mini_auth_rb 0.3.0 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e9d6372d1a0c2f792dd40767132cfcc32e1248e15239168d1d11b92477402e9d
-  data.tar.gz: fc9ac37928995a29f66a8d95b5339ce1e7b9e7854b2e7327941535e4384a8fde
+  metadata.gz: 0b90d8b77cce44d67049557a5aa2fecaff4fb13de9008c27b0fd0fb5ace999e4
+  data.tar.gz: 35bc5f618a549a68848091bc4ed02a731d198bbe6e05c8b2fa004483e6da3486
 SHA512:
-  metadata.gz: 90d0fa0f54f7c9220dc729b94df8190249cac50766a1a69564a562dd2a08e872998ee9c31a52fa795388b36d04f9f7492afc4629d5f65ead58fdaf2146edbc06
-  data.tar.gz: c089f08cfc19e2e98e44a00610e4656953141dcc7712eca4bca0fe67d2b90ddbb40e81a38a2d958a16c4273243476a7b327ce758854435f4f350837fa4f80d3a
+  metadata.gz: c5c4d1be7976a86a5ee77e1b25de8639c13e8644a8cf2135829500e2fa4770451ee1404ac6850d9467ae31d979dea69e8d51971b04c165de28fda578737290b7
+  data.tar.gz: e6a7f512d6efa74baed2518da4b6c046d4c1fa7e1f959ce0ecd3d88824d3cf500c50e02af88620b97fbb628362d0c9bf749aede87f1be869a8777fa06c66004f

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2022-10-15
+
+- Initial release

data/Gemfile

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in mini_auth.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+gem "minitest", "~> 5.0"

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Ali Alhoshaiyan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,230 @@
+# MiniAuth
+
+A small authenticated gem inspired by Laravel guards pattern.
+
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+    $ bundle add mini_auth_rb
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+    $ gem install mini_auth_rb
+
+
+## Guard Pattern
+
+Authentication should be easy to use, implement and simple enough to be secure. Often unnecessary complexity can
+lead to undesired security problems, and unfortunately a lot of Rails authentication libraries are built upon a lot
+of layers and try to support different frameworks alongside Rails thus making them more complex and weird to deal with.
+
+Here with `mini_auth_rb`, you will get the most simple infrastructure you need to deal with, i.e. authentication guards
+and one helper middleware. You need to bring your own controller, views, password resets, etc.
+
+Without further ado, let us understand what is a guard?
+
+Imagine your self going to a party, and you are there at the location but outside. You notice that there is two doors,
+one for party guests and another one for staff who are running things.
+
+As a party guest, you will be asked to identify your self by the receptionist (our guard in this case) by showing your
+invitation. Without a proper and valid invitation you will be simply denied access period.
+
+As for staff, they have their own entrance, a backdoor. If they try to enter the building from the front door they will
+be stopped and should go instead through the appropriate door.
+
+Same goes for guests, they are not allowed through the back door.
+
+I know this is confusing, by hold on a bit and everything should be clear.
+
+
+## Our Sample Application
+
+```text
+If you are looking for setup instructions and already understand how the library work, you can skip to the next section.
+```
+
+We have a small web store, and it is divided into two sections (or routes), the store itself (guest area),
+and a back-office where staff can supervise and manage the store.
+
+Our `routes.rb` looks like this:
+
+```ruby
+Rails.application.routes.draw do
+  # Guest Area
+  resources :items
+  resource :account
+  post :logout, to: 'logout#perform'
+  
+  # Registration Help
+  resource :login, only: [:new, :create]
+  resource :registration, only: [:new, :create] 
+  
+  # Staff Area (back-office)
+  namespace :staff do
+    resources :items
+    resources :orders
+    resources :users
+    resource :login, only: [:new, :create]
+    resource :registration, only: [:new, :create]
+  end
+  
+  root to: 'home#index'
+end
+```
+
+Stop here for a moment and think how are you going to solve the issue of authenticating different kind of users (or entities).
+
+Some will suggest that there should be a `User` model with some kind of column to identify the type of role, either
+a user of staff.
+
+Hmm, but how are we going to prevent users from entering back office. Easy! you say, use a before action that does a check.
+
+Well buddy, let us stop here. We need a clear line between user and staff here, I can't just keep asking people at the
+party are you a guest or a staff? I need a solid way to identify between them and know where every one should go.
+
+Here is an idea, let's make all staff dress in a custom that makes it easy to tell them apart from guest and makes it
+easy for our guards to stop anyone not authorized from entering the back-office and any other restricted areas.
+
+We can introduce two models, a `Staff` and a `User` model. Our code should know exactly what type they are dealing with
+and simple static analysis should let us know if something is wrong.
+
+
+## Auth Configuration
+
+To use MiniAuth in your project, you will need to create a new initializer file at `config/initializers/mini_auth.rb`,
+and add the following content:
+
+```ruby
+# frozen_string_literal: true
+
+# This middleware is used to remove any initialized guard related to the current request
+# after it has been processed and response is generated.
+Rails.application.config.middleware.use(MiniAuth::ResetGuardMiddleware)
+
+ActiveSupport.on_load :after_initialize do
+  routes = Rails.application.routes.url_helpers
+
+  guards = [
+    {
+      name: :web,
+      builder: -> (manager, name, request) {
+        MiniAuth::SessionGuard.new(name, User, request, routes.login_path, 86400)
+      }
+    },
+    {
+      name: :staff,
+      builder: -> (manager, name, request) {
+        MiniAuth::SessionGuard.new(name, Staff, request, routes.staff_login_path, 3600)
+      }
+    }
+  ]
+
+  Rails.application.config.mini_auth = {
+    default: :web,
+    guards: guards.freeze
+  }
+end
+```
+
+
+## Guarding Controllers
+
+Guards work at the controller level by leveraging the `before_action` feature in Rails.
+
+To use guard throughout your application, add the following concern to your `ApplicationController` class:
+
+```ruby
+class ApplicationController < ActionController::Base
+  include MiniAuth::Guarded
+  
+  # ... other stuff here
+end
+```
+
+Now we can simply protect or guard a controller or specific action as follows:
+
+Here is an example for users:
+
+```ruby
+class AccountController < ApplicationController
+  auth_requests! :web
+  
+  def index
+    # current_user.is_a?(User) #=> true
+  end
+  
+  def update
+    # This is just an example
+    current_user.update!(user_update_params)
+  end
+  
+  def deactivate
+    
+  end
+end
+```
+
+Here is an example for staff:
+
+```ruby
+class Staff::UsersController < ApplicationController
+  auth_requests! :staff, only: :index
+  
+  def index
+    # current_user.is_a?(Staff) #=> true
+  end
+end
+```
+
+We can also prevent authenticated users from entering a specific controller:
+
+
+```ruby
+class LoginController < ApplicationController
+  guest_only! :web
+
+  def new
+    # current_user.nil? #=> true
+  end
+
+  def create
+    # ...
+  end
+end
+```
+
+## The Guard Class
+
+Have a look at [guard.rb](lib/mini_auth/guard.rb), it defines an interface that dictates how the process
+of authentication works.
+
+Whenever a request is made to a guarded controller, the `user` method will be called and it should return an instance
+of the current entity or `nil` if the request is not authenticated.
+
+For example, in a typical web application, the `SessionGuard` will look for a specific key within the current Rails session,
+and try to match it against a record in the database.
+
+Another example is the `ApiGuard`, it will read a `Bearer` token from the current request and find the user related to it.
+
+The `SessionGuard` can be considered a stateful guard as it depends on the current state of the session and provides
+the `attempt` and `login` methods to set the current user of the session.
+
+
+## SessionGuard
+
+
+
+## ApiGuard
+
+
+## Your Own Guard
+
+
+### How it Works?
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/test_*.rb"]
+end
+
+task default: :test

data/lib/mini_auth/api_guard.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require 'base64'
+
+class MiniAuth::ApiGuard < MiniAuth::Guard
+  attr_reader :name, :model, :request
+
+  # @param [Symbol] name
+  # @param [Class] model
+  # @param [ActionDispatch::Request] request
+  def initialize(name, model, request)
+    @name = name
+    @model = model
+    @request = request
+  end
+
+  def attempt!(credentials, remember = nil)
+    raise NotImplementedError, 'ApiGuard does not support auth attempt.'
+  end
+
+  def login!(user, remember = nil)
+    @user = user
+  end
+
+  def logout!
+    @user = nil
+  end
+
+  def user
+    @user ||= infer_current_user
+  end
+
+  private
+
+  def infer_current_user
+    return nil if @infer_tried
+
+    @infer_tried ||= true
+    key = key_from_bearer || key_from_basic
+    return nil if key.nil?
+
+    @model.where(api_key: key).first
+  end
+
+  def key_from_basic
+    header = auth_header
+    return nil if header.empty?
+    return nil unless header.start_with?('Bearer ')
+
+    header.delete_prefix('Bearer ')
+  end
+
+  def key_from_bearer
+    header = auth_header
+    return nil if header.empty?
+    return nil unless header.start_with?('Basic ')
+
+    header = header.delete_prefix('Basic ')
+    Base64.decode64(header).split(':')[0]
+  end
+
+  def auth_header
+    request.headers['Authorization']
+  end
+end

data/lib/mini_auth/auth_error.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  class AuthError < RuntimeError
+    attr_reader :auth_url
+
+    def initialize(msg, auth_url = nil)
+      super(msg)
+      @auth_url = auth_url
+    end
+  end
+end

data/lib/mini_auth/auth_manager.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  Semaphore = Mutex.new
+
+  class AuthManager
+    attr_reader :default_guard, :definitions
+
+    def initialize(default_guard, definitions)
+      @default_guard = default_guard
+      @definitions = definitions.clone(freeze: false)
+      @guards = {}
+    end
+
+    # @param [Hash] config
+    def self.make(config)
+      new(config[:default], config[:guards])
+    end
+
+    # @return [MiniAuth::AuthManager]
+    def self.instance
+      Semaphore.synchronize do
+        @@instances ||= {}
+        @@instances[Thread.current.__id__] ||= make(Rails.application.config.mini_auth)
+      end
+    end
+
+    def self.reset!
+      Semaphore.synchronize do
+        @@instances ||= {}
+        @@instances.delete(Thread.current.__id__)
+      end
+    end
+
+    def reset_guards!
+      @guards = {}
+    end
+
+    # @param [ActionDispatch::Request] request
+    # @param [MiniAuth::Guard|NilClass] guard
+    # @return [MiniAuth::Guard]
+    def fetch_guard(request, guard = nil)
+      guard = default_guard if guard.nil?
+      @guards[guard] ||= init_guard(request, guard)
+    end
+
+    private
+
+    def supports_guard?(guard)
+      @definitions.any? { |gd| gd[:name] == guard }
+    end
+
+    def guard_definition(guard)
+      @definitions.find { |gd| gd[:name] == guard }
+    end
+
+    # @param [ActionDispatch::Request] request
+    # @param [MiniAuth::Guard|NilClass] guard
+    def init_guard(request, guard)
+      raise ArgumentError, "Undefined guard #{guard}" unless supports_guard?(guard)
+
+      guard_builder = guard_definition(guard)[:builder]
+      guard_builder.call(self, guard, request)
+    end
+  end
+end

data/lib/mini_auth/guard.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+class MiniAuth::Guard
+  # @param [Hash] credentials
+  # @param [Boolean] remember
+  def attempt!(credentials, remember = false)
+    raise NotImplementedError, 'Use implementation instead.'
+  end
+
+  # @param [Object] user
+  # @param [Boolean] remember
+  def login!(user, remember = false)
+    raise NotImplementedError, 'Use implementation instead.'
+  end
+
+  def logout!
+    raise NotImplementedError, 'Use implementation instead.'
+  end
+
+  def user
+    raise NotImplementedError, 'Use implementation instead.'
+  end
+
+  def logged_in?
+    user.present?
+  end
+
+  def guest?
+    !logged_in?
+  end
+
+  # @return [String] A URL to authentication path
+  def auth_url
+    raise NotImplementedError, 'Use implementation instead.'
+  end
+end

data/lib/mini_auth/guarded.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  module Guarded
+    extend ActiveSupport::Concern
+
+    # @return [MiniAuth::AuthManager]
+    def auth_manager
+      @auth_manager ||= MiniAuth::AuthManager.instance
+    end
+
+    # @return [MiniAuth::Guard]
+    def auth_guard(name = nil)
+      auth_manager.fetch_guard(request, name)
+    end
+
+    def current_user
+      auth_guard.user
+    end
+
+    class_methods do
+      def auth_requests!(guard = nil, **options)
+        raise ArgumentError, 'Guard must be a Symbol' unless guard.nil? || guard.is_a?(Symbol)
+
+        before_action(options.slice(:only, :except)) do |c|
+          guard_instance = c.auth_guard(guard)
+
+          unless guard_instance.logged_in?
+            raise AuthError.new('User must be logged in!', guard_instance.auth_url)
+          end
+        end
+      end
+
+      def guest_only!(guard = nil, **options)
+        raise ArgumentError, 'Guard must be a Symbol' unless guard.nil? || guard.is_a?(Symbol)
+
+        before_action(options.slice(:only, :except)) do |c|
+          guard_instance = c.auth_guard(guard)
+
+          unless guard_instance.guest?
+            raise GuestError, 'This resource is only available for unauthenticated requests'
+          end
+        end
+      end
+    end
+  end
+end

data/lib/mini_auth/guest_error.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  class GuestError < RuntimeError
+  end
+end

data/lib/mini_auth/reset_guard_middleware.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  class ResetGuardMiddleware
+    def initialize(app)
+      @app = app
+    end
+
+    def call(env)
+      @app.call(env)
+    ensure
+      MiniAuth::AuthManager.instance.reset_guards!
+    end
+  end
+end

data/lib/mini_auth/session_guard.rb

@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+require 'bcrypt'
+
+class MiniAuth::SessionGuard < MiniAuth::Guard
+  REMEMBER_DURATION = 86400 * 30
+
+  attr_reader :name, :model, :request, :session, :login_url
+
+  def self.hash_password(plaintext)
+    BCrypt::Password.create(plaintext, cost: 12)
+  end
+
+  # @param [String] name
+  # @param [Class] model
+  # @param [ActionDispatch::Request] request
+  # @param [String] login_url
+  # @param [Integer] remember_time
+  def initialize(name, model, request, login_url, remember_time = REMEMBER_DURATION)
+    @name = name
+    @model = model
+    @request = request
+    @login_url = login_url
+    @remember_time = remember_time
+  end
+
+  def attempt!(credentials, remember = false)
+    user = @model.where(credentials.except(:password)).first
+    return false if user.blank?
+
+    unless BCrypt::Password.new(user.password).is_password?(credentials[:password])
+      return false
+    end
+
+    login!(user, remember)
+    true
+  end
+
+  def login!(user, remember = false)
+    @user = user
+    @request.reset_session
+    @request.session[session_storage_key] = user.id
+
+    if remember
+      @user.remember_token = SecureRandom.base58(48)
+      @user.save!
+
+      @request.cookie_jar.encrypted.signed[:remember_me] = {
+        value: @user.remember_token,
+        expires: (Time.now + @remember_time).utc,
+        httponly: true
+      }
+    end
+
+    @user
+  end
+
+  def logout!
+    @user = nil
+
+    @request.session.delete(session_storage_key)
+    @request.cookie_jar.delete(:remember_me)
+    @request.reset_session
+
+    nil
+  end
+
+  def user
+    @user ||= fetch_session_user
+  end
+
+  def auth_url
+    login_url
+  end
+
+  private
+
+  def session_storage_key
+    "_mini_auth_session_guard_#{@name.downcase}_#{@model.name.downcase}"
+  end
+
+  def fetch_session_user
+    if @request.session[session_storage_key].present?
+      return @model.where(id: @request.session[session_storage_key]).first
+    end
+
+    token = @request.cookie_jar.encrypted.signed[:remember_me]
+    unless token.blank?
+      user = @model.where(remember_token: token).first
+
+      if user
+        login!(user, false)
+      else
+        @request.cookie_jar.delete(:remember_me)
+      end
+
+      return user
+    end
+
+    nil
+  end
+end

data/lib/mini_auth/test_guard.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class MiniAuth::TestGuard < MiniAuth::Guard
+  def attempt!(credentials, remember = nil)
+    raise NotImplementedError, 'Testing guard does not support login attempts.'
+  end
+
+  def login!(user, remember = nil)
+    @user = user
+  end
+
+  def logout!
+    @user = nil
+  end
+
+  def user
+    @user ||= nil
+  end
+
+  def auth_url
+    '/login'
+  end
+end

