rack_password 1.2 → 1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/rack_password.rb +6 -1
- data/lib/rack_password/version.rb +1 -1
- data/spec/lib/rack_password/block_validator_spec.rb +43 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e025b498a531e95f3e5a27a59f1334971bf474a7
|
4
|
+
data.tar.gz: 6d69977ae762c9a4ddb868dcad2844b8a9f3afc2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c4cd59a1f36bba510f1c33bbfe9df41b80f50a286d9147b6aa4eff978b7402911f22cd3c73a3df58be5675a795a38bb2063ce166ea4f846ac6c8590eab535d8a
|
7
|
+
data.tar.gz: 6c1dff256b76ce8414a9b93f850d71e3d4bcbd264ef998deeaacbcf71e7c4057290e8ef4683944fa9e1641a7fac3f9d000088f2730e834a69bfe53f9fa037211
|
data/README.md
CHANGED
@@ -22,6 +22,14 @@ config.middleware.use RackPassword::Block, auth_codes: ['janusz']
|
|
22
22
|
|
23
23
|
From now on, your staging app should prompt for `janusz` password before you access it.
|
24
24
|
|
25
|
+
You can also provide custom validator:
|
26
|
+
|
27
|
+
```
|
28
|
+
config.middleware.use RackPassword::Block, auth_codes: ['janusz'], custom_rule: proc { |request| request.env['HTTP_USER_AGENT'].include?('facebook') }
|
29
|
+
```
|
30
|
+
## Common problems
|
31
|
+
- If you use server ip address instead of domain name to visit your webpage using chrome, rack_password will not accept any password, including the correct one. As a workaround, please use wildcard DNS service, such as [xip.io](http://xip.io/) or set `cookie_domain` option to match server IP address.
|
32
|
+
|
25
33
|
## Contributing
|
26
34
|
|
27
35
|
1. Fork it ( https://github.com/netguru/rack_password/fork )
|
data/lib/rack_password.rb
CHANGED
@@ -48,7 +48,7 @@ module RackPassword
|
|
48
48
|
end
|
49
49
|
|
50
50
|
def valid?
|
51
|
-
valid_path? || valid_code?(@request.cookies[@options[:key].to_s]) || valid_ip?
|
51
|
+
valid_path? || valid_code?(@request.cookies[@options[:key].to_s]) || valid_ip? || valid_custom_rule?
|
52
52
|
end
|
53
53
|
|
54
54
|
def valid_ip?
|
@@ -64,6 +64,11 @@ module RackPassword
|
|
64
64
|
return false if @options[:auth_codes].nil?
|
65
65
|
@options[:auth_codes].include? code
|
66
66
|
end
|
67
|
+
|
68
|
+
def valid_custom_rule?
|
69
|
+
return false if @options[:custom_rule].nil?
|
70
|
+
!!@options[:custom_rule].call(@request)
|
71
|
+
end
|
67
72
|
end
|
68
73
|
|
69
74
|
end
|
@@ -58,4 +58,47 @@ describe RackPassword::BlockValidator do
|
|
58
58
|
expect(bv.valid_code?("incorrect_secret")).to be(false)
|
59
59
|
end
|
60
60
|
end
|
61
|
+
|
62
|
+
describe "proc control" do
|
63
|
+
context "with proc allowing to pass" do
|
64
|
+
let(:options) { Hash[auth_codes: ["secret"], key: :staging_auth, custom_rule: proc { true } ] }
|
65
|
+
let(:request) { double "Request", path: "/", ip: "127.0.0.1", cookies: { } }
|
66
|
+
|
67
|
+
it "is true when proc evaluates to true" do
|
68
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
69
|
+
expect(bv.valid_custom_rule?).to be(true)
|
70
|
+
end
|
71
|
+
|
72
|
+
it "is true when proc returns true" do
|
73
|
+
bv = RackPassword::BlockValidator.new({custom_rule: proc { true }}, request)
|
74
|
+
expect(bv.valid_custom_rule?).to be(true)
|
75
|
+
end
|
76
|
+
|
77
|
+
it "is true when other rules return false" do
|
78
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
79
|
+
expect(bv.valid_path?).to be(false)
|
80
|
+
expect(bv.valid_code?('')).to be(false)
|
81
|
+
expect(bv.valid_ip?).to be(false)
|
82
|
+
|
83
|
+
expect(bv.valid_custom_rule?).to be(true)
|
84
|
+
expect(bv.valid?).to be(true)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
context "with proc set to deny-all" do
|
89
|
+
let(:options) { Hash[auth_codes: ["secret"], key: :staging_auth, custom_rule: proc { false } ] }
|
90
|
+
let(:request) { double "Request", path: "/", ip: "127.0.0.1", cookies: { } }
|
91
|
+
|
92
|
+
it "is true when proc evaluates to true" do
|
93
|
+
bv = RackPassword::BlockValidator.new(options, request)
|
94
|
+
expect(bv.valid_custom_rule?).to be(false)
|
95
|
+
expect(bv.valid?).to be(false)
|
96
|
+
end
|
97
|
+
|
98
|
+
it "is false when proc returns false" do
|
99
|
+
bv = RackPassword::BlockValidator.new({custom_rule: proc { false }}, request)
|
100
|
+
expect(bv.valid_custom_rule?).to be(false)
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
61
104
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack_password
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '1.
|
4
|
+
version: '1.3'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Marcin Stecki
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-04-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|