sinatra-session-auth 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/LICENSE +19 -0
- data/README.md +2 -0
- data/Rakefile +18 -0
- data/VERSION +1 -0
- data/lib/sinatra/session_auth.rb +100 -0
- metadata +61 -0
data/.gitignore
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
pkg/
|
data/LICENSE
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
Copyright (c) 2009 Patrik Hedman
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
4
|
+
of this software and associated documentation files (the "Software"), to deal
|
5
|
+
in the Software without restriction, including without limitation the rights
|
6
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
7
|
+
copies of the Software, and to permit persons to whom the Software is
|
8
|
+
furnished to do so, subject to the following conditions:
|
9
|
+
|
10
|
+
The above copyright notice and this permission notice shall be included in
|
11
|
+
all copies or substantial portions of the Software.
|
12
|
+
|
13
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
18
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
19
|
+
THE SOFTWARE.
|
data/README.md
ADDED
data/Rakefile
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'rake'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'jeweler'
|
6
|
+
Jeweler::Tasks.new do |gemspec|
|
7
|
+
gemspec.name = "sinatra-session-auth"
|
8
|
+
gemspec.summary = "A orm-agnostic extension to add session based user authorization"
|
9
|
+
gemspec.description = "sinatra-session-auth is an extension for Sinatra to add orm-agnostic session based user authorization"
|
10
|
+
gemspec.email = "patrik@moresale.se"
|
11
|
+
gemspec.homepage = "http://github.com/polly/sinatra-session-auth"
|
12
|
+
gemspec.authors = ["Patrik Hedman"]
|
13
|
+
end
|
14
|
+
Jeweler::GemcutterTasks.new
|
15
|
+
rescue LoadError
|
16
|
+
puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
|
17
|
+
end
|
18
|
+
|
data/VERSION
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
0.0.1
|
@@ -0,0 +1,100 @@
|
|
1
|
+
require 'date'
|
2
|
+
require 'digest/sha1'
|
3
|
+
|
4
|
+
module Sinatra
|
5
|
+
module SessionAuth
|
6
|
+
module EncryptionHelpers
|
7
|
+
def self.included(klass)
|
8
|
+
klass.send(:include, InstanceMethods)
|
9
|
+
klass.send(:extend, ClassMethods )
|
10
|
+
end
|
11
|
+
|
12
|
+
module InstanceMethods
|
13
|
+
def password=(pass)
|
14
|
+
@password = pass
|
15
|
+
self.salt = User.random_string(10) unless self.salt
|
16
|
+
self.hashed_password = User.encrypt(@password, self.salt)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
module ClassMethods
|
21
|
+
def encrypt(pass, salt)
|
22
|
+
Digest::SHA1.hexdigest(pass + salt)
|
23
|
+
end
|
24
|
+
|
25
|
+
def authenticate(args={})
|
26
|
+
login, pass = args[:login], args[:password]
|
27
|
+
u = self.first(:login => login)
|
28
|
+
return nil if u.nil?
|
29
|
+
return u if self.encrypt(pass, u.salt) == u.hashed_password
|
30
|
+
nil
|
31
|
+
end
|
32
|
+
|
33
|
+
def random_string(len)
|
34
|
+
chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
|
35
|
+
str = ""
|
36
|
+
1.upto(len) { |i| str << chars[rand(chars.size-1)] }
|
37
|
+
return str
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
module Helpers
|
43
|
+
def authorized?
|
44
|
+
return true if session[:user]
|
45
|
+
end
|
46
|
+
|
47
|
+
def authorize!
|
48
|
+
unless authorized?
|
49
|
+
flash[:notice] = 'You must be logged in to view this page.'
|
50
|
+
redirect '/login'
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def logout!
|
55
|
+
session[:user] = false
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
def self.registered(app)
|
60
|
+
app.helpers SessionAuth::Helpers
|
61
|
+
app.set :views, "/views"
|
62
|
+
app.get '/login' do
|
63
|
+
erb :login
|
64
|
+
end
|
65
|
+
|
66
|
+
app.post '/login' do
|
67
|
+
if session[:user] = User.authenticate(params[:user])
|
68
|
+
flash[:notice] = "Login succesful"
|
69
|
+
redirect '/'
|
70
|
+
else
|
71
|
+
flash[:notice] = "Login failed - Try again"
|
72
|
+
redirect '/login'
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
app.get '/logout' do
|
77
|
+
logout!
|
78
|
+
flash[:notice] = "Logged out"
|
79
|
+
redirect '/'
|
80
|
+
end
|
81
|
+
|
82
|
+
app.get "/signup" do
|
83
|
+
erb :signup
|
84
|
+
end
|
85
|
+
|
86
|
+
app.post "/signup" do
|
87
|
+
if user = User.create(params[:user])
|
88
|
+
session[:user] = user
|
89
|
+
flash[:notice] = "Your account was succesfully created"
|
90
|
+
redirect '/'
|
91
|
+
else
|
92
|
+
flash[:notice] = "Signup failed - Try again"
|
93
|
+
redirect '/signup'
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
register SessionAuth
|
100
|
+
end
|
metadata
ADDED
@@ -0,0 +1,61 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: sinatra-session-auth
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Patrik Hedman
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
|
12
|
+
date: 2009-11-24 00:00:00 +01:00
|
13
|
+
default_executable:
|
14
|
+
dependencies: []
|
15
|
+
|
16
|
+
description: sinatra-session-auth is an extension for Sinatra to add orm-agnostic session based user authorization
|
17
|
+
email: patrik@moresale.se
|
18
|
+
executables: []
|
19
|
+
|
20
|
+
extensions: []
|
21
|
+
|
22
|
+
extra_rdoc_files:
|
23
|
+
- LICENSE
|
24
|
+
- README.md
|
25
|
+
files:
|
26
|
+
- .gitignore
|
27
|
+
- LICENSE
|
28
|
+
- README.md
|
29
|
+
- Rakefile
|
30
|
+
- VERSION
|
31
|
+
- lib/sinatra/session_auth.rb
|
32
|
+
has_rdoc: true
|
33
|
+
homepage: http://github.com/polly/sinatra-session-auth
|
34
|
+
licenses: []
|
35
|
+
|
36
|
+
post_install_message:
|
37
|
+
rdoc_options:
|
38
|
+
- --charset=UTF-8
|
39
|
+
require_paths:
|
40
|
+
- lib
|
41
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
42
|
+
requirements:
|
43
|
+
- - ">="
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: "0"
|
46
|
+
version:
|
47
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
48
|
+
requirements:
|
49
|
+
- - ">="
|
50
|
+
- !ruby/object:Gem::Version
|
51
|
+
version: "0"
|
52
|
+
version:
|
53
|
+
requirements: []
|
54
|
+
|
55
|
+
rubyforge_project:
|
56
|
+
rubygems_version: 1.3.5
|
57
|
+
signing_key:
|
58
|
+
specification_version: 3
|
59
|
+
summary: A orm-agnostic extension to add session based user authorization
|
60
|
+
test_files: []
|
61
|
+
|