devise-token_authenticatable 0.3.0 → 0.3.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3f3ab41f44f9d2b947755138573fac61db295d5a
+  data.tar.gz: 2ea7960b707e719f26bf13fa53d18c92d964ae90
+SHA512:
+  metadata.gz: 1da828318ff32ff89522262dc366c5eb60d1308ae3da8c0dea18cb3afe0f4f0e8bd5acf1c4f0ab4cf96cc74cb8a0d42297de6d7ee39b8d0d191ee9ebf0bd5af0
+  data.tar.gz: ba3cd720cf3883632686a705072486ff21248d5453f520795ed32a46c513b74a7fea5b9ee6cb788d30e83c5b299f07b8758d724e90fdbb2d7421190f91728063

data/.travis.yml

@@ -3,6 +3,7 @@ rvm:
   - 1.9.3
   - 2.0.0
   - 2.1.2
+  - 2.2.0
   - jruby-19mode
 
 env:

data/README.md

@@ -1,6 +1,6 @@
 # Devise::TokenAuthenticatable
 
-[![Gem Version](https://badge.fury.io/rb/devise-token_authenticatable.png)](http://badge.fury.io/rb/devise-token_authenticatable) [![Build Status](https://travis-ci.org/baschtl/devise-token_authenticatable.png?branch=master)](https://travis-ci.org/baschtl/devise-token_authenticatable) [![Code Climate](https://codeclimate.com/github/baschtl/devise-token_authenticatable.png)](https://codeclimate.com/github/baschtl/devise-token_authenticatable)
+[![Tag](https://img.shields.io/github/tag/baschtl/devise-token_authenticatable.svg?style=flat-square)](https://github.com/baschtl/devise-token_authenticatable/releases) [![Build Status](https://img.shields.io/travis/baschtl/devise-token_authenticatable.svg?style=flat-square)](https://travis-ci.org/baschtl/devise-token_authenticatable) [![Code Climate](https://img.shields.io/codeclimate/github/baschtl/devise-token_authenticatable.svg?style=flat-square)](https://codeclimate.com/github/baschtl/devise-token_authenticatable)
 
 This gem provides the extracted Token Authenticatable module of devise. It includes the functionality that was also in [version 3.1.2](https://github.com/plataformatec/devise/tree/v3.1.2) of devise. With the inclusion of this module a user is able to sign in via an authentication token. This token can be given via a query string or HTTP Basic Authentication. See the hint below to understand which version of this gem supports which version of devise.
 
@@ -24,9 +24,9 @@ Or install it yourself as:
 
 *devise-token_authenticatable*  | *devise*
 -------------------------------:|---------
-0.1.0                           | >= 3.2.0
-0.2.0                           | >= 3.3.0
-0.3.0                           | >= 3.4.0
+0.1.0                           | ~> 3.2.0
+0.2.0                           | ~> 3.3.0
+0.3.x                           | ~> 3.4.0
 
 ## Usage
 
@@ -36,10 +36,22 @@ Add `:token_authenticatable` to your devise model:
       devise :database_authenticatable, :token_authenticatable
     end
 
-The authentication key name used by this module defaults to `auth_token`. Use the following configuration (e.g., in a Rails initializer) to alter the name:
+## Configuration
+
+This gem can be configured as shown in the following:
 
     Devise::TokenAuthenticatable.setup do |config|
+      # set the authentication key name used by this module,
+      # defaults to :auth_token
       config.token_authentication_key = :other_key_name
+
+      # enable reset of the authentication token before the model is saved,
+      # defaults to false
+      config.should_reset_authentication_token = true
+    
+      # enables the setting of the authentication token - if not already - before the model is saved,
+      # defaults to false
+      config.should_ensure_authentication_token = true
     end
 
 ## Documentation

data/lib/devise/token_authenticatable.rb

@@ -7,6 +7,14 @@ module Devise
     mattr_accessor :token_authentication_key
     @@token_authentication_key = :auth_token
 
