jko_api 0.1.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3711a73e0bd2f3bb5186bf24f11d4530b9bbeb6c
-  data.tar.gz: e3a28ae1fc62c36cf5a3b77ee0f6820873fb9a75
+  metadata.gz: 2b71ffbde46caf94241d8813b48dc53c2b737f77
+  data.tar.gz: 06f6e116abebe5c5efcae4614a8e8c49178e69b5
 SHA512:
-  metadata.gz: c6adaaad9e11e56f1971934b7522dae6cc7376e18ddae3b3358202ee73dc85452327d5eab3a62c594e05f525ced2320ff1df5b1acbcf03b8e8ce0faedcbadc6a
-  data.tar.gz: 26a75d36b762ffa83d8f74f93374b5a843f73fdc9d1c80e3f969afdd68722d2055e9d527e239b722f70477304680f2de002490f19c041bace08d668cd4816bc3
+  metadata.gz: 3b0e444f0a11c75fedbd4e3d9865582b60179ad78f75f2213248619b2c3b17d9ac42a63e77429a6d79d3f2dba23f28372b86a9bfc1c91f59102f6b392ccc0061
+  data.tar.gz: 75ced80d1207ab1c3457d602a515e8d169b4a30572ee1cad16636ec888c479e24a6bef1f483cd9a4d811043fc666cfe4b127c0390ec512a0a7a7a6e8f18a6ef4

data/Gemfile

@@ -1,4 +1,5 @@
 source 'https://rubygems.org'
 
+gem 'warden-oauth2-strategies', github: 'airservice/warden-oauth2', require: false
 # Specify your gem's dependencies in jko_api.gemspec
 gemspec

data/README.md

@@ -6,7 +6,11 @@ This gem lets you make a single change and reversion an API without copying over
 
 ## Props
 
-99% of this gem was written by [Justin Ko](https://github.com/justinko). Since he's lazy and won't make a gem from it, I'm doing it for him :stuck_out_tongue: That's why the gem is named after him.
+90% of the code was originally written by [Justin Ko](https://github.com/justinko). Since he's lazy and won't make a gem from it, I'm doing it for him :stuck_out_tongue: That's why the gem is named after him. I've since modified some of the stuff, and will continue to make it easier to use and more configurable.
+
+## Requirements
+
+Rails 5 and Ruby 2.3
 
 ## Installation
 
@@ -31,9 +35,19 @@ In your `config/initializers/jko_api.rb` add
 ```ruby
 JkoApi.configure do |c|
   # This is the default. You can override this if you need a different controller
-  # c.base_controller = Api::ApplicationController
+  # c.base_controller = ApiApplicationController
+
   # This is the folder name where all the api controllers would go
   # c.api_namespace = 'api'
+
+  # If you want to use your own authentication stuff, leave this as default
+  # c.use_authentication = false
+
+  # The built in authentication is Warden::OAuth2 with a Bearer strategy. Currently no other option exists
+  # c.strategy = :bearer
+
+  # If you use the authentication, then you will need to make some model, and set this value. More notes below.
+  # c.token_model = SomeModelYouCreated
 end
 ```
 
@@ -53,10 +67,10 @@ JkoApi.routes self do
 end  
 ```
 
-Place your version 1 controller code in `app/controllers/api/v1`. Controllers should all inherit from `Api::ApplicationController`, or something that inherits from that.
+Place your version 1 controller code in `app/controllers/api/v1`. Controllers should all inherit from `ApiApplicationController`, or something that inherits from that.
 
