RubyGems - stn-simple_token_authentication - Versions diffs - 1.7.1 - Mend

stn-simple_token_authentication 1.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

data/lib/simple_token_authentication/acts_as_token_authentication_handler.rb ADDED

@@ -0,0 +1,22 @@
+require 'active_support/deprecation'
+require 'simple_token_authentication/token_authentication_handler'
+module SimpleTokenAuthentication
+  module ActsAsTokenAuthenticationHandler
+    # This module ensures that no TokenAuthenticationHandler behaviour
+    # is added before the class actually `acts_as_token_authentication_handler_for`
+    # some token authenticatable model.
+    # See https://github.com/gonzalo-bulnes/simple_token_authentication/issues/8#issuecomment-31707201
+    def acts_as_token_authentication_handler_for(model, options = {})
+      include SimpleTokenAuthentication::TokenAuthenticationHandler
+      handle_token_authentication_for(model, options)
+    end
+    def acts_as_token_authentication_handler
+      ::ActiveSupport::Deprecation.warn "`acts_as_token_authentication_handler()` is deprecated and may be removed from future releases, use `acts_as_token_authentication_handler_for(User)` instead.", caller
+      acts_as_token_authentication_handler_for User
+    end
+  end
+end

data/lib/simple_token_authentication/adapter.rb ADDED

@@ -0,0 +1,7 @@
+module SimpleTokenAuthentication
+  module Adapter
+    def base_class
+      raise NotImplementedError
+    end
+  end
+end

data/lib/simple_token_authentication/adapters/active_record_adapter.rb ADDED

@@ -0,0 +1,14 @@
+require 'active_record'
+require 'simple_token_authentication/adapter'
+module SimpleTokenAuthentication
+  module Adapters
+    class ActiveRecordAdapter
+      extend SimpleTokenAuthentication::Adapter
+      def self.base_class
+        ::ActiveRecord::Base
+      end
+    end
+  end
+end

data/lib/simple_token_authentication/adapters/mongoid_adapter.rb ADDED

@@ -0,0 +1,14 @@
+require 'mongoid'
+require 'simple_token_authentication/adapter'
+module SimpleTokenAuthentication
+  module Adapters
+    class MongoidAdapter
+      extend SimpleTokenAuthentication::Adapter
+      def self.base_class
+        ::Mongoid::Document
+      end
+    end
+  end
+end

data/lib/simple_token_authentication/adapters/rails_adapter.rb ADDED

@@ -0,0 +1,14 @@
+require 'action_controller'
+require 'simple_token_authentication/adapter'
+module SimpleTokenAuthentication
+  module Adapters
+    class RailsAdapter
+      extend SimpleTokenAuthentication::Adapter
+      def self.base_class
+        ::ActionController::Base
+      end
+    end
+  end
+end

data/lib/simple_token_authentication/adapters/rails_api_adapter.rb ADDED

@@ -0,0 +1,18 @@
+require 'action_controller'
+require 'simple_token_authentication/adapter'
+module SimpleTokenAuthentication
+  module Adapters
+    class RailsAPIAdapter
+      extend SimpleTokenAuthentication::Adapter
+      def self.base_class
+        ::ActionController::API
+      end
+    end
+    # make the adpater available even if the 'API' acronym is not defined
+    RailsApiAdapter = RailsAPIAdapter
+  end
+end

data/lib/simple_token_authentication/configuration.rb ADDED

@@ -0,0 +1,45 @@
+module SimpleTokenAuthentication
+  module Configuration
+    mattr_reader   :fallback
+    mattr_accessor :header_names
+    mattr_accessor :sign_in_token
+    mattr_accessor :controller_adapters
+    mattr_accessor :model_adapters
+    mattr_accessor :adapters_dependencies
+    # Default configuration
+    @@fallback = :devise
+    @@header_names = {}
+    @@sign_in_token = false
+    @@controller_adapters = ['rails', 'rails_api']
+    @@model_adapters = ['active_record', 'mongoid']
+    @@adapters_dependencies = { 'active_record' => 'ActiveRecord::Base',
+                                'mongoid'       => 'Mongoid::Document',
+                                'rails'         => 'ActionController::Base',
+                                'rails_api'     => 'ActionController::API' }
+    # Allow the default configuration to be overwritten from initializers
+    def configure
+      yield self if block_given?
+    end
+    def parse_options(options)
+      unless options[:fallback].presence
+        if options[:fallback_to_devise]
+          options[:fallback] = :devise
+        elsif options[:fallback_to_devise] == false
+          if SimpleTokenAuthentication.fallback == :devise
+              options[:fallback] = :none
+          else
+            options[:fallback] = SimpleTokenAuthentication.fallback
+          end
+        else
+          options[:fallback] = SimpleTokenAuthentication.fallback
+        end
+      end
+      options.reject! { |k,v| k == :fallback_to_devise }
+      options
+    end
+  end
+end

