door_mat 0.0.5

data/spec/test_app/app/views/static/only_confirmed_email_allowed.html.erb

@@ -0,0 +1,10 @@
+<h1>Static#only_confirmed_email_allowed</h1>
+<p>Find me in spec/test_app/app/views/static/only_confirmed_email_allowed.html.erb</p>
+
+<h1>Protected page that require the user email to be confirmed in order to have access</h1>
+
+<p>You need to be signed in with a confirmed email to access this page.</p>
+
+
+<%= link_to 'Sign Out', door_mat.sign_out_path %> or
+go back to the <%= link_to 'Session Protected Page', main_app.session_protected_page_path %>

data/spec/test_app/app/views/static/page_that_require_password_reconfirmation.html.erb

@@ -0,0 +1,16 @@
+<h1>Static#page_that_require_password_reconfirmation</h1>
+<p>Find me in spec/test_app/app/views/static/page_that_require_password_reconfirmation.html.erb</p>
+
+<h1>Protected page that require password reconfirmation</h1>
+
+<p>You need to be signed in to access this page.</p>
+
+<p>
+  Your password must also have been entered less than
+  DoorMat.configuration.password_reconfirm_delay = <%= DoorMat.configuration.password_reconfirm_delay %>
+  minutes ago to have access to this page.
+</p>
+
+
+<%= link_to 'Sign Out', door_mat.sign_out_path %> or
+  go back to the <%= link_to 'Session Protected Page', main_app.session_protected_page_path %>

data/spec/test_app/app/views/static/session_protected_page.html.erb

@@ -0,0 +1,32 @@
+<h1>Static#session_protected_page</h1>
+<p>Find me in spec/test_app/app/views/static/session_protected_page.html.erb</p>
+
+<h1>Protected page</h1>
+
+<p>You need to be signed in to access this page.</p>
+
+<%= link_to 'Sign Out', door_mat.sign_out_path %>
+
+<p>
+  The
+<%= link_to 'Show Account', main_app.account_show_path %>
+  page represent a section of the site containing sensitive information that
+  is further protected with require_password_reconfirm(15)
+  and will require a recent password re-confirmation, within the last 15 minutes,
+  to access.
+</p>
+
+<p>The
+  <%= link_to 'Password Reconfirm Required Page', main_app.page_that_require_password_reconfirmation_path %>
+  also require reconfirmation of the password based on the password_reconfirm_delay configuration parameter.
+</p>
+
+<p>
+  A session obtained through the "Remember Me" feature will not grant access to either the Show Account or
+  the Password Reconfirm Required Page page without password re-confirmation.
+</p>
+
+<p>
+  Some area of the site will also require you to use a confirmed email.
+  <%= link_to 'This page is an example of this.', main_app.only_confirmed_email_allowed_path %>
+</p>

data/spec/test_app/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/test_app/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/test_app/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/test_app/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Rails.application

data/spec/test_app/config/application.rb

@@ -0,0 +1,29 @@
+require File.expand_path('../boot', __FILE__)
+
+# Pick the frameworks you want:
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+require "sprockets/railtie"
+# require "rails/test_unit/railtie"
+
+Bundler.require(*Rails.groups)
+require "door_mat"
+
+module TestApp
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end
+

data/spec/test_app/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/test_app/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/spec/test_app/config/environment.rb

@@ -0,0 +1,19 @@
+if ENV['COVERAGE']
+  require 'simplecov'
+  SimpleCov.start do
+    add_filter '/spec/'
+
+    add_group 'Controllers', 'app/controllers'
+    add_group 'Models', 'app/models'
+    add_group 'Helpers', 'app/helpers'
+    add_group 'Mailers', 'app/mailers'
+    add_group 'Views', 'app/views'
+    add_group 'Libraries', 'lib'
+  end
+end
+
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/spec/test_app/config/environments/development.rb

@@ -0,0 +1,50 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Use mailcatcher for development email delivery
+  config.action_mailer.raise_delivery_errors = true
+  config.action_mailer.delivery_method = :smtp
+  config.action_mailer.smtp_settings = { :address => 'localhost', :port => 1025 }
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
+  config.log_tags = [ :subdomain, :uuid ]
+end
+
+require 'byebug'
+
+Rails.application.routes.default_url_options[:host] = 'localhost'
+DoorMat::Engine.routes.default_url_options[:host] = 'localhost'
+
+DoorMat.configure do |config|
+  config.transmit_cookies_only_over_https = false
+end

