has_protected_token 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eab02b7662c9a1411f7e12d6ba5b847ed6abed6ae0c9320f872d889344647087
-  data.tar.gz: 6c97a89ebc3c9b0b937d074bfbb034c1bb23e8a0df2f4855788b32bdac0e57b8
+  metadata.gz: 363aabd71ffa00d3aea3fc45ea5c75459d73eb7ad5f5ed3f4534746b9de42885
+  data.tar.gz: 9bf9566a560122891e76206ee6b719df3037af9ce7f308bff42b3fa787228cff
 SHA512:
-  metadata.gz: 1ad8401ee713aacc57e39d64a41088d249b14deedd83cc0b95d368e13f6997a220a41781ec8a34cb7fead5a787c0ef24cfbb77cd388e2058071d06582f219eaa
-  data.tar.gz: 6322d1b090e322b1064c3c3306f737a6e801ca87b9c9a26678f9f2e8d09f5d36aba3bbf8e8dea1ce88b67f3731e0a7ab66775eaacc100350dd562276ee7edce4
+  metadata.gz: 583fac5f9054fe9a9c6f40bc9814f6f76ddb03214bbfa3d4e1f43374822662f94fa737e04ca80e9e79d87cd07f978b86a9d85985fa1559e1d1b0761ac1b7af99
+  data.tar.gz: 6a01174335793e1548dc280af4ec1ca52a7b66d532c5a34ebeb94de51fca13ed2dfb7a55129189f2dfd013906c27b8e213c1d64bf2e3b4cfb601731f3f8e245b

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,45 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at 1337dallen@gmail.com. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+For answers to common questions about this code of conduct, see https://www.contributor-covenant.org/faq

data/CONTRIBUTING.md

@@ -0,0 +1,33 @@
+# Contributing
+
+Improvements, bug-fixes, suggestions, etc are very welcome. If it's your first time contributing to open-source, so much the better.
+
+## Opening an issue
+
+If you've found a bug or have a feature request, please [open an issue](https://github.com/StaphSynth/has_protected_token/issues) on the github project page.
+
+If you're reporting a bug, please provide the steps required to reproduce it and include your Ruby and ActiveRecord versions.
+
+## Contributing code/documentation
+
+All contributions are welcome, even if you're fixing a typo!
+
+1. Fork the repository and run `$ bundle install`.
+2. Checkout a new branch and make your changes.
+3. [Open a pull request](https://github.com/StaphSynth/has_protected_token/pulls) on the github project page. Describe the the issue you're addressing and how your changes resolve it.
+
+For those who are unfamiliar with the above workflow, or it's your first time contributing to open-source, there are some great [guides](https://github.com/collections/choosing-projects) available to help [get you started](https://github.com/FreeCodeCamp/how-to-contribute-to-open-source).
+
+### Running the test suite
+
+All code changes must include test coverage.
+
+While working on changes, the simplest way of running the test suite is:
+
+`$ rake test`
+
+However, that command only runs the suite against your current version of Ruby and ActiveRecord. Before opening a pull request, you may wish to run the full Travis-CI test suite which tests your code against all supported versions of Ruby and ActiveRecord. To do this, run:
+
+`$ rake ci`
+
+You'll need to make sure you have Ruby 2.3, 2.4, 2.5 and 2.6 installed first, though. (If you don't know how to do this, [here](https://syntheta.se/coding/2018/12/09/getting-started-with-ruby.html) is a quick guide on setting up Ruby version management.)

data/Gemfile.lock

@@ -1,24 +1,24 @@
 PATH
   remote: .
   specs:
-    has_protected_token (0.1.0)
+    has_protected_token (0.1.1)
       activerecord (>= 4.2)
       bcrypt (~> 3.1.1)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activemodel (6.0.0)
-      activesupport (= 6.0.0)
-    activerecord (6.0.0)
-      activemodel (= 6.0.0)
-      activesupport (= 6.0.0)
-    activesupport (6.0.0)
+    activemodel (6.0.1)
+      activesupport (= 6.0.1)
+    activerecord (6.0.1)
+      activemodel (= 6.0.1)
+      activesupport (= 6.0.1)
+    activesupport (6.0.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-      zeitwerk (~> 2.1, >= 2.1.8)
+      zeitwerk (~> 2.2)
     appraisal (2.2.0)
       bundler
       rake
@@ -32,7 +32,7 @@ GEM
     diff-lcs (1.3)
     i18n (1.7.0)
       concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.3)
+    jaro_winkler (1.5.4)
     minitest (5.13.0)
     parallel (1.18.0)
     parser (2.6.5.0)
@@ -52,7 +52,7 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.0)
-    rubocop (0.69.0)
+    rubocop (0.76.0)
       jaro_winkler (~> 1.5.1)
       parallel (~> 1.10)
       parser (>= 2.6)
@@ -67,7 +67,7 @@ GEM
       thread_safe (~> 0.1)
     unicode-display_width (1.6.0)
     wwtd (1.4.0)
-    zeitwerk (2.2.0)
+    zeitwerk (2.2.2)
 
