sinatra-security 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,8 +3,10 @@ Sinatra Security
3
3
 
4
4
  This gem just provides you with the standard authentication mechanisms you would expect from your typical app.
5
5
 
6
- How to use
7
- ==========
6
+ Read the full documentation at [http://labs.sinefunc.com/sinatra-security/doc](http://labs.sinefunc.com/sinatra-security/doc).
7
+
8
+ Basic usage
9
+ -----------
8
10
 
9
11
  # taken from examples/classic.rb
10
12
 
@@ -28,6 +30,53 @@ How to use
28
30
  haml :login
29
31
  end
30
32
 
33
+ Some advanced stuff you might want to do
34
+ ----------------------------------------
35
+
36
+ require 'sinatra'
37
+ require 'sinatra/security'
38
+ require 'ohm'
39
+
40
+ # we set a different attribute name here.
41
+ # the default used is :email, but we can choose whatever we want.
42
+ Sinatra::Security::LoginField.attr_name :login
43
+
44
+ class User < Ohm::Model
45
+ include Sinatra::Security::User
46
+ end
47
+
48
+ user = User.create(:login => "quentin", :password => "test")
49
+ user == User.authenticate("quentin", "test")
50
+ # => true
51
+
52
+ # in our sinatra context...
53
+ # now let's secure a chunk of our pages
54
+ require_login '/admin/users'
55
+
56
+ get '/admin/users/:id' do |id|
57
+ # do something here
58
+ end
59
+
60
+ get '/admin/posts' do
61
+ # posts list here
62
+ end
63
+
64
+ # we can also do basic atomic authorization checks for our objects
65
+
66
+ get '/admin/posts/:id/edit' do |id|
67
+ post = Post[id]
68
+ ensure_current_user post.author # does a `halt 404` if this fails
69
+
70
+ # now we proceed as normal, if the author is indeed the curerent user
71
+ end
72
+
73
+ # a quick demo of how you might want to logout
74
+ get '/logout' do
75
+ logout!
76
+ redirect '/'
77
+ end
78
+
79
+
31
80
  Note on Patches/Pull Requests
32
81
  -----------------------------
33
82
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.2.1
@@ -2,7 +2,7 @@ require 'sinatra/base'
2
2
 
3
3
  module Sinatra
4
4
  module Security
5
- VERSION = "0.2.0"
5
+ VERSION = "0.2.1"
6
6
 
7
7
  autoload :Helpers, 'sinatra/security/helpers'
8
8
  autoload :User, 'sinatra/security/user'
@@ -16,7 +16,7 @@ module Sinatra
16
16
 
17
17
  app.set :login_error_message, "Wrong Email and/or Password combination."
18
18
  app.set :login_url, "/login"
19
- app.set :login_user_class, :User
19
+ app.set :login_user_class, lambda { ::User }
20
20
  app.set :ignored_by_return_to, /(jpe?g|png|gif|css|js)$/
21
21
 
22
22
  app.post '/login' do
@@ -44,7 +44,7 @@ module Sinatra
44
44
  # # Users here
45
45
  # end
46
46
  #
47
- # @param [#to_s] path_prefix a string to match again the start of
47
+ # @param [#to_s] path_prefix a string to match against the start of
48
48
  # request.fullpath
49
49
  # @return [nil]
50
50
  def require_login(path_prefix)
@@ -61,7 +61,11 @@ module Sinatra
61
61
  #
62
62
  # # Also, if you change the settings to use a different user class,
63
63
  # # then that will be respected
64
- # set :login_user_class, :SuperUser
64
+ # # this assumes SuperUser is already defined
65
+ # set :login_user_class, SuperUser
66
+ #
67
+ # # if you want to lazily evaluate the class you can wrap it in a proc
68
+ # set :login_user_class, lambda { SuperUser }
65
69
  #
66
70
  # # assuming session[:user] == 1
67
71
  # current_user == SuperUser[1]
@@ -118,10 +122,9 @@ module Sinatra
118
122
  end
119
123
  end
120
124
 
121
- # @private transforms settings.login_user_class to a constant,
122
- # and used by current_user
125
+ # @private convencience method for settings.login_user_class
123
126
  def __USER__
124
- Object.const_get(settings.login_user_class)
127
+ settings.login_user_class
125
128
  end
126
129
 
127
130
  # @private internally used by Sinatra::Security::Helpers#require_login
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{sinatra-security}
8
- s.version = "0.2.0"
8
+ s.version = "0.2.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Cyril David"]
@@ -35,6 +35,7 @@ Gem::Specification.new do |s|
35
35
  "lib/sinatra/security/validations.rb",
36
36
  "sinatra-security.gemspec",
37
37
  "test/helper.rb",
38
+ "test/test_different_user_class.rb",
38
39
  "test/test_login_field_flexibility.rb",
39
40
  "test/test_password.rb",
40
41
  "test/test_sinatra-security.rb",
@@ -49,6 +50,7 @@ Gem::Specification.new do |s|
49
50
  s.summary = %q{Sinatra authentication extension}
50
51
  s.test_files = [
51
52
  "test/helper.rb",
53
+ "test/test_different_user_class.rb",
52
54
  "test/test_login_field_flexibility.rb",
53
55
  "test/test_password.rb",
54
56
  "test/test_sinatra-security.rb",
@@ -0,0 +1,44 @@
1
+ require "helper"
2
+
3
+ class DifferentUserClassTest < Test::Unit::TestCase
4
+ class BasicApp < Sinatra::Base
5
+ class Operator < Struct.new(:id)
6
+ def self.authenticate(u, p)
7
+ return new(1001) if u == 'Foo' && p == 'Bar'
8
+ end
9
+ end
10
+
11
+ use Rack::Session::Cookie
12
+
13
+ register Sinatra::Security
14
+
15
+ set :login_user_class, lambda { Operator }
16
+
17
+ get '/secured' do
18
+ require_login
19
+
20
+ "Secured!"
21
+ end
22
+ end
23
+
24
+ describe "an app with a different user class" do
25
+ def app
26
+ BasicApp.new
27
+ end
28
+
29
+ test "blocks non-authenticated users properly" do
30
+ get '/secured'
31
+
32
+ assert_equal 302, last_response.status
33
+ assert_equal '/login', last_response.headers['Location']
34
+ end
35
+
36
+ test "authenticates properly" do
37
+ post '/login', :username => "Foo", :password => "Bar"
38
+
39
+ assert_equal 302, last_response.status
40
+ assert_equal '/', last_response.headers['Location']
41
+
42
+ end
43
+ end
44
+ end
@@ -164,5 +164,4 @@ class TestSinatraSecurity < Test::Unit::TestCase
164
164
  assert_equal '/login', last_response.headers['Location']
165
165
  end
166
166
  end
167
-
168
167
  end
@@ -27,7 +27,7 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
27
27
 
28
28
  describe "when session[:user] is set to 1" do
29
29
  setup do
30
- @settings = stub("Settings", :login_user_class => :User)
30
+ @settings = stub("Settings", :login_user_class => ::User)
31
31
 
32
32
  @context.stubs(:settings).returns(@settings)
33
33
  @context.session[:user] = 1
@@ -40,7 +40,8 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
40
40
  end
41
41
 
42
42
  should "return the found user as the result" do
43
- User.stubs(:[]).returns(:user)
43
+ # User.stubs(:[]).returns(:user)
44
+ User.expects(:[]).at_least_once.returns(:user)
44
45
 
45
46
  assert_equal :user, @context.current_user
46
47
  end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 2
8
- - 0
9
- version: 0.2.0
8
+ - 1
9
+ version: 0.2.1
10
10
  platform: ruby
11
11
  authors:
12
12
  - Cyril David
@@ -46,6 +46,7 @@ files:
46
46
  - lib/sinatra/security/validations.rb
47
47
  - sinatra-security.gemspec
48
48
  - test/helper.rb
49
+ - test/test_different_user_class.rb
49
50
  - test/test_login_field_flexibility.rb
50
51
  - test/test_password.rb
51
52
  - test/test_sinatra-security.rb
@@ -84,6 +85,7 @@ specification_version: 3
84
85
  summary: Sinatra authentication extension
85
86
  test_files:
86
87
  - test/helper.rb
88
+ - test/test_different_user_class.rb
87
89
  - test/test_login_field_flexibility.rb
88
90
  - test/test_password.rb
89
91
  - test/test_sinatra-security.rb