tiddle 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +1 -0
  3. data/README.md +11 -3
  4. data/lib/tiddle/model_name.rb +12 -0
  5. data/lib/tiddle/strategy.rb +2 -1
  6. data/lib/tiddle/token_issuer.rb +3 -1
  7. data/lib/tiddle/version.rb +1 -1
  8. data/spec/rails_app/app/controllers/long_secrets_controller.rb +7 -0
  9. data/spec/rails_app/app/models/admin_user.rb +7 -0
  10. data/spec/rails_app/app/models/user.rb +1 -1
  11. data/spec/rails_app/config/application.rb +1 -0
  12. data/spec/rails_app/config/routes.rb +2 -0
  13. data/spec/rails_app/db/migrate/20150217000000_create_tables.rb +30 -8
  14. data/spec/strategy_spec.rb +37 -5
  15. data/spec/tiddle_spec.rb +10 -8
  16. data/tiddle.gemspec +1 -1
  17. metadata +9 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b727ff0a1139e48942ba55ed07938a63cf354a58
4
- data.tar.gz: 9f0a8b022ea5a4d2b9dcf0a60048bcf01572ca21
3
+ metadata.gz: aca3f210e267f73c0e067d27533534c9c3f9c683
4
+ data.tar.gz: 460622c0502eb261e06b2cf617740ef500dbbbf0
5
5
  SHA512:
6
- metadata.gz: 18ba437e55cf272dca5a8be7cd9a17ed43066645ff201c5f32c8ebc4d57cf58ad33a521a0ba75252908b3c1d05d6e5f77f0fd5087cb3fa59e3c59590d2f1a716
7
- data.tar.gz: b0cadfa8495de1e8683abd28e1f31d1b59bda173d49b2bd8797cec305bcfa51eb3962f18e2ff1cb629f26cd96b212482d80e84b569e84244b203ce522d9e49f3
6
+ metadata.gz: 5d8b78acb6c499efa52fee1f38b639fc1541170badf1ecfbeafa9509677b856ef09a2921637b057f1aa6ba5c383fd5b4a7ebc76105053ff35f7ec2b03f48dd1e
7
+ data.tar.gz: 1b2f8360d54fb6fac59a42bc90d3340236fb10b7626465afa45ba66bdb6d402bf49d2b96f077f3c63e0493d9787d754f0cd8726ff562776c286f5570fa496e5a
data/.travis.yml CHANGED
@@ -1,4 +1,5 @@
1
1
  language: ruby
2
2
  rvm:
3
+ - "2.1.6"
3
4
  - "2.2.0"
4
5
  - "2.2.1"
data/README.md CHANGED
@@ -53,15 +53,21 @@ end
53
53
  class Users::SessionsController < Devise::SessionsController
54
54
 
55
55
  def create
56
- [...]
57
- token = Tiddle.create_and_return_token(resource, request)
56
+ user = warden.authenticate!(auth_options)
57
+ token = Tiddle.create_and_return_token(user, request)
58
58
  render json: { authentication_token: token }
59
59
  end
60
60
 
61
61
  def destroy
62
- Tiddle.expire_token(current_user, request)
62
+ Tiddle.expire_token(current_user, request) if current_user
63
63
  render json: {}
64
64
  end
65
+
66
+ private
67
+
68
+ # this is invoked before destroy and we have to override it
69
+ def verify_signed_out_user
70
+ end
65
71
  end
66
72
  ```
67
73
 
@@ -78,3 +84,5 @@ end
78
84
  ```
79
85
 
80
86
  5) Send ```X-USER-EMAIL``` and ```X-USER-TOKEN``` as headers of every request which requires authentication.
87
+
88
+ You can read more in a blog post dedicated to Tiddle - http://adamniedzielski.github.io/blog/2015/04/04/token-authentication-with-tiddle/
data/lib/tiddle/model_name.rb ADDED
@@ -0,0 +1,12 @@
1
+ module Tiddle
2
+ class ModelName
3
+
4
+ def with_underscores(model)
5
+ model.model_name.to_s.underscore.upcase
6
+ end
7
+
8
+ def with_dashes(model)
9
+ with_underscores(model).dasherize
10
+ end
11
+ end
12
+ end
data/lib/tiddle/strategy.rb CHANGED
@@ -1,4 +1,5 @@
1
1
  require 'devise/strategies/authenticatable'
2
+ require 'tiddle/model_name'
2
3
 
3
4
  module Devise
4
5
  module Strategies
@@ -39,7 +40,7 @@ module Devise
39
40
  end
40
41
 
41
42
  def model_name
42
- mapping.to.model_name.to_s.underscore.upcase
43
+ Tiddle::ModelName.new.with_underscores(mapping.to)
43
44
  end
44
45
 
45
46
  def touch_token(token)
data/lib/tiddle/token_issuer.rb CHANGED
@@ -1,3 +1,5 @@
1
+ require 'tiddle/model_name'
2
+
1
3
  module Tiddle
2
4
  class TokenIssuer
3
5
  MAXIMUM_TOKENS_PER_USER = 20
@@ -22,7 +24,7 @@ module Tiddle
22
24
 
23
25
  def expire_token(resource, request)
24
26
  resource.authentication_tokens
25
- .where(body: request.headers["X-#{resource.model_name.to_s.upcase}-TOKEN"])
27
+ .where(body: request.headers["X-#{ModelName.new.with_dashes(resource)}-TOKEN"])
26
28
  .take!
27
29
  .destroy
28
30
  end
data/lib/tiddle/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Tiddle
2
- VERSION = "0.3.0"
2
+ VERSION = "0.4.0"
3
3
  end
data/spec/rails_app/app/controllers/long_secrets_controller.rb ADDED
@@ -0,0 +1,7 @@
1
+ class LongSecretsController < ApplicationController
2
+ before_action :authenticate_admin_user!
3
+
4
+ def index
5
+ head :ok
6
+ end
7
+ end
data/spec/rails_app/app/models/admin_user.rb ADDED
@@ -0,0 +1,7 @@
1
+ class AdminUser < ActiveRecord::Base
2
+ devise :database_authenticatable, :registerable,
3
+ :recoverable, :trackable, :validatable,
4
+ :token_authenticatable
5
+
6
+ has_many :authentication_tokens, as: :authenticatable
7
+ end
data/spec/rails_app/app/models/user.rb CHANGED
@@ -3,5 +3,5 @@ class User < ActiveRecord::Base
3
3
  :recoverable, :trackable, :validatable,
4
4
  :token_authenticatable
5
5
 
6
- has_many :authentication_tokens
6
+ has_many :authentication_tokens, as: :authenticatable
7
7
  end
data/spec/rails_app/config/application.rb CHANGED
@@ -11,6 +11,7 @@ module RailsApp
11
11
  class Application < Rails::Application
12
12
  config.eager_load = true
13
13
  config.root = File.expand_path('../../.', __FILE__)
14
+ config.consider_all_requests_local = true
14
15
  end
15
16
  end
16
17
 
data/spec/rails_app/config/routes.rb CHANGED
@@ -1,4 +1,6 @@
1
1
  Rails.application.routes.draw do
2
2
  devise_for :users
3
+ devise_for :admin_users
3
4
  resources :secrets, only: [:index], defaults: { format: 'json' }
5
+ resources :long_secrets, only: [:index], defaults: { format: 'json' }
4
6
  end
data/spec/rails_app/db/migrate/20150217000000_create_tables.rb CHANGED
@@ -21,15 +21,37 @@ class CreateTables < ActiveRecord::Migration
21
21
 
22
22
  add_index :users, :email, unique: true
23
23
  add_index :users, :reset_password_token, unique: true
24
- end
25
24
 
26
- create_table :authentication_tokens do |t|
27
- t.string :body, null: false
28
- t.references :user, index: true, null: false
29
- t.datetime :last_used_at, null: false
30
- t.string :ip_address
31
- t.string :user_agent
25
+ create_table(:admin_users) do |t|
26
+ ## Database authenticatable
27
+ t.string :email, null: false, default: ""
28
+ t.string :encrypted_password, null: false, default: ""
29
+
30
+ ## Recoverable
31
+ t.string :reset_password_token
32
+ t.datetime :reset_password_sent_at
33
+
34
+ ## Trackable
35
+ t.integer :sign_in_count, default: 0, null: false
36
+ t.datetime :current_sign_in_at
37
+ t.datetime :last_sign_in_at
38
+ t.string :current_sign_in_ip
39
+ t.string :last_sign_in_ip
40
+
41
+ t.timestamps null: false
42
+ end
43
+
44
+ add_index :admin_users, :email, unique: true
45
+ add_index :admin_users, :reset_password_token, unique: true
46
+
47
+ create_table :authentication_tokens do |t|
48
+ t.string :body, null: false
49
+ t.references :authenticatable, null: false, polymorphic: true
50
+ t.datetime :last_used_at, null: false
51
+ t.string :ip_address
52
+ t.string :user_agent
32
53
 
33
- t.timestamps null: false
54
+ t.timestamps null: false
55
+ end
34
56
  end
35
57
  end
data/spec/strategy_spec.rb CHANGED
@@ -1,12 +1,12 @@
1
1
  describe "Authentication using Tiddle strategy", type: :request do
2
2
 
3
- before do
4
- @user = User.create!(email: "test@example.com", password: "12345678")
5
- @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
6
- end
7
-
8
3
  context "with valid email and token" do
9
4
 
5
+ before do
6
+ @user = User.create!(email: "test@example.com", password: "12345678")
7
+ @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
8
+ end
9
+
10
10
  it "allows to access endpoints which require authentication" do
11
11
  get secrets_path, {},
12
12
  { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => @token }
@@ -57,6 +57,11 @@ describe "Authentication using Tiddle strategy", type: :request do
57
57
 
58
58
  context "with invalid email and valid token" do
59
59
 
60
+ before do
61
+ @user = User.create!(email: "test@example.com", password: "12345678")
62
+ @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
63
+ end
64
+
60
65
  it "does not allow to access endpoints which require authentication" do
61
66
  get secrets_path, {},
62
67
  { "X-USER-EMAIL" => "wrong@example.com", "X-USER-TOKEN" => @token }
@@ -66,10 +71,37 @@ describe "Authentication using Tiddle strategy", type: :request do
66
71
 
67
72
  context "with valid email and invalid token" do
68
73
 
74
+ before do
75
+ @user = User.create!(email: "test@example.com", password: "12345678")
76
+ @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
77
+ end
78
+
69
79
  it "does not allow to access endpoints which require authentication" do
70
80
  get secrets_path, {},
71
81
  { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => "wrong" }
72
82
  expect(response.status).to eq 401
73
83
  end
74
84
  end
85
+
86
+ context "when no headers are passed" do
87
+
88
+ it "does not allow to access endpoints which require authentication" do
89
+ get secrets_path, {}, {}
90
+ expect(response.status).to eq 401
91
+ end
92
+ end
93
+
94
+ context "when model name consists of two words" do
95
+
96
+ before do
97
+ @admin_user = AdminUser.create!(email: "test@example.com", password: "12345678")
98
+ @token = Tiddle.create_and_return_token(@admin_user, FakeRequest.new)
99
+ end
100
+
101
+ it "allows to access endpoints which require authentication" do
102
+ get long_secrets_path, {},
103
+ { "X-ADMIN-USER-EMAIL" => "test@example.com", "X-ADMIN-USER-TOKEN" => @token }
104
+ expect(response.status).to eq 200
105
+ end
106
+ end
75
107
  end
data/spec/tiddle_spec.rb CHANGED
@@ -1,11 +1,11 @@
1
1
  describe Tiddle do
2
2
 
3
- before do
4
- @user = User.create!(email: "test@example.com", password: "12345678")
5
- end
6
-
7
3
  describe "create_and_return_token" do
8
4
 
5
+ before do
6
+ @user = User.create!(email: "test@example.com", password: "12345678")
7
+ end
8
+
9
9
  it "returns string with token" do
10
10
  result = Tiddle.create_and_return_token(@user, FakeRequest.new)
11
11
  expect(result).to be_present
@@ -39,20 +39,22 @@ describe Tiddle do
39
39
  describe "expire_token" do
40
40
 
41
41
  before do
42
- token = Tiddle.create_and_return_token(@user, FakeRequest.new)
43
- @request = FakeRequest.new(headers: { "X-USER-TOKEN" => token })
42
+ @admin_user = AdminUser.create!(email: "test@example.com", password: "12345678")
43
+ token = Tiddle.create_and_return_token(@admin_user, FakeRequest.new)
44
+ @request = FakeRequest.new(headers: { "X-ADMIN-USER-TOKEN" => token })
44
45
  end
45
46
 
46
47
  it "deletes token from the database" do
47
48
  expect do
48
- Tiddle.expire_token(@user, @request)
49
- end.to change { @user.authentication_tokens.count }.by(-1)
49
+ Tiddle.expire_token(@admin_user, @request)
50
+ end.to change { @admin_user.authentication_tokens.count }.by(-1)
50
51
  end
51
52
  end
52
53
 
53
54
  describe "purge_old_tokens" do
54
55
 
55
56
  before do
57
+ @user = User.create!(email: "test@example.com", password: "12345678")
56
58
  Tiddle.create_and_return_token(@user, FakeRequest.new)
57
59
  @old = @user.authentication_tokens.last
58
60
  @old.update_attribute(:last_used_at, 2.hours.ago)
data/tiddle.gemspec CHANGED
@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
17
17
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
18
18
  spec.require_paths = ["lib"]
19
19
 
20
- spec.required_ruby_version = '~> 2.2.0'
20
+ spec.required_ruby_version = '>= 2.1.0'
21
21
 
22
22
  spec.add_dependency "devise", "~> 3.4.1"
23
23
  spec.add_dependency "activerecord", "~> 4.2.0"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tiddle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Niedzielski
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-11 00:00:00.000000000 Z
11
+ date: 2015-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -168,12 +168,15 @@ files:
168
168
  - config/locales/en.yml
169
169
  - lib/tiddle.rb
170
170
  - lib/tiddle/model.rb
171
+ - lib/tiddle/model_name.rb
171
172
  - lib/tiddle/rails.rb
172
173
  - lib/tiddle/strategy.rb
173
174
  - lib/tiddle/token_issuer.rb
174
175
  - lib/tiddle/version.rb
175
176
  - spec/rails_app/app/controllers/application_controller.rb
177
+ - spec/rails_app/app/controllers/long_secrets_controller.rb
176
178
  - spec/rails_app/app/controllers/secrets_controller.rb
179
+ - spec/rails_app/app/models/admin_user.rb
177
180
  - spec/rails_app/app/models/authentication_token.rb
178
181
  - spec/rails_app/app/models/user.rb
179
182
  - spec/rails_app/config/application.rb
@@ -197,9 +200,9 @@ require_paths:
197
200
  - lib
198
201
  required_ruby_version: !ruby/object:Gem::Requirement
199
202
  requirements:
200
- - - "~>"
203
+ - - ">="
201
204
  - !ruby/object:Gem::Version
202
- version: 2.2.0
205
+ version: 2.1.0
203
206
  required_rubygems_version: !ruby/object:Gem::Requirement
204
207
  requirements:
205
208
  - - ">="
@@ -213,7 +216,9 @@ specification_version: 4
213
216
  summary: Token authentication for Devise which supports multiple tokens per model
214
217
  test_files:
215
218
  - spec/rails_app/app/controllers/application_controller.rb
219
+ - spec/rails_app/app/controllers/long_secrets_controller.rb
216
220
  - spec/rails_app/app/controllers/secrets_controller.rb
221
+ - spec/rails_app/app/models/admin_user.rb
217
222
  - spec/rails_app/app/models/authentication_token.rb
218
223
  - spec/rails_app/app/models/user.rb
219
224
  - spec/rails_app/config/application.rb