veri 0.3.0 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/lib/veri/configuration.rb +10 -15
- data/lib/veri/controllers/concerns/authentication.rb +2 -3
- data/lib/veri/inputs/authenticatable.rb +9 -0
- data/lib/veri/inputs/base.rb +33 -0
- data/lib/veri/inputs/duration.rb +9 -0
- data/lib/veri/inputs/hashing_algorithm.rb +9 -0
- data/lib/veri/inputs/model.rb +9 -0
- data/lib/veri/inputs/non_empty_string.rb +9 -0
- data/lib/veri/models/concerns/authenticatable.rb +2 -10
- data/lib/veri/models/session.rb +10 -17
- data/lib/veri/version.rb +1 -1
- data/lib/veri.rb +7 -2
- data/veri.gemspec +2 -2
- metadata +12 -7
- data/lib/veri/inputs.rb +0 -31
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a4fcb8a0d60277a1b18a9c23114d96c19472794ee47c02d62445248ff30f16f0
|
|
4
|
+
data.tar.gz: fa8eb3f99daf00c2c7c338350f14d3014ab855923e6977581d60e376c9dc3222
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d21bba8f857717fd6e9c54b1444c23feb2f5dea73dccda0ca3d661155b6a79d2901b8f4a58717bdb28527d6e1576222688fd802da86c18e86055d301e6c2003f
|
|
7
|
+
data.tar.gz: a3547cee5d2bf4190fc95f923177da126e4f478ef8dc052d49bbdc524515be211d05ab21a0636fd373edb9b7d24b76049e7ef40bf826d667e85226da0b4ab7b1
|
data/CHANGELOG.md
CHANGED
data/lib/veri/configuration.rb
CHANGED
|
@@ -11,46 +11,42 @@ module Veri
|
|
|
11
11
|
default: :argon2,
|
|
12
12
|
reader: true,
|
|
13
13
|
constructor: -> (value) do
|
|
14
|
-
Veri::Inputs.
|
|
14
|
+
Veri::Inputs::HashingAlgorithm.new(
|
|
15
15
|
value,
|
|
16
|
-
as: :hashing_algorithm,
|
|
17
16
|
error: Veri::ConfigurationError,
|
|
18
17
|
message: "Invalid hashing algorithm `#{value.inspect}`, supported algorithms are: #{Veri::Configuration::HASHERS.keys.join(", ")}"
|
|
19
|
-
)
|
|
18
|
+
).process
|
|
20
19
|
end
|
|
21
20
|
setting :inactive_session_lifetime,
|
|
22
21
|
default: nil,
|
|
23
22
|
reader: true,
|
|
24
23
|
constructor: -> (value) do
|
|
25
|
-
Veri::Inputs.
|
|
24
|
+
Veri::Inputs::Duration.new(
|
|
26
25
|
value,
|
|
27
|
-
as: :duration,
|
|
28
26
|
optional: true,
|
|
29
27
|
error: Veri::ConfigurationError,
|
|
30
28
|
message: "Invalid inactive session lifetime `#{value.inspect}`, expected an instance of ActiveSupport::Duration or nil"
|
|
31
|
-
)
|
|
29
|
+
).process
|
|
32
30
|
end
|
|
33
31
|
setting :total_session_lifetime,
|
|
34
32
|
default: 14.days,
|
|
35
33
|
reader: true,
|
|
36
34
|
constructor: -> (value) do
|
|
37
|
-
Veri::Inputs.
|
|
35
|
+
Veri::Inputs::Duration.new(
|
|
38
36
|
value,
|
|
39
|
-
as: :duration,
|
|
40
37
|
error: Veri::ConfigurationError,
|
|
41
38
|
message: "Invalid total session lifetime `#{value.inspect}`, expected an instance of ActiveSupport::Duration"
|
|
42
|
-
)
|
|
39
|
+
).process
|
|
43
40
|
end
|
|
44
41
|
setting :user_model_name,
|
|
45
42
|
default: "User",
|
|
46
43
|
reader: true,
|
|
47
44
|
constructor: -> (value) do
|
|
48
|
-
Veri::Inputs.
|
|
45
|
+
Veri::Inputs::NonEmptyString.new(
|
|
49
46
|
value,
|
|
50
|
-
as: :non_empty_string,
|
|
51
47
|
error: Veri::ConfigurationError,
|
|
52
48
|
message: "Invalid user model name `#{value.inspect}`, expected an ActiveRecord model name as a string"
|
|
53
|
-
)
|
|
49
|
+
).process
|
|
54
50
|
end
|
|
55
51
|
|
|
56
52
|
HASHERS = {
|
|
@@ -64,12 +60,11 @@ module Veri
|
|
|
64
60
|
end
|
|
65
61
|
|
|
66
62
|
def user_model
|
|
67
|
-
Veri::Inputs.
