RubyGems - simple_token_authentication - Versions diffs - 1.10.0 → 1.10.1 - Mend

simple_token_authentication 1.10.0 → 1.10.1

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +27 -2
data/lib/simple_token_authentication.rb +2 -4
data/lib/simple_token_authentication/errors.rb +24 -0
data/lib/simple_token_authentication/version.rb +1 -1
data/spec/lib/simple_token_authentication/errors_spec.rb +6 -0
data/spec/support/spec_for_sign_in_handler_interface.rb +2 -2
metadata +31 -30

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b4c32afa7541d97b6932847b957f50466ee24038
-  data.tar.gz: 06e65364bd75dd8378af724e6d73a66c22934fdd
+  metadata.gz: cc9c3c84827bba7367ebae956b4570eeb08c121c
+  data.tar.gz: 59f9d3ef5ebdd6293a72d5fe1d0032a3154b1ece
 SHA512:
-  metadata.gz: 5e1fd325345ff24df707a2a9c7a9f008d36a41702336e20671011c2ad22565416f8dbcd4f8f75e3fca885f924dddecc52a0b0c094aa77fe66e6e8238d4f9633a
-  data.tar.gz: f46a13bc9a3ef51a55e4ea0d9101d90fa723f139e1a658c2a2dc85a2d71282a3346edb22ceadef0b86d24582a92e13a1e756f674edfd9d0c49bdc123eba1b5b6
+  metadata.gz: 80c26958d4e2bea406c1d383aa4d1bdc3272f8bb51b988130927bc8a8b1853279ccb92757a0956b491e85cdbfdd4771f78d6331c8b097f949b31cf6894cc9249
+  data.tar.gz: acb6c207ac94633f6ee5df3355768cd153c012566d8045af01bc4d1a9d7ad625d33208d926c04b279320834988cd7948730fdce07ce760cdfb56fa2a832c5e0b

data/README.md CHANGED Viewed

@@ -136,7 +136,8 @@ Configuration
 -------------
 Some aspects of the behavior of _Simple Token Authentication_ can be customized with an initializer.
-Below is an example with reasonable defaults:
+The file below contains examples of the patterns that _token authentication handlers_ will watch for credentials (e.g. `user_email`, `X-SuperAdmin-Token`) and how to customize them:
 ```ruby
 # config/initializers/simple_token_authentication.rb
@@ -240,7 +241,7 @@ In fact, you can mix both methods and provide the `user_email` with one and the
 If sign-in is successful, no other authentication method will be run, but if it doesn't (the authentication params were missing, or incorrect) then Devise takes control and tries to `authenticate_user!` with its own modules. That behaviour can however be modified for any controller through the **fallback** option (which defaults to `fallback: :devise`).
-When `fallabck: :exception` is set, then an exception is raised on token authentication failure. The resulting controller behaviour is very similar to the behaviour induced by using the Devise `authenticate_user!` callback instead of `authenticate_user`. That setting allows, for example, to prevent unauthenticated users to accede API controllers while disabling the default fallback to Devise.
+When `fallback: :exception` is set, then an exception is raised on token authentication failure. The resulting controller behaviour is very similar to the behaviour induced by using the Devise `authenticate_user!` callback instead of `authenticate_user`. That setting allows, for example, to prevent unauthenticated users to accede API controllers while disabling the default fallback to Devise.
 **Important**: Please do notice that controller actions without CSRF protection **must** disable the Devise fallback for [security reasons][csrf] (both `fallback: :exception` and `fallback: :none` will disable the Devise fallback). Since Rails enables CSRF protection by default, this configuration requirement should only affect controllers where you have disabled it specifically, which may be the case of API controllers.
@@ -248,6 +249,30 @@ To use no fallback when token authentication fails, set `fallback: :none`.
   [csrf]: https://github.com/gonzalo-bulnes/simple_token_authentication/issues/49
+### Testing
+Here is an example of how you can test-drive your configuration using [Minitest][minitest]:
+  [minitest]: https://github.com/seattlerb/minitest
+```ruby
+class SomeControllerTest < ActionController::TestCase
+  test "index with token authentication via query params" do
+    get :index, { user_email: "alice@example.com", user_token: "1G8_s7P-V-4MGojaKD7a" }
+    assert_response :success
+  end
+  test "index with token authentication via request headers" do
+    @request.headers['X-User-Email'] = "alice@example.com"
+    @request.headers['X-User-Token'] = "1G8_s7P-V-4MGojaKD7a"
+    get :index
+    assert_response :success
+  end
+end
+```
 Documentation
 -------------

data/lib/simple_token_authentication.rb CHANGED Viewed

@@ -1,13 +1,11 @@
 require 'simple_token_authentication/acts_as_token_authenticatable'
 require 'simple_token_authentication/acts_as_token_authentication_handler'
 require 'simple_token_authentication/configuration'
+require 'simple_token_authentication/errors'
 module SimpleTokenAuthentication
   extend Configuration
-  NoAdapterAvailableError = Class.new(LoadError)
-  InvalidOptionValue = Class.new(RuntimeError)
   private
   def self.ensure_models_can_act_as_token_authenticatables model_adapters
@@ -42,7 +40,7 @@ module SimpleTokenAuthentication
     available_adapters.compact!
     # stop here if dependencies are missing or no adequate adapters are present
-    raise SimpleTokenAuthentication::NoAdapterAvailableError if available_adapters.empty?
+    raise NoAdapterAvailableError.new if available_adapters.empty?
     available_adapters
   end

data/lib/simple_token_authentication/errors.rb ADDED Viewed

@@ -0,0 +1,24 @@
+module SimpleTokenAuthentication
+  class NoAdapterAvailableError < LoadError
+    def to_s
+      message = <<-HELP.gsub(/^ {8}/, '')
+        No adapter could be loaded, probably because of unavailable dependencies.
+        Please make sure that Simple Token Authentication is declared after your adapters' dependencies in your Gemfile.
+        Example:
+            # Gemfile
+            gem 'mongoid', '~> 4.0' # for example
+            gem 'simple_token_authentication', '~> 1.0'
+        See https://github.com/gonzalo-bulnes/simple_token_authentication/issues/158
+      HELP
+    end
+  end
+  InvalidOptionValue = Class.new(RuntimeError)
+end

data/lib/simple_token_authentication/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SimpleTokenAuthentication
-  VERSION = "1.10.0"
+  VERSION = "1.10.1"
 end

data/spec/lib/simple_token_authentication/errors_spec.rb CHANGED Viewed

@@ -5,4 +5,10 @@ describe SimpleTokenAuthentication::NoAdapterAvailableError do
   it 'is a kind of LoadError', public: true do
     expect(subject).to be_kind_of LoadError
   end
+  it 'provides a pointer to its most common cause', public: true do
+    expect(subject.to_s).to match("adapters' dependencies")
+    expect(subject.to_s).to match('Gemfile')
+    expect(subject.to_s).to match('issues/158')
+  end
 end

data/spec/support/spec_for_sign_in_handler_interface.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 RSpec.shared_examples 'a sign in handler' do
-  let(:sign_in_hanlder) { described_class.new() }
+  let(:sign_in_handler) { described_class.new() }
   it 'responds to :sign_in', private: true do
-    expect(sign_in_hanlder).to respond_to :sign_in
+    expect(sign_in_handler).to respond_to :sign_in
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: simple_token_authentication
 version: !ruby/object:Gem::Version
-  version: 1.10.0
+  version: 1.10.1
 platform: ruby
 authors:
 - Gonzalo Bulnes Guilpain
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-06-03 00:00:00.000000000 Z
+date: 2015-11-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionmailer
@@ -155,6 +155,7 @@ files:
 - lib/simple_token_authentication/devise_fallback_handler.rb
 - lib/simple_token_authentication/entities_manager.rb
 - lib/simple_token_authentication/entity.rb
+- lib/simple_token_authentication/errors.rb
 - lib/simple_token_authentication/exception_fallback_handler.rb
 - lib/simple_token_authentication/sign_in_handler.rb
 - lib/simple_token_authentication/token_authentication_handler.rb
@@ -215,43 +216,43 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.7
+rubygems_version: 2.5.0
 signing_key:
 specification_version: 4
 summary: Simple (but safe) token authentication for Rails apps or API with Devise.
 test_files:
+- spec/spec_helper.rb
+- spec/support/spec_for_authentication_handler_interface.rb
+- spec/support/spec_for_token_comparator_interface.rb
+- spec/support/spec_for_token_generator_interface.rb
+- spec/support/specs_for_token_authentication_handler_interface.rb
+- spec/support/spec_for_entities_manager_interface.rb
+- spec/support/spec_for_configuration_option_interface.rb
+- spec/support/spec_for_adapter.rb
+- spec/support/dummy_classes_helper.rb
+- spec/support/spec_for_fallback_handler_interface.rb
+- spec/support/spec_for_sign_in_handler_interface.rb
+- spec/configuration/skip_devise_trackable_option_spec.rb
+- spec/configuration/sign_in_token_option_spec.rb
+- spec/configuration/fallback_to_devise_option_spec.rb
+- spec/configuration/header_names_option_spec.rb
+- spec/configuration/action_controller_callbacks_options_spec.rb
 - spec/lib/simple_token_authentication_spec.rb
+- spec/lib/simple_token_authentication/devise_fallback_handler_spec.rb
 - spec/lib/simple_token_authentication/entities_manager_spec.rb
 - spec/lib/simple_token_authentication/sign_in_handler_spec.rb
-- spec/lib/simple_token_authentication/exception_fallback_handler_spec.rb
-- spec/lib/simple_token_authentication/token_comparator_spec.rb
-- spec/lib/simple_token_authentication/configuration_spec.rb
+- spec/lib/simple_token_authentication/adapter_spec.rb
 - spec/lib/simple_token_authentication/token_generator_spec.rb
-- spec/lib/simple_token_authentication/acts_as_token_authenticatable_spec.rb
+- spec/lib/simple_token_authentication/exception_fallback_handler_spec.rb
 - spec/lib/simple_token_authentication/acts_as_token_authentication_handler_spec.rb
-- spec/lib/simple_token_authentication/devise_fallback_handler_spec.rb
-- spec/lib/simple_token_authentication/token_authentication_handler_spec.rb
-- spec/lib/simple_token_authentication/errors_spec.rb
-- spec/lib/simple_token_authentication/adapters/active_record_adapter_spec.rb
-- spec/lib/simple_token_authentication/adapters/mongoid_adapter_spec.rb
-- spec/lib/simple_token_authentication/adapters/rails_adapter_spec.rb
 - spec/lib/simple_token_authentication/adapters/rails_api_adapter_spec.rb
+- spec/lib/simple_token_authentication/adapters/rails_adapter_spec.rb
+- spec/lib/simple_token_authentication/adapters/mongoid_adapter_spec.rb
+- spec/lib/simple_token_authentication/adapters/active_record_adapter_spec.rb
+- spec/lib/simple_token_authentication/errors_spec.rb
+- spec/lib/simple_token_authentication/token_comparator_spec.rb
+- spec/lib/simple_token_authentication/acts_as_token_authenticatable_spec.rb
 - spec/lib/simple_token_authentication/entity_spec.rb
-- spec/lib/simple_token_authentication/adapter_spec.rb
-- spec/configuration/action_controller_callbacks_options_spec.rb
-- spec/configuration/header_names_option_spec.rb
-- spec/configuration/fallback_to_devise_option_spec.rb
-- spec/configuration/skip_devise_trackable_option_spec.rb
-- spec/configuration/sign_in_token_option_spec.rb
-- spec/spec_helper.rb
-- spec/support/spec_for_authentication_handler_interface.rb
-- spec/support/spec_for_entities_manager_interface.rb
-- spec/support/spec_for_adapter.rb
-- spec/support/specs_for_token_authentication_handler_interface.rb
-- spec/support/spec_for_token_comparator_interface.rb
-- spec/support/spec_for_fallback_handler_interface.rb
-- spec/support/spec_for_configuration_option_interface.rb
-- spec/support/spec_for_sign_in_handler_interface.rb
-- spec/support/dummy_classes_helper.rb
-- spec/support/spec_for_token_generator_interface.rb
+- spec/lib/simple_token_authentication/configuration_spec.rb
+- spec/lib/simple_token_authentication/token_authentication_handler_spec.rb
 has_rdoc: