demopass 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: ec269ae22d7a0e5138aeba6ee954fde6f51ead3c02e1cfe23070bbdec59343cb
4
+ data.tar.gz: 1fde34f15bb1eed9c1ae52cbd1d3cf4cd38ffc4f87133887b8a095b3204ae475
5
+ SHA512:
6
+ metadata.gz: d66409aec60d5d756f1668842c65992e2493aa1611e91123214a31298441c4e54e7d1de79724d23714fe74610003ff24f699164f0c7a86ff7b685a1a54ac690d
7
+ data.tar.gz: 246085789cdb4fef2fb545cac6d897c1755b2d1b6e7f27d6c9056979d62c9c6d5f7da4b44727a5d91181b571e1efaceec3e727b39ba175636e632791419dfc90
@@ -0,0 +1,13 @@
1
+ version: 2.1
2
+ jobs:
3
+ build:
4
+ docker:
5
+ - image: ruby:2.7.2
6
+ steps:
7
+ - checkout
8
+ - run:
9
+ name: Run the default task
10
+ command: |
11
+ gem install bundler -v 2.2.11
12
+ bundle install
13
+ bundle exec rake
data/.gitignore ADDED
@@ -0,0 +1,2 @@
1
+ /tmp/
2
+ *.gem
data/.rubocop.yml ADDED
@@ -0,0 +1,109 @@
1
+ AllCops:
2
+ TargetRubyVersion: 2.7
3
+ <% unless ENV["CI"] %>
4
+ Exclude:
5
+ <% `git status --ignored --porcelain`.scan(/^!!\s+(.*)$/).each do |match| %>
6
+ - <%= match[0] %>**/*
7
+ <% end %>
8
+ <% end %>
9
+
10
+ # Extensions
11
+ require:
12
+ - rubocop-rake
13
+ - rubocop-rspec
14
+
15
+ # New rules
16
+ Lint/DuplicateBranch: # (new in 1.3)
17
+ Enabled: true
18
+ Lint/DuplicateRegexpCharacterClassElement: # (new in 1.1)
19
+ Enabled: true
20
+ Lint/EmptyBlock: # (new in 1.1)
21
+ Enabled: true
22
+ Lint/EmptyClass: # (new in 1.3)
23
+ Enabled: true
24
+ Lint/NoReturnInBeginEndBlocks: # (new in 1.2)
25
+ Enabled: true
26
+ Lint/ToEnumArguments: # (new in 1.1)
27
+ Enabled: true
28
+ Lint/UnexpectedBlockArity: # (new in 1.5)
29
+ Enabled: true
30
+ Lint/UnmodifiedReduceAccumulator: # (new in 1.1)
31
+ Enabled: true
32
+ Style/ArgumentsForwarding: # (new in 1.1)
33
+ Enabled: true
34
+ Style/CollectionCompact: # (new in 1.2)
35
+ Enabled: true
36
+ Style/DocumentDynamicEvalDefinition: # (new in 1.1)
37
+ Enabled: true
38
+ Style/NegatedIfElseCondition: # (new in 1.2)
39
+ Enabled: true
40
+ Style/NilLambda: # (new in 1.3)
41
+ Enabled: true
42
+ Style/RedundantArgument: # (new in 1.4)
43
+ Enabled: true
44
+ Style/SwapValues: # (new in 1.1)
45
+ Enabled: true
46
+ Gemspec/DateAssignment: # (new in 1.10)
47
+ Enabled: true
48
+ Layout/SpaceBeforeBrackets: # (new in 1.7)
49
+ Enabled: true
50
+ Lint/AmbiguousAssignment: # (new in 1.7)
51
+ Enabled: true
52
+ Lint/DeprecatedConstants: # (new in 1.8)
53
+ Enabled: true
54
+ Lint/LambdaWithoutLiteralBlock: # (new in 1.8)
55
+ Enabled: true
56
+ Lint/NumberedParameterAssignment: # (new in 1.9)
57
+ Enabled: true
58
+ Lint/OrAssignmentToConstant: # (new in 1.9)
59
+ Enabled: true
60
+ Lint/RedundantDirGlobSort: # (new in 1.8)
61
+ Enabled: true
62
+ Lint/SymbolConversion: # (new in 1.9)
63
+ Enabled: true
64
+ Lint/TripleQuotes: # (new in 1.9)
65
+ Enabled: true
66
+ Style/EndlessMethod: # (new in 1.8)
67
+ Enabled: true
68
+ Style/HashConversion: # (new in 1.10)
69
+ Enabled: true
70
+ Style/HashExcept: # (new in 1.7)
71
+ Enabled: true
72
+ Style/IfWithBooleanLiteralBranches: # (new in 1.9)
73
+ Enabled: true
74
+
75
+ # Alterations
76
+ Naming/RescuedExceptionsVariableName:
77
+ Enabled: false
78
+ Style/BlockComments:
79
+ Exclude:
80
+ - spec/**/*
81
+ Style/ClassAndModuleChildren:
82
+ EnforcedStyle: compact
83
+ Style/Documentation:
84
+ Enabled: false
85
+ Style/FrozenStringLiteralComment:
86
+ Enabled: false
87
+ Layout/MultilineMethodCallIndentation:
88
+ Enabled: false
89
+ Style/StringLiterals:
90
+ EnforcedStyle: double_quotes
91
+ Layout/AccessModifierIndentation:
92
+ EnforcedStyle: outdent
93
+ RSpec/NestedGroups:
94
+ Enabled: false
95
+ RSpec/MultipleMemoizedHelpers:
96
+ Enabled: false
97
+ RSpec/MultipleExpectations:
98
+ Enabled: false
99
+ RSpec/ExampleLength:
100
+ Enabled: false
101
+ Metrics/BlockLength:
102
+ Exclude:
103
+ - spec/**/*
104
+ Layout/ArgumentAlignment:
105
+ Enabled: false
106
+ Style/TrailingCommaInArguments:
107
+ EnforcedStyleForMultiline: consistent_comma
108
+ Layout/MultilineMethodCallBraceLayout:
109
+ EnforcedStyle: new_line
data/CHANGELOG.md ADDED
@@ -0,0 +1,5 @@
1
+ ## [Unreleased]
2
+
3
+ ## [0.1.0] - 2021-02-18
4
+
5
+ - Initial release
data/Gemfile ADDED
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ source "https://rubygems.org"
4
+
5
+ # Specify your gem's dependencies in demopass.gemspec
6
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,72 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ demopass (0.1.0)
5
+ rack
6
+
7
+ GEM
8
+ remote: https://rubygems.org/
9
+ specs:
10
+ ast (2.4.2)
11
+ climate_control (0.2.0)
12
+ coderay (1.1.3)
13
+ diff-lcs (1.4.4)
14
+ method_source (1.0.0)
15
+ parallel (1.20.1)
16
+ parser (3.0.0.0)
17
+ ast (~> 2.4.1)
18
+ pry (0.14.0)
19
+ coderay (~> 1.1)
20
+ method_source (~> 1.0)
21
+ rack (2.2.3)
22
+ rainbow (3.0.0)
23
+ rake (13.0.3)
24
+ regexp_parser (2.0.3)
25
+ rexml (3.2.4)
26
+ rspec (3.10.0)
27
+ rspec-core (~> 3.10.0)
28
+ rspec-expectations (~> 3.10.0)
29
+ rspec-mocks (~> 3.10.0)
30
+ rspec-core (3.10.1)
31
+ rspec-support (~> 3.10.0)
32
+ rspec-expectations (3.10.1)
33
+ diff-lcs (>= 1.2.0, < 2.0)
34
+ rspec-support (~> 3.10.0)
35
+ rspec-mocks (3.10.2)
36
+ diff-lcs (>= 1.2.0, < 2.0)
37
+ rspec-support (~> 3.10.0)
38
+ rspec-support (3.10.2)
39
+ rubocop (1.10.0)
40
+ parallel (~> 1.10)
41
+ parser (>= 3.0.0.0)
42
+ rainbow (>= 2.2.2, < 4.0)
43
+ regexp_parser (>= 1.8, < 3.0)
44
+ rexml
45
+ rubocop-ast (>= 1.2.0, < 2.0)
46
+ ruby-progressbar (~> 1.7)
47
+ unicode-display_width (>= 1.4.0, < 3.0)
48
+ rubocop-ast (1.4.1)
49
+ parser (>= 2.7.1.5)
50
+ rubocop-rake (0.5.1)
51
+ rubocop
52
+ rubocop-rspec (2.2.0)
53
+ rubocop (~> 1.0)
54
+ rubocop-ast (>= 1.1.0)
55
+ ruby-progressbar (1.11.0)
56
+ unicode-display_width (2.0.0)
57
+
58
+ PLATFORMS
59
+ x86_64-darwin-19
60
+
61
+ DEPENDENCIES
62
+ climate_control
63
+ demopass!
64
+ pry
65
+ rake (~> 13.0)
66
+ rspec (~> 3.10)
67
+ rubocop (~> 1.6)
68
+ rubocop-rake (~> 0.5)
69
+ rubocop-rspec (~> 2.0)
70
+
71
+ BUNDLED WITH
72
+ 2.2.11
data/README.md ADDED
@@ -0,0 +1,31 @@
1
+ # Demopass
2
+
3
+ ## Installation
4
+
5
+ Add this line to your application's Gemfile:
6
+
7
+ ```ruby
8
+ gem 'demopass'
9
+ ```
10
+
11
+ And then execute:
12
+
13
+ $ bundle install
14
+
15
+ Or install it yourself as:
16
+
17
+ $ gem install demopass
18
+
19
+ ## Usage
20
+
21
+ TODO: Write usage instructions here
22
+
23
+ ## Development
24
+
25
+ After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
26
+
27
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
28
+
29
+ ## Contributing
30
+
31
+ Bug reports and pull requests are welcome on GitHub at https://github.com/SmartCasual/demopass.
data/Rakefile ADDED
@@ -0,0 +1,31 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ begin
5
+ require "rspec/core/rake_task"
6
+ require "rubocop/rake_task"
7
+ RSpec::Core::RakeTask.new(:spec)
8
+ RuboCop::RakeTask.new
9
+ rescue LoadError => exception
10
+ puts "Library not available: #{exception.message}"
11
+ end
12
+
13
+ desc "Build, lint, and test"
14
+ task :build_and_test do
15
+ Rake::Task["lint"].invoke
16
+ Rake::Task["test"].invoke
17
+ Rake::Task["build"].invoke unless ENV["CI"]
18
+ end
19
+
20
+ desc "Lint"
21
+ task lint: :rubocop
22
+
23
+ desc "Test"
24
+ task test: :spec
25
+
26
+ desc "Build"
27
+ task :build do
28
+ system("gem build demopass.gemspec")
29
+ end
30
+
31
+ task default: :build_and_test
data/bin/console ADDED
@@ -0,0 +1,15 @@
1
+ #!/usr/bin/env ruby
2
+ # frozen_string_literal: true
3
+
4
+ require "bundler/setup"
5
+ require "demopass"
6
+
7
+ # You can add fixtures and/or initialization code here to make experimenting
8
+ # with your gem easier. You can also use a different console, if you like.
9
+
10
+ # (If you use this, don't forget to add pry to your Gemfile!)
11
+ # require "pry"
12
+ # Pry.start
13
+
14
+ require "irb"
15
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/demopass.gemspec ADDED
@@ -0,0 +1,37 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "lib/demopass/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "demopass"
7
+ spec.version = Demopass::VERSION
8
+ spec.authors = ["Elliot Crosby-McCullough"]
9
+ spec.email = ["elliot.cm@gmail.com"]
10
+
11
+ spec.summary = "Add simple password protection for demo Rack apps."
12
+ spec.homepage = "https://github.com/SmartCasual/demopass"
13
+ spec.required_ruby_version = Gem::Requirement.new(">= 2.7.0")
14
+
15
+ spec.metadata["homepage_uri"] = spec.homepage
16
+ spec.metadata["source_code_uri"] = "https://github.com/SmartCasual/demopass"
17
+ spec.metadata["changelog_uri"] = "https://github.com/SmartCasual/demopass/blob/master/CHANGELOG.md"
18
+
19
+ # Specify which files should be added to the gem when it is released.
20
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
21
+ spec.files = Dir.chdir(File.expand_path(__dir__)) do
22
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{\A(?:test|spec|features)/}) }
23
+ end
24
+ spec.bindir = "bin"
25
+ spec.executables = spec.files.grep(%r{\Abin/}) { |f| File.basename(f) }
26
+ spec.require_paths = ["lib"]
27
+
28
+ spec.add_dependency "rack"
29
+
30
+ spec.add_development_dependency "climate_control"
31
+ spec.add_development_dependency "pry"
32
+ spec.add_development_dependency "rake", "~> 13.0"
33
+ spec.add_development_dependency "rspec", "~> 3.10"
34
+ spec.add_development_dependency "rubocop", "~> 1.6"
35
+ spec.add_development_dependency "rubocop-rake", "~> 0.5"
36
+ spec.add_development_dependency "rubocop-rspec", "~> 2.0"
37
+ end
data/lib/demopass.rb ADDED
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative "demopass/version"
4
+ require_relative "demopass/app"
5
+
6
+ module Demopass # rubocop:disable Style/ClassAndModuleChildren
7
+ class Error < StandardError; end
8
+ end
@@ -0,0 +1,77 @@
1
+ require "openssl"
2
+
3
+ class Demopass::App
4
+ PASSWORD_PATH = "/demopass".freeze
5
+ PASSWORD_KEY = "password".freeze
6
+ TOKEN_KEY = "demopass_token".freeze
7
+
8
+ def initialize(downstream)
9
+ @downstream = downstream
10
+ @response = Rack::Response.new
11
+
12
+ @hmac_key = ENV["DEMOPASS_SECRET"]
13
