Class: Authenticate::Configuration

Inherits:

Object

• Object
• Authenticate::Configuration

Defined in:

lib/authenticate/configuration.rb

Instance Attribute Summary

• #allow_sign_up ⇒ Boolean

  Controls whether the “sign up” route, allowing creation of users, is enabled.

• #authentication_strategy ⇒ Symbol or Class

  Strategy for authentication.

• #bad_login_lockout_period ⇒ ActiveSupport::CoreExtensions::Numeric::Time

  Time period to lock an account for if the user exceeds max_consecutive_bad_logins_allowed.

• #cookie_domain ⇒ String

  The domain to set for the Authenticate session cookie.

• #cookie_expiration ⇒ Lambda

  A lambda called to set the remember token cookie expires attribute.

• #cookie_http_only ⇒ Boolean

  Controls whether the HttpOnly flag should be set on the session cookie.

• #cookie_name ⇒ String

  Name of the session cookie Authenticate will send to client browser.

• #cookie_path ⇒ String

  Controls which paths the session token cookie is valid for.

• #crypto_provider ⇒ Module #match? #encrypt

  Determines what crypto is used when authenticating and setting passwords.

• #debug ⇒ Boolean

  Enable debugging messages.

• #mailer_sender ⇒ String

  Controls the ‘from’ address for Authenticate emails.

• #max_consecutive_bad_logins_allowed ⇒ Integer

  Number of consecutive bad login attempts allowed.

• #max_session_lifetime ⇒ ActiveSupport::CoreExtensions::Numeric::Time

  Allow a session to ‘live’ for no more than the given elapsed time, e.g.

• #modules ⇒ Object

  List of symbols naming modules to load.

• #password_length ⇒ Range

  Range requirement for password length.

• #redirect_url ⇒ String

  The default path Authenticate will redirect signed in users to.

• #reset_password_within ⇒ ActiveSupport::CoreExtensions::Numeric::Time

  The time period within which the password must be reset or the token expires.

• #routes ⇒ Boolean

  Enable or disable Authenticate’s built-in routes.

• #secure_cookie ⇒ Boolean

  Controls the secure setting on the session cookie.

• #timeout_in ⇒ ActiveSupport::CoreExtensions::Numeric::Time

  Invalidate the session after the specified period of idle time.

• #user_model ⇒ String

  ActiveRecord model class name that represents your user.

Instance Method Summary

• #allow_sign_up? ⇒ Boolean

  Is the user sign up route enabled?.

• #initialize ⇒ Configuration constructor

  A new instance of Configuration.

• #routes_enabled? ⇒ Boolean

  Are Authenticate’s built-in routes enabled?.

• #user_id_parameter ⇒ Symbol

  The name of foreign key parameter for the configured user model.

• #user_model_class ⇒ Object
• #user_model_param_key ⇒ Object
• #user_model_route_key ⇒ Object

Constructor Details

#initialize ⇒ Configuration

Returns a new instance of Configuration.

# File 'lib/authenticate/configuration.rb', line 183

def initialize
  # Defaults
  @debug = false
  @cookie_name = 'authenticate_session_token'
  @cookie_expiration =  -> { 1.year.from_now.utc }
  @cookie_domain = nil
  @cookie_path = '/'
  @secure_cookie = false
  @cookie_http_only = false
  @mailer_sender = 'reply@example.com'
  @redirect_url = '/'
  @allow_sign_up = true
  @routes = true
  @reset_password_within = 2.days
  @modules = []
  @user_model = '::User'
  @authentication_strategy = :email
  @password_length = 8..128
end

Instance Attribute Details

#allow_sign_up ⇒ Boolean

Controls whether the “sign up” route, allowing creation of users, is enabled. Defaults to ‘true`. Set to `false` to disable user creation routes. The setting is ignored if routes are disabled.

Parameters:

• value (Boolean)

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 156

def allow_sign_up
  @allow_sign_up
end

#authentication_strategy ⇒ Symbol or Class

Strategy for authentication.

Available strategies:

:email - requires user have attribute :email
:username - requires user have attribute :username

Defaults to :email. To set to :username:

Configuration.configure do |config|
  config.authentication_strategy = :username
end

Or, you can plug in your own authentication class, eg:

Configuration.configure do |config|
  config.authentication_strategy = MyFunkyAuthClass
end

Returns:

• (Symbol or Class)

# File 'lib/authenticate/configuration.rb', line 143

def authentication_strategy
  @authentication_strategy
end

#bad_login_lockout_period ⇒ ActiveSupport::CoreExtensions::Numeric::Time

Time period to lock an account for if the user exceeds max_consecutive_bad_logins_allowed. If set to nil, account is locked out indefinitely.

Returns:

• (ActiveSupport::CoreExtensions::Numeric::Time)

# File 'lib/authenticate/configuration.rb', line 118

def bad_login_lockout_period
  @bad_login_lockout_period
end

#cookie_domain ⇒ String

The domain to set for the Authenticate session cookie. Defaults to nil, which will cause the cookie domain to set to the domain of the request.

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 35

def cookie_domain
  @cookie_domain
end

#cookie_expiration ⇒ Lambda

A lambda called to set the remember token cookie expires attribute. Defaults to 1 year expiration. Note this is NOT the session’s max lifetime, see #max_session_lifetime. To set cookie expiration yourself:

Authenticate.configure do |config|
  config.cookie_expiration = { 1.month.from_now.utc }
end

Returns:

• (Lambda)

# File 'lib/authenticate/configuration.rb', line 29

def cookie_expiration
  @cookie_expiration
end

#cookie_http_only ⇒ Boolean

Controls whether the HttpOnly flag should be set on the session cookie. Defaults to ‘false`. If `true`, the cookie will not be made available to JavaScript. For more see [RFC6265](tools.ietf.org/html/rfc6265#section-5.2.6).

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 58

def cookie_http_only
  @cookie_http_only
end

#cookie_name ⇒ String

Name of the session cookie Authenticate will send to client browser. Defaults to ‘authenticate_session_token’.

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 18

def cookie_name
  @cookie_name
end

#cookie_path ⇒ String

Controls which paths the session token cookie is valid for. Defaults to ‘“/”` for the entire domain. For more, see [RFC6265](tools.ietf.org/html/rfc6265#section-5.1.4).

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 41

def cookie_path
  @cookie_path
end

#crypto_provider ⇒ Module #match? #encrypt

Determines what crypto is used when authenticating and setting passwords. Defaults to Model::BCrypt. At the moment Bcrypt is the only option offered.

Crypto implementations must provide:

* match?(secret, encrypted)
* encrypt(secret)

Returns:

• (Module #match? #encrypt)

# File 'lib/authenticate/configuration.rb', line 74

def crypto_provider
  @crypto_provider
end

#debug ⇒ Boolean

Enable debugging messages.

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 180

def debug
  @debug
end

#mailer_sender ⇒ String

Controls the ‘from’ address for Authenticate emails. Defaults to reply@example.com.

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 63

def mailer_sender
  @mailer_sender
end

#max_consecutive_bad_logins_allowed ⇒ Integer

Number of consecutive bad login attempts allowed. This is called “brute force protection”. The user’s consecutive bad logins will be tracked, and if they exceed the allowed maximumm the user’s account will be locked. The length of the lockout is determined by [#bad_login_lockout_period].

Default is nil, which disables this feature.

Authenticate.configure do |config|

config.max_consecutive_bad_logins_allowed = 4
config.bad_login_lockout_period = 10.minutes

end

Returns:

• (Integer)

# File 'lib/authenticate/configuration.rb', line 112

def max_consecutive_bad_logins_allowed
  @max_consecutive_bad_logins_allowed
end

#max_session_lifetime ⇒ ActiveSupport::CoreExtensions::Numeric::Time

Allow a session to ‘live’ for no more than the given elapsed time, e.g. 8.hours. Defaults to nil, or no max session time. If set, a user session will expire once it has been active for max_session_lifetime. The user session is invalidated and the next access will will prompt the user for authentication.

Authenticate.configure do |config|

config.max_session_lifetime = 8.hours

end

Returns:

• (ActiveSupport::CoreExtensions::Numeric::Time)

# File 'lib/authenticate/configuration.rb', line 98

def max_session_lifetime
  @max_session_lifetime
end

#modules ⇒ Object

List of symbols naming modules to load.

# File 'lib/authenticate/configuration.rb', line 175

def modules
  @modules
end

#password_length ⇒ Range

Range requirement for password length. Defaults to ‘8..128`.

Returns:

• (Range)

# File 'lib/authenticate/configuration.rb', line 122

def password_length
  @password_length
end

#redirect_url ⇒ String

The default path Authenticate will redirect signed in users to. Defaults to ‘“/”`. This can often be overridden for specific scenarios by overriding controller methods that rely on it.

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 149

def redirect_url
  @redirect_url
end

#reset_password_within ⇒ ActiveSupport::CoreExtensions::Numeric::Time

The time period within which the password must be reset or the token expires. If set to nil, the password reset token does not expire. Defaults to ‘2.days`.

Returns:

• (ActiveSupport::CoreExtensions::Numeric::Time)

# File 'lib/authenticate/configuration.rb', line 170

def reset_password_within
  @reset_password_within
end

#routes ⇒ Boolean

Enable or disable Authenticate’s built-in routes. Defaults to ‘true’, enabling Authenticate’s built-in routes. Disable by setting to ‘false’. If you disable the routes, your application is responsible for all routes. You can deploy a copy of Authenticate’s routes with ‘rails generate authenticate:routes`, which will also set `config.routes = false`.

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 164

def routes
  @routes
end

#secure_cookie ⇒ Boolean

Controls the secure setting on the session cookie. Defaults to ‘false`. When set, the browser will only send the cookie to the server over HTTPS. If set to true over an insecure http (not https) connection, the cookie will not be usable and the user will not be successfully authenticated.

You should set this value to true in live environments to prevent session hijacking.

For more, see [RFC6265](tools.ietf.org/html/rfc6265#section-5.2.5).

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 52

def secure_cookie
  @secure_cookie
end

#timeout_in ⇒ ActiveSupport::CoreExtensions::Numeric::Time

Invalidate the session after the specified period of idle time. If the interval between the current access time and the last access time is greater than timeout_in, the session is invalidated. The user will be prompted for authentication again. Defaults to nil, which is no idle timeout.

Authenticate.configure do |config|
  config.timeout_in = 45.minutes
end

Returns:

• (ActiveSupport::CoreExtensions::Numeric::Time)

# File 'lib/authenticate/configuration.rb', line 86

def timeout_in
  @timeout_in
end

#user_model ⇒ String

ActiveRecord model class name that represents your user. Specify as a String. Defaults to ‘::User’. To set to a different class:

Authenticate.configure do |config|
  config.user_model = 'BlogUser'
end

Returns:

• (String)

# File 'lib/authenticate/configuration.rb', line 13

def user_model
  @user_model
end

Instance Method Details

#allow_sign_up? ⇒ Boolean

Is the user sign up route enabled?

Returns:

• (Boolean)

# File 'lib/authenticate/configuration.rb', line 227

def allow_sign_up?
  @allow_sign_up
end

#routes_enabled? ⇒ Boolean

Returns are Authenticate’s built-in routes enabled?.

Returns:

• (Boolean) —

  are Authenticate’s built-in routes enabled?

# File 'lib/authenticate/configuration.rb', line 232

def routes_enabled?
  @routes
end

#user_id_parameter ⇒ Symbol

The name of foreign key parameter for the configured user model. This is derived from the ‘model_name` of the `user_model` setting. In the default configuration, this is `user_id`.

Returns:

• (Symbol)

# File 'lib/authenticate/configuration.rb', line 221

def user_id_parameter
  "#{user_model_class.model_name.singular}_id".to_sym
end

#user_model_class ⇒ Object

# File 'lib/authenticate/configuration.rb', line 203

def user_model_class
  @user_model_class ||= user_model.constantize
end

#user_model_param_key ⇒ Object

# File 'lib/authenticate/configuration.rb', line 212

def user_model_param_key
  return :user if @user_model == '::User' # avoid nil in generator
  Authenticate.configuration.user_model_class.model_name.param_key
end

#user_model_route_key ⇒ Object

# File 'lib/authenticate/configuration.rb', line 207

def user_model_route_key
  return :users if @user_model == '::User' # avoid nil in generator
  Authenticate.configuration.user_model_class.model_name.route_key
end