red_token_auth 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +56 -16
- data/lib/red_token_auth/authentication.rb +11 -0
- data/lib/red_token_auth/controllers/authentication.rb +42 -0
- data/lib/red_token_auth/password.rb +7 -7
- data/lib/red_token_auth/sign_in_out.rb +4 -3
- data/lib/red_token_auth/validations.rb +3 -1
- data/lib/red_token_auth/version.rb +1 -1
- data/lib/red_token_auth.rb +4 -0
- metadata +5 -4
- data/app/controllers/red_token_auth/application_controller.rb +0 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: be3fa05a1918b464de14937ad07e9b3d5a5bd7ca
|
4
|
+
data.tar.gz: e88513a3098f8b8eba8ea10bfdb566c328907f62
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 6ac13fb888f2db7a574c5093339dd7991b6443d0ec6e75d3a87245aac87be0a96118c928b635c6b5cdec3823fc5f76ac901abc0a8e669c182a07bdb8337aa6c0
|
7
|
+
data.tar.gz: e56a24604e4f56c71f9eef07795317779aa129cc863aeaa5ab89b7eeacdba37e2e28b1b2ba69202f9a4c2fba50dcf928add5588e8cb010cb61c72e1279ec3f8d
|
data/README.md
CHANGED
@@ -29,57 +29,97 @@ $ gem install red_token_auth
|
|
29
29
|
|
30
30
|
```
|
31
31
|
## Usage
|
32
|
-
You'll be able to include the module in the model like so
|
32
|
+
You'll be able to include the module in the model like so.
|
33
|
+
|
34
|
+
(Pay attention to the fields, because **ALL** of them are **REQUIRED** for the proper use of this gem.
|
33
35
|
```ruby
|
34
36
|
class User
|
35
37
|
include Mongoid::Document
|
36
38
|
include RedTokenAuth
|
39
|
+
|
40
|
+
# Mandatory fields for this gem.
|
41
|
+
field :email, type: String
|
42
|
+
field :password_digest, type: String
|
43
|
+
field :reset_password_token, type: String
|
44
|
+
field :reset_password_token_sent_at, type: Time
|
45
|
+
field :authentication_token, type: String
|
46
|
+
end
|
47
|
+
```
|
48
|
+
|
49
|
+
And you must include other module in your controller:
|
50
|
+
```ruby
|
51
|
+
class ApplicationController < ActionController::API
|
52
|
+
include RedTokenAuth::Controllers::Authentication
|
37
53
|
end
|
38
54
|
```
|
55
|
+
|
56
|
+
Authenticating the user:
|
57
|
+
```ruby
|
58
|
+
class UsersController < ApplicationController
|
59
|
+
before_action only: [:update] { authenticate! :admin }
|
60
|
+
before_action only: [:show] { authenticate! :user }
|
61
|
+
|
62
|
+
def update
|
63
|
+
@admin = current_admin
|
64
|
+
# Code ...
|
65
|
+
end
|
66
|
+
|
67
|
+
def show
|
68
|
+
@user = current_user
|
69
|
+
end
|
70
|
+
end
|
71
|
+
```
|
72
|
+
By using the `authenticate!(:user)` in your controller, you'll have access to `current_user`.
|
73
|
+
|
39
74
|
### Included methods
|
40
75
|
* `User#sign_in`
|
41
|
-
|
76
|
+
|
42
77
|
It'll return `true` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
|
43
|
-
|
78
|
+
|
44
79
|
```ruby
|
45
80
|
user.sign_in("password")
|
46
81
|
```
|
47
|
-
|
82
|
+
|
48
83
|
* `User#sign_out`
|
49
|
-
|
84
|
+
|
50
85
|
If the token matches the user `authentication_token`, it'll be set to `nil` and return `true`. If it doesn't match, errors will be added to `User#errors` and false will be returned.
|
51
|
-
|
86
|
+
|
52
87
|
```ruby
|
53
88
|
user.sign_out("auth_token")
|
54
89
|
```
|
55
|
-
|
90
|
+
|
56
91
|
* `User#generate_password_token`
|
57
|
-
|
92
|
+
|
58
93
|
A random token will be generated and stored in `User#reset_password_token`. You'll probably be sending this token to the user via email or push notifications so they can then change their password.
|
59
|
-
|
94
|
+
|
60
95
|
```ruby
|
61
96
|
user.generate_password_token
|
62
97
|
```
|
63
|
-
|
98
|
+
|
64
99
|
* `User#update_password`
|
65
|
-
|
100
|
+
|
66
101
|
This method is used when the user wants to update their password. If the current password doesn't match errors will be added to `User#errors` and false will be returned. Otherwise it'll return `true`.
|
67
102
|
```ruby
|
68
103
|
user.update_password(current_password: "password", password: "new_password", password_confirmation: "new_password")
|
69
104
|
```
|
70
|
-
|
105
|
+
|
71
106
|
* `User#reset_password`
|
72
107
|
|
73
108
|
This method is used after the `User#generate_password_token` and the `User#reset_password_token` now stores a token.
|
74
109
|
```ruby
|
75
110
|
user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
|
76
111
|
```
|
77
|
-
|
78
112
|
|
79
|
-
|
80
|
-
|
81
|
-
|
113
|
+
### Configuring
|
114
|
+
```ruby
|
115
|
+
RedTokenAuth.configure do |config|
|
116
|
+
config.email_regex = /\A[^@\s]+@[^@\s]+\z/
|
117
|
+
config.password_regex = /\A(?=.*?[a-z])(?=.*?[0-9]).{0,}\z/
|
118
|
+
config.password_length = 8..20
|
119
|
+
end
|
120
|
+
```
|
82
121
|
|
83
122
|
## License
|
84
123
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
85
124
|
|
125
|
+
|
@@ -0,0 +1,42 @@
|
|
1
|
+
module RedTokenAuth
|
2
|
+
module Controllers
|
3
|
+
module Authentication
|
4
|
+
extend ActiveSupport::Concern
|
5
|
+
|
6
|
+
|
7
|
+
included do
|
8
|
+
# class UserController < ApplicationController
|
9
|
+
# before_action only: [:index] { authenticate! :user }
|
10
|
+
# end
|
11
|
+
def authenticate!(resource, options = {})
|
12
|
+
klass = resource.to_s.capitalize.constantize
|
13
|
+
|
14
|
+
#TODO: make this query configurable.
|
15
|
+
@resource = klass.where(email: request.headers["uid"]).first
|
16
|
+
|
17
|
+
unless @resource && @resource.authenticate_token(request.headers["access-token"])
|
18
|
+
render_unauthorized
|
19
|
+
end
|
20
|
+
|
21
|
+
define_methods(klass)
|
22
|
+
end
|
23
|
+
|
24
|
+
def resource_name(klass)
|
25
|
+
klass.to_s.downcase.to_sym
|
26
|
+
end
|
27
|
+
|
28
|
+
def render_unauthorized
|
29
|
+
render json: I18n.t("red_token_auth.messages.unauthorized"), status: :unauthorized
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
private
|
34
|
+
|
35
|
+
def define_methods(klass)
|
36
|
+
define_singleton_method(:"current_#{resource_name(klass)}") do
|
37
|
+
@resource
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
@@ -6,15 +6,14 @@ module RedTokenAuth
|
|
6
6
|
|
7
7
|
included do
|
8
8
|
include ActiveModel::SecurePassword
|
9
|
+
# Adds #password_confirmation and #authenticate.
|
10
|
+
# The model must have a field named #password_digest.
|
11
|
+
has_secure_password validations: false
|
9
12
|
|
10
13
|
# Attribute for updating password.
|
11
14
|
# Entity must pass current password in order to change its password.
|
12
15
|
attr_accessor :current_password
|
13
16
|
|
14
|
-
# Adds #password_confirmation and #authenticate.
|
15
|
-
# The model must have a field named #password_digest.
|
16
|
-
has_secure_password
|
17
|
-
|
18
17
|
def generate_reset_password_token
|
19
18
|
update(reset_password_token: random_token, reset_password_token_sent_at: Time.zone.now)
|
20
19
|
end
|
@@ -40,10 +39,11 @@ module RedTokenAuth
|
|
40
39
|
return false
|
41
40
|
end
|
42
41
|
end
|
43
|
-
end
|
44
42
|
|
45
|
-
|
46
|
-
|
43
|
+
def random_token
|
44
|
+
SecureRandom.hex(3)
|
45
|
+
end
|
47
46
|
end
|
47
|
+
|
48
48
|
end
|
49
49
|
end
|
@@ -11,7 +11,9 @@ module RedTokenAuth
|
|
11
11
|
format: RedTokenAuth.configuration.email_regex
|
12
12
|
validates :password,
|
13
13
|
format: RedTokenAuth.configuration.password_regex,
|
14
|
-
length: { in: RedTokenAuth.configuration.password_length }
|
14
|
+
length: { in: RedTokenAuth.configuration.password_length },
|
15
|
+
confirmation: true,
|
16
|
+
if: Proc.new { |entity| entity.password.present? }
|
15
17
|
end
|
16
18
|
end
|
17
19
|
end
|
data/lib/red_token_auth.rb
CHANGED
@@ -3,10 +3,13 @@ require "red_token_auth/engine"
|
|
3
3
|
|
4
4
|
require "red_token_auth/configuration"
|
5
5
|
|
6
|
+
require "red_token_auth/authentication"
|
6
7
|
require "red_token_auth/sign_in_out"
|
7
8
|
require "red_token_auth/password"
|
8
9
|
require "red_token_auth/validations"
|
9
10
|
|
11
|
+
require "red_token_auth/controllers/authentication"
|
12
|
+
|
10
13
|
module RedTokenAuth
|
11
14
|
extend ActiveSupport::Concern
|
12
15
|
|
@@ -15,6 +18,7 @@ module RedTokenAuth
|
|
15
18
|
end
|
16
19
|
|
17
20
|
included do
|
21
|
+
include Authentication
|
18
22
|
include SignInOut
|
19
23
|
include Password
|
20
24
|
include Validations
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: red_token_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Caio Ergos
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-05-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -147,12 +147,13 @@ files:
|
|
147
147
|
- MIT-LICENSE
|
148
148
|
- README.md
|
149
149
|
- Rakefile
|
150
|
-
- app/controllers/red_token_auth/application_controller.rb
|
151
150
|
- app/helpers/red_token_auth/application_helper.rb
|
152
151
|
- app/mailers/red_token_auth/application_mailer.rb
|
153
152
|
- config/routes.rb
|
154
153
|
- lib/red_token_auth.rb
|
154
|
+
- lib/red_token_auth/authentication.rb
|
155
155
|
- lib/red_token_auth/configuration.rb
|
156
|
+
- lib/red_token_auth/controllers/authentication.rb
|
156
157
|
- lib/red_token_auth/engine.rb
|
157
158
|
- lib/red_token_auth/password.rb
|
158
159
|
- lib/red_token_auth/sign_in_out.rb
|
@@ -178,7 +179,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
178
179
|
version: '0'
|
179
180
|
requirements: []
|
180
181
|
rubyforge_project:
|
181
|
-
rubygems_version: 2.
|
182
|
+
rubygems_version: 2.6.12
|
182
183
|
signing_key:
|
183
184
|
specification_version: 4
|
184
185
|
summary: Simple token based authentication for Mongoid.
|