simple_token_authentication 1.0.0.beta.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE +674 -0
- data/README.md +134 -0
- data/Rakefile +32 -0
- data/lib/simple_token_authentication.rb +5 -0
- data/lib/simple_token_authentication/acts_as_token_authenticatable.rb +33 -0
- data/lib/simple_token_authentication/acts_as_token_authentication_handler.rb +68 -0
- data/lib/simple_token_authentication/version.rb +3 -0
- data/lib/tasks/simple_token_authentication_tasks.rake +4 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/javascripts/application.js +13 -0
- data/test/dummy/app/assets/javascripts/posts.js +2 -0
- data/test/dummy/app/assets/javascripts/private_posts.js +2 -0
- data/test/dummy/app/assets/stylesheets/application.css +13 -0
- data/test/dummy/app/assets/stylesheets/posts.css +4 -0
- data/test/dummy/app/assets/stylesheets/private_posts.css +4 -0
- data/test/dummy/app/assets/stylesheets/scaffold.css +56 -0
- data/test/dummy/app/controllers/application_controller.rb +21 -0
- data/test/dummy/app/controllers/posts_controller.rb +62 -0
- data/test/dummy/app/controllers/private_posts_controller.rb +63 -0
- data/test/dummy/app/helpers/application_helper.rb +2 -0
- data/test/dummy/app/helpers/posts_helper.rb +2 -0
- data/test/dummy/app/helpers/private_posts_helper.rb +2 -0
- data/test/dummy/app/models/post.rb +3 -0
- data/test/dummy/app/models/private_post.rb +3 -0
- data/test/dummy/app/models/user.rb +2 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/app/views/posts/_form.html.erb +29 -0
- data/test/dummy/app/views/posts/edit.html.erb +6 -0
- data/test/dummy/app/views/posts/index.html.erb +31 -0
- data/test/dummy/app/views/posts/new.html.erb +5 -0
- data/test/dummy/app/views/posts/show.html.erb +19 -0
- data/test/dummy/app/views/private_posts/_form.html.erb +29 -0
- data/test/dummy/app/views/private_posts/edit.html.erb +6 -0
- data/test/dummy/app/views/private_posts/index.html.erb +31 -0
- data/test/dummy/app/views/private_posts/new.html.erb +5 -0
- data/test/dummy/app/views/private_posts/show.html.erb +19 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +4 -0
- data/test/dummy/bin/rake +4 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +25 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +29 -0
- data/test/dummy/config/environments/production.rb +80 -0
- data/test/dummy/config/environments/test.rb +36 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/indefinite_articlerize.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +5 -0
- data/test/dummy/config/initializers/secret_token.rb +12 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +60 -0
- data/test/dummy/db/development.sqlite3 +0 -0
- data/test/dummy/db/migrate/20140107041016_create_posts.rb +11 -0
- data/test/dummy/db/migrate/20140107053025_create_users.rb +6 -0
- data/test/dummy/db/migrate/20140107064508_create_private_posts.rb +11 -0
- data/test/dummy/db/schema.rb +35 -0
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/lib/generators/rspec/controller/controller_generator.rb +33 -0
- data/test/dummy/lib/generators/rspec/helper/helper_generator.rb +15 -0
- data/test/dummy/lib/generators/rspec/model/model_generator.rb +22 -0
- data/test/dummy/lib/generators/rspec/scaffold/scaffold_generator.rb +192 -0
- data/test/dummy/lib/templates/rspec/controller/controller_spec.rb +16 -0
- data/test/dummy/lib/templates/rspec/controller/view_spec.rb +5 -0
- data/test/dummy/lib/templates/rspec/helper/helper_spec.rb +0 -0
- data/test/dummy/lib/templates/rspec/model/model_spec.rb +65 -0
- data/test/dummy/lib/templates/rspec/model/model_spec_backup.rb +19 -0
- data/test/dummy/lib/templates/rspec/scaffold/controller_spec.rb +168 -0
- data/test/dummy/lib/templates/rspec/scaffold/edit_spec.rb +31 -0
- data/test/dummy/lib/templates/rspec/scaffold/index_spec.rb +32 -0
- data/test/dummy/lib/templates/rspec/scaffold/new_spec.rb +30 -0
- data/test/dummy/lib/templates/rspec/scaffold/routing_spec.rb +39 -0
- data/test/dummy/lib/templates/rspec/scaffold/show_spec.rb +28 -0
- data/test/dummy/log/development.log +3437 -0
- data/test/dummy/log/test.log +22013 -0
- data/test/dummy/public/404.html +58 -0
- data/test/dummy/public/422.html +58 -0
- data/test/dummy/public/500.html +57 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/dummy/spec/controllers/posts_controller_spec.rb +161 -0
- data/test/dummy/spec/controllers/private_posts_controller_spec.rb +41 -0
- data/test/dummy/spec/factories/posts.rb +11 -0
- data/test/dummy/spec/factories/private_posts.rb +11 -0
- data/test/dummy/spec/helpers/posts_helper_spec.rb +0 -0
- data/test/dummy/spec/helpers/private_posts_helper_spec.rb +0 -0
- data/test/dummy/spec/models/post_spec.rb +65 -0
- data/test/dummy/spec/models/private_post_spec.rb +65 -0
- data/test/dummy/spec/models/user_spec.rb +61 -0
- data/test/dummy/spec/requests/posts_spec.rb +16 -0
- data/test/dummy/spec/requests/private_posts_spec.rb +17 -0
- data/test/dummy/spec/routing/posts_routing_spec.rb +35 -0
- data/test/dummy/spec/routing/private_posts_routing_spec.rb +35 -0
- data/test/dummy/spec/spec_helper.rb +42 -0
- data/test/dummy/spec/support/factory_girl.rb +6 -0
- data/test/dummy/spec/views/posts/edit.html.erb_spec.rb +22 -0
- data/test/dummy/spec/views/posts/index.html.erb_spec.rb +26 -0
- data/test/dummy/spec/views/posts/new.html.erb_spec.rb +22 -0
- data/test/dummy/spec/views/posts/show.html.erb_spec.rb +19 -0
- data/test/dummy/spec/views/private_posts/edit.html.erb_spec.rb +22 -0
- data/test/dummy/spec/views/private_posts/index.html.erb_spec.rb +26 -0
- data/test/dummy/spec/views/private_posts/new.html.erb_spec.rb +22 -0
- data/test/dummy/spec/views/private_posts/show.html.erb_spec.rb +19 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/13fe41fee1fe35b49d145bcc06610705 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/2f5173deea6c795b8fdde723bb4b63af +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/357970feca3ac29060c1e3861e2c0953 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/371bf96e99717688ed7313a0c53f4212 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/4050a4e5062ab95c9f32e9b6940821ea +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/416150dc3ac35079c94273cc46e90aa6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/5384ad85f52d3272dbc64d46ef3876a4 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/5f1a0d05e77ca8b9a1fc2a47e17a8174 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/6fc757c2c8329244ca95d6909865bbc2 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/87b209c0c9da28094a8d5581a21262c6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/c85016e7bbd4f3adbb7635d01f85d39b +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/cffd775d018f68ce5dba1ee0d951a994 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/d066c004d1fd26ae76a61303a7a18145 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/d771ace226fc8215a3572e0aa35bb0d6 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f56253b5f374fff1a33fbbc9881c9124 +0 -0
- data/test/dummy/tmp/cache/assets/test/sprockets/f7cbd26ba1d28d48de824f0e94586655 +0 -0
- data/test/simple_token_authentication_test.rb +7 -0
- data/test/test_helper.rb +15 -0
- metadata +384 -0
data/README.md
ADDED
@@ -0,0 +1,134 @@
|
|
1
|
+
Simple Token Authentication
|
2
|
+
===========================
|
3
|
+
|
4
|
+
[![Gem Version](https://badge.fury.io/rb/simple_token_authentication.png)](http://badge.fury.io/rb/simple_token_authentication)
|
5
|
+
[![Build Status](https://secure.travis-ci.org/gonzalo-bulnes/simple_token_authentication?branch=master)](http://travis-ci.org/gonzalo-bulnes/simple_token_authentication)
|
6
|
+
|
7
|
+
Token authentication support has been removed from [Devise][devise] for security reasons. In [this gist][original-gist], Devise's [José Valim][josevalim] explains how token authentication should be performed in order to remain safe.
|
8
|
+
|
9
|
+
This gem packages the content of the gist.
|
10
|
+
|
11
|
+
[devise]: https://github.com/plataformatec/devise
|
12
|
+
[original-gist]: https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
|
13
|
+
|
14
|
+
|
15
|
+
> **DISCLAIMER**: I am not José Valim, nor has he been involved in the gem bundling process. Implementation errors, if any, are mine; and contributions are welcome. -- [GB][gonzalo-bulnes]
|
16
|
+
|
17
|
+
[josevalim]: https://github.com/josevalim
|
18
|
+
[gonzalo-bulnes]: https://github.com/gonzalo-bulnes
|
19
|
+
|
20
|
+
Installation
|
21
|
+
------------
|
22
|
+
|
23
|
+
Install [Devise][devise] with any modules you want, then add the gem to your `Gemfile`:
|
24
|
+
|
25
|
+
```ruby
|
26
|
+
# Gemfile
|
27
|
+
|
28
|
+
gem 'simple_token_authentication'
|
29
|
+
```
|
30
|
+
|
31
|
+
Define which controller will handle authentication (typ. `ApplicationController`):
|
32
|
+
|
33
|
+
```ruby
|
34
|
+
# app/controllers/application_controller.rb
|
35
|
+
|
36
|
+
class ApplicationController < ActionController::Base
|
37
|
+
# ...
|
38
|
+
acts_as_token_authentication_handler
|
39
|
+
|
40
|
+
# ...
|
41
|
+
end
|
42
|
+
```
|
43
|
+
|
44
|
+
Define which model or models will be token authenticatable (typ. `User`):
|
45
|
+
|
46
|
+
```ruby
|
47
|
+
# app/models/user.rb
|
48
|
+
|
49
|
+
class User < ActiveRecord::Base
|
50
|
+
acts_as_token_authenticatable
|
51
|
+
|
52
|
+
# Note: you can include any module you want. If available,
|
53
|
+
# token authentication will be performed before any other
|
54
|
+
# Devise authentication method.
|
55
|
+
#
|
56
|
+
# Include default devise modules. Others available are:
|
57
|
+
# :confirmable, :lockable, :timeoutable and :omniauthable
|
58
|
+
devise :invitable, :database_authenticatable,
|
59
|
+
:recoverable, :rememberable, :trackable, :validatable,
|
60
|
+
:lockable
|
61
|
+
|
62
|
+
# ...
|
63
|
+
end
|
64
|
+
```
|
65
|
+
|
66
|
+
If the model or models you chose have no `:authentication_token` attribute, add them one (with an index):
|
67
|
+
|
68
|
+
```bash
|
69
|
+
rails g migration add_authentication_token_to_users authentication_token:string:index
|
70
|
+
rake db:migrate
|
71
|
+
```
|
72
|
+
|
73
|
+
Usage
|
74
|
+
-----
|
75
|
+
|
76
|
+
### Tokens Generation
|
77
|
+
|
78
|
+
Assuming `user` is an instance of `User`, which is _token authenticatable_: each time `user` will be saved, and `user.authentication_token.is_blank?` it receives a new and unique authentication token (via `Devise.friendly_token`).
|
79
|
+
|
80
|
+
### Authentication Method 1: Query Params
|
81
|
+
|
82
|
+
You can authenticate passing the `user_email` and `user_token` params as query params:
|
83
|
+
|
84
|
+
```
|
85
|
+
GET https://secure.example.com?user_email=alice@example.com&user_token=1G8_s7P-V-4MGojaKD7a
|
86
|
+
```
|
87
|
+
|
88
|
+
The _token authentication handler_ (e.g. `ApplicationController`) will perform the user sign in if both are correct.
|
89
|
+
|
90
|
+
### Authentication Method 2: Request Headers
|
91
|
+
|
92
|
+
You can also use request headers (which may be simpler when authenticating against an API):
|
93
|
+
|
94
|
+
```
|
95
|
+
X-User-Email alice@example.com
|
96
|
+
X-User-Token 1G8_s7P-V-4MGojaKD7a
|
97
|
+
```
|
98
|
+
|
99
|
+
In fact, you can mix both methods and provide the `user_email` with one and the `user_token` with the other, even if it would be a freak thing to do.
