stormpath-rails 2.2.0 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/.gitmodules +3 -0
- data/.travis.yml +1 -1
- data/CHANGELOG.md +11 -0
- data/README.md +1 -1
- data/app/controllers/stormpath/rails/register/create_controller.rb +1 -1
- data/docs/Makefile +225 -0
- data/docs/_static/facebook-new-project.png +0 -0
- data/docs/_static/facebook-url-settings.png +0 -0
- data/docs/_static/forgot-change.png +0 -0
- data/docs/_static/forgot-complete.png +0 -0
- data/docs/_static/forgot-email-sent.png +0 -0
- data/docs/_static/forgot-email.png +0 -0
- data/docs/_static/forgot-init.png +0 -0
- data/docs/_static/forgot.png +0 -0
- data/docs/_static/github_create_app.png +0 -0
- data/docs/_static/google-enable-login.png +0 -0
- data/docs/_static/google-new-project.png +0 -0
- data/docs/_static/google-oauth-settings.png +0 -0
- data/docs/_static/id-site-login.png +0 -0
- data/docs/_static/id-site-settings.png +0 -0
- data/docs/_static/id-site-stormpath-config.png +0 -0
- data/docs/_static/linkedin-add-authorized-urls.gif +0 -0
- data/docs/_static/linkedin-add-permissions.gif +0 -0
- data/docs/_static/linkedin-new-application.gif +0 -0
- data/docs/_static/linkedin-permissions-page.png +0 -0
- data/docs/_static/login-page-basic.png +0 -0
- data/docs/_static/login-page-facebook-permissions.png +0 -0
- data/docs/_static/login-page-facebook.png +0 -0
- data/docs/_static/login-page-google-account.png +0 -0
- data/docs/_static/login-page-google.png +0 -0
- data/docs/_static/login-page-linkedin.png +0 -0
- data/docs/_static/login-page.png +0 -0
- data/docs/_static/login_page_with_all_providers.png +0 -0
- data/docs/_static/registration-page-basic.png +0 -0
- data/docs/_static/registration-page-error.png +0 -0
- data/docs/_static/registration-page.png +0 -0
- data/docs/_static/verification-complete.png +0 -0
- data/docs/_static/verification-email.png +0 -0
- data/docs/_static/verification.png +0 -0
- data/docs/_templates/layout.html +6 -0
- data/docs/about.rst +72 -0
- data/docs/authentication.rst +332 -0
- data/docs/changelog.rst +41 -0
- data/docs/conf.py +346 -0
- data/docs/configuration.rst +151 -0
- data/docs/contributors.rst +56 -0
- data/docs/devise_import.rst +112 -0
- data/docs/help.rst +24 -0
- data/docs/index.rst +31 -0
- data/docs/login.rst +242 -0
- data/docs/logout.rst +73 -0
- data/docs/password_reset.rst +85 -0
- data/docs/quickstart.rst +179 -0
- data/docs/registration.rst +364 -0
- data/docs/social_login.rst +409 -0
- data/docs/templates.rst +100 -0
- data/docs/user_data.rst +216 -0
- data/lib/stormpath/rails/version.rb +1 -1
- data/stormpath-rails.gemspec +1 -1
- metadata +57 -4
data/docs/user_data.rst
ADDED
@@ -0,0 +1,216 @@
|
|
1
|
+
.. _user_data:
|
2
|
+
|
3
|
+
User Data
|
4
|
+
=========
|
5
|
+
|
6
|
+
|
7
|
+
current_account
|
8
|
+
---------------
|
9
|
+
|
10
|
+
When writing your own controller methods, you will likely want to use
|
11
|
+
the account object. There are two primary ways to do this: with the `current_account`
|
12
|
+
helper method, and with our other authentication helper method.
|
13
|
+
|
14
|
+
Resolving The Current User(Account)
|
15
|
+
....................................
|
16
|
+
|
17
|
+
In this situation, we have a home page which needs to render itself differently
|
18
|
+
if the user is logged in. In this scenario, we don't *require* authentication,
|
19
|
+
but we need to know if the user is logged in. In this case we use the
|
20
|
+
``current_account`` method:
|
21
|
+
|
22
|
+
.. code-block:: ruby
|
23
|
+
|
24
|
+
// Basic controller method example
|
25
|
+
|
26
|
+
if current_account do
|
27
|
+
render text: "Hello #{current_account.email}"
|
28
|
+
else
|
29
|
+
render text: 'Not logged in'
|
30
|
+
end
|
31
|
+
|
32
|
+
|
33
|
+
Forcing Authentication
|
34
|
+
......................
|
35
|
+
|
36
|
+
If you require authentication for a route, you should use one of the
|
37
|
+
authentication helper methods that are documented in the
|
38
|
+
:ref:`authentication` section.
|
39
|
+
|
40
|
+
When you use these middlewares, we won't call your controller method unless the
|
41
|
+
user is logged in. If the user is not logged in, we bypass your middleware and
|
42
|
+
redirect the user to the login page for HTML requests, or send a 401 error for
|
43
|
+
JSON requests.
|
44
|
+
|
45
|
+
For example, if you've defined a simple view that should simply display a user's
|
46
|
+
email address, we can use the ``require_authentication!`` method to require them to be
|
47
|
+
logged in in order to have access to the show view:
|
48
|
+
|
49
|
+
.. code-block:: ruby
|
50
|
+
|
51
|
+
class ProfilesController < ApplicationController
|
52
|
+
before_action :require_authentication!
|
53
|
+
|
54
|
+
def show
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
|
59
|
+
Modifying The Account
|
60
|
+
......................
|
61
|
+
|
62
|
+
The ``current_account`` context allows you to directly interact with the current
|
63
|
+
``account`` object. This means you can perform *any* action on the ``account`` object
|
64
|
+
directly.
|
65
|
+
|
66
|
+
Perhaps you want to change a accounts's ``given_name`` (*first name*). You could
|
67
|
+
easily accomplish this with the following code:
|
68
|
+
|
69
|
+
.. code-block:: ruby
|
70
|
+
|
71
|
+
current_account.given_name = 'Clark';
|
72
|
+
if current_account.save
|
73
|
+
puts('Successfully updated account!')
|
74
|
+
else
|
75
|
+
puts('There was an error processing your request')
|
76
|
+
end
|
77
|
+
|
78
|
+
As you can see above, you can directly modify ``account`` attributes, then
|
79
|
+
save any changes by running ``current_account.save``.
|
80
|
+
|
81
|
+
|
82
|
+
Custom Data
|
83
|
+
-----------
|
84
|
+
|
85
|
+
In addition to managing basic user fields, Stormpath also allows you to store
|
86
|
+
up to 10MB of JSON information with each user account!
|
87
|
+
|
88
|
+
Instead of defining a database table for users, and another database table for
|
89
|
+
user profile information -- with Stormpath, you don't need either!
|
90
|
+
|
91
|
+
Let's take a look at how easy it is to store custom data on a ``user``
|
92
|
+
model:
|
93
|
+
|
94
|
+
.. code-block:: ruby
|
95
|
+
|
96
|
+
// You can add fields
|
97
|
+
current_account.custom_data[:rank] = 'General'
|
98
|
+
current_account.custom_data[:experience] = {'speed': 100, 'precision': 68};
|
99
|
+
current_account.custom_data.save
|
100
|
+
|
101
|
+
// And delete fields
|
102
|
+
|
103
|
+
current_account.custom_data[:rank].delete
|
104
|
+
|
105
|
+
// And then save it all at once
|
106
|
+
|
107
|
+
if current_account.custom_data.save
|
108
|
+
puts('Successfully updated custom data account!')
|
109
|
+
else
|
110
|
+
puts('There was an error processing your request')
|
111
|
+
end
|
112
|
+
|
113
|
+
As you can see above -- storing custom information on a ``user`` account is
|
114
|
+
extremely simple!
|
115
|
+
|
116
|
+
For more information about the ``account`` object, please visit the `Ruby SDK Account Management`_ chapter.
|
117
|
+
|
118
|
+
|
119
|
+
Automatic Expansion
|
120
|
+
-------------------
|
121
|
+
|
122
|
+
In Stormpath, all objects are connected in a graph. You
|
123
|
+
have to expand a resource to get its child resources, and this
|
124
|
+
is an asynchronous operation. We can pre-fetch the expanded
|
125
|
+
user data for you. Simply pass the `Expansion` resource while fetching the account:
|
126
|
+
|
127
|
+
.. code-block:: ruby
|
128
|
+
|
129
|
+
client.accounts.get(current_account.href, Stormpath::Resource::Expansion.new('directory'))
|
130
|
+
|
131
|
+
|
132
|
+
Our gem will pre-expand those resources for you, so that
|
133
|
+
they are statically available inside your methods.
|
134
|
+
|
135
|
+
Without enabling this expansion, the response would only contain
|
136
|
+
an object which has an href to the resource, that would look
|
137
|
+
like this:
|
138
|
+
|
139
|
+
.. code-block:: javascript
|
140
|
+
|
141
|
+
{
|
142
|
+
href: 'http://api.stormpath.com/v1/accounts/avIu4NrfCk49uzhfCk/customData'
|
143
|
+
}
|
144
|
+
|
145
|
+
.. note::
|
146
|
+
|
147
|
+
Custom data is expanded automatically, but you can disable this
|
148
|
+
|
149
|
+
You can expand any of these *"linked resources"*:
|
150
|
+
|
151
|
+
- ``apiKeys`` - A user's API keys.
|
152
|
+
- ``customData`` - A user's custom data.
|
153
|
+
- ``directory`` - A user's directory data.
|
154
|
+
- ``groups`` - A user's group data.
|
155
|
+
- ``groupMemberships`` - A user's group membership data.
|
156
|
+
- ``providerData`` - A user's provider data (*for social login providers*).
|
157
|
+
- ``tenant`` - A user's tenant data.
|
158
|
+
|
159
|
+
.. _me_api:
|
160
|
+
|
161
|
+
Current User JSON API
|
162
|
+
---------------------
|
163
|
+
|
164
|
+
If you are working with a front-end application, you can make a request to the
|
165
|
+
``/me`` URL to get a JSON representation of the account that is currently
|
166
|
+
logged in. If the user is not logged in, this endpoint will return a 401
|
167
|
+
response.
|
168
|
+
|
169
|
+
The response from the endpoint looks like this:
|
170
|
+
|
171
|
+
.. code-block:: javascript
|
172
|
+
|
173
|
+
{
|
174
|
+
"account": {
|
175
|
+
"href": "https://api.stormpath.com/v1/accounts/4WvCtY0oCRDzQdYH3Q0qjz",
|
176
|
+
"username": "foobar",
|
177
|
+
"email": "foo@example.com",
|
178
|
+
"givenName": "Foo",
|
179
|
+
"middleName": null,
|
180
|
+
"surname": "Bar",
|
181
|
+
"fullName": "Foo Bar",
|
182
|
+
"status": "ENABLED",
|
183
|
+
"createdAt": "2015-10-13T20:54:22.215Z",
|
184
|
+
"modifiedAt": "2016-03-17T16:40:17.631Z"
|
185
|
+
}
|
186
|
+
}
|
187
|
+
|
188
|
+
By default we don't expand any data on the account, for security purposes. But
|
189
|
+
you can opt-in to account expansions with the following configuration in the *stormpath.yml*:
|
190
|
+
|
191
|
+
.. code-block:: ruby
|
192
|
+
|
193
|
+
me:
|
194
|
+
enabled: true
|
195
|
+
uri: "/me"
|
196
|
+
expand:
|
197
|
+
apiKeys: true
|
198
|
+
applications: true
|
199
|
+
customData: true
|
200
|
+
directory: true
|
201
|
+
groupMemberships: true
|
202
|
+
groups: true
|
203
|
+
providerData: true
|
204
|
+
tenant: true
|
205
|
+
|
206
|
+
If you wish to disable the ``/me`` route entirely, you can do that as well:
|
207
|
+
|
208
|
+
.. code-block:: ruby
|
209
|
+
|
210
|
+
me:
|
211
|
+
enabled: false
|
212
|
+
|
213
|
+
|
214
|
+
.. _Account Object: https://docs.stormpath.com/ruby/quickstart/
|
215
|
+
.. _Stormpath Ruby SDK: https://github.com/stormpath/stormpath-sdk-ruby
|
216
|
+
.. _Ruby SDK Account Management: https://docs.stormpath.com/ruby/product-guide/latest/accnt_mgmt.html
|
data/stormpath-rails.gemspec
CHANGED
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
23
23
|
spec.require_paths = ['lib']
|
24
24
|
|
25
|
-
spec.add_dependency 'stormpath-sdk', '>= 1.1
|
25
|
+
spec.add_dependency 'stormpath-sdk', '>= 1.3.1'
|
26
26
|
spec.add_dependency 'virtus'
|
27
27
|
spec.add_dependency 'rails', '>= 3.1'
|
28
28
|
