knocknock 0.0.0

data/lib/generators/templates/access_token.rb.erb

@@ -0,0 +1,17 @@
+<% if Rails.version.starts_with? '5' %>
+class AccessToken < ApplicationRecord
+<% else %>
+class AccessToken < ActiveRecord::Base
+<% end %>
+  belongs_to :authenticatee, polymorphic: true
+
+  before_create :generate_token
+
+  private
+
+    def generate_token
+      begin
+        self.token = SecureRandom.uuid
+      end while self.class.exists?(token: token)
+    end
+end

data/lib/generators/templates/create_access_token.rb

@@ -0,0 +1,9 @@
+class CreateAccessToken < ActiveRecord::Migration[5.0]
+  def change
+    create_table :access_tokens do |t|
+      t.string :token
+      t.references :authenticatee, polymorphic: true
+    end
+    add_index :access_tokens, :token
+  end
+end

data/lib/generators/templates/knocknock.rb

@@ -0,0 +1,50 @@
+Knocknock.setup do |config|
+
+  ## Expiration claim
+  ## ----------------
+  ##
+  ## How long before a token is expired.
+  ##
+  ## Default:
+  # config.token_lifetime = 1.day
+
+
+  ## Audience claim
+  ## --------------
+  ##
+  ## Configure the audience claim to identify the recipients that the token
+  ## is intended for.
+  ##
+  ## Default:
+  # config.token_audience = nil
+
+  ## If using Auth0, uncomment the line below
+  # config.token_audience = -> { Rails.application.secrets.auth0_client_id }
+
+  ## Signature algorithm
+  ## -------------------
+  ##
+  ## Configure the algorithm used to encode the token
+  ##
+  ## Default:
+  # config.token_signature_algorithm = 'HS256'
+
+  ## Signature key
+  ## -------------
+  ##
+  ## Configure the key used to sign tokens.
+  ##
+  ## Default:
+  # config.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  ## If using Auth0, uncomment the line below
+  # config.token_secret_signature_key = -> { JWT.base64url_decode Rails.application.secrets.auth0_client_secret }
+
+  ## Public key
+  ## ----------
+  ##
+  ## Configure the public key used to decode tokens, if required.
+  ##
+  ## Default:
+  # config.token_public_key = nil
+end

data/lib/generators/templates/resource_tokens_controller.rb.erb

@@ -0,0 +1,2 @@
+class <%= resource_name.capitalize %>TokensController < Knock::AuthTokensController
+end

data/lib/knocknock.rb

@@ -0,0 +1,25 @@
+require "knocknock/engine"
+
+module Knocknock
+
+  mattr_accessor :token_lifetime
+  self.token_lifetime = 1.day
+
+  mattr_accessor :token_audience
+  self.token_audience = nil
+
+  mattr_accessor :token_signature_algorithm
+  self.token_signature_algorithm = 'HS256'
+
+  mattr_accessor :token_secret_signature_key
+  self.token_secret_signature_key = -> { Rails.application.secrets.secret_key_base }
+
+  mattr_accessor :token_public_key
+  self.token_public_key = nil
+
+  # Default way to setup Knocknock. Run `rails generate knocknock:install` to
+  #create a fresh initializer and AccessToken model.
+  def self.setup
+    yield self
+  end
+end

data/lib/knocknock/authenticatable.rb

@@ -0,0 +1,47 @@
+module Knocknock::Authenticatable
+
+  def authenticate_for resource_class
+    token = token_from_request_headers
+    return head(:unauthorized) if token.nil?
+
+    begin
+      @resource = Knocknock::AuthToken.new(token: token).resource(resource_class)
+      return head(:unauthorized) unless @resource
+      define_current_resource_getter(resource_class)
+    rescue
+      return head(:unauthorized)
+    end
+  end
+
+  private
+
+  def method_missing(method, *args)
+    prefix, *parts = method.to_s.split('_')
+    if prefix == 'authenticate'
+      resource_class = constant_from_parts(parts)
+      send(:authenticate_for, resource_class)
+    else
+      super
+    end
+  end
+
+  def token_from_request_headers
+    unless request.headers['Authorization'].nil?
+      request.headers['Authorization'].split.last
+    end
+  end
+
+  def define_current_resource_getter resource_class
+    underscored_resource = resource_class.to_s.underscore
+    self.class.send(:define_method, "current_#{underscored_resource}") do
+      @resource
+    end
+  end
+
+  # Not rescuing from NameError on purpose.
+  # If trying to use `authenticate_user` but no `User` constant exists,
+  # it makes more sense to raise NameError than NoMethodError.
+  def constant_from_parts parts
+    parts.map(&:capitalize).join.constantize
+  end
+end

data/lib/knocknock/engine.rb

@@ -0,0 +1,6 @@
+module Knocknock
+  class Engine < ::Rails::Engine
+    config.autoload_paths += Dir["#{config.root}/lib/**/"]
+    isolate_namespace Knocknock
+  end
+end

data/lib/knocknock/version.rb

@@ -0,0 +1,3 @@
+module Knocknock
+  VERSION = '0.0.0'
+end

data/lib/tasks/knocknock_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :knock do
+#   # Task goes here
+# end

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/Rakefile

@@ -0,0 +1,6 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+Rails.application.load_tasks

data/test/dummy/app/controllers/admin_protected_controller.rb

@@ -0,0 +1,7 @@
+class AdminProtectedController < ApplicationController
+  before_action :authenticate_admin
+
+  def index
+    head :ok
+  end
+end

data/test/dummy/app/controllers/admin_tokens_controller.rb

@@ -0,0 +1,2 @@
+class AdminTokensController < Knocknock::AuthTokensController
+end

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::API
+  include Knocknock::Authenticatable
+end

data/test/dummy/app/controllers/user_protected_controller.rb

@@ -0,0 +1,7 @@
+class UserProtectedController < ApplicationController
+  before_action :authenticate_user
+
+  def index
+    head :ok
+  end
+end

data/test/dummy/app/controllers/user_tokens_controller.rb

@@ -0,0 +1,2 @@
+class UserTokensController < Knocknock::AuthTokensController
+end

data/test/dummy/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/test/dummy/app/models/access_token.rb

@@ -0,0 +1,3 @@
+class AccessToken < ActiveRecord::Base
+  belongs_to :authenticatee, polymorphic: true
+end

data/test/dummy/app/models/admin.rb

@@ -0,0 +1,5 @@
+class Admin < ActiveRecord::Base
+  has_many :access_tokens, as: :authenticatee
+
+  has_secure_password
+end

data/test/dummy/app/models/user.rb

@@ -0,0 +1,5 @@
+class User < ActiveRecord::Base
+  has_many :access_tokens, as: :authenticatee
+  
+  has_secure_password
+end

data/test/dummy/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/test/dummy/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application', __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/test/dummy/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/test/dummy/bin/setup

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+require 'pathname'
+
+# path to your application root.
+APP_ROOT = Pathname.new File.expand_path('../../',  __FILE__)
+
+Dir.chdir APP_ROOT do
+  # This script is a starting point to setup your application.
+  # Add necessary setup steps to this file:
+
+  puts "== Installing dependencies =="
+  system "gem install bundler --conservative"
+  system "bundle check || bundle install"
+
+  # puts "\n== Copying sample files =="
+  # unless File.exist?("config/database.yml")
+  #   system "cp config/database.yml.sample config/database.yml"
+  # end
+
+  puts "\n== Preparing database =="
+  system "bin/rake db:setup"
+
+  puts "\n== Removing old logs and tempfiles =="
+  system "rm -f log/*"
+  system "rm -rf tmp/cache"
+
+  puts "\n== Restarting application server =="
+  system "touch tmp/restart.txt"
+end

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment', __FILE__)
+run Rails.application

data/test/dummy/config/application.rb

@@ -0,0 +1,23 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+Bundler.require(*Rails.groups)
+require "knocknock"
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end
+

data/test/dummy/config/boot.rb

@@ -0,0 +1,5 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+$LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)

data/test/dummy/config/database.yml

@@ -0,0 +1,25 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: 5
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  <<: *default
+  database: db/production.sqlite3

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the Rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the Rails application.
+Rails.application.initialize!

data/test/dummy/config/environments/development.rb

@@ -0,0 +1,56 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  if Rails.root.join('tmp/caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => 'public, max-age=172800'
+    }
+  else
+    config.action_controller.perform_caching = false
+    config.cache_store = :null_store
+  end
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+end

data/test/dummy/config/environments/production.rb

@@ -0,0 +1,82 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+  # Action Cable endpoint configuration
+  # config.action_cable.url = 'wss://example.com/cable'
+  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
+
+  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+  config.force_ssl = true
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :debug
+
+  # Prepend all log lines with the following tags.
+  # config.log_tags = [ :subdomain, :request_id ]
+
+  # Use a different logger for distributed setups.
+  # require 'syslog/logger'
+  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  # Use a different cache store in production.
+  # config.cache_store = :mem_cache_store
+
+  # Use a real queuing backend for Active Job (and separate queues per environment)
+  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_name_prefix = "senyore_#{Rails.env}"
+
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+end