simple_auth 1.5.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/.travis.yml +11 -0
- data/CHANGELOG.md +5 -0
- data/Gemfile +0 -2
- data/Gemfile.lock +102 -79
- data/README.md +243 -0
- data/Rakefile +15 -0
- data/gemfiles/rails_3_1.gemfile +5 -0
- data/gemfiles/rails_3_1.gemfile.lock +151 -0
- data/gemfiles/rails_3_2.gemfile +5 -0
- data/gemfiles/rails_3_2.gemfile.lock +149 -0
- data/gemfiles/rails_4_0.gemfile +4 -0
- data/gemfiles/rails_4_0.gemfile.lock +140 -0
- data/gemfiles/rails_4_1.gemfile +4 -0
- data/gemfiles/rails_4_1.gemfile.lock +146 -0
- data/lib/simple_auth.rb +1 -6
- data/lib/simple_auth/action_controller.rb +14 -10
- data/lib/simple_auth/active_record.rb +86 -0
- data/lib/simple_auth/compat.rb +2 -0
- data/lib/simple_auth/compat/active_record.rb +31 -0
- data/lib/simple_auth/compat/config.rb +17 -0
- data/lib/simple_auth/config.rb +0 -20
- data/lib/simple_auth/exceptions.rb +0 -1
- data/lib/simple_auth/railtie.rb +1 -1
- data/lib/simple_auth/rspec.rb +2 -2
- data/lib/simple_auth/session.rb +1 -1
- data/lib/simple_auth/version.rb +2 -2
- data/simple_auth.gemspec +4 -4
- data/spec/controllers/redirect_logged_user_spec.rb +16 -16
- data/spec/controllers/require_logged_user_spec.rb +34 -34
- data/spec/schema.rb +5 -1
- data/spec/simple_auth/active_record_spec.rb +104 -2
- data/spec/simple_auth/compat_spec.rb +31 -0
- data/spec/simple_auth/config_spec.rb +8 -27
- data/spec/simple_auth/helper_spec.rb +7 -7
- data/spec/simple_auth/session_spec.rb +76 -76
- data/spec/spec_helper.rb +2 -168
- data/spec/support/app/models/customer.rb +3 -0
- data/templates/initializer.rb +0 -8
- metadata +62 -33
- data/README.markdown +0 -202
- data/lib/simple_auth/orm/active_record.rb +0 -80
- data/lib/simple_auth/orm/base.rb +0 -89
- data/lib/simple_auth/orm/mongo_mapper.rb +0 -62
- data/spec/simple_auth/mongo_mapper_spec.rb +0 -10
- data/spec/support/app/models/account.rb +0 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 90b77901780358f8890699611f29c46dd78d844b
|
4
|
+
data.tar.gz: 00db8239eb7dd70a701a532f4d491d3cb8ce8110
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 86bda4fb617c416cb2e669002443ea61bf88098dddd19d7725affa62c6a78753be0e8288a83cb83180c6932b4fbcf1c7df7212fea21b0d7fa14402164ff831dc
|
7
|
+
data.tar.gz: 5829b734bcede51e7c14859b329bb0480b47d4311cd6c72174073570e5dc60889028ebb53eb136a9567812d0c9d280acb08259b193fc9e3460615d63c47c0752
|
data/.rspec
CHANGED
@@ -1 +1 @@
|
|
1
|
-
--color
|
1
|
+
--color
|
data/.travis.yml
ADDED
data/CHANGELOG.md
ADDED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,122 +1,145 @@
|
|
1
|
-
GIT
|
2
|
-
remote: git://github.com/jnunemaker/mongomapper.git
|
3
|
-
revision: e0d7db141b2c330eb44773ef00d1b179bbdf9209
|
4
|
-
specs:
|
5
|
-
mongo_mapper (0.13.0.beta1)
|
6
|
-
activemodel (>= 3.0.0)
|
7
|
-
activesupport (>= 3.0)
|
8
|
-
mongo (~> 1.8)
|
9
|
-
plucky (~> 0.6.5)
|
10
|
-
|
11
1
|
PATH
|
12
2
|
remote: .
|
13
3
|
specs:
|
14
|
-
simple_auth (
|
4
|
+
simple_auth (2.0.0)
|
5
|
+
rails (>= 3.1.0)
|
15
6
|
|
16
7
|
GEM
|
17
8
|
remote: http://rubygems.org/
|
18
9
|
specs:
|
19
|
-
actionmailer (4.
|
20
|
-
actionpack (= 4.
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
10
|
+
actionmailer (4.1.0)
|
11
|
+
actionpack (= 4.1.0)
|
12
|
+
actionview (= 4.1.0)
|
13
|
+
mail (~> 2.5.4)
|
14
|
+
actionpack (4.1.0)
|
15
|
+
actionview (= 4.1.0)
|
16
|
+
activesupport (= 4.1.0)
|
26
17
|
rack (~> 1.5.2)
|
27
18
|
rack-test (~> 0.6.2)
|
28
|
-
|
29
|
-
activesupport (= 4.
|
30
|
-
builder (~> 3.1
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
19
|
+
actionview (4.1.0)
|
20
|
+
activesupport (= 4.1.0)
|
21
|
+
builder (~> 3.1)
|
22
|
+
erubis (~> 2.7.0)
|
23
|
+
activemodel (4.1.0)
|
24
|
+
activesupport (= 4.1.0)
|
25
|
+
builder (~> 3.1)
|
26
|
+
activerecord (4.1.0)
|
27
|
+
activemodel (= 4.1.0)
|
28
|
+
activesupport (= 4.1.0)
|
29
|
+
arel (~> 5.0.0)
|
30
|
+
activesupport (4.1.0)
|
31
|
+
i18n (~> 0.6, >= 0.6.9)
|
32
|
+
json (~> 1.7, >= 1.7.7)
|
33
|
+
minitest (~> 5.1)
|
41
34
|
thread_safe (~> 0.1)
|
42
|
-
tzinfo (~>
|
43
|
-
arel (
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
35
|
+
tzinfo (~> 1.1)
|
36
|
+
arel (5.0.1.20140414130214)
|
37
|
+
awesome_print (1.2.0)
|
38
|
+
bcrypt (3.1.7)
|
39
|
+
builder (3.2.2)
|
40
|
+
coderay (1.1.0)
|
41
|
+
columnize (0.3.6)
|
42
|
+
debugger (1.6.6)
|
43
|
+
columnize (>= 0.3.1)
|
44
|
+
debugger-linecache (~> 1.2.0)
|
45
|
+
debugger-ruby_core_source (~> 1.3.2)
|
46
|
+
debugger-linecache (1.2.0)
|
47
|
+
debugger-ruby_core_source (1.3.2)
|
48
|
+
diff-lcs (1.2.5)
|
50
49
|
erubis (2.7.0)
|
51
50
|
hike (1.2.3)
|
52
|
-
i18n (0.6.
|
51
|
+
i18n (0.6.9)
|
52
|
+
json (1.8.1)
|
53
53
|
mail (2.5.4)
|
54
54
|
mime-types (~> 1.16)
|
55
55
|
treetop (~> 1.4.8)
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
56
|
+
method_source (0.8.2)
|
57
|
+
mime-types (1.25.1)
|
58
|
+
minitest (5.3.3)
|
59
|
+
multi_json (1.9.2)
|
60
|
+
polyglot (0.3.4)
|
61
|
+
pry (0.9.12.6)
|
62
|
+
coderay (~> 1.0)
|
63
|
+
method_source (~> 0.8)
|
64
|
+
slop (~> 3.4)
|
65
|
+
pry-debugger (0.2.2)
|
66
|
+
debugger (~> 1.3)
|
67
|
+
pry (~> 0.9.10)
|
68
|
+
pry-meta (0.0.6)
|
69
|
+
awesome_print
|
70
|
+
pry
|
71
|
+
pry-debugger
|
72
|
+
pry-remote
|
73
|
+
pry-remote (0.1.8)
|
74
|
+
pry (~> 0.9)
|
75
|
+
slop (~> 3.0)
|
64
76
|
rack (1.5.2)
|
65
77
|
rack-test (0.6.2)
|
66
78
|
rack (>= 1.0)
|
67
|
-
rails (4.
|
68
|
-
actionmailer (= 4.
|
69
|
-
actionpack (= 4.
|
70
|
-
|
71
|
-
|
79
|
+
rails (4.1.0)
|
80
|
+
actionmailer (= 4.1.0)
|
81
|
+
actionpack (= 4.1.0)
|
82
|
+
actionview (= 4.1.0)
|
83
|
+
activemodel (= 4.1.0)
|
84
|
+
activerecord (= 4.1.0)
|
85
|
+
activesupport (= 4.1.0)
|
72
86
|
bundler (>= 1.3.0, < 2.0)
|
73
|
-
railties (= 4.
|
74
|
-
sprockets-rails (~> 2.0
|
75
|
-
railties (4.
|
76
|
-
actionpack (= 4.
|
77
|
-
activesupport (= 4.
