simple_auth 2.0.4 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.travis.yml +6 -9
- data/CHANGELOG.md +4 -0
- data/Gemfile +1 -1
- data/MIGRATE.md +40 -0
- data/README.md +34 -137
- data/Rakefile +8 -18
- data/bin/console +5 -0
- data/gemfiles/{rails_4_1.gemfile → rails_4_2.gemfile} +1 -1
- data/gemfiles/{rails_4_0.gemfile → rails_5_0.gemfile} +1 -1
- data/lib/simple_auth.rb +26 -11
- data/lib/simple_auth/action_controller.rb +53 -81
- data/lib/simple_auth/action_controller/require_login_action.rb +47 -0
- data/lib/simple_auth/config.rb +13 -36
- data/lib/simple_auth/generator.rb +2 -2
- data/lib/simple_auth/railtie.rb +0 -11
- data/lib/simple_auth/session.rb +19 -143
- data/lib/simple_auth/templates/install/initializer.rb +23 -0
- data/lib/simple_auth/version.rb +1 -6
- data/simple_auth.gemspec +6 -3
- data/test/controllers/admin/dashboard_controller_test.rb +31 -0
- data/test/controllers/dashboard_controller_test.rb +56 -0
- data/test/controllers/pages_controller_test.rb +16 -0
- data/test/generators/install_test.rb +13 -0
- data/test/support/dummy/app/controllers/admin/dashboard_controller.rb +35 -0
- data/{spec/support → test/support/dummy}/app/controllers/application_controller.rb +0 -0
- data/test/support/dummy/app/controllers/dashboard_controller.rb +23 -0
- data/test/support/dummy/app/controllers/pages_controller.rb +7 -0
- data/{spec/support → test/support/dummy}/app/models/user.rb +1 -1
- data/test/support/dummy/config/application.rb +17 -0
- data/test/support/dummy/config/initializers/simple_auth.rb +23 -0
- data/test/support/dummy/config/routes.rb +23 -0
- data/test/support/schema.rb +6 -0
- data/test/test_helper.rb +15 -0
- metadata +75 -65
- data/.rspec +0 -1
- data/gemfiles/rails_3_1.gemfile +0 -5
- data/gemfiles/rails_3_2.gemfile +0 -5
- data/lib/simple_auth/active_record.rb +0 -95
- data/lib/simple_auth/compat.rb +0 -2
- data/lib/simple_auth/compat/active_record.rb +0 -28
- data/lib/simple_auth/compat/config.rb +0 -17
- data/lib/simple_auth/exceptions.rb +0 -4
- data/lib/simple_auth/helper.rb +0 -12
- data/lib/simple_auth/rspec.rb +0 -29
- data/locales/en.yml +0 -5
- data/locales/pt-BR.yml +0 -5
- data/spec/controllers/redirect_logged_user_spec.rb +0 -87
- data/spec/controllers/require_logged_user_spec.rb +0 -146
- data/spec/schema.rb +0 -9
- data/spec/simple_auth/active_record_spec.rb +0 -146
- data/spec/simple_auth/compat_spec.rb +0 -45
- data/spec/simple_auth/config_spec.rb +0 -21
- data/spec/simple_auth/helper_spec.rb +0 -24
- data/spec/simple_auth/initializer_spec.rb +0 -9
- data/spec/simple_auth/session_spec.rb +0 -212
- data/spec/spec_helper.rb +0 -23
- data/spec/support/app/models/customer.rb +0 -3
- data/spec/support/app/models/person.rb +0 -4
- data/spec/support/app/views/dashboard/index.erb +0 -0
- data/spec/support/app/views/session/new.erb +0 -0
- data/spec/support/config/boot.rb +0 -16
- data/spec/support/config/database.yml +0 -3
- data/spec/support/config/routes.rb +0 -4
- data/templates/initializer.rb +0 -22
data/lib/simple_auth/compat.rb
DELETED
@@ -1,28 +0,0 @@
|
|
1
|
-
module SimpleAuth
|
2
|
-
def self.migrate_passwords!
|
3
|
-
require "ostruct"
|
4
|
-
|
5
|
-
generator = OpenStruct.new.extend(ActiveModel::SecurePassword::InstanceMethodsOnActivation)
|
6
|
-
|
7
|
-
Config.model_class.find_each do |record|
|
8
|
-
generator.password = record.password_hash
|
9
|
-
|
10
|
-
Config.model_class
|
11
|
-
.where(id: record.id)
|
12
|
-
.update_all(password_digest: generator.password_digest)
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
module ActiveRecord
|
17
|
-
module InstanceMethods
|
18
|
-
def password=(password)
|
19
|
-
super SimpleAuth::Config.crypter.call(password, password_salt)
|
20
|
-
@password = password
|
21
|
-
end
|
22
|
-
|
23
|
-
def authenticate(password)
|
24
|
-
super SimpleAuth::Config.crypter.call(password, password_salt)
|
25
|
-
end
|
26
|
-
end
|
27
|
-
end
|
28
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
module SimpleAuth
|
2
|
-
class Config
|
3
|
-
# Generate the password hash. The specified block should expected
|
4
|
-
# the plain password and the password hash as block parameters.
|
5
|
-
cattr_accessor :crypter
|
6
|
-
@@crypter = proc do |password, salt|
|
7
|
-
Digest::SHA256.hexdigest [password, salt].join("--")
|
8
|
-
end
|
9
|
-
|
10
|
-
# Generate the password salt. The specified block should expect
|
11
|
-
# the ActiveRecord instance as block parameter.
|
12
|
-
cattr_accessor :salt
|
13
|
-
@@salt = proc do |record|
|
14
|
-
Digest::SHA256.hexdigest [Time.to_s, SecureRandom.hex(32)].join("--")
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
data/lib/simple_auth/helper.rb
DELETED
data/lib/simple_auth/rspec.rb
DELETED
@@ -1,29 +0,0 @@
|
|
1
|
-
module SimpleAuth
|
2
|
-
module RSpec
|
3
|
-
# A simple helper to stub current session options.
|
4
|
-
#
|
5
|
-
# simple_auth(:user => User.first) # the most common case
|
6
|
-
# simple_auth(:authorized => false)
|
7
|
-
# simple_auth(:session => mock("current_session", :valid? => false))
|
8
|
-
#
|
9
|
-
# This is how you set it up:
|
10
|
-
#
|
11
|
-
# # spec/spec_helper.rb
|
12
|
-
# require "simple_auth/rspec"
|
13
|
-
# RSpec.configure {|c| c.include SimpleAuth::RSpec, :type => :controller}
|
14
|
-
#
|
15
|
-
def simple_auth(options = {})
|
16
|
-
options.reverse_merge!({
|
17
|
-
:session => double("current_session").as_null_object,
|
18
|
-
:authorized => true,
|
19
|
-
:user => double("current_user").as_null_object
|
20
|
-
})
|
21
|
-
|
22
|
-
controller.stub({
|
23
|
-
:current_user => options[:user],
|
24
|
-
:authorized? => options[:authorized],
|
25
|
-
:current_session => options[:session]
|
26
|
-
})
|
27
|
-
end
|
28
|
-
end
|
29
|
-
end
|
data/locales/en.yml
DELETED
data/locales/pt-BR.yml
DELETED
@@ -1,87 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
describe ApplicationController do
|
4
|
-
let(:user) {
|
5
|
-
User.create(
|
6
|
-
:login => "johndoe",
|
7
|
-
:email => "john@doe.com",
|
8
|
-
:password => "test",
|
9
|
-
:password_confirmation => "test"
|
10
|
-
)
|
11
|
-
}
|
12
|
-
|
13
|
-
context "redirecting logged users" do
|
14
|
-
context "using hash" do
|
15
|
-
controller ApplicationController do
|
16
|
-
redirect_logged_user :to => { :controller => "dashboard" }
|
17
|
-
|
18
|
-
def index
|
19
|
-
render :text => "Rendered"
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
it "redirects logged users" do
|
24
|
-
session[:user_id] = user.id
|
25
|
-
get :index
|
26
|
-
|
27
|
-
expect(response.code).to match(/302/)
|
28
|
-
expect(response).to redirect_to("/dashboard")
|
29
|
-
end
|
30
|
-
end
|
31
