horse_power 0.7.1 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9aab5006e5fcb9c7b28e788336b27061cb73ab20
-  data.tar.gz: a244e720ed53c1e46b05ffd6cbc1d0d01bedff02
+  metadata.gz: fe53c436f835f2a2941759bb55f910c8a0e972da
+  data.tar.gz: 46bd713a02db23ffcb166af1563d7c7358a34028
 SHA512:
-  metadata.gz: a1565138976ab4023ef6dfc0ee0f412caa9d1f0f0144e6ac00992f39b66733992f6787cf4409d5a9a0ad470ba038dd26af5b7422199dce3314977f8fee541330
-  data.tar.gz: c58e5a9e17be91aef17117076c08f2a504d052f5b974010aa7542e0656ceaccc114ae5257ca282e26d662864e04a31921f434f8af34db727b992a63a67630061
+  metadata.gz: f72d25da489952278ab4a4ecf97b887db5550363b90ebf7ee7f834d274262404c0bb1b9100b9b772d13a4ad1fe34f84799584f526a837c9178de29139384ffa4
+  data.tar.gz: 5960b0dcd977417456018c94c15246446bfad8c72ae95143a32b2126564cd991d5197086f58877e19044b6350052a200a39ca03972847b4e719b43f92f1fe411

data/lib/generators/horse_power/app_environment/app_environment_generator.rb

@@ -20,10 +20,9 @@ module HorsePower
 	  	end
 
 	  	def createSettings
-	  		copy_file "identity_cache.rb", "config/initializers/identity_cache.rb"
 	  		run "rails g rails_config:install"
 				prepend_to_file 'config/settings.yml' do
-"token_header: \"Auth-Token\"\nmain_api_header: \"Main-Api-Header\"\n"
+"token_header: \"Auth-Token\"\nmain_api_header: \"Main-Api-Header\"\nexpire_time: 20000\n"
 				end
 				createEnvSettings
 	  	end
@@ -54,7 +53,7 @@ module HorsePower
         resource '*',
           :headers => :any,
           :methods => [:get, :post, :put, :delete, :options],
-          :expose => ['Logged-In-Status','Auth-Token','Main-Api-Header']      
+          :expose => ['Logged-In-Status','Auth-Token','Main-Api-Header','Authorization']      
       end
     end
 
@@ -67,8 +66,7 @@ module HorsePower
 	  		gsub_file "config/environments/development.rb", "config.action_mailer.raise_delivery_errors = false\n", "#config.action_mailer.raise_delivery_errors = false\n"
 				inject_into_file 'config/environments/development.rb', after: "configure do\n" do <<-'RUBY'
 
-  config.cache_store = :memory_store
-  config.identity_cache_store = :memory_store, { size: 64.megabytes }
+  	config.cache_store = :memory_store
 	config.action_mailer.perform_deliveries = false
 	config.action_mailer.raise_delivery_errors = false
 	config.action_mailer.default_options = {from: ENV['GMAIL_USERNAME']}
@@ -94,8 +92,7 @@ module HorsePower
 	  		gsub_file "config/environments/test.rb", "config.action_mailer.delivery_method = :test\n", "#config.action_mailer.delivery_method = :test\n"
 				inject_into_file 'config/environments/test.rb', after: "configure do\n" do <<-'RUBY'
 
-  config.cache_store = :null_store
-  config.identity_cache_store = :null_store
+  	config.cache_store = :null_store
 	#config.action_mailer.perform_deliveries = false
 	config.action_mailer.raise_delivery_errors = true
 	config.action_mailer.default_options = {from: 'testing123@example.com'}	
@@ -121,10 +118,7 @@ module HorsePower
 	  		::Settings.reload!
 				inject_into_file 'config/environments/production.rb', after: "configure do\n" do <<-'RUBY'
 
-  config.cache_store = :null_store
-	#identity_cache
-  #config.identity_cache_store = :mem_cache_store, Memcached::Rails.new(:servers => ["mem1.server.com"])
-	config.identity_cache_store = :null_store
+  	config.cache_store = :null_store
 	config.force_ssl = true
 	config.action_mailer.perform_deliveries = true
 	config.action_mailer.raise_delivery_errors = true

