visa 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9f100a7183b849f640a7613dd135bf03d2b48e45
4
- data.tar.gz: ba75001cfa1ecd0a285386a39431591f222edc30
3
+ metadata.gz: f2af2c06bc21beec4d5480f0a38e1a117d0e50a7
4
+ data.tar.gz: 433dbff707b3de766c194b719548ef204fa5a9d5
5
5
  SHA512:
6
- metadata.gz: d8c99ae11ed0d4095bb671d4ca18594e01fc308ace4ec344e659e7319e238d3988858022c2e098ceb98e114899dadcbb18b05e3923d35f0ab34b3eeca9f89dcc
7
- data.tar.gz: ba52559000d5691e7ddefe32ec34dbe6bf203086c96492975d8d5d525457977f19a940fdbff5d4bbce8d57f20284c74743f910eda63de2476f3ba8850b80e519
6
+ metadata.gz: 520a808fc5dc34b4e6e59f48d2dfc3c54be7de21c510b43c0c1c7c012e4c6a24332126453822d8ac9ea987ed52127cd101a1f278399bc45b73068de2c26dcc65
7
+ data.tar.gz: ea0aa2b9f2a0ff6b71b519df3f32fb611281c306c51bb3d96eb165ec08358f811dd70e157077de42523bd53507956cae55518b7069644bc4e8764d4723ab36c8
@@ -0,0 +1,5 @@
1
+ language: ruby
2
+ script: bundle exec rspec spec
3
+ cache: bundler
4
+ rvm:
5
+ - 2.2
data/README.md CHANGED
@@ -7,7 +7,7 @@ Multi-token authentication for Rails apps. Built with Devise in mind, but can be
7
7
  Something like the following should go in your Gemfile:
8
8
 
9
9
  ```ruby
10
- gem 'visa', '~> 0.0.1'
10
+ gem 'visa', '~> 0.0.2'
11
11
  ```
12
12
 
13
13
  ## Usage
@@ -0,0 +1,5 @@
1
+ class AddVoidedAt < ActiveRecord::Migration
2
+ def change
3
+ add_column :visa_tokens, :voided_at, :datetime
4
+ end
5
+ end
@@ -6,7 +6,7 @@ module Visa
6
6
  end
7
7
 
8
8
  Visa.encryption_cost = 10
9
- Visa.request_header = 'Authentication'
9
+ Visa.request_header = 'HTTP_AUTHENTICATION'
10
10
  Visa.timeout = 14.days
11
11
 
12
12
  require 'visa/engine'
@@ -5,12 +5,16 @@ class Visa::Request
5
5
  @environment = environment
6
6
  end
7
7
 
8
+ def invalidate
9
+ token.touch :voided_at
10
+ end
11
+
8
12
  def touch
9
13
  token.touch :last_requested_at
10
14
  end
11
15
 
12
16
  def valid?
13
- token.present? && not_too_old?
17
+ token.present? && token.voided_at.nil? && not_too_old?
14
18
  end
15
19
 
16
20
  private
@@ -19,14 +23,14 @@ class Visa::Request
19
23
 
20
24
  def credentials
21
25
  string = request.params['access_token'] ||
22
- request.headers[Visa.request_header]
26
+ environment[Visa.request_header] || ''
23
27
 
24
28
  [string[0..15], string[16..57]]
25
29
  end
26
30
 
27
31
  def not_too_old?
28
- time = token.last_requested_at
29
- time.nil? || (time > Visa.timeout.ago)
32
+ time = token.last_requested_at || token.created_at
33
+ time > Visa.timeout.ago
30
34
  end
31
35
 
32
36
  def request
@@ -4,13 +4,15 @@ RSpec.describe Visa::Request do
4
4
  describe '#valid?' do
5
5
  let(:environment) { {'rack.input' => StringIO.new('')} }
6
6
  let(:request) { Visa::Request.new environment }
7
+ let(:token) { double 'token', last_requested_at: nil,
8
+ created_at: 1.minute.ago, voided_at: nil }
7
9
 
8
10
  before :each do
9
11
  environment['QUERY_STRING'] = <<-STR
10
12
  access_token=1234567890123456789012345678901234567890123456789012345678
11
13
  STR
12
14
 
13
- allow(Visa::Token).to receive(:find_by_credentials).and_return(nil)
15
+ allow(Visa::Token).to receive(:find_by_credentials).and_return(token)
14
16
  end
15
17
 
16
18
  it 'sources credentials from the access_token parameter' do
@@ -22,29 +24,47 @@ access_token=1234567890123456789012345678901234567890123456789012345678
22
24
  end
23
25
 
24
26
  it 'returns true when a matching token is found' do
25
- allow(Visa::Token).to receive(:find_by_credentials).
26
- and_return(double('token', last_requested_at: nil))
27
+ expect(request).to be_valid
28
+ end
29
+
30
+ it 'returns true when an unused token is less than two weeks old' do
31
+ allow(token).to receive(:created_at).and_return(13.days.ago)
27
32
 
28
33
  expect(request).to be_valid
29
34
  end
30
35
 
31
- it 'returns true when a matching token is less than two weeks old' do
32
- allow(Visa::Token).to receive(:find_by_credentials).
33
- and_return(double('token', last_requested_at: 13.days.ago))
36
+ it 'returns true when a matching token has been used within two weeks' do
37
+ allow(token).to receive(:last_requested_at).and_return(13.days.ago)
38
+
39
+ expect(request).to be_valid
40
+ end
41
+
42
+ it 'returns true when a matching token has not been voided' do
43
+ allow(token).to receive(:voided_at).and_return(nil)
34
44
 
35
45
  expect(request).to be_valid
36
46
  end
37
47
 
38
48
  it 'returns false when no token is found' do
39
- allow(Visa::Token).to receive(:find_by_credentials).
40
- and_return(nil)
49
+ allow(Visa::Token).to receive(:find_by_credentials).and_return(nil)
50
+
51
+ expect(request).to_not be_valid
52
+ end
53
+
54
+ it 'returns false when an unused token is more than two weeks old' do
55
+ allow(token).to receive(:created_at).and_return(15.days.ago)
56
+
57
+ expect(request).to_not be_valid
58
+ end
59
+
60
+ it 'returns false when token has not been used in more than two weeks' do
61
+ allow(token).to receive(:last_requested_at).and_return(15.days.ago)
41
62
 
42
63
  expect(request).to_not be_valid
43
64
  end
44
65
 
45
- it 'returns false when a matching token is more than two weeks old' do
46
- allow(Visa::Token).to receive(:find_by_credentials).
47
- and_return(double('token', last_requested_at: 15.days.ago))
66
+ it 'returns false when token has been voided' do
67
+ allow(token).to receive(:voided_at).and_return(1.minute.ago)
48
68
 
49
69
  expect(request).to_not be_valid
50
70
  end
@@ -1,7 +1,7 @@
1
1
  # coding: utf-8
2
2
  Gem::Specification.new do |spec|
3
3
  spec.name = 'visa'
4
- spec.version = '0.0.1'
4
+ spec.version = '0.0.2'
5
5
  spec.authors = ['Pat Allan']
6
6
  spec.email = ['pat@freelancing-gods.com']
7
7
  spec.summary = %q{Multi-token authentication for Rails apps.}
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: visa
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pat Allan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-01-20 00:00:00.000000000 Z
11
+ date: 2015-01-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt
@@ -102,6 +102,7 @@ extensions: []
102
102
  extra_rdoc_files: []
103
103
  files:
104
104
  - ".gitignore"
105
+ - ".travis.yml"
105
106
  - Gemfile
106
107
  - LICENSE.txt
107
108
  - README.md
@@ -109,6 +110,7 @@ files:
109
110
  - app/models/visa/token.rb
110
111
  - config.ru
111
112
  - db/migrate/1_create_tokens.rb
113
+ - db/migrate/2_add_voided_at.rb
112
114
  - lib/visa.rb
113
115
  - lib/visa/engine.rb
114
116
  - lib/visa/request.rb