|
-
|
32
|
-
context "using block" do
|
33
|
-
controller ApplicationController do
|
34
|
-
redirect_logged_user :to => proc { dashboard_path }
|
35
|
-
|
36
|
-
def index
|
37
|
-
render :text => "Rendered"
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
it "redirects logged users" do
|
42
|
-
session[:user_id] = user.id
|
43
|
-
get :index
|
44
|
-
|
45
|
-
expect(response.code).to match(/302/)
|
46
|
-
expect(response).to redirect_to("/dashboard")
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
context "using configuration" do
|
51
|
-
controller ApplicationController do
|
52
|
-
redirect_logged_user
|
53
|
-
|
54
|
-
def index
|
55
|
-
render :text => "Rendered"
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
it "redirects logged users" do
|
60
|
-
SimpleAuth::Config.logged_url = proc { dashboard_path }
|
61
|
-
session[:user_id] = user.id
|
62
|
-
get :index
|
63
|
-
|
64
|
-
expect(response.code).to match(/302/)
|
65
|
-
expect(response).to redirect_to("/dashboard")
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
context "when unlogged" do
|
70
|
-
controller ApplicationController do
|
71
|
-
redirect_logged_user :to => { :controller => "dashboard" }
|
72
|
-
|
73
|
-
def index
|
74
|
-
render :text => "Rendered"
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
it "renders page" do
|
79
|
-
session[:user_id] = nil
|
80
|
-
get :index
|
81
|
-
|
82
|
-
expect(response.code).to match(/200/)
|
83
|
-
expect(response.body).to eq("Rendered")
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
87
|
-
end
|
@@ -1,146 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
describe ApplicationController do
|
4
|
-
let(:user) {
|
5
|
-
User.create(
|
6
|
-
:login => "johndoe",
|
7
|
-
:email => "john@doe.com",
|
8
|
-
:password => "test",
|
9
|
-
:password_confirmation => "test"
|
10
|
-
)
|
11
|
-
}
|
12
|
-
|
13
|
-
before do
|
14
|
-
session[:user_id] = {}
|
15
|
-
end
|
16
|
-
|
17
|
-
context "redirecting to requested page" do
|
18
|
-
controller ApplicationController do
|
19
|
-
require_logged_user :to => "/login"
|
20
|
-
|
21
|
-
def index
|
22
|
-
render :text => "Rendered"
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
it "keeps other session data" do
|
27
|
-
session[:skip_intro] = true
|
28
|
-
get :index
|
29
|
-
expect(session[:skip_intro]).to be_truthy
|
30
|
-
end
|
31
|
-
|
32
|
-
it "removes record id from session" do
|
33
|
-
session[:user_id] = 0
|
34
|
-
get :index
|
35
|
-
expect(session).not_to have_key(:user)
|
36
|
-
end
|
37
|
-
|
38
|
-
it "removes session id from session" do
|
39
|
-
session[:session_id] = "xSQR"
|
40
|
-
get :index
|
41
|
-
expect(session).not_to have_key(:session_id)
|
42
|
-
end
|
43
|
-
|
44
|
-
it "returns the request url" do
|
45
|
-
get :index, :some => "param"
|
46
|
-
expect(controller.send(:return_to, "/dashboard")).to eq("/anonymous?some=param")
|
47
|
-
end
|
48
|
-
|
49
|
-
it "returns the default url" do
|
50
|
-
expect(controller.send(:return_to, "/dashboard")).to eq("/dashboard")
|
51
|
-
end
|
52
|
-
|
53
|
-
it "sets return to" do
|
54
|
-
get :index, :some => "param"
|
55
|
-
expect(session[:return_to]).to eq("/anonymous?some=param")
|
56
|
-
end
|
57
|
-
|
58
|
-
it "removes return to from session" do
|
59
|
-
get :index, :some => "param"
|
60
|
-
controller.send(:return_to, "/dashboard")
|
61
|
-
expect(session[:return_to]).to be_nil
|
62
|
-
end
|
63
|
-
|
64
|
-
it "sets warning message" do
|
65
|
-
get :index
|
66
|
-
