kingsman 0.0.0.beta → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -4
- data/app/controllers/kingsman/confirmations_controller.rb +54 -0
- data/app/controllers/kingsman/omniauth_callbacks_controller.rb +36 -0
- data/app/controllers/kingsman/passwords_controller.rb +83 -0
- data/app/controllers/kingsman/registrations_controller.rb +168 -0
- data/app/controllers/kingsman/sessions_controller.rb +83 -0
- data/app/controllers/kingsman/unlocks_controller.rb +52 -0
- data/app/controllers/kingsman_controller.rb +252 -0
- data/app/jobs/application_job.rb +2 -0
- data/app/mailers/kingsman/mailer.rb +30 -0
- data/app/views/kingsman/confirmations/new.html.erb +16 -0
- data/app/views/kingsman/home/index.html.erb +1 -0
- data/app/views/kingsman/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/kingsman/mailer/email_changed.html.erb +7 -0
- data/app/views/kingsman/mailer/password_change.html.erb +3 -0
- data/app/views/kingsman/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/kingsman/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/kingsman/passwords/edit.html.erb +25 -0
- data/app/views/kingsman/passwords/new.html.erb +16 -0
- data/app/views/kingsman/registrations/edit.html.erb +42 -0
- data/app/views/kingsman/registrations/new.html.erb +29 -0
- data/app/views/kingsman/sessions/new.html.erb +26 -0
- data/app/views/kingsman/shared/_error_messages.html.erb +15 -0
- data/app/views/kingsman/shared/_links.html.erb +25 -0
- data/app/views/kingsman/unlocks/new.html.erb +16 -0
- data/app/views/kingsman/up/index.html.erb +11 -0
- data/config/application.rb +0 -0
- data/config/locales/en.yml +63 -0
- data/config.ru +6 -0
- data/lib/generators/active_record/kingsman_generator.rb +127 -0
- data/lib/generators/active_record/templates/migration.rb +20 -0
- data/lib/generators/active_record/templates/migration_existing.rb +27 -0
- data/lib/generators/kingsman/controllers_generator.rb +46 -0
- data/lib/generators/kingsman/install_generator.rb +42 -0
- data/lib/generators/kingsman/kingsman_generator.rb +28 -0
- data/lib/generators/kingsman/orm_helpers.rb +40 -0
- data/lib/generators/kingsman/views_generator.rb +145 -0
- data/lib/generators/mongoid/kingsman_generator.rb +57 -0
- data/lib/generators/templates/README +36 -0
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/kingsman.rb +313 -0
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +20 -0
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +27 -0
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +18 -0
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +35 -0
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +25 -0
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +20 -0
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +19 -0
- data/lib/kingsman/autoloader.rb +31 -0
- data/lib/kingsman/controllers/helpers.rb +221 -0
- data/lib/kingsman/controllers/rememberable.rb +57 -0
- data/lib/kingsman/controllers/responder.rb +35 -0
- data/lib/kingsman/controllers/scoped_views.rb +19 -0
- data/lib/kingsman/controllers/sign_in_out.rb +112 -0
- data/lib/kingsman/controllers/store_location.rb +76 -0
- data/lib/kingsman/controllers/url_helpers.rb +72 -0
- data/lib/kingsman/delegator.rb +18 -0
- data/lib/kingsman/encryptor.rb +19 -0
- data/lib/kingsman/failure_app.rb +280 -0
- data/lib/kingsman/hooks/activatable.rb +12 -0
- data/lib/kingsman/hooks/csrf_cleaner.rb +14 -0
- data/lib/kingsman/hooks/forgetable.rb +11 -0
- data/lib/kingsman/hooks/lockable.rb +9 -0
- data/lib/kingsman/hooks/proxy.rb +23 -0
- data/lib/kingsman/hooks/rememberable.rb +9 -0
- data/lib/kingsman/hooks/timeoutable.rb +35 -0
- data/lib/kingsman/hooks/trackable.rb +11 -0
- data/lib/kingsman/hooks.rb +6 -0
- data/lib/kingsman/jets/routes.rb +195 -0
- data/lib/kingsman/jets/warden_compat.rb +15 -0
- data/lib/kingsman/jets.rb +39 -0
- data/lib/kingsman/mailers/helpers.rb +93 -0
- data/lib/kingsman/mapping.rb +148 -0
- data/lib/kingsman/models/authenticatable.rb +310 -0
- data/lib/kingsman/models/confirmable.rb +369 -0
- data/lib/kingsman/models/database_authenticatable.rb +206 -0
- data/lib/kingsman/models/lockable.rb +214 -0
- data/lib/kingsman/models/omniauthable.rb +29 -0
- data/lib/kingsman/models/recoverable.rb +156 -0
- data/lib/kingsman/models/registerable.rb +29 -0
- data/lib/kingsman/models/rememberable.rb +158 -0
- data/lib/kingsman/models/timeoutable.rb +45 -0
- data/lib/kingsman/models/trackable.rb +51 -0
- data/lib/kingsman/models/validatable.rb +68 -0
- data/lib/kingsman/models.rb +122 -0
- data/lib/kingsman/modules.rb +33 -0
- data/lib/kingsman/omniauth/config.rb +47 -0
- data/lib/kingsman/omniauth/url_helpers.rb +28 -0
- data/lib/kingsman/omniauth.rb +20 -0
- data/lib/kingsman/orm/active_record.rb +13 -0
- data/lib/kingsman/orm/mongoid.rb +8 -0
- data/lib/kingsman/orm.rb +37 -0
- data/lib/kingsman/parameter_filter.rb +44 -0
- data/lib/kingsman/parameter_sanitizer.rb +173 -0
- data/lib/kingsman/secret_key_finder.rb +27 -0
- data/lib/kingsman/strategies/authenticatable.rb +178 -0
- data/lib/kingsman/strategies/base.rb +22 -0
- data/lib/kingsman/strategies/database_authenticatable.rb +31 -0
- data/lib/kingsman/strategies/rememberable.rb +67 -0
- data/lib/kingsman/token_generator.rb +32 -0
- data/lib/kingsman/version.rb +1 -1
- data/lib/kingsman.rb +427 -3
- metadata +289 -11
data/lib/kingsman.rb
CHANGED
@@ -1,8 +1,432 @@
|
|
1
|
-
|
1
|
+
$:.unshift(File.expand_path("../", __FILE__))
|
2
2
|
|
3
|
-
|
3
|
+
require "kingsman/autoloader"
|
4
|
+
Kingsman::Autoloader.setup
|
5
|
+
|
6
|
+
require "memoist"
|
7
|
+
require "rainbow/ext/string"
|
8
|
+
require "jets-responders"
|
4
9
|
|
5
10
|
module Kingsman
|
6
11
|
class Error < StandardError; end
|
7
|
-
|
12
|
+
|
13
|
+
ALL = []
|
14
|
+
CONTROLLERS = {}
|
15
|
+
ROUTES = {}
|
16
|
+
STRATEGIES = {}
|
17
|
+
URL_HELPERS = {}
|
18
|
+
|
19
|
+
# Strategies that do not require user input.
|
20
|
+
NO_INPUT = []
|
21
|
+
|
22
|
+
# True values used to check params
|
23
|
+
TRUE_VALUES = [true, 1, '1', 't', 'T', 'true', 'TRUE']
