entrance 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/entrance.gemspec +1 -1
- data/examples/rails-app/.gitignore +16 -0
- data/examples/rails-app/Gemfile +6 -0
- data/examples/rails-app/Gemfile.lock +96 -0
- data/examples/rails-app/README.rdoc +28 -0
- data/examples/rails-app/Rakefile +6 -0
- data/examples/rails-app/app/assets/images/.keep +0 -0
- data/examples/rails-app/app/assets/javascripts/application.js +16 -0
- data/examples/rails-app/app/assets/stylesheets/application.css +13 -0
- data/examples/rails-app/app/controllers/application_controller.rb +6 -0
- data/examples/rails-app/app/controllers/concerns/.keep +0 -0
- data/examples/rails-app/app/controllers/sessions_controller.rb +25 -0
- data/examples/rails-app/app/controllers/users_controller.rb +24 -0
- data/examples/rails-app/app/controllers/welcome_controller.rb +7 -0
- data/examples/rails-app/app/helpers/application_helper.rb +2 -0
- data/examples/rails-app/app/mailers/.keep +0 -0
- data/examples/rails-app/app/models/.keep +0 -0
- data/examples/rails-app/app/models/concerns/.keep +0 -0
- data/examples/rails-app/app/models/user.rb +3 -0
- data/examples/rails-app/app/views/layouts/application.html.erb +19 -0
- data/examples/rails-app/app/views/sessions/new.html.erb +29 -0
- data/examples/rails-app/app/views/users/new.html.erb +32 -0
- data/examples/rails-app/app/views/welcome/index.html.erb +3 -0
- data/examples/rails-app/bin/bundle +3 -0
- data/examples/rails-app/bin/rails +4 -0
- data/examples/rails-app/bin/rake +4 -0
- data/examples/rails-app/config/application.rb +24 -0
- data/examples/rails-app/config/boot.rb +4 -0
- data/examples/rails-app/config/database.yml +25 -0
- data/examples/rails-app/config/environment.rb +5 -0
- data/examples/rails-app/config/environments/development.rb +29 -0
- data/examples/rails-app/config/environments/production.rb +80 -0
- data/examples/rails-app/config/environments/test.rb +36 -0
- data/examples/rails-app/config/initializers/backtrace_silencers.rb +7 -0
- data/examples/rails-app/config/initializers/entrance.rb +9 -0
- data/examples/rails-app/config/initializers/filter_parameter_logging.rb +4 -0
- data/examples/rails-app/config/initializers/inflections.rb +16 -0
- data/examples/rails-app/config/initializers/mime_types.rb +5 -0
- data/examples/rails-app/config/initializers/secret_token.rb +12 -0
- data/examples/rails-app/config/initializers/session_store.rb +3 -0
- data/examples/rails-app/config/initializers/wrap_parameters.rb +14 -0
- data/examples/rails-app/config/locales/en.yml +23 -0
- data/examples/rails-app/config/routes.rb +12 -0
- data/examples/rails-app/config.ru +4 -0
- data/examples/rails-app/db/migrate/20150107032724_create_users.rb +21 -0
- data/examples/rails-app/db/schema.rb +28 -0
- data/examples/rails-app/db/seeds.rb +7 -0
- data/examples/rails-app/lib/assets/.keep +0 -0
- data/examples/rails-app/lib/tasks/.keep +0 -0
- data/examples/rails-app/log/.keep +0 -0
- data/examples/rails-app/public/404.html +58 -0
- data/examples/rails-app/public/422.html +58 -0
- data/examples/rails-app/public/500.html +57 -0
- data/examples/rails-app/public/favicon.ico +0 -0
- data/examples/rails-app/public/robots.txt +5 -0
- data/examples/rails-app/test/controllers/.keep +0 -0
- data/examples/rails-app/test/fixtures/.keep +0 -0
- data/examples/rails-app/test/fixtures/users.yml +11 -0
- data/examples/rails-app/test/helpers/.keep +0 -0
- data/examples/rails-app/test/integration/.keep +0 -0
- data/examples/rails-app/test/mailers/.keep +0 -0
- data/examples/rails-app/test/models/.keep +0 -0
- data/examples/rails-app/test/models/user_test.rb +7 -0
- data/examples/rails-app/test/test_helper.rb +15 -0
- data/examples/rails-app/vendor/assets/javascripts/.keep +0 -0
- data/examples/rails-app/vendor/assets/stylesheets/.keep +0 -0
- data/lib/entrance/ciphers.rb +7 -5
- data/lib/entrance/config.rb +21 -2
- data/lib/entrance/controller.rb +67 -27
- data/lib/entrance/model.rb +122 -75
- data/lib/entrance/version.rb +2 -2
- data/lib/entrance.rb +6 -0
- metadata +128 -46
- checksums.yaml +0 -7
@@ -0,0 +1,12 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Your secret key is used for verifying the integrity of signed cookies.
|
4
|
+
# If you change this key, all old signed cookies will become invalid!
|
5
|
+
|
6
|
+
# Make sure the secret is at least 30 characters and all random,
|
7
|
+
# no regular words or you'll be exposed to dictionary attacks.
|
8
|
+
# You can use `rake secret` to generate a secure secret key.
|
9
|
+
|
10
|
+
# Make sure your secret_key_base is kept private
|
11
|
+
# if you're sharing your code publicly.
|
12
|
+
RailsApp::Application.config.secret_key_base = 'c201e15ab7b6b117cc24f351cd3d19903ad98e80066bffe0903f50361278804ac891e0b192264f22f2dde1f5fed86d2cc5aa2bb8b31ea22f22699df0c4f0923f'
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# This file contains settings for ActionController::ParamsWrapper which
|
4
|
+
# is enabled by default.
|
5
|
+
|
6
|
+
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
|
7
|
+
ActiveSupport.on_load(:action_controller) do
|
8
|
+
wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
|
9
|
+
end
|
10
|
+
|
11
|
+
# To enable root element in JSON for ActiveRecord objects.
|
12
|
+
# ActiveSupport.on_load(:active_record) do
|
13
|
+
# self.include_root_in_json = true
|
14
|
+
# end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# Files in the config/locales directory are used for internationalization
|
2
|
+
# and are automatically loaded by Rails. If you want to use locales other
|
3
|
+
# than English, add the necessary files in this directory.
|
4
|
+
#
|
5
|
+
# To use the locales, use `I18n.t`:
|
6
|
+
#
|
7
|
+
# I18n.t 'hello'
|
8
|
+
#
|
9
|
+
# In views, this is aliased to just `t`:
|
10
|
+
#
|
11
|
+
# <%= t('hello') %>
|
12
|
+
#
|
13
|
+
# To use a different locale, set it with `I18n.locale`:
|
14
|
+
#
|
15
|
+
# I18n.locale = :es
|
16
|
+
#
|
17
|
+
# This would use the information in config/locales/es.yml.
|
18
|
+
#
|
19
|
+
# To learn more, please read the Rails Internationalization guide
|
20
|
+
# available at http://guides.rubyonrails.org/i18n.html.
|
21
|
+
|
22
|
+
en:
|
23
|
+
hello: "Hello world"
|
@@ -0,0 +1,21 @@
|
|
1
|
+
class CreateUsers < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table :users do |t|
|
4
|
+
t.string :name
|
5
|
+
|
6
|
+
# email/password
|
7
|
+
t.string :email, :unique => true
|
8
|
+
t.string :password_hash
|
9
|
+
|
10
|
+
# 'remember me' support
|
11
|
+
t.string :remember_token
|
12
|
+
t.datetime :remember_token_expires_at
|
13
|
+
|
14
|
+
# reset password support
|
15
|
+
t.string :reset_token
|
16
|
+
t.datetime :reset_token_expires_at
|
17
|
+
|
18
|
+
t.timestamps
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
# This file is auto-generated from the current state of the database. Instead
|
3
|
+
# of editing this file, please use the migrations feature of Active Record to
|
4
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
5
|
+
#
|
6
|
+
# Note that this schema.rb definition is the authoritative source for your
|
7
|
+
# database schema. If you need to create the application database on another
|
8
|
+
# system, you should be using db:schema:load, not running all the migrations
|
9
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
10
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
11
|
+
#
|
12
|
+
# It's strongly recommended that you check this file into your version control system.
|
13
|
+
|
14
|
+
ActiveRecord::Schema.define(version: 20150107032724) do
|
15
|
+
|
16
|
+
create_table "users", force: true do |t|
|
17
|
+
t.string "name"
|
18
|
+
t.string "email"
|
19
|
+
t.string "password_hash"
|
20
|
+
t.string "remember_token"
|
21
|
+
t.datetime "remember_token_expires_at"
|
22
|
+
t.string "reset_token"
|
23
|
+
t.datetime "reset_token_expires_at"
|
24
|
+
t.datetime "created_at"
|
25
|
+
t.datetime "updated_at"
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# This file should contain all the record creation needed to seed the database with its default values.
|
2
|
+
# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
|
3
|
+
#
|
4
|
+
# Examples:
|
5
|
+
#
|
6
|
+
# cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
|
7
|
+
# Mayor.create(name: 'Emanuel', city: cities.first)
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,58 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The page you were looking for doesn't exist (404)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/404.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>The page you were looking for doesn't exist.</h1>
|
54
|
+
<p>You may have mistyped the address or the page may have moved.</p>
|
55
|
+
</div>
|
56
|
+
<p>If you are the application owner check the logs for more information.</p>
|
57
|
+
</body>
|
58
|
+
</html>
|
@@ -0,0 +1,58 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The change you wanted was rejected (422)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/422.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>The change you wanted was rejected.</h1>
|
54
|
+
<p>Maybe you tried to change something you didn't have access to.</p>
|
55
|
+
</div>
|
56
|
+
<p>If you are the application owner check the logs for more information.</p>
|
57
|
+
</body>
|
58
|
+
</html>
|
@@ -0,0 +1,57 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/500.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>We're sorry, but something went wrong.</h1>
|
54
|
+
</div>
|
55
|
+
<p>If you are the application owner check the logs for more information.</p>
|
56
|
+
</body>
|
57
|
+
</html>
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
2
|
+
|
3
|
+
# This model initially had no columns defined. If you add columns to the
|
4
|
+
# model remove the '{}' from the fixture names and add the columns immediately
|
5
|
+
# below each fixture, per the syntax in the comments below
|
6
|
+
#
|
7
|
+
one: {}
|
8
|
+
# column: value
|
9
|
+
#
|
10
|
+
two: {}
|
11
|
+
# column: value
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
ENV["RAILS_ENV"] ||= "test"
|
2
|
+
require File.expand_path('../../config/environment', __FILE__)
|
3
|
+
require 'rails/test_help'
|
4
|
+
|
5
|
+
class ActiveSupport::TestCase
|
6
|
+
ActiveRecord::Migration.check_pending!
|
7
|
+
|
8
|
+
# Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
|
9
|
+
#
|
10
|
+
# Note: You'll currently still have to declare fixtures explicitly in integration tests
|
11
|
+
# -- they do not yet inherit this setting
|
12
|
+
fixtures :all
|
13
|
+
|
14
|
+
# Add more helper methods to be used by all tests here...
|
15
|
+
end
|
File without changes
|
File without changes
|
data/lib/entrance/ciphers.rb
CHANGED
@@ -9,8 +9,8 @@ module Entrance
|
|
9
9
|
|
10
10
|
JOIN_STRING = '--'
|
11
11
|
|
12
|
-
def self.
|
13
|
-
|
12
|
+
def self.match?(stored, given, salt = nil)
|
13
|
+
stored === encrypt(given, salt)
|
14
14
|
end
|
15
15
|
|
16
16
|
# same logic as restful authentication
|
@@ -30,12 +30,14 @@ module Entrance
|
|
30
30
|
|
31
31
|
module BCrypt
|
32
32
|
|
33
|
-
|
34
|
-
|
33
|
+
# https://github.com/codahale/bcrypt-ruby
|
34
|
+
def self.match?(stored, given, salt = nil)
|
35
|
+
::BCrypt::Password.new(stored) == given
|
36
|
+
# ::BCrypt::Password.new(stored) == encrypt(given)
|
35
37
|
end
|
36
38
|
|
37
39
|
def self.encrypt(password, salt = nil)
|
38
|
-
BCrypt::Password.create(password)
|
40
|
+
::BCrypt::Password.create(password)
|
39
41
|
end
|
40
42
|
|
41
43
|
end
|
data/lib/entrance/config.rb
CHANGED
@@ -4,7 +4,7 @@ module Entrance
|
|
4
4
|
|
5
5
|
attr_accessor *%w(
|
6
6
|
model cipher secret stretches
|
7
|
-
username_attr password_attr salt_attr
|
7
|
+
unique_key username_attr password_attr salt_attr
|
8
8
|
remember_token_attr remember_until_attr reset_token_attr reset_until_attr
|
9
9
|
access_denied_redirect_to access_denied_message_key
|
10
10
|
reset_password_mailer reset_password_method reset_password_window remember_for
|
@@ -13,10 +13,11 @@ module Entrance
|
|
13
13
|
|
14
14
|
def initialize
|
15
15
|
@model = 'User'
|
16
|
-
@cipher = Ciphers::BCrypt # or Ciphers::SHA1
|
16
|
+
@cipher = Entrance::Ciphers::BCrypt # or Entrance::Ciphers::SHA1
|
17
17
|
@secret = nil
|
18
18
|
@stretches = 10
|
19
19
|
@salt_attr = nil
|
20
|
+
@unique_key = 'id'
|
20
21
|
@username_attr = 'email'
|
21
22
|
@password_attr = 'password_hash'
|
22
23
|
@remember_token_attr = 'remember_token'
|
@@ -35,6 +36,24 @@ module Entrance
|
|
35
36
|
@cookie_httponly = false
|
36
37
|
end
|
37
38
|
|
39
|
+
def validate!
|
40
|
+
if cipher == Ciphers::SHA1 && secret.nil?
|
41
|
+
raise "The SHA1 cipher requires a valid config.secret to be set."
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def can?(what, val = nil)
|
46
|
+
if val
|
47
|
+
instance_variable_set("@can_#{what}", val)
|
48
|
+
else
|
49
|
+
!!instance_variable_get("@can_#{what}")
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
def permit!(option)
|
54
|
+
raise "#{option} is disabled!" unless can?(option)
|
55
|
+
end
|
56
|
+
|
38
57
|
end
|
39
58
|
|
40
59
|
end
|
data/lib/entrance/controller.rb
CHANGED
@@ -9,7 +9,7 @@ module Entrance
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def authenticate_and_login(username, password, remember_me = false)
|
12
|
-
if user = Entrance.
|
12
|
+
if user = Entrance.model.authenticate(username, password)
|
13
13
|
login!(user, remember_me)
|
14
14
|
user
|
15
15
|
end
|
@@ -17,18 +17,19 @@ module Entrance
|
|
17
17
|
|
18
18
|
def login!(user, remember_me = false)
|
19
19
|
self.current_user = user
|
20
|
-
remember_or_forget(remember_me)
|
20
|
+
remember_or_forget(remember_me) if Entrance.config.can?(:remember)
|
21
21
|
end
|
22
22
|
|
23
23
|
def logout!
|
24
24
|
if logged_in?
|
25
|
-
current_user.forget_me!
|
25
|
+
current_user.forget_me! if Entrance.config.can?(:remember)
|
26
26
|
self.current_user = nil
|
27
27
|
end
|
28
|
-
delete_remember_cookie
|
28
|
+
delete_remember_cookie if Entrance.config.can?(:remember)
|
29
29
|
end
|
30
30
|
|
31
|
-
def login_required
|
31
|
+
def login_required(opts = {})
|
32
|
+
return if opts[:except] and opts[:except].include?(request.path_info)
|
32
33
|
logged_in? || access_denied
|
33
34
|
end
|
34
35
|
|
@@ -46,13 +47,16 @@ module Entrance
|
|
46
47
|
|
47
48
|
private
|
48
49
|
|
50
|
+
# new_user may be nil (when logging out) or an instance of the Entrance.model class
|
49
51
|
def current_user=(new_user)
|
50
|
-
raise "Invalid user: #{new_user}" unless new_user.nil? or new_user.is_a?(Entrance.
|
51
|
-
session[:user_id] = new_user ? new_user.
|
52
|
+
raise "Invalid user: #{new_user}" unless new_user.nil? or new_user.is_a?(Entrance.model)
|
53
|
+
session[:user_id] = new_user ? new_user.send(Entrance.config.unique_key) : nil
|
52
54
|
@current_user = new_user # should be nil when logging out
|
53
55
|
end
|
54
56
|
|
55
57
|
def remember_or_forget(remember_me)
|
58
|
+
Entrance.config.permit!(:remember)
|
59
|
+
|
56
60
|
if remember_me
|
57
61
|
current_user.remember_me!
|
58
62
|
set_remember_cookie
|
@@ -65,27 +69,23 @@ module Entrance
|
|
65
69
|
def access_denied
|
66
70
|
store_location
|
67
71
|
if request.xhr?
|
68
|
-
|
72
|
+
return_401
|
69
73
|
else
|
70
|
-
if
|
71
|
-
|
72
|
-
else
|
73
|
-
flash[:notice] = 'Access denied.'
|
74
|
-
end
|
75
|
-
redirect_to Entrance.config.access_denied_redirect_to
|
74
|
+
set_flash_message if respond_to?(:flash)
|
75
|
+
common_redirect(Entrance.config.access_denied_redirect_to)
|
76
76
|
end
|
77
77
|
end
|
78
78
|
|
79
79
|
def login_from_session
|
80
|
-
self.current_user =
|
80
|
+
self.current_user = Entrance.model.where(session[:user_id]).first if session[:user_id]
|
81
81
|
end
|
82
82
|
|
83
83
|
def login_from_cookie
|
84
|
-
return unless cookies[REMEMBER_ME_TOKEN]
|
84
|
+
return unless Entrance.config.can?(:remember) && request.cookies[REMEMBER_ME_TOKEN]
|
85
85
|
|
86
86
|
query = {}
|
87
|
-
query[Entrance.config.remember_token_attr] = cookies[REMEMBER_ME_TOKEN]
|
88
|
-
if user =
|
87
|
+
query[Entrance.config.remember_token_attr] = request.cookies[REMEMBER_ME_TOKEN]
|
88
|
+
if user = Entrance.model.where(query).first \
|
89
89
|
and user.send(Entrance.config.remember_until_attr) > Time.now
|
90
90
|
self.current_user = user
|
91
91
|
# user.update_remember_token_expiration!
|
@@ -94,16 +94,16 @@ module Entrance
|
|
94
94
|
end
|
95
95
|
|
96
96
|
def store_location
|
97
|
-
session[:return_to] = request.
|
97
|
+
session[:return_to] = request.fullpath
|
98
98
|
end
|
99
99
|
|
100
100
|
def redirect_to_stored_or(default_path)
|
101
|
-
|
101
|
+
common_redirect(session[:return_to] || default_path)
|
102
102
|
session[:return_to] = nil
|
103
103
|
end
|
104
104
|
|
105
105
|
def redirect_to_back_or(default_path)
|
106
|
-
|
106
|
+
common_redirect(request.env['HTTP_REFERER'] || default_path)
|
107
107
|
end
|
108
108
|
|
109
109
|
def set_remember_cookie
|
@@ -116,17 +116,57 @@ module Entrance
|
|
116
116
|
}
|
117
117
|
values[:domain] = Entrance.config.cookie_domain if Entrance.config.cookie_domain
|
118
118
|
|
119
|
-
|
119
|
+
set_cookie!(REMEMBER_ME_TOKEN, values)
|
120
120
|
end
|
121
121
|
|
122
122
|
def delete_remember_cookie
|
123
|
-
|
124
|
-
|
123
|
+
delete_cookie!(REMEMBER_ME_TOKEN)
|
124
|
+
end
|
125
|
+
|
126
|
+
############################################
|
127
|
+
# compat stuff between rails & sinatra
|
128
|
+
|
129
|
+
def set_cookie!(name, cookie)
|
130
|
+
if respond_to?(:cookie)
|
131
|
+
cookies[name] = cookie
|
132
|
+
else
|
133
|
+
response.set_cookie(name, cookie)
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
def delete_cookie!(name)
|
138
|
+
if respond_to?(:cookie)
|
139
|
+
cookies.delete(name)
|
140
|
+
else
|
141
|
+
response.delete_cookie(name)
|
142
|
+
end
|
125
143
|
end
|
126
144
|
|
127
|
-
|
128
|
-
|
129
|
-
|
145
|
+
def return_401
|
146
|
+
if respond_to?(:halt) # sinatra
|
147
|
+
halt(401)
|
148
|
+
else # rails
|
149
|
+
render :nothing => true, :status => 401
|
150
|
+
end
|
151
|
+
end
|
152
|
+
|
153
|
+
def set_flash_message
|
154
|
+
return unless respond_to?(:flash)
|
155
|
+
|
156
|
+
if Entrance.config.access_denied_message_key
|
157
|
+
flash[:notice] = I18n.t(Entrance.config.access_denied_message_key)
|
158
|
+
else
|
159
|
+
flash[:notice] = 'Access denied.'
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
163
|
+
def common_redirect(url)
|
164
|
+
if respond_to?(:redirect)
|
165
|
+
redirect(to(url)) # sinatra
|
166
|
+
else
|
167
|
+
redirect_to(url) # rails
|
168
|
+
end
|
169
|
+
end
|
130
170
|
|
131
171
|
end
|
132
172
|
|