cz_auth 0.0.1 → 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: de5f5d2313c8fe1d61a0454ecfd85b1ab9c737e6
+  data.tar.gz: 61a829f603db0d2f05686bd677148808facae640
+SHA512:
+  metadata.gz: 6d5e514cfe066dd17dcf5f4b6f18428c2eb8dcb9c125166466b3a1332a8232ff9e42778563e63f67fc1fd6cf6e235c0170c2426f5c98db4180a9584ac1ac7eab
+  data.tar.gz: ee4f054b34eb411bd3ebcf4faa469538fa2e278a9e4c74e60a80f4fa492212ebee62d005422094b45fb3339b477bd136f87d67c32b3651b9b770430b117213c0

data/README.md

@@ -0,0 +1,45 @@
+CzAuth
+=
+
+Simple authentication functionality packaged into  gem
+
+Usage
+=
+
+```shell
+rails g cz_auth:install <model_name>
+rake db:migrate
+```
+
+You can also work with existing models, by adding the following to an existing model
+```ruby
+requires_authentication
+```
+
+Add the following to the top of `application_controller.rb`
+```ruby
+include CzAuth::Concerns::Authentication
+```
+
+Add the following to the top of `routes.rb`
+```ruby
+mount CzAuth::Engine => "/"
+```
+
+Details
+=
+
+The generator will generate a model with the following attributes:
+
+* email
+* password_digest
+* auth_token
+* password_reset_token
+
+It will then place a `requires_authentication` method at the top of the model. This will trigger `has_secure_password`, and before filter used to generate an auth_token.
+
+The model will gain the following methods, and can be override at will:
+
+__generate_token__: This method takes one argument, which is the column that the token will be placed in. By default, this can be `auth_token`, or `password_reset_token`
+
+It does not create controllers, or mailers. These are left to the main application to implement.

data/Rakefile

@@ -4,24 +4,18 @@ begin
 rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end
-begin
-  require 'rdoc/task'
-rescue LoadError
-  require 'rdoc/rdoc'
-  require 'rake/rdoctask'
-  RDoc::Task = Rake::RDocTask
-end
 
-RDoc::Task.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'CzAuth'
-  rdoc.options << '--line-numbers'
-  rdoc.rdoc_files.include('README.rdoc')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
+APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
 
+Bundler::GemHelper.install_tasks
 
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
 
+require 'rspec/core'
+require 'rspec/core/rake_task'
 
-Bundler::GemHelper.install_tasks
+desc "Run all specs in spec directory (excluding plugin specs)"
+RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
 
+task :default => :spec

data/app/controllers/cz_auth/application_controller.rb

@@ -1,26 +1,5 @@
 module CzAuth
   class ApplicationController < ActionController::Base
-    before_filter :fetch_resource
-
-    protected
-
-      # Specify when a controller requires authentication
-      def require_authentication(options={})
-        unless current_user
-          flash[:error] = options[:error]
-          redirect_to options[:redirect]
-        end
-      end
-
-      # Load the resource, via params[:resource]
-      def fetch_resource
-        begin
-          klass = params[:resource].classify
-          @klass = klass.constantize
-        rescue
-          raise AbstractController::ActionNotFound
-        end
-      end
-
+    include CzAuth::Concerns::Authentication
   end
 end

data/app/controllers/cz_auth/authentication_controller.rb

@@ -0,0 +1,26 @@
+module CzAuth
+  class AuthenticationController < ApplicationController
+    skip_before_filter { :"authorize_#{model}!" }
+
+    def create
+      resource = model.where(email: params[:email]).first
+      @authenticated = perform_authentication_for(resource || model)
+      render @authenticated ? 'create' : 'invalid'
+    end
+
+    def destroy
+      delete_session_cookie
+    end
+
+    private
+
+      def resource_param
+        "#{params[:resource]}".classify
+      end
+
+      def model
+        resource = "#{resource_param}".constantize
+      end
+
+  end
+end

data/app/controllers/cz_auth/concerns/authentication.rb

@@ -0,0 +1,118 @@
+module CzAuth
+  module Concerns
+    module Authentication
+
+      extend ActiveSupport::Concern
+
+      included do
+        authentication_models.each do |model|
+          create_helper_methods_for(model)
+        end
+      end
+
+      module ClassMethods
+
+        # Determine which models are used for authentication
+        def authentication_models
+          @authentication_models ||= begin
+            Dir.glob("app/models/*.rb").map do |file|
+              model = File.basename(file, File.extname(file))
+              resource = model.classify.constantize
+              if resource.instance_methods.include?(:password)
+                model
+              end
+            end.compact!
+          end
+        end
+
+        # Defines helper methods, such as current_user
+        def create_helper_methods_for(model)
+          define_method(:"current_#{model}")       { current_resource(model)       }
+          define_method(:"#{model}_signed_in?")    { resource_signed_in?(model)    }
+          define_method(:"authenticate_#{model}!") { authenticate_resource!(model) }
+          helper_method :"current_#{model}", :"#{model}_signed_in?"
+        end
+
+      end
+
+      protected
+
+        # Convenience method to wrap authentication method, and cookie creation
+        def perform_authentication_for(resource)
+          authenticated = resource.try(:authenticate, credentials[:password] || auth_token)
+          create_session_cookie_for(authenticated)
+          return authenticated
+        end
+
+        # Create a cookie with the auth_token as the value
+        # Will set expiration to the return value of session_length
+        def create_session_cookie_for(resource)
+          if defined?(cookies) && !!resource
+            cookies.signed[:auth_token] = {
+              value: resource.auth_token,
+              expires: resource.session_length.from_now,
+              domain: :all
+            }
+          end
+        end
+
+        # Removes the session cookie
+        def delete_session_cookie
+          cookies.delete(:auth_token, domain: :all)
+        end
+
+        # Fetch the auth_token from either the URL, or HTTP Header
+        def auth_token
+          auth_token = request.headers["X-AUTH-TOKEN"] || params[:auth_token]
+          auth_token ||= cookies.signed[:auth_token] if defined?(cookies)
+          auth_token
+        end
+
+      private
+
+        # Simple credentials object
+        def credentials
+          { email: params[:email], password: params[:password], auth_token: auth_token }
+        end
+
+        # Simple finder to get resource, or return the class
+        def query_resource(model)
+          klass = model.classify.constantize
+          klass.where(auth_token: auth_token).first || klass
+        rescue NoMethodError => e
+          klass
+        end
+
+        # Returns an instance of the currently authenticated resource, or nil
+        def current_resource(var)
+          variable = "@current_#{var}"
+          if instance_variable_defined?(variable)
+            instance_variable_get(variable)
+          else
+            instance_variable_set(variable, perform_authentication_for(query_resource(var)))
+          end
+        end
+
+        # Returns boolean describing whether or not a resource is currently signed in
+        def resource_signed_in?(var)
+          variable = "@#{var}_signed_in"
+          if instance_variable_defined?(variable)
+            instance_variable_get(variable)
+          else
+            instance_variable_set(variable, !!current_resource(var))
+          end
+        end
+
+        # Called to protect a controller
+        # Throws a CzAuth::UnauthorizedAccess if unable to verify existing authentication
+        # Can be rescued from to customize handling
+        def authenticate_resource!(var)
+          raise CzAuth::UnauthorizedAccess unless resource_signed_in?(var)
+        end
+
+    end
+  end
+end
+
+# Simple exception object, can be rescued from to handle response
+class CzAuth::UnauthorizedAccess < StandardError;end

data/app/views/cz_auth/authentication/create.json.erb

@@ -0,0 +1,4 @@
+{
+  "email"      : "<%= @authenticated.email %>",
+  "auth_token" : "<%= @authenticated.auth_token %>"
+}

data/app/views/cz_auth/authentication/invalid.json

@@ -0,0 +1 @@
+{ "error": "Invalid Credentials" }

data/config/environment.rb

@@ -0,0 +1 @@
+# This file exists for CodeClimate security scans

data/config/routes.rb

@@ -1,12 +1,4 @@
-Rails.application.routes.draw do
-
-  # Resources
-  match '/:resource/sessions(/:action)', controller: 'cz_auth/sessions'
-  match '/:resource/registrations(/:action)', controller: 'cz_auth/registrations'
-
-  # Helpers
-  match '/:resource/login',  to: 'cz_auth/sessions#new',       as: 'login'
-  match '/:resource/logout', to: 'cz_auth/sessions#destroy',   as: 'logout'
-  match '/:resource/signup', to: 'cz_auth/registrations#new',  as: 'signup'
-
+CzAuth::Engine.routes.draw do
+  post    '/:resource/authentication', to: 'cz_auth/authentication#create', as: :login
+  delete  '/:resource/authentication', to: 'cz_auth/authentication#destroy', as: :logout
 end

data/lib/cz_auth.rb

@@ -1,5 +1,2 @@
 require "cz_auth/engine"
-require "cz_auth/requires_authentication"
-
-module CzAuth
-end
+require "cz_auth/requires_authentication"

data/lib/cz_auth/engine.rb

@@ -1,4 +1,10 @@
 module CzAuth
   class Engine < ::Rails::Engine
+    config.generators do |g|
+      g.test_framework      :rspec,        :fixture => false
+      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
+      g.assets false
+      g.helper false
+    end
   end
 end

data/lib/cz_auth/requires_authentication.rb

@@ -2,22 +2,53 @@ module CzAuth
   module RequiresAuthentication
     extend ActiveSupport::Concern
 
-    included do
-      def self.requires_authentication
+    module ClassMethods
+
+      def requires_authentication(options = {})
         has_secure_password
         before_create { generate_token(:auth_token) }
       end
+
+    end
+
+    # Generate a token for the specified field
+    def generate_token(column)
+      begin
+        self[column] = SecureRandom.uuid
+      end while self.class.exists?(column => self[column])
+    end
+
+    # Generate a token for the specified field, and save
+    def generate_token!(column)
+      generate_token(column)
+      save
     end
 
-    private
+    # Set the default length of the session
+    # Override to set different value
+    # Default: 2.weeks
+    def session_length
+      2.weeks
+    end
+
+  end
+end
+
+#
+# Override authenticate in order to allow for auth_token
+#
+module ActiveModel
+  module SecurePassword
+    module InstanceMethodsOnActivation
 
-      def generate_token(column)
-        begin
-          self[column] = SecureRandom.urlsafe_base64
-        end while User.exists?(column => self[column])
+      def authenticate(unencrypted_password)
+        (auth_token == unencrypted_password ||
+          BCrypt::Password.new(password_digest) == unencrypted_password) &&
+            self
       end
 
+    end
   end
 end
 
-ActiveRecord::Base.send :include, CzAuth::RequiresAuthentication
+ActiveRecord::Base.send :include, CzAuth::RequiresAuthentication

data/lib/cz_auth/version.rb

@@ -1,3 +1,3 @@
 module CzAuth
-  VERSION = "0.0.1"
+  VERSION = "0.3.0"
 end

data/lib/generators/cz_auth/install_generator.rb

@@ -9,7 +9,7 @@ class CzAuth::InstallGenerator < Rails::Generators::Base
 
   def create_models
     model = user_model.singularize
-    generate("model", "#{model} username email password_digest auth_token")
+    generate("model", "#{model} email password_digest auth_token password_reset_token")
     if File.exists?("app/models/#{user_model}.rb")
       inject_into_file "app/models/#{user_model}.rb", :after => "ActiveRecord::Base" do
         "\n\trequires_authentication"

data/spec/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/spec/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .