static_auth 0.0.3

data/README.rdoc

@@ -0,0 +1,62 @@
+= Simple Auth
+
+Static authentication && authorization in rails
+
+= Example
+
+  models/admin_session.rb
+  
+  class AdminSession < SimpleAuth::Session
+    roles :admin, :manager
+    password_for :admin, "123456"
+    password_for :manager, proc { encrypt("123456") }
+    set_encryption_method :md5
+  end
+  
+  controllers/admin/index_controller.rb
+  
+  def index
+    @session = AdminSession.new(session)
+    render :template => @session.authorized? ? "admin/index" : "admin/index/login"
+  end
+  
+  def login
+    @session = AdminSession.new(session)
+    @session.attributes = params[:admin_session]
+    @session.save
+    if @session.authorized?
+      redirect_to admin_path
+    else
+      render :template => "admin/index/login"
+    end
+  end
+  
+  def logout
+    @session.logout_all
+    redirect_to admin_path
+  end
+  
+  views/admin/login.html.erb
+  
+  = form_for @session do |s|
+    = s.text_field :role
+    = s.text_field :password
+    = s.submit "Login"
+
+= Setting encryption method
+
+  class AdminSession < SimpleAuth::Session
+    roles :admin, :manager
+    password_for :admin, "123456"
+    password_for :manager, proc { encrypt("123456") }
+
+    # It always receives a string
+    encryption_methods[:custom] = proc { |value| MD5::md5(value + "secret salt") }
+    
+    set_encryption_method :custom # Default methods: :plain, :md5, :sha1, :bcrypt
+  end
+
+= Todo
+
+1. Salting
+2. Is it neccessary when devise exists?

data/Rakefile

@@ -0,0 +1,36 @@
+require 'rake'
+require 'rake/testtask'
+require 'rspec/core'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec
+
+begin
+  include_files = ["README*", "LICENSE", "Rakefile", "init.rb", "{lib,spec}/**/*"].map do |glob|
+    Dir[glob]
+  end.flatten
+  
+  require "jeweler"
+  Jeweler::Tasks.new do |s|
+    s.name              = "static_auth"
+    s.version           = "0.0.3"
+    s.author            = "Victor Sokolov"
+    s.email             = "gzigzigzeo@gmail.com"
+    s.homepage          = "http://github.com/gzigzigzeo/simple-auth"
+    s.description       = "Static authentication && authorization in rails"
+    s.summary           = "Static authentication && authorization in rails. Supports roles and static passwords."
+    s.platform          = Gem::Platform::RUBY
+    s.files             = include_files
+    s.require_path      = "lib"
+    s.has_rdoc          = false
+    
+    s.add_dependency 'activemodel', '> 3'
+    s.add_dependency 'activesupport', '> 3'
+    s.add_dependency 'bcrypt-ruby'    
+  end
+  
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end

data/lib/static_auth.rb

@@ -0,0 +1,2 @@
+require 'static_auth/session'
+require 'static_auth/railtie'

data/lib/static_auth/railtie.rb

@@ -0,0 +1,9 @@
+module SimpleAuth
+  if defined? Rails::Railtie
+    class Railtie < Rails::Railtie
+    end
+  end
+  
+  class Railtie
+  end
+end

data/lib/static_auth/session.rb

@@ -0,0 +1,121 @@
+require 'active_support/concern'
+require 'active_support/core_ext/object/blank'
+require 'active_support/core_ext/class/inheritable_attributes'
+require 'active_model/conversion'
+require 'active_model/naming'
+require 'active_model/attribute_methods'
+require 'sha1'
+require 'md5'
+require 'bcrypt'
+
+module SimpleAuth
+  class Session
+    include ActiveModel::Conversion
+    include ActiveModel::AttributeMethods
+    extend ActiveModel::Naming
+    
+    def persisted?; false; end
+
+    class_inheritable_accessor :encryption_methods
+    self.encryption_methods = {
+      :plain => proc { |value| value.reverse },
+      :sha1 => proc { |value| SHA1::sha1(value).to_s },
+      :md5 => proc { |value| MD5::md5(value).to_s },
+      :bcrypt => proc { |value| BCrypt::Password.new(value, :cost => 10).to_s }
+    }
+
+    attr_accessor :role, :password
+
+    class << self
+      def roles(*args)    
+        self.defined_roles = self.defined_roles.concat(args).uniq
+      end
+
+      def password_for(role, password)
+        check_role(role)
+        self.defined_passwords[role] = password
+      end
+      
+      def encrypt(value)
+        encryption_methods[encryption_method].call(value.to_s)
+      end
+      
+      def set_encryption_method(method)
+        raise ArgumentError, "Unknown encryption method #{method.to_s} (#{self.encryption_methods.keys.join(', ')}). You can add method through class inheritable accessor #encryption_methods." unless self.encryption_methods.keys.include?(method)
+        self.encryption_method = method
+      end      
+    end
+
+    attr_accessor :session
+    def initialize(session)
+      self.session = session
+    end
+
+    def save    
+      if !self.role.blank? && self.class.defined_roles.include?(self.role.to_sym)
+        self.session[session_key_for(role)] = self.class.encrypt(self.password)
+        true
+      else
+        false
+      end
+    end  
+
+    def authorized?(role = nil)
+      unless role.nil?
+        self.session[session_key_for(role)] == password_for(role)
+      else      
+        self.class.roles.any? { |r| self.session[session_key_for(r)] == password_for(r) }
+      end
+    end
+
+    def logout(role)
+      check_role(role)
+      self.session[session_key_for(role)] = nil
+    end
+
+    def logout_all
+      self.class.defined_roles.each { |r| logout(r) }
+    end
+
+    def attributes=(attrs)
+      attrs.each { |key, value| send(:"#{key}=", value) }
+    end
+       
+    protected
+    def password_for(role)
+      role = role.to_sym
+      check_role(role)
+      raise ArgumentError, "Password for #{role} is not defined" unless self.class.defined_passwords.keys.include?(role)
+      if self.class.defined_passwords[role].is_a?(Proc)        
+        self.class.defined_passwords[role].call
+      else
+        self.class.encrypt(self.class.defined_passwords[role])        
+      end
+    end
+
+    private
+    def check_role(role)
+      self.class.check_role(role)
+    end
+
+    def self.check_role(role)
+      raise ArgumentError, "Role #{role} is not defined" unless self.defined_roles.include?(role)
+    end        
+    
+    def session_key_for(role)
+      :"#{self.class.session_key}_#{role}"
+    end
+    
+    class_inheritable_array :defined_roles
+    self.defined_roles = []
+
+    class_inheritable_hash :defined_passwords  
+    self.defined_passwords = {}
+
+    class_inheritable_accessor :session_key
+    self.session_key = "SIMPLEAUTH"
+
+    class_inheritable_accessor :encryption_method
+    self.encryption_method = :plain
+  end
+end

data/spec/simple-auth/simple-auth_spec.rb

@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe "Simple auth spec" do
+  before(:each) do
+    @session_hash = {}
+    @session = AdminSession.new(@session_hash)
+  end
+
+  it "should authorize" do
+    @session.authorized?(:admin).should be_false
+    @session.authorized?.should be_false
+
+    @session.role = "admin"
+    @session.password = "123456"
+    @session.save
+      
+    @session_hash.should_not be_empty
+    @session.authorized?(:admin).should be_true
+  end
+  
+  it "should authorize all roles" do
+    @session.role = "admin"
+    @session.password = "123456"
+    @session.save
+
+    @session.role = "manager"
+    @session.password = "123456"
+    @session.save
+    
+    @session.authorized?.should be_true    
+    @session.authorized?(:admin).should be_true
+    @session.authorized?(:manager).should be_true    
+    
+    @session.logout(:admin)
+    @session.authorized?(:admin).should be_false
+    @session.authorized?(:manager).should be_true     
+    
+    @session.logout_all
+    @session.authorized?(:admin).should be_false
+    @session.authorized?(:manager).should be_false    
+    @session.authorized?.should be_false    
+  end
+  
+  it "attributes= should work" do
+    proc { @session.attributes = {} }.should_not raise_error
+    proc { @session.attributes = {:role => "test", :password => 'test'} }.should_not raise_error
+    @session.role.should eq('test')
+    @session.password.should eq('test')    
+  end
+  
+  it "should not not handle empty credentials" do
+    proc { @session.save }.should_not raise_error
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,20 @@
+$LOAD_PATH << "." unless $LOAD_PATH.include?(".")
+
+begin
+  require "bundler"
+  Bundler.setup
+rescue Bundler::GemNotFound
+  raise RuntimeError, "Bundler couldn't find some gems." +
+    "Did you run `bundle install`?"
+end
+
+Bundler.require
+
+$: << File.join(File.dirname(__FILE__), '..', 'lib')
+
+class AdminSession < SimpleAuth::Session
+  roles :admin, :manager
+  password_for :admin, "123456"
+  password_for :manager, proc { encrypt("123456") }
+  set_encryption_method :md5
+end

metadata

@@ -0,0 +1,115 @@
+--- !ruby/object:Gem::Specification 
+name: static_auth
+version: !ruby/object:Gem::Version 
+  hash: 25
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 3
+  version: 0.0.3
+platform: ruby
+authors: 
+- Victor Sokolov
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-12-08 00:00:00 +03:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: activemodel
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">"
+      - !ruby/object:Gem::Version 
+        hash: 5
+        segments: 
+        - 3
+        version: "3"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: activesupport
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">"
+      - !ruby/object:Gem::Version 
+        hash: 5
+        segments: 
+        - 3
+        version: "3"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: bcrypt-ruby
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id003
+description: Static authentication && authorization in rails
+email: gzigzigzeo@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+files: 
+- README.rdoc
+- Rakefile
+- lib/static_auth.rb
+- lib/static_auth/railtie.rb
+- lib/static_auth/session.rb
+- spec/simple-auth/simple-auth_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://github.com/gzigzigzeo/simple-auth
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Static authentication && authorization in rails. Supports roles and static passwords.
+test_files: 
+- spec/simple-auth/simple-auth_spec.rb
+- spec/spec_helper.rb