jasonallen / ruote-rest Goto Github PK
View Code? Open in Web Editor NEWThis project forked from jmettraux/ruote-rest
RESTful workflow / bpm engine based on Rack and ruote
Home Page: http://openwferu.rubyforge.org
License: MIT License
ruote-rest's Introduction
** Note : most of this documentation got integrated into README.txt Thanks to Gonzalo and Nando for all their work ! ** This is a draft for a new authentication model in ruote-rest. authors: Gonzalo <[email protected]> "Nando Sola"<[email protected]> Our main goal was to avoid storing passwords in plain text (conf/authentication.yaml) All authentication info is stored in "ruoterest_#{stage}" - The following tables are created USERS (inspired by ruote-web2) +------------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +------------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | login | varchar(255) | YES | UNI | NULL | | | name | varchar(255) | YES | MUL | NULL | | | password | varchar(255) | YES | | NULL | | | email | varchar(255) | YES | MUL | NULL | | | created_at | datetime | YES | MUL | NULL | | | updated_at | datetime | YES | MUL | NULL | | +------------+--------------+------+-----+---------+----------------+ HOSTS (IP whitelisting and ToD filter) +---------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | ip | varchar(255) | YES | | NULL | | | trusted | varchar(255) | YES | | NULL | | | from | varchar(255) | YES | | NULL | | | to | varchar(255) | YES | | NULL | | +---------+--------------+------+-----+---------+----------------+ Passwords --------- So far, we've successfully implemented the following password storage schemes: * {SSHA} * {SMD5} * {...} It's easily extensible An 8-byte salt is included in the b64 passwd string (a la Directory Server) Hosts table: ------------ attributes: * 'ip': as for now, every host making requests to ruote-rest must be stored in this table. * 'trusted': 'false' or 'true' for whitelist inclussion, thus disabling ToD and user/passwd checks. * 'from' - 'to': Time of Day filter. Set a valid interval to use ruote-rest or NULL. Included files: --------------- ./newauth-ruoterest +tasks authmodel.rake +fixtures users.yml hosts.yml +test test_newauth.rb README +conf auth_models.rb password.rb auth.rb Usage: ------ git clone git://github.com/jmettraux/ruote-rest.git cp newauth.tar ruote-rest; tar xvf newauth.tar edit Rakefile: 50 load 'tasks/ruote.rake' 51 load 'tasks/mysql.rake' ---> 52 load 'tasks/authmodel.rake' edit tasks/fixtures/hosts.yaml and make sure everything looks OK gem install rest-client in order to run our tests rake ruote:install edit conf/database.yaml and tasks/mysql.rake and make the appropriate changes to db_name, :user and :passwd rake mysql:setup; rake authmodel:setup; rake authmodel:fixtures Now lets rock! ruby lib/start.rb & or daemonize Now we can roll the unit tests: cd test ruby test_newauth.rb - they aren't complete yet, but the main features are tested. Test users: ----------- username: charly, bob, admin, alice password: secret Test hosts: ----------- st_01: id: 1 ip: "192.168.168.1" trusted: false from: 9 to: 17 host_02: id: 2 ip: "192.168.168.128" trusted: false from: NULL to: NULL host_03: id: 3 ip: "127.0.0.1" trusted: true from: NULL to: NULL ****** Feel free to play with them, i.e. adding/deleting/modifying on the fly. If you wanna use a real REST client from a remote host, try: http://code.google.com/p/rest-client/ ****** Post any suggestions/corrections at the list http://groups.google.com/group/openwferu-users Thanks John for this great project
ruote-rest's People
Stargazers
Watchers
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.