wordjelly-auth 1.5.2 → 1.5.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7a1e6306f00703dc564bdd7b3d677c814d7a85c4f3fe3aa905b05d6d8cd9e591
-  data.tar.gz: c94b1bae40c2694a3b9b2b2d4acdef709a7479a37726bd7e10531819573ffc3d
+  metadata.gz: f71e0dcebda1f38fdaab81b8f16b2336be897de9d09c544d11177b563ef3e86f
+  data.tar.gz: 7bd8cd9bbfe27efc9d4da172b1a45e0e5d0966e76d9dc45d88a300b31a7992a4
 SHA512:
-  metadata.gz: a20525f63400e60abbc65f48362dd54808e4d1e709f31a9a3e97b6c462d327aaec4d82d9acd5637e158c6b0e8667bccecea89918736bfd875704bdc7d0af7961
-  data.tar.gz: e2b104327ea59b20f8b0f1d85d732c50796991e1bda7a34d8e00b32e409da5a6a4cdecf3736ca8a3a81d24fea9de3272796ffbe7bf07894c982787ad78d2a10a
+  metadata.gz: 97d49ac10bc8898169880557974f72481ae117043e3d09bf5b2087dc1534676f44fc342fa91f3bdc1723f04d2cb8b7aa25d931f87d4c32aa255420c1ae293856
+  data.tar.gz: acaa921dbd21a004f863c6c51fd24e95bf457cef6342d56c6086bbf6d1215c7252259e17ae9a0fd12e241e5dd19fb4acd0ffde935a16f6193a5e297cc8621784

data/config/initializers/omniauth.rb

@@ -385,14 +385,80 @@ end
 
 module SimpleTokenAuthentication
 	module Configuration
+
 		mattr_accessor :additional_identifiers
+		
+=begin
+	########################################################
+	##
+	##
+	## STRUCTURE
+	##
+	##
+	########################################################
+	{
+	"controllers" : 
+		{
+			"controller_name(demodularized)" : {
+				"actions" : [
+					{
+						"action_name" : "new",
+						"requires_authentication" : "yes",
+						"requires_authorization" : "no"
+					},
+				]
+			}
+		}
+	}
+=end
+		mattr_accessor :permissions
+		
 		@@additional_identifiers = {}
+		@@permissions = {}
+
 	end
 
 	## had to include option force true because otherwise devise does not throw a 401 if you try to do token_authentication inside a devise controller.
 	## took 3 hours to sort this mess out.
 	DeviseFallbackHandler.class_eval do 
 
+		def permit_unauthenticated?(controller)
+			unless SimpleTokenAuthentication.permissions.blank?
+				unless SimpleTokenAuthentication.permissions["controllers"].blank?
+					unless SimpleTokenAuthentication.permissions["controllers"][controller.controller_name].blank?
+						unless SimpleTokenAuthentication.permissions["controllers"][controller.controller_name]["actions"].blank?
+
+							current_action = SimpleTokenAuthentication.permissions["controllers"][controller.controller_name]["actions"].select{|c|
+
+								c["action_name"] == controller.action_name
+
+							}				
+
+							puts "the current action is:"
+							puts current_action.to_s
+
+							unless current_action.blank?
+
+								## so if requires authentication is either "optional" or "no", it will not fallback onto devise, and let the thing pass through.
+								## this has to be set in the initializers.
+
+								return current_action[0]["requires_authentication"] != "yes"
+									
+							end	
+
+						end
+					end
+				end
+			end	
+			false
+		end
+
+		def fallback!(controller, entity)
+		  unless permit_unauthenticated?(controller)
+	      	authenticate_entity!(controller, entity)
+	  	  end
+	    end
+
 		def authenticate_entity!(controller, entity)
 	      controller.send("authenticate_#{entity.name_underscore}!".to_sym,{:force => true})
 	    end
@@ -432,7 +498,11 @@ module SimpleTokenAuthentication
 	   	## so we will have to mod this to check for an accessor.
 	   	## otherwise it will screw up totally.
 	    def ensure_authentication_token
+	      
+	      puts "the skip authentication token is: #{self.skip_authentication_token_regeneration}"
+
 	      regenerate_token if self.skip_authentication_token_regeneration.blank?
+	    
 	    end
 	end
 
@@ -468,6 +538,7 @@ module SimpleTokenAuthentication
 		  ##then we should find
 		  
 	      record = find_record_from_identifier(entity)
+	      #puts "-------------!!!-----------!!!!"
 	      #puts "record found is: #{record.to_s}"
 	      
 	      if token_correct?(record, entity, token_comparator)
@@ -502,7 +573,7 @@ module SimpleTokenAuthentication
 		    if token
 		    	
 		    	## fails if the app id or user es is nil blank or empty
-		    	#puts "returning nil"
+		    	
 		    	#puts "app id vlue is:"
 		    	#puts app_id_value.to_s
 		    	#puts "user es value is:"
@@ -533,7 +604,7 @@ module SimpleTokenAuthentication
 		    	
 		    	if records.size > 0
 		    		#puts "the records size is:" 
-		    		##puts records.size.to_s
+		    		#puts records.size.to_s
 		    		#puts "found such a record.!!!!!!!!!!!!"
 		    		r = records.first
 		    		#puts r.attributes.to_s
@@ -546,8 +617,14 @@ module SimpleTokenAuthentication
 	    end
 
 		def token_correct?(record, entity, token_comparator)
+			#puts "record is----------------------------000-0-0-0-0-0-0-0-0-:"
+			#puts record.to_s
 			return false unless record
 			token = entity.get_token_from_params_or_headers(self)
+			#puts "token from headers is: #{token}"
+			#puts "the encrypted authentication token:"
+			#puts record.encrypted_authentication_token.to_s
+
 			Devise::Encryptor.compare(record.class,record.encrypted_authentication_token,token)
     	end
 	end

data/lib/auth/version.rb

@@ -1,3 +1,3 @@
 module Auth
-  VERSION = "1.5.2"
+  VERSION = "1.5.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: wordjelly-auth
 version: !ruby/object:Gem::Version
-  version: 1.5.2
+  version: 1.5.3
 platform: ruby
 authors:
 - bhargav
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-15 00:00:00.000000000 Z
+date: 2019-06-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk