auth-slice 0.1.0

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 PragmaQuest Inc
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README

@@ -0,0 +1,65 @@
+AuthSlice
+=========
+
+An user authentication slice for the Merb framework.  See http://github.com/ctran/merb-skel for an example application that uses this slice
+
+== Installation:
+
+> gem install merb
+> gem install merb-slices
+
+To use activerecord adapter
+> gem install activerecord
+> gem merb_activerecord
+
+To use datamapper adapter
+> gem install datamapper
+> gem install merb_datamapper
+
+=== config/init.rb
+
+# add the slice as a regular dependency
+dependency 'auth-slice'
+
+=== config/router.rb
+
+# This will add the following routes /login, /logout and /signup
+r.slice(:AuthSlice)
+
+# This will add the following routes /auth-slice/login, /auth-slice/logout and /auth-slice/signup
+r.add_slice(:AuthSlice)
+
+# This will add the following routes /user/login, /user/logout and /user/signup
+r.add_slice(:AuthSlice, 'user') # same as :path => 'user'
+
+=== Normally you should also run the following rake task:
+> rake slices:auth_slice:install
+
+== Customization/Overrides
+
+By default, the user model class is in AuthSlice::User.  To use shorter name, add this to your init.rb
+
+Merb::Slices.config[:auth_slice] = { :user_model_class => "User" }
+
+You can also put your application-level overrides in:
+
+host-app/slices/auth-slice/app - controllers, models, views ...
+
+Templates are located in this order:
+
+1. host-app/slices/auth-slice/app/views/*
+2. gems/auth-slice/app/views/*
+3. host-app/app/views/*
+
+You can use the host application's layout by configuring the
+auth-slice slice in a before_app_loads block:
+
+Merb::Slices.config[:auth_slice] = { :layout => :application }
+
+By default :auth_slice is used. If you need to override
+stylesheets or javascripts, just specify your own files in your layout
+instead/in addition to the ones supplied (if any) in 
+host-app/public/slices/auth-slice.
+
+In any case don't edit those files directly as they may be clobbered any time
+rake auth_slice:install is run.

data/Rakefile

@@ -0,0 +1,47 @@
+require 'rubygems'
+require 'rake/gempackagetask'
+require 'spec/rake/spectask'
+require 'merb-core/version'
+require 'merb-core/test/tasks/spectasks'
+
+PLUGIN = "auth-slice"
+NAME = "auth-slice"
+AUTHOR = "Cuong Tran"
+EMAIL = "ctran@pragmaquest.com"
+HOMEPAGE = "http://merb-slices.rubyforge.org/auth-slice/"
+SUMMARY = "Merb Slice that provides user authentication"
+SLICE_VERSION = "0.1.0"
+
+spec = Gem::Specification.new do |s|
+  s.name = NAME
+  s.version = SLICE_VERSION
+  s.platform = Gem::Platform::RUBY
+  s.has_rdoc = true
+  s.extra_rdoc_files = ["README", "LICENSE"]
+  s.summary = SUMMARY
+  s.description = s.summary
+  s.author = AUTHOR
+  s.email = EMAIL
+  s.homepage = HOMEPAGE
+  s.add_dependency('merb-slices', '>= 0.9.4')
+  s.require_path = 'lib'
+  s.files = %w(LICENSE README Rakefile) + Dir.glob("{lib,spec,app,public}/**/*")
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.gem_spec = spec
+end
+
+desc "Install Foo as a gem"
+task :install => [:package] do
+  sh %{sudo gem install pkg/#{NAME}-#{SLICE_VERSION} --no-update-sources --local}
+end
+
+namespace :jruby do
+
+  desc "Run :package and install the resulting .gem with jruby"
+  task :install => :package do
+    sh %{#{SUDO} jruby -S gem install pkg/#{NAME}-#{VERSION}.gem --no-rdoc --no-ri}
+  end
+
+end

data/app/controllers/application.rb

@@ -0,0 +1,4 @@
+class AuthSlice::Application < Merb::Controller
+  controller_for_slice
+  include AuthSlice::ControllerMixin
+end

