cow_auth 0.5.3 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1455b64dcd0206bf8ffd9a4539f4de942952ede5dad80c60b0f86186814735fc
-  data.tar.gz: fc0e8de3a619e761b9fcdc525622d8056f20f939e60592064ada6f76adbcf9a3
+  metadata.gz: '08bc282855f351e65f119c983bd016fe5d1e1bd25e12ba949022ef07c04df8a6'
+  data.tar.gz: 7fc1a92f50a815fa7f534f24129f032bbaa0f741d2118977a03ff50daf341bb4
 SHA512:
-  metadata.gz: 5d2fc711916cb332f6279cee78459af32a0610264a95ab4899db92d693d6083acbef67491c2ed296e102f8423b5e0ebd50cabbc749ce3cd61eaa06cdd4bed0d4
-  data.tar.gz: 964cf902670e4f7298b9ba2593e675d7fd00699424c79bc38e6cafb67072b39bb5462e336e1408dbaa7868ab1a70a086952c54220a874cfcf858949610b3d8db
+  metadata.gz: 1b499e57597af0995b6aabd9f9184f666b102d32ca6e5cbb067ca7ee2dc6649d0f67cb223fb1fcb97c25f2ca4adaca836e76d1185016612fa0e276b328dc5e60
+  data.tar.gz: 8a1ac0b95249ab9f286554cb735feaef539c8bb70beb0ce180a12e4e40283e6ab4a27eaa472506cffc03f6791aaf3ac9c85d7737f0892628e8a45588b946d68c

data/.gitignore

@@ -6,4 +6,3 @@
 /pkg/
 /spec/reports/
 /tmp/
-*.gem

data/.travis.yml

@@ -1,5 +1,6 @@
-sudo: false
+---
 language: ruby
+cache: bundler
 rvm:
-  - 2.5.0
-before_install: gem install bundler -v 1.16.1.pre1
+  - 2.7.1
+before_install: gem install bundler -v 2.1.4

data/CODE_OF_CONDUCT.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at mickey@vt.edu. All
+reported by contacting the project team at mickey@cowden.tech. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.
@@ -68,7 +68,7 @@ members of the project's leadership.
 ## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
+available at [https://contributor-covenant.org/version/1/4][version]
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
+[homepage]: https://contributor-covenant.org
+[version]: https://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -1,6 +1,7 @@
 source 'https://rubygems.org'
 
-git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
-
 # Specify your gem's dependencies in cow_auth.gemspec
 gemspec
+
+gem 'rake', '~> 12.0'
+gem 'minitest', '~> 5.0'

data/Gemfile.lock

@@ -1,41 +1,46 @@
 PATH
   remote: .
   specs:
-    cow_auth (0.5.3)
-      activesupport (~> 5.1)
+    cow_auth (0.7.1)
+      activerecord (~> 6.0)
       scrypt (~> 3.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (5.1.4)
+    activemodel (6.1.3)
+      activesupport (= 6.1.3)
+    activerecord (6.1.3)
+      activemodel (= 6.1.3)
+      activesupport (= 6.1.3)
+    activesupport (6.1.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (~> 0.7)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-    concurrent-ruby (1.0.5)
-    ffi (1.9.18)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    concurrent-ruby (1.1.8)
+    ffi (1.15.0)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
-    i18n (0.9.1)
+    i18n (1.8.9)
       concurrent-ruby (~> 1.0)
-    minitest (5.11.1)
-    rake (12.3.0)
-    scrypt (3.0.5)
+    minitest (5.14.4)
+    rake (12.3.3)
+    scrypt (3.0.7)
       ffi-compiler (>= 1.0, < 2.0)
-    thread_safe (0.3.6)
-    tzinfo (1.2.4)
-      thread_safe (~> 0.1)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    zeitwerk (2.4.2)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  bundler (~> 1.16)
   cow_auth!
-  minitest (~> 5.11)
-  rake (~> 12.3)
+  minitest (~> 5.0)
+  rake (~> 12.0)
 
 BUNDLED WITH
-   1.16.1
+   2.2.15

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017 Mickey Cowden
+Copyright (c) 2020 Mickey Cowden
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,6 +1,6 @@
 # CowAuth
 
-The main goal of this gem is to provide token-based authentication for Rails (or Rails-like) web applications.
+The goal of this gem is to provide token-based authentication for Rails (or Rails-like) web applications.
 
 ## Installation
 
@@ -12,7 +12,7 @@ gem 'cow_auth'
 
 And then execute:
 
-    $ bundle
+    $ bundle install
 
 Or install it yourself as:
 
@@ -26,37 +26,37 @@ Configure your user model to add the authentication mechanism.
 
 #### Generator (Example)
 
-    $ bundle exec rails generate model user uuid:string:uniq email:string:uniq sid:string:uniq encrypted_password:string locale:string first_name:string last_name:string role:integer sign_in_count:integer is_approved:boolean is_deleted:boolean
+    $ bundle exec rails generate model user uuid:string:uniq email:string:uniq sid:string:uniq encrypted_password:string locale:string first_name:string last_name:string sign_in_count:integer is_enabled:boolean is_deleted:boolean
 
 #### Migration (Example)
 
     # Modified migration; includes indexes and other stuff you might not want.
-    class CreateUsers < ActiveRecord::Migration[5.2]
+    class CreateUsers < ActiveRecord::Migration[6.0]
       def change
         create_table :users do |t|
           t.string :uuid, null: false
           t.string :email, null: false
           t.string :sid, null: false
-          t.string :encrypted_password, null: false
           t.string :locale, null: false
+          t.string :encrypted_password, null: false
+          t.string :auth_token
           t.string :first_name
           t.string :last_name
-          t.integer :role, default: 0, null: false
           t.integer :sign_in_count, default: 0, null: false
-          t.boolean :is_approved, default: false, null: false
+          t.boolean :is_enabled, default: false, null: false
           t.boolean :is_deleted, default: false, null: false
+          t.timestamp :expires_at
           t.timestamps
-          t.index [:uuid], unique: true
-          t.index [:email], unique: true
-          t.index [:sid], unique: true
         end
+        add_index :users, :uuid, unique: true
+        add_index :users, :email, unique: true
+        add_index :users, :sid, unique: true
       end
     end
 
-#### Model Concern
+#### Model Inheritance
 
-    class User < ApplicationRecord
-      include CowAuth::User
+    class User < CowAuth::User
     end
 
 #### Create User
@@ -100,12 +100,40 @@ Add the following private method to the ApplicationController (assuming User is
       end
     end
 
-#### Sessions Controller Example
+#### Sessions Controller HTML Example
+
+The `sign_in_success_path` and `sign_out_success_path` methods need to be defined for redirecting after successful sign-in and sign-out.
+
+    class SessionsController < ApplicationController
+      include CowAuth::SessionAuth::SessionEndpoints
+
+      skip_before_action :authenticate_user, only: [:new, :create]
+
+    private
+
+      def sign_in_success_path
+        return root_url
+      end
+
+      def sign_out_success_path
+        return sign_in_url
+      end
+    end
+
+#### Sessions Controller JSON Example
+
+The `sign_in_success_response_payload` method can optionally be overridden to customize the response payload for a successful sign-in.
 
     class Api::V1::SessionsController < ApplicationController
       include CowAuth::TokenAuth::SessionEndpoints
 
       skip_before_action :authenticate_user, only: [:create]
+
+    protected
+
+      def sign_in_success_response_payload
+        return { uuid: @user.uuid, sid: @user.sid, auth_token: @user.auth_token }
+      end
     end
 
 ### Token Authentication
@@ -138,7 +166,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/mickey13/cow_auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/mickey13/cow-auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/mickey13/cow-auth/blob/master/CODE_OF_CONDUCT.md).
 
 ## License
 
@@ -146,4 +174,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Code of Conduct
 
-Everyone interacting in the CowAuth project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/mickey13/cow-auth/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the CowAuth project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/mickey13/cow-auth/blob/master/CODE_OF_CONDUCT.md).

data/cow_auth.gemspec

@@ -1,31 +1,30 @@
-
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'cow_auth/version'
+require_relative 'lib/cow_auth/version'
 
 Gem::Specification.new do |spec|
   spec.name = 'cow_auth'
   spec.version = CowAuth::VERSION
   spec.authors = ['Mickey Cowden']
-  spec.email = ['mickey@vt.edu']
+  spec.email = ['mickey@cowden.tech']
 
   spec.summary = 'Authentication gem'
-  spec.description = 'The main goal of this gem is to provide token-based authentication for Rails (or Rails-like) web applications.'
+  spec.description = 'The goal of this gem is to provide token-based authentication for Rails (or Rails-like) web applications.'
   spec.homepage = 'https://github.com/mickey13/cow-auth'
   spec.license = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.3.0')
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = spec.homepage
+  spec.metadata['changelog_uri'] = spec.homepage
 
