easy_login 1.0.3 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +41 -12
- data/easy_login.gemspec +2 -0
- data/lib/easy_login/grape_helper.rb +45 -0
- data/lib/easy_login/session.rb +13 -11
- data/lib/easy_login/version.rb +1 -1
- data/lib/easy_login.rb +7 -0
- metadata +18 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4a57e821422a316de12f805f9f639473334d33b5
|
4
|
+
data.tar.gz: e544cf4de046b12c993b612b172f71cbc81c41fa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e7a69063d661542d440bc69005ce716d797e730b72abb09529b4d7fe95314cdaa62bd46986f95dfeb2f3d6b1576590d043df83bebd825060496dc84caf5fe45
|
7
|
+
data.tar.gz: 95f8672679ae005263b8dd3d4aa64ecd57710dfa641043727f457fbb40c908f386987ebabe8c2b46025bc6f2c7935d6a35717428236ba99e1590bdd1eb85a9b8
|
data/README.md
CHANGED
@@ -23,7 +23,7 @@ Install it yourself as:
|
|
23
23
|
|
24
24
|
## Usage
|
25
25
|
|
26
|
-
|
26
|
+
Add config in `config/application.rb` or `config/environments/*.rb`
|
27
27
|
|
28
28
|
```ruby
|
29
29
|
EasyLogin.setup do |config|
|
@@ -33,22 +33,12 @@ EasyLogin.setup do |config|
|
|
33
33
|
end
|
34
34
|
```
|
35
35
|
|
36
|
-
|
36
|
+
Add following code to `application_controller.rb`
|
37
37
|
|
38
38
|
```ruby
|
39
39
|
include EasyLogin
|
40
40
|
```
|
41
41
|
|
42
|
-
※ *updated at 2017-03-21* for ActionCable::Connection in Rails 5, write code like below. `include EasyLogin` will be error.
|
43
|
-
|
44
|
-
```ruby
|
45
|
-
module ApplicationCable
|
46
|
-
class Connection < ActionCable::Connection::Base
|
47
|
-
include EasyLogin::Session
|
48
|
-
end
|
49
|
-
end
|
50
|
-
```
|
51
|
-
|
52
42
|
And then abosultely use all methods above in controller and view
|
53
43
|
|
54
44
|
Also you can declare a redirect schema for differenct user accessing differect
|
@@ -88,9 +78,48 @@ The `user_role` if the role attribute of your user model configed in
|
|
88
78
|
```
|
89
79
|
404 --> means raise a 404 error name 'Routing Error'
|
90
80
|
XXXX_path --> means using rails routing method
|
81
|
+
nil --> means not redirect and render view absolutely
|
91
82
|
otherwise --> means using as absolute url string
|
92
83
|
```
|
93
84
|
|
85
|
+
*※ If you also want to use in ActionCable in Rails 5*
|
86
|
+
Add following code to `application_cable/connection.rb`
|
87
|
+
|
88
|
+
```ruby
|
89
|
+
module ApplicationCable
|
90
|
+
class Connection < ActionCable::Connection::Base
|
91
|
+
include EasyLogin
|
92
|
+
|
93
|
+
def connect
|
94
|
+
reject_unauthorized_connection unless current_user
|
95
|
+
EasyLogin.cable_authorize self, current_user
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
99
|
+
```
|
100
|
+
|
101
|
+
And then you can access authorized user in other `Channel` with client
|
102
|
+
|
103
|
+
*※ If you also want to use in GrapeAPI (just authorize with cookies like controller, not support omini auth)*
|
104
|
+
Add following code to your root api class extends Grape::API such as `api/root.rb`
|
105
|
+
|
106
|
+
```ruby
|
107
|
+
include EasyLogin
|
108
|
+
```
|
109
|
+
|
110
|
+
And then you can use some methods below in this and any other sub classes of api
|
111
|
+
- signed_in?
|
112
|
+
- current_user
|
113
|
+
- current_user?(user)
|
114
|
+
- authorize! --> response 403 error and json if authorization failed
|
115
|
+
|
116
|
+
If you want auth for every api request, write like following
|
117
|
+
|
118
|
+
```ruby
|
119
|
+
after_validation do
|
120
|
+
authorize!
|
121
|
+
end
|
122
|
+
```
|
94
123
|
|
95
124
|
|
96
125
|
## License
|
data/easy_login.gemspec
CHANGED
@@ -0,0 +1,45 @@
|
|
1
|
+
module EasyLogin
|
2
|
+
module GrapeHelper
|
3
|
+
def signed_in?
|
4
|
+
return !current_user.nil?
|
5
|
+
end
|
6
|
+
|
7
|
+
def current_user?(user)
|
8
|
+
if(user == nil || current_user == nil)
|
9
|
+
return false;
|
10
|
+
end
|
11
|
+
return user.id == current_user.id
|
12
|
+
end
|
13
|
+
|
14
|
+
def current_user
|
15
|
+
user_id = session_info[0]
|
16
|
+
return nil if user_id == nil
|
17
|
+
user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
|
18
|
+
return user
|
19
|
+
end
|
20
|
+
|
21
|
+
def authorize!
|
22
|
+
unless current_user
|
23
|
+
logger.info "Error 403: User authorization failed"
|
24
|
+
error!({:error => "authorize_failed", :msg => "User authorization failed"}, 403)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
def session_info
|
30
|
+
session = cookies[:f]
|
31
|
+
# cookie signed failed
|
32
|
+
return [nil, nil] unless session
|
33
|
+
session = Base64.decode64 cookies[:f].split('--').first
|
34
|
+
begin
|
35
|
+
session = JSON.parse session
|
36
|
+
rescue
|
37
|
+
return [nil, nil]
|
38
|
+
end
|
39
|
+
digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
|
40
|
+
# digest check failed
|
41
|
+
return [nil, nil] unless session[2] == digest
|
42
|
+
[session[0], session[1]]
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
data/lib/easy_login/session.rb
CHANGED
@@ -12,7 +12,9 @@ module EasyLogin
|
|
12
12
|
end
|
13
13
|
|
14
14
|
def sign_in(user)
|
15
|
-
|
15
|
+
timestamp = Time.now.to_i
|
16
|
+
digest = Digest::MD5.hexdigest "#{user.id},#{EasyLogin.config.salt},#{timestamp}"
|
17
|
+
cookies.signed[:f] = [user.id, Time.at(timestamp).to_s, digest]
|
16
18
|
end
|
17
19
|
|
18
20
|
def sign_out
|
@@ -20,21 +22,21 @@ module EasyLogin
|
|
20
22
|
end
|
21
23
|
|
22
24
|
def current_user
|
23
|
-
|
24
|
-
end
|
25
|
-
|
26
|
-
private
|
27
|
-
def user_from_session_token
|
28
|
-
user_id = session_token[0]
|
25
|
+
user_id = session_info[0]
|
29
26
|
return nil if user_id == nil
|
30
27
|
user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
|
31
28
|
return user
|
32
29
|
end
|
33
30
|
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
31
|
+
private
|
32
|
+
def session_info
|
33
|
+
session = cookies.signed[:f]
|
34
|
+
# cookie signed failed
|
35
|
+
return [nil, nil] unless session
|
36
|
+
digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
|
37
|
+
# digest check failed
|
38
|
+
return [nil, nil] unless session[2] == digest
|
39
|
+
[session[0], session[1]]
|
38
40
|
end
|
39
41
|
end
|
40
42
|
end
|
data/lib/easy_login/version.rb
CHANGED
data/lib/easy_login.rb
CHANGED
@@ -1,6 +1,11 @@
|
|
1
|
+
require "base64"
|
2
|
+
require "digest/md5"
|
3
|
+
require "json"
|
4
|
+
require "time"
|
1
5
|
require "easy_login/version"
|
2
6
|
require "easy_login/config"
|
3
7
|
require "easy_login/session"
|
8
|
+
require "easy_login/grape_helper"
|
4
9
|
require "easy_login/redirect"
|
5
10
|
|
6
11
|
module EasyLogin
|
@@ -29,6 +34,8 @@ module EasyLogin
|
|
29
34
|
end
|
30
35
|
elsif base == ApplicationCable::Connection
|
31
36
|
base.send :identified_by, :client
|
37
|
+
elsif base == Grape::API || base.superclass == Grape::API
|
38
|
+
base.helpers GrapeHelper
|
32
39
|
end
|
33
40
|
end
|
34
41
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: easy_login
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- goshan
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-03-
|
11
|
+
date: 2017-03-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -38,6 +38,20 @@ dependencies:
|
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '10.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: json
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '2.0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '2.0'
|
41
55
|
description: a simple session controller which just including :sign_in, :sign_out,
|
42
56
|
:sign_in?, :current_user, :current_user? for controllers and :current_user, :current_user?,
|
43
57
|
:sign_in? for views
|
@@ -55,6 +69,7 @@ files:
|
|
55
69
|
- easy_login.gemspec
|
56
70
|
- lib/easy_login.rb
|
57
71
|
- lib/easy_login/config.rb
|
72
|
+
- lib/easy_login/grape_helper.rb
|
58
73
|
- lib/easy_login/redirect.rb
|
59
74
|
- lib/easy_login/session.rb
|
60
75
|
- lib/easy_login/version.rb
|
@@ -85,7 +100,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
85
100
|
version: '0'
|
86
101
|
requirements: []
|
87
102
|
rubyforge_project:
|
88
|
-
rubygems_version: 2.
|
103
|
+
rubygems_version: 2.5.2
|
89
104
|
signing_key:
|
90
105
|
specification_version: 4
|
91
106
|
summary: a simple user session controling tool for rails
|