token_authenticate_me 0.2.3 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/generators/token_authenticate_me/install/install_generator.rb +0 -7
- data/lib/generators/token_authenticate_me/models/models_generator.rb +12 -0
- data/lib/generators/token_authenticate_me/models/templates/authentication_model.rb +5 -0
- data/lib/generators/token_authenticate_me/models/templates/session_model.rb +6 -0
- data/lib/token_authenticate_me/controllers/sessionable.rb +2 -12
- data/lib/token_authenticate_me/models/authenticatable.rb +10 -0
- data/lib/token_authenticate_me/models/sessionable.rb +9 -0
- data/lib/token_authenticate_me/version.rb +1 -1
- data/spec/acceptance/session_api_spec.rb +3 -3
- data/spec/acceptance/users_api_spec.rb +14 -0
- data/spec/internal/app/models/session.rb +6 -0
- data/spec/internal/app/models/user.rb +6 -0
- data/spec/internal/app/policies/user_policy.rb +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f2b5c60c44ccbe339c703e42d76de4136c11e3a6
|
4
|
+
data.tar.gz: ad45ef4018814f35c501f61589a445aa87f28b7e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5288acbf84d8217ff85bcf5c8ff79fa9ad0780ec79b195943a1e7537df68f4c79b7328da753969c1ed731504702833eb3106dfe62358c21ddea12891e5b1c77b
|
7
|
+
data.tar.gz: 4311270529652292415ab2bea7b2728464fac4f32e2a106d0316654feaa8d086491b65536ea886c9b932516c49fdca40ed9313eaec2c74da6965fdca2a568abb
|
@@ -6,13 +6,6 @@ module TokenAuthenticateMe
|
|
6
6
|
|
7
7
|
invoke 'token_authenticate_me:models', params
|
8
8
|
invoke 'token_authenticate_me:controllers', params
|
9
|
-
invoke 'api_me:policy', %w(user username email password password_confirmation)
|
10
|
-
invoke 'api_me:filter', ['user']
|
11
|
-
invoke 'serializer', %w(user username email created_at updated_at)
|
12
|
-
|
13
|
-
inject_into_class Rails.root.join('app', 'policies', 'user_policy.rb'), UserPolicy do
|
14
|
-
" def create?\n true\n end\n"
|
15
|
-
end
|
16
9
|
end
|
17
10
|
end
|
18
11
|
end
|
@@ -47,6 +47,18 @@ module TokenAuthenticateMe
|
|
47
47
|
|
48
48
|
private
|
49
49
|
|
50
|
+
def authenticate_model_singular_name
|
51
|
+
'user' # singular_name
|
52
|
+
end
|
53
|
+
|
54
|
+
def session_model_plural_name
|
55
|
+
'sessions' # "#{singular_name}_sessions"
|
56
|
+
end
|
57
|
+
|
58
|
+
def session_model_singular_name
|
59
|
+
'session' # "#{singular_name}_session"
|
60
|
+
end
|
61
|
+
|
50
62
|
def next_migration_number
|
51
63
|
self.class.next_migration_number('db/migrations')
|
52
64
|
end
|
@@ -3,4 +3,9 @@ require 'token_authenticate_me/models/authenticatable'
|
|
3
3
|
class User < ActiveRecord::Base
|
4
4
|
include TokenAuthenticateMe::Models::Authenticatable
|
5
5
|
|
6
|
+
has_many :#{session_model_plural_name}
|
7
|
+
|
8
|
+
def as_json(options=nil)
|
9
|
+
{ #{authenticate_model_singular_name}: super(options) }
|
10
|
+
end
|
6
11
|
end
|
@@ -3,4 +3,10 @@ require 'token_authenticate_me/models/sessionable'
|
|
3
3
|
class Session < ActiveRecord::Base
|
4
4
|
include TokenAuthenticateMe::Models::Sessionable
|
5
5
|
|
6
|
+
belongs_to :#{authenticate_model_singular_name}
|
7
|
+
|
8
|
+
def as_json(options={})
|
9
|
+
{ #{session_model_singular_name}: super({ include: :#{authenticate_model_singular_name} }.merge(options)) }
|
10
|
+
end
|
11
|
+
|
6
12
|
end
|
@@ -17,7 +17,7 @@ module TokenAuthenticateMe
|
|
17
17
|
resource = User.where('username=? OR email=?', params[:username], params[:username]).first
|
18
18
|
if resource && resource.authenticate(params[:password])
|
19
19
|
@session = Session.create(user_id: resource.id)
|
20
|
-
render json:
|
20
|
+
render json: @session, status: 201
|
21
21
|
else
|
22
22
|
render json: { message: 'Bad credentials' }, status: 401
|
