userbin 0.3.4 → 0.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 703e1f90038da45bdc11c03d1c2059587daf0cdd
4
- data.tar.gz: 3d25c062d7f285e2c1bbb00e1ad441268b336aaa
3
+ metadata.gz: fe753d445c9d4a87e78d129234ccf88ab2e5ef1f
4
+ data.tar.gz: 611c69c56f409d7157ada99598e4d0a4063ff125
5
5
  SHA512:
6
- metadata.gz: b3528a4705cd2c6f3f530d6e2351c5f703ba8f28be9303017a30d6fa0d745c69c335434ae3737a86bf14cfc891b849834aebbca3e469e6e83c789cd1b2c08147
7
- data.tar.gz: 4d0e84b2dbbe75a9662f168c854669d7a496ae8eea9ea24461fc79eebad21ea885a7d1428a09d05a3f8b9a2ca9a680d8edbeeabbd6d58c7da484e207360e7d87
6
+ metadata.gz: bb5795d97506c84c17cfc09b96c73d022ab2e685b554aab90a01c0be9f5f5443907e1c53c117068c2a3682dc5e7350eb02586394b6017694ad47eeb5193814ab
7
+ data.tar.gz: 883d892aa1169d658c874b6f7dacc8400c5914ac1ac446187393eadad5fd30b992a915d5c252ffcce782fd932b3c6ab5af8871e2331324df9db14ea6ac3ddc66
data/README.md CHANGED
@@ -142,6 +142,14 @@ By default, the Userbin middleware will automatically insert a `<script>` tag be
142
142
  config.skip_script_injection = true
143
143
  ```
144
144
 
145
+ ### lock_file
146
+
147
+ By default, no locking is performed to ensure that multiple processes race for finding and creating users. Setting this option in multi-process (not multi-thread) setups like Unicorn is **highly recommended**.
148
+
149
+ ```ruby
150
+ config.lock_file = File.join(Rails.root, 'tmp/userbin.lock')
151
+ ```
152
+
145
153
 
146
154
  Further configuration and customization
147
155
  ---------------------------------------
data/lib/userbin.rb CHANGED
@@ -8,16 +8,17 @@ require "userbin/basic_auth"
8
8
 
9
9
  require "userbin/railtie" if defined?(Rails::Railtie)
10
10
 
11
- api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {3
11
+ api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
12
12
  "https://api.userbin.com"
13
13
  }
14
14
 
15
15
  @api = Her::API.setup url: api_endpoint do |c|
16
16
  c.use Userbin::BasicAuth
17
17
  c.use Faraday::Request::UrlEncoded
18
- c.use Userbin::ParseSignedJSON
18
+ c.use Her::Middleware::DefaultParseJSON
19
+ #c.use Userbin::ParseSignedJSON
19
20
  c.use Faraday::Adapter::NetHttp
20
- c.use Userbin::VerifySignature
21
+ #c.use Userbin::VerifySignature
21
22
  end
22
23
 
23
24
  require "userbin/configuration"
@@ -28,7 +29,7 @@ require "userbin/authentication"
28
29
 
29
30
  class Userbin::Error < Exception; end
30
31
  class Userbin::SecurityError < Userbin::Error; end
31
- class Userbin::UnimplementedError < Userbin::Error; end
32
+ class Userbin::ConfigurationError < Userbin::Error; end
32
33
 
33
34
  module Userbin
34
35
  class << self
@@ -8,6 +8,10 @@ module Userbin
8
8
  end
9
9
 
10
10
  def call(env)
11
+ if !Userbin.config.app_id || !Userbin.config.api_secret
12
+ raise ConfigurationError, "app_id and api_secret must be present"
13
+ end
14
+
11
15
  request = Rack::Request.new(env)
12
16
 
13
17
  begin
@@ -1,22 +1,34 @@
1
1
  module Userbin
2
2
  class Configuration
3
- attr_accessor :app_id
4
- attr_accessor :api_secret
5
- attr_accessor :skip_script_injection
6
3
  attr_accessor :create_user
7
4
  attr_accessor :find_user
5
+ attr_accessor :lock_file
8
6
  attr_accessor :protected_path
9
7
  attr_accessor :root_path
8
+ attr_accessor :skip_script_injection
10
9
 
11
10
  # restricted_path is obsolete
12
11
  alias :restricted_path :protected_path
13
12
  alias :restricted_path= :protected_path=
14
13
 
15
14
  def initialize
16
- self.app_id = ENV["USERBIN_APP_ID"]
17
- self.api_secret = ENV["USERBIN_API_SECRET"]
18
-
19
15
  self.skip_script_injection = false
20
16
  end
17
+
18
+ def app_id
19
+ ENV['USERBIN_APP_ID'] || @_app_id
20
+ end
21
+
22
+ def app_id=(value)
23
+ @_app_id = value
24
+ end
25
+
26
+ def api_secret
27
+ ENV['USERBIN_API_SECRET'] || @_api_secret
28
+ end
29
+
30
+ def api_secret=(value)
31
+ @_api_secret = value
32
+ end
21
33
  end
22
34
  end
@@ -64,19 +64,44 @@ module Userbin
64
64
  end
65
65
 
66
66
  def self.current_user
67
- if Userbin.config.find_user
68
- u = Userbin.config.find_user.call(_current_user.id)
69
- return u if u
70
- if Userbin.config.create_user
71
- u = Userbin.config.create_user.call(_current_user)
72
- return u if u
73
- _current_user
74
- else
75
- raise UnimplementedError, "You need to implement create_user"
67
+ if Userbin.config.lock_file
68
+ file = File.open(Userbin.config.lock_file, "a+")
69
+ file.flock(File::LOCK_EX)
70
+ end
71
+
72
+ begin
73
+ if _current_user
74
+ if Userbin.config.find_user
75
+ u = Userbin.config.find_user.call(_current_user.id)
76
+ if u
77
+ u
78
+ else
79
+ if Userbin.config.create_user
80
+
81
+ # Fetch a full profile from the API. This way we can get more
82
+ # sensitive details than those stored in the cookie. It also checks
83
+ # that the user still exists in Userbin.
84
+ profile = User.find(_current_user.id)
85
+
86
+ u = Userbin.config.create_user.call(profile)
87
+ if u
88
+ u
89
+ else
90
+ _current_user
91
+ end
92
+ else
93
+ raise ConfigurationError, "You need to implement create_user"
94
+ end
95
+ end
96
+ else
97
+ _current_user
98
+ end
76
99
  end
77
- else
78
- _current_user
100
+
101
+ ensure
102
+ file.flock(File::LOCK_UN) if Userbin.config.lock_file
79
103
  end
104
+
80
105
  end
81
106
 
82
107
  def self.user
@@ -1,3 +1,3 @@
1
1
  module Userbin
2
- VERSION = "0.3.4"
2
+ VERSION = "0.3.5"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: userbin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.4
4
+ version: 0.3.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Johan