RubyGems - aerogel-users - Versions diffs - 1.4.3 - Mend

aerogel-users 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (80) hide show

checksums.yaml +7 -0
data/.gitignore +19 -0
data/Gemfile +4 -0
data/LICENSE.txt +22 -0
data/README.md +16 -0
data/Rakefile +1 -0
data/aerogel-users.gemspec +30 -0
data/app/helpers/access_control.rb +32 -0
data/app/helpers/auth.rb +58 -0
data/app/helpers/auth_login_providers.rb +18 -0
data/app/mailers/user.rb +43 -0
data/app/routes/access_control.rb +15 -0
data/app/routes/auth.rb +53 -0
data/app/routes/user.rb +192 -0
data/assets/README.md +1 -0
data/assets/javascripts/.gitkeep +0 -0
data/assets/stylesheets/.gitkeep +0 -0
data/config/auth.conf +43 -0
data/config/development/.keep +0 -0
data/config/production/.keep +0 -0
data/db/model/access.rb +67 -0
data/db/model/authentication.rb +54 -0
data/db/model/role.rb +17 -0
data/db/model/user.rb +223 -0
data/db/model/user_email.rb +24 -0
data/db/model/user_registration_form.rb +23 -0
data/db/model/user_request_account_activation_form.rb +30 -0
data/db/model/user_request_email_confirmation_form.rb +40 -0
data/db/model/user_request_password_reset_form.rb +37 -0
data/db/model/user_reset_password_form.rb +41 -0
data/db/seed/01_user_role.seed +8 -0
data/db/seed/02_access_user.seed +25 -0
data/db/seed/development/.keep +0 -0
data/db/seed/development/test-user.seed +77 -0
data/db/seed/production/.keep +0 -0
data/lib/aerogel/users.rb +22 -0
data/lib/aerogel/users/auth.rb +67 -0
data/lib/aerogel/users/omniauth-failure_endpoint_ex.rb +21 -0
data/lib/aerogel/users/omniauth-password.rb +63 -0
data/lib/aerogel/users/secure_password.rb +55 -0
data/lib/aerogel/users/version.rb +5 -0
data/locales/actions/en.yml +18 -0
data/locales/actions/ru.yml +17 -0
data/locales/auth/en.yml +22 -0
data/locales/auth/ru.yml +22 -0
data/locales/mailers/en.yml +69 -0
data/locales/mailers/ru.yml +73 -0
data/locales/models/en.yml +65 -0
data/locales/models/ru.yml +64 -0
data/locales/views/en.yml +122 -0
data/locales/views/ru.yml +126 -0
data/public/README.md +1 -0
data/rake/README.md +3 -0
data/views/mailers/user/account_activation.html.erb +3 -0
data/views/mailers/user/account_activation.text.erb +3 -0
data/views/mailers/user/email_confirmation.html.erb +3 -0
data/views/mailers/user/email_confirmation.text.erb +3 -0
data/views/mailers/user/password_reset.html.erb +3 -0
data/views/mailers/user/password_reset.text.erb +3 -0
data/views/user/activate_account.html.erb +3 -0
data/views/user/activate_account_failure.html.erb +3 -0
data/views/user/confirm_email.html.erb +3 -0
data/views/user/confirm_email_failure.html.erb +3 -0
data/views/user/edit.html.erb +6 -0
data/views/user/index.html.erb +19 -0
data/views/user/login.html.erb +3 -0
data/views/user/login/_form.html.erb +28 -0
data/views/user/login/_provider.html.erb +5 -0
data/views/user/logout.html.erb +3 -0
data/views/user/register.html.erb +10 -0
data/views/user/register_success.html.erb +3 -0
data/views/user/request_account_activation.html.erb +9 -0
data/views/user/request_account_activation_success.html.erb +3 -0
data/views/user/request_email_confirmation.html.erb +8 -0
data/views/user/request_email_confirmation_success.html.erb +3 -0
data/views/user/request_password_reset.html.erb +8 -0
data/views/user/request_password_reset_success.html.erb +3 -0
data/views/user/reset_password.html.erb +9 -0
data/views/user/reset_password_success.html.erb +3 -0
metadata +234 -0

data/db/model/user_request_account_activation_form.rb ADDED

@@ -0,0 +1,30 @@
+class UserRequestAccountActivationForm
+  include Model::NonPersistent
+  field :email, type: String
+  validates_presence_of :email
+  validates_format_of :email, with: /@/, message: :invalid_format
+  # validates uniqueness of provider & uid (email) among all users
+  validate do |record|
+    user = User.where( 'emails.email' => record.email ).first
+    unless user
+      record.errors.add :email, :not_registered
+      return
+    end
+    if user.activated?( record.email )
+      record.errors.add :base, :account_already_activated
+      return
+    end
+  end
+  # Returns UserEmail object, corresponding to this email address
+  #
+  def user
+    user = User.where( 'emails.email' => email ).first
+  end
+end # class UserRequestAccountActivationForm

data/db/model/user_request_email_confirmation_form.rb ADDED

@@ -0,0 +1,40 @@
+class UserRequestEmailConfirmationForm
+  include Model::NonPersistent
+  field :email, type: String
+  validates_presence_of :email
+  validates_format_of :email, with: /@/, message: :invalid_format
+  # validates uniqueness of provider & uid (email) among all users
+  validate do |record|
+    user = User.where( 'emails.email' => record.email ).first
+    unless user
+      record.errors.add :email, :not_registered
+      return
+    end
+    user_email = user.emails.where( email: record.email ).first
+    unless user_email
+      record.errors.add :email, :invalid
+      return
+    end
+    if user_email.confirmed
+      record.errors.add :email, :already_confirmed
+    end
+  end
+  # Returns User object, corresponding to this email address
+  #
+  def user
+    User.where( 'emails.email' => email ).first
+  end
+  # Returns UserEmail object, corresponding to this email address
+  #
+  def user_email
+    user.emails.where( email: email ).first
+  end
+end # class UserRequestEmailConfirmationForm

data/db/model/user_request_password_reset_form.rb ADDED

@@ -0,0 +1,37 @@
+class UserRequestPasswordResetForm
+  include Model::NonPersistent
+  field :email, type: String
+  validates_presence_of :email
+  validates_format_of :email, with: /@/, message: :invalid_format
+  # validates uniqueness of provider & uid (email) among all users
+  validate do |record|
+    user = User.where( 'emails.email' => record.email ).first
+    unless user
+      record.errors.add :email, :not_registered
+      return
+    end
+    authentication = user.authentications.where( provider: :password, uid: record.email ).first
+    unless authentication
+      record.errors.add :email, :password_login_not_allowed
+      return
+    end
+  end
+  # Returns User object, corresponding to this email address
+  #
+  def user
+    User.where( 'emails.email' => email ).first
+  end
+  # Returns UserEmail object, corresponding to this email address
+  #
+  def authentication
+    user.authentications.where( provider: :password, uid: email ).first
+  end
+end # class UserRequestPasswordResetForm

data/db/model/user_reset_password_form.rb ADDED

@@ -0,0 +1,41 @@
+class UserResetPasswordForm
+  include Model::NonPersistent
+  include Aerogel::Db::SecurePassword
+  field :email, type: String
+  field :password_reset_token, type: String
+  use_secure_password
+  validates_presence_of :email, :password_reset_token
+  validates_format_of :email, with: /@/, message: :invalid_format
+  # validates uniqueness of provider & uid (email) among all users
+  validate do |record|
+    user = User.where( 'emails.email' => record.email ).first
+    unless user
+      record.errors.add :email, :not_registered
+      return
+    end
+    authentication = user.authentications.where( provider: :password, uid: record.email ).first
+    unless authentication
+      record.errors.add :email, :password_login_not_allowed
+      return
+    end
+  end
+  # Returns User object, corresponding to this email address
+  #
+  def user
+    User.where( 'emails.email' => email ).first
+  end
+  # Returns UserEmail object, corresponding to this email address
+  #
+  def authentication
+    user.authentications.where( provider: :password, uid: email ).first
+  end
+end # class UserRequestPasswordResetForm

data/db/seed/01_user_role.seed ADDED

@@ -0,0 +1,8 @@
+model Role
+find_by [:slug]
+seeds [
+{ slug: :user,  name: "Registered user" }
+]

data/db/seed/02_access_user.seed ADDED

@@ -0,0 +1,25 @@
+# A .seed file is a .conf file which stores
+# database seed data and rules.
+#
+# Model class to use
+#
+# ! required
+model Access
+# Attribute name or a list of attribute names to be used as key(s)
+# when finding objects
+#
+# Usage:
+#   find_by :name
+# or
+#   find_by [:first_name, :last_name]
+#
+# ! required
+find_by [:path, :role]
+seeds [
+{ path: '/user',      access: :R,   role: :user },
+{ path: '/user/edit', access: :RW,  role: :user }
+]

data/db/seed/development/.keep ADDED

File without changes

data/db/seed/development/test-user.seed ADDED

@@ -0,0 +1,77 @@
+model User
+# Attribute name or a list of attribute names to be used as key(s)
+# when finding objects
+#
+# Usage:
+#   find_by :name
+# or
+#   find_by [:first_name, :last_name]
+#
+# ! required
+find_by :full_name
+# Values of attributes listed here will be set even
+# if they exist already in the matching database object.
+#
+# Other attributes in the seed data will be treated as a default value,
+# i.e. they will only be set if the matching database object does not exist
+# or its corresponding attribute is not set.
+#
+# Usage:
+#   force :value
+# or:
+#   force [:value, :description]
+#
+# default is: no fields are forced
+#force :value
+seeds [
+{
+  full_name: 'test',
+  roles: [:user],
+  emails:[{
+    email: 'test@test',
+    confirmed: true
+  }],
+  authentications:[{
+    provider: :password,
+    uid: 'test@test',
+    email_id: 'test@test',
+    password: 'test',
+    password_confirmation: 'test'
+  }]
+},
+{
+  full_name: 'test1',
+  roles: [:user],
+  emails:[{
+    email: 'test1@test',
+    confirmed: true
+  }],
+  authentications:[{
+    provider: :password,
+    uid: 'test1@test',
+    email_id: 'test1@test',
+    password: 'test',
+    password_confirmation: 'test'
+  }]
+},
+{
+  full_name: 'test2',
+  roles: [:user],
+  emails:[{
+    email: 'test2@test',
+    confirmed: true
+  }],
+  authentications:[{
+    provider: :password,
+    uid: 'test2@test',
+    email_id: 'test2@test',
+    password: 'test',
+    password_confirmation: 'test'
+  }]
+}
+]

data/db/seed/production/.keep ADDED

File without changes

data/lib/aerogel/users.rb ADDED

@@ -0,0 +1,22 @@
+require 'omniauth'
+require 'aerogel/core'
+require 'aerogel/mailer'
+require "aerogel/users/version"
+require "aerogel/users/auth"
+require "aerogel/users/omniauth-password"
+require "aerogel/users/omniauth-failure_endpoint_ex"
+require "aerogel/users/secure_password"
+module Aerogel
+  module Users
+    # Your code goes here...
+  end
+  # Finally, register module's root folder
+  register_path File.join( File.dirname(__FILE__), '..', '..' )
+  on_load do |app|
+    Aerogel::Auth.load_middleware( app )
+  end
+end

data/lib/aerogel/users/auth.rb ADDED

@@ -0,0 +1,67 @@
+module Aerogel
+module Auth
+  # known providers
+#  PROVIDERS = {
+#    password: { name: "Password", gem: nil },
+#    github: { name: "GitHub", gem: 'omniauth-github' },
+#    facebook: { name: "Facebook", gem: 'omniauth-facebook' },
+#    twitter: { name: "Twitter", gem: 'omniauth-twitter' },
+#    linkedin: { name: "LinkedIn", gem: 'omniauth-linkedin-oauth2' },
+#    vkontakte: { name: "Vkontakte", gem: 'omniauth-vkontakte' }
+#  }
+#
+  PROVIDERS = nil
+  # Returns hash of registered omniauth providers.
+  #
+  def self.providers
+    return @providers unless @providers.nil?
+    @providers = Aerogel.config.auth.providers.to_hash
+  end
+  # Returns list of enabled omniauth providers as symbols.
+  #
+  # Example:
+  #   Aerogel::Auth.enabled_providers # => [:password, :github, :twitter]
+  #
+  def self.enabled_providers
+    return @enabled_providers unless @enabled_providers.nil?
+    @enabled_providers = []
+    providers.each do |provider, opts|
+      # always enable :password
+      next unless provider == :password || Aerogel.config.auth.send( :"#{provider}?" )
+      @enabled_providers << provider
+    end
+    @enabled_providers
+  end
+  # Loads gems for enabled providers.
+  #
+  def self.load_provider_gems
+    enabled_providers.each do |provider_key|
+      gem_name = providers[provider_key][:gem_name]
+      # puts "** requiring #{provider_key}: #{gem_name}"
+      require gem_name if gem_name
+    end
+  end
+  # Loads OmniAuth middleware with enabled providers.
+  #
+  def self.load_middleware( app )
+    load_provider_gems
+    app.use OmniAuth::Builder do
+      # puts "** configuring OmniAuth"
+      provider :password, model: User
+      Aerogel::Auth.enabled_providers.each do |provider_key|
+        next if provider_key == :password
+        provider_config = app.config.auth.send(provider_key)
+        provider provider_key, provider_config.api_key!, provider_config.api_secret!
+        # puts "** configuring #{provider_key}: #{provider_config.api_key!}"
+      end
+      on_failure {|env| OmniAuth::FailureEndpointEx.new(env).redirect_to_failure }
+    end
+  end
+end # module Auth
+end # module Aerogel

data/lib/aerogel/users/omniauth-failure_endpoint_ex.rb ADDED

@@ -0,0 +1,21 @@
+# Alternative FailureEndpoint for OmniAuth,
+# which preserves all parameters passed to provider/callback
+#
+module OmniAuth
+  class FailureEndpointEx < FailureEndpoint
+    def redirect_to_failure
+      message_key = env['omniauth.error.type']
+      new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}#{origin_query_param}#{strategy_name_query_param}#{extra_query_param}"
+      Rack::Response.new(["302 Moved"], 302, 'Location' => new_path).finish
+    end
+    # Returns extra query params passed to callback.
+    #
+    def extra_query_param
+      return "" unless env['omniauth.params']
+      env['omniauth.params'].map{|k,v| "&#{k}=#{Rack::Utils.escape(v)}"}.join
+    end
+  end # class FailureEndpointEx < FailureEndpoint
+end # module OmniAuth

data/lib/aerogel/users/omniauth-password.rb ADDED

@@ -0,0 +1,63 @@
+require 'omniauth'
+module OmniAuth
+module Strategies
+class Password
+  include OmniAuth::Strategy
+  PROVIDER_NAME = :password
+  option :username_field, :email
+  option :password_field, :password
+  option :uid_field, :email
+  if defined? User
+    option :model, User
+  else
+    option :model, nil
+  end
+  option :authenticate_method, :authenticate
+  option :on_authenticate, ->(params) {
+    options.model.send( options.authenticate_method, PROVIDER_NAME, params )
+  }
+ # def request_phase
+ #   form = OmniAuth::Form.new(:title => "User Info", :url => callback_path)
+ #   [ options.username_field, options.password_field ].each do |field|
+ #     form.text_field field.to_s.capitalize.gsub("_", " "), field.to_s
+ #   end
+ #   form.button "Sign In"
+ #   form.to_response
+ # end
+  def callback_phase
+    request.params['uid'] = uid
+    request.env['omniauth.origin'] ||= request.params['origin']
+    request.env['omniauth.params'] = request.params
+    unless instance_exec( request.params, &options.on_authenticate )
+      return fail!(:invalid_credentials)
+    end
+    super
+  end
+  uid do
+    if options.uid_field.is_a? Proc
+      options.uid_field.call( request.params )
+    else
+      request.params[options.uid_field.to_s]
+    end
+  end
+  info do
+    hash = {}
+    [ options.username_field, options.password_field ].each do |field|
+      hash[field] = request.params[field.to_s]
+    end
+    hash
+  end
+end # class Password
+end # module Strategies
+end # module OmniAuth