|
100
|
+
|
101
|
+
### Integration with other authentication methods
|
102
|
+
|
103
|
+
If sign-in is successful, no other authentication method will be run, but if it doesn't (the authentication params were missing, or incorrect) then Devise takes control and tries to `authenticate_user!` with its own modules.
|
104
|
+
|
105
|
+
Credits
|
106
|
+
-------
|
107
|
+
|
108
|
+
It may sound a bit redundant, but this gem wouldn't exist without [this gist][original-gist].
|
109
|
+
|
110
|
+
Help Wanted
|
111
|
+
-----------
|
112
|
+
|
113
|
+
Hi, thanks for having kept reading! You can probably help me to bump this gem version to `1.0.0`: I want it to be tested before removing the `beta` flag. If you can provide some help, please make yourself at home at the [issue #1][1].
|
114
|
+
|
115
|
+
[1]: https://github.com/gonzalo-bulnes/simple_token_authentication/issues/1
|
116
|
+
|
117
|
+
License
|
118
|
+
-------
|
119
|
+
|
120
|
+
Simple Token Authentication
|
121
|
+
Copyright (C) 2013 Gonzalo Bulnes Guilpain
|
122
|
+
|
123
|
+
This program is free software: you can redistribute it and/or modify
|
124
|
+
it under the terms of the GNU General Public License as published by
|
125
|
+
the Free Software Foundation, either version 3 of the License, or
|
126
|
+
(at your option) any later version.
|
127
|
+
|
128
|
+
This program is distributed in the hope that it will be useful,
|
129
|
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
130
|
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
131
|
+
GNU General Public License for more details.
|
132
|
+
|
133
|
+
You should have received a copy of the GNU General Public License
|
134
|
+
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
data/Rakefile
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
begin
|
2
|
+
require 'bundler/setup'
|
3
|
+
rescue LoadError
|
4
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
5
|
+
end
|
6
|
+
|
7
|
+
require 'rdoc/task'
|
8
|
+
|
9
|
+
RDoc::Task.new(:rdoc) do |rdoc|
|
10
|
+
rdoc.rdoc_dir = 'rdoc'
|
11
|
+
rdoc.title = 'SimpleTokenAuthentication'
|
12
|
+
rdoc.options << '--line-numbers'
|
13
|
+
rdoc.rdoc_files.include('README.rdoc')
|
14
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
15
|
+
end
|
16
|
+
|
17
|
+
|
18
|
+
|
19
|
+
|
20
|
+
Bundler::GemHelper.install_tasks
|
21
|
+
|
22
|
+
require 'rake/testtask'
|
23
|
+
|
24
|
+
Rake::TestTask.new(:test) do |t|
|
25
|
+
t.libs << 'lib'
|
26
|
+
t.libs << 'test'
|
27
|
+
t.pattern = 'test/**/*_test.rb'
|
28
|
+
t.verbose = false
|
29
|
+
end
|
30
|
+
|
31
|
+
|
32
|
+
task default: :test
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module SimpleTokenAuthentication
|
2
|
+
module ActsAsTokenAuthenticatable
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
# Please see https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
|
6
|
+
# before editing this file, the discussion is very interesting.
|
7
|
+
|
8
|
+
included do
|
9
|
+
private :generate_authentication_token
|
10
|
+
end
|
11
|
+
|
12
|
+
def ensure_authentication_token
|
13
|
+
if authentication_token.blank?
|
14
|
+
self.authentication_token = generate_authentication_token
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def generate_authentication_token
|
19
|
+
loop do
|
20
|
+
token = Devise.friendly_token
|
21
|
+
break token unless User.where(authentication_token: token).first
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
module ClassMethods
|
26
|
+
def acts_as_token_authenticatable(options = {})
|
27
|
+
include SimpleTokenAuthentication::ActsAsTokenAuthenticatable
|
28
|
+
before_save :ensure_authentication_token
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
ActiveRecord::Base.send :include, SimpleTokenAuthentication::ActsAsTokenAuthenticatable
|
@@ -0,0 +1,68 @@
|
|
1
|
+
module SimpleTokenAuthentication
|
2
|
+
module ActsAsTokenAuthenticationHandlerMethods
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
# Please see https://gist.github.com/josevalim/fb706b1e933ef01e4fb6
|
6
|
+
# before editing this file, the discussion is very interesting.
|
7
|
+
|
8
|
+
included do
|
9
|
+
private :authenticate_user_from_token!
