mini_auth 0.3.2 → 1.0.0.rc
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.md +3 -0
- data/Gemfile +2 -2
- data/README.md +2 -2
- data/lib/mini_auth/random_token.rb +25 -0
- data/lib/mini_auth/version.rb +1 -1
- data/lib/mini_auth.rb +1 -16
- data/mini_auth.gemspec +1 -1
- data/spec/fake_app.rb +13 -1
- data/spec/mini_auth/token_spec.rb +8 -9
- metadata +9 -8
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
|
@@ -7,13 +7,13 @@ if rails_version == "edge"
|
|
|
7
7
|
elsif rails_version && rails_version.strip != ""
|
|
8
8
|
gem "rails", rails_version
|
|
9
9
|
else
|
|
10
|
-
gem "rails", ">= 3.2.
|
|
10
|
+
gem "rails", ">= 3.2.9"
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
gem "bcrypt-ruby", "~> 3.0.1"
|
|
14
14
|
|
|
15
15
|
group :test do
|
|
16
|
-
gem "rspec-rails", "~> 2.
|
|
16
|
+
gem "rspec-rails", "~> 2.12.0"
|
|
17
17
|
gem "sqlite3", "~> 1.3.6"
|
|
18
18
|
gem "database_cleaner", "~> 0.9.1"
|
|
19
19
|
end
|
data/README.md
CHANGED
|
@@ -236,12 +236,12 @@ For more information about mass assignment security, please refer to the
|
|
|
236
236
|
|
|
237
237
|
### Random token
|
|
238
238
|
|
|
239
|
-
`MiniAuth` module provides an easy way to generate a random token and verify it.
|
|
239
|
+
`MiniAuth::RandomToken` module provides an easy way to generate a random token and verify it.
|
|
240
240
|
|
|
241
241
|
The class method `token` takes a list of names and defines "generate\_#{name}\_token" and "verify\_#{name}\_token" methods dynamically.
|
|
242
242
|
|
|
243
243
|
class User < ActiveRecord::Base
|
|
244
|
-
include MiniAuth
|
|
244
|
+
include MiniAuth::RandomToken
|
|
245
245
|
|
|
246
246
|
attr_accessible :name, :address, :phone
|
|
247
247
|
token :auto_login, :mail_confirmation
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
require "mini_auth/version"
|
|
2
|
+
require "bcrypt"
|
|
3
|
+
|
|
4
|
+
module MiniAuth
|
|
5
|
+
module RandomToken
|
|
6
|
+
extend ActiveSupport::Concern
|
|
7
|
+
module ClassMethods
|
|
8
|
+
def token(*names)
|
|
9
|
+
names.each do |name|
|
|
10
|
+
self.class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
|
11
|
+
def generate_#{name}_token
|
|
12
|
+
send("#{name}_token=", SecureRandom.hex)
|
|
13
|
+
end
|
|
14
|
+
METHOD
|
|
15
|
+
|
|
16
|
+
self.class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
|
17
|
+
def verify_#{name}_token(token)
|
|
18
|
+
token && token == self.send("#{name}_token")
|
|
19
|
+
end
|
|
20
|
+
METHOD
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
data/lib/mini_auth/version.rb
CHANGED
data/lib/mini_auth.rb
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require "mini_auth/version"
|
|
2
|
+
require "mini_auth/random_token"
|
|
2
3
|
require "bcrypt"
|
|
3
4
|
|
|
4
5
|
module MiniAuth
|
|
@@ -64,22 +65,6 @@ module MiniAuth
|
|
|
64
65
|
end
|
|
65
66
|
|
|
66
67
|
module ClassMethods
|
|
67
|
-
def token(*names)
|
|
68
|
-
names.each do |name|
|
|
69
|
-
self.class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
|
70
|
-
def generate_#{name}_token
|
|
71
|
-
send("#{name}_token=", SecureRandom.hex)
|
|
72
|
-
end
|
|
73
|
-
METHOD
|
|
74
|
-
|
|
75
|
-
self.class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
|
76
|
-
def verify_#{name}_token(token)
|
|
77
|
-
token && token == self.send("#{name}_token")
|
|
78
|
-
end
|
|
79
|
-
METHOD
|
|
80
|
-
end
|
|
81
|
-
end
|
|
82
|
-
|
|
83
68
|
def attributes_protected_by_default
|
|
84
69
|
super + [ 'password_digest', 'changing_password', 'setting_password' ]
|
|
85
70
|
end
|
data/mini_auth.gemspec
CHANGED
|
@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
|
|
|
19
19
|
|
|
20
20
|
s.add_runtime_dependency "rails", ">= 3.1.8"
|
|
21
21
|
s.add_runtime_dependency "bcrypt-ruby", "~> 3.0.1"
|
|
22
|
-
s.add_development_dependency "rspec-rails", "~> 2.
