tzispa_helpers 0.3.4 → 0.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tzispa/helpers/macro_field.rb +1 -1
- data/lib/tzispa/helpers/request.rb +1 -1
- data/lib/tzispa/helpers/security.rb +0 -17
- data/lib/tzispa/helpers/session.rb +2 -17
- data/lib/tzispa/helpers/session_auth.rb +67 -0
- data/lib/tzispa/helpers/version.rb +1 -1
- metadata +6 -6
- data/lib/tzispa/helpers/login.rb +0 -21
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0102c92ceaff055b26a8547b791bc900c9e1a5b8
|
4
|
+
data.tar.gz: 28341d8615fbaa60ed0d180a805ec032f2d4614e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c26223806ffd4b4600ed41e19dbb27d452290ff38ea0fc3e91d18fa7aa9283ed7a402ae6d7d4569b1d0117fb215c7e8b446c7152dedc6969d85d7be1c166281b
|
7
|
+
data.tar.gz: cd4aa19893ccf96fe2a87fbb6a1fb0103a915ae1d33523b4ee0f7f672b99a761f8a4aa5ee6f6fb596a590b76b54e33f12cc4a52a2a6e3463584d519a98d08d60
|
@@ -45,23 +45,6 @@ module Tzispa
|
|
45
45
|
hashed == hash_password(pwd, salt)
|
46
46
|
end
|
47
47
|
|
48
|
-
class Identity
|
49
|
-
attr_reader :id, :token
|
50
|
-
|
51
|
-
def initialize(id, secret)
|
52
|
-
@id = id
|
53
|
-
@token = generate_token id, secret
|
54
|
-
end
|
55
|
-
|
56
|
-
def valid?(secret)
|
57
|
-
@token == Identity.generate_token(@id, secret)
|
58
|
-
end
|
59
|
-
|
60
|
-
def self.generate_token(value, salt)
|
61
|
-
Digest::SHA1.hexdigest "___#{value}_#{salt}__token__"
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
48
|
end
|
66
49
|
end
|
67
50
|
end
|
@@ -9,11 +9,10 @@ module Tzispa
|
|
9
9
|
|
10
10
|
SESSION_LAST_ACCESS = :__last_access
|
11
11
|
SESSION_ID = :__session_id
|
12
|
-
SESSION_AUTH_USER = :__auth__user
|
13
12
|
GLOBAL_MESSAGE_FLASH = :__global_message_flash
|
14
13
|
|
15
14
|
def init_session
|
16
|
-
generate_session_id if config
|
15
|
+
generate_session_id if config.sessions&.enabled && !session?
|
17
16
|
end
|
18
17
|
|
19
18
|
def set_last_access
|
@@ -32,21 +31,7 @@ module Tzispa
|
|
32
31
|
!session[SESSION_ID].nil? && (session[SESSION_ID] == session.id)
|
33
32
|
end
|
34
33
|
|
35
|
-
|
36
|
-
session? && login
|
37
|
-
end
|
38
|
-
|
39
|
-
def login=(user)
|
40
|
-
session[SESSION_AUTH_USER] = user unless user.nil?
|
41
|
-
end
|
42
|
-
|
43
|
-
def login
|
44
|
-
session[SESSION_AUTH_USER]
|
45
|
-
end
|
46
|
-
|
47
|
-
def logout
|
48
|
-
session.delete(SESSION_AUTH_USER)
|
49
|
-
end
|
34
|
+
private
|
50
35
|
|
51
36
|
def generate_session_id
|
52
37
|
SecureRandom.uuid.tap do |uuid|
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'digest'
|
4
|
+
|
5
|
+
module Tzispa
|
6
|
+
module Helpers
|
7
|
+
module SessionAuth
|
8
|
+
|
9
|
+
SESSION_AUTH_USER = :__auth__user
|
10
|
+
|
11
|
+
class Authentication
|
12
|
+
attr_reader :id
|
13
|
+
|
14
|
+
def initialize(id, secret)
|
15
|
+
@id = id
|
16
|
+
@token = generate_token secret
|
17
|
+
end
|
18
|
+
|
19
|
+
def valid?(secret)
|
20
|
+
@token == generate_token(secret)
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
attr_reader :token
|
26
|
+
|
27
|
+
def generate_token(secret)
|
28
|
+
Digest::MD5.hexdigest "___#{id}__authtoken__#{secret}_"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def session_auth?
|
33
|
+
return unless context.session?
|
34
|
+
ident = context.session[SESSION_AUTH_USER]
|
35
|
+
ident&.valid?(context.session.id)
|
36
|
+
end
|
37
|
+
|
38
|
+
def session_auth
|
39
|
+
ident = context.session[SESSION_AUTH_USER]
|
40
|
+
ident.id if session_auth?
|
41
|
+
end
|
42
|
+
alias session_login session_auth
|
43
|
+
|
44
|
+
def session_login(user)
|
45
|
+
context.session[SESSION_AUTH_USER] = Authentication.new(user, context.session.id)
|
46
|
+
end
|
47
|
+
|
48
|
+
def session_logout
|
49
|
+
context.session.delete(SESSION_AUTH_USER)
|
50
|
+
end
|
51
|
+
|
52
|
+
def login_redirect
|
53
|
+
login_layout = context.layout_path(context.config.login_layout.to_sym)
|
54
|
+
context.redirect(login_layout, true, context.response) if login_redirect?
|
55
|
+
end
|
56
|
+
|
57
|
+
def login_redirect?
|
58
|
+
!session_auth? && (context.layout != context.config.login_layout)
|
59
|
+
end
|
60
|
+
|
61
|
+
def unauthorized_but_auth
|
62
|
+
context.not_authorized unless session_auth?
|
63
|
+
end
|
64
|
+
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tzispa_helpers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Juan Antonio Piñero
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-10-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: i18n
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
47
|
+
version: 0.3.5
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
54
|
+
version: 0.3.5
|
55
55
|
description: Module Helpers for Tzispa framework
|
56
56
|
email:
|
57
57
|
- japinero@area-integral.com
|
@@ -67,7 +67,6 @@ files:
|
|
67
67
|
- lib/tzispa/helpers/hooks/after.rb
|
68
68
|
- lib/tzispa/helpers/hooks/before.rb
|
69
69
|
- lib/tzispa/helpers/html.rb
|
70
|
-
- lib/tzispa/helpers/login.rb
|
71
70
|
- lib/tzispa/helpers/macro_field.rb
|
72
71
|
- lib/tzispa/helpers/mime.rb
|
73
72
|
- lib/tzispa/helpers/pattern.rb
|
@@ -80,6 +79,7 @@ files:
|
|
80
79
|
- lib/tzispa/helpers/services/error_view.rb
|
81
80
|
- lib/tzispa/helpers/services/send_file.rb
|
82
81
|
- lib/tzispa/helpers/session.rb
|
82
|
+
- lib/tzispa/helpers/session_auth.rb
|
83
83
|
- lib/tzispa/helpers/session_flash_bag.rb
|
84
84
|
- lib/tzispa/helpers/sign_requirer.rb
|
85
85
|
- lib/tzispa/helpers/text.rb
|
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
105
105
|
version: '0'
|
106
106
|
requirements: []
|
107
107
|
rubyforge_project:
|
108
|
-
rubygems_version: 2.6.
|
108
|
+
rubygems_version: 2.6.13
|
109
109
|
signing_key:
|
110
110
|
specification_version: 4
|
111
111
|
summary: Helpers for Tzispa
|
data/lib/tzispa/helpers/login.rb
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Tzispa
|
4
|
-
module Helpers
|
5
|
-
module Login
|
6
|
-
|
7
|
-
def login_redirect
|
8
|
-
context.redirect(context.layout_path(context.config.login_layout.to_sym), true, context.response) if login_redirect?
|
9
|
-
end
|
10
|
-
|
11
|
-
def login_redirect?
|
12
|
-
!context.logged? && (context.layout != context.config.login_layout)
|
13
|
-
end
|
14
|
-
|
15
|
-
def unauthorized_but_logged
|
16
|
-
context.not_authorized unless context.logged?
|
17
|
-
end
|
18
|
-
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|