monban 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1ac25191fae11dd25ac1ddda52af84f5eba6f047
-  data.tar.gz: 840b51a801541c1bb9ded597adc1a7fa6476ff44
+  metadata.gz: cd09aa083126137a0de785ca3c26497485606236
+  data.tar.gz: c5280f21c291872564c4785f29951baa4292f541
 SHA512:
-  metadata.gz: 1aa388fa2a8b0de5977985f8a8d183b6cda66c018c7467385cc05fd20ed896ddcaf6674958ba9619b95879238a7fad2ef9f1795795ef4be530bfb665457eb3ef
-  data.tar.gz: 108534d568451cb69bf755bdc02285e1bfbc594fc080ebbf17747777e011403499c3c85bc205560f31554d78f13b31d56868389bffbdb0563456859ba84b7060
+  metadata.gz: c49cea5a7cef423381cd17dae58d410ce93d3ab919b27cd25d7256a0a19e662464ed80a97ddb9fec4fc33e2e161f07478981368234c3340b94b7458fbffbc693
+  data.tar.gz: 3e6ca5fd876a5c8af8ead41c791eb2a57a342003a9ef6404860ef14950edd1598fb2fc7f8d1b43f9615d0a457b39d6301017de2d50661fd9c601724e339ed892

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    monban (0.1.0)
+    monban (0.2.0)
       bcrypt
       rails
       warden
@@ -36,7 +36,7 @@ GEM
       thread_safe (~> 0.1)
       tzinfo (~> 1.1)
     arel (5.0.1.20140414130214)
-    bcrypt (3.1.7)
+    bcrypt (3.1.10)
     builder (3.2.2)
     capybara (2.0.2)
       mime-types (>= 1.16)

data/NEWS.rdoc

@@ -1,3 +1,14 @@
+== 0.2.0
+* `sign_in` test helper now returns the user
+* `authenticate_session` arguments are coerced to Hash
+* Monban::BackDoor can be configured with a block
+* Document validation suggestions
+* Document locale suggestions
+* Deprecate usage of Monban.user_class in favor of Monban.config.user_class
+* Make warden strategy configurable via Monban.config.authentication_strategy
+* Extract warden setup into the WardenSetup class
+* Document layout suggestions
+
 == 0.1.1
 * Link to Rubydoc in documentation
 * Fix header in documentation

data/README.md

@@ -1,6 +1,8 @@
 
 # Monban 門番
 
+[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/halogenandtoast/monban?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+
 [![Build Status](https://travis-ci.org/halogenandtoast/monban.png?branch=master)](https://travis-ci.org/halogenandtoast/monban)
 [![Code Climate](https://codeclimate.com/github/halogenandtoast/monban.png)](https://codeclimate.com/github/halogenandtoast/monban)
 
@@ -53,6 +55,64 @@ configure and change any of these:
 - You should have an `email` and `password_digest` column on your `User`
 - Passwords will be handled with BCrypt
 
+### Suggestions
+
+#### Validations
+
+Monban doesn't add validations to your user model unless you're using [monban generators] so it's suggested to add the following validations:
+
+```ruby
+validates :email, presence: true, uniqueness: true
+validates :password_digest, presence: true
+```
+
+In addition to that you'll want to add the following to your `config/locale/en.yml`:
+
+```yaml
+en:
+  activerecord:
+    attributes:
+      user:
+        password_digest: "Password"
+```
+
+Which will generate the error message `Password can't be blank` instead of `Password digest can't be blank`.
+
+#### Layout changes
+
+It is suggested you add something like this to your application layout:
+
+```erb
+<% if signed_in? %>
+  <%= link_to "Sign out", session_path, method: :delete %>
+<% else %>
+  <%= link_to "Sign in", new_session_path %>
+  <%= link_to "Sign up", new_user_path %>
+<% end %>
+```
+
+#### Guest user
+
+If you want to introduce a Guest object when a user is not signed in, you can override Monban's `current_user` method in your `ApplicationController`:
+
+```ruby
+def current_user
+  super || Guest.new
+end
+```
+
+In `app/models/`, define a `Guest` class:
+
+```ruby
+class Guest
+  def name
+    "Guest"
+  end
+end
+```
+
+This article on the [Null Object Pattern](http://robots.thoughtbot.com/handling-associations-on-null-objects) provides a good explanation of why you might want to do this.
+
 ### Controller Additions
 
 Monban provides the following controller methods:
@@ -73,6 +133,25 @@ And this filter:
 
 - `require_login`
 
+### Routing Constraints
+
+To authorize users in `config/routes.rb`:
+
+```ruby
+require "monban/constraints/signed_in"
+require "monban/constraints/signed_out"
+
+Blog::Application.routes.draw do
+  constraints Monban::Constraints::SignedIn.new do
+    root "dashboards#show", as: :dashboard
+  end
+
+  constraints Monban::Constraints::SignedOut.new do
+    root "landings#show"
+  end
+end
+```
+
 ## Usage in Tests
 
 ### Test mode
@@ -136,6 +215,16 @@ To enable this functionality you'll want to add the following to `config/environ
 config.middleware.insert_after Warden::Manager, Monban::BackDoor
 ```
 
+If you'd like to find your User model by a field other than `id`, insert the
+middleware with a block that accepts the `as` query parameter and returns an
+instance of your User model:
+
+```ruby
+config.middleware.insert_after Warden::Manager, Monban::BackDoor do |user_param|
+  User.find_by(username: user_param)
+end
+```
+
 ### Controller Specs
 
 If you are going to write controller tests, helpers are provided for those as well:

data/lib/monban/back_door.rb

@@ -16,8 +16,12 @@ module Monban
   class BackDoor
     # Create the a new BackDoor middleware for test purposes
     # @return [BackDoor]
-    def initialize(app)
+    def initialize(app, &block)
       @app = app
+
+      if block
+        @sign_in_block = block
+      end
     end
 
     # Execute the BackDoor middleware signing in the user specified with :as
@@ -33,9 +37,17 @@ module Monban
       user_id = params['as']
 
       if user_id.present?
-        user = Monban.user_class.find(user_id)
+        user = find_user(user_id)
         env["warden"].set_user(user)
       end
     end
+
+    def find_user(user_id)
+      if @sign_in_block
+        @sign_in_block.call(user_id)
+      else
+        Monban.config.user_class.find(user_id)
+      end
+    end
   end
 end

data/lib/monban/configuration.rb

@@ -10,6 +10,7 @@ module Monban
     attr_accessor :failure_app
     attr_accessor :creation_method, :find_method
     attr_accessor :no_login_handler, :no_login_redirect
+    attr_accessor :authentication_strategy
 
     attr_writer :user_class
 
@@ -18,14 +19,14 @@ module Monban
       setup_token_hashing
       setup_notices
       setup_services
-      setup_requirements
+      setup_warden_requirements
     end
 
     # Default creation method. Can be overriden via {Monban.configure}
     #
     # @see #creation_method=
     def default_creation_method
-      ->(params) { Monban.user_class.create(params) }
+      ->(params) { Monban.config.user_class.create(params) }
     end
 
     # Default hashing method. Can be overriden via {Monban.configure}
@@ -44,9 +45,9 @@ module Monban
     # Default find method. Can be overriden via {Monban.configure}
     #
     # @see #find_method=
-    # @see Monban.user_class
+    # @see Monban.config.user_class
     def default_find_method
-      ->(params) { Monban.user_class.find_by(params) }
+      ->(params) { Monban.config.user_class.find_by(params) }
     end
 
     # Default token comparison method. Can be overriden via {Monban.configure}
@@ -107,8 +108,9 @@ module Monban
       @password_reset_service = Monban::Services::PasswordReset
     end
 
-    def setup_requirements
+    def setup_warden_requirements
       @failure_app = lambda{|e|[401, {"Content-Type" => "text/plain"}, ["Authorization Failed"]] }
+      @authentication_strategy = Monban::Strategies::PasswordStrategy
     end
   end
 end

data/lib/monban/controller_helpers.rb

@@ -98,8 +98,9 @@ module Monban
 
     def authenticate_session session_params, field_map = nil
       token_field = Monban.config.user_token_field
-      password = session_params.fetch(token_field)
-      user = Monban.lookup(session_params.except(token_field), field_map)
+      session_params_hash = session_params.to_h.symbolize_keys
+      password = session_params_hash.fetch(token_field)
+      user = Monban.lookup(session_params_hash.except(token_field), field_map)
       authenticate(user, password)
     end
 

data/lib/monban/services/sign_up.rb

@@ -23,7 +23,7 @@ module Monban
 
       def token_digest(user_params)
         undigested_token = user_params[token_field]
-        unless undigested_token.empty?
+        unless undigested_token.blank?
           Monban.hash_token(undigested_token)
         end
       end

data/lib/monban/strategies/password_strategy.rb

@@ -15,7 +15,7 @@ module Monban
 
       # Authenticates for warden
       def authenticate!
-        user = Monban.user_class.find_by(lookup_field => lookup_field_value)
+        user = Monban.config.user_class.find_by(lookup_field => lookup_field_value)
         auth = Monban.config.authentication_service.new(user, token_field_value)
         auth.authenticated? ? success!(user) : fail!("Could not log in")
       end

data/lib/monban/test/helpers.rb

@@ -8,8 +8,11 @@ module Monban
 
       # Sign a user in
       # @param user [User] user to sign in
+      # @returns user [User] signed in user
       def sign_in user
         login_as user
+
+        user
       end
 
       # Sign a user out

data/lib/monban/version.rb

@@ -1,4 +1,4 @@
 module Monban
-  # 0.1.1
-  VERSION = "0.1.1"
+  # 0.2.0
+  VERSION = "0.2.0"
 end

data/lib/monban/warden_setup.rb

@@ -1,12 +1,44 @@
 require 'warden'
 require "monban/strategies/password_strategy"
 
-Warden::Manager.serialize_into_session do |user|
-  user.id
-end
+module Monban
+  # Sets up warden specifics for working with monban
+  class WardenSetup
+    def initialize(warden_config)
+      @warden_config = warden_config
+    end
 
-Warden::Manager.serialize_from_session do |id|
-  Monban.user_class.find_by(id: id)
-end
+    # Sets up warden specifics for working with monban:
+    # * Session serialization
+    # * Strategy
+    # * Failure app
+    def call
+      setup_warden_manager
+      setup_warden_strategies
+      setup_warden_config
+    end
+
+    private
+    attr_reader :warden_config
+
+    def setup_warden_manager
+      Warden::Manager.serialize_into_session do |user|
+        user.id
+      end
 
-Warden::Strategies.add(:password_strategy, Monban::Strategies::PasswordStrategy)
+      Warden::Manager.serialize_from_session do |id|
+        Monban.config.user_class.find_by(id: id)
+      end
+    end
+
+    def setup_warden_strategies
+      Warden::Strategies.add(:password_strategy, Monban.config.authentication_strategy)
+    end
+
+    def setup_warden_config
+      warden_config.tap do |config|
+        config.failure_app = Monban.config.failure_app
+      end
+    end
+  end
+end

data/lib/monban.rb

@@ -56,8 +56,11 @@ module Monban
   # the user class
   #
   # @see Monban::Configuration#setup_class_defaults
+  # @deprecated Use Monban.config.user_class instead
   # @return [Class] the User class
   def self.user_class
+    warn "#{Kernel.caller.first}: [DEPRECATION] " +
+      'Accessing the user class through the Monban module is deprecated. Use Monban.config.user_class instead.'
     config.user_class
   end
 
@@ -110,7 +113,6 @@ module Monban
   end
 
   def self.setup_warden_config(warden_config)
-    warden_config.failure_app = self.config.failure_app
-    self.warden_config = warden_config
+    self.warden_config = WardenSetup.new(warden_config).call
   end
 end

data/spec/features/user/user_signs_in_through_back_door_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+
+feature 'User signs in through the back-door' do
+  scenario 'with the configured lookup field' do
+    user = User.create!
+
+    visit constrained_to_users_path(as: user)
+
+    expect(current_path).to eq constrained_to_users_path
+  end
+end

data/spec/monban/controller_helpers_spec.rb

@@ -105,13 +105,11 @@ module Monban
     end
 
     it 'returns false when it could not authenticate the user' do
-      session_params = double()
-      session_params.should_receive(:fetch).with(:password).and_return('password')
-      session_params.should_receive(:except).with(:password).and_return(session_params)
+      session_params = { password: "password", lookup_key: "lookup_key" }
       user = double()
       authentication = double()
       authentication.should_receive(:perform).and_return(false)
-      Monban.should_receive(:lookup).with(session_params, nil).and_return(user)
+      Monban.should_receive(:lookup).with({ lookup_key: "lookup_key" }, nil).and_return(user)
       Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
       @dummy.authenticate_session(session_params).should == false
     end

data/spec/monban/services/sign_up_spec.rb

@@ -36,4 +36,14 @@ describe Monban::Services::SignUp, '#perform' do
       expect(args[:password_digest]).to be_nil
     end
   end
+
+  it 'does not create a user with a nil password' do
+    allow(User).to receive(:create)
+    user_params = { email: nil, password: nil }
+
+    Monban::Services::SignUp.new(user_params).perform
+    expect(User).to have_received(:create) do |args|
+      expect(args[:password_digest]).to be_nil
+    end
+  end
 end

data/spec/monban/test_helpers_spec.rb

@@ -64,7 +64,7 @@ module Monban
 
       it 'performs a sign in' do
         user = double(id: 1)
-        sign_in(user)
+        return_value = sign_in(user)
         app = lambda do |env|
           $captures << :run
           env['warden'].should be_authenticated
@@ -72,6 +72,8 @@ module Monban
           valid_response
         end
         setup_rack(app).call(env_with_params)
+
+        return_value.should eq(user)
         $captures.should eq([:run])
       end
 

data/spec/rails_app/config/environments/test.rb

@@ -1,5 +1,6 @@
 RailsApp::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
+  config.middleware.insert_after Warden::Manager, Monban::BackDoor
 
   # The test environment is used exclusively to run your application's
   # test suite. You never need to work with it otherwise. Remember that

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: monban
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - halogenandtoast
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-07-07 00:00:00.000000000 Z
+date: 2015-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -172,6 +172,7 @@ files:
 - lib/monban/version.rb
 - lib/monban/warden_setup.rb
 - monban.gemspec
+- spec/features/user/user_signs_in_through_back_door_spec.rb
 - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
@@ -254,6 +255,7 @@ signing_key:
 specification_version: 4
 summary: Making rails authentication as simple as possible
 test_files:
+- spec/features/user/user_signs_in_through_back_door_spec.rb
 - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
@@ -312,4 +314,3 @@ test_files:
 - spec/rails_app/public/favicon.ico
 - spec/rails_app/script/rails
 - spec/spec_helper.rb
-has_rdoc: