accounts 0.0.1

data/.gitignore

@@ -0,0 +1,2 @@
+doc/
+pkg/

data/.rvmrc

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# This is an RVM Project .rvmrc file, used to automatically load the ruby
+# development environment upon cd'ing into the directory
+
+# First we specify our desired <ruby>[@<gemset>], the @gemset name is optional.
+environment_id="ruby-1.9.2-p290@accounts"
+
+#
+# Uncomment following line if you want options to be set only for given project.
+#
+# PROJECT_JRUBY_OPTS=( --1.9 )
+
+#
+# First we attempt to load the desired environment directly from the environment
+# file. This is very fast and efficient compared to running through the entire
+# CLI and selector. If you want feedback on which environment was used then
+# insert the word 'use' after --create as this triggers verbose mode.
+#
+if [[ -d "${rvm_path:-$HOME/.rvm}/environments" \
+  && -s "${rvm_path:-$HOME/.rvm}/environments/$environment_id" ]]
+then
+  \. "${rvm_path:-$HOME/.rvm}/environments/$environment_id"
+
+  if [[ -s "${rvm_path:-$HOME/.rvm}/hooks/after_use" ]]
+  then
+    . "${rvm_path:-$HOME/.rvm}/hooks/after_use"
+  fi
+else
+  # If the environment file has not yet been created, use the RVM CLI to select.
+  if ! rvm --create  "$environment_id"
+  then
+    echo "Failed to create RVM environment '${environment_id}'."
+    exit 1
+  fi
+fi
+
+#
+# If you use an RVM gemset file to install a list of gems (*.gems), you can have
+# it be automatically loaded. Uncomment the following and adjust the filename if
+# necessary.
+#
+#filename=".gems"
+filename="Gemfile"
+if false && [[ -s "$filename" ]] ; then
+  rvm gemset import "$filename" | grep -v already | grep -v listed | grep -v complete | sed '/^$/d'
+fi
+
+# If you use bundler, this might be useful to you:
+if command -v bundle && [[ -s Gemfile ]] ; then
+  bundle install
+fi
+rvm current

data/Gemfile

@@ -0,0 +1,2 @@
+source :rubygems
+gemspec # references accounts.gemspec

data/Gemfile.lock

@@ -0,0 +1,167 @@
+PATH
+  remote: .
+  specs:
+    accounts (0.0.1)
+      data_mapper
+      dm-postgres-adapter
+      dm-timestamps
+      dm-types
+      logger
+      mail
+      rack (~> 1.3.6)
+      sinatra
+      thin
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    backports (2.3.0)
+    bcrypt-ruby (3.0.1)
+    builder (3.0.0)
+    capybara (1.1.2)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      selenium-webdriver (~> 2.0)
+      xpath (~> 0.1.4)
+    childprocess (0.2.4)
+      ffi (~> 1.0.6)
+    cucumber (1.1.4)
+      builder (>= 2.1.2)
+      diff-lcs (>= 1.1.2)
+      gherkin (~> 2.7.1)
+      json (>= 1.4.6)
+      term-ansicolor (>= 1.0.6)
+    daemons (1.1.5)
+    data_mapper (1.2.0)
+      dm-aggregates (~> 1.2.0)
+      dm-constraints (~> 1.2.0)
+      dm-core (~> 1.2.0)
+      dm-migrations (~> 1.2.0)
+      dm-serializer (~> 1.2.0)
+      dm-timestamps (~> 1.2.0)
+      dm-transactions (~> 1.2.0)
+      dm-types (~> 1.2.0)
+      dm-validations (~> 1.2.0)
+    data_objects (0.10.7)
+      addressable (~> 2.1)
+    diff-lcs (1.1.3)
+    dm-aggregates (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-constraints (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-core (1.2.0)
+      addressable (~> 2.2.6)
+    dm-do-adapter (1.2.0)
+      data_objects (~> 0.10.6)
+      dm-core (~> 1.2.0)
+    dm-migrations (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-postgres-adapter (1.2.0)
+      dm-do-adapter (~> 1.2.0)
+      do_postgres (~> 0.10.6)
+    dm-serializer (1.2.1)
+      dm-core (~> 1.2.0)
+      fastercsv (~> 1.5.4)
+      json (~> 1.6.1)
+      json_pure (~> 1.6.1)
+      multi_json (~> 1.0.3)
+    dm-timestamps (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-transactions (1.2.0)
+      dm-core (~> 1.2.0)
+    dm-types (1.2.1)
+      bcrypt-ruby (~> 3.0.0)
+      dm-core (~> 1.2.0)
+      fastercsv (~> 1.5.4)
+      json (~> 1.6.1)
+      multi_json (~> 1.0.3)
+      stringex (~> 1.3.0)
+      uuidtools (~> 2.1.2)
+    dm-validations (1.2.0)
+      dm-core (~> 1.2.0)
+    do_postgres (0.10.7)
+      data_objects (= 0.10.7)
+    eventmachine (0.12.10)
+    fastercsv (1.5.4)
+    ffi (1.0.11)
+    gherkin (2.7.1)
+      json (>= 1.4.6)
+    haml (3.1.4)
+    i18n (0.6.0)
+    json (1.6.4)
+    json_pure (1.6.4)
+    logger (1.2.8)
+    mail (2.3.0)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mail-single_file_delivery (0.0.1)
+      mail
+    mail-store-agent (0.1.1)
+      mail
+    mime-types (1.17.2)
+    multi_json (1.0.4)
+    nokogiri (1.5.0)
+    polyglot (0.3.3)
+    rack (1.3.6)
+    rack-protection (1.2.0)
+      rack
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rdoc (3.12)
+      json (~> 1.4)
+    rspec (2.7.0)
+      rspec-core (~> 2.7.0)
+      rspec-expectations (~> 2.7.0)
+      rspec-mocks (~> 2.7.0)
+    rspec-core (2.7.1)
+    rspec-expectations (2.7.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.7.0)
+    rubyzip (0.9.5)
+    selenium-webdriver (2.15.0)
+      childprocess (>= 0.2.1)
+      ffi (~> 1.0.9)
+      multi_json (~> 1.0.4)
+      rubyzip
+    sinatra (1.3.2)
+      rack (~> 1.3, >= 1.3.6)
+      rack-protection (~> 1.2)
+      tilt (~> 1.3, >= 1.3.3)
+    sinatra-contrib (1.3.1)
+      backports (>= 2.0)
+      eventmachine
+      rack-protection
+      rack-test
+      sinatra (~> 1.3.0)
+      tilt (~> 1.3)
+    stringex (1.3.0)
+    term-ansicolor (1.0.7)
+    thin (1.3.1)
+      daemons (>= 1.0.9)
+      eventmachine (>= 0.12.6)
+      rack (>= 1.0.0)
+    tilt (1.3.3)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    uuidtools (2.1.2)
+    xpath (0.1.4)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  accounts!
+  capybara
+  cucumber
+  haml
+  mail-single_file_delivery
+  mail-store-agent
+  rdoc
+  rspec
+  sinatra-contrib

data/README.mkd

@@ -0,0 +1,105 @@
+# Accounts
+
+## Summary
+*accounts* is a website plug-in that offers than the basic user-account management
+and authentication features that many sites need.
+
+## Background
+
+Most sites I've built require a user authentication and user-account management features.
+These include:
+* Registering a new user
+* Authenticating (logging-on)
+* Verifying a user's e-mail
+* Modifying a user's e-mail
+* Resetting a user's password
+* Suspending a user's account
+
+I would much rather delegate these features to an OpenID/Oauth service,
+In other words, let a user authenticate to a third party that we both trust 
+(at least for the purpose we're using them for here)
+such as Yahoo or Facebook or Google 
+who will then present a token to my client's site representing that the user has been authenticated.
+
+Nevertheless, many of my clients and prospective clients have insisted that
+their sites manage these features without requiring their customers to authenticate through a third party.
+
+So I'm left again reinventing the same old authentication and account-management features every time.
+The pages look different and the details may be slightly different each time
+- some sites want to know their subscribers' full name, home address and phone number,
+others just want an e-mail -
+but the features and use-cases are nearly identical.
+
+## Description
+*accounts* is a website plug-in that offers than the basic user-account management
+and authentication features that many sites need.
+
+Accounts::Server defines the following paths for your web-app:
+
+* POST '/logon'
+* POST '/register'
+* POST '/forgot-password'
+* POST '/change-password'
+* POST '/change-email'
+
+Your app must provide the pages and forms that will post to these paths.
+See demo/web_app.rb for example of usage.
+That file could be your template for a new web-app that uses the accounts gem.
+
+*accounts* supports a very lean and minimal user-registration protocol.
+
+1. A user who wants to register need only submit a valid e-mail address.
+1. The service will attempt to e-mail a unique URI to the address they have given.
+1. When the new registree candidate visits that URI (presumably by clicking),
+that e-mail (and their identity) may be considered as valid.
+1. The new registree is then invited to create and verify a password.
+
+This and other use cases are described in the Cucumber *features* documents and behavioral tests.
+
+*accounts* makes a few assumptions:
+
+1. Each subscriber to a site can be uniquely identified by whatever e-mail address he submits.
+1. Password privacy depends on the transport layer (SSL).
+1. Personal contact info and other attributes of a subscriber 
+are kept in a separate resource than Account that can be joined with Account.
+1. Users may change their e-mail address, thus changing their primary identity.  
+This is justified because people do change their e-mail address from time to time 
+and should not have to re-register with a new identity.
+Changing their e-mail will not break associations to other tables you have defined through *account_id*.
+
+## Usage
+See lib/accounts/configure.rb for list of configurable options
+and for example of how to set them in order to customize
+the pages and e-mails for your app.
+
+Accounts defines several tables for keeping track of user accounts.
+These do not include any personal or contact info other than a person's e-mail address.
+If your app needs to maintain other info about it's subscribers,
+you can create a separate table and join it with Accounts::Account defined in lib/accounts/model.rb
+in a one-to-one relationship.
+
+Accounts is agnostic about what templating engine engine your app uses,
+as it does not use one itself,
+but merely outputs shorts strings as responses that you may customize
+by replacing them with your own strings or with Procs that use a template engine.
+
+Accounts is agnostic about what mail engine engine your app uses,
+although the default configuration uses http://github.com/mikel/mail.
+If you wish to use a different mail engine,
+you may do so in the Proc objects you provide to Accounts::configure.
+
+## Status
+Can't get sinatra-reloader to work since I converted it into a modular app.
+
+Need to convert this into a proper Gem.
+
+## Disclaimer
+
+This package and all its contents are provided provided AS-IS, for demonstration purposes.
+Lawrence Siden and Westside Consulting LLC 
+make no warranty about this package's security, correctness or fitness for commercial use.
+
+## License
+* Copyright <a href="http://westside-consulting.com/">Westside Consulting LLC</a>, Ann Arbor, MI, USA, 2012
+* <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/"><img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by-sa/3.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" href="http://purl.org/dc/dcmitype/Text" property="dct:title" rel="dct:type">accounts</span> by <a xmlns:cc="http://creativecommons.org/ns#" href="http://westside-consulting.com/" property="cc:attributionName" rel="cc:attributionURL">Lawrence Siden</a> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/3.0/">Creative Commons Attribution-ShareAlike 3.0 Unported License</a>.<br />Based on a work at <a xmlns:dct="http://purl.org/dc/terms/" href="https://github.com/lsiden" rel="dct:source">github.com</a>.
+* [Ruby License](http://www.ruby-lang.org/en/LICENSE.txt)

data/Rakefile

@@ -0,0 +1,24 @@
+# Copyright Westside Consulting LLC, Ann Arbor, MI, USA, 2012
+
+require "bundler/gem_tasks"
+
+#=begin
+require 'rspec/core/rake_task'
+require 'cucumber/rake/task'
+
+# see http://autotestgroup.com/en/blog/80.html
+
+desc "Run RSpec"
+RSpec::Core::RakeTask.new(:rspec) do |t|
+  t.ruby_opts = %w[-w]
+  t.ruby_opts << ENV["opts"] if ENV["opts"]
+end
+ 
+desc "Run Cucumber"
+Cucumber::Rake::Task.new(:features) do |t|
+  tag = ENV["tag"].split(',').map {|t| "@#{t}" }.join(',') if ENV["tag"]
+  t.cucumber_opts = "--format pretty"
+  t.cucumber_opts += %W[-t #{tag}] if tag
+  #STDERR.puts t.cucumber_opts.inspect
+end
+#=end

data/accounts.gemspec

@@ -0,0 +1,52 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "accounts/version"
+
+Gem::Specification.new do |s|
+  s.name        = "accounts"
+  s.version     = Accounts::Gem::VERSION
+  s.authors     = ["Larry Siden, Westside Consulting LLC"]
+  s.email       = ["lsiden@westside-consulting.com"]
+  s.homepage    = "https://github.com/lsiden/accounts"
+  s.summary     = %q{
+*accounts* is a website plug-in that offers than the basic user-account management
+and authentication features that many sites need.
+  }
+  s.description = %q{
+Accounts::Server defines the following paths for your web-app:
+
+* POST '/logon'
+* POST '/register'
+* POST '/forgot-password'
+* POST '/change-password'
+* POST '/change-email'
+
+Your app must provide the pages and forms that will post to these paths.
+  }
+
+  s.rubyforge_project = "accounts"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_development_dependency 'capybara'
+  s.add_development_dependency 'cucumber'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'rdoc'
+  s.add_development_dependency 'sinatra-contrib'
+  s.add_development_dependency 'mail-store-agent'
+  s.add_development_dependency 'mail-single_file_delivery'
+  s.add_development_dependency 'haml'
+
+  s.add_runtime_dependency 'rack', "~>1.3.6" #  https://github.com/rack/rack/issues/299
+  s.add_runtime_dependency 'sinatra'
+  s.add_runtime_dependency 'thin'
+  s.add_runtime_dependency 'data_mapper'
+  s.add_runtime_dependency 'dm-types'
+  s.add_runtime_dependency 'dm-timestamps'
+  s.add_runtime_dependency 'dm-postgres-adapter'
+  s.add_runtime_dependency 'mail'
+  s.add_runtime_dependency 'logger'
+end

data/demo/views/change_email.haml

@@ -0,0 +1,14 @@
+!!!
+%html{html_attrs}
+  / Copyright Westside Consulting LLC, Ann Arbor, MI, USA, 2012
+
+  %body
+
+    %h1 Change E-mail
+
+    %form.change_email{:action => '/change-email', :method => 'post'}
+      .label_input
+        %label{:for=>"email"} New e-mail
+        %input{:name=>"email", :id=>"email", :type=>"text"} 
+      .button
+        %button{:type => "submit"} Submit

data/demo/views/change_password.haml

@@ -0,0 +1,36 @@
+!!!
+%html{html_attrs}
+  / Copyright Westside Consulting LLC, Ann Arbor, MI, USA, 2012
+
+  %head
+    :javascript
+      function validate(form) {
+
+        if (form.password.value != form.password2.value) {
+          alert("Passwords must match");
+          return false;
+        }
+
+        if (form.password.value.length < 8) {
+          alert("Password must have at least 8 characters");
+          return false;
+        }
+        return true;
+      }
+
+  %body
+
+    %h1 Change Password
+
+    %form#change_password_form{ :action => '/change-password',
+        :method => 'post',
+        :onsubmit => 'return validate(this)',
+        }
+      .label_input
+        %label{:for=>"password"} New Password
+        %input{:name=>"password", :id=>"password", :type=>"password"} 
+      .label_input
+        %label{:for=>"password"} Confirm New Password
+        %input{:id=>"password2", :type=>"password"} 
+      .button
+        %button{:type => "submit"} Submit