 ```ruby
-class Api::V1::BarsController < Api::ApplicationController
+class Api::V1::BarsController < ApiApplicationController
   def index
     # do stuff
   end
@@ -80,7 +94,7 @@ end
 We can still do this though
 
 ```ruby
-class Api::V3::BarsController < Api::ApplicationController
+class Api::V3::BarsController < ApiApplicationController
   def index
     # do different stuff
   end
@@ -89,6 +103,63 @@ end
 
 You can test this all by booting up a simple rails app, then do `curl -H "Accept: application/vnd.api.v1+json" http://localhost:3000/bars`
 
+The `Accept` header is required to make the calls.
+
+## Authentication
+If your API calls need to be authenticated by some API key, then you will need to configure a few more things.
+
+```ruby
+JkoApi.configure do |c|
+  c.use_authentication = true
+  c.token_model = MyCustomTokenVerifier
+end
+```
+
+Your `MyCustomTokenVerifier` must be a ruby object that responds to a `locate` class method, and take a single string argument for the api token that needs to be authenticated. The method should return the token string if it's valid, and nil if it's not. You can [read more here](https://github.com/opperator/warden-oauth2#access-token).
+
+This `MyCustomTokenVerifier` could look a few different ways. One way would be to make this a rails model like
+
+```ruby
+class MyCustomTokenVerifier < ApplicationModel
+
+  def self.locate(token_string)
+    find_by(api_token: token_string)
+  end
+
+end
+```
+
+Another way would be a simple class that verifies against some configuration option like
+
+```ruby
+class MyCustomTokenVerifier
+
+  def self.locate(token_string)
+    if token_string == Rails.configuration.x.my_custom_api_token
+      token_string
+    else
+      nil
+    end
+  end
+end
+```
+
+## Testing
+If you're trying to test controllers, keep in mind that Rails doesn't process the middleware stack for controller tests. This means that the `JkoApi::Middleware` as well as the `JkoApi::Strategies` modules won't exist, and neither will `warden`. You can [read up more here](https://github.com/hassox/warden/issues/117).
+
+My recommendation for testing api endpoints is doing an integration test. With RSpec, just create your `spec/requests` folder, and add your spec for the endpoint you want to test.
+
+If you need access to a mock warden object, you can add
+
+```ruby
+require 'jko_api/test_helpers'
+include JkoApi::TestHelpers
+```
+
+## Debugging notes
+
+If you have a route that matches one of the API routes, and it's listed first, then Rails will match that route first. This might not be what you expected, so put your `JkoApi.routes` near the top to ensure that gets hit first.
+
 
 ## Contributing
 

data/app/controllers/api_application_controller.rb

@@ -0,0 +1,3 @@
+class ApiApplicationController < ActionController::Base
+  include JkoApi::Controller
+end

data/config/initializers/warden.rb

@@ -0,0 +1,7 @@
+JkoApi.auth_setup do
+  Warden::OAuth2.configure do |config|
+    if JkoApi.configuration.strategy.bearer?
+      config.token_model = JkoApi.configuration.token_model
+    end
+  end
+end

data/jko_api.gemspec

@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
   spec.email         = ["jeremywoertink@gmail.com"]
   spec.summary       = %q{A Rails API gem}
   spec.description   = %q{Some Rails API code written by JustinKo and ported to a badly written gem}
-  spec.homepage      = ""
+  spec.homepage      = "https://github.com/jwoertink/jko_api"
   spec.license       = "MIT"
 
   spec.files         = `git ls-files -z`.split("\x0")
@@ -20,6 +20,7 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.7"
   spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_dependency "responders", "2.1.0"
-  spec.add_dependency "rails", ">= 4.2.0", "< 5"
+  spec.add_dependency "responders", "2.2.0"
+  spec.add_dependency "rails", ">= 5.0.0.beta3", "< 5.1"
+  spec.add_dependency "warden-oauth2"
 end

data/lib/jko_api.rb

@@ -2,7 +2,9 @@ require "active_support/all"
 require "active_model/railtie"
 require "action_controller/railtie"
 require "responders"
+require "warden-oauth2"
 require "jko_api/version"
+require "jko_api/strategies"
 require "jko_api/class_descendants_builder"
 require "jko_api/constraints"
 require "jko_api/controller"
@@ -20,6 +22,7 @@ module JkoApi
   ACCEPT_HEADER_REGEX = /\Aapplication\/vnd\.api(\.v([0-9]))?\+json\z/
 
   mattr_accessor :configuration, instance_accessor: false
+  mattr_accessor :auth_initializer, instance_accessor: false
   mattr_reader :current_version_number, instance_reader: false
 
   def self.configure
@@ -30,7 +33,8 @@ module JkoApi
 
   def self.setup(base_controller)
     Util.stupid_hack!
-    ClassDescendantsBuilder.build base_controller, level: max_version_number
+    ClassDescendantsBuilder.build(base_controller, upto: max_version_number)
+    @@auth_initializer.call
   end
 
   def self.activated?
@@ -66,4 +70,8 @@ module JkoApi
       JkoApi.versions(context, &block)
     end
   end
+
+  def self.auth_setup(&block)
+    self.auth_initializer = block
+  end
 end

data/lib/jko_api/class_descendants_builder.rb

@@ -2,45 +2,49 @@ module JkoApi
   class ClassDescendantsBuilder
     LEVEL_REGEX = /\d+/
 
-    def self.build(base_class, level:)
+    def self.build(base_class, upto:)
       base_class.descendants.each do |descendant|
-        new(descendant, level).build
+        new(descendant, upto).build
       end
     end
 
-    def initialize(descendant, level)
-      @descendant, @level = descendant, level
+    attr_reader :descendant, :upto
+
+    def initialize(descendant, upto)
+      @descendant, @upto = descendant, upto
     end
 
     def build
-      initial_level.upto(@level - 1) do |level|
-        build_descendant(level) unless descendant_defined?(level)
+      initial_level.upto(upto) do |level|
+        unless Module.qualified_const_defined?(swap_level(level.next))
+          build_descendant level
+        end
       end
     end
 
     private
 
-    def descendant_defined?(level)
-      !!swap_level(level.next).safe_constantize
-    end
-
     def build_descendant(level)
-      namespace(level.next).constantize.const_set(
+      namespace(level.next).const_set(
         swap_level(level.next).demodulize,
         Class.new(swap_level(level).constantize)
       )
     end
 
     def namespace(level)
-      swap_level(level).deconstantize.presence || 'Object'
+      deconstantized = swap_level(level).deconstantize
+      unless Module.qualified_const_defined?(deconstantized)
+        Module.qualified_const_set deconstantized, Module.new
+      end
+      deconstantized.constantize
     end
 
     def swap_level(level)
-      @descendant.name.sub LEVEL_REGEX, level.to_s
+      descendant.name.sub LEVEL_REGEX, level.to_s
     end
 
     def initial_level
-      @descendant.name[LEVEL_REGEX].to_i
+      descendant.name[LEVEL_REGEX].to_i
     end
   end
 end

data/lib/jko_api/configuration.rb

@@ -1,11 +1,21 @@
 module JkoApi
   class Configuration
 
-    attr_accessor :base_controller, :api_namespace
+    attr_accessor :base_controller, :api_namespace, :use_authentication, :token_model
 
     def initialize
-      @base_controller = Api::ApplicationController
+      @base_controller = ApiApplicationController
       @api_namespace = 'api'
+      @use_authentication = false
+      @strategy = :bearer
+    end
+
+    def authenticate?
+      use_authentication
+    end
+
+    def strategy
+      @strategy.to_s.inquiry
     end
 
   end

data/lib/jko_api/controller.rb

@@ -4,7 +4,12 @@ module JkoApi
 
     included do
       include JkoApi::ControllerHelpers
-      skip_authentication # TODO: make this configurable
+
+      if JkoApi.configuration&.use_authentication
+        prepend_before_action :authenticate!
+      else
+        skip_authentication
+      end
 
       self.responder = JkoApi::Responder
       respond_to :json
@@ -15,5 +20,14 @@ module JkoApi
     def render_json_errors(status, message = status)
       render json: JkoApi::RequestError[status, message], status: status
     end
+
+    def warden
+      request.env['warden']
+    end
+
+    def authenticate!
+      token = warden.authenticate!
+      self.authenticated = !!token
+    end
   end
 end

data/lib/jko_api/controller_helpers.rb

@@ -5,7 +5,11 @@ module JkoApi
     included do
       class_attribute :authenticated
       self.authenticated = false
-      append_before_action { raise 'setup authentication' unless authenticated }
+      append_before_action do
