rack-jwt-auth 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rack/jwt/auth/authenticate.rb +7 -1
- data/lib/rack/jwt/auth/version.rb +1 -1
- data/spec/authenticate_options_spec.rb +82 -0
- data/spec/authenticate_spec.rb +4 -30
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d6a2052e477acf5027ed8dedce21869b2780c497
|
4
|
+
data.tar.gz: b3103b770c27029fc0c6d9eb865d8d8c8a2577cf
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 049bc6f3a49f25795a765ce22415378d46a79458de78d7c1f4096e4a2cf077e3e6546d95fcb31f69ac23892eb520bac0c0ba4a405298163de95dd68b51cdb96c
|
7
|
+
data.tar.gz: bbd0aa5a7f5d032c1c7cedf4b9e209110e267df9745bc4649b79d67bc03d401613181589be80a8df462824eabb1aa5b8a5ba56a874a5b698861932f04a816ef6
|
@@ -11,6 +11,8 @@ module Rack
|
|
11
11
|
raise 'Secret must be provided' if opts[:secret].nil?
|
12
12
|
|
13
13
|
@secret = opts[:secret]
|
14
|
+
|
15
|
+
@authenticated_routes = compile_paths(opts[:only])
|
14
16
|
@unauthenticated_routes = compile_paths(opts[:except])
|
15
17
|
end
|
16
18
|
|
@@ -24,7 +26,11 @@ module Rack
|
|
24
26
|
private
|
25
27
|
|
26
28
|
def authenticated_route?(env)
|
27
|
-
|
29
|
+
if @authenticated_routes.length > 0
|
30
|
+
@authenticated_routes.find { |route| route =~ env['PATH_INFO'] }
|
31
|
+
else
|
32
|
+
!@unauthenticated_routes.find { |route| route =~ env['PATH_INFO'] }
|
33
|
+
end
|
28
34
|
end
|
29
35
|
|
30
36
|
def with_authorization(env)
|
@@ -0,0 +1,82 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Rack::Jwt::Auth::Authenticate do
|
4
|
+
include Rack::Test::Methods
|
5
|
+
|
6
|
+
let(:issuer) { Rack::Jwt::Auth::AuthToken }
|
7
|
+
|
8
|
+
context "Except routes" do
|
9
|
+
|
10
|
+
let(:app) do
|
11
|
+
main_app = lambda { |env| [200, env, ['Hello']] }
|
12
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {except: ['/not_authenticated', '/not_authenticated/*'], secret: 'supertestsecret'})
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'returns 200 ok if the request is for a route that is not authenticated' do
|
16
|
+
get('/not_authenticated')
|
17
|
+
|
18
|
+
expect(last_response.status).to eql(200)
|
19
|
+
expect(last_response.body).to eql('Hello')
|
20
|
+
|
21
|
+
get('/not_authenticated/other')
|
22
|
+
|
23
|
+
expect(last_response.status).to eql(200)
|
24
|
+
expect(last_response.body).to eql('Hello')
|
25
|
+
|
26
|
+
get('/not_authenticated/other/test')
|
27
|
+
|
28
|
+
expect(last_response.status).to eql(200)
|
29
|
+
expect(last_response.body).to eql('Hello')
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'returns 401 ok if the request is for a route that is authenticated' do
|
33
|
+
get('/authenticated')
|
34
|
+
expect(last_response.status).to eql(401)
|
35
|
+
|
36
|
+
get('/authenticated/other')
|
37
|
+
expect(last_response.status).to eql(401)
|
38
|
+
|
39
|
+
get('/authenticated/other/test')
|
40
|
+
expect(last_response.status).to eql(401)
|
41
|
+
end
|
42
|
+
|
43
|
+
end
|
44
|
+
|
45
|
+
context "Only routes" do
|
46
|
+
|
47
|
+
let(:app) do
|
48
|
+
main_app = lambda { |env| [200, env, ['Hello']] }
|
49
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {only: ['/authenticated', '/authenticated/*'], secret: 'supertestsecret'})
|
50
|
+
end
|
51
|
+
|
52
|
+
it 'returns 200 ok if the request is for a route that is not authenticated' do
|
53
|
+
get('/not_authenticated')
|
54
|
+
|
55
|
+
expect(last_response.status).to eql(200)
|
56
|
+
expect(last_response.body).to eql('Hello')
|
57
|
+
|
58
|
+
get('/not_authenticated/other')
|
59
|
+
|
60
|
+
expect(last_response.status).to eql(200)
|
61
|
+
expect(last_response.body).to eql('Hello')
|
62
|
+
|
63
|
+
get('/not_authenticated/other/test')
|
64
|
+
|
65
|
+
expect(last_response.status).to eql(200)
|
66
|
+
expect(last_response.body).to eql('Hello')
|
67
|
+
end
|
68
|
+
|
69
|
+
it 'returns 401 ok if the request is for a route that is authenticated' do
|
70
|
+
get('/authenticated')
|
71
|
+
expect(last_response.status).to eql(401)
|
72
|
+
|
73
|
+
get('/authenticated/other')
|
74
|
+
expect(last_response.status).to eql(401)
|
75
|
+
|
76
|
+
get('/authenticated/other/test')
|
77
|
+
expect(last_response.status).to eql(401)
|
78
|
+
end
|
79
|
+
|
80
|
+
end
|
81
|
+
|
82
|
+
end
|
data/spec/authenticate_spec.rb
CHANGED
@@ -7,23 +7,14 @@ describe Rack::Jwt::Auth::Authenticate do
|
|
7
7
|
|
8
8
|
let(:app) do
|
9
9
|
main_app = lambda { |env| [200, env, ['Hello']] }
|
10
|
-
Rack::Jwt::Auth::Authenticate.new(main_app, {
|
10
|
+
Rack::Jwt::Auth::Authenticate.new(main_app, {secret: 'supertestsecret'})
|
11
11
|
end
|
12
12
|
|
13
|
-
it '
|
14
|
-
|
15
|
-
get('/', {}, {'HTTP_AUTHORIZATION' => token})
|
16
|
-
|
17
|
-
expect(last_response.status).to eql(200)
|
18
|
-
expect(last_response.body).to eql('Hello')
|
19
|
-
|
20
|
-
session = last_response.header['rack.jwt.session'][0]
|
21
|
-
|
22
|
-
expect(session['user_id']).to eql(1)
|
23
|
-
expect(session['username']).to eql('test')
|
13
|
+
it 'raises an exception if no secret if provided' do
|
14
|
+
expect{ Rack::Jwt::Auth::Authenticate.new(main_app, {}) }.to raise_error
|
24
15
|
end
|
25
16
|
|
26
|
-
it '
|
17
|
+
it 'returns 200 ok if the request is authenticated' do
|
27
18
|
token = issuer.issue_token({user_id: 1, username: 'test'}, 'supertestsecret')
|
28
19
|
get('/', {}, {'HTTP_AUTHORIZATION' => token})
|
29
20
|
|
@@ -51,21 +42,4 @@ describe Rack::Jwt::Auth::Authenticate do
|
|
51
42
|
expect(last_response.body).to eql('Invalid Authorization')
|
52
43
|
end
|
53
44
|
|
54
|
-
it 'returns 200 ok if the request is for a route that is not authorized' do
|
55
|
-
get('/not_authenticated')
|
56
|
-
|
57
|
-
expect(last_response.status).to eql(200)
|
58
|
-
expect(last_response.body).to eql('Hello')
|
59
|
-
|
60
|
-
get('/not_authenticated/other')
|
61
|
-
|
62
|
-
expect(last_response.status).to eql(200)
|
63
|
-
expect(last_response.body).to eql('Hello')
|
64
|
-
|
65
|
-
get('/not_authenticated/other/test')
|
66
|
-
|
67
|
-
expect(last_response.status).to eql(200)
|
68
|
-
expect(last_response.body).to eql('Hello')
|
69
|
-
end
|
70
|
-
|
71
45
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-jwt-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- João Almeida
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-11-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -98,6 +98,7 @@ files:
|
|
98
98
|
- lib/rack/jwt/auth/version.rb
|
99
99
|
- rack-jwt-auth.gemspec
|
100
100
|
- spec/auth_token_spec.rb
|
101
|
+
- spec/authenticate_options_spec.rb
|
101
102
|
- spec/authenticate_spec.rb
|
102
103
|
- spec/spec_helper.rb
|
103
104
|
homepage: ''
|
@@ -126,5 +127,7 @@ specification_version: 4
|
|
126
127
|
summary: Rack jwt auth middleware
|
127
128
|
test_files:
|
128
129
|
- spec/auth_token_spec.rb
|
130
|
+
- spec/authenticate_options_spec.rb
|
129
131
|
- spec/authenticate_spec.rb
|
130
132
|
- spec/spec_helper.rb
|
133
|
+
has_rdoc:
|