grape_devise_auth 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +48 -16
- data/lib/grape_devise_auth/configuration.rb +3 -1
- data/lib/grape_devise_auth/middleware.rb +2 -1
- data/lib/grape_devise_auth/version.rb +1 -1
- data/lib/grape_devise_auth.rb +3 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5697026be87537c48da1ad69535fa5d648af3495
|
|
4
|
+
data.tar.gz: 471e1c8acdeed66a8655ee9d9fe11c226934aac4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3ab146e68d78975d85587cd499f3e3d81eb07651112054dc3c05d0fd5f223712544f8f6fcc012cfa8083636a1e955ca03e5ff8c776a7fb400e3947d1eb02a881
|
|
7
|
+
data.tar.gz: b06cb6c50d449389cb58116958d8c365b649023a2595d694e3822078a6edd2e5fffda47b47f62a24a4dff384ffac71f31bc644c6c2c16aa74b05720c03d8bbad
|
data/CHANGELOG.md
ADDED
data/README.md
CHANGED
|
@@ -27,24 +27,54 @@ the grape API will get loaded:
|
|
|
27
27
|
GrapeDeviseAuth.setup!
|
|
28
28
|
```
|
|
29
29
|
|
|
30
|
-
Available config parameters and default values:
|
|
30
|
+
####Available config parameters and default values:
|
|
31
31
|
|
|
32
|
+
Sometimes it's necessary to make several requests to the API at the same time. In this case, each request in the batch will need to share the same auth token. This setting determines how far apart the requests can be while still using the same auth token.
|
|
32
33
|
```
|
|
33
34
|
batch_request_buffer_throttle = 2.weeks
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
|
|
38
|
+
By default the authorization headers will change after each request. The client is responsible for keeping track of the changing tokens. Change this to false to prevent the Authorization header from changing after each request.
|
|
39
|
+
```
|
|
34
40
|
change_headers_on_each_request = true
|
|
35
|
-
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
|
|
44
|
+
Set default provider for newly created user. This field uses to determine what field will be used as uid
|
|
45
|
+
```
|
|
36
46
|
default_provider = 'email'
|
|
47
|
+
```
|
|
48
|
+
|
|
49
|
+
|
|
50
|
+
By default, users will need to re-authenticate after 2 weeks. This setting determines how long tokens will remain valid after they are issued.
|
|
51
|
+
```
|
|
37
52
|
token_lifespan = 2.weeks
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
Sets the max number of concurrent devices per user, which is 10 by default. After this limit is reached, the oldest tokens will be removed.
|
|
57
|
+
```
|
|
38
58
|
max_number_of_devices = 10
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
|
|
62
|
+
Makes it possible to change the headers names
|
|
63
|
+
```
|
|
39
64
|
headers_names = {:'access-token' => 'access-token',
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
65
|
+
:'client' => 'client',
|
|
66
|
+
:'expiry' => 'expiry',
|
|
67
|
+
:'uid' => 'uid',
|
|
68
|
+
:'token-type' => 'token-type' }
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
|
|
72
|
+
When set to false, does not sign a user in automatically after their password is reset. Defaults to false, so a user is not signed in automatically after a reset.
|
|
73
|
+
```
|
|
44
74
|
remove_tokens_after_password_reset = false
|
|
45
75
|
```
|
|
46
76
|
|
|
47
|
-
Within the Grape API:
|
|
77
|
+
####Within the Grape API:
|
|
48
78
|
|
|
49
79
|
```
|
|
50
80
|
class Posts < Grape::API
|
|
@@ -56,15 +86,17 @@ class Posts < Grape::API
|
|
|
56
86
|
end
|
|
57
87
|
```
|
|
58
88
|
|
|
59
|
-
Inside your User model:
|
|
89
|
+
####Inside your User model:
|
|
60
90
|
|
|
61
91
|
```
|
|
62
|
-
|
|
92
|
+
class User < ActiveRecord::Base
|
|
93
|
+
include GrapeDeviseAuth::Concerns::User
|
|
63
94
|
|
|
64
95
|
# ...
|
|
96
|
+
end
|
|
65
97
|
```
|
|
66
98
|
|
|
67
|
-
Endpoints can be called by `method_name_YOUR_MAPPING_HERE!` (e.g. `authenticate_user!`).
|
|
99
|
+
####Endpoints can be called by `method_name_YOUR_MAPPING_HERE!` (e.g. `authenticate_user!`).
|
|
68
100
|
|
|
69
101
|
For Example:
|
|
70
102
|
|
|
@@ -77,6 +109,9 @@ get '/' do
|
|
|
77
109
|
end
|
|
78
110
|
```
|
|
79
111
|
|
|
112
|
+
Every endpoind has a version that doesn't fail or returns 401. For example authenticate_user(notice that it lacks of exclamation mark)
|
|
113
|
+
|
|
114
|
+
|
|
80
115
|
Get current auth headers:
|
|
81
116
|
|
|
82
117
|
```
|
|
@@ -84,7 +119,7 @@ user_auth_headers
|
|
|
84
119
|
```
|
|
85
120
|
|
|
86
121
|
|
|
87
|
-
Devise routes must be present:
|
|
122
|
+
####Devise routes must be present:
|
|
88
123
|
|
|
89
124
|
```
|
|
90
125
|
Rails.application.routes.draw do
|
|
@@ -92,14 +127,11 @@ Rails.application.routes.draw do
|
|
|
92
127
|
end
|
|
93
128
|
```
|
|
94
129
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
Necessary parameters for endpoints:
|
|
130
|
+
###Necessary parameters for endpoints:
|
|
99
131
|
|
|
100
132
|
login_user! - uid and password (inside request body)
|
|
101
133
|
|
|
102
|
-
register_user! - uid and any
|
|
134
|
+
register_user! - uid and any fields you have validations for (inside request body)
|
|
103
135
|
|
|
104
136
|
authenticate_user! - uid, client, access-token (inside request headers)
|
|
105
137
|
|
|
@@ -7,7 +7,8 @@ module GrapeDeviseAuth
|
|
|
7
7
|
:token_lifespan,
|
|
8
8
|
:max_number_of_devices,
|
|
9
9
|
:headers_names,
|
|
10
|
-
:remove_tokens_after_password_reset
|
|
10
|
+
:remove_tokens_after_password_reset,
|
|
11
|
+
:skip_middleware_unauthorized_error_raising
|
|
11
12
|
|
|
12
13
|
ACCESS_TOKEN_KEY = 'HTTP_ACCESS_TOKEN'
|
|
13
14
|
EXPIRY_KEY = 'HTTP_EXPIRY'
|
|
@@ -28,6 +29,7 @@ module GrapeDeviseAuth
|
|
|
28
29
|
:'uid' => 'uid',
|
|
29
30
|
:'token-type' => 'token-type' }
|
|
30
31
|
@remove_tokens_after_password_reset = false
|
|
32
|
+
@skip_middleware_unauthorized_error_raising = true
|
|
31
33
|
end
|
|
32
34
|
|
|
33
35
|
def auth_all?
|
|
@@ -13,7 +13,8 @@ module GrapeDeviseAuth
|
|
|
13
13
|
auth_all
|
|
14
14
|
responses_with_auth_headers(*@app.call(env))
|
|
15
15
|
rescue Unauthorized => _e
|
|
16
|
-
return unauthorized
|
|
16
|
+
return unauthorized unless GrapeDeviseAuth.skip_middleware_unauthorized_error_raising
|
|
17
|
+
raise Unauthorized
|
|
17
18
|
end
|
|
18
19
|
end
|
|
19
20
|
|
data/lib/grape_devise_auth.rb
CHANGED
|
@@ -17,7 +17,9 @@ module GrapeDeviseAuth
|
|
|
17
17
|
:token_lifespan,
|
|
18
18
|
:max_number_of_devices,
|
|
19
19
|
:headers_names,
|
|
20
|
-
:remove_tokens_after_password_reset
|
|
20
|
+
:remove_tokens_after_password_reset,
|
|
21
|
+
:authenticate_all,
|
|
22
|
+
:skip_middleware_unauthorized_error_raising
|
|
21
23
|
|
|
22
24
|
def configuration
|
|
23
25
|
@configuration ||= Configuration.new
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: grape_devise_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Anton Sokolskyi
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-11-
|
|
11
|
+
date: 2016-11-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -74,6 +74,7 @@ extensions: []
|
|
|
74
74
|
extra_rdoc_files: []
|
|
75
75
|
files:
|
|
76
76
|
- ".gitignore"
|
|
77
|
+
- CHANGELOG.md
|
|
77
78
|
- Gemfile
|
|
78
79
|
- LICENSE.txt
|
|
79
80
|
- README.md
|