isomorfeus-transport 1.0.0.epsilon1 → 1.0.0.epsilon2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f9e7890d7ca628a4614a6a4e3de0ad0467717bbe0b02a066a6fee492599e388d
-  data.tar.gz: a85016972c084ebb08b007a7e5bae647d07f79b64032f0045090439897c05683
+  metadata.gz: 156d5a0bbc947739e0d57f23ed7aa1386280d344c9dabdc36fa8b1b8ed0542b7
+  data.tar.gz: ba4ebf50a3db87d9d1b7642673dabd3f9b8d0f708a591ee0e8724d003f7b3c82
 SHA512:
-  metadata.gz: 2d7fe714d72e1d97627f450eab8e04fc06488eefc765682fb07bf31883676d07935a701b8cf7529597762fb12aa8b45c167c48bd41cf34b55058c6bdd78a2153
-  data.tar.gz: a4c79056f41aaa4c07bd3b8b5244f0b1eaf21be0e7120ad06cd7e13251a8501e37f18c8920763fa0fa15e65aebbc4bbd4c9d49ed541d21b69d79187d85c5a104
+  metadata.gz: ffbac3af6f7d712b92bc87aac4d7d098d846e7d4bfc822f4a35eaedd1ec3beb561866a496d3d76497e5653aa3cf4b5671b7e1a382e29d46cf17be49018b9b164
+  data.tar.gz: ba2d8722c629bd7a4738b3be7a980e13aa8cf45dcdb1df5fb02cee653cded9778d690913c00f296207e07e644e0db2ae03081c5d8ece1d7ad5f6800fdf6471a6

data/README.md

@@ -30,6 +30,47 @@ Client and Server:
 Server only:
 - Isomorfeus.middlewares - all the rack middlewares to load
 
+## Authentication
+
+For authentication in isomorfeus there is a class `Anonymous`, so whenever no user is logged in, the anonymous user is passed on to operations or data loads. In my opinion it is more true than no user (nil), because in fact there probably is a user, just the user is unknown. The Anonymous user has a default policy that denies everything, the user will respond to .authorized?(whatever) always with false by default.
+Of  course, the developer can add a Policy easily, to allow certain operations or data loads, or whatever or everything:
+```ruby
+class MyAnonymousPolicy < LucidPolicy::Base
+ policy_for Anonymous
+ allow all
+end
+```
+
+A class representing a user should be a LucidNode and include LucidAuthentication::Mixin:
+```ruby
+class User < LucidNode::Base
+  include LucidAuthentication::Mixin
+  authentication do |user_identifier, user_password_or token|
+    # should return either a User instance or a Promise which reselves to a User instance
+  end
+end
+```
+With that its possible to do on the client (or server):
+```ruby
+User.promise_login(user_identifier, user_password_or_token).then do |user|
+   # do something with user
+end
+```
+or later on:
+```ruby
+user.promise_logout
+```
+The authentication in isomorfeus is prepared for external or alternate authentication schemes, example:
+```ruby
+User.promise_login(user_identifier, token, :facebook).then do |user|
+   # do something with user
+end
+```
+will call:
+```ruby
+User.promise_authentication_with_facebook(user_identifier, token)
+```
+which would have to be implemented.
 
 ## LucidChannel
 
@@ -57,7 +98,7 @@ class MyChannel < LucidChannel::Base
 end
 ```
 
-### Sending mesages
+### Sending messages
 ```ruby
 MyChannel.send_message('uiuiui')
 ```

data/lib/isomorfeus/transport/config.rb

@@ -2,19 +2,18 @@ module Isomorfeus
   # available settings
 
   if RUBY_ENGINE == 'opal'
+    add_client_option(:api_websocket_path)
+    add_client_option(:transport_init_class_names, [])
+
     def self.add_transport_init_class_name(init_class_name)
       transport_init_class_names << init_class_name
     end
-
-    add_client_option(:api_websocket_path)
-    add_client_option(:transport_init_class_names, [])
   else
     class << self
       attr_accessor :api_websocket_path
-      attr_accessor :middlewares
 
       def add_middleware(middleware)
-        Isomorfeus.middlewares << middleware unless Isomorfeus.middlewares.include?(middleware)
+        Isomorfeus.middlewares << middleware
       end
 
       def insert_middleware_after(existing_middleware, new_middleware)
@@ -39,6 +38,19 @@ module Isomorfeus
         end
       end
 
+      def middlewares
+        @middlewares ||= Set.new
+      end
+
+      def cached_channel_classes
+        @cached_channel_classes ||= {}
+      end
+
+      def cached_channel_class(class_name)
+        return cached_channel_classes[class_name] if cached_channel_classes.key?(class_name)
+        cached_channel_classes[class_name] = "::#{class_name}".constantize
+      end
+
       def valid_channel_class_names
         @valid_channel_class_names ||= Set.new
       end
@@ -75,8 +87,15 @@ module Isomorfeus
         return cached_handler_classes[class_name] if cached_handler_classes.key?(class_name)
         cached_handler_classes[class_name] = "::#{class_name}".constantize
       end
+
+      def valid_user_classes
+        @valid_user_classes ||= Set.new
+      end
+
+      def add_valid_user_class(user_class)
+        valid_user_classes << user_class
+      end
     end
-    self.middlewares = Set.new
   end
 
   # defaults

data/lib/isomorfeus/transport/handler/authentication_handler.rb

@@ -0,0 +1,58 @@
+module Isomorfeus
+  module Transport
+    module Handler
+      class AuthenticationHandler < LucidHandler::Base
+        TIMEOUT = 30
+
+        on_request do |pub_sub_client, current_user, request, _response|
+          result = { error: 'Authentication failed' }
+          # promise_send_path('Isomorfeus::Transport::Handler::AuthenticationHandler', 'login', user_identifier, user_password)
+          request.each_key do |login_or_logout|
+            if login_or_logout == 'login'
+              tries = pub_sub_client.instance_variable_get(:@isomorfeus_authentication_tries)
+              tries = 0 unless tries
+              tries += 1
+              sleep(5) if tries > 3
+              pub_sub_client.instance_variable_set(:@isomorfeus_authentication_tries, tries)
+              request['login'].each_key do |user_identifier|
+                user = nil
+                Isomorfeus.valid_user_classes.each do |user_class|
+                  promise = user_class.promise_login(user_identifier, request['login'][user_identifier])
+                  unless promise.realized?
+                    start = Time.now
+                    until promise.realized?
+                      break if (Time.now - start) > TIMEOUT
+                      sleep 0.01
+                    end
+                  end
+                  user = promise.value
+                  break if user
+                end
+                if user
+                  pub_sub_client.instance_variable_set(:@isomorfeus_user, user)
+                  pub_sub_client.instance_variable_set(:@isomorfeus_authentication_tries, nil)
+                  result = { success: 'ok', data: user.to_transport }
+                end
+              end
+            elsif login_or_logout == 'logout'
+              begin
+                promise = current_user.promise_logout
+                unless promise.realized?
+                  start = Time.now
+                  until promise.realized?
+                    break if (Time.now - start) > TIMEOUT
+                    sleep 0.01
+                  end
+                end
+              ensure
+                pub_sub_client.instance_variable_set(:@isomorfeus_user, nil)
+                result = { success: 'ok' }
+              end
+            end
+          end
+          result
+        end
+      end
+    end
+  end
+end

data/lib/isomorfeus/transport/rack_middleware.rb

@@ -3,8 +3,6 @@
 module Isomorfeus
   module Transport
     class RackMiddleware
-      include Isomorfeus::Transport::ServerProcessor
-
       WS_RESPONSE = [0, {}, []]
 
       def initialize(app)
@@ -13,9 +11,8 @@ module Isomorfeus
 
       def call(env)
         if env['PATH_INFO'] == Isomorfeus.api_websocket_path
-          user = defined?(Warden::Manager) ? env['warden'].user : nil
           if env['rack.upgrade?'] == :websocket
-            env['rack.upgrade'] = Isomorfeus::Transport::ServerSocketProcessor.new(env['rack.session'], user)
+            env['rack.upgrade'] = Isomorfeus::Transport::ServerSocketProcessor.new
           end
           WS_RESPONSE
         else

data/lib/isomorfeus/transport/server_processor.rb

@@ -3,7 +3,7 @@
 module Isomorfeus
   module Transport
     module ServerProcessor
-      def process_request(client, session_id, current_user, request)
+      def process_request(client, current_user, request)
         Thread.current[:isomorfeus_pub_sub_client] = client
 
         response = { response: { agent_ids: {}} }
@@ -14,7 +14,7 @@ module Isomorfeus
               begin
                 handler = Isomorfeus.cached_handler_class(handler_class_name) if Isomorfeus.valid_handler_class_name?(handler_class_name)
                 if handler
-                  result = handler.new.process_request(client, session_id, current_user, request['request']['agent_ids'][agent_id][handler_class_name], response)
+                  result = handler.new.process_request(client, current_user, request['request']['agent_ids'][agent_id][handler_class_name], response)
                   response[:response][:agent_ids][agent_id] = result
                 else
                   response[:response][:agent_ids][agent_id] = { error: { handler_class_name => 'No such handler!'}}
@@ -29,12 +29,21 @@ module Isomorfeus
             channel = request['notification']['channel']
             class_name =  request['notification']['class']
             if Isomorfeus.valid_channel_class_name?(class_name) && channel
-              client.publish(request['notification']['channel'], Oj.dump({ 'notification' => request['notification'] }, mode: :strict))
+              channel_class = Isomorfeus.cached_channel_class(class_name)
+              if channel_class && current_user.authorized?(channel_class, :send_message, channel)
+                client.publish(request['notification']['channel'], Oj.dump({ 'notification' => request['notification'] }, mode: :strict))
+              else
+                response[:response] = { error: 'Not authorized!' }
+              end
             else
-              response[:response] = 'No such thing!'
+              response[:response] = { error: 'No such thing!' }
             end
-          rescue
-            response[:response] = 'No such thing!'
+          rescue Exception => e
+            response[:response] = if Isomorfeus.production?
+                                    { error: 'No such thing!' }
+                                  else
+                                    { error: "Isomorfeus::Transport::ServerProcessor: #{e.message}" }
+                                  end
           end
         elsif request.key?('subscribe') && request['subscribe'].key?('agent_ids')
           begin
@@ -42,13 +51,22 @@ module Isomorfeus
             channel = request['subscribe']['agent_ids'][agent_id]['channel']
             class_name = request['subscribe']['agent_ids'][agent_id]['class']
             if Isomorfeus.valid_channel_class_name?(class_name) && channel
-              client.subscribe(channel)
-              response[:response][:agent_ids][agent_id] = { success: channel }
+              channel_class = Isomorfeus.cached_channel_class(class_name)
+              if channel_class && current_user.authorized?(channel_class, :subscribe, channel)
+                client.subscribe(channel)
+                response[:response][:agent_ids][agent_id] = { success: channel }
+              else
+                response[:response][:agent_ids][agent_id] = { error: "Not authorized!"}
+              end
             else
               response[:response][:agent_ids][agent_id] = { error: "No such thing!"}
             end
-          rescue
-            response[:response][:agent_ids][agent_id] = { error: { key => 'No such handler!'}}
+          rescue Exception => e
+            response[:response][:agent_ids][agent_id] = if Isomorfeus.production?
+                                                          { error: 'No such thing!' }
+                                                        else
+                                                          { error: "Isomorfeus::Transport::ServerProcessor: #{e.message}" }
+                                                        end
           end
         elsif request.key?('unsubscribe') && request['unsubscribe'].key?('agent_ids')
           begin
@@ -56,13 +74,22 @@ module Isomorfeus
             channel = request['unsubscribe']['agent_ids'][agent_id]['channel']
             class_name = request['unsubscribe']['agent_ids'][agent_id]['class']
             if Isomorfeus.valid_channel_class_name?(class_name) && channel
-              client.unsubscribe(channel)
-              response[:response][:agent_ids][agent_id] = { success: channel }
+              channel_class = Isomorfeus.cached_channel_class(class_name)
+              if channel_class && current_user.authorized?(channel_class, :unsubscribe, channel)
+                client.unsubscribe(channel)
+                response[:response][:agent_ids][agent_id] = { success: channel }
+              else
+                response[:response][:agent_ids][agent_id] = { error: "Not authorized!"}
+              end
             else
               response[:response][:agent_ids][agent_id] = { error: 'No such thing!'}
             end
-          rescue
-            response[:response][:agent_ids][agent_id] = { error: { key => 'No such handler!'}}
+          rescue Exception => e
+            response[:response][:agent_ids][agent_id] = if Isomorfeus.production?
+                                                          { error: 'No such thing!' }
+                                                        else
+                                                          { error: "Isomorfeus::Transport::ServerProcessor: #{e.message}" }
+                                                        end
           end
         else
           response[:response] = { error: 'No such thing!'}

data/lib/isomorfeus/transport/server_socket_processor.rb

@@ -3,14 +3,9 @@ module Isomorfeus
     class ServerSocketProcessor
       include Isomorfeus::Transport::ServerProcessor
 
-      def initialize(session_id, user)
-        @session_id = session_id
-        @user = user
-      end
-
       def on_message(client, data)
         request_hash = Oj.load(data, mode: :strict)
-        result = process_request(client, @session_id, @user, request_hash)
+        result = process_request(client, user(client), request_hash)
         client.write Oj.dump(result, mode: :strict)
       end
 
@@ -25,6 +20,10 @@ module Isomorfeus
       def on_shutdown(client)
         # nothing for now
       end
+
+      def user(client)
+        client.instance_variable_get(:@isomorfeus_user) || Anonymous.new
+      end
     end
   end
 end

data/lib/isomorfeus/transport/version.rb

@@ -1,5 +1,5 @@
 module Isomorfeus
   module Transport
-    VERSION = '1.0.0.epsilon1'
+    VERSION = '1.0.0.epsilon2'
   end
 end

data/lib/isomorfeus/transport/websocket.rb

@@ -41,6 +41,10 @@ module Isomorfeus
           @native_websocket.JS[:onopen] = `function(event) { block.$call(event); }`
         end
 
+        def protocol
+          @native_websocket.JS[:protocol]
+        end
+
         def send(data)
           case ready_state
           when OPEN then @native_websocket.JS.send(data)

data/lib/isomorfeus/transport.rb

@@ -32,7 +32,7 @@ module Isomorfeus
           @socket.on_error do
             @socket.close
             delay do
-              Isomorfeus::Transport.connect
+              Isomorfeus::Transport.promise_connect
             end
           end
           @socket.on_message do |event|

data/lib/isomorfeus-transport.rb

@@ -2,6 +2,8 @@ require 'opal'
 require 'opal-autoloader'
 require 'opal-activesupport'
 require 'isomorfeus-react'
+require 'isomorfeus-policy'
+require 'lucid_authentication/mixin'
 if RUBY_ENGINE == 'opal'
   require 'json'
   require 'isomorfeus/config'
@@ -33,6 +35,7 @@ else
   require 'isomorfeus/transport/server_processor'
   require 'isomorfeus/transport/server_socket_processor'
   require 'isomorfeus/transport/websocket'
+
   require 'isomorfeus/transport/rack_middleware'
   require 'isomorfeus/transport/middlewares'
 
@@ -44,21 +47,21 @@ else
   require 'lucid_channel/mixin'
   require 'lucid_channel/base'
 
+  require 'isomorfeus/transport/handler/authentication_handler'
+
   Opal.append_path(__dir__.untaint) unless Opal.paths.include?(__dir__.untaint)
 
   require 'active_support'
   require 'active_support/dependencies'
 
   %w[channels handlers].each do |dir|
-    path = if Dir.exist?(File.join('app', 'isomorfeus'))
-             File.expand_path(File.join('app', 'isomorfeus', dir))
-           elsif Dir.exist?(File.join('isomorfeus'))
-             File.expand_path(File.join('isomorfeus', dir))
-           end
-    ActiveSupport::Dependencies.autoload_paths << path if path
-    # we also need to require them all, so classes are registered accordingly
-    Dir.glob("#{path}/**/*.rb").each do |file|
-      require file
+    path = Dir.exist?(File.join('isomorfeus')) ? File.expand_path(File.join('isomorfeus', dir)) : nil
+    if path
+      ActiveSupport::Dependencies.autoload_paths << path
+      # we also need to require them all, so classes are registered accordingly
+      Dir.glob("#{path}/**/*.rb").each do |file|
+        require file
+      end
     end
   end
 end

data/lib/lucid_authentication/mixin.rb

@@ -0,0 +1,76 @@
+module LucidAuthentication
+  module Mixin
+    if RUBY_ENGINE == 'opal'
+      def self.included(base)
+
+        base.instance_exec do
+          def authentication(&block)
+          end
+
+          def promise_login(user_identifier, user_password, scheme = :isomorfeus)
+              send("promise_authentication_with_#{scheme}", user_identifier, user_password)
+          end
+
+          def promise_authentication_with_isomorfeus(user_identifier, user_password)
+            if Isomorfeus.production?