data/lib/mini_auth/tests_auth.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  module TestsAuth
+    extend ActiveSupport::Concern
+
+    def after_teardown
+      MiniAuth::AuthManager.reset!
+      super
+    end
+
+    def act_as(user, guard = nil)
+      manager = auth_manager
+      manager.instance_eval do |s|
+        @definitions.unshift({ name: guard || @default_guard, builder: -> (_, _, _) { MiniAuth::TestGuard.new } })
+      end
+
+      manager.fetch_guard(ActionDispatch::Request.new({}), guard).login!(user)
+    end
+
+    def actor(guard = nil)
+      auth_manager.fetch_guard(nil, guard).user
+    end
+
+    private
+
+    def auth_manager
+      MiniAuth::AuthManager.instance
+    end
+  end
+end

data/lib/mini_auth/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module MiniAuth
+  VERSION = "0.3.2"
+end

data/lib/mini_auth.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'active_support'
+require 'active_model'
+require 'action_pack'
+require 'bcrypt'
+
+require_relative 'mini_auth/version'
+require_relative 'mini_auth/guard'
+require_relative 'mini_auth/auth_error'
+require_relative 'mini_auth/guest_error'
+require_relative 'mini_auth/auth_manager'
+require_relative 'mini_auth/guarded'
+require_relative 'mini_auth/session_guard'
+require_relative 'mini_auth/api_guard'
+require_relative 'mini_auth/reset_guard_middleware'
+require_relative 'mini_auth/test_guard'
+require_relative 'mini_auth/tests_auth'
+
+module MiniAuth
+end

data/mini_auth.gemspec

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require_relative 'lib/mini_auth/version'
+
+Gem::Specification.new do |spec|
+  spec.name = 'mini_auth_rb'
+  spec.version = MiniAuth::VERSION
+  spec.authors = ['Ali Alhoshaiyan']
+  spec.email = ['ahoshaiyan@fastmail.com']
+
+  spec.summary = 'Pragmatic authentication for Ruby on Rails.'
+  spec.description = 'MiniAuth is a pragmatic authentication gem for Rails that is inspired by Laravel\'s guards pattern that provides highly customizable and simple authentication for your web applications and APIs.'
+  spec.homepage = 'https://github.com/ahoshaiyan/mini_auth'
+  spec.license = 'MIT'
+  spec.required_ruby_version = '>= 2.6.6'
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/ahoshaiyan/mini_auth'
+  spec.metadata['changelog_uri'] = 'https://github.com/ahoshaiyan/mini_auth'
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(__dir__) do
+    `git ls-files -z`.split("\x0").reject do |f|
+      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)})
+    end
+  end
+
+  spec.bindir = 'exe'
+  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  # Uncomment to register a new dependency of your gem
+  spec.add_runtime_dependency 'activesupport', '>= 6.0'
+  spec.add_runtime_dependency 'activemodel', '>= 6.0'
+  spec.add_runtime_dependency 'actionpack', '>= 6.0'
+  spec.add_runtime_dependency 'bcrypt', '>= 1.0.0'
+end

metadata

@@ -1,11 +1,11 @@
 --- !ruby/object:Gem::Specification
 name: mini_auth_rb
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.2
 platform: ruby
 authors:
 - Ali Alhoshaiyan
-autorequire:
+autorequire: 
 bindir: exe
 cert_chain: []
 date: 2022-11-27 00:00:00.000000000 Z
@@ -74,7 +74,25 @@ email:
 executables: []
 extensions: []
 extra_rdoc_files: []
-files: []
+files:
+- CHANGELOG.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/mini_auth.rb
+- lib/mini_auth/api_guard.rb
+- lib/mini_auth/auth_error.rb
+- lib/mini_auth/auth_manager.rb
+- lib/mini_auth/guard.rb
+- lib/mini_auth/guarded.rb
+- lib/mini_auth/guest_error.rb
+- lib/mini_auth/reset_guard_middleware.rb
+- lib/mini_auth/session_guard.rb
+- lib/mini_auth/test_guard.rb
+- lib/mini_auth/tests_auth.rb
+- lib/mini_auth/version.rb
+- mini_auth.gemspec
 homepage: https://github.com/ahoshaiyan/mini_auth
 licenses:
 - MIT
@@ -82,7 +100,7 @@ metadata:
   homepage_uri: https://github.com/ahoshaiyan/mini_auth
   source_code_uri: https://github.com/ahoshaiyan/mini_auth
   changelog_uri: https://github.com/ahoshaiyan/mini_auth
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -90,15 +108,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 2.6.6
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.1.6
+signing_key: 
 specification_version: 4
 summary: Pragmatic authentication for Ruby on Rails.
 test_files: []