rughetto-merb-auth-remember-me 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- data/TODO +1 -4
- data/lib/merb-auth-remember-me.rb +19 -11
- data/lib/merb-auth-remember-me/strategies/remember_me.rb +12 -56
- metadata +4 -3
data/TODO
CHANGED
@@ -1,27 +1,35 @@
|
|
1
|
-
# make sure we're running inside Merb
|
2
1
|
if defined?(Merb::Plugins)
|
3
|
-
|
4
2
|
$:.unshift File.dirname(__FILE__)
|
5
3
|
|
6
4
|
# register the authentication strategy
|
7
5
|
require(File.expand_path(File.dirname(__FILE__) / "merb-auth-remember-me" / "mixins") / "authenticated_user")
|
8
6
|
strategy_path = File.expand_path(File.dirname(__FILE__)) / "merb-auth-remember-me" / "strategies"
|
7
|
+
Merb.logger.info('Registering and activating RememberMe strategy')
|
9
8
|
Merb::Authentication.register(:remember_me, strategy_path / "remember_me.rb")
|
9
|
+
Merb::Authentication.activate!(:remember_me) # and activate it
|
10
10
|
|
11
11
|
# Plugin configurations
|
12
|
-
Merb::Plugins.config[:merb_auth_remember_me] = { }
|
13
|
-
|
14
|
-
Merb::BootLoader.before_app_loads do
|
15
|
-
end
|
12
|
+
Merb::Plugins.config[:merb_auth_remember_me] = {:include_model_methods => true }
|
16
13
|
|
17
14
|
Merb::BootLoader.after_app_loads do
|
18
15
|
Merb::Authentication.after_authentication do |user,request,params|
|
19
16
|
if params[:remember_me] == "1"
|
20
17
|
user.remember_me
|
21
|
-
request.cookies.set_cookie(
|
18
|
+
request.cookies.set_cookie(
|
19
|
+
:auth_token,
|
20
|
+
user.remember_token,
|
21
|
+
:expires => user.remember_token_expires_at.to_time
|
22
|
+
)
|
22
23
|
end
|
23
24
|
user
|
24
|
-
end
|
25
|
-
|
26
|
-
|
27
|
-
|
25
|
+
end # Merb::Authentication.after_authentication
|
26
|
+
|
27
|
+
Merb::Authentication.user_class.class_eval do
|
28
|
+
if Merb::Plugins.config[:merb_auth_remember_me][:include_model_methods]
|
29
|
+
Merb.logger.info("Including RememberMe Mixin in #{Merb::Authentication.user_class}.
|
30
|
+
To avoid this inclusion add 'Merb::Plugins.config[:merb_auth_remember_me][:include_model_methods] = false' in your config/init.rb before_app_loads method")
|
31
|
+
include Merb::Authentication::Mixins::AuthenticatedUser
|
32
|
+
end
|
33
|
+
end # Merb::Authentication.user_class.class_eval
|
34
|
+
end # Merb::BootLoader.after_app_loads
|
35
|
+
end # if defined?(Merb::Plugins)
|
@@ -1,56 +1,12 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
# Called from #current_user. Finaly, attempt to login by an expiring token in the cookie.
|
15
|
-
# for the paranoid: we _should_ be storing user_token = hash(cookie_token, request IP)
|
16
|
-
def login_from_cookie
|
17
|
-
current_user = cookies[:auth_token] && Merb::Authentication.user_class.first(:conditions => ["remember_token = ?", cookies[:auth_token]])
|
18
|
-
if current_user && current_user.remember_token?
|
19
|
-
handle_remember_cookie! false # freshen cookie token (keeping date)
|
20
|
-
current_user
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
#
|
25
|
-
# Remember_me Tokens
|
26
|
-
#
|
27
|
-
# Cookies shouldn't be allowed to persist past their freshness date,
|
28
|
-
# and they should be changed at each login
|
29
|
-
|
30
|
-
# Cookies shouldn't be allowed to persist past their freshness date,
|
31
|
-
# and they should be changed at each login
|
32
|
-
|
33
|
-
def valid_remember_cookie?
|
34
|
-
return nil unless current_user
|
35
|
-
(current_user.remember_token?) &&
|
36
|
-
(cookies[:auth_token] == current_user.remember_token)
|
37
|
-
end
|
38
|
-
|
39
|
-
# Refresh the cookie auth token if it exists, create it otherwise
|
40
|
-
def handle_remember_cookie! new_cookie_flag
|
41
|
-
return unless current_user
|
42
|
-
case
|
43
|
-
when valid_remember_cookie? then current_user.refresh_token # keeping same expiry date
|
44
|
-
when new_cookie_flag then current_user.remember_me
|
45
|
-
else current_user.forget_me
|
46
|
-
end
|
47
|
-
send_remember_cookie!
|
48
|
-
end
|
49
|
-
|
50
|
-
def send_remember_cookie!
|
51
|
-
cookies.set_cookie(:auth_token, current_user.remember_token, :expires => current_user.remember_token_expires_at.to_time)
|
52
|
-
end
|
53
|
-
|
54
|
-
|
55
|
-
end
|
56
|
-
|
1
|
+
module Merb::Authentication::Strategies
|
2
|
+
class RememberMeStrategy < Merb::Authentication::Strategy
|
3
|
+
def run!
|
4
|
+
if cookies[:auth_token]
|
5
|
+
user = Merb::Authentication.user_class.first(
|
6
|
+
:conditions => [ "remember_token = ?", cookies[:auth_token] ]
|
7
|
+
)
|
8
|
+
end
|
9
|
+
user && user.remembered? ? user : nil
|
10
|
+
end # run!
|
11
|
+
end # RememberMeStrategy
|
12
|
+
end # Merb::Authentication::Strategies
|
metadata
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rughetto-merb-auth-remember-me
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Surasit Liangpornrattana
|
8
|
+
- Rue the Ghetto
|
8
9
|
autorequire:
|
9
10
|
bindir: bin
|
10
11
|
cert_chain: []
|
@@ -23,7 +24,7 @@ dependencies:
|
|
23
24
|
version: "1.0"
|
24
25
|
version:
|
25
26
|
description: Merb plugin that provides remember me for merb-auth-slice-password
|
26
|
-
email:
|
27
|
+
email: ru_ghetto@rubyghetto.com
|
27
28
|
executables: []
|
28
29
|
|
29
30
|
extensions: []
|
@@ -55,7 +56,7 @@ files:
|
|
55
56
|
- spec/strategies
|
56
57
|
- spec/strategies/remember_me_spec.rb
|
57
58
|
has_rdoc: true
|
58
|
-
homepage: https://github.com/
|
59
|
+
homepage: https://github.com/rughetto/merb-auth-remember-me
|
59
60
|
post_install_message:
|
60
61
|
rdoc_options: []
|
61
62
|
|