sinatra-security 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/.document ADDED
@@ -0,0 +1,5 @@
1
+ README.rdoc
2
+ lib/**/*.rb
3
+ bin/*
4
+ features/**/*.feature
5
+ LICENSE
data/.gitignore ADDED
@@ -0,0 +1,21 @@
1
+ ## MAC OS
2
+ .DS_Store
3
+
4
+ ## TEXTMATE
5
+ *.tmproj
6
+ tmtags
7
+
8
+ ## EMACS
9
+ *~
10
+ \#*
11
+ .\#*
12
+
13
+ ## VIM
14
+ *.swp
15
+
16
+ ## PROJECT::GENERAL
17
+ coverage
18
+ rdoc
19
+ pkg
20
+
21
+ ## PROJECT::SPECIFIC
data/LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2009 Cyril David
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.rdoc ADDED
@@ -0,0 +1,17 @@
1
+ = sinatra-security
2
+
3
+ Description goes here.
4
+
5
+ == Note on Patches/Pull Requests
6
+
7
+ * Fork the project.
8
+ * Make your feature addition or bug fix.
9
+ * Add tests for it. This is important so I don't break it in a
10
+ future version unintentionally.
11
+ * Commit, do not mess with rakefile, version, or history.
12
+ (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
13
+ * Send me a pull request. Bonus points for topic branches.
14
+
15
+ == Copyright
16
+
17
+ Copyright (c) 2010 Cyril David. See LICENSE for details.
data/Rakefile ADDED
@@ -0,0 +1,52 @@
1
+ require 'rubygems'
2
+ require 'rake'
3
+
4
+ begin
5
+ require 'jeweler'
6
+ Jeweler::Tasks.new do |gem|
7
+ gem.name = "sinatra-security"
8
+ gem.summary = %Q{Sinatra authentication extension}
9
+ gem.description = %Q{For use with Sinatra + Monk + OHM}
10
+ gem.email = "cyx.ucron@gmail.com"
11
+ gem.homepage = "http://github.com/cyx/sinatra-security"
12
+ gem.authors = ["Cyril David"]
13
+ # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
14
+ end
15
+ Jeweler::GemcutterTasks.new
16
+ rescue LoadError
17
+ puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
18
+ end
19
+
20
+ require 'rake/testtask'
21
+ Rake::TestTask.new(:test) do |test|
22
+ test.libs << 'lib' << 'test'
23
+ test.pattern = 'test/**/test_*.rb'
24
+ test.verbose = true
25
+ end
26
+
27
+ begin
28
+ require 'rcov/rcovtask'
29
+ Rcov::RcovTask.new do |test|
30
+ test.libs << 'test'
31
+ test.pattern = 'test/**/test_*.rb'
32
+ test.verbose = true
33
+ end
34
+ rescue LoadError
35
+ task :rcov do
36
+ abort "RCov is not available. In order to run rcov, you must: sudo gem install spicycode-rcov"
37
+ end
38
+ end
39
+
40
+ task :test => :check_dependencies
41
+
42
+ task :default => :test
43
+
44
+ require 'rake/rdoctask'
45
+ Rake::RDocTask.new do |rdoc|
46
+ version = File.exist?('VERSION') ? File.read('VERSION') : ""
47
+
48
+ rdoc.rdoc_dir = 'rdoc'
49
+ rdoc.title = "sinatra-security #{version}"
50
+ rdoc.rdoc_files.include('README*')
51
+ rdoc.rdoc_files.include('lib/**/*.rb')
52
+ end
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 0.1.0
@@ -0,0 +1,28 @@
1
+ require 'sinatra/base'
2
+
3
+ begin
4
+ require 'haml'
5
+ rescue LoadError
6
+ raise "In order to use sinatra/security, make sure you have haml installed"
7
+ end
8
+
9
+ module Sinatra
10
+ module Security
11
+ autoload :Helpers, 'sinatra/security/helpers'
12
+
13
+ def self.registered(app)
14
+ app.helpers Helpers
15
+
16
+ app.post '/login' do
17
+ if authenticate(params)
18
+ redirect_to_stored
19
+ else
20
+ session[:error] = "We are sorry: the information supplied is not valid."
