simple_auth 2.0.4 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (66) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -0
  3. data/.travis.yml +6 -9
  4. data/CHANGELOG.md +4 -0
  5. data/Gemfile +1 -1
  6. data/MIGRATE.md +40 -0
  7. data/README.md +34 -137
  8. data/Rakefile +8 -18
  9. data/bin/console +5 -0
  10. data/gemfiles/{rails_4_1.gemfile → rails_4_2.gemfile} +1 -1
  11. data/gemfiles/{rails_4_0.gemfile → rails_5_0.gemfile} +1 -1
  12. data/lib/simple_auth.rb +26 -11
  13. data/lib/simple_auth/action_controller.rb +53 -81
  14. data/lib/simple_auth/action_controller/require_login_action.rb +47 -0
  15. data/lib/simple_auth/config.rb +13 -36
  16. data/lib/simple_auth/generator.rb +2 -2
  17. data/lib/simple_auth/railtie.rb +0 -11
  18. data/lib/simple_auth/session.rb +19 -143
  19. data/lib/simple_auth/templates/install/initializer.rb +23 -0
  20. data/lib/simple_auth/version.rb +1 -6
  21. data/simple_auth.gemspec +6 -3
  22. data/test/controllers/admin/dashboard_controller_test.rb +31 -0
  23. data/test/controllers/dashboard_controller_test.rb +56 -0
  24. data/test/controllers/pages_controller_test.rb +16 -0
  25. data/test/generators/install_test.rb +13 -0
  26. data/test/support/dummy/app/controllers/admin/dashboard_controller.rb +35 -0
  27. data/{spec/support → test/support/dummy}/app/controllers/application_controller.rb +0 -0
  28. data/test/support/dummy/app/controllers/dashboard_controller.rb +23 -0
  29. data/test/support/dummy/app/controllers/pages_controller.rb +7 -0
  30. data/{spec/support → test/support/dummy}/app/models/user.rb +1 -1
  31. data/test/support/dummy/config/application.rb +17 -0
  32. data/test/support/dummy/config/initializers/simple_auth.rb +23 -0
  33. data/test/support/dummy/config/routes.rb +23 -0
  34. data/test/support/schema.rb +6 -0
  35. data/test/test_helper.rb +15 -0
  36. metadata +75 -65
  37. data/.rspec +0 -1
  38. data/gemfiles/rails_3_1.gemfile +0 -5
  39. data/gemfiles/rails_3_2.gemfile +0 -5
  40. data/lib/simple_auth/active_record.rb +0 -95
  41. data/lib/simple_auth/compat.rb +0 -2
  42. data/lib/simple_auth/compat/active_record.rb +0 -28
  43. data/lib/simple_auth/compat/config.rb +0 -17
  44. data/lib/simple_auth/exceptions.rb +0 -4
  45. data/lib/simple_auth/helper.rb +0 -12
  46. data/lib/simple_auth/rspec.rb +0 -29
  47. data/locales/en.yml +0 -5
  48. data/locales/pt-BR.yml +0 -5
  49. data/spec/controllers/redirect_logged_user_spec.rb +0 -87
  50. data/spec/controllers/require_logged_user_spec.rb +0 -146
  51. data/spec/schema.rb +0 -9
  52. data/spec/simple_auth/active_record_spec.rb +0 -146
  53. data/spec/simple_auth/compat_spec.rb +0 -45
  54. data/spec/simple_auth/config_spec.rb +0 -21
  55. data/spec/simple_auth/helper_spec.rb +0 -24
  56. data/spec/simple_auth/initializer_spec.rb +0 -9
  57. data/spec/simple_auth/session_spec.rb +0 -212
  58. data/spec/spec_helper.rb +0 -23
  59. data/spec/support/app/models/customer.rb +0 -3
  60. data/spec/support/app/models/person.rb +0 -4
  61. data/spec/support/app/views/dashboard/index.erb +0 -0
  62. data/spec/support/app/views/session/new.erb +0 -0
  63. data/spec/support/config/boot.rb +0 -16
  64. data/spec/support/config/database.yml +0 -3
  65. data/spec/support/config/routes.rb +0 -4
  66. data/templates/initializer.rb +0 -22
@@ -1,2 +0,0 @@
1
- require "simple_auth/compat/config"
2
- require "simple_auth/compat/active_record"
@@ -1,28 +0,0 @@
1
- module SimpleAuth
2
- def self.migrate_passwords!
3
- require "ostruct"
4
-
5
- generator = OpenStruct.new.extend(ActiveModel::SecurePassword::InstanceMethodsOnActivation)
6
-
7
- Config.model_class.find_each do |record|
8
- generator.password = record.password_hash
9
-
10
- Config.model_class
11
- .where(id: record.id)
12
- .update_all(password_digest: generator.password_digest)
13
- end
14
- end
15
-
16
- module ActiveRecord
17
- module InstanceMethods
18
- def password=(password)
19
- super SimpleAuth::Config.crypter.call(password, password_salt)
20
- @password = password
21
- end
22
-
23
- def authenticate(password)
24
- super SimpleAuth::Config.crypter.call(password, password_salt)
25
- end
26
- end
27
- end
28
- end
@@ -1,17 +0,0 @@
1
- module SimpleAuth
2
- class Config
3
- # Generate the password hash. The specified block should expected
4
- # the plain password and the password hash as block parameters.
5
- cattr_accessor :crypter
6
- @@crypter = proc do |password, salt|
7
- Digest::SHA256.hexdigest [password, salt].join("--")
8
- end
9
-
10
- # Generate the password salt. The specified block should expect
11
- # the ActiveRecord instance as block parameter.
12
- cattr_accessor :salt
13
- @@salt = proc do |record|
14
- Digest::SHA256.hexdigest [Time.to_s, SecureRandom.hex(32)].join("--")
15
- end
16
- end
17
- end
@@ -1,4 +0,0 @@
1
- module SimpleAuth
2
- class RecordNotFound < StandardError; end
3
- class NotAuthorized < StandardError; end
4
- end
@@ -1,12 +0,0 @@
1
- module SimpleAuth
2
- module Helper
3
- # Renders the specified block for logged users.
4
- #
5
- # <% when_logged do %>
6
- # <!-- content for logged users -->
7
- # <% end %>
8
- def when_logged(&block)
9
- capture(&block) if logged_in?
10
- end
11
- end
12
- end
@@ -1,29 +0,0 @@
1
- module SimpleAuth
2
- module RSpec
3
- # A simple helper to stub current session options.
4
- #
5
- # simple_auth(:user => User.first) # the most common case
6
- # simple_auth(:authorized => false)
7
- # simple_auth(:session => mock("current_session", :valid? => false))
8
- #
9
- # This is how you set it up:
10
- #
11
- # # spec/spec_helper.rb
12
- # require "simple_auth/rspec"
13
- # RSpec.configure {|c| c.include SimpleAuth::RSpec, :type => :controller}
14
- #
15
- def simple_auth(options = {})
16
- options.reverse_merge!({
17
- :session => double("current_session").as_null_object,
18
- :authorized => true,
19
- :user => double("current_user").as_null_object
20
- })
21
-
22
- controller.stub({
23
- :current_user => options[:user],
24
- :authorized? => options[:authorized],
25
- :current_session => options[:session]
26
- })
27
- end
28
- end
29
- end
@@ -1,5 +0,0 @@
1
- en:
2
- simple_auth:
3
- sessions:
4
- need_to_be_logged: "You need to be logged"
5
- invalid_credentials: "Invalid username or password"
@@ -1,5 +0,0 @@
1
- pt-BR:
2
- simple_auth:
3
- sessions:
4
- need_to_be_logged: "Você precisa estar logado"
5
- invalid_credentials: "Usuário ou senha inválidos"
@@ -1,87 +0,0 @@
1
- require "spec_helper"
2
-
3
- describe ApplicationController do
4
- let(:user) {
5
- User.create(
6
- :login => "johndoe",
7
- :email => "john@doe.com",
8
- :password => "test",
9
- :password_confirmation => "test"
10
- )
11
- }
12
-
13
- context "redirecting logged users" do
14
- context "using hash" do
15
- controller ApplicationController do
16
- redirect_logged_user :to => { :controller => "dashboard" }
17
-
18
- def index
19
- render :text => "Rendered"
20
- end
21
- end
22
-
23
- it "redirects logged users" do
24
- session[:user_id] = user.id
25
- get :index
26
-
27
- expect(response.code).to match(/302/)
28
- expect(response).to redirect_to("/dashboard")
29
- end
30
- end
31
-
32
- context "using block" do
33
- controller ApplicationController do
34
- redirect_logged_user :to => proc { dashboard_path }
35
-
36
- def index
37
- render :text => "Rendered"
38
- end
39
- end
40
-
41
- it "redirects logged users" do
42
- session[:user_id] = user.id
43
- get :index
44
-
45
- expect(response.code).to match(/302/)
46
- expect(response).to redirect_to("/dashboard")
47
- end
48
- end
49
-
50
- context "using configuration" do
51
- controller ApplicationController do
52
- redirect_logged_user
53
-
54
- def index
55
- render :text => "Rendered"
56
- end
57
- end
58
-
59
- it "redirects logged users" do
60
- SimpleAuth::Config.logged_url = proc { dashboard_path }
61
- session[:user_id] = user.id
62
- get :index
63
-
64
- expect(response.code).to match(/302/)
65
- expect(response).to redirect_to("/dashboard")
66
- end
67
- end
68
-
69
- context "when unlogged" do
70
- controller ApplicationController do
71
- redirect_logged_user :to => { :controller => "dashboard" }
72
-
73
- def index
74
- render :text => "Rendered"
75
- end
76
- end
77
-
78
- it "renders page" do
79
- session[:user_id] = nil
80
- get :index
81
-
82
- expect(response.code).to match(/200/)
83
- expect(response.body).to eq("Rendered")
84
- end
85
- end
86
- end
87
- end
@@ -1,146 +0,0 @@
1
- require "spec_helper"
2
-
3
- describe ApplicationController do
4
- let(:user) {
5
- User.create(
6
- :login => "johndoe",
7
- :email => "john@doe.com",
8
- :password => "test",
9
- :password_confirmation => "test"
10
- )
11
- }
12
-
13
- before do
14
- session[:user_id] = {}
15
- end
16
-
17
- context "redirecting to requested page" do
18
- controller ApplicationController do
19
- require_logged_user :to => "/login"
20
-
21
- def index
22
- render :text => "Rendered"
23
- end
24
- end
25
-
26
- it "keeps other session data" do
27
- session[:skip_intro] = true
28
- get :index
29
- expect(session[:skip_intro]).to be_truthy
30
- end
31
-
32
- it "removes record id from session" do
33
- session[:user_id] = 0
34
- get :index
35
- expect(session).not_to have_key(:user)
36
- end
37
-
38
- it "removes session id from session" do
39
- session[:session_id] = "xSQR"
40
- get :index
41
- expect(session).not_to have_key(:session_id)
42
- end
43
-
44
- it "returns the request url" do
45
- get :index, :some => "param"
46
- expect(controller.send(:return_to, "/dashboard")).to eq("/anonymous?some=param")
47
- end
48
-
49
- it "returns the default url" do
50
- expect(controller.send(:return_to, "/dashboard")).to eq("/dashboard")
51
- end
52
-
53
- it "sets return to" do
54
- get :index, :some => "param"
55
- expect(session[:return_to]).to eq("/anonymous?some=param")
56
- end
57
-
58
- it "removes return to from session" do
59
- get :index, :some => "param"
60
- controller.send(:return_to, "/dashboard")
61
- expect(session[:return_to]).to be_nil
62
- end
63
-
64
- it "sets warning message" do
65
- get :index
66
- expect(flash[:alert]).to eq("You need to be logged")
67
- end
68
-
69
- it "redirects when user is not authorized on controller level" do
70
- session[:user_id] = user.id
71
- expect(@controller).to receive(:authorized?).and_return(false)
72
-
73
- get :index
74
- expect(response).to redirect_to("/login")
75
- end
76
-
77
- it "redirects when session is not valid" do
78
- session[:user_id] = "invalid"
79
-
80
- get :index
81
- expect(response).to redirect_to("/login")
82
- end
83
-
84
- context "using hash" do
85
- controller ApplicationController do
86
- require_logged_user :to => {:controller => "session", :action => "new"}
87
-
88
- def index
89
- render :text => "Rendered"
90
- end
91
- end
92
-
93
- it "is redirected" do
94
- get :index
95
- expect(response).to redirect_to("/login")
96
- end
97
- end
98
-
99
- context "using block" do
100
- controller ApplicationController do
101
- require_logged_user :to => proc { login_path }
102
-
103
- def index
104
- render :text => "Rendered"
105
- end
106
- end
107
-
108
- it "is redirected" do
109
- get :index
110
- expect(response).to redirect_to("/login")
111
- end
112
- end
113
-
114
- context "using configuration" do
115
- controller ApplicationController do
116
- require_logged_user
117
-
118
- def index
119
- render :text => "Rendered"
120
- end
121
- end
122
-
123
- it "is redirected" do
124
- SimpleAuth::Config.login_url = "/login"
125
- get :index
126
- expect(response).to redirect_to("/login")
127
- end
128
- end
129
- end
130
-
131
- context "when logged" do
132
- controller ApplicationController do
133
- require_logged_user
134
-
135
- def index
136
- render :text => "Rendered"
137
- end
138
- end
139
-
140
- it "renders page" do
141
- session[:user_id] = user.id
142
- get :index
143
- expect(response.body).to eq("Rendered")
144
- end
145
- end
146
- end
@@ -1,9 +0,0 @@
1
- ActiveRecord::Schema.define(:version => 0) do
2
- create_table :users do |t|
3
- t.string :email, :login, :password_digest, :username
4
- end
5
-
6
- create_table :customers do |t|
