monban 0.0.14 → 0.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 88fcb289b4f7cb94c7e1db2b0f73839834199e44
4
- data.tar.gz: a702fa411b1291d301504036c074ecffb9966250
3
+ metadata.gz: de0ec82d19c70154d42f8f7190037d760b4646f6
4
+ data.tar.gz: f48908fd2c9779d41abdc43ec9a275861c2b200a
5
5
  SHA512:
6
- metadata.gz: 648921ba94be7351c4d8926bf853713a4bfa78c5971a04ec98465ce164f47b0e55419db47c3bd04a228aa7b68a21d5ddc302dd4aaf9f4a6bab42da24fce15367
7
- data.tar.gz: 034a4de27934f0f068a7f02be53576ec178f84dbf1492379446d4b7bea202527df3021f7d88f9451b65c3a9056630dc530bbff30a2d7569167dd1cecc448e0c6
6
+ metadata.gz: 358aab452b6adc7615911edcde97bbaba49cf55ebd3c5d485be15ab723fc76c6a94dc89901a7718be1d3732ea3f60805cd83f5bd29d70928d81015cc8f2f5884
7
+ data.tar.gz: bff158beadb5e27a3d4c1f32a37c138ac92ab358f3341139c175da0382644421c53ae57c9542f87a7de1c24e7c12dd07dea12544928fe503b47e98dc7023370d
data/.travis.yml ADDED
@@ -0,0 +1,3 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.1.1
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- monban (0.0.14)
4
+ monban (0.0.15)
5
5
  bcrypt
6
6
  rails
7
7
  warden
data/NEWS.rdoc ADDED
@@ -0,0 +1,65 @@
1
+ == 0.0.15
2
+ * Delegate user_class correctly so that config returns class
3
+ * Fixed issue authenticate session not allowing for multiple fields
4
+ * Do not hardcode User class
5
+ * Add signed out routing constraint
6
+ * Backfill NEWS.md
7
+
8
+ == 0.0.14
9
+ * Encryption of empty string is empty string.
10
+ * Remove last trace of generators.
11
+
12
+ == 0.0.13
13
+ * Monban requires Rails 4+.
14
+ * Move generators to the monban-generators gem.
15
+
16
+ == 0.0.12
17
+ * Ensure forms can't be tampered with by providing no username.
18
+ * Prevent hashing of empty string passwords.
19
+ * Memoize the configuration.
20
+
21
+ == 0.0.11
22
+ * Add `Monban::Backdoor` for easier tests.
23
+
24
+ == 0.0.10
25
+ * Add Monban::Test::ControllerHelpers for controller specs.
26
+ * Depend on the bcrypt gem, not the bcrypt-ruby gem.
27
+
28
+ == 0.0.9
29
+ * Make user creation method configurable.
30
+ * Redirect to SessionsController#new, ignoring namespace.
31
+ * Add `Monban.config.creation_method`.
32
+
33
+ == 0.0.8
34
+ * Now configurable via `Monban.configure`:
35
+ * sign in service
36
+ * sign up service
37
+ * authentication service
38
+ * user_token_store_field
39
+ * user_token_field
40
+ * Add PasswordReset service.
41
+ * Rename controller_helpers to services.
42
+ * Allos blocks to be passed into sign_in and sign_up.
43
+ * Fix error on trying to respond with HTTP 401.
44
+ * Monban does not generate a User model for you.
45
+ * Add `Monban.test_mode!` and `Monban.test_reset!`.
46
+ * Add a lot of tests.
47
+
48
+ == 0.0.7
49
+ * Check for Rails 4 or the strong_parameters gem, not just the strong_parameters gem
50
+
51
+ == 0.0.6
52
+ * [FIX] require_login should use controller and action for routing.
53
+
54
+ == 0.0.5
55
+ * [FIX] Scaffolded SessionsController should have respond_to.
56
+ * [FIX] SignUp should get the value instead of slicing.
57
+
58
+ == 0.0.4
59
+ * Cleaned up generated controllers.
60
+ * Use find_by_id instead of find so invalid sessions don't cause apps to crash.
61
+ * Hashes passed in are no longer mutated via delete.
62
+
63
+ == 0.0.3
64
+
65
+ * Fixed bug where password wasn't deleted from session params which would cause lookup to fail.
data/README.md CHANGED
@@ -22,7 +22,6 @@ Monban doesn't do the following:
22
22
  - Doesn't force you to use engine based controllers or views
23
23
  - Doesn't require you to make changes to your user model
24
24
 
25
-
26
25
  ## Installation
27
26
 
28
27
  Monban was designed to work with Rails > 4.0. Add this line to your Gemfile:
@@ -41,11 +40,11 @@ If you'd like a good starting point for building an app using Monban, it is sugg
41
40
 
42
41
  ## Usage
43
42
 
44
- Monban does currently have some out of the box expectations, but you can
43
+ Monban does currently have some out-of-the-box expectations, but you can
45
44
  configure and change any of these:
46
45
 
47
46
  - By default the model should be called `User`
48
- - Monban expects your user model to respond to create
47
+ - Monban expects your user model to respond to `create`, `id`, and `find_by`
49
48
  - You should have an `email` and `password_digest` column on your `User`
50
49
  - Passwords will be handled with BCrypt
51
50
 
@@ -1,7 +1,7 @@
1
1
  module Monban
2
2
  class Configuration
3
3
 
4
- attr_accessor :user_class, :user_token_field, :user_token_store_field
4
+ attr_accessor :user_token_field, :user_token_store_field
5
5
  attr_accessor :encryption_method, :token_comparison, :user_lookup_field
6
6
  attr_accessor :sign_in_notice
7
7
  attr_accessor :sign_in_service, :sign_up_service, :sign_out_service
@@ -9,6 +9,8 @@ module Monban
9
9
  attr_accessor :failure_app
10
10
  attr_accessor :creation_method, :find_method
11
11
 
12
+ attr_writer :user_class
13
+
12
14
  def initialize
13
15
  setup_class_defaults
14
16
  setup_token_encryption
@@ -41,6 +43,10 @@ module Monban
41
43
  end
42
44
  end
43
45
 
46
+ def user_class
47
+ @user_class.constantize
48
+ end
49
+
44
50
  private
45
51
 
46
52
  def setup_token_encryption
@@ -0,0 +1,10 @@
1
+ module Monban
2
+ module Constraints
3
+ class SignedOut
4
+ def matches?(request)
5
+ warden = request.env["warden"]
6
+ warden && warden.unauthenticated?
7
+ end
8
+ end
9
+ end
10
+ end
@@ -16,7 +16,11 @@ module Monban
16
16
  private
17
17
 
18
18
  def params_with_symbolized_keys
19
- @params.inject({}){|hash,(key,value)| hash.merge(key.to_sym => value) }
19
+ @params.inject(default_fields){|hash,(key,value)| hash.merge(key.to_sym => value) }
20
+ end
21
+
22
+ def default_fields
23
+ { Monban.config.user_lookup_field => nil }
20
24
  end
21
25
 
22
26
  def params_from_field_map
@@ -1,3 +1,5 @@
1
+ require 'warden'
2
+
1
3
  module Monban
2
4
  module Strategies
3
5
  class PasswordStrategy < ::Warden::Strategies::Base
@@ -6,7 +8,7 @@ module Monban
6
8
  end
7
9
 
8
10
  def authenticate!
9
- user = User.find_by_email(params[:email])
11
+ user = Monban.user_class.find_by(email: params[:email])
10
12
  auth = Authentication.new(user, params[:password])
11
13
  auth.authenticated? ? success!(user) : fail!("Could not log in")
12
14
  end
@@ -1,3 +1,5 @@
1
+ require 'warden'
2
+
1
3
  module Monban
2
4
  module Test
3
5
  module ControllerHelpers
@@ -1,3 +1,3 @@
1
1
  module Monban
2
- VERSION = "0.0.14"
2
+ VERSION = "0.0.15"
3
3
  end
@@ -1,3 +1,4 @@
1
+ require 'warden'
1
2
  require "monban/strategies/password_strategy"
2
3
 
3
4
  Warden::Manager.serialize_into_session do |user|
@@ -5,7 +6,7 @@ Warden::Manager.serialize_into_session do |user|
5
6
  end
6
7
 
7
8
  Warden::Manager.serialize_from_session do |id|
8
- User.find_by_id(id)
9
+ Monban.user_class.find_by(id: id)
9
10
  end
10
11
 
11
12
  Warden::Strategies.add(:password_strategy, Monban::Strategies::PasswordStrategy)
data/lib/monban.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require 'warden'
1
2
  require "monban/version"
2
3
  require "monban/configuration"
3
4
  require "monban/services"
@@ -32,13 +33,12 @@ module Monban
32
33
  end
33
34
 
34
35
  def self.user_class
35
- config.user_class.constantize
36
+ config.user_class
36
37
  end
37
38
 
38
39
  def self.lookup(params, field_map)
39
40
  fields = FieldMap.new(params, field_map).to_fields
40
- default_fields = { Monban.config.user_lookup_field => nil }
41
- self.config.find_method.call(default_fields.merge(fields))
41
+ self.config.find_method.call(fields)
42
42
  end
43
43
 
44
44
  def self.test_mode!
data/monban.gemspec CHANGED
@@ -20,6 +20,7 @@ Gem::Specification.new do |gem|
20
20
  gem.add_dependency 'rails'
21
21
  gem.add_dependency 'bcrypt'
22
22
  gem.add_dependency 'warden'
23
+
23
24
  gem.add_development_dependency 'rake'
24
25
  gem.add_development_dependency 'rspec'
25
26
  gem.add_development_dependency 'rspec-rails'
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+
3
+ feature 'User tries to access constrained routes' do
4
+ scenario 'they can access a route constrained to users' do
5
+ sign_in User.new
6
+
7
+ visit constrained_to_users_path
8
+ expect(page.status_code).to eq(200)
9
+ end
10
+
11
+ scenario 'they cannot access a route constrained to visitors' do
12
+ sign_in User.new
13
+
14
+ expect {
15
+ visit constrained_to_visitors_path
16
+ }.to raise_error ActionController::RoutingError
17
+ end
18
+ end
@@ -0,0 +1,14 @@
1
+ require 'spec_helper'
2
+
3
+ feature 'Visitor tries to access constrained routes' do
4
+ scenario 'they can access a route constrained to visitors' do
5
+ visit constrained_to_visitors_path
6
+ expect(page.status_code).to eq(200)
7
+ end
8
+
9
+ scenario 'they cannot access a route constrained to users' do
10
+ expect {
11
+ visit constrained_to_users_path
12
+ }.to raise_error ActionController::RoutingError
13
+ end
14
+ end
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
 
3
4
  module Monban
4
5
  describe ControllerHelpers do
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
  require 'monban/test/helpers'
3
4
 
4
5
  module Warden::Spec
data/spec/monban_spec.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
 
3
4
  describe 'Monban' do
4
5
  it "stores the warden config" do
@@ -10,4 +11,17 @@ describe 'Monban' do
10
11
  expect(Monban.encrypt_token('password')).to eql('password')
11
12
  expect(Monban.compare_token('password', 'password')).to be_true
12
13
  end
14
+
15
+ it "allows lookup with a field_map" do
16
+ allow(Monban::FieldMap).to receive(:new).and_return(fake_field_map)
17
+ with_monban_config(find_method: -> (conditions) { true }) do
18
+ expect(-> { Monban.lookup({}, {}) }).not_to raise_exception
19
+ end
20
+ end
21
+
22
+ def fake_field_map
23
+ double(Monban::FieldMap).tap do |field_map|
24
+ allow(field_map).to receive(:to_fields).and_return(["foo=1 OR bar=1"])
25
+ end
26
+ end
13
27
  end
@@ -0,0 +1,5 @@
1
+ class ConstrainedToUsersController < ApplicationController
2
+ def show
3
+ render nothing: true
4
+ end
5
+ end
@@ -0,0 +1,5 @@
1
+ class ConstrainedToVisitorsController < ApplicationController
2
+ def show
3
+ render nothing: true
4
+ end
5
+ end
@@ -1,4 +1,15 @@
1
+ require 'monban/constraints/signed_in'
2
+ require 'monban/constraints/signed_out'
3
+
1
4
  RailsApp::Application.routes.draw do
5
+ constraints Monban::Constraints::SignedIn.new do
6
+ resource :constrained_to_users, only: [:show]
7
+ end
8
+
9
+ constraints Monban::Constraints::SignedOut.new do
10
+ resource :constrained_to_visitors, only: [:show]
11
+ end
12
+
2
13
  resources :posts, only: [:index]
3
14
  resources :users, only: [:create]
4
15
  resource :failure, only: [:show]
data/spec/spec_helper.rb CHANGED
@@ -3,24 +3,29 @@ $LOAD_PATH.unshift File.dirname(__FILE__)
3
3
 
4
4
  require 'rails_app/config/environment'
5
5
  require 'rspec/rails'
6
+ require 'warden'
6
7
  require 'monban'
7
8
  require 'capybara'
8
9
 
9
10
  RSpec.configure do |config|
10
11
  config.include Warden::Test::Helpers
12
+ config.include Monban::Test::Helpers, type: :feature
11
13
  config.order = "random"
12
14
  end
13
15
 
14
16
  def with_monban_config(hash, &block)
15
- old_config = {}
16
- hash.each do |key, value|
17
- old_config[key] = Monban.config.send(key)
18
- Monban.config.send(:"#{key}=", value)
19
- end
17
+ begin
18
+ old_config = {}
19
+ hash.each do |key, value|
20
+ old_config[key] = Monban.config.send(key)
21
+ Monban.config.send(:"#{key}=", value)
22
+ end
20
23
 
21
- yield
24
+ yield
25
+ ensure
22
26
 
23
- old_config.each do |key, value|
24
- Monban.config.send(:"#{key}=", old_config[key])
27
+ old_config.each do |key, value|
28
+ Monban.config.send(:"#{key}=", old_config[key])
29
+ end
25
30
  end
26
31
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: monban
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.14
4
+ version: 0.0.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - halogenandtoast
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-05-14 00:00:00.000000000 Z
12
+ date: 2014-06-12 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -145,16 +145,18 @@ extensions: []
145
145
  extra_rdoc_files: []
146
146
  files:
147
147
  - ".gitignore"
148
- - CHANGELOG.rdoc
148
+ - ".travis.yml"
149
149
  - Gemfile
150
150
  - Gemfile.lock
151
151
  - LICENSE.txt
152
+ - NEWS.rdoc
152
153
  - README.md
153
154
  - Rakefile
154
155
  - lib/monban.rb
155
156
  - lib/monban/back_door.rb
156
157
  - lib/monban/configuration.rb
157
158
  - lib/monban/constraints/signed_in.rb
159
+ - lib/monban/constraints/signed_out.rb
158
160
  - lib/monban/controller_helpers.rb
159
161
  - lib/monban/field_map.rb
160
162
  - lib/monban/railtie.rb
@@ -170,10 +172,12 @@ files:
170
172
  - lib/monban/version.rb
171
173
  - lib/monban/warden_setup.rb
172
174
  - monban.gemspec
175
+ - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
173
176
  - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
174
177
  - spec/features/visitor/visitor_is_unauthorized_spec.rb
175
178
  - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
176
179
  - spec/features/visitor/visitor_signs_up_spec.rb
180
+ - spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
177
181
  - spec/features/visitor/visitor_uses_remember_token_spec.rb
178
182
  - spec/monban/controller_helpers_spec.rb
179
183
  - spec/monban/field_map_spec.rb
@@ -190,6 +194,8 @@ files:
190
194
  - spec/rails_app/app/assets/javascripts/application.js
191
195
  - spec/rails_app/app/assets/stylesheets/application.css
192
196
  - spec/rails_app/app/controllers/application_controller.rb
197
+ - spec/rails_app/app/controllers/constrained_to_users_controller.rb
198
+ - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
193
199
  - spec/rails_app/app/controllers/failures_controller.rb
194
200
  - spec/rails_app/app/controllers/invalid_sessions_controller.rb
195
201
  - spec/rails_app/app/controllers/posts_controller.rb
@@ -246,10 +252,12 @@ signing_key:
246
252
  specification_version: 4
247
253
  summary: Making rails authentication as simple as possible
248
254
  test_files:
255
+ - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
249
256
  - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
250
257
  - spec/features/visitor/visitor_is_unauthorized_spec.rb
251
258
  - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
252
259
  - spec/features/visitor/visitor_signs_up_spec.rb
260
+ - spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
253
261
  - spec/features/visitor/visitor_uses_remember_token_spec.rb
254
262
  - spec/monban/controller_helpers_spec.rb
255
263
  - spec/monban/field_map_spec.rb
@@ -266,6 +274,8 @@ test_files:
266
274
  - spec/rails_app/app/assets/javascripts/application.js
267
275
  - spec/rails_app/app/assets/stylesheets/application.css
268
276
  - spec/rails_app/app/controllers/application_controller.rb
277
+ - spec/rails_app/app/controllers/constrained_to_users_controller.rb
278
+ - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
269
279
  - spec/rails_app/app/controllers/failures_controller.rb
270
280
  - spec/rails_app/app/controllers/invalid_sessions_controller.rb
271
281
  - spec/rails_app/app/controllers/posts_controller.rb
@@ -298,3 +308,4 @@ test_files:
298
308
  - spec/rails_app/public/favicon.ico
299
309
  - spec/rails_app/script/rails
300
310
  - spec/spec_helper.rb
311
+ has_rdoc:
data/CHANGELOG.rdoc DELETED
@@ -1,15 +0,0 @@
1
- == 0.0.6
2
- * [FIX] require_login should use controller and action for routing.
3
-
4
- == 0.0.5
5
- * [FIX] Scaffolded SessionsController should have respond_to.
6
- * [FIX] SignUp should get the value instead of slicing.
7
-
8
- == 0.0.4
9
- * Cleaned up generated controllers.
10
- * Use find_by_id instead of find so invalid sessions don't cause apps to crash.
11
- * Hashes passed in are no longer mutated via delete.
12
-
13
- == 0.0.3
14
-
15
- * Fixed bug where password wasn't deleted from session params which would cause lookup to fail.