rack-screen-door 0.0.1

data/.gitignore

@@ -0,0 +1,5 @@
+.bundle
+.yardoc
+Gemfile.lock
+doc
+pkg

data/.rspec

@@ -0,0 +1,2 @@
+--colour
+--format documentation

data/.rvmrc

@@ -0,0 +1 @@
+rvm use --create ree-1.8.7-2011.03@rack-screen-door

data/.travis.yml

@@ -0,0 +1,6 @@
+language: ruby
+rvm:
+  - 1.8.7
+  - 1.9.2
+  - 1.9.3
+  - ree

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown

data/Gemfile

@@ -0,0 +1,3 @@
+source :rubygems
+
+gemspec

data/MIT-LICENSE.txt

@@ -0,0 +1,19 @@
+Copyright (c) 2011 John Nishinaga and Pat Deegan, PhD & Associates, LLC.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# rack-screen-door
+
+Rack middleware for simple question and answer authorization.
+
+This can be useful to add a thin veneer around website to help it stay
+semi-private, e.g., during the development stages.
+
+**WARNING: This is really poor security.** Think of it as a...well...screen door.
+
+## Install
+
+    gem install rack-screen-door
+
+## Usage
+
+    require 'rack/screen_door'
+
+    use Rack::ScreenDoor 'secret answer'
+
+Additional options can be supplied:
+
+    use Rack::ScreenDoor 'secret answer',
+      :salt => 'some server-side secret',
+      :template_path => 'path/to/my_screen_door.html.erb',
+      :cookie_key => 'my_cookie_name',
+      :cookie_hash => { :domain => '.example.org', :secure => true },
+      :expires => 1.year
+
+See [default_template.html.erb](https://github.com/patdeegan/rack-screen-door/blob/master/default_template.html.erb) as an example template file.

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler/setup'
+require 'bundler/gem_tasks'
+
+require 'yard'
+YARD::Rake::YardocTask.new
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/default_template.html.erb

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Enter the secret answer</title>
+    <style>
+      body { font-family: sans-serif; text-align: center; margin: 40px; color: gray; }
+      p, form { max-width: 800px; margin: 1em auto; }
+      .question { font-size: 50px; }
+      .error { color: red; font-size: 50px; }
+      input { font-size: 60px; width: 70%; }
+    </style>
+  </head>
+  <body>
+    <p class="question">Enter the secret answer:</p>
+    <% if error %>
+      <p class="error">Please try again.</p>
+    <% end %>
+    <form method="post">
+      <input type="text" name="answer" id="answer" value="" autofocus>
+      <input type="hidden" name="redirect" value="<%= h redirect_url %>">
+    </form>
+  </body>
+</html>

data/lib/rack-screen-door.rb

@@ -0,0 +1 @@
+require 'rack/screen_door'

data/lib/rack/screen_door.rb

@@ -0,0 +1,89 @@
+require 'rack'
+require 'erb'
+require 'digest/sha2'
+require 'rack/screen_door/version'
+
+module Rack
+
+  # Rack middleware class for simple question and answer authorization.
+  class ScreenDoor
+    
+    DEFAULT_COOKIE_KEY    = '_rack_screen_door'
+    DEFAULT_COOKIE_HASH   = { :httponly => true }
+    DEFAULT_EXPIRES       = 60 * 60 * 24 * 30 # 1 month
+    DEFAULT_TEMPLATE_PATH = ::File.expand_path('../../../default_template.html.erb', __FILE__)
+    DEFAULT_SALT          = 'SaltySalt'
+    
+    attr_reader :app, :cookie_key, :cookie_hash, :expires
+    attr_reader :template_path, :salt, :answer
+    attr_reader :redirect_url, :error
+    
+    # Creates the middleware.
+    #
+    # @param [Application] app application
+    # @param [String] answer secret answer
+    # @param [Hash] options options
+    # @option options [String] :salt (DEFAULT_SALT) a server-side secret
+    # @option options [String] :template_path (DEFAULT_TEMPLATE_PATH) the path to an HTML or ERB file to render
+    # @option options [String] :cookie_key (DEFAULT_COOKIE_KEY) the cookie key (name)
+    # @option options [Hash] :cookie_hash (DEFAULT_COOKIE_HASH) cookie options that will be passed to Rack::Response#set_cookie
+    # @option options [Integer] :expires (DEFAULT_EXPIRES) how long a cookie will persist
+    def initialize(app, answer, options = {})
+      @app           = app
+      @answer        = answer
+      @salt          = options[:salt]          || DEFAULT_SALT
+      @template_path = options[:template_path] || DEFAULT_TEMPLATE_PATH
+      @cookie_key    = options[:cookie_key]    || DEFAULT_COOKIE_KEY
+      @cookie_hash   = DEFAULT_COOKIE_HASH.merge(options[:cookie_hash] || {})
+      @expires       = options[:expires]       || DEFAULT_EXPIRES
+    end
+    
+    # Rack middleware chain.
+    def call(env)
+      dup._call(env) # make threadsafe
+    end
+  
+  protected
+  
+    include ERB::Util
+    
+    def _call(env)
+      request = Rack::Request.new(env)
+      return app.call(env) if verified_cookie?(request)
+      response = Rack::Response.new
+      if request.post?
+        @redirect_url = request.params['redirect'] || '/'
+        if request.params['answer'] == answer
+          set_verified_cookie(response)
+          response.redirect @redirect_url
+        else
+          @error = true
+          response.write response_html
+        end
+      else
+        @redirect_url = request.url
+        @error = false
+        response.write response_html
+      end
+      response.finish
+    end
+    
+    def hashed_answer
+      Digest::SHA256.hexdigest(salt + answer)
+    end
+    
+    def verified_cookie?(request)
+      request.cookies[cookie_key] == hashed_answer
+    end
+    
+    def set_verified_cookie(response)
+      response.set_cookie(cookie_key, cookie_hash.merge(
+        :value => hashed_answer, :expires => Time.now + expires))
+    end
+    
+    def response_html
+      ERB.new(::File.read(template_path)).result(binding)
+    end
+    
+  end
+end

data/lib/rack/screen_door/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  class ScreenDoor
+    VERSION = "0.0.1"
+  end
+end

data/rack-screen-door.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "rack/screen_door/version"
+
+Gem::Specification.new do |s|
+  s.name        = "rack-screen-door"
+  s.version     = Rack::ScreenDoor::VERSION
+  s.authors     = ["John Nishinaga"]
+  s.email       = ["jingoro@casa-z.org"]
+  s.homepage    = "https://github.com/jingoro/rack-screen-door"
+  s.summary     = "Rack middleware for simple question and answer authorization."
+  s.description = s.summary
+
+  s.rubyforge_project = "rack-screen-door"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency 'rack'
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'yard'
+  s.add_development_dependency 'redcarpet'
+end

data/spec/screen_door_spec.rb

@@ -0,0 +1,124 @@
+$:.unshift File.expand_path('../../lib', __FILE__)
+
+require 'rack/screen_door'
+require 'rspec'
+require 'rack/test'
+
+describe Rack::ScreenDoor do
+  
+  include Rack::Test::Methods
+  
+  let(:default_salt)       { 'SaltySalt' }
+  let(:default_cookie_key) { '_rack_screen_door' }
+  let(:default_question)   { 'Enter the secret answer' }
+  let(:default_error)      { 'Please try again' }
+  let(:penguin_answer)     { 'penguin' }
+  let(:penguin_hash)       { 'efec1f5977e7ca9c5273c667502583d86de0eb723de57997faccca0fb5b3ed74' }
+  let(:default_app_body)   { 'Hello World!' }
+
+  let(:default_app) { lambda { |e| [200, {'Content-Type' => 'text/html'}, [default_app_body]] } }
+  let(:app) { Rack::ScreenDoor.new(default_app, penguin_answer) }
+  
+  context 'instance' do
+
+    subject { app }
+
+    its(:salt)          { should == default_salt }
+    its(:cookie_key)    { should == default_cookie_key }
+    its(:cookie_hash)   { should == { :httponly => true } }
+    its(:expires)       { should == 60 * 60 * 24 * 30 }
+    its(:answer)        { should == penguin_answer }
+    its(:hashed_answer) { should == penguin_hash }
+
+  end
+  
+  context 'request' do
+    
+    subject { last_response }
+    
+    before { clear_cookies }
+
+    def cookie_value
+      rack_mock_session.cookie_jar[default_cookie_key]
+    end
+    
+    def headers
+      last_response.headers
+    end
+
+    context 'GET /blah' do
+
+      before { get '/blah' }
+
+      it { should be_ok }
+      its(:body) { should include(default_question) }
+      its(:body) { should_not include(penguin_answer) }
+      its(:body) { should_not include(default_error) }
+      its(:body) { should include('http://example.org/blah') }
+      specify { cookie_value.should be_nil }
+      specify { headers['Content-Type'].should == 'text/html' }
+
+    end
+  
+    context 'POST / with incorrect answer' do
+
+      before { post '/', :answer => 'squirrel', :redirect => 'http://example.org/fred' }
+
+      it { should be_ok }
+      its(:body) { should include(default_question) }
+      its(:body) { should_not include(penguin_answer) }
+      its(:body) { should include(default_error) }
+      its(:body) { should include('http://example.org/fred') }
+      specify { cookie_value.should be_nil }
+
+    end
+    
+    context 'POST / with correct answer' do
+
+      before do
+        Time.stub(:now) { Time.at(946684800).utc } # 2000-1-1
+        post '/', :answer => 'penguin', :redirect => 'http://example.org/stuff'
+      end
+
+      it { should be_redirect }
+      specify { headers['Location'].should == 'http://example.org/stuff' }
+      specify { headers['Set-Cookie'].should include("#{default_cookie_key}=#{penguin_hash}") }
+      specify { headers['Set-Cookie'].should include('expires=Mon, 31-Jan-2000 00:00:00 GMT') }
+
+      context 'after following the redirect' do
+        before { follow_redirect! }
+        it { should be_ok }
+        its(:body) { should == default_app_body }
+      end
+      
+    end
+
+    context 'GET / w/ good cookie' do
+
+      before do
+        set_cookie "#{default_cookie_key}=#{penguin_hash}"
+        get '/'
+      end
+
+      it { should be_ok }
+      its(:body) { should == default_app_body }
+      specify { cookie_value.should == penguin_hash }
+
+    end
+
+    context 'GET / w/ bad cookie' do
+
+      before do
+        set_cookie "#{default_cookie_key}=blubber"
+        get '/'
+      end
+
+      it { should be_ok }
+      its(:body) { should include(default_question) }
+      specify { cookie_value.should == 'blubber' }
+
+    end
+  
+  end
+  
+end

metadata

@@ -0,0 +1,164 @@
+--- !ruby/object:Gem::Specification 
+name: rack-screen-door
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- John Nishinaga
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2012-01-11 00:00:00 Z
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id001
+  prerelease: false
+  name: rack
+  type: :runtime
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id002
+  prerelease: false
+  name: rake
+  type: :development
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id003
+  prerelease: false
+  name: rack-test
+  type: :development
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id004
+  prerelease: false
+  name: rspec
+  type: :development
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id005
+  prerelease: false
+  name: yard
+  type: :development
+- !ruby/object:Gem::Dependency 
+  version_requirements: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  requirement: *id006
+  prerelease: false
+  name: redcarpet
+  type: :development
+description: Rack middleware for simple question and answer authorization.
+email: 
+- jingoro@casa-z.org
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rspec
+- .rvmrc
+- .travis.yml
+- .yardopts
+- Gemfile
+- MIT-LICENSE.txt
+- README.md
+- Rakefile
+- default_template.html.erb
+- lib/rack-screen-door.rb
+- lib/rack/screen_door.rb
+- lib/rack/screen_door/version.rb
+- rack-screen-door.gemspec
+- spec/screen_door_spec.rb
+homepage: https://github.com/jingoro/rack-screen-door
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: rack-screen-door
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Rack middleware for simple question and answer authorization.
+test_files: 
+- spec/screen_door_spec.rb
+has_rdoc: