demopass 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: db808df5d6e5cd7a3afda85d10590eaada99da80d94fc2b7a01ef49f32861f21
4
- data.tar.gz: 3598bd131b0d20e09c5c2dfa584654ba045754b7461f3d069a8bfc9baf74a8fa
3
+ metadata.gz: 3ac8f48f70d6ffcf528b814bb9165d2d97d5d29e31121ec7a913759f4c114949
4
+ data.tar.gz: e3ec2d88ae0bdcabea6aba343a38cfd1f586d4158eb41168e3ba4f3ea85b8502
5
5
  SHA512:
6
- metadata.gz: fe48a975bcde99459f6c2696e0d93f061ca8c91089956b1b7ff3db3cac1c6385042ff6ecc6ce942528654b0bcd6167d305475a8ec447c03d7130ae3a73166718
7
- data.tar.gz: 85b8c8cc117e7b2c4737cc70c6b6fa1757ea9c0dc3b3132300680e214bd3d98a3363c4483ecd438b71655768ff663a3c9cc040f544738fa12f3e680d1747062a
6
+ metadata.gz: e319207646f43ce1110f84cbdb8da9b81be65f17e50ec9c4e58e9fc379f0491c104637188900546792b93af861a5b0e4bf532afdbf400bae0a7b890dc35f57e7
7
+ data.tar.gz: 6aad313c06b3e9b3b5d845040fb2ff068c96be208a46c5a1757e726653ab0ca3241da06b593d10eaf1ab05df21740904c11b45d27b4da6a5443db48ca1439270
data/.rubocop.yml CHANGED
@@ -113,3 +113,7 @@ Style/TrailingCommaInArguments:
113
113
  EnforcedStyleForMultiline: consistent_comma
114
114
  Layout/MultilineMethodCallBraceLayout:
115
115
  EnforcedStyle: new_line
116
+ Metrics/MethodLength:
117
+ Enabled: false
118
+ Metrics/AbcSize:
119
+ Enabled: false
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- demopass (0.2.0)
4
+ demopass (0.2.1)
5
5
  rack
6
6
 
7
7
  GEM
data/lib/demopass/app.rb CHANGED
@@ -1,14 +1,17 @@
1
1
  require "openssl"
2
+ require "forwardable"
3
+ require_relative "logger"
2
4
 
3
5
  class Demopass::App
6
+ extend Forwardable
7
+
4
8
  PASSWORD_PATH = "/demopass".freeze
5
9
  PASSWORD_KEY = "password".freeze
6
10
  TOKEN_KEY = "demopass_token".freeze
7
11
 
8
- def initialize(downstream, except: nil)
12
+ def initialize(downstream, except: nil, log_level: nil)
9
13
  @downstream = downstream
10
14
  @except = except
11
- @response = Rack::Response.new
12
15
 
13
16
  @hmac_key = ENV["DEMOPASS_SECRET"]
14
17
  @password = ENV["DEMOPASS_PASSWORD"]
@@ -16,24 +19,40 @@ class Demopass::App
16
19
  @digest = OpenSSL::Digest.new("SHA256")
17
20
  @valid_hmac = hmac_for(@password)
18
21
 
22
+ @logger = Demopass::Logger.new(log_level: log_level)
23
+
19
24
  validate_arguments
20
25
  end
21
26
 
22
27
  def call(env)
28
+ @response = Rack::Response.new
29
+
23
30
  request = Rack::Request.new(env)
24
- return @downstream.call(env) if path_excluded?(request) || token_valid?(request)
31
+ debug("Beginning #{request.request_method} to #{request.path}")
32
+ debug("Downstream is #{@downstream.class.name}")
33
+
34
+ if (excluded = path_excluded?(request)) || token_valid?(request)
35
+ reason = excluded ? "the path was excluded" : "the token was valid"
36
+ debug("Passing downstream because #{reason}")
37
+
38
+ return @downstream.call(env)
39
+ end
25
40
 
26
41
  if (password = extract_password(request))
27
42
  assign_token_and_redirect(password)
28
43
  else
44
+ info("Password or token missing or invalid; responding with a login form")
29
45
  respond_with_form
30
46
  end
31
47
 
48
+ debug("Ending call to #{request.path}")
32
49
  @response.finish
33
50
  end
34
51
 
35
52
  private
36
53
 
54
+ def_delegators :@logger, :debug, :info
55
+
37
56
  def path_excluded?(request)
38
57
  @except && request.path =~ @except
39
58
  end
@@ -43,12 +62,21 @@ private
43
62
  end
44
63
 
45
64
  def extract_password(request)
46
- return unless request.post? && request.path == PASSWORD_PATH
65
+ unless request.post?
66
+ debug("Ignoring passwords; request was not a POST")
67
+ return
68
+ end
69
+
70
+ unless request.path == PASSWORD_PATH
71
+ debug("Ignoring passwords; request path #{request.path} was not #{PASSWORD_PATH}")
72
+ return
73
+ end
47
74
 
48
75
  request.POST[PASSWORD_KEY]
49
76
  end
50
77
 
51
78
  def assign_token_and_redirect(password)
79
+ debug("Setting token from password and redirecting to /")
52
80
  @response.set_cookie(TOKEN_KEY, hmac_for(password))
53
81
  @response.redirect("/")
54
82
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Demopass
4
- VERSION = "0.2.0"
4
+ VERSION = "0.2.1"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: demopass
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elliot Crosby-McCullough
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-07 00:00:00.000000000 Z
11
+ date: 2021-05-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack