monban 0.0.14 → 0.0.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 88fcb289b4f7cb94c7e1db2b0f73839834199e44
-  data.tar.gz: a702fa411b1291d301504036c074ecffb9966250
+  metadata.gz: de0ec82d19c70154d42f8f7190037d760b4646f6
+  data.tar.gz: f48908fd2c9779d41abdc43ec9a275861c2b200a
 SHA512:
-  metadata.gz: 648921ba94be7351c4d8926bf853713a4bfa78c5971a04ec98465ce164f47b0e55419db47c3bd04a228aa7b68a21d5ddc302dd4aaf9f4a6bab42da24fce15367
-  data.tar.gz: 034a4de27934f0f068a7f02be53576ec178f84dbf1492379446d4b7bea202527df3021f7d88f9451b65c3a9056630dc530bbff30a2d7569167dd1cecc448e0c6
+  metadata.gz: 358aab452b6adc7615911edcde97bbaba49cf55ebd3c5d485be15ab723fc76c6a94dc89901a7718be1d3732ea3f60805cd83f5bd29d70928d81015cc8f2f5884
+  data.tar.gz: bff158beadb5e27a3d4c1f32a37c138ac92ab358f3341139c175da0382644421c53ae57c9542f87a7de1c24e7c12dd07dea12544928fe503b47e98dc7023370d

data/.travis.yml

@@ -0,0 +1,3 @@
+language: ruby
+rvm:
+ - 2.1.1

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    monban (0.0.14)
+    monban (0.0.15)
       bcrypt
       rails
       warden

data/NEWS.rdoc

@@ -0,0 +1,65 @@
+== 0.0.15
+* Delegate user_class correctly so that config returns class
+* Fixed issue authenticate session not allowing for multiple fields
+* Do not hardcode User class
+* Add signed out routing constraint
+* Backfill NEWS.md
+
+== 0.0.14
+* Encryption of empty string is empty string.
+* Remove last trace of generators.
+
+== 0.0.13
+* Monban requires Rails 4+.
+* Move generators to the monban-generators gem.
+
+== 0.0.12
+* Ensure forms can't be tampered with by providing no username.
+* Prevent hashing of empty string passwords.
+* Memoize the configuration.
+
+== 0.0.11
+* Add `Monban::Backdoor` for easier tests.
+
+== 0.0.10
+* Add Monban::Test::ControllerHelpers for controller specs.
+* Depend on the bcrypt gem, not the bcrypt-ruby gem.
+
+== 0.0.9
+* Make user creation method configurable.
+* Redirect to SessionsController#new, ignoring namespace.
+* Add `Monban.config.creation_method`.
+
+== 0.0.8
+* Now configurable via `Monban.configure`:
+  * sign in service
+  * sign up service
+  * authentication service
+  * user_token_store_field
+  * user_token_field
+* Add PasswordReset service.
+* Rename controller_helpers to services.
+* Allos blocks to be passed into sign_in and sign_up.
+* Fix error on trying to respond with HTTP 401.
+* Monban does not generate a User model for you.
+* Add `Monban.test_mode!` and `Monban.test_reset!`.
+* Add a lot of tests.
+
+== 0.0.7
+* Check for Rails 4 or the strong_parameters gem, not just the strong_parameters gem
+
+== 0.0.6
+* [FIX] require_login should use controller and action for routing.
+
+== 0.0.5
+* [FIX] Scaffolded SessionsController should have respond_to.
+* [FIX] SignUp should get the value instead of slicing.
+
+== 0.0.4
+* Cleaned up generated controllers.
+* Use find_by_id instead of find so invalid sessions don't cause apps to crash.
+* Hashes passed in are no longer mutated via delete.
+
+== 0.0.3
+
+* Fixed bug where password wasn't deleted from session params which would cause lookup to fail.

data/README.md

@@ -22,7 +22,6 @@ Monban doesn't do the following:
 - Doesn't force you to use engine based controllers or views
 - Doesn't require you to make changes to your user model
 
-
 ## Installation
 
 Monban was designed to work with Rails > 4.0. Add this line to your Gemfile:
@@ -41,11 +40,11 @@ If you'd like a good starting point for building an app using Monban, it is sugg
 
 ## Usage
 
-Monban does currently have some out of the box expectations, but you can
+Monban does currently have some out-of-the-box expectations, but you can
 configure and change any of these:
 
 - By default the model should be called `User`
-- Monban expects your user model to respond to create
+- Monban expects your user model to respond to `create`, `id`, and `find_by`
 - You should have an `email` and `password_digest` column on your `User`
 - Passwords will be handled with BCrypt
 

data/lib/monban/configuration.rb

@@ -1,7 +1,7 @@
 module Monban
   class Configuration
 
-    attr_accessor :user_class, :user_token_field, :user_token_store_field
+    attr_accessor :user_token_field, :user_token_store_field
     attr_accessor :encryption_method, :token_comparison, :user_lookup_field
     attr_accessor :sign_in_notice
     attr_accessor :sign_in_service, :sign_up_service, :sign_out_service
@@ -9,6 +9,8 @@ module Monban
     attr_accessor :failure_app
     attr_accessor :creation_method, :find_method
 
+    attr_writer :user_class
+
     def initialize
       setup_class_defaults
       setup_token_encryption
@@ -41,6 +43,10 @@ module Monban
       end
     end
 
+    def user_class
+      @user_class.constantize
+    end
+
     private
 
     def setup_token_encryption

data/lib/monban/constraints/signed_out.rb

@@ -0,0 +1,10 @@
+module Monban
+  module Constraints
+    class SignedOut
+      def matches?(request)
+        warden = request.env["warden"]
+        warden && warden.unauthenticated?
+      end
+    end
+  end
+end

data/lib/monban/field_map.rb

@@ -16,7 +16,11 @@ module Monban
     private
 
     def params_with_symbolized_keys
-      @params.inject({}){|hash,(key,value)| hash.merge(key.to_sym => value) }
+      @params.inject(default_fields){|hash,(key,value)| hash.merge(key.to_sym => value) }
+    end
+
+    def default_fields
+      { Monban.config.user_lookup_field => nil }
     end
 
     def params_from_field_map

data/lib/monban/strategies/password_strategy.rb

@@ -1,3 +1,5 @@
+require 'warden'
+
 module Monban
   module Strategies
     class PasswordStrategy < ::Warden::Strategies::Base
@@ -6,7 +8,7 @@ module Monban
       end
 
       def authenticate!
-        user = User.find_by_email(params[:email])
+        user = Monban.user_class.find_by(email: params[:email])
         auth = Authentication.new(user, params[:password])
         auth.authenticated? ? success!(user) : fail!("Could not log in")
       end

data/lib/monban/test/controller_helpers.rb

@@ -1,3 +1,5 @@
+require 'warden'
+
 module Monban
   module Test
     module ControllerHelpers

data/lib/monban/version.rb

@@ -1,3 +1,3 @@
 module Monban
-  VERSION = "0.0.14"
+  VERSION = "0.0.15"
 end

data/lib/monban/warden_setup.rb

@@ -1,3 +1,4 @@
+require 'warden'
 require "monban/strategies/password_strategy"
 
 Warden::Manager.serialize_into_session do |user|
@@ -5,7 +6,7 @@ Warden::Manager.serialize_into_session do |user|
 end
 
 Warden::Manager.serialize_from_session do |id|
-  User.find_by_id(id)
+  Monban.user_class.find_by(id: id)
 end
 
 Warden::Strategies.add(:password_strategy, Monban::Strategies::PasswordStrategy)

data/lib/monban.rb

@@ -1,3 +1,4 @@
+require 'warden'
 require "monban/version"
 require "monban/configuration"
 require "monban/services"
@@ -32,13 +33,12 @@ module Monban
   end
 
   def self.user_class
-    config.user_class.constantize
+    config.user_class
   end
 
   def self.lookup(params, field_map)
     fields = FieldMap.new(params, field_map).to_fields
-    default_fields = { Monban.config.user_lookup_field => nil }
-    self.config.find_method.call(default_fields.merge(fields))
+    self.config.find_method.call(fields)
   end
 
   def self.test_mode!

data/monban.gemspec

@@ -20,6 +20,7 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'rails'
   gem.add_dependency 'bcrypt'
   gem.add_dependency 'warden'
+
   gem.add_development_dependency 'rake'
   gem.add_development_dependency 'rspec'
   gem.add_development_dependency 'rspec-rails'

data/spec/features/user/user_tries_to_access_constrained_routes_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+feature 'User tries to access constrained routes' do
+  scenario 'they can access a route constrained to users' do
+    sign_in User.new
+
+    visit constrained_to_users_path
+    expect(page.status_code).to eq(200)
+  end
+
+  scenario 'they cannot access a route constrained to visitors' do
+    sign_in User.new
+
+    expect {
+      visit constrained_to_visitors_path
+    }.to raise_error ActionController::RoutingError
+  end
+end

data/spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+feature 'Visitor tries to access constrained routes' do
+  scenario 'they can access a route constrained to visitors' do
+    visit constrained_to_visitors_path
+    expect(page.status_code).to eq(200)
+  end
+
+  scenario 'they cannot access a route constrained to users' do
+    expect {
+      visit constrained_to_users_path
+    }.to raise_error ActionController::RoutingError
+  end
+end

data/spec/monban/controller_helpers_spec.rb

@@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'warden'
 
 module Monban
   describe ControllerHelpers do

data/spec/monban/test_helpers_spec.rb

@@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'warden'
 require 'monban/test/helpers'
 
 module Warden::Spec

data/spec/monban_spec.rb

@@ -1,4 +1,5 @@
 require 'spec_helper'
+require 'warden'
 
 describe 'Monban' do
   it "stores the warden config" do
@@ -10,4 +11,17 @@ describe 'Monban' do
     expect(Monban.encrypt_token('password')).to eql('password')
     expect(Monban.compare_token('password', 'password')).to be_true
   end
+
+  it "allows lookup with a field_map" do
+    allow(Monban::FieldMap).to receive(:new).and_return(fake_field_map)
+    with_monban_config(find_method: -> (conditions) { true }) do
+      expect(-> { Monban.lookup({}, {}) }).not_to raise_exception
+    end
+  end
+
+  def fake_field_map
+    double(Monban::FieldMap).tap do |field_map|
+      allow(field_map).to receive(:to_fields).and_return(["foo=1 OR bar=1"])
+    end
+  end
 end

data/spec/rails_app/app/controllers/constrained_to_users_controller.rb

@@ -0,0 +1,5 @@
+class ConstrainedToUsersController < ApplicationController
+  def show
+    render nothing: true
+  end
+end

data/spec/rails_app/app/controllers/constrained_to_visitors_controller.rb

@@ -0,0 +1,5 @@
+class ConstrainedToVisitorsController < ApplicationController
+  def show
+    render nothing: true
+  end
+end

data/spec/rails_app/config/routes.rb

@@ -1,4 +1,15 @@
+require 'monban/constraints/signed_in'
+require 'monban/constraints/signed_out'
+
 RailsApp::Application.routes.draw do
+  constraints Monban::Constraints::SignedIn.new do
+    resource :constrained_to_users, only: [:show]
+  end
+
+  constraints Monban::Constraints::SignedOut.new do
+    resource :constrained_to_visitors, only: [:show]
+  end
+
   resources :posts, only: [:index]
   resources :users, only: [:create]
   resource :failure, only: [:show]

data/spec/spec_helper.rb

@@ -3,24 +3,29 @@ $LOAD_PATH.unshift File.dirname(__FILE__)
 
 require 'rails_app/config/environment'
 require 'rspec/rails'
+require 'warden'
 require 'monban'
 require 'capybara'
 
 RSpec.configure do |config|
   config.include Warden::Test::Helpers
+   config.include Monban::Test::Helpers, type: :feature
   config.order = "random"
 end
 
 def with_monban_config(hash, &block)
-  old_config = {}
-  hash.each do |key, value|
-    old_config[key] = Monban.config.send(key)
-    Monban.config.send(:"#{key}=", value)
-  end
+  begin
+    old_config = {}
+    hash.each do |key, value|
+      old_config[key] = Monban.config.send(key)
+      Monban.config.send(:"#{key}=", value)
+    end
 
-  yield
+    yield
+  ensure
 
-  old_config.each do |key, value|
-    Monban.config.send(:"#{key}=", old_config[key])
+    old_config.each do |key, value|
+      Monban.config.send(:"#{key}=", old_config[key])
+    end
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: monban
 version: !ruby/object:Gem::Version
-  version: 0.0.14
+  version: 0.0.15
 platform: ruby
 authors:
 - halogenandtoast
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-05-14 00:00:00.000000000 Z
+date: 2014-06-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -145,16 +145,18 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
-- CHANGELOG.rdoc
+- ".travis.yml"
 - Gemfile
 - Gemfile.lock
 - LICENSE.txt
+- NEWS.rdoc
 - README.md
 - Rakefile
 - lib/monban.rb
 - lib/monban/back_door.rb
 - lib/monban/configuration.rb
 - lib/monban/constraints/signed_in.rb
+- lib/monban/constraints/signed_out.rb
 - lib/monban/controller_helpers.rb
 - lib/monban/field_map.rb
 - lib/monban/railtie.rb
@@ -170,10 +172,12 @@ files:
 - lib/monban/version.rb
 - lib/monban/warden_setup.rb
 - monban.gemspec
+- spec/features/user/user_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
 - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
 - spec/features/visitor/visitor_signs_up_spec.rb
+- spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_uses_remember_token_spec.rb
 - spec/monban/controller_helpers_spec.rb
 - spec/monban/field_map_spec.rb
@@ -190,6 +194,8 @@ files:
 - spec/rails_app/app/assets/javascripts/application.js
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/constrained_to_users_controller.rb
+- spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb
 - spec/rails_app/app/controllers/invalid_sessions_controller.rb
 - spec/rails_app/app/controllers/posts_controller.rb
@@ -246,10 +252,12 @@ signing_key:
 specification_version: 4
 summary: Making rails authentication as simple as possible
 test_files:
+- spec/features/user/user_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
 - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
 - spec/features/visitor/visitor_signs_up_spec.rb
+- spec/features/visitor/visitor_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_uses_remember_token_spec.rb
 - spec/monban/controller_helpers_spec.rb
 - spec/monban/field_map_spec.rb
@@ -266,6 +274,8 @@ test_files:
 - spec/rails_app/app/assets/javascripts/application.js
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/constrained_to_users_controller.rb
+- spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb
 - spec/rails_app/app/controllers/invalid_sessions_controller.rb
 - spec/rails_app/app/controllers/posts_controller.rb
@@ -298,3 +308,4 @@ test_files:
 - spec/rails_app/public/favicon.ico
 - spec/rails_app/script/rails
 - spec/spec_helper.rb
+has_rdoc: 

data/CHANGELOG.rdoc

@@ -1,15 +0,0 @@
-== 0.0.6
-* [FIX] require_login should use controller and action for routing.
-
-== 0.0.5
-* [FIX] Scaffolded SessionsController should have respond_to.
-* [FIX] SignUp should get the value instead of slicing.
-
-== 0.0.4
-* Cleaned up generated controllers.
-* Use find_by_id instead of find so invalid sessions don't cause apps to crash.
-* Hashes passed in are no longer mutated via delete.
-
-== 0.0.3
-
-* Fixed bug where password wasn't deleted from session params which would cause lookup to fail.