tyrant 0.0.1 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d2f54842fb5f05856d5b2117e524ecca85e359e7
-  data.tar.gz: 73dc1f4b6625fb1f68a34eecbbf098fc4cb4c718
+  metadata.gz: 0686d74d8af9df770a7c8eedd729b6e375e0bed2
+  data.tar.gz: f079966822ca11c34637655e8d520b96941f664e
 SHA512:
-  metadata.gz: 815200c2c369b371f8ddf167bd54261b8d6475860b7644753dd810c526b640728d799e1f1befcf8e8dd404209d8a761ed5d1c04f93e42bd20b05485383bf2735
-  data.tar.gz: 43eddef2195258978ee7ddebd89fb50c4aca79310f13a9562ddcb85d504a30fac9529b793e0ca117d5816050a8e5190e478d4598a14fe3edf05774bcc042d24d
+  metadata.gz: b46e96e5e3c37e22069bd40c05633940ccd00974c0a6805f7805c793b518271e080c35b44c9107404c5577d1f3039554cf85546e2bd0d458c3c90d9d4b83a2f9
+  data.tar.gz: a716baf50d9fa237adc43eb47d0ec6da6e01dfeb0b565df26de551eb6a64ff11fffc7828c0820256ef6bc5d1a9e93968186b36f3b4f86fa1a8b405c5fce661de

data/Gemfile

@@ -2,3 +2,5 @@ source 'https://rubygems.org'
 
 # Specify your gem's dependencies in tyrant.gemspec
 gemspec
+
+# gem "disposable", path: "../disposable"

data/README.md

@@ -1,38 +1,69 @@
 # Tyrant
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/tyrant`. To experiment with that code, run `bin/console` for an interactive prompt.
+_"Freedom choked in dread we live, since tyrant was enthroned."_
 
-TODO: Delete this and the text above, and describe your gem
+Tyrant implements all common steps of authorization workflows using overridable _operations_. It allows a quick setup of sign in, sign up, forgot password, etc. Tryrant works well in Rails, but plays well with any Ruby environment.
 
-## Installation
+Operations are provided for the following steps.
 
-Add this line to your application's Gemfile:
+* SignIn
+  * Confirmed
+  * Hammer protection (3x wrong blabla)
+  * Sticky (Remember me)
+* SignUp
+* SignOut
+* ResetPassword
+* Forgot pw
+
+
+## Operations
+
+trb instead of pushing into controller
+
+
+Tyrant exposes its public API using operations.
+
+Operations are the pivotal element in the [Trailblazer architecture](https://github.com/apotonick/trailblazer). When it comes to customization, Tyrant doesn't rely on a "hopefully complete" configuration language as Devise does it.
+
+Tyrant allows you to customize with Ruby. You can override entire workflow steps (operations), forms and validations (contracts) or methods using simple object-orientation and a clean API.
+
+
+This means you can easily use them in Rails controllers.
 
 ```ruby
-gem 'tyrant'
+class SessionController < ApplicationController
+  def sign_in
+    run Tyrant::SignIn
+  end
 ```
 
-And then execute:
+You can also run the public API in any other Ruby environment, e.g. a console or a Roda action.
 
-    $ bundle
+```ruby
+Tyrant::SignIn.run(params)
+```
 
-Or install it yourself as:
+Tyrant provides forms for all workflow steps. using Reform objects that are embedded into the operations.
 
-    $ gem install tyrant
 
-## Usage
+=> Customize with inheritance, or override. Or just don't use the operation and write your own "step".
 
-TODO: Write usage instructions here
 
-## Development
+## Installation
 
-After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+Add this line to your application's Gemfile:
 
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+```ruby
+gem 'tyrant'
+```
+
+## Rails
 
-## Contributing
+Tyrant comes with a railtie to provide you an initializer. In Rails, add this to an initializer.
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/tyrant.
+```ruby
+require "tyrant/railtie"
+```
 
 
 ## License

data/lib/tyrant.rb

@@ -3,3 +3,7 @@ require "tyrant/version"
 module Tyrant
   # Your code goes here...
 end
+
+require "disposable/twin"
+require "tyrant/authenticatable"
+require "tyrant/session"

data/lib/tyrant/authenticatable.rb

@@ -0,0 +1,76 @@
+require "disposable/twin/struct"
+
+module Tyrant
+  # Encapsulates authentication management logic for a particular user.
+  class Authenticatable < Disposable::Twin
+    feature Default
+    feature Sync # FIXME: really?
+
+    property :auth_meta_data, default: Hash.new do
+      include Struct
+      property :confirmation_token
+      property :confirmed_at
+      property :confirmation_created_at
+      property :password_digest
+    end
+
+    module Confirm
+      def confirmable!
+        auth_meta_data.confirmation_token = "asdfasdfasfasfasdfasdf"
+        auth_meta_data.confirmation_created_at = DateTime.now
+        self
+      end
+
+      # without token, this decides whether the user model can be activated (e.g. via "set a password").
+      # with token, this additionally tests if the token is correct.
+      def confirmable?(token=false)
+        persisted_token = auth_meta_data.confirmation_token
+
+        # TODO: add expiry etc.
+        return false unless (persisted_token.is_a?(String) and persisted_token.size > 0)
+
+        return compare_token(token) unless token==false
+        true
+      end
+
+      # alias_method :confirmed?, :confirmable?
+      def confirmed?
+        not auth_meta_data.confirmed_at.nil?
+      end
+
+      def confirmed!(confirmed_at=DateTime.now)
+        auth_meta_data.confirmation_token = nil
+        auth_meta_data.confirmed_at       = confirmed_at # TODO: test optional arg.
+      end
+
+      def confirmation_token
+        auth_meta_data.confirmation_token
+      end
+
+    private
+      def compare_token(token)
+        token == auth_meta_data.confirmation_token
+      end
+    end # Confirm
+    include Confirm
+
+
+    require "bcrypt"
+    module Digest
+      def digest
+        return unless auth_meta_data.password_digest
+        BCrypt::Password.new(auth_meta_data.password_digest)
+      end
+
+      def digest!(password)
+        auth_meta_data.password_digest = BCrypt::Password.create(password)
+      end
+
+      def digest?(password)
+        digest == password
+      end
+    end
+    include Digest
+
+  end
+end

data/lib/tyrant/railtie.rb

@@ -0,0 +1,16 @@
+module Tyrant
+  class Railtie < Rails::Railtie
+      require "warden"
+
+      # DISCUSS: it will be configurable what user class etc. and might be moved to Ops.
+      config.app_middleware.use Warden::Manager do |config|
+        Warden::Manager.serialize_into_session do |user|
+          user.id
+        end
+
+        Warden::Manager.serialize_from_session do |id|
+          User.find_by(id: id)
+        end
+      end
+  end
+end

data/lib/tyrant/session.rb

@@ -0,0 +1,24 @@
+module Tyrant
+  # HTTP/Warden session-specific behavior.
+  class Session
+    def initialize(warden)
+      @warden = warden
+    end
+
+    def current_user
+      @warden.user
+    end
+
+    def signed_in?
+      @warden.user
+    end
+
+    def sign_in!(user)
+      @warden.set_user(user)
+    end
+
+    def sign_out!
+      @warden.logout
+    end
+  end
+end

data/lib/tyrant/sign_up.rb

@@ -0,0 +1,53 @@
+require "trailblazer/operation"
+require "active_model"
+require "reform/form/active_model/validations" # TODO: this will get replaced with Lotus.
+require "reform/form/validation/unique_validator.rb"
+module Tyrant
+  # SignUp will come and implement to-be-confirmed sign up.
+  class SignUp < Trailblazer::Operation
+    class Confirmed < Trailblazer::Operation
+      include CRUD
+      model User, :create
+
+      contract do
+        include Reform::Form::ActiveModel::Validations
+
+        property :email
+        property :password, virtual: true
+        property :confirm_password, virtual: true
+
+        validates :email, :password, :confirm_password, presence: true
+        # validates :email, email: true, unique: true
+        validate :password_ok?
+
+      private
+        # TODO: more, like minimum 6 chars, etc.
+        def password_ok?
+          return unless email and password
+          errors.add(:password, "Passwords don't match") if password != confirm_password
+        end
+      end
+
+
+      # sucessful signup:
+      # * hash password, set confirmed
+      # * hash password, set unconfirmed with token etc.
+
+      # * no password, unconfirmed, needs password.
+      def process(params)
+        validate(params[:user]) do |contract|
+          update!
+
+          contract.save # save User with email.
+        end
+      end
+
+      def update!
+        auth = Tyrant::Authenticatable.new(contract.model)
+        auth.digest!(contract.password) # contract.auth_meta_data.password_digest = ..
+        auth.confirmed!
+        auth.sync
+      end
+    end
+  end
+end

data/lib/tyrant/version.rb

@@ -1,3 +1,3 @@
 module Tyrant
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/tyrant.gemspec

@@ -13,9 +13,6 @@ Gem::Specification.new do |spec|
   spec.homepage      = "http://github.com/apotonick/tyrant"
   spec.license       = "MIT"
 
-  # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
-  # delete this section to allow pushing this gem to any host.
-
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
@@ -24,4 +21,12 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 1.10"
   spec.add_development_dependency "rake", "~> 10.0"
   spec.add_development_dependency "minitest"
+
+  spec.add_development_dependency "activemodel"
+
+  spec.add_dependency "trailblazer"
+  spec.add_dependency "reform", "~> 2.0"
+  spec.add_dependency "disposable", ">= 0.1.11"
+
+  spec.add_dependency "bcrypt"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tyrant
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.0.2
 platform: ruby
 authors:
 - Nick Sutterer
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-07-01 00:00:00.000000000 Z
+date: 2015-09-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,6 +52,76 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: trailblazer
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: reform
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: disposable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.11
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.11
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Agnostic authorization component for Trailblazer.
 email:
 - apotonick@gmail.com
@@ -65,9 +135,11 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
-- bin/console
-- bin/setup
 - lib/tyrant.rb
+- lib/tyrant/authenticatable.rb
+- lib/tyrant/railtie.rb
+- lib/tyrant/session.rb
+- lib/tyrant/sign_up.rb
 - lib/tyrant/version.rb
 - tyrant.gemspec
 homepage: http://github.com/apotonick/tyrant
@@ -95,3 +167,4 @@ signing_key:
 specification_version: 4
 summary: Agnostic authorization for Trailblazer.
 test_files: []
+has_rdoc: 

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "tyrant"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start

data/bin/setup

@@ -1,7 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-IFS=$'\n\t'
-
-bundle install
-
-# Do any other automated setup that you need to do here