stormpath-rails 2.2.0 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (62) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -1
  3. data/.gitmodules +3 -0
  4. data/.travis.yml +1 -1
  5. data/CHANGELOG.md +11 -0
  6. data/README.md +1 -1
  7. data/app/controllers/stormpath/rails/register/create_controller.rb +1 -1
  8. data/docs/Makefile +225 -0
  9. data/docs/_static/facebook-new-project.png +0 -0
  10. data/docs/_static/facebook-url-settings.png +0 -0
  11. data/docs/_static/forgot-change.png +0 -0
  12. data/docs/_static/forgot-complete.png +0 -0
  13. data/docs/_static/forgot-email-sent.png +0 -0
  14. data/docs/_static/forgot-email.png +0 -0
  15. data/docs/_static/forgot-init.png +0 -0
  16. data/docs/_static/forgot.png +0 -0
  17. data/docs/_static/github_create_app.png +0 -0
  18. data/docs/_static/google-enable-login.png +0 -0
  19. data/docs/_static/google-new-project.png +0 -0
  20. data/docs/_static/google-oauth-settings.png +0 -0
  21. data/docs/_static/id-site-login.png +0 -0
  22. data/docs/_static/id-site-settings.png +0 -0
  23. data/docs/_static/id-site-stormpath-config.png +0 -0
  24. data/docs/_static/linkedin-add-authorized-urls.gif +0 -0
  25. data/docs/_static/linkedin-add-permissions.gif +0 -0
  26. data/docs/_static/linkedin-new-application.gif +0 -0
  27. data/docs/_static/linkedin-permissions-page.png +0 -0
  28. data/docs/_static/login-page-basic.png +0 -0
  29. data/docs/_static/login-page-facebook-permissions.png +0 -0
  30. data/docs/_static/login-page-facebook.png +0 -0
  31. data/docs/_static/login-page-google-account.png +0 -0
  32. data/docs/_static/login-page-google.png +0 -0
  33. data/docs/_static/login-page-linkedin.png +0 -0
  34. data/docs/_static/login-page.png +0 -0
  35. data/docs/_static/login_page_with_all_providers.png +0 -0
  36. data/docs/_static/registration-page-basic.png +0 -0
  37. data/docs/_static/registration-page-error.png +0 -0
  38. data/docs/_static/registration-page.png +0 -0
  39. data/docs/_static/verification-complete.png +0 -0
  40. data/docs/_static/verification-email.png +0 -0
  41. data/docs/_static/verification.png +0 -0
  42. data/docs/_templates/layout.html +6 -0
  43. data/docs/about.rst +72 -0
  44. data/docs/authentication.rst +332 -0
  45. data/docs/changelog.rst +41 -0
  46. data/docs/conf.py +346 -0
  47. data/docs/configuration.rst +151 -0
  48. data/docs/contributors.rst +56 -0
  49. data/docs/devise_import.rst +112 -0
  50. data/docs/help.rst +24 -0
  51. data/docs/index.rst +31 -0
  52. data/docs/login.rst +242 -0
  53. data/docs/logout.rst +73 -0
  54. data/docs/password_reset.rst +85 -0
  55. data/docs/quickstart.rst +179 -0
  56. data/docs/registration.rst +364 -0
  57. data/docs/social_login.rst +409 -0
  58. data/docs/templates.rst +100 -0
  59. data/docs/user_data.rst +216 -0
  60. data/lib/stormpath/rails/version.rb +1 -1
  61. data/stormpath-rails.gemspec +1 -1
  62. metadata +57 -4
@@ -0,0 +1,409 @@
1
+ .. _social_login:
2
+
3
+
4
+ Social Login
5
+ ============
6
+
7
+ Do you want users to authenticate with a social provider, such as Facebook?
8
+ Stormpath provides integration with the following services:
9
+
10
+ * Facebook
11
+ * Google
12
+ * Linkedin
13
+ * Github
14
+
15
+ In this guide we cover all of them step by step.
16
+
17
+
18
+ Facebook Login
19
+ --------------
20
+
21
+ To use Facebook Login you must create a Facebook Application, this is done
22
+ through their Developer site.
23
+
24
+
25
+ Create a Facebook App
26
+ .....................
27
+
28
+ The first thing you need to do is log into the `Facebook Developer Site`_ and
29
+ create a new Facebook App.
30
+
31
+ You can do this by visiting the `Facebook Developer Site`_ and clicking the "Apps"
32
+ menu at the top of the screen, then select the "Create a New App" button. You
33
+ should see something like the following:
34
+
35
+ .. image:: /_static/facebook-new-project.png
36
+
37
+ Go ahead and pick a "Display Name" (usually the name of your app), and choose a
38
+ category for your app. Once you've done this, click the "Create App" button.
39
+
40
+
41
+ Specify Allowed URLs
42
+ ....................
43
+
44
+ The next thing we need to do is tell Facebook what URLs we'll be using Facebook
45
+ Login from.
46
+
47
+ From the app dashboard page you're on, click the "Settings" tab in the left
48
+ menu, then click the "Add Platform" button near the bottom of the page. When
49
+ prompted, select "Website" as your platform type.
50
+
51
+ In the "Site URL" box, enter your private and public root URLs. This should be
52
+ something like ``"http://localhost:3000"`` or ``"http://mysite.com"``. *If you
53
+ want to allow Facebook Login from multiple URLs (local development, production,
54
+ etc.) you can just click the "Add Platform" button again and enter another URL.*
55
+
56
+ Lastly, click the "Save Changes" button to save the changes.
57
+
58
+ Your settings should now look something like this:
59
+
60
+ .. image:: /_static/facebook-url-settings.png
61
+
62
+
63
+ Create a Facebook Directory
64
+ ...........................
65
+
66
+ Next, we need to input the Facebook app credentials into Stormpath Directory.
67
+ This allows Stormpath to interact with the Facebook API on your behalf, which
68
+ automates all OAuth flows.
69
+
70
+ To do this, you need to visit the `Stormpath Admin Console`_ and create a new
71
+ directory. When you click the "Create Directory" button you will choose
72
+ "Facebook" as the provider, and enter the following information about your
73
+ Facebook application:
74
+
75
+ - For the "Name" field, you can insert whatever name you want.
76
+ - For the "Facebook Client ID" field, insert your Facebook App ID which you got
77
+ in the previous steps.
78
+ - For the "Facebook Client Secret" field, insert your Facebook Client Secret
79
+ which you got in the previous steps.
80
+
81
+ Make sure to click "Create" to finish creating your directory.
82
+
83
+ Next, you need to hook your new Facebook Directory up to your Stormpath
84
+ Application. To do this, visit the `Stormpath Admin Console`_, navigate to
85
+ Applications, and select your application from the list.
86
+
87
+ On your application page, click the "Account Stores" tab, then click the "Add
88
+ Account Store" button. From the drop down list, select your newly created
89
+ Facebook Directory, then save your changes.
90
+
91
+ That's it!
92
+
93
+
94
+ Test it Out
95
+ ...........
96
+
97
+ Now that you've plugged your Facebook credentials into stormpath-rails, social
98
+ login should already be working!
99
+
100
+ Open your Rails app in a browser, and try logging in by visiting the login page
101
+ (``/login``). If you're using the default login page included with this
102
+ gem, you should see the following:
103
+
104
+ .. image:: /_static/login-page-facebook.png
105
+
106
+ You now have a fancy new Facebook enabled login button! Try logging in! When
107
+ you click the new Facebook button you'll be redirected to Facebook, and
108
+ prompted to accept the permissions requested:
109
+
110
+ .. image:: /_static/login-page-facebook-permissions.png
111
+
112
+ After accepting permissions, you'll be immediately redirected back to your
113
+ website at the URL specified by ``redirectUrl`` in your app's config.
114
+
115
+
116
+ Google Login
117
+ ------------
118
+
119
+ Integrating Google Login is very similar to Facebook. You must create an application
120
+ in the Google Developer Console, then create a Directory in Stormpath which holds
121
+ settings for the Google application that you created.
122
+
123
+
124
+ Create a Google Project
125
+ .......................
126
+
127
+ The first thing you need to do is log into the `Google Developer Console`_ and
128
+ create a new Google Project.
129
+
130
+ You can do this by visiting the `Google Developer Console`_ and clicking the "Create
131
+ Project" button. You should see something like the following:
132
+
133
+ .. image:: /_static/google-new-project.png
134
+
135
+ Go ahead and pick a "Project Name" (usually the name of your app), and
136
+ (*optionally*) a "Project ID".
137
+
138
+
139
+ Enable Google Login
140
+ ...................
141
+
142
+ Now that you've got a Google Project -- let's enable Google Login. The way
143
+ Google Projects work is that you have to selectively enable what functionality
144
+ each Project needs.
145
+
146
+ From your `Google Developer Console`_ click on your new Project, then in the
147
+ side panel click on the "APIs & auth" menu option.
