ru.Bee 2.1.1 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc6a4fbeb28a460ca66f75ccf1f5c97fe1572f422392f9ee1b72d082e05cb287
-  data.tar.gz: f4dbeaf7338af243f6e225a2a798a87de75b001fa4196bed94345d78887ba8ea
+  metadata.gz: 79e7b11e20b2e610c5559d28354d950b38a71e1bd19731b86f962ccc2f6851b0
+  data.tar.gz: 27b7137b3328a511782c412efd960aa68c93c3ac54f261383014390f45bea3d1
 SHA512:
-  metadata.gz: 996510c80521425797e17a1b641d767d6319877e127883692d519457c7573835ae2670a8ed17950f302b1934a0aae1270d8b065acfee079341935ddb8964a26f
-  data.tar.gz: 75a8ab899d3c98fd492a30ec5501982526318387c9214b78ebdf57ec2c39a91778268283db82cbeb5ae9072aa4c62507b1d175423e7f86beec892cddfea0bb90
+  metadata.gz: 05ac2caaca3d97b2c6eca2ba86848956406a68a871f30f9529be79ed95681f50f8beacadd32b0a0c537fbb6dd68581aeaaae2403804948526b83bad77e2657c5
+  data.tar.gz: 57cdb088e5165d4374a929969b890443594f765f296ea80adc722be6ef232a6d98cec5d07ffb86890692fdefa94089c5509b3a5d9a2fb3cf7e0be761b5787153

data/lib/db/create_clients.rb

@@ -0,0 +1,15 @@
+class CreateClients
+  def call
+    return if Rubee::SequelObject::DB.tables.include?(:clients)
+
+    Rubee::SequelObject::DB.create_table(:clients) do
+      primary_key(:id)
+      String(:name)
+      String(:digest_password)
+      index(:name)
+      # timestamps
+      datetime(:created)
+      datetime(:updated)
+    end
+  end
+end

data/lib/rubee/controllers/extensions/auth_tokenable.rb

@@ -3,7 +3,7 @@ require 'date'
 
 module Rubee
   module AuthTokenable
-    KEY = "secret#{Date.today}".freeze unless defined?(KEY) # Feel free to cusomtize it
+    KEY ="secret#{ENV['JWT_KEY']}#{Date.today}".freeze unless defined?(KEY) # Feel free to cusomtize it
     EXPIRE = 3600 unless defined?(EXPIRE)
 
     def self.included(base)
@@ -27,22 +27,22 @@ module Rubee
         @request.env['rack.session']&.[]('authentificated')
       end
 
-      def authentificated_user
-        # User model must be created with email and password properties at least
-        if params[:email] && params[:password]
-          @authentificated_user ||= ::User.where(email: params[:email], password: params[:password]).first
+      def authentificated_user(user_model: ::User, login: :email, password: :password)
+        if params[login] && params[password]
+          query_params = { login => params[login], password => params[password] }
+          @authentificated_user ||= user_model.where(query_params).first
         elsif @request.cookies['jwt'] && valid_token?
           token = @request.cookies['jwt']
           hash = ::JWT.decode(token, Rubee::AuthTokenable::KEY, true, { algorithm: 'HS256' })
-          @authentificated_user ||= ::User.where(email: hash[0]['username']).first
+          @authentificated_user ||= user_model.where(login => hash[0][login]).first
         end
       end
 
-      def authentificate!
-        return false unless authentificated_user
+      def authentificate!(user_model: ::User, login: :email, password: :password)
+        return false unless authentificated_user(user_model:, login:, password:)
 
         # Generate token
-        payload = { username: params[:email], exp: Time.now.to_i + EXPIRE }
+        payload = { login: { login => params[login] }, klass: user_model.name, exp: Time.now.to_i + EXPIRE }
         @token = ::JWT.encode(payload, KEY, 'HS256')
         # Set jwt token to the browser within cookie, so next browser request will include it.
         # make sure it passed to response_with headers options

data/lib/rubee/controllers/middlewares/auth_token_middleware.rb

@@ -27,11 +27,11 @@ module Rubee
 
     def valid_token?(token)
       return false unless token
-
       hash = decode_jwt(token)
-      email = hash[:username]
+      login_params = hash[:login]
+      klass = hash[:klass]&.split('::')&.inject(Object) { |o, c| o.const_get(c) }
 