|
10
|
+
# This is our new function that comes before Devise's one
|
11
|
+
before_filter :authenticate_user_from_token!
|
12
|
+
# This is Devise's authentication
|
13
|
+
before_filter :authenticate_user!
|
14
|
+
end
|
15
|
+
|
16
|
+
# For this example, we are simply using token authentication
|
17
|
+
# via parameters. However, anyone could use Rails's token
|
18
|
+
# authentication features to get the token from a header.
|
19
|
+
def authenticate_user_from_token!
|
20
|
+
# Set the authentication token params if not already present,
|
21
|
+
# see http://stackoverflow.com/questions/11017348/rails-api-authentication-by-headers-token
|
22
|
+
if user_token = params[:user_token].blank? && request.headers["X-User-Token"]
|
23
|
+
params[:user_token] = user_token
|
24
|
+
end
|
25
|
+
if user_email = params[:user_email].blank? && request.headers["X-User-Email"]
|
26
|
+
params[:user_email] = user_email
|
27
|
+
end
|
28
|
+
|
29
|
+
user_email = params[:user_email].presence
|
30
|
+
# See https://github.com/ryanb/cancan/blob/1.6.10/lib/cancan/controller_resource.rb#L108-L111
|
31
|
+
if User.respond_to? "find_by"
|
32
|
+
user = user_email && User.find_by(email: user_email)
|
33
|
+
elsif User.respond_to? "find_by_email"
|
34
|
+
user = user_email && User.find_by_email(user_email)
|
35
|
+
end
|
36
|
+
|
37
|
+
# Notice how we use Devise.secure_compare to compare the token
|
38
|
+
# in the database with the token given in the params, mitigating
|
39
|
+
# timing attacks.
|
40
|
+
if user && Devise.secure_compare(user.authentication_token, params[:user_token])
|
41
|
+
# Notice we are passing store false, so the user is not
|
42
|
+
# actually stored in the session and a token is needed
|
43
|
+
# for every request. If you want the token to work as a
|
44
|
+
# sign in token, you can simply remove store: false.
|
45
|
+
sign_in user, store: false
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
module ActsAsTokenAuthenticationHandler
|
51
|
+
extend ActiveSupport::Concern
|
52
|
+
|
53
|
+
# I have insulated the methods into an additional module to avoid before_filters
|
54
|
+
# to be applied by the `included` block before acts_as_token_authentication_handler was called.
|
55
|
+
# See https://github.com/gonzalo-bulnes/simple_token_authentication/issues/8#issuecomment-31707201
|
56
|
+
|
57
|
+
included do
|
58
|
+
# nop
|
59
|
+
end
|
60
|
+
|
61
|
+
module ClassMethods
|
62
|
+
def acts_as_token_authentication_handler(options = {})
|
63
|
+
include SimpleTokenAuthentication::ActsAsTokenAuthenticationHandlerMethods
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
ActionController::Base.send :include, SimpleTokenAuthentication::ActsAsTokenAuthenticationHandler
|
@@ -0,0 +1,28 @@
|
|
1
|
+
== README
|
2
|
+
|
3
|
+
This README would normally document whatever steps are necessary to get the
|
4
|
+
application up and running.
|
5
|
+
|
6
|
+
Things you may want to cover:
|
7
|
+
|
8
|
+
* Ruby version
|
9
|
+
|
10
|
+
* System dependencies
|
11
|
+
|
12
|
+
* Configuration
|
13
|
+
|
14
|
+
* Database creation
|
15
|
+
|
16
|
+
* Database initialization
|
17
|
+
|
18
|
+
* How to run the test suite
|
19
|
+
|
20
|
+
* Services (job queues, cache servers, search engines, etc.)
|
21
|
+
|
22
|
+
* Deployment instructions
|
23
|
+
|
24
|
+
* ...
|
25
|
+
|
26
|
+
|
27
|
+
Please feel free to use a different markup language if you do not plan to run
|
28
|
+
<tt>rake doc:app</tt>.
|
data/test/dummy/Rakefile
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
// This is a manifest file that'll be compiled into application.js, which will include all the files
|
2
|
+
// listed below.
|
3
|
+
//
|
4
|
+
// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
|
5
|
+
// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
|
6
|
+
//
|
7
|
+
// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
|
8
|
+
// compiled file.
