simple_auth 2.0.4 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -0
  3. data/.travis.yml +6 -9
  4. data/CHANGELOG.md +4 -0
  5. data/Gemfile +1 -1
  6. data/MIGRATE.md +40 -0
  7. data/README.md +34 -137
  8. data/Rakefile +8 -18
  9. data/bin/console +5 -0
  10. data/gemfiles/{rails_4_1.gemfile → rails_4_2.gemfile} +1 -1
  11. data/gemfiles/{rails_4_0.gemfile → rails_5_0.gemfile} +1 -1
  12. data/lib/simple_auth.rb +26 -11
  13. data/lib/simple_auth/action_controller.rb +53 -81
  14. data/lib/simple_auth/action_controller/require_login_action.rb +47 -0
  15. data/lib/simple_auth/config.rb +13 -36
  16. data/lib/simple_auth/generator.rb +2 -2
  17. data/lib/simple_auth/railtie.rb +0 -11
  18. data/lib/simple_auth/session.rb +19 -143
  19. data/lib/simple_auth/templates/install/initializer.rb +23 -0
  20. data/lib/simple_auth/version.rb +1 -6
  21. data/simple_auth.gemspec +6 -3
  22. data/test/controllers/admin/dashboard_controller_test.rb +31 -0
  23. data/test/controllers/dashboard_controller_test.rb +56 -0
  24. data/test/controllers/pages_controller_test.rb +16 -0
  25. data/test/generators/install_test.rb +13 -0
  26. data/test/support/dummy/app/controllers/admin/dashboard_controller.rb +35 -0
  27. data/{spec/support → test/support/dummy}/app/controllers/application_controller.rb +0 -0
  28. data/test/support/dummy/app/controllers/dashboard_controller.rb +23 -0
  29. data/test/support/dummy/app/controllers/pages_controller.rb +7 -0
  30. data/{spec/support → test/support/dummy}/app/models/user.rb +1 -1
  31. data/test/support/dummy/config/application.rb +17 -0
  32. data/test/support/dummy/config/initializers/simple_auth.rb +23 -0
  33. data/test/support/dummy/config/routes.rb +23 -0
  34. data/test/support/schema.rb +6 -0
  35. data/test/test_helper.rb +15 -0
  36. metadata +75 -65
  37. data/.rspec +0 -1
  38. data/gemfiles/rails_3_1.gemfile +0 -5
  39. data/gemfiles/rails_3_2.gemfile +0 -5
  40. data/lib/simple_auth/active_record.rb +0 -95
  41. data/lib/simple_auth/compat.rb +0 -2
  42. data/lib/simple_auth/compat/active_record.rb +0 -28
  43. data/lib/simple_auth/compat/config.rb +0 -17
  44. data/lib/simple_auth/exceptions.rb +0 -4
  45. data/lib/simple_auth/helper.rb +0 -12
  46. data/lib/simple_auth/rspec.rb +0 -29
  47. data/locales/en.yml +0 -5
  48. data/locales/pt-BR.yml +0 -5
  49. data/spec/controllers/redirect_logged_user_spec.rb +0 -87
  50. data/spec/controllers/require_logged_user_spec.rb +0 -146
  51. data/spec/schema.rb +0 -9
  52. data/spec/simple_auth/active_record_spec.rb +0 -146
  53. data/spec/simple_auth/compat_spec.rb +0 -45
  54. data/spec/simple_auth/config_spec.rb +0 -21
  55. data/spec/simple_auth/helper_spec.rb +0 -24
  56. data/spec/simple_auth/initializer_spec.rb +0 -9
  57. data/spec/simple_auth/session_spec.rb +0 -212
  58. data/spec/spec_helper.rb +0 -23
  59. data/spec/support/app/models/customer.rb +0 -3
  60. data/spec/support/app/models/person.rb +0 -4
  61. data/spec/support/app/views/dashboard/index.erb +0 -0
  62. data/spec/support/app/views/session/new.erb +0 -0
  63. data/spec/support/config/boot.rb +0 -16
  64. data/spec/support/config/database.yml +0 -3
  65. data/spec/support/config/routes.rb +0 -4
  66. data/templates/initializer.rb +0 -22
@@ -0,0 +1,47 @@
1
+ module SimpleAuth
2
+ module ActionController
3
+ class RequireLoginAction
4
+ DEFAULT_UNLOGGED_IN_MESSAGE = "You must be logged in to access this page."
5
+ DEFAULT_UNAUTHORIZED_MESSAGE = "You don't have permission to access this page."
6
+
7
+ attr_reader :controller, :scope
8
+
9
+ def initialize(controller, scope)
10
+ @controller = controller
11
+ @scope = scope
12
+ end
13
+
14
+ def valid?
15
+ valid_session? && authorized?
16
+ end
17
+
18
+ def message
19
+ return nil if valid?
20
+ return unauthorized_message unless authorized?
21
+ unlogged_message
22
+ end
23
+
24
+ private
25
+
26
+ def valid_session?
27
+ controller.send("#{scope}_session").valid?
28
+ end
29
+
30
+ def authorized?
31
+ controller.send("authorized_#{scope}?")
32
+ end
33
+
34
+ def unauthorized_message
35
+ translation_for("#{scope}.unauthorized", DEFAULT_UNAUTHORIZED_MESSAGE)
36
+ end
37
+
38
+ def unlogged_message
39
+ translation_for("#{scope}.unlogged_in", DEFAULT_UNLOGGED_IN_MESSAGE)
40
+ end
41
+
42
+ def translation_for(translation_scope, default_message)
43
+ I18n.t(translation_scope, scope: :simple_auth, default: default_message)
44
+ end
45
+ end
46
+ end
47
+ end
@@ -1,44 +1,21 @@
1
1
  module SimpleAuth
2
- # Add a shortcut to SimpleAuth::Config
3
- def self.setup(&block)
4
- yield SimpleAuth::Config if block_given?
5
- end
6
-
7
2
  class Config
8
- # Automatically remove all session values that start with your model name.
9
- #
10
- # When an existing session is destroyed or a new session is created,
11
- # SimpleAuth will remove the record id stored as <tt>#{SimpleAuth::Config.model}</tt>.
12
- #
13
- # Additionally, you can enable this option to remove any other key composed by
14
- # <tt>#{SimpleAuth::Config.model}_*</tt>.
15
- #
16
- cattr_accessor :wipeout_session
17
- @@wipeout_session = false
18
-
19
- # Set which attributes will be used for authentication.
20
- cattr_accessor :credentials
21
- @@credentials = [:email, :login]
22
-
23
- # Set the user model
24
- cattr_accessor :model
25
- @@model = :user
26
-
27
- # Set the current controller object
28
- cattr_accessor :controller
29
- @@controller = nil
3
+ # Set which scopes will be activated.
4
+ # By default it enables `user` and `admin`.
5
+ attr_accessor :scopes
30
6
 
31
- # Set the login url
32
- cattr_accessor :login_url
33
- @@login_url = proc { login_path }
7
+ # Set the login url.
8
+ # This will be used to redirect unlogged users to the login page.
9
+ # Default to `login_path`.
10
+ attr_accessor :login_url
34
11
 
35
- # Logged users will be redirect to this url
36
- # when +redirect_logged_user+ helper is used.
37
- cattr_accessor :logged_url
38
- @@logged_url = proc { dashboard_path }
12
+ # Set the logged url.
13
+ # This will be used to redirect logged users to the dashboard page.
14
+ # Default to `dashboard_path`.
15
+ attr_accessor :logged_url
39
16
 
40
- def self.model_class
41
- model.to_s.classify.constantize
17
+ def install_helpers!
18
+ ::ActionController::Base.include SimpleAuth::ActionController
42
19
  end
43
20
  end
44
21
  end
@@ -1,8 +1,8 @@
1
- require "rails/generators/base"
1
+ require "rails/generators"
2
2
 
3
3
  module SimpleAuth
4
4
  class InstallGenerator < ::Rails::Generators::Base
5
- source_root File.dirname(__FILE__) + "/../../templates"
5
+ source_root "#{__dir__}/templates/install"
6
6
 
7
7
  def copy_initializer_file
8
8
  copy_file "initializer.rb", "config/initializers/simple_auth.rb"
@@ -3,16 +3,5 @@ module SimpleAuth
3
3
  generators do
4
4
  require "simple_auth/generator"
5
5
  end
6
-
7
- initializer "simple_auth.initialize" do |app|
8
- ::ActionController::Base.instance_eval do
9
- include SimpleAuth::ActionController
10
- helper SimpleAuth::Helper
11
- prepend_before_filter :activate_simple_auth
12
- helper_method :current_user, :current_session, :logged_in?
13
- end
14
-
15
- ::ActiveRecord::Base.class_eval { include SimpleAuth::ActiveRecord }
16
- end
17
6
  end
18
7
  end
@@ -1,163 +1,39 @@
1
1
  module SimpleAuth
2
2
  class Session
3
- attr_accessor :credential
4
- attr_accessor :password
5
- attr_accessor :model
6
- attr_accessor :controller
7
- attr_accessor :record
8
- attr_accessor :errors
9
-
10
- class Errors # :nodoc:all
11
- attr_accessor :errors
12
-
13
- def add_to_base(message)
14
- @errors << message
15
- end
16
-
17
- def initialize
18
- @errors = []
19
- end
20
-
21
- def on(attr_name)
22
- nil
23
- end
24
-
25
- def full_messages
26
- @errors
27
- end
28
-
29
- def empty?
30
- @errors.empty?
31
- end
32
-
33
- def [](attr_name)
34
- []
35
- end
36
- end
37
-
38
- def self.session_key
39
- "#{SimpleAuth::Config.model.to_s}_id".to_sym
40
- end
41
-
42
- def self.record_id
43
- controller && controller.session[session_key]
44
- end
45
-
46
- def self.backup(&block)
47
- backup = controller.session.to_hash.reject do |name, value|
48
- rejected = [:session_id, session_key].include?(name.to_sym) || SimpleAuth::Config.wipeout_session && name.to_s =~ /^#{SimpleAuth::Config.model}_/
49
- controller.session.delete(name) if rejected
50
- rejected
51
- end
52
-
53
- yield
54
-
55
- backup.each do |name, value|
56
- controller.session[name.to_sym] = value
57
- end
58
- end
59
-
60
- def self.find
61
- return unless controller && record_id
62
- session = new
63
- session.record = session.model.find_by_id(record_id)
64
-
65
- if session.record
66
- session
67
- else
68
- nil
69
- end
70
- end
71
-
72
- def self.create(options = {})
73
- new(options).tap do |session|
74
- session.save
75
- end
3
+ def self.create(**kwargs)
4
+ new(**kwargs)
76
5
  end
77
6
 
78
- def self.create!(options = {})
79
- new(options).tap do |session|
80
- session.save!
81
- end
7
+ def initialize(scope:, session:, record: nil)
8
+ @scope = scope
9
+ @session = session
10
+ self.record = record if record
82
11
  end
83
12
 
84
- def self.controller
85
- SimpleAuth::Config.controller
13
+ def record=(record)
14
+ @session[record_key] = record.try(:id)
15
+ @record = record
86
16
  end
87
17
 
88
- def self.destroy!
89
- [:session_id, session_key].each {|name| controller.session.delete(name) }
90
-
91
- controller.instance_variable_set("@current_user", nil)
92
- controller.instance_variable_set("@current_session", nil)
93
-
94
- backup { controller.reset_session }
95
-
96
- true
97
- end
98
-
99
- def self.model_name
100
- ActiveModel::Name.new(self)
101
- end
102
-
103
- def initialize(options = {})
104
- options ||= {}
105
-
106
- @credential = options[:credential]
107
- @password = options[:password]
108
- @controller = SimpleAuth::Config.controller
109
- @model = SimpleAuth::Config.model_class
110
- @errors = Errors.new
18
+ def record
19
+ @record ||= record_class
20
+ .find_by_id(record_id_from_session) if record_id_from_session
111
21
  end
112
22
 
113
- def to_key
114
- nil
23
+ def record_class
24
+ @record_class ||= Object.const_get(:"#{@scope.to_s.camelize}")
115
25
  end
116
26
 
117
- def new_record?
118
- record.nil?
27
+ def record_key
28
+ :"#{@scope}_id"
119
29
  end
120
30
 
121
- def persisted?
122
- !new_record?
31
+ def record_id_from_session
32
+ @session[record_key]
123
33
  end
124
34
 
125
35
  def valid?
126
- if record && controller.send(:authorized?)
127
- true
128
- else
129
- errors.add_to_base I18n.translate("simple_auth.sessions.invalid_credentials")
130
- self.class.destroy!
131
- false
132
- end
133
- end
134
-
135
- def record
136
- @record ||= model
137
- .find_by_credential(credential)
138
- .try(:authenticate, password)
139
- end
140
-
141
- def save
142
- self.class.destroy!
143
-
144
- controller.session[self.class.session_key] = record.id if valid?
145
- controller.session[self.class.session_key] != nil
146
- end
147
-
148
- def save!
149
- if valid?
150
- save
151
- else
152
- raise SimpleAuth::NotAuthorized
153
- end
154
- end
155
-
156
- def destroy
157
- @record = nil
158
- @credential = nil
159
- @password = nil
160
- self.class.destroy!
36
+ record.present?
161
37
  end
162
38
  end
163
39
  end
@@ -0,0 +1,23 @@
1
+ SimpleAuth.setup do |config|
2
+ # Define with scopes will be installed.
3
+ # This can be useful if you want to have separated sessions
4
+ # (e.g. regular user and admin user).
5
+ #
6
+ # To enable both user and admin sessions, you can define the scopes
7
+ # like this:
8
+ #
9
+ # config.scopes = %i[user admin]
10
+ #
11
+ config.scopes = %i[user]
12
+
13
+ # Set the login url.
14
+ # This is where users will be redirected to when they're unlogged.
15
+ config.login_url = proc { login_path }
16
+
17
+ # Logged users will be redirect to this url
18
+ # when `before_action :redirect_logged_user` filter is used.
19
+ config.logged_url = proc { dashboard_path }
20
+
21
+ # Install SimpleAuth helpers to the controllers.
22
+ config.install_helpers!
23
+ end
@@ -1,8 +1,3 @@
1
1
  module SimpleAuth
2
- module Version
3
- MAJOR = 2
4
- MINOR = 0
5
- PATCH = 4
6
- STRING = "#{MAJOR}.#{MINOR}.#{PATCH}"
7
- end
2
+ VERSION = "3.0.0"
8
3
  end
@@ -1,8 +1,9 @@
1
1
  require "./lib/simple_auth/version"
2
2
 
