authentasaurus 0.8.4 → 0.8.6
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELIST +6 -2
- data/TODO +2 -0
- data/app/controllers/sessions_controller.rb +1 -1
- data/app/models/authentasaurus_emailer.rb +6 -6
- data/app/models/{session.rb → authentasaurus_session.rb} +1 -1
- data/app/views/authentasaurus_emailer/invitation_mail.html.erb +2 -2
- data/app/views/authentasaurus_emailer/recovery_mail.html.erb +2 -2
- data/app/views/authentasaurus_emailer/validation_mail.html.erb +2 -2
- data/lib/authentasaurus.rb +5 -1
- data/lib/authentasaurus/ac/acts_as_overrider.rb +6 -5
- data/lib/authentasaurus/ac/controllers/areas_controller.rb +52 -57
- data/lib/authentasaurus/ac/controllers/groups_controller.rb +55 -59
- data/lib/authentasaurus/ac/controllers/permissions_controller.rb +52 -57
- data/lib/authentasaurus/ac/controllers/recoveries_controller.rb +49 -54
- data/lib/authentasaurus/ac/controllers/registrations_controller.rb +23 -28
- data/lib/authentasaurus/ac/controllers/sessions_controller.rb +39 -40
- data/lib/authentasaurus/ac/controllers/user_invitations_controller.rb +29 -34
- data/lib/authentasaurus/ac/controllers/users_controller.rb +51 -56
- data/lib/authentasaurus/ac/controllers/validations_controller.rb +34 -39
- data/lib/authentasaurus/ac/routing.rb +70 -74
- data/lib/authentasaurus/ar/acts_as_authenticatable.rb +58 -64
- data/lib/authentasaurus/ar/acts_as_authenticatable_validatable.rb +13 -16
- data/lib/authentasaurus/ar/acts_as_overrider.rb +1 -3
- data/lib/authentasaurus/ar/authenticatable.rb +1 -3
- data/lib/authentasaurus/ar/migrations.rb +137 -145
- data/lib/authentasaurus/ar/models/recovery.rb +20 -23
- data/lib/authentasaurus/ar/models/session.rb +46 -46
- data/lib/authentasaurus/ar/models/user_invitation.rb +19 -22
- data/lib/authentasaurus/ar/models/validation.rb +12 -15
- data/lib/authentasaurus/arel/acts_as_authenticatable.rb +18 -23
- data/lib/authentasaurus/arel/authenticatable.rb +5 -9
- data/lib/authentasaurus/authorization.rb +11 -8
- data/lib/authentasaurus/configuration.rb +30 -0
- data/lib/authentasaurus/railtie.rb +3 -6
- data/lib/generators/authentasaurus/install/install_generator.rb +1 -2
- data/lib/generators/authentasaurus/install/templates/authentasaurus_tasks.rake +2 -2
- data/lib/generators/authentasaurus/install/templates/defaults.yml +4 -2
- data/lib/generators/authentasaurus/views/templates/authentasaurus_emailer/invitation_mail.html.erb +2 -2
- data/lib/generators/authentasaurus/views/templates/authentasaurus_emailer/recovery_mail.html.erb +2 -2
- data/lib/generators/authentasaurus/views/templates/authentasaurus_emailer/validation_mail.html.erb +2 -2
- data/lib/generators/authentasaurus/views/views_generator.rb +1 -1
- metadata +8 -8
- data/lib/generators/authentasaurus/install/templates/initializer.rb +0 -3
@@ -2,172 +2,164 @@ module Authentasaurus::Ar
|
|
2
2
|
module Migrations
|
3
3
|
# Extends ActiveRecord::ConnectionAdapters::SchemaStatements
|
4
4
|
module Tables
|
5
|
-
|
6
|
-
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
# creates all tables
|
8
|
+
def authentasaurus_tables
|
9
|
+
authentasaurus_user :authorizable
|
10
|
+
authentasaurus_group
|
11
|
+
authentasaurus_area
|
12
|
+
authentasaurus_permission
|
13
|
+
authentasaurus_validation
|
14
|
+
authentasaurus_user_invitation
|
15
|
+
authentasaurus_recovery
|
7
16
|
end
|
8
|
-
|
9
|
-
module InstanceMethods
|
10
|
-
# creates all tables
|
11
|
-
def authentasaurus_tables
|
12
|
-
authentasaurus_user :authorizable
|
13
|
-
authentasaurus_group
|
14
|
-
authentasaurus_area
|
15
|
-
authentasaurus_permission
|
16
|
-
authentasaurus_validation
|
17
|
-
authentasaurus_user_invitation
|
18
|
-
authentasaurus_recovery
|
19
|
-
end
|
20
17
|
|
21
18
|
# creates users table
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
end
|
35
|
-
|
36
|
-
t.timestamps
|
19
|
+
def authentasaurus_user(*opts)
|
20
|
+
create_table :users do |t|
|
21
|
+
t.string :username, :null => false
|
22
|
+
t.string :hashed_password, :null => false
|
23
|
+
t.string :password_seed, :null => false
|
24
|
+
t.string :name, :null => false
|
25
|
+
t.string :email, :null => false
|
26
|
+
t.boolean :active, :null => false, :default => false
|
27
|
+
t.string :remember_me_token
|
28
|
+
|
29
|
+
if opts.include?(:authorizable) || opts.include?("authorizable")
|
30
|
+
t.integer :group_id, :null => false
|
37
31
|
end
|
32
|
+
|
33
|
+
t.timestamps
|
38
34
|
end
|
39
|
-
|
40
|
-
# creates groups table
|
41
|
-
def authentasaurus_group
|
42
|
-
create_table :groups do |t|
|
43
|
-
t.string :name, :null => false
|
35
|
+
end
|
44
36
|
|
45
|
-
|
46
|
-
|
37
|
+
# creates groups table
|
38
|
+
def authentasaurus_group
|
39
|
+
create_table :groups do |t|
|
40
|
+
t.string :name, :null => false
|
41
|
+
|
42
|
+
t.timestamps
|
47
43
|
end
|
48
|
-
|
49
|
-
# creates areas table
|
50
|
-
def authentasaurus_area
|
51
|
-
create_table :areas do |t|
|
52
|
-
t.string :name, :null => false
|
44
|
+
end
|
53
45
|
|
54
|
-
|
55
|
-
|
46
|
+
# creates areas table
|
47
|
+
def authentasaurus_area
|
48
|
+
create_table :areas do |t|
|
49
|
+
t.string :name, :null => false
|
50
|
+
|
51
|
+
t.timestamps
|
56
52
|
end
|
57
|
-
|
58
|
-
# creates permissions table
|
59
|
-
def authentasaurus_permission
|
60
|
-
create_table :permissions do |t|
|
61
|
-
t.integer :group_id, :null => false
|
62
|
-
t.integer :area_id, :null => false
|
63
|
-
t.boolean :read, :null => false, :default => false
|
64
|
-
t.boolean :write, :null => false, :default => false
|
53
|
+
end
|
65
54
|
|
66
|
-
|
67
|
-
|
55
|
+
# creates permissions table
|
56
|
+
def authentasaurus_permission
|
57
|
+
create_table :permissions do |t|
|
58
|
+
t.integer :group_id, :null => false
|
59
|
+
t.integer :area_id, :null => false
|
60
|
+
t.boolean :read, :null => false, :default => false
|
61
|
+
t.boolean :write, :null => false, :default => false
|
62
|
+
|
63
|
+
t.timestamps
|
68
64
|
end
|
69
|
-
|
70
|
-
# creates validations table
|
71
|
-
def authentasaurus_validation
|
72
|
-
create_table :validations do |t|
|
73
|
-
t.integer :user_id, :null => false
|
74
|
-
t.string :user_type, :null => false
|
75
|
-
t.string :email, :null => false
|
76
|
-
t.string :validation_code, :null => false
|
65
|
+
end
|
77
66
|
|
78
|
-
|
79
|
-
|
67
|
+
# creates validations table
|
68
|
+
def authentasaurus_validation
|
69
|
+
create_table :validations do |t|
|
70
|
+
t.integer :user_id, :null => false
|
71
|
+
t.string :user_type, :null => false
|
72
|
+
t.string :email, :null => false
|
73
|
+
t.string :validation_code, :null => false
|
74
|
+
|
75
|
+
t.timestamps
|
80
76
|
end
|
81
|
-
|
82
|
-
# creates user_invitations table
|
83
|
-
def authentasaurus_user_invitation
|
84
|
-
create_table :user_invitations do |t|
|
85
|
-
t.string :token, :null => false, :unique => true
|
86
|
-
t.string :email
|
77
|
+
end
|
87
78
|
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
t.integer :user_id, :null => false
|
96
|
-
t.string :email, :null => false
|
97
|
-
t.string :token, :null => false, :unique => true
|
98
|
-
|
99
|
-
t.timestamps
|
100
|
-
end
|
101
|
-
end
|
102
|
-
|
103
|
-
# drops all tables
|
104
|
-
def authentasaurus_drop_tables
|
105
|
-
authentasaurus_drop_user
|
106
|
-
authentasaurus_drop_group
|
107
|
-
authentasaurus_drop_area
|
108
|
-
authentasaurus_drop_permission
|
109
|
-
authentasaurus_drop_validation
|
110
|
-
authentasaurus_drop_user_invitation
|
111
|
-
authentasaurus_drop_recovery
|
112
|
-
end
|
113
|
-
|
114
|
-
# drops users table
|
115
|
-
def authentasaurus_drop_user
|
116
|
-
drop_table :users
|
117
|
-
end
|
118
|
-
|
119
|
-
# drops groups table
|
120
|
-
def authentasaurus_drop_group
|
121
|
-
drop_table :groups
|
122
|
-
end
|
123
|
-
|
124
|
-
# drops areas table
|
125
|
-
def authentasaurus_drop_area
|
126
|
-
drop_table :areas
|
79
|
+
# creates user_invitations table
|
80
|
+
def authentasaurus_user_invitation
|
81
|
+
create_table :user_invitations do |t|
|
82
|
+
t.string :token, :null => false, :unique => true
|
83
|
+
t.string :email
|
84
|
+
|
85
|
+
t.timestamps
|
127
86
|
end
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
# drops user_invitations table
|
140
|
-
def authentasaurus_drop_user_invitation
|
141
|
-
drop_table :user_invitations
|
142
|
-
end
|
143
|
-
|
144
|
-
# drops recoveries table
|
145
|
-
def authentasaurus_drop_recovery
|
146
|
-
drop_table :recoveries
|
87
|
+
end
|
88
|
+
|
89
|
+
# creates recoveries table
|
90
|
+
def authentasaurus_recovery
|
91
|
+
create_table :recoveries do |t|
|
92
|
+
t.integer :user_id, :null => false
|
93
|
+
t.string :email, :null => false
|
94
|
+
t.string :token, :null => false, :unique => true
|
95
|
+
|
96
|
+
t.timestamps
|
147
97
|
end
|
148
98
|
end
|
149
|
-
|
99
|
+
|
100
|
+
# drops all tables
|
101
|
+
def authentasaurus_drop_tables
|
102
|
+
authentasaurus_drop_user
|
103
|
+
authentasaurus_drop_group
|
104
|
+
authentasaurus_drop_area
|
105
|
+
authentasaurus_drop_permission
|
106
|
+
authentasaurus_drop_validation
|
107
|
+
authentasaurus_drop_user_invitation
|
108
|
+
authentasaurus_drop_recovery
|
109
|
+
end
|
110
|
+
|
111
|
+
# drops users table
|
112
|
+
def authentasaurus_drop_user
|
113
|
+
drop_table :users
|
114
|
+
end
|
115
|
+
|
116
|
+
# drops groups table
|
117
|
+
def authentasaurus_drop_group
|
118
|
+
drop_table :groups
|
119
|
+
end
|
120
|
+
|
121
|
+
# drops areas table
|
122
|
+
def authentasaurus_drop_area
|
123
|
+
drop_table :areas
|
124
|
+
end
|
125
|
+
|
126
|
+
# drops permissions table
|
127
|
+
def authentasaurus_drop_permission
|
128
|
+
drop_table :permissions
|
129
|
+
end
|
130
|
+
|
131
|
+
# drops validations table
|
132
|
+
def authentasaurus_drop_validation
|
133
|
+
drop_table :validations
|
134
|
+
end
|
135
|
+
|
136
|
+
# drops user_invitations table
|
137
|
+
def authentasaurus_drop_user_invitation
|
138
|
+
drop_table :user_invitations
|
139
|
+
end
|
140
|
+
|
141
|
+
# drops recoveries table
|
142
|
+
def authentasaurus_drop_recovery
|
143
|
+
drop_table :recoveries
|
144
|
+
end
|
145
|
+
end
|
150
146
|
|
151
147
|
# Extends ActiveRecord::ConnectionAdapters::TableDefinition
|
152
148
|
module Columns
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
boolean :active, :null => false, :default => false
|
166
|
-
if opts.include?(:authorizable)
|
167
|
-
integer :group_id, :null => false
|
168
|
-
end
|
149
|
+
extend ActiveSupport::Concern
|
150
|
+
|
151
|
+
def user(*opts)
|
152
|
+
string :username, :null => false
|
153
|
+
string :hashed_password, :null => false
|
154
|
+
string :password_seed, :null => false
|
155
|
+
string :name, :null => false
|
156
|
+
string :email, :null => false
|
157
|
+
string :remember_me_token
|
158
|
+
boolean :active, :null => false, :default => false
|
159
|
+
if opts.include?(:authorizable)
|
160
|
+
integer :group_id, :null => false
|
169
161
|
end
|
170
162
|
end
|
171
163
|
end
|
172
|
-
end
|
164
|
+
end
|
173
165
|
end
|
@@ -1,37 +1,34 @@
|
|
1
1
|
module Authentasaurus::Ar::Models
|
2
2
|
module Recovery
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
base.send :require, "digest/sha1"
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
included do
|
6
|
+
require "digest/sha1"
|
8
7
|
|
9
|
-
|
8
|
+
unloadable
|
10
9
|
|
11
|
-
|
10
|
+
belongs_to :user
|
12
11
|
|
13
|
-
|
14
|
-
|
12
|
+
before_validation :make_token!, :on => :create
|
13
|
+
before_save :send_recovery
|
15
14
|
|
16
|
-
|
15
|
+
scope :valid, lambda { { :conditions => ["updated_at <= ?", Authentasaurus::Configuration.instance.configuration[:modules][:recoverable][:token_expires_after].days.from_now] } }
|
17
16
|
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
17
|
+
validates_uniqueness_of :user_id
|
18
|
+
validates_presence_of :email
|
19
|
+
validates_presence_of :user_id, :message => :"recovery.user_id.blank"
|
20
|
+
validates_format_of :email, :with => %r{[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}}
|
22
21
|
end
|
23
22
|
|
24
23
|
module ClassMethods
|
25
24
|
end
|
25
|
+
|
26
|
+
def make_token!