expect(flash[:alert]).to eq("You need to be logged")
|
67
|
-
end
|
68
|
-
|
69
|
-
it "redirects when user is not authorized on controller level" do
|
70
|
-
session[:user_id] = user.id
|
71
|
-
expect(@controller).to receive(:authorized?).and_return(false)
|
72
|
-
|
73
|
-
get :index
|
74
|
-
expect(response).to redirect_to("/login")
|
75
|
-
end
|
76
|
-
|
77
|
-
it "redirects when session is not valid" do
|
78
|
-
session[:user_id] = "invalid"
|
79
|
-
|
80
|
-
get :index
|
81
|
-
expect(response).to redirect_to("/login")
|
82
|
-
end
|
83
|
-
|
84
|
-
context "using hash" do
|
85
|
-
controller ApplicationController do
|
86
|
-
require_logged_user :to => {:controller => "session", :action => "new"}
|
87
|
-
|
88
|
-
def index
|
89
|
-
render :text => "Rendered"
|
90
|
-
end
|
91
|
-
end
|
92
|
-
|
93
|
-
it "is redirected" do
|
94
|
-
get :index
|
95
|
-
expect(response).to redirect_to("/login")
|
96
|
-
end
|
97
|
-
end
|
98
|
-
|
99
|
-
context "using block" do
|
100
|
-
controller ApplicationController do
|
101
|
-
require_logged_user :to => proc { login_path }
|
102
|
-
|
103
|
-
def index
|
104
|
-
render :text => "Rendered"
|
105
|
-
end
|
106
|
-
end
|
107
|
-
|
108
|
-
it "is redirected" do
|
109
|
-
get :index
|
110
|
-
expect(response).to redirect_to("/login")
|
111
|
-
end
|
112
|
-
end
|
113
|
-
|
114
|
-
context "using configuration" do
|
115
|
-
controller ApplicationController do
|
116
|
-
require_logged_user
|
117
|
-
|
118
|
-
def index
|
119
|
-
render :text => "Rendered"
|
120
|
-
end
|
121
|
-
end
|
122
|
-
|
123
|
-
it "is redirected" do
|
124
|
-
SimpleAuth::Config.login_url = "/login"
|
125
|
-
get :index
|
126
|
-
expect(response).to redirect_to("/login")
|
127
|
-
end
|
128
|
-
end
|
129
|
-
end
|
130
|
-
|
131
|
-
context "when logged" do
|
132
|
-
controller ApplicationController do
|
133
|
-
require_logged_user
|
134
|
-
|
135
|
-
def index
|
136
|
-
render :text => "Rendered"
|
137
|
-
end
|
138
|
-
end
|
139
|
-
|
140
|
-
it "renders page" do
|
141
|
-
session[:user_id] = user.id
|
142
|
-
get :index
|
143
|
-
expect(response.body).to eq("Rendered")
|
144
|
-
end
|
145
|
-
end
|
146
|
-
end
|
data/spec/schema.rb
DELETED
@@ -1,146 +0,0 @@
|
|
1
|
-
require "spec_helper"
|
2
|
-
|
3
|
-
describe SimpleAuth::ActiveRecord do
|
4
|
-
let(:model) { User }
|
5
|
-
let(:model_name) { :user }
|
6
|
-
subject { model.new }
|
7
|
-
|
8
|
-
before do
|
9
|
-
SimpleAuth::Config.model = model_name
|
10
|
-
end
|
11
|
-
|
12
|
-
context "configuration" do
|
13
|
-
it "sets credentials" do
|
14
|
-
model.authentication do |config|
|
15
|
-
config.credentials = ["uid"]
|
16
|
-
end
|
17
|
-
|
18
|
-
expect(SimpleAuth::Config.credentials).to eq(["uid"])
|
19
|
-
end
|
20
|
-
|
21
|
-
it "automatically sets model" do
|
22
|
-
model.authentication do |config|
|
23
|
-
config.model = nil
|
24
|
-
end
|
25
|
-
|
26
|
-
expect(SimpleAuth::Config.model).to eq(model_name)
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
context "new record" do
|
31
|
-
before do
|
32
|
-
expect(subject).not_to be_valid
|
33
|
-
end
|
34
|
-
|
35
|
-
it "requires password", if: $rails_version >= "4.0" do
|
36
|
-
expect(subject.errors[:password]).not_to be_empty
|
37
|
-
end
|
38
|
-
|
39
|
-
it "requires password", if: $rails_version < "4.0" do
|
40
|
-
expect(subject.errors[:password_digest]).not_to be_empty
|
41
|
-
end
|
42
|
-
|
43
|
-
it "requires password to be at least 4-chars long" do
|
44
|
-
subject.password = "123"
|
45
|
-
