minimalist_authentication 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -2
  3. data/lib/minimalist/authentication.rb +6 -5
  4. data/lib/minimalist/sessions.rb +32 -22
  5. data/lib/minimalist/test_helper.rb +2 -2
  6. data/lib/minimalist_authentication/version.rb +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2d020d82d864706eb3048098a397f68a6dd1cbf7
4
- data.tar.gz: 0ebabb35dda1683be51aff8132a84fbb851f1da7
3
+ metadata.gz: 16ed1dfe1bdc98a54c7eb28354a075b3d0d2f750
4
+ data.tar.gz: e765bfe8fff4491147ba167239dc731ea632110d
5
5
  SHA512:
6
- metadata.gz: fb9ec1fde1bbf9d5ba15778b0b52b906b67cf2a76e5a5c44ed1159d72377b2fc313f81bde6d54423e4229111b14927ac3e7ef695dd0fc5c21b2631b0f4663a2a
7
- data.tar.gz: 82e0db4943b2b1e4b8e0fe4320876079a5a38609a0add94598bc01f4d68e101560cf1e5569814076aa62918461374068c8ad5531cf3eb87dcd3e57f4d80bb893
6
+ metadata.gz: 672dc8cb16782c78e71b420e5496ef3ecb88eba36bbe7ff18fe3f526d5787d0ea1f70a66b982616048f8b6ff2327fa305aa4559ea1aa245525c1a0f1c5f776d7
7
+ data.tar.gz: 2773fe5d5534866f6e981b79002d13222ce2aa0a35d7fa9ebeb3908444e08bd62aadbb1a1271267ee4fa31530aade23321fb91a683d8140ccf877b3620b758ab
data/README.md CHANGED
@@ -32,7 +32,7 @@ Include Minimalist::Authorization in your ApplicationController (app/controllers
32
32
  ```ruby
33
33
  class ApplicationController < ActionController::Base
34
34
  include Minimalist::Authorization
35
-
35
+
36
36
  # Lock down everything by default
37
37
  # use skip_before_action to open up specific actions
38
38
  before_action :authorization_required
@@ -43,7 +43,6 @@ Include Minimalist::Sessions in your SessionsController (app/controllers/session
43
43
  ```ruby
44
44
  class SessionsController < ApplicationController
45
45
  include Minimalist::Sessions
46
- skip_before_action :authorization_required, only: %i(new create)
47
46
  end
48
47
  ```
49
48
 
@@ -54,6 +53,9 @@ class ActiveSupport::TestCase
54
53
  end
55
54
  ```
56
55
 
56
+ ## Build
57
+ [![Build Status](https://travis-ci.org/wwidea/minimalist_authentication.svg?branch=master)](https://travis-ci.org/wwidea/minimalist_authentication)
58
+
57
59
 
58
60
  ## License
59
61
  The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
data/lib/minimalist/authentication.rb CHANGED
@@ -4,7 +4,7 @@ require 'bcrypt'
4
4
  module Minimalist
5
5
  module Authentication
6
6
  extend ActiveSupport::Concern
7
-
7
+
8
8
  GUEST_USER_EMAIL = 'guest'
9
9
  PREFERRED_DIGEST_VERSION = 3
10
10
 
@@ -29,10 +29,11 @@ module Minimalist
29
29
  end
30
30
 
31
31
  module ClassMethods
32
- def authenticate(email, password)
33
- return if email.blank? || password.blank?
34
- user = active.where(email: email).first
35
- return unless user && user.authenticated?(password)
32
+ def authenticate(params)
33
+ field, value = params.to_h.select { |key, value| %w(email username).include?(key.to_s) && value.present? }.first
34
+ return if field.blank? || value.blank? || params[:password].blank?
35
+ user = active.where(field => value).first
36
+ return unless user && user.authenticated?(params[:password])
36
37
  return user
37
38
  end
38
39
 
data/lib/minimalist/sessions.rb CHANGED
@@ -1,55 +1,65 @@
1
1
  module Minimalist
2
2
  module Sessions
3
+ extend ActiveSupport::Concern
3
4
 
4
- def show
5
- redirect_to new_session_path
5
+ included do
6
+ skip_before_action :authorization_required, only: %i(new create)
7
+ skip_before_action :verify_authenticity_token, only: %i(create destroy)
6
8
  end
7
-
9
+
8
10
  def new
9
11
  @user = User.new
10
12
  end
11
13
 
12
14
  def create
13
- if user = User.authenticate(user_params[:email], user_params[:password])
14
- user.logged_in
15
- session[:user_id] = user.id
16
- after_authentication(user)
17
- redirect_back_or_default(login_redirect_to(user))
15
+ if authenticated_user
16
+ scrub_session!
17
+ authenticated_user.logged_in
18
+ session[:user_id] = authenticated_user.id
19
+ after_authentication_success
18
20
  return
19
21
  else
20
22
  after_authentication_failure
21
- flash.now[:alert] = "Couldn't log you in as '#{user_params[:email]}'"
22
- render action: 'new'
23
23
  end
24
24
  end
25
25
 
26
26
  def destroy
27
- session[:user_id] = nil
27
+ scrub_session!
28
28
  flash[:notice] = "You have been logged out."
29
29
  redirect_to logout_redirect_to
30
30
  end
31
31
 
32
-
33
32
  private
34
-
33
+
34
+ def authenticated_user
35
+ @authenticated_user ||= User.authenticate(user_params)
36
+ end
37
+
35
38
  def user_params
36
- @user_params ||= params.require(:user).permit(:email, :password)
39
+ @user_params ||= params.require(:user).permit(:email, :username, :password)
37
40
  end
38
41
 
39
- def login_redirect_to(user)
40
- '/'
42
+ def after_authentication_success
43
+ redirect_back_or_default(login_redirect_to)
41
44
  end
42
45
 
43
- def logout_redirect_to
44
- '/'
46
+ def after_authentication_failure
47
+ flash.now[:alert] = "Couldn't log you in as '#{user_params[:email] || user_params[:username]}'"
48
+ render :new
45
49
  end
46
50
 
47
- def after_authentication(user)
48
- # overide in application
51
+ def scrub_session!
52
+ (session.keys - %w(session_id _csrf_token return_to)).each do |key|
53
+ session.delete(key)
54
+ end
49
55
  end
50
56
 
51
- def after_authentication_failure
52
- # overide in application
57
+ def login_redirect_to
58
+ root_path
59
+ end
60
+
61
+ def logout_redirect_to
62
+ new_session_path
53
63
  end
54
64
  end
55
65
  end
data/lib/minimalist/test_helper.rb CHANGED
@@ -3,8 +3,8 @@ module Minimalist
3
3
  def login_as(user_fixture_name, password = 'password')
4
4
  post session_path, params: { user: { email: users(user_fixture_name).email, password: password } }
5
5
  end
6
-
7
-
6
+
7
+
8
8
  def current_user
9
9
  @current_user ||= (@request.session[:user_id] ? User.find(@request.session[:user_id]) : nil)
10
10
  end
data/lib/minimalist_authentication/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module MinimalistAuthentication
2
- VERSION = '1.0.0'
2
+ VERSION = '1.1.0'
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: minimalist_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Baldwin
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2017-07-03 00:00:00.000000000 Z
12
+ date: 2017-09-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
102
102
  version: '0'
103
103
  requirements: []
104
104
  rubyforge_project:
105
- rubygems_version: 2.6.12
105
+ rubygems_version: 2.6.13
106
106
  signing_key:
107
107
  specification_version: 4
108
108
  summary: A Rails authentication plugin that takes a minimalist approach.