entrance 0.4.2 → 0.4.3

data/examples/sinatra-app/app/models.rb

@@ -4,7 +4,7 @@ require 'mongo_mapper'
 require 'entrance'
 
 MongoMapper.connection = Mongo::Connection.new('localhost')
-MongoMapper.database   = 'entrance-example'
+MongoMapper.database   = 'entrance-omniauth-example'
 
 Entrance.configure do |config|
   config.remember_for  = 1.month

data/examples/sinatra-app/app/views/login.erb

@@ -18,5 +18,5 @@
   <input class="right btn btn-primary" tabindex="3" type="submit" value="Log in" />
 
 </form>
-  
+
 <p>Don't have an account? <a href="<%= url('/signup') %>">Sign up</a>.</p>

data/examples/sinatra-omniauth/Gemfile

@@ -0,0 +1,11 @@
+source 'https://rubygems.org'
+
+gem 'rack', '1.5.2'
+gem 'sinatra'
+gem 'sinatra-flash'
+gem 'puma'
+gem 'mongo_mapper'
+gem 'bson_ext'
+gem 'omniauth'
+gem 'omniauth-twitter'
+gem 'entrance', :path => './../../'

data/examples/sinatra-omniauth/README.md

@@ -0,0 +1,13 @@
+## Example Sinatra App with Entrance
+
+A quick example that shows how to use Entrance with a Sinatra modular app. Requires MongoDB.
+
+To run:
+
+    git clone https://github.com/tomas/entrance
+    cd entrance/examples/sinatra-app
+    bundle install
+    # (start mongo, eg 'mongodb --dbpath=/var/lib/mongodb')
+    bundle exec puma
+
+And ready-o. Then point your browser to localhost:9292 and sign up, then sign in using your credentials.

data/examples/sinatra-omniauth/app/models.rb

@@ -0,0 +1,33 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'mongo_mapper'
+require 'entrance'
+
+MongoMapper.connection = Mongo::Connection.new('localhost')
+MongoMapper.database   = 'entrance-example'
+
+Entrance.configure do |config|
+  config.remember_for  = 1.month
+  config.cookie_secure = false # for testing
+end
+
+class User
+  include MongoMapper::Document
+  include Entrance::Model
+
+  key :state, :default => 'active'
+
+  key :name
+  key :auth_provider, String
+  key :auth_uid, String
+
+  key :remember_token
+  key :remember_token_expires_at, Time
+
+  provides_entrance :local => false
+
+  def active?
+    state.to_sym == :active
+  end
+
+end

data/examples/sinatra-omniauth/app/routes.rb

@@ -0,0 +1,45 @@
+%w(./app/models sinatra/base sinatra/flash).each { |lib| require lib }
+
+require 'entrance/addons/omniauth'
+require 'omniauth-twitter'
+
+module Example
+
+  class Routes < Sinatra::Base
+
+    register Sinatra::Flash
+    register Entrance::OmniAuth
+
+    set :sessions, :secret => 'veryverysecretkey'
+    set :views, File.expand_path(File.dirname(__FILE__)) + '/views'
+
+    set :auth_test, true     # only true for testing
+    set :auth_remember, true # enables 'remember me' for omniauth logins
+    set :auth_providers, {
+      :twitter => {
+        :key => 'foobar',
+        :secret => 'xoxoxoxox'
+      }
+    }
+
+    before do
+      login_required :except => ['/login']
+    end
+
+    get '/' do
+      erb :welcome
+    end
+
+    get '/login' do
+      erb :login
+    end
+
+    get '/logout' do
+      logout!
+      flash[:notice] = 'Logged out! See you soon.'
+      redirect to('/login')
+    end
+
+  end
+
+end

data/examples/sinatra-omniauth/app/views/layout.erb

@@ -0,0 +1,26 @@
+<!doctype html>
+<html xml:lang="en" lang="en">
+<head>
+  <meta charset="utf-8" />
+  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+
+  <title>Example Entrance App</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+</head>
+
+<body>
+
+<div id="container" class="clearfix">
+
+  <% [:error, :notice, :success].each do |msg| %>
+    <% if flash && flash[msg] %>
+    <%= "<div class='alert alert-#{msg}'>#{flash[msg]}</div>" %>
+    <% end %>
+  <% end %>
+
+  <%= yield %>
+
+</div>
+
+</body>
+</html>

data/examples/sinatra-omniauth/app/views/login.erb

@@ -0,0 +1,5 @@
+<h2>Log in</h2>
+
+<% Entrance::OmniAuth.providers.each do |name| %>
+  <a href="/auth/<%= name %>">Login with <%= name %></a>
+<% end %>

data/examples/sinatra-omniauth/app/views/welcome.erb

@@ -0,0 +1,3 @@
+<h1>Welcome <%= current_user.name %>!</h1>
+
+<p>You're now logged in. Now it's time to <a href="<%= url('/logout') %>">log out</a>.</p>

data/examples/sinatra-omniauth/config.ru

@@ -0,0 +1,5 @@
+require './app/routes'
+
+map '/' do
+  run Example::Routes
+end