23
23
|
end
|
@@ -25,7 +25,7 @@ module TokenAuthenticateMe
|
|
25
25
|
|
26
26
|
def show
|
27
27
|
@session = authenticate_token
|
28
|
-
render json:
|
28
|
+
render json: @session
|
29
29
|
end
|
30
30
|
|
31
31
|
def destroy
|
@@ -38,16 +38,6 @@ module TokenAuthenticateMe
|
|
38
38
|
|
39
39
|
private
|
40
40
|
|
41
|
-
def serialize_session(session)
|
42
|
-
{
|
43
|
-
session: {
|
44
|
-
key: session.key,
|
45
|
-
user_id: session.user_id,
|
46
|
-
expiration: session.expiration
|
47
|
-
}
|
48
|
-
}
|
49
|
-
end
|
50
|
-
|
51
41
|
def session_params
|
52
42
|
params.permit(:username, :email, :password)
|
53
43
|
end
|
@@ -21,6 +21,16 @@ module TokenAuthenticateMe
|
|
21
21
|
uniqueness: { case_sensitive: false }
|
22
22
|
)
|
23
23
|
|
24
|
+
def attributes
|
25
|
+
{
|
26
|
+
'id' => id,
|
27
|
+
'username' => username,
|
28
|
+
'email' => email,
|
29
|
+
'created_at' => created_at,
|
30
|
+
'updated_at' => updated_at
|
31
|
+
}
|
32
|
+
end
|
33
|
+
|
24
34
|
def create_reset_token!
|
25
35
|
# rubocop:disable Lint/Loop
|
26
36
|
begin
|
@@ -8,6 +8,15 @@ module TokenAuthenticateMe
|
|
8
8
|
included do
|
9
9
|
before_create :generate_unique_key
|
10
10
|
|
11
|
+
def attributes
|
12
|
+
{
|
13
|
+
'key' => key,
|
14
|
+
'expiration' => expiration,
|
15
|
+
'created_at' => created_at,
|
16
|
+
'updated_at' => updated_at
|
17
|
+
}
|
18
|
+
end
|
19
|
+
|
11
20
|
private
|
12
21
|
|
13
22
|
def generate_unique_key
|
@@ -14,7 +14,7 @@ describe 'Session API' do
|
|
14
14
|
expect(json['session']).not_to be_nil
|
15
15
|
expect(json['session']['key']).not_to be_nil
|
16
16
|
expect(json['session']['expiration']).not_to be_nil
|
17
|
-
expect(user.id).to eq(json['session']['
|
17
|
+
expect(user.id).to eq(json['session']['user']['id'])
|
18
18
|
end
|
19
19
|
|
20
20
|
it 'creates a new session when authenticating with a email and password' do
|
@@ -30,7 +30,7 @@ describe 'Session API' do
|
|
30
30
|
expect(json['session']).not_to be_nil
|
31
31
|
expect(json['session']['key']).not_to be_nil
|
32
32
|
expect(json['session']['expiration']).not_to be_nil
|
33
|
-
expect(user.id).to eq(json['session']['
|
33
|
+
expect(user.id).to eq(json['session']['user']['id'])
|
34
34
|
end
|
35
35
|
|
36
36
|
it 'fails to create a new session when authenticating with an invalid password' do
|
@@ -61,7 +61,7 @@ describe 'Session API' do
|
|
61
61
|
expect(json['session']).not_to be_nil
|
62
62
|
expect(json['session']['key']).not_to be_nil
|
63
63
|
expect(json['session']['expiration']).not_to be_nil
|
64
|
-
expect(user.id).to eq(json['session']['
|
64
|
+
expect(user.id).to eq(json['session']['user']['id'])
|
65
65
|
end
|
66
66
|
|
67
67
|
it 'fetching an expired session fails' do
|
@@ -53,4 +53,18 @@ describe 'Users API' do
|
|
53
53
|
|
54
54
|
expect(last_response.status).to eq(401)
|
55
55
|
end
|
56
|
+
|
57
|
+
it 'does not serialze password digest' do
|
58
|
+
user = create_user
|
59
|
+
session = Session.create!(user_id: user.id)
|
60
|
+
|
61
|
+
header 'Authorization', 'Token token=' + session.key
|
62
|
+
get '/users/' + user.id.to_s + '/'
|
63
|
+
|
64
|
+
expect(last_response.status).to eq(200)
|
65
|
+
json = JSON.parse(last_response.body)
|
66
|
+
|
67
|
+
expect(json['user']).not_to be_nil
|
68
|
+
expect(json['user']['password_digest']).to be_nil
|
69
|
+
end
|
56
70
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: token_authenticate_me
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.3.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Clopton
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2014-
|
12
|
+
date: 2014-12-15 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activerecord
|