gatleon-authform-rails 0.2.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2aad9fabb2346b07e8aa80a03f2e06bdeda6fe6eead9ad8dc72fa9a8a1c0ffe7
-  data.tar.gz: 366e08bf5690ec7a6db9156cc663d7355b551a07fa8d8bc2b4703a418e52702f
+  metadata.gz: f583501fb5e708d2e8e58b3410d38dfd1ff87f7224753657c95edc4737ccc4b4
+  data.tar.gz: 0f509e2572a8b9c2356f1b6c59e2c9f0dce1b2cb07fceb315b96937ee87c93cb
 SHA512:
-  metadata.gz: 9fcbe5be7e43150b8c6f17070dcc8cf2401f6d1883be0ce35bb8f6632aa233f277d81bd3ea3a66c04de28d9893582b50aad4361965923a770b7ddd0819929091
-  data.tar.gz: 89c79d90bdcdebbff0944d7a9f7f000407612b72f130bca589f5c80ccaa8677e6eec265a5c473f26df17c7c85a12acdcf8048191f72aeaf9c7c054d1dce17ffb
+  metadata.gz: a26d09bed9e2f0f312e76984ce9779ea367e9c9a534db4dbedcebb02aba61ce31a206d494566fbb2dfd51af00a2e7e6c299ea030175911a0a63ca815b881faae
+  data.tar.gz: 4c03dfb1ed74fa7266c1dfc235aa728f0a53f3a3ec2b2547de4e8225566fe2bef9ede16386c14558634f729fb4a8841454775c030461a190527aa6631fcbd6b2

data/.gitignore

@@ -9,3 +9,4 @@
 
 # rspec failure tracking
 .rspec_status
+.byebug_history

data/Gemfile.lock

@@ -1,7 +1,8 @@
 PATH
   remote: .
   specs:
-    gatleon-authform-rails (0.2.0)
+    gatleon-authform-rails (0.6.0)
+      xxhash
 
 GEM
   remote: https://rubygems.org/
@@ -143,6 +144,7 @@ GEM
     websocket-driver (0.7.1)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.4)
+    xxhash (0.4.0)
     yard (0.9.24)
     zeitwerk (2.3.0)
 

data/README.md

@@ -1,6 +1,4 @@
-![authform-rails](https://raw.githubusercontent.com/gatleon/gatleon-authform-rails/master/gatleon-authform-rails.png)
-
-# authform-rails by gatleon
+# gatleon-authform-rails
 
 add authentication to your application - in 1 minute or less.
 
@@ -18,22 +16,33 @@ and then execute:
 $ bundle install
 ```
 
-add a profile controller
+open rails credentials:
+
+```
+$ EDITOR=vim rails credentials:edit
+```
+
+set authform credentials:
+
+```
+authform:
+  public_key: "Available at https://authform.gatleon.com"
+  secret_key: "Available at https://authform.gatleon.com"
+```
+
+add a profile controller:
 
 ```ruby
 class ProfileController < ActionController::Base
-  AUTHFORM_FORM_SECRET_KEY = "" # Available at https://authform.gatleon.com. coming soon!
-  AUTHFORM_FORM_PUBLIC_KEY = "" # Available at https://authform.gatleon.com. coming soon!
-
-  include Gatleon::Authform::Rails::Concern.new(public_key: AUTHFORM_FORM_PUBLIC_KEY, secret_key: AUTHFORM_FORM_SECRET_KEY)
+  include Gatleon::Authform::Rails::Concern.new(Rails.application.credentials.dig(:authform))
 
   before_action :require_login, only: [:index]
 
   def index
     erb = <<~ERB
       <h1>Profile</h1>
-      <p style="color: green;">You are signed in.</p>
-      <p><%= current_user %></p>
+      <p style="color: green;">You are signed in. (<a href="/profile/signoff">sign off</a>)</p>
+      <p><%= current_user._id %> <%= current_user._email %></p>
     ERB
 
     render inline: erb
@@ -43,7 +52,8 @@ class ProfileController < ActionController::Base
     erb = <<~ERB
       <p style="color: red;"><%= flash[:error] %></p>
       <h1>Sign In</h1>
-      <form action="https://authform.gatleon.com/v1/form/<%= ProfileController::AUTHFORM_FORM_PUBLIC_KEY %>" method="POST">
+      <form action="https://authformapi.gatleon.com/v1/form/<%= Rails.application.credentials.dig(:authform, :public_key) %>" method="POST">
+        <input type="hidden" name="successPath" value="/profile">
         <input type="email" name="email">
         <button type="submit">Sign In</button>
       </form>
@@ -52,6 +62,12 @@ class ProfileController < ActionController::Base
     render inline: erb
   end
 
+  def signoff
+    current_user.signoff!
+
+    redirect_to(profile_signin_path) and return
+  end
+
   private
 
   def require_login
@@ -64,12 +80,13 @@ class ProfileController < ActionController::Base
 end
 ```
 
-add profile routes to routes.rb
+add profile routes to routes.rb:
 
 ```ruby
 Rails.application.routes.draw do
-  get '/profile', to: 'profile#index', as: 'profile'
-  get '/profile/signin', to: 'profile#signin', as: 'profile_signin'
+  get "/profile", to: "profile#index", as: :profile
+  get "/profile/signin", to: "profile#signin", as: :profile_signin
+  get "/profile/signoff", to: "profile#signoff", as: :profile_signoff
 end
 ```
 

data/gatleon-authform-rails.gemspec

@@ -24,4 +24,6 @@ Gem::Specification.new do |spec|
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+
+  spec.add_runtime_dependency "xxhash"
 end

data/lib/gatleon/authform/rails/concern.rb

@@ -1,3 +1,5 @@
+require "xxhash"
+
 module Gatleon
   module Authform
     module Rails
@@ -6,7 +8,7 @@ module Gatleon
                        secret_key:,
                        domain: nil,
                        current_user_method_name: "current_user",
-                       _authform_base_url: "https://authform.gatleon.com")
+                       _authform_base_url: "https://authformapi.gatleon.com")
           super() do
             extend ActiveSupport::Concern
 
@@ -20,9 +22,11 @@ module Gatleon
             # defaults to current_user
             define_method current_user_method_name do
               begin
-                json = JSON.parse(cookies[_authform_user_cookie_key])["data"]
-
-                Gatleon::Authform::Rails::User.new(json: json, _form_secret_key: secret_key, _authform_base_url: _authform_base_url)
+                Gatleon::Authform::Rails::User.new(_cookies: cookies,
+                                                   _authform_user_cookie_key: _authform_user_cookie_key,
+                                                   _form_secret_key: secret_key,
+                                                   _domain: domain,
+                                                   _authform_base_url: _authform_base_url)
               rescue
                 nil
               end
@@ -47,7 +51,7 @@ module Gatleon
             end
 
             define_method :_authform_user_cookie_key do
-              public_key # allows for multiple forms per site
+             "#{public_key}_#{XXhash.xxh32(domain)}"
             end
 
             define_method :_cookie_attrs do |value|

data/lib/gatleon/authform/rails/user.rb

@@ -1,30 +1,45 @@
+require "json"
+
 module Gatleon
   module Authform
     module Rails
       class User
         PERMITTED_CHARS = /\A[a-zA-Z0-9_)]*\z/
 
-        def initialize(json:, _form_secret_key:, _authform_base_url:)
-          @json = json
-
+        def initialize(_cookies:,
+                       _authform_user_cookie_key:,
+                       _form_secret_key:,
+                       _domain:,
+                       _authform_base_url:)
+          @_cookies = _cookies
+          @_authform_user_cookie_key = _authform_user_cookie_key
           @_form_secret_key = _form_secret_key
+          @_domain = _domain
           @_authform_base_url = _authform_base_url
+
+          parse!
+        end
+
+        def parse!
+          !!_id
+        rescue
+          raise Gatleon::Authform::Rails::Error
         end
 
         # Getters
         #
         def _id
-          @json["_id"]
+          data["_id"]
         end
 
         def _email
-          @json["_email"]
+          data["_email"]
         end
 
         # Getters
         #
         def [](key)
-          @json[key.to_s]
+          data[key.to_s]
         end
 
         # Setters
@@ -38,8 +53,31 @@ module Gatleon
 
           raise Gatleon::Authform::Rails::Error, "only characters a-z, A-Z, 0-9, and _ permitted in field name" unless key.match?(PERMITTED_CHARS)
 
-          @json[key] = value.to_s
+          data[key] = value.to_s
+        end
+
+        def data
+          _json["data"]
+        end
+
+        def _json
+          @_json ||= JSON.parse(@_cookies[@_authform_user_cookie_key])
+        end
+
+        def signoff!
+          if @_domain
+            @_cookies.delete(@_authform_user_cookie_key, domain: @_domain)
+          else
+            @_cookies.delete(@_authform_user_cookie_key)
+          end
         end
+        alias_method :sign_off!, :signoff!
+        alias_method :signout!, :signoff!
+        alias_method :sign_out!, :signoff!
+        alias_method :logout!, :signoff!
+        alias_method :log_out!, :signoff!
+        alias_method :logoff!, :signoff!
+        alias_method :log_off!, :signoff!
 
         private
 

data/lib/gatleon/authform/rails/version.rb

@@ -1,7 +1,7 @@
 module Gatleon
   module Authform
     module Rails
-      VERSION = "0.2.0"
+      VERSION = "0.6.0"
     end
   end
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: gatleon-authform-rails
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.6.0
 platform: ruby
 authors:
 - gatleon
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-05-02 00:00:00.000000000 Z
-dependencies: []
+date: 2020-08-18 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: xxhash
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: add authentication to your application - in 1 minute or less
 email:
 - ''
@@ -29,7 +43,6 @@ files:
 - bin/console
 - bin/setup
 - gatleon-authform-rails.gemspec
-- gatleon-authform-rails.png
 - lib/gatleon/authform/rails.rb
 - lib/gatleon/authform/rails/concern.rb
 - lib/gatleon/authform/rails/user.rb