forget-passwords 0.2.12 → 0.2.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +9 -0
- data/lib/forget-passwords/version.rb +1 -1
- data/lib/forget-passwords.rb +11 -7
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4db3ce83ab06fe2e7ba9fbf453370f1182e8fc6e7f888e1edd2851e1eb4dfe1a
|
|
4
|
+
data.tar.gz: '049d12c72b928352235e422c2c737a7c7827d5284a68054ea09f50c7d3a962d0'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2d3bc2353a0b41009cb7b537a67bc58210670095949afbe21ada7221912c3d6a91c580240d56803b159a32a73c3d4e1c756f7b34c288879be61f842740c6bf20
|
|
7
|
+
data.tar.gz: 3c7771eb7709deeeca3c7617be519168d6387c619b5e0de0a61243905bb8a4f5a9a2667ab6a63ada192c962a426301e2d83400a5370dc212aaa7e2ee1f69eefb
|
data/README.md
CHANGED
|
@@ -524,6 +524,15 @@ email:
|
|
|
524
524
|
# additional SMTP configuration would go here, if applicable.
|
|
525
525
|
```
|
|
526
526
|
|
|
527
|
+
## Alternate Authentication Methods
|
|
528
|
+
|
|
529
|
+
It is possible to take the token in the cookie and feed it in as
|
|
530
|
+
either a `Basic` authentication password or `Bearer` token. In the
|
|
531
|
+
case of `Basic`, the username is ignored. This enables `curl` or API
|
|
532
|
+
access, or other automated things like feed readers. There is
|
|
533
|
+
currently no UI for this, but an "app password" management screen is
|
|
534
|
+
potentially on the horizon.
|
|
535
|
+
|
|
527
536
|
## Future Directions
|
|
528
537
|
|
|
529
538
|
This project began on something of a lark, with the intent to make a
|
data/lib/forget-passwords.rb
CHANGED
|
@@ -11,6 +11,7 @@ require 'rack'
|
|
|
11
11
|
require 'rack/request'
|
|
12
12
|
require 'rack/response'
|
|
13
13
|
|
|
14
|
+
require 'base64'
|
|
14
15
|
require 'mail'
|
|
15
16
|
|
|
16
17
|
module ForgetPasswords
|
|
@@ -531,17 +532,20 @@ module ForgetPasswords
|
|
|
531
532
|
end
|
|
532
533
|
|
|
533
534
|
def handle_auth req
|
|
534
|
-
|
|
535
|
-
|
|
536
|
-
|
|
537
|
-
|
|
538
|
-
|
|
539
|
-
|
|
535
|
+
auth = req.get_header('Authorization') || req.env['HTTP_AUTHORIZATION']
|
|
536
|
+
if auth and !auth.strip.empty?
|
|
537
|
+
mech, *auth = auth.strip.split
|
|
538
|
+
token = case mech.downcase
|
|
539
|
+
when 'basic'
|
|
540
|
+
# can't trust/use rack here
|
|
541
|
+
Base64.decode64(auth.first || '').split(?:, 2).last
|
|
542
|
+
when 'bearer'
|
|
543
|
+
auth.first
|
|
540
544
|
end
|
|
545
|
+
|
|
541
546
|
if token
|
|
542
547
|
handle_token req, token
|
|
543
548
|
else
|
|
544
|
-
# XXX one day maybe this can be more descriptive??
|
|
545
549
|
default_401 req
|
|
546
550
|
end
|
|
547
551
|
elsif knock = req.GET[@keys[:query]]
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: forget-passwords
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dorian Taylor
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-12-
|
|
11
|
+
date: 2022-12-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|