RubyGems - tiddle - Versions diffs - 0.5.1 → 0.6.0 - Mend

tiddle 0.5.1 → 0.6.0

Files changed (11) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8c09ebc70597a74a73abc1b7c46e75f977ce9eaa
-  data.tar.gz: f421032a340cce1ddea4ccaf18e00b1d83603180
+  metadata.gz: eaff93a07c995f50d6ae7e23358251bb42ca4c35
+  data.tar.gz: 80b8e889d5d7a6de30608c75255ad4b9f755b926
 SHA512:
-  metadata.gz: b361cfd1cc4623f0db2d46f06258d9455ed41718d7ad47206423afaca1b6746ba1411ffc5582c8b55cce32254b744a404c7c74be00b047b8f675334eba4b521a
-  data.tar.gz: 30a9fc9aed12190e6e24422ba9b395cc9207dc83a57d0d213e70f531b3c922397a9a2fe6b16c922eb67fe79b7fc47139d329acade4540447219d7a1c90ed56bc
+  metadata.gz: 80f288aa4a372315323403cb1aa4fb49287e5b77170f878e4f9fe5c768b67795c72f8e31e18deab4794cde388dc55d86a4fefb4d77b23a4e7c832479f3fecaa8
+  data.tar.gz: 56f5082287e45019a3c42adfa36dc49749a1098884ac1907f60cde950c9fec44e13895ffe79639400d20fd76861bc56a732d8b40f8c772c491884d919a167184

data/.rubocop.yml CHANGED

@@ -21,3 +21,5 @@ Style/EmptyLinesAroundModuleBody:
   Enabled: false
 Style/MultilineOperationIndentation:
   EnforcedStyle: indented
+Metrics/LineLength:
+  Max: 100

data/.travis.yml CHANGED

@@ -1,4 +1,4 @@
 language: ruby
 rvm:
   - "2.1.7"
-  - "2.2.3"
+  - "2.2.4"

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+### 0.6.0
+Adds support for authentication keys other than email.
 ### 0.5.0
 Breaking changes. Token digest is stored in the database, not the actual token. This will invalidate all your existing tokens (logging users out) unless you migrate existing tokens. In order to migrate execute:

data/README.md CHANGED

@@ -86,3 +86,17 @@ end
 5) Send ```X-USER-EMAIL``` and ```X-USER-TOKEN``` as headers of every request which requires authentication.
 You can read more in a blog post dedicated to Tiddle - http://adamniedzielski.github.io/blog/2015/04/04/token-authentication-with-tiddle/
+## Note on Rails session
+The safest solution in API-only application is not to rely on Rails session at all and disable it. Put this line in your ```application.rb```:
+```ruby
+config.middleware.delete ActionDispatch::Session::CookieStore
+```
+More: http://adamniedzielski.github.io/blog/2015/04/04/token-authentication-with-tiddle/#rails-session
+## Using field other than email
+Change ```config.authentication_keys``` in Devise intitializer and Tiddle will use this value.

data/lib/tiddle/strategy.rb CHANGED

@@ -9,7 +9,7 @@ module Devise
       def authenticate!
         env["devise.skip_trackable"] = true
-        resource = mapping.to.find_for_authentication(email: email_from_headers)
+        resource = mapping.to.find_for_authentication(authentication_keys_from_headers)
         return fail(:invalid_token) unless resource
         token = Tiddle::TokenIssuer.build.find_token(resource, token_from_headers)
@@ -22,7 +22,7 @@ module Devise
       end
       def valid?
-        email_from_headers.present? && token_from_headers.present?
+        authentication_keys_from_headers.present? && token_from_headers.present?
       end
       def store?
@@ -31,8 +31,10 @@ module Devise
       private
-        def email_from_headers
-          env["HTTP_X_#{model_name}_EMAIL"]
+        def authentication_keys_from_headers
+          authentication_keys.map do |key|
+            { key => env["HTTP_X_#{model_name}_#{key.upcase}"] }
+          end.reduce(:merge)
         end
         def token_from_headers
@@ -43,6 +45,10 @@ module Devise
           Tiddle::ModelName.new.with_underscores(mapping.to)
         end
+        def authentication_keys
+          mapping.to.authentication_keys
+        end
         def touch_token(token)
           token.update_attribute(:last_used_at, DateTime.current) if token.last_used_at < 1.hour.ago
         end

data/lib/tiddle/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Tiddle
-  VERSION = "0.5.1"
+  VERSION = "0.6.0"
 end

@@ -16,6 +16,8 @@ class CreateTables < ActiveRecord::Migration
       t.string   :current_sign_in_ip
       t.string   :last_sign_in_ip
+      t.string :nick_name
       t.timestamps null: false
     end

data/spec/spec_helper.rb CHANGED

@@ -2,10 +2,10 @@ require 'bundler/setup'
 require 'simplecov'
 require 'coveralls'
-SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new([
   SimpleCov::Formatter::HTMLFormatter,
   Coveralls::SimpleCov::Formatter
-]
+])
 SimpleCov.start do
   add_filter "/spec/"
 end

data/spec/strategy_spec.rb CHANGED

@@ -104,4 +104,33 @@ describe "Authentication using Tiddle strategy", type: :request do
       expect(response.status).to eq 200
     end
   end
+  describe "using field other than email" do
+    before do
+      Devise.setup do |config|
+        config.authentication_keys = [:nick_name]
+      end
+      @user = User.create!(
+        email: "test@example.com",
+        password: "12345678",
+        nick_name: "test"
+      )
+      @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
+    end
+    after do
+      Devise.setup do |config|
+        config.authentication_keys = [:email]
+      end
+    end
+    it "allows to access endpoints which require authentication with valid \
+      nick name and token" do
+      get secrets_path, {},
+          { "X-USER-NICK-NAME" => "test", "X-USER-TOKEN" => @token }
+      expect(response.status).to eq 200
+    end
+  end
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tiddle
 version: !ruby/object:Gem::Version
-  version: 0.5.1
+  version: 0.6.0
 platform: ruby
 authors:
 - Adam Niedzielski
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-09-07 00:00:00.000000000 Z
+date: 2015-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -217,7 +217,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.5
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: Token authentication for Devise which supports multiple tokens per model