expect(subject).not_to be_valid
|
46
|
-
expect(subject.errors[:password]).not_to be_empty
|
47
|
-
end
|
48
|
-
|
49
|
-
it "requires password confirmation", if: $rails_version >= "4.0" do
|
50
|
-
user = User.create(password: "test", password_confirmation: "invalid")
|
51
|
-
expect(user.errors[:password_confirmation]).not_to be_empty
|
52
|
-
end
|
53
|
-
|
54
|
-
it "requires password confirmation", if: $rails_version < "4.0" do
|
55
|
-
user = User.create(password: "test", password_confirmation: "invalid")
|
56
|
-
expect(user.errors[:password]).not_to be_empty
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
context "ignoring validations" do
|
61
|
-
it "ignores validations", if: $rails_version >= "4.0" do
|
62
|
-
person = Person.new
|
63
|
-
expect(person).to be_valid
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
context "existing record" do
|
68
|
-
before do
|
69
|
-
model.delete_all
|
70
|
-
model.create!(
|
71
|
-
:email => "john@doe.com",
|
72
|
-
:login => "johndoe",
|
73
|
-
:password => "test",
|
74
|
-
:password_confirmation => "test",
|
75
|
-
:username => "john"
|
76
|
-
)
|
77
|
-
end
|
78
|
-
|
79
|
-
subject { model.first }
|
80
|
-
|
81
|
-
it "requires password", if: $rails_version >= "4.0" do
|
82
|
-
user = User.create(password: nil)
|
83
|
-
expect(user.errors[:password]).not_to be_empty
|
84
|
-
end
|
85
|
-
|
86
|
-
it "requires password", if: $rails_version < "4.0" do
|
87
|
-
user = User.create(password: nil)
|
88
|
-
expect(user.errors[:password_digest]).not_to be_empty
|
89
|
-
end
|
90
|
-
|
91
|
-
it "authenticates using email" do
|
92
|
-
expect(model.authenticate("john@doe.com", "test")).to eq(subject)
|
93
|
-
end
|
94
|
-
|
95
|
-
it "authenticates using login" do
|
96
|
-
expect(model.authenticate("johndoe", "test")).to eq(subject)
|
97
|
-
end
|
98
|
-
|
99
|
-
it "authenticates using custom attribute" do
|
100
|
-
SimpleAuth::Config.credentials = [:username]
|
101
|
-
expect(model.authenticate("john", "test")).to eq(subject)
|
102
|
-
end
|
103
|
-
|
104
|
-
it "doesn't authenticate using invalid credential" do
|
105
|
-
expect(model.authenticate("invalid", "test")).to be_nil
|
106
|
-
end
|
107
|
-
|
108
|
-
it "doesn't authenticate using wrong password" do
|
109
|
-
expect(model.authenticate("johndoe", "invalid")).not_to be
|
110
|
-
end
|
111
|
-
|
112
|
-
it "returns nil when no user has been found" do
|
113
|
-
expect(model.find_by_credential("invalid")).to be_nil
|
114
|
-
end
|
115
|
-
|
116
|
-
it "raises error when no user has been found" do
|
117
|
-
expect {
|
118
|
-
model.find_by_credential!("invalid")
|
119
|
-
}.to raise_error(SimpleAuth::RecordNotFound)
|
120
|
-
end
|
121
|
-
|
122
|
-
it "skips password length validation when no password is set" do
|
123
|
-
expect {
|
124
|
-
subject.username = "jd"
|
125
|
-
subject.save!
|
126
|
-
}.not_to raise_error
|
127
|
-
end
|
128
|
-
|
129
|
-
it "enforces password length when password is set" do
|
130
|
-
subject.password = "a"
|
131
|
-
subject.valid?
|
132
|
-
expect(subject.errors[:password]).to have(1).item
|
133
|
-
end
|
134
|
-
|
135
|
-
it "accepts valid password" do
|
136
|
-
subject.password = "test"
|
137
|
-
subject.valid?
|
138
|
-
expect(subject.errors[:password]).to be_empty
|
139
|
-
end
|
140
|
-
|
141
|
-
it "returns user" do
|
142
|
-
expect(model.find_by_credential(subject.email)).to eq(subject)
|
143
|
-
expect(model.find_by_credential!(subject.email)).to eq(subject)
|
144
|
-
end
|
145
|
-
end
|
146
|
-
end
|