|
87
|
+
railties (= 4.1.0)
|
88
|
+
sprockets-rails (~> 2.0)
|
89
|
+
railties (4.1.0)
|
90
|
+
actionpack (= 4.1.0)
|
91
|
+
activesupport (= 4.1.0)
|
78
92
|
rake (>= 0.8.7)
|
79
93
|
thor (>= 0.18.1, < 2.0)
|
80
|
-
rake (10.1
|
81
|
-
rspec-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
rspec-
|
94
|
+
rake (10.3.1)
|
95
|
+
rspec-collection_matchers (0.0.3)
|
96
|
+
rspec-expectations (>= 2.99.0.beta1)
|
97
|
+
rspec-core (3.0.0.beta2)
|
98
|
+
rspec-support (= 3.0.0.beta2)
|
99
|
+
rspec-expectations (3.0.0.beta2)
|
100
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
101
|
+
rspec-support (= 3.0.0.beta2)
|
102
|
+
rspec-mocks (3.0.0.beta2)
|
103
|
+
rspec-support (= 3.0.0.beta2)
|
104
|
+
rspec-rails (3.0.0.beta2)
|
86
105
|
actionpack (>= 3.0)
|
106
|
+
activemodel (>= 3.0)
|
87
107
|
activesupport (>= 3.0)
|
88
108
|
railties (>= 3.0)
|
89
|
-
rspec-
|
90
|
-
rspec-
|
91
|
-
rspec-
|
92
|
-
|
109
|
+
rspec-collection_matchers
|
110
|
+
rspec-core (= 3.0.0.beta2)
|
111
|
+
rspec-expectations (= 3.0.0.beta2)
|
112
|
+
rspec-mocks (= 3.0.0.beta2)
|
113
|
+
rspec-support (= 3.0.0.beta2)
|
114
|
+
rspec-support (3.0.0.beta2)
|
115
|
+
slop (3.5.0)
|
116
|
+
sprockets (2.12.1)
|
93
117
|
hike (~> 1.2)
|
94
118
|
multi_json (~> 1.0)
|
95
119
|
rack (~> 1.0)
|
96
120
|
tilt (~> 1.1, != 1.3.0)
|
97
|
-
sprockets-rails (2.
|
121
|
+
sprockets-rails (2.1.3)
|
98
122
|
actionpack (>= 3.0)
|
99
123
|
activesupport (>= 3.0)
|
100
124
|
sprockets (~> 2.8)
|
101
|
-
sqlite3 (1.3.
|
125
|
+
sqlite3 (1.3.9)
|
102
126
|
sqlite3-ruby (1.3.3)
|
103
127
|
sqlite3 (>= 1.3.3)
|
104
|
-
thor (0.
|
105
|
-
thread_safe (0.
|
106
|
-
atomic
|
128
|
+
thor (0.19.1)
|
129
|
+
thread_safe (0.3.3)
|
107
130
|
tilt (1.4.1)
|
108
|
-
treetop (1.4.
|
131
|
+
treetop (1.4.15)
|
109
132
|
polyglot
|
110
133
|
polyglot (>= 0.3.1)
|
111
|
-
tzinfo (
|
134
|
+
tzinfo (1.1.0)
|
135
|
+
thread_safe (~> 0.1)
|
112
136
|
|
113
137
|
PLATFORMS
|
114
138
|
ruby
|
115
139
|
|
116
140
|
DEPENDENCIES
|
117
|
-
|
118
|
-
|
119
|
-
rails (
|
120
|
-
rspec-rails
|
141
|
+
bcrypt (~> 3.1.7)
|
142
|
+
pry-meta
|
143
|
+
rspec-rails (= 3.0.0.beta2)
|
121
144
|
simple_auth!
|
122
145
|
sqlite3-ruby
|
data/README.md
ADDED
@@ -0,0 +1,243 @@
|
|
1
|
+
# Simple Auth
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/fnando/simple_auth.svg)](https://travis-ci.org/fnando/simple_auth)
|
4
|
+
[![Code Climate](https://codeclimate.com/github/fnando/simple_auth.png)](https://codeclimate.com/github/fnando/simple_auth)
|
5
|
+
|
6
|
+
SimpleAuth is an authentication library to be used when everything else is just too complicated.
|
7
|
+
|
8
|
+
This library only supports in-site authentication and won't implement OpenID, Facebook Connect and like.
|
9
|
+
|
10
|
+
Rails 3.1.0+ is required.
|
11
|
+
|
12
|
+
## Installation
|
13
|
+
|
14
|
+
Just the following line to your Gemfile:
|
15
|
+
|
16
|
+
gem "simple_auth"
|
17
|
+
|
18
|
+
Then run `rails generate simple_auth:install` to copy the initializer file.
|
19
|
+
|
20
|
+
## Usage
|
21
|
+
|
22
|
+
Your user model should have the attribute `password_digest`. The credential field can be anything you want, but SimpleAuth uses `[:email, :login]` by default.
|
23
|
+
|
24
|
+
```ruby
|
25
|
+
class CreateUsers < ActiveRecord::Migration
|
26
|
+
def change
|
27
|
+
create_table :users do |t|
|
28
|
+
t.string :email, null: false
|
29
|
+
t.string :login, null: false
|
30
|
+
t.string :password_digest, null: false
|
31
|
+
|
32
|
+
t.timestamps
|
33
|
+
end
|
34
|
+
|
35
|
+
add_index :users, :email, unique: true
|
36
|
+
add_index :users, :login, unique: true
|
37
|
+
add_index :users, [:email, :login]
|
38
|
+
end
|
39
|
+
end
|
40
|
+
```
|
41
|
+
|
42
|
+
In your model, use the `authentication` macro.
|
43
|
+
|
44
|
+
```ruby
|
45
|
+
class User < ActiveRecord::Base
|
46
|
+
authentication
|
47
|
+
end
|
48
|
+
```
|
49
|
+
|
50
|
+
This will add some callbacks and password validations. It will also inject helper methods like `Model.authenticate`.
|
51
|
+
|
52
|
+
Session is valid only when both `Model#authorized?` and `Controller#authorized?` methods return `true`, which is the default behavior. You can override these methods with your own rules:
|
53
|
+
|
54
|
+
```ruby
|
55
|
+
class User < ActiveRecord::Base
|
56
|
+
authentication
|
57
|
+
|
58
|
+
def authorized?
|
59
|
+
deleted_at.nil?
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
class Admin::DashboardController < ApplicationController
|
64
|
+
private
|
65
|
+
def authorized?
|
66
|
+
current_user.admin?
|
67
|
+
end
|
68
|
+
end
|
69
|
+
```
|
70
|
+
|
71
|
+
After you set up the model, you can go to the controller.
|
72
|
+
|
73
|
+
```ruby
|
74
|
+
class SessionsController < ApplicationController
|
75
|
+
def new
|
76
|
+
@user_session = SimpleAuth::Session.new
|
77
|
+
end
|
78
|
+
|
79
|
+
def create
|
80
|
+
@user_session = SimpleAuth::Session.new(params[:session])
|
81
|
+
|
82
|
+
if @user_session.save
|
83
|
+
redirect_to return_to(dashboard_path)
|
84
|
+
else
|
85
|
+
flash[:alert] = "Invalid username or password"
|
86
|
+
render :new
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
def destroy
|
91
|
+
current_session.destroy if logged_in?
|
92
|
+
redirect_to root_path
|
93
|
+
end
|
94
|
+
end
|
95
|
+
```
|
96
|
+
|
97
|
+
The `return_to` helper will give you the requested url (before the user logged in) or the default url.
|
98
|
+
|
99
|
+
You can restrict access by using 2 macros:
|
100
|
+
|
101
|
+
```ruby
|
102
|
+
class SignupController < ApplicationController
|
103
|
+
redirect_logged_user :to => "/"
|
104
|
+
end
|
105
|
+
```
|
106
|
+
|
107
|
+
Here's some usage examples:
|
108
|
+
|
109
|
+
```ruby
|
110
|
+
redirect_logged_user :to => proc { login_path }
|
111
|
+
redirect_logged_user :to => {:controller => "dashboard"}
|
112
|
+
redirect_logged_user :only => [:index], :to => login_path
|
113
|
+
redirect_logged_user :except => [:public], :to => login_path
|
114
|
+
```
|
115
|
+
|
116
|
+
You can skip the `:to` option if you set it globally on your initializer:
|
117
|
+
|
118
|
+
```ruby
|
119
|
+
SimpleAuth::Config.logged_url = {:controller => "session", :action => "new"}
|
120
|
+
SimpleAuth::Config.logged_url = proc { login_path }
|
121
|
+
```
|
122
|
+
|
123
|
+
To require a logged user, use the `require_logged_user` macro:
|
124
|
+
|
125
|
+
```ruby
|
126
|
+
class DashboardController < ApplicationController
|
127
|
+
require_logged_user :to => proc { login_path }
|
128
|
+
end
|
129
|
+
```
|
130
|
+
|
131
|
+
Here's some usage examples:
|
132
|
+
|
133
|
+
```ruby
|
134
|
+
require_logged_user :to => proc { login_path }
|
135
|
+
require_logged_user :to => {:controller => "session", :action => "new"}
|
136
|
+
require_logged_user :only => [:index], :to => login_path
|
137
|
+
require_logged_user :except => [:public], :to => login_path
|
138
|
+
```
|
139
|
+
|
140
|
+
You can skip the `:to` option if you set it globally on your initializer:
|
141
|
+
|
142
|
+
```ruby
|
143
|
+
SimpleAuth::Config.login_url = {:controller => "session", :action => "new"}
|
144
|
+
SimpleAuth::Config.login_url = proc { login_path }
|
145
|
+
```
|
146
|
+
|
147
|
+
There are some helpers:
|
148
|
+
|
149
|
+
```ruby
|
150
|
+
logged_in? # controller & views
|
151
|
+
current_user # controller & views
|
152
|
+
current_session # controller & views
|
153
|
+
when_logged(&block) # views
|
154
|
+
find_by_credential # model
|
155
|
+
find_by_credential! # model
|
156
|
+
```
|
157
|
+
|
158
|
+
If you're having problems to use any helper, include the module `SimpleAuth::Helper` on your `ApplicationHelper`.
|
159
|
+
|
160
|
+
```ruby
|
161
|
+
module ApplicationHelper
|
162
|
+
include SimpleAuth::Helper
|
163
|
+
end
|
164
|
+
```
|
165
|
+
|
166
|
+
### Translations
|
167
|
+
|
168
|
+
These are the translations you'll need:
|
169
|
+
|
170
|
+
```yaml
|
171
|
+
en:
|
172
|
+
simple_auth:
|
173
|
+
sessions:
|
174
|
+
need_to_be_logged: "You need to be logged"
|
175
|
+
invalid_credentials: "Invalid username or password"
|
176
|
+
```
|
177
|
+
|
178
|
+
### Compatibility Mode with v1
|
179
|
+
|
180
|
+
The previous version was based on hashing with salt. If you want to migrate to the v2 release, you must do some things.
|
181
|
+
|
182
|
+
First, add the following line to the configuration initializer (available at `config/initializers/simple_auth.rb`:
|
183
|
+
|
184
|
+
```ruby
|
185
|
+
require "simple_auth/compat"
|
186
|
+
```
|
187
|
+
|
188
|
+
Then create a field called `password_digest`. This field is required by the `ActiveRecord::Base.has_secure_password` method. You can create a migration with the following content:
|
189
|
+
|
190
|
+
```ruby
|
191
|
+
class AddPasswordDigestToUsers < ActiveRecord::Migration
|
192
|
+
def up
|
193
|
+
add_column :users, :password_digest, :string, null: true
|
194
|
+
SimpleAuth.migrate_passwords!
|
195
|
+
change_column_null :users, :password_digest, false
|
196
|
+
end
|
197
|
+
|
198
|
+
def down
|
199
|
+
remove_column :users, :password_digest
|
200
|
+
end
|
201
|
+
end
|
202
|
+
```
|
203
|
+
|
204
|
+
Apply this migration with `rake db:migrate`. Go read a book; this is going to take a while.
|
205
|
+
|
206
|
+
Check if your application is still working. If so, you can remove the `password_hash` column. Here's the migration to do it so.
|
207
|
+
|
208
|
+
```ruby
|
209
|
+
class RemovePasswordHashFromUsers < ActiveRecord::Migration
|
210
|
+
def change
|
211
|
+
remove_column :users, :password_hash
|
212
|
+
end
|
213
|
+
end
|
214
|
+
```
|
215
|
+
|
216
|
+
Again, apply this migration with `rake db:migrate`.
|
217
|
+
|
218
|
+
## Maintainer
|
219
|
+
|
220
|
+
* Nando Vieira (<http://simplesideias.com.br>)
|
221
|
+
|
222
|
+
## License:
|
223
|
+
|
224
|
+
(The MIT License)
|
225
|
+
|
226
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
227
|
+
a copy of this software and associated documentation files (the
|
228
|
+
'Software'), to deal in the Software without restriction, including
|
229
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
230
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
231
|
+
permit persons to whom the Software is furnished to do so, subject to
|
232
|
+
the following conditions:
|
233
|
+
|
234
|
+
The above copyright notice and this permission notice shall be
|
235
|
+
included in all copies or substantial portions of the Software.
|
236
|
+
|
237
|
+
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
238
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
239
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
240
|
+
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
241
|
+
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
242
|
+
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
243
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|