touth 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 469a3737bb35a3a5c9b14d4af257e0a2c7d2e0f6
4
- data.tar.gz: 630d22bfbd1c42c70a376555826ec1e4aac5a585
3
+ metadata.gz: b5c9606601957745782f3a95f89890c4e04158f3
4
+ data.tar.gz: ae2ba2ffb33fc6123c1845d3a8f037bc969e6377
5
5
  SHA512:
6
- metadata.gz: dfb8ea431513911ee94fa8df7997bf333b79dad68da0a3819fc5494981584693a2278c4f1600bc84e2d6043c4bb8d9ca91782b2b5b3011b25729fbfef79d30ae
7
- data.tar.gz: ca035808f9b2fc84027c6a5fde3cbcbbf8ac2bf7937c3951cac4672184966b4d4057166955ff3bf267f23d0e73d0556fc4dd96983416f65c721e93ddb336d2fa
6
+ metadata.gz: f0a2521d1fe43298dda2b6d18bde9029e89618d24ae9c2663494668b4c33be6cb7e828a101b3860c8d0b5e8774b49bac84d9c46152db19aee2442389433f645f
7
+ data.tar.gz: ff8ce766e8ff563746aec8a1307283793c0950a21ac68caade746eb827de1106bad7f1c383aad89f06aa287d0a85b02720ca4fc1d5f7bdfec9049b4a9a5dbabf
data/README.md CHANGED
@@ -47,7 +47,7 @@ Checking if a user is signed in, and getting the current signed-in user, the fol
47
47
 
48
48
  ### Hooks
49
49
 
50
- - `authenticate_token!`
50
+ - `authenticate_user_account!`
51
51
 
52
52
 
53
53
  Usage
@@ -114,6 +114,11 @@ Touth.setup do |config|
114
114
  # Header name
115
115
  config.header_name = 'X-Access-Token'
116
116
 
117
+ # Allow raise access token errors.
118
+ # If set to true, you can use `rescue_from` method in your controller.
119
+ # Otherwise, it will render a blank page with unauthorized status-code.
120
+ config.allow_raise = false
121
+
117
122
  end
118
123
  ```
119
124
 
@@ -17,17 +17,22 @@ module Touth
17
17
  attr_accessor :access_token_lifetime,
18
18
  :client_secret_key,
19
19
  :password_field,
20
- :header_name
20
+ :header_name,
21
+ :allow_raise
21
22
 
22
23
  def initialize
23
24
  @access_token_lifetime = 60 * (24 * 60 * 60) # 60 days
24
25
  @client_secret_key = '' # use SecureRandom.hex(64) to generate one
25
26
  @password_field = :encrypted_password
26
27
  @header_name = 'X-Access-Token'
28
+ @allow_raise = false
27
29
  end
28
30
 
29
31
  end
30
32
 
33
+ class InvalidAccessTokenError < StandardError; end
34
+ class ResourceConflictError < StandardError; end
35
+
31
36
  class << self
32
37
 
33
38
  def setup
@@ -54,6 +59,10 @@ module Touth
54
59
 
55
60
  end
56
61
 
62
+ def self.get_resource_name(name)
63
+ name.to_s.gsub('::', '_').underscore
64
+ end
65
+
57
66
  end
58
67
 
59
68
 
@@ -5,39 +5,70 @@ module Touth
5
5
  mattr_accessor :access_token_resources
6
6
 
7
7
  def token_authentication_for(resource_name)
8
- resource_name = resource_name.to_s
9
- name = resource_name.gsub('::', '_').underscore
8
+ resource_name = Touth.get_resource_name resource_name
10
9
 
11
- unless self.access_token_resources
12
- self.access_token_resources = {}
13
- before_action :authenticate_token!
14
- end
10
+ self.access_token_resources ||= {}
15
11
 
16
- define_method "#{name}_signed_in?" do
12
+ define_method "#{resource_name}_signed_in?" do
17
13
  !!self.class.access_token_resources[resource_name]
18
14
  end
19
15
 
20
- define_method "current_#{name}" do
16
+ define_method "current_#{resource_name}" do
21
17
  self.class.access_token_resources[resource_name]
22
18
  end
19
+
20
+ callback_name = "authenticate_#{resource_name}!".to_sym
21
+
22
+ unless method_defined? callback_name
23
+ define_method callback_name do
24
+ authenticate_token_for! resource_name
25
+ end
26
+
27
+ protected callback_name
28
+ before_action callback_name
29
+ end
23
30
  end
24
31
 
25
32
  end
26
33
 
27
34
  module InstanceMethods
28
35
 
29
- protected
36
+ protected
37
+
38
+ def authenticate_token_for!(resource_name)
39
+ if Touth.allow_raise
40
+ set_token_authorized_model resource_name
41
+ else
42
+ begin
43
+ set_token_authorized_model resource_name
44
+ rescue
45
+ return unauthorized_token_error
46
+ end
47
+ end
48
+ end
49
+
50
+ def set_token_authorized_model(resource_name)
51
+ resource_name = Touth.get_resource_name resource_name
30
52
 
31
- def authenticate_token!
32
53
  token = request.headers[Touth.header_name]
33
54
 
34
55
  unless token && Authenticator.valid_access_token?(token)
35
- render nothing: true, status: :unauthorized
36
- return false
56
+ raise InvalidAccessTokenError, 'access token is not valid'
37
57
  end
38
58
 
39
59
  model = Authenticator.get_model token
40
- self.class.access_token_resources[model.class.name] = model
60
+ model_name = Touth.get_resource_name model.class.name
61
+
62
+ unless model_name == resource_name
63
+ raise ResourceConflictError, 'attempted %s to login, expected %s' % [model, resource_name]
64
+ end
65
+
66
+ self.class.access_token_resources[model_name] = model
67
+ end
68
+
69
+ def unauthorized_token_error
70
+ render nothing: true, status: :unauthorized
71
+ false
41
72
  end
42
73
 
43
74
  end
@@ -1,3 +1,3 @@
1
1
  module Touth
2
- VERSION = '1.1.1'
2
+ VERSION = '1.1.2'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: touth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Yuki Iwanaga
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-19 00:00:00.000000000 Z
11
+ date: 2014-09-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activesupport