touth 1.1.2 → 1.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b5c9606601957745782f3a95f89890c4e04158f3
-  data.tar.gz: ae2ba2ffb33fc6123c1845d3a8f037bc969e6377
+  metadata.gz: 688b4aa6d17d873748b0e566d30fe1a5346bf1dc
+  data.tar.gz: 98a98a22385c71a83f5e2f1f41a34aa639156ea3
 SHA512:
-  metadata.gz: f0a2521d1fe43298dda2b6d18bde9029e89618d24ae9c2663494668b4c33be6cb7e828a101b3860c8d0b5e8774b49bac84d9c46152db19aee2442389433f645f
-  data.tar.gz: ff8ce766e8ff563746aec8a1307283793c0950a21ac68caade746eb827de1106bad7f1c383aad89f06aa287d0a85b02720ca4fc1d5f7bdfec9049b4a9a5dbabf
+  metadata.gz: ade3801f8ed0bb3b8bc29edc1d56c8f58724b96e1a561edc5233491eecf517845d46c6c7f63c6eee9f06a1bb3a09e72223b693b3ba8014fa57d01b73f5b0cdfb
+  data.tar.gz: e83ff2c7a4249a9709b99c5f4563cf93ed6c47a43d945859cef0d6ebc5852ff8a6da55f41c1e2bb64ce1dc5c6434741d444249229e9300161c67db507275d3af

data/.ruby-version

@@ -0,0 +1 @@
+2.1.2

data/README.md

@@ -23,7 +23,7 @@ gem 'touth'
 ```ruby
 class UserAccount < ActiveRecord::Base
 
-  acts_as_token_authenticatable
+  has_access_token
 
 end
 ```

data/lib/touth.rb

@@ -45,6 +45,10 @@ module Touth
       OpenSSL::HMAC.digest @digest_method, self.client_secret_key, data
     end
 
+    def get_resource_name(name)
+      name.to_s.gsub('::', '_').underscore
+    end
+
     def method_missing(method_name, *args, &block)
       if @config.respond_to? method_name
         @config.send method_name, *args, &block
@@ -59,10 +63,6 @@ module Touth
 
   end
 
-  def self.get_resource_name(name)
-    name.to_s.gsub('::', '_').underscore
-  end
-
 end
 
 

data/lib/touth/action_controller_support.rb

@@ -2,24 +2,28 @@ module Touth
   module ActionControllerSupport
     module ClassMethods
 
-      mattr_accessor :access_token_resources
+      mattr_accessor :token_authorized_resources
 
       def token_authentication_for(resource_name)
-        resource_name = Touth.get_resource_name resource_name
-
-        self.access_token_resources ||= {}
-
-        define_method "#{resource_name}_signed_in?" do
-          !!self.class.access_token_resources[resource_name]
-        end
+        self.token_authorized_resources ||= {}
 
-        define_method "current_#{resource_name}" do
-          self.class.access_token_resources[resource_name]
+        unless @_init_token_authenticator_hook
+          prepend_before_action :set_token_authorized_resource!
+          @_init_token_authenticator_hook = true
         end
 
+        resource_name = Touth.get_resource_name resource_name
         callback_name = "authenticate_#{resource_name}!".to_sym
 
         unless method_defined? callback_name
+          define_method "#{resource_name}_signed_in?" do
+            !!self.class.token_authorized_resources[resource_name]
+          end
+
+          define_method "current_#{resource_name}" do
+            self.class.token_authorized_resources[resource_name]
+          end
+
           define_method callback_name do
             authenticate_token_for! resource_name
           end
@@ -35,35 +39,25 @@ module Touth
 
       protected
 
-      def authenticate_token_for!(resource_name)
-        if Touth.allow_raise
-          set_token_authorized_model resource_name
-        else
-          begin
-            set_token_authorized_model resource_name
-          rescue
-            return unauthorized_token_error
-          end
-        end
-      end
-
-      def set_token_authorized_model(resource_name)
-        resource_name = Touth.get_resource_name resource_name
-
+      def set_token_authorized_resource!
         token = request.headers[Touth.header_name]
 