+ @password = ENV["DEMOPASS_PASSWORD"]
14
+
15
+ raise Demopass::Error, "Please configure DEMOPASS_SECRET and DEMOPASS_PASSWORD" unless @hmac_key && @password
16
+
17
+ @digest = OpenSSL::Digest.new("SHA256")
18
+ @valid_hmac = hmac_for(@password)
19
+ end
20
+
21
+ def call(env)
22
+ request = Rack::Request.new(env)
23
+ return @downstream.call(env) if token_valid?(request)
24
+
25
+ if (password = extract_password(request))
26
+ assign_token_and_redirect(password)
27
+ else
28
+ respond_with_form
29
+ end
30
+
31
+ @response.finish
32
+ end
33
+
34
+ private
35
+
36
+ def token_valid?(request)
37
+ request.cookies[TOKEN_KEY] == @valid_hmac
38
+ end
39
+
40
+ def extract_password(request)
41
+ return unless request.post? && request.path == PASSWORD_PATH
42
+
43
+ request.POST[PASSWORD_KEY]
44
+ end
45
+
46
+ def assign_token_and_redirect(password)
47
+ @response.set_cookie(TOKEN_KEY, hmac_for(password))
48
+ @response.redirect("/")
49
+ end
50
+
51
+ def hmac_for(password)
52
+ OpenSSL::HMAC.new(@hmac_key, @digest)
53
+ .update(password)
54
+ .hexdigest
55
+ end
56
+
57
+ FORM = <<~HTML.freeze
58
+ <!DOCTYPE html>
59
+ <html lang="en" dir="ltr">
60
+ <head>
61
+ <meta charset="utf-8">
62
+ <title>Demopass authentication</title>
63
+ </head>
64
+ <body>
65
+ <h1>Please enter the demo password</h1>
66
+ <form action="/demopass" method="post">
67
+ <input type="password" name="#{PASSWORD_KEY}" />
68
+ <button>Submit</button>
69
+ </form>
70
+ </body>
71
+ </html>
72
+ HTML
73
+
74
+ def respond_with_form
75
+ @response.write(FORM)
76
+ end
77
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Demopass
4
+ VERSION = "0.1.0"
5
+ end
metadata ADDED
@@ -0,0 +1,173 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: demopass
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Elliot Crosby-McCullough
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-02-23 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rack
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: climate_control
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: pry
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rake
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '13.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '13.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '3.10'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '3.10'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rubocop
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '1.6'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '1.6'
97
+ - !ruby/object:Gem::Dependency
98
+ name: rubocop-rake
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '0.5'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '0.5'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rubocop-rspec
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '2.0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '2.0'
125
+ description:
126
+ email:
127
+ - elliot.cm@gmail.com
128
+ executables:
129
+ - console
130
+ - setup
131
+ extensions: []
132
+ extra_rdoc_files: []
133
+ files:
134
+ - ".circleci/config.yml"
135
+ - ".gitignore"
136
+ - ".rubocop.yml"
137
+ - CHANGELOG.md
138
+ - Gemfile
139
+ - Gemfile.lock
140
+ - README.md
141
+ - Rakefile
142
+ - bin/console
143
+ - bin/setup
144
+ - demopass.gemspec
145
+ - lib/demopass.rb
146
+ - lib/demopass/app.rb
147
+ - lib/demopass/version.rb
148
+ homepage: https://github.com/SmartCasual/demopass
149
+ licenses: []
150
+ metadata:
151
+ homepage_uri: https://github.com/SmartCasual/demopass
152
+ source_code_uri: https://github.com/SmartCasual/demopass
153
+ changelog_uri: https://github.com/SmartCasual/demopass/blob/master/CHANGELOG.md
154
+ post_install_message:
155
+ rdoc_options: []
156
+ require_paths:
157
+ - lib
158
+ required_ruby_version: !ruby/object:Gem::Requirement
159
+ requirements:
160
+ - - ">="
161
+ - !ruby/object:Gem::Version
162
+ version: 2.7.0
163
+ required_rubygems_version: !ruby/object:Gem::Requirement
164
+ requirements:
165
+ - - ">="
166
+ - !ruby/object:Gem::Version
167
+ version: '0'
168
+ requirements: []
169
+ rubygems_version: 3.1.4
170
+ signing_key:
171
+ specification_version: 4
172
+ summary: Add simple password protection for demo Rack apps.
173
+ test_files: []