+        unless authenticated
+          render(json: {error: 'Authentication Failed'}, status: 401)
+        end
+      end
     end
 
     class_methods do

data/lib/jko_api/engine.rb

@@ -3,7 +3,12 @@ require 'rails/railtie'
 module JkoApi
   class Engine < ::Rails::Engine
     initializer "jko_api.configure_rails_initialization" do |app|
-      app.middleware.use JkoApi::Middleware
+      app.middleware.use JkoApi::Middleware, only: proc { |env|
+        env['HTTP_ACCEPT'] && env['HTTP_ACCEPT'].include?('application/vnd.api') }
+
+      if JkoApi.configuration&.authenticate?
+        app.middleware.use "JkoApi::Strategies::#{JkoApi.configuration.strategy.to_s.capitalize}".constantize, only: proc { |env| env['HTTP_ACCEPT'] && env['HTTP_ACCEPT'].include?('application/vnd.api')  }
+      end
     end
   end
 end

data/lib/jko_api/middleware.rb

@@ -1,14 +1,17 @@
 module JkoApi
   class Middleware
-    def initialize(app)
+    def initialize(app, options={})
       @app = app
+      @only = options[:only]
     end
 
     def call(env)
-      if version_number = extract_version_number(env)
-        ::JkoApi.current_version_number = version_number
-      else
-        ::JkoApi.reset
+      if @only && @only.call(env)
+        if version_number = extract_version_number(env)
+          ::JkoApi.current_version_number = version_number
+        else
+          ::JkoApi.reset
+        end
       end
       @app.call env
     end

data/lib/jko_api/strategies.rb

@@ -0,0 +1 @@
+require 'jko_api/strategies/bearer'

data/lib/jko_api/strategies/bearer.rb

@@ -0,0 +1,26 @@
+module JkoApi
+  module Strategies
+    class Bearer
+
+      def initialize(app, options ={})
+        @app = app
+        @only = options[:only]
+        @mgr = Warden::Manager.new(@app, options) do |config|
+          config.strategies.add :bearer, Warden::OAuth2::Strategies::Bearer
+          config.default_strategies :bearer
+          config.failure_app = Warden::OAuth2::FailureApp
+        end
+
+        @mgr
+      end
+
+      def call(env)
+        if @only && @only.call(env)
+          @mgr.call(env)
+        else
+          @app.call(env)
+        end
+      end
+    end
+  end
+end

data/lib/jko_api/test_helpers.rb

@@ -0,0 +1,9 @@
+module JkoApi
+  module TestHelpers
+    extend ActiveSupport::Concern
+
+    included do
+      include Warden::Test::Mock
+    end
+  end
+end

data/lib/jko_api/version.rb

@@ -1,3 +1,3 @@
 module JkoApi
-  VERSION = "0.1.3"
+  VERSION = "0.2.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jko_api
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Jeremy Woertink
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-17 00:00:00.000000000 Z
+date: 2016-07-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -44,34 +44,48 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
+        version: 5.0.0.beta3
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '5.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 4.2.0
+        version: 5.0.0.beta3
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5'
+        version: '5.1'
+- !ruby/object:Gem::Dependency
+  name: warden-oauth2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Some Rails API code written by JustinKo and ported to a badly written
   gem
 email:
@@ -85,7 +99,8 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- app/controllers/api/application_controller.rb
+- app/controllers/api_application_controller.rb
+- config/initializers/warden.rb
 - jko_api.gemspec
 - lib/jko_api.rb
 - lib/jko_api/class_descendants_builder.rb
@@ -97,10 +112,13 @@ files:
 - lib/jko_api/middleware.rb
 - lib/jko_api/request_error.rb
 - lib/jko_api/responder.rb
+- lib/jko_api/strategies.rb
+- lib/jko_api/strategies/bearer.rb
+- lib/jko_api/test_helpers.rb
 - lib/jko_api/util.rb
 - lib/jko_api/version.rb
 - lib/jko_api/versioning.rb
-homepage: ''
+homepage: https://github.com/jwoertink/jko_api
 licenses:
 - MIT
 metadata: {}
@@ -120,7 +138,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.3
+rubygems_version: 2.5.1
 signing_key: 
 specification_version: 4
 summary: A Rails API gem

data/app/controllers/api/application_controller.rb

@@ -1,3 +0,0 @@
-class Api::ApplicationController < ActionController::Base
-  include JkoApi::Controller
-end