rack-devise_cookie_auth 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.md +6 -0
- data/LICENSE.md +22 -0
- data/README.md +85 -0
- data/lib/rack/devise_cookie_auth.rb +59 -0
- data/lib/rack/devise_cookie_auth/version.rb +5 -0
- metadata +148 -0
data/CHANGELOG.md
ADDED
data/LICENSE.md
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2013 Jilion SA
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,85 @@
|
|
1
|
+
Rack::DeviseCookieAuth [](http://travis-ci.org/jilion/rack-devise_cookie_auth) [](https://gemnasium.com/jilion/rack-devise_cookie_auth) [](https://codeclimate.com/github/jilion/rack-devise_cookie_auth)
|
2
|
+
=====
|
3
|
+
|
4
|
+
Rack::DeviseCookieAuth allows to log-in from a [Devise](https://github.com/plataformatec/devise) remember-me token stored in a cookie.
|
5
|
+
|
6
|
+
It depends on Active::Support >= 2.3.2 and is tested against Ruby 1.9.2, 1.9.3, ruby-head and the latest versions of Rubinius & JRuby.
|
7
|
+
|
8
|
+
## Installation
|
9
|
+
|
10
|
+
Add this line to your application's Gemfile (probably in the `:production` group only):
|
11
|
+
|
12
|
+
```ruby
|
13
|
+
gem 'rack-devise_cookie_auth'
|
14
|
+
```
|
15
|
+
|
16
|
+
And then execute:
|
17
|
+
|
18
|
+
```
|
19
|
+
$ bundle
|
20
|
+
```
|
21
|
+
|
22
|
+
## Basic Usage
|
23
|
+
|
24
|
+
If you don't use Bundler, be sure to require Rack::DeviseCookieAuth manually before actually using the middleware:
|
25
|
+
|
26
|
+
```ruby
|
27
|
+
require 'rack/devise_cookie_auth'
|
28
|
+
use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
|
29
|
+
```
|
30
|
+
|
31
|
+
To use Rack::DeviseCookieAuth in your Rails application, add the following line to your application config file (`config/application.rb` or `config/environments/production.rb`) for Rails 3, `config/environment.rb` for Rails 2):
|
32
|
+
|
33
|
+
```ruby
|
34
|
+
config.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
|
35
|
+
|
36
|
+
# or if you're using Rack::Cache, be sure to insert Rack::DeviseCookieAuth before
|
37
|
+
config.middleware.insert_before Rack::Cache, Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET'
|
38
|
+
```
|
39
|
+
|
40
|
+
Please note that the `:secret` option is mandatory and can normally be found in the 'config/initializers/secret_token.rb' file of your Rails app.
|
41
|
+
|
42
|
+
## Options
|
43
|
+
|
44
|
+
### Resource name
|
45
|
+
|
46
|
+
By default, the middleware will look for the user resource cookie named "remember_user_token" but if want to use authenticate againts another resource name you can set it with the `:resource` option:
|
47
|
+
|
48
|
+
```ruby
|
49
|
+
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', resource: 'admin'
|
50
|
+
```
|
51
|
+
|
52
|
+
### Redirection URL
|
53
|
+
|
54
|
+
By default, the middleware will redirect to the root path of the current domain but you can customize the redirection path with the `:redirect_to` option:
|
55
|
+
|
56
|
+
```ruby
|
57
|
+
# It can be a path...
|
58
|
+
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: '/login'
|
59
|
+
|
60
|
+
# ... or a full URL
|
61
|
+
config.middleware.use Rack::DeviseCookieAuth, secret: 'YOUR_SESSION_SECRET', redirect_to: 'https://yourdomain.com/login'
|
62
|
+
```
|
63
|
+
|
64
|
+
Development
|
65
|
+
-----------
|
66
|
+
|
67
|
+
* Documentation hosted at [RubyDoc](http://rubydoc.info/github/jilion/rack-devise_cookie_auth/master/frames).
|
68
|
+
* Source hosted at [GitHub](https://github.com/jilion/rack-devise_cookie_auth).
|
69
|
+
|
70
|
+
Pull requests are very welcome! Please try to follow these simple rules if applicable:
|
71
|
+
|
72
|
+
* Please create a topic branch for every separate change you make.
|
73
|
+
* Make sure your patches are well tested.
|
74
|
+
* Update the [README](https://github.com/jilion/rack-devise_cookie_auth/blob/master/README.md).
|
75
|
+
* Update the [CHANGELOG](https://github.com/jilion/rack-devise_cookie_auth/blob/master/CHANGELOG.md) for noteworthy changes.
|
76
|
+
* Please **do not change** the version number.
|
77
|
+
|
78
|
+
### Authors
|
79
|
+
|
80
|
+
* [Rémy Coutable](https://github.com/rymai) ([@rymai](http://twitter.com/rymai), [rymai.me](http://rymai.me))
|
81
|
+
* [Thibaud Guillaume-Gentil](https://github.com/thibaudgg) ([@thibaudgg](http://twitter.com/thibaudgg), [thibaud.me](http://thibaud.me))
|
82
|
+
|
83
|
+
### Contributors
|
84
|
+
|
85
|
+
[https://github.com/jilion/rack-devise_cookie_auth/graphs/contributors](https://github.com/jilion/rack-devise_cookie_auth/contributors)
|
@@ -0,0 +1,59 @@
|
|
1
|
+
require 'rack/devise_cookie_auth/version'
|
2
|
+
require 'active_support/message_verifier'
|
3
|
+
|
4
|
+
module Rack
|
5
|
+
class DeviseCookieAuth
|
6
|
+
DEFAULT_OPTIONS = {
|
7
|
+
resource: 'user',
|
8
|
+
redirect_to: nil
|
9
|
+
}
|
10
|
+
def initialize(app, options = {})
|
11
|
+
raise ArgumentError, 'Cookie secret must be set!' if options[:secret].nil?
|
12
|
+
|
13
|
+
@app, @options = app, DEFAULT_OPTIONS.merge(options)
|
14
|
+
end
|
15
|
+
|
16
|
+
def call(env)
|
17
|
+
@request = Rack::Request.new(env)
|
18
|
+
|
19
|
+
verifier = ActiveSupport::MessageVerifier.new(@options[:secret])
|
20
|
+
resource_ids, remember_key = verifier.verify(@request.cookies[cookie_name])
|
21
|
+
env["current_#{resource}_id"] = resource_ids.first
|
22
|
+
|
23
|
+
@app.call(env)
|
24
|
+
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
25
|
+
redirect!
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def redirect!
|
31
|
+
[302, { 'Content-Type' => 'text/html', 'Location' => redirect_url }, ["Redirected to #{redirect_url}!"]]
|
32
|
+
end
|
33
|
+
|
34
|
+
def resource
|
35
|
+
@options[:resource].to_s
|
36
|
+
end
|
37
|
+
|
38
|
+
def cookie_name
|
39
|
+
"remember_#{resource}_token"
|
40
|
+
end
|
41
|
+
|
42
|
+
def redirect_url
|
43
|
+
[redirect_to, return_to].compact.join('?')
|
44
|
+
end
|
45
|
+
|
46
|
+
def redirect_to
|
47
|
+
if @options[:redirect_to] =~ %r{\Ahttps?://}
|
48
|
+
@options[:redirect_to]
|
49
|
+
else
|
50
|
+
@request.url.sub(@request.fullpath, "/#{@options[:redirect_to]}".squeeze('/').sub(%r{/\z}, '') || '')
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def return_to
|
55
|
+
"#{resource}_return_to=#{@request.url}"
|
56
|
+
end
|
57
|
+
|
58
|
+
end
|
59
|
+
end
|
metadata
ADDED
@@ -0,0 +1,148 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack-devise_cookie_auth
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
prerelease:
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Rémy Coutable
|
9
|
+
- Thibaud Guillaume-Gentil
|
10
|
+
autorequire:
|
11
|
+
bindir: bin
|
12
|
+
cert_chain: []
|
13
|
+
date: 2013-01-09 00:00:00.000000000 Z
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
16
|
+
name: rack
|
17
|
+
requirement: !ruby/object:Gem::Requirement
|
18
|
+
none: false
|
19
|
+
requirements:
|
20
|
+
- - ! '>='
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '1.0'
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
none: false
|
27
|
+
requirements:
|
28
|
+
- - ! '>='
|
29
|
+
- !ruby/object:Gem::Version
|
30
|
+
version: '1.0'
|
31
|
+
- !ruby/object:Gem::Dependency
|
32
|
+
name: activesupport
|
33
|
+
requirement: !ruby/object:Gem::Requirement
|
34
|
+
none: false
|
35
|
+
requirements:
|
36
|
+
- - ! '>='
|
37
|
+
- !ruby/object:Gem::Version
|
38
|
+
version: 2.3.2
|
39
|
+
type: :runtime
|
40
|
+
prerelease: false
|
41
|
+
version_requirements: !ruby/object:Gem::Requirement
|
42
|
+
none: false
|
43
|
+
requirements:
|
44
|
+
- - ! '>='
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: 2.3.2
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: bundler
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
50
|
+
none: false
|
51
|
+
requirements:
|
52
|
+
- - ~>
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1.0'
|
55
|
+
type: :development
|
56
|
+
prerelease: false
|
57
|
+
version_requirements: !ruby/object:Gem::Requirement
|
58
|
+
none: false
|
59
|
+
requirements:
|
60
|
+
- - ~>
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: '1.0'
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: test-unit
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
none: false
|
67
|
+
requirements:
|
68
|
+
- - ~>
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
version: '2.5'
|
71
|
+
type: :development
|
72
|
+
prerelease: false
|
73
|
+
version_requirements: !ruby/object:Gem::Requirement
|
74
|
+
none: false
|
75
|
+
requirements:
|
76
|
+
- - ~>
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '2.5'
|
79
|
+
- !ruby/object:Gem::Dependency
|
80
|
+
name: rack-test
|
81
|
+
requirement: !ruby/object:Gem::Requirement
|
82
|
+
none: false
|
83
|
+
requirements:
|
84
|
+
- - ~>
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: '0.6'
|
87
|
+
type: :development
|
88
|
+
prerelease: false
|
89
|
+
version_requirements: !ruby/object:Gem::Requirement
|
90
|
+
none: false
|
91
|
+
requirements:
|
92
|
+
- - ~>
|
93
|
+
- !ruby/object:Gem::Version
|
94
|
+
version: '0.6'
|
95
|
+
- !ruby/object:Gem::Dependency
|
96
|
+
name: shoulda
|
97
|
+
requirement: !ruby/object:Gem::Requirement
|
98
|
+
none: false
|
99
|
+
requirements:
|
100
|
+
- - ~>
|
101
|
+
- !ruby/object:Gem::Version
|
102
|
+
version: '3.3'
|
103
|
+
type: :development
|
104
|
+
prerelease: false
|
105
|
+
version_requirements: !ruby/object:Gem::Requirement
|
106
|
+
none: false
|
107
|
+
requirements:
|
108
|
+
- - ~>
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '3.3'
|
111
|
+
description: Rack middleware to log in from a "remember me" Devise cookie.
|
112
|
+
email:
|
113
|
+
- remy@jilion.com
|
114
|
+
- thibaud@jilion.com
|
115
|
+
executables: []
|
116
|
+
extensions: []
|
117
|
+
extra_rdoc_files: []
|
118
|
+
files:
|
119
|
+
- lib/rack/devise_cookie_auth/version.rb
|
120
|
+
- lib/rack/devise_cookie_auth.rb
|
121
|
+
- CHANGELOG.md
|
122
|
+
- LICENSE.md
|
123
|
+
- README.md
|
124
|
+
homepage: https://github.com/jilion/rack-devise_cookie_auth
|
125
|
+
licenses: []
|
126
|
+
post_install_message:
|
127
|
+
rdoc_options: []
|
128
|
+
require_paths:
|
129
|
+
- lib
|
130
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
131
|
+
none: false
|
132
|
+
requirements:
|
133
|
+
- - ! '>='
|
134
|
+
- !ruby/object:Gem::Version
|
135
|
+
version: '0'
|
136
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
137
|
+
none: false
|
138
|
+
requirements:
|
139
|
+
- - ! '>='
|
140
|
+
- !ruby/object:Gem::Version
|
141
|
+
version: '0'
|
142
|
+
requirements: []
|
143
|
+
rubyforge_project:
|
144
|
+
rubygems_version: 1.8.23
|
145
|
+
signing_key:
|
146
|
+
specification_version: 3
|
147
|
+
summary: Rack middleware to log admin in from a "remember me" Devise cookie.
|
148
|
+
test_files: []
|