knock_once 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3e1ee1a4bfcaa9e4488162846e441581bb26c26e
+  data.tar.gz: 21858d81ee43780b5df9cdd4edeed77596e02d20
+SHA512:
+  metadata.gz: ab78c146dc10fdfff5bf338bf56a34dbcb78b26a8106e91228ca5d5ce5ad8d2bc70764e45367ecc5124acb58dadc6932e8a454f1e82b3f504eb3f3936b4d0f62
+  data.tar.gz: 5e26f6aafe38cb4b0e9cd66fe965ecdc6225f2878c6aa571f2507cddd165a1f64ab364de5f887c2a0979da7aed533a57a5eb98c6ec750ffdf3712f0329aaeb9f

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2017 Nicholas Shirley
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,43 @@
+# KnockOnce
+knock_once is a user auth gem built on top of [knock](https://github.com/nsarno/knock). The goals of knock_once are twofold:
+* Provide the minimum functionality required to register, authenticate, and reset user passwords. In this sense, minimum means only basic functionality which should apply to the largest number of users.
+* Provide easy extensibility and customization. Because the first goal is to provide only basic auth, it's expected that all or most users will want to add or modify functionality and development choices in this gem should be made with this in mind.
+
+Though it is not released now, it is planned to have additional functionality available either here or through additional gems (e.g. confirming users, lockable accounts...). The goal here is to provide much of the functionality available in other packages, such as [devise](https://github.com/plataformatec/devise) and [devise_token_auth](https://github.com/lynndylanhurley/devise_token_auth), using JWT.
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'knock_once'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install knock_once
+```
+
+Mount the gem in our `routes.rb` file:
+
+```ruby
+mount KnockOnce::Engine, at: '/auth'
+```
+
+Then run generators to generate migration
+```
+rails g knock_once:install
+```
+
+## Current state
+The gem has been extracted from a test project and as such has very little configurability (but it works at least within those parameters). The primary next steps are to add user configuration options, additional documentation, add tests for current functionality and improve the generators.
+
+## Contributing
+Pull requests are very welcome.
+
+## License
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,36 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'KnockOnce'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+require 'bundler/gem_tasks'
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/controllers/knock_once/application_controller.rb

@@ -0,0 +1,5 @@
+module KnockOnce
+  class ApplicationController < ActionController::API
+    include Knock::Authenticable
+  end
+end

data/app/controllers/knock_once/passwords_controller.rb

@@ -0,0 +1,75 @@
+require_dependency "knock_once/application_controller"
+
+module KnockOnce
+  class PasswordsController < ApplicationController
+    before_action :authenticate_user, except: [:create, :edit, :validate]
+    include ActiveModel::SecurePassword
+
+    def create
+      @user = User.find_by_email(params[:email])
+      # if valid user
+      if @user
+        # generate a new token and save
+        Password.save_token_and_expiry(@user)
+        Password.email_reset(@user.email)
+        render status: 200, json: {
+          message: 'Your request has been received. If we have an email matching that account you will receive link to reset your password.'
+        }
+      # if invalid user
+      else
+        render status: 200, json: {
+          message: 'Your request has been received. If we have an email matching that account you will receive link to reset your password.'
+        }
+      end
+    end
+
+    def validate
+      @token = params[:token]
+      @user = User.find_by_password_reset_token(@token)
+      if @user && Time.now < @user.password_token_expiry
+        render status: 202
+      else
+        render status: 404, json: { message: 'Looks like something went wrong' }
+      end
+    end
+
+    def edit
+      @token = params[:token]
+      @user = User.find_by_password_reset_token(@token)
+
+      if @user && Time.now < @user.password_token_expiry
+        if @user.update(password: params[:password], password_confirmation: params[:password_confirmation])
+          render status: 200, json: { message: 'Your password has been updated' }
+          # delete token and exiry on successful update
+          @user.update(password_reset_token: nil, password_token_expiry: nil)
+        else
+          render status: :unprocessable_entity, json: @user.errors.full_messages
+        end
+      else
+        render status: :expectation_failed, json: { message: 'Looks like something went wrong' }
+      end
+    end
+
+    def update
+      @user = current_user
+      if @user.authenticate(params[:current_password])
+        if @user.update(password_params)
+          render json: {
+            user: @user,
+            message: 'Your password has been udpated!'
+          }
+        else
+          render json: @user.errors.full_messages, status: :unprocessable_entity
+        end
+      else
+        render status: :unprocessable_entity, json: ['Current password is incorrect']
+      end
+    end
+
+    private
+
+    def password_params
+      params.permit(:password, :password_confirmation, :current_password, :email, :token)
+    end
+  end
+end