|
|
63
|
+
Veri::Inputs::Model.new(
|
|
68
64
|
user_model_name,
|
|
69
|
-
as: :model,
|
|
70
65
|
error: Veri::ConfigurationError,
|
|
71
66
|
message: "Invalid user model name `#{user_model_name}`, expected an ActiveRecord model name as a string"
|
|
72
|
-
)
|
|
67
|
+
).process
|
|
73
68
|
end
|
|
74
69
|
end
|
|
75
70
|
end
|
|
@@ -34,11 +34,10 @@ module Veri
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def log_in(authenticatable)
|
|
37
|
-
processed_authenticatable = Veri::Inputs.
|
|
37
|
+
processed_authenticatable = Veri::Inputs::Authenticatable.new(
|
|
38
38
|
authenticatable,
|
|
39
|
-
as: :authenticatable,
|
|
40
39
|
message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{authenticatable.inspect}`"
|
|
41
|
-
)
|
|
40
|
+
).process
|
|
42
41
|
|
|
43
42
|
return false if processed_authenticatable.locked?
|
|
44
43
|
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
require "dry-types"
|
|
2
|
+
|
|
3
|
+
module Veri
|
|
4
|
+
module Inputs
|
|
5
|
+
class Base
|
|
6
|
+
include Dry.Types()
|
|
7
|
+
|
|
8
|
+
def initialize(value, optional: false, error: Veri::InvalidArgumentError, message: nil)
|
|
9
|
+
@value = value
|
|
10
|
+
@optional = optional
|
|
11
|
+
@error = error
|
|
12
|
+
@message = message
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def process
|
|
16
|
+
type_checker = @optional ? type.call.optional : type.call
|
|
17
|
+
type_checker[@value]
|
|
18
|
+
rescue Dry::Types::CoercionError
|
|
19
|
+
raise_error
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def type
|
|
25
|
+
raise NotImplementedError
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def raise_error
|
|
29
|
+
raise @error, @message
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
@@ -13,11 +13,7 @@ module Veri
|
|
|
13
13
|
def update_password(password)
|
|
14
14
|
update!(
|
|
15
15
|
hashed_password: hasher.create(
|
|
16
|
-
Veri::Inputs.process
|
|
17
|
-
password,
|
|
18
|
-
as: :non_empty_string,
|
|
19
|
-
message: "Expected a non-empty string, got `#{password.inspect}`"
|
|
20
|
-
)
|
|
16
|
+
Veri::Inputs::NonEmptyString.new(password, message: "Expected a non-empty string, got `#{password.inspect}`").process
|
|
21
17
|
),
|
|
22
18
|
password_updated_at: Time.current
|
|
23
19
|
)
|
|
@@ -25,11 +21,7 @@ module Veri
|
|
|
25
21
|
|
|
26
22
|
def verify_password(password)
|
|
27
23
|
hasher.verify(
|
|
28
|
-
Veri::Inputs.process
|
|
29
|
-
password,
|
|
30
|
-
as: :non_empty_string,
|
|
31
|
-
message: "Expected a non-empty string, got `#{password.inspect}`"
|
|
32
|
-
),
|
|
24
|
+
Veri::Inputs::NonEmptyString.new(password, message: "Expected a non-empty string, got `#{password.inspect}`").process,
|
|
33
25
|
hashed_password
|
|
34
26
|
)
|
|
35
27
|
end
|
data/lib/veri/models/session.rb
CHANGED
|
@@ -26,12 +26,10 @@ module Veri
|
|
|
26
26
|
alias terminate delete
|
|
27
27
|
|
|
28
28
|
def update_info(request)
|
|
29
|
-
processed_request = Veri::Inputs.process(request, as: :request, error: Veri::Error)
|
|
30
|
-
|
|
31
29
|
update!(
|
|
32
30
|
last_seen_at: Time.current,
|
|
33
|
-
ip_address:
|
|
34
|
-
user_agent:
|
|
31
|
+
ip_address: request.remote_ip,
|
|
32
|
+
user_agent: request.user_agent
|
|
35
33
|
)
|
|
36
34
|
end
|
|
37
35
|
|
|
@@ -55,11 +53,10 @@ module Veri
|
|
|
55
53
|
update!(
|
|
56
54
|
shapeshifted_at: Time.current,
|
|
57
55
|
original_authenticatable: authenticatable,
|
|
58
|
-
authenticatable: Veri::Inputs.
|
|
56
|
+
authenticatable: Veri::Inputs::Authenticatable.new(
|
|
59
57
|
user,
|
|
60
|
-
as: :authenticatable,
|
|
61
58
|
message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{user.inspect}`"
|
|
62
|
-
)
|
|
59
|
+
).process
|
|
63
60
|
)
|
|
64
61
|
end
|
|
65
62
|
|
|
@@ -79,10 +76,8 @@ module Veri
|
|
|
79
76
|
new(
|
|
80
77
|
hashed_token: Digest::SHA256.hexdigest(token),
|
|
81
78
|
expires_at:,
|
|
82
|
-
authenticatable: Veri::Inputs.
|
|
83
|
-
).update_info(
|
|
84
|
-
Veri::Inputs.process(request, as: :request, error: Veri::Error)
|
|
85
|
-
)
|
|
79
|
+
authenticatable: Veri::Inputs::Authenticatable.new(user, error: Veri::Error).process
|
|
80
|
+
).update_info(request)
|
|
86
81
|
|
|
87
82
|
token
|
|
88
83
|
end
|
|
@@ -90,12 +85,11 @@ module Veri
|
|
|
90
85
|
def prune(user = nil)
|
|
91
86
|
scope = if user
|
|
92
87
|
where(
|
|
93
|
-
authenticatable: Veri::Inputs.
|
|
88
|
+
authenticatable: Veri::Inputs::Authenticatable.new(
|
|
94
89
|
user,
|
|
95
|
-
as: :authenticatable,
|
|
96
90
|
optional: true,
|
|
97
91
|
message: "Expected an instance of #{Veri::Configuration.user_model_name} or nil, got `#{user.inspect}`"
|
|
98
|
-
)
|
|
92
|
+
).process
|
|
99
93
|
)
|
|
100
94
|
else
|
|
101
95
|
all
|
|
@@ -112,11 +106,10 @@ module Veri
|
|
|
112
106
|
end
|
|
113
107
|
|
|
114
108
|
def terminate_all(user)
|
|
115
|
-
Veri::Inputs.
|
|
109
|
+
Veri::Inputs::Authenticatable.new(
|
|
116
110
|
user,
|
|
117
|
-
as: :authenticatable,
|
|
118
111
|
message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{user.inspect}`"
|
|
119
|
-
).veri_sessions.delete_all
|
|
112
|
+
).process.veri_sessions.delete_all
|
|
120
113
|
end
|
|
121
114
|
end
|
|
122
115
|
end
|
data/lib/veri/version.rb
CHANGED
data/lib/veri.rb
CHANGED
|
@@ -7,13 +7,18 @@ require_relative "veri/password/argon2"
|
|
|
7
7
|
require_relative "veri/password/bcrypt"
|
|
8
8
|
require_relative "veri/password/scrypt"
|
|
9
9
|
|
|
10
|
-
require_relative "veri/inputs"
|
|
10
|
+
require_relative "veri/inputs/base"
|
|
11
|
+
require_relative "veri/inputs/authenticatable"
|
|
12
|
+
require_relative "veri/inputs/duration"
|
|
13
|
+
require_relative "veri/inputs/hashing_algorithm"
|
|
14
|
+
require_relative "veri/inputs/model"
|
|
15
|
+
require_relative "veri/inputs/non_empty_string"
|
|
11
16
|
require_relative "veri/configuration"
|
|
12
17
|
|
|
13
18
|
module Veri
|
|
14
19
|
class Error < StandardError; end
|
|
15
|
-
class ConfigurationError < Veri::Error; end
|
|
16
20
|
class InvalidArgumentError < Veri::Error; end
|
|
21
|
+
class ConfigurationError < Veri::InvalidArgumentError; end
|
|
17
22
|
|
|
18
23
|
delegate :configure, to: Veri::Configuration
|
|
19
24
|
module_function :configure
|
data/veri.gemspec
CHANGED
|
@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
|
|
22
22
|
spec.add_dependency "argon2", "~> 2.0"
|
|
23
23
|
spec.add_dependency "bcrypt", "~> 3.0"
|
|
24
|
-
spec.add_dependency "dry-configurable", "~> 1.
|
|
25
|
-
spec.add_dependency "dry-types", "~> 1.
|
|
24
|
+
spec.add_dependency "dry-configurable", "~> 1.1"
|
|
25
|
+
spec.add_dependency "dry-types", "~> 1.7"
|
|
26
26
|
spec.add_dependency "rails", ">= 7.1", "< 8.1"
|
|
27
27
|
spec.add_dependency "scrypt", "~> 3.0"
|
|
28
28
|
spec.add_dependency "user_agent_parser", "~> 2.0"
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: veri
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- enjaku4
|
|
@@ -43,28 +43,28 @@ dependencies:
|
|
|
43
43
|
requirements:
|
|
44
44
|
- - "~>"
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
|
-
version: '1.
