quo_vadis 1.3.1 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (126) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +11 -8
  3. data/CHANGELOG.md +26 -0
  4. data/Gemfile +14 -1
  5. data/Gemfile.lock +178 -0
  6. data/LICENSE.txt +21 -0
  7. data/README.md +435 -127
  8. data/Rakefile +14 -16
  9. data/app/controllers/quo_vadis/confirmations_controller.rb +56 -0
  10. data/app/controllers/quo_vadis/logs_controller.rb +20 -0
  11. data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
  12. data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
  13. data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
  14. data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
  15. data/app/controllers/quo_vadis/totps_controller.rb +72 -0
  16. data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
  17. data/app/mailers/quo_vadis/mailer.rb +73 -0
  18. data/app/models/quo_vadis/account.rb +59 -0
  19. data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
  20. data/app/models/quo_vadis/log.rb +57 -0
  21. data/app/models/quo_vadis/password.rb +52 -0
  22. data/app/models/quo_vadis/password_reset_token.rb +17 -0
  23. data/app/models/quo_vadis/recovery_code.rb +26 -0
  24. data/app/models/quo_vadis/session.rb +55 -0
  25. data/app/models/quo_vadis/token.rb +42 -0
  26. data/app/models/quo_vadis/totp.rb +56 -0
  27. data/bin/console +15 -0
  28. data/bin/rails +21 -0
  29. data/bin/setup +8 -0
  30. data/config/locales/quo_vadis.en.yml +51 -18
  31. data/config/routes.rb +40 -12
  32. data/db/migrate/202102150904_setup.rb +48 -0
  33. data/lib/generators/quo_vadis/install_generator.rb +4 -23
  34. data/lib/quo_vadis.rb +100 -106
  35. data/lib/quo_vadis/controller.rb +227 -0
  36. data/lib/quo_vadis/crypt.rb +43 -0
  37. data/lib/quo_vadis/current_request_details.rb +11 -0
  38. data/lib/quo_vadis/defaults.rb +18 -0
  39. data/lib/quo_vadis/encrypted_type.rb +17 -0
  40. data/lib/quo_vadis/engine.rb +9 -11
  41. data/lib/quo_vadis/hmacable.rb +26 -0
  42. data/lib/quo_vadis/ip_masking.rb +31 -0
  43. data/lib/quo_vadis/model.rb +86 -0
  44. data/lib/quo_vadis/version.rb +3 -1
  45. data/quo_vadis.gemspec +18 -24
  46. metadata +49 -229
  47. data/app/controllers/controller_mixin.rb +0 -109
  48. data/app/mailers/quo_vadis/notifier.rb +0 -30
  49. data/app/models/model_mixin.rb +0 -128
  50. data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
  51. data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
  52. data/test/dummy/.gitignore +0 -2
  53. data/test/dummy/Rakefile +0 -7
  54. data/test/dummy/app/controllers/application_controller.rb +0 -3
  55. data/test/dummy/app/controllers/articles_controller.rb +0 -20
  56. data/test/dummy/app/controllers/users_controller.rb +0 -17
  57. data/test/dummy/app/helpers/application_helper.rb +0 -2
  58. data/test/dummy/app/helpers/articles_helper.rb +0 -2
  59. data/test/dummy/app/models/article.rb +0 -2
  60. data/test/dummy/app/models/person.rb +0 -3
  61. data/test/dummy/app/models/user.rb +0 -3
  62. data/test/dummy/app/views/articles/index.html.erb +0 -1
  63. data/test/dummy/app/views/articles/new.html.erb +0 -11
  64. data/test/dummy/app/views/layouts/application.html.erb +0 -30
  65. data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
  66. data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
  67. data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
  68. data/test/dummy/app/views/sessions/edit.html.erb +0 -11
  69. data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
  70. data/test/dummy/app/views/sessions/invite.html.erb +0 -31
  71. data/test/dummy/app/views/sessions/new.html.erb +0 -15
  72. data/test/dummy/app/views/users/new.html.erb +0 -14
  73. data/test/dummy/config.ru +0 -4
  74. data/test/dummy/config/application.rb +0 -21
  75. data/test/dummy/config/boot.rb +0 -10
  76. data/test/dummy/config/database.yml +0 -22
  77. data/test/dummy/config/environment.rb +0 -5
  78. data/test/dummy/config/environments/development.rb +0 -26
