RubyGems - token_authenticate_me - Versions diffs - 0.4.3 → 0.5.0 - Mend

token_authenticate_me 0.4.3 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (117) hide show

checksums.yaml +4 -4
data/{LICENSE → MIT-LICENSE} +1 -1
data/Rakefile +27 -11
data/app/controllers/token_authenticate_me/api/v1/base_controller.rb +9 -0
data/app/controllers/token_authenticate_me/api/v1/invites_controller.rb +14 -0
data/app/controllers/token_authenticate_me/api/v1/password_resets_controller.rb +11 -0
data/app/controllers/token_authenticate_me/api/v1/sessions_controller.rb +11 -0
data/app/controllers/token_authenticate_me/api/v1/users_controller.rb +17 -0
data/app/controllers/token_authenticate_me/application_controller.rb +5 -0
data/app/helpers/token_authenticate_me/application_helper.rb +4 -0
data/app/mailers/token_authenticate_me_mailer.rb +16 -9
data/app/models/token_authenticate_me/invite.rb +11 -0
data/app/models/token_authenticate_me/session.rb +8 -0
data/app/models/token_authenticate_me/user.rb +11 -0
data/app/views/token_authenticate_me_mailer/invite_user_email.html.erb +0 -0
data/config/routes.rb +23 -0
data/db/migrate/20160620184327_create_token_authenticate_me_invites.rb +14 -0
data/db/migrate/20160621211347_create_token_authenticate_me_users.rb +18 -0
data/db/migrate/20160622203801_create_token_authenticate_me_sessions.rb +14 -0
data/lib/generators/token_authenticate_me/controllers/controllers_generator.rb +1 -76
data/lib/generators/token_authenticate_me/install/install_generator.rb +9 -3
data/lib/generators/token_authenticate_me/models/models_generator.rb +1 -59
data/lib/generators/token_authenticate_me/policies/policies_generator.rb +15 -0
data/lib/generators/token_authenticate_me/policies/templates/invite_policy.rb +31 -0
data/lib/generators/token_authenticate_me/policies/templates/user_policy.rb +23 -0
data/lib/tasks/token_authenticate_me_tasks.rake +4 -0
data/lib/token_authenticate_me.rb +11 -0
data/lib/token_authenticate_me/concerns/controllers/invitable.rb +58 -0
data/lib/token_authenticate_me/concerns/controllers/password_resetable.rb +97 -0
data/lib/token_authenticate_me/concerns/controllers/sessionable.rb +55 -0
data/lib/token_authenticate_me/concerns/controllers/token_authenticateable.rb +45 -0
data/lib/token_authenticate_me/concerns/models/authenticatable.rb +102 -0
data/lib/token_authenticate_me/concerns/models/invitable.rb +20 -0
data/lib/token_authenticate_me/concerns/models/sessionable.rb +44 -0
data/lib/token_authenticate_me/configuration.rb +16 -0
data/lib/token_authenticate_me/engine.rb +2 -2
data/lib/token_authenticate_me/models.rb +4 -0
data/lib/token_authenticate_me/version.rb +1 -1
data/test/dummy/README.rdoc +28 -0
data/test/dummy/Rakefile +6 -0
data/test/dummy/app/assets/javascripts/application.js +13 -0
data/test/dummy/app/assets/stylesheets/application.css +15 -0
data/{spec/internal → test/dummy}/app/controllers/application_controller.rb +0 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/bin/bundle +3 -0
data/test/dummy/bin/rails +4 -0
data/test/dummy/bin/rake +4 -0
data/test/dummy/bin/setup +29 -0
data/test/dummy/config.ru +4 -0
data/test/dummy/config/application.rb +25 -0
data/test/dummy/config/boot.rb +5 -0
data/test/dummy/config/database.yml +25 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +41 -0
data/test/dummy/config/environments/production.rb +79 -0
data/test/dummy/config/environments/test.rb +42 -0
data/test/dummy/config/initializers/assets.rb +11 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
data/test/dummy/config/initializers/inflections.rb +16 -0
data/test/dummy/config/initializers/mime_types.rb +4 -0
data/test/dummy/config/initializers/session_store.rb +3 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +23 -0
data/test/dummy/config/routes.rb +3 -0
data/test/dummy/config/secrets.yml +22 -0
data/test/dummy/log/test.log +0 -0
data/test/dummy/public/404.html +67 -0
data/test/dummy/public/422.html +67 -0
data/test/dummy/public/500.html +66 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/fixtures/token_authenticate_me/invites.yml +11 -0
data/test/fixtures/token_authenticate_me/sessions.yml +11 -0
data/test/fixtures/token_authenticate_me/users.yml +11 -0
data/test/integration/navigation_test.rb +7 -0
data/test/models/token_authenticate_me/invite_test.rb +9 -0
data/test/models/token_authenticate_me/session_test.rb +9 -0
data/test/models/token_authenticate_me/user_test.rb +9 -0
data/test/test_helper.rb +21 -0
data/test/token_authenticate_me_test.rb +7 -0
metadata +129 -160
data/.editorconfig +0 -41
data/.gitignore +0 -4
data/.rubocop.yml +0 -8
data/CHANGELOG.md +0 -2
data/Gemfile +0 -7
data/config.ru +0 -7
data/lib/generators/token_authenticate_me/controllers/templates/password_reset.rb +0 -6
data/lib/generators/token_authenticate_me/controllers/templates/sessions.rb +0 -6
data/lib/generators/token_authenticate_me/controllers/templates/users.rb +0 -8
data/lib/generators/token_authenticate_me/models/templates/authentication_migration.rb +0 -20
data/lib/generators/token_authenticate_me/models/templates/authentication_model.rb +0 -11
data/lib/generators/token_authenticate_me/models/templates/session_migration.rb +0 -17
data/lib/generators/token_authenticate_me/models/templates/session_model.rb +0 -12
data/lib/token_authenticate_me/controllers/password_resetable.rb +0 -95
data/lib/token_authenticate_me/controllers/sessionable.rb +0 -53
data/lib/token_authenticate_me/controllers/token_authenticateable.rb +0 -52
data/lib/token_authenticate_me/models/authenticatable.rb +0 -93
data/lib/token_authenticate_me/models/sessionable.rb +0 -36
data/spec/acceptance/password_reset_api_spec.rb +0 -111
data/spec/acceptance/session_api_spec.rb +0 -95
data/spec/acceptance/users_api_spec.rb +0 -70
data/spec/internal/app/controllers/password_resets_controller.rb +0 -5
data/spec/internal/app/controllers/sessions_controller.rb +0 -5
data/spec/internal/app/controllers/users_controller.rb +0 -7
data/spec/internal/app/models/session.rb +0 -11
data/spec/internal/app/models/user.rb +0 -11
data/spec/internal/app/policies/user_policy.rb +0 -29
data/spec/internal/app/serializers/user_serializer.rb +0 -3
data/spec/internal/config/database.yml +0 -3
data/spec/internal/config/routes.rb +0 -13
data/spec/internal/db/fixtures/users.rb +0 -11
data/spec/internal/db/schema.rb +0 -19
data/spec/spec_helper.rb +0 -38
data/token_authenticate_me.gemspec +0 -32

data/.rubocop.yml DELETED Viewed

@@ -1,8 +0,0 @@
-AllCops:
-  Exclude:
-    - '**/templates/*'
-    - '*.gemspec'
-LineLength:
-  Max: 100
-Documentation:
-  Enabled: false

data/CHANGELOG.md DELETED Viewed

	@@ -1,2 +0,0 @@
1	- ## 0.4.2 / 2015-09-08
2	- * [BUGFIX] fixed bug #26.

data/Gemfile DELETED Viewed

@@ -1,7 +0,0 @@
-source 'https://rubygems.org'
-gemspec
-group :test do
-  gem 'active_model_serializers', '~> 0.8.0'
-end

data/config.ru DELETED Viewed

@@ -1,7 +0,0 @@
-require 'rubygems'
-require 'bundler'
-Bundler.require :default, :development
-Combustion.initialize!
-run Combustion::Application

data/lib/generators/token_authenticate_me/controllers/templates/password_reset.rb DELETED Viewed

@@ -1,6 +0,0 @@
-require 'token_authenticate_me/controllers/password_resetable'
-class Api::PasswordResetsController < ApplicationController
-  include TokenAuthenticateMe::Controllers::PasswordResetable
-end

data/lib/generators/token_authenticate_me/controllers/templates/sessions.rb DELETED Viewed

@@ -1,6 +0,0 @@
-require 'token_authenticate_me/controllers/sessionable'
-class Api::SessionsController < ApplicationController
-  include TokenAuthenticateMe::Controllers::Sessionable
-end

data/lib/generators/token_authenticate_me/controllers/templates/users.rb DELETED Viewed

@@ -1,8 +0,0 @@
-require 'token_authenticate_me/controllers/token_authenticateable'
-class Api::V1::UsersController < ApplicationController
-  include ApiMe
-  include TokenAuthenticateMe::Controllers::TokenAuthenticateable
-  skip_before_action :authenticate, only: [:create]
-end

data/lib/generators/token_authenticate_me/models/templates/authentication_migration.rb DELETED Viewed

@@ -1,20 +0,0 @@
-class CreateUsers < ActiveRecord::Migration
-  def up
-    create_table :users do |t|
-      t.string :username,  null: false
-      t.string :email, null: false
-      t.string :password_digest, null: false
-      t.string :reset_password_token
-      t.datetime :reset_password_token_exp
-      t.timestamps
-    end
-    add_index :users, :email,                unique: true
-    add_index :users, :username,             unique: true
-    add_index :users, :reset_password_token, unique: true
-  end
-  def down
-    drop_table :users
-  end
-end

data/lib/generators/token_authenticate_me/models/templates/authentication_model.rb DELETED Viewed

@@ -1,11 +0,0 @@
-require 'token_authenticate_me/models/authenticatable'
-class User < ActiveRecord::Base
-  include TokenAuthenticateMe::Models::Authenticatable
-  has_many :<%= session_model_plural_name %>
-  def as_json(options=nil)
-    { <%= authenticate_model_singular_name %>: super(options) }
-  end
-end

data/lib/generators/token_authenticate_me/models/templates/session_migration.rb DELETED Viewed

@@ -1,17 +0,0 @@
-class CreateSessions < ActiveRecord::Migration
-  def up
-    create_table :sessions do |t|
-      t.string   :key,        null: false
-      t.datetime :expiration
-      t.integer  :user_id
-      t.timestamps
-    end
-    add_index :sessions, :key, unique: true
-  end
-  def down
-    drop_table :sessions
-  end
-end

data/lib/generators/token_authenticate_me/models/templates/session_model.rb DELETED Viewed

@@ -1,12 +0,0 @@
-require 'token_authenticate_me/models/sessionable'
-class Session < ActiveRecord::Base
-  include TokenAuthenticateMe::Models::Sessionable
-  belongs_to :<%= authenticate_model_singular_name %>
-  def as_json(options={})
-    { <%= session_model_singular_name %>: super({ include: :<%= authenticate_model_singular_name %> }.merge(options)) }
-  end
-end

data/lib/token_authenticate_me/controllers/password_resetable.rb DELETED Viewed

@@ -1,95 +0,0 @@
-require 'active_support/concern'
-require 'token_authenticate_me/controllers/token_authenticateable'
-module TokenAuthenticateMe
-  module Controllers
-    module PasswordResetable
-      extend ActiveSupport::Concern
-      included do
-        include TokenAuthenticateMe::Controllers::TokenAuthenticateable
-        skip_before_action :authenticate, only: [:create, :update]
-        before_action :validate_reset_token, only: [:update]
-        # Send reset token to user with e-mail address
-        def create
-          @user = User.find_by_email(params[:email])
-          if @user
-            send_valid_reset_email(@user)
-          else
-            send_invalid_reset_email(params[:email])
-          end
-          render status: 204, nothing: true
-        end
-        # Allow user to reset password when the token is valid
-        # and not expired
-        def update
-          @user.update!(
-            password: params[:password],
-            password_confirmation: params[:password_confirmation],
-            reset_password_token: nil,
-            reset_password_token_exp: nil
-          )
-          render status: 204, nothing: true
-        rescue ActiveRecord::RecordInvalid => e
-          handle_errors(e)
-        end
-        private
-        def send_valid_reset_email(user)
-          user.create_reset_token!
-          TokenAuthenticateMeMailer.valid_user_reset_password_email(
-            request.base_url,
-            user
-          ).deliver
-        end
-        def send_invalid_reset_email(email)
-          TokenAuthenticateMeMailer.invalid_user_reset_password_email(
-            request.base_url,
-            email
-          ).deliver
-        end
-        def session_params
-          params.permit(:password, :password_confirmation)
-        end
-        def render_errors(errors, status = 422)
-          render(json: { errors: errors }, status: status)
-        end
-        def handle_errors(e)
-          render_errors(e.record.errors.messages)
-        end
-        def validate_reset_token
-          valid_reset_token? || render_not_found
-        end
-        def render_not_found
-          render status: 404, nothing: true
-        end
-        def valid_reset_token?
-          # Check for
-          # https://github.com/rails/rails/commit/e8572cf2f94872d81e7145da31d55c6e1b074247
-          # security issue when config.action_dispatch.perform_deep_munge = false is set
-          # which is common for JSON APIs
-          return false if params[:id].class == Array || params[:id].nil?
-          @user = User.find_by_reset_password_token(params[:id])
-          @user && @user.reset_password_token_exp > DateTime.now
-        end
-      end
-    end
-  end
-end

data/lib/token_authenticate_me/controllers/sessionable.rb DELETED Viewed

@@ -1,53 +0,0 @@
-require 'active_support/concern'
-require 'token_authenticate_me/controllers/token_authenticateable'
-module TokenAuthenticateMe
-  module Controllers
-    module Sessionable
-      extend ActiveSupport::Concern
-      include TokenAuthenticateMe::Controllers::TokenAuthenticateable
-      included do
-        skip_before_action :authenticate, only: [:create]
-        after_action :cleanup_sessions, only: [:destroy]
-        def create
-          resource = User.where('username=? OR email=?', params[:username], params[:username]).first
-          if resource && resource.authenticate(params[:password])
-            @session = Session.create(user_id: resource.id)
-            render json: @session, status: 201
-          else
-            render json: { message: 'Bad credentials' }, status: 401
-          end
-        end
-        def show
-          @session = authenticate_token
-          render json: @session
-        end
-        def destroy
-          authenticate_token.destroy
-          render status: 204, nothing: true
-        rescue
-          render_unauthorized
-        end
-        private
-        def session_params
-          params.permit(:username, :email, :password)
-        end
-        def cleanup_sessions
-          ApiSession.where('expiration < ?', DateTime.now).delete_all
-        rescue
-          Rails.logger.warn 'Error cleaning up old authentication sessions'
-        end
-      end
-    end
-  end
-end

data/lib/token_authenticate_me/controllers/token_authenticateable.rb DELETED Viewed

@@ -1,52 +0,0 @@
-require 'active_support/concern'
-module TokenAuthenticateMe
-  module Controllers
-    module TokenAuthenticateable
-      extend ActiveSupport::Concern
-      included do
-        before_action :authenticate
-      end
-      protected
-      def authenticate
-        authenticate_token || render_unauthorized
-      end
-      def current_user
-        if authenticate_token
-          @current_user ||= User.find_by_id(authenticate_token.user_id)
-        else
-          nil
-        end
-      end
-      def authenticate_token
-        @session ||= (
-          authenticate_with_http_token(&method(:token_handler)) || authenticate_with_params
-        )
-      end
-      def authenticate_with_params
-        token = params[:authentication_token]
-        token_handler(token, {})
-      end
-      def render_unauthorized
-        headers['WWW-Authenticate'] = 'Token realm="Application"'
-        render json: 'Bad credentials', status: 401
-      end
-      def token_handler(token, _options)
-        session = Session.find_by_key(token)
-        if session && session.expiration > DateTime.now
-          session
-        else
-          false
-        end
-      end
-    end
-  end
-end

data/lib/token_authenticate_me/models/authenticatable.rb DELETED Viewed

@@ -1,93 +0,0 @@
-require 'active_support/concern'
-module TokenAuthenticateMe
-  module Models
-    module Authenticatable
-      extend ActiveSupport::Concern
-      included do
-        has_secure_password validations: false
-        attr_accessor :current_password
-        validates(
-          :email,
-          presence: true,
-          uniqueness: { case_sensitive: false },
-          format: {
-            with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i,
-            message: 'invalid e-mail address'
-          }
-        )
-        validates(
-          :username,
-          format: { with: /\A[a-zA-Z0-9]+\Z/ },
-          presence: true,
-          uniqueness: { case_sensitive: false }
-        )
-        validates(
-          :password,
-          presence: true,
-          length: { in: 8..72 },
-          confirmation: true,
-          if: :password_required?
-        )
-        validate(
-          :current_password_correct,
-          if: :current_password_required?
-        )
-        def attributes
-          {
-            'id' => id,
-            'username' => username,
-            'email' => email,
-            'created_at' => created_at,
-            'updated_at' => updated_at
-          }
-        end
-        def create_reset_token!
-          # rubocop:disable Lint/Loop
-          begin
-            self.reset_password_token = SecureRandom.hex
-          end while self.class.exists?(reset_password_token: reset_password_token)
-          self.reset_password_token_exp = password_expiration_hours.hours.from_now
-          self.save!
-        end
-        def password_expiration_hours
-          8
-        end
-        def password=(unencrypted_password)
-          super(unencrypted_password) unless unencrypted_password.blank? && !password_required?
-        end
-        def current_password_correct
-          errors.add(:current_password, 'is required to change email and/or password') if current_password.blank? # rubocop:disable Metrics/LineLength
-          errors.add(:current_password, 'is incorrect') unless authenticate(current_password)
-        end
-        def current_password_required?
-          !new_record? && (email_changed? || attempting_to_change_password?) && !password_resetting?
-        end
-        def password_resetting?
-          reset_password_token_changed? && reset_password_token_exp_changed?
-        end
-        def password_required?
-          attempting_to_change_password? || new_record?
-        end
-        def attempting_to_change_password?
-          (!password.blank? || !password_confirmation.blank?) && password_digest_changed?
-        end
-      end
-    end
-  end
-end

data/lib/token_authenticate_me/models/sessionable.rb DELETED Viewed

@@ -1,36 +0,0 @@
-require 'active_support/concern'
-module TokenAuthenticateMe
-  module Models
-    module Sessionable
-      extend ActiveSupport::Concern
-      included do
-        before_create :generate_unique_key
-        def attributes
-          {
-            'key' => key,
-            'expiration' => expiration,
-            'created_at' => created_at,
-            'updated_at' => updated_at
-          }
-        end
-        private
-        def generate_unique_key
-          begin
-            self.key = SecureRandom.hex
-          end while self.class.exists?(key: key) # rubocop:disable Lint/Loop
-          self.expiration = expiration_hours.hours.from_now
-        end
-        def expiration_hours
-          24
-        end
-      end
-    end
-  end
-end