|
27
|
+
self.token = Digest::SHA1.hexdigest "#{Time.now.to_i} #{rand} #{self.email}"
|
28
|
+
end
|
26
29
|
|
27
|
-
|
28
|
-
|
29
|
-
self.token = Digest::SHA1.hexdigest "#{Time.now.to_i} #{rand} #{self.email}"
|
30
|
-
end
|
31
|
-
|
32
|
-
def send_recovery
|
33
|
-
AuthentasaurusEmailer.deliver_recovery_mail(self.user, self.token) if Rails.application.config.authentasaurus[:modules][:recoverable][:send_email]
|
34
|
-
end
|
30
|
+
def send_recovery
|
31
|
+
AuthentasaurusEmailer.deliver_recovery_mail(self.user, self.token) if Authentasaurus::Configuration.instance.configuration[:modules][:recoverable][:send_email]
|
35
32
|
end
|
36
|
-
end
|
33
|
+
end
|
37
34
|
end
|
@@ -3,15 +3,16 @@
|
|
3
3
|
# A session behaves just like an ActiveRecord model
|
4
4
|
module Authentasaurus::Ar::Models
|
5
5
|
module Session
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
6
|
+
extend ActiveSupport::Concern
|
7
|
+
|
8
|
+
included do # :nodoc:
|
9
|
+
include ActiveModel::Validations
|
10
|
+
include ActiveModel::Conversion
|
11
|
+
|
12
|
+
attr_accessor :username, :password, :remember
|
13
|
+
validates_presence_of :username, :password
|
11
14
|
|
12
|
-
|
13
|
-
base.send :validates_presence_of, :username, :password
|
14
|
-
base.send :attr_reader, :user
|
15
|
+
attr_reader :user
|
15
16
|
end
|
16
17
|
|
17
18
|
module ClassMethods
|
@@ -26,53 +27,52 @@ module Authentasaurus::Ar::Models
|
|
26
27
|
end
|
27
28
|
|
28
29
|
# Takes an id (usually from an ActiveController session) and returns a User object
|
29
|
-
def current_user(id, session_type =
|
30
|
+
def current_user(id, session_type = Authentasaurus::Configuration.instance.user_model.to_sym)
|
30
31
|
session_type.to_s.camelize.constantize.find id
|
31
32
|
end
|
32
33
|
end
|
33
|
-
|
34
|
-
module InstanceMethods
|
35
|
-
# Takes a hash of attributes keys and values just like ActiveRecord models
|
36
|
-
def initialize(attributes = nil)
|
37
|
-
if attributes
|
38
|
-
attributes.each do |key,value|
|
39
|
-
send(key.to_s + '=', value)
|
40
|
-
end
|
41
|
-
else
|
42
|
-
self.remember = false
|
43
|
-
end
|
44
|
-
end
|
45
|
-
|
46
|
-
# Authenticates the information saved in the attributes
|
47
|
-
# Returns true or false
|
48
|
-
def save(*session_types)
|
49
|
-
session_types = session_types.flatten
|
50
|
-
|
51
|
-
if session_types.empty?
|
52
|
-
session_types = [:user]
|
53
|
-
end
|
54
34
|
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
ret &= false
|
61
|
-
else
|
62
|
-
ret = true
|
63
|
-
break
|
64
|
-
end
|
35
|
+
# Takes a hash of attributes keys and values just like ActiveRecord models
|
36
|
+
def initialize(attributes = nil)
|
37
|
+
if attributes
|
38
|
+
attributes.each do |key,value|
|
39
|
+
send(key.to_s + '=', value)
|
65
40
|
end
|
66
|
-
|
41
|
+
else
|
42
|
+
self.remember = false
|
67
43
|
end
|
44
|
+
end
|
45
|
+
|
46
|
+
# Authenticates the information saved in the attributes
|
47
|
+
# Returns true or false
|
48
|
+
def save(*session_types)
|
49
|
+
session_types = session_types.flatten
|
68
50
|
|
69
|
-
|
70
|
-
|
51
|
+
if session_types.empty?
|
52
|
+
user_model = Authentasaurus::Configuration.instance.user_model.to_sym
|
53
|
+
session_types = [user_model]
|
71
54
|
end
|
72
55
|
|
73
|
-
|
74
|
-
|
56
|
+
ret = true
|
57
|
+
session_types.each do |type|
|
58
|
+
@user = type.to_s.camelize.constantize.authenticate(self.username.downcase, self.password, self.remember == "1")
|
59
|
+
if @user.nil?
|
60
|
+
self.errors.add_to_base I18n.t(:invalid_login, :scope => [:authentasaurus, :messages, :sessions])
|
61
|
+
ret &= false
|
62
|
+
else
|
63
|
+
ret = true
|
64
|
+
break
|
65
|
+
end
|
75
66
|
end
|
67
|
+
ret
|
68
|
+
end
|
69
|
+
|
70
|
+
def new_record? #:nodoc:
|
71
|
+
true
|
72
|
+
end
|
73
|
+
|
74
|
+
def persisted? #:nodoc:
|
75
|
+
false
|
76
76
|
end
|
77
|
-
end
|
77
|
+
end
|
78
78
|
end
|