static_auth 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +62 -0
- data/Rakefile +36 -0
- data/lib/static_auth.rb +2 -0
- data/lib/static_auth/railtie.rb +9 -0
- data/lib/static_auth/session.rb +121 -0
- data/spec/simple-auth/simple-auth_spec.rb +54 -0
- data/spec/spec_helper.rb +20 -0
- metadata +115 -0
data/README.rdoc
ADDED
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
= Simple Auth
|
|
2
|
+
|
|
3
|
+
Static authentication && authorization in rails
|
|
4
|
+
|
|
5
|
+
= Example
|
|
6
|
+
|
|
7
|
+
models/admin_session.rb
|
|
8
|
+
|
|
9
|
+
class AdminSession < SimpleAuth::Session
|
|
10
|
+
roles :admin, :manager
|
|
11
|
+
password_for :admin, "123456"
|
|
12
|
+
password_for :manager, proc { encrypt("123456") }
|
|
13
|
+
set_encryption_method :md5
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
controllers/admin/index_controller.rb
|
|
17
|
+
|
|
18
|
+
def index
|
|
19
|
+
@session = AdminSession.new(session)
|
|
20
|
+
render :template => @session.authorized? ? "admin/index" : "admin/index/login"
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def login
|
|
24
|
+
@session = AdminSession.new(session)
|
|
25
|
+
@session.attributes = params[:admin_session]
|
|
26
|
+
@session.save
|
|
27
|
+
if @session.authorized?
|
|
28
|
+
redirect_to admin_path
|
|
29
|
+
else
|
|
30
|
+
render :template => "admin/index/login"
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def logout
|
|
35
|
+
@session.logout_all
|
|
36
|
+
redirect_to admin_path
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
views/admin/login.html.erb
|
|
40
|
+
|
|
41
|
+
= form_for @session do |s|
|
|
42
|
+
= s.text_field :role
|
|
43
|
+
= s.text_field :password
|
|
44
|
+
= s.submit "Login"
|
|
45
|
+
|
|
46
|
+
= Setting encryption method
|
|
47
|
+
|
|
48
|
+
class AdminSession < SimpleAuth::Session
|
|
49
|
+
roles :admin, :manager
|
|
50
|
+
password_for :admin, "123456"
|
|
51
|
+
password_for :manager, proc { encrypt("123456") }
|
|
52
|
+
|
|
53
|
+
# It always receives a string
|
|
54
|
+
encryption_methods[:custom] = proc { |value| MD5::md5(value + "secret salt") }
|
|
55
|
+
|
|
56
|
+
set_encryption_method :custom # Default methods: :plain, :md5, :sha1, :bcrypt
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
= Todo
|
|
60
|
+
|
|
61
|
+
1. Salting
|
|
62
|
+
2. Is it neccessary when devise exists?
|
data/Rakefile
ADDED
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
require 'rake'
|
|
2
|
+
require 'rake/testtask'
|
|
3
|
+
require 'rspec/core'
|
|
4
|
+
require 'rspec/core/rake_task'
|
|
5
|
+
|
|
6
|
+
RSpec::Core::RakeTask.new(:spec)
|
|
7
|
+
task :default => :spec
|
|
8
|
+
|
|
9
|
+
begin
|
|
10
|
+
include_files = ["README*", "LICENSE", "Rakefile", "init.rb", "{lib,spec}/**/*"].map do |glob|
|
|
11
|
+
Dir[glob]
|
|
12
|
+
end.flatten
|
|
13
|
+
|
|
14
|
+
require "jeweler"
|
|
15
|
+
Jeweler::Tasks.new do |s|
|
|
16
|
+
s.name = "static_auth"
|
|
17
|
+
s.version = "0.0.3"
|
|
18
|
+
s.author = "Victor Sokolov"
|
|
19
|
+
s.email = "gzigzigzeo@gmail.com"
|
|
20
|
+
s.homepage = "http://github.com/gzigzigzeo/simple-auth"
|
|
21
|
+
s.description = "Static authentication && authorization in rails"
|
|
22
|
+
s.summary = "Static authentication && authorization in rails. Supports roles and static passwords."
|
|
23
|
+
s.platform = Gem::Platform::RUBY
|
|
24
|
+
s.files = include_files
|
|
25
|
+
s.require_path = "lib"
|
|
26
|
+
s.has_rdoc = false
|
|
27
|
+
|
|
28
|
+
s.add_dependency 'activemodel', '> 3'
|
|
29
|
+
s.add_dependency 'activesupport', '> 3'
|
|
30
|
+
s.add_dependency 'bcrypt-ruby'
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
Jeweler::GemcutterTasks.new
|
|
34
|
+
rescue LoadError
|
|
35
|
+
puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
|
|
36
|
+
end
|
data/lib/static_auth.rb
ADDED
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
require 'active_support/concern'
|
|
2
|
+
require 'active_support/core_ext/object/blank'
|
|
3
|
+
require 'active_support/core_ext/class/inheritable_attributes'
|
|
4
|
+
require 'active_model/conversion'
|
|
5
|
+
require 'active_model/naming'
|
|
6
|
+
require 'active_model/attribute_methods'
|
|
7
|
+
require 'sha1'
|
|
8
|
+
require 'md5'
|
|
9
|
+
require 'bcrypt'
|
|
10
|
+
|
|
11
|
+
module SimpleAuth
|
|
12
|
+
class Session
|
|
13
|
+
include ActiveModel::Conversion
|
|
14
|
+
include ActiveModel::AttributeMethods
|
|
15
|
+
extend ActiveModel::Naming
|
|
16
|
+
|
|
17
|
+
def persisted?; false; end
|
|
18
|
+
|
|
19
|
+
class_inheritable_accessor :encryption_methods
|
|
20
|
+
self.encryption_methods = {
|
|
21
|
+
:plain => proc { |value| value.reverse },
|
|
22
|
+
:sha1 => proc { |value| SHA1::sha1(value).to_s },
|
|
23
|
+
:md5 => proc { |value| MD5::md5(value).to_s },
|
|
24
|
+
:bcrypt => proc { |value| BCrypt::Password.new(value, :cost => 10).to_s }
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
attr_accessor :role, :password
|
|
28
|
+
|
|
29
|
+
class << self
|
|
30
|
+
def roles(*args)
|
|
31
|
+
self.defined_roles = self.defined_roles.concat(args).uniq
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def password_for(role, password)
|
|
35
|
+
check_role(role)
|
|
36
|
+
self.defined_passwords[role] = password
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def encrypt(value)
|
|
40
|
+
encryption_methods[encryption_method].call(value.to_s)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def set_encryption_method(method)
|
|
44
|
+
raise ArgumentError, "Unknown encryption method #{method.to_s} (#{self.encryption_methods.keys.join(', ')}). You can add method through class inheritable accessor #encryption_methods." unless self.encryption_methods.keys.include?(method)
|
|
45
|
+
self.encryption_method = method
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
attr_accessor :session
|
|
50
|
+
def initialize(session)
|
|
51
|
+
self.session = session
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def save
|
|
55
|
+
if !self.role.blank? && self.class.defined_roles.include?(self.role.to_sym)
|
|
56
|
+
self.session[session_key_for(role)] = self.class.encrypt(self.password)
|
|
57
|
+
true
|
|
58
|
+
else
|
|
59
|
+
false
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def authorized?(role = nil)
|
|
64
|
+
unless role.nil?
|
|
65
|
+
self.session[session_key_for(role)] == password_for(role)
|
|
66
|
+
else
|
|
67
|
+
self.class.roles.any? { |r| self.session[session_key_for(r)] == password_for(r) }
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def logout(role)
|
|
72
|
+
check_role(role)
|
|
73
|
+
self.session[session_key_for(role)] = nil
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def logout_all
|
|
77
|
+
self.class.defined_roles.each { |r| logout(r) }
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def attributes=(attrs)
|
|
81
|
+
attrs.each { |key, value| send(:"#{key}=", value) }
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
protected
|
|
85
|
+
def password_for(role)
|
|
86
|
+
role = role.to_sym
|
|
87
|
+
check_role(role)
|
|
88
|
+
raise ArgumentError, "Password for #{role} is not defined" unless self.class.defined_passwords.keys.include?(role)
|
|
89
|
+
if self.class.defined_passwords[role].is_a?(Proc)
|
|
90
|
+
self.class.defined_passwords[role].call
|
|
91
|
+
else
|
|
92
|
+
self.class.encrypt(self.class.defined_passwords[role])
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
private
|
|
97
|
+
def check_role(role)
|
|
98
|
+
self.class.check_role(role)
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
def self.check_role(role)
|
|
102
|
+
raise ArgumentError, "Role #{role} is not defined" unless self.defined_roles.include?(role)
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
def session_key_for(role)
|
|
106
|
+
:"#{self.class.session_key}_#{role}"
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
class_inheritable_array :defined_roles
|
|
110
|
+
self.defined_roles = []
|
|
111
|
+
|
|
112
|
+
class_inheritable_hash :defined_passwords
|
|
113
|
+
self.defined_passwords = {}
|
|
114
|
+
|
|
115
|
+
class_inheritable_accessor :session_key
|
|
116
|
+
self.session_key = "SIMPLEAUTH"
|
|
117
|
+
|
|
118
|
+
class_inheritable_accessor :encryption_method
|
|
119
|
+
self.encryption_method = :plain
|
|
120
|
+
end
|
|
121
|
+
end
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe "Simple auth spec" do
|
|
4
|
+
before(:each) do
|
|
5
|
+
@session_hash = {}
|
|
6
|
+
@session = AdminSession.new(@session_hash)
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
it "should authorize" do
|
|
10
|
+
@session.authorized?(:admin).should be_false
|
|
11
|
+
@session.authorized?.should be_false
|
|
12
|
+
|
|
13
|
+
@session.role = "admin"
|
|
14
|
+
@session.password = "123456"
|
|
15
|
+
@session.save
|
|
16
|
+
|
|
17
|
+
@session_hash.should_not be_empty
|
|
18
|
+
@session.authorized?(:admin).should be_true
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
it "should authorize all roles" do
|
|
22
|
+
@session.role = "admin"
|
|
23
|
+
@session.password = "123456"
|
|
24
|
+
@session.save
|
|
25
|
+
|
|
26
|
+
@session.role = "manager"
|
|
27
|
+
@session.password = "123456"
|
|
28
|
+
@session.save
|
|
29
|
+
|
|
30
|
+
@session.authorized?.should be_true
|
|
31
|
+
@session.authorized?(:admin).should be_true
|
|
32
|
+
@session.authorized?(:manager).should be_true
|
|
33
|
+
|
|
34
|
+
@session.logout(:admin)
|
|
35
|
+
@session.authorized?(:admin).should be_false
|
|
36
|
+
@session.authorized?(:manager).should be_true
|
|
37
|
+
|
|
38
|
+
@session.logout_all
|
|
39
|
+
@session.authorized?(:admin).should be_false
|
|
40
|
+
@session.authorized?(:manager).should be_false
|
|
41
|
+
@session.authorized?.should be_false
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
it "attributes= should work" do
|
|
45
|
+
proc { @session.attributes = {} }.should_not raise_error
|
|
46
|
+
proc { @session.attributes = {:role => "test", :password => 'test'} }.should_not raise_error
|
|
47
|
+
@session.role.should eq('test')
|
|
48
|
+
@session.password.should eq('test')
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "should not not handle empty credentials" do
|
|
52
|
+
proc { @session.save }.should_not raise_error
|
|
53
|
+
end
|
|
54
|
+
end
|
data/spec/spec_helper.rb
ADDED
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
$LOAD_PATH << "." unless $LOAD_PATH.include?(".")
|
|
2
|
+
|
|
3
|
+
begin
|
|
4
|
+
require "bundler"
|
|
5
|
+
Bundler.setup
|
|
6
|
+
rescue Bundler::GemNotFound
|
|
7
|
+
raise RuntimeError, "Bundler couldn't find some gems." +
|
|
8
|
+
"Did you run `bundle install`?"
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
Bundler.require
|
|
12
|
+
|
|
13
|
+
$: << File.join(File.dirname(__FILE__), '..', 'lib')
|
|
14
|
+
|
|
15
|
+
class AdminSession < SimpleAuth::Session
|
|
16
|
+
roles :admin, :manager
|
|
17
|
+
password_for :admin, "123456"
|
|
18
|
+
password_for :manager, proc { encrypt("123456") }
|
|
19
|
+
set_encryption_method :md5
|
|
20
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: static_auth
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
hash: 25
|
|
5
|
+
prerelease: false
|
|
6
|
+
segments:
|
|
7
|
+
- 0
|
|
8
|
+
- 0
|
|
9
|
+
- 3
|
|
10
|
+
version: 0.0.3
|
|
11
|
+
platform: ruby
|
|
12
|
+
authors:
|
|
13
|
+
- Victor Sokolov
|
|
14
|
+
autorequire:
|
|
15
|
+
bindir: bin
|
|
16
|
+
cert_chain: []
|
|
17
|
+
|
|
18
|
+
date: 2010-12-08 00:00:00 +03:00
|
|
19
|
+
default_executable:
|
|
20
|
+
dependencies:
|
|
21
|
+
- !ruby/object:Gem::Dependency
|
|
22
|
+
name: activemodel
|
|
23
|
+
prerelease: false
|
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
|
25
|
+
none: false
|
|
26
|
+
requirements:
|
|
27
|
+
- - ">"
|
|
28
|
+
- !ruby/object:Gem::Version
|
|
29
|
+
hash: 5
|
|
30
|
+
segments:
|
|
31
|
+
- 3
|
|
32
|
+
version: "3"
|
|
33
|
+
type: :runtime
|
|
34
|
+
version_requirements: *id001
|
|
35
|
+
- !ruby/object:Gem::Dependency
|
|
36
|
+
name: activesupport
|
|
37
|
+
prerelease: false
|
|
38
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
|
39
|
+
none: false
|
|
40
|
+
requirements:
|
|
41
|
+
- - ">"
|
|
42
|
+
- !ruby/object:Gem::Version
|
|
43
|
+
hash: 5
|
|
44
|
+
segments:
|
|
45
|
+
- 3
|
|
46
|
+
version: "3"
|
|
47
|
+
type: :runtime
|
|
48
|
+
version_requirements: *id002
|
|
49
|
+
- !ruby/object:Gem::Dependency
|
|
50
|
+
name: bcrypt-ruby
|
|
51
|
+
prerelease: false
|
|
52
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
|
53
|
+
none: false
|
|
54
|
+
requirements:
|
|
55
|
+
- - ">="
|
|
56
|
+
- !ruby/object:Gem::Version
|
|
57
|
+
hash: 3
|
|
58
|
+
segments:
|
|
59
|
+
- 0
|
|
60
|
+
version: "0"
|
|
61
|
+
type: :runtime
|
|
62
|
+
version_requirements: *id003
|
|
63
|
+
description: Static authentication && authorization in rails
|
|
64
|
+
email: gzigzigzeo@gmail.com
|
|
65
|
+
executables: []
|
|
66
|
+
|
|
67
|
+
extensions: []
|
|
68
|
+
|
|
69
|
+
extra_rdoc_files:
|
|
70
|
+
- README.rdoc
|
|
71
|
+
files:
|
|
72
|
+
- README.rdoc
|
|
73
|
+
- Rakefile
|
|
74
|
+
- lib/static_auth.rb
|
|
75
|
+
- lib/static_auth/railtie.rb
|
|
76
|
+
- lib/static_auth/session.rb
|
|
77
|
+
- spec/simple-auth/simple-auth_spec.rb
|
|
78
|
+
- spec/spec_helper.rb
|
|
79
|
+
has_rdoc: true
|
|
80
|
+
homepage: http://github.com/gzigzigzeo/simple-auth
|
|
81
|
+
licenses: []
|
|
82
|
+
|
|
83
|
+
post_install_message:
|
|
84
|
+
rdoc_options:
|
|
85
|
+
- --charset=UTF-8
|
|
86
|
+
require_paths:
|
|
87
|
+
- lib
|
|
88
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
89
|
+
none: false
|
|
90
|
+
requirements:
|
|
91
|
+
- - ">="
|
|
92
|
+
- !ruby/object:Gem::Version
|
|
93
|
+
hash: 3
|
|
94
|
+
segments:
|
|
95
|
+
- 0
|
|
96
|
+
version: "0"
|
|
97
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
98
|
+
none: false
|
|
99
|
+
requirements:
|
|
100
|
+
- - ">="
|
|
101
|
+
- !ruby/object:Gem::Version
|
|
102
|
+
hash: 3
|
|
103
|
+
segments:
|
|
104
|
+
- 0
|
|
105
|
+
version: "0"
|
|
106
|
+
requirements: []
|
|
107
|
+
|
|
108
|
+
rubyforge_project:
|
|
109
|
+
rubygems_version: 1.3.7
|
|
110
|
+
signing_key:
|
|
111
|
+
specification_version: 3
|
|
112
|
+
summary: Static authentication && authorization in rails. Supports roles and static passwords.
|
|
113
|
+
test_files:
|
|
114
|
+
- spec/simple-auth/simple-auth_spec.rb
|
|
115
|
+
- spec/spec_helper.rb
|