userbin 0.3.4 → 0.3.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 703e1f90038da45bdc11c03d1c2059587daf0cdd
4
- data.tar.gz: 3d25c062d7f285e2c1bbb00e1ad441268b336aaa
3
+ metadata.gz: fe753d445c9d4a87e78d129234ccf88ab2e5ef1f
4
+ data.tar.gz: 611c69c56f409d7157ada99598e4d0a4063ff125
5
5
  SHA512:
6
- metadata.gz: b3528a4705cd2c6f3f530d6e2351c5f703ba8f28be9303017a30d6fa0d745c69c335434ae3737a86bf14cfc891b849834aebbca3e469e6e83c789cd1b2c08147
7
- data.tar.gz: 4d0e84b2dbbe75a9662f168c854669d7a496ae8eea9ea24461fc79eebad21ea885a7d1428a09d05a3f8b9a2ca9a680d8edbeeabbd6d58c7da484e207360e7d87
6
+ metadata.gz: bb5795d97506c84c17cfc09b96c73d022ab2e685b554aab90a01c0be9f5f5443907e1c53c117068c2a3682dc5e7350eb02586394b6017694ad47eeb5193814ab
7
+ data.tar.gz: 883d892aa1169d658c874b6f7dacc8400c5914ac1ac446187393eadad5fd30b992a915d5c252ffcce782fd932b3c6ab5af8871e2331324df9db14ea6ac3ddc66
data/README.md CHANGED
@@ -142,6 +142,14 @@ By default, the Userbin middleware will automatically insert a `<script>` tag be
142
142
  config.skip_script_injection = true
143
143
  ```
144
144
 
145
+ ### lock_file
146
+
147
+ By default, no locking is performed to ensure that multiple processes race for finding and creating users. Setting this option in multi-process (not multi-thread) setups like Unicorn is **highly recommended**.
148
+
149
+ ```ruby
150
+ config.lock_file = File.join(Rails.root, 'tmp/userbin.lock')
151
+ ```
152
+
145
153
 
146
154
  Further configuration and customization
147
155
  ---------------------------------------
data/lib/userbin.rb CHANGED
@@ -8,16 +8,17 @@ require "userbin/basic_auth"
8
8
 
9
9
  require "userbin/railtie" if defined?(Rails::Railtie)
10
10
 
11
- api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {3
11
+ api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
12
12
  "https://api.userbin.com"
13
13
  }
14
14
 
15
15
  @api = Her::API.setup url: api_endpoint do |c|
16
16
  c.use Userbin::BasicAuth
17
17
  c.use Faraday::Request::UrlEncoded
18
- c.use Userbin::ParseSignedJSON
18
+ c.use Her::Middleware::DefaultParseJSON
19
+ #c.use Userbin::ParseSignedJSON
19
20
  c.use Faraday::Adapter::NetHttp
20
- c.use Userbin::VerifySignature
21
+ #c.use Userbin::VerifySignature
21
22
  end
22
23
 
23
24
  require "userbin/configuration"
@@ -28,7 +29,7 @@ require "userbin/authentication"
28
29
 
29
30
  class Userbin::Error < Exception; end
30
31
  class Userbin::SecurityError < Userbin::Error; end
31
- class Userbin::UnimplementedError < Userbin::Error; end
32
+ class Userbin::ConfigurationError < Userbin::Error; end
32
33
 
33
34
  module Userbin
34
35
  class << self
@@ -8,6 +8,10 @@ module Userbin
8
8
  end
9
9
 
10
10
  def call(env)
11
+ if !Userbin.config.app_id || !Userbin.config.api_secret
12
+ raise ConfigurationError, "app_id and api_secret must be present"
13
+ end
14
+
11
15
  request = Rack::Request.new(env)
12
16
 
13
17
  begin
@@ -1,22 +1,34 @@
1
1
  module Userbin
2
2
  class Configuration
3
- attr_accessor :app_id
4
- attr_accessor :api_secret
5
- attr_accessor :skip_script_injection
6
3
  attr_accessor :create_user
7
4
  attr_accessor :find_user
5
+ attr_accessor :lock_file
8
6
  attr_accessor :protected_path
9
7
  attr_accessor :root_path
8
+ attr_accessor :skip_script_injection
10
9
 
11
10
  # restricted_path is obsolete
12
11
  alias :restricted_path :protected_path
13
12
  alias :restricted_path= :protected_path=
14
13
 
15
14
  def initialize
16
- self.app_id = ENV["USERBIN_APP_ID"]
17
- self.api_secret = ENV["USERBIN_API_SECRET"]
18
-
19
15
  self.skip_script_injection = false
20
16
  end
17
+
18
+ def app_id
19
+ ENV['USERBIN_APP_ID'] || @_app_id
20
+ end
21
+
22
+ def app_id=(value)
23
+ @_app_id = value
24
+ end
25
+
26
+ def api_secret
27
+ ENV['USERBIN_API_SECRET'] || @_api_secret
28
+ end
29
+
30
+ def api_secret=(value)
31
+ @_api_secret = value
32
+ end
21
33
  end
22
34
  end
@@ -64,19 +64,44 @@ module Userbin
64
64
  end
65
65
 
66
66
  def self.current_user
67
- if Userbin.config.find_user
68
- u = Userbin.config.find_user.call(_current_user.id)
69
- return u if u
70
- if Userbin.config.create_user
71
- u = Userbin.config.create_user.call(_current_user)
72
- return u if u
73
- _current_user
74
- else
75
- raise UnimplementedError, "You need to implement create_user"
67
+ if Userbin.config.lock_file
68
+ file = File.open(Userbin.config.lock_file, "a+")
69
+ file.flock(File::LOCK_EX)
70
+ end
71
+
72
+ begin
73
+ if _current_user
74
+ if Userbin.config.find_user
75
+ u = Userbin.config.find_user.call(_current_user.id)
76
+ if u
77
+ u
78
+ else
79
+ if Userbin.config.create_user
80
+
81
+ # Fetch a full profile from the API. This way we can get more
82
+ # sensitive details than those stored in the cookie. It also checks
83
+ # that the user still exists in Userbin.
84
+ profile = User.find(_current_user.id)
85
+
86
+ u = Userbin.config.create_user.call(profile)
87
+ if u
88
+ u
89
+ else
90
+ _current_user
91
+ end
92
+ else
93
+ raise ConfigurationError, "You need to implement create_user"
94
+ end
95
+ end
96
+ else
97
+ _current_user
98
+ end
76
99
  end
77
- else
78
- _current_user
100
+
101
+ ensure
102
+ file.flock(File::LOCK_UN) if Userbin.config.lock_file
79
103
  end
104
+
80
105
  end
81
106
 
82
107
  def self.user
@@ -1,3 +1,3 @@
1
1
  module Userbin
2
- VERSION = "0.3.4"
2
+ VERSION = "0.3.5"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: userbin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.4
4
+ version: 0.3.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan