README.md in auther-1.2.0 vs README.md in auther-1.3.0

- old
+ new

@@ -18,14 +18,15 @@ [![Screenshot - Clean](https://github.com/bkuhlmann/auther/raw/master/screenshot-clean.png)](https://github.com/bkuhlmann/auther) [![Screenshot - Error](https://github.com/bkuhlmann/auther/raw/master/screenshot-error.png)](https://github.com/bkuhlmann/auther) * Encrypted account credentials. * Multiple account support with account specific blacklisted paths. -* Log filtering for account credentials (login and password). * Auto-redirection to requested path (once credentials have been verified). -* Customizable view. -* Customizable controller. +* Log filtering for account credentials (login and password). +* Customizable logger support. +* Customizable view support. +* Customizable controller support. # Requirements 0. Any of the following Ruby VMs: * [MRI 2.x.x](http://www.ruby-lang.org) @@ -36,14 +37,17 @@ # Setup For a secure install, type the following from the command line (recommended): gem cert --add <(curl -Ls http://www.redalchemist.com/gem-public.pem) - gem install auther --trust-policy HighSecurity + gem install auther --trust-policy MediumSecurity -...or, for an insecure install, type the following (not recommended): +NOTE: A HighSecurity trust policy would be best but MediumSecurity enables signed gem verification while +allowing the installation of unsigned dependencies since they are beyond the scope of this gem. +For an insecure install, type the following (not recommended): + gem install auther Add the following to your Gemfile: gem "auther" @@ -68,26 +72,28 @@ login: "N3JzR213WlBISDZsMjJQNkRXbEVmYVczbVdnMHRYVHRud29lOWRCekp6ST0tLWpFMkROekUvWDBkOHZ4ZngxZHV6clE9PQ==--cd863c39991fa4bb9a35de918aa16da54514e331", password: "cHhFSStjRm9KbEYwK3ZJVlF2MmpTTWVVZU5acEdlejZsZEhjWFJoQWxKND0tLTE3cmpXZVBQdW5VUW1jK0ZSSDdLUnc9PQ==--f51171174fa77055540420f205e0dd9d499cfeb6", paths: ["/admin"] ], secret: "vuKrwD9XWoYuv@s99?tR(9VqryiL,KV{W7wFnejUa4QcVBP+D{2rD4JfuD(mXgA=$tNK4Pfn#NeGs3o3TZ3CqNc^Qb", - auth_url: "/login" + auth_url: "/login", + logger: ActiveSupport::Logger.new("log/#{Rails.env}.log") } end end The purpose of each setting is as follows: -* *title* - The HTML page title (as rendered within a browser tab). -* *label* - The page label (what would appear above the form). -* *accounts* - The array of accounts with different or similar access to the application. - * *login* - The encrypted account login. For example, the above decrypts to: *test@test.com*. - * *password* - The encrypted account password. For example, the above decrypts to: *password*. - * *paths* - The array of blacklisted paths for which only this account has access to. -* *secret* - The secret passphrase used to encrypt/decrypt account credentials. -* *auth_url* - The URL to redirect to when enforcing authentication to a blacklisted path. +* *title* - Optional. The HTML page title (as rendered within a browser tab). Default: "Authorization". +* *label* - Optional. The page label (what would appear above the form). Default: "Authorization". +* *accounts* - Required. The array of accounts with different or similar access to the application. + * *login* - Required. The encrypted account login. For example, the above decrypts to: *test@test.com*. + * *password* - Required. The encrypted account password. For example, the above decrypts to: *password*. + * *paths* - Required. The array of blacklisted paths for which only this account has access to. +* *secret* - Required. The secret passphrase used to encrypt/decrypt account credentials. +* *auth_url* - Required. The URL to redirect to when enforcing authentication to a blacklisted path. +* *logger* - Optional. The logger used to log path/account authorization messages. Default: Auther::NullLogger. # Usage Using the setup examples, from above, launch your Rails application and visit either of the following routes: @@ -145,9 +151,17 @@ Rails.application.routes.draw do mount Auther::Engine => "/auther" get "/login", to: "auther/session#new" delete "/logout", to: "auther/session#destroy" end + +## Logging + +As mentioned in the setup above, the logger can be customized or removed completely. Examples: + + Auther::NullLogger.new # This is the default logger (which is no logging at all). + ActiveSupport::Logger.new("log/#{Rails.env}.log") # Can be used to log to the environment log. + Logger.new($stdout) # Can be used to log to standard output. # Tests To test, do the following: