userbin 0.3.4 → 0.3.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/lib/userbin.rb +5 -4
- data/lib/userbin/authentication.rb +4 -0
- data/lib/userbin/configuration.rb +18 -6
- data/lib/userbin/userbin.rb +36 -11
- data/lib/userbin/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fe753d445c9d4a87e78d129234ccf88ab2e5ef1f
|
|
4
|
+
data.tar.gz: 611c69c56f409d7157ada99598e4d0a4063ff125
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bb5795d97506c84c17cfc09b96c73d022ab2e685b554aab90a01c0be9f5f5443907e1c53c117068c2a3682dc5e7350eb02586394b6017694ad47eeb5193814ab
|
|
7
|
+
data.tar.gz: 883d892aa1169d658c874b6f7dacc8400c5914ac1ac446187393eadad5fd30b992a915d5c252ffcce782fd932b3c6ab5af8871e2331324df9db14ea6ac3ddc66
|
data/README.md
CHANGED
|
@@ -142,6 +142,14 @@ By default, the Userbin middleware will automatically insert a `<script>` tag be
|
|
|
142
142
|
config.skip_script_injection = true
|
|
143
143
|
```
|
|
144
144
|
|
|
145
|
+
### lock_file
|
|
146
|
+
|
|
147
|
+
By default, no locking is performed to ensure that multiple processes race for finding and creating users. Setting this option in multi-process (not multi-thread) setups like Unicorn is **highly recommended**.
|
|
148
|
+
|
|
149
|
+
```ruby
|
|
150
|
+
config.lock_file = File.join(Rails.root, 'tmp/userbin.lock')
|
|
151
|
+
```
|
|
152
|
+
|
|
145
153
|
|
|
146
154
|
Further configuration and customization
|
|
147
155
|
---------------------------------------
|
data/lib/userbin.rb
CHANGED
|
@@ -8,16 +8,17 @@ require "userbin/basic_auth"
|
|
|
8
8
|
|
|
9
9
|
require "userbin/railtie" if defined?(Rails::Railtie)
|
|
10
10
|
|
|
11
|
-
api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
|
|
11
|
+
api_endpoint = ENV.fetch('USERBIN_API_ENDPOINT') {
|
|
12
12
|
"https://api.userbin.com"
|
|
13
13
|
}
|
|
14
14
|
|
|
15
15
|
@api = Her::API.setup url: api_endpoint do |c|
|
|
16
16
|
c.use Userbin::BasicAuth
|
|
17
17
|
c.use Faraday::Request::UrlEncoded
|
|
18
|
-
c.use
|
|
18
|
+
c.use Her::Middleware::DefaultParseJSON
|
|
19
|
+
#c.use Userbin::ParseSignedJSON
|
|
19
20
|
c.use Faraday::Adapter::NetHttp
|
|
20
|
-
c.use Userbin::VerifySignature
|
|
21
|
+
#c.use Userbin::VerifySignature
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
require "userbin/configuration"
|
|
@@ -28,7 +29,7 @@ require "userbin/authentication"
|
|
|
28
29
|
|
|
29
30
|
class Userbin::Error < Exception; end
|
|
30
31
|
class Userbin::SecurityError < Userbin::Error; end
|
|
31
|
-
class Userbin::
|
|
32
|
+
class Userbin::ConfigurationError < Userbin::Error; end
|
|
32
33
|
|
|
33
34
|
module Userbin
|
|
34
35
|
class << self
|
|
@@ -1,22 +1,34 @@
|
|
|
1
1
|
module Userbin
|
|
2
2
|
class Configuration
|
|
3
|
-
attr_accessor :app_id
|
|
4
|
-
attr_accessor :api_secret
|
|
5
|
-
attr_accessor :skip_script_injection
|
|
6
3
|
attr_accessor :create_user
|
|
7
4
|
attr_accessor :find_user
|
|
5
|
+
attr_accessor :lock_file
|
|
8
6
|
attr_accessor :protected_path
|
|
9
7
|
attr_accessor :root_path
|
|
8
|
+
attr_accessor :skip_script_injection
|
|
10
9
|
|
|
11
10
|
# restricted_path is obsolete
|
|
12
11
|
alias :restricted_path :protected_path
|
|
13
12
|
alias :restricted_path= :protected_path=
|
|
14
13
|
|
|
15
14
|
def initialize
|
|
16
|
-
self.app_id = ENV["USERBIN_APP_ID"]
|
|
17
|
-
self.api_secret = ENV["USERBIN_API_SECRET"]
|
|
18
|
-
|
|
19
15
|
self.skip_script_injection = false
|
|
20
16
|
end
|
|
17
|
+
|
|
18
|
+
def app_id
|
|
19
|
+
ENV['USERBIN_APP_ID'] || @_app_id
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def app_id=(value)
|
|
23
|
+
@_app_id = value
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def api_secret
|
|
27
|
+
ENV['USERBIN_API_SECRET'] || @_api_secret
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def api_secret=(value)
|
|
31
|
+
@_api_secret = value
|
|
32
|
+
end
|
|
21
33
|
end
|
|
22
34
|
end
|
data/lib/userbin/userbin.rb
CHANGED
|
@@ -64,19 +64,44 @@ module Userbin
|
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
def self.current_user
|
|
67
|
-
if Userbin.config.
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
67
|
+
if Userbin.config.lock_file
|
|
68
|
+
file = File.open(Userbin.config.lock_file, "a+")
|
|
69
|
+
file.flock(File::LOCK_EX)
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
begin
|
|
73
|
+
if _current_user
|
|
74
|
+
if Userbin.config.find_user
|
|
75
|
+
u = Userbin.config.find_user.call(_current_user.id)
|
|
76
|
+
if u
|
|
77
|
+
u
|
|
78
|
+
else
|
|
79
|
+
if Userbin.config.create_user
|
|
80
|
+
|
|
81
|
+
# Fetch a full profile from the API. This way we can get more
|
|
82
|
+
# sensitive details than those stored in the cookie. It also checks
|
|
83
|
+
# that the user still exists in Userbin.
|
|
84
|
+
profile = User.find(_current_user.id)
|
|
85
|
+
|
|
86
|
+
u = Userbin.config.create_user.call(profile)
|
|
87
|
+
if u
|
|
88
|
+
u
|
|
89
|
+
else
|
|
90
|
+
_current_user
|
|
91
|
+
end
|
|
92
|
+
else
|
|
93
|
+
raise ConfigurationError, "You need to implement create_user"
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
else
|
|
97
|
+
_current_user
|
|
98
|
+
end
|
|
76
99
|
end
|
|
77
|
-
|
|
78
|
-
|
|
100
|
+
|
|
101
|
+
ensure
|
|
102
|
+
file.flock(File::LOCK_UN) if Userbin.config.lock_file
|
|
79
103
|
end
|
|
104
|
+
|
|
80
105
|
end
|
|
81
106
|
|
|
82
107
|
def self.user
|
data/lib/userbin/version.rb
CHANGED