|
9
|
+
//
|
10
|
+
// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
|
11
|
+
// about supported directives.
|
12
|
+
//
|
13
|
+
//= require_tree .
|
@@ -0,0 +1,13 @@
|
|
1
|
+
/*
|
2
|
+
* This is a manifest file that'll be compiled into application.css, which will include all the files
|
3
|
+
* listed below.
|
4
|
+
*
|
5
|
+
* Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
|
6
|
+
* or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
|
7
|
+
*
|
8
|
+
* You're free to add application-wide styles to this file and they'll appear at the top of the
|
9
|
+
* compiled file, but it's generally better to create a new file per style scope.
|
10
|
+
*
|
11
|
+
*= require_self
|
12
|
+
*= require_tree .
|
13
|
+
*/
|
@@ -0,0 +1,56 @@
|
|
1
|
+
body { background-color: #fff; color: #333; }
|
2
|
+
|
3
|
+
body, p, ol, ul, td {
|
4
|
+
font-family: verdana, arial, helvetica, sans-serif;
|
5
|
+
font-size: 13px;
|
6
|
+
line-height: 18px;
|
7
|
+
}
|
8
|
+
|
9
|
+
pre {
|
10
|
+
background-color: #eee;
|
11
|
+
padding: 10px;
|
12
|
+
font-size: 11px;
|
13
|
+
}
|
14
|
+
|
15
|
+
a { color: #000; }
|
16
|
+
a:visited { color: #666; }
|
17
|
+
a:hover { color: #fff; background-color:#000; }
|
18
|
+
|
19
|
+
div.field, div.actions {
|
20
|
+
margin-bottom: 10px;
|
21
|
+
}
|
22
|
+
|
23
|
+
#notice {
|
24
|
+
color: green;
|
25
|
+
}
|
26
|
+
|
27
|
+
.field_with_errors {
|
28
|
+
padding: 2px;
|
29
|
+
background-color: red;
|
30
|
+
display: table;
|
31
|
+
}
|
32
|
+
|
33
|
+
#error_explanation {
|
34
|
+
width: 450px;
|
35
|
+
border: 2px solid red;
|
36
|
+
padding: 7px;
|
37
|
+
padding-bottom: 0;
|
38
|
+
margin-bottom: 20px;
|
39
|
+
background-color: #f0f0f0;
|
40
|
+
}
|
41
|
+
|
42
|
+
#error_explanation h2 {
|
43
|
+
text-align: left;
|
44
|
+
font-weight: bold;
|
45
|
+
padding: 5px 5px 5px 15px;
|
46
|
+
font-size: 12px;
|
47
|
+
margin: -7px;
|
48
|
+
margin-bottom: 0px;
|
49
|
+
background-color: #c00;
|
50
|
+
color: #fff;
|
51
|
+
}
|
52
|
+
|
53
|
+
#error_explanation ul li {
|
54
|
+
font-size: 12px;
|
55
|
+
list-style: square;
|
56
|
+
}
|
@@ -0,0 +1,21 @@
|
|
1
|
+
class ApplicationController < ActionController::Base
|
2
|
+
# Prevent CSRF attacks by raising an exception.
|
3
|
+
# For APIs, you may want to use :null_session instead.
|
4
|
+
protect_from_forgery with: :exception
|
5
|
+
|
6
|
+
# While `acts_as_token_authentication_handler` was not called,
|
7
|
+
# neither should be `authenticate_user!`.
|
8
|
+
# See https://github.com/gonzalo-bulnes/simple_token_authentication/issues/8
|
9
|
+
#
|
10
|
+
# Yet once `acts_as_token_authentication_handler` was called, `authenticate_user!`
|
11
|
+
# should also be called. Run `rspec` to ensure that's being true.
|
12
|
+
# If called, the `authenticate_user!` method will raise an exception, that
|
13
|
+
# allows both cases to be covered by their own spec example.
|
14
|
+
#
|
15
|
+
# See test/dummy/app/controllers/posts_controller.rb and
|
16
|
+
# test/dummy/app/controllers/private_posts_controller.rb
|
17
|
+
|
18
|
+
def authenticate_user!
|
19
|
+
raise "`authenticate_user!` was called."
|
20
|
+
end
|
21
|
+
end
|