touth 1.1.1 → 1.1.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 469a3737bb35a3a5c9b14d4af257e0a2c7d2e0f6
4
- data.tar.gz: 630d22bfbd1c42c70a376555826ec1e4aac5a585
3
+ metadata.gz: b5c9606601957745782f3a95f89890c4e04158f3
4
+ data.tar.gz: ae2ba2ffb33fc6123c1845d3a8f037bc969e6377
5
5
  SHA512:
6
- metadata.gz: dfb8ea431513911ee94fa8df7997bf333b79dad68da0a3819fc5494981584693a2278c4f1600bc84e2d6043c4bb8d9ca91782b2b5b3011b25729fbfef79d30ae
7
- data.tar.gz: ca035808f9b2fc84027c6a5fde3cbcbbf8ac2bf7937c3951cac4672184966b4d4057166955ff3bf267f23d0e73d0556fc4dd96983416f65c721e93ddb336d2fa
6
+ metadata.gz: f0a2521d1fe43298dda2b6d18bde9029e89618d24ae9c2663494668b4c33be6cb7e828a101b3860c8d0b5e8774b49bac84d9c46152db19aee2442389433f645f
7
+ data.tar.gz: ff8ce766e8ff563746aec8a1307283793c0950a21ac68caade746eb827de1106bad7f1c383aad89f06aa287d0a85b02720ca4fc1d5f7bdfec9049b4a9a5dbabf
data/README.md CHANGED
@@ -47,7 +47,7 @@ Checking if a user is signed in, and getting the current signed-in user, the fol
47
47
 
48
48
  ### Hooks
49
49
 
50
- - `authenticate_token!`
50
+ - `authenticate_user_account!`
51
51
 
52
52
 
53
53
  Usage
@@ -114,6 +114,11 @@ Touth.setup do |config|
114
114
  # Header name
115
115
  config.header_name = 'X-Access-Token'
116
116
 
117
+ # Allow raise access token errors.
118
+ # If set to true, you can use `rescue_from` method in your controller.
119
+ # Otherwise, it will render a blank page with unauthorized status-code.
120
+ config.allow_raise = false
121
+
117
122
  end
118
123
  ```
119
124
 
@@ -17,17 +17,22 @@ module Touth
17
17
  attr_accessor :access_token_lifetime,
18
18
  :client_secret_key,
19
19
  :password_field,
20
- :header_name
20
+ :header_name,
21
+ :allow_raise
21
22
 
22
23
  def initialize
23
24
  @access_token_lifetime = 60 * (24 * 60 * 60) # 60 days
24
25
  @client_secret_key = '' # use SecureRandom.hex(64) to generate one
25
26
  @password_field = :encrypted_password
26
27
  @header_name = 'X-Access-Token'
28
+ @allow_raise = false
27
29
  end
28
30
 
29
31
  end
30
32
 
33
+ class InvalidAccessTokenError < StandardError; end
34
+ class ResourceConflictError < StandardError; end
35
+
31
36
  class << self
32
37
 
33
38
  def setup
@@ -54,6 +59,10 @@ module Touth
54
59
 
55
60
  end
56
61
 
62
+ def self.get_resource_name(name)
63
+ name.to_s.gsub('::', '_').underscore
64
+ end
65
+
57
66
  end
58
67
 
59
68
 
@@ -5,39 +5,70 @@ module Touth
5
5
  mattr_accessor :access_token_resources
6
6
 
7
7
  def token_authentication_for(resource_name)
8
- resource_name = resource_name.to_s
9
- name = resource_name.gsub('::', '_').underscore
8
+ resource_name = Touth.get_resource_name resource_name
10
9
 
11
- unless self.access_token_resources
12
- self.access_token_resources = {}
13
- before_action :authenticate_token!
14
- end
10
+ self.access_token_resources ||= {}
15
11
 
16
- define_method "#{name}_signed_in?" do
12
+ define_method "#{resource_name}_signed_in?" do
17
13
  !!self.class.access_token_resources[resource_name]
18
14
  end
19
15
 
20
- define_method "current_#{name}" do
16
+ define_method "current_#{resource_name}" do
21
17
  self.class.access_token_resources[resource_name]
22
18
  end
19
+
20
+ callback_name = "authenticate_#{resource_name}!".to_sym
21
+
22
+ unless method_defined? callback_name
23
+ define_method callback_name do
24
+ authenticate_token_for! resource_name
25
+ end
26
+
27
+ protected callback_name
28
+ before_action callback_name
29
+ end
23
30
  end
24
31
 
25
32
  end
26
33
 
27
34
  module InstanceMethods
28
35
 
29
- protected
36
+ protected
37
+
38
+ def authenticate_token_for!(resource_name)
39
+ if Touth.allow_raise
40
+ set_token_authorized_model resource_name
41
+ else
42
+ begin
43
+ set_token_authorized_model resource_name
44
+ rescue
45
+ return unauthorized_token_error
46
+ end
47
+ end
48
+ end
49
+
50
+ def set_token_authorized_model(resource_name)
51
+ resource_name = Touth.get_resource_name resource_name
30
52
 
31
- def authenticate_token!
32
53
  token = request.headers[Touth.header_name]
33
54
 
34
55
  unless token && Authenticator.valid_access_token?(token)
35
- render nothing: true, status: :unauthorized
36
- return false
56
+ raise InvalidAccessTokenError, 'access token is not valid'
37
57
  end
38
58
 
39
59
  model = Authenticator.get_model token
40
- self.class.access_token_resources[model.class.name] = model
60
+ model_name = Touth.get_resource_name model.class.name
61
+
62
+ unless model_name == resource_name
63
+ raise ResourceConflictError, 'attempted %s to login, expected %s' % [model, resource_name]
64
+ end
65
+
66
+ self.class.access_token_resources[model_name] = model
67
+ end
68
+
69
+ def unauthorized_token_error
70
+ render nothing: true, status: :unauthorized
71
+ false
41
72
  end
42
73
 
43
74
  end
@@ -1,3 +1,3 @@
1
1
  module Touth
2
- VERSION = '1.1.1'
2
+ VERSION = '1.1.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: touth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yuki Iwanaga
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-19 00:00:00.000000000 Z
11
+ date: 2014-09-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport