monban 0.0.14 → 0.0.15

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 88fcb289b4f7cb94c7e1db2b0f73839834199e44
4
- data.tar.gz: a702fa411b1291d301504036c074ecffb9966250
3
+ metadata.gz: de0ec82d19c70154d42f8f7190037d760b4646f6
4
+ data.tar.gz: f48908fd2c9779d41abdc43ec9a275861c2b200a
5
5
  SHA512:
6
- metadata.gz: 648921ba94be7351c4d8926bf853713a4bfa78c5971a04ec98465ce164f47b0e55419db47c3bd04a228aa7b68a21d5ddc302dd4aaf9f4a6bab42da24fce15367
7
- data.tar.gz: 034a4de27934f0f068a7f02be53576ec178f84dbf1492379446d4b7bea202527df3021f7d88f9451b65c3a9056630dc530bbff30a2d7569167dd1cecc448e0c6
6
+ metadata.gz: 358aab452b6adc7615911edcde97bbaba49cf55ebd3c5d485be15ab723fc76c6a94dc89901a7718be1d3732ea3f60805cd83f5bd29d70928d81015cc8f2f5884
7
+ data.tar.gz: bff158beadb5e27a3d4c1f32a37c138ac92ab358f3341139c175da0382644421c53ae57c9542f87a7de1c24e7c12dd07dea12544928fe503b47e98dc7023370d
data/.travis.yml ADDED
@@ -0,0 +1,3 @@
1
+ language: ruby
2
+ rvm:
3
+ - 2.1.1
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- monban (0.0.14)
4
+ monban (0.0.15)
5
5
  bcrypt
6
6
  rails
7
7
  warden
data/NEWS.rdoc ADDED
@@ -0,0 +1,65 @@
1
+ == 0.0.15
2
+ * Delegate user_class correctly so that config returns class
3
+ * Fixed issue authenticate session not allowing for multiple fields
4
+ * Do not hardcode User class
5
+ * Add signed out routing constraint
6
+ * Backfill NEWS.md
7
+
8
+ == 0.0.14
9
+ * Encryption of empty string is empty string.
10
+ * Remove last trace of generators.
11
+
12
+ == 0.0.13
13
+ * Monban requires Rails 4+.
14
+ * Move generators to the monban-generators gem.
15
+
16
+ == 0.0.12
17
+ * Ensure forms can't be tampered with by providing no username.
18
+ * Prevent hashing of empty string passwords.
19
+ * Memoize the configuration.
20
+
21
+ == 0.0.11
22
+ * Add `Monban::Backdoor` for easier tests.
23
+
24
+ == 0.0.10
25
+ * Add Monban::Test::ControllerHelpers for controller specs.
26
+ * Depend on the bcrypt gem, not the bcrypt-ruby gem.
27
+
28
+ == 0.0.9
29
+ * Make user creation method configurable.
30
+ * Redirect to SessionsController#new, ignoring namespace.
31
+ * Add `Monban.config.creation_method`.
32
+
33
+ == 0.0.8
34
+ * Now configurable via `Monban.configure`:
35
+ * sign in service
36
+ * sign up service
37
+ * authentication service
38
+ * user_token_store_field
39
+ * user_token_field
40
+ * Add PasswordReset service.
41
+ * Rename controller_helpers to services.
42
+ * Allos blocks to be passed into sign_in and sign_up.
43
+ * Fix error on trying to respond with HTTP 401.
44
+ * Monban does not generate a User model for you.
45
+ * Add `Monban.test_mode!` and `Monban.test_reset!`.
46
+ * Add a lot of tests.
47
+
48
+ == 0.0.7
49
+ * Check for Rails 4 or the strong_parameters gem, not just the strong_parameters gem
50
+
51
+ == 0.0.6
52
+ * [FIX] require_login should use controller and action for routing.
53
+
54
+ == 0.0.5
55
+ * [FIX] Scaffolded SessionsController should have respond_to.
56
+ * [FIX] SignUp should get the value instead of slicing.
57
+
58
+ == 0.0.4
59
+ * Cleaned up generated controllers.
60
+ * Use find_by_id instead of find so invalid sessions don't cause apps to crash.
61
+ * Hashes passed in are no longer mutated via delete.
62
+
63
+ == 0.0.3
64
+
65
+ * Fixed bug where password wasn't deleted from session params which would cause lookup to fail.
data/README.md CHANGED
@@ -22,7 +22,6 @@ Monban doesn't do the following:
22
22
  - Doesn't force you to use engine based controllers or views
23
23
  - Doesn't require you to make changes to your user model
24
24
 
25
-
26
25
  ## Installation
27
26
 
28
27
  Monban was designed to work with Rails > 4.0. Add this line to your Gemfile:
@@ -41,11 +40,11 @@ If you'd like a good starting point for building an app using Monban, it is sugg
41
40
 
42
41
  ## Usage
43
42
 
44
- Monban does currently have some out of the box expectations, but you can
43
+ Monban does currently have some out-of-the-box expectations, but you can
45
44
  configure and change any of these:
46
45
 
47
46
  - By default the model should be called `User`
48
- - Monban expects your user model to respond to create
47
+ - Monban expects your user model to respond to `create`, `id`, and `find_by`
49
48
  - You should have an `email` and `password_digest` column on your `User`
50
49
  - Passwords will be handled with BCrypt
51
50
 
@@ -1,7 +1,7 @@
1
1
  module Monban
2
2
  class Configuration
3
3
 
4
- attr_accessor :user_class, :user_token_field, :user_token_store_field
4
+ attr_accessor :user_token_field, :user_token_store_field
5
5
  attr_accessor :encryption_method, :token_comparison, :user_lookup_field
6
6
  attr_accessor :sign_in_notice
7
7
  attr_accessor :sign_in_service, :sign_up_service, :sign_out_service
@@ -9,6 +9,8 @@ module Monban
9
9
  attr_accessor :failure_app
10
10
  attr_accessor :creation_method, :find_method
11
11
 
12
+ attr_writer :user_class
13
+
12
14
  def initialize
13
15
  setup_class_defaults
14
16
  setup_token_encryption
@@ -41,6 +43,10 @@ module Monban
41
43
  end
42
44
  end
43
45
 
46
+ def user_class
47
+ @user_class.constantize
48
+ end
49
+
44
50
  private
45
51
 
46
52
  def setup_token_encryption
@@ -0,0 +1,10 @@
1
+ module Monban
2
+ module Constraints
3
+ class SignedOut
4
+ def matches?(request)
5
+ warden = request.env["warden"]
6
+ warden && warden.unauthenticated?
7
+ end
8
+ end
9
+ end
10
+ end
@@ -16,7 +16,11 @@ module Monban
16
16
  private
17
17
 
18
18
  def params_with_symbolized_keys
19
- @params.inject({}){|hash,(key,value)| hash.merge(key.to_sym => value) }
19
+ @params.inject(default_fields){|hash,(key,value)| hash.merge(key.to_sym => value) }
20
+ end
21
+
22
+ def default_fields
23
+ { Monban.config.user_lookup_field => nil }
20
24
  end
21
25
 
22
26
  def params_from_field_map
@@ -1,3 +1,5 @@
1
+ require 'warden'
2
+
1
3
  module Monban
2
4
  module Strategies
3
5
  class PasswordStrategy < ::Warden::Strategies::Base
@@ -6,7 +8,7 @@ module Monban
6
8
  end
7
9
 
8
10
  def authenticate!
9
- user = User.find_by_email(params[:email])
11
+ user = Monban.user_class.find_by(email: params[:email])
10
12
  auth = Authentication.new(user, params[:password])
11
13
  auth.authenticated? ? success!(user) : fail!("Could not log in")
12
14
  end
@@ -1,3 +1,5 @@
1
+ require 'warden'
2
+
1
3
  module Monban
2
4
  module Test
3
5
  module ControllerHelpers
@@ -1,3 +1,3 @@
1
1
  module Monban
2
- VERSION = "0.0.14"
2
+ VERSION = "0.0.15"
3
3
  end
@@ -1,3 +1,4 @@
1
+ require 'warden'
1
2
  require "monban/strategies/password_strategy"
2
3
 
3
4
  Warden::Manager.serialize_into_session do |user|
@@ -5,7 +6,7 @@ Warden::Manager.serialize_into_session do |user|
5
6
  end
6
7
 
7
8
  Warden::Manager.serialize_from_session do |id|
8
- User.find_by_id(id)
9
+ Monban.user_class.find_by(id: id)
9
10
  end
10
11
 
11
12
  Warden::Strategies.add(:password_strategy, Monban::Strategies::PasswordStrategy)
data/lib/monban.rb CHANGED
@@ -1,3 +1,4 @@
1
+ require 'warden'
1
2
  require "monban/version"
2
3
  require "monban/configuration"
3
4
  require "monban/services"
@@ -32,13 +33,12 @@ module Monban
32
33
  end
33
34
 
34
35
  def self.user_class
35
- config.user_class.constantize
36
+ config.user_class
36
37
  end
37
38
 
38
39
  def self.lookup(params, field_map)
39
40
  fields = FieldMap.new(params, field_map).to_fields
40
- default_fields = { Monban.config.user_lookup_field => nil }
41
- self.config.find_method.call(default_fields.merge(fields))
41
+ self.config.find_method.call(fields)
42
42
  end
43
43
 
44
44
  def self.test_mode!
data/monban.gemspec CHANGED
@@ -20,6 +20,7 @@ Gem::Specification.new do |gem|
20
20
  gem.add_dependency 'rails'
21
21
  gem.add_dependency 'bcrypt'
22
22
  gem.add_dependency 'warden'
23
+
23
24
  gem.add_development_dependency 'rake'
24
25
  gem.add_development_dependency 'rspec'
25
26
  gem.add_development_dependency 'rspec-rails'
@@ -0,0 +1,18 @@
1
+ require 'spec_helper'
2
+
3
+ feature 'User tries to access constrained routes' do
4
+ scenario 'they can access a route constrained to users' do
5
+ sign_in User.new
6
+
7
+ visit constrained_to_users_path
8
+ expect(page.status_code).to eq(200)
9
+ end
10
+
11
+ scenario 'they cannot access a route constrained to visitors' do
12
+ sign_in User.new
13
+
14
+ expect {
15
+ visit constrained_to_visitors_path
16
+ }.to raise_error ActionController::RoutingError
17
+ end
18
+ end
@@ -0,0 +1,14 @@
1
+ require 'spec_helper'
2
+
3
+ feature 'Visitor tries to access constrained routes' do
4
+ scenario 'they can access a route constrained to visitors' do
5
+ visit constrained_to_visitors_path
6
+ expect(page.status_code).to eq(200)
7
+ end
8
+
9
+ scenario 'they cannot access a route constrained to users' do
10
+ expect {
11
+ visit constrained_to_users_path
12
+ }.to raise_error ActionController::RoutingError
13
+ end
14
+ end
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
 
3
4
  module Monban
4
5
  describe ControllerHelpers do
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
  require 'monban/test/helpers'
3
4
 
4
5
  module Warden::Spec
data/spec/monban_spec.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'spec_helper'
2
+ require 'warden'
2
3
 
3
4
  describe 'Monban' do
4
5
  it "stores the warden config" do
@@ -10,4 +11,17 @@ describe 'Monban' do
10
11
  expect(Monban.encrypt_token('password')).to eql('password')
11
12
  expect(Monban.compare_token('password', 'password')).to be_true
12
13
  end
14
+
15
+ it "allows lookup with a field_map" do
16
+ allow(Monban::FieldMap).to receive(:new).and_return(fake_field_map)
17
+ with_monban_config(find_method: -> (conditions) { true }) do
18
+ expect(-> { Monban.lookup({}, {}) }).not_to raise_exception
19
+ end
20
+ end
21
+
22
+ def fake_field_map
23
+ double(Monban::FieldMap).tap do |field_map|
24
+ allow(field_map).to receive(:to_fields).and_return(["foo=1 OR bar=1"])
25
+ end
26
+ end
13
27
  end
@@ -0,0 +1,5 @@
1
+ class ConstrainedToUsersController < ApplicationController
2
+ def show
3
+ render nothing: true
4
+ end
5
+ end
@@ -0,0 +1,5 @@
1
+ class ConstrainedToVisitorsController < ApplicationController
2
+ def show
3
+ render nothing: true
4
+ end
5
+ end
@@ -1,4 +1,15 @@
1
+ require 'monban/constraints/signed_in'
2
+ require 'monban/constraints/signed_out'
3
+
1
4
  RailsApp::Application.routes.draw do
5
+ constraints Monban::Constraints::SignedIn.new do
6
+ resource :constrained_to_users, only: [:show]
7
+ end
8
+
9
+ constraints Monban::Constraints::SignedOut.new do
10
+ resource :constrained_to_visitors, only: [:show]
11
+ end
12
+
2
13
  resources :posts, only: [:index]
3
14
  resources :users, only: [:create]
4
15
  resource :failure, only: [:show]
data/spec/spec_helper.rb CHANGED
@@ -3,24 +3,29 @@ $LOAD_PATH.unshift File.dirname(__FILE__)
3
3
 
4
4
  require 'rails_app/config/environment'
5
5
  require 'rspec/rails'
6
+ require 'warden'
6
7
  require 'monban'
7
8
  require 'capybara'
8
9
 
9
10
  RSpec.configure do |config|
10
11
  config.include Warden::Test::Helpers
12
+ config.include Monban::Test::Helpers, type: :feature
11
13
  config.order = "random"
12
14
  end
13
15
 
14
16
  def with_monban_config(hash, &block)
15
- old_config = {}
16
- hash.each do |key, value|
17
- old_config[key] = Monban.config.send(key)
18
- Monban.config.send(:"#{key}=", value)
19
- end
17
+ begin
18
+ old_config = {}
19
+ hash.each do |key, value|
20
+ old_config[key] = Monban.config.send(key)
21
+ Monban.config.send(:"#{key}=", value)
22
+ end
20
23
 
21
- yield
24
+ yield
25
+ ensure
22
26
 
23
- old_config.each do |key, value|
24
- Monban.config.send(:"#{key}=", old_config[key])
27
+ old_config.each do |key, value|
28
+ Monban.config.send(:"#{key}=", old_config[key])
29
+ end
25
30
  end
26
31
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: monban
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.14
4
+ version: 0.0.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - halogenandtoast
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-05-14 00:00:00.000000000 Z
12
+ date: 2014-06-12 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rails
@@ -145,16 +145,18 @@ extensions: []
145
145
  extra_rdoc_files: []
146
146
  files:
147
147
  - ".gitignore"
148
- - CHANGELOG.rdoc
148
+ - ".travis.yml"
149
149
  - Gemfile
150
150
  - Gemfile.lock
151
151
  - LICENSE.txt
152
+ - NEWS.rdoc
152
153
  - README.md
153
154
  - Rakefile
154
155
  - lib/monban.rb
155
156
  - lib/monban/back_door.rb
156
157
  - lib/monban/configuration.rb
157
158
  - lib/monban/constraints/signed_in.rb
159
+ - lib/monban/constraints/signed_out.rb
158
160
  - lib/monban/controller_helpers.rb
159
161
  - lib/monban/field_map.rb
160
162
  - lib/monban/railtie.rb
@@ -170,10 +172,12 @@ files:
170
172
  - lib/monban/version.rb
171
173
  - lib/monban/warden_setup.rb
172
174
  - monban.gemspec
175
+ - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
173
176
  - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
174
177
  - spec/features/visitor/visitor_is_unauthorized_spec.rb
175
178
  - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
176
179
  - spec/features/visitor/visitor_signs_up_spec.rb
180
+ - spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
177
181
  - spec/features/visitor/visitor_uses_remember_token_spec.rb
178
182
  - spec/monban/controller_helpers_spec.rb
179
183
  - spec/monban/field_map_spec.rb
@@ -190,6 +194,8 @@ files:
190
194
  - spec/rails_app/app/assets/javascripts/application.js
191
195
  - spec/rails_app/app/assets/stylesheets/application.css
192
196
  - spec/rails_app/app/controllers/application_controller.rb
197
+ - spec/rails_app/app/controllers/constrained_to_users_controller.rb
198
+ - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
193
199
  - spec/rails_app/app/controllers/failures_controller.rb
194
200
  - spec/rails_app/app/controllers/invalid_sessions_controller.rb
195
201
  - spec/rails_app/app/controllers/posts_controller.rb
@@ -246,10 +252,12 @@ signing_key:
246
252
  specification_version: 4
247
253
  summary: Making rails authentication as simple as possible
248
254
  test_files:
255
+ - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
249
256
  - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
250
257
  - spec/features/visitor/visitor_is_unauthorized_spec.rb
251
258
  - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
252
259
  - spec/features/visitor/visitor_signs_up_spec.rb
260
+ - spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
253
261
  - spec/features/visitor/visitor_uses_remember_token_spec.rb
254
262
  - spec/monban/controller_helpers_spec.rb
255
263
  - spec/monban/field_map_spec.rb
@@ -266,6 +274,8 @@ test_files:
266
274
  - spec/rails_app/app/assets/javascripts/application.js
267
275
  - spec/rails_app/app/assets/stylesheets/application.css
268
276
  - spec/rails_app/app/controllers/application_controller.rb
277
+ - spec/rails_app/app/controllers/constrained_to_users_controller.rb
278
+ - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
269
279
  - spec/rails_app/app/controllers/failures_controller.rb
270
280
  - spec/rails_app/app/controllers/invalid_sessions_controller.rb
271
281
  - spec/rails_app/app/controllers/posts_controller.rb
@@ -298,3 +308,4 @@ test_files:
298
308
  - spec/rails_app/public/favicon.ico
299
309
  - spec/rails_app/script/rails
300
310
  - spec/spec_helper.rb
311
+ has_rdoc:
data/CHANGELOG.rdoc DELETED
@@ -1,15 +0,0 @@
1
- == 0.0.6
2
- * [FIX] require_login should use controller and action for routing.
3
-
4
- == 0.0.5
5
- * [FIX] Scaffolded SessionsController should have respond_to.
6
- * [FIX] SignUp should get the value instead of slicing.
7
-
8
- == 0.0.4
9
- * Cleaned up generated controllers.
10
- * Use find_by_id instead of find so invalid sessions don't cause apps to crash.
11
- * Hashes passed in are no longer mutated via delete.
12
-
13
- == 0.0.3
14
-
15
- * Fixed bug where password wasn't deleted from session params which would cause lookup to fail.