ru.Bee 2.2.0 → 2.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/inits/charged_hash.rb +22 -0
- data/lib/rubee/controllers/extensions/auth_tokenable.rb +2 -2
- data/lib/rubee/controllers/middlewares/auth_token_middleware.rb +3 -3
- data/lib/rubee.rb +1 -1
- data/lib/tests/controllers/auth_tokenable_test.rb +2 -2
- data/lib/tests/test.db +0 -0
- data/readme.md +49 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 48d957ceb9eadc87893584969f6bb3fba784ed2f8d348acf8f7741bcfba1c345
|
|
4
|
+
data.tar.gz: 01f3ec0459b20095934ff5848ddfee75be62a72cb80ce6bfb9c5bfa44ba3614c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 86961f349607ca22989c7d963c829c41e84e4fa9a6620198b4715444bf5dda83d8bf3fa25652cd4f6a32bbc7dfb20f9629efbf8baa61a530c45b3f7947b48aac
|
|
7
|
+
data.tar.gz: af077aced4ecbc32d28c3d4c31069b7bc2740dfe969d043d6348461f6de7f9a72ee50b47d97719607295a0fa8096533e79d8cc8e98289db14d978a2d5dbcef89
|
data/lib/inits/charged_hash.rb
CHANGED
|
@@ -12,5 +12,27 @@ module ChargedHash
|
|
|
12
12
|
def wrap(value)
|
|
13
13
|
value.is_a?(Hash) ? value.extend(ChargedHash) : value
|
|
14
14
|
end
|
|
15
|
+
|
|
16
|
+
def keys_to_string!
|
|
17
|
+
keys_to(:string, self)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def keys_to_sym!
|
|
21
|
+
keys_to(:symbol, self)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def keys_to(type, obj)
|
|
25
|
+
case obj
|
|
26
|
+
when Hash
|
|
27
|
+
obj.each_with_object({}) do |(k, v), result|
|
|
28
|
+
key = k.to_s
|
|
29
|
+
result[key] = keys_to(type, v)
|
|
30
|
+
end
|
|
31
|
+
when Array
|
|
32
|
+
obj.map { |v| keys_to(type, v) }
|
|
33
|
+
else
|
|
34
|
+
obj
|
|
35
|
+
end
|
|
36
|
+
end
|
|
15
37
|
end
|
|
16
38
|
end
|
|
@@ -34,7 +34,7 @@ module Rubee
|
|
|
34
34
|
elsif @request.cookies['jwt'] && valid_token?
|
|
35
35
|
token = @request.cookies['jwt']
|
|
36
36
|
hash = ::JWT.decode(token, Rubee::AuthTokenable::KEY, true, { algorithm: 'HS256' })
|
|
37
|
-
@authentificated_user ||=
|
|
37
|
+
@authentificated_user ||= user_model.where(login => hash[0]["login"][login.to_s]).first
|
|
38
38
|
end
|
|
39
39
|
end
|
|
40
40
|
|
|
@@ -42,7 +42,7 @@ module Rubee
|
|
|
42
42
|
return false unless authentificated_user(user_model:, login:, password:)
|
|
43
43
|
|
|
44
44
|
# Generate token
|
|
45
|
-
payload = {
|
|
45
|
+
payload = { login: { login => params[login] }, klass: user_model.name, exp: Time.now.to_i + EXPIRE }
|
|
46
46
|
@token = ::JWT.encode(payload, KEY, 'HS256')
|
|
47
47
|
# Set jwt token to the browser within cookie, so next browser request will include it.
|
|
48
48
|
# make sure it passed to response_with headers options
|
|
@@ -27,11 +27,11 @@ module Rubee
|
|
|
27
27
|
|
|
28
28
|
def valid_token?(token)
|
|
29
29
|
return false unless token
|
|
30
|
-
|
|
31
30
|
hash = decode_jwt(token)
|
|
32
|
-
|
|
31
|
+
login_params = hash[:login]
|
|
32
|
+
klass = hash[:klass]&.split('::')&.inject(Object) { |o, c| o.const_get(c) }
|
|
33
33
|
|
|
34
|
-
|
|
34
|
+
klass&.where(login_params.transform_keys(&:to_sym))&.any?
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def decode_jwt(token)
|
data/lib/rubee.rb
CHANGED
|
@@ -17,7 +17,7 @@ module Rubee
|
|
|
17
17
|
CSS_DIR = File.join(APP_ROOT, LIB, 'css') unless defined?(CSS_DIR)
|
|
18
18
|
ROOT_PATH = File.expand_path(File.join(__dir__, '..')) unless defined?(ROOT_PATH)
|
|
19
19
|
|
|
20
|
-
VERSION = '2.2.
|
|
20
|
+
VERSION = '2.2.2'
|
|
21
21
|
|
|
22
22
|
require_relative 'rubee/router'
|
|
23
23
|
require_relative 'rubee/logger'
|
|
@@ -68,7 +68,7 @@ class AuthTokenableTest < Minitest::Test
|
|
|
68
68
|
route.get('/testtwo/show', to: 'testtwo#show')
|
|
69
69
|
end
|
|
70
70
|
User.create(email: '9oU8S@example.com', password: '123456')
|
|
71
|
-
Client.create(name: '
|
|
71
|
+
Client.create(name: '9o@example.com', digest_password: '123456')
|
|
72
72
|
end
|
|
73
73
|
|
|
74
74
|
def test_test_controller_included_auth_tokenable
|
|
@@ -92,7 +92,7 @@ class AuthTokenableTest < Minitest::Test
|
|
|
92
92
|
end
|
|
93
93
|
|
|
94
94
|
def test_test_controller_included_auth_tokenable_authenticated_custom_model
|
|
95
|
-
post('/testtwo/login', { name: '
|
|
95
|
+
post('/testtwo/login', { name: '9o@example.com', digest_password: '123456' })
|
|
96
96
|
rack_mock_session.cookie_jar["jwt"] = last_response.cookies["jwt"].value.last
|
|
97
97
|
get('/testtwo/show')
|
|
98
98
|
|
data/lib/tests/test.db
CHANGED
|
Binary file
|
data/readme.md
CHANGED
|
@@ -978,6 +978,7 @@ rubee db run:create_users
|
|
|
978
978
|
This will create table users and initiate first user with demo credentials.
|
|
979
979
|
email: "ok@ok.com", password: "password"
|
|
980
980
|
Feel free to customize it in the /db/create_users.rb file before running migration.
|
|
981
|
+
Please note user model is default but are free to use any model you need. See more examples below.
|
|
981
982
|
|
|
982
983
|
Then in the controller you can include the AuthTokenable module and use its methods:
|
|
983
984
|
```ruby
|
|
@@ -1015,6 +1016,54 @@ class UsersController < Rubee::BaseController
|
|
|
1015
1016
|
end
|
|
1016
1017
|
end
|
|
1017
1018
|
```
|
|
1019
|
+
For security reason it is recommended to initialize JWT_KEY while starting ru.Bee application.
|
|
1020
|
+
```bash
|
|
1021
|
+
JWT_KEY=SDJwer0wer23j rubee start
|
|
1022
|
+
```
|
|
1023
|
+
User is a default model for validation but using it is not a mandatory. You can use any model you need by
|
|
1024
|
+
passing arguments to authentificate! and unauthentificate! methods.
|
|
1025
|
+
|
|
1026
|
+
```ruby
|
|
1027
|
+
class Client < Sequel::Model
|
|
1028
|
+
attr_accessor :id, :name, :digest_password, :created, :updated
|
|
1029
|
+
end
|
|
1030
|
+
|
|
1031
|
+
class ClientController < Rubee::BaseController
|
|
1032
|
+
include Rubee::AuthTokenable
|
|
1033
|
+
# List methods you want to restrict
|
|
1034
|
+
auth_methods :index
|
|
1035
|
+
|
|
1036
|
+
# GET /clinets/login (login form page)
|
|
1037
|
+
def edit
|
|
1038
|
+
response_with
|
|
1039
|
+
end
|
|
1040
|
+
|
|
1041
|
+
# POST /clients/login (login logic)
|
|
1042
|
+
def login
|
|
1043
|
+
if authentificate! user_model: Client, login: :name, password: :digest_password
|
|
1044
|
+
response_with type: :redirect, to: "/clinets", headers: @token_header
|
|
1045
|
+
else
|
|
1046
|
+
@error = "Wrong login or password"
|
|
1047
|
+
response_with render_view: "clinets_edit"
|
|
1048
|
+
end
|
|
1049
|
+
end
|
|
1050
|
+
|
|
1051
|
+
# POST /clinets/logout
|
|
1052
|
+
def logout
|
|
1053
|
+
unauthentificate! user_model: Client, login: :name, password: :digest_password
|
|
1054
|
+
response_with type: :redirect, to: "/clients/login", headers: @zeroed_token_header
|
|
1055
|
+
end
|
|
1056
|
+
|
|
1057
|
+
# GET /clinets (restricted endpoint)
|
|
1058
|
+
def index
|
|
1059
|
+
response_with object: Client.all, type: :json
|
|
1060
|
+
end
|
|
1061
|
+
end
|
|
1062
|
+
|
|
1063
|
+
```
|
|
1064
|
+
|
|
1065
|
+
[Back to content](#content)
|
|
1066
|
+
|
|
1018
1067
|
## OAuth authentification
|
|
1019
1068
|
If you want to plug in the OAuth 2.0 authentication, you can use the following code using OAuth2 gem:
|
|
1020
1069
|
First thing you need to do is to add the gem to your Gemfile
|