touth 1.1.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +6 -1
- data/lib/touth.rb +10 -1
- data/lib/touth/action_controller_support.rb +44 -13
- data/lib/touth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b5c9606601957745782f3a95f89890c4e04158f3
|
4
|
+
data.tar.gz: ae2ba2ffb33fc6123c1845d3a8f037bc969e6377
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f0a2521d1fe43298dda2b6d18bde9029e89618d24ae9c2663494668b4c33be6cb7e828a101b3860c8d0b5e8774b49bac84d9c46152db19aee2442389433f645f
|
7
|
+
data.tar.gz: ff8ce766e8ff563746aec8a1307283793c0950a21ac68caade746eb827de1106bad7f1c383aad89f06aa287d0a85b02720ca4fc1d5f7bdfec9049b4a9a5dbabf
|
data/README.md
CHANGED
@@ -47,7 +47,7 @@ Checking if a user is signed in, and getting the current signed-in user, the fol
|
|
47
47
|
|
48
48
|
### Hooks
|
49
49
|
|
50
|
-
- `
|
50
|
+
- `authenticate_user_account!`
|
51
51
|
|
52
52
|
|
53
53
|
Usage
|
@@ -114,6 +114,11 @@ Touth.setup do |config|
|
|
114
114
|
# Header name
|
115
115
|
config.header_name = 'X-Access-Token'
|
116
116
|
|
117
|
+
# Allow raise access token errors.
|
118
|
+
# If set to true, you can use `rescue_from` method in your controller.
|
119
|
+
# Otherwise, it will render a blank page with unauthorized status-code.
|
120
|
+
config.allow_raise = false
|
121
|
+
|
117
122
|
end
|
118
123
|
```
|
119
124
|
|
data/lib/touth.rb
CHANGED
@@ -17,17 +17,22 @@ module Touth
|
|
17
17
|
attr_accessor :access_token_lifetime,
|
18
18
|
:client_secret_key,
|
19
19
|
:password_field,
|
20
|
-
:header_name
|
20
|
+
:header_name,
|
21
|
+
:allow_raise
|
21
22
|
|
22
23
|
def initialize
|
23
24
|
@access_token_lifetime = 60 * (24 * 60 * 60) # 60 days
|
24
25
|
@client_secret_key = '' # use SecureRandom.hex(64) to generate one
|
25
26
|
@password_field = :encrypted_password
|
26
27
|
@header_name = 'X-Access-Token'
|
28
|
+
@allow_raise = false
|
27
29
|
end
|
28
30
|
|
29
31
|
end
|
30
32
|
|
33
|
+
class InvalidAccessTokenError < StandardError; end
|
34
|
+
class ResourceConflictError < StandardError; end
|
35
|
+
|
31
36
|
class << self
|
32
37
|
|
33
38
|
def setup
|
@@ -54,6 +59,10 @@ module Touth
|
|
54
59
|
|
55
60
|
end
|
56
61
|
|
62
|
+
def self.get_resource_name(name)
|
63
|
+
name.to_s.gsub('::', '_').underscore
|
64
|
+
end
|
65
|
+
|
57
66
|
end
|
58
67
|
|
59
68
|
|
@@ -5,39 +5,70 @@ module Touth
|
|
5
5
|
mattr_accessor :access_token_resources
|
6
6
|
|
7
7
|
def token_authentication_for(resource_name)
|
8
|
-
resource_name = resource_name
|
9
|
-
name = resource_name.gsub('::', '_').underscore
|
8
|
+
resource_name = Touth.get_resource_name resource_name
|
10
9
|
|
11
|
-
|
12
|
-
self.access_token_resources = {}
|
13
|
-
before_action :authenticate_token!
|
14
|
-
end
|
10
|
+
self.access_token_resources ||= {}
|
15
11
|
|
16
|
-
define_method "#{
|
12
|
+
define_method "#{resource_name}_signed_in?" do
|
17
13
|
!!self.class.access_token_resources[resource_name]
|
18
14
|
end
|
19
15
|
|
20
|
-
define_method "current_#{
|
16
|
+
define_method "current_#{resource_name}" do
|
21
17
|
self.class.access_token_resources[resource_name]
|
22
18
|
end
|
19
|
+
|
20
|
+
callback_name = "authenticate_#{resource_name}!".to_sym
|
21
|
+
|
22
|
+
unless method_defined? callback_name
|
23
|
+
define_method callback_name do
|
24
|
+
authenticate_token_for! resource_name
|
25
|
+
end
|
26
|
+
|
27
|
+
protected callback_name
|
28
|
+
before_action callback_name
|
29
|
+
end
|
23
30
|
end
|
24
31
|
|
25
32
|
end
|
26
33
|
|
27
34
|
module InstanceMethods
|
28
35
|
|
29
|
-
|
36
|
+
protected
|
37
|
+
|
38
|
+
def authenticate_token_for!(resource_name)
|
39
|
+
if Touth.allow_raise
|
40
|
+
set_token_authorized_model resource_name
|
41
|
+
else
|
42
|
+
begin
|
43
|
+
set_token_authorized_model resource_name
|
44
|
+
rescue
|
45
|
+
return unauthorized_token_error
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def set_token_authorized_model(resource_name)
|
51
|
+
resource_name = Touth.get_resource_name resource_name
|
30
52
|
|
31
|
-
def authenticate_token!
|
32
53
|
token = request.headers[Touth.header_name]
|
33
54
|
|
34
55
|
unless token && Authenticator.valid_access_token?(token)
|
35
|
-
|
36
|
-
return false
|
56
|
+
raise InvalidAccessTokenError, 'access token is not valid'
|
37
57
|
end
|
38
58
|
|
39
59
|
model = Authenticator.get_model token
|
40
|
-
|
60
|
+
model_name = Touth.get_resource_name model.class.name
|
61
|
+
|
62
|
+
unless model_name == resource_name
|
63
|
+
raise ResourceConflictError, 'attempted %s to login, expected %s' % [model, resource_name]
|
64
|
+
end
|
65
|
+
|
66
|
+
self.class.access_token_resources[model_name] = model
|
67
|
+
end
|
68
|
+
|
69
|
+
def unauthorized_token_error
|
70
|
+
render nothing: true, status: :unauthorized
|
71
|
+
false
|
41
72
|
end
|
42
73
|
|
43
74
|
end
|
data/lib/touth/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: touth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.1.
|
4
|
+
version: 1.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yuki Iwanaga
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-09-
|
11
|
+
date: 2014-09-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: activesupport
|