rack_password 1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +22 -0
- data/.travis.yml +3 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +22 -0
- data/README.md +31 -0
- data/Rakefile +7 -0
- data/lib/rack_password.rb +69 -0
- data/lib/rack_password/version.rb +3 -0
- data/lib/views/block_middleware.html +17 -0
- data/rack_password.gemspec +25 -0
- data/spec/lib/rack_password/block_spec.rb +18 -0
- data/spec/lib/rack_password/block_validator_spec.rb +61 -0
- data/spec/spec_helper.rb +5 -0
- metadata +119 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 48515f054fb19daafa35794779ea0e92c41ef6e9
|
4
|
+
data.tar.gz: ca364edf8baa5b737047d74eb2d9c73ee30fc56a
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: edc3f203402cb8f915cde034c4e436c2681d79875529b6a6a47520f305850617936bb1c16f627abe059c93a1039338c9904630dc9a176da48339cd56bb42daf7
|
7
|
+
data.tar.gz: ffbe9bbf9fd67ee5e4269b8ae97f6dbb1e6df70610c4a04598b66dde0409649bcb8e86d0beacc8c5f6bae0f11a6923a181442c878f9dae5234bd16d5f7611094
|
data/.gitignore
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
*.gem
|
2
|
+
*.rbc
|
3
|
+
.bundle
|
4
|
+
.config
|
5
|
+
.yardoc
|
6
|
+
Gemfile.lock
|
7
|
+
InstalledFiles
|
8
|
+
_yardoc
|
9
|
+
coverage
|
10
|
+
doc/
|
11
|
+
lib/bundler/man
|
12
|
+
pkg
|
13
|
+
rdoc
|
14
|
+
spec/reports
|
15
|
+
test/tmp
|
16
|
+
test/version_tmp
|
17
|
+
tmp
|
18
|
+
*.bundle
|
19
|
+
*.so
|
20
|
+
*.o
|
21
|
+
*.a
|
22
|
+
mkmf.log
|
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2014 Marcin Stecki
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
# RackPassword
|
2
|
+
![](http://img.shields.io/gem/v/rack_password.svg?style=flat-square)
|
3
|
+
[![](http://img.shields.io/codeclimate/github/netguru/rack_password.svg?style=flat-square)](https://codeclimate.com/github/netguru/rack_password)
|
4
|
+
[![](http://img.shields.io/travis/netguru/rack_password.svg?style=flat-square)](ps://travis-ci.org/netguru/rack_password)
|
5
|
+
|
6
|
+
Small rack middleware to block your site from unwanted vistors. A little bit more convenient than basic auth - browser will ask you once for the password and then set a cookie to remember you - unlike the http basic auth it wont prompt you all the time.
|
7
|
+
|
8
|
+
## Installation
|
9
|
+
|
10
|
+
Add this line to your application's Gemfile:
|
11
|
+
|
12
|
+
gem 'rack_password'
|
13
|
+
|
14
|
+
## Usage
|
15
|
+
|
16
|
+
Let's assume you want to password protect your staging environemnt. Add something like this to `config/environments/staging.rb `
|
17
|
+
|
18
|
+
|
19
|
+
```
|
20
|
+
config.middleware.use RackPassword::Block, auth_codes: ['janusz']
|
21
|
+
```
|
22
|
+
|
23
|
+
From now on, your staging app should prompt for `janusz` password before you access it.
|
24
|
+
|
25
|
+
## Contributing
|
26
|
+
|
27
|
+
1. Fork it ( https://github.com/[my-github-username]/rack_password/fork )
|
28
|
+
2. Create your feature branch (`git checkout -b my-new-feature`)
|
29
|
+
3. Commit your changes (`git commit -am 'Add some feature'`)
|
30
|
+
4. Push to the branch (`git push origin my-new-feature`)
|
31
|
+
5. Create a new Pull Request
|
data/Rakefile
ADDED
@@ -0,0 +1,69 @@
|
|
1
|
+
require "rack_password/version"
|
2
|
+
|
3
|
+
module RackPassword
|
4
|
+
|
5
|
+
class Block
|
6
|
+
|
7
|
+
def initialize app, options = {}
|
8
|
+
@app = app
|
9
|
+
@options = {
|
10
|
+
:key => :staging_auth,
|
11
|
+
:code_param => :code
|
12
|
+
}.merge options
|
13
|
+
end
|
14
|
+
|
15
|
+
def call env
|
16
|
+
request = Rack::Request.new env
|
17
|
+
|
18
|
+
bv = BlockValidator.new(@options, request)
|
19
|
+
return @app.call(env) if bv.valid?
|
20
|
+
|
21
|
+
|
22
|
+
if request.post? and bv.valid_code?(request.params[@options[:code_param].to_s]) # If post method check :code_param value
|
23
|
+
domain = request.host == 'localhost' ? '' : ".#{request.host}"
|
24
|
+
[301, {'Location' => request.path, 'Set-Cookie' => "#{@options[:key]}=#{request.params[@options[:code_param].to_s]}; domain=#{domain}; expires=30-Dec-2039 23:59:59 GMT"}, ['']] # Redirect if code is valid
|
25
|
+
else
|
26
|
+
success_rack_response
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
def success_rack_response
|
31
|
+
[200, {'Content-Type' => 'text/html'}, [read_success_view]]
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def read_success_view
|
37
|
+
@success_view ||= File.open(File.join(File.dirname(__FILE__), "views", "block_middleware.html")).read
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
class BlockValidator
|
42
|
+
attr_accessor :options, :request
|
43
|
+
|
44
|
+
def initialize options, request
|
45
|
+
@options = options
|
46
|
+
@request = request
|
47
|
+
end
|
48
|
+
|
49
|
+
def valid?
|
50
|
+
valid_path? || valid_code?(@request.cookies[@options[:key].to_s]) || valid_ip?
|
51
|
+
end
|
52
|
+
|
53
|
+
def valid_ip?
|
54
|
+
return false if @options[:ip_whitelist].nil?
|
55
|
+
@options[:ip_whitelist].include? @request.ip.to_s
|
56
|
+
end
|
57
|
+
|
58
|
+
def valid_path?
|
59
|
+
match = @request.path =~ /\.xml|\.rss|\.json/ || @request.path =~ @options[:path_whitelist]
|
60
|
+
!!match
|
61
|
+
end
|
62
|
+
|
63
|
+
def valid_code? code
|
64
|
+
return false if @options[:auth_codes].nil?
|
65
|
+
@options[:auth_codes].include? code
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html lang="en">
|
3
|
+
<body>
|
4
|
+
<div class="container-fluid">
|
5
|
+
<div class="row-fluid">
|
6
|
+
<div class="span4"></div>
|
7
|
+
<div class="span4">
|
8
|
+
<legend>Sign in</legend>
|
9
|
+
<form action="" method="post" class="form-inline">
|
10
|
+
<input type="password" placeholder="Password..." name="code" />
|
11
|
+
<button type="submit" class="btn btn-primary">Sign in</button>
|
12
|
+
</form>
|
13
|
+
</div>
|
14
|
+
</div>
|
15
|
+
</div>
|
16
|
+
</body>
|
17
|
+
</html>
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'rack_password/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "rack_password"
|
8
|
+
spec.version = RackPassword::VERSION
|
9
|
+
spec.authors = ["Marcin Stecki"]
|
10
|
+
spec.email = ["marcin@netguru.pl"]
|
11
|
+
spec.summary = %q{Small rack middleware to block your site from unwanted vistors.}
|
12
|
+
spec.description = %q{Small rack middleware to block your site from unwanted vistors. A little bit more convenient than basic auth - browser will ask you once for the password and then set a cookie to remember you - unlike the http basic auth it wont prompt you all the time.}
|
13
|
+
spec.homepage = ""
|
14
|
+
spec.license = "MIT"
|
15
|
+
|
16
|
+
spec.files = `git ls-files -z`.split("\x0")
|
17
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
18
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
19
|
+
spec.require_paths = ["lib"]
|
20
|
+
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.6"
|
22
|
+
spec.add_development_dependency "rake"
|
23
|
+
spec.add_development_dependency "rspec"
|
24
|
+
spec.add_development_dependency "webmock"
|
25
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module RackPassword
|
4
|
+
describe Block do
|
5
|
+
|
6
|
+
describe "success rack response" do
|
7
|
+
let(:block){ Block.new("app") }
|
8
|
+
|
9
|
+
it "return 200 status code" do
|
10
|
+
expect(block.success_rack_response[0]).to eq 200
|
11
|
+
end
|
12
|
+
|
13
|
+
it "return html" do
|
14
|
+
expect(block.success_rack_response[2][0]).to include("password")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'rack_password'
|
3
|
+
|
4
|
+
describe RackPassword::BlockValidator do
|
5
|
+
let(:options){ Hash.new }
|
6
|
+
|
7
|
+
describe "valid ip" do
|
8
|
+
let(:options) { Hash[ip_whitelist: ["127.0.0.1"]] }
|
9
|
+
it "be true when ip is whitelisted" do
|
10
|
+
request = double "Request", ip: "127.0.0.1"
|
11
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
