jasonallen / ruote-rest Goto Github PK
View Code? Open in Web Editor NEWThis project forked from jmettraux/ruote-rest
RESTful workflow / bpm engine based on Rack and ruote
Home Page: http://openwferu.rubyforge.org
License: MIT License
This project forked from jmettraux/ruote-rest
RESTful workflow / bpm engine based on Rack and ruote
Home Page: http://openwferu.rubyforge.org
License: MIT License
** Note : most of this documentation got integrated into README.txt Thanks to Gonzalo and Nando for all their work ! ** This is a draft for a new authentication model in ruote-rest. authors: Gonzalo <[email protected]> "Nando Sola"<[email protected]> Our main goal was to avoid storing passwords in plain text (conf/authentication.yaml) All authentication info is stored in "ruoterest_#{stage}" - The following tables are created USERS (inspired by ruote-web2) +------------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +------------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | login | varchar(255) | YES | UNI | NULL | | | name | varchar(255) | YES | MUL | NULL | | | password | varchar(255) | YES | | NULL | | | email | varchar(255) | YES | MUL | NULL | | | created_at | datetime | YES | MUL | NULL | | | updated_at | datetime | YES | MUL | NULL | | +------------+--------------+------+-----+---------+----------------+ HOSTS (IP whitelisting and ToD filter) +---------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | ip | varchar(255) | YES | | NULL | | | trusted | varchar(255) | YES | | NULL | | | from | varchar(255) | YES | | NULL | | | to | varchar(255) | YES | | NULL | | +---------+--------------+------+-----+---------+----------------+ Passwords --------- So far, we've successfully implemented the following password storage schemes: * {SSHA} * {SMD5} * {...} It's easily extensible An 8-byte salt is included in the b64 passwd string (a la Directory Server) Hosts table: ------------ attributes: * 'ip': as for now, every host making requests to ruote-rest must be stored in this table. * 'trusted': 'false' or 'true' for whitelist inclussion, thus disabling ToD and user/passwd checks. * 'from' - 'to': Time of Day filter. Set a valid interval to use ruote-rest or NULL. Included files: --------------- ./newauth-ruoterest +tasks authmodel.rake +fixtures users.yml hosts.yml +test test_newauth.rb README +conf auth_models.rb password.rb auth.rb Usage: ------ git clone git://github.com/jmettraux/ruote-rest.git cp newauth.tar ruote-rest; tar xvf newauth.tar edit Rakefile: 50 load 'tasks/ruote.rake' 51 load 'tasks/mysql.rake' ---> 52 load 'tasks/authmodel.rake' edit tasks/fixtures/hosts.yaml and make sure everything looks OK gem install rest-client in order to run our tests rake ruote:install edit conf/database.yaml and tasks/mysql.rake and make the appropriate changes to db_name, :user and :passwd rake mysql:setup; rake authmodel:setup; rake authmodel:fixtures Now lets rock! ruby lib/start.rb & or daemonize Now we can roll the unit tests: cd test ruby test_newauth.rb - they aren't complete yet, but the main features are tested. Test users: ----------- username: charly, bob, admin, alice password: secret Test hosts: ----------- st_01: id: 1 ip: "192.168.168.1" trusted: false from: 9 to: 17 host_02: id: 2 ip: "192.168.168.128" trusted: false from: NULL to: NULL host_03: id: 3 ip: "127.0.0.1" trusted: true from: NULL to: NULL ****** Feel free to play with them, i.e. adding/deleting/modifying on the fly. If you wanna use a real REST client from a remote host, try: http://code.google.com/p/rest-client/ ****** Post any suggestions/corrections at the list http://groups.google.com/group/openwferu-users Thanks John for this great project
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.