data/lib/entrance/addons/omniauth.rb

@@ -5,13 +5,14 @@ require 'omniauth'
 
 require 'sinatra/base'
 require 'omniauth-twitter'
-require 'entrance/omniauth'
+require 'entrance/addons/omniauth'
 
 class Hello < Sinatra::Base
   register Entrance::OmniAuth
 
-  set :auth_test, false # only true for testing
-  set :auth_providers {
+  set :auth_test, false    # only true for testing
+  set :auth_remember, true # enables 'remember me' for omniauth logins
+  set :auth_providers, {
     :twitter => {
       :key => 'foobar'
     }
@@ -26,13 +27,17 @@ module Entrance
 
     class << self
 
+      def providers
+        @providers ||= []
+      end
+
       def registered(app)
 
         ::Entrance.model.class_eval do
 
           def via_omniauth?
-            send(::Entrance.config.auth_provider_attr).present? \
-              && send(::Entrance.config.auth_uid_attr).present?
+            send(::Entrance.fields.auth_provider).present? \
+              && send(::Entrance.fields.auth_uid).present?
           end
 
           def password_required?
@@ -53,6 +58,9 @@ module Entrance
             # puts "Initializing #{name} provider: #{options.inspect}"
             opts = options || {}
             provider(name, opts[:key], opts[:secret], opts[:extra] || {})
+
+            app.allow_paths.push("/auth/#{name}/callback")
+            ::Entrance::OmniAuth.providers.push(name.to_sym)
           end
         end
 
@@ -66,20 +74,22 @@ module Entrance
             user = ::Entrance::OmniAuth.auth_or_create(auth) or return return_401
 
             if ::Entrance::OmniAuth.valid_user?(user)
-              login!(user)
+              login!(user, app.settings.auth_remember)
               flash[:success] = 'Welcome back!' if respond_to?(:flash)
               redirect_to_stored_or(to('/'))
             else
-              redirect_with('/', :error, 'Unable to authenticate. Please try again.')
+              redirect_with(Entrance.config.access_denied_redirect_to, :error, 'Unable to authenticate. Please try again.')
             end
           end
 
         end # get, post
 
         app.get '/auth/failure' do
-          redirect_with('/', :error, params[:message])
+          redirect_with(Entrance.config.access_denied_redirect_to, :error, params[:message])
         end
 
+        app.allow_paths.push("/auth/failure")
+
       end # registered
 
       def logger
@@ -87,7 +97,7 @@ module Entrance
       end
 
       def log(str)
-        logger.info(str)
+        logger.info(str) rescue nil
       end
 
       def valid_user?(user)
@@ -99,25 +109,25 @@ module Entrance
 
       def can_authenticate_with?(service)
         return true if ::OmniAuth.config.test_mode and service.to_sym == :default
-        settings.auth_providers.keys.map(&:to_sym).include?(service.to_sym)
+        ::Entrance::OmniAuth.providers.include?(service.to_sym)
       end
 
       def find_user_with_username(username)
         query = {}
-        query[::Entrance.config.username_attr] = username # .to_s.downcase.strip
+        query[::Entrance.fields.username] = username # .to_s.downcase.strip
         ::Entrance.model.where(query).first
       end
 
       def find_user_with_provider_and_uid(provider, uid)
         query = {}
-        query[::Entrance.config.auth_provider_attr] = provider
-        query[::Entrance.config.auth_uid_attr] = uid
+        query[::Entrance.fields.auth_provider] = provider
+        query[::Entrance.fields.auth_uid] = uid
         ::Entrance.model.where(query).first
       end
 
       def set_auth_credentials(user, provider, uid)
-        user[::Entrance.config.auth_provider_attr] = provider
-        user[::Entrance.config.auth_uid_attr] = uid
+        user[::Entrance.fields.auth_provider] = provider
+        user[::Entrance.fields.auth_uid] = uid
       end
 
       def store_auth_credentials(user, provider, uid)
@@ -127,8 +137,8 @@ module Entrance
 
       def create_user(name, email, provider, uid)
         data = {}
-        data[::Entrance.config.name_attr] = name
-        data[::Entrance.config.username_attr] = email
+        data[::Entrance.fields.name] = name
+        data[::Entrance.fields.username] = email
         user = ::Entrance.model.new(data)
         set_auth_credentials(user, provider, uid)
 

data/lib/entrance/controller.rb

@@ -4,8 +4,18 @@ module Entrance
 
     REMEMBER_ME_TOKEN = 'auth_token'.freeze
 
+    module ClassMethods
+
+      # lets us do app.skip_paths.push('/specific/path/we/want/unprotected')
+      def allow_paths
+        @allow_paths ||= []
+      end
+
+    end
+
     def self.included(base)
       base.send(:helper_method, :current_user, :logged_in?, :logged_out?) if base.respond_to?(:helper_method)
+      base.extend(ClassMethods)
     end
 
     def authenticate_and_login(username, password, remember_me = false)
@@ -29,7 +39,8 @@ module Entrance
     end
 
     def login_required(opts = {})
-      return if opts[:except] and opts[:except].include?(request.path_info)
+      allowed = (opts[:except] || []) + self.class.allow_paths
+      return if allowed.any? and allowed.include?(request.path_info)
       logged_in? || access_denied
     end
 

data/lib/entrance/fields.rb

@@ -26,43 +26,43 @@ module Entrance
       @auth_uid              = 'auth_uid'
     end
 
-    def validate!
-      raise "Invalid model: #{Entrance.config.model}!" unless Kernel.const_defined?(Entrance.config.model)
+    def validate_field(attr)
+      field = send(attr)
+      unless fields.include?(field.to_sym)
+        raise "Couldn't find '#{field}' in the #{Entrance.model.name} model."
+      end
+    end
 
-      fields = get_model_fields
+    def validate_option(what)
+      if field = send("#{what}_token")
+        until_field = send("#{what}_until")
 
-      %w(username password).each do |attr|
-        field = send(attr)
         unless fields.include?(field.to_sym)
-          raise "Couldn't find '#{field}' in the #{Entrance.model.name} model."
+          raise "No #{field} field found. \
+                 Set the fields.#{what}_token option to nil to disable the #{what} option."
         end
-      end
-
-      %w(remember reset).each do |what|
-        if field = send("#{what}_token")
-          until_field = send("#{what}_until")
-
-          unless fields.include?(field.to_sym)
-            raise "No #{field} field found. \
-                   Set the fields.#{what} option to nil to disable the #{what} option."
-          end
 
-          if until_field
-            unless fields.include?(until_field.to_sym)
-              raise "Couldn't find a #{until_field} field. Cannot continue."
-            end
-          else
-            puts "Disabling expiration timestamp for the #{what} option. This is a VERY bad idea."
+        if until_field
+          unless fields.include?(until_field.to_sym)
+            raise "Couldn't find a #{until_field} field. Cannot continue."
           end
+        else
+          puts "Disabling expiration timestamp for the #{what} option. This is a VERY bad idea."
+        end
 
-          Entrance.config.can?(what, true)
+        Entrance.config.can?(what, true)
 
-          mod = what.to_sym == :remember ? Entrance::Model::RememberMethods : Entrance::Model::ResetMethods
-          Entrance.model.send(:include, mod)
-        end
+        mod = what.to_sym == :remember ? Entrance::Model::RememberMethods : Entrance::Model::ResetMethods
+        Entrance.model.send(:include, mod)
       end
     end
 
+    protected
+
+    def fields
+      @fields ||= get_model_fields
+    end
+
     def get_model_fields
       model = Entrance.model
        if model.respond_to?(:columns)          # ActiveRecord::Base

data/lib/entrance/model.rb

@@ -7,8 +7,9 @@ module Entrance
 
     module ClassMethods
 
-      def provides_entrance(&block)
+      def provides_entrance(options = {}, &block)
         Entrance.config.model = self.name
+        local = options.delete(:local) != false
 
         # if the target model class does not have a Model.where() method,
         # then login_by_session wont work, nor the ClassMethods below.
@@ -19,12 +20,20 @@ module Entrance
 
         fields = Entrance.fields
         yield fields if block_given?
-        fields.validate!
 
-        if self.respond_to?(:validates)
-          validates :password, :presence => true, :length => 6..32, :if => :password_required?
-          validates :password, :confirmation => true, :if => :password_required?
-          validates :password_confirmation, :presence => true, :if => :password_required?
+        # username and remember token are used both for local and remote (omniauth)
+        fields.validate_field(:username)
+        fields.validate_option(:remember)
+
+        if local # allows password & reset
+          fields.validate_field(:password)
+          fields.validate_option(:reset)
+
+          if self.respond_to?(:validates)
+            validates :password, :presence => true, :length => 6..32, :if => :password_required?
+            validates :password, :confirmation => true, :if => :password_required?
+            validates :password_confirmation, :presence => true, :if => :password_required?
+          end
         end
       end
 

data/lib/entrance/version.rb

@@ -1,7 +1,7 @@
 module Entrance
   MAJOR = 0
   MINOR = 4
-  PATCH = 2
+  PATCH = 3
 
   VERSION = [MAJOR, MINOR, PATCH].join('.')
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: entrance
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.4.3
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-13 00:00:00.000000000 Z
+date: 2015-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -111,6 +111,14 @@ files:
 - examples/sinatra-app/app/views/signup.erb
 - examples/sinatra-app/app/views/welcome.erb
 - examples/sinatra-app/config.ru
+- examples/sinatra-omniauth/Gemfile
+- examples/sinatra-omniauth/README.md
+- examples/sinatra-omniauth/app/models.rb
+- examples/sinatra-omniauth/app/routes.rb
+- examples/sinatra-omniauth/app/views/layout.erb
+- examples/sinatra-omniauth/app/views/login.erb
+- examples/sinatra-omniauth/app/views/welcome.erb
+- examples/sinatra-omniauth/config.ru
 - lib/entrance.rb
 - lib/entrance/addons/omniauth.rb
 - lib/entrance/addons/sinatra.rb