motion-authentication 1.0.0 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 88c921f20aa4544926a47cae648753a20dbbab4a
-  data.tar.gz: bb8c436ffc5f4116084f3540a7f5f7c53a5d2cbb
+SHA256:
+  metadata.gz: ab7ad1c6522f447bb8e957077b29e783d5ec6175d67f9f08809f2089ea4c6383
+  data.tar.gz: aefda12e3ef3a7f8799d1d5390004a164e5379a83316fb17dcceeff3ca5d3606
 SHA512:
-  metadata.gz: f79627619ffade80b261dcb7038e85c96d98556baeef095402e0cccd79ddee84b35ee34c1ade5202ebc50389f8d00bcdf0ce5e39df9d8e2217d1c96d8b93aa81
-  data.tar.gz: 4c56cc20639741eac36e5868f4310a52fdbf68067c29a8edd4c540eb97a5a17fe68d9d404b1afd907d4fea2c8ea7eb4bb82a6a0636891f2c9f86f422d37a5db3
+  metadata.gz: ef8b4a0d2abf1ecf42ab67df9244bbbb82b5e464fcc782e7fa6fd4655ffe88b4eb2babced62efbd5178ea9791c6e83417d61397cb03199258ac698566fb74bac
+  data.tar.gz: 9a025671043d81dfb2a857edf810caf1964824cbb784f9ed5f32d53e10abcdf246251d9db2ae351f958921ae957a84e0d62249ac47cbc38df0c991374b3d1450

data/README.md

@@ -4,6 +4,8 @@
 
 Currently, this library only supports iOS, but could easily support other platforms. Please submit an issue (or PR :D) for the platform you would like to support.
 
+Need authorization? Use [`motion-authorization`](https://github.com/rubymotion-community/motion-authorization)!
+
 ## Installation
 
 Add this line to your application's `Gemfile`, then run `bundle install`:
@@ -19,13 +21,23 @@ Start by subclassing `Motion::Authentication` to create your own `Auth` class. S
 ```ruby
 class Auth < Motion::Authentication
   strategy DeviseTokenAuth
-  sign_in_url "http://localhost:3000/api/v1/users/sign_in"
+  sign_in_url "https://example.com/api/v1/users/sign_in"
 end
 ```
 
 Available strategies:
 
-* `DeviseTokenAuth` - This authentication strategy takes `email` and `password`, makes a POST request to the `sign_in_url`, and expects the response to include `email` and `token` keys in the JSON response object.
+* `DeviseCookieAuth` - This strategy supports the default way of authenticating with Devise, just as if you were submitting the sign in form using a web browser. It works by making an initial request to fetch the authenticity token, then submits the `email` and `password`, then stores the resulting cookie for authenticating future requests. If your user model has a different name (i.e. `AdminUser`), pass along the `namespace` option (i.e. `namespace: 'admin_user'`) when calling `sign_in`. Otherwise, namespace defaults to `:user`.
+
+* `DeviseTokenAuth` - This authentication strategy is based on [José Valim's example gist](https://gist.github.com/josevalim/fb706b1e933ef01e4fb6) and is also in the format that Ember Simple Auth Devise adapter expects ([tutorial](http://romulomachado.github.io/2015/09/28/using-ember-simple-auth-with-devise.html))
+
+  This strategy takes `email` and `password`, makes a POST request to the `sign_in_url`, and expects the response to include `email` and `token` keys in the JSON response object.
+
+* `DeviseTokenAuthGem` - This authentication strategy is compatible with the current version of the devise_auth_token gem at https://github.com/lynndylanhurley/devise_token_auth
+
+  Signing up: this strategy takes `email`, `password` and `password_confirmation`, makes a POST request to the `sign_up_url`, and expects the response to include `uid`, `access-token` and `client` keys in the response object headers.
+
+  Signing in: this strategy takes `email` and `password`, makes a POST request to the `sign_in_url`, and expects the response to include `uid`, `access-token` and `client` keys in the response object headers.
 
