RubyGems - credible - Versions diffs - 0.1.3 → 0.2.0 - Mend

credible 0.1.3 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/README.md +10 -66
data/app/controllers/credible/authentication/sessions_controller.rb +2 -2
data/app/controllers/credible/authentication/users_controller.rb +6 -6
data/app/controllers/credible/authentication_controller.rb +1 -1
data/config/initializers/warden.rb +2 -2
data/lib/credible/application_controller.rb +50 -0
data/lib/credible/session.rb +43 -0
data/lib/credible/user.rb +51 -0
data/lib/credible/version.rb +1 -1
data/lib/credible.rb +7 -0
metadata +7 -5
data/app/controllers/credible/application_controller.rb +0 -43

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 96162f717345b6f2e21358b34a5b51f86a305c92a3c98a39453596619d88317d
-  data.tar.gz: 67852dc6fda7440f1a00e6e9e0613c39eb9df826079388d0034d013135011a7a
+  metadata.gz: 26e8296ed1bf8eccded84ae3f9d856942475bd0a9f4599b5b7a396932e280fce
+  data.tar.gz: 61f7119a19a8295f1ea82aa62074417a04cc2ba7fd64d5b81147fdfe931507c1
 SHA512:
-  metadata.gz: 17f04e7f1a9826489e3182ddb060c7522b835a2f4e009b7bcebd8a38154cd0b22b8d09a23c83b7fce758a4c2b8a0431bd42120c2e3b5c57c04a05685414f0e93
-  data.tar.gz: d76edd44b640d760af1329449dd35ee52db0f332056a20856acf2432589012ed86d63d8ac2b5af26def7ea2c3dc41fc995ec64501bd127aa8cf0e489538ad822
+  metadata.gz: f33e0db40e889814c25dbefd88efe0ea6f39fa67d3eb966054b07064b5268e89cdcb58a056ded8c79b54d7df7c7f87da6e2eaf22b6d1298966c4820998795d50
+  data.tar.gz: 1e260353acc82654382167391a2cd8ba3d4f69eb0ef1ce37edcb25bfd72cceaa8f87ceb30176e490ac2e90358892588aefadade526b1f383d132e5307882c36a

data/README.md CHANGED Viewed

@@ -29,6 +29,14 @@ Rails.application.routes.draw do
 end
 ```
+And in your Application Controller, inherit from `Credible::ApplicationController`:
+```ruby
+class ApplicationController < ActionController::Base
+  include Credible::ApplicationController
+end
+```
 Credible is a work in progress and requires a complicated setup for now. It was extracted from [thombruce/helvellyn](https://github.com/thombruce/helvellyn). You'll need to add models and configure them manually. In future, I'll had helpers to handle this for you.
 ## Add Models
@@ -43,43 +51,7 @@ rails g model User email:string:uniq password_digest:string confirmation_token:t
 ```ruby
 class User < ApplicationRecord
-  has_secure_password validations: false
-  has_secure_token :confirmation_token
-  has_many :sessions, dependent: :destroy
-  validates :email, presence: true
-  validates :email, format: { with: URI::MailTo::EMAIL_REGEXP }
-  # Custom password validation
-  validate do |record|
-    record.errors.add(:password, :blank) unless record.password_digest.present? || record.confirmation_token.present?
-  end
-  validates_length_of :password, maximum: ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
-  validates_confirmation_of :password, allow_blank: true
-  # End custom password validation
-  def self.authenticate(params)
-    user = find_by_login(params[:login])
-    user&.authenticate(params[:password])
-  end
-  def confirm
-    self.confirmation_token = nil
-    self.password = SecureRandom.hex(8) unless password_digest.present?
-    self.confirmed_at = Time.now.utc
-  end
-  def confirmed?
-    confirmed_at.present?
-  end
-  def reset_password
-    self.password_digest = nil
-    self.confirmed_at = nil
-    regenerate_confirmation_token
-  end
+  include Credible::User
 end
 ```
@@ -91,35 +63,7 @@ rails g model Session user:references token:token
 ```ruby
 class Session < ApplicationRecord
-  belongs_to :user
-  has_secure_token
-  def self.authenticate(params)
-    user = User.authenticate(params)
-    new(user: user)
-  end
-  def jwt
-    payload = {
-      data: jwt_data,
-      iss: 'Helvellyn'
-    }
-    JWT.encode payload, Rails.application.secrets.secret_key_base, 'HS256' # [1]
-  end
-  private
-  def jwt_data
-    {
-      session_id: id,
-      user_id: user.id,
-      user: {
-        id: user.id,
-        email: user.email
-      }
-    }
-  end
+  include Credible::Session
 end
 ```

data/app/controllers/credible/authentication/sessions_controller.rb CHANGED Viewed

@@ -15,14 +15,14 @@ class Credible::Authentication::SessionsController < Credible::AuthenticationCon
   # GET /sessions/new
   def new
-    @session = Session.new
+    @session = ::Session.new
     authorize @session
   end
   # POST /sessions
   # POST /sessions.json
   def create
-    @session = Session.authenticate(permitted_attributes(Session))
+    @session = ::Session.authenticate(permitted_attributes(Session))
     authorize @session
     if @session.save

data/app/controllers/credible/authentication/users_controller.rb CHANGED Viewed

@@ -10,19 +10,19 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/new
   def new
-    @user = User.new
+    @user = ::User.new
     authorize @user
   end
   # POST /users
   # POST /users.json
   def create
-    @user = User.new(permitted_attributes(User))
+    @user = ::User.new(permitted_attributes(User))
     authorize @user
     if @user.save
       Credible::UserMailer.with(user: @user).confirmation_email.deliver_later
-      @session = Session.create(user: @user)
+      @session = ::Session.create(user: @user)
       render :show, status: :created, location: @user
     else
       render json: @user.errors, status: :unprocessable_entity
@@ -32,13 +32,13 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/confirm/:confirmation_token
   # GET /users/confirm/:confirmation_token.json
   def confirm
-    @user = User.find_by(confirmation_token: params[:confirmation_token])
+    @user = ::User.find_by(confirmation_token: params[:confirmation_token])
     authorize @user
     @user.confirm
     if @user.save
-      @session = current_user ? current_session : Session.create(user: @user)
+      @session = current_user ? current_session : ::Session.create(user: @user)
       render :show, status: :created, location: @user
     else
       render json: @user.errors, status: :unprocessable_entity
@@ -48,7 +48,7 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # POST /users/reset_password
   # POST /users/reset_password.json
   def reset_password
-    @user = User.find_by(email: permitted_attributes(User)[:email])
+    @user = ::User.find_by(email: permitted_attributes(User)[:email])
     authorize @user
     @user.reset_password

data/app/controllers/credible/authentication_controller.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-class Credible::AuthenticationController < Credible::ApplicationController
+class Credible::AuthenticationController < ApplicationController
   # TODO: Authentication module is now redundant inside Credible Engine.
   #       Migrate out of namespace.

data/config/initializers/warden.rb CHANGED Viewed

@@ -30,7 +30,7 @@ Warden::Strategies.add(:jwt) do
       fail!('Could not authenticate')
     end
-    session = Session.find(token[0]['data']['session_id'])
+    session = ::Session.find(token[0]['data']['session_id'])
     session ? success!(session) : fail!('Could not authenticate')
   end
@@ -50,7 +50,7 @@ Warden::Strategies.add(:api_token) do
   end
   def authenticate!
-    session = Session.find_by(token: env['HTTP_API_TOKEN'])
+    session = ::Session.find_by(token: env['HTTP_API_TOKEN'])
     session ? success!(session) : fail!('Could not authenticate')
   end

data/lib/credible/application_controller.rb ADDED Viewed

@@ -0,0 +1,50 @@
+module Credible
+  module ApplicationController
+    extend ActiveSupport::Concern
+    included do
+      skip_before_action :verify_authenticity_token
+      include Pundit
+      after_action :verify_authorized
+      after_action :verify_policy_scoped, only: :index
+      rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
+      rescue_from Pundit::NotDefinedError, with: :user_not_authorized
+      before_action :authenticate!, if: proc { request.env['HTTP_AUTHORIZATION'] || request.env['HTTP_API_TOKEN'] }
+      helper_method :current_user
+      helper_method :current_session
+      def pundit_user
+        current_session
+      end
+      def current_user
+        current_session.user
+      end
+      def current_session
+        warden.user(:session) || ::Session.new(user: nil)
+      end
+      def warden
+        request.env['warden']
+      end
+      def authenticate!
+        warden.authenticate!
