userbin 0.3.4 → 0.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/userbin.rb +5 -4
- data/lib/userbin/authentication.rb +4 -0
- data/lib/userbin/configuration.rb +18 -6
- data/lib/userbin/userbin.rb +36 -11
- data/lib/userbin/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fe753d445c9d4a87e78d129234ccf88ab2e5ef1f
|
4
|
+
data.tar.gz: 611c69c56f409d7157ada99598e4d0a4063ff125
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bb5795d97506c84c17cfc09b96c73d022ab2e685b554aab90a01c0be9f5f5443907e1c53c117068c2a3682dc5e7350eb02586394b6017694ad47eeb5193814ab
|
7
|
+
data.tar.gz: 883d892aa1169d658c874b6f7dacc8400c5914ac1ac446187393eadad5fd30b992a915d5c252ffcce782fd932b3c6ab5af8871e2331324df9db14ea6ac3ddc66
|
data/README.md
CHANGED
@@ -142,6 +142,14 @@ By default, the Userbin middleware will automatically insert a `<script>` tag be
|
|
142
142
|
config.skip_script_injection = true
|
143
143
|
```
|
144
144
|
|
145
|
+
### lock_file
|
146
|
+
|
147
|
+
By default, no locking is performed to ensure that multiple processes race for finding and creating users. Setting this option in multi-process (not multi-thread) setups like Unicorn is **highly recommended**.
|
148
|
+
|
149
|
+
```ruby
|
150
|
+
config.lock_file = File.join(Rails.root, 'tmp/userbin.lock')
|
151
|
+
```
|
152
|
+
|
145
153
|
|
146
154
|
Further configuration and customization
|
147
155
|
---------------------------------------
|
data/lib/userbin.rb
CHANGED
@@ -8,16 +8,17 @@ require "userbin/basic_auth"
|
|
8
8
|
|
9
9
|
require "userbin/railtie" if defined?(Rails::Railtie)
|
10
10
|
|
11
|
-
api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
|
11
|
+
api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
|
12
12
|
"https://api.userbin.com"
|
13
13
|
}
|
14
14
|
|
15
15
|
@api = Her::API.setup url: api_endpoint do |c|
|
16
16
|
c.use Userbin::BasicAuth
|
17
17
|
c.use Faraday::Request::UrlEncoded
|
18
|
-
c.use
|
18
|
+
c.use Her::Middleware::DefaultParseJSON
|
19
|
+
#c.use Userbin::ParseSignedJSON
|
19
20
|
c.use Faraday::Adapter::NetHttp
|
20
|
-
c.use Userbin::VerifySignature
|
21
|
+
#c.use Userbin::VerifySignature
|
21
22
|
end
|
22
23
|
|
23
24
|
require "userbin/configuration"
|
@@ -28,7 +29,7 @@ require "userbin/authentication"
|
|
28
29
|
|
29
30
|
class Userbin::Error < Exception; end
|
30
31
|
class Userbin::SecurityError < Userbin::Error; end
|
31
|
-
class Userbin::
|
32
|
+
class Userbin::ConfigurationError < Userbin::Error; end
|
32
33
|
|
33
34
|
module Userbin
|
34
35
|
class << self
|
@@ -1,22 +1,34 @@
|
|
1
1
|
module Userbin
|
2
2
|
class Configuration
|
3
|
-
attr_accessor :app_id
|
4
|
-
attr_accessor :api_secret
|
5
|
-
attr_accessor :skip_script_injection
|
6
3
|
attr_accessor :create_user
|
7
4
|
attr_accessor :find_user
|
5
|
+
attr_accessor :lock_file
|
8
6
|
attr_accessor :protected_path
|
9
7
|
attr_accessor :root_path
|
8
|
+
attr_accessor :skip_script_injection
|
10
9
|
|
11
10
|
# restricted_path is obsolete
|
12
11
|
alias :restricted_path :protected_path
|
13
12
|
alias :restricted_path= :protected_path=
|
14
13
|
|
15
14
|
def initialize
|
16
|
-
self.app_id = ENV["USERBIN_APP_ID"]
|
17
|
-
self.api_secret = ENV["USERBIN_API_SECRET"]
|
18
|
-
|
19
15
|
self.skip_script_injection = false
|
20
16
|
end
|
17
|
+
|
18
|
+
def app_id
|
19
|
+
ENV['USERBIN_APP_ID'] || @_app_id
|
20
|
+
end
|
21
|
+
|
22
|
+
def app_id=(value)
|
23
|
+
@_app_id = value
|
24
|
+
end
|
25
|
+
|
26
|
+
def api_secret
|
27
|
+
ENV['USERBIN_API_SECRET'] || @_api_secret
|
28
|
+
end
|
29
|
+
|
30
|
+
def api_secret=(value)
|
31
|
+
@_api_secret = value
|
32
|
+
end
|
21
33
|
end
|
22
34
|
end
|
data/lib/userbin/userbin.rb
CHANGED
@@ -64,19 +64,44 @@ module Userbin
|
|
64
64
|
end
|
65
65
|
|
66
66
|
def self.current_user
|
67
|
-
if Userbin.config.
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
67
|
+
if Userbin.config.lock_file
|
68
|
+
file = File.open(Userbin.config.lock_file, "a+")
|
69
|
+
file.flock(File::LOCK_EX)
|
70
|
+
end
|
71
|
+
|
72
|
+
begin
|
73
|
+
if _current_user
|
74
|
+
if Userbin.config.find_user
|
75
|
+
u = Userbin.config.find_user.call(_current_user.id)
|
76
|
+
if u
|
77
|
+
u
|
78
|
+
else
|
79
|
+
if Userbin.config.create_user
|
80
|
+
|
81
|
+
# Fetch a full profile from the API. This way we can get more
|
82
|
+
# sensitive details than those stored in the cookie. It also checks
|
83
|
+
# that the user still exists in Userbin.
|
84
|
+
profile = User.find(_current_user.id)
|
85
|
+
|
86
|
+
u = Userbin.config.create_user.call(profile)
|
87
|
+
if u
|
88
|
+
u
|
89
|
+
else
|
90
|
+
_current_user
|
91
|
+
end
|
92
|
+
else
|
93
|
+
raise ConfigurationError, "You need to implement create_user"
|
94
|
+
end
|
95
|
+
end
|
96
|
+
else
|
97
|
+
_current_user
|
98
|
+
end
|
76
99
|
end
|
77
|
-
|
78
|
-
|
100
|
+
|
101
|
+
ensure
|
102
|
+
file.flock(File::LOCK_UN) if Userbin.config.lock_file
|
79
103
|
end
|
104
|
+
|
80
105
|
end
|
81
106
|
|
82
107
|
def self.user
|
data/lib/userbin/version.rb
CHANGED