tiddle 0.7.0 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +3 -10
  3. data/CHANGELOG.md +4 -0
  4. data/lib/tiddle.rb +0 -1
  5. data/lib/tiddle/model_name.rb +0 -1
  6. data/lib/tiddle/strategy.rb +17 -18
  7. data/lib/tiddle/token_issuer.rb +11 -11
  8. data/lib/tiddle/version.rb +1 -1
  9. data/spec/strategy_spec.rb +55 -29
  10. data/spec/support/fake_request.rb +0 -1
  11. data/spec/support/warningless_get.rb +7 -0
  12. data/spec/tiddle_spec.rb +0 -5
  13. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bbff5c3f0edbfb99abd2f26f6d5df6abb065e814
4
- data.tar.gz: bdc3e06b474d85e37250d7381cc29fcd182a4b68
3
+ metadata.gz: 6a327afb3806faebd6aa17722b4ddff876ac5fea
4
+ data.tar.gz: 0bed056d47ab99d9f71a950ae726dd4c2aaa3014
5
5
  SHA512:
6
- metadata.gz: a507666669e952ab4267a1aa4da9848d50729ae64dc992ff1413ced2edd5ab1abdfc3283ff7eccb596512d958819a0ebe028563854dcab6cba0ef48e5e2d59a9
7
- data.tar.gz: 470dc04acced63b0c4af4288721e0e9040b26dfffeac2f9830c8c364e5986714307b04612fbb37f64d321a668866145737f954b2811f56a6ff7d01724ce14e4a
6
+ metadata.gz: 73afe53b86797c78eb94df557e5ddd5471430d9aa29b57f5ed25abb086ff5d9d4794b18b5d203c26d0ed1056b505f8b4dab31c1c924111a2fc3e916eb24e932c
7
+ data.tar.gz: b70910abafa897356cb6b1e5035d9d2ced057e781e34412f98b224c867d78288e14fa2fc9f6de977fe7dcac660c0bbfeb767ea0914fdb1f1f89f9f368197990f
data/.rubocop.yml CHANGED
@@ -1,4 +1,5 @@
1
1
  AllCops:
2
+ TargetRubyVersion: 2.3
2
3
  Include:
3
4
  - 'lib'
4
5
  - 'spec'
@@ -7,19 +8,11 @@ AllCops:
7
8
  - 'spec/spec_helper.rb'
8
9
  Style/StringLiterals:
9
10
  Enabled: false
10
- Style/EmptyLinesAroundBlockBody:
11
- Enabled: false
12
- Style/BracesAroundHashParameters:
13
- EnforcedStyle: context_dependent
14
11
  Style/Documentation:
15
12
  Enabled: false
16
- Style/EmptyLinesAroundClassBody:
17
- Enabled: false
18
- Style/IndentationConsistency:
13
+ Style/FrozenStringLiteralComment:
19
14
  Enabled: false
20
- Style/EmptyLinesAroundModuleBody:
15
+ Style/SignalException:
21
16
  Enabled: false
22
- Style/MultilineOperationIndentation:
23
- EnforcedStyle: indented
24
17
  Metrics/LineLength:
25
18
  Max: 100
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ### 1.0.0
2
+
3
+ No major changes - just a stable version release.
4
+
1
5
  ### 0.7.0
2
6
 
3
7
  Adds support for Rails 5. Requires Devise 4.
data/lib/tiddle.rb CHANGED
@@ -5,7 +5,6 @@ require "tiddle/rails"
5
5
  require "tiddle/token_issuer"
6
6
 
7
7
  module Tiddle
8
-
9
8
  def self.create_and_return_token(resource, request)
10
9
  TokenIssuer.build.create_and_return_token(resource, request)
11
10
  end
data/lib/tiddle/model_name.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  module Tiddle
2
2
  class ModelName
3
-
4
3
  def with_underscores(model)
5
4
  model.model_name.to_s.underscore.upcase
6
5
  end
data/lib/tiddle/strategy.rb CHANGED
@@ -5,7 +5,6 @@ require 'tiddle/token_issuer'
5
5
  module Devise
6
6
  module Strategies
7
7
  class TokenAuthenticatable < Authenticatable
8
-
9
8
  def authenticate!
10
9
  env["devise.skip_trackable"] = true
11
10
 
@@ -31,27 +30,27 @@ module Devise
31
30
 
32
31
  private
33
32
 
34
- def authentication_keys_from_headers
35
- authentication_keys.map do |key|
36
- { key => env["HTTP_X_#{model_name}_#{key.upcase}"] }
37
- end.reduce(:merge)
38
- end
33
+ def authentication_keys_from_headers
34
+ authentication_keys.map do |key|
35
+ { key => env["HTTP_X_#{model_name}_#{key.upcase}"] }
36
+ end.reduce(:merge)
37
+ end
39
38
 
40
- def token_from_headers
41
- env["HTTP_X_#{model_name}_TOKEN"]
42
- end
39
+ def token_from_headers
40
+ env["HTTP_X_#{model_name}_TOKEN"]
41
+ end
43
42
 
44
- def model_name
45
- Tiddle::ModelName.new.with_underscores(mapping.to)
46
- end
43
+ def model_name
44
+ Tiddle::ModelName.new.with_underscores(mapping.to)
45
+ end
47
46
 
48
- def authentication_keys
49
- mapping.to.authentication_keys
50
- end
47
+ def authentication_keys
48
+ mapping.to.authentication_keys
49
+ end
51
50
 
52
- def touch_token(token)
53
- token.update_attribute(:last_used_at, DateTime.current) if token.last_used_at < 1.hour.ago
54
- end
51
+ def touch_token(token)
52
+ token.update_attribute(:last_used_at, DateTime.current) if token.last_used_at < 1.hour.ago
53
+ end
55
54
  end
56
55
  end
57
56
  end
data/lib/tiddle/token_issuer.rb CHANGED
@@ -17,10 +17,10 @@ module Tiddle
17
17
  token, token_body = Devise.token_generator.generate(token_class, :body)
18
18
 
19
19
  resource.authentication_tokens
20
- .create! body: token_body,
21
- last_used_at: DateTime.current,
22
- ip_address: request.remote_ip,
23
- user_agent: request.user_agent
20
+ .create! body: token_body,
21
+ last_used_at: DateTime.current,
22
+ ip_address: request.remote_ip,
23
+ user_agent: request.user_agent
24
24
 
25
25
  token
26
26
  end
@@ -40,17 +40,17 @@ module Tiddle
40
40
 
41
41
  def purge_old_tokens(resource)
42
42
  resource.authentication_tokens
43
- .order(last_used_at: :desc)
44
- .offset(maximum_tokens_per_user)
45
- .destroy_all
43
+ .order(last_used_at: :desc)
44
+ .offset(maximum_tokens_per_user)
45
+ .destroy_all
46
46
  end
47
47
 
48
48
  private
49
49
 
50
- attr_accessor :maximum_tokens_per_user
50
+ attr_accessor :maximum_tokens_per_user
51
51
 
52
- def authentication_token_class(resource)
53
- resource.association(:authentication_tokens).klass
54
- end
52
+ def authentication_token_class(resource)
53
+ resource.association(:authentication_tokens).klass
54
+ end
55
55
  end
56
56
  end
data/lib/tiddle/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Tiddle
2
- VERSION = "0.7.0"
2
+ VERSION = "1.0.0".freeze
3
3
  end
data/spec/strategy_spec.rb CHANGED
@@ -1,112 +1,136 @@
1
1
  describe "Authentication using Tiddle strategy", type: :request do
2
-
3
2
  context "with valid email and token" do
4
-
5
3
  before do
6
4
  @user = User.create!(email: "test@example.com", password: "12345678")
7
5
  @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
8
6
  end
9
7
 
10
8
  it "allows to access endpoints which require authentication" do
11
- get secrets_path, {},
12
- { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => @token }
9
+ warningless_get(
10
+ secrets_path,
11
+ headers: {
12
+ "X-USER-EMAIL" => "test@example.com",
13
+ "X-USER-TOKEN" => @token
14
+ }
15
+ )
13
16
  expect(response.status).to eq 200
14
17
  end
15
18
 