+      end
+    end
+    class_methods do
+    end
+    private
+    def user_not_authorized
+      render json: {}.to_json, status: :forbidden
+    end
+  end
+end

data/lib/credible/session.rb ADDED Viewed

@@ -0,0 +1,43 @@
+module Credible
+  module Session
+    extend ActiveSupport::Concern
+    included do
+      attr_accessor :login
+      belongs_to :user, optional: true
+      has_secure_token
+      def jwt
+        payload = {
+          data: jwt_data,
+          iss: 'Helvellyn'
+        }
+        JWT.encode payload, Rails.application.secrets.secret_key_base, 'HS256' # [1]
+      end
+    end
+    class_methods do
+      def authenticate(params)
+        user = ::User.authenticate(params)
+        new(user: user)
+      end
+    end
+    private
+    def jwt_data
+      {
+        session_id: id,
+        user_id: user.id,
+        user: {
+          id: user.id,
+          email: user.email
+        }
+      }
+    end
+  end
+end
+# [1] Use of `secrets` instead of `credentials` makes for a container-ready deploy on Heroku (easier setup for open source)

data/lib/credible/user.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module Credible
+  module User
+    extend ActiveSupport::Concern
+    included do
+      has_secure_password validations: false
+      has_secure_token :confirmation_token
+      has_many :sessions, dependent: :destroy
+      validates :email, presence: true
+      validates :email, format: { with: URI::MailTo::EMAIL_REGEXP }
+      # Custom password validation
+      validate do |record|
+        record.errors.add(:password, :blank) unless record.password_digest.present? || record.confirmation_token.present?
+      end
+      validates_length_of :password, maximum: ActiveModel::SecurePassword::MAX_PASSWORD_LENGTH_ALLOWED
+      validates_confirmation_of :password, allow_blank: true
+      # End custom password validation
+      def confirm
+        self.confirmation_token = nil
+        self.password = SecureRandom.hex(8) unless password_digest.present?
+        self.confirmed_at = Time.now.utc
+      end
+      def confirmed?
+        confirmed_at.present?
+      end
+      def reset_password
+        self.password_digest = nil
+        self.confirmed_at = nil
+        regenerate_confirmation_token
+      end
+    end
+    class_methods do
+      def find_by_login(login)
+        find_by(email: login)
+      end
+      def authenticate(params)
+        user = find_by_login(params[:login])
+        user&.authenticate(params[:password])
+      end
+    end
+  end
+end

data/lib/credible/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Credible
-  VERSION = '0.1.3'
+  VERSION = '0.2.0'
 end

data/lib/credible.rb CHANGED Viewed

@@ -1,5 +1,12 @@
+require "active_support"
 require "credible/engine"
+require "credible/application_controller"
+require "credible/user"
+require "credible/session"
 module Credible
   # Your code goes here...
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: credible
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors:
 - Thom Bruce
@@ -73,19 +73,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 4.0.0.beta3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 4.0.0.beta3
 description: Provides token-based authentication for Rails API apps.
 email:
 - thom@thombruce.com
@@ -95,7 +95,6 @@ extra_rdoc_files: []
 files:
 - README.md
 - Rakefile
-- app/controllers/credible/application_controller.rb
 - app/controllers/credible/authentication/sessions_controller.rb
 - app/controllers/credible/authentication/users_controller.rb
 - app/controllers/credible/authentication_controller.rb
@@ -119,7 +118,10 @@ files:
 - config/initializers/warden.rb
 - config/routes.rb
 - lib/credible.rb
+- lib/credible/application_controller.rb
 - lib/credible/engine.rb
+- lib/credible/session.rb
+- lib/credible/user.rb
 - lib/credible/version.rb
 - lib/tasks/credible_tasks.rake
 homepage: https://github.com/thombruce/credible

data/app/controllers/credible/application_controller.rb DELETED Viewed

@@ -1,43 +0,0 @@
-module Credible
-  class ApplicationController < ActionController::Base
-    skip_before_action :verify_authenticity_token
-    include Pundit
-    after_action :verify_authorized
-    after_action :verify_policy_scoped, only: :index
-    rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
-    rescue_from Pundit::NotDefinedError, with: :user_not_authorized
-    before_action :authenticate!, if: proc { request.env['HTTP_AUTHORIZATION'] || request.env['HTTP_API_TOKEN'] }
-    helper_method :current_user
-    helper_method :current_session
-    def pundit_user
-      current_session
-    end
-    def current_user
-      current_session.user
-    end
-    def current_session
-      warden.user(:session) || Session.new(user: nil)
-    end
-    def warden
-      request.env['warden']
-    end
-    def authenticate!
-      warden.authenticate!
-    end
-    private
-    def user_not_authorized
-      render json: {}.to_json, status: :forbidden
-    end
-  end
-end