lockup 1.3.0 → 1.3.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    MmFiY2Y3YTIxODM0MzJmM2E2MzE2ZDYzYjdiZjIyMWUyNTQ1Njc0Mg==
+  data.tar.gz: !binary |-
+    ODY2ZjhlMGZkNjgxZTZkMjkyYzQ3NDcwZGQyZjg5NjhhZTgyODZlYw==
+SHA512:
+  metadata.gz: !binary |-
+    ZWVkNmE0MWE1NjUxYmE3NGI3MzRlNzA5MTFlYTcxYzBhNzM1ZTQ2M2M3OWFm
+    NTM4NDY3NzM3YzQ0MGI1ZDMyZmU2NGNjMjZmOTgyYWQ3ODRkNmQyODVlZjFm
+    N2RjNjMxMmJjMGRlMDgwODMwZmM3ODAxNmYwOTBlODNiMDRjNjA=
+  data.tar.gz: !binary |-
+    Yzg2N2I5ZjYyZjQ2MmQyYzAzNjRmZTUzOTg4NjM2NWZkZmZlYTg4OTlkOTI3
+    MGUxNGJkZjU2YTczMzY1NzFiMWVlZTBlZTJjYmQ1NzUwYTNlNGExZjYxNTQ4
+    ZTVmYjAzOGQ4ZTY0MjU0YTZkMmUwNmY5MmUwZjkyZTRlZGZmN2I=

data/README.md

@@ -8,19 +8,19 @@ A simple gem to more elegantly place a staging server or other in-progress rails
 
 _“Can I come into your fort?”_
 
-_“…what's the codeword?”_
+_“…what’s the codeword?”_
 
 (currently used in production with Rails 3.X and Rails 4)
 
 ## Installation
 
-1. Add this line to your application's Gemfile:
+1. Add this line to your application’s Gemfile:
 
         gem 'lockup'
 
 2. Define a codeword (see Usage below).
 
-3. Mount the engine in your application's routes file (usually first, for best results):
+3. Mount the engine in your application’s routes file (usually first, for best results):
 
         mount Lockup::Engine, at: '/lockup'
 
@@ -34,11 +34,17 @@ If you think you might need a hint:
 
     ENV["LOCKUP_HINT"] = 'Something that you do not tell everyone.'
 
-If you're using [Figaro](https://github.com/laserlemon/figaro), set your Lockup codeword and hint (optional) in your application.yml file:
+If you’re using Rails 4.1 or greater, you can add your Lockup Codeword via Rails Secrets functionality in your secrets.yml file:
 
-    LOCKUP_CODEWORD: "love"
+    lockup_codeword: 'love'
 
-    LOCKUP_HINT: "Pepé Le Pew"
+    lockup_hint: 'Pepé Le Pew'
+
+If you’re using [Figaro](https://github.com/laserlemon/figaro), set your Lockup codeword and hint (optional) in your application.yml file:
+
+    LOCKUP_CODEWORD: 'love'
+
+    LOCKUP_HINT: 'Pepé Le Pew'
 
 **Codewords are not case-sensitive, by design. Keep it simple.**
 
@@ -46,7 +52,7 @@ If you're using [Figaro](https://github.com/laserlemon/figaro), set your Lockup
 
 ### Use Lockup around a specific controller:
 
-1. Follow the installtion instructions above.
+1. Follow the installation instructions above.
 
 2. In your application_controller.rb file, add:
 

data/Rakefile

@@ -18,4 +18,4 @@ require 'rspec/core/rake_task'
 desc "Run all specs in spec directory (excluding plugin specs)"
 RSpec::Core::RakeTask.new
 
-task :default => :spec
+task default: :spec

data/app/controllers/lockup/lockup_controller.rb

@@ -13,18 +13,20 @@ module Lockup
             run_redirect
           end
         else
-          render :nothing => true
+          render nothing: true
         end
-      end
-
-      if request.post?
-        @codeword = params[:lockup][:codeword].to_s.downcase
-        @return_to = params[:lockup][:return_to]
-        if @codeword == ENV["LOCKUP_CODEWORD"].to_s.downcase || ((Rails::VERSION::MAJOR >= 4 && Rails::VERSION::MINOR >= 1) && @codeword == Rails.application.secrets.lockup_codeword.to_s.downcase)
-          set_cookie
-          run_redirect
+      elsif request.post?
+        if params[:lockup].present? && params[:lockup].respond_to?(:'[]')
+          @codeword = params[:lockup][:codeword].to_s.downcase
+          @return_to = params[:lockup][:return_to]
+          if @codeword == ENV["LOCKUP_CODEWORD"].to_s.downcase || ((Rails::VERSION::MAJOR >= 4 && Rails::VERSION::MINOR >= 1) && @codeword == Rails.application.secrets.lockup_codeword.to_s.downcase)
+            set_cookie
+            run_redirect
+          else
+            @wrong = true
+          end
         else
-          @wrong = true
+          render nothing: true
         end
       end
     end
@@ -32,7 +34,7 @@ module Lockup
     private
     