|
|
46
|
+
version: '1.1'
|
|
47
47
|
type: :runtime
|
|
48
48
|
prerelease: false
|
|
49
49
|
version_requirements: !ruby/object:Gem::Requirement
|
|
50
50
|
requirements:
|
|
51
51
|
- - "~>"
|
|
52
52
|
- !ruby/object:Gem::Version
|
|
53
|
-
version: '1.
|
|
53
|
+
version: '1.1'
|
|
54
54
|
- !ruby/object:Gem::Dependency
|
|
55
55
|
name: dry-types
|
|
56
56
|
requirement: !ruby/object:Gem::Requirement
|
|
57
57
|
requirements:
|
|
58
58
|
- - "~>"
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
|
-
version: '1.
|
|
60
|
+
version: '1.7'
|
|
61
61
|
type: :runtime
|
|
62
62
|
prerelease: false
|
|
63
63
|
version_requirements: !ruby/object:Gem::Requirement
|
|
64
64
|
requirements:
|
|
65
65
|
- - "~>"
|
|
66
66
|
- !ruby/object:Gem::Version
|
|
67
|
-
version: '1.
|
|
67
|
+
version: '1.7'
|
|
68
68
|
- !ruby/object:Gem::Dependency
|
|
69
69
|
name: rails
|
|
70
70
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -125,7 +125,12 @@ files:
|
|
|
125
125
|
- lib/veri.rb
|
|
126
126
|
- lib/veri/configuration.rb
|
|
127
127
|
- lib/veri/controllers/concerns/authentication.rb
|
|
128
|
-
- lib/veri/inputs.rb
|
|
128
|
+
- lib/veri/inputs/authenticatable.rb
|
|
129
|
+
- lib/veri/inputs/base.rb
|
|
130
|
+
- lib/veri/inputs/duration.rb
|
|
131
|
+
- lib/veri/inputs/hashing_algorithm.rb
|
|
132
|
+
- lib/veri/inputs/model.rb
|
|
133
|
+
- lib/veri/inputs/non_empty_string.rb
|
|
129
134
|
- lib/veri/models/concerns/authenticatable.rb
|
|
130
135
|
- lib/veri/models/session.rb
|
|
131
136
|
- lib/veri/password/argon2.rb
|
|
@@ -159,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
159
164
|
- !ruby/object:Gem::Version
|
|
160
165
|
version: '0'
|
|
161
166
|
requirements: []
|
|
162
|
-
rubygems_version: 3.
|
|
167
|
+
rubygems_version: 3.7.1
|
|
163
168
|
specification_version: 4
|
|
164
169
|
summary: Minimal cookie-based authentication library for Ruby on Rails
|
|
165
170
|
test_files: []
|
data/lib/veri/inputs.rb
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
require "dry-types"
|
|
2
|
-
|
|
3
|
-
module Veri
|
|
4
|
-
module Inputs
|
|
5
|
-
extend self
|
|
6
|
-
|
|
7
|
-
include Dry.Types()
|
|
8
|
-
|
|
9
|
-
TYPES = {
|
|
10
|
-
hashing_algorithm: -> { self::Strict::Symbol.enum(:argon2, :bcrypt, :scrypt) },
|
|
11
|
-
duration: -> { self::Instance(ActiveSupport::Duration) },
|
|
12
|
-
non_empty_string: -> { self::Strict::String.constrained(min_size: 1) },
|
|
13
|
-
model: -> { self::Strict::Class.constructor { _1.try(:safe_constantize) || _1 }.constrained(lt: ActiveRecord::Base) },
|
|
14
|
-
authenticatable: -> { self::Instance(Veri::Configuration.user_model) },
|
|
15
|
-
request: -> { self::Instance(ActionDispatch::Request) }
|
|
16
|
-
}.freeze
|
|
17
|
-
|
|
18
|
-
def process(value, as:, optional: false, error: Veri::InvalidArgumentError, message: nil)
|
|
19
|
-
checker = type_for(as)
|
|
20
|
-
checker = checker.optional if optional
|
|
21
|
-
|
|
22
|
-
checker[value]
|
|
23
|
-
rescue Dry::Types::CoercionError => e
|
|
24
|
-
raise error, message || e.message
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
private
|
|
28
|
-
|
|
29
|
-
def type_for(name) = Veri::Inputs::TYPES.fetch(name).call
|
|
30
|
-
end
|
|
31
|
-
end
|