knocknock 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +206 -0
- data/Rakefile +37 -0
- data/app/controllers/knocknock/auth_tokens_controller.rb +54 -0
- data/app/model/knocknock/auth_token.rb +69 -0
- data/config/routes.rb +2 -0
- data/lib/generators/knocknock/install_generator.rb +20 -0
- data/lib/generators/knocknock/token_controller_generator.rb +25 -0
- data/lib/generators/templates/access_token.rb.erb +17 -0
- data/lib/generators/templates/create_access_token.rb +9 -0
- data/lib/generators/templates/knocknock.rb +50 -0
- data/lib/generators/templates/resource_tokens_controller.rb.erb +2 -0
- data/lib/knocknock.rb +25 -0
- data/lib/knocknock/authenticatable.rb +47 -0
- data/lib/knocknock/engine.rb +6 -0
- data/lib/knocknock/version.rb +3 -0
- data/lib/tasks/knocknock_tasks.rake +4 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/controllers/admin_protected_controller.rb +7 -0
- data/test/dummy/app/controllers/admin_tokens_controller.rb +2 -0
- data/test/dummy/app/controllers/application_controller.rb +3 -0
- data/test/dummy/app/controllers/user_protected_controller.rb +7 -0
- data/test/dummy/app/controllers/user_tokens_controller.rb +2 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/models/access_token.rb +3 -0
- data/test/dummy/app/models/admin.rb +5 -0
- data/test/dummy/app/models/user.rb +5 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/bin/setup +29 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +56 -0
- data/test/dummy/config/environments/production.rb +82 -0
- data/test/dummy/config/environments/test.rb +44 -0
- data/test/dummy/config/initializers/assets.rb +11 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +6 -0
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/migrate/20150713101607_create_users.rb +10 -0
- data/test/dummy/db/migrate/20150922015152_create_admins.rb +10 -0
- data/test/dummy/db/migrate/20160218200351_create_access_tokens.rb +11 -0
- data/test/dummy/db/schema.rb +40 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/log/development.log +52 -0
- data/test/dummy/log/test.log +9320 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/test/controllers/admin_protected_controller_test.rb +49 -0
- data/test/dummy/test/controllers/admin_tokens_controller_test.rb +22 -0
- data/test/dummy/test/controllers/user_protected_controller_test.rb +49 -0
- data/test/dummy/test/controllers/user_tokens_controller_test.rb +23 -0
- data/test/dummy/test/fixtures/access_tokens.yml +11 -0
- data/test/dummy/test/models/access_token_test.rb +7 -0
- data/test/dummy/test/models/admin_test.rb +4 -0
- data/test/dummy/test/models/user_test.rb +4 -0
- data/test/fixtures/admins.yml +5 -0
- data/test/fixtures/users.yml +9 -0
- data/test/generators/install_generator_test.rb +15 -0
- data/test/generators/token_controller_generator_test.rb +19 -0
- data/test/knocknock_test.rb +9 -0
- data/test/model/knocknock/auth_token_test.rb +50 -0
- data/test/support/generators_test_helper.rb +9 -0
- data/test/test_helper.rb +38 -0
- data/test/tmp/app/controllers/admin_tokens_controller.rb +2 -0
- data/test/tmp/app/controllers/user_tokens_controller.rb +2 -0
- data/test/tmp/config/routes.rb +8 -0
- metadata +253 -0
@@ -0,0 +1,67 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The page you were looking for doesn't exist (404)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
body {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body>
|
58
|
+
<!-- This file lives in public/404.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>The page you were looking for doesn't exist.</h1>
|
62
|
+
<p>You may have mistyped the address or the page may have moved.</p>
|
63
|
+
</div>
|
64
|
+
<p>If you are the application owner check the logs for more information.</p>
|
65
|
+
</div>
|
66
|
+
</body>
|
67
|
+
</html>
|
@@ -0,0 +1,67 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The change you wanted was rejected (422)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
body {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body>
|
58
|
+
<!-- This file lives in public/422.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>The change you wanted was rejected.</h1>