-      ::User.where(email:)&.any? if email
+      klass&.where(login_params.transform_keys(&:to_sym))&.any?
     end
 
     def decode_jwt(token)

data/lib/rubee.rb

@@ -17,7 +17,7 @@ module Rubee
   CSS_DIR = File.join(APP_ROOT, LIB, 'css') unless defined?(CSS_DIR)
   ROOT_PATH = File.expand_path(File.join(__dir__, '..')) unless defined?(ROOT_PATH)
 
-  VERSION = '2.1.1'
+  VERSION = '2.2.1'
 
   require_relative 'rubee/router'
   require_relative 'rubee/logger'

data/lib/tests/controllers/auth_tokenable_test.rb

@@ -1,5 +1,55 @@
 require_relative '../test_helper'
 
+class TestController < Rubee::BaseController
+  include(Rubee::AuthTokenable)
+  auth_methods(:show)
+  def show
+    response_with(type: :json, object: { ok: :ok })
+  end
+
+  # POST /test/login (login logic)
+  def login
+    if authentificate! # AuthTokenable method that init @token_header
+      # Redirect to restricted area, make sure headers: @token_header is passed
+      response_with(type: :json, object: { ok: :ok }, headers: @token_header)
+    else
+      @error = "Wrong email or password"
+      response_with(type: :json, object: { error: 'user unauthenticated' }, status: :unauthenticated)
+    end
+  end
+
+  # POST /test/logout (logout logic)
+  def logout
+    unauthentificate! # AuthTokenable method aimed to handle logout action.
+    # Make sure @zeroed_token_header is paRssed within headers options
+    response_with(type: :json, object: { ok: 'logged out' }, headers: @zeroed_token_header)
+  end
+end
+
+class TesttwoController < Rubee::BaseController
+  include(Rubee::AuthTokenable)
+  auth_methods(:show)
+  def show
+    response_with(type: :json, object: { ok: :ok })
+  end
+
+  # POST /testtwo/login (login logic)
+  def login
+    if authentificate!(user_model: Client, login: :name, password: :digest_password)
+      response_with(type: :json, object: { ok: :ok }, headers: @token_header)
+    else
+      @error = "Wrong email or password"
+      response_with(type: :json, object: { error: 'user unauthenticated' }, status: :unauthenticated)
+    end
+  end
+
+  # POST /testtwo/logout (logout logic)
+  def logout
+    unauthentificate!(user_model: Client, login: :name, password: :digest_password)
+    response_with(type: :json, object: { ok: 'logged out' }, headers: @zeroed_token_header)
+  end
+end
+
 class AuthTokenableTest < Minitest::Test
   include Rack::Test::Methods
 
@@ -9,21 +59,43 @@ class AuthTokenableTest < Minitest::Test
 
   def setup
     Rubee::Autoload.call
+    Rubee::Router.draw do |route|
+      route.post('/test/login', to: 'test#login')
+      route.post('/test/logout', to: 'test#logout')
+      route.get('/test/show', to: 'test#show')
+      route.post('/testtwo/login', to: 'testtwo#login')
+      route.post('/testtwo/logout', to: 'testtwo#logout')
+      route.get('/testtwo/show', to: 'testtwo#show')
+    end
+    User.create(email: '9oU8S@example.com', password: '123456')
+    Client.create(name: '9o@example.com', digest_password: '123456')
   end
 
-  def teardown
-    # detach auth methods
-    return unless WelcomeController.instance_variable_defined?(:@auth_methods)
+  def test_test_controller_included_auth_tokenable
+    get('/test/show')
 
-    WelcomeController.send(:remove_instance_variable, :@auth_methods)
+    assert_equal(last_response.status, 401)
   end
 
-  def test_welcome_controller_included_auth_tokenable
-    WelcomeController.include(Rubee::AuthTokenable)
-    WelcomeController.auth_methods(:show)
+  def test_test_controller_included_auth_tokenable_authenticated
+    post('/test/login', { email: '9oU8S@example.com', password: '123456' })
+    rack_mock_session.cookie_jar["jwt"] = last_response.cookies["jwt"].value.last
+    get('/test/show')
 
-    get('/')
+    assert_equal(last_response.status, 200)
+  end
+
+  def test_test_controller_included_auth_tokenable_unauthenticated_custom_model
+    get('/testtwo/show')
 
     assert_equal(last_response.status, 401)
   end
+
+  def test_test_controller_included_auth_tokenable_authenticated_custom_model
+    post('/testtwo/login', { name: '9o@example.com', digest_password: '123456' })
+    rack_mock_session.cookie_jar["jwt"] = last_response.cookies["jwt"].value.last
+    get('/testtwo/show')
+
+    assert_equal(last_response.status, 200)
+  end
 end

data/lib/tests/example_models/client.rb

@@ -0,0 +1,3 @@
+class Client < Rubee::SequelObject
+  attr_accessor :id, :name, :digest_password, :created, :updated
+end

data/readme.md

@@ -151,14 +151,14 @@ cd my_project
 
 ***Prerequisites***<br />
 Make sure:
-**Ruby** language (3.1>) is installed
+**Ruby** language (3.1 or higher, 3.4.1 recommended) is installed
 **Bundler** is installed
 
 ```bash
 bundle install
 ```
 
-4. Run RUBER server. Default port is 7000
+4. Run ru.Bee server. Default port is 7000
 ```bash
 rubee start # or rubee start_dev for development
 
@@ -978,6 +978,7 @@ rubee db run:create_users
 This will create table users and initiate first user with demo credentials.
 email: "ok@ok.com", password: "password"
 Feel free to customize it in the /db/create_users.rb file before running migration.
+Please note user model is default but are free to use any model you need. See more examples below.
 
 Then in the controller you can include the AuthTokenable module and use its methods:
 ```ruby
@@ -1015,6 +1016,54 @@ class UsersController < Rubee::BaseController
   end
 end
 ```
+For security reason it is recommended to initialize JWT_KEY while starting ru.Bee application.
+```bash
+JWT_KEY=SDJwer0wer23j rubee start
+```
+User is a default model for validation but using it is not a mandatory. You can use any model you need by
+passing arguments to authentificate! and unauthentificate! methods.
+
+```ruby
+class Client < Sequel::Model
+  attr_accessor :id, :name, :digest_password, :created, :updated
+end
+
+class ClientController < Rubee::BaseController
+  include Rubee::AuthTokenable
+  # List methods you want to restrict
+  auth_methods :index
+
+  # GET /clinets/login (login form page)
+  def edit
+    response_with
+  end
+
+  # POST /clients/login (login logic)
+  def login
+    if authentificate! user_model: Client, login: :name, password: :digest_password
+      response_with type: :redirect, to: "/clinets", headers: @token_header
+    else
+      @error = "Wrong login or password"
+      response_with render_view: "clinets_edit"
+    end
+  end
+
+  # POST /clinets/logout
+  def logout
+    unauthentificate! user_model: Client, login: :name, password: :digest_password
+    response_with type: :redirect, to: "/clients/login", headers: @zeroed_token_header
+  end
+
+  # GET /clinets (restricted endpoint)
+  def index
+    response_with object: Client.all, type: :json
+  end
+end
+
+```
+
+[Back to content](#content)
+
 ## OAuth authentification
 If you want to plug in the OAuth 2.0 authentication, you can use the following code using OAuth2 gem:
 First thing you need to do is to add the gem to your Gemfile

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ru.Bee
 version: !ruby/object:Gem::Version
-  version: 2.1.1
+  version: 2.2.1
 platform: ruby
 authors:
 - Oleg Saltykov
@@ -58,6 +58,7 @@ files:
 - lib/css/app.css
 - lib/db/create_accounts.rb
 - lib/db/create_addresses.rb
+- lib/db/create_clients.rb
 - lib/db/create_comments.rb
 - lib/db/create_posts.rb
 - lib/db/create_users.rb
@@ -280,6 +281,7 @@ files:
 - lib/tests/controllers/users_controller_test.rb
 - lib/tests/example_models/account.rb
 - lib/tests/example_models/address.rb
+- lib/tests/example_models/client.rb
 - lib/tests/example_models/comment.rb
 - lib/tests/example_models/post.rb
 - lib/tests/example_models/user.rb