warden 1.2.0 → 1.2.1

data/History.rdoc

@@ -1,3 +1,8 @@
+== Version 1.2.1 / 2012-06-16
+* Minor caching and speed improvements
+* Add support to #lock in the proxy
+* Add support to after_failed_fetch callback
+
 == Version 1.2.0 / 2012-05-08
 * Deprecate warden_cookies since it was never functional
 * Add support to serialize_from_session and serialize_into_session per scope

data/lib/warden/hooks.rb

@@ -117,6 +117,34 @@ module Warden
       @_before_failure ||= []
     end
 
+    # A callback that runs if no user could be fetched, meaning there is now no user logged in.
+    #
+    # Parameters:
+    # <options> Some options which specify when the callback should be executed
+    #   scope  - Executes the callback only if it maches the scope(s) given
+    # <block> A block to contain logic for the callback
+    #   Block Parameters: |user, auth, scope|
+    #     user - The authenticated user for the current scope
+    #     auth - The warden proxy object
+    #     opts - any options passed into the authenticate call including :scope
+    #
+    # Example:
+    #   Warden::Manager.after_failed_fetch do |user, auth, opts|
+    #     I18n.locale = :en
+    #   end
+    #
+    # :api: public
+    def after_failed_fetch(options = {}, method = :push, &block)
+      raise BlockNotGiven unless block_given?
+      _after_failed_fetch.send(method, [block, options])
+    end
+
+    # Provides access to the callback array for after_failed_fetch
+    # :api: private
+    def _after_failed_fetch
+      @_after_failed_fetch ||= []
+    end
+
     # A callback that runs just prior to the logout of each scope.
     #
     # Parameters:

data/lib/warden/proxy.rb

@@ -25,7 +25,7 @@ module Warden
     def_delegators :config, :default_strategies
 
     def initialize(env, manager) #:nodoc:
-      @env, @users, @winning_strategies = env, {}, {}
+      @env, @users, @winning_strategies, @locked = env, {}, {}, false
       @manager, @config = manager, manager.config.dup
       @strategies = Hash.new { |h,k| h[k] = {} }
       manager._run_callbacks(:on_request, self)
@@ -45,9 +45,13 @@ module Warden
       @session_serializer ||= Warden::SessionSerializer.new(@env)
     end
 
-    # Clear the cache of performed strategies so far. It has the same API
-    # as authenticate, allowing you to clear an specific strategies for
-    # given scope:
+    # Clear the cache of performed strategies so far. Warden runs each
+    # strategy just once during the request lifecycle. You can clear the
+    # strategies cache if you want to allow a strategy to be run more than
+    # once.
+    #
+    # This method has the same API as authenticate, allowing you to clear
+    # specific strategies for given scope:
     #
     # Parameters:
     #   args - a list of symbols (labels) that name the strategies to attempt
@@ -73,6 +77,16 @@ module Warden
       end
     end
 
+    # Locks the proxy so new users cannot authenticate during the
+    # request lifecycle. This is useful when the request cannot
+    # be verified (for example, using a CSRF verification token).
+    # Notice that already authenticated users are kept as so.
+    #
+    # :api: public
+    def lock!
+      @locked = true
+    end
+
     # Run the authentiation strategies for the given strategies.
     # If there is already a user logged in for a given scope, the strategies are not run
     # This does not halt the flow of control and is a passive attempt to authenticate only
@@ -93,8 +107,8 @@ module Warden
 
     # Same API as authenticated, but returns a boolean instead of a user.
     # The difference between this method (authenticate?) and authenticated?
-    # is that the former will run strategies if the user has not yet been authenticated,
-    # and the second relies on already performed ones.
+    # is that the former will run strategies if the user has not yet been
+    # authenticated, and the second relies on already performed ones.
     # :api: public
     def authenticate?(*args)
       result = !!authenticate(*args)
@@ -192,10 +206,15 @@ module Warden
       opts  = argument.is_a?(Hash) ? argument : { :scope => argument }
       scope = (opts[:scope] ||= @config.default_scope)
 
