simple_auth 1.5.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -1
- data/.travis.yml +11 -0
- data/CHANGELOG.md +5 -0
- data/Gemfile +0 -2
- data/Gemfile.lock +102 -79
- data/README.md +243 -0
- data/Rakefile +15 -0
- data/gemfiles/rails_3_1.gemfile +5 -0
- data/gemfiles/rails_3_1.gemfile.lock +151 -0
- data/gemfiles/rails_3_2.gemfile +5 -0
- data/gemfiles/rails_3_2.gemfile.lock +149 -0
- data/gemfiles/rails_4_0.gemfile +4 -0
- data/gemfiles/rails_4_0.gemfile.lock +140 -0
- data/gemfiles/rails_4_1.gemfile +4 -0
- data/gemfiles/rails_4_1.gemfile.lock +146 -0
- data/lib/simple_auth.rb +1 -6
- data/lib/simple_auth/action_controller.rb +14 -10
- data/lib/simple_auth/active_record.rb +86 -0
- data/lib/simple_auth/compat.rb +2 -0
- data/lib/simple_auth/compat/active_record.rb +31 -0
- data/lib/simple_auth/compat/config.rb +17 -0
- data/lib/simple_auth/config.rb +0 -20
- data/lib/simple_auth/exceptions.rb +0 -1
- data/lib/simple_auth/railtie.rb +1 -1
- data/lib/simple_auth/rspec.rb +2 -2
- data/lib/simple_auth/session.rb +1 -1
- data/lib/simple_auth/version.rb +2 -2
- data/simple_auth.gemspec +4 -4
- data/spec/controllers/redirect_logged_user_spec.rb +16 -16
- data/spec/controllers/require_logged_user_spec.rb +34 -34
- data/spec/schema.rb +5 -1
- data/spec/simple_auth/active_record_spec.rb +104 -2
- data/spec/simple_auth/compat_spec.rb +31 -0
- data/spec/simple_auth/config_spec.rb +8 -27
- data/spec/simple_auth/helper_spec.rb +7 -7
- data/spec/simple_auth/session_spec.rb +76 -76
- data/spec/spec_helper.rb +2 -168
- data/spec/support/app/models/customer.rb +3 -0
- data/templates/initializer.rb +0 -8
- metadata +62 -33
- data/README.markdown +0 -202
- data/lib/simple_auth/orm/active_record.rb +0 -80
- data/lib/simple_auth/orm/base.rb +0 -89
- data/lib/simple_auth/orm/mongo_mapper.rb +0 -62
- data/spec/simple_auth/mongo_mapper_spec.rb +0 -10
- data/spec/support/app/models/account.rb +0 -6
@@ -0,0 +1,146 @@
|
|
1
|
+
PATH
|
2
|
+
remote: ..
|
3
|
+
specs:
|
4
|
+
simple_auth (2.0.0)
|
5
|
+
rails (>= 3.1.0)
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: https://rubygems.org/
|
9
|
+
specs:
|
10
|
+
actionmailer (4.1.0)
|
11
|
+
actionpack (= 4.1.0)
|
12
|
+
actionview (= 4.1.0)
|
13
|
+
mail (~> 2.5.4)
|
14
|
+
actionpack (4.1.0)
|
15
|
+
actionview (= 4.1.0)
|
16
|
+
activesupport (= 4.1.0)
|
17
|
+
rack (~> 1.5.2)
|
18
|
+
rack-test (~> 0.6.2)
|
19
|
+
actionview (4.1.0)
|
20
|
+
activesupport (= 4.1.0)
|
21
|
+
builder (~> 3.1)
|
22
|
+
erubis (~> 2.7.0)
|
23
|
+
activemodel (4.1.0)
|
24
|
+
activesupport (= 4.1.0)
|
25
|
+
builder (~> 3.1)
|
26
|
+
activerecord (4.1.0)
|
27
|
+
activemodel (= 4.1.0)
|
28
|
+
activesupport (= 4.1.0)
|
29
|
+
arel (~> 5.0.0)
|
30
|
+
activesupport (4.1.0)
|
31
|
+
i18n (~> 0.6, >= 0.6.9)
|
32
|
+
json (~> 1.7, >= 1.7.7)
|
33
|
+
minitest (~> 5.1)
|
34
|
+
thread_safe (~> 0.1)
|
35
|
+
tzinfo (~> 1.1)
|
36
|
+
arel (5.0.1.20140414130214)
|
37
|
+
awesome_print (1.2.0)
|
38
|
+
bcrypt (3.1.7)
|
39
|
+
builder (3.2.2)
|
40
|
+
coderay (1.1.0)
|
41
|
+
columnize (0.3.6)
|
42
|
+
debugger (1.6.6)
|
43
|
+
columnize (>= 0.3.1)
|
44
|
+
debugger-linecache (~> 1.2.0)
|
45
|
+
debugger-ruby_core_source (~> 1.3.2)
|
46
|
+
debugger-linecache (1.2.0)
|
47
|
+
debugger-ruby_core_source (1.3.2)
|
48
|
+
diff-lcs (1.2.5)
|
49
|
+
erubis (2.7.0)
|
50
|
+
hike (1.2.3)
|
51
|
+
i18n (0.6.9)
|
52
|
+
json (1.8.1)
|
53
|
+
mail (2.5.4)
|
54
|
+
mime-types (~> 1.16)
|
55
|
+
treetop (~> 1.4.8)
|
56
|
+
method_source (0.8.2)
|
57
|
+
mime-types (1.25.1)
|
58
|
+
minitest (5.3.3)
|
59
|
+
multi_json (1.9.2)
|
60
|
+
polyglot (0.3.4)
|
61
|
+
pry (0.9.12.6)
|
62
|
+
coderay (~> 1.0)
|
63
|
+
method_source (~> 0.8)
|
64
|
+
slop (~> 3.4)
|
65
|
+
pry-debugger (0.2.2)
|
66
|
+
debugger (~> 1.3)
|
67
|
+
pry (~> 0.9.10)
|
68
|
+
pry-meta (0.0.6)
|
69
|
+
awesome_print
|
70
|
+
pry
|
71
|
+
pry-debugger
|
72
|
+
pry-remote
|
73
|
+
pry-remote (0.1.8)
|
74
|
+
pry (~> 0.9)
|
75
|
+
slop (~> 3.0)
|
76
|
+
rack (1.5.2)
|
77
|
+
rack-test (0.6.2)
|
78
|
+
rack (>= 1.0)
|
79
|
+
rails (4.1.0)
|
80
|
+
actionmailer (= 4.1.0)
|
81
|
+
actionpack (= 4.1.0)
|
82
|
+
actionview (= 4.1.0)
|
83
|
+
activemodel (= 4.1.0)
|
84
|
+
activerecord (= 4.1.0)
|
85
|
+
activesupport (= 4.1.0)
|
86
|
+
bundler (>= 1.3.0, < 2.0)
|
87
|
+
railties (= 4.1.0)
|
88
|
+
sprockets-rails (~> 2.0)
|
89
|
+
railties (4.1.0)
|
90
|
+
actionpack (= 4.1.0)
|
91
|
+
activesupport (= 4.1.0)
|
92
|
+
rake (>= 0.8.7)
|
93
|
+
thor (>= 0.18.1, < 2.0)
|
94
|
+
rake (10.3.1)
|
95
|
+
rspec-collection_matchers (0.0.3)
|
96
|
+
rspec-expectations (>= 2.99.0.beta1)
|
97
|
+
rspec-core (3.0.0.beta2)
|
98
|
+
rspec-support (= 3.0.0.beta2)
|
99
|
+
rspec-expectations (3.0.0.beta2)
|
100
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
101
|
+
rspec-support (= 3.0.0.beta2)
|
102
|
+
rspec-mocks (3.0.0.beta2)
|
103
|
+
rspec-support (= 3.0.0.beta2)
|
104
|
+
rspec-rails (3.0.0.beta2)
|
105
|
+
actionpack (>= 3.0)
|
106
|
+
activemodel (>= 3.0)
|
107
|
+
activesupport (>= 3.0)
|
108
|
+
railties (>= 3.0)
|
109
|
+
rspec-collection_matchers
|
110
|
+
rspec-core (= 3.0.0.beta2)
|
111
|
+
rspec-expectations (= 3.0.0.beta2)
|
112
|
+
rspec-mocks (= 3.0.0.beta2)
|
113
|
+
rspec-support (= 3.0.0.beta2)
|
114
|
+
rspec-support (3.0.0.beta2)
|
115
|
+
slop (3.5.0)
|
116
|
+
sprockets (2.12.1)
|
117
|
+
hike (~> 1.2)
|
118
|
+
multi_json (~> 1.0)
|
119
|
+
rack (~> 1.0)
|
120
|
+
tilt (~> 1.1, != 1.3.0)
|
121
|
+
sprockets-rails (2.1.3)
|
122
|
+
actionpack (>= 3.0)
|
123
|
+
activesupport (>= 3.0)
|
124
|
+
sprockets (~> 2.8)
|
125
|
+
sqlite3 (1.3.9)
|
126
|
+
sqlite3-ruby (1.3.3)
|
127
|
+
sqlite3 (>= 1.3.3)
|
128
|
+
thor (0.19.1)
|
129
|
+
thread_safe (0.3.3)
|
130
|
+
tilt (1.4.1)
|
131
|
+
treetop (1.4.15)
|
132
|
+
polyglot
|
133
|
+
polyglot (>= 0.3.1)
|
134
|
+
tzinfo (1.1.0)
|
135
|
+
thread_safe (~> 0.1)
|
136
|
+
|
137
|
+
PLATFORMS
|
138
|
+
ruby
|
139
|
+
|
140
|
+
DEPENDENCIES
|
141
|
+
bcrypt (~> 3.1.7)
|
142
|
+
pry-meta
|
143
|
+
rails (~> 4.1.0)
|
144
|
+
rspec-rails (= 3.0.0.beta2)
|
145
|
+
simple_auth!
|
146
|
+
sqlite3-ruby
|
data/lib/simple_auth.rb
CHANGED
@@ -1,5 +1,3 @@
|
|
1
|
-
require "digest/sha2"
|
2
|
-
|
3
1
|
require "rails/railtie"
|
4
2
|
require "active_support/all"
|
5
3
|
|
@@ -7,10 +5,7 @@ require "simple_auth/railtie"
|
|
7
5
|
require "simple_auth/config"
|
8
6
|
require "simple_auth/exceptions"
|
9
7
|
require "simple_auth/action_controller"
|
10
|
-
require "simple_auth/
|
11
|
-
require "simple_auth/orm/active_record"
|
12
|
-
require "simple_auth/orm/mongo_mapper"
|
8
|
+
require "simple_auth/active_record"
|
13
9
|
require "simple_auth/session"
|
14
10
|
require "simple_auth/helper"
|
15
11
|
require "simple_auth/version"
|
16
|
-
|
@@ -40,6 +40,14 @@ module SimpleAuth
|
|
40
40
|
path = controller.instance_eval(&path) if path.kind_of?(Proc)
|
41
41
|
path
|
42
42
|
end
|
43
|
+
|
44
|
+
def request_uri
|
45
|
+
if request.respond_to?(:fullpath)
|
46
|
+
request.fullpath
|
47
|
+
else
|
48
|
+
request.request_uri
|
49
|
+
end
|
50
|
+
end
|
43
51
|
end
|
44
52
|
|
45
53
|
module ClassMethods
|
@@ -58,18 +66,14 @@ module SimpleAuth
|
|
58
66
|
def require_logged_user(options = {})
|
59
67
|
before_filter options.except(:to) do |controller|
|
60
68
|
controller.instance_eval do
|
61
|
-
|
62
|
-
|
63
|
-
return_to = request.fullpath
|
64
|
-
else
|
65
|
-
return_to = request.request_uri
|
66
|
-
end
|
69
|
+
# Already logged in, so skip validation.
|
70
|
+
next if current_session.try(:valid?) && authorized?
|
67
71
|
|
68
|
-
|
72
|
+
session[:return_to] = request_uri if request.get?
|
69
73
|
|
70
|
-
|
71
|
-
|
72
|
-
|
74
|
+
SimpleAuth::Session.destroy!
|
75
|
+
flash.alert = t("simple_auth.sessions.need_to_be_logged")
|
76
|
+
redirect_to simple_auth_url_for(:login_url, controller, options[:to])
|
73
77
|
end
|
74
78
|
end
|
75
79
|
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
module SimpleAuth
|
2
|
+
module ActiveRecord
|
3
|
+
def self.included(base)
|
4
|
+
base.class_eval { extend Macro }
|
5
|
+
end
|
6
|
+
|
7
|
+
module Macro
|
8
|
+
# Set virtual attributes, callbacks and validations.
|
9
|
+
# Is called automatically after setting up configuration with
|
10
|
+
# `SimpleAuth.setup {|config| config.model = :user}`.
|
11
|
+
#
|
12
|
+
# class User < ActiveRecord::Base
|
13
|
+
# authentication
|
14
|
+
# end
|
15
|
+
#
|
16
|
+
# Can set configuration when a block is provided.
|
17
|
+
#
|
18
|
+
# class User < ActiveRecord::Base
|
19
|
+
# authentication do |config|
|
20
|
+
# config.credentials = ["email"]
|
21
|
+
# end
|
22
|
+
# end
|
23
|
+
#
|
24
|
+
def authentication(&block)
|
25
|
+
SimpleAuth.setup(&block) if block_given?
|
26
|
+
SimpleAuth::Config.model ||= name.underscore.to_sym
|
27
|
+
|
28
|
+
# Possibly multiple calls in a given model.
|
29
|
+
# So, just return.
|
30
|
+
return if respond_to?(:authenticate)
|
31
|
+
|
32
|
+
has_secure_password
|
33
|
+
|
34
|
+
extend ClassMethods
|
35
|
+
include InstanceMethods
|
36
|
+
|
37
|
+
validates_length_of :password, minimum: 4
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
module InstanceMethods
|
42
|
+
end
|
43
|
+
|
44
|
+
module ClassMethods
|
45
|
+
# Find user by its credential.
|
46
|
+
#
|
47
|
+
# User.find_by_credential "john@doe.com" # using e-mail
|
48
|
+
# User.find_by_credential "john" # using username
|
49
|
+
#
|
50
|
+
def find_by_credential(credential)
|
51
|
+
# Collect each attribute that should be used as credential.
|
52
|
+
query = SimpleAuth::Config.credentials.each_with_object([]) do |attr_name, buffer|
|
53
|
+
buffer << "#{attr_name} = :credential"
|
54
|
+
end.join(" or ")
|
55
|
+
|
56
|
+
# Set the scope.
|
57
|
+
scope = SimpleAuth::Config.model_class.where(query, credential: credential.to_s)
|
58
|
+
|
59
|
+
# Find the record using the conditions we built
|
60
|
+
scope.first
|
61
|
+
end
|
62
|
+
|
63
|
+
# Find user by its credential. If no user is found, raise
|
64
|
+
# SimpleAuth::RecordNotFound exception.
|
65
|
+
#
|
66
|
+
# User.find_by_credential! "john@doe.com"
|
67
|
+
#
|
68
|
+
def find_by_credential!(credential)
|
69
|
+
record = find_by_credential(credential)
|
70
|
+
raise SimpleAuth::RecordNotFound, "couldn't find #{SimpleAuth::Config.model} using #{credential.inspect} as credential" unless record
|
71
|
+
record
|
72
|
+
end
|
73
|
+
|
74
|
+
# Receive a credential and a password and try to authenticate the specified user.
|
75
|
+
# If the credential is valid, then an user is returned; otherwise nil is returned.
|
76
|
+
#
|
77
|
+
# User.authenticate "johndoe", "test"
|
78
|
+
# User.authenticate "john@doe.com", "test"
|
79
|
+
#
|
80
|
+
def authenticate(credential, password)
|
81
|
+
record = find_by_credential(credential.to_s)
|
82
|
+
record.try(:authenticate, password)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module SimpleAuth
|
2
|
+
def self.migrate_passwords!
|
3
|
+
require "ostruct"
|
4
|
+
|
5
|
+
generator = OpenStruct.new.extend(ActiveModel::SecurePassword::InstanceMethodsOnActivation)
|
6
|
+
|
7
|
+
Config.model_class.find_each do |record|
|
8
|
+
generator.password = record.password_hash
|
9
|
+
|
10
|
+
Config.model_class
|
11
|
+
.where(id: record.id)
|
12
|
+
.update_all(password_digest: generator.password_digest)
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
module ActiveRecord
|
17
|
+
module InstanceMethods
|
18
|
+
def password=(password)
|
19
|
+
@password = SimpleAuth::Config.crypter.call(password, password_salt)
|
20
|
+
end
|
21
|
+
|
22
|
+
def password_confirmation=(password)
|
23
|
+
@password_confirmation = SimpleAuth::Config.crypter.call(password, password_salt)
|
24
|
+
end
|
25
|
+
|
26
|
+
def authenticate(password)
|
27
|
+
super SimpleAuth::Config.crypter.call(password, password_salt)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module SimpleAuth
|
2
|
+
class Config
|
3
|
+
# Generate the password hash. The specified block should expected
|
4
|
+
# the plain password and the password hash as block parameters.
|
5
|
+
cattr_accessor :crypter
|
6
|
+
@@crypter = proc do |password, salt|
|
7
|
+
Digest::SHA256.hexdigest [password, salt].join("--")
|
8
|
+
end
|
9
|
+
|
10
|
+
# Generate the password salt. The specified block should expect
|
11
|
+
# the ActiveRecord instance as block parameter.
|
12
|
+
cattr_accessor :salt
|
13
|
+
@@salt = proc do |record|
|
14
|
+
Digest::SHA256.hexdigest [Time.to_s, SecureRandom.hex(32)].join("--")
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
data/lib/simple_auth/config.rb
CHANGED
@@ -16,20 +16,6 @@ module SimpleAuth
|
|
16
16
|
cattr_accessor :wipeout_session
|
17
17
|
@@wipeout_session = false
|
18
18
|
|
19
|
-
# Generate the password hash. The specified block should expected
|
20
|
-
# the plain password and the password hash as block parameters.
|
21
|
-
cattr_accessor :crypter
|
22
|
-
@@crypter = proc do |password, salt|
|
23
|
-
Digest::SHA256.hexdigest [password, salt].join("--")
|
24
|
-
end
|
25
|
-
|
26
|
-
# Generate the password salt. The specified block should expect
|
27
|
-
# the ActiveRecord instance as block parameter.
|
28
|
-
cattr_accessor :salt
|
29
|
-
@@salt = proc do |record|
|
30
|
-
Digest::SHA256.hexdigest [Time.to_s, SecureRandom.hex(32)].join("--")
|
31
|
-
end
|
32
|
-
|
33
19
|
# Set which attributes will be used for authentication.
|
34
20
|
cattr_accessor :credentials
|
35
21
|
@@credentials = [:email, :login]
|
@@ -51,12 +37,6 @@ module SimpleAuth
|
|
51
37
|
cattr_accessor :logged_url
|
52
38
|
@@logged_url = proc { dashboard_path }
|
53
39
|
|
54
|
-
def self.reset_session(*args) # :nodoc:
|
55
|
-
Kernel.warn "The SimpleAuth::Config.reset_session accessor was disabled and will be removed in future versions."
|
56
|
-
end
|
57
|
-
|
58
|
-
class << self; alias reset_session= reset_session; end
|
59
|
-
|
60
40
|
def self.model_class
|
61
41
|
model.to_s.classify.constantize
|
62
42
|
end
|
data/lib/simple_auth/railtie.rb
CHANGED
@@ -12,7 +12,7 @@ module SimpleAuth
|
|
12
12
|
helper_method :current_user, :current_session, :logged_in?
|
13
13
|
end
|
14
14
|
|
15
|
-
::ActiveRecord::Base.class_eval { include SimpleAuth::
|
15
|
+
::ActiveRecord::Base.class_eval { include SimpleAuth::ActiveRecord }
|
16
16
|
end
|
17
17
|
end
|
18
18
|
end
|
data/lib/simple_auth/rspec.rb
CHANGED
@@ -14,9 +14,9 @@ module SimpleAuth
|
|
14
14
|
#
|
15
15
|
def simple_auth(options = {})
|
16
16
|
options.reverse_merge!({
|
17
|
-
:session =>
|
17
|
+
:session => double("current_session").as_null_object,
|
18
18
|
:authorized => true,
|
19
|
-
:user =>
|
19
|
+
:user => double("current_user").as_null_object
|
20
20
|
})
|
21
21
|
|
22
22
|
controller.stub({
|
data/lib/simple_auth/session.rb
CHANGED
data/lib/simple_auth/version.rb
CHANGED
data/simple_auth.gemspec
CHANGED
@@ -15,9 +15,9 @@ Gem::Specification.new do |s|
|
|
15
15
|
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
16
16
|
s.require_paths = ["lib"]
|
17
17
|
|
18
|
-
s.
|
18
|
+
s.add_dependency "rails", ">= 3.1.0"
|
19
19
|
s.add_development_dependency "sqlite3-ruby"
|
20
|
-
s.add_development_dependency "rspec-rails"
|
21
|
-
s.add_development_dependency "
|
22
|
-
s.add_development_dependency "
|
20
|
+
s.add_development_dependency "rspec-rails", "3.0.0.beta2"
|
21
|
+
s.add_development_dependency "bcrypt", "~> 3.1.7"
|
22
|
+
s.add_development_dependency "pry-meta"
|
23
23
|
end
|