data/app/controllers/knock_once/user_token_controller.rb

@@ -0,0 +1,4 @@
+module KnockOnce
+  class UserTokenController < Knock::AuthTokenController
+  end
+end

data/app/controllers/knock_once/users_controller.rb

@@ -0,0 +1,53 @@
+require_dependency "knock_once/application_controller"
+
+module KnockOnce
+  class UsersController < ApplicationController
+    before_action :authenticate_user, except: [:create]
+    include ActiveModel::SecurePassword
+
+    def show
+      @user = current_user
+      render json: @user
+    end
+
+    def update
+      @user = current_user
+      if @user.authenticate(params[:current_password])
+        if @user.update(user_params)
+          render json: {
+            user: @user,
+            message: 'Your profile has been updated!'
+          }
+        else
+          render json: @user.errors.full_messages, status: :unprocessable_entity
+        end
+      else
+        render status: :unprocessable_entity, json: ['Current password is incorrect']
+      end
+    end
+
+    def destroy
+      @user = current_user
+      if @user.destroy
+        render json: :success
+      else
+        render json: @user.errors.full_messages
+      end
+    end
+
+    def create
+      @user = User.new(user_params)
+      if @user.save
+        render json: @user
+      else
+        render json: @user.errors.full_messages, status: :unprocessable_entity
+      end
+    end
+
+    private
+
+    def user_params
+      params.permit(:user, :user_name, :email, :current_password, :password, :password_confirmation)
+    end
+  end
+end

data/app/jobs/knock_once/application_job.rb

@@ -0,0 +1,4 @@
+module KnockOnce
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/knock_once/application_mailer.rb

@@ -0,0 +1,6 @@
+module KnockOnce
+  class ApplicationMailer < ActionMailer::Base
+    default from: 'from@example.com'
+    layout 'mailer'
+  end
+end

data/app/mailers/knock_once/password_reset_mailer.rb

@@ -0,0 +1,14 @@
+module KnockOnce
+  class PasswordResetMailer < ApplicationMailer
+    default from: 'no-reply@sporkbook.com'
+
+    def password_reset(user, token)
+      @user = user
+      @token = token
+
+      mail(
+        to: @user,
+        subject: 'Forgot password request from SporkBook')
+    end
+  end
+end

data/app/mailers/knock_once/user_mailer.rb

@@ -0,0 +1,12 @@
+module KnockOnce
+  class UserMailer < ApplicationMailer
+    def welcome_mailer(user)
+      @user = user
+      mail(to: @user.email,
+           subject: 'Welcome to Sporkbook!') do |format|
+             format.html { render 'welcome_mailer' }
+             format.text { render 'welcome_mailer' }
+           end
+    end
+  end
+end

data/app/models/knock_once/application_record.rb

@@ -0,0 +1,5 @@
+module KnockOnce
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/knock_once/password.rb

@@ -0,0 +1,20 @@
+module KnockOnce
+  class Password < ApplicationRecord
+    attr_accessor :token
+    attr_accessor :user
+
+    def self.generate_reset_token
+      @token = SecureRandom.urlsafe_base64(18, false)
+    end
+
+    def self.save_token_and_expiry(user)
+      @user = user
+      generate_reset_token
+      User.find_by_email(@user['email']).update_attributes(password_reset_token: @token, password_token_expiry: 1.hour.from_now)
+    end
+
+    def self.email_reset(email)
+      PasswordResetMailer.password_reset(@user, @token).deliver_now
+    end
+  end
+end

data/app/models/knock_once/user.rb

@@ -0,0 +1,38 @@
+module KnockOnce
+  class User < ApplicationRecord
+    # Explicitly set the table name so users can use non-namespaced table
+    self.table_name = 'users'
+
+    # these allow passing non-DB params for different situations
+    attr_accessor :current_password
+    attr_accessor :token
+
+    has_secure_password
+
+    before_save { email.downcase! }
+
+    valid_email_regex = /\A[\w+\-.]+@[a-z\d\-]+(\.[a-z\d\-]+)*\.[a-z]+\z/i
+
+    validates :email,
+      presence: true,
+      length: { maximum: 255 },
+      format: { with: valid_email_regex },
+      uniqueness: { case_sensitive: false }
+    validates :password_digest,
+      presence: true
+    validates :password,
+      presence: true,
+      length: { minimum: 8 },
+      allow_nil: true
+
+
+
+    # Send additional user info as payload for front end
+    def to_token_payload
+      {
+        sub: id,
+        email: email
+      }
+    end
+  end
+end

data/app/views/knock_once/password_reset_mailer/password_reset.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type' />
+  </head>
+  <body>
+    <h1>Password reset request</h1>
+    <p>
+      This is your requested token: 
+
+      <h2><%= @token %></h2>
+    </p>
+
+    <H2>
+      <a href="http://localhost:8080/#/reset">Click here to reset your password</a>
+    </H2>
+  </body>
+</html>

data/app/views/knock_once/user_mailer/welcome_mailer.html.erb

@@ -0,0 +1 @@
+Welcome <%= @user.email %>!

data/app/views/knock_once/user_mailer/welcome_mailer.text.erb

@@ -0,0 +1 @@
+Welcome <%= @user.email %>!

data/app/views/layouts/knock_once/mailer.html.erb

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <style>
+      /* Email styles need to be inline */
+    </style>
+  </head>
+
+  <body>
+    <%= yield %>
+  </body>
+</html>

data/app/views/layouts/knock_once/mailer.text.erb

@@ -0,0 +1 @@
+<%= yield %>

data/config/initializers/knock.rb

@@ -0,0 +1,61 @@
+require 'knock'
+
+Knock.setup do |config|
+
+  ## Expiration claim
+  ## ----------------
+  ##
+  ## How long before a token is expired. If nil is provided, token will
+  ## last forever.
+  ##
+  ## Default:
+  # config.token_lifetime = 1.day
+
+
+  ## Audience claim
+  ## --------------
+  ##
+  ## Configure the audience claim to identify the recipients that the token
+  ## is intended for.
+  ##
+  ## Default:
+  # config.token_audience = nil
+
+  ## If using Auth0, uncomment the line below
+  # config.token_audience = -> { Rails.application.secrets.auth0_client_id }
+
+  ## Signature algorithm
+  ## -------------------
+  ##
+  ## Configure the algorithm used to encode the token
+  ##
+  ## Default:
+  # config.token_signature_algorithm = 'HS256'
+
+  ## Signature key
+  ## -------------
+  ##
+  ## Configure the key used to sign tokens.
+  ##
+  ## Default:
+  # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  ## If using Auth0, uncomment the line below
+  # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
+
+  ## Public key
+  ## ----------
+  ##
+  ## Configure the public key used to decode tokens, if required.
+  ##
+  ## Default:
+  # config.token_public_key = nil
+
+  ## Exception Class
+  ## ---------------
+  ##
+  ## Configure the exception to be used when user cannot be found.
+  ##
+  ## Default:
+  # config.not_found_exception_class_name = 'ActiveRecord::RecordNotFound'
+end

data/config/routes.rb

@@ -0,0 +1,17 @@
+KnockOnce::Engine.routes.draw do
+  post '/user_token', to: 'user_token#create'
+
+  resource :users
+
+  ## Password routes
+
+  # password udpate (user knows current password)
+  patch '/passwords', to: 'passwords#update'
+  put '/passwords', to: 'passwords#update'
+
+  # password reset routes (user doesn't know current password)
+  post '/passwords/reset', to: 'passwords#create'
+  patch '/passwords/reset', to: 'passwords#edit'
+  put '/passwords/reset', to: 'passwords#edit'
+  post 'passwords/validate', to: 'passwords#validate'
+end

