simple_token_auth 0.0.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (67) hide show
  1. checksums.yaml +7 -0
  2. data/MIT-LICENSE +20 -0
  3. data/Rakefile +32 -0
  4. data/lib/generators/active_record/simple_token_auth_generator.rb +15 -0
  5. data/lib/generators/simple_token_auth/install_generator.rb +39 -0
  6. data/lib/generators/simple_token_auth/simple_token_auth_generator.rb +15 -0
  7. data/lib/generators/templates/api_key.rb +30 -0
  8. data/lib/generators/templates/migration.rb +12 -0
  9. data/lib/generators/templates/simple_token_auth.rb +14 -0
  10. data/lib/simple_token_auth.rb +28 -0
  11. data/lib/simple_token_auth/authenticate_with_token.rb +54 -0
  12. data/lib/simple_token_auth/configuration.rb +29 -0
  13. data/lib/simple_token_auth/helpers.rb +20 -0
  14. data/lib/simple_token_auth/token_authenticatable.rb +31 -0
  15. data/lib/simple_token_auth/version.rb +3 -0
  16. data/lib/tasks/simple_token_auth_tasks.rake +4 -0
  17. data/test/dummy/README.rdoc +28 -0
  18. data/test/dummy/Rakefile +6 -0
  19. data/test/dummy/app/assets/javascripts/application.js +13 -0
  20. data/test/dummy/app/assets/javascripts/users.js +2 -0
  21. data/test/dummy/app/assets/stylesheets/application.css +15 -0
  22. data/test/dummy/app/assets/stylesheets/users.css +4 -0
  23. data/test/dummy/app/controllers/application_controller.rb +9 -0
  24. data/test/dummy/app/controllers/users_controller.rb +9 -0
  25. data/test/dummy/app/helpers/application_helper.rb +2 -0
  26. data/test/dummy/app/models/api_key.rb +26 -0
  27. data/test/dummy/app/models/user.rb +3 -0
  28. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  29. data/test/dummy/bin/bundle +3 -0
  30. data/test/dummy/bin/rails +4 -0
  31. data/test/dummy/bin/rake +4 -0
  32. data/test/dummy/config.ru +4 -0
  33. data/test/dummy/config/application.rb +23 -0
  34. data/test/dummy/config/boot.rb +5 -0
  35. data/test/dummy/config/database.yml +25 -0
  36. data/test/dummy/config/environment.rb +5 -0
  37. data/test/dummy/config/environments/development.rb +37 -0
  38. data/test/dummy/config/environments/production.rb +78 -0
  39. data/test/dummy/config/environments/test.rb +39 -0
  40. data/test/dummy/config/initializers/assets.rb +8 -0
  41. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  42. data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
  43. data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  44. data/test/dummy/config/initializers/inflections.rb +16 -0
  45. data/test/dummy/config/initializers/mime_types.rb +4 -0
  46. data/test/dummy/config/initializers/session_store.rb +3 -0
  47. data/test/dummy/config/initializers/simple_token_auth.rb +14 -0
  48. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  49. data/test/dummy/config/locales/en.yml +23 -0
  50. data/test/dummy/config/routes.rb +3 -0
  51. data/test/dummy/config/secrets.yml +22 -0
  52. data/test/dummy/db/development.sqlite3 +0 -0
  53. data/test/dummy/db/migrate/20141015200820_create_users.rb +8 -0
  54. data/test/dummy/db/migrate/20141203034209_simple_token_auth_migration.rb +12 -0
  55. data/test/dummy/db/schema.rb +31 -0
  56. data/test/dummy/db/test.sqlite3 +0 -0
  57. data/test/dummy/log/development.log +24 -0
  58. data/test/dummy/log/test.log +2946 -0
  59. data/test/dummy/public/404.html +67 -0
  60. data/test/dummy/public/422.html +67 -0
  61. data/test/dummy/public/500.html +66 -0
  62. data/test/dummy/public/favicon.ico +0 -0
  63. data/test/simple_token_auth/integration_test.rb +38 -0
  64. data/test/simple_token_auth/user_test.rb +18 -0
