entrance 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3320468261098d87b1536592f636be4d39b25403
+  data.tar.gz: f3b36768c497d6af747677461693920860a52c71
+SHA512:
+  metadata.gz: e6169c56830fe1d3d430c854d2b0847c70d8776fc634bf0b72bfbf9124fedc0bb808a89cbc57d0bffdddcfe901697c474786703416c056d85c48985d36d9c06d
+  data.tar.gz: 3aa89b3005787082ae19173da9e8ba64135e9bc1521e49f1ed06ad5466d885b983c34a56d615906710b6d2e9c7d0a807f2b3adf60309c628c41e8f8a310a7872

data/.gitignore

@@ -0,0 +1 @@
+.DS_Store

data/Rakefile

@@ -0,0 +1,2 @@
+require 'bundler'
+Bundler::GemHelper.install_tasks

data/entrance.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path("../lib/entrance/version", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name        = "entrance"
+  s.version     = Entrance::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ['Tomás Pollak']
+  s.email       = ['tomas@forkhq.com']
+  s.homepage    = "https://github.com/tomas/entrance"
+  s.summary     = "Lean authentication alternative for Rails and Sinatra."
+  s.description = "Doesn't fiddle with your controllers and routes."
+
+  s.required_rubygems_version = ">= 1.3.6"
+  s.rubyforge_project         = "entrance"
+  
+  s.add_runtime_dependency "bcrypt", "~> 3.0"
+  s.add_runtime_dependency "activesupport", "~> 3.0"
+
+  s.files        = `git ls-files`.split("\n")
+  s.executables  = `git ls-files`.split("\n").map{|f| f =~ /^bin\/(.*)/ ? $1 : nil}.compact
+  s.require_path = 'lib'
+  # s.bindir       = 'bin'
+end

data/lib/entrance/ciphers.rb

@@ -0,0 +1,45 @@
+require 'digest/sha1'
+require 'bcrypt'
+
+module Entrance
+
+  module Ciphers
+
+    module SHA1
+
+      JOIN_STRING = '--'
+
+      def self.read(password)
+        password
+      end
+
+      # same logic as restful authentication
+      def self.encrypt(password, salt)
+        digest = Entrance.config.secret
+        raise "Secret not set!" if digest.blank?
+
+        Entrance.config.stretches.times do
+          str = [digest, salt, password, Entrance.config.secret].join(JOIN_STRING)
+          digest = Digest::SHA1.hexdigest(str)
+        end
+
+        digest
+      end
+
+    end
+
+    module BCrypt
+
+      def self.read(password)
+        BCrypt::Password.new(password)
+      end
+
+      def self.encrypt(password, salt = nil)
+        BCrypt::Password.create(password)
+      end
+
+    end
+
+  end
+
+end

