onetime_token 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e9d29bc8839bac2d7e3494efd6492c780df1520b
+  data.tar.gz: 274b4b0e0a9d8e44efa133df885c2d43f9ac7fd8
+SHA512:
+  metadata.gz: 9dafb630c6df34a2207fff970f4258ad6d0cc45022a0637c5d924b4b2d500d41c36af4172062c7765508537673d5ff470005ae022be1b38851cc60f2529b9230
+  data.tar.gz: 92e164b77708c33f0aaf92dcd6497586cc1a55d8788b1fdf9f7280c0cc3c2ac06d9a01005d52ac7a3fdc1697299003db47a0cff59aeef8ddcec76f50a9fde5a5

data/.gitignore

@@ -0,0 +1,22 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in onetime_token.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 f-kubotar
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,65 @@
+# OnetimeToken
+
+Generate a temporary token of secret associated with ActiveRecord. it is stored in redis.
+You will be able to verify whether the token is correct.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'onetime_token'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install onetime_token
+
+## Usage
+
+```ruby
+OnetimeToken.configure do |config|
+  config.redis = {
+    url: 'redis://localhost:6379'
+    deiver: :redis # e.g :hireds
+    pool: {
+      size: 1,
+      timeout: 1,
+    }
+  }
+end
+```
+
+```ruby
+class User < ActiveRecord::Base
+  extend OnetimeToken
+
+  has_onetime_token :email_confirmation, expires_in: 1.hours
+end
+```
+
+```ruby
+user = User.find(1)
+token = user.generate_email_confirmation_token
+token.secret #=> 9eyZsVbrr4jLiVcERI7V6gmo
+
+User.find_by_email_confirmation_token('9eyZsVbrr4jLiVcERI7V6gmo')
+#=> #<User id: 1>
+
+user = User.find(1)
+user.verify_email_confirmation_token('9eyZsVbrr4jLiVcERI7V6gmo')
+#=> true
+
+User.find_by_email_confirmation_token('9eyZsVbrr4jLiVcERI7V6gmo')
+#=> nil
+```
+
+## Contributing
+
+1. Fork it ( https://github.com/f-kubotar/onetime_token/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/lib/onetime_token/has_token.rb

@@ -0,0 +1,31 @@
+module OnetimeToken
+  module HasToken
+    def has_onetime_token(name, options={})
+      define_singleton_method :"find_by_#{name}_token" do |secret|
+        token = Token.new(self, name, secret)
+        if stored_model_id = token.model_id
+          find_by(id: stored_model_id)
+        end
+      end
+
+      define_method :"generate_#{name}_token" do |_options={}|
+        Token.generate_for self, name, _options
+      end
+
+      define_method :"#{name}_token_properties" do |secret|
+        token = Token.new(self.class, name, secret)
+        token.properties
+      end
+
+      define_method(:"verify_#{name}_token") do |secret|
+        token = Token.new(self.class, name, secret)
+        if id && id == token.model_id
+          token.expire
+          true
+        else
+          false
+        end
+      end
+    end
+  end
+end

data/lib/onetime_token/token.rb

@@ -0,0 +1,55 @@
+module OnetimeToken
+  class Token
+    attr_reader :name, :secret
+
+    class << self
+      def generate_for(model, name, options={})
+        redis = OnetimeToken.redis_pool
+
+        token = nil
+        while token.nil? || redis.exists(token.key)
+          secret = SecureRandom.urlsafe_base64(15)
+          token = new(model.class, name, secret)
+        end
+
+        properties = (options[:properties] || {})
+        properties[:id] = model.id
+
+        redis.pipelined do
+          redis.set token.key, JSON.dump(properties)
+          expires_in = (options[:expires_in] || 3600 * 24 * 60)
+          redis.expire token.key, expires_in
+        end
+
+        token
+      end
+    end
+
+    def initialize(model_class, name, secret)
+      @model_class = model_class
+      @name        = name
+      @secret      = secret
+    end
+
+    def expire
+      OnetimeToken.redis_pool.del key
+    end
+
+    def properties
+      @properties ||=
+        if serialized_value = OnetimeToken.redis_pool.get(key)
+          JSON.parse(serialized_value, symbolize_names: true)
+        else
+          {}
+        end
+    end
+
+    def model_id
+      properties[:id]
+    end
+
+    def key
+      @key ||= "#{@model_class.name.downcase}_#{@name}/#{@secret}"
+    end
+  end
+end

data/lib/onetime_token/version.rb

@@ -0,0 +1,3 @@
+module OnetimeToken
+  VERSION = "0.0.1"
+end

data/lib/onetime_token.rb

@@ -0,0 +1,38 @@
+require 'json'
+
+require 'connection_pool'
+require 'redis/namespace'
+
+require 'onetime_token/token'
+require 'onetime_token/has_token'
+
+module OnetimeToken
+  class << self
+    def extended(base)
+      base.extend HasToken
+    end
+
+    def configure
+      yield self
+    end
+
+    def redis_pool
+      @redis
+    end
+
+    def redis=(connection_options)
+      @redis =
+        if connection_options.is_a?(ConnectionPool)
+          connection_options
+        else
+          pool_options = {timeout: 1, size: 1}.
+            merge(connection_options.delete(:pool) || {})
+          ConnectionPool::Wrapper.new(pool_options) do
+            namespace = connection_options.delete(:namespace) || 'onetime_token'
+            client = Redis.new(connection_options)
+            Redis::Namespace.new(namespace, redis: client)
+          end
+        end
+    end
+  end
+end

data/onetime_token.gemspec

@@ -0,0 +1,29 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'onetime_token/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "onetime_token"
+  spec.version       = OnetimeToken::VERSION
+  spec.authors       = ["f-kubotar"]
+  spec.email         = ["dev@hadashikick.jp"]
+  spec.summary       = %q{Generate a temporary token of secret associated with ActiveRecord. it is stored in redis.}
+  spec.description   = %q{Generate a temporary token of secret associated with ActiveRecord. it is stored in redis.
+You will be able to verify whether the token is correct.}
+  spec.homepage      = "https://github.com/f-kubotar/onetime_token"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'redis'
+  spec.add_dependency 'redis-namespace'
+  spec.add_dependency 'connection_pool'
+
+  spec.add_development_dependency "bundler", "~> 1.6"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+end

data/spec/has_token_spec.rb

@@ -0,0 +1,84 @@
+require 'spec_helper'
+
+class User
+  extend OnetimeToken
+
+  attr_reader :id
+
+  has_onetime_token :email_confirmation
+  has_onetime_token :alter_email, expires_in: 60
+
+  def self.find_by(attributes)
+    new attributes
+  end
+
+  def initialize(attributes={})
+    @id = attributes[:id]
+  end
+end
+
+describe OnetimeToken::HasToken do
+  after do
+    OnetimeToken.redis_pool.keys.each{|key| OnetimeToken.redis_pool.del key }
+  end
+
+  let(:user) do
+    User.new(id: 101)
+  end
+
+  describe '.has_onetime_token' do
+    it 'specified expiration date' do
+      token = user.generate_alter_email_token(properties: {email: 'hoge@example.com'})
+      expect(token.properties[:email]).to eq('hoge@example.com')
+    end
+  end
+
+  describe 'Model.find_by_:name_token' do
+    let(:token) do
+      user.generate_email_confirmation_token
+    end
+
+    it "should find by sotred model id" do
+      expect(User).to receive(:find_by).with(id: user.id)
+      User.find_by_email_confirmation_token(token.secret)
+    end
+  end
+
+  describe 'Model#verify_:name_token' do
+    let(:token) do
+      user.generate_email_confirmation_token
+    end
+
+    context 'valid token secret' do
+      let(:secret) do
+        token.secret
+      end
+
+      it "should be true" do
+        expect(user.verify_email_confirmation_token secret).to be_truthy
+      end
+
+      it "should expire stored data" do
+        expect {
+          user.verify_email_confirmation_token secret
+        }.to change{ OnetimeToken.redis_pool.get token.key }.to(nil)
+      end
+    end
+
+    context 'invalid token secret' do
+      let(:secret) do
+        'soaieowao'
+      end
+
+      it "should be false" do
+        expect(user.verify_email_confirmation_token secret).to be_falsey
+      end
+
+      it "should expire stored data" do
+        expect {
+          user.verify_email_confirmation_token secret
+        }.to_not change{ OnetimeToken.redis_pool.get token.key }
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,7 @@
+require File.expand_path('../../lib/onetime_token', __FILE__)
+
+OnetimeToken.configure do |config|
+  config.redis = {
+    url: 'redis://localhost:6379'
+  }
+end

