Class: Authenticate::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/authenticate/configuration.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeConfiguration

Returns a new instance of Configuration.



165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
 
# File 'lib/authenticate/configuration.rb', line 165

def initialize
  # Defaults
  @debug = false
  @cookie_name = 'authenticate_session_token'
  @cookie_expiration =  -> { 1.year.from_now.utc }
  @cookie_domain = nil
  @cookie_path = '/'
  @secure_cookie = false
  @cookie_http_only = false
  @mailer_sender = '[email protected]'
  @redirect_url = '/'
   = true
  @routes = true
  @reset_password_within = 2.days
  @modules = []
  @user_model = '::User'
  @authentication_strategy = :email
  @password_length = 8..128
end

Instance Attribute Details

#allow_sign_upBoolean

Controls whether the “sign up” route, allowing creation of users, is enabled. Defaults to ‘true`. Set to `false` to disable user creation routes. The setting is ignored if routes are disabled.

Parameters:

  • value (Boolean)

Returns:

  • (Boolean) 


138
139
140
 
# File 'lib/authenticate/configuration.rb', line 138

def 
  
end

#authentication_strategySymbol or Class

Strategy for authentication.

Available strategies:

:email - requires user have attribute :email
:username - requires user have attribute :username

Defaults to :email. To set to :username:

Configuration.configure do |config|
  config.authentication_strategy = :username
end

Or, you can plug in your own authentication class, eg:

Configuration.configure do |config|
  config.authentication_strategy = MyFunkyAuthClass
end

Returns:

  • (Symbol or Class) 


125
126
127
 
# File 'lib/authenticate/configuration.rb', line 125

def authentication_strategy
  @authentication_strategy
end

#bad_login_lockout_periodActiveSupport::CoreExtensions::Numeric::Time

Time period to lock an account for if the user exceeds max_consecutive_bad_logins_allowed (and it’s set to nonzero). If set to nil, account is locked out indefinitely.

Returns:

  • (ActiveSupport::CoreExtensions::Numeric::Time) 


100
101
102
 
# File 'lib/authenticate/configuration.rb', line 100

def 
  
end

#cookie_domainString

The domain to set for the Authenticate session cookie. Defaults to nil, which will cause the cookie domain to set to the domain of the request.

Returns:

  • (String) 


35
36
37
 
# File 'lib/authenticate/configuration.rb', line 35

def cookie_domain
  @cookie_domain
end

#cookie_expirationLambda

A lambda called to set the remember token cookie expires attribute. Defaults to 1 year expiration. Note this is NOT the session’s max lifetime, see #max_session_lifetime. To set cookie expiration yourself:

Authenticate.configure do |config|
  config.cookie_expiration = { 1.month.from_now.utc }
end

Returns:

  • (Lambda) 


29
30
31
 
# File 'lib/authenticate/configuration.rb', line 29

def cookie_expiration
  @cookie_expiration
end

#cookie_http_onlyBoolean

Controls whether the HttpOnly flag should be set on the session cookie. Defaults to ‘false`. If `true`, the cookie will not be made available to JavaScript. For more see [RFC6265](tools.ietf.org/html/rfc6265#section-5.2.6).

Returns:

  • (Boolean) 


58
59
60
 
# File 'lib/authenticate/configuration.rb', line 58

def cookie_http_only
  @cookie_http_only
end

#cookie_nameString

Name of the session cookie Authenticate will send to client browser. Defaults to ‘authenticate_session_token’.

Returns:

  • (String) 


18
19
20
 
# File 'lib/authenticate/configuration.rb', line 18

def cookie_name
  @cookie_name
end

#cookie_pathString

Controls which paths the session token cookie is valid for. Defaults to ‘“/”` for the entire domain. For more, see [RFC6265](tools.ietf.org/html/rfc6265#section-5.1.4).

Returns:

  • (String) 


41
42
43
 
# File 'lib/authenticate/configuration.rb', line 41

def cookie_path
  @cookie_path
end

#crypto_providerModule #match? #encrypt

Determines what crypto is used when authenticating and setting passwords. Defaults to Model::BCrypt. At the moment Bcrypt is the only option offered.

Crypto implementations must provide:

* match?(secret, encrypted)
* encrypt(secret)

Returns:

  • (Module #match? #encrypt) 


74
75
76
 
# File 'lib/authenticate/configuration.rb', line 74

def crypto_provider
  @crypto_provider
end

#debugBoolean

Enable debugging messages.

Returns:

  • (Boolean) 


162
163
164
 
# File 'lib/authenticate/configuration.rb', line 162

def debug
  @debug
end

#mailer_senderString

Controls the ‘from’ address for Authenticate emails. Defaults to [email protected].

Returns:

  • (String) 


63
64
65
 
# File 'lib/authenticate/configuration.rb', line 63

def mailer_sender
  @mailer_sender
end

#max_consecutive_bad_logins_allowedInteger

Number of consecutive bad login attempts allowed. Default is nil, which disables this feature.

Returns:

  • (Integer) 


94
95
96
 
# File 'lib/authenticate/configuration.rb', line 94

def max_consecutive_bad_logins_allowed
  @max_consecutive_bad_logins_allowed
end

#max_session_lifetimeActiveSupport::CoreExtensions::Numeric::Time

Allow a session to ‘live’ for no more than the given elapsed time, e.g. 8.hours. Defaults to nil, or no max session time.

Returns:

  • (ActiveSupport::CoreExtensions::Numeric::Time) 


89
90
91
 
# File 'lib/authenticate/configuration.rb', line 89

def max_session_lifetime
  @max_session_lifetime
end

#modulesObject

List of symbols naming modules to load.



157
158
159
 
# File 'lib/authenticate/configuration.rb', line 157

def modules
  @modules
end

#password_lengthRange

Range requirement for password length. Defaults to ‘8..128`.

Returns:

  • (Range) 


104
105
106
 
# File 'lib/authenticate/configuration.rb', line 104

def password_length
  @password_length
end

#redirect_urlString

The default path Authenticate will redirect signed in users to. Defaults to ‘“/”`. This can often be overridden for specific scenarios by overriding controller methods that rely on it.

Returns:

  • (String) 


131
132
133
 
# File 'lib/authenticate/configuration.rb', line 131

def redirect_url
  @redirect_url
end

#reset_password_withinActiveSupport::CoreExtensions::Numeric::Time

The time period within which the password must be reset or the token expires. If set to nil, the password reset token does not expire. Defaults to ‘2.days`.

Returns:

  • (ActiveSupport::CoreExtensions::Numeric::Time) 


152
153
154
 
# File 'lib/authenticate/configuration.rb', line 152

def reset_password_within
  @reset_password_within
end

#routesBoolean

Enable or disable Authenticate’s built-in routes. Defaults to ‘true’, enabling Authenticate’s built-in routes. Disable by setting to ‘false’. If you disable the routes, your application is responsible for all routes. You can deploy a copy of Authenticate’s routes with ‘rails generate authenticate:routes`, which will also set `config.routes = false`.

Returns:

  • (Boolean) 


146
147
148
 
# File 'lib/authenticate/configuration.rb', line 146

def routes
  @routes
end

#secure_cookieBoolean

Controls the secure setting on the session cookie. Defaults to ‘false`. When set, the browser will only send the cookie to the server over HTTPS. If set to true over an insecure http (not https) connection, the cookie will not be usable and the user will not be successfully authenticated.

You should set this value to true in live environments to prevent session hijacking.

For more, see [RFC6265](tools.ietf.org/html/rfc6265#section-5.2.5).

Returns:

  • (Boolean) 


52
53
54
 
# File 'lib/authenticate/configuration.rb', line 52

def secure_cookie
  @secure_cookie
end

#timeout_inActiveSupport::CoreExtensions::Numeric::Time

Invalidate the session after the specified period of idle time. Defaults to nil, which is no idle timeout.

Authenticate.configure do |config|
  config.timeout_in = 45.minutes
end

Returns:

  • (ActiveSupport::CoreExtensions::Numeric::Time) 


84
85
86
 
# File 'lib/authenticate/configuration.rb', line 84

def timeout_in
  @timeout_in
end

#user_modelString

ActiveRecord model class name that represents your user. Specify as a String. Defaults to ‘::User’. To set to a different class:

Authenticate.configure do |config|
  config.user_model = 'BlogUser'
end

Returns:

  • (String) 


13
14
15
 
# File 'lib/authenticate/configuration.rb', line 13

def user_model
  @user_model
end

Instance Method Details

#allow_sign_up?Boolean

Is the user sign up route enabled?

Returns:

  • (Boolean) 


209
210
211
 
# File 'lib/authenticate/configuration.rb', line 209

def allow_sign_up?
  
end

#routes_enabled?Boolean

Returns are Authenticate’s built-in routes enabled?.

Returns:

  • (Boolean)

    are Authenticate’s built-in routes enabled?



214
215
216
 
# File 'lib/authenticate/configuration.rb', line 214

def routes_enabled?
  @routes
end

#user_id_parameterSymbol

The name of foreign key parameter for the configured user model. This is derived from the ‘model_name` of the `user_model` setting. In the default configuration, this is `user_id`.

Returns:

  • (Symbol) 


203
204
205
 
# File 'lib/authenticate/configuration.rb', line 203

def user_id_parameter
  "#{user_model_class.model_name.singular}_id".to_sym
end

#user_model_classObject 



185
186
187
 
# File 'lib/authenticate/configuration.rb', line 185

def user_model_class
  @user_model_class ||= user_model.constantize
end

#user_model_param_keyObject 



194
195
196
197
 
# File 'lib/authenticate/configuration.rb', line 194

def user_model_param_key
  return :user if @user_model == '::User' # avoid nil in generator
  Authenticate.configuration.user_model_class.model_name.param_key
end

#user_model_route_keyObject 



189
190
191
192
 
# File 'lib/authenticate/configuration.rb', line 189

def user_model_route_key
  return :users if @user_model == '::User' # avoid nil in generator
  Authenticate.configuration.user_model_class.model_name.route_key
end