7
- t.string :email, :login, :password_digest, :password_salt
8
- end
9
- end
@@ -1,146 +0,0 @@
1
- require "spec_helper"
2
-
3
- describe SimpleAuth::ActiveRecord do
4
- let(:model) { User }
5
- let(:model_name) { :user }
6
- subject { model.new }
7
-
8
- before do
9
- SimpleAuth::Config.model = model_name
10
- end
11
-
12
- context "configuration" do
13
- it "sets credentials" do
14
- model.authentication do |config|
15
- config.credentials = ["uid"]
16
- end
17
-
18
- expect(SimpleAuth::Config.credentials).to eq(["uid"])
19
- end
20
-
21
- it "automatically sets model" do
22
- model.authentication do |config|
23
- config.model = nil
24
- end
25
-
26
- expect(SimpleAuth::Config.model).to eq(model_name)
27
- end
28
- end
29
-
30
- context "new record" do
31
- before do
32
- expect(subject).not_to be_valid
33
- end
34
-
35
- it "requires password", if: $rails_version >= "4.0" do
36
- expect(subject.errors[:password]).not_to be_empty
37
- end
38
-
39
- it "requires password", if: $rails_version < "4.0" do
40
- expect(subject.errors[:password_digest]).not_to be_empty
41
- end
42
-
43
- it "requires password to be at least 4-chars long" do
44
- subject.password = "123"
45
- expect(subject).not_to be_valid
46
- expect(subject.errors[:password]).not_to be_empty
47
- end
48
-
49
- it "requires password confirmation", if: $rails_version >= "4.0" do
50
- user = User.create(password: "test", password_confirmation: "invalid")
51
- expect(user.errors[:password_confirmation]).not_to be_empty
52
- end
53
-
54
- it "requires password confirmation", if: $rails_version < "4.0" do
55
- user = User.create(password: "test", password_confirmation: "invalid")
56
- expect(user.errors[:password]).not_to be_empty
57
- end
58
- end
59
-
60
- context "ignoring validations" do
61
- it "ignores validations", if: $rails_version >= "4.0" do
62
- person = Person.new
63
- expect(person).to be_valid
64
- end
65
- end
66
-
67
- context "existing record" do
68
- before do
69
- model.delete_all
70
- model.create!(
71
- :email => "john@doe.com",
72
- :login => "johndoe",
73
- :password => "test",
74
- :password_confirmation => "test",
75
- :username => "john"
76
- )
77
- end
78
-
79
- subject { model.first }
80
-
81
- it "requires password", if: $rails_version >= "4.0" do
82
- user = User.create(password: nil)
83
- expect(user.errors[:password]).not_to be_empty
84
- end
85
-
86
- it "requires password", if: $rails_version < "4.0" do
87
- user = User.create(password: nil)
88
- expect(user.errors[:password_digest]).not_to be_empty
89
- end
90
-
91
- it "authenticates using email" do
92
- expect(model.authenticate("john@doe.com", "test")).to eq(subject)
93
- end
94
-
95
- it "authenticates using login" do
96
- expect(model.authenticate("johndoe", "test")).to eq(subject)
97
- end
98
-
99
- it "authenticates using custom attribute" do
100
- SimpleAuth::Config.credentials = [:username]
101
- expect(model.authenticate("john", "test")).to eq(subject)
102
- end
103
-
104
- it "doesn't authenticate using invalid credential" do
105
- expect(model.authenticate("invalid", "test")).to be_nil
106
- end
107
-
108
- it "doesn't authenticate using wrong password" do
109
- expect(model.authenticate("johndoe", "invalid")).not_to be
110
- end
111
-
112
- it "returns nil when no user has been found" do
113
- expect(model.find_by_credential("invalid")).to be_nil
114
- end
115
-
116
- it "raises error when no user has been found" do
117
- expect {
118
- model.find_by_credential!("invalid")
119
- }.to raise_error(SimpleAuth::RecordNotFound)
120
- end
121
-
122
- it "skips password length validation when no password is set" do
123
- expect {
124
- subject.username = "jd"
125
- subject.save!
126
- }.not_to raise_error
127
- end
128
-
129
- it "enforces password length when password is set" do
130
- subject.password = "a"
131
- subject.valid?
132
- expect(subject.errors[:password]).to have(1).item
133
- end
134
-
135
- it "accepts valid password" do
136
- subject.password = "test"
137
- subject.valid?
138
- expect(subject.errors[:password]).to be_empty
139
- end
140
-
141
- it "returns user" do
142
- expect(model.find_by_credential(subject.email)).to eq(subject)
143
- expect(model.find_by_credential!(subject.email)).to eq(subject)
144
- end
145
- end
146
- end