heedley-merb-auth-with-account 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/heedley-merb-auth-with-account.gemspec +10 -2
- data/lib/heedley-merb-auth-with-account/mixins/salted_user.rb +79 -0
- data/lib/heedley-merb-auth-with-account/mixins/salted_user/ar_salted_user.rb +25 -0
- data/lib/heedley-merb-auth-with-account/mixins/salted_user/dm_salted_user_with_account.rb +41 -0
- data/lib/heedley-merb-auth-with-account/mixins/salted_user/relaxdb_salted_user.rb +34 -0
- data/lib/heedley-merb-auth-with-account/mixins/salted_user/sq_salted_user.rb +35 -0
- data/lib/heedley-merb-auth-with-account/strategies/abstract_password.rb +31 -0
- data/lib/heedley-merb-auth-with-account/strategies/password_form_with_account.rb +17 -1
- metadata +10 -2
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = %q{merb-auth-with-account}
|
3
|
-
s.version = "0.0.
|
4
|
-
s.date = %q{
|
3
|
+
s.version = "0.0.2"
|
4
|
+
s.date = %q{2009-01-09}
|
5
5
|
s.summary = %q{strategy to authenticate users on per account basis}
|
6
6
|
s.email = "hedley.robertson@gmail.com"
|
7
7
|
s.homepage = %q{http://github.com/heedley/merb-pagination/tree/master}
|
@@ -11,7 +11,15 @@ Gem::Specification.new do |s|
|
|
11
11
|
s.authors = ["Hedley Robertson"]
|
12
12
|
s.files = ["heedley-merb-auth-with-account.gemspec",
|
13
13
|
"lib/heedley-merb-auth-with-account.rb",
|
14
|
+
"lib/heedley-merb-auth-with-account/strategies/abstract_password.rb",
|
14
15
|
"lib/heedley-merb-auth-with-account/strategies/password_form_with_account.rb",
|
16
|
+
"lib/heedley-merb-auth-with-account/mixins",
|
17
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user",
|
18
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user.rb",
|
19
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user/ar_salted_user.rb",
|
20
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user/dm_salted_user_with_account.rb",
|
21
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user/relaxdb_salted_user.rb",
|
22
|
+
"lib/heedley-merb-auth-with-account/mixins/salted_user/sq_salted_user.rb",
|
15
23
|
"README.txt"
|
16
24
|
]
|
17
25
|
s.rdoc_options = ["--main", "README.txt"]
|
@@ -0,0 +1,79 @@
|
|
1
|
+
require "digest/sha1"
|
2
|
+
require File.expand_path(File.dirname(__FILE__) / "..") / "strategies" / "abstract_password"
|
3
|
+
|
4
|
+
class Merb::Authentication
|
5
|
+
module Mixins
|
6
|
+
# This mixin provides basic salted user password encryption.
|
7
|
+
#
|
8
|
+
# Added properties:
|
9
|
+
# :crypted_password, String
|
10
|
+
# :salt, String
|
11
|
+
#
|
12
|
+
# To use it simply require it and include it into your user class.
|
13
|
+
#
|
14
|
+
# class User
|
15
|
+
# include Merb::Authentication::Mixins::SaltedUser
|
16
|
+
#
|
17
|
+
# end
|
18
|
+
#
|
19
|
+
module SaltedUserWithAccount
|
20
|
+
|
21
|
+
def self.included(base)
|
22
|
+
base.class_eval do
|
23
|
+
attr_accessor :password, :password_confirmation
|
24
|
+
|
25
|
+
include Merb::Authentication::Mixins::SaltedUserWithAccount::InstanceMethods
|
26
|
+
extend Merb::Authentication::Mixins::SaltedUserWithAccount::ClassMethods
|
27
|
+
|
28
|
+
path = File.expand_path(File.dirname(__FILE__)) / "salted_user"
|
29
|
+
if defined?(DataMapper) && DataMapper::Resource > self
|
30
|
+
p "require: " + path / "dm_salted_user_with_account"
|
31
|
+
require path / "dm_salted_user_with_account"
|
32
|
+
extend(Merb::Authentication::Mixins::SaltedUserWithAccount::DMClassMethods)
|
33
|
+
elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
|
34
|
+
require path / "ar_salted_user_with_account"
|
35
|
+
extend(Merb::Authentication::Mixins::SaltedUserWithAccount::ARClassMethods)
|
36
|
+
elsif defined?(Sequel) && ancestors.include?(Sequel::Model)
|
37
|
+
require path / "sq_salted_user_with_account"
|
38
|
+
extend(Merb::Authentication::Mixins::SaltedUserWithAccount::SQClassMethods)
|
39
|
+
elsif defined?(RelaxDB) && ancestors.include?(RelaxDB::Document)
|
40
|
+
require path / "relaxdb_salted_user_with_account"
|
41
|
+
extend(Merb::Authentication::Mixins::SaltedUserWithAccount::RDBClassMethods)
|
42
|
+
end
|
43
|
+
|
44
|
+
end # base.class_eval
|
45
|
+
end # self.included
|
46
|
+
|
47
|
+
|
48
|
+
module ClassMethods
|
49
|
+
# Encrypts some data with the salt.
|
50
|
+
def encrypt(password, salt)
|
51
|
+
Digest::SHA1.hexdigest("--#{salt}--#{password}--")
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
module InstanceMethods
|
56
|
+
def authenticated?(password, account)
|
57
|
+
( crypted_password == encrypt(password) ) && ( account == self.account.title )
|
58
|
+
end
|
59
|
+
|
60
|
+
def encrypt(password)
|
61
|
+
self.class.encrypt(password, salt)
|
62
|
+
end
|
63
|
+
|
64
|
+
def password_required?
|
65
|
+
crypted_password.blank? || !password.blank?
|
66
|
+
end
|
67
|
+
|
68
|
+
def encrypt_password
|
69
|
+
return if password.blank?
|
70
|
+
self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{Merb::Authentication::Strategies::Basic::Base.login_param}--") if new_record?
|
71
|
+
self.crypted_password = encrypt(password)
|
72
|
+
end
|
73
|
+
|
74
|
+
end # InstanceMethods
|
75
|
+
|
76
|
+
end # SaltedUser
|
77
|
+
end # Mixins
|
78
|
+
end # Merb::Authentication
|
79
|
+
|
@@ -0,0 +1,25 @@
|
|
1
|
+
class Merb::Authentication
|
2
|
+
module Mixins
|
3
|
+
module SaltedUser
|
4
|
+
module ARClassMethods
|
5
|
+
|
6
|
+
def self.extended(base)
|
7
|
+
base.class_eval do
|
8
|
+
|
9
|
+
validates_presence_of :password, :if => :password_required?
|
10
|
+
validates_presence_of :password_confirmation, :if => :password_required?
|
11
|
+
validates_confirmation_of :password, :if => :password_required?
|
12
|
+
|
13
|
+
before_save :encrypt_password
|
14
|
+
end # base.class_eval
|
15
|
+
|
16
|
+
end # self.extended
|
17
|
+
|
18
|
+
def authenticate(login, password)
|
19
|
+
@u = find(:first, :conditions => ["#{Merb::Authentication::Strategies::Basic::Base.login_param} = ?", login])
|
20
|
+
@u && @u.authenticated?(password) ? @u : nil
|
21
|
+
end
|
22
|
+
end # ARClassMethods
|
23
|
+
end # SaltedUser
|
24
|
+
end # Mixins
|
25
|
+
end # Merb::Authentication
|
@@ -0,0 +1,41 @@
|
|
1
|
+
class Merb::Authentication
|
2
|
+
module Mixins
|
3
|
+
module SaltedUserWithAccount
|
4
|
+
module DMClassMethods
|
5
|
+
def self.extended(base)
|
6
|
+
base.class_eval do
|
7
|
+
|
8
|
+
property :crypted_password, String
|
9
|
+
property :salt, String
|
10
|
+
belongs_to :account
|
11
|
+
validates_present :password, :if => proc{|m| m.password_required?}
|
12
|
+
validates_is_confirmed :password, :if => proc{|m| m.password_required?}
|
13
|
+
|
14
|
+
before :save, :encrypt_password
|
15
|
+
end # base.class_eval
|
16
|
+
|
17
|
+
end # self.extended
|
18
|
+
|
19
|
+
def authenticate(login, password, account_name = nil)
|
20
|
+
if account_name.nil? || account_name.empty?
|
21
|
+
Merb.logger.error "User.authenticate MISSING account_name!"
|
22
|
+
return nil
|
23
|
+
end
|
24
|
+
|
25
|
+
@account = Account.find_by_title(account_name)
|
26
|
+
|
27
|
+
if @account.nil?
|
28
|
+
Merb.logger.error "User.authenticate account NOT FOUND"
|
29
|
+
return nil
|
30
|
+
end
|
31
|
+
|
32
|
+
@u = first(
|
33
|
+
Merb::Authentication::Strategies::Basic::Base.login_param => login,
|
34
|
+
:account_id => @account.id
|
35
|
+
)
|
36
|
+
@u && @u.authenticated?(password, account_name) ? @u : nil
|
37
|
+
end
|
38
|
+
end # DMClassMethods
|
39
|
+
end # SaltedUser
|
40
|
+
end # Mixins
|
41
|
+
end # Merb::Authentication
|
@@ -0,0 +1,34 @@
|
|
1
|
+
class Merb::Authentication
|
2
|
+
module Mixins
|
3
|
+
module SaltedUser
|
4
|
+
module RDBClassMethods
|
5
|
+
|
6
|
+
def self.extended(base)
|
7
|
+
base.class_eval do
|
8
|
+
|
9
|
+
property :crypted_password
|
10
|
+
property :salt
|
11
|
+
|
12
|
+
before_save :password_checks
|
13
|
+
|
14
|
+
def password_checks
|
15
|
+
if password_required?
|
16
|
+
return false unless !password.blank? && password == password_confirmation
|
17
|
+
end
|
18
|
+
encrypt_password
|
19
|
+
true
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def authenticate(login, password)
|
26
|
+
login_param = Merb::Authentication::Strategies::Basic::Base.login_param
|
27
|
+
@u = all.sorted_by(login_param) { |q| q.key(login) }.first
|
28
|
+
@u && @u.authenticated?(password) ? @u : nil
|
29
|
+
end
|
30
|
+
|
31
|
+
end # RDBClassMethods
|
32
|
+
end # SaltedUser
|
33
|
+
end # Mixins
|
34
|
+
end # Merb::Authentication
|
@@ -0,0 +1,35 @@
|
|
1
|
+
class Merb::Authentication
|
2
|
+
module Mixins
|
3
|
+
module SaltedUser
|
4
|
+
module SQClassMethods
|
5
|
+
|
6
|
+
def self.extended(base)
|
7
|
+
base.class_eval do
|
8
|
+
|
9
|
+
validates_presence_of :password, :if => :password_required?
|
10
|
+
validates_presence_of :password_confirmation, :if => :password_required?
|
11
|
+
validates_confirmation_of :password, :if => :password_required?
|
12
|
+
|
13
|
+
before_save :encrypt_password
|
14
|
+
|
15
|
+
include Merb::Authentication::Mixins::SaltedUser::SQInstanceMethods
|
16
|
+
|
17
|
+
end # base.class_eval
|
18
|
+
|
19
|
+
end # self.extended
|
20
|
+
|
21
|
+
def authenticate(login, password)
|
22
|
+
@u = find(Merb::Authentication::Strategies::Basic::Base.login_param => login)
|
23
|
+
@u && @u.authenticated?(password) ? @u : nil
|
24
|
+
end
|
25
|
+
end # SQClassMethods
|
26
|
+
|
27
|
+
module SQInstanceMethods
|
28
|
+
def new_record?
|
29
|
+
new?
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
end # SaltedUser
|
34
|
+
end # Mixins
|
35
|
+
end # Merb::Authentication
|
@@ -0,0 +1,31 @@
|
|
1
|
+
class Merb::Authentication
|
2
|
+
module Strategies
|
3
|
+
# To use the password strategies, it is expected that you will provide
|
4
|
+
# an @authenticate@ method on your user class. This should take two parameters
|
5
|
+
# login, and password. It should return nil or the user object.
|
6
|
+
module Basic
|
7
|
+
|
8
|
+
class Base < Merb::Authentication::Strategy
|
9
|
+
abstract!
|
10
|
+
|
11
|
+
# Overwrite this method to customize the field
|
12
|
+
def self.password_param
|
13
|
+
(Merb::Plugins.config[:"merb-auth"][:password_param] || :password).to_s.to_sym
|
14
|
+
end
|
15
|
+
|
16
|
+
# Overwrite this method to customize the field
|
17
|
+
def self.login_param
|
18
|
+
(Merb::Plugins.config[:"merb-auth"][:login_param] || :login).to_s.to_sym
|
19
|
+
end
|
20
|
+
|
21
|
+
def password_param
|
22
|
+
@password_param ||= Base.password_param
|
23
|
+
end
|
24
|
+
|
25
|
+
def login_param
|
26
|
+
@login_param ||= Base.login_param
|
27
|
+
end
|
28
|
+
end # Base
|
29
|
+
end # Password
|
30
|
+
end # Strategies
|
31
|
+
end # Merb::Authentication
|
@@ -21,14 +21,30 @@ p "REQUIRED password_form_with_account.rb"
|
|
21
21
|
# end
|
22
22
|
# end
|
23
23
|
#end
|
24
|
+
|
24
25
|
module Merb::Authentication::Strategies
|
25
26
|
class FormWithAccount < Merb::Authentication::Strategy
|
27
|
+
|
28
|
+
def redirect!(url, opts = {})
|
29
|
+
self.headers["Location"] = url
|
30
|
+
self.status = opts[:permanent] ? 301 : 302
|
31
|
+
self.status = opts[:status] if opts[:status]
|
32
|
+
if ROOT_DOMAIN
|
33
|
+
url = url.gsub(Regexp.new("\/([a-zA-Z0-9]+)\.#{ROOT_DOMAIN}\/"),'/')
|
34
|
+
end
|
35
|
+
|
36
|
+
self.body = opts[:message] || "<div>You are being redirected to <a href='#{url}'>#{url}</a></div>"
|
37
|
+
halt!
|
38
|
+
return true
|
39
|
+
end
|
40
|
+
|
26
41
|
def run!
|
27
42
|
if params[:account_subdomain]
|
28
|
-
User.authenticate(request.params[:login], request.params[:password], params[:account_subdomain])
|
43
|
+
user = User.authenticate(request.params[:login], request.params[:password], params[:account_subdomain])
|
29
44
|
else
|
30
45
|
raise "missing :account_subdomain route param #{params.inspect}"
|
31
46
|
end
|
47
|
+
user
|
32
48
|
end
|
33
49
|
end
|
34
50
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: heedley-merb-auth-with-account
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Hedley Robertson
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date:
|
12
|
+
date: 2009-01-09 00:00:00 -08:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -32,7 +32,15 @@ extra_rdoc_files:
|
|
32
32
|
files:
|
33
33
|
- heedley-merb-auth-with-account.gemspec
|
34
34
|
- lib/heedley-merb-auth-with-account.rb
|
35
|
+
- lib/heedley-merb-auth-with-account/strategies/abstract_password.rb
|
35
36
|
- lib/heedley-merb-auth-with-account/strategies/password_form_with_account.rb
|
37
|
+
- lib/heedley-merb-auth-with-account/mixins
|
38
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user
|
39
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user.rb
|
40
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user/ar_salted_user.rb
|
41
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user/dm_salted_user_with_account.rb
|
42
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user/relaxdb_salted_user.rb
|
43
|
+
- lib/heedley-merb-auth-with-account/mixins/salted_user/sq_salted_user.rb
|
36
44
|
- README.txt
|
37
45
|
has_rdoc: true
|
38
46
|
homepage: http://github.com/heedley/merb-pagination/tree/master
|