 ### `.sign_in`
 
@@ -36,13 +48,11 @@ Auth.sign_in(email: email, password: password) do |result|
   if result.success?
     # authentication successful!
   else
-    app.alert "Invalid login?"
+    app.alert "Invalid email or password"
   end
 end
 ```
 
-A successful sign in will securely store the current user's auth token.
-
 ### `.signed_in?`
 
 You can check if an auth token has previously been stored by using `signed_in?`. For example, in your App Delegate, you might want to open your sign in screen when the app is opened:
@@ -59,7 +69,7 @@ end
 
 ### `.authorization_header`
 
-After signing in, and receiving the auth token, you will probably want to configure your API client to use your auth token in your API requests in an authorization header. Call `.authorization_header` to return the header value specific to the strategy that you are using. Two common places would be upon sign in, and when your app is launched.
+After signing in, assuming you are using one of the token auth strategies, you will want to configure your API client to use your auth token in your API requests in an authorization header. Call `.authorization_header` to return the header value specific to the strategy that you are using. Two common places would be upon sign in, and when your app is launched.
 
 ```ruby
 # app_delegate.rb
@@ -81,6 +91,31 @@ def on_load(options)
 end
 ```
 
+#### Note on `DeviseTokenAuthGem` strategy
+
+The `devise_token_auth` gem requires all authenticated API calls to include the keys `uid`, `access-token` and `client` in the HTTP headers. Calling `.authorization_header` will return a hash with the proper key/value pairs. To include these as headers in all calls we recommend setting up your API client as follows:
+
+```ruby
+ApiClient.update_authorization_header(Auth.authorization_header)
+
+class ApiClient
+  class << self
+    def client
+      @client ||= AFMotion::SessionClient.build("http://localhost:3000/") do
+        response_serializer :json
+        header "Content-Type", "application/json"
+      end
+    end
+
+    def update_authorization_header(auth_headers_hash)
+      auth_headers_hash.each do |key, value|
+        client.headers[key] = value
+      end
+    end
+  end
+end
+```
+
 ### `.sign_out`
 
 At some point, you're going to need to sign out. This method will clear the stored auth token, but also allows you to pass a block to be called after the token has been cleared.

data/lib/motion-authentication.rb

@@ -4,8 +4,8 @@ unless defined?(Motion::Project::Config)
   raise "This file must be required within a RubyMotion project Rakefile."
 end
 
-require 'motion-cocoapods'
-require 'motion-keychain'
+require 'motion-cocoapods' # TODO: this won't work for Android
+require 'motion-keychain' # TODO: this won't work for Android
 
 lib_dir_path = File.dirname(File.expand_path(__FILE__))
 Motion::Project::App.setup do |app|

data/lib/project/motion-authentication.rb

@@ -13,10 +13,23 @@ class Motion
         @sign_in_url
       end
 
+      def sign_up_url(val = nil)
+        @sign_up_url = val unless val.nil?
+        @sign_up_url
+      end
+
       def sign_in(params, &block)
         strategy.sign_in(sign_in_url, params, &block)
       end
 
+      def sign_up(params, &block)
+        strategy.sign_up(sign_up_url, params, &block)
+      end
+
+      def set_current_user
+        strategy.set_current_user
+      end
+
       def authorization_header
         strategy.authorization_header
       end

data/lib/project/strategies/devise_cookie_auth.rb

@@ -0,0 +1,57 @@
+module Motion
+  class Authentication
+    class DeviseCookieAuth
+      class << self
+        def sign_in(sign_in_url, params, &block)
+          get_csrf_token(sign_in_url) do |param_name, token|
+            namespace = params[:namespace] || :user
+            HTTP.post(sign_in_url, form: { namespace => params, param_name => token }, follow_redirects: false) do |response|
+              if response.status_code == 302 # assume success due to redirect
+                cookie = NSHTTPCookieStorage.sharedHTTPCookieStorage.cookiesForURL(NSURL.URLWithString(sign_in_url)).first
+                store_session_cookie(cookie)
+                block.call(true)
+              else # didn't redirect, must be invalid credentials
+                block.call(false)
+              end
+            end
+          end
+        end
+
+        def get_csrf_token(sign_in_url, &block)
+          HTTP.get(sign_in_url) do |response|
+            doc = Motion::HTML.parse(response.body)
+            param_meta_tag = doc.query('head meta[name="csrf-param"]').first
+            token_meta_tag = doc.query('head meta[name="csrf-token"]').first
+            if param_meta_tag && token_meta_tag
+              param_name = param_meta_tag['content']
+              token = token_meta_tag['content']
+              block.call(param_name, token)
+            else
+              mp 'Couldnt parse CSRF token from HTML'
+            end
+          end
+        end
+
+        def store_session_cookie(cookie)
+          MotionKeychain.set :session_cookie, JSON.generate(properties: cookie.properties)
+        end
+
+        def signed_in?
+          MotionKeychain.get(:session_cookie) && restore_session
+        end
+
+        def restore_session
+          json = MotionKeychain.get(:session_cookie)
+          data = JSON.parse(json)
+          cookie = NSHTTPCookie.cookieWithProperties(data['properties'])
+          NSHTTPCookieStorage.sharedHTTPCookieStorage.setCookie(cookie)
+        end
+
+        def sign_out(&block)
+          MotionKeychain.remove :session_cookie
+          block.call
+        end
+      end
+    end
+  end
+end

data/lib/project/strategies/devise_token_auth.rb

@@ -11,6 +11,15 @@ module Motion
           end
         end
 
+        def sign_up(sign_up_url, params, &block)
+          AFMotion::JSON.post(sign_up_url, user: params) do |response|
+            if response.success?
+              store_auth_tokens(response.object)
+            end
+            block.call(response)
+          end
+        end
+
         def store_auth_tokens(data)
           MotionKeychain.set :auth_email, data["email"]
           MotionKeychain.set :auth_token, data["token"]

data/lib/project/strategies/devise_token_auth_gem.rb

@@ -0,0 +1,80 @@
+module Motion
+  class Authentication
+    class DeviseTokenAuthGem
+      class << self
+
+        def sign_in(sign_in_url, params, &block)
+          AFMotion::JSON.post(sign_in_url, params) do |response|
+            if response.success?
+              store_auth_tokens(response.object,response.operation.response.allHeaderFields)
+            end
+            block.call(response)
+          end
+        end
+
+        def sign_up(sign_up_url, params, &block)
+          AFMotion::JSON.post(sign_up_url, params) do |response|
+            if response.success?
+              store_auth_tokens(response.object,response.operation.response.allHeaderFields)
+            end
+            block.call(response)
+          end
+        end
+
+        def store_auth_tokens(response,headers)
+          MotionKeychain.set :auth_uid, headers["uid"]
+          MotionKeychain.set :auth_token, headers["access-token"]
+          MotionKeychain.set :auth_client, headers["client"]
+          serialized_response = ""
+          response["data"].each do |key,value|
+            case key
+              when "assets"
+                value.each do |eachasset|
+                  serialized_response << eachasset["name"] + "·" + eachasset["qty"].to_s + ","
+              end
+              when "friends"
+                #do nothing
+              else
+                serialized_response << key + "·" + value.to_s + ","
+            end
+          end
+          MotionKeychain.set :current_user, serialized_response
+        end
+
+        def set_current_user
+          deserialize(MotionKeychain.get :current_user)
+        end
+
+        def authorization_header
+          token = MotionKeychain.get :auth_token
+          uid = MotionKeychain.get :auth_uid
+          client = MotionKeychain.get :auth_client
+          {"access-token" => token, "uid" => uid, "client" => client }
+        end
+
+        def signed_in?
+          !! MotionKeychain.get(:auth_token)
+        end
+
+        def sign_out(&block)
+          MotionKeychain.remove :auth_uid
+          MotionKeychain.remove :auth_token
+          MotionKeychain.remove :auth_client
+          MotionKeychain.remove :current_user
+          block.call
+        end
+
+        def deserialize(mystring,arr_sep=',', key_sep='·')
+          array = mystring.split(arr_sep)
+          hash = {}
+          array.each do |e|
+            key_value = e.split(key_sep)
+            hash[key_value[0]] = key_value[1]
+          end
+          return hash
+        end
+
+      end
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: motion-authentication
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Andrew Havens
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-05 00:00:00.000000000 Z
+date: 2019-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: motion-cocoapods
@@ -38,6 +38,34 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: motion-http
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: motion-html
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -63,8 +91,10 @@ files:
 - README.md
 - lib/motion-authentication.rb
 - lib/project/motion-authentication.rb
+- lib/project/strategies/devise_cookie_auth.rb
 - lib/project/strategies/devise_token_auth.rb
-homepage: https://github.com/andrewhavens/motion-authentication
+- lib/project/strategies/devise_token_auth_gem.rb
+homepage: https://github.com/rubymotion-community/motion-authentication
 licenses:
 - MIT
 metadata: {}
@@ -83,8 +113,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: A simple, standardized authentication helper for common authentication strategies