userbin 0.4.3 → 0.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 054c324709315f71ea222d681cb6c2c504199ec4
-  data.tar.gz: 5e283d805bee17f01081990684fee42a6a8e2024
+  metadata.gz: cca8bc4a6426e0d967af3cc4746ff35f0ec24d43
+  data.tar.gz: 70f0ad7d7a4b46f9603aee952b7451be197c0eba
 SHA512:
-  metadata.gz: f767abb26fb9315a7c3e7224c185e58fc254f25330790b02650df6ff73dedcfa6e774d7b35b623e1b415a852d6e4c8f430a225ecda5032203c353731dddd087b
-  data.tar.gz: 5350abbbb4a1060ecc24cdab082eed44d17933a702e6b6a906b9e91f0659c46d2ae7095a5dddea6ce1a3d00a90c5a4a52b85564fbe070a56d7236b547a6e0f07
+  metadata.gz: 55cfd4067825ff8db777b0d188c95f7a631a12d201b335503c037ca2c50e25c9f923c41f4d8b3e1cc5532802b473aa161340d3029980fa6f05501a0c06fc7e14
+  data.tar.gz: 46d8f465f92b40b9c606a844850fadee936fc131c70717a5e74693de617d9267b40c4e4fd28426f590a869316d2c941f572008f28e8b0b9f00cc4063c322d498

data/README.md

@@ -5,16 +5,16 @@
 Userbin for Ruby
 ================
 
-Userbin for Ruby adds user authentication, login flows and user management to your **Rails**, **Sinatra** or **Rack** app, with users stored in your own database.
+Userbin for Ruby adds user authentication, login flows and user management to your **Rails**, **Sinatra** or **Rack** app.
 
-[Userbin](https://userbin.com) provides a set of login, signup, and password reset forms that drop right into your application without any need of styling or writing markup. Connect your users via traditional logins or third party social networks. It takes care of linking accounts across networks, resetting passwords, and keeping everything safe and secure.
+[Userbin](https://userbin.com) provides a set of login, signup, and password reset forms that drop right into your application without any need of styling or writing markup. Connect your users via traditional logins or third party social networks. We take care of linking accounts across networks, resetting passwords, and keeping everything safe and secure.
 
 [Create a free account](https://userbin.com) at Userbin to start accepting users in your application.
 
 Installation
 ------------
 
-1. Add the `userbin` gem to your `Gemfile`
+1.  Add the `userbin` gem to your `Gemfile`
 
     ```ruby
     gem "userbin"
@@ -26,52 +26,76 @@ Installation
     bundle install
     ```
 
-1.  Generate configuration
+1.  Configure the Userbin module with the credentials you got from signing up.
 
-    ```shell
-    curl https://lib.userbin.com/install.sh | sh YOUR_APP_ID YOUR_API_SECRET
+    In a Rails app, put the following code into a new file at `config/initializers/userbin.rb`, and in Sinatra put it in your main application file and add `require "userbin"`.
+
+    ```ruby
+    Userbin.configure do |config|
+      config.app_id = "YOUR_APP_ID"
+      config.api_secret = "YOUR_API_SECRET"
+    end
     ```
 
-    If you don't configure the App ID and API Secret, the Userbin module will read the `USERBIN_APP_ID` and `USERBIN_API_SECRET` environment variables. This may come in handy on Heroku.
+    *If you don't configure the `app_id` and `api_secret`, the Userbin module will read the `USERBIN_APP_ID` and `USERBIN_API_SECRET` environment variables. This may come in handy on Heroku.*
 
-1.  **Rack/Sinatra apps only**: Load and activate the Userbin Rack middleware
+1.  Implement getter and setter for your user model.
 
     ```ruby
-    require 'userbin'
+    # will be called when accessing `current_user`
+    config.find_user = -> (userbin_id) do
+      User.find_by_userbin_id(userbin_id)
+    }
+
+    # will be called when a user signs up
+    config.create_user = -> (profile) do
+      User.create! do |user|
+        user.userbin_id = profile.id
+        user.email      = profile.email
+        user.photo      = profile.image
+      end
+    end
+    ```
+
+    *For more information about the available attributes in the profile see the [Userbin profile](https://userbin.com/docs/concepts) documentation.*
+
+1.  Migrate your users (or do it manually if not using Rails) and add a reference to the Userbin profile:
+
+    ```ruby
+    rails g migration AddUserbinIdToUsers userbin_id:integer:index
+    ```
 
+1.  **Rack/Sinatra apps only**: Activate the Userbin Rack middleware
+
+    ```ruby
     use Userbin::Authentication
     ```
 
 
-Configuration
--------------
+Usage
+-----
 
 ### Authenticating
 
-You need to configure Userbin in order to provide the `current_user` model:
-
-``` ruby
-Userbin.configure do
-  current_user do |profile|
-    User.find(profile.uid).first_or_initialize(
-      email: profile.email,
-      image: profile.image
-    )
-  end
-end
-```
+#### Rails
 
-This code is run in the context of your application so you have access to your models, session or routes helpers. However, since this code is not run in the context of your application's ApplicationController it doesn't have access
-to the methods defined over there.
+Userbin keeps track of the currently logged in user which can be accessed through `current_user` in controllers, views, and helpers. This automatically taps into libraries such as the authorization solution [CanCan](https://github.com/ryanb/cancan).
 