-  spec.files = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
   spec.bindir = 'exe'
   spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.required_ruby_version = '~> 2.4'
-
-  spec.add_development_dependency 'bundler', '~> 1.16'
-  spec.add_development_dependency 'rake', '~> 12.3'
-  spec.add_development_dependency 'minitest', '~> 5.11'
-  spec.add_runtime_dependency 'activesupport', '~> 5.1'
+  spec.add_runtime_dependency 'activerecord', '~> 6.0'
   spec.add_runtime_dependency 'scrypt', '~> 3.0'
 end

data/lib/cow_auth.rb

@@ -1,6 +1,8 @@
 require 'cow_auth/version'
 require 'cow_auth/user'
 require 'cow_auth/exceptions'
+require 'cow_auth/session_auth/session_endpoints'
+require 'cow_auth/session_auth/authenticate_request'
 require 'cow_auth/token_auth/session_endpoints'
 require 'cow_auth/token_auth/authenticate_request'
 

data/lib/cow_auth/exceptions.rb

@@ -1,7 +1,4 @@
 module CowAuth
   class NotAuthenticatedError < StandardError
   end
-
-  class RedisHandleMissingError < StandardError
-  end
 end

data/lib/cow_auth/session_auth/authenticate_request.rb

@@ -0,0 +1,21 @@
+require 'cow_auth/exceptions'
+
+module CowAuth
+  module SessionAuth
+    module AuthenticateRequest
+      extend ActiveSupport::Concern
+
+    private
+
+      def authenticate_user
+        @current_user = authentication_class.find_by(sid: session[:current_user])
+        raise CowAuth::NotAuthenticatedError.new('User not authenticated.') if @current_user.blank?
+        return true
+      end
+
+      def current_user
+        return @current_user
+      end
+    end
+  end
+end

data/lib/cow_auth/session_auth/session_endpoints.rb

@@ -0,0 +1,32 @@
+require 'cow_auth/exceptions'
+
+module CowAuth
+  module SessionAuth
+    module SessionEndpoints
+      extend ActiveSupport::Concern
+
+      def new
+      end
+
+      def create
+        user = authentication_class.find_by(email: params[:email])
+        if user.try(:authenticate_with_password, params[:password])
+          session[:current_user] = user.sid
+          redirect_to sign_in_success_path
+        else
+          session[:current_user] = nil
+          raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
+        end
+      end
+
+      def destroy
+        if @current_user.present?
+          session[:current_user] = nil
+          redirect_to sign_out_success_path
+        else
+          raise CowAuth::StandardError.new('Could not sign user out.')
+        end
+      end
+    end
+  end
+end

data/lib/cow_auth/token_auth/session_endpoints.rb

@@ -6,22 +6,28 @@ module CowAuth
       extend ActiveSupport::Concern
 
       def create
-        user = authentication_class.find_by(email: params[:email])
-        if user.try(:authenticate_with_password, params[:password])
-          user.api_sign_in
-          render json: { sid: user.sid, auth_token: user.auth_token }, status: :ok
+        @user = authentication_class.find_by(email: params[:email])
+        if @user.try(:authenticate_with_password, params[:password])
+          @user.create_auth_token
+          render json: self.sign_in_success_response_payload, status: :ok
         else
           raise CowAuth::NotAuthenticatedError.new('Invalid user credentials.')
         end
       end
 
       def destroy
-        if @current_user.try(:api_sign_out)
+        if @current_user.try(:destroy_auth_token)
           head :no_content
         else
           raise CowAuth::NotAuthenticatedError.new('Could not sign user out.')
         end
       end
+
+    protected
+
+      def sign_in_success_response_payload
+        return { sid: @user.sid, auth_token: @user.auth_token }
+      end
     end
   end
 end

data/lib/cow_auth/user.rb

@@ -1,20 +1,16 @@
+require 'active_record'
 require 'scrypt'
-require 'cow_auth/exceptions'
 
 module CowAuth
-  module User
-    extend ActiveSupport::Concern
+  class User < ActiveRecord::Base
+    after_initialize :generate_sid_if_necessary
 
-    included do
-      after_initialize :generate_sid_if_necessary
-
-      validates :email, presence: true
-      validates :email, uniqueness: true
-      validates :encrypted_password, presence: true
-      validates :sid, presence: true
-      validates :sid, uniqueness: true
-      validates :sid, format: { with: /\AC[a-z0-9]{32}\z/ }
-    end
+    validates :email, presence: true
+    validates :email, uniqueness: true
+    validates :encrypted_password, presence: true
+    validates :sid, presence: true
+    validates :sid, uniqueness: true
+    validates :sid, format: { with: /\AC[a-z0-9]{32}\z/ }
 
     def authenticate_with_password(password)
       return false if self.encrypted_password.blank?
@@ -26,34 +22,31 @@ module CowAuth
     end
 
     def authenticate_with_token(auth_token)
-      api_key = self.fetch_api_key_from_redis(sid)
-      if api_key.present? &&
-          api_key.key?(:auth_token) &&
-          api_key.key?(:expires_at) &&
-          api_key[:auth_token] == auth_token &&
-          api_key[:expires_at] > Time.zone.now
+      if self.auth_token.present? &&
+          self.expires_at.present? &&
+          self.auth_token == auth_token &&
+          self.expires_at > Time.zone.now
         return true
       end
       return false
     end
 
-    def api_sign_in
-      self.redis_handle.set(self.redis_key, {
+    def create_auth_token
+      self.update(
         auth_token: self.token_valid? ? self.auth_token : self.generate_auth_token,
         expires_at: self.generate_token_expires_at
-      }.to_json)
+      )
       return true
     end
 
-    def api_sign_out
-      self.redis_handle.del(self.redis_key)
+    def destroy_auth_token
+      self.update(
+        auth_token: nil,
+        expires_at: nil
+      )
       return true
     end
 
-    def auth_token
-      return self.fetch_api_key_from_redis(self.sid).try(:[], :auth_token)
-    end
-
     def password=(new_password)
       return false if new_password.blank?
       salt = SCrypt::Engine.generate_salt
@@ -63,11 +56,6 @@ module CowAuth
 
   protected
 
-    def fetch_api_key_from_redis(sid)
-      api_key = self.redis_handle.get(self.redis_key)
-      return api_key.present? ? JSON.parse(api_key).try(:symbolize_keys) : nil
-    end
-
     def generate_auth_token
       return SecureRandom.hex(64)
     end
@@ -76,21 +64,10 @@ module CowAuth
       return 1.month.from_now
     end
 
-    def redis_handle
-      raise CowAuth::RedisHandleMissingError.new('"$redis" handle not found.') unless $redis.present?
-      return $redis
-    end
-
-    def redis_key
-      return "user_#{self.sid.downcase}"
-    end
-
     def token_valid?
-      api_key = self.fetch_api_key_from_redis(self.sid)
-      return api_key.present? &&
-          api_key.key?(:auth_token) &&
-          api_key.key?(:expires_at) &&
-          api_key[:expires_at] > Time.zone.now
+      return self.auth_token.present? &&
+          self.expires_at.present? &&
+          self.expires_at > Time.zone.now
     end
 
   private

data/lib/cow_auth/version.rb

@@ -1,3 +1,3 @@
 module CowAuth
-  VERSION = '0.5.3'
+  VERSION = '0.7.1'
 end

metadata

@@ -1,71 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: cow_auth
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.7.1
 platform: ruby
 authors:
 - Mickey Cowden
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-01-18 00:00:00.000000000 Z
+date: 2021-03-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.16'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '12.3'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '12.3'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.11'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.11'
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: scrypt
   requirement: !ruby/object:Gem::Requirement
@@ -80,10 +38,10 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.0'
-description: The main goal of this gem is to provide token-based authentication for
-  Rails (or Rails-like) web applications.
+description: The goal of this gem is to provide token-based authentication for Rails
+  (or Rails-like) web applications.
 email:
-- mickey@vt.edu
+- mickey@cowden.tech
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -101,6 +59,8 @@ files:
 - cow_auth.gemspec
 - lib/cow_auth.rb
 - lib/cow_auth/exceptions.rb
+- lib/cow_auth/session_auth/authenticate_request.rb
+- lib/cow_auth/session_auth/session_endpoints.rb
 - lib/cow_auth/token_auth/authenticate_request.rb
 - lib/cow_auth/token_auth/session_endpoints.rb
 - lib/cow_auth/user.rb
@@ -108,25 +68,27 @@ files:
 homepage: https://github.com/mickey13/cow-auth
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  homepage_uri: https://github.com/mickey13/cow-auth
+  source_code_uri: https://github.com/mickey13/cow-auth
+  changelog_uri: https://github.com/mickey13/cow-auth
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - "~>"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.4
-signing_key: 
+rubygems_version: 3.2.15
+signing_key:
 specification_version: 4
 summary: Authentication gem
 test_files: []