wor-authentication 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e28959f4b22ee0d7e9e845be60500c49ce91d631
-  data.tar.gz: 38a0c50a898809ed6d3f5ce05a880316908748ca
+  metadata.gz: 787ae1d673913fc47b4ab942d4fca187c13a0e33
+  data.tar.gz: c4d4697f041f984c6fc37e3f36f7cbca3c10e1c2
 SHA512:
-  metadata.gz: 231e7a6cede8153f8b09873200364b7a70daf04a1e9a96e93e6639c0bfb3c46a0bad32b865f69952a57ac028e6420ea1efdcf5a2490bd0fa1ecec05b1f67e2e9
-  data.tar.gz: 88141b32c3f2eac550785a86ade9e7a0d10bb20a3404e994e2572288b07eae450e4ce01709c882dfb25f29aa67f53cbeae9732489cc78207d406f53724192c70
+  metadata.gz: 6f52f09a7d4068a8bab032f5d6705d785be43afc08aafa5e5eb7ef90c35e779c487448e69940b54ec7bb34ac543987eecbeb7af7639eef85597443af73617dac
+  data.tar.gz: 8b87dddd1e8cb02d02e86e5eb32194f0c9123a72b9bfeac00cc2e250579a7326e592825559f4462e3c8372d5590209d136d32be9af815318731f87d643c064af

data/.rubocop.yml

@@ -1,6 +1,7 @@
 AllCops:
   Exclude:
-    - wor-requests.gemspec
+    - wor-authentication.gemspec
+    - spec/**/*
 
 Documentation:
   Enabled: false

data/.travis.yml

@@ -1,8 +1,6 @@
 language: ruby
 rvm:
-  - 2.0
-  - 2.1
-  - 2.2
+  - 2.2.2
   - 2.3.3
   - 2.4.0
 
@@ -11,9 +9,6 @@ install:
   - bundle install --retry=3
 
 script:
-  - bundle exec rspec
   - bundle exec rubocop -R --format simple
-
-addons:
-    code_climate:
-        repo_token:
+  - bundle exec rspec
+  - bundle exec codeclimate-test-reporter

data/CHANGELOG.md

@@ -0,0 +1,23 @@
+
+## Change log
+
+### [0.2.0]
+
+#### Added
+
+- Initializer with its generator.
+- Specs for initializer and generator.
+
+#### Changed
+
+- Instead of overriding methods, it is now possible to configure `expiration_days` and `maximum_useful_days` with the initializer.
+
+#### Removed
+
+- Removed restriction for authentication parameters.
+
+### [0.1.0]
+
+#### Added
+
+- `wor-authentication` gem first release.

data/LICENSE.md

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017 Alejandro Bezdjian, aka alebian
+Copyright (c) 2017 Wolox
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -1,8 +1,9 @@
 # Wolox on Rails - Authentication
+[![Gem Version](https://badge.fury.io/rb/wor-authentication.svg)](https://badge.fury.io/rb/wor-authentication)
+[![Dependency Status](https://gemnasium.com/badges/github.com/Wolox/wor-authentication.svg)](https://gemnasium.com/github.com/Wolox/wor-authentication)
 [![Build Status](https://travis-ci.org/Wolox/wor-authentication.svg)](https://travis-ci.org/Wolox/wor-authentication)
 [![Code Climate](https://codeclimate.com/github/Wolox/wor-authentication/badges/gpa.svg)](https://codeclimate.com/github/Wolox/wor-authentication)
 [![Test Coverage](https://codeclimate.com/github/Wolox/wor-authentication/badges/coverage.svg)](https://codeclimate.com/github/Wolox/wor-authentication/coverage)
-[![Issue Count](https://codeclimate.com/github/Wolox/wor-authentication/badges/issue_count.svg)](https://codeclimate.com/github/Wolox/wor-authentication)
 
 Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens!
 
@@ -53,75 +54,72 @@ end
 ```
 > Note that our controller extends from ApplicationController.
 
-### <a name='custom-validations'> User tracking and custom validations
+### <a name='custom-validations'> Entity tracking and custom validations
 
 #### Validations before giving out a token? Override `authenticate_entity`:
 
 ```ruby
-# authentication_controller.rb
+# application_controller.rb
 def authenticate_entity(params)
-  user ||= User.find_by(email: params[:email])
-  return nil unless user.present? && user.valid_password?(params[:password])
+  entity = Entity.find_by(some_unique_id: params[:some_unique_id])
+  return nil unless entity.present? && entity.valid_password?(params[:password])
+  entity
 end
 ```
 > Returning no value or false won't create the authentication token.
 
-#### Keeping track of users? Override: `entity_payload`:
+#### Keeping track of entities? Override: `entity_payload`:
 
 ```ruby
-# authentication_controller.rb
-ENTITY_KEY = :user_id
+# application_controller.rb
+ENTITY_KEY = :entity_id
 
-def entity_payload(user)
-  { ENTITY_KEY => user.id }
+def entity_payload(entity)
+  { ENTITY_KEY => entity.id }
 end
 
 def find_authenticable_entity(entity_payload_returned_object)
-  User.find_by(id: entity_payload_returned_object.fetch(ENTITY_KEY))
+  Entity.find_by(id: entity_payload_returned_object.fetch(ENTITY_KEY))
 end
 ```
 
 #### Validations in every request? Override `entity_custom_validation_value` to get it verified as the following:
 
 ```ruby
-# authentication_controller.rb
-def entity_custom_validation_value(user)
-   user.some_value_that_shouldnt_change
+# application_controller.rb
+def entity_custom_validation_value(entity)
+   entity.some_value_that_shouldnt_change
 end
 ```
 This method will be called before creating the token and in every request to compare if the returned values are the same. If values mismatch, the token won't be valid anymore. If values are the same, expiration validations will be checked.
 > If it is desired to update this value when renewing the token, override: `entity_custom_validation_renew_value`.
 
-#### Invalidating all tokens for a user? Override `entity_custom_validation_invalidate_all_value` as the following:
+#### Invalidating all tokens for an entity? Override `entity_custom_validation_invalidate_all_value` as the following:
 
 ```ruby
-# authentication_controller.rb
-def entity_custom_validation_invalidate_all_value(user)
-   user.some_value_that_shouldnt_change = 'some-new-value'
-   user.save
+# application_controller.rb
+def entity_custom_validation_invalidate_all_value(entity)
+   entity.some_value_that_shouldnt_change = 'some-new-value'
+   entity.save
 end
 ```
-This method is the one executed when we want to invalidate sessions for the authenticated user. An option to achieve that can be to override the value that will be then compared in every request with `entity_custom_validation_value` method, so that initial stored value mismatch with the new different value.
+This method is the one executed when we want to invalidate sessions for the authenticated entity. An option to achieve that can be to override the value that will be then compared in every request with `entity_custom_validation_value` method, so that initial stored value mismatch with the new different value.
 > This works only if `entity_custom_validation_value` has been overridden.
 
 
 ### Some other useful configurations
 
-#### Want to modify tokens ttl? Override `new_token_expiration_date` as the following:
+#### Want to modify tokens TTL or maximum useful days? Set an initializer:
 
 ```ruby
-def new_token_expiration_date
-  (Time.zone.now + 2.days).to_i
+# config/initializers/wor_authentication.rb
+Wor::Authentication.configure do |config|
+  config.expiration_days = 5
+  config.maximum_useful_days = 20
 end
 ```
 
-#### Want to modify tokens maximum useful day? Override `token_maximum_useful_date` as the following:
-
-```ruby
-def token_maximum_useful_date
-  (Time.zone.now + 30.days).to_i
-end
-```
+Or, even easier, run `rails generate wor:authentication:install` in your root folder.
 
 ## Contributing
 
@@ -142,7 +140,7 @@ This project is maintained by [Alejandro Bezdjian](https://github.com/alebian) a
 
 **wor-authentication** is available under the MIT [license](https://raw.githubusercontent.com/Wolox/wor-authentication/master/LICENSE.md).
 
-    Copyright (c) 2017 Alejandro Bezdjian (aka alebian), Michel Agopian (aka mishuagopian)
+    Copyright (c) 2017 Wolox
 
     Permission is hereby granted, free of charge, to any person obtaining a copy
     of this software and associated documentation files (the "Software"), to deal

data/Rakefile

@@ -1,6 +1,6 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task default: :spec

data/lib/generators/templates/wor_authentication.rb

@@ -0,0 +1,4 @@
+Wor::Authentication.configure do |config|
+  config.expiration_days = 2
+  config.maximum_useful_days = 30
+end

data/lib/generators/wor/authentication/install_generator.rb

@@ -0,0 +1,14 @@
+module Wor
+  module Authentication
+    module Generators
+      class InstallGenerator < Rails::Generators::Base
+        source_root File.expand_path('../../../templates', __FILE__)
+        desc 'Creates wor_authentication initializer for your application'
+
+        def copy_initializer
+          template 'wor_authentication.rb', 'config/initializers/wor_authentication.rb'
+        end
+      end
+    end
+  end
+end

data/lib/wor/authentication.rb

@@ -7,6 +7,39 @@ require_relative 'authentication/version'
 
 module Wor
   module Authentication
-    # Your code goes here...
+    @config = {
+      expiration_days: 2,
+      maximum_useful_days: 30
+    }
+
+    def self.configure
+      yield self
+    end
+
+    def self.expiration_days=(expiration_days)
+      unless expiration_days.is_a? Integer
+        raise Wor::Authentication::Exceptions::InvalidExpirationDaysError
+      end
+      @config[:expiration_days] = expiration_days
+    end
+
+    def self.maximum_useful_days=(maximum_useful_days)
+      unless maximum_useful_days.is_a? Integer
+        raise Wor::Authentication::Exceptions::InvalidMaximumUsefulDaysError
+      end
+      @config[:maximum_useful_days] = maximum_useful_days
+    end
+
+    def self.config
+      @config
+    end
+
+    def self.expiration_days
+      @config[:expiration_days]
+    end
+
+    def self.maximum_useful_days
+      @config[:maximum_useful_days]
+    end
   end
 end

data/lib/wor/authentication/controller.rb

@@ -3,14 +3,25 @@ require 'devise'
 module Wor
   module Authentication
     module Controller
-
       def authenticate_request
         entity = find_authenticable_entity(decoded_token)
         decoded_token.validate!(entity_custom_validation_value(entity))
       end
 
       def decoded_token
-        @decoded_token ||= Wor::Authentication::TokenManager.new(token_key).decode(authentication_token)
+        @decoded_token ||= Wor::Authentication::TokenManager.new(
+          token_key
+        ).decode(authentication_token)
+      end
+
+      def new_token_expiration_date
+        expiration_days = Wor::Authentication.expiration_days
+        (Time.zone.now + expiration_days.days).to_i
+      end
+
+      def token_maximum_useful_date
+        maximum_useful_days = Wor::Authentication.maximum_useful_days
+        (Time.zone.now + maximum_useful_days.days).to_i
       end
 
       ##
@@ -21,19 +32,11 @@ module Wor
         Devise.friendly_token(32)
       end
 
-      def new_token_expiration_date
-        (Time.zone.now + 2.days).to_i
-      end
-
-      def token_maximum_useful_date
-        (Time.zone.now + 30.days).to_i
-      end
-
       def authentication_token
         request.headers['Authorization'].split(' ').last
       end
 
-      def entity_custom_validation_value(entity)
+      def entity_custom_validation_value(_entity)
         nil
       end
 
@@ -41,20 +44,29 @@ module Wor
         entity_custom_validation_value(entity)
       end
 
-      def entity_custom_validation_invalidate_all_value(entity)
+      def entity_custom_validation_invalidate_all_value(_entity)
         nil
       end
 
-      # Explain in README
       def token_key
         raise Wor::Authentication::Exceptions::SubclassMustImplementError unless defined?(Rails)
-        raise Wor::Authentication::Exceptions::NoKeyProvidedError unless Rails.application.secrets.secret_key_base.present?
+        if Rails.application.secrets.secret_key_base.blank?
+          raise Wor::Authentication::Exceptions::NoKeyProvidedError
+        end
         Rails.application.secrets.secret_key_base
       end
 
-      def authenticate_entity(params) {} end
-      def find_authenticable_entity(decoded_token) {} end
-      def entity_payload(entity) {} end
+      def authenticate_entity(_params)
+        {}
+      end
+
+      def find_authenticable_entity(_decoded_token)
+        {}
+      end
+
+      def entity_payload(_entity)
+        {}
+      end
     end
   end
 end

data/lib/wor/authentication/decoded_token.rb

@@ -8,7 +8,9 @@ module Wor
       end
 
       def validate!(entity_custom_validation = nil)
-        raise Wor::Authentication::Exceptions::EntityCustomValidationError unless valid_entity_custom_validation?(entity_custom_validation)
+        unless valid_entity_custom_validation?(entity_custom_validation)
+          raise Wor::Authentication::Exceptions::EntityCustomValidationError
+        end
         raise Wor::Authentication::Exceptions::NotRenewableTokenError unless able_to_renew?
         raise Wor::Authentication::Exceptions::ExpiredTokenError if expired?
       end
@@ -20,13 +22,13 @@ module Wor
       end
 
       def expired?
-        return false unless fetch(:expiration_date).present?
+        return false if fetch(:expiration_date).blank?
         # TODO: Use a ruby standard library for time
         Time.zone.now.to_i > fetch(:expiration_date)
       end
 
       def able_to_renew?
-        return false unless fetch(:maximum_useful_date).present?
+        return false if fetch(:maximum_useful_date).blank?
         # TODO: Use a ruby standard library for time
         Time.zone.now.to_i < fetch(:maximum_useful_date)
       end
@@ -39,7 +41,7 @@ module Wor
       private
 
       def valid_entity_custom_validation?(entity_custom_validation)
-        return true unless fetch(:entity_custom_validation).present?
+        return true if fetch(:entity_custom_validation).blank?
         entity_custom_validation == fetch(:entity_custom_validation)
       end
     end

data/lib/wor/authentication/exceptions.rb

@@ -1,11 +1,13 @@
 module Wor
   module Authentication
     module Exceptions
-      class SubclassMustImplementError < StandardError ; end
-      class NoKeyProvidedError < StandardError ; end
-      class ExpiredTokenError < StandardError ; end
-      class NotRenewableTokenError < StandardError ; end
-      class EntityCustomValidationError < StandardError ; end
+      class InvalidExpirationDaysError < StandardError; end
+      class InvalidMaximumUsefulDaysError < StandardError; end
+      class SubclassMustImplementError < StandardError; end
+      class NoKeyProvidedError < StandardError; end
+      class ExpiredTokenError < StandardError; end
+      class NotRenewableTokenError < StandardError; end
+      class EntityCustomValidationError < StandardError; end
     end
   end
 end

data/lib/wor/authentication/sessions_controller.rb

@@ -1,7 +1,6 @@
 module Wor
   module Authentication
     module SessionsController
-
       def create
         entity = authenticate_entity(authenticate_params)
         if entity
@@ -37,7 +36,7 @@ module Wor
           maximum_useful_date: token_maximum_useful_date,
           renew_id: renew_id
         )
-        { token: Wor::Authentication::TokenManager.new(token_key).encode(payload), renew_id: renew_id }
+        access_token_object(token_key, payload, renew_id)
       end
 
       def renew_access_token(entity)
@@ -49,19 +48,25 @@ module Wor
 
       private
 
+      def access_token_object(token_key, payload, renew_id)
+        {
+          token: Wor::Authentication::TokenManager.new(token_key).encode(payload),
+          renew_id: renew_id
+        }
+      end
+
       def current_entity
-        current_entity ||= find_authenticable_entity(decoded_token)
+        @current_entity ||= find_authenticable_entity(decoded_token)
       end
 
       def render_error(error_message, status)
         render json: { error: error_message }, status: status
       end
 
-      # I'm pretty sure this should be set by gems users and not us
       def authenticate_params
-        params.require(:session).permit(:email, :password)
+        params.require(:session)
       end
-      # I'm pretty sure this should be set by gems users and not us
+
       def renew_token_params
         params.require(:session).permit(:renew_id)
       end

data/lib/wor/authentication/version.rb

@@ -1,5 +1,5 @@
 module Wor
   module Authentication
-    VERSION = '0.1.0'.freeze
+    VERSION = '0.2.0'.freeze
   end
 end

data/wor-authentication.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ['alebian', 'mishuagopian']
   spec.email         = ['alejandro.bezdjian@wolox.com.ar', 'michel.agopian@wolox.com.ar']
 
-  spec.summary       = 'Gem to add authentication to your application.'
+  spec.summary       = 'Easily add authentication to your application!.'
   spec.description   = 'Gem to add authentication to your application using JWT, with expirable, renewable and customizable tokens.'
   spec.homepage      = 'https://github.com/Wolox/wor-authentication'
   spec.license       = 'MIT'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: wor-authentication
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - alebian
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-04-21 00:00:00.000000000 Z
+date: 2017-05-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -239,10 +239,13 @@ files:
 - ".gitignore"
 - ".rubocop.yml"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.md
 - README.md
 - Rakefile
+- lib/generators/templates/wor_authentication.rb
+- lib/generators/wor/authentication/install_generator.rb
 - lib/wor/authentication.rb
 - lib/wor/authentication/controller.rb
 - lib/wor/authentication/decoded_token.rb
@@ -271,8 +274,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.7
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
-summary: Gem to add authentication to your application.
+summary: Easily add authentication to your application!.
 test_files: []