  65. data/test/simple_token_auth_test.rb +6 -0
  66. data/test/test_helper.rb +17 -0
  67. metadata +204 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 2aaf16b1c965cf81c5493fd2ea2631c88c603442
4
+ data.tar.gz: 13e203296f723ba40b6d26e66260b18624723877
5
+ SHA512:
6
+ metadata.gz: 33b9131c03bb9b7b28c83f8c4c3c953a095c3de2c562cd530284e376ff11e45be70726cb8075424a3f7ecfcb4e355cf2659ffadc4752ef942cf1c036c1e26aa6
7
+ data.tar.gz: 6743e331d39a3854367b804f94cec344a434bb42d2a01f46028a52063a024546929b49c0c0a8b0fe8c9c8ef520cd8db6327cc9388c1f2d1ff2444dc0b5cd6e5c
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright 2014 YOURNAME
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1,32 @@
1
+ begin
2
+ require 'bundler/setup'
3
+ rescue LoadError
4
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
+ end
6
+
7
+ require 'rdoc/task'
8
+
9
+ RDoc::Task.new(:rdoc) do |rdoc|
10
+ rdoc.rdoc_dir = 'rdoc'
11
+ rdoc.title = 'SimpleTokenAuth'
12
+ rdoc.options << '--line-numbers'
13
+ rdoc.rdoc_files.include('README.rdoc')
14
+ rdoc.rdoc_files.include('lib/**/*.rb')
15
+ end
16
+
17
+
18
+
19
+
20
+ Bundler::GemHelper.install_tasks
21
+
22
+ require 'rake/testtask'
23
+
24
+ Rake::TestTask.new(:test) do |t|
25
+ t.libs << 'lib'
26
+ t.libs << 'test'
27
+ t.pattern = 'test/**/*_test.rb'
28
+ t.verbose = false
29
+ end
30
+
31
+
32
+ task default: :test
@@ -0,0 +1,15 @@
1
+ require 'rails/generators/active_record'
2
+
3
+ module ActiveRecord
4
+ module Generators
5
+ class SimpleTokenAuthGenerator < ActiveRecord::Generators::Base
6
+ source_root File.expand_path("../templates", __FILE__)
7
+
8
+ def append_to_token_authenticatable_model
9
+ inject_into_class "app/models/#{name}.rb", name.camelize.constantize, <<-END
10
+ include SimpleTokenAuth::TokenAuthenticatable
11
+ END
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,39 @@
1
+ require 'rails/generators/base'
2
+
3
+ module SimpleTokenAuth
4
+ module Generators
5
+ class InstallGenerator < Rails::Generators::Base
6
+ include Rails::Generators::Migration
7
+
8
+ source_root File.expand_path("../../templates", __FILE__)
9
+
10
+ desc "Generates a TokenAuth initializer and migrations for api_key"
11
+
12
+ def self.orm
13
+ Rails::Generators.options[:rails][:orm]
14
+ end
15
+
16
+ def self.orm_has_migration?
17
+ [:active_record].include? orm
18
+ end
19
+
20
+ def self.next_migration_number(path)
21
+ Time.now.utc.strftime("%Y%m%d%H%M%S")
22
+ end
23
+
24
+ def create_migration_file
25
+ if self.class.orm_has_migration?
26
+ migration_template 'migration.rb', 'db/migrate/simple_token_auth_migration.rb'
27
+ end
28
+ end
29
+
30
+ def copy_initializer
31
+ template "simple_token_auth.rb", "config/initializers/simple_token_auth.rb"
32
+ end
33
+
34
+ def copy_api_key_model
35
+ template "api_key.rb", "app/models/api_key.rb"
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,15 @@
1
+ require 'rails/generators/named_base'
2
+
3
+ module SimpleTokenAuth
4
+ module Generators
5
+ class SimpleTokenAuthGenerator < Rails::Generators::NamedBase
6
+ include Rails::Generators::ResourceHelpers
7
+
8
+ namespace 'simple_token_auth'
9
+ source_root File.expand_path("../templates", __FILE__)
10
+
11
+ desc 'Insert include for given NAME model'
12
+ hook_for :orm
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,30 @@
1
+ class ApiKey < ActiveRecord::Base
2
+ belongs_to :token_authenticatable, polymorphic: true
3
+ before_create :renew
4
+
5
+ def expired?
6
+ expired_at < Time.now.utc
7
+ end
8
+
9
+ def renew!
10
+ renew
11
+ save!
12
+ end
13
+
14
+ private
15
+
16
+ def renew
17
+ generate_access_token
18
+ set_expiry_date
19
+ end
20
+
21
+ def set_expiry_date
22
+ self.expired_at = SimpleTokenAuth.expire_in.since
23
+ end
24
+
25
+ def generate_access_token
26
+ begin
27
+ self.access_token = SecureRandom.hex
28
+ end while self.class.exists?(access_token: access_token)
29
+ end
30
+ end
@@ -0,0 +1,12 @@
1
+ class SimpleTokenAuthMigration < ActiveRecord::Migration
2
+ def change
3
+ create_table :api_keys do |t|
4
+ t.integer :token_authenticatable_id, null: false
5
+ t.string :token_authenticatable_type, null: false
6
+ t.string :access_token, null: false
7
+ t.datetime :expired_at
8
+ t.datetime :created_at
9
+ end
10
+ add_index :api_keys, :access_token, unique: true
11
+ end
12
+ end
@@ -0,0 +1,14 @@
1
+ SimpleTokenAuth.configure do |config|
2
+ config.find_scope_strategy = -> (scope_class, token) do
3
+ field, token = token.split('.')
4
+ scope = scope_class.find(field.to_i)
5
+ [scope, token]
6
+ end
7
+
8
+ config.after_authenticated_strategy = -> (scope, controller) do
9
+ # Devise way of after authenticated a user
10
+ controller.sign_in scope, {}
11
+ end
12
+
13
+ config.expire_in = 3.hours
14
+ end
@@ -0,0 +1,28 @@
1
+ require_relative 'simple_token_auth/configuration'
2
+ require_relative 'simple_token_auth/helpers'
3
+
4
+ module SimpleTokenAuth
5
+ extend Configuration
6
+ extend Helpers
7
+
8
+ class << self
9
+ def compare_token(a, b)
10
+ compare_token_strategy.(a, b)
11
+ end
12
+
13
+ def generate_authentication_token
14
+ generate_authentication_token_strategy.()
15
+ end
16
+
17
+ def find_scope(scope_class, token)
18
+ find_scope_strategy.(scope_class, token)
19
+ end
20
+
21
+ def after_authenticated(scope, controller)
22
+ after_authenticated_strategy.(scope, controller)
23
+ end
24
+ end
25
+ end
26
+
27
+ require_relative 'simple_token_auth/authenticate_with_token'
28
+ require_relative 'simple_token_auth/token_authenticatable'
@@ -0,0 +1,54 @@
1
+ # Usage:
2
+ #
3
+ # class ApplicationController
4
+ # include SimpleTokenAuth::AuthenticateWithToken
5
+ # end
6
+ #
7
+ # class UserController < ApplicationController
8
+ # prepend_before_action :authenticate_user_from_token!
9
+ # end
10
+ #
11
+ module SimpleTokenAuth
12
+ module AuthenticateWithToken
13
+ def method_missing(method, *args, &block)
14
+ if m = method.to_s.match(/authenticate_(.+)_from_token!/)
15
+ send :authenticate_from_token!, m[1]
16
+ else
17
+ super
18
+ end
19
+ end
20
+
21
+ private
22
+
23
+ def authenticate_from_token!(scope_name)
24
+ scope_class = scope_name.camelize.constantize
25
+ authenticate_or_request_with_http_token do |token, options|
26
+ return false if token.blank?
27
+
28
+ scope, token = *find_scope(scope_class, token)
29
+ authenticated = false
30
+
31
+ if scope
32
+ api_key = scope.api_key
33
+ authenticated = api_key && !api_key.expired? && compare_token(api_key.access_token, token)
34
+ end
35
+
36
+ after_authenticated(scope, self) if authenticated
37
+
38
+ authenticated
39
+ end
40
+ end
41
+
42
+ def after_authenticated(*args)
43
+ SimpleTokenAuth.after_authenticated(*args)
44
+ end
45
+
46
+ def find_scope(*args)
47
+ SimpleTokenAuth.find_scope(*args)
48
+ end
49
+
50
+ def compare_token(a, b)
51
+ SimpleTokenAuth.compare_token(a, b)
52
+ end
53
+ end
54
+ end
@@ -0,0 +1,29 @@
1
+ module SimpleTokenAuth
2
+ module Configuration
3
+ mattr_accessor :generate_authentication_token_strategy
4
+ mattr_accessor :compare_token_strategy
5
+ mattr_accessor :find_scope_strategy
6
+ mattr_accessor :after_authenticated_strategy
7
+ mattr_accessor :expire_in
8
+
9
+ class MissingConfiguration
10
+ def initialize(message)
11
+ @message = message
12
+ end
13
+
14
+ def call(*args)
15
+ raise NotImplementedError, @message
16
+ end
17
+ end
18
+
19
+ # Defaults
20
+ @@generate_authentication_token_strategy = -> { SimpleTokenAuth.friendly_token }
21
+ @@compare_token_strategy = -> (a, b) { SimpleTokenAuth.secure_compare(a, b) }
22
+ @@find_scope_strategy = MissingConfiguration.new("find_scope_strategy needs to be configured")
23
+ @@after_authenticated_strategy = MissingConfiguration.new("after_authenticated_strategy needs to be configured")
24
+
25
+ def configure
26
+ yield self if block_given?
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,20 @@
1
+ # https://github.com/plataformatec/devise
2
+ #
3
+ module SimpleTokenAuth
4
+ module Helpers
5
+ # Generate a friendly string randomly to be used as token.
6
+ def friendly_token
7
+ SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
8
+ end
9
+
10
+ # constant-time comparison algorithm to prevent timing attacks
11
+ def secure_compare(a, b)
12
+ return false if a.blank? || b.blank? || a.bytesize != b.bytesize
13
+ l = a.unpack "C#{a.bytesize}"
14
+
15
+ res = 0
16
+ b.each_byte { |byte| res |= byte ^ l.shift }
17
+ res == 0
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,31 @@
1
+ # Ensures a token is generated
2
+ #
3
+ # class User < ActiveRecord::Base
4
+ # include SimpleTokenAuth::TokenAuthenticatable
5
+ # end
6
+ #
7
+ module SimpleTokenAuth
8
+ module TokenAuthenticatable
9
+ extend ActiveSupport::Concern
10
+
11
+ included do
12
+ before_save :ensure_api_key
13
+
14
+ has_one :api_key, as: :token_authenticatable
15
+ end
16
+
17
+ def auth_token
18
+ api_key.access_token
19
+ end
20
+
21
+ def renew_api_key
22
+ api_key.renew!
23
+ end
24
+
25
+ private
26
+
27
+ def ensure_api_key
28
+ build_api_key unless api_key.present?
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,3 @@
1
+ module SimpleTokenAuth
2
+ VERSION = "0.0.3"
3
+ end
@@ -0,0 +1,4 @@
1
+ # desc "Explaining what the task does"
2
+ # task :simple_token_auth do
3
+ # # Task goes here
4
+ # end
@@ -0,0 +1,28 @@
1
+ == README
2
+
3
+ This README would normally document whatever steps are necessary to get the
4
+ application up and running.
5
+
6
+ Things you may want to cover:
7
+
8
+ * Ruby version
9
+
10
+ * System dependencies
11
+
12
+ * Configuration
13
+
14
+ * Database creation
15
+
16
+ * Database initialization
17
+
18
+ * How to run the test suite
19
+
20
+ * Services (job queues, cache servers, search engines, etc.)
21
+
22
+ * Deployment instructions
23
+
24
+ * ...
25
+
26
+
27
+ Please feel free to use a different markup language if you do not plan to run
28
+ <tt>rake doc:app</tt>.
@@ -0,0 +1,6 @@
1
+ # Add your own tasks in files placed in lib/tasks ending in .rake,
2
+ # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3
+
4
+ require File.expand_path('../config/application', __FILE__)
5
+
6
+ Rails.application.load_tasks
@@ -0,0 +1,13 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file.
9
+ //
10
+ // Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require_tree .
@@ -0,0 +1,2 @@
1
+ // Place all the behaviors and hooks related to the matching controller here.
2
+ // All this logic will automatically be available in application.js.
@@ -0,0 +1,15 @@
1
+ /*
2
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
3
+ * listed below.
4
+ *
5
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
7
+ *
8
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9
+ * compiled file so the styles you add here take precedence over styles defined in any styles
10
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
11
+ * file per style scope.
12
+ *
13
+ *= require_tree .
14
+ *= require_self
15
+ */