devise_latcheable 0.0.2 → 0.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ac3d2d79ef58d64be02863357e9918e77306d069
-  data.tar.gz: d7d0d3776541db5329a5b447347ee64a64c54acc
+  metadata.gz: a5d81c85f9712118198e61d829a08203f276ddcf
+  data.tar.gz: ebcf6bde53094b7b440f69832fc46c593a6e6d0d
 SHA512:
-  metadata.gz: 0d73534e4516d884c987d0c496427283c0437c5fde09014e581bf6b3e124f8be4afc2f4747a38bf915b0ec000207bb1cea8873e242fe26764d56f4a90949e421
-  data.tar.gz: d70bf7d306e4dc8bedaa57ed621351133b2ac2f46413fd30c82c1e876f0f43da24ccdc12237fa538b2e19ce07d02724c26fbf15e9ee9b31fd55238a0dfc91c67
+  metadata.gz: 27b46a8e8e57dd152a1b6f0a47b1477c73569f2116a04be57e5d9d3c0fb3376e82ff0cb33741fd172333711151f1047dcb202d62bfd86b159bd600e0e247bfd9
+  data.tar.gz: d0e8a81267811bc39da94edcd16c673cc308203c7166261f5a396ba94865b83f9fec2d9b011b8494d3a7dd8516bb54b2d88c10834377d81184c6572a873e22f4

data/README.md

@@ -0,0 +1,113 @@
+# devise\_latcheable
+This gem adds an extra security layer using a Latch account to any Rails app 
+using the devise gem.
+
+You can find more info about Latch at https://latch.elevenpaths.com
+
+## How to install and configure it
+
+1. Install and configure devise gem. You can follow the guide at 
+https://github.com/plataformatec/devise
+
+2. Add the gem to your Gemfile
+```ruby
+gem 'devise_latcheable'
+```
+
+3. Add latcheable to the module list on your users model
+```ruby
+class User < ActiveRecord::Base
+  devise :database_authenticatable, :latcheable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+end
+```
+
+4. Run the generator in your console with the name of the model you're using.
+That will generate a new migration and will copy the main configuration file.
+```bash
+rails generate devise_latcheable MODEL_NAME
+```
+
+5. Run rake db:migrate to apply the new migration
+
+6. Modify config/latch.yml file with your app id and secret codes
+
+7. Modify your routes.rb file to change your devise\_for controllers option
+```ruby
+devise_for :users, controllers: { registrations: 'devise_latcheable/registrations' }
+```
+
+## Using devise\_latcheable
+The good thing about devise\_latcheable is that you can just forget about Latch, 
+because the gem will take care of it for you. If you know how to use devise, you
+already know how to use devise\_latcheable!
+
+For more advanced users, the information below will be useful in case of
+modifying or expanding the functionality of devise\_latcheable.
+
+### Custom register forms and pair code
+devise\_latcheable comes with a register form for your users. To use it, you 
+just need to declare the use of the registrations controller that comes with
+the gem as explained in step seven of 'how to install and configure it'.
+
+You can use your custom controller and your custom views if you want, just go 
+ahead to the 'Configuring views' or 'Configuring controllers' section of 
+devise's readme. You just need to remember that you need a pair 
+code to register the user and authenticate it with Latch.
+
+An attr\_accessor called 'latch\_pair\_code' is registered on your application
+users model to take care of that. This attribute isn't saved on your database
+but is needed when a user is being created. devise\_latcheable will check this 
+code against Latch. If the user pair code is valid, the user will be registered 
+and logged in in your rails app.
+```ruby
+# Example saving an user and pairing it
+user = User.new
+user.email = 'crresse@gmail.com'
+user.password = '123123123'
+user.password_confirmation = '123123123'
+user.latch_pair_code = 'fw2kW5L'
+user.save # true if no errors
+```
+
+### Using latch optionally
+A instance attribute called 'latch\_enabled' is added to your users model to 
+specify if that instance is going to be authenticated against Latch. This 
+attribute is set to 'true' if 'always\_enabled' is set to 'true' in the config 
+file.
+
+If you set it to a value different from 'true', devise will forget about
+Latch, and will authenticate and validate the user using the remaining 
+modules that you declared on your model.
+```ruby
+# Suppose that 'always_enabled' is set to true
+user = User.new
+user.email = 'crresse@gmail.com'
+user.password = '123123123'
+user.password_confirmation = '123123123'
+user.latch_enabled = false
+user.save # Latch wont be checked here, since we specified that we dont want it enabled
+```
+
+### Unpairing
+A user is unpaired from Latch when you destroy the user instance if it has latch 
+enabled on it. When you do so, the user's latch app notifies him that the app is
+now unpaired from latch.
+```ruby
+user = User.find_by name: 'Test'
+user.destroy # Latch is unpaired at this point, and the user will receive a notification in it latch app
+```
+
+### Account id
+When a user pairs with Latch, devise\_latcheable needs to hold a reference to
+the user's latch id to check his latch status. You can get a user's latch id
+calling latch\_account\_id on it.
+```ruby
+user = User.find_by name: 'Test'
+user.latch_account_id
+```
+
+## Demo
+There is a app already configured with devise and devise\_latcheable at
+[this repo](https://github.com/CarlosRdrz/latch_app) for demo and
+development purposes.

