simple_token_auth 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. checksums.yaml +7 -0
  2. data/MIT-LICENSE +20 -0
  3. data/Rakefile +32 -0
  4. data/lib/generators/active_record/simple_token_auth_generator.rb +15 -0
  5. data/lib/generators/simple_token_auth/install_generator.rb +39 -0
  6. data/lib/generators/simple_token_auth/simple_token_auth_generator.rb +15 -0
  7. data/lib/generators/templates/api_key.rb +30 -0
  8. data/lib/generators/templates/migration.rb +12 -0
  9. data/lib/generators/templates/simple_token_auth.rb +14 -0
  10. data/lib/simple_token_auth.rb +28 -0
  11. data/lib/simple_token_auth/authenticate_with_token.rb +54 -0
  12. data/lib/simple_token_auth/configuration.rb +29 -0
  13. data/lib/simple_token_auth/helpers.rb +20 -0
  14. data/lib/simple_token_auth/token_authenticatable.rb +31 -0
  15. data/lib/simple_token_auth/version.rb +3 -0
  16. data/lib/tasks/simple_token_auth_tasks.rake +4 -0
  17. data/test/dummy/README.rdoc +28 -0
  18. data/test/dummy/Rakefile +6 -0
  19. data/test/dummy/app/assets/javascripts/application.js +13 -0
  20. data/test/dummy/app/assets/javascripts/users.js +2 -0
  21. data/test/dummy/app/assets/stylesheets/application.css +15 -0
  22. data/test/dummy/app/assets/stylesheets/users.css +4 -0
  23. data/test/dummy/app/controllers/application_controller.rb +9 -0
  24. data/test/dummy/app/controllers/users_controller.rb +9 -0
  25. data/test/dummy/app/helpers/application_helper.rb +2 -0
  26. data/test/dummy/app/models/api_key.rb +26 -0
  27. data/test/dummy/app/models/user.rb +3 -0
  28. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  29. data/test/dummy/bin/bundle +3 -0
  30. data/test/dummy/bin/rails +4 -0
  31. data/test/dummy/bin/rake +4 -0
  32. data/test/dummy/config.ru +4 -0
  33. data/test/dummy/config/application.rb +23 -0
  34. data/test/dummy/config/boot.rb +5 -0
  35. data/test/dummy/config/database.yml +25 -0
  36. data/test/dummy/config/environment.rb +5 -0
  37. data/test/dummy/config/environments/development.rb +37 -0
  38. data/test/dummy/config/environments/production.rb +78 -0
  39. data/test/dummy/config/environments/test.rb +39 -0
  40. data/test/dummy/config/initializers/assets.rb +8 -0
  41. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  42. data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
  43. data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  44. data/test/dummy/config/initializers/inflections.rb +16 -0
  45. data/test/dummy/config/initializers/mime_types.rb +4 -0
  46. data/test/dummy/config/initializers/session_store.rb +3 -0
  47. data/test/dummy/config/initializers/simple_token_auth.rb +14 -0
  48. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  49. data/test/dummy/config/locales/en.yml +23 -0
  50. data/test/dummy/config/routes.rb +3 -0
  51. data/test/dummy/config/secrets.yml +22 -0
  52. data/test/dummy/db/development.sqlite3 +0 -0
  53. data/test/dummy/db/migrate/20141015200820_create_users.rb +8 -0
  54. data/test/dummy/db/migrate/20141203034209_simple_token_auth_migration.rb +12 -0
  55. data/test/dummy/db/schema.rb +31 -0
  56. data/test/dummy/db/test.sqlite3 +0 -0
  57. data/test/dummy/log/development.log +24 -0
  58. data/test/dummy/log/test.log +2946 -0
  59. data/test/dummy/public/404.html +67 -0
  60. data/test/dummy/public/422.html +67 -0
  61. data/test/dummy/public/500.html +66 -0
  62. data/test/dummy/public/favicon.ico +0 -0
  63. data/test/simple_token_auth/integration_test.rb +38 -0
  64. data/test/simple_token_auth/user_test.rb +18 -0
  65. data/test/simple_token_auth_test.rb +6 -0
  66. data/test/test_helper.rb +17 -0
  67. metadata +204 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 2aaf16b1c965cf81c5493fd2ea2631c88c603442
4
+ data.tar.gz: 13e203296f723ba40b6d26e66260b18624723877
5
+ SHA512:
6
+ metadata.gz: 33b9131c03bb9b7b28c83f8c4c3c953a095c3de2c562cd530284e376ff11e45be70726cb8075424a3f7ecfcb4e355cf2659ffadc4752ef942cf1c036c1e26aa6
7
+ data.tar.gz: 6743e331d39a3854367b804f94cec344a434bb42d2a01f46028a52063a024546929b49c0c0a8b0fe8c9c8ef520cd8db6327cc9388c1f2d1ff2444dc0b5cd6e5c
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright 2014 YOURNAME
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1,32 @@
1
+ begin
2
+ require 'bundler/setup'
3
+ rescue LoadError
4
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
+ end
6
+
7
+ require 'rdoc/task'
8
+
9
+ RDoc::Task.new(:rdoc) do |rdoc|
10
+ rdoc.rdoc_dir = 'rdoc'
11
+ rdoc.title = 'SimpleTokenAuth'
12
+ rdoc.options << '--line-numbers'
13
+ rdoc.rdoc_files.include('README.rdoc')
14
+ rdoc.rdoc_files.include('lib/**/*.rb')
15
+ end
16
+
17
+
18
+
19
+
20
+ Bundler::GemHelper.install_tasks
21
+
22
+ require 'rake/testtask'
23
+
24
+ Rake::TestTask.new(:test) do |t|
25
+ t.libs << 'lib'
26
+ t.libs << 'test'
27
+ t.pattern = 'test/**/*_test.rb'
28
+ t.verbose = false
29
+ end
30
+
31
+
32
+ task default: :test
@@ -0,0 +1,15 @@
1
+ require 'rails/generators/active_record'
2
+
3
+ module ActiveRecord
4
+ module Generators
5
+ class SimpleTokenAuthGenerator < ActiveRecord::Generators::Base
6
+ source_root File.expand_path("../templates", __FILE__)
7
+
8
+ def append_to_token_authenticatable_model
9
+ inject_into_class "app/models/#{name}.rb", name.camelize.constantize, <<-END
10
+ include SimpleTokenAuth::TokenAuthenticatable
11
+ END
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,39 @@
1
+ require 'rails/generators/base'
2
+
3
+ module SimpleTokenAuth
4
+ module Generators
5
+ class InstallGenerator < Rails::Generators::Base
6
+ include Rails::Generators::Migration
7
+
8
+ source_root File.expand_path("../../templates", __FILE__)
9
+
10
+ desc "Generates a TokenAuth initializer and migrations for api_key"
11
+
12
+ def self.orm
13
+ Rails::Generators.options[:rails][:orm]
14
+ end
15
+
16
+ def self.orm_has_migration?
17
+ [:active_record].include? orm
18
+ end
19
+
20
+ def self.next_migration_number(path)
21
+ Time.now.utc.strftime("%Y%m%d%H%M%S")
22
+ end
23
+
24
+ def create_migration_file
25
+ if self.class.orm_has_migration?
26
+ migration_template 'migration.rb', 'db/migrate/simple_token_auth_migration.rb'
27
+ end
28
+ end
29
+
30
+ def copy_initializer
31
+ template "simple_token_auth.rb", "config/initializers/simple_token_auth.rb"
32
+ end
33
+
34
+ def copy_api_key_model
35
+ template "api_key.rb", "app/models/api_key.rb"
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,15 @@
1
+ require 'rails/generators/named_base'
2
+
3
+ module SimpleTokenAuth
4
+ module Generators
5
+ class SimpleTokenAuthGenerator < Rails::Generators::NamedBase
6
+ include Rails::Generators::ResourceHelpers
7
+
8
+ namespace 'simple_token_auth'
9
+ source_root File.expand_path("../templates", __FILE__)
10
+
11
+ desc 'Insert include for given NAME model'
12
+ hook_for :orm
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,30 @@
1
+ class ApiKey < ActiveRecord::Base
2
+ belongs_to :token_authenticatable, polymorphic: true
3
+ before_create :renew
4
+
5
+ def expired?
6
+ expired_at < Time.now.utc
7
+ end
8
+
9
+ def renew!
10
+ renew
11
+ save!
12
+ end
13
+
14
+ private
15
+
16
+ def renew
17
+ generate_access_token
18
+ set_expiry_date
19
+ end
20
+
21
+ def set_expiry_date
22
+ self.expired_at = SimpleTokenAuth.expire_in.since
23
+ end
24
+
25
+ def generate_access_token
26
+ begin
27
+ self.access_token = SecureRandom.hex
28
+ end while self.class.exists?(access_token: access_token)
29
+ end
30
+ end
@@ -0,0 +1,12 @@
1
+ class SimpleTokenAuthMigration < ActiveRecord::Migration
2
+ def change
3
+ create_table :api_keys do |t|
4
+ t.integer :token_authenticatable_id, null: false
5
+ t.string :token_authenticatable_type, null: false
6
+ t.string :access_token, null: false
7
+ t.datetime :expired_at
8
+ t.datetime :created_at
9
+ end
10
+ add_index :api_keys, :access_token, unique: true
11
+ end
12
+ end
@@ -0,0 +1,14 @@
1
+ SimpleTokenAuth.configure do |config|
2
+ config.find_scope_strategy = -> (scope_class, token) do
3
+ field, token = token.split('.')
4
+ scope = scope_class.find(field.to_i)
5
+ [scope, token]
6
+ end
7
+
8
+ config.after_authenticated_strategy = -> (scope, controller) do
9
+ # Devise way of after authenticated a user
10
+ controller.sign_in scope, {}
11
+ end
12
+
13
+ config.expire_in = 3.hours
14
+ end
@@ -0,0 +1,28 @@
1
+ require_relative 'simple_token_auth/configuration'
2
+ require_relative 'simple_token_auth/helpers'
3
+
4
+ module SimpleTokenAuth
5
+ extend Configuration
6
+ extend Helpers
7
+
8
+ class << self
9
+ def compare_token(a, b)
10
+ compare_token_strategy.(a, b)
11
+ end
12
+
13
+ def generate_authentication_token
14
+ generate_authentication_token_strategy.()
15
+ end
16
+
17
+ def find_scope(scope_class, token)
18
+ find_scope_strategy.(scope_class, token)
19
+ end
20
+
21
+ def after_authenticated(scope, controller)
22
+ after_authenticated_strategy.(scope, controller)
23
+ end
24
+ end
25
+ end
26
+
27
+ require_relative 'simple_token_auth/authenticate_with_token'
28
+ require_relative 'simple_token_auth/token_authenticatable'
@@ -0,0 +1,54 @@
1
+ # Usage:
2
+ #
3
+ # class ApplicationController
4
+ # include SimpleTokenAuth::AuthenticateWithToken
5
+ # end
6
+ #
7
+ # class UserController < ApplicationController
8
+ # prepend_before_action :authenticate_user_from_token!
9
+ # end
10
+ #
11
+ module SimpleTokenAuth
12
+ module AuthenticateWithToken
13
+ def method_missing(method, *args, &block)
14
+ if m = method.to_s.match(/authenticate_(.+)_from_token!/)
15
+ send :authenticate_from_token!, m[1]
16
+ else
17
+ super
18
+ end
19
+ end
20
+
21
+ private
22
+
23
+ def authenticate_from_token!(scope_name)
24
+ scope_class = scope_name.camelize.constantize
25
+ authenticate_or_request_with_http_token do |token, options|
26
+ return false if token.blank?
27
+
28
+ scope, token = *find_scope(scope_class, token)
29
+ authenticated = false
30
+
31
+ if scope
32
+ api_key = scope.api_key
33
+ authenticated = api_key && !api_key.expired? && compare_token(api_key.access_token, token)
34
+ end
35
+
36
+ after_authenticated(scope, self) if authenticated
37
+
38
+ authenticated
39
+ end
40
+ end
41
+
42
+ def after_authenticated(*args)
43
+ SimpleTokenAuth.after_authenticated(*args)
44
+ end
45
+
46
+ def find_scope(*args)
47
+ SimpleTokenAuth.find_scope(*args)
48
+ end
49
+
50
+ def compare_token(a, b)
51
+ SimpleTokenAuth.compare_token(a, b)
52
+ end
53
+ end
54
+ end
@@ -0,0 +1,29 @@
1
+ module SimpleTokenAuth
2
+ module Configuration
3
+ mattr_accessor :generate_authentication_token_strategy
4
+ mattr_accessor :compare_token_strategy
5
+ mattr_accessor :find_scope_strategy
6
+ mattr_accessor :after_authenticated_strategy
7
+ mattr_accessor :expire_in
8
+
9
+ class MissingConfiguration
10
+ def initialize(message)
11
+ @message = message
12
+ end
13
+
14
+ def call(*args)
15
+ raise NotImplementedError, @message
16
+ end
17
+ end
18
+
19
+ # Defaults
20
+ @@generate_authentication_token_strategy = -> { SimpleTokenAuth.friendly_token }
21
+ @@compare_token_strategy = -> (a, b) { SimpleTokenAuth.secure_compare(a, b) }
22
+ @@find_scope_strategy = MissingConfiguration.new("find_scope_strategy needs to be configured")
23
+ @@after_authenticated_strategy = MissingConfiguration.new("after_authenticated_strategy needs to be configured")
24
+
25
+ def configure
26
+ yield self if block_given?
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,20 @@
1
+ # https://github.com/plataformatec/devise
2
+ #
3
+ module SimpleTokenAuth
4
+ module Helpers
5
+ # Generate a friendly string randomly to be used as token.
6
+ def friendly_token
7
+ SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
8
+ end
9
+
10
+ # constant-time comparison algorithm to prevent timing attacks
11
+ def secure_compare(a, b)
12
+ return false if a.blank? || b.blank? || a.bytesize != b.bytesize
13
+ l = a.unpack "C#{a.bytesize}"
14
+
15
+ res = 0
16
+ b.each_byte { |byte| res |= byte ^ l.shift }
17
+ res == 0
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,31 @@
1
+ # Ensures a token is generated
2
+ #
3
+ # class User < ActiveRecord::Base
4
+ # include SimpleTokenAuth::TokenAuthenticatable
5
+ # end
6
+ #
7
+ module SimpleTokenAuth
8
+ module TokenAuthenticatable
9
+ extend ActiveSupport::Concern
10
+
11
+ included do
12
+ before_save :ensure_api_key
13
+
14
+ has_one :api_key, as: :token_authenticatable
15
+ end
16
+
17
+ def auth_token
18
+ api_key.access_token
19
+ end
20
+
21
+ def renew_api_key
22
+ api_key.renew!
23
+ end
24
+
25
+ private
26
+
27
+ def ensure_api_key
28
+ build_api_key unless api_key.present?
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,3 @@
1
+ module SimpleTokenAuth
2
+ VERSION = "0.0.3"
3
+ end
@@ -0,0 +1,4 @@
1
+ # desc "Explaining what the task does"
2
+ # task :simple_token_auth do
3
+ # # Task goes here
4
+ # end
@@ -0,0 +1,28 @@
1
+ == README
2
+
3
+ This README would normally document whatever steps are necessary to get the
4
+ application up and running.
5
+
6
+ Things you may want to cover:
7
+
8
+ * Ruby version
9
+
10
+ * System dependencies
11
+
12
+ * Configuration
13
+
14
+ * Database creation
15
+
16
+ * Database initialization
17
+
18
+ * How to run the test suite
19
+
20
+ * Services (job queues, cache servers, search engines, etc.)
21
+
22
+ * Deployment instructions
23
+
24
+ * ...
25
+
26
+
27
+ Please feel free to use a different markup language if you do not plan to run
28
+ <tt>rake doc:app</tt>.
@@ -0,0 +1,6 @@
1
+ # Add your own tasks in files placed in lib/tasks ending in .rake,
2
+ # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3
+
4
+ require File.expand_path('../config/application', __FILE__)
5
+
6
+ Rails.application.load_tasks
@@ -0,0 +1,13 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file.
9
+ //
10
+ // Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require_tree .
@@ -0,0 +1,2 @@
1
+ // Place all the behaviors and hooks related to the matching controller here.
2
+ // All this logic will automatically be available in application.js.
@@ -0,0 +1,15 @@
1
+ /*
2
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
3
+ * listed below.
4
+ *
5
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
7
+ *
8
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9
+ * compiled file so the styles you add here take precedence over styles defined in any styles
10
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
11
+ * file per style scope.
12
+ *
13
+ *= require_tree .
14
+ *= require_self
15
+ */