jobshop 0.0.41 → 0.0.53

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c86e7e67c1715d920f77caf807a4bc4e5d0d5dec
-  data.tar.gz: b61cde16d2ba6177ecc3bbb62d4b7e165692b92b
+  metadata.gz: 8a2d1798548ecae570f0b45babfa2e513b82395c
+  data.tar.gz: bc7448f4acea0f1582843a1a47ff9b98a1c4aae6
 SHA512:
-  metadata.gz: bb5e90365faeb6483033e4c16a776e399908ba489557ed89672bad4d864c176004ed729b41adcd5626d458f7a92e1b3e5a515ac601098e3fba86e5fac27d6cf2
-  data.tar.gz: bed3c0155ecd9c441f018d28f119fae407067cdb01965d770479fd496070b8c328d56dcdd0ad47ee08a5a1e90c07ef3badeb9f64188950820369f6712ad757b8
+  metadata.gz: 649182157861589f953e47725d6947e86f3245e81e2c90c8d1b36127865fdacd74a4498303dd6bd99b9f837752353dfcd211733ad43c9963d88a5d83346bf3ae
+  data.tar.gz: e7b646ec641cceae9c9e699a5f4afb9e5d725fcd1f0a066e7974af05cf1127ba4af99e484b1966dee8b71972aba0a4faf24d20a489a0f5e26484ee6dd46eca39

data/app/controllers/concerns/email_token_validation.rb

@@ -0,0 +1,59 @@
+class EmailTokenValidation
+  def self.before(controller)
+    @token = EmailToken.new(
+      controller.params.fetch(:user_email, nil),
+      controller.params.fetch(:email_authentication_token, nil)
+    )
+
+    if @token.valid?
+      sign_out_current_scope
+      sign_in token.user
+      token.destroy
+    end
+  end
+
+  class EmailToken
+    attr_reader :token
+
+    def initialize(email, token)
+      @email, @token = email, token
+    end
+
+    def valid?
+      present? && user && token && !expired? && secure_compare
+    end
+
+  private
+    def present?
+      @email.present? && @token.present?
+    end
+
+    def user
+      @user ||= Jobshop::User.where(email: @email)
+        .where.not(email_authentication_token_sent_at: nil).first
+    end
+
+    def destroy
+      user.update({
+        email_authentication_token:         nil,
+        email_authentication_token_sent_at: nil
+      })
+    end
+
+    def secure_compare
+      # Notice how we use Devise.secure_compare to compare the token in the
+      # database with the token given in the params, mitigating timing
+      # attacks.
+      Devise.secure_compare(user.email_authentication_token, token)
+    end
+
+    def expired?
+      @expired ||= Time.now >= expires_on
+    end
+
+    def expires_on
+      # TODO: Make token expiration configurable in initializers/jobshop.rb.
+      @expires_on ||= user.email_authentication_token_sent_at + 6.hours
+    end
+  end
+end

data/app/controllers/concerns/registration_token_validation.rb

@@ -1,25 +1,41 @@
-module RegistrationTokenValidation
-  class << self
-    def before(controller)
-      @token = controller.params[:registration_token]
-      @controller = controller
-      controller.redirect_to controller.new_user_session_path unless valid?
-    end
+class RegistrationTokenValidation
+  def self.before(controller)
+    new(controller.dup)
+  end
+
+  def initialize(controller)
+    @controller = controller.dup
+    @token      = @controller.params.fetch(:registration_token, nil)
+    @team_id    = @controller.params.fetch(:team_id, nil)
 
-    def valid?
-      @token.present? && resolves?
+    if @token
+      @controller.redirect_to(@controller.new_user_session_path) unless valid?
     end
+  end
+
+  def valid?
+    !expired? && !owned? && resolves?
+  end
 
-    def resolves?
-      encrypted_token = Devise.token_generator.digest(
-        Jobshop::Team, :registration_token, @token)
+private
+  def team
+    @team ||= Jobshop::Team.where(id: @team_id).first
+  end
 
