entrance 0.0.1 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +142 -0
- data/lib/entrance/config.rb +40 -0
- data/lib/entrance/controller.rb +7 -3
- data/lib/entrance/model.rb +8 -4
- data/lib/entrance/version.rb +2 -2
- data/lib/entrance.rb +1 -63
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7854b9b5664f2f83c08fe0caa6a9edc1015921b2
|
4
|
+
data.tar.gz: 1837c76e8a619f050c27108007ccaf75cf0caf1c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 505d8c13735e3081caadea508eeb1cc7f5a7f0b1e38cdb0d1aecf435162697a33b6080ed173af97495d11d228d483a615acbb28bb0a911919723799f09b2d5ed
|
7
|
+
data.tar.gz: eaae0ff772e873994d9beea456feeef07c1efed3161ce7da3498a89da01f2addbc389b64ee6ce2469f2f4f7952f04a897eba033497d8ec281249fe0595371d1c
|
data/README.md
ADDED
@@ -0,0 +1,142 @@
|
|
1
|
+
Entrance
|
2
|
+
========
|
3
|
+
|
4
|
+
Clean, adaptable authentication library for Rails and Sinatra.
|
5
|
+
|
6
|
+
$ gem install entrance
|
7
|
+
|
8
|
+
Still in early phase, but it works. BCrypt and SHA1 (a-la Restful Auth) encryption are supported.
|
9
|
+
|
10
|
+
# Usage
|
11
|
+
|
12
|
+
``` rb
|
13
|
+
# in an intializer, e.g. config/initializers/entrance.rb
|
14
|
+
|
15
|
+
require 'entrance'
|
16
|
+
|
17
|
+
Entrance.configure do |config|
|
18
|
+
config.username_attr = 'email'
|
19
|
+
config.password_attr = 'password_hash' # make sure you map the right attribute name
|
20
|
+
config.access_denied_message_key = 'messages.access_denied'
|
21
|
+
config.remember_for = 1.month
|
22
|
+
end
|
23
|
+
|
24
|
+
# in your controller
|
25
|
+
|
26
|
+
class ApplicationController < ActionController::Base
|
27
|
+
include Entrance::Controller
|
28
|
+
|
29
|
+
before_filter :login_required
|
30
|
+
|
31
|
+
...
|
32
|
+
end
|
33
|
+
|
34
|
+
# in your model
|
35
|
+
|
36
|
+
class User
|
37
|
+
include Entrance::Model
|
38
|
+
|
39
|
+
...
|
40
|
+
end
|
41
|
+
```
|
42
|
+
|
43
|
+
Now, you're ready to roll.
|
44
|
+
|
45
|
+
``` rb
|
46
|
+
class SessionsController < ApplicationController
|
47
|
+
|
48
|
+
skip_before_filter :login_required
|
49
|
+
|
50
|
+
def new
|
51
|
+
# render login form
|
52
|
+
end
|
53
|
+
|
54
|
+
def create
|
55
|
+
if user = authenticate_and_login(params[:email], params[:password], params[:remember_me])
|
56
|
+
redirect_to '/app'
|
57
|
+
else
|
58
|
+
redirect_to :new, :notice => "Invalid credentials."
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
end
|
63
|
+
```
|
64
|
+
|
65
|
+
If you need more control, you can call directly the model's `.authenticate` method.
|
66
|
+
|
67
|
+
``` rb
|
68
|
+
def create
|
69
|
+
if user = User.authenticate(params[:email], params[:password]) and user.active?
|
70
|
+
remember = params[:remember_me] == '1'
|
71
|
+
login!(user, remember)
|
72
|
+
redirect_to '/app'
|
73
|
+
else
|
74
|
+
redirect_to :new, :notice => "Invalid credentials."
|
75
|
+
end
|
76
|
+
end
|
77
|
+
```
|
78
|
+
|
79
|
+
## Entrance::Config
|
80
|
+
|
81
|
+
All available options, along with their defaults.
|
82
|
+
|
83
|
+
``` rb
|
84
|
+
Entrance.configure do |config|
|
85
|
+
config.model = 'User'
|
86
|
+
config.cipher = Ciphers::BCrypt
|
87
|
+
config.secret = nil
|
88
|
+
config.stretches = 10
|
89
|
+
config.salt_attr = nil
|
90
|
+
config.username_attr = 'email'
|
91
|
+
config.password_attr = 'password_hash'
|
92
|
+
config.remember_token_attr = 'remember_token'
|
93
|
+
config.remember_until_attr = 'remember_token_expires_at'
|
94
|
+
config.reset_token_attr = 'reset_token'
|
95
|
+
config.reset_until_attr = 'reset_token_expires_at'
|
96
|
+
config.access_denied_redirect_to = '/'
|
97
|
+
config.access_denied_message_key = nil
|
98
|
+
config.reset_password_mailer = 'UserMailer'
|
99
|
+
config.reset_password_method = 'reset_password_request'
|
100
|
+
config.reset_password_window = 1.hour
|
101
|
+
config.remember_for = 2.weeks
|
102
|
+
config.cookie_domain = nil
|
103
|
+
config.cookie_secure = true
|
104
|
+
config.cookie_path = '/'
|
105
|
+
config.cookie_httponly = false
|
106
|
+
end
|
107
|
+
```
|
108
|
+
|
109
|
+
## Entrance::Controller
|
110
|
+
|
111
|
+
When including it into your controller, this module will provide the following methods:
|
112
|
+
|
113
|
+
- authenticate_and_login(username, password, remember_me = false)
|
114
|
+
- login!(user, remember_me = false)
|
115
|
+
- logout!
|
116
|
+
|
117
|
+
And the following helpers:
|
118
|
+
|
119
|
+
- current_user
|
120
|
+
- login_required
|
121
|
+
- logged_in?
|
122
|
+
- logged_out?
|
123
|
+
|
124
|
+
## Entrance::Model
|
125
|
+
|
126
|
+
Provides:
|
127
|
+
|
128
|
+
- .authenticate(username, password)
|
129
|
+
- #remember_me! and #forget_me!
|
130
|
+
- #password and #password=(value)
|
131
|
+
- #request_password_reset!
|
132
|
+
|
133
|
+
Author
|
134
|
+
======
|
135
|
+
|
136
|
+
Written by Tomás Pollak.
|
137
|
+
|
138
|
+
Copyright
|
139
|
+
=========
|
140
|
+
|
141
|
+
(c) Fork, Ltd. MIT Licensed.
|
142
|
+
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module Entrance
|
2
|
+
|
3
|
+
class Config
|
4
|
+
|
5
|
+
attr_accessor *%w(
|
6
|
+
model cipher secret stretches
|
7
|
+
username_attr password_attr salt_attr
|
8
|
+
remember_token_attr remember_until_attr reset_token_attr reset_until_attr
|
9
|
+
access_denied_redirect_to access_denied_message_key
|
10
|
+
reset_password_mailer reset_password_method reset_password_window remember_for
|
11
|
+
cookie_domain cookie_secure cookie_path cookie_httponly
|
12
|
+
)
|
13
|
+
|
14
|
+
def initialize
|
15
|
+
@model = 'User'
|
16
|
+
@cipher = Ciphers::BCrypt # or Ciphers::SHA1
|
17
|
+
@secret = nil
|
18
|
+
@stretches = 10
|
19
|
+
@salt_attr = nil
|
20
|
+
@username_attr = 'email'
|
21
|
+
@password_attr = 'password_hash'
|
22
|
+
@remember_token_attr = 'remember_token'
|
23
|
+
@remember_until_attr = 'remember_token_expires_at'
|
24
|
+
@reset_token_attr = 'reset_token'
|
25
|
+
@reset_until_attr = 'reset_token_expires_at'
|
26
|
+
@access_denied_redirect_to = '/'
|
27
|
+
@access_denied_message_key = nil # e.g. 'messages.access_denied'
|
28
|
+
@reset_password_mailer = 'UserMailer'
|
29
|
+
@reset_password_method = 'reset_password_request'
|
30
|
+
@reset_password_window = 1.hour
|
31
|
+
@remember_for = 2.weeks
|
32
|
+
@cookie_domain = nil
|
33
|
+
@cookie_secure = true
|
34
|
+
@cookie_path = '/'
|
35
|
+
@cookie_httponly = false
|
36
|
+
end
|
37
|
+
|
38
|
+
end
|
39
|
+
|
40
|
+
end
|
data/lib/entrance/controller.rb
CHANGED
@@ -67,7 +67,11 @@ module Entrance
|
|
67
67
|
if request.xhr?
|
68
68
|
render :nothing => true, :status => 401
|
69
69
|
else
|
70
|
-
|
70
|
+
if Entrance.config.access_denied_message_key
|
71
|
+
flash[:notice] = I18n.t(Entrance.config.access_denied_message_key)
|
72
|
+
else
|
73
|
+
flash[:notice] = 'Access denied.'
|
74
|
+
end
|
71
75
|
redirect_to Entrance.config.access_denied_redirect_to
|
72
76
|
end
|
73
77
|
end
|
@@ -90,7 +94,7 @@ module Entrance
|
|
90
94
|
end
|
91
95
|
|
92
96
|
def store_location
|
93
|
-
session[:return_to] = request.request_uri
|
97
|
+
session[:return_to] = request.path # request.request_uri
|
94
98
|
end
|
95
99
|
|
96
100
|
def redirect_to_stored_or(default_path)
|
@@ -117,7 +121,7 @@ module Entrance
|
|
117
121
|
|
118
122
|
def delete_remember_cookie
|
119
123
|
cookies.delete(REMEMBER_ME_TOKEN)
|
120
|
-
# cookies.delete(REMEMBER_ME_TOKEN, :domain =>
|
124
|
+
# cookies.delete(REMEMBER_ME_TOKEN, :domain => Entrance.config.cookie_domain)
|
121
125
|
end
|
122
126
|
|
123
127
|
# def cookies
|
data/lib/entrance/model.rb
CHANGED
@@ -33,8 +33,9 @@ module Model
|
|
33
33
|
|
34
34
|
query = {}
|
35
35
|
query[Entrance.config.reset_token_attr] = token.strip
|
36
|
-
if u = where(query).first
|
37
|
-
|
36
|
+
if u = where(query).first \
|
37
|
+
and (!Doorman.config.reset_until_attr || u.send(Doorman.config.reset_until_attr) > Time.now)
|
38
|
+
return u
|
38
39
|
end
|
39
40
|
end
|
40
41
|
|
@@ -80,9 +81,12 @@ module Model
|
|
80
81
|
|
81
82
|
def request_password_reset!
|
82
83
|
send(Entrance.config.reset_token_attr + '=', Entrance.generate_token)
|
83
|
-
|
84
|
+
if Doorman.config.reset_until_attr
|
85
|
+
update_attribute(Entrance.config.reset_until_attr, Entrance.config.reset_password_window.from_now)
|
86
|
+
end
|
84
87
|
if save(:validate => false)
|
85
|
-
Entrance.config.
|
88
|
+
method = Entrance.config.reset_password_method
|
89
|
+
Entrance.config.reset_password_mailer.constantize.send(method, self).deliver
|
86
90
|
end
|
87
91
|
end
|
88
92
|
|
data/lib/entrance/version.rb
CHANGED
data/lib/entrance.rb
CHANGED
@@ -1,38 +1,11 @@
|
|
1
|
-
####################################
|
2
|
-
# Entrance
|
3
|
-
#
|
4
|
-
# By Tomas Pollak
|
5
|
-
# Simple Ruby Authentication Library
|
6
|
-
###################################
|
7
|
-
|
8
|
-
=begin
|
9
|
-
|
10
|
-
In your controller:
|
11
|
-
include Entrance::Controller
|
12
|
-
|
13
|
-
- Provides authenticate_and_login, login!(user), logout! methods
|
14
|
-
- Provices login_required, logged_in? and logged_out? helpers
|
15
|
-
|
16
|
-
In your model:
|
17
|
-
|
18
|
-
include Entrance::Model
|
19
|
-
|
20
|
-
- Provides Model.authenticate(username, password)
|
21
|
-
- Provices Model#remember_me! and Model#forget_me!
|
22
|
-
- Provides Model#password getter and setter
|
23
|
-
- Provides Model#request_password_reset!
|
24
|
-
=end
|
25
|
-
|
26
1
|
require 'entrance/controller'
|
27
2
|
require 'entrance/model'
|
28
3
|
require 'entrance/ciphers'
|
29
4
|
|
30
|
-
require 'active_support/time'
|
5
|
+
require 'active_support/core_ext/numeric/time'
|
31
6
|
|
32
7
|
module Entrance
|
33
8
|
|
34
|
-
REMEMBER_ME_TOKEN = 'auth_token'
|
35
|
-
|
36
9
|
def self.config
|
37
10
|
@config ||= Config.new
|
38
11
|
end
|
@@ -45,39 +18,4 @@ module Entrance
|
|
45
18
|
SecureRandom.hex(length/2).encode('UTF-8')
|
46
19
|
end
|
47
20
|
|
48
|
-
class Config
|
49
|
-
|
50
|
-
attr_accessor *%w(
|
51
|
-
model mailer_class cipher secret stretches
|
52
|
-
username_attr password_attr salt_attr
|
53
|
-
remember_token_attr remember_until_attr reset_token_attr reset_until_attr
|
54
|
-
access_denied_redirect_to access_denied_message_key reset_password_window remember_for
|
55
|
-
cookie_domain cookie_secure cookie_path cookie_httponly
|
56
|
-
)
|
57
|
-
|
58
|
-
def initialize
|
59
|
-
@model = 'User'
|
60
|
-
@mailer_class = 'UserMailer'
|
61
|
-
@cipher = Ciphers::SHA1
|
62
|
-
@secret = nil
|
63
|
-
@stretches = 1
|
64
|
-
@username_attr = 'email'
|
65
|
-
@password_attr = 'password_hash'
|
66
|
-
@salt_attr = nil
|
67
|
-
@remember_token_attr = 'remember_token'
|
68
|
-
@remember_until_attr = 'remember_token_expires_at'
|
69
|
-
@reset_token_attr = 'reset_token'
|
70
|
-
@reset_until_attr = 'reset_token_expires_at'
|
71
|
-
@access_denied_redirect_to = '/'
|
72
|
-
@access_denied_message_key = 'messages.access_denied'
|
73
|
-
@reset_password_window = 1.hour
|
74
|
-
@remember_for = 2.weeks
|
75
|
-
@cookie_domain = nil
|
76
|
-
@cookie_secure = true
|
77
|
-
@cookie_path = '/'
|
78
|
-
@cookie_httponly = false
|
79
|
-
end
|
80
|
-
|
81
|
-
end
|
82
|
-
|
83
21
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: entrance
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tomás Pollak
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-09-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bcrypt
|
@@ -46,10 +46,12 @@ extensions: []
|
|
46
46
|
extra_rdoc_files: []
|
47
47
|
files:
|
48
48
|
- ".gitignore"
|
49
|
+
- README.md
|
49
50
|
- Rakefile
|
50
51
|
- entrance.gemspec
|
51
52
|
- lib/entrance.rb
|
52
53
|
- lib/entrance/ciphers.rb
|
54
|
+
- lib/entrance/config.rb
|
53
55
|
- lib/entrance/controller.rb
|
54
56
|
- lib/entrance/model.rb
|
55
57
|
- lib/entrance/version.rb
|
@@ -77,3 +79,4 @@ signing_key:
|
|
77
79
|
specification_version: 4
|
78
80
|
summary: Lean authentication alternative for Rails and Sinatra.
|
79
81
|
test_files: []
|
82
|
+
has_rdoc:
|