16
19
  describe "touching token" do
17
-
18
20
  context "when token was last used more than hour ago" do
19
-
20
21
  before do
21
22
  @user.authentication_tokens.last
22
- .update_attribute(:last_used_at, 2.hours.ago)
23
+ .update_attribute(:last_used_at, 2.hours.ago)
23
24
  end
24
25
 
25
26
  it "updates last_used_at field" do
26
27
  expect do
27
- get secrets_path, {},
28
- { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => @token }
28
+ warningless_get(
29
+ secrets_path,
30
+ headers: {
31
+ "X-USER-EMAIL" => "test@example.com",
32
+ "X-USER-TOKEN" => @token
33
+ }
34
+ )
29
35
  end.to change { @user.authentication_tokens.last.last_used_at }
30
36
  end
31
37
  end
32
38
 
33
39
  context "when token was last used less than hour ago" do
34
-
35
40
  before do
36
41
  @user.authentication_tokens.last.update_attribute(:last_used_at, 30.minutes.ago)
37
42
  end
38
43
 
39
44
  it "does not update last_used_at field" do
40
45
  expect do
41
- get secrets_path, {},
42
- { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => @token }
46
+ warningless_get(
47
+ secrets_path,
48
+ headers: {
49
+ "X-USER-EMAIL" => "test@example.com",
50
+ "X-USER-TOKEN" => @token
51
+ }
52
+ )
43
53
  end.not_to change { @user.authentication_tokens.last.last_used_at }
44
54
  end
45
55
  end
46
56
  end
47
57
 
48
58
  context "when email contains uppercase letters" do
49
-
50
59
  it "converts email to lower case and authenticates user" do
51
- get secrets_path, {},
52
- { "X-USER-EMAIL" => "TEST@example.com", "X-USER-TOKEN" => @token }
60
+ warningless_get(
61
+ secrets_path,
62
+ headers: {
63
+ "X-USER-EMAIL" => "TEST@example.com",
64
+ "X-USER-TOKEN" => @token
65
+ }
66
+ )
53
67
  expect(response.status).to eq 200
54
68
  end
55
69
  end
56
70
  end
57
71
 
58
72
  context "with invalid email and valid token" do
59
-
60
73
  before do
61
74
  @user = User.create!(email: "test@example.com", password: "12345678")
62
75
  @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
63
76
  end
64
77
 
65
78
  it "does not allow to access endpoints which require authentication" do
66
- get secrets_path, {},
67
- { "X-USER-EMAIL" => "wrong@example.com", "X-USER-TOKEN" => @token }
79
+ warningless_get(
80
+ secrets_path,
81
+ headers: {
82
+ "X-USER-EMAIL" => "wrong@example.com",
83
+ "X-USER-TOKEN" => @token
84
+ }
85
+ )
68
86
  expect(response.status).to eq 401
69
87
  end
70
88
  end
71
89
 
72
90
  context "with valid email and invalid token" do
73
-
74
91
  before do
75
92
  @user = User.create!(email: "test@example.com", password: "12345678")
76
93
  @token = Tiddle.create_and_return_token(@user, FakeRequest.new)
77
94
  end
78
95
 
79
96
  it "does not allow to access endpoints which require authentication" do
80
- get secrets_path, {},
81
- { "X-USER-EMAIL" => "test@example.com", "X-USER-TOKEN" => "wrong" }
97
+ warningless_get(
98
+ secrets_path,
99
+ headers: {
100
+ "X-USER-EMAIL" => "test@example.com",
101
+ "X-USER-TOKEN" => "wrong"
102
+ }
103
+ )
82
104
  expect(response.status).to eq 401
83
105
  end
84
106
  end
85
107
 
86
108
  context "when no headers are passed" do
87
-
88
109
  it "does not allow to access endpoints which require authentication" do
89
- get secrets_path, {}, {}
110
+ warningless_get secrets_path, headers: {}
90
111
  expect(response.status).to eq 401
91
112
  end
92
113
  end
93
114
 
94
115
  context "when model name consists of two words" do
95
-
96
116
  before do
97
117
  @admin_user = AdminUser.create!(email: "test@example.com", password: "12345678")
98
118
  @token = Tiddle.create_and_return_token(@admin_user, FakeRequest.new)
99
119
  end
100
120
 
101
121
  it "allows to access endpoints which require authentication" do
102
- get long_secrets_path, {},
103
- { "X-ADMIN-USER-EMAIL" => "test@example.com", "X-ADMIN-USER-TOKEN" => @token }
122
+ warningless_get(
123
+ long_secrets_path,
124
+ headers: {
125
+ "X-ADMIN-USER-EMAIL" => "test@example.com",
126
+ "X-ADMIN-USER-TOKEN" => @token
127
+ }
128
+ )
104
129
  expect(response.status).to eq 200
105
130
  end
106
131
  end
107
132
 
108
133
  describe "using field other than email" do
109
-
110
134
  before do
111
135
  Devise.setup do |config|
112
136
  config.authentication_keys = [:nick_name]
@@ -128,8 +152,10 @@ describe "Authentication using Tiddle strategy", type: :request do
128
152
 
129
153
  it "allows to access endpoints which require authentication with valid \
130
154
  nick name and token" do
131
- get secrets_path, {},
132
- { "X-USER-NICK-NAME" => "test", "X-USER-TOKEN" => @token }
155
+ warningless_get(
156
+ secrets_path,
157
+ headers: { "X-USER-NICK-NAME" => "test", "X-USER-TOKEN" => @token }
158
+ )
133
159
  expect(response.status).to eq 200
134
160
  end
135
161
  end
data/spec/support/fake_request.rb CHANGED
@@ -1,5 +1,4 @@
1
1
  class FakeRequest
2
-
3
2
  def initialize(
4
3
  remote_ip: "23.12.54.111",
5
4
  user_agent: "I am not a bot",
data/spec/support/warningless_get.rb ADDED
@@ -0,0 +1,7 @@
1
+ def warningless_get(path, headers:)
2
+ if Rails::VERSION::MAJOR >= 5
3
+ get path, headers: headers
4
+ else
5
+ get path, {}, headers
6
+ end
7
+ end
data/spec/tiddle_spec.rb CHANGED
@@ -1,7 +1,5 @@
1
1
  describe Tiddle do
2
-
3
2
  describe "create_and_return_token" do
4
-
5
3
  before do
6
4
  @user = User.create!(email: "test@example.com", password: "12345678")
7
5
  end
@@ -43,7 +41,6 @@ describe Tiddle do
43
41
  end
44
42
 
45
43
  describe "find_token" do
46
-
47
44
  before do
48
45
  @admin_user = AdminUser.create!(email: "test@example.com", password: "12345678")
49
46
  @token = Tiddle.create_and_return_token(@admin_user, FakeRequest.new)
@@ -62,7 +59,6 @@ describe Tiddle do
62
59
  end
63
60
 
64
61
  describe "expire_token" do
65
-
66
62
  before do
67
63
  @admin_user = AdminUser.create!(email: "test@example.com", password: "12345678")
68
64
  token = Tiddle.create_and_return_token(@admin_user, FakeRequest.new)
@@ -77,7 +73,6 @@ describe Tiddle do
77
73
  end
78
74
 
79
75
  describe "purge_old_tokens" do
80
-
81
76
  before do
82
77
  @user = User.create!(email: "test@example.com", password: "12345678")
83
78
  Tiddle.create_and_return_token(@user, FakeRequest.new)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tiddle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Niedzielski
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-01 00:00:00.000000000 Z
11
+ date: 2016-11-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -199,6 +199,7 @@ files:
199
199
  - spec/spec_helper.rb
200
200
  - spec/strategy_spec.rb
201
201
  - spec/support/fake_request.rb
202
+ - spec/support/warningless_get.rb
202
203
  - spec/tiddle_spec.rb
203
204
  - tiddle.gemspec
204
205
  homepage: ''
@@ -241,4 +242,5 @@ test_files:
241
242
  - spec/spec_helper.rb
242
243
  - spec/strategy_spec.rb
243
244
  - spec/support/fake_request.rb
245
+ - spec/support/warningless_get.rb
244
246
  - spec/tiddle_spec.rb