stormpath-rails 2.2.0 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/.gitmodules +3 -0
- data/.travis.yml +1 -1
- data/CHANGELOG.md +11 -0
- data/README.md +1 -1
- data/app/controllers/stormpath/rails/register/create_controller.rb +1 -1
- data/docs/Makefile +225 -0
- data/docs/_static/facebook-new-project.png +0 -0
- data/docs/_static/facebook-url-settings.png +0 -0
- data/docs/_static/forgot-change.png +0 -0
- data/docs/_static/forgot-complete.png +0 -0
- data/docs/_static/forgot-email-sent.png +0 -0
- data/docs/_static/forgot-email.png +0 -0
- data/docs/_static/forgot-init.png +0 -0
- data/docs/_static/forgot.png +0 -0
- data/docs/_static/github_create_app.png +0 -0
- data/docs/_static/google-enable-login.png +0 -0
- data/docs/_static/google-new-project.png +0 -0
- data/docs/_static/google-oauth-settings.png +0 -0
- data/docs/_static/id-site-login.png +0 -0
- data/docs/_static/id-site-settings.png +0 -0
- data/docs/_static/id-site-stormpath-config.png +0 -0
- data/docs/_static/linkedin-add-authorized-urls.gif +0 -0
- data/docs/_static/linkedin-add-permissions.gif +0 -0
- data/docs/_static/linkedin-new-application.gif +0 -0
- data/docs/_static/linkedin-permissions-page.png +0 -0
- data/docs/_static/login-page-basic.png +0 -0
- data/docs/_static/login-page-facebook-permissions.png +0 -0
- data/docs/_static/login-page-facebook.png +0 -0
- data/docs/_static/login-page-google-account.png +0 -0
- data/docs/_static/login-page-google.png +0 -0
- data/docs/_static/login-page-linkedin.png +0 -0
- data/docs/_static/login-page.png +0 -0
- data/docs/_static/login_page_with_all_providers.png +0 -0
- data/docs/_static/registration-page-basic.png +0 -0
- data/docs/_static/registration-page-error.png +0 -0
- data/docs/_static/registration-page.png +0 -0
- data/docs/_static/verification-complete.png +0 -0
- data/docs/_static/verification-email.png +0 -0
- data/docs/_static/verification.png +0 -0
- data/docs/_templates/layout.html +6 -0
- data/docs/about.rst +72 -0
- data/docs/authentication.rst +332 -0
- data/docs/changelog.rst +41 -0
- data/docs/conf.py +346 -0
- data/docs/configuration.rst +151 -0
- data/docs/contributors.rst +56 -0
- data/docs/devise_import.rst +112 -0
- data/docs/help.rst +24 -0
- data/docs/index.rst +31 -0
- data/docs/login.rst +242 -0
- data/docs/logout.rst +73 -0
- data/docs/password_reset.rst +85 -0
- data/docs/quickstart.rst +179 -0
- data/docs/registration.rst +364 -0
- data/docs/social_login.rst +409 -0
- data/docs/templates.rst +100 -0
- data/docs/user_data.rst +216 -0
- data/lib/stormpath/rails/version.rb +1 -1
- data/stormpath-rails.gemspec +1 -1
- metadata +57 -4
data/docs/user_data.rst
ADDED
@@ -0,0 +1,216 @@
|
|
1
|
+
.. _user_data:
|
2
|
+
|
3
|
+
User Data
|
4
|
+
=========
|
5
|
+
|
6
|
+
|
7
|
+
current_account
|
8
|
+
---------------
|
9
|
+
|
10
|
+
When writing your own controller methods, you will likely want to use
|
11
|
+
the account object. There are two primary ways to do this: with the `current_account`
|
12
|
+
helper method, and with our other authentication helper method.
|
13
|
+
|
14
|
+
Resolving The Current User(Account)
|
15
|
+
....................................
|
16
|
+
|
17
|
+
In this situation, we have a home page which needs to render itself differently
|
18
|
+
if the user is logged in. In this scenario, we don't *require* authentication,
|
19
|
+
but we need to know if the user is logged in. In this case we use the
|
20
|
+
``current_account`` method:
|
21
|
+
|
22
|
+
.. code-block:: ruby
|
23
|
+
|
24
|
+
// Basic controller method example
|
25
|
+
|
26
|
+
if current_account do
|
27
|
+
render text: "Hello #{current_account.email}"
|
28
|
+
else
|
29
|
+
render text: 'Not logged in'
|
30
|
+
end
|
31
|
+
|
32
|
+
|
33
|
+
Forcing Authentication
|
34
|
+
......................
|
35
|
+
|
36
|
+
If you require authentication for a route, you should use one of the
|
37
|
+
authentication helper methods that are documented in the
|
38
|
+
:ref:`authentication` section.
|
39
|
+
|
40
|
+
When you use these middlewares, we won't call your controller method unless the
|
41
|
+
user is logged in. If the user is not logged in, we bypass your middleware and
|
42
|
+
redirect the user to the login page for HTML requests, or send a 401 error for
|
43
|
+
JSON requests.
|
44
|
+
|
45
|
+
For example, if you've defined a simple view that should simply display a user's
|
46
|
+
email address, we can use the ``require_authentication!`` method to require them to be
|
47
|
+
logged in in order to have access to the show view:
|
48
|
+
|
49
|
+
.. code-block:: ruby
|
50
|
+
|
51
|
+
class ProfilesController < ApplicationController
|
52
|
+
before_action :require_authentication!
|
53
|
+
|
54
|
+
def show
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
|
59
|
+
Modifying The Account
|
60
|
+
......................
|
61
|
+
|
62
|
+
The ``current_account`` context allows you to directly interact with the current
|
63
|
+
``account`` object. This means you can perform *any* action on the ``account`` object
|
64
|
+
directly.
|
65
|
+
|
66
|
+
Perhaps you want to change a accounts's ``given_name`` (*first name*). You could
|
67
|
+
easily accomplish this with the following code:
|
68
|
+
|
69
|
+
.. code-block:: ruby
|
70
|
+
|
71
|
+
current_account.given_name = 'Clark';
|
72
|
+
if current_account.save
|
73
|
+
puts('Successfully updated account!')
|
74
|
+
else
|
75
|
+
puts('There was an error processing your request')
|
76
|
+
end
|
77
|
+
|
78
|
+
As you can see above, you can directly modify ``account`` attributes, then
|
79
|
+
save any changes by running ``current_account.save``.
|
80
|
+
|
81
|
+
|
82
|
+
Custom Data
|
83
|
+
-----------
|
84
|
+
|
85
|
+
In addition to managing basic user fields, Stormpath also allows you to store
|
86
|
+
up to 10MB of JSON information with each user account!
|
87
|
+
|
88
|
+
Instead of defining a database table for users, and another database table for
|
89
|
+
user profile information -- with Stormpath, you don't need either!
|
90
|
+
|
91
|
+
Let's take a look at how easy it is to store custom data on a ``user``
|
92
|
+
model:
|
93
|
+
|
94
|
+
.. code-block:: ruby
|
95
|
+
|
96
|
+
// You can add fields
|
97
|
+
current_account.custom_data[:rank] = 'General'
|
98
|
+
current_account.custom_data[:experience] = {'speed': 100, 'precision': 68};
|
99
|
+
current_account.custom_data.save
|
100
|
+
|
101
|
+
// And delete fields
|
102
|
+
|
103
|
+
current_account.custom_data[:rank].delete
|
104
|
+
|
105
|
+
// And then save it all at once
|
106
|
+
|
107
|
+
if current_account.custom_data.save
|
108
|
+
puts('Successfully updated custom data account!')
|
109
|
+
else
|
110
|
+
puts('There was an error processing your request')
|
111
|
+
end
|
112
|
+
|
113
|
+
As you can see above -- storing custom information on a ``user`` account is
|
114
|
+
extremely simple!
|
115
|
+
|
116
|
+
For more information about the ``account`` object, please visit the `Ruby SDK Account Management`_ chapter.
|
117
|
+
|
118
|
+
|
119
|
+
Automatic Expansion
|
120
|
+
-------------------
|
121
|
+
|
122
|
+
In Stormpath, all objects are connected in a graph. You
|
123
|
+
have to expand a resource to get its child resources, and this
|
124
|
+
is an asynchronous operation. We can pre-fetch the expanded
|
125
|
+
user data for you. Simply pass the `Expansion` resource while fetching the account:
|
126
|
+
|
127
|
+
.. code-block:: ruby
|
128
|
+
|
129
|
+
client.accounts.get(current_account.href, Stormpath::Resource::Expansion.new('directory'))
|
130
|
+
|
131
|
+
|
132
|
+
Our gem will pre-expand those resources for you, so that
|
133
|
+
they are statically available inside your methods.
