red_token_auth 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/MIT-LICENSE +20 -0
- data/README.md +85 -0
- data/Rakefile +26 -0
- data/app/controllers/red_token_auth/application_controller.rb +5 -0
- data/app/helpers/red_token_auth/application_helper.rb +4 -0
- data/app/mailers/red_token_auth/application_mailer.rb +6 -0
- data/config/routes.rb +2 -0
- data/lib/red_token_auth/configuration.rb +15 -0
- data/lib/red_token_auth/engine.rb +10 -0
- data/lib/red_token_auth/password.rb +49 -0
- data/lib/red_token_auth/sign_in_out.rb +30 -0
- data/lib/red_token_auth/validations.rb +17 -0
- data/lib/red_token_auth/version.rb +3 -0
- data/lib/red_token_auth.rb +30 -0
- metadata +87 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 2118c6cedf39c2690b78ebd14872d47b26e30a1b
|
4
|
+
data.tar.gz: 555b4a301388fdb2a60f2f2700ec14eb0a209967
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: e5db59d84930e81ace65ec2f3c9a71425dfaa3da2c0bfbacae65e478527c1c9bf244c8d1d08d5b7e7f2fe72d435bc81836ee7eeadd9ceb47c521d65939944078
|
7
|
+
data.tar.gz: 3cf8f41d0459772eb7c5633920742e1bff591b74362c87d06a3fb2006b17df2bee5968739dd617f79766f2d60b181889927dfcd7ee61398459e550dfe57455e9
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright 2017 Caio Ergos
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,85 @@
|
|
1
|
+
# RedTokenAuth
|
2
|
+
|
3
|
+
### _This gem is currently under development._
|
4
|
+
|
5
|
+
Token based authentication gem for a Rails + Mongoid.
|
6
|
+
|
7
|
+
We decided to build this gem after trying to use some some other token authentication gems that needed Devise and it didn't work out well with Mongoid.
|
8
|
+
|
9
|
+
RedTokenAuth goal is to provide a simple authentication interface for Rails using Mongoid.
|
10
|
+
|
11
|
+
|
12
|
+
|
13
|
+
|
14
|
+
## Installation
|
15
|
+
Add this line to your application's Gemfile:
|
16
|
+
|
17
|
+
```ruby
|
18
|
+
gem 'red_token_auth'
|
19
|
+
```
|
20
|
+
|
21
|
+
And then execute:
|
22
|
+
```bash
|
23
|
+
$ bundle
|
24
|
+
```
|
25
|
+
|
26
|
+
Or install it yourself as:
|
27
|
+
```bash
|
28
|
+
$ gem install red_token_auth
|
29
|
+
|
30
|
+
```
|
31
|
+
## Usage
|
32
|
+
You'll be able to include the module in the model like so:
|
33
|
+
```ruby
|
34
|
+
class User
|
35
|
+
include Mongoid::Document
|
36
|
+
include RedTokenAuth
|
37
|
+
end
|
38
|
+
```
|
39
|
+
### Included methods
|
40
|
+
* `User#sign_in`
|
41
|
+
|
42
|
+
It'll return `true` if `"password"` matches the user password and an `authentication_token` will be generated for the user. If it doesn't match, errors will be added to `User#errors` and `false` will be returned.
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
user.sign_in("password")
|
46
|
+
```
|
47
|
+
|
48
|
+
* `User#sign_out`
|
49
|
+
|
50
|
+
If the token matches the user `authentication_token`, it'll be set to `nil` and return `true`. If it doesn't match, errors will be added to `User#errors` and false will be returned.
|
51
|
+
|
52
|
+
```ruby
|
53
|
+
user.sign_out("auth_token")
|
54
|
+
```
|
55
|
+
|
56
|
+
* `User#generate_password_token`
|
57
|
+
|
58
|
+
A random token will be generated and stored in `User#reset_password_token`. You'll probably be sending this token to the user via email or push notifications so they can then change their password.
|
59
|
+
|
60
|
+
```ruby
|
61
|
+
user.generate_password_token
|
62
|
+
```
|
63
|
+
|
64
|
+
* `User#update_password`
|
65
|
+
|
66
|
+
This method is used when the user wants to update their password. If the current password doesn't match errors will be added to `User#errors` and false will be returned. Otherwise it'll return `true`.
|
67
|
+
```ruby
|
68
|
+
user.update_password(current_password: "password", password: "new_password", password_confirmation: "new_password")
|
69
|
+
```
|
70
|
+
|
71
|
+
* `User#reset_password`
|
72
|
+
|
73
|
+
This method is used after the `User#generate_password_token` and the `User#reset_password_token` now stores a token.
|
74
|
+
```ruby
|
75
|
+
user.reset_password(reset_password_token: "token", password: "new_password", password_confirmation: "new_password")
|
76
|
+
```
|
77
|
+
|
78
|
+
|
79
|
+
|
80
|
+
## Contributing
|
81
|
+
To do.
|
82
|
+
|
83
|
+
## License
|
84
|
+
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
85
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
begin
|
2
|
+
require 'bundler/setup'
|
3
|
+
rescue LoadError
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
5
|
+
end
|
6
|
+
|
7
|
+
require 'rdoc/task'
|
8
|
+
|
9
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
10
|
+
rdoc.rdoc_dir = 'rdoc'
|
11
|
+
rdoc.title = 'RedTokenAuth'
|
12
|
+
rdoc.options << '--line-numbers'
|
13
|
+
rdoc.rdoc_files.include('README.md')
|
14
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
15
|
+
end
|
16
|
+
|
17
|
+
APP_RAKEFILE = File.expand_path("../spec/test_app/Rakefile", __FILE__)
|
18
|
+
load 'rails/tasks/engine.rake'
|
19
|
+
|
20
|
+
|
21
|
+
load 'rails/tasks/statistics.rake'
|
22
|
+
|
23
|
+
|
24
|
+
|
25
|
+
require 'bundler/gem_tasks'
|
26
|
+
|
data/config/routes.rb
ADDED
@@ -0,0 +1,15 @@
|
|
1
|
+
module RedTokenAuth
|
2
|
+
class Configuration
|
3
|
+
attr_accessor :email_regex
|
4
|
+
attr_accessor :password_regex
|
5
|
+
attr_accessor :password_length
|
6
|
+
|
7
|
+
def initialize
|
8
|
+
# Basically, just make sure there only one "@" in the email.
|
9
|
+
@email_regex = /\A[^@\s]+@[^@\s]+\z/
|
10
|
+
# Make sure there is at least one character and one number.
|
11
|
+
@password_regex = /\A(?=.*?[a-z])(?=.*?[0-9]).{0,}\z/
|
12
|
+
@password_length = 8..20
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require "securerandom"
|
2
|
+
|
3
|
+
module RedTokenAuth
|
4
|
+
module Password
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
include ActiveModel::SecurePassword
|
9
|
+
|
10
|
+
# Attribute for updating password.
|
11
|
+
# Entity must pass current password in order to change its password.
|
12
|
+
attr_accessor :current_password
|
13
|
+
|
14
|
+
# Adds #password_confirmation and #authenticate.
|
15
|
+
# The model must have a field named #password_digest.
|
16
|
+
has_secure_password
|
17
|
+
|
18
|
+
def generate_reset_password_token
|
19
|
+
update(reset_password_token: random_token, reset_password_token_sent_at: Time.zone.now)
|
20
|
+
end
|
21
|
+
|
22
|
+
def update_password(params = {})
|
23
|
+
if authenticate(params[:current_password]) && !params[:current_password].blank?
|
24
|
+
update(password: params[:password], password_confirmation: params[:password_confirmation])
|
25
|
+
else
|
26
|
+
#HACK: It would be nicer if this logic was inside a validation.
|
27
|
+
#TODO: Add message yml.
|
28
|
+
errors.add(:current_password, :wrong_password)
|
29
|
+
return false
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def reset_password(params = {})
|
34
|
+
if params[:reset_password_token] == reset_password_token
|
35
|
+
update(password: params[:password], password_confirmation: params[:password_confirmation], reset_password_token_sent_at: nil)
|
36
|
+
else
|
37
|
+
#HACK: It would be nicer if this logic was inside a validation.
|
38
|
+
#TODO: Add message yml.
|
39
|
+
errors.add(:current_password, :wrong_reset_password_token)
|
40
|
+
return false
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def random_token
|
46
|
+
SecureRandom.hex(3)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require "securerandom"
|
2
|
+
|
3
|
+
module RedTokenAuth
|
4
|
+
module SignInOut
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
def sign_in(password)
|
9
|
+
if authenticate(password)
|
10
|
+
update(authentication_token: random_token)
|
11
|
+
else
|
12
|
+
errors.add(:password, :wrong_password)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
def sign_out(auth_token)
|
17
|
+
if auth_token == authentication_token
|
18
|
+
update(authentication_token: nil)
|
19
|
+
else
|
20
|
+
errors.add(:authentication_token, :wrong_token)
|
21
|
+
false
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def random_token
|
28
|
+
SecureRandom.hex(30)
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "securerandom"
|
2
|
+
|
3
|
+
module RedTokenAuth
|
4
|
+
module Validations
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
include ActiveModel::SecurePassword
|
9
|
+
|
10
|
+
validates :email,
|
11
|
+
format: RedTokenAuth.configuration.email_regex
|
12
|
+
validates :password,
|
13
|
+
format: RedTokenAuth.configuration.password_regex,
|
14
|
+
length: { in: RedTokenAuth.configuration.password_length }
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require "red_token_auth/version"
|
2
|
+
require "red_token_auth/engine"
|
3
|
+
|
4
|
+
require "red_token_auth/configuration"
|
5
|
+
|
6
|
+
require "red_token_auth/sign_in_out"
|
7
|
+
require "red_token_auth/password"
|
8
|
+
require "red_token_auth/validations"
|
9
|
+
|
10
|
+
module RedTokenAuth
|
11
|
+
extend ActiveSupport::Concern
|
12
|
+
|
13
|
+
class << self
|
14
|
+
attr_writer :configuration
|
15
|
+
end
|
16
|
+
|
17
|
+
included do
|
18
|
+
include SignInOut
|
19
|
+
include Password
|
20
|
+
include Validations
|
21
|
+
end
|
22
|
+
|
23
|
+
def self.configuration
|
24
|
+
@configuration ||= Configuration.new
|
25
|
+
end
|
26
|
+
|
27
|
+
def self.configure
|
28
|
+
yield configuration
|
29
|
+
end
|
30
|
+
end
|
metadata
ADDED
@@ -0,0 +1,87 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: red_token_auth
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Caio Ergos
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2017-04-28 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rails
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 5.0.2
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 5.0.2
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: sqlite3
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ">="
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ">="
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
description: This does not aim to compete with Devise. It is intended to supply a
|
42
|
+
simple interface for database agnostic authentication.
|
43
|
+
email:
|
44
|
+
- caioergos@gmail.com
|
45
|
+
executables: []
|
46
|
+
extensions: []
|
47
|
+
extra_rdoc_files: []
|
48
|
+
files:
|
49
|
+
- MIT-LICENSE
|
50
|
+
- README.md
|
51
|
+
- Rakefile
|
52
|
+
- app/controllers/red_token_auth/application_controller.rb
|
53
|
+
- app/helpers/red_token_auth/application_helper.rb
|
54
|
+
- app/mailers/red_token_auth/application_mailer.rb
|
55
|
+
- config/routes.rb
|
56
|
+
- lib/red_token_auth.rb
|
57
|
+
- lib/red_token_auth/configuration.rb
|
58
|
+
- lib/red_token_auth/engine.rb
|
59
|
+
- lib/red_token_auth/password.rb
|
60
|
+
- lib/red_token_auth/sign_in_out.rb
|
61
|
+
- lib/red_token_auth/validations.rb
|
62
|
+
- lib/red_token_auth/version.rb
|
63
|
+
homepage:
|
64
|
+
licenses:
|
65
|
+
- MIT
|
66
|
+
metadata: {}
|
67
|
+
post_install_message:
|
68
|
+
rdoc_options: []
|
69
|
+
require_paths:
|
70
|
+
- lib
|
71
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
77
|
+
requirements:
|
78
|
+
- - ">="
|
79
|
+
- !ruby/object:Gem::Version
|
80
|
+
version: '0'
|
81
|
+
requirements: []
|
82
|
+
rubyforge_project:
|
83
|
+
rubygems_version: 2.5.1
|
84
|
+
signing_key:
|
85
|
+
specification_version: 4
|
86
|
+
summary: Simple token based authentication interface.
|
87
|
+
test_files: []
|