21
+ haml :login
22
+ end
23
+ end
24
+ end
25
+ end
26
+
27
+ register Security
28
+ end
@@ -0,0 +1,42 @@
1
+ module Sinatra
2
+ module Security
3
+ module Helpers
4
+ def redirect_to_stored
5
+ if return_to = session[:return_to]
6
+ session[:return_to] = nil
7
+ redirect return_to
8
+ else
9
+ redirect "/"
10
+ end
11
+ end
12
+
13
+ def authenticate(params)
14
+ if user = User.authenticate(params[:username], params[:password])
15
+ session[:user] = user.id
16
+ end
17
+ end
18
+
19
+ def require_login
20
+ if logged_in?
21
+ return true
22
+ else
23
+ session[:return_to] = request.fullpath
24
+ redirect "/login"
25
+ return false
26
+ end
27
+ end
28
+
29
+ def current_user
30
+ @current_user ||= User[session[:user]] if session[:user]
31
+ end
32
+
33
+ def logged_in?
34
+ !! current_user
35
+ end
36
+
37
+ def ensure_current_user(user)
38
+ halt 404 unless user == current_user
39
+ end
40
+ end
41
+ end
42
+ end
@@ -0,0 +1,55 @@
1
+ # Generated by jeweler
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
+ # -*- encoding: utf-8 -*-
5
+
6
+ Gem::Specification.new do |s|
7
+ s.name = %q{sinatra-security}
8
+ s.version = "0.1.0"
9
+
10
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
+ s.authors = ["Cyril David"]
12
+ s.date = %q{2010-04-09}
13
+ s.description = %q{For use with Sinatra + Monk + OHM}
14
+ s.email = %q{cyx.ucron@gmail.com}
15
+ s.extra_rdoc_files = [
16
+ "LICENSE",
17
+ "README.rdoc"
18
+ ]
19
+ s.files = [
20
+ ".document",
21
+ ".gitignore",
22
+ "LICENSE",
23
+ "README.rdoc",
24
+ "Rakefile",
25
+ "VERSION",
26
+ "lib/sinatra/security.rb",
27
+ "lib/sinatra/security/helpers.rb",
28
+ "sinatra-security.gemspec",
29
+ "test/helper.rb",
30
+ "test/test_sinatra-security.rb",
31
+ "test/test_sinatra_security_helpers.rb",
32
+ "views/login.haml"
33
+ ]
34
+ s.homepage = %q{http://github.com/cyx/sinatra-security}
35
+ s.rdoc_options = ["--charset=UTF-8"]
36
+ s.require_paths = ["lib"]
37
+ s.rubygems_version = %q{1.3.6}
38
+ s.summary = %q{Sinatra authentication extension}
39
+ s.test_files = [
40
+ "test/helper.rb",
41
+ "test/test_sinatra-security.rb",
42
+ "test/test_sinatra_security_helpers.rb"
43
+ ]
44
+
45
+ if s.respond_to? :specification_version then
46
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
47
+ s.specification_version = 3
48
+
49
+ if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
50
+ else
51
+ end
52
+ else
53
+ end
54
+ end
55
+
data/test/helper.rb ADDED
@@ -0,0 +1,33 @@
1
+ require 'rubygems'
2
+ require 'test/unit'
3
+ require 'contest'
4
+ require 'rack/test'
5
+ require 'mocha'
6
+
7
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
8
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
9
+ require 'sinatra/security'
10
+
11
+ class Test::Unit::TestCase
12
+ include Rack::Test::Methods
13
+
14
+ protected
15
+ def assert_redirected_to(path)
16
+ assert_equal 302, last_response.status
17
+ assert_equal path, last_response.headers['Location']
18
+ end
19
+
20
+ def session
21
+ last_request.env["rack.session"]
22
+ end
23
+ end
24
+
25
+ # Test Fixtures appear here
26
+ class User
27
+ attr :id
28
+
29
+ def initialize(id)
30
+ @id = id
31
+ end
32
+ end
33
+
@@ -0,0 +1,94 @@
1
+ require 'helper'
2
+
3
+ class BasicApp < Sinatra::Base
4
+ use Rack::Session::Cookie
5
+
6
+ register Sinatra::Security
7
+
8
+ get '/public' do
9
+ "Hello Public World"
10
+ end
11
+
12
+ get '/private' do
13
+ require_login
14
+ end
15
+ end
16
+
17
+ class TestSinatraSecurity < Test::Unit::TestCase
18
+ def app
19
+ BasicApp.new
20
+ end
21
+
22
+ describe "accessing a public url" do
23
+ should "not redirect to login" do
24
+ get '/public'
25
+ assert_equal "Hello Public World", last_response.body
26
+ end
27
+ end
28
+
29
+ describe "accessing a private url" do
30
+ setup do
31
+ get '/private'
32
+ end
33
+
34
+ should "redirect to /login" do
35
+ assert_redirected_to '/login'
36
+ end
37
+
38
+ should "store in the session the source" do
39
+ assert_equal "/private", session[:return_to]
40
+ end
41
+ end
42
+
43
+ describe "accessing a private url with query string params" do
44
+ setup do
45
+ get "/private?query=string&params=true"
46
+ end
47
+
48
+ should "also save the query string parameters" do
49
+ assert_equal "/private?query=string&params=true", session[:return_to]
50
+ end
51
+ end
52
+
53
+ describe "accessing a private url with a method other than GET" do
54
+ [ :post, :delete, :put ].each do |method|
55
+ setup do
56
+ send method, "/private"
57
+ end
58
+
59
+ should "not save any return_to for #{method}" do
60
+ assert ! session[:return_to]
61
+ end
62
+ end
63
+ end
64
+
65
+ describe "being redirected and then logging in" do
66
+ setup do
67
+ get '/private'
68
+
69
+ @user = User.new(1)
70
+ User.expects(:authenticate).with('quentin', 'test').returns(@user)
71
+
72
+ post '/login', username: 'quentin', password: 'test'
73
+ end
74
+
75
+ should "redirect to /private" do
76
+ assert_redirected_to '/private'
77
+ end
78
+ end
79
+
80
+ describe "being redirected to login and failing authenticating" do
81
+ setup do
82
+ get '/private'
83
+
84
+ User.expects(:authenticate).with('quentin', 'test').returns(nil)
85
+
86
+ post '/login', username: 'quentin', password: 'test'
87
+ end
88
+
89
+ should "redirect render /login" do
90
+ assert_match %r{<h1>Login Page</h1>}, last_response.body
91
+ end
92
+
93
+ end
94
+ end
@@ -0,0 +1,113 @@
1
+ require 'helper'
2
+
3
+ class ExecutionContext < Struct.new(:session, :request)
4
+ def redirect(path)
5
+ end
6
+ end
7
+
8
+ class TestSinatraSecurityHelpers < Test::Unit::TestCase
9
+ setup do
10
+ @context = ExecutionContext.new({})
11
+ @context.extend Sinatra::Security::Helpers
12
+ end
13
+
14
+ should "respond to current_user" do
15
+ assert_respond_to @context, :current_user
16
+ end
17
+
18
+ should "respond to logged_in?" do
19
+ assert_respond_to @context, :logged_in?
20
+ end
21
+
22
+ should "respond_to ensure_current_user" do
23
+ assert_respond_to @context, :ensure_current_user
24
+ end
25
+
26
+ describe "when session[:user] is set to 1" do
27
+ setup do
28
+ @context.session[:user] = 1
29
+ end
30
+
31
+ should "try and find the the User by id 1" do
32
+ User.expects(:[]).with(1).returns(:user)
33
+
34
+ @context.current_user
35
+ end
36
+
37
+ should "return the found user as the result" do
38
+ User.stubs(:[]).returns(:user)
39
+
40
+ assert_equal :user, @context.current_user
41
+ end
42
+ end
43
+
44
+ describe "when current_user is not nil" do
45
+ should "be logged_in?" do
46
+ @context.stubs(:current_user).returns(:user)
47
+
48
+ assert @context.logged_in?
49
+ end
50
+ end
51
+
52
+ describe "when current_user is nil" do
53
+ should "not be logged_in?" do
54
+ @context.stubs(:current_user).returns(nil)
55
+
56
+ assert ! @context.logged_in?
57
+ end
58
+ end
59
+
60
+ describe "#ensure_current_user" do
61
+ context "when the current_user is not the same as the asserted user" do
62
+ should "halt 404" do
63
+ @context.expects(:halt).with(404)
64
+
65
+ @context.stubs(:current_user).returns(:user1)
66
+ @context.ensure_current_user(:user2)
67
+ end
68
+ end
69
+
70
+ context "when the current_user is the same as the asserted user" do
71
+ should "not halt 404" do
72
+ @context.stubs(:halt).raises(RuntimeError)
73
+ @context.stubs(:current_user).returns(:user1)
74
+
75
+ assert_nothing_raised do
76
+ @context.ensure_current_user(:user1)
77
+ end
78
+ end
79
+ end
80
+ end
81
+
82
+ describe "#require_login" do
83
+ context "when logged_in?" do
84
+ should "return true" do
85
+ @context.expects(:logged_in?).returns(true)
86
+ assert @context.require_login
87
+ end
88
+ end
89
+
90
+ context "when not logged_in?" do
91
+ setup do
92
+ @context.stubs(:logged_in?).returns(false)
93
+ @context.request = stub("Request", :fullpath => "/some/fullpath/here")
94
+ end
95
+
96
+ should "set return_to of request.fullpath" do
97
+ @context.require_login
98
+
99
+ assert_equal "/some/fullpath/here", @context.session[:return_to]
100
+ end
101
+
102
+ should "redirect to /login" do
103
+ @context.expects(:redirect).with('/login')
104
+
105
+ @context.require_login
106
+ end
107
+
108
+ should "return false" do
109
+ assert ! @context.require_login
110
+ end
111
+ end
112
+ end
113
+ end
data/views/login.haml ADDED
@@ -0,0 +1,2 @@
1
+ %h1 Login Page
2
+
metadata ADDED
@@ -0,0 +1,77 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: sinatra-security
3
+ version: !ruby/object:Gem::Version
4
+ prerelease: false
5
+ segments:
6
+ - 0
7
+ - 1
8
+ - 0
9
+ version: 0.1.0
10
+ platform: ruby
11
+ authors:
12
+ - Cyril David
13
+ autorequire:
14
+ bindir: bin
15
+ cert_chain: []
16
+
17
+ date: 2010-04-09 00:00:00 +08:00
18
+ default_executable:
19
+ dependencies: []
20
+
21
+ description: For use with Sinatra + Monk + OHM
22
+ email: cyx.ucron@gmail.com
23
+ executables: []
24
+
25
+ extensions: []
26
+
27
+ extra_rdoc_files:
28
+ - LICENSE
29
+ - README.rdoc
30
+ files:
31
+ - .document
32
+ - .gitignore
33
+ - LICENSE
34
+ - README.rdoc
35
+ - Rakefile
36
+ - VERSION
37
+ - lib/sinatra/security.rb
38
+ - lib/sinatra/security/helpers.rb
39
+ - sinatra-security.gemspec
40
+ - test/helper.rb
41
+ - test/test_sinatra-security.rb
42
+ - test/test_sinatra_security_helpers.rb
43
+ - views/login.haml
44
+ has_rdoc: true
45
+ homepage: http://github.com/cyx/sinatra-security
46
+ licenses: []
47
+
48
+ post_install_message:
49
+ rdoc_options:
50
+ - --charset=UTF-8
51
+ require_paths:
52
+ - lib
53
+ required_ruby_version: !ruby/object:Gem::Requirement
54
+ requirements:
55
+ - - ">="
56
+ - !ruby/object:Gem::Version
57
+ segments:
58
+ - 0
59
+ version: "0"
60
+ required_rubygems_version: !ruby/object:Gem::Requirement
61
+ requirements:
62
+ - - ">="
63
+ - !ruby/object:Gem::Version
64
+ segments:
65
+ - 0
66
+ version: "0"
67
+ requirements: []
68
+
69
+ rubyforge_project:
70
+ rubygems_version: 1.3.6
71
+ signing_key:
72
+ specification_version: 3
73
+ summary: Sinatra authentication extension
74
+ test_files:
75
+ - test/helper.rb
76
+ - test/test_sinatra-security.rb
77
+ - test/test_sinatra_security_helpers.rb