entrance 0.2.1 → 0.2.2

data/README.md

@@ -5,8 +5,6 @@ Clean, adaptable authentication library for Rails and Sinatra.
 
     $ gem install entrance
 
-Still in early phase, but it works. BCrypt and SHA1 (a-la Restful Auth) encryption are supported.
-
 # Usage
 
 ``` rb

data/examples/rails-app/db/migrate/20150107032724_create_users.rb

@@ -4,7 +4,7 @@ class CreateUsers < ActiveRecord::Migration
       t.string :name
 
       # email/password
-      t.string :email, :unique => true
+      t.string :email
       t.string :password_hash
 
       # 'remember me' support
@@ -17,5 +17,9 @@ class CreateUsers < ActiveRecord::Migration
 
       t.timestamps
     end
+
+    add_index :users, :email, :unique => true
+    add_index :users, :remember_token
+    add_index :users, :reset_token
   end
 end

data/examples/rails-app/db/schema.rb

@@ -25,4 +25,8 @@ ActiveRecord::Schema.define(version: 20150107032724) do
     t.datetime "updated_at"
   end
 
+  add_index "users", ["email"], name: "index_users_on_email", unique: true
+  add_index "users", ["remember_token"], name: "index_users_on_remember_token"
+  add_index "users", ["reset_token"], name: "index_users_on_reset_token"
+
 end

data/examples/sinatra-app/Gemfile

@@ -0,0 +1,8 @@
+source 'https://rubygems.org'
+
+gem 'sinatra'
+gem 'sinatra-flash'
+gem 'puma'
+gem 'mongo_mapper'
+gem 'bson_ext'
+gem 'entrance', :path => './../../'

data/examples/sinatra-app/app/models.rb

@@ -0,0 +1,36 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'mongo_mapper'
+require 'entrance'
+
+MongoMapper.connection = Mongo::Connection.new('localhost')
+MongoMapper.database   = 'entrance-example'
+
+Entrance.configure do |config|
+  config.remember_for  = 1.month
+  config.cookie_secure = false # for testing
+  config.access_denied_redirect_to = '/login'
+end
+
+class User
+  include MongoMapper::Document
+
+  key :state, :default => 'active'
+
+  key :name
+  key :email, :unique => true
+  key :password_hash
+
+  key :remember_token
+  key :remember_token_expires_at, Time
+
+  key :reset_token
+  key :reset_token_expires_at, Time
+
+  include Entrance::Model # needs to be included after the properties are declared
+
+  def active?
+    state.to_sym == :active
+  end
+
+end

data/examples/sinatra-app/app/routes.rb

@@ -0,0 +1,64 @@
+%w(./app/models logger sinatra/base sinatra/flash entrance).each { |lib| require lib }
+
+module Example
+
+  class Routes < Sinatra::Base
+
+    include Entrance::Controller
+    register Sinatra::Flash
+
+    set :sessions, :secret => 'veryverysecretkey'
+    set :views, File.expand_path(File.dirname(__FILE__)) + '/views'
+
+    before do
+      login_required :except => ['/login', '/signup']
+    end
+
+    get '/' do
+      erb :welcome
+    end
+
+    get '/signup' do
+      erb :signup
+    end
+
+    post '/signup' do
+      if @user = User.new(params[:user]) and @user.save
+        flash[:success] = 'Signed up! Please log in now.'
+        redirect to('/login')
+      else
+        flash[:error] = "Something's wrong. Try again."
+        redirect to('/signup')
+      end
+    end
+
+    get '/login' do
+      if logged_in?
+        redirect(to('/'))
+      else
+        erb :login
+      end
+    end
+
+    post '/login' do
+      if user = User.authenticate(params[:email], params[:password]) and user.active?
+        remember = ['on', '1'].include?(params[:remember_me])
+        login!(user, remember)
+
+        flash[:success] = 'Welcome back!'
+        redirect(session[:return_to] || to('/'))
+      else
+        flash[:error] = "Couldn't log you in. Please try again."
+        redirect to('/login')
+      end
+    end
+
+    get '/logout' do
+      logout!
+      flash[:notice] = 'Logged out! See you soon.'
+      redirect to('/login')
+    end
+
+  end
+
+end

data/examples/sinatra-app/app/views/layout.erb

@@ -0,0 +1,26 @@
+<!doctype html>
+<html xml:lang="en" lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+
+  <title>Example Entrance App</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+</head>
+
+<body>
+
+<div id="container" class="clearfix">
+
+  <% [:error, :notice, :success].each do |msg| %>
+    <% if flash && flash[msg] %>
+    <%= "<div class='alert alert-#{msg}'>#{flash[msg]}</div>" %>
+    <% end %>
+  <% end %>
+
+  <%= yield %>
+
+</div>
+
+</body>
+</html>

data/examples/sinatra-app/app/views/login.erb

@@ -0,0 +1,22 @@
+<h2>Log in</h2>
+
+<form accept-charset="UTF-8" action="<%= url('/login') %>" method="post">
+
+  <p>
+    <input id="email" name="email" placeholder="Email" tabindex="1" type="email" />
+  </p>
+
+  <p>
+    <input id="password" name="password" placeholder="Password" tabindex="2" type="password" />
+  </p>
+
+  <p>
+    <label for="remember_me">Remember me</label>
+    <input checked="checked" id="remember_me" name="remember_me" type="checkbox" />
+  </p>
+
+  <input class="right btn btn-primary" data-disable-with="Logging in..." name="commit" tabindex="4" type="submit" value="Log in" />
+
+</form>
+  
+<p>Don't have an account? <a href="<%= url('/signup') %>">Sign up</a>.</p>

data/examples/sinatra-app/app/views/signup.erb

@@ -0,0 +1,25 @@
+<h2>Sign up</h2>
+
+<form accept-charset="UTF-8" action="/signup" class="new_user" method="post">
+
+  <p>
+    <input id="user_name" name="user[name]" placeholder="Your name" tabindex="1" type="text" />
+  </p>
+
+  <p>
+    <input id="user_email" name="user[email]" placeholder="Your email" tabindex="2" type="text" />
+  </p>
+
+  <p>
+    <input id="user_password" name="user[password]" placeholder="Your password" tabindex="3" type="password" />
+  </p>
+
+  <p>
+    <input id="user_password_confirmation" name="user[password_confirmation]" placeholder="Retype password" tabindex="4" type="password" />
+  </p>
+
+  <input class="right btn btn-primary" data-disable-with="Creating account..." name="commit" tabindex="4" type="submit" value="Sign up" />
+
+</form>
+
+<p>Have an account? <a href="<%= url('/login') %>">Log in</a></p>

data/examples/sinatra-app/app/views/welcome.erb

@@ -0,0 +1,3 @@
+<h1>Welcome <%= current_user.name %>!</h1>
+
+<p>You're now logged in. Now it's time to <a href="<%= url('/logout') %>">log out</a>.</p>

data/examples/sinatra-app/config.ru

@@ -0,0 +1,5 @@
+require './app/routes'
+
+map '/' do
+	run Example::Routes
+end

data/lib/entrance/controller.rb

@@ -110,7 +110,7 @@ module Entrance
 
     def set_remember_cookie
       values = {
-        :expires  => Entrance.config.remember_for.to_i.from_now,
+        :expires  => Time.now + Entrance.config.remember_for.to_i,
         :httponly => Entrance.config.cookie_httponly,
         :path     => Entrance.config.cookie_path,
         :secure   => Entrance.config.cookie_secure,

data/lib/entrance/model.rb

@@ -89,7 +89,8 @@ module Entrance
       def request_password_reset!
         send(Entrance.config.reset_token_attr + '=', Entrance.generate_token)
         if Doorman.config.reset_until_attr
-          update_attribute(Entrance.config.reset_until_attr, Entrance.config.reset_password_window.from_now)
+          timestamp = Time.now + Entrance.config.reset_password_window
+          update_attribute(Entrance.config.reset_until_attr, timestamp)
         end
         if save(:validate => false)
           method = Entrance.config.reset_password_method
@@ -107,8 +108,8 @@ module Entrance
       end
 
       def update_remember_token_expiration!(until_date = nil)
-        seconds = (until_date || Entrance.config.remember_for).to_i
-        update_attribute(Entrance.config.remember_until_attr, seconds.from_now)
+        timestamp = Time.now + (until_date || Entrance.config.remember_for).to_i
+        update_attribute(Entrance.config.remember_until_attr, timestamp)
       end
 
       def forget_me!

data/lib/entrance/version.rb

@@ -1,7 +1,7 @@
 module Entrance
   MAJOR = 0
   MINOR = 2
-  PATCH = 1
+  PATCH = 2
 
   VERSION = [MAJOR, MINOR, PATCH].join('.')
 end

data/lib/entrance.rb

@@ -3,8 +3,6 @@ require 'entrance/model'
 require 'entrance/ciphers'
 require 'entrance/config'
 
-require 'active_support/core_ext/numeric/time'
-
 module Entrance
 
   def self.config
@@ -21,9 +19,8 @@ module Entrance
   end
 
   def self.generate_token(length = 40)
-    str = SecureRandom.hex(length/2)
-    return str unless str.respond_to?(:encode)
-    str.encode('UTF-8')
+    str = Digest::SHA1.hexdigest([Time.now, rand].join)
+    str[0..(length-1)]
   end
 
 end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 2
-  - 1
-  version: 0.2.1
+  - 2
+  version: 0.2.2
 platform: ruby
 authors: 
 - "Tom\xC3\xA1s Pollak"
@@ -59,7 +59,6 @@ files:
 - entrance.gemspec
 - examples/rails-app/.gitignore
 - examples/rails-app/Gemfile
-- examples/rails-app/Gemfile.lock
 - examples/rails-app/README.rdoc
 - examples/rails-app/Rakefile
 - examples/rails-app/app/assets/images/.keep
@@ -122,6 +121,14 @@ files:
 - examples/rails-app/test/test_helper.rb
 - examples/rails-app/vendor/assets/javascripts/.keep
 - examples/rails-app/vendor/assets/stylesheets/.keep
+- examples/sinatra-app/Gemfile
+- examples/sinatra-app/app/models.rb
+- examples/sinatra-app/app/routes.rb
+- examples/sinatra-app/app/views/layout.erb
+- examples/sinatra-app/app/views/login.erb
+- examples/sinatra-app/app/views/signup.erb
+- examples/sinatra-app/app/views/welcome.erb
+- examples/sinatra-app/config.ru
 - lib/entrance.rb
 - lib/entrance/ciphers.rb
 - lib/entrance/config.rb

data/examples/rails-app/Gemfile.lock

@@ -1,96 +0,0 @@
-PATH
-  remote: ./../../
-  specs:
-    entrance (0.2.0)
-      activesupport (>= 3.0)
-      bcrypt (~> 3.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    actionmailer (4.0.4)
-      actionpack (= 4.0.4)
-      mail (~> 2.5.4)
-    actionpack (4.0.4)
-      activesupport (= 4.0.4)
-      builder (~> 3.1.0)
-      erubis (~> 2.7.0)
-      rack (~> 1.5.2)
-      rack-test (~> 0.6.2)
-    activemodel (4.0.4)
-      activesupport (= 4.0.4)
-      builder (~> 3.1.0)
-    activerecord (4.0.4)
-      activemodel (= 4.0.4)
-      activerecord-deprecated_finders (~> 1.0.2)
-      activesupport (= 4.0.4)
-      arel (~> 4.0.0)
-    activerecord-deprecated_finders (1.0.3)
-    activesupport (4.0.4)
-      i18n (~> 0.6, >= 0.6.9)
-      minitest (~> 4.2)
-      multi_json (~> 1.3)
-      thread_safe (~> 0.1)
-      tzinfo (~> 0.3.37)
-    arel (4.0.2)
-    bcrypt (3.1.9)
-    builder (3.1.4)
-    erubis (2.7.0)
-    hike (1.2.3)
-    i18n (0.7.0)
-    kgio (2.9.1)
-    mail (2.5.4)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    mime-types (1.25.1)
-    minitest (4.7.5)
-    multi_json (1.10.1)
-    polyglot (0.3.5)
-    rack (1.5.2)
-    rack-test (0.6.2)
-      rack (>= 1.0)
-    rails (4.0.4)
-      actionmailer (= 4.0.4)
-      actionpack (= 4.0.4)
-      activerecord (= 4.0.4)
-      activesupport (= 4.0.4)
-      bundler (>= 1.3.0, < 2.0)
-      railties (= 4.0.4)
-      sprockets-rails (~> 2.0.0)
-    railties (4.0.4)
-      actionpack (= 4.0.4)
-      activesupport (= 4.0.4)
-      rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
-    raindrops (0.12.0)
-    rake (10.4.2)
-    sprockets (2.12.3)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    sprockets-rails (2.0.1)
-      actionpack (>= 3.0)
-      activesupport (>= 3.0)
-      sprockets (~> 2.8)
-    sqlite3 (1.3.10)
-    thor (0.19.1)
-    thread_safe (0.3.4)
-    tilt (1.4.1)
-    treetop (1.4.15)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.42)
-    unicorn (4.8.2)
-      kgio (~> 2.6)
-      rack
-      raindrops (~> 0.7)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  entrance!
-  rails (= 4.0.4)
-  sqlite3
-  unicorn