easy_login 1.0.3 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bd2b5799e90f0746d45eda813f79e6c7f40aad0d
4
- data.tar.gz: af8feb14d87000766c6932743323c8f3532fa303
3
+ metadata.gz: 4a57e821422a316de12f805f9f639473334d33b5
4
+ data.tar.gz: e544cf4de046b12c993b612b172f71cbc81c41fa
5
5
  SHA512:
6
- metadata.gz: 5deb09ad7d7bfec4f6b27fc9db6fbff3d2c3e545a470a92159247aa58c991291355876a3e60dd61c8fa242987cce0aefc77c4355c3737a6acc1db9f87f51a3cc
7
- data.tar.gz: a8cc6ced54dc7929142ef8225e6c6485ae655de2ea1e1c883b944baefa5a62600c67b79a4838c0351c0047bd9482131724d50a6f6ff78cada858f2080cc0fce9
6
+ metadata.gz: 3e7a69063d661542d440bc69005ce716d797e730b72abb09529b4d7fe95314cdaa62bd46986f95dfeb2f3d6b1576590d043df83bebd825060496dc84caf5fe45
7
+ data.tar.gz: 95f8672679ae005263b8dd3d4aa64ecd57710dfa641043727f457fbb40c908f386987ebabe8c2b46025bc6f2c7935d6a35717428236ba99e1590bdd1eb85a9b8
data/README.md CHANGED
@@ -23,7 +23,7 @@ Install it yourself as:
23
23
 
24
24
  ## Usage
25
25
 
26
- Added config in `config/application.rb` or `config/environments/*.rb`
26
+ Add config in `config/application.rb` or `config/environments/*.rb`
27
27
 
28
28
  ```ruby
29
29
  EasyLogin.setup do |config|
@@ -33,22 +33,12 @@ EasyLogin.setup do |config|
33
33
  end
34
34
  ```
35
35
 
36
- Added following code to `application_controller.rb`
36
+ Add following code to `application_controller.rb`
37
37
 
38
38
  ```ruby
39
39
  include EasyLogin
40
40
  ```
41
41
 
42
- ※ *updated at 2017-03-21* for ActionCable::Connection in Rails 5, write code like below. `include EasyLogin` will be error.
43
-
44
- ```ruby
45
- module ApplicationCable
46
- class Connection < ActionCable::Connection::Base
47
- include EasyLogin::Session
48
- end
49
- end
50
- ```
51
-
52
42
  And then abosultely use all methods above in controller and view
53
43
 
54
44
  Also you can declare a redirect schema for differenct user accessing differect
@@ -88,9 +78,48 @@ The `user_role` if the role attribute of your user model configed in
88
78
  ```
89
79
  404 --> means raise a 404 error name 'Routing Error'
90
80
  XXXX_path --> means using rails routing method
81
+ nil --> means not redirect and render view absolutely
91
82
  otherwise --> means using as absolute url string
92
83
  ```
93
84
 
85
+ *※ If you also want to use in ActionCable in Rails 5*
86
+ Add following code to `application_cable/connection.rb`
87
+
88
+ ```ruby
89
+ module ApplicationCable
90
+ class Connection < ActionCable::Connection::Base
91
+ include EasyLogin
92
+
93
+ def connect
94
+ reject_unauthorized_connection unless current_user
95
+ EasyLogin.cable_authorize self, current_user
96
+ end
97
+ end
98
+ end
99
+ ```
100
+
101
+ And then you can access authorized user in other `Channel` with client
102
+
103
+ *※ If you also want to use in GrapeAPI (just authorize with cookies like controller, not support omini auth)*
104
+ Add following code to your root api class extends Grape::API such as `api/root.rb`
105
+
106
+ ```ruby
107
+ include EasyLogin
108
+ ```
109
+
110
+ And then you can use some methods below in this and any other sub classes of api
111
+ - signed_in?
112
+ - current_user
113
+ - current_user?(user)
114
+ - authorize! --> response 403 error and json if authorization failed
115
+
116
+ If you want auth for every api request, write like following
117
+
118
+ ```ruby
119
+ after_validation do
120
+ authorize!
121
+ end
122
+ ```
94
123
 
95
124
 
96
125
  ## License
data/easy_login.gemspec CHANGED
@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
27
27
 
28
28
  spec.add_development_dependency "bundler", "~> 1.10"
29
29
  spec.add_development_dependency "rake", "~> 10.0"
30
+
31
+ spec.add_runtime_dependency "json", "~> 2.0"
30
32
  end
@@ -0,0 +1,45 @@
1
+ module EasyLogin
2
+ module GrapeHelper
3
+ def signed_in?
4
+ return !current_user.nil?
5
+ end
6
+
7
+ def current_user?(user)
8
+ if(user == nil || current_user == nil)
9
+ return false;
10
+ end
11
+ return user.id == current_user.id
12
+ end
13
+
14
+ def current_user
15
+ user_id = session_info[0]
16
+ return nil if user_id == nil
17
+ user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
18
+ return user
19
+ end
20
+
21
+ def authorize!
22
+ unless current_user
23
+ logger.info "Error 403: User authorization failed"
24
+ error!({:error => "authorize_failed", :msg => "User authorization failed"}, 403)
25
+ end
26
+ end
27
+
28
+ private
29
+ def session_info
30
+ session = cookies[:f]
31
+ # cookie signed failed
32
+ return [nil, nil] unless session
33
+ session = Base64.decode64 cookies[:f].split('--').first
34
+ begin
35
+ session = JSON.parse session
36
+ rescue
37
+ return [nil, nil]
38
+ end
39
+ digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
40
+ # digest check failed
41
+ return [nil, nil] unless session[2] == digest
42
+ [session[0], session[1]]
43
+ end
44
+ end
45
+ end
@@ -12,7 +12,9 @@ module EasyLogin
12
12
  end
13
13
 
14
14
  def sign_in(user)
15
- cookies.signed[:f] = [user.id, EasyLogin.config.salt]
15
+ timestamp = Time.now.to_i
16
+ digest = Digest::MD5.hexdigest "#{user.id},#{EasyLogin.config.salt},#{timestamp}"
17
+ cookies.signed[:f] = [user.id, Time.at(timestamp).to_s, digest]
16
18
  end
17
19
 
18
20
  def sign_out
@@ -20,21 +22,21 @@ module EasyLogin
20
22
  end
21
23
 
22
24
  def current_user
23
- user_from_session_token
24
- end
25
-
26
- private
27
- def user_from_session_token
28
- user_id = session_token[0]
25
+ user_id = session_info[0]
29
26
  return nil if user_id == nil
30
27
  user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
31
28
  return user
32
29
  end
33
30
 
34
- def session_token
35
- session = cookies.signed[:f] || [nil, nil]
36
- return [nil, session[1]] unless session[1] == EasyLogin.config.salt
37
- session
31
+ private
32
+ def session_info
33
+ session = cookies.signed[:f]
34
+ # cookie signed failed
35
+ return [nil, nil] unless session
36
+ digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
37
+ # digest check failed
38
+ return [nil, nil] unless session[2] == digest
39
+ [session[0], session[1]]
38
40
  end
39
41
  end
40
42
  end
@@ -1,3 +1,3 @@
1
1
  module EasyLogin
2
- VERSION = "1.0.3"
2
+ VERSION = "1.1.0"
3
3
  end
data/lib/easy_login.rb CHANGED
@@ -1,6 +1,11 @@
1
+ require "base64"
2
+ require "digest/md5"
3
+ require "json"
4
+ require "time"
1
5
  require "easy_login/version"
2
6
  require "easy_login/config"
3
7
  require "easy_login/session"
8
+ require "easy_login/grape_helper"
4
9
  require "easy_login/redirect"
5
10
 
6
11
  module EasyLogin
@@ -29,6 +34,8 @@ module EasyLogin
29
34
  end
30
35
  elsif base == ApplicationCable::Connection
31
36
  base.send :identified_by, :client
37
+ elsif base == Grape::API || base.superclass == Grape::API
38
+ base.helpers GrapeHelper
32
39
  end
33
40
  end
34
41
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: easy_login
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - goshan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-03-21 00:00:00.000000000 Z
11
+ date: 2017-03-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '10.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: json
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '2.0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.0'
41
55
  description: a simple session controller which just including :sign_in, :sign_out,
42
56
  :sign_in?, :current_user, :current_user? for controllers and :current_user, :current_user?,
43
57
  :sign_in? for views
@@ -55,6 +69,7 @@ files:
55
69
  - easy_login.gemspec
56
70
  - lib/easy_login.rb
57
71
  - lib/easy_login/config.rb
72
+ - lib/easy_login/grape_helper.rb
58
73
  - lib/easy_login/redirect.rb
59
74
  - lib/easy_login/session.rb
60
75
  - lib/easy_login/version.rb
@@ -85,7 +100,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
85
100
  version: '0'
86
101
  requirements: []
87
102
  rubyforge_project:
88
- rubygems_version: 2.4.5
103
+ rubygems_version: 2.5.2
89
104
  signing_key:
90
105
  specification_version: 4
91
106
  summary: a simple user session controling tool for rails