     def set_cookie
-      cookies[:lockup] = { :value => @codeword.to_s.downcase, :expires => (Time.now + 5.years) }
+      cookies[:lockup] = { value: @codeword.to_s.downcase, expires: (Time.now + 5.years) }
     end
     
     def run_redirect

data/app/views/layouts/lockup/_inline_css.html.erb

@@ -6,9 +6,14 @@ body {
   overflow: hidden;
 }
 h1 {
+  margin: 0 auto;
+  margin-top: 40px;
+  margin-bottom: 40px;
+  width: 100%;
   font-family: Helvetica, sans-serif;
   font-size: 60px;
   text-align: center;
+  line-height: 70px;
 }
 form input[type='password'] {
   display: block;
@@ -128,10 +133,74 @@ form p {
   font-weight: bold;
 }
 
-@media only screen and (min-width : 320px) and (max-width : 641px) {
+@media only screen and (min-width : 1149px) and (max-width : 1570px) {
+
+  h1 {
+    width: 72%;
+  }
+
+}
+
+@media only screen and (min-width : 769px) and (max-width : 1148px) {
+
+  h1 {
+    width: 82%;
+  }
+
+}
+
+@media only screen and (min-width : 690px) and (max-width : 768px) {
+
+  h1 {
+    width: 80%;
+  }
+
+}
+
+@media only screen and (min-width : 641px) and (max-width : 689px) {
+
+  h1 {
+    width: 88%;
+  }
+
+}
+
+@media only screen and (min-width : 563px) and (max-width : 640px) {
+
+  h1 {
+    width: 90%;
+  }
+
+}
+
+@media only screen and (min-width : 481px) and (max-width : 562px) {
+
+  h1 {
+    width: 90%;
+  }
+
+}
+
+@media only screen and (min-width : 410px) and (max-width : 480px) {
+
+  h1 {
+    width: 84%;
+  }
+
+}
+
+@media only screen and (min-width : 350px) and (max-width : 409px) {
+
+  h1 {
+    width: 100%;
+  }
+
+}
+
+@media only screen and (min-width : 350px) and (max-width : 640px) {
   body {
     min-width: 1px;
-    max-width: 641px;
+    max-width: 640px;
     -webkit-text-size-adjust: none;
   }
 
@@ -143,7 +212,9 @@ form p {
   }
 
   h1 {
+    margin-top: 0px;
     font-size: 36px;
+    line-height: 42px;
   }
   form input[type='password'] {
     padding: 12px 8px;
@@ -172,4 +243,53 @@ form p {
   #hint.show {
     margin-bottom: 28px;
   }
-}
+}
+
+@media only screen and (min-width : 1px) and (max-width : 349px) {
+  body {
+    min-width: 1px;
+    max-width: 349px;
+    -webkit-text-size-adjust: none;
+  }
+
+  .mobile_only {
+    display: inline !important;
+  }
+  .no_mobile {
+    display: none !important;
+  }
+
+  h1 {
+    margin-top: 0px;
+    width: 97%;
+    font-size: 32px;
+    line-height: 38px;
+  }
+  form input[type='password'] {
+    padding: 12px 8px;
+    width: 175px;
+    font-size: 22px;
+  }
+  form button {
+    width: 200px;
+    font-size: 22px;
+  }
+  .hmm h3 {
+    width: 90%;
+    font-size: 16px;
+  }
+  #hint_icon {
+    width: 20px;
+    height: 20px;
+    font-size: 12px;
+    line-height: 22px;
+    margin: -78px 0 0 105px;
+  }
+  #hint {
+    font-size: 14px;
+    margin-top: -12px;
+  }
+  #hint.show {
+    margin-bottom: 28px;
+  }
+}

data/app/views/lockup/lockup/unlock.html.erb

@@ -6,11 +6,11 @@
   </div>
 <% end %>
 
-<%= form_for :lockup, :url => { :action => 'unlock' } do |form| %>
+<%= form_for :lockup, url: { action: 'unlock' } do |form| %>
   <% unless @wrong == true %>
-    <p><%= form.password_field "codeword", :placeholder => "code word" %></p>
+    <p><%= form.password_field "codeword", placeholder: "code word" %></p>
   <% else %>
-    <p><%= form.password_field "codeword", :value => @codeword, :class => 'nope' %></p>
+    <p><%= form.password_field "codeword", value: @codeword, class: 'nope' %></p>
   <% end %>
     
   <% if ENV["LOCKUP_HINT"].present? || ((Rails::VERSION::MAJOR >= 4 && Rails::VERSION::MINOR >= 1) && Rails.application.secrets.lockup_hint.present?) %>
@@ -19,9 +19,9 @@
   <% end %>
 
   <% if params[:return_to].present? %>
-    <%= form.hidden_field "return_to", :value => params[:return_to] %>
+    <%= form.hidden_field "return_to", value: params[:return_to] %>
   <% elsif @return_to.present? %>
-    <%= form.hidden_field "return_to", :value => @return_to %>
+    <%= form.hidden_field "return_to", value: @return_to %>
   <% end %>
     
   <p><%= button_tag "Go" %></p>

data/config/routes.rb

@@ -1,4 +1,4 @@
 Lockup::Engine.routes.draw do
-  get   'unlock' => 'lockup#unlock', :as => 'unlock'
+  get   'unlock' => 'lockup#unlock', as: 'unlock'
   post  'unlock' => 'lockup#unlock'
 end

data/lib/lockup.rb

@@ -4,7 +4,7 @@ module Lockup
   extend ActiveSupport::Concern
 
   included do
-    before_filter :check_for_lockup, :except => ["unlock"]
+    before_filter :check_for_lockup, except: ["unlock"]
   end
 
   private
@@ -15,10 +15,10 @@ module Lockup
         if cookies[:lockup] == ENV["LOCKUP_CODEWORD"].to_s.downcase || ((Rails::VERSION::MAJOR >= 4 && Rails::VERSION::MINOR >= 1) && cookies[:lockup] == Rails.application.secrets.lockup_codeword.to_s.downcase)
           return
         else
-          redirect_to lockup.unlock_path(:return_to => request.fullpath.split('?lockup_codeword')[0], :lockup_codeword => params[:lockup_codeword])
+          redirect_to lockup.unlock_path(return_to: request.fullpath.split('?lockup_codeword')[0], lockup_codeword: params[:lockup_codeword])
         end
       else
-        redirect_to lockup.unlock_path(:return_to => request.fullpath.split('?lockup_codeword')[0], :lockup_codeword => params[:lockup_codeword])
+        redirect_to lockup.unlock_path(return_to: request.fullpath.split('?lockup_codeword')[0], lockup_codeword: params[:lockup_codeword])
       end
     end
   end

data/lib/lockup/engine.rb

@@ -3,7 +3,7 @@ module Lockup
     isolate_namespace Lockup
 
     config.generators do |g|
-      g.test_framework :rspec, :fixture => false
+      g.test_framework :rspec, fixture: false
       g.assets false
       g.helper false
     end

data/lib/lockup/version.rb

@@ -1,3 +1,3 @@
 module Lockup
-  VERSION = "1.3.0"
+  VERSION = "1.3.1"
 end

data/spec/controllers/lockup/lockup_controller_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe Lockup::LockupController do
+  describe 'a malicious user posts invalid data' do
+    it 'does not fail' do
+      post 'unlock', {use_route: :lockup, foo: 'bar'}
+    end
+  end
+  describe 'a malicious user requests a format that is not HTML' do
+    it 'does not fail' do
+      get 'unlock', use_route: :lockup, format: 'text'
+    end
+  end
+end

data/spec/dummy/app/controllers/application_controller.rb

@@ -4,6 +4,6 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 
   def render_404
-    render :file => Rails.root.join('public', '404.html'), :status => 404
+    render file: Rails.root.join('public', '404.html'), status: 404
   end
 end

data/spec/dummy/app/models/post.rb

@@ -4,8 +4,8 @@ class Post
   attr_accessor :id, :title, :body
 
   POSTS = [
-    {:id => 1, :title => 'Title One', :body => 'Body One'},
-    {:id => 2, :title => 'Title Two', :body => 'Body Two'}
+    {id: 1, title: 'Title One', body: 'Body One'},
+    {id: 2, title: 'Title Two', body: 'Body Two'}
   ]
 
   def self.all
@@ -20,4 +20,4 @@ class Post
     id
   end
 
-end
+end

data/spec/dummy/app/views/layouts/application.html.erb

@@ -2,8 +2,8 @@
 <html>
 <head>
   <title>Dummy</title>
-  <%= stylesheet_link_tag    "application", media: "all", "data-turbolinks-track" => true %>
-  <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
+  <%= stylesheet_link_tag    "application", media: "all", data: {turbolinks_track: true} %>
+  <%= javascript_include_tag "application", data: {turbolinks_track: true} %>
   <%= csrf_meta_tags %>
 </head>
 <body>

data/spec/dummy/config/routes.rb

@@ -1,10 +1,10 @@
 Rails.application.routes.draw do
 
-  mount Lockup::Engine, :at => '/lockup', :as => 'lockup'
+  mount Lockup::Engine, at: '/lockup', as: 'lockup'
 
-  resources :posts, :only => [:index, :show]
+  resources :posts, only: [:index, :show]
 
   # this makes tests fail with endless redirect loop b/c it is before lockup routes
   # catch all route b/c Rails `rescue_from` doesn't catch ActionController::RoutingError
-  match '*path', :via => :all, :to => 'application#render_404'
+  match '*path', via: :all, to: 'application#render_404'
 end

data/spec/features/access_restricted_spec.rb

@@ -4,7 +4,7 @@ require 'spec_helper'
 describe "Accessing a page in the application" do
 
   def enter_code_word(code_word)
-    fill_in 'code word', :with => code_word
+    fill_in 'code word', with: code_word
     click_on 'Go'
   end
 

data/spec/spec_helper.rb

@@ -12,5 +12,5 @@ RSpec.configure do |config|
   config.mock_with :rspec
   config.infer_base_class_for_anonymous_controllers = false
   config.order = "random"
-  config.include UserAgentHelper, :type => :feature
-end
+  config.include UserAgentHelper, type: :feature
+end

metadata

@@ -1,94 +1,89 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: lockup
-version: !ruby/object:Gem::Version 
-  hash: 27
-  prerelease: 
-  segments: 
-  - 1
-  - 3
-  - 0
-  version: 1.3.0
+version: !ruby/object:Gem::Version
+  version: 1.3.1
 platform: ruby
-authors: 
+authors:
 - gb Studio
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2014-10-06 00:00:00 Z
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2014-12-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rails
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 5
-        segments: 
-        - 3
-        version: "3"
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '3'
     - - <
-      - !ruby/object:Gem::Version 
-        hash: 9
-        segments: 
-        - 5
-        version: "5"
+      - !ruby/object:Gem::Version
+        version: '5'
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: rspec-rails
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '3'
+    - - <
+      - !ruby/object:Gem::Version
+        version: '5'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: capybara
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency 
-  name: launchy
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: launchy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id004
-description: "A simple gem to more elegantly place a staging server or other in-progress application behind a basic codeword. It\xE2\x80\x99s easy to implement, share with clients/collaborators, and more beautiful than the typical password-protection sheet."
-email: 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A simple gem to more elegantly place a staging server or other in-progress
+  application behind a basic codeword. It’s easy to implement, share with clients/collaborators,
+  and more beautiful than the typical password-protection sheet.
+email:
 - hello@grantblakeman.com
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
 - app/controllers/lockup/application_controller.rb
 - app/controllers/lockup/lockup_controller.rb
 - app/helpers/lockup/application_helper.rb
@@ -97,13 +92,12 @@ files:
 - app/views/layouts/lockup/application.html.erb
 - app/views/lockup/lockup/unlock.html.erb
 - config/routes.rb
+- lib/lockup.rb
 - lib/lockup/engine.rb
 - lib/lockup/version.rb
-- lib/lockup.rb
 - lib/tasks/lockup_tasks.rake
-- MIT-LICENSE
-- Rakefile
-- README.md
+- spec/controllers/lockup/lockup_controller_spec.rb
+- spec/dummy/Rakefile
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/controllers/application_controller.rb
@@ -116,6 +110,7 @@ files:
 - spec/dummy/bin/bundle
 - spec/dummy/bin/rails
 - spec/dummy/bin/rake
+- spec/dummy/config.ru
 - spec/dummy/config/application.rb
 - spec/dummy/config/boot.rb
 - spec/dummy/config/database.yml.old
@@ -132,49 +127,39 @@ files:
 - spec/dummy/config/initializers/wrap_parameters.rb
 - spec/dummy/config/locales/en.yml
 - spec/dummy/config/routes.rb
-- spec/dummy/config.ru
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
 - spec/dummy/public/500.html
 - spec/dummy/public/favicon.ico
-- spec/dummy/Rakefile
 - spec/features/access_restricted_spec.rb
 - spec/spec_helper.rb
 - spec/support/features/user_agent_helper.rb
 homepage: http://lockupgem.com
-licenses: 
+licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.8.24
+rubygems_version: 2.4.3
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Lock staging servers from search engines and prying eyes.
-test_files: 
+test_files:
+- spec/controllers/lockup/lockup_controller_spec.rb
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
 - spec/dummy/app/controllers/application_controller.rb