devise_meteor 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a0d562215a30614c1da588c4290a506c77df9fef
+  data.tar.gz: 6ebdf968382eb4b6b533b2d91f36121a59a62bf3
+SHA512:
+  metadata.gz: bdf04c8e1df027241a6eead6ba19c98f523483d346335132376d4ddee959fb465a6fabf4275ba1c2c4280d045c945eb9a75495fe8c6db674ec5a7778573c35d3
+  data.tar.gz: 88b6ccbd2eeb70290a4a62b1621b9f5b70f4c1a1eef589097cf6f8977d54e1e008b7ef5e1419986d18f496e886f920ad81c346ddf907dfde11359f8323ad4717

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.travis.yml

@@ -0,0 +1,4 @@
+language: ruby
+rvm:
+  - 2.2.3
+before_install: gem install bundler -v 1.10.6

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,13 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, or religion.
+
+Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening an issue or contacting one or more of the project maintainers.
+
+This Code of Conduct is adapted from the [Contributor Covenant](http://contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)

data/Gemfile

@@ -0,0 +1,16 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in devise_meteor.gemspec
+gemspec
+
+# Declare any dependencies that are still in development here instead of in
+# your gemspec. These might include edge Rails or gems from your path or
+# Git. Remember to move these dependencies to your gemspec before releasing
+# your gem to rubygems.org.
+
+# To use a debugger
+# gem 'byebug', group: [:development, :test]
+
+gem 'mongoid'
+gem 'devise'
+gem 'cucumber-rails', :require => false, group: [:development, :test]

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Jan Jezek
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,78 @@
+# Mongoid Devise For Meteor
+
+This gem provides a convenient way to connect your RailsApp to an existing Meteor app.
+
+### What it does:
+
+It saves the first matching `email` from meteors `emails`-Array into the `email` field which is used by devise.
+It saves the `hash` from meteors `services.password.bcrypt` into the `encrypted_password`-field which is used by devise.
+It confirms the devise user if the matching `email` was confirmed already in `meteor`.
+
+## HELP NEEDED
+
+### What it does not:
+
+At the moment it is not possible to use the password generated by app `one` on app `two` and vice versa. I dont know why.
+As you can see in the source, I have built a custom `Sha256`-class which should act like the meteor encrypt/decrypt process.
+For any reason the comparison between the meteor generated bcrypt/sha256 password and the custom/devise generated one differs.
+
+But for now, it's possible to generate a new one by using the default methods provided by devise.
+
+
+## Requirements
+
+1. You need an running Meteor server with the `accounts-password` library, ready setup and tested  
+2. You need an running Rails app with mongoid as the default database up and running with `database_a_uthenticatable` 
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'devise_meteor'
+```
+
+And then execute:
+
+    $ bundle install
+
+Add change/add the new authentication strategy to your `initializers/devise.rb`.
+It is already a placeholder near the bottom of the file:
+
+ ```ruby
+   # ==> Warden configuration
+   # If you want to use other strategies, that are not supported by Devise, or
+   # change the failure app, you can configure them inside the config.warden block.
+   #
+   config.warden do |manager|
+     manager.strategies.add(:meteor, Devise::Strategies::Meteor)
+     manager.default_strategies(scope: :user).unshift :meteor
+   end
+ ```
+
+
+## Usage
+
+Add the following after your field definitions in your `resource` (mostly the User model).
+
+```ruby
+  include DeviseMeteor::MeteorUserModel
+
+  # disable the mapping for the password simply use this line (not working right now)
+  disable_meteor_mapping
+
+```
+
+This adds the profile and services relations are used by every meteor app which uses `accounts`.
+Also the handling for password updates are made in this class.
+
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/mediatainment/devise_meteor This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](contributor-covenant.org) code of conduct.
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,7 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new
+
+task :default => :spec
+task :test => :spec

data/app/models/devise_meteor/meteor_profile.rb

@@ -0,0 +1,12 @@
+module DeviseMeteor
+  class MeteorProfile
+    include Mongoid::Document
+
+    embedded_in :user
+
+    field :name, type: String, default: ""
+    field :username, type: String, default: ""
+    field :firstName, type: String, default: ""
+    field :lastName, type: String, default: ""
+  end
+end

data/app/models/devise_meteor/meteor_service.rb

@@ -0,0 +1,16 @@
+module DeviseMeteor
+  class MeteorService
+    include Mongoid::Document
+
+    embedded_in :user
+    # to allow dynamic fields for the different authentication systems
+    # otherwise the providers can be defined as field with type Hash
+    # field :facebook, type: Hash
+    # include Mongoid::Attributes::Dynamic
+    field :facebook, type: Hash
+    index({facebook: 1, 'facebook.authToken' => 1})
+
+    field :resume, type: Hash
+    field :password, type: Hash
+  end
+end

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "devise_meteor"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/setup

@@ -0,0 +1,7 @@
+#!/bin/bash
+set -euo pipefail
+IFS=$'\n\t'
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/devise_meteor.gemspec

@@ -0,0 +1,37 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise_meteor/version'
+
+Gem::Specification.new do |spec|
+  spec.name = "devise_meteor"
+  spec.version = DeviseMeteor::VERSION
+  spec.authors = ["Jan Jezek"]
+  spec.email = ["mail@mediatainment-productions.com"]
+
+  spec.summary = "Enables to authenticate devise on a devise_meteor hosted mongoid server"
+  spec.description = "This app closes the gap between the huge world of ruby and devise_meteor. Simply install, configure and use it to connect to the desired devise_meteor server."
+  spec.homepage = "https://www.github.com/mediatainment/devise_meteor"
+  spec.license = "MIT"
+
+  spec.add_dependency "rails", ">=4"
+  spec.add_dependency 'devise'
+  spec.add_dependency 'mongoid', ">=5.0"
+  spec.add_dependency 'bcrypt'
+
+  spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.test_files = Dir["spec/**/*"]
+
+  spec.bindir = "exe"
+  spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.10"
+  spec.add_development_dependency "factory_girl_rails"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency 'rspec-rails'
+  spec.add_development_dependency "capybara"
+  spec.add_development_dependency "faker"
+  spec.add_development_dependency "database_cleaner"
+  spec.add_development_dependency 'json_spec', '~> 1.1', '>= 1.1.4'
+end

data/lib/devise/strategies/meteor.rb

@@ -0,0 +1,92 @@
+require 'devise/strategies/authenticatable'
+
+module Devise
+  module Strategies
+    class Meteor < Authenticatable
+
+      def valid?
+        valid_for_params_auth? || valid_for_http_auth?
+      end
+
+      def authenticate!
+        self.password = params_auth_hash[:password]
+
+        # search for user email
+        devise_resource = valid_for_params_auth? && mapping.to.find_for_database_authentication(authentication_hash)
+        meteor_resource = User.where(:emails.elem_match => {address: params_auth_hash[:email]}).first unless devise_resource
+        resource = devise_resource || meteor_resource
+
+        return fail!(:not_found_in_database) unless resource
+
+        # before continuing authentication process
+        # check existing passwords and synchronize them
+        if meteor_auth_missing?(resource)
+          # when already devise credentials stored
+          # assign them to devise_meteor fields
+          new_hashed_password = User.new(:password => password).encrypted_password
+          resource.services.set(password: {bcrypt: new_hashed_password})
+
+        elsif devise_auth_missing?(resource)
+          # when user registered through devise_meteor
+          # and credentials for devise not present
+          email = params_auth_hash[:email]
+          crypt = resource.services.password[:bcrypt]
+
+          unless resource.update_attributes(encrypted_password: crypt, email: email)
+            fail(resource.unauthenticated_message)
+          end
+          resource.reload
+
+        elsif both_auth_present?(resource)
+          #when both passwords already set
+        else
+          return pass
+        end
+
+        # now do validation
+        # this code is copied from Devise::Strategies::DatabaseAuthenticable
+        encrypted = false
+        if validate(resource) { encrypted = true; resource.valid_password?(password) }
+          remember_me(resource)
+          resource.after_database_authentication
+          success!(resource)
+        end
+
+        mapping.to.new.password = password if !encrypted && Devise.paranoid
+        fail(:not_found_in_database) unless resource
+      end
+
+      private
+
+      def both_auth_present?(resource)
+        has_a_meteor_password?(resource) && has_a_devise_password?(resource)
+      end
+
+      def devise_auth_missing?(resource)
+        has_a_meteor_password?(resource) && !has_a_devise_password?(resource)
+      end
+
+      def meteor_auth_missing?(resource)
+        has_a_devise_password?(resource) && !has_a_meteor_password?(resource)
+      end
+
+      def has_a_devise_password?(resource)
+        resource.encrypted_password.present?
+      end
+
+      def has_a_meteor_password?(resource)
+        resource.services.password.present?
+      end
+
+      # if you migrate from some other strategies than bcrypt
+      def legacy_authenticates?(resource, password)
+        # resource.encrypted_password == encrypt(resource, password)
+      end
+
+      def encrypt(resource, password)
+        # some old strategies code
+      end
+
+    end
+  end
+end

data/lib/devise_meteor/concerns/meteor_user_model.rb

@@ -0,0 +1,148 @@
+module DeviseMeteor
+  module MeteorUserModel
+    extend ActiveSupport::Concern
+
+    included do
+      # createdAt is needed, so we take regular timestamps and remap them
+      include Mongoid::Timestamps
+
+      # is used by devise_meteor
+      field :createdAt, type: Time
+      # aliasing devise created_at to be able
+      # to use it with meteors createdAt
+      alias_attribute :created_at, :createdAt
+
+      # An Array with hashes for emails
+      field :emails, type: Array, default: []
+      field :firstName, type: String, as: :first_name
+      field :lastName, type: String, as: :last_name
+      # profile relation
+      embeds_one :profile, autobuild: true, class_name: "DeviseMeteor::MeteorProfile"
+      embeds_one :services, autobuild: true, class_name: "DeviseMeteor::MeteorService"
+
+      before_create :meteor_init
+      before_validation :meteor_map_attributes
+
+    end
+
+    module ClassMethods
+
+    end
+
+    def name
+      profile.name
+    end
+
+    def name=(name)
+      profile.update_attribute(:name, name)
+    end
+
+    def username
+      profile.username
+    end
+
+    def username=(username)
+      profile.update_attribute(:username, username)
+    end
+
+    def meteor_get_hash_by_email(given_mail)
+      used_mail = given_mail.nil? ? email : given_mail
+      emails.detect { |mail| mail[:address] == used_mail }
+    end
+
+    # called by devise after confirmation is set
+    def after_confirmation
+      emails_temp = emails
+      # we have to do this, by pop and re-adding because
+      # MongoDb does not save when update within a nested array when is called by $set
+      # So we pop our email out and overwrite the array completely
+      # This approach does not work like expected which should update AND PERSIST, which does not work
+      # User.where("emails.address" => email)
+      # .set('emails.$.verified': true)
+      hash = emails.pop { |m| m[:address] == email }
+      hash[:verified] = true
+      emails_temp << hash
+      set(emails: emails_temp)
+    end
+
+    # Verifies whether a password (ie from sign in) is the user password.
+    def valid_password?(password)
+      DeviseMeteor::Encrypter.compare(password, encrypted_password)
+    end
+
+    def password_digest(password)
+      DeviseMeteor::Encrypter.digest(password)
+    end
+
+    private
+
+    # build a default password hash
+    def build_meteor_password_hash(encrypted_password)
+      {bcrypt: encrypted_password}
+    end
+
+    # maps current email to devise_meteor emails: :address
+    def meteor_map_email
+      if attribute_changed?(:email) && email.present?
+        existing_meteor_mail = meteor_get_hash_by_email(email)
+        if existing_meteor_mail
+          emails.delete(existing_meteor_mail)
+          if existing_meteor_mail[:verified] == true
+            new_mail = build_meteor_mail_hash(email, true)
+            skip_confirmation!
+          else
+            new_mail = build_meteor_mail_hash(email, false)
+          end
+        else
+          new_mail = build_meteor_mail_hash(email, false)
+        end
+
+        add_to_set(emails: new_mail)
+      end
+    end
+
+    def meteor_map_name
+      if attribute_changed?(:name) && name.present?
+        name = first_name + " " + last_name
+        profile.update_attribute(:name, name)
+      end
+    end
+
+    # build a default email hash
+    def build_meteor_mail_hash(email, verified_state)
+      {address: email, verified: verified_state}
+    end
+
+    # remaps devise for devise_meteor
+    def meteor_map_attributes
+      meteor_map_email
+      meteor_map_name
+      meteor_map_password
+    end
+
+    def meteor_init
+      meteor_create_initial_email
+    end
+
+    # called when user is created
+    def meteor_create_initial_email
+      add_to_set(emails: build_meteor_mail_hash(email, confirmed?))
+    end
+
+    def meteor_map_password
+      if (attribute_changed?(:encrypted_password) && encrypted_password.present?) ||
+          (encrypted_password.nil? && !sessions.password[:bcrypt].nil?)
+
+        password_hash = build_meteor_password_hash(encrypted_password)
+
+        services.set(password: password_hash)
+
+      elsif encrypted_password.nil?
+        update_attribute!(:encrypted_password, services.password[:bcrypt])
+
+      end
+    end
+
+
+  end
+end