-      configurable = Jobshop::Team.find_by(
-        id: @controller.params[:team_id], registration_token: encrypted_token)
+  def resolves?
+    encrypted_token = Devise.token_generator.digest(
+      Jobshop::Team, :registration_token, @token)
 
-      configurable &&
-        configurable.registration_token_period_valid? &&
-        configurable.owner.blank?
-    end
+    # Notice how we use Devise.secure_compare to compare the token in the
+    # database with the token given in the params, mitigating timing attacks.
+    Devise.secure_compare(team.registration_token, encrypted_token)
+  end
+
+  def expired?
+    @expired ||= !team.registration_token_period_valid?
+  end
+
+  def owned?
+    @owned ||= team.owner.present?
   end
 end

data/app/controllers/jobshop/application_controller.rb

@@ -10,7 +10,7 @@ module Jobshop
 
     protect_from_forgery
 
-    before_action :authenticate_user_from_email!
+    before_action EmailTokenValidation
     before_action :authenticate_user!
 
     # after_action :verify_authorized, except: :index
@@ -18,67 +18,14 @@ module Jobshop
 
     private
 
-    def authenticate_user_from_email!
-      token = EmailAuthenticationToken.new(
-        params.fetch(:user_email, nil),
-        params.fetch(:email_authentication_token, nil)
-      )
-
-      if token.valid?
-        sign_in token.user
-        token.destroy
-      end
-    end
-
     def layout_for_application
       if devise_controller? && controller_name == "sessions" ||
           controller_path == "jobshop/teams/lookups"
         "jobshop/unauthenticated"
       else
-
         "jobshop/application"
       end
     end
 
-    class EmailAuthenticationToken
-      attr_reader :token
-
-      def initialize(email, token)
-        @email = email
-        @token = token
-      end
-
-      def valid?
-        user && token && !expired? && secure_compare
-      end
-
-      def user
-        @user ||= Jobshop::User.where(email: @email)
-          .where.not(email_authentication_token_sent_at: nil).first
-      end
-
-      def destroy
-        user.update({
-          email_authentication_token:         nil,
-          email_authentication_token_sent_at: nil
-        })
-      end
-
-      def secure_compare
-        # Notice how we use Devise.secure_compare to compare the token in the
-        # database with the token given in the params, mitigating timing
-        # attacks.
-        Devise.secure_compare(user.email_authentication_token, token)
-      end
-
-      def expired?
-        @expired ||= Time.now >= expires_on
-      end
-
-      def expires_on
-        # TODO: Make token expiration configurable in initializers/jobshop.rb.
-        @expires_on ||= user.email_authentication_token_sent_at + 6.hours
-      end
-    end
   end
 end

data/app/controllers/jobshop/sessions_controller.rb

@@ -0,0 +1,6 @@
+require_dependency "jobshop/application_controller"
+
+module Jobshop
+  class SessionsController < Devise::SessionsController
+  end
+end

data/app/controllers/jobshop/teams/lookups_controller.rb

@@ -10,12 +10,11 @@ module Jobshop
 
     def create
       emails = params[:user][:email].split(",").map(&:strip).take(5)
-
       Jobshop::Team.grouped_by_email(emails).each_pair do |email, teams|
         Jobshop::TeamsMailer.found_teams(email, teams).deliver_later
       end
 
-      redirect_to new_user_session_path
+      redirect_to teams_lookup_path
     end
   end
 end

data/app/controllers/jobshop/teams/registrations_controller.rb

@@ -2,10 +2,10 @@ require_dependency "jobshop/application_controller"
 
 module Jobshop
   class Teams::RegistrationsController < ApplicationController
-    before_action RegistrationTokenValidation
-
     skip_before_action :authenticate_user!
 
+    before_action RegistrationTokenValidation
+
     layout "jobshop/unauthenticated"
 
     def new

data/app/mailers/jobshop/teams_mailer.rb

@@ -1,10 +1,10 @@
 module Jobshop
   class TeamsMailer < ApplicationMailer
-    def found_teams(user, teams)
-      @user = user
+    def found_teams(email, teams)
+      @user = Jobshop::User.where(email: email).first
       @teams = teams
 
-      mail(to: @user.email, subject: "We found your Jobshop Teams!")
+      mail(to: email, subject: "We found your Jobshop Teams!")
     end
   end
 end

data/app/models/jobshop/user.rb

@@ -16,8 +16,12 @@ module Jobshop
       presence:     { if: :password_required? },
       confirmation: { if: :password_required? }
 
-    private
+    def self.find_for_authentication(warden_conditions)
+      where(email:   warden_conditions[:email],
+            team_id: warden_conditions[:team_id]).first
+    end
 
+  private
     def generate_email_authentication_token
       loop do
         token = Devise.friendly_token

data/app/views/devise/sessions/new.html.haml

@@ -9,6 +9,7 @@
           .mdl-card__supporting-text
             = f.input(:email)
             = f.input(:password)
+            = f.input(:team_id, as: :hidden, input_html: { value: params[:team_id] })
 
           .mdl-card__actions
             = f.input :remember_me, as: :boolean, input_html: { class: "mdl-checkbox__input" }

data/app/views/jobshop/dashboards/show.html.haml

@@ -27,7 +27,7 @@
           %span(class="visuallyhidden") User Actions
         %ul(class="mdl-menu mdl-menu--bottom-right mdl-js-menu mdl-js-ripple-effect" for="accbtn")
           %li(class="mdl-menu__item")
-            %a(href="#{destroy_user_session_path}" data-method="delete") Sign out
+            %a(href="#{destroy_user_session_path(team_id: current_user.team_id)}" data-method="delete") Sign out
     %nav(class="demo-navigation mdl-navigation mdl-color--blue-grey-800")
       %a(class="mdl-navigation__link" href="")
         %i(class="mdl-color-text--blue-grey-400 material-icons" role="presentation") home

data/app/views/jobshop/teams/lookups/show.html.haml

@@ -11,4 +11,5 @@
             = f.input :email
 
           .mdl-card__actions
+            .expand
             = f.button :submit, "Send the link to my email!"

data/app/views/jobshop/teams_mailer/found_teams.html.haml

@@ -0,0 +1,11 @@
+%P
+  Hi #{@user.email},
+
+%p
+  We found the following teams linked to your email address:
+
+  %ul
+    - @teams.each do |team|
+      %li
+        Sign in at
+        = link_to(team.name, new_user_session_url(team_id: team.id))

data/app/views/jobshop/teams_mailer/found_teams.text.erb

@@ -3,5 +3,6 @@ Hi <%= @user.email %>,
 We found the following teams linked to your email address:
 
 <% @teams.each do |team| %>
-  You belong to: <%= team.name %>
+  <%= jobshop.new_user_session_url(team_id: team.id) %>
+  <%= team.name %>
 <% end %>

data/app/views/layouts/jobshop/unauthenticated.html.haml

@@ -8,7 +8,7 @@
           %nav.mdl-navigation
             %a.mdl-navigation__link{ href: jobshop.about_path }
               About
-            %a.mdl-navigation__link.mdl-color-text--pink{ href: jobshop.new_user_session_path }
+            %a.mdl-navigation__link.mdl-color-text--pink{ href: jobshop.teams_lookup_path }
               Sign In
 
     = yield

data/config/initializers/devise.rb

@@ -36,7 +36,7 @@ Devise.setup do |config|
   # filter. You can also supply a hash where the value is a boolean determining
   # whether or not authentication should be aborted when the value is not
   # present.
-  # config.authentication_keys = [:email]
+  config.authentication_keys = [ :email, :team_id ]
 
   # Configure parameters from the request object used for authentication. Each
   # entry given should be a request method and it will automatically be passed

data/config/routes.rb

@@ -1,5 +1,13 @@
 Jobshop::Engine.routes.draw do
-  devise_for :users, class_name: "Jobshop::User", module: :devise
+  default_url_options(Jobshop.configuration.default_url_options)
+
+  devise_for(:users, class_name: "Jobshop::User", module: "devise", skip: [ :sessions ])
+
+  devise_scope :user do
+    get "teams/:team_id/sign_in" => "sessions#new", as: :new_user_session
+    post "teams/:team_id/sign_in" => "sessions#create", as: :user_session
+    delete "teams/:team_id/sign_out" => "sessions#destroy", as: :destroy_user_session
+  end
 
   resources :teams, only: [ ] do
     collection do

data/lib/jobshop/templates/secrets.yml.erb

@@ -10,13 +10,18 @@
 # Make sure the secrets in this file are kept private
 # if you're sharing your code publicly.
 
-development:
+defaults: &defaults
+  canonical_name: "localhost"
   secret_key_base: <%= SecureRandom.hex(64) %>
 
+development:
+  <<: *defaults
+
 test:
-  secret_key_base: <%= SecureRandom.hex(64) %>
+  <<: *defaults
 
 # Do not keep production secrets in the repository,
 # instead read values from the environment.
 production:
+  canonical_name: <%%= ENV["CANONICAL_NAME"] %>
   secret_key_base: <%%= ENV["SECRET_KEY_BASE"] %>

data/lib/jobshop/version.rb

@@ -6,7 +6,7 @@ module Jobshop
   module VERSION
     MAJOR = 0
     MINOR = 0
-    TINY  = 41
+    TINY  = 53
     PRE   = nil
 
     CODE_NAME = "bump it up prime".freeze

data/lib/jobshop.rb

@@ -14,10 +14,14 @@ module Jobshop
   end
 
   class Configuration
-    attr_writer :host
+    attr_writer :canonical_name
+
+    def initialize
+      @canonical_name = "localhost:3000"
+    end
 
     def default_url_options
-      {}
+      { host: @canonical_name }
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jobshop
 version: !ruby/object:Gem::Version
-  version: 0.0.41
+  version: 0.0.53
 platform: ruby
 authors:
 - Frank J. Mattia
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-13 00:00:00.000000000 Z
+date: 2016-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: coffee-rails
@@ -58,28 +58,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.1.0
+        version: 4.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.1.0
+        version: 4.2.0
 - !ruby/object:Gem::Dependency
   name: material_design_lite-sass
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.3
+        version: 1.2.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.1.3
+        version: 1.2.0
 - !ruby/object:Gem::Dependency
   name: pundit
   requirement: !ruby/object:Gem::Requirement
@@ -142,14 +142,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.3.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 3.3.0
 - !ruby/object:Gem::Dependency
   name: turbolinks
   requirement: !ruby/object:Gem::Requirement
@@ -321,9 +321,11 @@ files:
 - app/assets/stylesheets/jobshop/application.scss
 - app/assets/stylesheets/jobshop/breakpoints.scss
 - app/assets/stylesheets/jobshop/static.scss
+- app/controllers/concerns/email_token_validation.rb
 - app/controllers/concerns/registration_token_validation.rb
 - app/controllers/jobshop/application_controller.rb
 - app/controllers/jobshop/dashboards_controller.rb
+- app/controllers/jobshop/sessions_controller.rb
 - app/controllers/jobshop/setups_controller.rb
 - app/controllers/jobshop/teams/lookups_controller.rb
 - app/controllers/jobshop/teams/registrations_controller.rb
@@ -355,6 +357,7 @@ files:
 - app/views/jobshop/setups/show.html.haml
 - app/views/jobshop/teams/lookups/show.html.haml
 - app/views/jobshop/teams/registrations/new.html.haml
+- app/views/jobshop/teams_mailer/found_teams.html.haml
 - app/views/jobshop/teams_mailer/found_teams.text.erb
 - app/views/layouts/jobshop/application.html.haml
 - app/views/layouts/jobshop/mailer.text.erb