3
3
  Gem::Specification.new do |s|
4
+ s.required_ruby_version = ">= 2.2.0"
4
5
  s.name = "simple_auth"
5
- s.version = SimpleAuth::Version::STRING
6
+ s.version = SimpleAuth::VERSION
6
7
  s.platform = Gem::Platform::RUBY
7
8
  s.authors = ["Nando Vieira"]
8
9
  s.email = ["fnando.vieira@gmail.com"]
@@ -15,9 +16,11 @@ Gem::Specification.new do |s|
15
16
  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
16
17
  s.require_paths = ["lib"]
17
18
 
18
- s.add_dependency "rails", ">= 3.1.0"
19
+ s.add_dependency "rails", ">= 4.2.0"
19
20
  s.add_development_dependency "sqlite3-ruby"
20
- s.add_development_dependency "rspec-rails", "3.0.0.beta2"
21
+ s.add_development_dependency "activerecord"
22
+ s.add_development_dependency "minitest"
23
+ s.add_development_dependency "minitest-utils"
21
24
  s.add_development_dependency "bcrypt", "~> 3.1.7"
22
25
  s.add_development_dependency "pry-meta"
23
26
  end
@@ -0,0 +1,31 @@
1
+ require "test_helper"
2
+
3
+ class AdminDashboardControllerTest < ActionController::TestCase
4
+ tests Admin::DashboardController
5
+
6
+ setup do
7
+ @routes = Rails.application.routes
8
+ @controller.reset_session
9
+ end
10
+
11
+ test "authorizes logged admin" do
12
+ get :log_in_as_admin
13
+ get :index
14
+
15
+ assert_response :success
16
+ end
17
+
18
+ test "authorizes logged user with admin flag" do
19
+ get :log_in_as_admin
20
+ get :index
21
+
22
+ assert_response :success
23
+ end
24
+
25
+ test "denies user" do
26
+ get :log_in_as_user
27
+ get :index
28
+
29
+ assert_redirected_to login_path
30
+ end
31
+ end
@@ -0,0 +1,56 @@
1
+ require "test_helper"
2
+
3
+ class DashboardControllerTest < ActionController::TestCase
4
+ setup do
5
+ @routes = Rails.application.routes
6
+ @controller.reset_session
7
+
8
+ User.delete_all
9
+ User.create!(password: "test", email: "john@example.com")
10
+ end
11
+
12
+ test "redirects unlogged user to login path" do
13
+ get :index
14
+ assert_redirected_to login_path
15
+ end
16
+
17
+ test "sets flash message while redirecting unlogged user" do
18
+ get :index
19
+ assert_equal "You don't have permission to access this page.", flash[:alert]
20
+ end
21
+
22
+ test "renders page for logged user" do
23
+ get :log_in
24
+ get :index
25
+
26
+ assert_response :success
27
+ end
28
+
29
+ test "redirects logged user" do
30
+ get :log_in
31
+ get :not_logged
32
+
33
+ assert_redirected_to dashboard_path
34
+ end
35
+
36
+ test "renders page for unlogged user" do
37
+ get :not_logged
38
+ assert_response :success
39
+ end
40
+
41
+ test "redirects unauthorized user" do
42
+ User.create!(password: "test", email: "john@example.org")
43
+ get :log_in
44
+ get :index
45
+
46
+ assert_redirected_to login_path
47
+ end
48
+
49
+ test "sets flash message while redirecting unauthorized user" do
50
+ User.create!(password: "test", email: "john@example.org")
51
+ get :log_in
52
+ get :index
53
+
54
+ assert_equal "You don't have permission to access this page.", flash[:alert]
55
+ end
56
+ end