red_token_auth 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b496dce49000d1008e6a2db98bd47df50da550bf
-  data.tar.gz: 4b3e7d18f74ef7200b58e746a1f0d3ed6bef804a
+  metadata.gz: be3fa05a1918b464de14937ad07e9b3d5a5bd7ca
+  data.tar.gz: e88513a3098f8b8eba8ea10bfdb566c328907f62
 SHA512:
-  metadata.gz: f8b515ac5518c5486e40c799c787873d094826e2eadf1326f30a9576f1de1e2ccd58c42beec88ded81a2b8bc505fad5eca501a31613d470e05b0c178fd69d0a0
-  data.tar.gz: dd9617560284e2e576bd03428510a71cc63b05525e6258cd0c666c6525f4d02f43048611dc0e6602f45bb9552b10092e2efa15f817704b68c9b79c9602eb86e2
+  metadata.gz: 6ac13fb888f2db7a574c5093339dd7991b6443d0ec6e75d3a87245aac87be0a96118c928b635c6b5cdec3823fc5f76ac901abc0a8e669c182a07bdb8337aa6c0
+  data.tar.gz: e56a24604e4f56c71f9eef07795317779aa129cc863aeaa5ab89b7eeacdba37e2e28b1b2ba69202f9a4c2fba50dcf928add5588e8cb010cb61c72e1279ec3f8d

data/README.md

@@ -29,57 +29,97 @@ $ gem install red_token_auth
 
 ```
 ## Usage
-You'll be able to include the module in the model like so:
+You'll be able to include the module in the model like so.
+
+(Pay attention to the fields, because **ALL** of them are **REQUIRED** for the proper use of this gem.
 ```ruby
 class User
   include Mongoid::Document
   include RedTokenAuth
+  
+  # Mandatory fields for this gem.
+  field :email,                        type: String
+  field :password_digest,              type: String
+  field :reset_password_token,         type: String
+  field :reset_password_token_sent_at, type: Time
+  field :authentication_token,         type: String
+end
+```
+
+And you must include other module in your controller:
+```ruby
+class ApplicationController < ActionController::API
+  include RedTokenAuth::Controllers::Authentication
 end
 ```
+
+Authenticating the user:
+```ruby
+class UsersController < ApplicationController
+  before_action only: [:update] { authenticate! :admin }
+  before_action only: [:show]   { authenticate! :user }
+  
+  def update
+    @admin = current_admin
+    # Code ...
+  end
+  
+  def show
+    @user = current_user
+  end
+end
+```
+By using the `authenticate!(:user)` in your controller, you'll have access to `current_user`.
+
 ### Included methods
 * `User#sign_in`
-  
+
   It'll return `true` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
-  
+
   ```ruby
   user.sign_in("password")
   ```
-  
+
 * `User#sign_out`
-  
+
   If the token matches the user `authentication_token`, it'll be set to `nil` and return `true`. If it doesn't match, errors will be added to `User#errors` and false will be returned.
-  
+
   ```ruby
   user.sign_out("auth_token")
   ```
-  
+
 * `User#generate_password_token`
-  
+
   A random token will be generated and stored in `User#reset_password_token`. You'll probably be sending this token to the user via email or push notifications so they can then change their password.
-  
+
   ```ruby
   user.generate_password_token
   ```
-  
+
 * `User#update_password`
-  
+
   This method is used when the user wants to update their password. If the current password doesn't match errors will be added to `User#errors` and false will be returned. Otherwise it'll return `true`.
   ```ruby
   user.update_password(current_password: "password", password: "new_password", password_confirmation: "new_password")
   ```
-  
+
 * `User#reset_password`
 
   This method is used after the `User#generate_password_token` and the `User#reset_password_token` now stores a token.
   ```ruby
   user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
   ```
-  
 
-
-## Contributing
-To do.
+### Configuring
+```ruby
+RedTokenAuth.configure do |config|
+  config.email_regex = /\A[^@\s]+@[^@\s]+\z/
+  config.password_regex = /\A(?=.*?[a-z])(?=.*?[0-9]).{0,}\z/
+  config.password_length = 8..20
+end
+```
 
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
 
+

data/lib/red_token_auth/authentication.rb

@@ -0,0 +1,11 @@
+module RedTokenAuth
+  module Authentication
+    extend ActiveSupport::Concern
+
+    included do
+      def authenticate_token(token)
+        token == authentication_token
+      end
+    end
+  end
+end

data/lib/red_token_auth/controllers/authentication.rb

@@ -0,0 +1,42 @@
+module RedTokenAuth
+  module Controllers
+    module Authentication
+      extend ActiveSupport::Concern
+
+
+      included do
+        # class UserController < ApplicationController
+        #   before_action only: [:index] { authenticate! :user }
+        # end
+        def authenticate!(resource, options = {})
+          klass = resource.to_s.capitalize.constantize
+
+          #TODO: make this query configurable.
+          @resource = klass.where(email: request.headers["uid"]).first
+
+          unless @resource && @resource.authenticate_token(request.headers["access-token"])
+            render_unauthorized
+          end
+
+          define_methods(klass)
+        end
+
+        def resource_name(klass)
+          klass.to_s.downcase.to_sym
+        end
+
+        def render_unauthorized
+          render json: I18n.t("red_token_auth.messages.unauthorized"), status: :unauthorized
+        end
+      end
+
+      private
+
+      def define_methods(klass)
+        define_singleton_method(:"current_#{resource_name(klass)}") do
+          @resource
+        end
+      end
+    end
+  end
+end

data/lib/red_token_auth/password.rb

@@ -6,15 +6,14 @@ module RedTokenAuth
 
     included do
       include ActiveModel::SecurePassword
+      # Adds #password_confirmation and #authenticate.
+      # The model must have a field named #password_digest.
+      has_secure_password validations: false
 
       # Attribute for updating password.
       # Entity must pass current password in order to change its password.
       attr_accessor :current_password
 
-      # Adds #password_confirmation and #authenticate.
-      # The model must have a field named #password_digest.
-      has_secure_password
-
       def generate_reset_password_token
         update(reset_password_token: random_token, reset_password_token_sent_at: Time.zone.now)
       end
@@ -40,10 +39,11 @@ module RedTokenAuth
           return false
         end
       end
-    end
 
-    def random_token
-      SecureRandom.hex(3)
+      def random_token
+        SecureRandom.hex(3)
+      end
     end
+
   end
 end

data/lib/red_token_auth/sign_in_out.rb

@@ -22,9 +22,10 @@ module RedTokenAuth
         end
       end
     end
-  end
 
-  def random_token
-    SecureRandom.hex(30)
+    def random_token
+      SecureRandom.hex(30)
+    end
   end
+
 end

data/lib/red_token_auth/validations.rb

@@ -11,7 +11,9 @@ module RedTokenAuth
         format: RedTokenAuth.configuration.email_regex
       validates :password,
         format: RedTokenAuth.configuration.password_regex,
-        length: { in: RedTokenAuth.configuration.password_length }
+        length: { in: RedTokenAuth.configuration.password_length },
+        confirmation: true,
+        if: Proc.new { |entity| entity.password.present? }
     end
   end
 end

data/lib/red_token_auth/version.rb

@@ -1,3 +1,3 @@
 module RedTokenAuth
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 end

data/lib/red_token_auth.rb

@@ -3,10 +3,13 @@ require "red_token_auth/engine"
 
 require "red_token_auth/configuration"
 
+require "red_token_auth/authentication"
 require "red_token_auth/sign_in_out"
 require "red_token_auth/password"
 require "red_token_auth/validations"
 
+require "red_token_auth/controllers/authentication"
+
 module RedTokenAuth
   extend ActiveSupport::Concern
 
@@ -15,6 +18,7 @@ module RedTokenAuth
   end
 
   included do
+    include Authentication
     include SignInOut
     include Password
     include Validations

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: red_token_auth
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Caio Ergos
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-28 00:00:00.000000000 Z
+date: 2017-05-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -147,12 +147,13 @@ files:
 - MIT-LICENSE
 - README.md
 - Rakefile
-- app/controllers/red_token_auth/application_controller.rb
 - app/helpers/red_token_auth/application_helper.rb
 - app/mailers/red_token_auth/application_mailer.rb
 - config/routes.rb
 - lib/red_token_auth.rb
+- lib/red_token_auth/authentication.rb
 - lib/red_token_auth/configuration.rb
+- lib/red_token_auth/controllers/authentication.rb
 - lib/red_token_auth/engine.rb
 - lib/red_token_auth/password.rb
 - lib/red_token_auth/sign_in_out.rb
@@ -178,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Simple token based authentication for Mongoid.

data/app/controllers/red_token_auth/application_controller.rb

@@ -1,5 +0,0 @@
-module RedTokenAuth
-  class ApplicationController < ActionController::Base
-    protect_from_forgery with: :exception
-  end
-end