data/lib/generators/horse_power/setup/setup_generator.rb

@@ -144,11 +144,11 @@ module HorsePower
       gem 'bcrypt', '~> 3.1.7'
       gem 'type_cartographer'
       gem 'devise', "~> 3.2.4" 
-      gem 'arcadex', '>= 1.3.1'
+      gem 'arcadex', '~> 1.2.3'
       gem 'autoprefixer-rails'
       gem 'bootstrap-sass', '~> 3.2.0'
       gem 'activeadmin', :git => 'https://github.com/activeadmin/activeadmin.git', :branch => "master"
-      gem 'defcon'
+      gem 'defcon', '~> 1.2.7'
       #gem 'authorization', :path => "gems/authorization"
       gem 'whenever', :require => false
       gem 'rack-cors', :require => 'rack/cors'
@@ -161,8 +161,9 @@ module HorsePower
       end
       gem 'rack-timeout'
       gem 'puma'
-      gem 'identity_cache'
-      gem 'cityhash'        # optional, for faster hashing (C-Ruby only)
+      gem 'jwt'
+      #gem 'identity_cache'
+      #gem 'cityhash'        # optional, for faster hashing (C-Ruby only)
       #gem 'websocket-rails'
     end
 

data/lib/generators/horse_power/setup/templates/application_controller.rb

@@ -1,6 +1,8 @@
+require 'tokenhash'
+
 class Api::V1::ApplicationController < ::ActionController::API
 
-  before_action :authenticate_app
+  #before_action :authenticate_app
   before_action :authenticate_user
 
   private
@@ -23,7 +25,7 @@ class Api::V1::ApplicationController < ::ActionController::API
     end
 
     def set_hash
-      @instance_hash = ::Arcadex::Authentication.get_instance_no_update(params,request,::Settings.token_header)
+      @instance_hash = ::TokenHash.decode(params,request)
     end
 
     def current_user
@@ -36,6 +38,9 @@ class Api::V1::ApplicationController < ::ActionController::API
 
     def current_token
       if !@instance_hash.nil?
+        if @instance_hash["current_token"].nil?
+          @instance_hash["current_token"] = ::Arcadex::Find.find_token_by_auth_token(@instance_hash["auth_token"])
+        end
         return @instance_hash["current_token"]
       else
         return nil

data/lib/generators/horse_power/user/templates/controller.rb.erb

@@ -1,5 +1,6 @@
 require_dependency "api/v1/application_controller"
 require 'authorization/v1/user'
+require 'tokenhash'
 
 class Api::V1::UsersController < Api::V1::ApplicationController
 
@@ -99,9 +100,9 @@ class Api::V1::UsersController < Api::V1::ApplicationController
     end
 
     def successful_login(user,token)
-      ::Arcadex::Create.set_token(token,20000,request,nil)
+      ::Arcadex::Create.set_token(token,::Settings.expire_time,request,nil)
       userHash = {id: user.id, username: user.username, email: user.email}
-      tokenHash = {auth_token: token.auth_token}
+      tokenHash = {auth_token: ::TokenHash.encode(token.auth_token,user.id)}
       render :json => {user: userHash,token: tokenHash}
     end
 

data/lib/generators/horse_power/user/templates/model.rb.erb

@@ -1,15 +1,15 @@
 require 'type_cartographer'
 require 'facebook'
+require 'tokenhash'
 
 class User < ActiveRecord::Base
-  include IdentityCache
   
   before_save { self.email = email.downcase }
   before_save { self.username = username.downcase }
   before_validation :sanitize_attributes
   after_create :setup_user
 
-	has_secure_password
+  has_secure_password
 
   has_many :tokens, :as => :imageable, :class_name => "::Arcadex::Token", dependent: :destroy
 
@@ -23,7 +23,7 @@ class User < ActiveRecord::Base
   end
 
   def setup_user
-  	create_token
+    create_token
     return true
   end
 
@@ -74,9 +74,9 @@ class User < ActiveRecord::Base
       #Log in a user
       @api_token = @user.tokens.create
     end
-    ::Arcadex::Create.set_token(@api_token,20000,request,nil)
+    ::Arcadex::Create.set_token(@api_token,::Settings.expire_time,request,nil)
     userHash = {id: @user.id, username: @user.username, fb_user_id: @user.fb_user_id}
-    objHash = {user: userHash, api_token: @api_token.auth_token, fb_token: long_token}
+    objHash = {user: userHash, api_token: ::TokenHash.encode(@api_token.auth_token,@user.id), fb_token: long_token}
     return objHash
   end
 

data/lib/generators/horse_power/user/templates/specs/requests.rb.erb

@@ -149,7 +149,8 @@ RSpec.describe User, :type => :request do
       #A valid token needs to be returned
       expect(json["token"]["auth_token"]).to_not eq(nil)
       token = User.find(1).tokens[0]
-      expect(json["token"]["auth_token"]).to eq(token.auth_token)
+      jwt = ::JWT.decode(json["token"]["auth_token"],::Rails.application.secrets.secret_key_base)[0]
+      expect(jwt["auth_token"]).to eq(token.auth_token)
     end
     # post /api/1/users/register
     it "checks response of a register request with mismatched passwords" do
@@ -183,7 +184,8 @@ RSpec.describe User, :type => :request do
       expect(json["token"]["auth_token"]).to_not eq(old_auth_token)
       #This token should be the newest token in the database
       new_auth_token = User.find(1).tokens.order("created_at").last.auth_token
-      expect(json["token"]["auth_token"]).to eq(new_auth_token)
+      jwt = ::JWT.decode(json["token"]["auth_token"],::Rails.application.secrets.secret_key_base)[0]
+      expect(jwt["auth_token"]).to eq(new_auth_token)
     end
     # post /api/1/users/login
     it "checks response of an invalid login request with an invalid password" do

data/lib/generators/horse_power/user/templates/tokenhash.rb

@@ -0,0 +1,40 @@
+class TokenHash
+
+=begin
+	Ideally, the expiration for the jwt token would be less than the db token,
+and we would return a new jwt token to the user if the current jwt token expired
+but the db token was not yet expired.
+=end
+
+	def self.encode(auth_token_hash,user_id)
+		obj = {}
+		obj["auth_token"] = auth_token_hash
+		obj["user_id"] = user_id
+		obj["exp"] = ::Time.now.to_i() + ::Settings.expire_time
+		return ::JWT.encode(obj,::Rails.application.secrets.secret_key_base)
+	end
+
+	def self.decode(params,request)
+		instance_hash = nil
+		auth_token_obj = ::Arcadex::Header.grab_param_header(params,request,::Settings.token_header,false)
+		begin
+			# Try JWT token
+			jwt = ::JWT.decode(auth_token_obj,::Rails.application.secrets.secret_key_base)
+			token = jwt[0]
+			user = ::User.find_by(id: token["user_id"])
+			instance_hash = {}
+			instance_hash["current_owner"] = user
+			instance_hash["current_token"] = nil
+			instance_hash["auth_token"] = token["auth_token"]
+			return instance_hash
+		rescue ::JWT::DecodeError, ::JWT::ExpiredSignature
+			# Try Arcadex token
+			instance_hash = ::Arcadex::Authentication.get_instance(params,request,::Settings.token_header)
+			if !instance_hash.nil?
+				instance_hash["auth_token"] = nil
+			end
+			return instance_hash
+		end
+	end
+
+end

data/lib/generators/horse_power/user/user_generator.rb

@@ -11,14 +11,15 @@ module HorsePower
 	  	create_admin
 	  	create_tests
 	  	create_routes
-	  	create_facebook
+	  	create_lib
 	  end
 
 	  private
 
-	  def create_facebook
+	  def create_lib
 	  	#run "mkdir app/facebook"
 	  	template "facebook.rb", "lib/facebook.rb"
+	  	template "tokenhash.rb", "lib/tokenhash.rb"
 	  end
 
 	  def create_migration

data/lib/horse_power/version.rb

@@ -1,3 +1,3 @@
 module HorsePower
-  VERSION = "0.7.1"
+  VERSION = "0.8.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: horse_power
 version: !ruby/object:Gem::Version
-  version: 0.7.1
+  version: 0.8.0
 platform: ruby
 authors:
 - Cleophus Robinson IV
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-27 00:00:00.000000000 Z
+date: 2015-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -58,7 +58,6 @@ files:
 - config/routes.rb
 - lib/generators/horse_power/app_environment/USAGE
 - lib/generators/horse_power/app_environment/app_environment_generator.rb
-- lib/generators/horse_power/app_environment/templates/identity_cache.rb
 - lib/generators/horse_power/app_environment/templates/procfile.rb
 - lib/generators/horse_power/app_environment/templates/puma.rb
 - lib/generators/horse_power/app_environment/templates/timeout.rb
@@ -109,6 +108,7 @@ files:
 - lib/generators/horse_power/user/templates/specs/model.rb.erb
 - lib/generators/horse_power/user/templates/specs/requests.rb.erb
 - lib/generators/horse_power/user/templates/specs/routing.rb.erb
+- lib/generators/horse_power/user/templates/tokenhash.rb
 - lib/generators/horse_power/user/user_generator.rb
 - lib/horse_power.rb
 - lib/horse_power/engine.rb

data/lib/generators/horse_power/app_environment/templates/identity_cache.rb

@@ -1 +0,0 @@
-IdentityCache.cache_backend = ActiveSupport::Cache.lookup_store(*Rails.configuration.identity_cache_store)