/api_guardian

Drop in authorization and authentication suite for Rails APIs.

Primary LanguageRubyMIT LicenseMIT

Api Guardian

Drop in authorization and authentication suite for Rails APIs.

Build Status Test Coverage Code Climate

**This gem is in alpha stages and is not feature complete. It should not be used in production!**

Overview

ApiGuardian includes the following features out of the box:

  • User registration (email/pass)
  • Password reset workflow
  • Roles
  • Permissions
  • Stateless authentication using OAuth2 (via Doorkeeper and Doorkeeper::JWT)
  • Policy enforcement (via Pundit)
  • Serialization to JSON API (via AMS)
  • Two-factor auth (TODO)
  • External Login (TODO)

What doesn't it include?

  • Stateful session support (Cookies)
  • HTML/CSS/JS or views of any kind.

Requirements

  • Ruby >= 2.0
  • PostgreSQL >= 9.1 (uuid-ossp support)

Note: For now, your app must use a PostgreSQL database. This is because ApiGuardian is using UUID primary keys for all records.

Installation

First

Put this in your Gemfile:

# Include ApiGuardian from edge
gem 'api_guardian', git: 'https://github.com/lookitsatravis/api_guardian'
# You must also include the prerelease version of active_model_serializers
gem 'active_model_serializers', git: 'https://github.com/rails-api/active_model_serializers.git'

Second

Run this command:

rake generate api_guardian:install

This will add an initializer, mount the routes, and, copy the migrations/seed files. You will need to follow this with:

rake db:migrate

Third

To Do

Finally

To Do

Usage

Roles

To Do

Permissions

To Do

Users

To Do

Roadmap

Getting Help

If you find a bug, please report an Issue.

If you have a question, please post to Stack Overflow.

Thanks!

Contributing

See CONTRIBUTING.md

License

ApiGuardian is copyright © 2015 Travis Vignon. It is free software, and may be redistributed under the terms specified in the MIT-LICENSE file.