minimalist_authentication 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -2
  3. data/lib/minimalist/authentication.rb +6 -5
  4. data/lib/minimalist/sessions.rb +32 -22
  5. data/lib/minimalist/test_helper.rb +2 -2
  6. data/lib/minimalist_authentication/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2d020d82d864706eb3048098a397f68a6dd1cbf7
4
- data.tar.gz: 0ebabb35dda1683be51aff8132a84fbb851f1da7
3
+ metadata.gz: 16ed1dfe1bdc98a54c7eb28354a075b3d0d2f750
4
+ data.tar.gz: e765bfe8fff4491147ba167239dc731ea632110d
5
5
  SHA512:
6
- metadata.gz: fb9ec1fde1bbf9d5ba15778b0b52b906b67cf2a76e5a5c44ed1159d72377b2fc313f81bde6d54423e4229111b14927ac3e7ef695dd0fc5c21b2631b0f4663a2a
7
- data.tar.gz: 82e0db4943b2b1e4b8e0fe4320876079a5a38609a0add94598bc01f4d68e101560cf1e5569814076aa62918461374068c8ad5531cf3eb87dcd3e57f4d80bb893
6
+ metadata.gz: 672dc8cb16782c78e71b420e5496ef3ecb88eba36bbe7ff18fe3f526d5787d0ea1f70a66b982616048f8b6ff2327fa305aa4559ea1aa245525c1a0f1c5f776d7
7
+ data.tar.gz: 2773fe5d5534866f6e981b79002d13222ce2aa0a35d7fa9ebeb3908444e08bd62aadbb1a1271267ee4fa31530aade23321fb91a683d8140ccf877b3620b758ab
data/README.md CHANGED
@@ -32,7 +32,7 @@ Include Minimalist::Authorization in your ApplicationController (app/controllers
32
32
  ```ruby
33
33
  class ApplicationController < ActionController::Base
34
34
  include Minimalist::Authorization
35
-
35
+
36
36
  # Lock down everything by default
37
37
  # use skip_before_action to open up specific actions
38
38
  before_action :authorization_required
@@ -43,7 +43,6 @@ Include Minimalist::Sessions in your SessionsController (app/controllers/session
43
43
  ```ruby
44
44
  class SessionsController < ApplicationController
45
45
  include Minimalist::Sessions
46
- skip_before_action :authorization_required, only: %i(new create)
47
46
  end
48
47
  ```
49
48
 
@@ -54,6 +53,9 @@ class ActiveSupport::TestCase
54
53
  end
55
54
  ```
56
55
 
56
+ ## Build
57
+ [![Build Status](https://travis-ci.org/wwidea/minimalist_authentication.svg?branch=master)](https://travis-ci.org/wwidea/minimalist_authentication)
58
+
57
59
 
58
60
  ## License
59
61
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
data/lib/minimalist/authentication.rb CHANGED
@@ -4,7 +4,7 @@ require 'bcrypt'
4
4
  module Minimalist
5
5
  module Authentication
6
6
  extend ActiveSupport::Concern
7
-
7
+
8
8
  GUEST_USER_EMAIL = 'guest'
9
9
  PREFERRED_DIGEST_VERSION = 3
10
10
 
@@ -29,10 +29,11 @@ module Minimalist
29
29
  end
30
30
 
31
31
  module ClassMethods
32
- def authenticate(email, password)
33
- return if email.blank? || password.blank?
34
- user = active.where(email: email).first
35
- return unless user && user.authenticated?(password)
32
+ def authenticate(params)
33
+ field, value = params.to_h.select { |key, value| %w(email username).include?(key.to_s) && value.present? }.first
34
+ return if field.blank? || value.blank? || params[:password].blank?
35
+ user = active.where(field => value).first
36
+ return unless user && user.authenticated?(params[:password])
36
37
  return user
37
38
  end
38
39
 
data/lib/minimalist/sessions.rb CHANGED
@@ -1,55 +1,65 @@
1
1
  module Minimalist
2
2
  module Sessions
3
+ extend ActiveSupport::Concern
3
4
 
4
- def show
5
- redirect_to new_session_path
5
+ included do
6
+ skip_before_action :authorization_required, only: %i(new create)
7
+ skip_before_action :verify_authenticity_token, only: %i(create destroy)
6
8
  end
7
-
9
+
8
10
  def new
9
11
  @user = User.new
10
12
  end
11
13
 
12
14
  def create
13
- if user = User.authenticate(user_params[:email], user_params[:password])
14
- user.logged_in
15
- session[:user_id] = user.id
16
- after_authentication(user)
17
- redirect_back_or_default(login_redirect_to(user))
15
+ if authenticated_user
16
+ scrub_session!
17
+ authenticated_user.logged_in
18
+ session[:user_id] = authenticated_user.id
19
+ after_authentication_success
18
20
  return
19
21
  else
20
22
  after_authentication_failure
21
- flash.now[:alert] = "Couldn't log you in as '#{user_params[:email]}'"
22
- render action: 'new'
23
23
  end
24
24
  end
25
25
 
26
26
  def destroy
27
- session[:user_id] = nil
27
+ scrub_session!
28
28
  flash[:notice] = "You have been logged out."
29
29
  redirect_to logout_redirect_to
30
30
  end
31
31
 
32
-
33
32
  private
34
-
33
+
34
+ def authenticated_user
35
+ @authenticated_user ||= User.authenticate(user_params)
36
+ end
37
+
35
38
  def user_params
36
- @user_params ||= params.require(:user).permit(:email, :password)
39
+ @user_params ||= params.require(:user).permit(:email, :username, :password)
37
40
  end
38
41
 
39
- def login_redirect_to(user)
40
- '/'
42
+ def after_authentication_success
43
+ redirect_back_or_default(login_redirect_to)
41
44
  end
42
45
 
43
- def logout_redirect_to
44
- '/'
46
+ def after_authentication_failure
47
+ flash.now[:alert] = "Couldn't log you in as '#{user_params[:email] || user_params[:username]}'"
48
+ render :new
45
49
  end
46
50
 
47
- def after_authentication(user)
48
- # overide in application
51
+ def scrub_session!
52
+ (session.keys - %w(session_id _csrf_token return_to)).each do |key|
53
+ session.delete(key)
54
+ end
49
55
  end
50
56
 
51
- def after_authentication_failure
52
- # overide in application
57
+ def login_redirect_to
58
+ root_path
59
+ end
60
+
61
+ def logout_redirect_to
62
+ new_session_path
53
63
  end
54
64
  end
55
65
  end
data/lib/minimalist/test_helper.rb CHANGED
@@ -3,8 +3,8 @@ module Minimalist
3
3
  def login_as(user_fixture_name, password = 'password')
4
4
  post session_path, params: { user: { email: users(user_fixture_name).email, password: password } }
5
5
  end
6
-
7
-
6
+
7
+
8
8
  def current_user
9
9
  @current_user ||= (@request.session[:user_id] ? User.find(@request.session[:user_id]) : nil)
10
10
  end
data/lib/minimalist_authentication/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MinimalistAuthentication
2
- VERSION = '1.0.0'
2
+ VERSION = '1.1.0'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: minimalist_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Baldwin
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-07-03 00:00:00.000000000 Z
12
+ date: 2017-09-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
102
102
  version: '0'
103
103
  requirements: []
104
104
  rubyforge_project:
105
- rubygems_version: 2.6.12
105
+ rubygems_version: 2.6.13
106
106
  signing_key:
107
107
  specification_version: 4
108
108
  summary: A Rails authentication plugin that takes a minimalist approach.