tiddle 1.7.1 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/CHANGELOG.md +4 -0
- data/CONTRIBUTING.md +22 -0
- data/Dockerfile +12 -0
- data/Makefile +16 -0
- data/docker-compose.yml +23 -0
- data/lib/tiddle/strategy.rb +18 -3
- data/lib/tiddle/version.rb +1 -1
- data/spec/strategy_spec.rb +84 -0
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 30c0de8dba83157b465e1455956272549e210830cc8fe296aec744b0d046ca1c
|
4
|
+
data.tar.gz: 53652aefc5c51511b5f43df0c598ae6754e596e78a4be02aa01fa7e3dd40b95b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1ac88d0e37967ad77c5f6b7ffa96646910c90be6cc8fc2d6adead616e73673b8601b2664a0851eec3fbc0eaa2e968a7b5cce7b5ffb89187ca4c77bb12ae6d875
|
7
|
+
data.tar.gz: 55ceda21948c6ca6c872b863e22da925d00014625075a77e195f877f154b00ce31fe0a4e63c18a7e0c43b015a023617b4a33c6d4c23da95bee6f6652cc371a88
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
data/CONTRIBUTING.md
CHANGED
@@ -9,3 +9,25 @@
|
|
9
9
|
3. Introduce your change. If it's a new feature then write a test for it as well.
|
10
10
|
4. Make sure that tests are passing.
|
11
11
|
5. Push to your fork and submit a pull request.
|
12
|
+
|
13
|
+
#### Docker for development
|
14
|
+
|
15
|
+
Alternatively you can use Docker for the development setup. This requires Docker
|
16
|
+
and Docker Compose installed.
|
17
|
+
|
18
|
+
```
|
19
|
+
make build
|
20
|
+
make bundle
|
21
|
+
```
|
22
|
+
|
23
|
+
And in order to run the tests and linter checks:
|
24
|
+
|
25
|
+
```
|
26
|
+
make test
|
27
|
+
```
|
28
|
+
|
29
|
+
After you're done, cleanup leftover containers:
|
30
|
+
|
31
|
+
```
|
32
|
+
make cleanup
|
33
|
+
```
|
data/Dockerfile
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
FROM ruby:3.1-alpine
|
2
|
+
|
3
|
+
RUN apk add build-base sqlite-dev tzdata git bash
|
4
|
+
RUN gem update --system && gem install bundler
|
5
|
+
|
6
|
+
WORKDIR /library
|
7
|
+
|
8
|
+
ENV BUNDLE_PATH=/vendor/bundle \
|
9
|
+
BUNDLE_BIN=/vendor/bundle/bin \
|
10
|
+
GEM_HOME=/vendor/bundle
|
11
|
+
|
12
|
+
ENV PATH="${BUNDLE_BIN}:${PATH}"
|
data/Makefile
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
.PHONY: build bundle test bash cleanup
|
2
|
+
|
3
|
+
build:
|
4
|
+
docker-compose build
|
5
|
+
|
6
|
+
bundle:
|
7
|
+
docker-compose run --rm library bundle install
|
8
|
+
|
9
|
+
test:
|
10
|
+
docker-compose run --rm library bundle exec rake
|
11
|
+
|
12
|
+
bash:
|
13
|
+
docker-compose run --rm library bash
|
14
|
+
|
15
|
+
cleanup:
|
16
|
+
docker-compose down
|
data/docker-compose.yml
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
version: "3.9"
|
2
|
+
services:
|
3
|
+
library:
|
4
|
+
build:
|
5
|
+
context: .
|
6
|
+
stdin_open: true
|
7
|
+
tty: true
|
8
|
+
volumes:
|
9
|
+
- ".:/library"
|
10
|
+
- vendor:/vendor
|
11
|
+
depends_on:
|
12
|
+
- redis
|
13
|
+
environment:
|
14
|
+
- REDIS_URL=redis://redis:6379/1
|
15
|
+
- BUNDLE_GEMFILE=gemfiles/rails7.0.gemfile
|
16
|
+
redis:
|
17
|
+
image: "redis:6-alpine"
|
18
|
+
command: redis-server
|
19
|
+
volumes:
|
20
|
+
- "redis:/data"
|
21
|
+
volumes:
|
22
|
+
vendor:
|
23
|
+
redis:
|
data/lib/tiddle/strategy.rb
CHANGED
@@ -57,15 +57,30 @@ module Devise
|
|
57
57
|
end
|
58
58
|
|
59
59
|
def touch_token(token)
|
60
|
-
|
60
|
+
return unless token.last_used_at < touch_token_interval(token).ago
|
61
|
+
|
62
|
+
token.update_attribute(:last_used_at, Time.current)
|
61
63
|
end
|
62
64
|
|
63
65
|
def unexpired?(token)
|
64
|
-
return true
|
65
|
-
return true if token.expires_in.blank? || token.expires_in.zero?
|
66
|
+
return true if expiration_disabled?(token)
|
66
67
|
|
67
68
|
Time.current <= token.last_used_at + token.expires_in
|
68
69
|
end
|
70
|
+
|
71
|
+
def touch_token_interval(token)
|
72
|
+
return 1.hour if expiration_disabled?(token) || token.expires_in >= 24.hours
|
73
|
+
|
74
|
+
return 5.minutes if token.expires_in >= 1.hour
|
75
|
+
|
76
|
+
1.minute
|
77
|
+
end
|
78
|
+
|
79
|
+
def expiration_disabled?(token)
|
80
|
+
!token.respond_to?(:expires_in) ||
|
81
|
+
token.expires_in.blank? ||
|
82
|
+
token.expires_in.zero?
|
83
|
+
end
|
69
84
|
end
|
70
85
|
end
|
71
86
|
end
|
data/lib/tiddle/version.rb
CHANGED
data/spec/strategy_spec.rb
CHANGED
@@ -217,5 +217,89 @@ describe "Authentication using Tiddle strategy", type: :request do
|
|
217
217
|
expect(response.status).to eq 401
|
218
218
|
end
|
219
219
|
end
|
220
|
+
|
221
|
+
context "with value lower than 24 hours" do
|
222
|
+
before do
|
223
|
+
@token = Tiddle.create_and_return_token(@user, FakeRequest.new, expires_in: 1.hour)
|
224
|
+
end
|
225
|
+
|
226
|
+
context "and token was last used a minute ago" do
|
227
|
+
before do
|
228
|
+
@user.authentication_tokens.last.update_attribute(:last_used_at, 1.minute.ago)
|
229
|
+
end
|
230
|
+
|
231
|
+
it "does not update last_used_at field" do
|
232
|
+
expect do
|
233
|
+
get(
|
234
|
+
secrets_path,
|
235
|
+
headers: {
|
236
|
+
"X-USER-EMAIL" => "test@example.com",
|
237
|
+
"X-USER-TOKEN" => @token
|
238
|
+
}
|
239
|
+
)
|
240
|
+
end.not_to(change { @user.authentication_tokens.last.reload.last_used_at })
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
context "and token was last used 5 minutes ago" do
|
245
|
+
before do
|
246
|
+
@user.authentication_tokens.last.update_attribute(:last_used_at, 5.minute.ago)
|
247
|
+
end
|
248
|
+
|
249
|
+
it "updates last_used_at field" do
|
250
|
+
expect do
|
251
|
+
get(
|
252
|
+
secrets_path,
|
253
|
+
headers: {
|
254
|
+
"X-USER-EMAIL" => "test@example.com",
|
255
|
+
"X-USER-TOKEN" => @token
|
256
|
+
}
|
257
|
+
)
|
258
|
+
end.to(change { @user.authentication_tokens.last.reload.last_used_at })
|
259
|
+
end
|
260
|
+
end
|
261
|
+
end
|
262
|
+
|
263
|
+
context "with value lower than 1 hour" do
|
264
|
+
before do
|
265
|
+
@token = Tiddle.create_and_return_token(@user, FakeRequest.new, expires_in: 30.minutes)
|
266
|
+
end
|
267
|
+
|
268
|
+
context "and token was last used less than a minute ago" do
|
269
|
+
before do
|
270
|
+
@user.authentication_tokens.last.update_attribute(:last_used_at, 30.seconds.ago)
|
271
|
+
end
|
272
|
+
|
273
|
+
it "does not update last_used_at field" do
|
274
|
+
expect do
|
275
|
+
get(
|
276
|
+
secrets_path,
|
277
|
+
headers: {
|
278
|
+
"X-USER-EMAIL" => "test@example.com",
|
279
|
+
"X-USER-TOKEN" => @token
|
280
|
+
}
|
281
|
+
)
|
282
|
+
end.not_to(change { @user.authentication_tokens.last.reload.last_used_at })
|
283
|
+
end
|
284
|
+
end
|
285
|
+
|
286
|
+
context "and token was last used a minute ago" do
|
287
|
+
before do
|
288
|
+
@user.authentication_tokens.last.update_attribute(:last_used_at, 1.minute.ago)
|
289
|
+
end
|
290
|
+
|
291
|
+
it "updates last_used_at field" do
|
292
|
+
expect do
|
293
|
+
get(
|
294
|
+
secrets_path,
|
295
|
+
headers: {
|
296
|
+
"X-USER-EMAIL" => "test@example.com",
|
297
|
+
"X-USER-TOKEN" => @token
|
298
|
+
}
|
299
|
+
)
|
300
|
+
end.to(change { @user.authentication_tokens.last.reload.last_used_at })
|
301
|
+
end
|
302
|
+
end
|
303
|
+
end
|
220
304
|
end
|
221
305
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tiddle
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Niedzielski
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-04-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -141,10 +141,13 @@ files:
|
|
141
141
|
- ".rubocop.yml"
|
142
142
|
- CHANGELOG.md
|
143
143
|
- CONTRIBUTING.md
|
144
|
+
- Dockerfile
|
144
145
|
- LICENSE.txt
|
146
|
+
- Makefile
|
145
147
|
- README.md
|
146
148
|
- Rakefile
|
147
149
|
- config/locales/en.yml
|
150
|
+
- docker-compose.yml
|
148
151
|
- gemfiles/rails5.2.gemfile
|
149
152
|
- gemfiles/rails6.0.gemfile
|
150
153
|
- gemfiles/rails6.1.gemfile
|