easy_login 1.0.3 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bd2b5799e90f0746d45eda813f79e6c7f40aad0d
-  data.tar.gz: af8feb14d87000766c6932743323c8f3532fa303
+  metadata.gz: 4a57e821422a316de12f805f9f639473334d33b5
+  data.tar.gz: e544cf4de046b12c993b612b172f71cbc81c41fa
 SHA512:
-  metadata.gz: 5deb09ad7d7bfec4f6b27fc9db6fbff3d2c3e545a470a92159247aa58c991291355876a3e60dd61c8fa242987cce0aefc77c4355c3737a6acc1db9f87f51a3cc
-  data.tar.gz: a8cc6ced54dc7929142ef8225e6c6485ae655de2ea1e1c883b944baefa5a62600c67b79a4838c0351c0047bd9482131724d50a6f6ff78cada858f2080cc0fce9
+  metadata.gz: 3e7a69063d661542d440bc69005ce716d797e730b72abb09529b4d7fe95314cdaa62bd46986f95dfeb2f3d6b1576590d043df83bebd825060496dc84caf5fe45
+  data.tar.gz: 95f8672679ae005263b8dd3d4aa64ecd57710dfa641043727f457fbb40c908f386987ebabe8c2b46025bc6f2c7935d6a35717428236ba99e1590bdd1eb85a9b8

data/README.md

@@ -23,7 +23,7 @@ Install it yourself as:
 
 ## Usage
 
-Added config in `config/application.rb` or `config/environments/*.rb`
+Add config in `config/application.rb` or `config/environments/*.rb`
 
 ```ruby
 EasyLogin.setup do |config|
@@ -33,22 +33,12 @@ EasyLogin.setup do |config|
 end
 ```
 
-Added following code to `application_controller.rb`
+Add following code to `application_controller.rb`
 
 ```ruby
 include EasyLogin
 ```
 
-※ *updated at 2017-03-21* for ActionCable::Connection in Rails 5, write code like below. `include EasyLogin` will be error.
-
-```ruby
-module ApplicationCable
-  class Connection < ActionCable::Connection::Base
-    include EasyLogin::Session
-  end
-end
-```
-
 And then abosultely use all methods above in controller and view
 
 Also you can declare a redirect schema for differenct user accessing differect
@@ -88,9 +78,48 @@ The `user_role` if the role attribute of your user model configed in
 ```
 404 --> means raise a 404 error name 'Routing Error'
 XXXX_path --> means using rails routing method
+nil --> means not redirect and render view absolutely
 otherwise --> means using as absolute url string
 ```
 
+*※ If you also want to use in ActionCable in Rails 5*  
+Add following code to `application_cable/connection.rb`
+
+```ruby
+module ApplicationCable
+  class Connection < ActionCable::Connection::Base
+    include EasyLogin
+    
+    def connect
+      reject_unauthorized_connection unless current_user
+      EasyLogin.cable_authorize self, current_user
+    end
+  end
+end
+```
+
+And then you can access authorized user in other `Channel` with client
+
+*※ If you also want to use in GrapeAPI (just authorize with cookies like controller, not support omini auth)*  
+Add following code to your root api class extends Grape::API such as `api/root.rb`
+
+```ruby
+include EasyLogin
+```
+
+And then you can use some methods below in this and any other sub classes of api
+- signed_in?
+- current_user
+- current_user?(user)
+- authorize! --> response 403 error and json if authorization failed
+
+If you want auth for every api request, write like following
+
+```ruby
+after_validation do
+	authorize!
+end
+```
 
 
 ## License

data/easy_login.gemspec

@@ -27,4 +27,6 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.10"
   spec.add_development_dependency "rake", "~> 10.0"
+
+  spec.add_runtime_dependency "json", "~> 2.0"
 end

data/lib/easy_login/grape_helper.rb

@@ -0,0 +1,45 @@
+module EasyLogin
+  module GrapeHelper
+    def signed_in?
+      return !current_user.nil?
+    end
+
+    def current_user?(user)
+      if(user == nil || current_user == nil)
+        return false;
+      end
+      return user.id == current_user.id
+    end
+
+    def current_user
+      user_id = session_info[0]
+      return nil if user_id == nil
+      user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
+      return user
+    end
+
+    def authorize!
+      unless current_user
+        logger.info "Error 403: User authorization failed"
+        error!({:error => "authorize_failed", :msg => "User authorization failed"}, 403)
+      end
+    end
+
+    private
+    def session_info
+      session = cookies[:f]
+      # cookie signed failed
+      return [nil, nil] unless session
+      session = Base64.decode64 cookies[:f].split('--').first
+      begin
+        session = JSON.parse session
+      rescue
+        return [nil, nil]
+      end
+      digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
+      # digest check failed
+      return [nil, nil] unless session[2] == digest
+      [session[0], session[1]]
+    end
+  end
+end

data/lib/easy_login/session.rb

@@ -12,7 +12,9 @@ module EasyLogin
 		end
 
 		def sign_in(user)
-			cookies.signed[:f] = [user.id, EasyLogin.config.salt]
+      timestamp = Time.now.to_i
+      digest = Digest::MD5.hexdigest "#{user.id},#{EasyLogin.config.salt},#{timestamp}"
+			cookies.signed[:f] = [user.id, Time.at(timestamp).to_s, digest]
 		end
 
 		def sign_out
@@ -20,21 +22,21 @@ module EasyLogin
 		end
 
 		def current_user
-			user_from_session_token
-		end
-
-		private
-		def user_from_session_token
-			user_id = session_token[0]
+			user_id = session_info[0]
 			return nil if user_id == nil
 			user = EasyLogin.config.user_model.capitalize.constantize.find_by_id(user_id)
 			return user
 		end
 
-		def session_token
-			session = cookies.signed[:f] || [nil, nil]
-			return [nil, session[1]] unless session[1] == EasyLogin.config.salt
-			session
+		private
+    def session_info
+      session = cookies.signed[:f]
+      # cookie signed failed
+			return [nil, nil] unless session
+      digest = Digest::MD5.hexdigest "#{session[0]},#{EasyLogin.config.salt},#{Time.parse(session[1]).to_i}"
+      # digest check failed
+      return [nil, nil] unless session[2] == digest
+			[session[0], session[1]]
 		end
 	end
 end

data/lib/easy_login/version.rb

@@ -1,3 +1,3 @@
 module EasyLogin
-  VERSION = "1.0.3"
+  VERSION = "1.1.0"
 end

data/lib/easy_login.rb

@@ -1,6 +1,11 @@
+require "base64"
+require "digest/md5"
+require "json"
+require "time"
 require "easy_login/version"
 require "easy_login/config"
 require "easy_login/session"
+require "easy_login/grape_helper"
 require "easy_login/redirect"
 
 module EasyLogin
@@ -29,6 +34,8 @@ module EasyLogin
       end
     elsif base == ApplicationCable::Connection
       base.send :identified_by, :client
+    elsif base == Grape::API || base.superclass == Grape::API
+      base.helpers GrapeHelper
     end
   end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: easy_login
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.1.0
 platform: ruby
 authors:
 - goshan
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-21 00:00:00.000000000 Z
+date: 2017-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -38,6 +38,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 description: a simple session controller which just including :sign_in, :sign_out,
   :sign_in?, :current_user, :current_user? for controllers and :current_user, :current_user?,
   :sign_in? for views
@@ -55,6 +69,7 @@ files:
 - easy_login.gemspec
 - lib/easy_login.rb
 - lib/easy_login/config.rb
+- lib/easy_login/grape_helper.rb
 - lib/easy_login/redirect.rb
 - lib/easy_login/session.rb
 - lib/easy_login/version.rb
@@ -85,7 +100,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: a simple user session controling tool for rails