|
|
22
|
+
s.add_development_dependency "rspec-rails", "~> 2.12.0"
|
|
23
23
|
s.add_development_dependency "sqlite3", "~> 1.3.6"
|
|
24
24
|
s.add_development_dependency "database_cleaner", "~> 0.9.1"
|
|
25
25
|
end
|
data/spec/fake_app.rb
CHANGED
|
@@ -27,6 +27,11 @@ class CreateAllTables < ActiveRecord::Migration
|
|
|
27
27
|
t.string :password_digest
|
|
28
28
|
t.boolean :deleted
|
|
29
29
|
end
|
|
30
|
+
|
|
31
|
+
create_table(:emails) do |t|
|
|
32
|
+
t.string :address
|
|
33
|
+
t.string :confirmation_token
|
|
34
|
+
end
|
|
30
35
|
end
|
|
31
36
|
end
|
|
32
37
|
|
|
@@ -38,8 +43,9 @@ migration.change
|
|
|
38
43
|
# Models
|
|
39
44
|
class User < ActiveRecord::Base
|
|
40
45
|
include MiniAuth
|
|
46
|
+
include MiniAuth::RandomToken
|
|
41
47
|
|
|
42
|
-
token :auto_login
|
|
48
|
+
token :auto_login
|
|
43
49
|
end
|
|
44
50
|
|
|
45
51
|
class Member < ActiveRecord::Base
|
|
@@ -51,3 +57,9 @@ class Administrator < ActiveRecord::Base
|
|
|
51
57
|
include MiniAuth
|
|
52
58
|
attr_protected :deleted
|
|
53
59
|
end
|
|
60
|
+
|
|
61
|
+
class Email < ActiveRecord::Base
|
|
62
|
+
include MiniAuth::RandomToken
|
|
63
|
+
|
|
64
|
+
token :confirmation
|
|
65
|
+
end
|
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
require 'spec_helper'
|
|
2
2
|
|
|
3
|
-
describe "MiniAuth.token" do
|
|
4
|
-
let(:user)
|
|
5
|
-
|
|
6
|
-
end
|
|
3
|
+
describe "MiniAuth::Token.token" do
|
|
4
|
+
let(:user) { User.create!(:name => 'alice') }
|
|
5
|
+
let(:email) { Email.create!(:address => 'alice@example.com') }
|
|
7
6
|
|
|
8
7
|
it "should generate auto_login_token" do
|
|
9
8
|
expect {
|
|
@@ -14,13 +13,13 @@ describe "MiniAuth.token" do
|
|
|
14
13
|
user.auto_login_token.length.should == 32
|
|
15
14
|
end
|
|
16
15
|
|
|
17
|
-
it "should generate
|
|
16
|
+
it "should generate confirmation_token" do
|
|
18
17
|
expect {
|
|
19
|
-
|
|
20
|
-
}.to change {
|
|
18
|
+
email.generate_confirmation_token
|
|
19
|
+
}.to change { email.confirmation_token }
|
|
21
20
|
|
|
22
|
-
|
|
23
|
-
|
|
21
|
+
email.confirmation_token.should_not be_nil
|
|
22
|
+
email.confirmation_token.length.should == 32
|
|
24
23
|
end
|
|
25
24
|
|
|
26
25
|
it "should verify auto_login_token" do
|
metadata
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mini_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
5
|
-
prerelease:
|
|
4
|
+
version: 1.0.0.rc
|
|
5
|
+
prerelease: 6
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- Tsutomu Kuroda
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-11-
|
|
12
|
+
date: 2012-11-26 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rails
|
|
@@ -50,7 +50,7 @@ dependencies:
|
|
|
50
50
|
requirements:
|
|
51
51
|
- - ~>
|
|
52
52
|
- !ruby/object:Gem::Version
|
|
53
|
-
version: 2.
|
|
53
|
+
version: 2.12.0
|
|
54
54
|
type: :development
|
|
55
55
|
prerelease: false
|
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -58,7 +58,7 @@ dependencies:
|
|
|
58
58
|
requirements:
|
|
59
59
|
- - ~>
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: 2.
|
|
61
|
+
version: 2.12.0
|
|
62
62
|
- !ruby/object:Gem::Dependency
|
|
63
63
|
name: sqlite3
|
|
64
64
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -105,6 +105,7 @@ files:
|
|
|
105
105
|
- README.md
|
|
106
106
|
- Rakefile
|
|
107
107
|
- lib/mini_auth.rb
|
|
108
|
+
- lib/mini_auth/random_token.rb
|
|
108
109
|
- lib/mini_auth/version.rb
|
|
109
110
|
- mini_auth.gemspec
|
|
110
111
|
- spec/fake_app.rb
|
|
@@ -131,12 +132,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
131
132
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
132
133
|
none: false
|
|
133
134
|
requirements:
|
|
134
|
-
- - ! '
|
|
135
|
+
- - ! '>'
|
|
135
136
|
- !ruby/object:Gem::Version
|
|
136
|
-
version:
|
|
137
|
+
version: 1.3.1
|
|
137
138
|
requirements: []
|
|
138
139
|
rubyforge_project: mini_auth
|
|
139
|
-
rubygems_version: 1.8.
|
|
140
|
+
rubygems_version: 1.8.24
|
|
140
141
|
signing_key:
|
|
141
142
|
specification_version: 3
|
|
142
143
|
summary: A minimal authentication module for Rails
|