token_secret_auth 0.1.0 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +10 -14
- data/lib/token_secret_auth/base.rb +3 -3
- data/lib/token_secret_auth/version.rb +1 -1
- data/token_secret_auth.gemspec +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a4a7992e33456c0ba7987304bfc6f6c10bf4c4af
|
|
4
|
+
data.tar.gz: 3d59ed947dab5ccf6a28c6b443074ab292b06201
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2c64ca8c0699bcacb8c559db10e301af58fcbbd9978da0b755b86850a74162cbc9335a896bf26c11a51b97763e3e951b1d9133b4fb61a849b02489b2b3ba9a92
|
|
7
|
+
data.tar.gz: 8f51df3f7c2dba055cfae7fadab7d87c4af07bfdd882d8cd764206657379dc756aafc681a2795d6af159cc527e9e93cd9ae07f8b21ab0b7b8285f68122b410e5
|
data/README.md
CHANGED
|
@@ -46,16 +46,14 @@ In your model file add:
|
|
|
46
46
|
|
|
47
47
|
include TokenSecretAuth
|
|
48
48
|
|
|
49
|
-
This grants your model instances the following methods:
|
|
50
|
-
|
|
51
|
-
#token, #decode_token, #generate_secret
|
|
49
|
+
> This grants your model instances the following methods: `#token, #decode_token, #generate_secret`
|
|
52
50
|
|
|
53
51
|
Also add to the model:
|
|
54
52
|
|
|
55
53
|
has_secure_password
|
|
56
54
|
|
|
57
55
|
Create and run a migration to add the `password_digest` field to your model.
|
|
58
|
-
For example on rails:
|
|
56
|
+
For example on rails:
|
|
59
57
|
|
|
60
58
|
$ rails generate migration AddPasswordDigestToApiClients password_digest:string
|
|
61
59
|
|
|
@@ -63,7 +61,7 @@ Note: you do not need a 'token' field on your model. `#token` is a virtual attr
|
|
|
63
61
|
|
|
64
62
|
## Usage
|
|
65
63
|
|
|
66
|
-
####
|
|
64
|
+
#### Getting the token
|
|
67
65
|
|
|
68
66
|
Tokens are generated from the model ID.
|
|
69
67
|
|
|
@@ -77,21 +75,19 @@ Secrets are randomly generated by `Model.generate_secret` or `#generate_secret`.
|
|
|
77
75
|
Store the secret using `#password=` or similar encrypted functionality.
|
|
78
76
|
|
|
79
77
|
```ruby
|
|
80
|
-
client = ApiClient.find_by_token('afuoisjdjl')
|
|
78
|
+
client = ApiClient.find_by_token('afuoisjdjl') # or ApiClient.new
|
|
81
79
|
client.password = client.generate_secret
|
|
82
80
|
client.save # bcrypt/has_secure_password will handle encryption
|
|
83
81
|
```
|
|
84
82
|
|
|
85
|
-
On Rails you may want to
|
|
83
|
+
On Rails you may want to use callbacks to generate the password automatically:
|
|
86
84
|
|
|
87
85
|
```ruby
|
|
88
|
-
before_validation :
|
|
89
|
-
|
|
90
|
-
def set_secret
|
|
91
|
-
self.password = generate_secret
|
|
92
|
-
end
|
|
86
|
+
before_validation :generate_secret, on: [ :new, :create ]
|
|
93
87
|
```
|
|
94
88
|
|
|
89
|
+
> Calling `generate_secret` on an instance will automatically set password to the new secret.
|
|
90
|
+
|
|
95
91
|
|
|
96
92
|
#### Passing token+secret to client
|
|
97
93
|
|
|
@@ -133,13 +129,13 @@ end
|
|
|
133
129
|
end
|
|
134
130
|
end
|
|
135
131
|
```
|
|
136
|
-
|
|
132
|
+
<!--
|
|
137
133
|
Headers are an even better way to pass authentication tokens. **TODO:**
|
|
138
134
|
|
|
139
135
|
```ruby
|
|
140
136
|
|
|
141
137
|
```
|
|
142
|
-
|
|
138
|
+
-->
|
|
143
139
|
|
|
144
140
|
#### salt
|
|
145
141
|
|
|
@@ -41,9 +41,9 @@ module TokenSecretAuth
|
|
|
41
41
|
decoded = TokenSecretAuth.hash_id.decode(token).first
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
-
# .
|
|
44
|
+
# .find_by_token
|
|
45
45
|
# Use on model files to find a particular instance based on the token (hashed ID)
|
|
46
|
-
def
|
|
46
|
+
def find_by_token(token)
|
|
47
47
|
begin
|
|
48
48
|
find(decode_token(token))
|
|
49
49
|
rescue Hashids::InputError
|
|
@@ -55,7 +55,7 @@ module TokenSecretAuth
|
|
|
55
55
|
# .authenticate_by_credentials
|
|
56
56
|
# finds correct instance by its token and then authenticates the password for that instance
|
|
57
57
|
def authenticate_by_credentials(token, secret=nil)
|
|
58
|
-
account =
|
|
58
|
+
account = find_by_token(token)
|
|
59
59
|
# note BCrypt's authenticate will return false or the object when matched
|
|
60
60
|
if account
|
|
61
61
|
account.authenticate(secret)
|
data/token_secret_auth.gemspec
CHANGED
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |spec|
|
|
|
10
10
|
spec.email = ["tgaff@alumni.nd.edu"]
|
|
11
11
|
|
|
12
12
|
spec.summary = %q{Simple token+secret authentication gem.}
|
|
13
|
-
spec.description = %q{Simple token
|
|
13
|
+
spec.description = %q{Simple token+secret authentication gem for use with has_secure_password for one-way encrypted secrets.}
|
|
14
14
|
spec.homepage = "https://github.com/tgaff/token_secret_auth"
|
|
15
15
|
spec.license = "MIT"
|
|
16
16
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: token_secret_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- tgaff
|
|
@@ -80,7 +80,8 @@ dependencies:
|
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
82
|
version: '0.11'
|
|
83
|
-
description: Simple token
|
|
83
|
+
description: Simple token+secret authentication gem for use with has_secure_password
|
|
84
|
+
for one-way encrypted secrets.
|
|
84
85
|
email:
|
|
85
86
|
- tgaff@alumni.nd.edu
|
|
86
87
|
executables: []
|