ende 0.1.13 → 0.1.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/assets/javascripts/aura/extensions/devise.js.coffee +12 -4
- data/lib/assets/javascripts/aura/extensions/models.js.coffee.erb +0 -1
- data/lib/assets/javascripts/aura/extensions/states.js.coffee +2 -2
- data/lib/assets/javascripts/widgets/content/main.js.coffee +11 -2
- data/lib/ende/{users_controller_extensions.rb → csrf_extensions.rb} +2 -3
- data/lib/ende/version.rb +1 -1
- data/lib/ende.rb +24 -8
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7f1fa726cca4d5dea9d79728ab4514c94cfe2e66
|
|
4
|
+
data.tar.gz: cbcfa0d7032b6ece8813f9aefe6e0c7368b62ec8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5aa132ef4d935ea74a64ebc8da48ba450db1be31153ac5576546d3ff20ea16538054d28a1133fb0a5a57aa5e046671e429e667f647fcc58c6d7a013e3a999d09
|
|
7
|
+
data.tar.gz: 7c23fc7d605efa748596c8771b14e15f761e444e82cac8d550aa7629e8ca9e6d4435b9d0ff7b6b156bc4a0ff7f98afe9a0fbd9de661d1a5b1e22867257d1399e
|
|
@@ -107,10 +107,20 @@ define 'aura/extensions/devise', () ->
|
|
|
107
107
|
# make delete requests
|
|
108
108
|
session.instance.id = 0
|
|
109
109
|
session.instance.destroy()
|
|
110
|
-
.done ->
|
|
110
|
+
.done (response, status, xhr) ->
|
|
111
111
|
sandbox.current_user = null
|
|
112
112
|
sandbox.signed_in = false
|
|
113
113
|
mediator.emit 'user.signed_out', @
|
|
114
|
+
|
|
115
|
+
# When the user logs in, the csrf token changes, so we need
|
|
116
|
+
# to update it too! The ende gem extends the controller when
|
|
117
|
+
# devise is included to send it to us
|
|
118
|
+
# TODO implement as a indemma extension
|
|
119
|
+
token = xhr.getResponseHeader 'X-CSRF-Token'
|
|
120
|
+
console.warn "Server did not send the new csrf token.\n User may not be able to log in again!" unless token
|
|
121
|
+
$('meta[name="csrf-token"]').attr 'content', token
|
|
122
|
+
|
|
123
|
+
|
|
114
124
|
.fail (xhr) ->
|
|
115
125
|
mediator.emit 'session.destruction_failed', @
|
|
116
126
|
|
|
@@ -200,8 +210,6 @@ define 'aura/extensions/devise', () ->
|
|
|
200
210
|
# TODO move session.restoring check outside this method
|
|
201
211
|
mediator.emit 'password.update_failed' , @
|
|
202
212
|
|
|
203
|
-
|
|
204
|
-
|
|
205
213
|
domain =
|
|
206
214
|
action_unauthorized: ->
|
|
207
215
|
# Try to restore session in case of forbindness
|
|
@@ -226,7 +234,7 @@ define 'aura/extensions/devise', () ->
|
|
|
226
234
|
|
|
227
235
|
# Extension definition
|
|
228
236
|
name: 'devise'
|
|
229
|
-
version: '1.0.
|
|
237
|
+
version: '1.0.1'
|
|
230
238
|
initialize: (application) ->
|
|
231
239
|
{core, sandbox} = application
|
|
232
240
|
{mediator} = core
|
|
@@ -7,7 +7,7 @@ define 'aura/extensions/states', ['application/states'], (states) ->
|
|
|
7
7
|
{dom, mediator} = core
|
|
8
8
|
|
|
9
9
|
state =
|
|
10
|
-
current: '
|
|
10
|
+
current: 'initialization'
|
|
11
11
|
list: []
|
|
12
12
|
previous: null
|
|
13
13
|
change: (transition) ->
|
|
@@ -63,7 +63,7 @@ define 'aura/extensions/states', ['application/states'], (states) ->
|
|
|
63
63
|
logger.error "states.flow.failed: Failed autostarting widget! \n Message: #{exception.message}", exception
|
|
64
64
|
|
|
65
65
|
|
|
66
|
-
version: '0.2.
|
|
66
|
+
version: '0.2.2'
|
|
67
67
|
|
|
68
68
|
initialize: (application) ->
|
|
69
69
|
mediator.on 'state.change' , state.change
|
|
@@ -27,6 +27,8 @@ define ->
|
|
|
27
27
|
else
|
|
28
28
|
@sandbox.once "content.#{@identifier}.load", @, @load
|
|
29
29
|
|
|
30
|
+
@$el.addClass "content"
|
|
31
|
+
@$el.attr 'id', @identifier
|
|
30
32
|
load: ->
|
|
31
33
|
options = @sandbox.util._.omit @options, 'el', 'ref', '_ref', 'name', 'require', 'baseUrl'
|
|
32
34
|
options = $.extend {}, defaults, options
|
|
@@ -39,6 +41,13 @@ define ->
|
|
|
39
41
|
# Will also initialize sandbox!
|
|
40
42
|
@html response
|
|
41
43
|
|
|
42
|
-
failed: ->
|
|
44
|
+
failed: (xhr) ->
|
|
45
|
+
if @sandbox.debug.enabled
|
|
46
|
+
html = "<h2>Content Widget: Failed to load Content</h2>"
|
|
47
|
+
html += xhr.responseText
|
|
48
|
+
html = html.replace /\n/g, '<br/>'
|
|
49
|
+
@html html
|
|
43
50
|
|
|
44
|
-
|
|
51
|
+
else
|
|
52
|
+
# TODO prettier message
|
|
53
|
+
html = "Failed to load content."
|
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
# TODO move to DeviseSessions controller and figure out how to set
|
|
2
2
|
# headers after a redirect. Or even, if this is the right approach
|
|
3
|
-
module
|
|
3
|
+
module CsrfExtensions
|
|
4
4
|
extend ActiveSupport::Concern
|
|
5
5
|
|
|
6
6
|
included do
|
|
7
|
-
before_filter :add_new_csrf_token, only: :show
|
|
8
7
|
|
|
9
8
|
private
|
|
10
9
|
def add_new_csrf_token
|
|
11
|
-
response.headers['X-CSRF-Token'] = form_authenticity_token
|
|
10
|
+
response.headers['X-CSRF-Token'] = form_authenticity_token if request.xhr?
|
|
12
11
|
end
|
|
13
12
|
end
|
|
14
13
|
end
|
data/lib/ende/version.rb
CHANGED
data/lib/ende.rb
CHANGED
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
require "ende/version"
|
|
2
2
|
|
|
3
|
+
# TODO add csrf extensions to autoloadpaths
|
|
4
|
+
require "ende/csrf_extensions"
|
|
5
|
+
|
|
3
6
|
module Ende
|
|
4
7
|
class Railtie < Rails::Railtie
|
|
5
|
-
|
|
6
8
|
config.to_prepare do
|
|
7
9
|
current_dir = Pathname.new(__FILE__).parent.parent
|
|
10
|
+
|
|
8
11
|
assets = Ende.assets
|
|
9
12
|
|
|
10
13
|
assets.paths << current_dir.join('lib', 'assets', 'javascripts').to_s
|
|
@@ -13,13 +16,26 @@ module Ende
|
|
|
13
16
|
# assets.paths << current_dir.join('vendor', 'assets', 'stylesheets').to_s uncomment if you use
|
|
14
17
|
end
|
|
15
18
|
|
|
16
|
-
# Check if devise exists and extend devise controllers to send
|
|
17
|
-
#
|
|
18
|
-
#
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
#
|
|
22
|
-
#
|
|
19
|
+
# Check if devise exists and extend devise controllers to send
|
|
20
|
+
# authenticity (csrf) token
|
|
21
|
+
# TODO move each extension to its own folder
|
|
22
|
+
initializer :csrf_extensions do |app|
|
|
23
|
+
app.config.to_prepare do
|
|
24
|
+
# TODO map devise configurations and seek for show route for
|
|
25
|
+
# each defined resource
|
|
26
|
+
if defined? UsersController
|
|
27
|
+
UsersController.class_eval do
|
|
28
|
+
include ::CsrfExtensions
|
|
29
|
+
after_action :add_new_csrf_token, only: :show
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
Devise::SessionsController.class_eval do
|
|
34
|
+
include ::CsrfExtensions
|
|
35
|
+
after_action :add_new_csrf_token, only: [:create, :destroy]
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
23
39
|
end
|
|
24
40
|
|
|
25
41
|
def Ende.load_widget_extensions
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ende
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.14
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Heitor Salazar
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-11-
|
|
11
|
+
date: 2013-11-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -119,7 +119,7 @@ files:
|
|
|
119
119
|
- lib/assets/stylesheets/sprite.styl
|
|
120
120
|
- lib/assets/stylesheets/ssprites.styl
|
|
121
121
|
- lib/ende.rb
|
|
122
|
-
- lib/ende/
|
|
122
|
+
- lib/ende/csrf_extensions.rb
|
|
123
123
|
- lib/ende/version.rb
|
|
124
124
|
- lib/tasks/.gitkeep
|
|
125
125
|
- lib/tasks/component.thor
|