|
134
|
+
|
135
|
+
Without enabling this expansion, the response would only contain
|
136
|
+
an object which has an href to the resource, that would look
|
137
|
+
like this:
|
138
|
+
|
139
|
+
.. code-block:: javascript
|
140
|
+
|
141
|
+
{
|
142
|
+
href: 'http://api.stormpath.com/v1/accounts/avIu4NrfCk49uzhfCk/customData'
|
143
|
+
}
|
144
|
+
|
145
|
+
.. note::
|
146
|
+
|
147
|
+
Custom data is expanded automatically, but you can disable this
|
148
|
+
|
149
|
+
You can expand any of these *"linked resources"*:
|
150
|
+
|
151
|
+
- ``apiKeys`` - A user's API keys.
|
152
|
+
- ``customData`` - A user's custom data.
|
153
|
+
- ``directory`` - A user's directory data.
|
154
|
+
- ``groups`` - A user's group data.
|
155
|
+
- ``groupMemberships`` - A user's group membership data.
|
156
|
+
- ``providerData`` - A user's provider data (*for social login providers*).
|
157
|
+
- ``tenant`` - A user's tenant data.
|
158
|
+
|
159
|
+
.. _me_api:
|
160
|
+
|
161
|
+
Current User JSON API
|
162
|
+
---------------------
|
163
|
+
|
164
|
+
If you are working with a front-end application, you can make a request to the
|
165
|
+
``/me`` URL to get a JSON representation of the account that is currently
|
166
|
+
logged in. If the user is not logged in, this endpoint will return a 401
|
167
|
+
response.
|
168
|
+
|
169
|
+
The response from the endpoint looks like this:
|
170
|
+
|
171
|
+
.. code-block:: javascript
|
172
|
+
|
173
|
+
{
|
174
|
+
"account": {
|
175
|
+
"href": "https://api.stormpath.com/v1/accounts/4WvCtY0oCRDzQdYH3Q0qjz",
|
176
|
+
"username": "foobar",
|
177
|
+
"email": "foo@example.com",
|
178
|
+
"givenName": "Foo",
|
179
|
+
"middleName": null,
|
180
|
+
"surname": "Bar",
|
181
|
+
"fullName": "Foo Bar",
|
182
|
+
"status": "ENABLED",
|
183
|
+
"createdAt": "2015-10-13T20:54:22.215Z",
|
184
|
+
"modifiedAt": "2016-03-17T16:40:17.631Z"
|
185
|
+
}
|
186
|
+
}
|
187
|
+
|
188
|
+
By default we don't expand any data on the account, for security purposes. But
|
189
|
+
you can opt-in to account expansions with the following configuration in the *stormpath.yml*:
|
190
|
+
|
191
|
+
.. code-block:: ruby
|
192
|
+
|
193
|
+
me:
|
194
|
+
enabled: true
|
195
|
+
uri: "/me"
|
196
|
+
expand:
|
197
|
+
apiKeys: true
|
198
|
+
applications: true
|
199
|
+
customData: true
|
200
|
+
directory: true
|
201
|
+
groupMemberships: true
|
202
|
+
groups: true
|
203
|
+
providerData: true
|
204
|
+
tenant: true
|
205
|
+
|
206
|
+
If you wish to disable the ``/me`` route entirely, you can do that as well:
|
207
|
+
|
208
|
+
.. code-block:: ruby
|
209
|
+
|
210
|
+
me:
|
211
|
+
enabled: false
|
212
|
+
|
213
|
+
|
214
|
+
.. _Account Object: https://docs.stormpath.com/ruby/quickstart/
|
215
|
+
.. _Stormpath Ruby SDK: https://github.com/stormpath/stormpath-sdk-ruby
|
216
|
+
.. _Ruby SDK Account Management: https://docs.stormpath.com/ruby/product-guide/latest/accnt_mgmt.html
|
data/stormpath-rails.gemspec
CHANGED
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
|
|
22
22
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
23
23
|
spec.require_paths = ['lib']
|
24
24
|
|
25
|
-
spec.add_dependency 'stormpath-sdk', '>= 1.1
|
25
|
+
spec.add_dependency 'stormpath-sdk', '>= 1.3.1'
|
26
26
|
spec.add_dependency 'virtus'
|
27
27
|
spec.add_dependency 'rails', '>= 3.1'
|
28
28
|
spec.add_dependency 'recursive-open-struct'
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: stormpath-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nenad Nikolic
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-11-
|
11
|
+
date: 2016-11-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: stormpath-sdk
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 1.1
|
19
|
+
version: 1.3.1
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - ">="
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 1.1
|
26
|
+
version: 1.3.1
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: virtus
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -102,6 +102,7 @@ extensions: []
|
|
102
102
|
extra_rdoc_files: []
|
103
103
|
files:
|
104
104
|
- ".gitignore"
|
105
|
+
- ".gitmodules"
|
105
106
|
- ".rspec"
|
106
107
|
- ".rubocop.yml"
|
107
108
|
- ".travis.yml"
|
@@ -178,6 +179,58 @@ files:
|
|
178
179
|
- bin/rspec
|
179
180
|
- bin/setup
|
180
181
|
- config/initializers/assets.rb
|
182
|
+
- docs/Makefile
|
183
|
+
- docs/_static/facebook-new-project.png
|
184
|
+
- docs/_static/facebook-url-settings.png
|
185
|
+
- docs/_static/forgot-change.png
|
186
|
+
- docs/_static/forgot-complete.png
|
187
|
+
- docs/_static/forgot-email-sent.png
|
188
|
+
- docs/_static/forgot-email.png
|
189
|
+
- docs/_static/forgot-init.png
|
190
|
+
- docs/_static/forgot.png
|
191
|
+
- docs/_static/github_create_app.png
|
192
|
+
- docs/_static/google-enable-login.png
|
193
|
+
- docs/_static/google-new-project.png
|
194
|
+
- docs/_static/google-oauth-settings.png
|
195
|
+
- docs/_static/id-site-login.png
|
196
|
+
- docs/_static/id-site-settings.png
|
197
|
+
- docs/_static/id-site-stormpath-config.png
|
198
|
+
- docs/_static/linkedin-add-authorized-urls.gif
|
199
|
+
- docs/_static/linkedin-add-permissions.gif
|
200
|
+
- docs/_static/linkedin-new-application.gif
|
201
|
+
- docs/_static/linkedin-permissions-page.png
|
202
|
+
- docs/_static/login-page-basic.png
|
203
|
+
- docs/_static/login-page-facebook-permissions.png
|
204
|
+
- docs/_static/login-page-facebook.png
|
205
|
+
- docs/_static/login-page-google-account.png
|
206
|
+
- docs/_static/login-page-google.png
|
207
|
+
- docs/_static/login-page-linkedin.png
|
208
|
+
- docs/_static/login-page.png
|
209
|
+
- docs/_static/login_page_with_all_providers.png
|
210
|
+
- docs/_static/registration-page-basic.png
|
211
|
+
- docs/_static/registration-page-error.png
|
212
|
+
- docs/_static/registration-page.png
|
213
|
+
- docs/_static/verification-complete.png
|
214
|
+
- docs/_static/verification-email.png
|
215
|
+
- docs/_static/verification.png
|
216
|
+
- docs/_templates/layout.html
|
217
|
+
- docs/about.rst
|
218
|
+
- docs/authentication.rst
|
219
|
+
- docs/changelog.rst
|
220
|
+
- docs/conf.py
|
221
|
+
- docs/configuration.rst
|
222
|
+
- docs/contributors.rst
|
223
|
+
- docs/devise_import.rst
|
224
|
+
- docs/help.rst
|
225
|
+
- docs/index.rst
|
226
|
+
- docs/login.rst
|
227
|
+
- docs/logout.rst
|
228
|
+
- docs/password_reset.rst
|
229
|
+
- docs/quickstart.rst
|
230
|
+
- docs/registration.rst
|
231
|
+
- docs/social_login.rst
|
232
|
+
- docs/templates.rst
|
233
|
+
- docs/user_data.rst
|
181
234
|
- keypair.enc
|
182
235
|
- lib/generators/stormpath/install/install_generator.rb
|
183
236
|
- lib/generators/stormpath/install/templates/default_config.yml
|