data/app/controllers/devise_latcheable/registrations_controller.rb

@@ -4,6 +4,6 @@ class DeviseLatcheable::RegistrationsController < Devise::RegistrationsControlle
   protected
 
     def configure_permitted_parameters
-      devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :pair_code) }
+      devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:email, :password, :password_confirmation, :latch_pair_code) }
     end
 end

data/app/views/devise_latcheable/registrations/new.html.erb

@@ -22,8 +22,8 @@
   </div>
 
   <div class="field">
-    <%= f.label :pair_code %><br />
-    <%= f.text_field :pair_code, autocomplete: "off" %>
+    <%= f.label :latch_pair_code %><br />
+    <%= f.text_field :latch_pair_code, autocomplete: "off" %>
   </div>
 
   <div class="actions">

data/lib/devise_latcheable/model.rb

@@ -7,7 +7,7 @@ module Devise
         # We only use pair code to pair the user with latch. Once it is
         # paired, we dont need the pair code anymore, so we wont save
         # it on the database
-        attr_accessor :pair_code
+        attr_accessor :latch_pair_code
 
         after_initialize :latch_enable
 
@@ -19,31 +19,63 @@ module Devise
         latch_enabled
       end
 
+      # => Checks if the app lock is open
+      #    @returns true if the latch is unlocked
+      #    @returns false if the latch is locked or if there was an error
       def latch_unlocked?
         return true unless latch_enabled?
         return false if latch_account_id.nil?
-        Devise::Latch.unlocked? latch_account_id
+        api_response = ::DeviseLatcheable.api.status latch_account_id
+
+        if api_response.error.nil?
+          key = api_response.data['operations'].keys.first
+          status = api_response.data['operations'][key]['status']
+          return (status == 'on')
+        else
+          return false
+        end
       end
 
+      # => Removes the pairing from latch
+      #    If an error occurs, it copies the error at errors base
+      #    so you can access it with model_instance.errors
+      #    @returns true on success, false otherwise
       def latch_unpair!
         return true unless latch_enabled?
         return true if latch_account_id.nil?
-        Devise::Latch.unpair latch_account_id
+        api_response = ::DeviseLatcheable.api.unpair latch_account_id
+
+        if api_response.error.nil?
+          return true
+        else
+          errors.add(:base, "Latch error: #{api_response.error.message}")
+          return false
+        end
       end
 
+      # => Pairs an user with the server.
+      #    If an error occurs, it copies the error at errors base
+      #    so you can access it with model_instance.errors
+      #    On success, it sets latch_account_id to the value that
+      #    latch server sent on its response
+      #    @returns true on success, false otherwise
       def latch_pair!
         return true unless latch_enabled?
+        api_response = ::DeviseLatcheable.api.pair latch_pair_code
 
-        self.latch_account_id = Devise::Latch.pair pair_code
-
-        if latch_account_id.nil?
-          errors.add(:base, 'Invalid latch pair code')
+        if api_response.error.nil?
+          self.latch_account_id = api_response.data['accountId']
+          return true
+        else
+          errors.add(:base, "Latch error: #{api_response.error.message}")
           return false
         end
       end
 
       def latch_enable
-        self.latch_enabled = true if Devise::Latch.config['always_enabled'] == true
+        if ::DeviseLatcheable.config['always_enabled'] == true
+          self.latch_enabled = true
+        end
       end
     end
   end

data/lib/devise_latcheable/version.rb

@@ -1,3 +1,3 @@
 module DeviseLatcheable
-  VERSION = "0.0.2".freeze
+  VERSION = "0.0.3".freeze
 end

data/lib/devise_latcheable.rb

@@ -1,11 +1,18 @@
 require 'latchsdk'
 require 'devise'
-require 'devise_latcheable/adapter'
 require 'devise_latcheable/model'
 require 'devise_latcheable/strategy'
 require 'devise_latcheable/engine'
 
 module DeviseLatcheable
+  # The config file
+  mattr_accessor :config
+  self.config = YAML.load(File.read('config/latch.yml'))
+
+  # We instantiate only one api client per app
+  mattr_accessor :api
+  self.api = ::Latch.new ::DeviseLatcheable.config['app_id'],
+                         ::DeviseLatcheable.config['app_secret']
 end
 
 Devise.add_module :latcheable,

data/plugin_info

@@ -0,0 +1,37 @@
+This plugin is a ruby gem that adds a module for the devise gem. It implements
+latch authentication usable by any rails app using devise.
+
+Rails is one of the most used frameworks to build web apps. A high number of
+startups use Rails to build their products, and almost every one of them uses
+some kind of user handling to allow sign-up and sign-in capabilities to their
+websites.
+
+Devise is a gem used for user authentication. It is valued as the #1 must-have
+gem for any rails app by a large number of websites, blogs and professionals.
+It implements user sign-in and sign-up in a easy and modularizable way, so that
+developers can forget about user handling and focus on building their apps.
+
+Although there's a publicly available latch ruby sdk, it can be somehow 
+confusing adding Latch to a rails app, since it involves knowledge about how
+user registration and logging in implementations work, and gems precisaly
+abstract these implementations. 
+
+This plugin adds Latch as a Devise module. This means that any rails app that
+is using devise can add an extra layer of security with latch. And the
+good thing is that if they know how to use Devise they already know how to use
+Devise Latcheable!
+
+There is an app already configured with Devise and Devise Latcheable at
+https://github.com/CarlosRdrz/latch_app. To run it, you just need to modify
+the file config/latch.yml and write there your app id and secret.
+This app is only an example, but shows how the module works.
+
+In the future, it will be great if Devise Latcheable is merged with Devise. The
+authors of Devise did this before with other modules, and it eliminates steps
+for installation and configuration of Devise Latcheable, therefore simplyfing
+the process of implementing Latch in any app.
+
+I think that Devise Latcheable should win the contest because it allows a lot
+of apps to implement Latch in a easy way, and this can encourage the usage of
+Latch in the rails community, which is one of the most active developers 
+communities of the world.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_latcheable
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Carlos Rodriguez
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-01-10 00:00:00.000000000 Z
+date: 2015-01-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -59,11 +59,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - Gemfile
+- README.md
 - app/controllers/devise_latcheable/registrations_controller.rb
 - app/views/devise_latcheable/registrations/new.html.erb
 - devise_latcheable.gemspec
 - lib/devise_latcheable.rb
-- lib/devise_latcheable/adapter.rb
 - lib/devise_latcheable/engine.rb
 - lib/devise_latcheable/model.rb
 - lib/devise_latcheable/strategy.rb
@@ -73,6 +73,7 @@ files:
 - lib/generators/templates/README
 - lib/generators/templates/latch.yml
 - lib/generators/templates/migration.rb
+- plugin_info
 homepage: 
 licenses:
 - MIT

data/lib/devise_latcheable/adapter.rb

@@ -1,34 +0,0 @@
-module Devise
-  module Latch
-    @yaml_config = YAML.load(File.read("config/latch.yml"))
-    @latch_instance = ::Latch.new @yaml_config['app_id'], @yaml_config['app_secret']
-
-    # => Pairs an user with the server.
-    #    @returns Account ID on success and nil on failure
-    def self.pair(code)
-      res = @latch_instance.pair code
-      return nil if res.data.nil?
-      res.data['accountId']
-    end
-
-    # => Checks if the app lock is open
-    def self.unlocked?(account_id)
-      res = @latch_instance.status account_id
-      return false unless res.error.nil?
-      
-      key = res.data['operations'].keys.first
-      status = res.data['operations'][key]['status']
-      status == 'on'
-    end
-
-    # => Removes the pairing from lath
-    def self.unpair(account_id)
-      res = @latch_instance.unpair account_id
-      res.error.nil? ? true : false
-    end
-
-    def self.config
-      @yaml_config
-    end
-  end
-end