|
62
|
+
<p>Maybe you tried to change something you didn't have access to.</p>
|
63
|
+
</div>
|
64
|
+
<p>If you are the application owner check the logs for more information.</p>
|
65
|
+
</div>
|
66
|
+
</body>
|
67
|
+
</html>
|
@@ -0,0 +1,66 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<meta name="viewport" content="width=device-width,initial-scale=1">
|
6
|
+
<style>
|
7
|
+
body {
|
8
|
+
background-color: #EFEFEF;
|
9
|
+
color: #2E2F30;
|
10
|
+
text-align: center;
|
11
|
+
font-family: arial, sans-serif;
|
12
|
+
margin: 0;
|
13
|
+
}
|
14
|
+
|
15
|
+
div.dialog {
|
16
|
+
width: 95%;
|
17
|
+
max-width: 33em;
|
18
|
+
margin: 4em auto 0;
|
19
|
+
}
|
20
|
+
|
21
|
+
div.dialog > div {
|
22
|
+
border: 1px solid #CCC;
|
23
|
+
border-right-color: #999;
|
24
|
+
border-left-color: #999;
|
25
|
+
border-bottom-color: #BBB;
|
26
|
+
border-top: #B00100 solid 4px;
|
27
|
+
border-top-left-radius: 9px;
|
28
|
+
border-top-right-radius: 9px;
|
29
|
+
background-color: white;
|
30
|
+
padding: 7px 12% 0;
|
31
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
32
|
+
}
|
33
|
+
|
34
|
+
h1 {
|
35
|
+
font-size: 100%;
|
36
|
+
color: #730E15;
|
37
|
+
line-height: 1.5em;
|
38
|
+
}
|
39
|
+
|
40
|
+
div.dialog > p {
|
41
|
+
margin: 0 0 1em;
|
42
|
+
padding: 1em;
|
43
|
+
background-color: #F7F7F7;
|
44
|
+
border: 1px solid #CCC;
|
45
|
+
border-right-color: #999;
|
46
|
+
border-left-color: #999;
|
47
|
+
border-bottom-color: #999;
|
48
|
+
border-bottom-left-radius: 4px;
|
49
|
+
border-bottom-right-radius: 4px;
|
50
|
+
border-top-color: #DADADA;
|
51
|
+
color: #666;
|
52
|
+
box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
|
53
|
+
}
|
54
|
+
</style>
|
55
|
+
</head>
|
56
|
+
|
57
|
+
<body>
|
58
|
+
<!-- This file lives in public/500.html -->
|
59
|
+
<div class="dialog">
|
60
|
+
<div>
|
61
|
+
<h1>We're sorry, but something went wrong.</h1>
|
62
|
+
</div>
|
63
|
+
<p>If you are the application owner check the logs for more information.</p>
|
64
|
+
</div>
|
65
|
+
</body>
|
66
|
+
</html>
|
File without changes
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class AdminProtectedControllerTest < ActionController::TestCase
|
4
|
+
def valid_auth
|
5
|
+
@admin = admins(:one)
|
6
|
+
@token = Knocknock::AuthToken.new(payload: { sub: @admin.access_tokens.create.token }).token
|
7
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
8
|
+
end
|
9
|
+
|
10
|
+
def invalid_token_auth
|
11
|
+
@token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
|
12
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
13
|
+
end
|
14
|
+
|
15
|
+
def invalid_resource_auth
|
16
|
+
@token = Knocknock::AuthToken.new(payload: { sub: 0 }).token
|
17
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
18
|
+
end
|
19
|
+
|
20
|
+
test "responds with unauthorized" do
|
21
|
+
get :index
|
22
|
+
assert_response :unauthorized
|
23
|
+
end
|
24
|
+
|
25
|
+
test "responds with unauthorized to invalid token" do
|
26
|
+
invalid_token_auth
|
27
|
+
get :index
|
28
|
+
assert_response :unauthorized
|
29
|
+
end
|
30
|
+
|
31
|
+
test "responds with unauthorized to invalid resource" do
|
32
|
+
invalid_resource_auth
|
33
|
+
get :index
|
34
|
+
assert_response :unauthorized
|
35
|
+
end
|
36
|
+
|
37
|
+
test "responds with success if authenticated" do
|
38
|
+
valid_auth
|
39
|
+
get :index
|
40
|
+
assert_response :success
|
41
|
+
end
|
42
|
+
|
43
|
+
test "has a current_admin after authentication" do
|
44
|
+
valid_auth
|
45
|
+
get :index
|
46
|
+
assert_response :success
|
47
|
+
assert @controller.current_admin.id == @admin.id
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class AdminTokensControllerTest < ActionController::TestCase
|
4
|
+
def setup
|
5
|
+
@admin = admins(:one)
|
6
|
+
end
|
7
|
+
|
8
|
+
test "responds with 404 if user does not exist" do
|
9
|
+
post :create, params: { auth: { email: 'wrong@example.net', password: '' } }
|
10
|
+
assert_response :not_found
|
11
|
+
end
|
12
|
+
|
13
|
+
test "responds with 404 if password is invalid" do
|
14
|
+
post :create, params: { auth: { email: @admin.email, password: 'wrong' } }
|
15
|
+
assert_response :not_found
|
16
|
+
end
|
17
|
+
|
18
|
+
test "responds with 201" do
|
19
|
+
post :create, params: { auth: { email: @admin.email, password: 'secret' } }
|
20
|
+
assert_response :created
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class UserProtectedControllerTest < ActionController::TestCase
|
4
|
+
def valid_auth
|
5
|
+
@user = users(:one)
|
6
|
+
@token = Knocknock::AuthToken.new(payload: { sub: @user.access_tokens.create.token }).token
|
7
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
8
|
+
end
|
9
|
+
|
10
|
+
def invalid_token_auth
|
11
|
+
@token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
|
12
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
13
|
+
end
|
14
|
+
|
15
|
+
def invalid_resource_auth
|
16
|
+
@token = Knocknock::AuthToken.new(payload: { sub: 0 }).token
|
17
|
+
@request.env['HTTP_AUTHORIZATION'] = "Bearer #{@token}"
|
18
|
+
end
|
19
|
+
|
20
|
+
test "responds with unauthorized" do
|
21
|
+
get :index
|
22
|
+
assert_response :unauthorized
|
23
|
+
end
|
24
|
+
|
25
|
+
test "responds with unauthorized to invalid token" do
|
26
|
+
invalid_token_auth
|
27
|
+
get :index
|
28
|
+
assert_response :unauthorized
|
29
|
+
end
|
30
|
+
|
31
|
+
test "responds with unauthorized to invalid resource" do
|
32
|
+
invalid_resource_auth
|
33
|
+
get :index
|
34
|
+
assert_response :unauthorized
|
35
|
+
end
|
36
|
+
|
37
|
+
test "responds with success if authenticated" do
|
38
|
+
valid_auth
|
39
|
+
get :index
|
40
|
+
assert_response :success
|
41
|
+
end
|
42
|
+
|
43
|
+
test "has a current_user after authentication" do
|
44
|
+
valid_auth
|
45
|
+
get :index
|
46
|
+
assert_response :success
|
47
|
+
assert @controller.current_user.id == @user.id
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class UserTokensControllerTest < ActionController::TestCase
|
4
|
+
def setup
|
5
|
+
@user = users(:one)
|
6
|
+
end
|
7
|
+
|
8
|
+
test "responds with 404 if user does not exist" do
|
9
|
+
post :create, params: { auth: { email: 'wrong@example.net', password: '' } }
|
10
|
+
assert_response :not_found
|
11
|
+
end
|
12
|
+
|
13
|
+
test "responds with 404 if password is invalid" do
|
14
|
+
post :create, params: { auth: { email: @user.email, password: 'wrong' } }
|
15
|
+
assert_response :not_found
|
16
|
+
end
|
17
|
+
|
18
|
+
test "responds with 201" do
|
19
|
+
post :create, params: { auth: { email: @user.email, password: 'secret' } }
|
20
|
+
assert_response :created
|
21
|
+
assert JSON.parse(response.body).keys.include?('jwt')
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
2
|
+
|
3
|
+
one:
|
4
|
+
email: one@example.net
|
5
|
+
password_digest: <%= BCrypt::Password.create('secret', cost: 4) %>
|
6
|
+
|
7
|
+
two:
|
8
|
+
email: two@example.net
|
9
|
+
password_digest: <%= BCrypt::Password.create('secret', cost: 4) %>
|
@@ -0,0 +1,15 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class InstallGeneratorTest < Rails::Generators::TestCase
|
4
|
+
tests Knocknock::InstallGenerator
|
5
|
+
destination File.expand_path("../tmp", File.dirname(__FILE__))
|
6
|
+
|
7
|
+
setup :prepare_destination
|
8
|
+
|
9
|
+
test "assert all files are properly created" do
|
10
|
+
run_generator
|
11
|
+
assert_file "config/initializers/knocknock.rb"
|
12
|
+
assert_migration 'db/migrate/create_access_token.rb'
|
13
|
+
assert_file 'app/models/access_token.rb'
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class TokenControllerGeneratorTest < Rails::Generators::TestCase
|
4
|
+
include GeneratorsTestHelper
|
5
|
+
|
6
|
+
tests Knocknock::TokenControllerGenerator
|
7
|
+
destination File.expand_path("../tmp", File.dirname(__FILE__))
|
8
|
+
|
9
|
+
setup :prepare_destination
|
10
|
+
setup :copy_routes
|
11
|
+
|
12
|
+
test "assert all files are properly created" do
|
13
|
+
run_generator ['User']
|
14
|
+
assert_file "app/controllers/user_tokens_controller.rb"
|
15
|
+
|
16
|
+
run_generator ['Admin']
|
17
|
+
assert_file "app/controllers/admin_tokens_controller.rb"
|
18
|
+
end
|
19
|
+
end
|