jump_in 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 318fdf2dd172c63b434927189856adf7faebc4f4
-  data.tar.gz: 32a22b706b0948f5da995cdf6f85b3f9746d0dc7
+  metadata.gz: 57658a9f021f93df365961389568711509f87ade
+  data.tar.gz: 8403fd961358c66d60087d4fb1710eafa0e7ce33
 SHA512:
-  metadata.gz: a8ff65b78df304466eaa27caf64c18fc61bd08af9898ece2c73eb2935f90c91ccb4eaeb1f581a8bc710b77a45e02de42f871d7c7deaf7daa57cff2cc3baa94fb
-  data.tar.gz: be6c454eda28bd44567a53e04b9f58dcb532bcc262e336125d356786754898217b10a25a248ad24cf2fc2549dc8348ae0302ae9f37c0bbb72d1319c0c73d46af
+  metadata.gz: 00b6cdeb5a579770178b9b5126571d725baf82927a331d8bd29981bc6fc481b6e95edf8781631b8156e53a1a7f784ea2d57f23120c50e6b8d48c70fa5548e289
+  data.tar.gz: fad2351ffa003c311d4fc0b1cf408bf199ba3967f283b7b7b7b782d3c25a8efd6392836d858a1d56be65bd7fe88c9c5520df17136188afa51e9e53ef952d66d8

data/Rakefile

@@ -14,10 +14,4 @@ RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_files.include('lib/**/*.rb')
 end
 
-
-
-
-
-
 Bundler::GemHelper.install_tasks
-

data/lib/generators/jump_in/config_initializer.rb

@@ -0,0 +1,13 @@
+module JumpIn
+  module Generators
+    class ConfigInitializerGenerator < Rails::Generators::Base
+      source_root File.expand_path("../../templates", __FILE__)
+      desc "Creates JumpIn initializer for your application"
+
+      def prepare_initializer
+        template "jump_in_initializer.rb", "config/initializers/jump_in.rb"
+        puts "Install complete. You can now customize JumpIn defaults in your config/initializers/jump_in.rb."
+      end
+    end
+  end
+end

data/lib/generators/jump_in/install_generator.rb

@@ -0,0 +1,14 @@
+module JumpIn
+  module Generators
+    class ConfigInitializerGenerator < Rails::Generators::Base
+      source_root File.expand_path('../../templates', __FILE__)
+      desc 'Creates JumpIn initializer for your application'
+
+      def prepare_initializer
+        template 'jump_in_initializer.rb', 'config/initializers/jump_in.rb'
+        puts 'Install complete. You can now customize JumpIn defaults in your
+          config/initializers/jump_in.rb.'
+      end
+    end
+  end
+end

data/lib/generators/templates/jump_in_initializer.rb

@@ -0,0 +1,25 @@
+JumpIn.configure do |config|
+  # AUTHENTICATION
+
+  # for `permanent` set to
+  # - true - login method sets cookies,
+  # - false - login method sets session.
+
+  config.permanent = true
+
+  # `expires` is used by login method only when `permanent` is set to true
+  # It defines expiration time for cookies.
+  # Default value is set to 20 years - as in cookies.permanent.
+  # You can uncomment the line below and change it.
+
+  # config.expires = 20.years
+
+  # PASSWORD RESET
+
+  # `expiration_time` is used by PasswordReset#password_reset_valid?
+  # to verify whether password_reset_token is still valid.
+  # Default value is set to 2 hours.
+  # You can uncomment the line below and change it.
+
+  # config.expiration_time = 2.hours
+end

data/lib/jump_in/authentication/cookies.rb

@@ -0,0 +1,35 @@
+require 'jump_in/authentication'
+
+module JumpIn
+  module Authentication
+    module Persistence
+      module Cookies
+        def self.included(klass)
+          klass.jumpin_callback :on_login,         :set_user_cookies
+          klass.jumpin_callback :on_logout,        :remove_user_cookies
+          klass.jumpin_callback :get_current_user, :current_user_from_cookies
+        end
+
+        def set_user_cookies(user:)
+          return nil unless JumpIn.conf.permanent
+          expires = (JumpIn.conf.expires || 20.years).from_now
+          cookies.signed[:jump_in_class] = { value: user.class.to_s,
+                                             expires: expires }
+          cookies.signed[:jump_in_id]    = { value: user.id, expires: expires }
+        end
+
+        def remove_user_cookies
+          cookies.delete :jump_in_class
+          cookies.delete :jump_in_id
+        end
+
+        def current_user_from_cookies
+          return nil unless cookies.signed[:jump_in_id] &&
+                            cookies.signed[:jump_in_class]
+          klass = cookies.signed[:jump_in_class].constantize
+          klass.find_by(id: cookies.signed[:jump_in_id])
+        end
+      end
+    end
+  end
+end

data/lib/jump_in/authentication/session.rb

@@ -0,0 +1,32 @@
+require 'jump_in/authentication'
+
+module JumpIn
+  module Authentication
+    module Persistence
+      module Session
+        def self.included(klass)
+          klass.jumpin_callback :on_login,         :set_user_session
+          klass.jumpin_callback :on_logout,        :remove_user_session
+          klass.jumpin_callback :get_current_user, :current_user_from_session
+        end
+
+        def set_user_session(user:)
+          return nil if JumpIn.conf.permanent
+          session[:jump_in_class] = user.class.to_s
+          session[:jump_in_id]    = user.id
+        end
+
+        def remove_user_session
+          session.delete :jump_in_class
+          session.delete :jump_in_id
+        end
+
+        def current_user_from_session
+          return nil unless session[:jump_in_id] && session[:jump_in_class]
+          klass = session[:jump_in_class].constantize
+          klass.find_by(id: session[:jump_in_id])
+        end
+      end
+    end
+  end
+end

data/lib/jump_in/authentication.rb

@@ -1,96 +1,95 @@
-require 'jump_in/authentication/strategy'
-require 'jump_in/authentication/by_password'
+require 'jump_in/strategies'
+require 'jump_in/persistence'
 
 module JumpIn
   module Authentication
-
-    STRATEGIES = [ByPassword]
-
     def self.included(base)
-      base.send :helper_method, :current_user, :logged_in? if base.respond_to? :helper_method
+      base.extend(ClassMethods)
+      base.send :helper_method, :current_user, :logged_in? if
+        base.respond_to? :helper_method
     end
 
-# LOGGING IN
-    def jump_in(user:, permanent: false, expires: nil, **params)
-      return false if logged_in?
-      if authenticate_by_strategy(user: user, params: params)
-        login(user: user, permanent: permanent, expires: expires)
+    # LOGGING IN
+    def jump_in(user:, **auth_params)
+      if !logged_in? && authenticate_by_strategy(user: user,
+                                                 auth_params: auth_params)
+        login(user: user)
       else
         return false
       end
     end
 
-    def authenticate_by_strategy(user:, params:)
-      if strategy = detected_strategy(user: user, params: params)
+    def authenticate_by_strategy(user:, auth_params:)
+      if strategy = detected_strategy(user: user, auth_params: auth_params)
         strategy.authenticate_user
       else
         false
       end
     end
 
-    def login(user:, permanent: false, expires: nil)
-      if permanent
-        set_cookies(user: user, expires: expires)
-      else
-        set_session(user: user)
+    def login(user:)
+      self.class::ON_LOGIN.each do |on_login|
+        send(on_login, user: user)
       end
       true
     end
 
-    def set_cookies(user:, expires:)
-      expires = (expires || 20.years).from_now
-      cookies.signed[:jump_in_class] = { value: user.class.to_s, expires: expires }
-      cookies.signed[:jump_in_id]    = { value: user.id, expires: expires }
-    end
-
-    def set_session(user:)
-      session[:jump_in_class] = user.class.to_s
-      session[:jump_in_id]    = user.id
-    end
+    # LOGGING OUT
 
-# LOGGING OUT
     def jump_out
-      if session[:jump_in_id] && session[:jump_in_class]
-        delete_session
-      elsif cookies[:jump_in_id] && cookies[:jump_in_class]
-        delete_cookies
-      end
+      self.class::ON_LOGOUT.each { |on_logout| send(on_logout) }
       true
     end
 
-    def delete_cookies
-      cookies.delete :jump_in_class
-      cookies.delete :jump_in_id
-    end
-
-    def delete_session
-      session.delete :jump_in_class
-      session.delete :jump_in_id
-    end
+    # HELPER METHODS
 
-# HELPER METHODS
     def current_user
-      return nil unless session_or_cookies_set?
-      klass = (session[:jump_in_class] || cookies.signed[:jump_in_class]).constantize
-      id    = (session[:jump_in_id] || cookies.signed[:jump_in_id])
-      @current_user ||= klass.find_by_id(id)
+      return @current_user if defined?(@current_user)
+      @current_user = get_current_user
     end
 
     def logged_in?
       !!current_user
     end
 
+    # CLASS METHODS
+
+    module ClassMethods
+      def jumpin_callback(callback, method_to_be_called)
+        jumpin_constant = callback.upcase
+        unless constants.include?(jumpin_constant)
+          const_set(jumpin_constant, [])
+        end
+        const_get(jumpin_constant) << method_to_be_called
+      end
+
+      def jumpin_use(persistence:)
+        persistence.each do |symbol|
+          include(JumpIn::Authentication::Persistence
+            .const_get(symbol.capitalize))
+        end
+      end
+    end
+
+    # PRIVATE
+
     private
-    def session_or_cookies_set?
-      (session[:jump_in_id] && session[:jump_in_class]) ||
-      (cookies.signed[:jump_in_id] && cookies.signed[:jump_in_class])
+
+    def get_current_user
+      current_user = nil
+      self.class::GET_CURRENT_USER.each do |current_user_finder|
+        current_user = send(current_user_finder)
+        break if current_user
+      end
+      current_user
     end
 
-    def detected_strategy(user: user, params: params)
-      if strategy = STRATEGIES.detect { |strategy| strategy.detected?(params) }
-        strategy.new(user: user, params: params)
+    def detected_strategy(user:, auth_params:)
+      if the_strategy = JumpIn::Strategies::Base::STRATEGIES
+                        .detect { |strategy| strategy.detected?(auth_params) }
+        the_strategy.new(user: user, auth_params: auth_params)
       else
-        false
+        fail JumpIn::AuthenticationStrategyError
       end
     end
   end

data/lib/jump_in/password_reset.rb

@@ -1,7 +1,10 @@
+require 'jump_in/tokenator'
+
 module JumpIn
   module PasswordReset
+    include JumpIn::Tokenator
 
-# CREATING TOKEN
+    # CREATING TOKEN
     def set_password_reset_for(user:, token: nil)
       if token_uniq_or_empty?(user: user, token: token)
         set_token(user: user, token: token)
@@ -10,7 +13,7 @@ module JumpIn
       end
     end
 
-    def set_token(user:, token:)
+    def set_token(user:, token: nil)
       token ||= generate_unique_token_for(user: user)
       user.update_attribute(:password_reset_token, token)
     end
@@ -22,10 +25,6 @@ module JumpIn
       end
     end
 
-    def generate_token
-      JumpIn::Tokenizer.generate_token
-    end
-
     def token_uniq_or_empty?(user:, token:)
       (token && token_uniq?(user: user, token: token)) || token.nil?
     end
@@ -34,17 +33,18 @@ module JumpIn
       !user.class.where(password_reset_token: token).exists?
     end
 
-# RECEIVING TOKEN
-    def password_reset_valid?(password_reset_token:, expiration_time: 2.hours)
-      JumpIn::Tokenizer.decode_time(password_reset_token) > Time.now - expiration_time
+    # RECEIVING TOKEN
+    def password_reset_valid?(password_reset_token:)
+      decode_time(password_reset_token) > Time.now - JumpIn.conf.expiration_time
     end
 
-    def update_password_for(user:, password:, password_confirmation:, password_reset_token:)
-      if token_correct?(user_token: user.password_reset_token, received_token: password_reset_token)
-        user.update_attributes(password: password, password_confirmation: password_confirmation, password_reset_token: nil)
-      else
-        false
-      end
+    def update_password_for(user:, password:, password_confirmation:,
+                            password_reset_token:)
+      return false unless token_correct?(user_token: user.password_reset_token,
+                                         received_token: password_reset_token)
+      user.update_attributes(password: password,
+                             password_confirmation: password_confirmation,
+                             password_reset_token: nil)
     end
 
     def token_correct?(user_token:, received_token:)

data/lib/jump_in/persistence.rb

@@ -0,0 +1,2 @@
+require 'jump_in/authentication/session'
+require 'jump_in/authentication/cookies'

data/lib/jump_in/strategies/base.rb

@@ -0,0 +1,36 @@
+require 'jump_in/strategies'
+
+module JumpIn
+  module Strategies
+    class Base
+      STRATEGIES            = []
+      DETECTABLE_ATTRIBUTES = {}
+
+      def self.inherited(subclass)
+        STRATEGIES << subclass
+      end
+
+      def self.has_unique_attributes(unique_attributes)
+        unique_attributes.sort!
+        if DETECTABLE_ATTRIBUTES.values.include?(unique_attributes)
+          STRATEGIES.delete(name.constantize)
+          fail JumpIn::AttributesNotUnique
+        end
+        DETECTABLE_ATTRIBUTES[name.constantize] = unique_attributes
+      end
+
+      def self.detected?(auth_params)
+        auth_params.keys.sort == DETECTABLE_ATTRIBUTES[name.constantize]
+      end
+
+      def initialize(user:, auth_params:)
+        @user = user
+        @auth_params = auth_params
+      end
+
+      def authenticate_user
+        true
+      end
+    end
+  end
+end

data/lib/jump_in/strategies/by_password.rb

@@ -0,0 +1,13 @@
+require 'jump_in/strategies'
+
+module JumpIn
+  module Strategies
+    class ByPassword < Base
+      has_unique_attributes [:password]
+
+      def authenticate_user
+        @user.authenticate(@auth_params[:password]) ? true : false
+      end
+    end
+  end
+end

data/lib/jump_in/strategies.rb

@@ -0,0 +1,2 @@
+require 'jump_in/strategies/base'
+require 'jump_in/strategies/by_password'

data/lib/jump_in/tokenator.rb

@@ -0,0 +1,25 @@
+require 'base64'
+
+module JumpIn
+  module Tokenator
+    DELIMITER = '.'.freeze
+
+    def generate_token
+      Base64.urlsafe_encode64 [SecureRandom.hex(12), Time.now.xmlschema]
+        .join(DELIMITER)
+    end
+
+    def decode_and_split_token(token)
+      Base64.urlsafe_decode64(token).split(DELIMITER)
+    rescue
+      raise JumpIn::InvalidTokenError
+    end
+
+    def decode_time(token)
+      token_time = decode_and_split_token(token)[1]
+      Time.parse(token_time)
+    rescue
+      raise JumpIn::InvalidTokenError
+    end
+  end
+end

data/lib/jump_in/version.rb

@@ -1,3 +1,3 @@
 module JumpIn
-  VERSION = "0.0.1"
+  VERSION = '0.0.2'
 end

data/lib/jump_in.rb

@@ -1,8 +1,52 @@
-require "jump_in/version"
+require 'jump_in/version'
 require 'jump_in/authentication'
+require 'jump_in/authentication/session'
+require 'jump_in/authentication/cookies'
+require 'jump_in/strategies'
 require 'jump_in/password_reset'
-require 'jump_in/tokenizer'
+require 'jump_in/tokenator'
 
+# JumpIn top-level module
 module JumpIn
+  class Error < StandardError
+    def initialize
+      super(message)
+    end
+  end
 
+  class InvalidTokenError < Error
+    def message
+      'Invalid token passed.'
+    end
+  end
+
+  class AuthenticationStrategyError < Error
+    def message
+      'No authentication strategy detected.'
+    end
+  end
+
+  class AttributesNotUnique < Error
+    def message
+      'Custom authentication strategy attribute is not unique.'
+    end
+  end
+
+  def self.configure(&block)
+    yield(conf)
+  end
+
+  def self.conf
+    @configuration ||= Configuration.new
+  end
+
+  class Configuration
+    attr_accessor :permanent, :expires, :expiration_time
+
+    def initialize
+      @permanent       = false
+      @expires         = 20.years
+      @expiration_time = 2.hours
+    end
+  end
 end

data/spec/dummy/app/models/user_with_secure_password.rb

@@ -0,0 +1,3 @@
+class UserWithSecurePassword < ActiveRecord::Base
+  has_secure_password
+end

data/spec/dummy/db/migrate/20150908085412_rename_users_to_user_with_secure_passwords.rb

@@ -0,0 +1,5 @@
+class RenameUsersToUserWithSecurePasswords < ActiveRecord::Migration
+  def change
+    rename_table :users, :user_with_secure_passwords
+  end
+end

data/spec/dummy/db/schema.rb

@@ -11,9 +11,9 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20150717123339) do
+ActiveRecord::Schema.define(version: 20150908085412) do
 
-  create_table "users", force: :cascade do |t|
+  create_table "user_with_secure_passwords", force: :cascade do |t|
     t.string   "email"
     t.string   "password_digest"
     t.string   "name"