148
+
149
+ Now, scroll through the API list until you see "Google+ API", then click the
150
+ "OFF" button next to it to enable it. You should now see the "Google+ API" as
151
+ "ON" in your API list:
152
+
153
+ .. image:: /_static/google-enable-login.png
154
+
155
+
156
+ Create OAuth Credentials
157
+ ........................
158
+
159
+ The next thing we need to do is create a new OAuth client ID. This is what
160
+ we'll use to handle user login with Google.
161
+
162
+ From your project, click the "APIs & auth" menu, then click on the "Credentials"
163
+ sub-menu.
164
+
165
+ You should see a big red button labeled "Create New Client ID" near the top of
166
+ the page -- click that.
167
+
168
+ You'll want to do several things here:
169
+
170
+ 1. Select "Web application" for your "Application Type".
171
+ 2. Remove everything from the "Authorized Javascript Origins" box.
172
+ 3. Add the callback URI of your site (both publicly and locally) into the
173
+ "Authorized Redirect URI" box. This tells Google where to
174
+ redirect users after they've logged in with Google. The default callback
175
+ URI for this gem is ``/callbacks/google``.
176
+
177
+ In the end, your settings should look like this:
178
+
179
+ .. image:: /_static/google-oauth-settings.png
180
+
181
+ Once you've specified your settings, go ahead and click the "Create Client ID"
182
+ button.
183
+
184
+ Lastly, you'll want to take note of your "Client ID" and "Client Secret"
185
+ variables that should now be displayed on-screen. We'll need these in the next
186
+ step.
187
+
188
+
189
+ Create a Google Directory
190
+ .........................
191
+
192
+ Next, we need to input the Google app credentials into Stormpath. This allows
193
+ Stormpath to interact with the Google API on your behalf, which automates all
194
+ OAuth flows.
195
+
196
+ To do this, you need to visit the `Stormpath Admin Console`_ and create a new
197
+ directory from the Directories section. When you click "Create Directory",
198
+ choose "Google" as the provider, and enter the following information about your
199
+ Google application:
200
+
201
+ - For the "Name" field, you can insert whatever name you want.
202
+ - For the "Google Client ID" field, insert your Google Client ID which you got
203
+ in the previous steps.
204
+ - For the "Google Client Secret" field, insert your Google Client Secret
205
+ which you got in the previous steps.
206
+ - For the "Google Authorized Redirect URI" field, insert your Google Redirect
207
+ URL from the previous section. Be sure to *only enter the URI you're currently
208
+ using*. EG: If you're running your app in development mode, set it to your
209
+ local URL, if you're running your app in production mode, set it to your
210
+ production URL.
211
+
212
+ Lastly, be sure to click the "Save" button at the bottom of the page.
213
+
214
+ Next, you need to hook your new Google Directory up to your Stormpath
215
+ Application. To do this, visit the Applications section and select your
216
+ application from the list.
217
+
218
+ On your application page, click the "Account Stores" tab, then click the "Add
219
+ Account Store" button. From the drop down list, select your newly created
220
+ Google Directory, then save your changes.
221
+
222
+
223
+ Test it Out
224
+ ...........
225
+
226
+ Now that you've plugged your Google credentials into stormpath-rails, social
227
+ login should already be working!
228
+
229
+ Open your Rails app in a browser, and try logging in by visiting the login page
230
+ (``/login``). If you're using the default login page included with this
231
+ gem, you should see the following:
232
+
233
+ .. image:: /_static/login-page-google.png
234
+
235
+ You now have a fancy new Google enabled login button! Try logging in! When you
236
+ click the new Google button you'll be redirected to Google, and prompted to
237
+ select your Google account:
238
+
239
+ .. image:: /_static/login-page-google-account.png
240
+
241
+ After selecting your account you'll then be prompted to accept any permissions,
242
+ then immediately redirected back to your website at the URL specified by
243
+ ``redirectUrl`` in your app's settings.
244
+
245
+
246
+ LinkedIn Login
247
+ --------------
248
+
249
+ Integrating LinkedIn Login is very similar to Google. You must create an application
250
+ in the LinkedIn Console, then create a Directory in Stormpath which holds
251
+ settings for the LinkedIn application that you created.
252
+
253
+
254
+ Create a LinkedIn Application
255
+ .............................
256
+
257
+ The first thing you need to do is log into the `LinkedIn Developer Console`_ and
258
+ create a new LinkedIn Application.
259
+
260
+ You can do this by visiting the `LinkedIn Developer Console`_ and clicking the "Create
261
+ Application" button. You should see something like the following:
262
+
263
+ .. image:: /_static/linkedin-new-application.gif
264
+
265
+ Continue by filling out all the required fields.
266
+
267
+
268
+ Enable LinkedIn Permissions
269
+ ...........................
270
+
271
+ Now that you've got a LinkedIn Application -- let's enable LinkedIn permissions. The way
272
+ LinkedIn Applications work is that you have to selectively enable what permissions
273
+ each Application requires.
274
+
275
+ Under the "Default Application Permissions" section, be sure to enable the "r_basicprofile"
276
+ and the "r_emailaddress" permissions. These permissions allow Stormpath to access the basic
277
+ profile properties (first, middle, and last name) and email (*these permissions are required*).
278
+
279
+ .. image:: /_static/linkedin-add-permissions.gif
280
+
281
+ The next thing we need to do is add in all of the allowed Redirect URLs for our application. Well do this by
282
+ entering all of our absolute redirect URLs under the "OAuth 2.0" section. For instance, if I was running
283
+ my site locally on port 3000, as well as under the "www.example.com" domain, I'd add two redirect URIs:
284
+
285
+ - http://localhost:3000/callbacks/linkedin
286
+ - https://www.example.com/callbacks/linkedin
287
+
288
+ .. image:: /_static/linkedin-add-authorized-urls.gif
289
+
290
+
291
+ Create a LinkedIn Directory
292
+ ...........................
293
+
294
+ Next, we need to input the LinkedIn Application credentials into Stormpath. This allows
295
+ Stormpath to interact with the LinkedIn API on your behalf, which automates all
296
+ OAuth flows.
297
+
298
+ To do this, you need to visit the `Stormpath Admin Console`_ and create a new
299
+ directory from the Directories section. When you click "Create Directory",
300
+ choose "LinkedIn" as the provider, and enter the following information about your
301
+ LinkedIn Application:
302
+
303
+ - For the "Name" field, you can insert whatever name you want.
304
+ - For the "LinkedIn Client ID" field, insert your LinkedIn Client ID which you got
305
+ in the previous steps.
306
+ - For the "LinkedIn Client Secret" field, insert your LinkedIn Client Secret
307
+ which you got in the previous steps.
308
+
309
+ Lastly, be sure to click the "Save" button at the bottom of the page.
310
+
311
+ Next, you need to hook your new LinkedIn Directory up to your Stormpath
312
+ Application. To do this, visit the Applications section and select your
313
+ application from the list.
314
+
315
+ On your application page, click the "Account Stores" tab, then click the "Add
316
+ Account Store" button. From the drop down list, select your newly created
317
+ LinkedIn Directory, then save your changes.
318
+
319
+
320
+ Test it Out
321
+ ...........
322
+
323
+ Now that you've plugged your LinkedIn credentials into rails-stormpath, social
324
+ login should already be working!
325
+
326
+ Open your Rails app in a browser, and try logging in by visiting the login page
327
+ (``/login``). If you're using the default login page included with this
328
+ gem, you should see the following:
329
+
330
+ .. image:: /_static/login-page-linkedin.png
331
+
332
+ You now have a fancy new LinkedIn enabled login button! Try logging in! When you
333
+ click the new LinkedIn button you'll be redirected to LinkedIn, and prompted to
334
+ select your LinkedIn account:
335
+
336
+ .. image:: /_static/linkedin-permissions-page.png
337
+
338
+ After selecting your account you'll then be prompted to accept any permissions,
339
+ then immediately redirected back to your website at the URL specified by
340
+ ``redirectUrl`` in your app's settings.
341
+
342
+ Github Login
343
+ --------------
344
+
345
+ To use Github Login you must create a Github Application, this is done
346
+ through their Developer site.
347
+
348
+
349
+ Create a Github App
350
+ .....................
351
+
352
+ The first thing you need to do is log into the `Github Developer Site`_ and
353
+ create a new Github App.
354
+
355
+ You can do this by visiting the `Github Developer Site`_ and clicking the "Register a new application"
356
+ menu at the top of the screen. You should see something like the following:
357
+
358
+ .. image:: /_static/github_create_app.png
359
+
360
+ After filling out the form fields click on "Register application"
361
+
362
+
363
+ Create a Github Directory
364
+ ...........................
365
+
366
+ Next, we need to input the Github app credentials into Stormpath Directory.
367
+ This allows Stormpath to interact with the Github API on your behalf, which
368
+ automates all OAuth flows.
369
+
370
+ To do this, you need to visit the `Stormpath Admin Console`_ and create a new
371
+ directory. When you click the "Create Directory" button you will choose
372
+ "Github" as the provider, and enter the following information about your
373
+ Github application:
374
+
375
+ - For the "Name" field, you can insert whatever name you want.
