tzispa_helpers 0.3.4 → 0.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/tzispa/helpers/macro_field.rb +1 -1
- data/lib/tzispa/helpers/request.rb +1 -1
- data/lib/tzispa/helpers/security.rb +0 -17
- data/lib/tzispa/helpers/session.rb +2 -17
- data/lib/tzispa/helpers/session_auth.rb +67 -0
- data/lib/tzispa/helpers/version.rb +1 -1
- metadata +6 -6
- data/lib/tzispa/helpers/login.rb +0 -21
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0102c92ceaff055b26a8547b791bc900c9e1a5b8
|
4
|
+
data.tar.gz: 28341d8615fbaa60ed0d180a805ec032f2d4614e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c26223806ffd4b4600ed41e19dbb27d452290ff38ea0fc3e91d18fa7aa9283ed7a402ae6d7d4569b1d0117fb215c7e8b446c7152dedc6969d85d7be1c166281b
|
7
|
+
data.tar.gz: cd4aa19893ccf96fe2a87fbb6a1fb0103a915ae1d33523b4ee0f7f672b99a761f8a4aa5ee6f6fb596a590b76b54e33f12cc4a52a2a6e3463584d519a98d08d60
|
@@ -45,23 +45,6 @@ module Tzispa
|
|
45
45
|
hashed == hash_password(pwd, salt)
|
46
46
|
end
|
47
47
|
|
48
|
-
class Identity
|
49
|
-
attr_reader :id, :token
|
50
|
-
|
51
|
-
def initialize(id, secret)
|
52
|
-
@id = id
|
53
|
-
@token = generate_token id, secret
|
54
|
-
end
|
55
|
-
|
56
|
-
def valid?(secret)
|
57
|
-
@token == Identity.generate_token(@id, secret)
|
58
|
-
end
|
59
|
-
|
60
|
-
def self.generate_token(value, salt)
|
61
|
-
Digest::SHA1.hexdigest "___#{value}_#{salt}__token__"
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
48
|
end
|
66
49
|
end
|
67
50
|
end
|
@@ -9,11 +9,10 @@ module Tzispa
|
|
9
9
|
|
10
10
|
SESSION_LAST_ACCESS = :__last_access
|
11
11
|
SESSION_ID = :__session_id
|
12
|
-
SESSION_AUTH_USER = :__auth__user
|
13
12
|
GLOBAL_MESSAGE_FLASH = :__global_message_flash
|
14
13
|
|
15
14
|
def init_session
|
16
|
-
generate_session_id if config
|
15
|
+
generate_session_id if config.sessions&.enabled && !session?
|
17
16
|
end
|
18
17
|
|
19
18
|
def set_last_access
|
@@ -32,21 +31,7 @@ module Tzispa
|
|
32
31
|
!session[SESSION_ID].nil? && (session[SESSION_ID] == session.id)
|
33
32
|
end
|
34
33
|
|
35
|
-
|
36
|
-
session? && login
|
37
|
-
end
|
38
|
-
|
39
|
-
def login=(user)
|
40
|
-
session[SESSION_AUTH_USER] = user unless user.nil?
|
41
|
-
end
|
42
|
-
|
43
|
-
def login
|
44
|
-
session[SESSION_AUTH_USER]
|
45
|
-
end
|
46
|
-
|
47
|
-
def logout
|
48
|
-
session.delete(SESSION_AUTH_USER)
|
49
|
-
end
|
34
|
+
private
|
50
35
|
|
51
36
|
def generate_session_id
|
52
37
|
SecureRandom.uuid.tap do |uuid|
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'digest'
|
4
|
+
|
5
|
+
module Tzispa
|
6
|
+
module Helpers
|
7
|
+
module SessionAuth
|
8
|
+
|
9
|
+
SESSION_AUTH_USER = :__auth__user
|
10
|
+
|
11
|
+
class Authentication
|
12
|
+
attr_reader :id
|
13
|
+
|
14
|
+
def initialize(id, secret)
|
15
|
+
@id = id
|
16
|
+
@token = generate_token secret
|
17
|
+
end
|
18
|
+
|
19
|
+
def valid?(secret)
|
20
|
+
@token == generate_token(secret)
|
21
|
+
end
|
22
|
+
|
23
|
+
private
|
24
|
+
|
25
|
+
attr_reader :token
|
26
|
+
|
27
|
+
def generate_token(secret)
|
28
|
+
Digest::MD5.hexdigest "___#{id}__authtoken__#{secret}_"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def session_auth?
|
33
|
+
return unless context.session?
|
34
|
+
ident = context.session[SESSION_AUTH_USER]
|
35
|
+
ident&.valid?(context.session.id)
|
36
|
+
end
|
37
|
+
|
38
|
+
def session_auth
|
39
|
+
ident = context.session[SESSION_AUTH_USER]
|
40
|
+
ident.id if session_auth?
|
41
|
+
end
|
42
|
+
alias session_login session_auth
|
43
|
+
|
44
|
+
def session_login(user)
|
45
|
+
context.session[SESSION_AUTH_USER] = Authentication.new(user, context.session.id)
|
46
|
+
end
|
47
|
+
|
48
|
+
def session_logout
|
49
|
+
context.session.delete(SESSION_AUTH_USER)
|
50
|
+
end
|
51
|
+
|
52
|
+
def login_redirect
|
53
|
+
login_layout = context.layout_path(context.config.login_layout.to_sym)
|
54
|
+
context.redirect(login_layout, true, context.response) if login_redirect?
|
55
|
+
end
|
56
|
+
|
57
|
+
def login_redirect?
|
58
|
+
!session_auth? && (context.layout != context.config.login_layout)
|
59
|
+
end
|
60
|
+
|
61
|
+
def unauthorized_but_auth
|
62
|
+
context.not_authorized unless session_auth?
|
63
|
+
end
|
64
|
+
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tzispa_helpers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Juan Antonio Piñero
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-10-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: i18n
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
47
|
+
version: 0.3.5
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - "~>"
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
54
|
+
version: 0.3.5
|
55
55
|
description: Module Helpers for Tzispa framework
|
56
56
|
email:
|
57
57
|
- japinero@area-integral.com
|
@@ -67,7 +67,6 @@ files:
|
|
67
67
|
- lib/tzispa/helpers/hooks/after.rb
|
68
68
|
- lib/tzispa/helpers/hooks/before.rb
|
69
69
|
- lib/tzispa/helpers/html.rb
|
70
|
-
- lib/tzispa/helpers/login.rb
|
71
70
|
- lib/tzispa/helpers/macro_field.rb
|
72
71
|
- lib/tzispa/helpers/mime.rb
|
73
72
|
- lib/tzispa/helpers/pattern.rb
|
@@ -80,6 +79,7 @@ files:
|
|
80
79
|
- lib/tzispa/helpers/services/error_view.rb
|
81
80
|
- lib/tzispa/helpers/services/send_file.rb
|
82
81
|
- lib/tzispa/helpers/session.rb
|
82
|
+
- lib/tzispa/helpers/session_auth.rb
|
83
83
|
- lib/tzispa/helpers/session_flash_bag.rb
|
84
84
|
- lib/tzispa/helpers/sign_requirer.rb
|
85
85
|
- lib/tzispa/helpers/text.rb
|
@@ -105,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
105
105
|
version: '0'
|
106
106
|
requirements: []
|
107
107
|
rubyforge_project:
|
108
|
-
rubygems_version: 2.6.
|
108
|
+
rubygems_version: 2.6.13
|
109
109
|
signing_key:
|
110
110
|
specification_version: 4
|
111
111
|
summary: Helpers for Tzispa
|
data/lib/tzispa/helpers/login.rb
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Tzispa
|
4
|
-
module Helpers
|
5
|
-
module Login
|
6
|
-
|
7
|
-
def login_redirect
|
8
|
-
context.redirect(context.layout_path(context.config.login_layout.to_sym), true, context.response) if login_redirect?
|
9
|
-
end
|
10
|
-
|
11
|
-
def login_redirect?
|
12
|
-
!context.logged? && (context.layout != context.config.login_layout)
|
13
|
-
end
|
14
|
-
|
15
|
-
def unauthorized_but_logged
|
16
|
-
context.not_authorized unless context.logged?
|
17
|
-
end
|
18
|
-
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|