red_token_auth 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 2118c6cedf39c2690b78ebd14872d47b26e30a1b
+  data.tar.gz: 555b4a301388fdb2a60f2f2700ec14eb0a209967
+SHA512:
+  metadata.gz: e5db59d84930e81ace65ec2f3c9a71425dfaa3da2c0bfbacae65e478527c1c9bf244c8d1d08d5b7e7f2fe72d435bc81836ee7eeadd9ceb47c521d65939944078
+  data.tar.gz: 3cf8f41d0459772eb7c5633920742e1bff591b74362c87d06a3fb2006b17df2bee5968739dd617f79766f2d60b181889927dfcd7ee61398459e550dfe57455e9

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2017 Caio Ergos
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,85 @@
+# RedTokenAuth
+
+### _This gem is currently under development._
+
+Token based authentication gem for a Rails + Mongoid.
+
+We decided to build this gem after trying to use some some other token authentication gems that needed Devise and it didn't work out well with Mongoid.
+
+RedTokenAuth goal is to provide a simple authentication interface for Rails using Mongoid.
+
+
+
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'red_token_auth'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install red_token_auth
+
+```
+## Usage
+You'll be able to include the module in the model like so:
+```ruby
+class User
+  include Mongoid::Document
+  include RedTokenAuth
+end
+```
+### Included methods
+* `User#sign_in`
+  
+  It'll return `true` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
+  
+  ```ruby
+  user.sign_in("password")
+  ```
+  
+* `User#sign_out`
+  
+  If the token matches the user `authentication_token`, it'll be set to `nil` and return `true`. If it doesn't match, errors will be added to `User#errors` and false will be returned.
+  
+  ```ruby
+  user.sign_out("auth_token")
+  ```
+  
+* `User#generate_password_token`
+  
+  A random token will be generated and stored in `User#reset_password_token`. You'll probably be sending this token to the user via email or push notifications so they can then change their password.
+  
+  ```ruby
+  user.generate_password_token
+  ```
+  
+* `User#update_password`
+  
+  This method is used when the user wants to update their password. If the current password doesn't match errors will be added to `User#errors` and false will be returned. Otherwise it'll return `true`.
+  ```ruby
+  user.update_password(current_password: "password", password: "new_password", password_confirmation: "new_password")
+  ```
+  
+* `User#reset_password`
+
+  This method is used after the `User#generate_password_token` and the `User#reset_password_token` now stores a token.
+  ```ruby
+  user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
+  ```
+  
+
+
+## Contributing
+To do.
+
+## License
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,26 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'RedTokenAuth'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.md')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../spec/test_app/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+require 'bundler/gem_tasks'
+

data/app/controllers/red_token_auth/application_controller.rb

@@ -0,0 +1,5 @@
+module RedTokenAuth
+  class ApplicationController < ActionController::Base
+    protect_from_forgery with: :exception
+  end
+end

data/app/helpers/red_token_auth/application_helper.rb

@@ -0,0 +1,4 @@
+module RedTokenAuth
+  module ApplicationHelper
+  end
+end

data/app/mailers/red_token_auth/application_mailer.rb

@@ -0,0 +1,6 @@
+module RedTokenAuth
+  class ApplicationMailer < ActionMailer::Base
+    default from: 'from@example.com'
+    layout 'mailer'
+  end
+end

data/config/routes.rb

@@ -0,0 +1,2 @@
+RedTokenAuth::Engine.routes.draw do
+end

data/lib/red_token_auth/configuration.rb

@@ -0,0 +1,15 @@
+module RedTokenAuth
+  class Configuration
+    attr_accessor :email_regex
+    attr_accessor :password_regex
+    attr_accessor :password_length
+
+    def initialize
+      # Basically, just make sure there only one "@" in the email.
+      @email_regex = /\A[^@\s]+@[^@\s]+\z/
+      # Make sure there is at least one character and one number.
+      @password_regex = /\A(?=.*?[a-z])(?=.*?[0-9]).{0,}\z/
+      @password_length = 8..20
+    end
+  end
+end

data/lib/red_token_auth/engine.rb

@@ -0,0 +1,10 @@
+module RedTokenAuth
+  class Engine < ::Rails::Engine
+    isolate_namespace RedTokenAuth
+
+    config.generators do |g|
+      g.test_framework :rspec
+      g.fixture_replacement :factory_girl, dir: "spec/factories"
+    end
+  end
+end

data/lib/red_token_auth/password.rb

@@ -0,0 +1,49 @@
+require "securerandom"
+
+module RedTokenAuth
+  module Password
+    extend ActiveSupport::Concern
+
+    included do
+      include ActiveModel::SecurePassword
+
+      # Attribute for updating password.
+      # Entity must pass current password in order to change its password.
+      attr_accessor :current_password
+
+      # Adds #password_confirmation and #authenticate.
+      # The model must have a field named #password_digest.
+      has_secure_password
+
+      def generate_reset_password_token
+        update(reset_password_token: random_token, reset_password_token_sent_at: Time.zone.now)
+      end
+
+      def update_password(params = {})
+        if authenticate(params[:current_password]) && !params[:current_password].blank?
+          update(password: params[:password], password_confirmation: params[:password_confirmation])
+        else
+          #HACK: It would be nicer if this logic was inside a validation.
+          #TODO: Add message yml.
+          errors.add(:current_password, :wrong_password)
+          return false
+        end
+      end
+
+      def reset_password(params = {})
+        if params[:reset_password_token] == reset_password_token
+          update(password: params[:password], password_confirmation: params[:password_confirmation], reset_password_token_sent_at: nil)
+        else
+          #HACK: It would be nicer if this logic was inside a validation.
+          #TODO: Add message yml.
+          errors.add(:current_password, :wrong_reset_password_token)
+          return false
+        end
+      end
+    end
+
+    def random_token
+      SecureRandom.hex(3)
+    end
+  end
+end

data/lib/red_token_auth/sign_in_out.rb

@@ -0,0 +1,30 @@
+require "securerandom"
+
+module RedTokenAuth
+  module SignInOut
+    extend ActiveSupport::Concern
+
+    included do
+      def sign_in(password)
+        if authenticate(password)
+          update(authentication_token: random_token)
+        else
+          errors.add(:password, :wrong_password)
+        end
+      end
+
+      def sign_out(auth_token)
+        if auth_token == authentication_token
+          update(authentication_token: nil)
+        else
+          errors.add(:authentication_token, :wrong_token)
+          false
+        end
+      end
+    end
+  end
+
+  def random_token
+    SecureRandom.hex(30)
+  end
+end

data/lib/red_token_auth/validations.rb

@@ -0,0 +1,17 @@
+require "securerandom"
+
+module RedTokenAuth
+  module Validations
+    extend ActiveSupport::Concern
+
+    included do
+      include ActiveModel::SecurePassword
+
+      validates :email,
+        format: RedTokenAuth.configuration.email_regex
+      validates :password,
+        format: RedTokenAuth.configuration.password_regex,
+        length: { in: RedTokenAuth.configuration.password_length }
+    end
+  end
+end

data/lib/red_token_auth/version.rb

@@ -0,0 +1,3 @@
+module RedTokenAuth
+  VERSION = '0.1.0'
+end

data/lib/red_token_auth.rb

@@ -0,0 +1,30 @@
+require "red_token_auth/version"
+require "red_token_auth/engine"
+
+require "red_token_auth/configuration"
+
+require "red_token_auth/sign_in_out"
+require "red_token_auth/password"
+require "red_token_auth/validations"
+
+module RedTokenAuth
+  extend ActiveSupport::Concern
+
+  class << self
+    attr_writer :configuration
+  end
+
+  included do
+    include SignInOut
+    include Password
+    include Validations
+  end
+
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.configure
+    yield configuration
+  end
+end

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification
+name: red_token_auth
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Caio Ergos
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-04-28 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 5.0.2
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This does not aim to compete with Devise. It is intended to supply a
+  simple interface for database agnostic authentication.
+email:
+- caioergos@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/red_token_auth/application_controller.rb
+- app/helpers/red_token_auth/application_helper.rb
+- app/mailers/red_token_auth/application_mailer.rb
+- config/routes.rb
+- lib/red_token_auth.rb
+- lib/red_token_auth/configuration.rb
+- lib/red_token_auth/engine.rb
+- lib/red_token_auth/password.rb
+- lib/red_token_auth/sign_in_out.rb
+- lib/red_token_auth/validations.rb
+- lib/red_token_auth/version.rb
+homepage: 
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: Simple token based authentication interface.
+test_files: []