data/spec/test_app/config/environments/production.rb

@@ -0,0 +1,83 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Add `rack-cache` to your Gemfile before enabling this.
+  # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
+  # config.action_dispatch.rack_cache = true
+
+  # Disable Rails's static asset server (Apache or nginx will already do this).
+  config.serve_static_files = false
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # Generate digests for assets URLs.
+  config.assets.digest = true
+
+  # Version of your assets, change this if you want to expire all your assets.
+  config.assets.version = '1.0'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  # config.force_ssl = true
+
+  # Set to :debug to see everything in the log.
+  config.log_level = :info
+
+  # Prepend all log lines with the following tags.
+  # config.log_tags = [ :subdomain, :uuid ]
+
+  # Use a different logger for distributed setups.
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Precompile additional assets.
+  # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+  # config.assets.precompile += %w( search.js )
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Disable automatic flushing of the log to improve performance.
+  # config.autoflush_log = false
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+end

data/spec/test_app/config/environments/test.rb

@@ -0,0 +1,48 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # The test environment is used exclusively to run your application's
+  # test suite. You never need to work with it otherwise. Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs. Don't rely on the data there!
+  config.cache_classes = true
+
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = true
+
+  # Configure static asset server for tests with Cache-Control for performance.
+  config.serve_static_files  = true
+  config.static_cache_control = 'public, max-age=3600'
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates.
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment.
+  config.action_controller.allow_forgery_protection = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+  config.action_mailer.default_url_options = { :host => 'localhost'}
+
+  # Print deprecation notices to the stderr.
+  config.active_support.deprecation = :stderr
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end
+
+Rails.application.routes.default_url_options[:host] = 'localhost'
+DoorMat::Engine.routes.default_url_options[:host] = 'localhost'
+
+DoorMat.configure do |config|
+  config.transmit_cookies_only_over_https = false
+  config.public_computer_access_session_timeout = 30
+end

data/spec/test_app/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

data/spec/test_app/config/initializers/cookies_serializer.rb

@@ -0,0 +1,3 @@
+# Be sure to restart your server when you modify this file.
+
+Rails.application.config.action_dispatch.cookies_serializer = :json

data/spec/test_app/config/initializers/door_mat.rb

@@ -0,0 +1,72 @@
+
+Rails.application.config.to_prepare do
+  DoorMat::Actor.class_eval do
+    # Sample symmetric encryption
+    has_one :user_detail, :dependent => :destroy
+    has_many :games, :dependent => :destroy
+
+    # Sample asymmetric (Public-key) encryption
+    has_many :shared_keys, :dependent => :destroy
+    has_many :shared_data, :through => :shared_keys
+  end
+end
+
+DoorMat.configure do |config|
+  config.sign_in_success_url = [:main_app, :session_protected_page_url]
+  config.sign_up_success_url = [:main_app, :session_protected_page_url]
+  config.add_email_success_url = [:main_app, :account_show_url]
+
+  config.password_less_sessions = {
+      password_less_defaults: {
+          generic_redirect_url: [:main_app, :root_url]
+      },
+      big_ticket: {
+          actor: {
+              email: Rails.application.secrets.admin_account_email,
+              password: Rails.application.secrets.admin_account_pwd
+          },
+          challenge: [:email],
+          validate: false, # Anybody can play the game
+          # validate: -> (address) { /@cheater.com\z/.match(address).blank? }, # Don't let those cheaters play the game...
+          # validate: -> (address) { DoorMat::Email.count(address) > 0 }, # Must be a registered user to play the game...
+          expiration_delay: 30.minutes, # (or 10.days, etc.) before the link expires
+          status: :single_use, # or :multiple_use access token
+          form_submit_path: [:main_app, :big_ticket_path],
+          default_success_url: [:main_app, :draw_results_url],
+          transitions: [:play_game]
+      },
+      play_game: {
+          actor: {
+              email: Rails.application.secrets.admin_account_email,
+              password: Rails.application.secrets.admin_account_pwd
+          },
+          expiration_delay: 30.minutes,
+          status: :single_use,
+          transitions: [:show_loosing_door]
+      },
+      show_loosing_door: {
+          actor: {
+              email: Rails.application.secrets.admin_account_email,
+              password: Rails.application.secrets.admin_account_pwd
+          },
+          expiration_delay: 30.minutes,
+          status: :single_use
+      },
+      multipass: {
+          actor: {
+              email: Rails.application.secrets.admin_account_email,
+              password: Rails.application.secrets.admin_account_pwd
+          },
+          challenge: [:email],
+          validate: -> (address) { !/\Aleeloo@example.com\z/.match(address).blank? },
+          expiration_delay: 1.day,
+          status: :multiple_use,
+          form_submit_path: [:main_app, :multipass_path],
+          default_success_url: [:main_app, :draw_results_url],
+          transitions: [:play_game]
+      }
+  }
+
+  config.logger = Rails.logger
+  config.mailer_from_address = Rails.application.secrets.mailer_address
+end

data/spec/test_app/config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+# Rails.application.config.filter_parameters += [:password]