visa 0.0.1 → 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +5 -0
  3. data/README.md +1 -1
  4. data/db/migrate/2_add_voided_at.rb +5 -0
  5. data/lib/visa.rb +1 -1
  6. data/lib/visa/request.rb +8 -4
  7. data/spec/visa/request_spec.rb +31 -11
  8. data/visa.gemspec +1 -1
  9. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9f100a7183b849f640a7613dd135bf03d2b48e45
4
- data.tar.gz: ba75001cfa1ecd0a285386a39431591f222edc30
3
+ metadata.gz: f2af2c06bc21beec4d5480f0a38e1a117d0e50a7
4
+ data.tar.gz: 433dbff707b3de766c194b719548ef204fa5a9d5
5
5
  SHA512:
6
- metadata.gz: d8c99ae11ed0d4095bb671d4ca18594e01fc308ace4ec344e659e7319e238d3988858022c2e098ceb98e114899dadcbb18b05e3923d35f0ab34b3eeca9f89dcc
7
- data.tar.gz: ba52559000d5691e7ddefe32ec34dbe6bf203086c96492975d8d5d525457977f19a940fdbff5d4bbce8d57f20284c74743f910eda63de2476f3ba8850b80e519
6
+ metadata.gz: 520a808fc5dc34b4e6e59f48d2dfc3c54be7de21c510b43c0c1c7c012e4c6a24332126453822d8ac9ea987ed52127cd101a1f278399bc45b73068de2c26dcc65
7
+ data.tar.gz: ea0aa2b9f2a0ff6b71b519df3f32fb611281c306c51bb3d96eb165ec08358f811dd70e157077de42523bd53507956cae55518b7069644bc4e8764d4723ab36c8
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ language: ruby
2
+ script: bundle exec rspec spec
3
+ cache: bundler
4
+ rvm:
5
+ - 2.2
data/README.md CHANGED
@@ -7,7 +7,7 @@ Multi-token authentication for Rails apps. Built with Devise in mind, but can be
7
7
  Something like the following should go in your Gemfile:
8
8
 
9
9
  ```ruby
10
- gem 'visa', '~> 0.0.1'
10
+ gem 'visa', '~> 0.0.2'
11
11
  ```
12
12
 
13
13
  ## Usage
data/db/migrate/2_add_voided_at.rb ADDED
@@ -0,0 +1,5 @@
1
+ class AddVoidedAt < ActiveRecord::Migration
2
+ def change
3
+ add_column :visa_tokens, :voided_at, :datetime
4
+ end
5
+ end
data/lib/visa.rb CHANGED
@@ -6,7 +6,7 @@ module Visa
6
6
  end
7
7
 
8
8
  Visa.encryption_cost = 10
9
- Visa.request_header = 'Authentication'
9
+ Visa.request_header = 'HTTP_AUTHENTICATION'
10
10
  Visa.timeout = 14.days
11
11
 
12
12
  require 'visa/engine'
data/lib/visa/request.rb CHANGED
@@ -5,12 +5,16 @@ class Visa::Request
5
5
  @environment = environment
6
6
  end
7
7
 
8
+ def invalidate
9
+ token.touch :voided_at
10
+ end
11
+
8
12
  def touch
9
13
  token.touch :last_requested_at
10
14
  end
11
15
 
12
16
  def valid?
13
- token.present? && not_too_old?
17
+ token.present? && token.voided_at.nil? && not_too_old?
14
18
  end
15
19
 
16
20
  private
@@ -19,14 +23,14 @@ class Visa::Request
19
23
 
20
24
  def credentials
21
25
  string = request.params['access_token'] ||
22
- request.headers[Visa.request_header]
26
+ environment[Visa.request_header] || ''
23
27
 
24
28
  [string[0..15], string[16..57]]
25
29
  end
26
30
 
27
31
  def not_too_old?
28
- time = token.last_requested_at
29
- time.nil? || (time > Visa.timeout.ago)
32
+ time = token.last_requested_at || token.created_at
33
+ time > Visa.timeout.ago
30
34
  end
31
35
 
32
36
  def request
data/spec/visa/request_spec.rb CHANGED
@@ -4,13 +4,15 @@ RSpec.describe Visa::Request do
4
4
  describe '#valid?' do
5
5
  let(:environment) { {'rack.input' => StringIO.new('')} }
6
6
  let(:request) { Visa::Request.new environment }
7
+ let(:token) { double 'token', last_requested_at: nil,
8
+ created_at: 1.minute.ago, voided_at: nil }
7
9
 
8
10
  before :each do
9
11
  environment['QUERY_STRING'] = <<-STR
10
12
  access_token=1234567890123456789012345678901234567890123456789012345678
11
13
  STR
12
14
 
13
- allow(Visa::Token).to receive(:find_by_credentials).and_return(nil)
15
+ allow(Visa::Token).to receive(:find_by_credentials).and_return(token)
14
16
  end
15
17
 
16
18
  it 'sources credentials from the access_token parameter' do
@@ -22,29 +24,47 @@ access_token=1234567890123456789012345678901234567890123456789012345678
22
24
  end
23
25
 
24
26
  it 'returns true when a matching token is found' do
25
- allow(Visa::Token).to receive(:find_by_credentials).
26
- and_return(double('token', last_requested_at: nil))
27
+ expect(request).to be_valid
28
+ end
29
+
30
+ it 'returns true when an unused token is less than two weeks old' do
31
+ allow(token).to receive(:created_at).and_return(13.days.ago)
27
32
 
28
33
  expect(request).to be_valid
29
34
  end
30
35
 
31
- it 'returns true when a matching token is less than two weeks old' do
32
- allow(Visa::Token).to receive(:find_by_credentials).
33
- and_return(double('token', last_requested_at: 13.days.ago))
36
+ it 'returns true when a matching token has been used within two weeks' do
37
+ allow(token).to receive(:last_requested_at).and_return(13.days.ago)
38
+
39
+ expect(request).to be_valid
40
+ end
41
+
42
+ it 'returns true when a matching token has not been voided' do
43
+ allow(token).to receive(:voided_at).and_return(nil)
34
44
 
35
45
  expect(request).to be_valid
36
46
  end
37
47
 
38
48
  it 'returns false when no token is found' do
39
- allow(Visa::Token).to receive(:find_by_credentials).
40
- and_return(nil)
49
+ allow(Visa::Token).to receive(:find_by_credentials).and_return(nil)
50
+
51
+ expect(request).to_not be_valid
52
+ end
53
+
54
+ it 'returns false when an unused token is more than two weeks old' do
55
+ allow(token).to receive(:created_at).and_return(15.days.ago)
56
+
57
+ expect(request).to_not be_valid
58
+ end
59
+
60
+ it 'returns false when token has not been used in more than two weeks' do
61
+ allow(token).to receive(:last_requested_at).and_return(15.days.ago)
41
62
 
42
63
  expect(request).to_not be_valid
43
64
  end
44
65
 
45
- it 'returns false when a matching token is more than two weeks old' do
46
- allow(Visa::Token).to receive(:find_by_credentials).
47
- and_return(double('token', last_requested_at: 15.days.ago))
66
+ it 'returns false when token has been voided' do
67
+ allow(token).to receive(:voided_at).and_return(1.minute.ago)
48
68
 
49
69
  expect(request).to_not be_valid
50
70
  end
data/visa.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  # coding: utf-8
2
2
  Gem::Specification.new do |spec|
3
3
  spec.name = 'visa'
4
- spec.version = '0.0.1'
4
+ spec.version = '0.0.2'
5
5
  spec.authors = ['Pat Allan']
6
6
  spec.email = ['pat@freelancing-gods.com']
7
7
  spec.summary = %q{Multi-token authentication for Rails apps.}
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: visa
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ version: 0.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pat Allan
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-01-20 00:00:00.000000000 Z
11
+ date: 2015-01-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt
@@ -102,6 +102,7 @@ extensions: []
102
102
  extra_rdoc_files: []
103
103
  files:
104
104
  - ".gitignore"
105
+ - ".travis.yml"
105
106
  - Gemfile
106
107
  - LICENSE.txt
107
108
  - README.md
@@ -109,6 +110,7 @@ files:
109
110
  - app/models/visa/token.rb
110
111
  - config.ru
111
112
  - db/migrate/1_create_tokens.rb
113
+ - db/migrate/2_add_voided_at.rb
112
114
  - lib/visa.rb
113
115
  - lib/visa/engine.rb
114
116
  - lib/visa/request.rb