monban-core 0.1.0

data/lib/monban/use_case/auth/token/reset.rb

@@ -0,0 +1,99 @@
+require "monban/use_case/base"
+require "monban/use_case/auth/token"
+
+require "getto/params"
+
+module Monban
+  module UseCase
+    module Auth
+      module Token
+        class Reset < Base
+          include Token::Helper
+
+          initialize_with(
+            error:       [:server_error!, :invalid_account!],
+            time:        [:now],
+            logger:      [:log],
+            token:       [:create],
+            reset_token: [:create],
+            auth:        [:reset],
+            mailer:      [:send_mail],
+
+            expire: Integer,
+
+            repository: [
+              :transaction,
+              :account_id_by_email,
+              :public_id_exists?,
+              :insert_public_id,
+              :login_id,
+              :wipe_old_reset_password_token,
+              :reset_password_token_exists?,
+              :insert_reset_password_token,
+            ],
+          )
+
+          def send_mail(params)
+            Getto::Params.new.validate(params) do |v|
+              v.hash(
+                email: v.combine([v.string, v.match(%r{@})]){|val| param_error!(email: val) },
+              )
+            end or param_error!(params: params)
+
+            account_id = repository.account_id_by_email(
+              email: params[:email],
+            ) or error.invalid_account!
+
+            token = create(
+              account_id: account_id,
+            )
+
+            mailer.send_mail(
+              email: params[:email],
+              token: token,
+            )
+
+            nil
+          end
+
+          private
+
+            def create(account_id:)
+              repository.transaction do
+                repository.wipe_old_reset_password_token(now: time.now)
+
+                reset_token = generate_reset_token!(account_id: account_id)
+
+                auth.reset(
+                  public_id:   generate_public_id!(account_id: account_id),
+                  reset_token: reset_token,
+                  expired_at:  time.now + expire,
+                )
+              end
+            end
+
+            def generate_reset_token!(account_id:)
+              i = 0
+              while i < 100 do
+                i += 1
+
+                token = reset_token.create
+                unless repository.reset_password_token_exists?(reset_token: token)
+                  repository.insert_reset_password_token(
+                    account_id:  account_id,
+                    reset_token: token,
+                    created_at:  time.now,
+                    expired_at:  time.now + expire,
+                  )
+                  return token
+                end
+              end
+
+              error.server_error! "failed generate reset_token"
+            end
+
+        end
+      end
+    end
+  end
+end

data/lib/monban/use_case/auth/token.rb

@@ -0,0 +1,39 @@
+module Monban
+  module UseCase
+    module Auth
+      module Token
+        module Helper
+          private
+
+            def generate_public_id!(account_id:)
+              i = 0
+              while i < 100 do
+                i += 1
+
+                public_id = token.create
+                unless repository.public_id_exists?(public_id: public_id)
+                  repository.insert_public_id(
+                    account_id: account_id,
+                    public_id:  public_id,
+                    created_at: time.now,
+                    expired_at: time.now + expire,
+                  )
+
+                  logger.log(generate_public_id: {
+                    account_id: account_id,
+                    public_id:  public_id,
+                    login_id:   repository.login_id(account_id: account_id),
+                  })
+
+                  return public_id
+                end
+              end
+
+              error.server_error! "failed generate public_id"
+            end
+
+        end
+      end
+    end
+  end
+end

data/lib/monban/use_case/auth/verify/authy.rb

@@ -0,0 +1,43 @@
+require "monban/use_case/base"
+
+require "getto/params"
+
+module Monban
+  module UseCase
+    module Auth
+      module Verify
+        class Authy < Base
+
+          initialize_with(
+            error: [:invalid_params!, :invalid_account!],
+            authy: [:verify],
+            repository: [
+              :authy_id,
+            ],
+          )
+
+          def verify(params)
+            Getto::Params.new.validate(params) do |v|
+              v.hash(
+                account_id:  v.integer                         {|val| param_error!(account_id: val) },
+                authy_token: v.combine([v.string, v.not_empty]){|val| param_error!(authy_token: val) },
+              )
+            end or param_error!(params: params)
+
+            authy_id = repository.authy_id(
+              account_id: params[:account_id],
+            ) or error.invalid_account! "account_id: #{params[:account_id]}"
+
+            authy.verify(
+              authy_id:    authy_id,
+              authy_token: params[:authy_token],
+            ) or error.invalid_account! "authy_token unmatched"
+
+            nil
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/monban/use_case/auth/verify/password.rb

@@ -0,0 +1,65 @@
+require "monban/use_case/base"
+
+require "getto/params"
+
+module Monban
+  module UseCase
+    module Auth
+      module Verify
+        class Password < Base
+          include Getto::InitializeWith
+
+          initialize_with(
+            error: [:invalid_params!, :invalid_account!, :invalid_login!],
+            repository: [
+              :account_id_by_login_id,
+              :password_salt,
+              :password_hash_match?,
+            ],
+
+            password: [:hash_secret],
+          )
+
+          def verify(params)
+            Getto::Params.new.validate(params) do |v|
+              v.hash(
+                login_id: v.combine([v.string, v.not_empty]){|val| param_error!(login_id: val) },
+                password: v.combine([v.string, v.not_empty]){|val| param_error!(password: val) },
+              )
+            end or param_error!(params: params)
+
+            account_id = repository.account_id_by_login_id(
+              login_id: params[:login_id],
+            ) or error.invalid_account! "login_id: #{params[:login_id]}"
+
+            password_match?(
+              account_id: account_id,
+              password:   params[:password],
+            ) or error.invalid_login! "password not matched"
+
+            account_id
+          end
+
+          private
+
+            def password_match?(account_id:, password:)
+              unless salt = repository.password_salt(account_id: account_id)
+                error.invalid_login! "password not registered"
+              end
+
+              password_hash = self.password.hash_secret(
+                password: password,
+                salt: salt,
+              )
+
+              repository.password_hash_match?(
+                account_id:    account_id,
+                password_hash: password_hash,
+              )
+            end
+
+        end
+      end
+    end
+  end
+end

data/lib/monban/use_case/auth/verify/reset_token.rb

@@ -0,0 +1,41 @@
+require "monban/use_case/base"
+
+require "getto/params"
+
+module Monban
+  module UseCase
+    module Auth
+      module Verify
+        class ResetToken < Base
+          include Getto::InitializeWith
+
+          initialize_with(
+            error: [:invalid_params!, :invalid_account!],
+            time:  [:now],
+            repository: [
+              :valid_reset_password_token?,
+            ],
+          )
+
+          def verify(params)
+            Getto::Params.new.validate(params) do |v|
+              v.hash(
+                account_id:  v.integer                         {|val| param_error!(account_id: val) },
+                reset_token: v.combine([v.string, v.not_empty]){|val| param_error!(reset_token: val) },
+              )
+            end or param_error!(params: params)
+
+            repository.valid_reset_password_token?(
+              account_id:  params[:account_id],
+              reset_token: params[:reset_token],
+              now:         time.now
+            ) or error.invalid_account! "reset_token failed: #{params}"
+
+            nil
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/monban/use_case/base.rb

@@ -0,0 +1,15 @@
+require "getto/initialize_with"
+
+module Monban
+  module UseCase
+    class Base
+      include Getto::InitializeWith
+
+      private
+
+        def param_error!(params)
+          error.invalid_params! params.map{|k,v| "#{k}: #{v}"}
+        end
+    end
+  end
+end

data/monban-core.gemspec

@@ -0,0 +1,39 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "monban/core/version"
+
+Gem::Specification.new do |spec|
+  spec.required_ruby_version = ">= 2.5.1"
+
+  spec.name          = "monban-core"
+  spec.version       = Monban::Core::VERSION
+  spec.authors       = ["shun@getto.systems"]
+  spec.email         = ["shun@getto.systems"]
+
+  spec.summary       = %q{Monban - core}
+  spec.description   = %q{Monban - The authentication plugin for web api based on jwt}
+  spec.homepage      = "https://github.com/getto-systems/rubygems-monban-core"
+  spec.license       = "MIT"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+
+  spec.extra_rdoc_files = ['README.md', 'LICENSE']
+  spec.rdoc_options = %w[--title Monban::Core --main README.md]
+
+  spec.add_runtime_dependency "getto-initialize_with", "~> 1.0"
+  spec.add_runtime_dependency "getto-params", "~> 1.0"
+  spec.add_runtime_dependency "jwt", "~> 2.1"
+
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "minitest", "~> 5.0"
+  spec.add_development_dependency "simplecov", "~> 0.16"
+end

metadata

@@ -0,0 +1,184 @@
+--- !ruby/object:Gem::Specification
+name: monban-core
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- shun@getto.systems
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-10-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: getto-initialize_with
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: getto-params
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.16'
+description: Monban - The authentication plugin for web api based on jwt
+email:
+- shun@getto.systems
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.md
+- LICENSE
+files:
+- ".envrc"
+- ".git_release_request.rc.sh"
+- ".gitignore"
+- ".gitlab-ci.yml"
+- ".travis.yml"
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- lib/monban/core/version.rb
+- lib/monban/domain/auth.rb
+- lib/monban/domain/password.rb
+- lib/monban/use_case/account/admin.rb
+- lib/monban/use_case/account/change/email.rb
+- lib/monban/use_case/account/change/login_id.rb
+- lib/monban/use_case/account/change/password.rb
+- lib/monban/use_case/account/change/roles.rb
+- lib/monban/use_case/account/fetch.rb
+- lib/monban/use_case/account/register.rb
+- lib/monban/use_case/account/search.rb
+- lib/monban/use_case/account/unregister.rb
+- lib/monban/use_case/auth/account.rb
+- lib/monban/use_case/auth/change/authy.rb
+- lib/monban/use_case/auth/change/password.rb
+- lib/monban/use_case/auth/token.rb
+- lib/monban/use_case/auth/token/authy.rb
+- lib/monban/use_case/auth/token/full.rb
+- lib/monban/use_case/auth/token/general.rb
+- lib/monban/use_case/auth/token/renew.rb
+- lib/monban/use_case/auth/token/reset.rb
+- lib/monban/use_case/auth/verify/authy.rb
+- lib/monban/use_case/auth/verify/password.rb
+- lib/monban/use_case/auth/verify/reset_token.rb
+- lib/monban/use_case/base.rb
+- monban-core.gemspec
+homepage: https://github.com/getto-systems/rubygems-monban-core
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options:
+- "--title"
+- Monban::Core
+- "--main"
+- README.md
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.5.1
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.7
+signing_key: 
+specification_version: 4
+summary: Monban - core
+test_files: []