Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: modular
Commits on Aug 25, 2008
  1. Philip (flip) Kromer
Commits on Aug 21, 2008
  1. Philip (flip) Kromer

    generators named right

    mrflip authored
Commits on Aug 12, 2008
  1. Philip (flip) Kromer
  2. Philip (flip) Kromer

    pushing other generators' files back to github without inspection -- …

    mrflip authored
    …need to merge branches. look for these files to disappear laters
Commits on Jun 2, 2008
  1. Philip (flip) Kromer
  2. Philip (flip) Kromer
  3. Philip (flip) Kromer

    Added simple roles, simple automatic role assignment hook; minor fixes:

    mrflip authored
    * handle_login_error lives in sessions_controller, as it should
    * get_authorization takes :context => /anything extra/ (was spelled :extra)
    * security_components uses .camelize, not .classify (so that pluralization remains intact)
    * some notes on existing rails plugins, and on rule resolution / policy / authz
  4. Philip (flip) Kromer

    fixed a bug in logout -- it needs to retrieve the session login (if a…

    mrflip authored
    …ny) before calling logout_chain, or cookie is never cleared
Commits on May 31, 2008
  1. Philip (flip) Kromer

    Improvements to access_control.

    mrflip authored
    * added a new method become_logged_in_as, which logs in if it can but doesn't raise an error on failure (like save vs. save!).
    * Authentication.authorization_filter for use in a :before_filter -- constructs a demand_authorization! :for => current_user, :to => action, :on => self.class, :extras => params.
    * Beefed up access_control specs
    * Signup now calls become_logged_in_as (the non-failing login) instead of the awful conditional logic of before
  2. Philip (flip) Kromer

    moving generator lib up one level so all generators can share it. Als…

    mrflip authored
    …o stripped a couple puts'es
Commits on May 30, 2008
  1. Philip (flip) Kromer
  2. Philip (flip) Kromer

    Fixed oopsie in stories runner. Now all specs tests and stories run o…

    mrflip authored
    …ut of the box for fresh rails install
  3. Philip (flip) Kromer

    Large reorganization (v2.0b0) - User model and friends.

    mrflip authored
    * User model now mostly lives in Identity:: sub modules.  Cookie handling (controller & model) is all in authentication/by_cookie_token. Password handling (controller & model) is all in authentication/by_password. I know the MVC-pattern violation will make some squirm, but this code *should* be opaque to the model at large, and security code should be compartmentalized -- this is all properly controller code, even the parts within the model.
    
    * password and password_confirmation now have filter_parameter_logging by default.
    
    * User#authenticate is now spelled User#authenticate_by_password and now **only** checks the password.  User activation & other authorization is handled by the demand_authorization! chain -- specifically, by demand_authorization :for => user, :to => :login
    
    * Stateful Roles and Email Validation are no longer in this plugin, will get their own generator
    
    * Much stricter validation by default (from svn version): logins can only be /[\w\.\+@\-]+/, email has to look liken an email, password between 6, 40 long.
    
    * salt and remember_token now a tad more entropic (from svn version)
  4. Philip (flip) Kromer

    Large reorganization (v2.0b0) - users controller and friends.

    mrflip authored
    * controller much skinnier, by handing almost everything off to library code
    
    * Cookie handling (controller & model) is all in authentication/by_cookie_token. Password handling (controller & model) is all in authentication/by_password. I know the MVC-pattern violation will make some squirm, but this code *should* be opaque to the model at large, and security code should be compartmentalized -- this is all properly controller code, even the parts within the model.
    
    * Logic done with exception handling and not conditional branching.  routines 'Fail-closed' (aka Positive Authentication; see http://owasp.org/index.php/Guide_to_Authentication#Positive_Authentication) -- use exception handling to route authentication/access control violations, and commit no resources until all conditions pass (or rollback on failure). handle_signin_error shows one reasonable response chain.
    
    * password and password_confirmation now have filter_parameter_logging by default.
    
    * User#authenticate is now spelled User#authenticate_by_password and now **only** checks the password.  User activation & other authorization is handled by the demand_authorization! chain -- specifically, by demand_authorization :for => user, :to => :login
    
    * Stateful Roles and Email Validation are no longer in this plugin, will get their own generator
    
    * On a failed signup, strip out the password & confirmation before kick you back to the signin screen
  5. Philip (flip) Kromer

    Large reorganization (v2.0b0) - sessions controller and friends.

    mrflip authored
    * controller much skinnier, by handing almost everything off to library code.
    
    * Logic done with exception handling and not conditional branching. routines 'Fail-closed' (aka Positive Authentication; see http://owasp.org/index.php/Guide_to_Authentication#Positive_Authentication) -- use exception handling to route authentication/access control violations, and commit no resources until all conditions pass (or rollback on failure). handle_signin_error shows one reasonable response chain.
    
    * Cookie handling (controller & model) is all in authentication/by_cookie_token. Password handling (controller & model) is all in authentication/by_password. I know the MVC-pattern violation will make some squirm, but this code *should* be opaque to the model at large, and security code should be compartmentalized -- this is all properly controller code, even the parts within the model.
    
    * The logout routine calls a logout_chain for any resources that need to be destroyed on logout.  (Clearing the server&client cookie token, for example).
    
    * User#authenticate is now spelled User#authenticate_by_password and now **only** checks the password.  User activation & other authorization is handled by the demand_authorization! chain -- specifically, by demand_authorization :for => user, :to => :login
  6. Philip (flip) Kromer

    Large reorganization (v2.0b0) - authenticated_system => lib/authenti…

    mrflip authored
    …cation, lib/access_control, lib/security_policy
    
    * abstract implementation is divided among lib/authentication.rb and lib/access_control.rb, with concrete code (Authentication::ByPassword, AccessControl::LoginRequired, &c) in subdirectories.
    
    * logged_in?, current_user, current_user= are basically the same. current_user's passive login behaviour now happens through the try_login_chain.  Cookie_token & basic_auth hook in automagically when included, restoring the old behaviour.
    
    * A session login is 'passive' -- it's meant to mimic the presence of state, and implies no change in logged-in status.  All other login methods should call become_logged_in_as!, and should not set current_user= directly.  (The old version of restful_authentication will let a non-activated user log in by HTTP basic).
    
    * authorize? now has a bossy friend, demand_authorization! -- where authorize returns false, demand_authorization! raises an exception. Both now take a params hash of the form
        :for => subject, :to => action, :on => resource, :extra => whatever
      and hand it off to the #get_authorization stub.  get_authorization returns something that is_denial? (false or a SecurityError exception) to say 'deny', and any other true value to say 'allow'.
    
    * handle_signin_error shows one reasonable response chain for 'fail-closed' behavior.
    
    * access_denied is now named handle_access_denied as is automatically installed as a rescue_from handler.
    
    * Cookie handling (controller & model) is all in authentication/by_cookie_token.  Password handling (controller & model) is all in authentication/by_password. I know the MVC-pattern violation will make some squirm, but this code *should* be opaque to the model at large, and security code should be compartmentalized -- this is all properly controller code, even the parts within the model.
    
    * The logout routine calls a logout_chain for any resources that need to be destroyed on logout.  (Clearing the server&client cookie token, for example).
  7. Philip (flip) Kromer

    Large reorganization (v2.0b0) - stories: story steps now live in plug…

    mrflip authored
    …in space, not user space. Moved story_helpers into their own deal.
  8. Philip (flip) Kromer

    Large reorganization (v2.0b0) - tests: tests still work, but there's …

    mrflip authored
    …no reason to keep using them.
  9. Philip (flip) Kromer

    Large reorganization (v2.0b0) - views: views get their own directory …

    mrflip authored
    …in templates, new generator variables; otherwise not much changed.
  10. Philip (flip) Kromer

    Large reorganization (v2.0b0) - users helper and friends: helper meth…

    mrflip authored
    …ods for authorization, and for giving a 'hello,bob -or- login' bar
  11. Philip (flip) Kromer

    Large reorganization (v2.0b0) - stateful-roles and email-validation a…

    mrflip authored
    …re stripped out, will get their own plugin.
  12. Philip (flip) Kromer

    Large reorganization (v2.0b0) - code more modular, clean hooks for ex…

    mrflip authored
    …ternal components and ~100% spec coverage.
    
    The system has been split up to give a clear distinction between authentication (who are you?), authorization (is he allowed to just take the plutonium like that?), policy (note to staff: no one is allowed to take plutonium) and access control (step away from the reactor, bubba).
    
    The plugin now generates *much* less app-space code: the controllers are super skinny now, and if any security flaws are discovered it should be less painful to stay current.
    
    Out of the box, the plugin will stay the heck out of your way, implementing the popular "users can do stuff and no-one else can" security model.  But if your security needs extend beyond that, there are clear hooks for you to add security components that play nice with restful-authentication.  It should also be easy to *decouple* components such as login-by-password or remember-me-tokens if you don't want that.
    
    There is a robust rspec test suite with near-100% coverage, along with a framework for building RSpec stories.
    
    Finally, there have been several minor security fixes, largely centered around implementing best practices recommended in the "Open Web Application Security Project":http://www.owasp.org/index.php/Guide_Table_of_Contents and other references (see notes/ for more).
Commits on May 29, 2008
  1. Philip (flip) Kromer

    fixed the routing issues maybe?

    mrflip authored
    * model_controller_routing_path means nest/users
    * controller_routing_path means nest/session
    * model_controller_routing_name = users, (used for users_path etc and must be singularized for things like new_user_path)
    * controller_routing_name       = session (used for session_path, new_session_path, etc.)
    * controller_controller_name    = sessions, the name of the controller
    
    If any of this is wrong, at least is should hopefully be easier to resolve with the nice overly-prolix semantic generator names.
    
    I tried to make the names correct for nested resources.  However, the app explodes into horrible flames with anything like "generate Admin::User Session", and in fact with "generate users session".  I don\'t know when this broke, but I can't justify taking the time to fix it unless someone complains. Other than that, the specs and stories all pass for the three activation versions AFAICT.
Commits on May 28, 2008
  1. Merge branch 'master' of git://github.com/technoweenie/restful-authen…

    Sean O'Brien authored
    …tication
    
    Conflicts:
    
    	generators/authenticated/authenticated_generator.rb
  2. looks like it's plural routes

    Sean O'Brien authored
  3. fixed hardcoding of controller names (my bad)

    Sean O'Brien authored
Commits on May 27, 2008
Commits on May 26, 2008
  1. Changed singular session resource to plural to satisfy specs

    Jason T Johnson authored
  2. Philip (flip) Kromer
  3. Philip (flip) Kromer
  4. Merge branch 'generatorfixes'

    Jason T Johnson authored
  5. Merge branch 'readmefixes'

    Jason T Johnson authored
  6. A few more generator and README fixes

    Jason T Johnson authored
    * Plural controller name in named routes
    * Named routes in session controller spec instead of restful routes
Something went wrong with that request. Please try again.