jump_in 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 318fdf2dd172c63b434927189856adf7faebc4f4
+  data.tar.gz: 32a22b706b0948f5da995cdf6f85b3f9746d0dc7
+SHA512:
+  metadata.gz: a8ff65b78df304466eaa27caf64c18fc61bd08af9898ece2c73eb2935f90c91ccb4eaeb1f581a8bc710b77a45e02de42f871d7c7deaf7daa57cff2cc3baa94fb
+  data.tar.gz: be6c454eda28bd44567a53e04b9f58dcb532bcc262e336125d356786754898217b10a25a248ad24cf2fc2549dc8348ae0302ae9f37c0bbb72d1319c0c73d46af

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 KatarzynaT-B
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,23 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'JumpIn'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+
+
+Bundler::GemHelper.install_tasks
+

data/lib/jump_in/authentication/by_password.rb

@@ -0,0 +1,13 @@
+module JumpIn
+  module Authentication
+    class ByPassword < Strategy
+      def self.detected?(params)
+        params.include? :password
+      end
+
+      def authenticate_user
+        @user.authenticate(@params[:password]) ? true : false
+      end
+    end
+  end
+end

data/lib/jump_in/authentication/strategy.rb

@@ -0,0 +1,16 @@
+module JumpIn
+  module Authentication
+
+    class Strategy
+      def initialize(user:, params:)
+        @user = user
+        @params = params
+      end
+
+      def authenticate_user
+        true
+      end
+    end
+
+  end
+end

data/lib/jump_in/authentication.rb

@@ -0,0 +1,97 @@
+require 'jump_in/authentication/strategy'
+require 'jump_in/authentication/by_password'
+
+module JumpIn
+  module Authentication
+
+    STRATEGIES = [ByPassword]
+
+    def self.included(base)
+      base.send :helper_method, :current_user, :logged_in? if base.respond_to? :helper_method
+    end
+
+# LOGGING IN
+    def jump_in(user:, permanent: false, expires: nil, **params)
+      return false if logged_in?
+      if authenticate_by_strategy(user: user, params: params)
+        login(user: user, permanent: permanent, expires: expires)
+      else
+        return false
+      end
+    end
+
+    def authenticate_by_strategy(user:, params:)
+      if strategy = detected_strategy(user: user, params: params)
+        strategy.authenticate_user
+      else
+        false
+      end
+    end
+
+    def login(user:, permanent: false, expires: nil)
+      if permanent
+        set_cookies(user: user, expires: expires)
+      else
+        set_session(user: user)
+      end
+      true
+    end
+
+    def set_cookies(user:, expires:)
+      expires = (expires || 20.years).from_now
+      cookies.signed[:jump_in_class] = { value: user.class.to_s, expires: expires }
+      cookies.signed[:jump_in_id]    = { value: user.id, expires: expires }
+    end
+
+    def set_session(user:)
+      session[:jump_in_class] = user.class.to_s
+      session[:jump_in_id]    = user.id
+    end
+
+# LOGGING OUT
+    def jump_out
+      if session[:jump_in_id] && session[:jump_in_class]
+        delete_session
+      elsif cookies[:jump_in_id] && cookies[:jump_in_class]
+        delete_cookies
+      end
+      true
+    end
+
+    def delete_cookies
+      cookies.delete :jump_in_class
+      cookies.delete :jump_in_id
+    end
+
+    def delete_session
+      session.delete :jump_in_class
+      session.delete :jump_in_id
+    end
+
+# HELPER METHODS
+    def current_user
+      return nil unless session_or_cookies_set?
+      klass = (session[:jump_in_class] || cookies.signed[:jump_in_class]).constantize
+      id    = (session[:jump_in_id] || cookies.signed[:jump_in_id])
+      @current_user ||= klass.find_by_id(id)
+    end
+
+    def logged_in?
+      !!current_user
+    end
+
+    private
+    def session_or_cookies_set?
+      (session[:jump_in_id] && session[:jump_in_class]) ||
+      (cookies.signed[:jump_in_id] && cookies.signed[:jump_in_class])
+    end
+
+    def detected_strategy(user: user, params: params)
+      if strategy = STRATEGIES.detect { |strategy| strategy.detected?(params) }
+        strategy.new(user: user, params: params)
+      else
+        false
+      end
+    end
+  end
+end

data/lib/jump_in/password_reset.rb

@@ -0,0 +1,54 @@
+module JumpIn
+  module PasswordReset
+
+# CREATING TOKEN
+    def set_password_reset_for(user:, token: nil)
+      if token_uniq_or_empty?(user: user, token: token)
+        set_token(user: user, token: token)
+      else
+        false
+      end
+    end
+
+    def set_token(user:, token:)
+      token ||= generate_unique_token_for(user: user)
+      user.update_attribute(:password_reset_token, token)
+    end
+
+    def generate_unique_token_for(user:)
+      loop do
+        token = generate_token
+        break token if token_uniq?(user: user, token: token)
+      end
+    end
+
+    def generate_token
+      JumpIn::Tokenizer.generate_token
+    end
+
+    def token_uniq_or_empty?(user:, token:)
+      (token && token_uniq?(user: user, token: token)) || token.nil?
+    end
+
+    def token_uniq?(user:, token:)
+      !user.class.where(password_reset_token: token).exists?
+    end
+
+# RECEIVING TOKEN
+    def password_reset_valid?(password_reset_token:, expiration_time: 2.hours)
+      JumpIn::Tokenizer.decode_time(password_reset_token) > Time.now - expiration_time
+    end
+
+    def update_password_for(user:, password:, password_confirmation:, password_reset_token:)
+      if token_correct?(user_token: user.password_reset_token, received_token: password_reset_token)
+        user.update_attributes(password: password, password_confirmation: password_confirmation, password_reset_token: nil)
+      else
+        false
+      end
+    end
+
+    def token_correct?(user_token:, received_token:)
+      user_token == received_token
+    end
+  end
+end

data/lib/jump_in/tokenizer.rb

@@ -0,0 +1,21 @@
+require 'base64'
+
+module JumpIn
+  module Tokenizer
+    DELIMITER = '.'.freeze
+
+    def self.generate_token
+      Base64.encode64 [SecureRandom.hex(12), Time.now.xmlschema].join(DELIMITER)
+    end
+
+    def self.decode_and_split_token(token)
+      Base64.decode64(token).split(DELIMITER)
+    end
+
+    def self.decode_time(token)
+      token_time = decode_and_split_token(token)[1]
+      Time.parse(token_time)
+    end
+  end
+end
+

data/lib/jump_in/version.rb

@@ -0,0 +1,3 @@
+module JumpIn
+  VERSION = "0.0.1"
+end

data/lib/jump_in.rb

@@ -0,0 +1,8 @@
+require "jump_in/version"
+require 'jump_in/authentication'
+require 'jump_in/password_reset'
+require 'jump_in/tokenizer'
+
+module JumpIn
+
+end

data/lib/tasks/jump_in_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :jump_in do
+#   # Task goes here
+# end

data/spec/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/spec/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/spec/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,8 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+
+  include JumpIn::Authentication
+  include JumpIn::PasswordReset
+end

data/spec/dummy/app/controllers/password_resets_controller.rb

@@ -0,0 +1,34 @@
+class PasswordResetsController < ApplicationController
+
+  before_filter :authorize_by_token, :only => [:edit, :update]
+
+  def create
+    @user = User.find_by(email: params[:email].downcase)
+    if set_password_reset_for(user: @user)
+      SystemMailer.password_reset(@user).deliver
+      redirect_to login_path
+    else
+      render :new
+    end
+  end
+
+  def update
+    user = User.where(password_reset_token: params[:token]).first
+    if user && update_password_for(user: user,
+                                   password: params[:password],
+                                   password_confirmation: params[:password_confirmation],
+                                   password_reset_token: params[:token])
+      redirect_to login_path
+    else
+      render :edit
+    end
+  end
+
+  private
+  def authorize_by_token
+    unless password_reset_valid?(password_reset_token: params[:token])
+      flash[:error] = "Sorry, your password-reset-token is too old"
+      redirect_to new_password_resets_path
+    end
+  end
+end

data/spec/dummy/app/controllers/sessions_controller.rb

@@ -0,0 +1,16 @@
+class SessionsController < ApplicationController
+
+  def create
+    user = User.find_by(email: params[:session][:email].downcase)
+    if login(user: user, password: params[:session][:password], permanent: true)
+      redirect_to user_path(user)
+    else
+      render :new
+    end
+  end
+
+  def destroy
+    logout
+    redirect_to login_path
+  end
+end

data/spec/dummy/app/controllers/users_controller.rb

@@ -0,0 +1,32 @@
+class UsersController < ApplicationController
+  before_filter :authorize, only: :show
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(user_params)
+    if @user.save
+      redirect_to login_path
+    else
+      render :new
+    end
+  end
+
+  def show
+    @user = User.find(params[:id])
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:name, :email, :password, :password_confirmation)
+  end
+
+  def authorize
+    render nothing: true, status: 401 unless logged_in?
+  end
+
+end
+

data/spec/dummy/app/mailers/system_mailer.rb

@@ -0,0 +1,8 @@
+class SystemMailer < ActionMailer::Base
+  default from: "dummy@app.com"
+
+  def password_reset(user)
+    @user = user
+    mail to: @user.email, subject: "Password reset"
+  end
+end

data/spec/dummy/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  has_secure_password
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+<head>
+</head>
+<body>
+  <%= link_to "Log out", logout_path, method: :delete %>
+
+  <% flash.each do |type, message| %>
+    <div class="alert flash <%= type %>">
+      <%= message %>
+    </div>
+  <% end %>
+
+  <%= yield %>
+</body>
+</html>
+
+

data/spec/dummy/app/views/password_resets/edit.html.erb

@@ -0,0 +1,9 @@
+Edit for PasswordReset
+
+<%= form_tag password_resets_path, method: :patch do %>
+  <%= password_field_tag :password %>
+  <%= password_field_tag :password_confirmation %>
+  <%= hidden_field_tag :token, params[:token] %>
+  <%= submit_tag "Set new password" %>
+<% end %>
+

data/spec/dummy/app/views/password_resets/new.html.erb

@@ -0,0 +1,7 @@
+Reset Password Page
+
+<%= form_tag password_resets_path, method: :post do %>
+  <%= email_field_tag :email %>
+  <%= submit_tag "Reset password" %>
+<% end %>
+

data/spec/dummy/app/views/sessions/new.html.erb

@@ -0,0 +1,7 @@
+Login Page
+
+<%= form_for (:session) do |f| %>
+  <%= f.text_field :email %>
+  <%= f.password_field :password %>
+  <%= f.submit "Log in" %>
+<% end %>

data/spec/dummy/app/views/system_mailer/password_reset.html.erb

@@ -0,0 +1,2 @@
+link to password reset:
+<%= edit_password_resets_path(token: @user.password_reset_token) %>

data/spec/dummy/app/views/users/show.html.erb

@@ -0,0 +1 @@
+Show view for user

data/spec/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/dummy/bin/setup

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+require 'pathname'
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../',  __FILE__)
+
+Dir.chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file:
+
+  puts "== Installing dependencies =="
+  system "gem install bundler --conservative"
+  system "bundle check || bundle install"
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?("config/database.yml")
+  #   system "cp config/database.yml.sample config/database.yml"
+  # end
+
+  puts "\n== Preparing database =="
+  system "bin/rake db:setup"
+
+  puts "\n== Removing old logs and tempfiles =="
+  system "rm -f log/*"
+  system "rm -rf tmp/cache"
+
+  puts "\n== Restarting application server =="
+  system "touch tmp/restart.txt"
+end

data/spec/dummy/config/application.rb

@@ -0,0 +1,32 @@
+require File.expand_path('../boot', __FILE__)
+
+# Pick the frameworks you want:
+require "active_record/railtie"
+require "action_controller/railtie"
+require "action_mailer/railtie"
+require "action_view/railtie"
+require "sprockets/railtie"
+# require "rails/test_unit/railtie"
+
+Bundler.require(*Rails.groups)
+require "jump_in"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # Do not swallow errors in after_commit/after_rollback callbacks.
+    config.active_record.raise_in_transactional_callbacks = true
+  end
+end
+

data/spec/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/spec/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/spec/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/spec/dummy/config/environments/development.rb

@@ -0,0 +1,41 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+end