-      @users[scope] ||= begin
-        user = session_serializer.fetch(scope)
-        opts[:event] = :fetch
-        set_user(user, opts) if user
+      if @users.has_key?(scope)
+        @users[scope]
+      else
+        unless user = session_serializer.fetch(scope)
+          run_callbacks = opts.fetch(:run_callbacks, true)
+          manager._run_callbacks(:after_failed_fetch, user, self, :scope => scope) if run_callbacks
+        end
+
+        @users[scope] = user ? set_user(user, opts.merge(:event => :fetch)) : nil
       end
     end
 
@@ -296,7 +315,7 @@ module Warden
 
       # Look for an existing user in the session for this scope.
       # If there was no user in the session. See if we can get one from the request.
-      return user, opts if user = user(scope)
+      return user, opts if user = user(opts.merge(:scope => scope))
       _run_strategies_for(scope, args)
 
       if winning_strategy && winning_strategy.user
@@ -319,6 +338,9 @@ module Warden
       self.winning_strategy = @winning_strategies[scope]
       return if winning_strategy && winning_strategy.halted?
 
+      # Do not run any strategy if locked
+      return if @locked
+
       if args.empty?
         defaults   = @config[:default_strategies]
         strategies = defaults[scope] || defaults[:_all]

data/lib/warden/version.rb

@@ -1,4 +1,4 @@
 # encoding: utf-8
 module Warden
-  VERSION = "1.2.0".freeze
+  VERSION = "1.2.1".freeze
 end

data/spec/spec_helper.rb

@@ -14,6 +14,7 @@ end
 
 RSpec.configure do |config|
   config.include(Warden::Spec::Helpers)
+  config.include(Warden::Test::Helpers)
 
   def load_strategies
     Dir[File.join(File.dirname(__FILE__), "helpers", "strategies", "**/*.rb")].each do |f|

data/spec/warden/hooks_spec.rb

@@ -177,7 +177,35 @@ describe "standard authentication hooks" do
         env['warden.spec.order'].should == [1,2,3]
       end
     end
+  end
+
+
+  describe "after_failed_fetch" do
+    before(:each) do
+      RAM = Warden::Manager unless defined?(RAM)
+      RAM._after_failed_fetch.clear
+    end
 
+    after(:each) do
+      RAM._after_failed_fetch.clear
+    end
+
+    it "should not be called when user is fetched" do
+      RAM.after_failed_fetch{|u,a,o| fail }
+      env = env_with_params
+      setup_rack(lambda { |e| valid_response }).call(env)
+      env['rack.session']['warden.user.default.key'] = "Foo"
+      env['warden'].user.should == "Foo"
+    end
+
+    it "should be called if fetched user is nil" do
+      calls = 0
+      RAM.after_failed_fetch{|u,a,o| calls += 1 }
+      env = env_with_params
+      setup_rack(lambda { |e| valid_response }).call(env)
+      env['warden'].user.should be_nil
+      calls.should == 1
+    end
   end
 
   describe "before_failure" do

data/spec/warden/proxy_spec.rb

@@ -377,7 +377,7 @@ describe Warden::Proxy do
 
     it "should run the callbacks when :run_callbacks is true" do
       app = lambda do |env|
-        env['warden'].manager.should_receive(:_run_callbacks)
+        env['warden'].manager.should_receive(:_run_callbacks).at_least(:once)
         env['warden'].authenticate(:pass)
         valid_response
       end
@@ -386,7 +386,7 @@ describe Warden::Proxy do
 
     it "should run the callbacks by default" do
       app = lambda do |env|
-        env['warden'].manager.should_receive(:_run_callbacks)
+        env['warden'].manager.should_receive(:_run_callbacks).at_least(:once)
         env['warden'].authenticate(:pass)
         valid_response
       end
@@ -394,6 +394,26 @@ describe Warden::Proxy do
     end    
   end
 
+  describe "lock" do
+    it "should not run any strategy" do
+      app = lambda do |env|
+        env['warden'].lock!
+        env['warden'].authenticate(:pass)
+        env['warden'].user.should be_nil
+        valid_response
+      end
+    end
+
+    it "should keep already authenticated users" do
+      app = lambda do |env|
+        env['warden'].authenticate(:pass)
+        env['warden'].lock!
+        env['warden'].user.should be
+        valid_response
+      end
+    end
+  end
+
   describe "get user" do
     before(:each) do
       @env['rack.session'] ||= {}
@@ -417,6 +437,16 @@ describe Warden::Proxy do
       setup_rack(app).call(@env)
     end
 
+    it "should cache unfound user" do
+      Warden::SessionSerializer.any_instance.should_receive(:fetch).once
+      app = lambda do |env|
+        env['warden'].user.should be_nil
+        env['warden'].user.should be_nil
+        valid_response
+      end
+      setup_rack(app).call(@env)
+    end
+
     describe "previously logged in" do
       before(:each) do
         @env['rack.session']['warden.user.default.key'] = "A Previous User"
@@ -431,6 +461,16 @@ describe Warden::Proxy do
         setup_rack(app).call(@env)
       end
 
+      it "should cache found user" do
+        Warden::SessionSerializer.any_instance.should_receive(:fetch).once.and_return "A Previous User"
+        app = lambda do |env|
+          env['warden'].user.should == "A Previous User"
+          env['warden'].user.should == "A Previous User"
+          valid_response
+        end
+        setup_rack(app).call(@env)
+      end
+
       it "should not run strategies when the user exists in the session" do
         app = lambda do |env|
           env['warden'].authenticate!(:pass)
@@ -452,7 +492,7 @@ describe Warden::Proxy do
 
         it "should call run_callbacks when we pass a :run_callback => true" do
           app = lambda do |env|
-            env['warden'].manager.should_receive(:_run_callbacks)
+            env['warden'].manager.should_receive(:_run_callbacks).at_least(:once)
             env['warden'].user(:run_callbacks => true)
             valid_response
           end
@@ -461,7 +501,7 @@ describe Warden::Proxy do
 
         it "should call run_callbacks by default" do
           app = lambda do |env|
-            env['warden'].manager.should_receive(:_run_callbacks)
+            env['warden'].manager.should_receive(:_run_callbacks).at_least(:once)
             env['warden'].user
             valid_response
           end

data/spec/warden/test/helpers_spec.rb

@@ -2,8 +2,6 @@
 require 'spec_helper'
 
 describe Warden::Test::Helpers do
-  include Warden::Test::Helpers
-
   before{ $captures = [] }
   after{ Warden.test_reset! }
 

data/warden.gemspec

@@ -6,7 +6,6 @@ Gem::Specification.new do |s|
   s.name = %q{warden}
   s.version = Warden::VERSION.dup
   s.authors = ["Daniel Neighman"]
-  s.date = %q{2011-07-27}
   s.email = %q{has.sox@gmail.com}
   s.extra_rdoc_files = [
     "LICENSE",

metadata

@@ -1,35 +1,48 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: warden
-version: !ruby/object:Gem::Version
-  version: 1.2.0
+version: !ruby/object:Gem::Version 
+  hash: 29
   prerelease: 
+  segments: 
+  - 1
+  - 2
+  - 1
+  version: 1.2.1
 platform: ruby
-authors:
+authors: 
 - Daniel Neighman
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-07-27 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+
+date: 2012-06-16 00:00:00 +02:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
   name: rack
-  requirement: &2156244180 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '1.0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 15
+        segments: 
+        - 1
+        - 0
+        version: "1.0"
   type: :runtime
-  prerelease: false
-  version_requirements: *2156244180
+  version_requirements: *id001
 description: 
 email: has.sox@gmail.com
 executables: []
+
 extensions: []
-extra_rdoc_files:
+
+extra_rdoc_files: 
 - LICENSE
 - README.textile
-files:
+files: 
 - Gemfile
 - History.rdoc
 - lib/warden/config.rb
@@ -69,30 +82,39 @@ files:
 - spec/warden/test/helpers_spec.rb
 - spec/warden/test/test_mode_spec.rb
 - warden.gemspec
+has_rdoc: true
 homepage: http://github.com/hassox/warden
 licenses: []
+
 post_install_message: 
-rdoc_options:
+rdoc_options: 
 - --charset=UTF-8
-require_paths:
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
 requirements: []
+
 rubyforge_project: warden
-rubygems_version: 1.8.15
+rubygems_version: 1.5.3
 signing_key: 
 specification_version: 3
 summary: Rack middleware that provides authentication for rack applications
 test_files: []
-has_rdoc: 
+