376
+ - For the "Github Client ID" field, insert your Github App ID which you got
377
+ in the previous steps.
378
+ - For the "Github Client Secret" field, insert your Github Client Secret
379
+ which you got in the previous steps.
380
+
381
+ Make sure to click "Create" to finish creating your directory.
382
+
383
+ Next, you need to hook your new Github Directory up to your Stormpath
384
+ Application. To do this, visit the `Stormpath Admin Console`_, navigate to
385
+ Applications, and select your application from the list.
386
+
387
+ On your application page, click the "Account Stores" tab, then click the "Add
388
+ Account Store" button. From the drop down list, select your newly created
389
+ Github Directory, then save your changes.
390
+
391
+
392
+ Test it Out
393
+ ...........
394
+
395
+ Now that you've plugged your Github credentials into rails-stormpath, social
396
+ login should already be working!
397
+
398
+ Open your Rails app in a browser, and try logging in by visiting the login page
399
+ (``/login``). If you're using the default login page included with this
400
+ gem and if all social login providers are set, your login page should look like the following:
401
+
402
+ .. image:: /_static/login_page_with_all_providers.png
403
+
404
+
405
+ .. _Stormpath Admin Console: https://api.stormpath.com
406
+ .. _Facebook Developer Site: https://developers.facebook.com/
407
+ .. _Google Developer Console: https://console.developers.google.com/project
408
+ .. _LinkedIn Developer Console: https://www.linkedin.com/developer/apps
409
+ .. _Github Developer Site: https://github.com/settings/developers
@@ -0,0 +1,100 @@
1
+ .. _templates:
2
+
3
+
4
+ Templates
5
+ =========
6
+
7
+
8
+ Default Views
9
+ -------------
10
+
11
+ By default this gem will use it's own templates for rendering its views.
12
+ The views that this gem serves by default (if the features are enabled) are:
13
+
14
+ * Login Page
15
+ * Registration Page
16
+ * Forgot Password Page
17
+ * Change Password Page
18
+ * Email Verification Page
19
+
20
+ If you want to customize these pages, there are two strategies. You can install
21
+ our default templates and modify them
22
+
23
+ .. code-block:: ruby
24
+
25
+ rails generate stormpath:views
26
+
27
+ or you can supply your own.
28
+
29
+
30
+ Custom Views
31
+ ------------
32
+
33
+ If you want to supply your own view for a given feature, you need to let us
34
+ know where it is. You do this by telling us the specific path to the file.
35
+ For example, if you had a folder named ``views`` in the root of your project,
36
+ you would declare it like this:
37
+
38
+ .. code-block:: yaml
39
+
40
+ web:
41
+ register:
42
+ view: 'sessions/new.html.erb' // My custom login view
43
+
44
+
45
+ View Variables
46
+ --------------
47
+
48
+ Our gem will provide these view variables to all templates that are
49
+ rendered:
50
+
51
+ +-----------------+-------------------------------------------------------------------+
52
+ | **Variable** | **Description** |
53
+ +-----------------+-------------------------------------------------------------------+
54
+ | current_account | The account object of the logged in user (undefined otherwise) |
55
+ +-----------------+-------------------------------------------------------------------+
56
+ | signed_in? | Boolean value which determines whether the user is signed in |
57
+ | | or not |
58
+ +-----------------+-------------------------------------------------------------------+
59
+
60
+ You can also use the values from the ``stormpath.yml`` configuration file generated by this gem.
61
+ For example, if you want to iterate over all the fields that the register form contains you would do this by accessing:
62
+
63
+ .. code-block:: ruby
64
+
65
+ Stormpath::Rails.config.web.register.form.fields
66
+
67
+ or if you just need to use a conditional statement:
68
+
69
+ .. code-block:: ruby
70
+
71
+ Stormpath::Rails.config.web.change_password.enabled
72
+
73
+
74
+ Response Variables
75
+ ------------------
76
+
77
+ Our gem will provide these objects on the response object for all JSON requests.
78
+
79
+ ========== ==========
80
+ Variable Description
81
+ ========== ==========
82
+ account The account object of the logged in user (undefined otherwise)
83
+ ========== ==========
84
+
85
+ .. code-block:: ruby
86
+
87
+ {
88
+ account: {
89
+ href: account.href,
90
+ username: account.username,
91
+ modifiedAt: account.modified_at,
92
+ status: account.status,
93
+ createdAt: account.created_at,
94
+ email: account.email,
95
+ middleName: account.middle_name,
96
+ surname: account.surname,
97
+ givenName: account.given_name,
98
+ fullName: account.full_name
99
+ }
100
+ }