12
|
+
expect(bv.valid_ip?).to be(true)
|
13
|
+
end
|
14
|
+
|
15
|
+
it "be false when ip is not whitelisted" do
|
16
|
+
request = double "Request", ip: "192.168.0.1"
|
17
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
18
|
+
expect(bv.valid_ip?).to be(false)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
describe "valid path" do
|
23
|
+
it "be true when path is whitelisted" do
|
24
|
+
options[:path_whitelist] = /secret\/gate/
|
25
|
+
request = double "Request", path: "secret/gate"
|
26
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
27
|
+
expect(bv.valid_path?).to be(true)
|
28
|
+
end
|
29
|
+
|
30
|
+
it "be true when path looks like allowed path" do
|
31
|
+
%w[janusz.xml lukasz.rss wykop.json].each do |asset|
|
32
|
+
request = double "Request", path: asset
|
33
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
34
|
+
expect(bv.valid_path?).to be(true)
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
it "be false when path doesn't looks like asset" do
|
39
|
+
%w[products orders users].each do |asset|
|
40
|
+
request = double "Request", path: asset
|
41
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
42
|
+
expect(bv.valid_path?).to be(false)
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
describe "valid code" do
|
48
|
+
let(:options) { Hash[auth_codes: ["secret"], key: :staging_auth] }
|
49
|
+
let(:request) { double "Request" }
|
50
|
+
|
51
|
+
it "be true when code is correct" do
|
52
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
53
|
+
expect(bv.valid_code?("secret")).to be(true)
|
54
|
+
end
|
55
|
+
|
56
|
+
it "be false when code is incorrect" do
|
57
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
58
|
+
expect(bv.valid_code?("incorrect_secret")).to be(false)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
data/spec/spec_helper.rb
ADDED
metadata
ADDED
@@ -0,0 +1,119 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: rack_password
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '1.0'
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Marcin Stecki
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-11-19 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.6'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ~>
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.6'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: webmock
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description: Small rack middleware to block your site from unwanted vistors. A little
|
70
|
+
bit more convenient than basic auth - browser will ask you once for the password
|
71
|
+
and then set a cookie to remember you - unlike the http basic auth it wont prompt
|
72
|
+
you all the time.
|
73
|
+
email:
|
74
|
+
- marcin@netguru.pl
|
75
|
+
executables: []
|
76
|
+
extensions: []
|
77
|
+
extra_rdoc_files: []
|
78
|
+
files:
|
79
|
+
- .gitignore
|
80
|
+
- .travis.yml
|
81
|
+
- Gemfile
|
82
|
+
- LICENSE.txt
|
83
|
+
- README.md
|
84
|
+
- Rakefile
|
85
|
+
- lib/rack_password.rb
|
86
|
+
- lib/rack_password/version.rb
|
87
|
+
- lib/views/block_middleware.html
|
88
|
+
- rack_password.gemspec
|
89
|
+
- spec/lib/rack_password/block_spec.rb
|
90
|
+
- spec/lib/rack_password/block_validator_spec.rb
|
91
|
+
- spec/spec_helper.rb
|
92
|
+
homepage: ''
|
93
|
+
licenses:
|
94
|
+
- MIT
|
95
|
+
metadata: {}
|
96
|
+
post_install_message:
|
97
|
+
rdoc_options: []
|
98
|
+
require_paths:
|
99
|
+
- lib
|
100
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
101
|
+
requirements:
|
102
|
+
- - '>='
|
103
|
+
- !ruby/object:Gem::Version
|
104
|
+
version: '0'
|
105
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
106
|
+
requirements:
|
107
|
+
- - '>='
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0'
|
110
|
+
requirements: []
|
111
|
+
rubyforge_project:
|
112
|
+
rubygems_version: 2.2.2
|
113
|
+
signing_key:
|
114
|
+
specification_version: 4
|
115
|
+
summary: Small rack middleware to block your site from unwanted vistors.
|
116
|
+
test_files:
|
117
|
+
- spec/lib/rack_password/block_spec.rb
|
118
|
+
- spec/lib/rack_password/block_validator_spec.rb
|
119
|
+
- spec/spec_helper.rb
|