rack_password 1.2 → 1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/rack_password.rb +6 -1
- data/lib/rack_password/version.rb +1 -1
- data/spec/lib/rack_password/block_validator_spec.rb +43 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e025b498a531e95f3e5a27a59f1334971bf474a7
|
|
4
|
+
data.tar.gz: 6d69977ae762c9a4ddb868dcad2844b8a9f3afc2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4cd59a1f36bba510f1c33bbfe9df41b80f50a286d9147b6aa4eff978b7402911f22cd3c73a3df58be5675a795a38bb2063ce166ea4f846ac6c8590eab535d8a
|
|
7
|
+
data.tar.gz: 6c1dff256b76ce8414a9b93f850d71e3d4bcbd264ef998deeaacbcf71e7c4057290e8ef4683944fa9e1641a7fac3f9d000088f2730e834a69bfe53f9fa037211
|
data/README.md
CHANGED
|
@@ -22,6 +22,14 @@ config.middleware.use RackPassword::Block, auth_codes: ['janusz']
|
|
|
22
22
|
|
|
23
23
|
From now on, your staging app should prompt for `janusz` password before you access it.
|
|
24
24
|
|
|
25
|
+
You can also provide custom validator:
|
|
26
|
+
|
|
27
|
+
```
|
|
28
|
+
config.middleware.use RackPassword::Block, auth_codes: ['janusz'], custom_rule: proc { |request| request.env['HTTP_USER_AGENT'].include?('facebook') }
|
|
29
|
+
```
|
|
30
|
+
## Common problems
|
|
31
|
+
- If you use server ip address instead of domain name to visit your webpage using chrome, rack_password will not accept any password, including the correct one. As a workaround, please use wildcard DNS service, such as [xip.io](http://xip.io/) or set `cookie_domain` option to match server IP address.
|
|
32
|
+
|
|
25
33
|
## Contributing
|
|
26
34
|
|
|
27
35
|
1. Fork it ( https://github.com/netguru/rack_password/fork )
|
data/lib/rack_password.rb
CHANGED
|
@@ -48,7 +48,7 @@ module RackPassword
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def valid?
|
|
51
|
-
valid_path? || valid_code?(@request.cookies[@options[:key].to_s]) || valid_ip?
|
|
51
|
+
valid_path? || valid_code?(@request.cookies[@options[:key].to_s]) || valid_ip? || valid_custom_rule?
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
def valid_ip?
|
|
@@ -64,6 +64,11 @@ module RackPassword
|
|
|
64
64
|
return false if @options[:auth_codes].nil?
|
|
65
65
|
@options[:auth_codes].include? code
|
|
66
66
|
end
|
|
67
|
+
|
|
68
|
+
def valid_custom_rule?
|
|
69
|
+
return false if @options[:custom_rule].nil?
|
|
70
|
+
!!@options[:custom_rule].call(@request)
|
|
71
|
+
end
|
|
67
72
|
end
|
|
68
73
|
|
|
69
74
|
end
|
|
@@ -58,4 +58,47 @@ describe RackPassword::BlockValidator do
|
|
|
58
58
|
expect(bv.valid_code?("incorrect_secret")).to be(false)
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
|
+
|
|
62
|
+
describe "proc control" do
|
|
63
|
+
context "with proc allowing to pass" do
|
|
64
|
+
let(:options) { Hash[auth_codes: ["secret"], key: :staging_auth, custom_rule: proc { true } ] }
|
|
65
|
+
let(:request) { double "Request", path: "/", ip: "127.0.0.1", cookies: { } }
|
|
66
|
+
|
|
67
|
+
it "is true when proc evaluates to true" do
|
|
68
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
|
69
|
+
expect(bv.valid_custom_rule?).to be(true)
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
it "is true when proc returns true" do
|
|
73
|
+
bv = RackPassword::BlockValidator.new({custom_rule: proc { true }}, request)
|
|
74
|
+
expect(bv.valid_custom_rule?).to be(true)
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
it "is true when other rules return false" do
|
|
78
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
|
79
|
+
expect(bv.valid_path?).to be(false)
|
|
80
|
+
expect(bv.valid_code?('')).to be(false)
|
|
81
|
+
expect(bv.valid_ip?).to be(false)
|
|
82
|
+
|
|
83
|
+
expect(bv.valid_custom_rule?).to be(true)
|
|
84
|
+
expect(bv.valid?).to be(true)
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
context "with proc set to deny-all" do
|
|
89
|
+
let(:options) { Hash[auth_codes: ["secret"], key: :staging_auth, custom_rule: proc { false } ] }
|
|
90
|
+
let(:request) { double "Request", path: "/", ip: "127.0.0.1", cookies: { } }
|
|
91
|
+
|
|
92
|
+
it "is true when proc evaluates to true" do
|
|
93
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
|
94
|
+
expect(bv.valid_custom_rule?).to be(false)
|
|
95
|
+
expect(bv.valid?).to be(false)
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
it "is false when proc returns false" do
|
|
99
|
+
bv = RackPassword::BlockValidator.new({custom_rule: proc { false }}, request)
|
|
100
|
+
expect(bv.valid_custom_rule?).to be(false)
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
61
104
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack_password
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: '1.
|
|
4
|
+
version: '1.3'
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Marcin Stecki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-04-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|