 PLATFORMS
   ruby

data/README.md

@@ -1,6 +1,7 @@
-# has_protected_token
+[![Build Status](https://api.travis-ci.com/StaphSynth/has_protected_token.svg?branch=master)](https://travis-ci.com/StaphSynth/has_protected_token)
+[![Gem Version](https://badge.fury.io/rb/has_protected_token.svg)](https://badge.fury.io/rb/has_protected_token)
 
-Current version: _0.0.0beta_. This gem is currently in pre-release beta and a stable release will be made _real soon now_.
+# has_protected_token
 
 ## What?
 
@@ -8,7 +9,7 @@ Abstracts away generating, storing and validating user auth tokens. Use it if yo
 
 ## Installation
 
-Requirements: Ruby >= 2.2, ActiveRecord >= 4.2
+Requirements: Ruby >= 2.3, ActiveRecord >= 4.2
 
 From the command line:
 
@@ -19,7 +20,7 @@ $ gem install has_protected_token
 In your project gemfile:
 
 ```ruby
-  gem 'has_protected_token'
+gem 'has_protected_token'
 ```
 
 ## Usage
@@ -82,3 +83,7 @@ user.validate_token('incorrect value')
 ```ruby
 has_protected_token cost: 16
 ```
+
+## Contributing
+
+Contributions are very welcome. Please see the [documentation](https://github.com/StaphSynth/has_protected_token/blob/master/CONTRIBUTING.md) for help on geting started.

data/has_protected_token.gemspec

@@ -2,16 +2,18 @@
 
 Gem::Specification.new do |s|
   s.name        = 'has_protected_token'
-  s.version     = '0.1.0'
+  s.version     = '0.1.1'
   s.date        = '2019-10-06'
   s.summary     = 'Easily generate random tokens for any ActiveRecord model and store them securely in the database.'
   s.description = 'Generate random tokens (or use your own) for any ActiveRecord model. Hashes and salts the token before storage in the database using the same methodology as has_secure_password.'
   s.author      = 'David Allen'
   s.email       = '1337dallen@gmail.com' # yes, I know it's a terrible email address...
-  s.files       = `git ls-files`.split("\n")
   s.homepage    = 'https://github.com/StaphSynth/has_protected_token'
   s.license     = 'MIT'
   s.required_ruby_version = '>= 2.3'
+  s.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^spec/}) }
+  end
 
   s.add_dependency 'activerecord', '>= 4.2'
   s.add_dependency 'bcrypt', '~> 3.1.1'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: has_protected_token
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - David Allen
@@ -192,9 +192,11 @@ files:
 - ".ruby-version"
 - ".travis.yml"
 - Appraisals
+- CODE_OF_CONDUCT.md
+- CONTRIBUTING.md
 - Gemfile
 - Gemfile.lock
-- LICENSE.txt
+- LICENSE.md
 - README.md
 - Rakefile
 - gemfiles/.bundle/config
@@ -205,11 +207,6 @@ files:
 - gemfiles/AR_6.0.gemfile
 - has_protected_token.gemspec
 - lib/has_protected_token.rb
-- spec/features/token_authentication_spec.rb
-- spec/lib/has_protected_token_spec.rb
-- spec/spec_helper.rb
-- spec/support/model.rb
-- spec/support/schema.rb
 homepage: https://github.com/StaphSynth/has_protected_token
 licenses:
 - MIT

data/spec/features/token_authentication_spec.rb

@@ -1,43 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe 'token authentication' do
-  let(:user) { User.create }
-
-  describe 'for locally generated tokens' do
-    describe 'when presented with the correct secret value' do
-      it 'returns true' do
-        secret = user.regenerate_token
-
-        expect(user.authenticate_token(secret)).to eq(true)
-      end
-    end
-
-    describe 'when presented with the incorrect secret value' do
-      it 'returns false' do
-        user.regenerate_token
-
-        expect(user.authenticate_token('derp derp')).to eq(false)
-      end
-    end
-  end
-
-  describe 'for user-supplied tokens' do
-    before do
-      user.token = 'trains'
-    end
-
-    describe 'when presented with the correct secret value' do
-      it 'returns true' do
-        expect(user.authenticate_token('trains')).to eq(true)
-      end
-    end
-
-    describe 'when presented with the incorrect secret value' do
-      it 'returns false' do
-        expect(user.authenticate_token('buses')).to eq(false)
-      end
-    end
-  end
-end

data/spec/lib/has_protected_token_spec.rb

@@ -1,140 +0,0 @@
-# frozen_string_literal: true
-
-require 'spec_helper'
-
-describe ActiveRecord::ProtectedToken do
-  let(:user) { User.create }
-  let(:raw_token) { 'raw_token' }
-  let(:hashed_token) { '$hashed_token$' }
-
-  describe 'options hash' do
-    describe 'column_name' do
-      context 'when no value is provided' do
-        it 'defaults to "token"' do
-          expect(user.respond_to?(:regenerate_token)).to be(true)
-        end
-      end
-
-      context 'when a symbol is passed' do
-        let(:user) { SpecialUser.create }
-
-        it 'uses it as an attribute name' do
-          expect(user.respond_to?(:regenerate_shared_secret)).to be(true)
-          expect(user.respond_to?(:regenerate_token)).to be(false)
-        end
-      end
-    end
-
-    describe 'cost' do
-      context 'when no value provided' do
-        it 'defaults to BCrypt::Engine::DEFAULT_COST' do
-          expect(BCrypt::Password).to receive(:create).with(
-            raw_token,
-            cost: BCrypt::Engine::DEFAULT_COST
-          )
-
-          user.token = raw_token
-        end
-      end
-
-      context 'when an integer is provided' do
-        let(:user) { LowCostUser.new }
-
-        it 'accepts that instead' do
-          expect(BCrypt::Password).to receive(:create).with(
-            raw_token,
-            cost: 4
-          )
-
-          user.token = raw_token
-        end
-      end
-    end
-  end
-
-  context 'instance methods' do
-    before do
-      allow(User).to receive(:generate_token).and_return(raw_token)
-      allow(BCrypt::Password).to receive(:create).and_return(hashed_token)
-      allow(BCrypt::Password).to(
-        receive(:new).with(hashed_token).and_return(raw_token)
-      )
-    end
-
-    describe '#regenerate_token' do
-      it 'returns a new token' do
-        expect(user.regenerate_token).to eq(raw_token)
-      end
-
-      it 'hashes the new token and stores it in the database' do
-        user.regenerate_token
-
-        expect(user.reload.token).to eq(hashed_token)
-      end
-    end
-
-    describe '#authenticate_token' do
-      before do
-        user.regenerate_token
-      end
-
-      context 'when passed a plain text token' do
-        it 'returns true if it matches the stored value' do
-          expect(user.authenticate_token(raw_token)).to eq(true)
-        end
-
-        it 'returns false if it does not match the stored value' do
-          expect(user.authenticate_token('derp derp')).to eq(false)
-        end
-      end
-
-      context 'when passed bad data' do
-        before do
-          allow(BCrypt::Password).to receive(:new).and_raise(BCrypt::Error)
-        end
-
-        it 'returns false' do
-          expect(user.authenticate_token(bad: 'data')).to eq(false)
-        end
-      end
-    end
-
-    describe '#token=' do
-      context 'when passed a value' do
-        it 'hashes it and stores the hashed value in the model instance' do
-          user.token = raw_token
-
-          expect(user.token).to eq(hashed_token)
-          expect(User.find(user.id).token).to be_nil
-        end
-
-        it 'returns the original value' do
-          expect(user.token = raw_token).to eq(raw_token)
-        end
-      end
-    end
-  end
-
-  describe 'class methods' do
-    describe '.generate_token' do
-      let(:random_token) { 'abc123' }
-
-      context 'with no arguments' do
-        it 'returns a token 24 chars in length' do
-          expect(User.generate_token.size).to eq(24)
-        end
-      end
-
-      context 'when passing a length' do
-        it 'validates the length is coercable to an integer' do
-          expect { User.generate_token(12) }.not_to raise_error
-          expect { User.generate_token(false) }.to raise_error(ArgumentError)
-        end
-
-        it 'returns a token of that length' do
-          expect(User.generate_token(20).size).to eq(20)
-        end
-      end
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,37 +0,0 @@
-# frozen_string_literal: true
-
-require 'byebug'
-require 'database_cleaner'
-require 'has_protected_token'
-require_relative './support/model'
-
-RSpec.configure do |config|
-  config.shared_context_metadata_behavior = :apply_to_host_groups
-
-  config.expect_with :rspec do |expectations|
-    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
-  end
-
-  config.mock_with :rspec do |mocks|
-    mocks.verify_partial_doubles = true
-  end
-
-  config.before :suite do
-    ActiveRecord::Base.establish_connection(
-      adapter: 'sqlite3',
-      database: ':memory:'
-    )
-    ActiveRecord::Migration.suppress_messages do
-      load 'support/schema.rb'
-    end
-  end
-
-  config.before :each do
-    DatabaseCleaner.strategy = :transaction
-    DatabaseCleaner.start
-  end
-
-  config.after :each do
-    DatabaseCleaner.clean
-  end
-end

data/spec/support/model.rb

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-class Model < ActiveRecord::Base; end
-
-class User < Model
-  has_protected_token
-end
-
-class SpecialUser < Model
-  has_protected_token column_name: :shared_secret
-end
-
-class LowCostUser < Model
-  has_protected_token cost: 4
-end

data/spec/support/schema.rb

@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-ActiveRecord::Schema.define(version: 1) do
-  create_table :models do |t|
-    t.string :shared_secret
-    t.string :token
-  end
-end