data/lib/generators/knock_once/install_generator.rb

@@ -0,0 +1,26 @@
+module KnockOnce
+  class InstallGenerator < Rails::Generators::Base
+    include Rails::Generators::Migration
+
+    source_root File.expand_path("../../../templates", __FILE__)
+
+    def create_user_model
+      copy_file('user_model.rb', 'app/models/user.rb')
+    end
+
+    def copy_migrations
+      if self.class.migration_exists?("db/migrate", "create_knock_once_users")
+        say_status("skipped", "Migration create_knock_once_users already exists")
+      else
+        migration_template("create_knock_once_users.rb.erb", "db/migrate/create_knock_once_users.rb")
+      end
+    end
+
+    private
+
+    # Use to assign migration time otherwise generator will error
+    def self.next_migration_number(dir)
+      Time.now.utc.strftime("%Y%m%d%H%M%S")
+    end
+  end
+end

data/lib/knock_once/engine.rb

@@ -0,0 +1,8 @@
+require 'knock'
+
+module KnockOnce
+  class Engine < ::Rails::Engine
+    isolate_namespace KnockOnce
+    config.generators.api_only = true
+  end
+end

data/lib/knock_once/version.rb

@@ -0,0 +1,3 @@
+module KnockOnce
+  VERSION = '0.2.0'
+end

data/lib/knock_once.rb

@@ -0,0 +1,5 @@
+require "knock_once/engine"
+
+module KnockOnce
+  # Your code goes here...
+end

data/lib/tasks/knock_once_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :knock_once do
+#   # Task goes here
+# end

data/lib/templates/create_knock_once_users.rb.erb

@@ -0,0 +1,18 @@
+class CreateKnockOnceUsers < ActiveRecord::Migration<%= "[#{Rails::VERSION::STRING[0..2]}]" if Rails::VERSION::MAJOR > 4 %>
+  def change
+    create_table :users do |t|
+      # Required
+      t.string :email
+      t.string :password_digest
+      t.string :password_reset_token
+      t.datetime :password_token_expiry
+
+      # Add your custom user fields are required
+      # TODO add whitelist instructions here
+
+      t.timestamps
+    end
+
+    add_index :users, :email, unique: true
+  end
+end

data/lib/templates/user_model.rb

@@ -0,0 +1,3 @@
+class User < KnockOnce::User
+
+end

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: knock_once
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Nicholas Shirley
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-11-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.1.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.1.4
+- !ruby/object:Gem::Dependency
+  name: knock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pg
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: knock_once provides basic user email auth using knock.
+email:
+- nicholas@reallymy.email
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/knock_once/application_controller.rb
+- app/controllers/knock_once/passwords_controller.rb
+- app/controllers/knock_once/user_token_controller.rb
+- app/controllers/knock_once/users_controller.rb
+- app/jobs/knock_once/application_job.rb
+- app/mailers/knock_once/application_mailer.rb
+- app/mailers/knock_once/password_reset_mailer.rb
+- app/mailers/knock_once/user_mailer.rb
+- app/models/knock_once/application_record.rb
+- app/models/knock_once/password.rb
+- app/models/knock_once/user.rb
+- app/views/knock_once/password_reset_mailer/password_reset.html.erb
+- app/views/knock_once/user_mailer/welcome_mailer.html.erb
+- app/views/knock_once/user_mailer/welcome_mailer.text.erb
+- app/views/layouts/knock_once/mailer.html.erb
+- app/views/layouts/knock_once/mailer.text.erb
+- config/initializers/knock.rb
+- config/routes.rb
+- lib/generators/knock_once/install_generator.rb
+- lib/knock_once.rb
+- lib/knock_once/engine.rb
+- lib/knock_once/version.rb
+- lib/tasks/knock_once_tasks.rake
+- lib/templates/create_knock_once_users.rb.erb
+- lib/templates/user_model.rb
+homepage: https://github.com/nicholasshirley/knock_once
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.11
+signing_key: 
+specification_version: 4
+summary: A basic API user authorization engine built on knock.
+test_files: []