data/spec/token_spec.rb

@@ -0,0 +1,93 @@
+require 'spec_helper'
+
+describe OnetimeToken::Token do
+  after do
+    OnetimeToken.redis_pool.keys.each{|key| OnetimeToken.redis_pool.del(key) }
+  end
+
+  let(:user) do
+    double :user, id: 101
+  end
+
+  describe '.generate_for' do
+    let(:token) do
+       OnetimeToken::Token.generate_for(user, :email_confirmation)
+    end
+
+    it "should return secret string" do
+      expect(token.secret.length).to be <= 20
+    end
+
+    it "should save to redis a secret string" do
+      expect(OnetimeToken.redis_pool.get token.key).to_not be_nil
+    end
+
+    it "should expires in 2 months after" do
+      expect(OnetimeToken.redis_pool.ttl token.key).to eq(3600 * 24 * 60)
+    end
+
+    context 'specified expiration date' do
+      let(:token) do
+        OnetimeToken::Token.generate_for(user, :email_confirmation, expires_in: 60)
+      end
+
+      it "expires in specify date after" do
+        expect(OnetimeToken.redis_pool.ttl token.key).to eq(60)
+      end
+    end
+  end
+
+  describe '#key' do
+    let(:token) do
+      OnetimeToken::Token.generate_for(user, :email_confirmation)
+    end
+
+    it "should containg token name and secret" do
+      expect(token.key).to be_include(token.secret)
+      expect(token.key).to be_include('email_confirmation')
+    end
+  end
+
+  describe '#expire' do
+    let(:token) do
+      OnetimeToken::Token.generate_for(user, :email_confirmation)
+    end
+
+    it "should remove stored data" do
+      expect {
+        token.expire
+      }.to change{ OnetimeToken.redis_pool.get(token.key) }.to(nil)
+    end
+  end
+
+  describe '#model_id' do
+    let(:token) do
+      OnetimeToken::Token.generate_for(user, :email_confirmation)
+    end
+
+    it "should fetch model the specified id" do
+      expect(token.model_id).to eq(user.id)
+    end
+  end
+
+  describe '#properties' do
+    let(:token) do
+      OnetimeToken::Token.generate_for(user, :email_confirmation)
+    end
+
+    it "should fetch model the specified id" do
+      expect(token.properties).to eq(id: user.id)
+    end
+
+    context 'sotre properties' do
+      let(:token) do
+        OnetimeToken::Token.generate_for(user, :alter_email,
+          properties: { alter_email: 'hoge@example.com' })
+      end
+
+      it "should fetch properteis" do
+        expect(token.properties).to eq(id: user.id, alter_email: 'hoge@example.com')
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,147 @@
+--- !ruby/object:Gem::Specification
+name: onetime_token
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- f-kubotar
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-11-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: redis
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: redis-namespace
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: connection_pool
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.6'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: |-
+  Generate a temporary token of secret associated with ActiveRecord. it is stored in redis.
+  You will be able to verify whether the token is correct.
+email:
+- dev@hadashikick.jp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/onetime_token.rb
+- lib/onetime_token/has_token.rb
+- lib/onetime_token/token.rb
+- lib/onetime_token/version.rb
+- onetime_token.gemspec
+- spec/has_token_spec.rb
+- spec/spec_helper.rb
+- spec/token_spec.rb
+homepage: https://github.com/f-kubotar/onetime_token
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Generate a temporary token of secret associated with ActiveRecord. it is
+  stored in redis.
+test_files:
+- spec/has_token_spec.rb
+- spec/spec_helper.rb
+- spec/token_spec.rb