|
24
|
+
|
25
|
+
# Secret key used by the key generator
|
26
|
+
mattr_accessor :secret_key
|
27
|
+
@@secret_key = nil
|
28
|
+
|
29
|
+
# Custom domain or key for cookies. Not set by default
|
30
|
+
mattr_accessor :rememberable_options
|
31
|
+
@@rememberable_options = {}
|
32
|
+
|
33
|
+
# The number of times to hash the password.
|
34
|
+
mattr_accessor :stretches
|
35
|
+
@@stretches = 12
|
36
|
+
|
37
|
+
# The default key used when authenticating over http auth.
|
38
|
+
mattr_accessor :http_authentication_key
|
39
|
+
@@http_authentication_key = nil
|
40
|
+
|
41
|
+
# Keys used when authenticating a user.
|
42
|
+
mattr_accessor :authentication_keys
|
43
|
+
@@authentication_keys = [:email]
|
44
|
+
|
45
|
+
# Request keys used when authenticating a user.
|
46
|
+
mattr_accessor :request_keys
|
47
|
+
@@request_keys = []
|
48
|
+
|
49
|
+
# Keys that should be case-insensitive.
|
50
|
+
mattr_accessor :case_insensitive_keys
|
51
|
+
@@case_insensitive_keys = [:email]
|
52
|
+
|
53
|
+
# Keys that should have whitespace stripped.
|
54
|
+
mattr_accessor :strip_whitespace_keys
|
55
|
+
@@strip_whitespace_keys = [:email]
|
56
|
+
|
57
|
+
# If http authentication is enabled by default.
|
58
|
+
mattr_accessor :http_authenticatable
|
59
|
+
@@http_authenticatable = false
|
60
|
+
|
61
|
+
# If http headers should be returned for ajax requests. True by default.
|
62
|
+
mattr_accessor :http_authenticatable_on_xhr
|
63
|
+
@@http_authenticatable_on_xhr = true
|
64
|
+
|
65
|
+
# If params authenticatable is enabled by default.
|
66
|
+
mattr_accessor :params_authenticatable
|
67
|
+
@@params_authenticatable = true
|
68
|
+
|
69
|
+
# The realm used in Http Basic Authentication.
|
70
|
+
mattr_accessor :http_authentication_realm
|
71
|
+
@@http_authentication_realm = "Application"
|
72
|
+
|
73
|
+
# Email regex used to validate email formats. It asserts that there are no
|
74
|
+
# @ symbols or whitespaces in either the localpart or the domain, and that
|
75
|
+
# there is a single @ symbol separating the localpart and the domain.
|
76
|
+
mattr_accessor :email_regexp
|
77
|
+
@@email_regexp = /\A[^@\s]+@[^@\s]+\z/
|
78
|
+
|
79
|
+
# Range validation for password length
|
80
|
+
mattr_accessor :password_length
|
81
|
+
@@password_length = 6..128
|
82
|
+
|
83
|
+
# The time the user will be remembered without asking for credentials again.
|
84
|
+
mattr_accessor :remember_for
|
85
|
+
@@remember_for = 2.weeks
|
86
|
+
|
87
|
+
# If true, extends the user's remember period when remembered via cookie.
|
88
|
+
mattr_accessor :extend_remember_period
|
89
|
+
@@extend_remember_period = false
|
90
|
+
|
91
|
+
# If true, all the remember me tokens are going to be invalidated when the user signs out.
|
92
|
+
mattr_accessor :expire_all_remember_me_on_sign_out
|
93
|
+
@@expire_all_remember_me_on_sign_out = true
|
94
|
+
|
95
|
+
# Time interval you can access your account before confirming your account.
|
96
|
+
# nil - allows unconfirmed access for unlimited time
|
97
|
+
mattr_accessor :allow_unconfirmed_access_for
|
98
|
+
@@allow_unconfirmed_access_for = 0.days
|
99
|
+
|
100
|
+
# Time interval the confirmation token is valid. nil = unlimited
|
101
|
+
mattr_accessor :confirm_within
|
102
|
+
@@confirm_within = nil
|
103
|
+
|
104
|
+
# Defines which key will be used when confirming an account.
|
105
|
+
mattr_accessor :confirmation_keys
|
106
|
+
@@confirmation_keys = [:email]
|
107
|
+
|
108
|
+
# Defines if email should be reconfirmable.
|
109
|
+
mattr_accessor :reconfirmable
|
110
|
+
@@reconfirmable = true
|
111
|
+
|
112
|
+
# Time interval to timeout the user session without activity.
|
113
|
+
mattr_accessor :timeout_in
|
114
|
+
@@timeout_in = 30.minutes
|
115
|
+
|
116
|
+
# Used to hash the password. Please generate one with rails secret.
|
117
|
+
mattr_accessor :pepper
|
118
|
+
@@pepper = nil
|
119
|
+
|
120
|
+
# Used to send notification to the original user email when their email is changed.
|
121
|
+
mattr_accessor :send_email_changed_notification
|
122
|
+
@@send_email_changed_notification = false
|
123
|
+
|
124
|
+
# Used to enable sending notification to user when their password is changed.
|
125
|
+
mattr_accessor :send_password_change_notification
|
126
|
+
@@send_password_change_notification = false
|
127
|
+
|
128
|
+
# Scoped views. Since it relies on fallbacks to render default views, it's
|
129
|
+
# turned off by default.
|
130
|
+
mattr_accessor :scoped_views
|
131
|
+
@@scoped_views = false
|
132
|
+
|
133
|
+
# Defines which strategy can be used to lock an account.
|
134
|
+
# Values: :failed_attempts, :none
|
135
|
+
mattr_accessor :lock_strategy
|
136
|
+
@@lock_strategy = :failed_attempts
|
137
|
+
|
138
|
+
# Defines which key will be used when locking and unlocking an account
|
139
|
+
mattr_accessor :unlock_keys
|
140
|
+
@@unlock_keys = [:email]
|
141
|
+
|
142
|
+
# Defines which strategy can be used to unlock an account.
|
143
|
+
# Values: :email, :time, :both
|
144
|
+
mattr_accessor :unlock_strategy
|
145
|
+
@@unlock_strategy = :both
|
146
|
+
|
147
|
+
# Number of authentication tries before locking an account
|
148
|
+
mattr_accessor :maximum_attempts
|
149
|
+
@@maximum_attempts = 20
|
150
|
+
|
151
|
+
# Time interval to unlock the account if :time is defined as unlock_strategy.
|
152
|
+
mattr_accessor :unlock_in
|
153
|
+
@@unlock_in = 1.hour
|
154
|
+
|
155
|
+
# Defines which key will be used when recovering the password for an account
|
156
|
+
mattr_accessor :reset_password_keys
|
157
|
+
@@reset_password_keys = [:email]
|
158
|
+
|
159
|
+
# Time interval you can reset your password with a reset password key
|
160
|
+
mattr_accessor :reset_password_within
|
161
|
+
@@reset_password_within = 6.hours
|
162
|
+
|
163
|
+
# When set to false, resetting a password does not automatically sign in a user
|
164
|
+
mattr_accessor :sign_in_after_reset_password
|
165
|
+
@@sign_in_after_reset_password = true
|
166
|
+
|
167
|
+
# The default scope which is used by warden.
|
168
|
+
mattr_accessor :default_scope
|
169
|
+
@@default_scope = nil
|
170
|
+
|
171
|
+
# Address which sends Kingsman e-mails.
|
172
|
+
mattr_accessor :mailer_sender
|
173
|
+
@@mailer_sender = nil
|
174
|
+
|
175
|
+
# Skip session storage for the following strategies
|
176
|
+
mattr_accessor :skip_session_storage
|
177
|
+
@@skip_session_storage = [:http_auth]
|
178
|
+
|
179
|
+
# Which formats should be treated as navigational.
|
180
|
+
mattr_accessor :navigational_formats
|
181
|
+
@@navigational_formats = ["*/*", :html, :turbo_stream]
|
182
|
+
|
183
|
+
# The default responder used by Kingsman, used to customize status codes with:
|
184
|
+
#
|
185
|
+
# `config.responder.error_status`
|
186
|
+
# `config.responder.redirect_status`
|
187
|
+
#
|
188
|
+
# Can be replaced by a custom application responder.
|
189
|
+
mattr_accessor :responder
|
190
|
+
@@responder = Kingsman::Controllers::Responder
|
191
|
+
|
192
|
+
# When set to true, signing out a user signs out all other scopes.
|
193
|
+
mattr_accessor :sign_out_all_scopes
|
194
|
+
@@sign_out_all_scopes = true
|
195
|
+
|
196
|
+
# The default method used while signing out
|
197
|
+
mattr_accessor :sign_out_via
|
198
|
+
@@sign_out_via = :delete
|
199
|
+
|
200
|
+
# The parent controller all Kingsman controllers inherits from.
|
201
|
+
# Defaults to ApplicationController. This should be set early
|
202
|
+
# in the initialization process and should be set to a string.
|
203
|
+
mattr_accessor :parent_controller
|
204
|
+
@@parent_controller = "ApplicationController"
|
205
|
+
|
206
|
+
# The parent mailer all Kingsman mailers inherit from.
|
207
|
+
# Defaults to ActionMailer::Base. This should be set early
|
208
|
+
# in the initialization process and should be set to a string.
|
209
|
+
mattr_accessor :parent_mailer
|
210
|
+
@@parent_mailer = "ActionMailer::Base"
|
211
|
+
|
212
|
+
# The router Kingsman should use to generate routes. Defaults
|
213
|
+
# to :main_app. Should be overridden by engines in order
|
214
|
+
# to provide custom routes.
|
215
|
+
mattr_accessor :router_name
|
216
|
+
@@router_name = nil
|
217
|
+
|
218
|
+
# Set the OmniAuth path prefix so it can be overridden when
|
219
|
+
# Kingsman is used in a mountable engine
|
220
|
+
mattr_accessor :omniauth_path_prefix
|
221
|
+
@@omniauth_path_prefix = nil
|
222
|
+
|
223
|
+
# Set if we should clean up the CSRF Token on authentication
|
224
|
+
mattr_accessor :clean_up_csrf_token_on_authentication
|
225
|
+
@@clean_up_csrf_token_on_authentication = true
|
226
|
+
|
227
|
+
# When false, Kingsman will not attempt to reload routes on eager load.
|
228
|
+
# This can reduce the time taken to boot the app but if your application
|
229
|
+
# requires the Kingsman mappings to be loaded during boot time the application
|
230
|
+
# won't boot properly.
|
231
|
+
mattr_accessor :reload_routes
|
232
|
+
@@reload_routes = true
|
233
|
+
|
234
|
+
# PRIVATE CONFIGURATION
|
235
|
+
|
236
|
+
# Store scopes mappings.
|
237
|
+
mattr_reader :mappings
|
238
|
+
@@mappings = {}
|
239
|
+
|
240
|
+
# OmniAuth configurations.
|
241
|
+
mattr_reader :omniauth_configs
|
242
|
+
@@omniauth_configs = {}
|
243
|
+
|
244
|
+
# Private methods to interface with Warden.
|
245
|
+
mattr_accessor :warden_config
|
246
|
+
@@warden_config = nil
|
247
|
+
@@warden_config_blocks = []
