demopass 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +4 -0
- data/Gemfile.lock +1 -1
- data/lib/demopass/app.rb +32 -4
- data/lib/demopass/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3ac8f48f70d6ffcf528b814bb9165d2d97d5d29e31121ec7a913759f4c114949
|
|
4
|
+
data.tar.gz: e3ec2d88ae0bdcabea6aba343a38cfd1f586d4158eb41168e3ba4f3ea85b8502
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e319207646f43ce1110f84cbdb8da9b81be65f17e50ec9c4e58e9fc379f0491c104637188900546792b93af861a5b0e4bf532afdbf400bae0a7b890dc35f57e7
|
|
7
|
+
data.tar.gz: 6aad313c06b3e9b3b5d845040fb2ff068c96be208a46c5a1757e726653ab0ca3241da06b593d10eaf1ab05df21740904c11b45d27b4da6a5443db48ca1439270
|
data/.rubocop.yml
CHANGED
data/Gemfile.lock
CHANGED
data/lib/demopass/app.rb
CHANGED
|
@@ -1,14 +1,17 @@
|
|
|
1
1
|
require "openssl"
|
|
2
|
+
require "forwardable"
|
|
3
|
+
require_relative "logger"
|
|
2
4
|
|
|
3
5
|
class Demopass::App
|
|
6
|
+
extend Forwardable
|
|
7
|
+
|
|
4
8
|
PASSWORD_PATH = "/demopass".freeze
|
|
5
9
|
PASSWORD_KEY = "password".freeze
|
|
6
10
|
TOKEN_KEY = "demopass_token".freeze
|
|
7
11
|
|
|
8
|
-
def initialize(downstream, except: nil)
|
|
12
|
+
def initialize(downstream, except: nil, log_level: nil)
|
|
9
13
|
@downstream = downstream
|
|
10
14
|
@except = except
|
|
11
|
-
@response = Rack::Response.new
|
|
12
15
|
|
|
13
16
|
@hmac_key = ENV["DEMOPASS_SECRET"]
|
|
14
17
|
@password = ENV["DEMOPASS_PASSWORD"]
|
|
@@ -16,24 +19,40 @@ class Demopass::App
|
|
|
16
19
|
@digest = OpenSSL::Digest.new("SHA256")
|
|
17
20
|
@valid_hmac = hmac_for(@password)
|
|
18
21
|
|
|
22
|
+
@logger = Demopass::Logger.new(log_level: log_level)
|
|
23
|
+
|
|
19
24
|
validate_arguments
|
|
20
25
|
end
|
|
21
26
|
|
|
22
27
|
def call(env)
|
|
28
|
+
@response = Rack::Response.new
|
|
29
|
+
|
|
23
30
|
request = Rack::Request.new(env)
|
|
24
|
-
|
|
31
|
+
debug("Beginning #{request.request_method} to #{request.path}")
|
|
32
|
+
debug("Downstream is #{@downstream.class.name}")
|
|
33
|
+
|
|
34
|
+
if (excluded = path_excluded?(request)) || token_valid?(request)
|
|
35
|
+
reason = excluded ? "the path was excluded" : "the token was valid"
|
|
36
|
+
debug("Passing downstream because #{reason}")
|
|
37
|
+
|
|
38
|
+
return @downstream.call(env)
|
|
39
|
+
end
|
|
25
40
|
|
|
26
41
|
if (password = extract_password(request))
|
|
27
42
|
assign_token_and_redirect(password)
|
|
28
43
|
else
|
|
44
|
+
info("Password or token missing or invalid; responding with a login form")
|
|
29
45
|
respond_with_form
|
|
30
46
|
end
|
|
31
47
|
|
|
48
|
+
debug("Ending call to #{request.path}")
|
|
32
49
|
@response.finish
|
|
33
50
|
end
|
|
34
51
|
|
|
35
52
|
private
|
|
36
53
|
|
|
54
|
+
def_delegators :@logger, :debug, :info
|
|
55
|
+
|
|
37
56
|
def path_excluded?(request)
|
|
38
57
|
@except && request.path =~ @except
|
|
39
58
|
end
|
|
@@ -43,12 +62,21 @@ private
|
|
|
43
62
|
end
|
|
44
63
|
|
|
45
64
|
def extract_password(request)
|
|
46
|
-
|
|
65
|
+
unless request.post?
|
|
66
|
+
debug("Ignoring passwords; request was not a POST")
|
|
67
|
+
return
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
unless request.path == PASSWORD_PATH
|
|
71
|
+
debug("Ignoring passwords; request path #{request.path} was not #{PASSWORD_PATH}")
|
|
72
|
+
return
|
|
73
|
+
end
|
|
47
74
|
|
|
48
75
|
request.POST[PASSWORD_KEY]
|
|
49
76
|
end
|
|
50
77
|
|
|
51
78
|
def assign_token_and_redirect(password)
|
|
79
|
+
debug("Setting token from password and redirecting to /")
|
|
52
80
|
@response.set_cookie(TOKEN_KEY, hmac_for(password))
|
|
53
81
|
@response.redirect("/")
|
|
54
82
|
end
|
data/lib/demopass/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: demopass
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elliot Crosby-McCullough
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-05-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rack
|