data/lib/entrance/controller.rb

@@ -0,0 +1,129 @@
+module Entrance
+
+  module Controller
+    
+    REMEMBER_ME_TOKEN = 'auth_token'.freeze
+
+    def self.included(base)
+      base.send(:helper_method, :current_user, :logged_in?, :logged_out?) if base.respond_to?(:helper_method)
+    end
+
+    def authenticate_and_login(username, password, remember_me = false)
+      if user = Entrance.config.model.constantize.authenticate(username, password)
+        login!(user, remember_me)
+        user
+      end
+    end
+
+    def login!(user, remember_me = false)
+      self.current_user = user
+      remember_or_forget(remember_me)
+    end
+
+    def logout!
+      if logged_in?
+        current_user.forget_me!
+        self.current_user = nil
+      end
+      delete_remember_cookie
+    end
+
+    def login_required
+      logged_in? || access_denied
+    end
+
+    def current_user
+      @current_user ||= (login_from_session || login_from_cookie)
+    end
+
+    def logged_in?
+      !!current_user
+    end
+
+    def logged_out?
+      !logged_in?
+    end
+
+    private
+
+    def current_user=(new_user)
+      raise "Invalid user: #{new_user}" unless new_user.nil? or new_user.is_a?(Entrance.config.model.constantize)
+      session[:user_id] = new_user ? new_user.id : nil
+      @current_user = new_user # should be nil when logging out
+    end
+
+    def remember_or_forget(remember_me)
+      if remember_me
+        current_user.remember_me!
+        set_remember_cookie
+      else
+        current_user.forget_me!
+        delete_remember_cookie
+      end
+    end
+
+    def access_denied
+      store_location
+      if request.xhr?
+        render :nothing => true, :status => 401
+      else
+        flash[:notice] = I18n.t(Entrance.config.access_denied_message_key)
+        redirect_to Entrance.config.access_denied_redirect_to
+      end
+    end
+
+    def login_from_session
+      self.current_user = User.find(session[:user_id]) if session[:user_id]
+    end
+
+    def login_from_cookie
+      return unless cookies[REMEMBER_ME_TOKEN]
+
+      query = {}
+      query[Entrance.config.remember_token_attr] = cookies[REMEMBER_ME_TOKEN]
+      if user = User.where(query).first \
+        and user.send(Entrance.config.remember_until_attr) > Time.now
+          self.current_user = user
+          # user.update_remember_token_expiration!
+          user
+      end
+    end
+
+    def store_location
+      session[:return_to] = request.request_uri
+    end
+
+    def redirect_to_stored_or(default_path)
+      redirect_to(session[:return_to] || default_path)
+      session[:return_to] = nil
+    end
+
+    def redirect_to_back_or(default_path)
+      redirect_to(request.env['HTTP_REFERER'] || default_path)
+    end
+
+    def set_remember_cookie
+      values = {
+        :expires  => Entrance.config.remember_for.from_now,
+        :httponly => Entrance.config.cookie_httponly,
+        :path     => Entrance.config.cookie_path,
+        :secure   => Entrance.config.cookie_secure,
+        :value    => current_user.send(Entrance.config.remember_token_attr)
+      }
+      values[:domain] = Entrance.config.cookie_domain if Entrance.config.cookie_domain
+
+      cookies[REMEMBER_ME_TOKEN] = values
+    end
+
+    def delete_remember_cookie
+      cookies.delete(REMEMBER_ME_TOKEN)
+      # cookies.delete(REMEMBER_ME_TOKEN, :domain => AppConfig.cookie_domain)
+    end
+
+#    def cookies
+#      @cookies ||= @env['action_dispatch.cookies'] || Rack::Request.new(@env).cookies
+#    end
+
+  end
+
+end

data/lib/entrance/model.rb

@@ -0,0 +1,103 @@
+require 'active_support/concern'
+
+module Model
+  extend ActiveSupport::Concern
+
+  included do
+    # verify that username/password attributes are present
+    attrs = Entrance.config.model.constantize.columns.collect(&:name)
+    %w(username_attr password_attr).each do |key|
+      attr = Entrance.config.send(key)
+      raise "Couldn't find '#{attr}' in #{Entrance.config.model} model." unless attrs.include?(attr)
+    end
+
+    validates :password, :presence => true, :length => 6..32, :if => :password_required?
+    validates :password, :confirmation => true, :if => :password_required?
+    validates :password_confirmation, :presence => true, :if => :password_required?
+  end
+
+  module ClassMethods
+
+    def authenticate(username, password)
+      return if username.blank? or password.blank?
+
+      query = {}
+      query[Entrance.config.username_attr] = username.downcase.strip
+      if u = where(query).first
+        return u.authenticated?(password) ? u : nil
+      end
+    end
+
+    def with_password_reset_token(token)
+      return if token.blank?
+
+      query = {}
+      query[Entrance.config.reset_token_attr] = token.strip
+      if u = where(query).first and u.send(Entrance.config.reset_until_attr) > Time.now
+        return u
+      end
+    end
+
+  end
+
+  def authenticated?(string)
+    password === encrypt_password(string)
+  end
+
+  def remember_me!(until_date = nil)
+    update_attribute(Entrance.config.remember_token_attr, Entrance.generate_token)
+    update_remember_token_expiration!(until_date)
+  end
+
+  def update_remember_token_expiration!(until_date = nil)
+    timestamp = until_date || Entrance.config.remember_for
+    update_attribute(Entrance.config.remember_until_attr, timestamp.from_now)
+  end
+
+  def forget_me!
+    update_attribute(Entrance.config.remember_token_attr, nil)
+    update_attribute(Entrance.config.remember_until_attr, nil)
+  end
+
+  def password
+    @password || Entrance.config.cipher.read(send(Entrance.config.password_attr))
+  end
+
+  def password=(new_password)
+    return if new_password.blank?
+
+    @password = new_password # for validation
+    @password_changed = true
+
+    # if we're using salt and it is empty, generate one
+    if Entrance.config.salt_attr \
+      and send(Entrance.config.salt_attr).blank?
+        self.send(Entrance.config.salt_attr + '=', Entrance.generate_token)
+    end
+
+    self.send(Entrance.config.password_attr + '=', encrypt_password(new_password))
+  end
+
+  def request_password_reset!
+    send(Entrance.config.reset_token_attr + '=', Entrance.generate_token)
+    update_attribute(Entrance.config.reset_until_attr, Entrance.config.reset_password_window.from_now)
+    if save(:validate => false)
+      Entrance.config.mailer_class.constantize.reset_password_request(self).deliver
+    end
+  end
+
+  private
+
+  def get_salt
+    Entrance.config.salt_attr && send(Entrance.config.salt_attr)
+  end
+
+  def encrypt_password(string)
+    Entrance.config.cipher.encrypt(string, get_salt)
+  end
+
+  def password_required?
+    password.blank? or @password_changed
+  end
+
+end

data/lib/entrance/version.rb

@@ -0,0 +1,7 @@
+module Entrance
+  MAJOR = 0
+  MINOR = 0
+  PATCH = 1
+
+  VERSION = [MAJOR, MINOR, PATCH].join('.')
+end

data/lib/entrance.rb

@@ -0,0 +1,83 @@
+####################################
+# Entrance
+#
+# By Tomas Pollak
+# Simple Ruby Authentication Library
+###################################
+
+=begin
+
+In your controller:
+  include Entrance::Controller
+
+  - Provides authenticate_and_login, login!(user), logout! methods
+  - Provices login_required, logged_in? and logged_out? helpers
+
+In your model:
+
+  include Entrance::Model
+
+  - Provides Model.authenticate(username, password)
+  - Provices Model#remember_me! and Model#forget_me!
+  - Provides Model#password getter and setter
+  - Provides Model#request_password_reset!
+=end
+
+require 'entrance/controller'
+require 'entrance/model'
+require 'entrance/ciphers'
+
+require 'active_support/time'
+
+module Entrance
+
+  REMEMBER_ME_TOKEN = 'auth_token'
+
+  def self.config
+    @config ||= Config.new
+  end
+
+  def self.configure
+    yield config
+  end
+
+  def self.generate_token(length = 40)
+    SecureRandom.hex(length/2).encode('UTF-8')
+  end
+
+  class Config
+
+    attr_accessor *%w(
+      model mailer_class cipher secret stretches
+      username_attr password_attr salt_attr
+      remember_token_attr remember_until_attr reset_token_attr reset_until_attr
+      access_denied_redirect_to access_denied_message_key reset_password_window remember_for
+      cookie_domain cookie_secure cookie_path cookie_httponly
+    )
+
+    def initialize
+      @model                 = 'User'
+      @mailer_class          = 'UserMailer'
+      @cipher                = Ciphers::SHA1
+      @secret                = nil
+      @stretches             = 1
+      @username_attr         = 'email'
+      @password_attr         = 'password_hash'
+      @salt_attr             = nil
+      @remember_token_attr   = 'remember_token'
+      @remember_until_attr   = 'remember_token_expires_at'
+      @reset_token_attr      = 'reset_token'
+      @reset_until_attr      = 'reset_token_expires_at'
+      @access_denied_redirect_to  = '/'
+      @access_denied_message_key = 'messages.access_denied'
+      @reset_password_window = 1.hour
+      @remember_for          = 2.weeks
+      @cookie_domain         = nil
+      @cookie_secure         = true
+      @cookie_path           = '/'
+      @cookie_httponly       = false
+    end
+
+  end
+
+end

metadata

@@ -0,0 +1,79 @@
+--- !ruby/object:Gem::Specification
+name: entrance
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Tomás Pollak
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-05 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Doesn't fiddle with your controllers and routes.
+email:
+- tomas@forkhq.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Rakefile
+- entrance.gemspec
+- lib/entrance.rb
+- lib/entrance/ciphers.rb
+- lib/entrance/controller.rb
+- lib/entrance/model.rb
+- lib/entrance/version.rb
+homepage: https://github.com/tomas/entrance
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 1.3.6
+requirements: []
+rubyforge_project: entrance
+rubygems_version: 2.2.0
+signing_key: 
+specification_version: 4
+summary: Lean authentication alternative for Rails and Sinatra.
+test_files: []