data/lib/simple_token_authentication/entities_manager.rb ADDED

@@ -0,0 +1,10 @@
+require 'simple_token_authentication/entity'
+module SimpleTokenAuthentication
+  class EntitiesManager
+    def find_or_create_entity(model, name)
+      @entities ||= {}
+      @entities[name] ||= Entity.new(model, name)
+    end
+  end
+end

data/lib/simple_token_authentication/entity.rb ADDED

@@ -0,0 +1,64 @@
+module SimpleTokenAuthentication
+  class Entity
+    def initialize model, name=nil
+      @model = model
+      @name = name || model.name
+    end
+    def model
+      @model
+    end
+    def name
+      @name
+    end
+    def name_underscore
+      name.underscore
+    end
+    # Private: Return the name of the header to watch for the token authentication param
+    def token_header_name
+      if SimpleTokenAuthentication.header_names["#{name_underscore}".to_sym].presence \
+        && token_header_name = SimpleTokenAuthentication.header_names["#{name_underscore}".to_sym][:authentication_token]
+        token_header_name
+      else
+        "X-#{name}-Token"
+      end
+    end
+    # Private: Return the name of the header to watch for the email param
+    def identifier_header_name
+      if SimpleTokenAuthentication.header_names["#{name_underscore}".to_sym].presence \
+        && identifier_header_name = SimpleTokenAuthentication.header_names["#{name_underscore}".to_sym][:email]
+        identifier_header_name
+      else
+        "X-#{name}-Email"
+      end
+    end
+    def token_param_name
+      "#{name_underscore}_token".to_sym
+    end
+    def identifier_param_name
+      "#{name_underscore}_email".to_sym
+    end
+    def get_token_from_params_or_headers controller
+      # if the token is not present among params, get it from headers
+      if token = controller.params[token_param_name].blank? && controller.request.headers[token_header_name]
+        controller.params[token_param_name] = token
+      end
+      controller.params[token_param_name]
+    end
+    def get_identifier_from_params_or_headers controller
+      # if the identifier (email) is not present among params, get it from headers
+      if email = controller.params[identifier_param_name].blank? && controller.request.headers[identifier_header_name]
+        controller.params[identifier_param_name] = email
+      end
+      controller.params[identifier_param_name]
+    end
+  end
+end

data/lib/simple_token_authentication/fallback_authentication_handler.rb ADDED

@@ -0,0 +1,11 @@
+module SimpleTokenAuthentication
+  class FallbackAuthenticationHandler
+    # Devise authentication is performed through a controller
+    # which includes Devise::Controllers::Helpers
+    # See http://rdoc.info/github/plataformatec/devise/master/\
+    #            Devise/Controllers/Helpers#define_helpers-class_method
+    def authenticate_entity!(controller, entity)
+      controller.send("authenticate_#{entity.name_underscore}!".to_sym)
+    end
+  end
+end

data/lib/simple_token_authentication/sign_in_handler.rb ADDED

@@ -0,0 +1,19 @@
+module SimpleTokenAuthentication
+  class SignInHandler
+    # Devise sign in is performed through a controller
+    # which includes Devise::Controllers::SignInOut
+    def sign_in(controller, record, *args)
+      integrate_with_devise_trackable!(controller)
+      controller.send(:sign_in, record, *args)
+    end
+    private
+    def integrate_with_devise_trackable!(controller)
+      # Sign in using token should not be tracked by Devise trackable
+      # See https://github.com/plataformatec/devise/issues/953
+      controller.env["devise.skip_trackable"] = true
+    end
+  end
+end

data/lib/simple_token_authentication/token_authentication_handler.rb ADDED

@@ -0,0 +1,149 @@
+require 'active_support/concern'
+require 'devise'
+require 'simple_token_authentication/entities_manager'
+require 'simple_token_authentication/fallback_authentication_handler'
+require 'simple_token_authentication/sign_in_handler'
+require 'simple_token_authentication/token_comparator'
+module SimpleTokenAuthentication
+  module TokenAuthenticationHandler
+    extend ::ActiveSupport::Concern
+    included do
+      private_class_method :define_token_authentication_helpers_for
+      private_class_method :set_token_authentication_hooks
+      private_class_method :entities_manager
+      private_class_method :fallback_authentication_handler
+      private :authenticate_entity_from_token!
+      private :authenticate_entity_from_fallback!
+      private :token_correct?
+      private :perform_sign_in!
+      private :token_comparator
+      private :sign_in_handler
+      private :find_record_from_identifier
+      private :integrate_with_devise_case_insensitive_keys
+    end
+    def authenticate_entity_from_token!(entity)
+      record = find_record_from_identifier(entity)
+      if token_correct?(record, entity, token_comparator)
+        perform_sign_in!(record, sign_in_handler)
+      end
+    end
+    def authenticate_entity_from_fallback!(entity, fallback_authentication_handler)
+      fallback_authentication_handler.authenticate_entity!(self, entity)
+    end
+    def token_correct?(record, entity, token_comparator)
+      record && token_comparator.compare(record.authentication_token,
+                                         entity.get_token_from_params_or_headers(self))
+    end
+    def perform_sign_in!(record, sign_in_handler)
+      # Notice the store option defaults to false, so the record
+      # identifier is not actually stored in the session and a token
+      # is needed for every request. That behaviour can be configured
+      # through the sign_in_token option.
+      sign_in_handler.sign_in self, record, store: SimpleTokenAuthentication.sign_in_token
+    end
+    def find_record_from_identifier(entity)
+      email = entity.get_identifier_from_params_or_headers(self).presence
+      email = integrate_with_devise_case_insensitive_keys(email)
+      # The finder method should be compatible with all the model adapters,
+      # namely ActiveRecord and Mongoid in all their supported versions.
+      record = nil
+      record = email && entity.model.where(email: email).first
+    end
+    # Private: Take benefit from Devise case-insensitive keys
+    #
+    # See https://github.com/plataformatec/devise/blob/v3.4.1/lib/generators/templates/devise.rb#L45-L48
+    #
+    # email - the original email String
+    #
+    # Returns an email String which case follows the Devise case-insensitive keys policy
+    def integrate_with_devise_case_insensitive_keys(email)
+      email.downcase! if email && Devise.case_insensitive_keys.include?(:email)
+      email
+    end
+    # Private: Get one (always the same) object which behaves as a token comprator
+    def token_comparator
+      @@token_comparator ||= TokenComparator.new
+    end
+    # Private: Get one (always the same) object which behaves as a sign in handler
+    def sign_in_handler
+      @@sign_in_handler ||= SignInHandler.new
+    end
+    module ClassMethods
+      # Provide token authentication handling for a token authenticatable class
+      #
+      # model - the token authenticatable Class
+      #
+      # Returns nothing.
+      def handle_token_authentication_for(model, options = {})
+        name = options[:name] || model.name
+        entity = entities_manager.find_or_create_entity(model, name)
+        options = SimpleTokenAuthentication.parse_options(options)
+        define_token_authentication_helpers_for(entity, fallback_authentication_handler)
+        set_token_authentication_hooks(entity, options)
+      end
+      # Private: Get one (always the same) object which behaves as an entities manager
+      def entities_manager
+        if class_variable_defined?(:@@entities_manager)
+          class_variable_get(:@@entities_manager)
+        else
+          class_variable_set(:@@entities_manager, EntitiesManager.new)
+        end
+      end
+      # Private: Get one (always the same) object which behaves as a fallback authentication handler
+      def fallback_authentication_handler
+        if class_variable_defined?(:@@fallback_authentication_handler)
+          class_variable_get(:@@fallback_authentication_handler)
+        else
+          class_variable_set(:@@fallback_authentication_handler, FallbackAuthenticationHandler.new)
+        end
+      end
+      def define_token_authentication_helpers_for(entity, fallback_authentication_handler)
+        method_name = "authenticate_#{entity.name_underscore}_from_token"
+        method_name_bang = method_name + '!'
+        class_eval do
+          define_method method_name.to_sym do
+            lambda { |_entity| authenticate_entity_from_token!(_entity) }.call(entity)
+          end
+          define_method method_name_bang.to_sym do
+            lambda do |_entity|
+              authenticate_entity_from_token!(_entity)
+              authenticate_entity_from_fallback!(_entity, fallback_authentication_handler)
+            end.call(entity)
+          end
+        end
+      end
+      def set_token_authentication_hooks(entity, options)
+        authenticate_method = unless options[:fallback] == :none
+          :"authenticate_#{entity.name_underscore}_from_token!"
+        else
+          :"authenticate_#{entity.name_underscore}_from_token"
+        end
+        before_filter authenticate_method, options.slice(:only, :except)
+      end
+    end
+  end
+end

data/lib/simple_token_authentication/token_comparator.rb ADDED

@@ -0,0 +1,20 @@
+require 'devise'
+module SimpleTokenAuthentication
+  class TokenComparator
+    # Compare two String instances
+    #
+    # Important: this method is cryptographically critical and
+    # must be implemented with care when defining new token comparators.
+    #
+    # Returns true if String instances do match, false otherwise
+    def compare(a, b)
+      # Notice how we use Devise.secure_compare to compare tokens
+      # while mitigating timing attacks.
+      # See http://rubydoc.info/github/plataformatec/\
+      #            devise/master/Devise#secure_compare-class_method
+      Devise.secure_compare(a, b)
+    end
+  end
+end

data/lib/simple_token_authentication/token_generator.rb ADDED

@@ -0,0 +1,9 @@
+require 'devise'
+module SimpleTokenAuthentication
+  class TokenGenerator
+    def generate_token
+      Devise.friendly_token
+    end
+  end
+end

data/lib/simple_token_authentication/version.rb ADDED

@@ -0,0 +1,3 @@
+module SimpleTokenAuthentication
+  VERSION = "1.7.1"
+end

data/lib/tasks/simple_token_authentication_tasks.rake ADDED

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :simple_token_authentication do
+#   # Task goes here
+# end