+              raise "Connection not secure, can't login" unless Isomorfeus::Transport.socket.url.start_with?('wss:')
+            else
+              `console.warn("Connection not secure, ensure a secure connection in production, otherwise login will fail!")` unless Isomorfeus::Transport.socket.url.start_with?('wss:')
+            end
+            Isomorfeus::Transport.promise_send_path('Isomorfeus::Transport::Handler::AuthenticationHandler', 'login', user_identifier, user_password).then do |response|
+              if response[:agent_response].key?(:success)
+                Isomorfeus.store.dispatch(type: 'DATA_LOAD', data: response[:agent_response][:data])
+                class_name = response[:agent_response][:data][:nodes].keys.first
+                node_id = response[:agent_response][:data][:nodes][class_name].keys.first
+                Isomorfeus.cached_node_class(class_name).new({id: node_id})
+              else
+                raise 'Login failed!' # calls .fail
+              end
+            end
+          end
+        end
+      end
+
+      def promise_logout(scheme = :isomorfeus)
+        send("promise_deauthentication_with_#{scheme}")
+      end
+
+      def promise_deauthentication_with_isomorfeus
+        Isomorfeus::Transport.promise_send_path('Isomorfeus::Transport::Handler::AuthenticationHandler', 'logout', 'logout').then do |response|
+          response[:agent_response].key?(:success) ? true : raise('Logout failed!')
+        end
+      end
+    else
+      def self.included(base)
+        Isomorfeus.add_valid_user_class(base)
+
+        base.instance_exec do
+          def authentication(&block)
+            @authentication_block = block
+          end
+
+          def promise_login(user_identifier, user_password_or_token, scheme = :isomorfeus)
+            send("promise_authentication_with_#{scheme}", user_identifier, user_password_or_token)
+          end
+
+          def promise_authentication_with_isomorfeus(user_identifier, user_password_or_token)
+            promise_or_user = @authentication_block.call(user_identifier, user_password_or_token)
+            if promise_or_user.class == Promise
+              promise_or_user
+            else
+              Promise.new.resolve(promise_or_user)
+            end
+          end
+        end
+      end
+
+      def promise_logout(scheme = :isomorfeus)
+        send("promise_deauthentication_with_#{scheme}")
+      end
+
+      def promise_deauthentication_with_isomorfeus
+        Promise.new.resolve(true)
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: isomorfeus-transport
 version: !ruby/object:Gem::Version
-  version: 1.0.0.epsilon1
+  version: 1.0.0.epsilon2
 platform: ruby
 authors:
 - Jan Biedermann
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-16 00:00:00.000000000 Z
+date: 2019-08-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -86,14 +86,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 16.9.2
+        version: 16.9.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 16.9.2
+        version: 16.9.4
+- !ruby/object:Gem::Dependency
+  name: isomorfeus-policy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.epsilon2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.epsilon2
 - !ruby/object:Gem::Dependency
   name: websocket-driver
   requirement: !ruby/object:Gem::Requirement
@@ -108,6 +122,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.7.0
+- !ruby/object:Gem::Dependency
+  name: isomorfeus-installer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.epsilon2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.0.epsilon2
+- !ruby/object:Gem::Dependency
+  name: opal-webpack-loader
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.4
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -148,6 +190,7 @@ files:
 - lib/isomorfeus/transport.rb
 - lib/isomorfeus/transport/client_processor.rb
 - lib/isomorfeus/transport/config.rb
+- lib/isomorfeus/transport/handler/authentication_handler.rb
 - lib/isomorfeus/transport/middlewares.rb
 - lib/isomorfeus/transport/rack_middleware.rb
 - lib/isomorfeus/transport/request_agent.rb
@@ -155,6 +198,7 @@ files:
 - lib/isomorfeus/transport/server_socket_processor.rb
 - lib/isomorfeus/transport/version.rb
 - lib/isomorfeus/transport/websocket.rb
+- lib/lucid_authentication/mixin.rb
 - lib/lucid_channel/base.rb
 - lib/lucid_channel/mixin.rb
 - lib/lucid_handler/base.rb