spec.add_dependency 'recursive-open-struct'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stormpath-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nenad Nikolic
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-11-
|
11
|
+
date: 2016-11-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: stormpath-sdk
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.1
|
19
|
+
version: 1.3.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.1
|
26
|
+
version: 1.3.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: virtus
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -102,6 +102,7 @@ extensions: []
|
|
102
102
|
extra_rdoc_files: []
|
103
103
|
files:
|
104
104
|
- ".gitignore"
|
105
|
+
- ".gitmodules"
|
105
106
|
- ".rspec"
|
106
107
|
- ".rubocop.yml"
|
107
108
|
- ".travis.yml"
|
@@ -178,6 +179,58 @@ files:
|
|
178
179
|
- bin/rspec
|
179
180
|
- bin/setup
|
180
181
|
- config/initializers/assets.rb
|
182
|
+
- docs/Makefile
|
183
|
+
- docs/_static/facebook-new-project.png
|
184
|
+
- docs/_static/facebook-url-settings.png
|
185
|
+
- docs/_static/forgot-change.png
|
186
|
+
- docs/_static/forgot-complete.png
|
187
|
+
- docs/_static/forgot-email-sent.png
|
188
|
+
- docs/_static/forgot-email.png
|
189
|
+
- docs/_static/forgot-init.png
|
190
|
+
- docs/_static/forgot.png
|
191
|
+
- docs/_static/github_create_app.png
|
192
|
+
- docs/_static/google-enable-login.png
|
193
|
+
- docs/_static/google-new-project.png
|
194
|
+
- docs/_static/google-oauth-settings.png
|
195
|
+
- docs/_static/id-site-login.png
|
196
|
+
- docs/_static/id-site-settings.png
|
197
|
+
- docs/_static/id-site-stormpath-config.png
|
198
|
+
- docs/_static/linkedin-add-authorized-urls.gif
|
199
|
+
- docs/_static/linkedin-add-permissions.gif
|
200
|
+
- docs/_static/linkedin-new-application.gif
|
201
|
+
- docs/_static/linkedin-permissions-page.png
|
202
|
+
- docs/_static/login-page-basic.png
|
203
|
+
- docs/_static/login-page-facebook-permissions.png
|
204
|
+
- docs/_static/login-page-facebook.png
|
205
|
+
- docs/_static/login-page-google-account.png
|
206
|
+
- docs/_static/login-page-google.png
|
207
|
+
- docs/_static/login-page-linkedin.png
|
208
|
+
- docs/_static/login-page.png
|
209
|
+
- docs/_static/login_page_with_all_providers.png
|
210
|
+
- docs/_static/registration-page-basic.png
|
211
|
+
- docs/_static/registration-page-error.png
|
212
|
+
- docs/_static/registration-page.png
|
213
|
+
- docs/_static/verification-complete.png
|
214
|
+
- docs/_static/verification-email.png
|
215
|
+
- docs/_static/verification.png
|
216
|
+
- docs/_templates/layout.html
|
217
|
+
- docs/about.rst
|
218
|
+
- docs/authentication.rst
|
219
|
+
- docs/changelog.rst
|
220
|
+
- docs/conf.py
|
221
|
+
- docs/configuration.rst
|
222
|
+
- docs/contributors.rst
|
223
|
+
- docs/devise_import.rst
|
224
|
+
- docs/help.rst
|
225
|
+
- docs/index.rst
|
226
|
+
- docs/login.rst
|
227
|
+
- docs/logout.rst
|
228
|
+
- docs/password_reset.rst
|
229
|
+
- docs/quickstart.rst
|
230
|
+
- docs/registration.rst
|
231
|
+
- docs/social_login.rst
|
232
|
+
- docs/templates.rst
|
233
|
+
- docs/user_data.rst
|
181
234
|
- keypair.enc
|
182
235
|
- lib/generators/stormpath/install/install_generator.rb
|
183
236
|
- lib/generators/stormpath/install/templates/default_config.yml
|