+
+    def redis_handle
+      raise CowAuth::RedisHandleMissingError.new('"$redis" handle not found.') unless $redis.present?
+      return $redis
+    end
+
     def redis_key
-      return "user_#{self.sid}"
+      return "user_#{self.sid.downcase}"
     end
 
     def token_valid?
-      api_key = User.fetch_api_key_from_redis(self.sid)
+      api_key = self.fetch_api_key_from_redis(self.sid)
       return api_key.present? &&
           api_key.key?(:auth_token) &&
           api_key.key?(:expires_at) &&
@@ -76,23 +97,5 @@ module CowAuth
       self.sid ||= "C#{SecureRandom.hex(16)}"
       return true
     end
-
-    def self.generate_auth_token
-      return SecureRandom.hex(32)
-    end
-
-    def self.generate_token_expires_at
-      return 1.month.from_now
-    end
-
-    def self.fetch_api_key_from_redis(sid)
-      User.assert_redis_handle_present
-      api_key = $redis.get("user_#{sid}")
-      return api_key.present? ? JSON.parse(api_key).try(:symbolize_keys) : nil
-    end
-
-    def self.assert_redis_handle_present
-      raise CowAuth::RedisHandleMissingError.new('"$redis" handle not found.') unless $redis.present?
-    end
   end
 end

data/lib/cow_auth/version.rb

@@ -1,3 +1,3 @@
 module CowAuth
-  VERSION = '0.4.2'
+  VERSION = '0.5.0'
 end

data/lib/cow_auth.rb

@@ -1,8 +1,6 @@
 require 'cow_auth/version'
 require 'cow_auth/user'
 require 'cow_auth/exceptions'
-require 'cow_auth/session_auth/session_endpoints'
-require 'cow_auth/session_auth/authenticate_request'
 require 'cow_auth/token_auth/session_endpoints'
 require 'cow_auth/token_auth/authenticate_request'
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cow_auth
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.5.0
 platform: ruby
 authors:
 - Mickey Cowden
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-06-27 00:00:00.000000000 Z
+date: 2017-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.14'
+        version: '1.16'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.14'
+        version: '1.16'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '12.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '12.3'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -52,20 +52,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '5.10'
-- !ruby/object:Gem::Dependency
-  name: active_model_serializers
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
 - !ruby/object:Gem::Dependency
   name: scrypt
   requirement: !ruby/object:Gem::Requirement
@@ -100,12 +86,9 @@ files:
 - cow_auth.gemspec
 - lib/cow_auth.rb
 - lib/cow_auth/exceptions.rb
-- lib/cow_auth/session_auth/authenticate_request.rb
-- lib/cow_auth/session_auth/session_endpoints.rb
 - lib/cow_auth/token_auth/authenticate_request.rb
 - lib/cow_auth/token_auth/session_endpoints.rb
 - lib/cow_auth/user.rb
-- lib/cow_auth/user_serializer.rb
 - lib/cow_auth/version.rb
 homepage: https://github.com/mickey13/cow_auth
 licenses:
@@ -127,7 +110,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.12
+rubygems_version: 2.7.3
 signing_key: 
 specification_version: 4
 summary: Authentication gem

data/lib/cow_auth/session_auth/authenticate_request.rb

@@ -1,21 +0,0 @@
-require 'cow_auth/exceptions'
-
-module CowAuth
-  module SessionAuth
-    module AuthenticateRequest
-      extend ActiveSupport::Concern
-
-    private
-
-      def authenticate_user
-        @current_user = User.find_by(uuid: session[:current_user])
-        raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
-        return true
-      end
-
-      def current_user
-        return @current_user
-      end
-    end
-  end
-end

data/lib/cow_auth/session_auth/session_endpoints.rb

@@ -1,32 +0,0 @@
-require 'cow_auth/exceptions'
-
-module CowAuth
-  module SessionAuth
-    module SessionEndpoints
-      extend ActiveSupport::Concern
-
-      def new
-      end
-
-      def create
-        user = User.find_by(email: params[:email])
-        if user.try(:authenticate, params[:password])
-          session[:current_user] = user.uuid
-          redirect_to sign_in_success_path
-        else
-          session[:current_user] = nil
-          raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
-        end
-      end
-
-      def destroy
-        if @current_user.present?
-          session[:current_user] = nil
-          redirect_to sign_out_success_path
-        else
-          raise CowAuth::StandardError.new('Could not sign user out.')
-        end
-      end
-    end
-  end
-end

data/lib/cow_auth/user_serializer.rb

@@ -1,7 +0,0 @@
-require 'active_model_serializers'
-
-module CowAuth
-  class UserSerializer < ActiveModel::Serializer
-    attributes :email, :sid, :auth_token, :first_name, :last_name, :sign_in_count
-  end
-end