-        unless token && Authenticator.valid_access_token?(token)
-          raise InvalidAccessTokenError, 'access token is not valid'
-        end
+        return unless token && Authenticator.valid_access_token?(token)
 
-        model = Authenticator.get_model token
-        model_name = Touth.get_resource_name model.class.name
+        resource = Authenticator.get_resource token
+        resource_name = Touth.get_resource_name resource.class.name
 
-        unless model_name == resource_name
-          raise ResourceConflictError, 'attempted %s to login, expected %s' % [model, resource_name]
-        end
+        self.class.token_authorized_resources[resource_name] = resource
+      end
 
-        self.class.access_token_resources[model_name] = model
+      def authenticate_token_for!(resource_name)
+        unless self.class.token_authorized_resources[resource_name]
+          if Touth.allow_raise
+            raise InvalidAccessTokenError, 'access token is not valid'
+          else
+            return unauthorized_token_error
+          end
+        end
       end
 
       def unauthorized_token_error

data/lib/touth/active_record_support.rb

@@ -2,7 +2,7 @@ module Touth
   module ActiveRecordSupport
     module ClassMethods
 
-      def acts_as_token_authenticatable
+      def has_access_token
         include Touth::ActiveRecordSupport::InstanceMethods
       end
 
@@ -15,7 +15,7 @@ module Touth
       end
 
       def valid_access_token?(token)
-        Authenticator.get_model(token) == self
+        Authenticator.get_resource(token) == self
       end
 
     end

data/lib/touth/authenticator.rb

@@ -3,17 +3,17 @@ module Touth
 
   module_function
 
-    def issue_access_token(model, lifetime = Touth.access_token_lifetime)
+    def issue_access_token(resource, lifetime = Touth.access_token_lifetime)
       expires_at = Time.now.to_i + lifetime
 
       data = Marshal.dump([
-        model.class,
-        model.id,
+        resource.class,
+        resource.id,
         expires_at,
       ])
 
       data_sign = Touth.digest data
-      data_key = gen_data_key model, data_sign
+      data_key = gen_data_key resource, data_sign
 
       [
         data_sign,
@@ -23,25 +23,27 @@ module Touth
     end
 
     def valid_access_token?(token)
-      !!get_model(token)
+      !!get_resource(token)
     end
 
-    def get_model(token)
+    def get_resource(token)
       @access_token_data_cache ||= {}
-      model = @access_token_data_cache[token]
+      resource = @access_token_data_cache[token]
 
-      return model if model
+      return resource if resource
+
+      @access_token_data_cache[token] = nil
 
       begin
         data_sign, data_key, data = [token].pack('H*').unpack 'A32A32A*'
 
         if data_sign == Touth.digest(data)
-          model_class, id, expires_at = Marshal.load data
+          resource_class, id, expires_at = Marshal.load data
 
-          model = model_class.find id
+          resource = resource_class.find id
 
-          if gen_data_key(model, data_sign) == data_key && Time.now.to_i < expires_at
-            @access_token_data_cache[token] = model
+          if gen_data_key(resource, data_sign) == data_key && Time.now.to_i < expires_at
+            @access_token_data_cache[token] = resource
           end
         end
       rescue
@@ -49,8 +51,8 @@ module Touth
       end
     end
 
-    def gen_data_key(model, data_sign)
-      Touth.digest [data_sign, model.send(Touth.password_field)].join
+    def gen_data_key(resource, data_sign)
+      Touth.digest [data_sign, resource.send(Touth.password_field)].join
     end
 
   end

data/lib/touth/version.rb

@@ -1,3 +1,3 @@
 module Touth
-  VERSION = '1.1.2'
+  VERSION = '1.2.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: touth
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.2.0
 platform: ruby
 authors:
 - Yuki Iwanaga
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-09-23 00:00:00.000000000 Z
+date: 2014-11-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -66,6 +66,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".ruby-version"
 - Gemfile
 - LICENSE
 - README.md