|
248
|
+
|
249
|
+
# When true, enter in paranoid mode to avoid user enumeration.
|
250
|
+
mattr_accessor :paranoid
|
251
|
+
@@paranoid = false
|
252
|
+
|
253
|
+
# When true, warn user if they just used next-to-last attempt of authentication
|
254
|
+
mattr_accessor :last_attempt_warning
|
255
|
+
@@last_attempt_warning = true
|
256
|
+
|
257
|
+
# Stores the token generator
|
258
|
+
mattr_accessor :token_generator
|
259
|
+
@@token_generator = nil
|
260
|
+
|
261
|
+
# When set to false, changing a password does not automatically sign in a user
|
262
|
+
mattr_accessor :sign_in_after_change_password
|
263
|
+
@@sign_in_after_change_password = true
|
264
|
+
|
265
|
+
def self.available_router_name
|
266
|
+
router_name || :main_app
|
267
|
+
end
|
268
|
+
|
269
|
+
def self.omniauth_providers
|
270
|
+
omniauth_configs.keys
|
271
|
+
end
|
272
|
+
|
273
|
+
# Get the mailer class from the mailer reference object.
|
274
|
+
def self.mailer
|
275
|
+
@@mailer_ref.constantize
|
276
|
+
end
|
277
|
+
|
278
|
+
# Set the mailer reference object to access the mailer.
|
279
|
+
def self.mailer=(class_name)
|
280
|
+
@@mailer_ref = class_name
|
281
|
+
end
|
282
|
+
self.mailer = "Kingsman::Mailer"
|
283
|
+
|
284
|
+
def self.add_mapping(resource, options)
|
285
|
+
mapping = Mapping.new(resource, options)
|
286
|
+
@@mappings[mapping.name] = mapping
|
287
|
+
@@default_scope ||= mapping.name
|
288
|
+
Kingsman::Controllers::Helpers.define_helpers(mapping)
|
289
|
+
mapping # important to return the mapping
|
290
|
+
end
|
291
|
+
|
292
|
+
def self.add_module(module_name, options = {})
|
293
|
+
ALL.insert (options[:insert_at] || -1), module_name
|
294
|
+
|
295
|
+
if strategy = options[:strategy]
|
296
|
+
strategy = (strategy == true ? module_name : strategy)
|
297
|
+
STRATEGIES[module_name] = strategy
|
298
|
+
end
|
299
|
+
|
300
|
+
if controller = options[:controller]
|
301
|
+
controller = (controller == true ? module_name : controller)
|
302
|
+
CONTROLLERS[module_name] = controller
|
303
|
+
end
|
304
|
+
|
305
|
+
NO_INPUT << strategy if options[:no_input]
|
306
|
+
|
307
|
+
if route = options[:route]
|
308
|
+
case route
|
309
|
+
when TrueClass
|
310
|
+
key, value = module_name, []
|
311
|
+
when Symbol
|
312
|
+
key, value = route, []
|
313
|
+
when Hash
|
314
|
+
key, value = route.keys.first, route.values.flatten
|
315
|
+
else
|
316
|
+
raise ArgumentError, ":route should be true, a Symbol or a Hash"
|
317
|
+
end
|
318
|
+
|
319
|
+
URL_HELPERS[key] ||= []
|
320
|
+
URL_HELPERS[key].concat(value)
|
321
|
+
URL_HELPERS[key].uniq!
|
322
|
+
|
323
|
+
ROUTES[module_name] = key
|
324
|
+
end
|
325
|
+
|
326
|
+
if options[:model]
|
327
|
+
path = (options[:model] == true ? "kingsman/models/#{module_name}" : options[:model])
|
328
|
+
camelized = ActiveSupport::Inflector.camelize(module_name.to_s)
|
329
|
+
Kingsman::Models.send(:autoload, camelized.to_sym, path)
|
330
|
+
end
|
331
|
+
|
332
|
+
Kingsman::Mapping.add_module module_name
|
333
|
+
end
|
334
|
+
|
335
|
+
# Sets warden configuration using a block that will be invoked on warden
|
336
|
+
# initialization.
|
337
|
+
#
|
338
|
+
# Kingsman.setup do |config|
|
339
|
+
# config.allow_unconfirmed_access_for = 2.days
|
340
|
+
#
|
341
|
+
# config.warden do |manager|
|
342
|
+
# # Configure warden to use other strategies, like oauth.
|
343
|
+
# manager.oauth(:twitter)
|
344
|
+
# end
|
345
|
+
# end
|
346
|
+
def self.warden(&block)
|
347
|
+
@@warden_config_blocks << block
|
348
|
+
end
|
349
|
+
|
350
|
+
# Specify an OmniAuth provider.
|
351
|
+
#
|
352
|
+
# config.omniauth :github, APP_ID, APP_SECRET
|
353
|
+
#
|
354
|
+
def self.omniauth(provider, *args)
|
355
|
+
config = Kingsman::OmniAuth::Config.new(provider, args)
|
356
|
+
@@omniauth_configs[config.strategy_name.to_sym] = config
|
357
|
+
end
|
358
|
+
|
359
|
+
# Include helpers in the given scope to AC and AV.
|
360
|
+
def self.include_helpers(scope)
|
361
|
+
ActiveSupport.on_load(:jets_controller) do
|
362
|
+
include scope::Helpers if defined?(scope::Helpers)
|
363
|
+
include scope::UrlHelpers
|
364
|
+
end
|
365
|
+
|
366
|
+
ActiveSupport.on_load(:action_view) do
|
367
|
+
include scope::UrlHelpers
|
368
|
+
end
|
369
|
+
end
|
370
|
+
|
371
|
+
# Regenerates url helpers considering Kingsman.mapping
|
372
|
+
def self.regenerate_helpers!
|
373
|
+
Kingsman::Controllers::UrlHelpers.remove_helpers!
|
374
|
+
Kingsman::Controllers::UrlHelpers.generate_helpers!
|
375
|
+
end
|
376
|
+
|
377
|
+
# A method used internally to complete the setup of warden manager after routes are loaded.
|
378
|
+
# See lib/kingsman/rails/routes.rb - ActionDispatch::Routing::RouteSet#finalize_with_kingsman!
|
379
|
+
def self.configure_warden! #:nodoc:
|
380
|
+
@@warden_configured ||= begin
|
381
|
+
# warden_config.failure_app = Kingsman::SessionsController.action(:unauthenticated)
|
382
|
+
warden_config.failure_app = Kingsman::Delegator.new
|
383
|
+
warden_config.default_scope = Kingsman.default_scope
|
384
|
+
warden_config.intercept_401 = false
|
385
|
+
|
386
|
+
Kingsman.mappings.each_value do |mapping|
|
387
|
+
warden_config.scope_defaults mapping.name, strategies: mapping.strategies
|
388
|
+
|
389
|
+
warden_config.serialize_into_session(mapping.name) do |record|
|
390
|
+
mapping.to.serialize_into_session(record)
|
391
|
+
end
|
392
|
+
|
393
|
+
warden_config.serialize_from_session(mapping.name) do |args|
|
394
|
+
mapping.to.serialize_from_session(*args)
|
395
|
+
end
|
396
|
+
end
|
397
|
+
|
398
|
+
@@warden_config_blocks.map { |block| block.call Kingsman.warden_config }
|
399
|
+
true
|
400
|
+
end
|
401
|
+
end
|
402
|
+
|
403
|
+
# Generate a friendly string randomly to be used as token.
|
404
|
+
# By default, length is 20 characters.
|
405
|
+
def self.friendly_token(length = 20)
|
406
|
+
# To calculate real characters, we must perform this operation.
|
407
|
+
# See SecureRandom.urlsafe_base64
|
408
|
+
rlength = (length * 3) / 4
|
409
|
+
SecureRandom.urlsafe_base64(rlength).tr('lIO0', 'sxyz')
|
410
|
+
end
|
411
|
+
|
412
|
+
# constant-time comparison algorithm to prevent timing attacks
|
413
|
+
def self.secure_compare(a, b)
|
414
|
+
return false if a.blank? || b.blank? || a.bytesize != b.bytesize
|
415
|
+
l = a.unpack "C#{a.bytesize}"
|
416
|
+
|
417
|
+
res = 0
|
418
|
+
b.each_byte { |byte| res |= byte ^ l.shift }
|
419
|
+
res == 0
|
420
|
+
end
|
421
|
+
|
422
|
+
# Default way to set up Kingsman. Run jets generate kingsman:install to create
|
423
|
+
# a fresh initializer with all configuration values.
|
424
|
+
def self.setup
|
425
|
+
yield self
|
426
|
+
end
|
8
427
|
end
|
428
|
+
|
429
|
+
require "warden"
|
430
|
+
require "kingsman/models"
|
431
|
+
require "kingsman/modules"
|
432
|
+
require "kingsman/jets"
|