data/app/controllers/controller_mixin.rb

@@ -0,0 +1,150 @@
+module AuthSlice
+  module ControllerMixin
+    protected
+      # Returns true or false if the user is logged in.
+      # Preloads @current_user with the user model if they're logged in.
+      def logged_in?
+        current_user != :false
+      end
+    
+      # Accesses the current user from the session.  Set it to :false if login fails
+      # so that future calls do not hit the database.
+      def current_user
+        @current_user ||= (login_from_session || login_from_basic_auth || login_from_cookie || :false)
+      end
+    
+      # Store the given user in the session.
+      def current_user=(new_user)
+        session[:user] = (new_user.nil? || new_user.is_a?(Symbol)) ? nil : new_user.id
+        @current_user = new_user
+      end
+    
+      # Check if the user is authorized
+      #
+      # Override this method in your controllers if you want to restrict access
+      # to only a few actions or if you want to check if the user
+      # has the correct rights.
+      #
+      # Example:
+      #
+      #  # only allow nonbobs
+      #  def authorized?
+      #    current_user.username != "bob"
+      #  end
+      def authorized?
+        logged_in?
+      end
+
+      # Filter method to enforce a login requirement.
+      #
+      # To require logins for all actions, use this in your controllers:
+      #
+      #   before_filter :login_required
+      #
+      # To require logins for specific actions, use this in your controllers:
+      #
+      #   before_filter :login_required, :only => [ :edit, :update ]
+      #
+      # To skip this in a subclassed controller:
+      #
+      #   skip_before_filter :login_required
+      #
+      def login_required
+        authorized? || throw(:halt, :access_denied)
+      end
+
+      # Redirect as appropriate when an access request fails.
+      #
+      # The default HTML action is to redirect to the login screen.
+      #
+      # The default XML action is to render the text Couldn't authenticate you.
+      # To provide this response wrapped in XML, make sure to specify an
+      # XML layout, such as /app/views/layouts/application.xml.builder.
+      #
+      # Override this method in your controllers if you want to have special
+      # behavior in case the user is not authorized
+      # to access the requested action.  For example, a popup window might
+      # simply close itself.
+      def access_denied
+        case content_type
+        when :html
+          store_location
+          redirect url(:login)
+        when :xml
+          headers["Status"]             = "Unauthorized"
+          headers["WWW-Authenticate"]   = %(Basic realm="Web Password")
+          self.status = 401
+          render "Couldn't authenticate you"
+        end
+      end
+    
+      # Store the URI of the current request in the session.
+      #
+      # We can return to this location by calling #redirect_back_or_default.
+      def store_location
+        session[:return_to] = request.uri
+      end
+    
+      # Redirect to the URI stored by the most recent store_location call or
+      # to the passed default.
+      def redirect_back_or_default(default)
+        loc = session[:return_to] || default
+        session[:return_to] = nil
+        redirect loc
+      end
+    
+      # Inclusion hook to make #current_user and #logged_in?
+      # available as ActionView helper methods.
+      # def self.included(base)
+      #   base.send :helper_method, :current_user, :logged_in?
+      # end
+
+      # Called from #current_user.  First attempt to login by the user id stored in the session.
+      def login_from_session
+        self.current_user = find_user_by_id(session[:user]) if session[:user]
+      end
+
+      # Called from #current_user.  Now, attempt to login by basic authentication information.
+      def login_from_basic_auth
+        username, passwd = get_auth_data
+        self.current_user = verify_login(username, passwd) if username && passwd
+      end
+
+      # Called from #current_user.  Finaly, attempt to login by an expiring token in the cookie.
+      def login_from_cookie     
+        user = cookies[:auth_token] && find_user_by_remember_token(cookies[:auth_token])
+        if user && user.remember_token?
+          user.remember_me
+          cookies[:auth_token] = { :value => user.remember_token, :expires => Time.parse(user.remember_token_expires_at.strftime) }
+          self.current_user = user
+        end
+      end
+    
+      def reset_session
+        session.data.each{|k,v| session.data.delete(k)}
+      end
+
+    protected
+      def verify_login(username, password)
+        AuthSlice::User.authenticate(username, password)
+      end
+      
+      def find_user_by_id(user_id)
+        AuthSlice::User.find_by_id(user_id)
+      end
+      
+      def find_user_by_remember_token(token)
+        AuthSlice::User.find_by_remember_token(token)
+      end
+
+    private
+      @@http_auth_headers = %w(Authorization HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION X_HTTP_AUTHORIZATION REDIRECT_X_HTTP_AUTHORIZATION)
+
+      # gets BASIC auth info
+      def get_auth_data
+        auth_key  = @@http_auth_headers.detect { |h| request.env.has_key?(h) }
+        auth_data = request.env[auth_key].to_s.split unless auth_key.blank?
+        return auth_data && auth_data[0] == 'Basic' ? Base64.decode64(auth_data[1]).split(':')[0..1] : [nil, nil] 
+      end
+  end
+end

data/app/controllers/users.rb

@@ -0,0 +1,41 @@
+class AuthSlice::Users < AuthSlice::Application
+  provides :html
+
+  skip_before :login_required
+  
+  def login
+    if request.post?
+      self.current_user = verify_login(params[:username], params[:password])
+      if logged_in?
+        if params[:remember_me] == "1"
+          self.current_user.remember_me
+          cookies[:auth_token] = {
+            :value => self.current_user.remember_token, 
+            :expires => Time.parse(current_user.remember_token_expires_at.strftime)
+          }
+        end
+        return redirect_back_or_default('/')
+      end
+    end
+    
+    render
+  end
+
+  def logout
+    self.current_user.forget_me if logged_in?
+    cookies.delete :auth_token
+    reset_session
+    redirect_back_or_default('/')
+  end
+
+  def signup
+    cookies.delete :auth_token
+    @user = AuthSlice::User.new(params['auth_slice::user'] || {})
+    
+    if request.post? && @user.save
+      return redirect_back_or_default('/')
+    end
+    
+    render
+  end
+end

data/app/helpers/application_helper.rb

@@ -0,0 +1,64 @@
+module Merb
+  module AuthSlice
+    module ApplicationHelper
+      
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path relative to the public directory, with added segments.
+      def image_path(*segments)
+        public_path_for(:image, *segments)
+      end
+      
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path relative to the public directory, with added segments.
+      def javascript_path(*segments)
+        public_path_for(:javascript, *segments)
+      end
+      
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path relative to the public directory, with added segments.
+      def stylesheet_path(*segments)
+        public_path_for(:stylesheet, *segments)
+      end
+      
+      # Construct a path relative to the public directory
+      # 
+      # @param <Symbol> The type of component.
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path relative to the public directory, with added segments.
+      def public_path_for(type, *segments)
+        File.join(::AuthSlice.public_dir_for(type), *segments)
+      end
+      
+      # Construct an app-level path.
+      # 
+      # @param <Symbol> The type of component.
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path within the host application, with added segments.
+      def app_path_for(type, *segments)
+        File.join(::AuthSlice.app_dir_for(type), *segments)
+      end
+      
+      # Construct a slice-level path.
+      # 
+      # @param <Symbol> The type of component.
+      # @param *segments<Array[#to_s]> Path segments to append.
+      #
+      # @return <String> 
+      #  A path within the slice source (Gem), with added segments.
+      def slice_path_for(type, *segments)
+        File.join(::AuthSlice.dir_for(type), *segments)
+      end
+      
+    end
+  end
+end

data/app/models/adapter/activerecord.rb

@@ -0,0 +1,55 @@
+module AuthSlice
+  module Adapter
+    module Activerecord
+      def self.create_user_model
+        Object.class_eval <<-end_eval
+          class ::AuthSlice::User < ActiveRecord::Base
+            include AuthSlice::Adapter::Activerecord
+          end
+        end_eval
+      end
+      
+      def self.included(base)
+        base.class_eval do
+          include AuthSlice::BaseModel
+          extend ClassMethods
+          
+          validates_presence_of     :name
+          validates_presence_of     :username
+          validates_presence_of     :email
+          validates_length_of       :username, :within => 3..40
+          validates_length_of       :password, :within => 4..40, :if => :password_required?
+          validates_presence_of     :password_confirmation, :if => :password_required?
+          validates_confirmation_of :password, :if => :password_required?
+          validates_uniqueness_of   :username, :case_sensitive => false, :if => lambda { |u| !u.username.blank? }
+          validates_uniqueness_of   :email, :case_sensitive => false, :if => lambda { |u| !u.email.blank? }
+
+          before_save :encrypt_password
+          
+          def username=(value)
+            self[:username] = value.downcase if value
+          end
+        end
+      end
+      
+      module ClassMethods
+        def drop_db_table
+          self.connection.drop_table("users")
+        end
+        
+        def create_db_table
+          self.connection.create_table("users") do |t|
+            t.string :name, :limit => 40, :null => false
+            t.string :username, :limit => 40, :null => false
+            t.string :email, :null => false
+            t.string :crypted_password, :limit => 40
+            t.string :salt, :limit => 40, :null => false
+            t.string :remember_token
+            t.date :remember_token_expires_at
+            t.timestamps
+          end
+        end  
+      end
+    end
+  end
+end