RubyGems - foobara-auth-http - Versions diffs - 0.0.2 → 0.0.3 - Mend

foobara-auth-http 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/README.md +80 -1
data/lib/foobara/auth_http.rb +3 -2
data/src/foobara/auth_http/bearer_authenticator.rb +18 -1
metadata +2 -3
data/src/foobara/auth_http.rb +0 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c78d6fc15e3b6a271b9e0121cace66c9ea10ebbcc5b2d52700c0c425a146df05
-  data.tar.gz: 4c786b7908265323485e73400d782bf68a401ba7b552de2b15beb6b43fe407bb
+  metadata.gz: 215085501258008264243a87c8e01db2e9322ea7f33c8cf22553659ff2524d06
+  data.tar.gz: 769f8c1c3cb67b6fcb6c40d65f85ce1c494fc6c1238d6a606e18f7b35423de19
 SHA512:
-  metadata.gz: 89367ef8990d6f353234e85a4373173a2da3be0e4e041ad6b9f666c6b1a91b1e6d98d336cd1186c511ed1ce480f9935dcbd7658529f24194b3065148e6e93038
-  data.tar.gz: bb9df4f89ae8347cbac0c53a5b7475d915c77ff8809cb57c18a850aec22c26f4464e7f9ffa242bc77ba085bd958456ca7dc1edb5eb782f34dc0c28841a3019d8
+  metadata.gz: caa515d8a6fbac87718425dbcacd4c3f4a672ec40746d62b2af42b32b89190f09752a0e0f632c02bedeb53737e734f4c2c6feb8173f1e09d5d6ba6c02f0f9e89
+  data.tar.gz: d008b9ffd7f400931c4a3360370f438d2148e73834b663d996d9ba0cafb83bf0de80b55acfe66beb5b35c556ccd7c534aeb2f07b1845930958a66c60896d9a49

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## [0.0.3] - 2025-04-25
+- Add BearerToken.load_user
 ## [0.0.2] - 2025-04-22
 - Add several helpful request/response mutators

data/README.md CHANGED Viewed

@@ -2,6 +2,16 @@
 Contains helper classes/methods for exposing Foobara::Auth over HTTP
+<!-- TOC -->
+* [Foobara::AuthHttp](#foobaraauthhttp)
+  * [Installation](#installation)
+  * [Usage](#usage)
+    * [Rack example](#rack-example)
+    * [Rails example](#rails-example)
+  * [Contributing](#contributing)
+  * [License](#license)
+<!-- TOC -->
 ## Installation
 Typical stuff: add `gem "foobara-auth-http"` to your Gemfile or .gemspec file. Or even just
@@ -9,7 +19,76 @@ Typical stuff: add `gem "foobara-auth-http"` to your Gemfile or .gemspec file. O
 ## Usage
-TODO: Write usage instructions here
+### Rack example
+TODO
+### Rails example
+Here's an example of using AuthHttp helpers in a Rails app to expose various Foobara::Auth commands over HTTP
+and put them to use:
+```ruby
+require "foobara/rails_command_connector"
+require "foobara/auth_http"
+authenticator = Foobara::AuthHttp::BearerAuthenticator
+Foobara::CommandConnectors::RailsCommandConnector.new(authenticator:)
+require "foobara/rails/routes"
+login_response_mutators = [
+  Foobara::AuthHttp::MoveRefreshTokenToCookie.new(secure: Rails.env.production?),
+  Foobara::AuthHttp::MoveAccessTokenToHeader
+]
+Rails.application.routes.draw do
+  command Foobara::Auth::Register,
+          inputs_transformers: Foobara::AttributesTransformers.only(:username, :email, :plaintext_password)
+  command Foobara::Auth::Login,
+          inputs_transformers: Foobara::AttributesTransformers.only(:username_or_email, :plaintext_password),
+          response_mutators: login_response_mutators
+  command Foobara::Auth::RefreshLogin,
+          request_mutators: Foobara::AuthHttp::SetRefreshTokenFromCookie,
+          inputs_transformers: Foobara::AttributesTransformers.only(:refresh_token),
+          response_mutators: login_response_mutators
+  command Foobara::Auth::Logout,
+          request_mutators: Foobara::AuthHttp::SetRefreshTokenFromCookie,
+          response_mutators: Foobara::AuthHttp::ClearAccessTokenHeader
+  command CreateBlogPost,
+          requires_authentication: true
+  command EditBlogPost,
+          requires_authentication: true,
+          allowed_rule: -> { blog_post.owned_by?(authenticated_user) }
+  # whatever other routes you need/want
+end
+```
+A rundown of everything happening here:
+* We are declaring that we want to authenticate using bearer tokens. These are JWT tokens in an
+  `Authorization: Bearer <token>` header.
+* We are declaring that when we login or refresh our login, we would like to move the new access token
+  from the result to an X-Access-Token header, and we would like
+  to move the new refresh token from the result to a secure http only cookie.
+* We are declaring that when we want to refresh our login, we want to move the refresh token from the
+  headers to an input to RefreshLogin.
+* Logout could technically be handled by the client but for convenience/added safety, we expose
+  Logout and move the refresh token to its inputs so that it can invalidate the refresh token.
+* When we respond from Logout, we set the X-Access-Token header to nil. This is something the client
+  could do but gives an easy way to clobber the client's access token without effort on their end.
+We also expose a few app commands using our authenticator. This is configured as part of command connectors not
+the foobara-auth domain nor this gem but included here as an example.
+The inputs transformers are just convenience items to simplify any clients that import our exposed commands
+to simplify their interfaces and any forms they feel like generating.
 ## Contributing

data/lib/foobara/auth_http.rb CHANGED Viewed

@@ -2,10 +2,10 @@ require "foobara/all"
 require "foobara/http_command_connector"
 require "foobara/auth"
-Foobara::Util.require_directory "#{__dir__}/../../src"
 module Foobara
   module AuthHttp
+    foobara_domain!
     class << self
       def install!
         CommandConnectors::Http.register_authenticator(BearerAuthenticator)
@@ -14,4 +14,5 @@ module Foobara
   end
 end
+Foobara::Util.require_directory "#{__dir__}/../../src"
 Foobara::Monorepo.project "auth_http", project_path: "#{__dir__}/../../"

data/src/foobara/auth_http/bearer_authenticator.rb CHANGED Viewed

@@ -1,6 +1,17 @@
 module Foobara
   module AuthHttp
     class BearerAuthenticator < CommandConnector::Authenticator
+      class << self
+        def load_user(&block)
+          new(load_user: block)
+        end
+      end
+      def initialize(load_user: nil, **)
+        @load_user = load_user || ->(user_id) { Auth::FindUser.run!(id: user_id) }
+        super(**)
+      end
       def symbol
         :bearer
       end
@@ -9,6 +20,10 @@ module Foobara
         @explanation ||= "Expects an access token in authorization header in format of: Bearer <token>"
       end
+      def authenticate(request)
+        request.instance_exec(&to_proc)
+      end
       def block
         return @block if @block
@@ -41,7 +56,9 @@ module Foobara
       end
       def load_user_record(user_id)
-        Auth::FindUser.run!(id: user_id)
+        if user_id
+          @load_user.call(user_id)
+        end
       end
     end
   end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: foobara-auth-http
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Miles Georgi
@@ -63,7 +63,6 @@ files:
 - LICENSE.txt
 - README.md
 - lib/foobara/auth_http.rb
-- src/foobara/auth_http.rb
 - src/foobara/auth_http/bearer_authenticator.rb
 - src/foobara/auth_http/clear_access_token_header.rb
 - src/foobara/auth_http/move_access_token_to_header.rb
@@ -91,7 +90,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.7
+rubygems_version: 3.6.8
 specification_version: 4
 summary: Contains convenience classes/methods for using Foobara::Auth over HTTP
 test_files: []

data/src/foobara/auth_http.rb DELETED Viewed

@@ -1,4 +0,0 @@
-module Foobara
-  module AuthHttp
-  end
-end