RubyGems - satz - Versions diffs - 0.0.1 → 0.0.2 - Mend

satz 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ef06f388d1b3113f7d709320b4ea4606e5fc9c8c
-  data.tar.gz: af63d424f6e74e95418804514075f72886777af5
+  metadata.gz: 5ef14c47b68ac506c9096dfa78e62d7e174d3dd4
+  data.tar.gz: eb243d56d8184dda598263589bcbfe7e5580bb2f
 SHA512:
-  metadata.gz: 8ef33ff001e893d12588c6fbf6f5825434c7cf8599f14db51ddf12b807e95ccb0e6731f9ff4241a80e6b587e6bec31ec827c3f4ddd919fb853eef807317deccc
-  data.tar.gz: 4a1df71be2425e688e51ed96dafb3d0a8d1d3be929f8f5c2917e8a7788382942d4c1018b5b1e7846f3d933179c98f6eec6df42a58a24a744598b555c8675dd90
+  metadata.gz: a1025b3c94d78c146c7cee02a24be964ae9b4fef849855d954e3dff793fc901dcd405b175155ea8fb159227a0b9d32ab61854f969242a0e41880aa7430b15fd6
+  data.tar.gz: cb37e3aabca0617d18c8730f815fc3997843a1528b3eca6834c985acd41fec8009486126d4072c229948308efd24a090cb1c2721477d036a20628486bde0b934

data/CHANGELOG CHANGED Viewed

@@ -1 +1,5 @@
+0.0.2
+* Add customizable serializer
+* Add authentication via Basic Auth

data/README.md CHANGED Viewed

@@ -19,7 +19,7 @@ Usage
 An example of a Satz application would look like this:
 ```ruby
-App = Satz.new do
+App = Satz.define do
   on "players" do
     on :player_id do
       get do
@@ -55,15 +55,61 @@ In user defined objects, you can define the method `to_json` according
 to your needs. Most ORMs already provide meaningful definitions for
 that method.
+Authentication
+--------------
+The `auth` method checks if Basic Auth headers were provided and
+returns `nil` otherwise. If it's able to access the supplied
+credentials, it yield the username and password and returns the
+result (if it's not false) or nil.
+Here's an example of how to use it:
+```ruby
+@user = auth do |user, pass|
+  # Here you can use any method of your
+  # choice. The example is from Shield.
+  User.authenticate(user, pass)
+end
+on @user.nil? do
+  res.status = 401
+  reply(error: "Unauthorized")
+end
+```
+Anything defined after that `on` block will be executed only if the
+authentication succeded.
+Serialization
+-------------
+The default serializer is `JSON`, but it can be customized by
+supplying a serializer:
+```ruby
+Satz.serializer = MySerializer
+```
+A serializer must respond to `load(arg)` and `dump(arg)`, and that's
+the only restriction. Note that the supplied serializer will be used
+by all `Satz` applications.
 API
 ---
 Apart from [Syro][syro]'s API, the following methods are available:
-`read`: Reads the body of the requst and parses it as JSON.
+`auth`: Process Basic Auth headers and yield username and password.
+`read`: Reads the body of the request and parses it as JSON.
 `reply`: Writes to the response its argument encoded as JSON.
+Installation
+------------
 ```
 $ gem install satz
 ```

data/lib/satz.rb CHANGED Viewed

@@ -22,24 +22,83 @@
 require "syro"
 require "json"
+require "base64"
 class Satz
+  # The JSON module from stdlib provides a safe way of loading data
+  # with the `parse` method, but the most widespread API for encoding
+  # and decoding data is with the `load` and `dump` methods, which in
+  # the case of JSON are unsafe. This module wraps the JSON constant
+  # from stdlib in order to expose a safe version of `load`. As the
+  # serializer is configurable, the user is expected to provide
+  # objects that respond safely to those methods.
+  module Serializer
+    def self.load(value)
+      JSON.load(value, nil, create_additions: false)
+    end
+    def self.dump(value)
+      JSON.dump(value)
+    end
+  end
+  @@serializer = Serializer
+  def self.serializer
+    @@serializer
+  end
+  # Modify the serializer to be used for all Satz applications.
+  # The serializer object must reply to `load(arg)` and `dump(arg)`.
+  def self.serializer=(value)
+    @@serializer = value
+  end
   class Deck < Syro::Deck
+    HTTP_AUTHORIZATION = "HTTP_AUTHORIZATION".freeze
+    # Checks the Basic Auth headers and yields
+    # user and pass if credentials are provided.
+    # Returns nil if there are no credentials or
+    # if the block returns false or nil.
+    #
+    # Usage:
+    #
+    #     @user = auth do |user, pass|
+    #       User.authenticate(user, pass)
+    #     end
+    #
+    #     on @user.nil? do
+    #       res.status = 401
+    #       reply(error: "Unauthorized")
+    #     end
+    #
+    def auth
+      http_auth = env.fetch(HTTP_AUTHORIZATION) do
+        return nil
+      end
+      cred = http_auth.split(" ")[1]
+      user, pass = Base64.decode64(cred).split(":")
+      yield(user, pass) || nil
+    end
-    # Respond by default with JSON.
+    # Respond by default with JSON. The default charset
+    # for "application/json" is UTF-8.
     def default_headers
       { "Content-Type" => "application/json" }
     end
     # Read JSON data from the POST request.
     def read
-      body = req.body.read
-      body && JSON.parse(body)
+      Satz.serializer.load(req.body.read)
     end
     # Write JSON data to the response.
     def reply(data)
-      res.write(JSON.dump(data))
+      res.write(Satz.serializer.dump(data))
     end
   end

data/satz.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name              = "satz"
-  s.version           = "0.0.1"
+  s.version           = "0.0.2"
   s.summary           = "Framework for JSON microservices"
   s.description       = "Framework for JSON microservices"
   s.authors           = ["Michel Martens"]

data/test/all.rb CHANGED Viewed

@@ -1,22 +1,37 @@
-App = Satz.define do
+A1 = Satz.define do
   get do
-    reply(true)
+    reply(read)
   end
   post do
     reply(read)
   end
+  on "protected" do
+    @user = auth do |user, pass|
+      user == "foo" && pass == "bar"
+    end
+    on @user.nil? do
+      res.status = 401
+      reply(error: "Unauthorized")
+    end
+    get do
+      reply(true)
+    end
+  end
 end
 setup do
-  Driver.new(App)
+  Driver.new(A1)
 end
 test "get" do |app|
   app.get("/")
   assert_equal 200, app.last_response.status
-  assert_equal %Q(true), app.last_response.body
+  assert_equal %Q(null), app.last_response.body
 end
 test "post" do |app|
@@ -27,3 +42,45 @@ test "post" do |app|
   assert_equal data, app.last_response.body
   assert_equal 200, app.last_response.status
 end
+test "auth" do |app|
+  app.get("/protected")
+  assert_equal %Q({"error":"Unauthorized"}), app.last_response.body
+  assert_equal 401, app.last_response.status
+  app.authorize("foo", "bar")
+  app.get("/protected")
+  assert_equal %Q(true), app.last_response.body
+end
+module Reverser
+  def self.load(data)
+    data
+  end
+  def self.dump(data)
+    data.reverse
+  end
+end
+Satz.serializer = Reverser
+A2 = Satz.define do
+  get do
+    reply("hello")
+  end
+end
+setup do
+  Driver.new(A2)
+end
+test "get" do |app|
+  app.get("/")
+  assert_equal 200, app.last_response.status
+  assert_equal %Q(olleh), app.last_response.body
+end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: satz
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Michel Martens
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-12-11 00:00:00.000000000 Z
+date: 2016-01-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: syro