tiny_auth 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 067c6cf62a8fe40b8fa2da418605dbc53cd790bc
4
+ data.tar.gz: 91a2dc9cbceecf73688c9204445d7d6026a2080a
5
+ SHA512:
6
+ metadata.gz: 97074ce70bc487d7219b36f55d8c5c3512c2a2c94206c3b12d2045f47a90c46cc516d09abcaa36db00f93cfbc72e349eed75323f7bd12ccc24aa9909ef1a1923
7
+ data.tar.gz: 2ea66468d7fad3f816153b402a423742312d3b8447fd80c1c9be305043dc8114e2232b847cf3d461cb86acbb8b54856c77d18314badc899e5707e34776acb73c
data/.gitignore ADDED
@@ -0,0 +1,11 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /_yardoc/
4
+ /coverage/
5
+ /doc/
6
+ /pkg/
7
+ /spec/reports/
8
+ /tmp/
9
+
10
+ # rspec failure tracking
11
+ .rspec_status
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --color
2
+ --require spec_helper
data/.travis.yml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ sudo: false
3
+ language: ruby
4
+ cache: bundler
5
+ rvm:
6
+ - 2.5.3
7
+ before_install: gem install bundler -v 2.0.2
@@ -0,0 +1,74 @@
1
+ # Contributor Covenant Code of Conduct
2
+
3
+ ## Our Pledge
4
+
5
+ In the interest of fostering an open and welcoming environment, we as
6
+ contributors and maintainers pledge to making participation in our project and
7
+ our community a harassment-free experience for everyone, regardless of age, body
8
+ size, disability, ethnicity, gender identity and expression, level of experience,
9
+ nationality, personal appearance, race, religion, or sexual identity and
10
+ orientation.
11
+
12
+ ## Our Standards
13
+
14
+ Examples of behavior that contributes to creating a positive environment
15
+ include:
16
+
17
+ * Using welcoming and inclusive language
18
+ * Being respectful of differing viewpoints and experiences
19
+ * Gracefully accepting constructive criticism
20
+ * Focusing on what is best for the community
21
+ * Showing empathy towards other community members
22
+
23
+ Examples of unacceptable behavior by participants include:
24
+
25
+ * The use of sexualized language or imagery and unwelcome sexual attention or
26
+ advances
27
+ * Trolling, insulting/derogatory comments, and personal or political attacks
28
+ * Public or private harassment
29
+ * Publishing others' private information, such as a physical or electronic
30
+ address, without explicit permission
31
+ * Other conduct which could reasonably be considered inappropriate in a
32
+ professional setting
33
+
34
+ ## Our Responsibilities
35
+
36
+ Project maintainers are responsible for clarifying the standards of acceptable
37
+ behavior and are expected to take appropriate and fair corrective action in
38
+ response to any instances of unacceptable behavior.
39
+
40
+ Project maintainers have the right and responsibility to remove, edit, or
41
+ reject comments, commits, code, wiki edits, issues, and other contributions
42
+ that are not aligned to this Code of Conduct, or to ban temporarily or
43
+ permanently any contributor for other behaviors that they deem inappropriate,
44
+ threatening, offensive, or harmful.
45
+
46
+ ## Scope
47
+
48
+ This Code of Conduct applies both within project spaces and in public spaces
49
+ when an individual is representing the project or its community. Examples of
50
+ representing a project or community include using an official project e-mail
51
+ address, posting via an official social media account, or acting as an appointed
52
+ representative at an online or offline event. Representation of a project may be
53
+ further defined and clarified by project maintainers.
54
+
55
+ ## Enforcement
56
+
57
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
58
+ reported by contacting the project team at raymondzane@gmail.com. All
59
+ complaints will be reviewed and investigated and will result in a response that
60
+ is deemed necessary and appropriate to the circumstances. The project team is
61
+ obligated to maintain confidentiality with regard to the reporter of an incident.
62
+ Further details of specific enforcement policies may be posted separately.
63
+
64
+ Project maintainers who do not follow or enforce the Code of Conduct in good
65
+ faith may face temporary or permanent repercussions as determined by other
66
+ members of the project's leadership.
67
+
68
+ ## Attribution
69
+
70
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
71
+ available at [http://contributor-covenant.org/version/1/4][version]
72
+
73
+ [homepage]: http://contributor-covenant.org
74
+ [version]: http://contributor-covenant.org/version/1/4/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "https://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in tiny_auth.gemspec
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,63 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ tiny_auth (0.1.0)
5
+ activerecord (~> 6.0)
6
+ activesupport (~> 6.0)
7
+ globalid (~> 0.4)
8
+
9
+ GEM
10
+ remote: https://rubygems.org/
11
+ specs:
12
+ activemodel (6.0.1)
13
+ activesupport (= 6.0.1)
14
+ activerecord (6.0.1)
15
+ activemodel (= 6.0.1)
16
+ activesupport (= 6.0.1)
17
+ activesupport (6.0.1)
18
+ concurrent-ruby (~> 1.0, >= 1.0.2)
19
+ i18n (>= 0.7, < 2)
20
+ minitest (~> 5.1)
21
+ tzinfo (~> 1.1)
22
+ zeitwerk (~> 2.2)
23
+ bcrypt (3.1.13)
24
+ concurrent-ruby (1.1.5)
25
+ diff-lcs (1.3)
26
+ globalid (0.4.2)
27
+ activesupport (>= 4.2.0)
28
+ i18n (1.7.0)
29
+ concurrent-ruby (~> 1.0)
30
+ minitest (5.13.0)
31
+ rake (10.5.0)
32
+ rspec (3.9.0)
33
+ rspec-core (~> 3.9.0)
34
+ rspec-expectations (~> 3.9.0)
35
+ rspec-mocks (~> 3.9.0)
36
+ rspec-core (3.9.0)
37
+ rspec-support (~> 3.9.0)
38
+ rspec-expectations (3.9.0)
39
+ diff-lcs (>= 1.2.0, < 2.0)
40
+ rspec-support (~> 3.9.0)
41
+ rspec-mocks (3.9.0)
42
+ diff-lcs (>= 1.2.0, < 2.0)
43
+ rspec-support (~> 3.9.0)
44
+ rspec-support (3.9.0)
45
+ sqlite3 (1.4.1)
46
+ thread_safe (0.3.6)
47
+ tzinfo (1.2.5)
48
+ thread_safe (~> 0.1)
49
+ zeitwerk (2.2.1)
50
+
51
+ PLATFORMS
52
+ ruby
53
+
54
+ DEPENDENCIES
55
+ bcrypt (~> 3.1)
56
+ bundler (~> 2.0)
57
+ rake (~> 10.0)
58
+ rspec (~> 3.0)
59
+ sqlite3 (~> 1.4)
60
+ tiny_auth!
61
+
62
+ BUNDLED WITH
63
+ 2.0.2
data/LICENSE.txt ADDED
@@ -0,0 +1,21 @@
1
+ The MIT License (MIT)
2
+
3
+ Copyright (c) 2019 Ray Zane
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in
13
+ all copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21
+ THE SOFTWARE.
data/README.md ADDED
@@ -0,0 +1,71 @@
1
+ # TinyAuth
2
+
3
+ A utility for minimal user authentication.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'tiny_auth'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ ## Usage
18
+
19
+ First, create a table to store your users:
20
+
21
+ ```ruby
22
+ create_table :users do |t|
23
+ t.string :email, null: false
24
+ t.string :password_digest, null: false
25
+ t.string :reset_token
26
+ t.datetime :reset_token_expires_at
27
+ t.index :email, unique: true
28
+ t.index :reset_token, unique: true
29
+ end
30
+ ```
31
+
32
+ Your model should look like this:
33
+
34
+ ```ruby
35
+ class User < ApplicationRecord
36
+ has_secure_password
37
+ end
38
+ ```
39
+
40
+ Now, you're ready to use `TinyAuth`:
41
+
42
+ ```ruby
43
+ auth = TinyAuth.new(User)
44
+
45
+ user = auth.find_by_email('user@example.com')
46
+ user = auth.find_by_credentials('user@example.com', 'password')
47
+
48
+ token = auth.generate_token(user)
49
+ user = auth.find_by_token(token)
50
+
51
+ reset_token = auth.generate_reset_token(user)
52
+ user = auth.exchange_reset_token(user, password: "changed")
53
+ ```
54
+
55
+ ## Development
56
+
57
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
58
+
59
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
60
+
61
+ ## Contributing
62
+
63
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/tiny_auth. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
64
+
65
+ ## License
66
+
67
+ The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
68
+
69
+ ## Code of Conduct
70
+
71
+ Everyone interacting in the TinyAuth project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/tiny_auth/blob/master/CODE_OF_CONDUCT.md).
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "tiny_auth"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start(__FILE__)
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
data/lib/tiny_auth.rb ADDED
@@ -0,0 +1,60 @@
1
+ require "tiny_auth/version"
2
+ require "globalid"
3
+ require "active_record"
4
+ require "active_support/core_ext/securerandom"
5
+
6
+ class TinyAuth
7
+ class Error < StandardError; end
8
+ class PersistError < StandardError; end
9
+
10
+ def initialize(model, scope: model)
11
+ @model = model
12
+ @scope = scope
13
+ end
14
+
15
+ def find_by_email(email)
16
+ @scope.find_by(@model.arel_table[:email].lower.eq(email.downcase))
17
+ end
18
+
19
+ def find_by_credentials(email, password)
20
+ resource = find_by_email(email)
21
+ resource if resource&.authenticate(password)
22
+ end
23
+
24
+ def generate_token(resource, purpose: :access, expires_in: 24.hours)
25
+ resource.to_sgid(expires_in: expires_in, for: purpose)
26
+ end
27
+
28
+ def find_by_token(token, purpose: :access)
29
+ GlobalID::Locator.locate_signed(token, for: purpose)
30
+ end
31
+
32
+ def generate_reset_token(resource, expires_in: 2.hours)
33
+ update_reset(
34
+ resource,
35
+ reset_token: SecureRandom.base58(24),
36
+ reset_token_expires_at: Time.now + expires_in
37
+ )
38
+
39
+ resource.reset_token
40
+ end
41
+
42
+ def exchange_reset_token(reset_token, changes = {})
43
+ changes = changes.merge(reset_token: nil, reset_token_expires_at: nil)
44
+ not_expired = @model.arel_table[:reset_token_expires_at].gt(Time.now)
45
+ resource = @scope.where(not_expired).find_by(reset_token: reset_token)
46
+
47
+ yield resource if resource && block_given?
48
+ update_reset(resource, changes) if resource
49
+ end
50
+
51
+ private
52
+
53
+ def update_reset(resource, changes)
54
+ if resource.update(changes)
55
+ resource
56
+ else
57
+ raise PersistError, "Failed to reset password."
58
+ end
59
+ end
60
+ end
@@ -0,0 +1,3 @@
1
+ class TinyAuth
2
+ VERSION = "0.1.0"
3
+ end
data/tiny_auth.gemspec ADDED
@@ -0,0 +1,36 @@
1
+ lib = File.expand_path("lib", __dir__)
2
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
+ require "tiny_auth/version"
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "tiny_auth"
7
+ spec.version = TinyAuth::VERSION
8
+ spec.authors = ["Ray Zane"]
9
+ spec.email = ["raymondzane@gmail.com"]
10
+
11
+ spec.summary = %q{Bare-minimum authentication for APIs}
12
+ spec.description = %q{Includes utilities for authentication and password resets.}
13
+ spec.homepage = "https://github.com/rzane/tiny_auth"
14
+ spec.license = "MIT"
15
+
16
+ spec.metadata["homepage_uri"] = spec.homepage
17
+ spec.metadata["source_code_uri"] = "https://github.com/rzane/tiny_auth"
18
+
19
+ # Specify which files should be added to the gem when it is released.
20
+ # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
21
+ spec.files = Dir.chdir(File.expand_path('..', __FILE__)) do
22
+ `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
23
+ end
24
+
25
+ spec.require_paths = ["lib"]
26
+
27
+ spec.add_dependency "activerecord", "~> 6.0"
28
+ spec.add_dependency "activesupport", "~> 6.0"
29
+ spec.add_dependency "globalid", "~> 0.4"
30
+
31
+ spec.add_development_dependency "bundler", "~> 2.0"
32
+ spec.add_development_dependency "rake", "~> 10.0"
33
+ spec.add_development_dependency "rspec", "~> 3.0"
34
+ spec.add_development_dependency "sqlite3", "~> 1.4"
35
+ spec.add_development_dependency "bcrypt", "~> 3.1"
36
+ end
metadata ADDED
@@ -0,0 +1,172 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: tiny_auth
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Ray Zane
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-11-15 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activerecord
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '6.0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '6.0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: activesupport
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '6.0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '6.0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: globalid
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '0.4'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '0.4'
55
+ - !ruby/object:Gem::Dependency
56
+ name: bundler
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '2.0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '2.0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rake
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '10.0'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '10.0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: rspec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - "~>"
88
+ - !ruby/object:Gem::Version
89
+ version: '3.0'
90
+ type: :development
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '3.0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: sqlite3
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '1.4'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '1.4'
111
+ - !ruby/object:Gem::Dependency
112
+ name: bcrypt
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '3.1'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '3.1'
125
+ description: Includes utilities for authentication and password resets.
126
+ email:
127
+ - raymondzane@gmail.com
128
+ executables: []
129
+ extensions: []
130
+ extra_rdoc_files: []
131
+ files:
132
+ - ".gitignore"
133
+ - ".rspec"
134
+ - ".travis.yml"
135
+ - CODE_OF_CONDUCT.md
136
+ - Gemfile
137
+ - Gemfile.lock
138
+ - LICENSE.txt
139
+ - README.md
140
+ - Rakefile
141
+ - bin/console
142
+ - bin/setup
143
+ - lib/tiny_auth.rb
144
+ - lib/tiny_auth/version.rb
145
+ - tiny_auth.gemspec
146
+ homepage: https://github.com/rzane/tiny_auth
147
+ licenses:
148
+ - MIT
149
+ metadata:
150
+ homepage_uri: https://github.com/rzane/tiny_auth
151
+ source_code_uri: https://github.com/rzane/tiny_auth
152
+ post_install_message:
153
+ rdoc_options: []
154
+ require_paths:
155
+ - lib
156
+ required_ruby_version: !ruby/object:Gem::Requirement
157
+ requirements:
158
+ - - ">="
159
+ - !ruby/object:Gem::Version
160
+ version: '0'
161
+ required_rubygems_version: !ruby/object:Gem::Requirement
162
+ requirements:
163
+ - - ">="
164
+ - !ruby/object:Gem::Version
165
+ version: '0'
166
+ requirements: []
167
+ rubyforge_project:
168
+ rubygems_version: 2.6.14
169
+ signing_key:
170
+ specification_version: 4
171
+ summary: Bare-minimum authentication for APIs
172
+ test_files: []