+```haml
+- if logged_in?
+  = current_user.email
+- else
+  Not logged in
+```
 
-### Protecting routes
+<!-- **Rack/Sinatra apps only**: Since above helpers aren't available outside Rails, instead use `Userbin.current_user` and `Userbin.logged_in?`.
+ -->
 
-Use `authorize` to control access in controllers:
+To set up a controller with user authentication, just add this before_filter:
 
 ```ruby
 class ArticlesController < ApplicationController
-  before_filter :authorize
+  before_filter :authenticate_user!
 
   def index
     current_user.articles
@@ -79,110 +103,70 @@ class ArticlesController < ApplicationController
 end
 ```
 
-Or, you can authorize users in `config/routes.rb`:
+#### Sinatra
 
-```ruby
-Blog::Application.routes.draw do
-  constraints Userbin::Protect.new { |user| user.admin? } do
-    root to: 'admin'
-  end
+Helpers are accessed through the global Userbin object:
 
-  constraints Userbin::Protect.new do
-    mount MagicalWorker
-  end
-end
-```
-
-Usage
------
-
-### The current user
-
-Userbin keeps track of the currently logged in user which can be accessed through the `current_user` property. This automatically taps into libraries such as the authorization solution [CanCan](https://github.com/ryanb/cancan).
-
-```erb
-Welcome to your account, <%= current_user.email %>
+```haml
+- if Userbin.logged_in?
+  = Userbin.current_user.email
+- else
+  Not logged in
 ```
 
-To check if a user is logged in, use `user_logged_in?` (or its alias `user_signed_in?` if you prefer Devise conventions)
+To set up routes with user authentication, just wrap them like this:
 
-```erb
-<% if user_logged_in? %>
-  You are logged in!
-<% end %>
+```ruby
+authenticate_user do
+  get "/articles" do
+    "Restricted page that logged in users can access"
+  end
+end
 ```
 
 
-**Rack/Sinatra apps only**: Since above helpers aren't available outside Rails, instead use `Userbin.current_user` and `Userbin.user_logged_in?`.
-
 ### Forms
 
-An easy way to integrate Userbin is via the [Widget](https://userbin.com/docs/javascript#widget), which will take care of building forms, validating input and provides a drop-in design that adapts nicely to all devices.
+#### Ready-made forms
 
-The Widget is fairly high level, so remember that you can still use Userbin with your [own forms](https://userbin.com) if it doesn't fit your use-case.
-
-Use `current_user` and `logged_in?` in controllers, views, and helpers:
+These are opened in a popup.
 
 ```haml
-- if signed_in?
-  = current_user.email
-  = link_to 'Log out', '/', class: 'ub-logout'
-- else
-  = link_to 'Sign up', '/dashboard', class: 'ub-signup'
-  = link_to 'Log in', '/dashboard', class: 'ub-login'
+%a{href: "/account", rel: "login"} Log in
+%a{href: "/account", rel: "signup"} Sign up
+%a{href: "/", rel: 'logout'} Log out
 ```
 
-### Protecting resources
-
-...
+#### Social buttons
 
+These require you to first configure your social apps in the dashboard.
 
-Configuration
--------------
-
-The `Userbin.configure` block supports a range of options additional to the Userbin credentials. None of the following options are mandatory.
-
-### protected_path
-
-By default, Userbin reloads the current page on a successful login. If you set the `protected_path` option, users will be redirected to this path instead.
-
-Once set, this path and any sub-path of it will be protected from unauthenticated users by instead rendering a login form.
-
-```ruby
-config.protected_path = '/dashboard'
-```
-
-### root_path
-
-By default, Userbin reloads the current page on a successful logout. If you set the `root_path` option, users will be redirected to this path instead.
-
-```ruby
-config.root_path = '/login'
+```haml
+%a{href: "/account", rel: "facebook"} Connect with Facebook
+%a{href: "/account", rel: "twitter"} Connect with Twitter
 ```
 
-### create_user and find_user
-
-By default, `current_user` will reference a *limited* Userbin profile, enabling you to work without a database. If you override the functions `create_user` and `find_user`, the current user will instead reference one of your models. The `profile` object is an *extended* Userbin profile. For more information about the available attributes in the profile see the [Userbin profile](https://userbin.com/docs/concepts) documentation.
+#### Custom forms
 
-```ruby
-config.create_user = Proc.new { |profile|
-  User.create! do |user|
-    user.userbin_id = profile.id
-    user.email      = profile.email
-    user.photo      = profile.image
-  end
-}
+Only
 
-config.find_user = Proc.new { |userbin_id|
-  User.find_by_userbin_id(userbin_id)
-}
+```haml
+%form{action: "/account", name: "signup"}
+  %span.errors
+  .form-row
+    %label
+      %span E-mail
+      %input{name: "email", type: "text"}
+  .form-row
+    %label
+      %span Password
+      %input{name: "password", type: "password"}
+  %button{type: "submit"} Sign up
 ```
 
-You'll need to migrate your users and add a reference to the Userbin profile:
 
-```ruby
-rails g migration AddUserbinIdToUsers userbin_id:integer:index
-```
+Further configuration
+---------------------
 
 ### skip_script_injection
 
@@ -192,19 +176,11 @@ By default, the Userbin middleware will automatically insert a `<script>` tag be
 config.skip_script_injection = true
 ```
 
-### lock_file
-
-By default, no locking is performed to ensure that multiple processes race for finding and creating users. Setting this option in multi-process (not multi-thread) setups like Unicorn is **highly recommended**.
-
-```ruby
-config.lock_file = File.join(Rails.root, 'tmp/userbin.lock')
-```
-
 
-Further configuration and customization
----------------------------------------
+Admin dashboard
+---------------
 
-Your Userbin dashboard gives you access to a range of functionality:
+Your [dashboard](https://userbin.com/dashboard) gives you access to a range of functionality:
 
 - Configure the appearance of the login widget to feel more integrated with your service
 - Connect 10+ OAuth providers like Facebook, Github and Google.

data/lib/userbin/authentication.rb

@@ -13,6 +13,7 @@ module Userbin
       end
 
       Thread.current[:userbin] = nil
+      env['userbin.unauthenticated'] = false
 
       request = Rack::Request.new(env)
 
@@ -72,7 +73,10 @@ module Userbin
 <!DOCTYPE html>
 <html>
 <head>
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
   <title>Log in</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1">
 </head>
 <body>
   <a class="ub-login-form"></a>
@@ -90,6 +94,9 @@ module Userbin
     def generate_response(env, jwt)
       status, headers, response = @app.call(env)
 
+      # application stack is responsible for setting userbin.authenticated
+      return render_gateway(env["PATH_INFO"]) if env['userbin.unauthenticated']
+
       if headers['Content-Type'] && headers['Content-Type']['text/html']
        if response.respond_to?(:body)
          body = [*response.body]

data/lib/userbin/configuration.rb

@@ -2,7 +2,6 @@ module Userbin
   class Configuration
     attr_accessor :create_user
     attr_accessor :find_user
-    attr_accessor :lock_file
     attr_accessor :protected_path
     attr_accessor :root_path
     attr_accessor :skip_script_injection

data/lib/userbin/rails/auth_helpers.rb

@@ -1,7 +1,10 @@
 module Userbin
   module AuthHelpers
     def authenticate_user!
-      binding.pry
+      unless user_logged_in?
+        env['userbin.unauthenticated'] = true
+        render nothing: true
+      end
     end
 
     def current_user

data/lib/userbin/userbin.rb

@@ -61,44 +61,33 @@ module Userbin
   end
 
   def self.current_user
-    if Userbin.config.lock_file
-      file = File.open(Userbin.config.lock_file, "a+")
-      file.flock(File::LOCK_EX)
-    end
+    if _current_user
+      if Userbin.config.find_user
+        u = Userbin.config.find_user.call(_current_user.id)
+        if u
+          u
+        else
+          if Userbin.config.create_user
 
-    begin
-      if _current_user
-        if Userbin.config.find_user
-          u = Userbin.config.find_user.call(_current_user.id)
-          if u
-            u
-          else
-            if Userbin.config.create_user
-
-              # Fetch a full profile from the API. This way we can get more
-              # sensitive details than those stored in the cookie. It also checks
-              # that the user still exists in Userbin.
-              profile = User.find(_current_user.id)
-
-              u = Userbin.config.create_user.call(profile)
-              if u
-                u
-              else
-                _current_user
-              end
+            # Fetch a full profile from the API. This way we can get more
+            # sensitive details than those stored in the cookie. It also checks
+            # that the user still exists in Userbin.
+            profile = User.find(_current_user.id)
+
+            u = Userbin.config.create_user.call(profile)
+            if u
+              u
             else
-              raise ConfigurationError, "You need to implement create_user"
+              _current_user
             end
+          else
+            raise ConfigurationError, "You need to implement create_user"
           end
-        else
-          _current_user
         end
+      else
+        _current_user
       end
-
-    ensure
-      file.flock(File::LOCK_UN) if Userbin.config.lock_file
     end
-
   end
 
   def self.user

data/lib/userbin/version.rb

@@ -1,3 +1,3 @@
 module Userbin
-  VERSION = "0.4.3"
+  VERSION = "0.4.4"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: userbin
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.4.4
 platform: ruby
 authors:
 - Johan