keymail 0.1.0.alpha

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 27eb94dace9047e8ee9590838a3aa0cc1bd116e3
+  data.tar.gz: e150538b21fd388c3dc30beda2c620588e0fce18
+SHA512:
+  metadata.gz: 1dbd15c467cc8b5b94abbfadd8561f1b9c5df4d494e8f851e49a6ba2805c3da6522cd5c8fe2f3de0c3cfc127bac854b1df2722451705609e84205df78bec91f1
+  data.tar.gz: abe14eb3f023a197a6caf52599a89f68ecbee689b37cda73aa426930b86e046008cd9fe01c330c970eadafc9308ad324f05775b0dc20476b9d4132c6e7f2cb00

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Jimmy Börjesson
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,65 @@
+# Keymail
+
+[![Build Status](https://travis-ci.org/alcesleo/keymail.svg?branch=dev)](https://travis-ci.org/alcesleo/keymail)
+[![Coverage Status](https://coveralls.io/repos/alcesleo/keymail/badge.png?branch=dev)](https://coveralls.io/r/alcesleo/keymail?branch=dev)
+
+**UNDER CONSTRUCTION** - the contents of this file are written ahead of their implementation.
+
+**Keymail is a simple password-replacement gem for Rails apps.**
+
+Instead of using passwords to log in your users, it takes only an **email**
+and sends a message like this:
+
+> #### This email was sent to you by [KeymailExample](http://keymail-example.herokuapp.com)
+>
+> To log in, simply click this link:
+>
+>    &nbsp;&nbsp;&nbsp;&nbsp;<http://keymail-example.herokuapp.com/auth/A8D6mZOY2O8hDla2o8T2JQ>
+>
+> If you want to log in on a different device than you received this email on, use this security code instead:
+>
+>    &nbsp;&nbsp;&nbsp;&nbsp;**7203931**
+>
+> _(This is useful for example if you want to log in to a friends computer and receive emails on your phone)_
+>
+> The codes above are valid until _2014-04-10 18:35_
+
+This frees you both from the trouble of managing passwords, and the risk of delegating to a third party (like OAuth).
+
+Inspired by [this article](http://notes.xoxco.com/post/27999787765/is-it-time-for-password-less-login).
+
+## Example
+
+There is a [running example](http://keymail-example.herokuapp.com/) with [source code](https://github.com/alcesleo/keymail-example) available to look at.
+
+## Documentation
+
+[Documentation can be found here](http://alcesleo.github.io/keymail/).
+
+## Configuration
+
+TODO
+
+- Install the gem
+- customize email message
+- length of passcodes
+- turn off passcodes (just ignore it in templates?)
+- set length of expiration time
+- redirect on login
+- `first_login?` to redirect to registration forms
+
+## Installation
+
+See the [documentation] for more information
+
+- setup emailing
+
+## Security
+
+- Cookie stealing, always use https
+- open source secret_token.rb
+
+## Releases
+
+Follow [SemVer](http://semver.org/)
+

data/Rakefile

@@ -0,0 +1,33 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+desc 'Opens the Coverage statistics'
+task :coverage do
+  if File.exists?('coverage/index.html')
+    `open coverage/index.html`
+  else
+    puts 'No coverage info generated, run the tests first!'
+  end
+end
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/controllers/keymail/application_controller.rb

@@ -0,0 +1,4 @@
+module Keymail
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/mailers/keymail/auth_mailer.rb

@@ -0,0 +1,16 @@
+module Keymail
+  class AuthMailer < ActionMailer::Base
+    default from: "from@example.com"
+
+    # Subject can be set in your I18n file at config/locales/en.yml
+    # with the following lookup:
+    #
+    #   en.auth_mailer.log_in.subject
+    #
+    def log_in token
+      @token = token
+
+      mail to: token.email
+    end
+  end
+end

data/app/models/keymail/auth.rb

@@ -0,0 +1,44 @@
+module Keymail
+  module Auth
+    def self.request(email)
+      # TODO: initializers for expires_at
+      token = Token.create(email: 'whatever', expires_at: 10.minutes.since)
+      AuthMailer.log_in(token).deliver
+    end
+
+    def self.verify_url_key(url_key)
+      token = Token.find_by(url_key: url_key)
+      token.destroy! unless token.nil?
+
+      return Failure.new if token.nil?
+      return Expired.new(token) if token.expired?
+
+      Success.new(token)
+    end
+  end
+
+  class TokenResponse
+    def initialize(token)
+      @token = token
+    end
+    delegate :email, :expired?, to: :@token
+  end
+
+  class Success < TokenResponse
+    def authenticated?
+      true
+    end
+  end
+
+  class Expired < TokenResponse
+    def authenticated?
+      false
+    end
+  end
+
+  class Failure
+    def authenticated?
+      false
+    end
+  end
+end

data/app/models/keymail/token.rb

@@ -0,0 +1,22 @@
+module Keymail
+  class Token < ActiveRecord::Base
+    before_create :generate_token
+
+    validates_presence_of :email
+    validates_presence_of :expires_at
+
+    def expired?
+      expires_at.past?
+    end
+
+    def url
+      Keymail::Engine.routes.url_helpers.authentication_link_url(url_key, host: 'localhost:3000')
+    end
+
+    def generate_token
+      begin
+        self.url_key = SecureRandom.urlsafe_base64
+      end while Token.exists?(url_key: self.url_key)
+    end
+  end
+end

data/app/views/keymail/auth_mailer/log_in.text.erb

@@ -0,0 +1,5 @@
+To log in, simply click this link:
+
+<%= @token.url %>
+
+This keymail is valid until <%= @token.expires_at %>

data/config/routes.rb

@@ -0,0 +1,3 @@
+Keymail::Engine.routes.draw do
+  get 'auth/:url_key' => 'authentication#not_yet_implemented', as: 'authentication_link'
+end

data/db/migrate/20140414074140_create_keymail_tokens.rb

@@ -0,0 +1,11 @@
+class CreateKeymailTokens < ActiveRecord::Migration
+  def change
+    create_table :keymail_tokens do |t|
+      t.string :email
+      t.string :url_key
+      t.datetime :expires_at
+
+      t.timestamps
+    end
+  end
+end

data/lib/keymail.rb

@@ -0,0 +1,4 @@
+require "keymail/engine"
+
+module Keymail
+end

data/lib/keymail/engine.rb

@@ -0,0 +1,9 @@
+module Keymail
+  class Engine < ::Rails::Engine
+    isolate_namespace Keymail
+
+    config.generators do |g|
+      g.test_framework nil
+    end
+  end
+end

data/lib/keymail/version.rb

@@ -0,0 +1,3 @@
+module Keymail
+  VERSION = "0.1.0.alpha"
+end

data/lib/tasks/keymail_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :keymail do
+#   # Task goes here
+# end

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Dummy::Application.load_tasks

data/test/dummy/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/test/dummy/app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Dummy</title>
+  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
+  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/test/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/test/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/test/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Rails.application

data/test/dummy/config/application.rb

@@ -0,0 +1,23 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+Bundler.require(*Rails.groups)
+require "keymail"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end
+

data/test/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/test/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000
+
+production:
+  adapter: sqlite3
+  database: db/production.sqlite3
+  pool: 5
+  timeout: 5000