  79. data/test/dummy/config/environments/production.rb +0 -49
  80. data/test/dummy/config/environments/test.rb +0 -37
  81. data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
  82. data/test/dummy/config/initializers/inflections.rb +0 -10
  83. data/test/dummy/config/initializers/mime_types.rb +0 -5
  84. data/test/dummy/config/initializers/quo_vadis.rb +0 -84
  85. data/test/dummy/config/initializers/rack_patch.rb +0 -16
  86. data/test/dummy/config/initializers/secret_token.rb +0 -7
  87. data/test/dummy/config/initializers/session_store.rb +0 -8
  88. data/test/dummy/config/locales/en.yml +0 -5
  89. data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
  90. data/test/dummy/config/routes.rb +0 -5
  91. data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
  92. data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
  93. data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
  94. data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
  95. data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
  96. data/test/dummy/db/schema.rb +0 -33
  97. data/test/dummy/public/404.html +0 -26
  98. data/test/dummy/public/422.html +0 -26
  99. data/test/dummy/public/500.html +0 -26
  100. data/test/dummy/public/favicon.ico +0 -0
  101. data/test/dummy/public/javascripts/application.js +0 -2
  102. data/test/dummy/public/javascripts/controls.js +0 -965
  103. data/test/dummy/public/javascripts/dragdrop.js +0 -974
  104. data/test/dummy/public/javascripts/effects.js +0 -1123
  105. data/test/dummy/public/javascripts/prototype.js +0 -6001
  106. data/test/dummy/public/javascripts/rails.js +0 -175
  107. data/test/dummy/public/stylesheets/.gitkeep +0 -0
  108. data/test/dummy/script/rails +0 -6
  109. data/test/integration/activation_test.rb +0 -108
  110. data/test/integration/authenticate_test.rb +0 -39
  111. data/test/integration/blocked_test.rb +0 -23
  112. data/test/integration/config_test.rb +0 -132
  113. data/test/integration/cookie_test.rb +0 -67
  114. data/test/integration/csrf_test.rb +0 -41
  115. data/test/integration/forgotten_test.rb +0 -93
  116. data/test/integration/helper_test.rb +0 -18
  117. data/test/integration/locale_test.rb +0 -197
  118. data/test/integration/navigation_test.rb +0 -7
  119. data/test/integration/sign_in_person_test.rb +0 -26
  120. data/test/integration/sign_in_test.rb +0 -24
  121. data/test/integration/sign_out_test.rb +0 -20
  122. data/test/integration/sign_up_test.rb +0 -21
  123. data/test/quo_vadis_test.rb +0 -7
  124. data/test/support/integration_case.rb +0 -11
  125. data/test/test_helper.rb +0 -88
  126. data/test/unit/user_test.rb +0 -75
@@ -1,30 +0,0 @@
1
- module QuoVadis
2
- class Notifier < ActionMailer::Base
3
-
4
- # Sends an email to <tt>user</tt> with a link to a page where they
5
- # can change their password.
6
- def change_password(user)
7
- @username = user.username
8
- @url = change_password_url user.token
9
- mail :to => user.email, :from => QuoVadis.from, :subject => QuoVadis.subject_change_password
10
- end
11
-
12
- # Sends an email to <tt>user</tt> with a link to a page where they
13
- # can choose their username and password.
14
- #
15
- # `data` - hash of data to pass to view via instance variables. A key of `:foo`
16
- # will be available via `@foo`. `:from` and `:subject` are deleted from
17
- # the hash and used to override `QuoVadis#from` and `#subject_invitation`.
18
- def invite(user, data = {})
19
- @user = user
20
- @url = invitation_url user.token
21
-
22
- from = data.delete(:from) || QuoVadis.from
23
- subject = data.delete(:subject) || QuoVadis.subject_invitation
24
-
25
- data.each { |k,v| instance_variable_set :"@#{k}", v }
26
- mail :to => user.email, :from => from, :subject => subject
27
- end
28
-
29
- end
30
- end
@@ -1,128 +0,0 @@
1
- require 'bcrypt'
2
-
3
- module ModelMixin
4
-
5
- def self.included(base)
6
- base.send :extend, ClassMethods
7
- end
8
-
9
- module ClassMethods
10
- # Adds methods to set and authenticate against a password stored encrypted by BCrypt.
11
- # Also adds methods to generate and clear a token, used to retrieve the record of a
12
- # user who has forgotten their password.
13
- #
14
- # Note that if a password isn't supplied when creating a user, the error will be on
15
- # the `password_digest` attribute.
16
- def authenticates
17
- send :include, InstanceMethodsOnActivation
18
-
19
- attr_reader :password
20
- attr_protected :password_digest
21
-
22
- validates :username, :presence => true, :uniqueness => {case_sensitive: false}, :if => :should_authenticate?
23
- validates :password_digest, :presence => true, :if => :should_authenticate?
24
-
25
- scope :valid_token, lambda { |token| where("token = ? AND token_created_at > ?", token, 24.hours.ago) }
26
-
27
- instance_eval <<-END, __FILE__, __LINE__ + 1
28
- # Returns the user with the given <tt>username</tt> if the given password is
29
- # correct, and <tt>nil</tt> otherwise.
30
- def authenticate(username, plain_text_password)
31
- return nil unless username.present?
32
- user = where(:username => username).first
33
- if user && user.has_matching_password?(plain_text_password)
34
- user
35
- else
36
- nil
37
- end
38
- end
39
-
40
- def find_by_salt(id, salt) # :nodoc:
41
- user = find_by_id id
42
- if user && user.has_matching_salt?(salt)
43
- user
44
- else
45
- nil
46
- end
47
- end
48
-
49
- # [Deprecated] Instantiates a user suitable for user-activation.
50
- #
51
- # NOTE: use instance method `#randomise_credentials` instead.
52
- def new_for_activation(attributes = nil)
53
- user = new attributes
54
- user.randomise_credentials
55
- user
56
- end
57
- END
58
- end
59
- end
60
-
61
- module InstanceMethodsOnActivation
62
- # Override this in your model if you need to bypass the Quo Vadis validations.
63
- def should_authenticate?
64
- true
65
- end
66
-
67
- # Sets the `username` and `password` to random values.
68
- # Use this for a user who should authenticate where they need to activate
69
- # themselves first.
70
- def randomise_credentials
71
- begin
72
- self.username = SecureRandom.base64(10)
73
- end while self.class.exists?(:username => username)
74
- self.password = SecureRandom.base64(10)
75
- end
76
-
77
- def password=(plain_text_password) # :nodoc:
78
- @password = plain_text_password
79
- unless @password.blank?
80
- self.password_digest = BCrypt::Password.create plain_text_password
81
- end
82
- end
83
-
84
- # Generates a unique, timestamped token.
85
- def generate_token # :nodoc:
86
- begin
87
- self.token = url_friendly_token
88
- end while self.class.exists?(:token => token)
89
- self.token_created_at = Time.now.utc
90
- end
91
-
92
- # Generates a unique, timestamped token which can be used in URLs, and
93
- # saves the record. This is part of the forgotten-password workflow.
94
- def generate_token! # :nodoc:
95
- generate_token
96
- save
97
- end
98
-
99
- # Clears the user's timestamped token and saves the record.
100
- # This is part of the forgotten-password workflow.
101
- def clear_token # :nodoc:
102
- update_attributes :token => nil, :token_created_at => nil
103
- end
104
-
105
- # Returns true if the given <tt>plain_text_password</tt> is the user's
106
- # password, and false otherwise.
107
- def has_matching_password?(plain_text_password) # :nodoc:
108
- BCrypt::Password.new(password_digest) == plain_text_password
109
- end
110
-
111
- # Returns true if the given <tt>salt</tt> is the user's salt,
112
- # and false otherwise.
113
- def has_matching_salt?(salt) # :nodoc:
114
- password_salt == salt
115
- end
116
-
117
- def password_salt # :nodoc:
118
- BCrypt::Password.new(password_digest).salt
119
- end
120
-
121
- private
122
-
123
- def url_friendly_token # :nodoc:
124
- SecureRandom.base64(10).tr('+/=', 'xyz')
125
- end
126
- end
127
-
128
- end
@@ -1,18 +0,0 @@
1
- class AddAuthenticationTo<%= model_name.pluralize.camelize %> < ActiveRecord::Migration
2
- def self.up
3
- add_column :<%= model_name.tableize %>, :username, :string # for user identification
4
- add_column :<%= model_name.tableize %>, :password_digest, :string
5
-
6
- add_column :<%= model_name.tableize %>, :email, :string # for forgotten-credentials / activation
7
- add_column :<%= model_name.tableize %>, :token, :string # for forgotten-credentials / activation
8
- add_column :<%= model_name.tableize %>, :token_created_at, :string # for forgotten-credentials / activation
9
- end
10
-
11
- def self.down
12
- remove_column :<%= model_name.tableize %>, :username
13
- remove_column :<%= model_name.tableize %>, :password_digest
14
- remove_column :<%= model_name.tableize %>, :email
15
- remove_column :<%= model_name.tableize %>, :token
16
- remove_column :<%= model_name.tableize %>, :token_created_at
17
- end
18
- end
@@ -1,96 +0,0 @@
1
- QuoVadis.configure do |config|
2
-
3
- # The model we want to authenticate.
4
- config.model = '<%= model_name.pluralize.classify %>'
5
-
6
-
7
- #
8
- # Sign in
9
- #
10
-
11
- # The URL to redirect the user to after s/he signs in.
12
- # Use a proc if the URL depends on the user on controller. E.g.:
13
- #
14
- # config.signed_in_url = Proc.new do |user, controller|
15
- # user.admin? ? :admin : :root
16
- # end
17
- #
18
- # See also `:override_original_url`.
19
- config.signed_in_url = :root
20
-
21
- # Whether the `:signed_in_url` should override the URL the user was trying
22
- # to reach when they were made to authenticate.
23
- config.override_original_url = false
24
-
25
- # Code to run when the user has signed in. E.g.:
26
- #
27
- # config.signed_in_hook = Proc.new do |user, controller|
28
- # user.increment! :sign_in_count # assuming this attribute exists
29
- # end
30
- config.signed_in_hook = nil
31
-
32
- # Code to run when someone has tried but failed to sign in. E.g.:
33
- #
34
- # config.failed_sign_in_hook = Proc.new do |controller|
35
- # Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
36
- # end
37
- config.failed_sign_in_hook = nil
38
-
39
- # How long to remember user across browser sessions.
40
- # Set to <tt>nil</tt> to never remember user.
41
- config.remember_for = 2.weeks
42
-
43
- # The domain to use for remember-me cookies.
44
- config.cookie_domain = :all
45
-
46
- # Code to run to determine whether the sign-in process is blocked to the user. E.g.:
47
- #
48
- # config.blocked = Proc.new do |controller|
49
- # # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
50
- # SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
51
- # end
52
- config.blocked = false
53
-
54
-
55
- #
56
- # Sign out
57
- #
58
-
59
- # The URL to redirect the user to after s/he signs out.
60
- # Use a proc if the URL depends on the controller. E.g.:
61
- #
62
- # config.signed_out_url = Proc.new do |controller|
63
- # controller.root_url(:subdomain => nil)
64
- # end
65
- config.signed_out_url = :root
66
-
67
- # Code to run just before the user has signed out. E.g.:
68
- #
69
- # config.signed_out_hook = Proc.new do |user, controller|
70
- # controller.session.reset
71
- # end
72
- config.signed_out_hook = nil
73
-
74
-
75
- #
76
- # Forgotten-password and activation Mailer
77
- #
78
-
79
- # From whom the forgotten-password email should be sent.
80
- config.from = 'noreply@example.com'
81
-
82
- # Subject of the forgotten-password email.
83
- config.subject_change_password = 'Change your password'
84
-
85
- # Subject of the invitation email.
86
- config.subject_invitation = 'Activate your account'
87
-
88
-
89
- #
90
- # Miscellaneous
91
- #
92
-
93
- # Layout for the sign-in view. Pass a string or a symbol.
94
- config.layout = 'application'
95
-
96
- end
@@ -1,2 +0,0 @@
1
- db/*.sqlite3
2
- tmp
data/test/dummy/Rakefile DELETED
@@ -1,7 +0,0 @@
1
- # Add your own tasks in files placed in lib/tasks ending in .rake,
2
- # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3
-
4
- require File.expand_path('../config/application', __FILE__)
5
- require 'rake'
6
-
7
- Dummy::Application.load_tasks
@@ -1,3 +0,0 @@
1
- class ApplicationController < ActionController::Base
2
- protect_from_forgery
3
- end
@@ -1,20 +0,0 @@
1
- class ArticlesController < ApplicationController
2
- before_filter :authenticate, :except => [:index, :show]
3
-
4
- def index
5
- @articles = Article.all
6
- end
7
-
8
- def new
9
- @article = Article.new
10
- end
11
-
12
- def create
13
- @article = Article.new params[:article]
14
- if @article.save
15
- redirect_to :action => 'index'
16
- else
17
- render 'new'
18
- end
19
- end
20
- end
@@ -1,17 +0,0 @@
1
- class UsersController < ActionController::Base
2
-
3
- def new
4
- @user = User.new
5
- end
6
-
7
- def create
8
- @user = User.new params[:user]
9
- if @user.save
10
- flash[:notice] = 'You have signed up!'
11
- sign_in @user # <-- Quo Vadis sign-in hook
12
- else
13
- render 'new'
14
- end
15
- end
16
-
17
- end
@@ -1,2 +0,0 @@
1
- module ApplicationHelper
2
- end
@@ -1,2 +0,0 @@
1
- module ArticlesHelper
2
- end
@@ -1,2 +0,0 @@
1
- class Article < ActiveRecord::Base
2
- end
@@ -1,3 +0,0 @@
1
- class Person < ActiveRecord::Base
2
- authenticates
3
- end
@@ -1,3 +0,0 @@
1
- class User < ActiveRecord::Base
2
- authenticates
3
- end
@@ -1 +0,0 @@
1
- <h1>Articles</h1>
@@ -1,11 +0,0 @@
1
- <h1>New Article</h1>
2
-
3
- <%= form_for @article do |f| %>
4
- <%= f.label :title %>
5
- <%= f.text_field :title %>
6
-
7
- <%= f.label :content %>
8
- <%= f.text_area :content %>
9
-
10
- <%= f.submit %>
11
- <% end %>
@@ -1,30 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Dummy</title>
5
- <%= csrf_meta_tag %>
6
- </head>
7
- <body>
8
-
9
- <div id='topnav'>
10
- <% if authenticated? %>
11
- You are signed in as
12
- <% if defined?(current_user) %>
13
- <%= current_user.name %>.
14
- <% elsif defined?(current_person) %>
15
- <%= current_person.name %>.
16
- <% end %>
17
- <%= link_to 'Sign out', sign_out_path %>
18
- <% else %>
19
- <%= link_to 'Sign in', sign_in_path %>
20
- <% end %>
21
- </div>
22
-
23
- <% flash.each do |key, value| %>
24
- <div class='flash <%= key %>'><%= value %></div>
25
- <% end %>
26
-
27
- <%= yield %>
28
-
29
- </body>
30
- </html>
@@ -1,3 +0,0 @@
1
- <div>Sessions layout</div>
2
-
3
- <%= yield %>
@@ -1,9 +0,0 @@
1
- Hello <%= @username %>,
2
-
3
- We've received a request to change your password. If this wasn't you,
4
- please ignore this email and your password will be left alone.
5
-
6
- If you do want to change your password, just click this link (valid for 24 hours):
7
- <%= @url %>
8
-
9
- Thanks!
@@ -1,8 +0,0 @@
1
- Hello <%= @user.name %>,
2
-
3
- You can activate your account by clicking this link (valid for 24 hours):
4
- <%= @url %>
5
-
6
- <% if instance_variable_defined? :@foo %><%= @foo %><% end %>
7
-
8
- Thanks!
@@ -1,11 +0,0 @@
1
- <h1>Change your password</h1>
2
-
3
- <%= form_tag change_password_path(params[:token]), :method => :put do %>
4
- <p>
5
- <%= label_tag :password %>
6
- <%= password_field_tag :password %>
7
- </p>
8
- <p>
9
- <%= submit_tag 'Change my password' %>
10
- </p>
11
- <% end %>