+    # Defines if the authentication token is reset before the model is saved.
+    mattr_accessor :should_reset_authentication_token
+    @@should_reset_authentication_token = false
+
+    # Defines if the authentication token is set - if not already - before the model is saved.
+    mattr_accessor :should_ensure_authentication_token
+    @@should_ensure_authentication_token = false
+
     # Enable the configuration of the TokenAuthenticatable
     # strategy with a block:
     #

data/lib/devise/token_authenticatable/model.rb

@@ -1,17 +1,10 @@
 module Devise
   module Models
-    # The TokenAuthenticatable module is responsible for generating an authentication token and
+    # The +TokenAuthenticatable+ module is responsible for generating an authentication token and
     # validating the authenticity of the same while signing in.
     #
     # This module only provides a few helpers to help you manage the token, but it is up to you
-    # to choose how to use it. For example, if you want to have a new token every time the user
-    # saves his account, you can do the following:
-    #
-    #   before_save :reset_authentication_token
-    #
-    # On the other hand, if you want to generate token unless one exists, you should use instead:
-    #
-    #   before_save :ensure_authentication_token
+    # to choose how to use it.
     #
     # If you want to delete the token after it is used, you can do so in the
     # after_token_authentication callback.
@@ -28,15 +21,32 @@ module Devise
     #     request.env['devise.skip_trackable'] = true
     #   end
     #
-    # == Options
-    #
-    # TokenAuthenticatable adds the following options to devise_for:
-    #
-    #   * +token_authentication_key+: Defines name of the authentication token params key. E.g. /users/sign_in?some_key=...
-    #
     module TokenAuthenticatable
       extend ActiveSupport::Concern
 
+      included do
+        before_save :reset_authentication_token_before_save
+        before_save :ensure_authentication_token_before_save
+      end
+
+      module ClassMethods
+
+        def find_for_token_authentication(conditions)
+          find_for_authentication(authentication_token: conditions[Devise::TokenAuthenticatable.token_authentication_key])
+        end
+
+        # Generate a token checking if one does not already exist in the database.
+        def authentication_token
+          loop do
+            token = Devise.friendly_token
+            break token unless to_adapter.find_first({ authentication_token: token })
+          end
+        end
+
+        Devise::Models.config(self, :expire_auth_token_on_timeout)
+
+      end
+
       def self.required_fields(klass)
         [:authentication_token]
       end
@@ -70,21 +80,16 @@ module Devise
         self.class.expire_auth_token_on_timeout
       end
 
-      module ClassMethods
-        def find_for_token_authentication(conditions)
-          find_for_authentication(authentication_token: conditions[Devise::TokenAuthenticatable.token_authentication_key])
-        end
+      private
 
-        # Generate a token checking if one does not already exist in the database.
-        def authentication_token
-          loop do
-            token = Devise.friendly_token
-            break token unless to_adapter.find_first({ authentication_token: token })
-          end
+        def reset_authentication_token_before_save
+          reset_authentication_token if Devise::TokenAuthenticatable.should_reset_authentication_token
         end
 
-        Devise::Models.config(self, :token_authentication_key, :expire_auth_token_on_timeout)
-      end
+        def ensure_authentication_token_before_save
+          ensure_authentication_token if Devise::TokenAuthenticatable.should_ensure_authentication_token
+        end
+      
     end
   end
 end

data/lib/devise/token_authenticatable/strategy.rb

@@ -23,13 +23,6 @@ module Devise
     # by Rails: http://api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html
     # The token options are stored in request.env['devise.token_options']
     #
-    #
-    # Changes regarding the original +TokenAuthenticatable+ implementation:
-    #
-    # The private method +remember_me?+ in +TokenAuthenticatable+ returns +false+.
-    # For +TokenAuthenticatable+ this method was removed. This results in the
-    # usage of the default implementation in +Authenticatable+.
-    #
     class TokenAuthenticatable < Authenticatable
       def store?
         super && !mapping.to.skip_session_storage.include?(:token_auth)

data/lib/devise/token_authenticatable/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module TokenAuthenticatable
-    VERSION = "0.3.0".freeze
+    VERSION = "0.3.1".freeze
   end
 end

data/spec/models/devise/token_authenticatable/model_spec.rb

@@ -38,6 +38,7 @@ shared_examples "token authenticatable" do
         end
       end
     end
+
   end
 
   context "class methods" do
@@ -70,8 +71,81 @@ shared_examples "token authenticatable" do
           :authentication_token
         ])
       end
+
+    end
+
+  end
+
+  context "before_save" do
+
+    let(:entity) { create(described_class.name.underscore.to_sym, :with_authentication_token) }
+
+    context "when the authentication token should be reset" do
+
+      before :each do
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_reset_authentication_token = true
+        end
+      end
+
+      after :each do
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_reset_authentication_token = false
+        end
+      end
+
+      it "resets the authentication token" do
+        expect(entity).to receive(:reset_authentication_token).once
+
+        entity.update_attributes(created_at: Time.now)
+      end
+
+    end
+
+    context "when the authentication token should not be reset" do
+
+      it "does not reset the authentication token" do
+        expect(entity).to_not receive(:reset_authentication_token)
+
+        entity.update_attributes(created_at: Time.now)
+      end
+
+    end
+
+    context "when the authentication token should be ensured" do
+
+      before :each do
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_ensure_authentication_token = true
+        end
+      end
+
+      after :each do
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_ensure_authentication_token = false
+        end
+      end
+
+      it "sets the authentication token" do
+        expect(entity).to receive(:ensure_authentication_token).once
+
+        entity.update_attributes(created_at: Time.now)
+      end
+
     end
+
+    context "when the authentication token should not be ensured" do
+
+      it "does not set the authentication token" do
+        expect(entity).to_not receive(:ensure_authentication_token)
+
+        entity.update_attributes(created_at: Time.now)
+      end
+
+    end
+
   end
+
 end
 
 describe User do

data/spec/spec_helper.rb

@@ -24,16 +24,8 @@ ActiveRecord::Migration.verbose = false
 # RSpec configuration
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 RSpec.configure do |config|
-  config.use_transactional_fixtures                       = true
-  config.run_all_when_everything_filtered                 = true
-
-  config.filter_run :focus
-
-  # Run specs in random order to surface order dependencies. If you find an
-  # order dependency and want to debug it, you can fix the order by providing
-  # the seed, which is printed after each run.
-  #     --seed 1234
-  #config.order = 'random'
+  config.use_transactional_fixtures       = true
+  config.run_all_when_everything_filtered = true
 
   config.include FactoryGirl::Syntax::Methods
 

data/spec/token_authenticatable_spec.rb

@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe Devise::TokenAuthenticatable do
+
+  context "configuring the token_authentication_key" do
+    let(:new_key) { :other_key }
+
+    it "should set the configuration" do
+      expect {
+        Devise::TokenAuthenticatable.setup do |config|
+          config.token_authentication_key = new_key
+        end
+      }.to change { Devise::TokenAuthenticatable.token_authentication_key }.from(:auth_token).to(new_key)
+    end
+  end
+
+  context "configuring the should_reset_authentication_token" do
+    let(:should_reset) { true }
+
+    it "should set the configuration" do
+      expect {
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_reset_authentication_token = should_reset
+        end
+      }.to change { Devise::TokenAuthenticatable.should_reset_authentication_token }.from(false).to(should_reset)
+    end
+  end
+
+  context "configuring the should_ensure_authentication_token" do
+    let(:should_ensure) { true }
+
+    it "should set the configuration" do
+      expect {
+        Devise::TokenAuthenticatable.setup do |config|
+          config.should_ensure_authentication_token = should_ensure
+        end
+      }.to change { Devise::TokenAuthenticatable.should_ensure_authentication_token }.from(false).to(should_ensure)
+    end
+  end
+
+end

metadata

@@ -1,156 +1,139 @@
 --- !ruby/object:Gem::Specification
 name: devise-token_authenticatable
 version: !ruby/object:Gem::Version
-  version: 0.3.0
-  prerelease: 
+  version: 0.3.1
 platform: ruby
 authors:
 - Sebastian Oelke
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-24 00:00:00.000000000 Z
+date: 2015-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.4.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 4.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 4.1.0
 - !ruby/object:Gem::Dependency
   name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 3.0.2
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.10.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.10.0
 - !ruby/object:Gem::Dependency
   name: factory_girl_rails
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 4.4.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 4.4.0
 - !ruby/object:Gem::Dependency
   name: timecop
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.6'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.6'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.3'
-description: ! "This gem provides the extracted Token Authenticatable module of devise.\n
-  \                         It enables the user to sign in via an authentication token.
-  This token\n                          can be given via a query string or HTTP Basic
-  Authentication."
+description: |-
+  This gem provides the extracted Token Authenticatable module of devise.
+                            It enables the user to sign in via an authentication token. This token
+                            can be given via a query string or HTTP Basic Authentication.
 email:
 - dev@sohleeatsworld.de
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
-- .travis.yml
+- ".gitignore"
+- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
@@ -198,30 +181,30 @@ files:
 - spec/support/rails_app/public/500.html
 - spec/support/rails_app/public/favicon.ico
 - spec/support/session_helper.rb
+- spec/token_authenticatable_spec.rb
 homepage: https://github.com/baschtl/devise-token_authenticatable
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.2.2
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Provides authentication based on an authentication token for devise 3.2 and
   up.
 test_files:
@@ -262,3 +245,4 @@ test_files:
 - spec/support/rails_app/public/500.html
 - spec/support/rails_app/public/favicon.ico
 - spec/support/session_helper.rb
+- spec/token_authenticatable_spec.rb