authenticate 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ee7e6d853c9b5bbd628cff1a668915f044763ee2
-  data.tar.gz: eed8ffa17e581d9e78f7a9a1de4c7256f5aab006
+  metadata.gz: c160442936452dc9147dbe4fd4d917c1aa278b50
+  data.tar.gz: 358c081a740043a8db0e95b62f8ce8e3512ffbf5
 SHA512:
-  metadata.gz: 9e5a156bd35d223e8e513efe3224e76ccd9f11b1df4b4215c72ed88d34a53b0f00d2329beb29681981b4ba4f1c3c1625e5ca3e5ff5ee9966d8d3225cdb9bf23b
-  data.tar.gz: 21d14b3ceac3b4a6e99794ba9e5ee8adb36e2a9f513d75d9f156116a77400b252b869e10004181b9ca3de23fba12977031261fb28fcf91171866efa302f6f5c4
+  metadata.gz: 392b0d52f226921b405e65bff052ac0e7f20eb2ed84c4047a44ddff2e544db0173734957425e51604137143ebb53573ba49077518eccc4543dcea7200b7d0166
+  data.tar.gz: 4e7833c91bf197290bdba2d81536adc920cc6c7e06ef710b3f7f095038d9c0709600e7be4d3f6ddd92738750e89c52b027b459bf2c044fccfabc3044c0fc726d

data/CHANGELOG.md

@@ -1,7 +1,15 @@
 # Authenticate Changelog
 
+## [0.2.2] - February 9, 2016
 
-## [0.2.1] - February 2, 2016
+Password length range requirements added, defaults to 8..128.
+Generators and app now respect model class more completely, including in routes.
+
+[0.2.2]: https://github.com/tomichj/authenticate/compare/v0.2.1...v0.2.2
+
+
+
+## [0.2.1] - February 9, 2016
 
 Fixed potential password_reset nil pointer.
 Continued adding I18n support.
@@ -10,6 +18,7 @@ Minor documentation improvments.
 [0.2.1]: https://github.com/tomichj/authenticate/compare/v0.2.0...v0.2.1
 
 
+
 ## [0.2.0] - February 2, 2016
 
 Added app/ including controllers, views, routes, mailers.
@@ -17,6 +26,7 @@ Added app/ including controllers, views, routes, mailers.
 [0.2.0]: https://github.com/tomichj/authenticate/compare/v0.1.0...v0.2.0
 
 
+
 ## 0.1.0 - January 23, 2016
 
 Initial Release, barely functioning

data/README.md

@@ -63,7 +63,7 @@ rails generate authenticate:install
 
 The generator does the following:
 
-* Insert `include Authenticate::User` into your `User` model.
+* Insert `include Authenticate::User` into your `User` model. If you don't have a User model, one is created.
 * Insert `include Authenticate::Controller` into your `ApplicationController`
 * Add an initializer at `config/intializers/authenticate.rb`.
 * Create migrations to either create a users table or add additional columns to :user. A primary migration is added,
@@ -93,10 +93,11 @@ Authenticate.configure do |config|
   config.cookie_http_only = false
   config.mailer_sender = 'reply@example.com'
   config.crypto_provider = Bcrypt
-  config.timeout_in = nil  # 45.minutes
+  config.timeout_in = nil
   config.max_session_lifetime = nil  # 8.hours
-  config.max_consecutive_bad_logins_allowed = nil # 5
+  config.max_consecutive_bad_logins_allowed = nil
   config.bad_login_lockout_period = nil # 5.minutes
+  config.password_length = 8..128
   config.authentication_strategy = :email
   config.redirect_url = '/'
   config.allow_sign_up = true
@@ -270,27 +271,9 @@ $ rails generate authenticate:views
 
 ### Layout
 
-Authenticate uses your application's default layout. If you would like to change the layout clearance uses when
+Authenticate uses your application's default layout. If you would like to change the layout Authenticate uses when
 rendering views, you can either deploy copies of the controllers and customize them, or you can specify
-the layout in an initializer. This needs to be done in a to_prepare callback in `config/application.rb`
-because it's executed once in production and before each request in development.
-                              
-You can specify the layout per-controller:
-
-```ruby
-config.to_prepare do
-  Authenticate::PasswordsController.layout 'my_passwords_layout'
-  Authenticate::SessionsController.layout 'my_sessions_layout'
-  Authenticate::UsersController.layout 'my_users_layout'
-end
-```
-
-
-### Layout
-
-Authenticate uses your application's default layout. If you would like to change the layout clearance uses when
-rendering views, you can either deploy copies of the controllers and customize them, or you can specify
-the layout in an initializer. This needs to be done in a to_prepare callback in `config/application.rb`
+the layout in an initializer. This should be done in a to_prepare callback in `config/application.rb`
 because it's executed once in production and before each request in development.
                               
 You can specify the layout per-controller:

data/app/controllers/authenticate/users_controller.rb

@@ -14,6 +14,8 @@ class Authenticate::UsersController < Authenticate::AuthenticateController
       login @user
       redirect_back_or url_after_create
     else
+      logger.info "@user: " + @user.inspect
+      logger.info "ERRORS?: " + @user.errors.inspect
       render template: 'users/new'
     end
   end
@@ -41,6 +43,7 @@ class Authenticate::UsersController < Authenticate::AuthenticateController
   end
 
   def user_params
-    params[:user] || Hash.new
+    key = Authenticate.configuration.user_model_param_key.to_sym
+    params[key] || Hash.new
   end
 end

data/app/views/users/new.html.erb

@@ -3,6 +3,16 @@
 
   <%= form_for @user do |form| %>
 
+      <% if @user.errors.any? %>
+          <ul>
+            <% @user.errors.full_messages.each do |msg| %>
+                <li><%= msg %></li>
+            <% end %>
+          </ul>
+          <br>
+      <% end %>
+
+
       <div class="field">
         <%= form.label :email %>
         <%= form.text_field :email, type: 'email' %>

data/config/routes.rb

@@ -4,7 +4,8 @@ if Authenticate.configuration.routes_enabled?
     resources :passwords, controller: 'authenticate/passwords', only: [:new, :create]
 
     user_actions = Authenticate.configuration.allow_sign_up? ? [:new, :create] : []
-    resource :users, controller: 'authenticate/users', only: user_actions do
+    user_model = Authenticate.configuration.user_model_route_key
+    resource user_model, controller: 'authenticate/users', only: user_actions do
       resources :passwords, controller: 'authenticate/passwords', only: [:edit, :update]
     end
 

data/lib/authenticate/configuration.rb

@@ -99,6 +99,10 @@ module Authenticate
     # @return [ActiveSupport::CoreExtensions::Numeric::Time]
     attr_accessor :bad_login_lockout_period
 
+    # Range requirement for password length. Defaults to `8..128`.
+    # @return [Range]
+    attr_accessor :password_length
+
     # Strategy for authentication.
     #
     # Available strategies:
@@ -133,7 +137,6 @@ module Authenticate
     # @return [Boolean]
     attr_accessor :allow_sign_up
 
-
     # Enable or disable Authenticate's built-in routes. Defaults to 'true',
     # enabling Authenticate's built-in routes. Disable by setting to 'false'.
     # If you disable the routes, your application is responsible for all routes.
@@ -176,12 +179,23 @@ module Authenticate
       @modules = []
       @user_model = '::User'
       @authentication_strategy = :email
+      @password_length = 8..128
     end
 
     def user_model_class
       @user_model_class ||= user_model.constantize
     end
 
+    def user_model_route_key
+      return :users if @user_model == '::User' # avoid nil in generator
+      Authenticate.configuration.user_model_class.model_name.route_key
+    end
+
+    def user_model_param_key
+      return :user if @user_model == '::User' # avoid nil in generator
+      Authenticate.configuration.user_model_class.model_name.param_key
+    end
+
     # The name of foreign key parameter for the configured user model.
     # This is derived from the `model_name` of the `user_model` setting.
     # In the default configuration, this is `user_id`.
@@ -214,7 +228,6 @@ module Authenticate
       modules
     end
 
-
   end # end of Configuration class
 
 

data/lib/authenticate/model/db_password.rb

@@ -35,7 +35,10 @@ module Authenticate
         include crypto_provider
         attr_reader :password
         attr_accessor :password_changing
-        validates :password, presence: true, unless: :skip_password_validation?
+        validates :password,
+                  presence: true,
+                  length:{ in: password_length },
+                  unless: :skip_password_validation?
       end
 
 
@@ -60,12 +63,17 @@ module Authenticate
         def crypto_provider
           Authenticate.configuration.crypto_provider || Authenticate::Crypto::BCrypt
         end
+
+        def password_length
+          Authenticate.configuration.password_length
+        end
       end
 
 
       # If we already have an encrypted password and it's not changing, skip the validation.
       def skip_password_validation?
-        encrypted_password.present? && !password_changing
+        # encrypted_password.present? && !password_changing
+        false
       end
 
     end

data/lib/authenticate/modules.rb

@@ -1,7 +1,6 @@
 module Authenticate
   module Modules
     extend ActiveSupport::Concern
-    include Authenticate::Debug
 
     # Module to help Authenticate's user model load Authenticate modules.
     #
@@ -59,7 +58,8 @@ module Authenticate
         end
 
         if failed_attributes.any?
-          fail MissingAttribute.new(failed_attributes)
+          # fail MissingAttribute.new(failed_attributes)
+          Rails.logger.warn "The following attribute(s) is (are) missing on your user model: #{failed_attributes.join(", ")}"
         end
       end
 

data/lib/authenticate/version.rb

@@ -1,3 +1,3 @@
 module Authenticate
-  VERSION = '0.2.1'
+  VERSION = '0.2.2'
 end

data/lib/generators/authenticate/helpers.rb

@@ -0,0 +1,62 @@
+module Authenticate
+  module Generators
+    module Helpers
+      private
+
+      # Either return the model passed in a classified form or return the default "User".
+      def model_class_name
+        options[:model] ? options[:model].classify : 'User'
+      end
+
+      def model_path
+        @model_path ||= File.join('app', 'models', "#{file_path}.rb")
+      end
+
+      def file_path
+        model_name.underscore
+      end
+
+      def namespace
+        Rails::Generators.namespace if Rails::Generators.respond_to?(:namespace)
+      end
+
+      def namespaced?
+        !!namespace
+      end
+
+      def model_name
+        if namespaced?
+          [namespace.to_s] + [model_class_name]
+        else
+          [model_class_name]
+        end.join('::')
+      end
+
+      def table_name
+        @table_name ||= begin
+          base = plural_name
+          (class_path + [base]).join('_')
+        end
+      end
+
+      def class_path
+        @class_path
+      end
+
+      def singular_name
+        @file_name
+      end
+
+      def plural_name
+        singular_name.pluralize
+      end
+
+      def assign_names!(name) #:nodoc:
+        @class_path = name.include?('/') ? name.split('/') : name.split('::')
+        @class_path.map!(&:underscore)
+        @file_name = @class_path.pop
+      end
+
+    end
+  end
+end

data/lib/generators/authenticate/install/install_generator.rb

@@ -1,31 +1,33 @@
 require 'rails/generators/base'
 require 'rails/generators/active_record'
+require 'generators/authenticate/helpers'
 
 module Authenticate
   module Generators
     class InstallGenerator < Rails::Generators::Base
       include Rails::Generators::Migration
+      include Authenticate::Generators::Helpers
+
       source_root File.expand_path('../templates', __FILE__)
 
-      def create_initializer
-        copy_file 'authenticate.rb', 'config/initializers/authenticate.rb'
+      class_option :model, optional: true, type: :string, banner: 'model',
+                   desc: "Specify the model class name if you will use anything other than 'User'"
+
+      def initialize(*)
+        super
+        assign_names!(model_class_name)
       end
 
-      def inject_into_application_controller
-        inject_into_class(
-            "app/controllers/application_controller.rb",
-            ApplicationController,
-            "  include Authenticate::Controller\n"
-        )
+      def verify
+        if options[:model] && !File.exists?(model_path)
+          puts "Exiting: the model class you specified, #{options[:model]}, is not found."
+          exit 1
+        end
       end
 
       def create_or_inject_into_user_model
-        if File.exist? "app/models/user.rb"
-          inject_into_file(
-              'app/models/user.rb',
-              '  include Authenticate::User\n\n',
-              after: 'class User < ActiveRecord::Base\n'
-          )
+        if File.exist? model_path
+          inject_into_class(model_path, model_class_name, "  include Authenticate::User\n\n")
         else
           copy_file 'user.rb', 'app/models/user.rb'
         end
@@ -45,6 +47,26 @@ module Authenticate
         copy_migration 'add_authenticate_password_reset_to_users.rb'
       end
 
+      def inject_into_application_controller
+        inject_into_class(
+            'app/controllers/application_controller.rb',
+            ApplicationController,
+            "  include Authenticate::Controller\n\n"
+        )
+      end
+
+      def create_initializer
+        copy_file 'authenticate.rb', 'config/initializers/authenticate.rb'
+        if options[:model]
+          inject_into_file(
+              'config/initializers/authenticate.rb',
+              "  config.user_model = '#{options[:model]}' \n",
+              after: "Authenticate.configure do |config|\n",
+          )
+        end
+      end
+
+
       private
 
       def create_new_users_migration
@@ -96,8 +118,8 @@ module Authenticate
 
       def new_indexes
         @new_indexes ||= {
-            index_users_on_email: 'add_index :users, :email',
-            index_users_on_session_token: 'add_index :users, :session_token'
+            index_users_on_email: "add_index :#{table_name}, :email",
+            index_users_on_session_token: "add_index :#{table_name}, :session_token"
         }.reject { |index| existing_users_indexes.include?(index.to_s) }
       end
 
@@ -116,17 +138,17 @@ module Authenticate
       end
 
       def users_table_exists?
-        ActiveRecord::Base.connection.table_exists?(:users)
+        ActiveRecord::Base.connection.table_exists?(table_name)
       end
 
       def existing_users_columns
         return [] unless users_table_exists?
-        ActiveRecord::Base.connection.columns(:users).map(&:name)
+        ActiveRecord::Base.connection.columns(table_name).map(&:name)
       end
 
       def existing_users_indexes
         return [] unless users_table_exists?
-        ActiveRecord::Base.connection.indexes(:users).map(&:name)
+        ActiveRecord::Base.connection.indexes(table_name).map(&:name)
       end
 
       # for generating a timestamp when using `create_migration`

data/lib/generators/authenticate/install/templates/authenticate.rb

@@ -1,5 +1,7 @@
 Authenticate.configure do |config|
+
   # config.user_model = 'User'
+
   # config.cookie_name = 'authenticate_session_token'
   # config.cookie_expiration = { 1.month.from_now.utc }
   # config.cookie_domain = nil

data/lib/generators/authenticate/install/templates/db/migrate/add_authenticate_brute_force_to_users.rb

@@ -1,6 +1,6 @@
 class AddAuthenticateBruteForceToUsers < ActiveRecord::Migration
   def change
-    add_column :users, :failed_logins_count, :integer, default: 0
-    add_column :users, :lock_expires_at, :datetime, default: nil
+    add_column :<%= table_name %>, :failed_logins_count, :integer, default: 0
+    add_column :<%= table_name %>, :lock_expires_at, :datetime, default: nil
   end
 end

data/lib/generators/authenticate/install/templates/db/migrate/add_authenticate_password_reset_to_users.rb

@@ -1,7 +1,8 @@
 class AddAuthenticatePasswordResetToUsers < ActiveRecord::Migration
   def change
-    add_column :users, :password_reset_token, :string, default: nil
-    add_column :users, :password_reset_sent_at, :datetime, default: nil
+    add_column :<%= table_name %>, :password_reset_token, :string, default: nil
+    add_column :<%= table_name %>, :password_reset_sent_at, :datetime, default: nil
+    add_index :<%= table_name %>, :password_reset_token
   end
 end
 

data/lib/generators/authenticate/install/templates/db/migrate/add_authenticate_timeoutable_to_users.rb

@@ -1,5 +1,5 @@
 class AddAuthenticateTimeoutableToUsers < ActiveRecord::Migration
   def change
-    add_column :users, :last_access_at, :datetime, default: nil
+    add_column :<%= table_name %>, :last_access_at, :datetime, default: nil
   end
 end

data/lib/generators/authenticate/install/templates/db/migrate/add_authenticate_to_users.rb

@@ -1,6 +1,6 @@
 class AddAuthenticateToUsers < ActiveRecord::Migration
   def self.up
-    change_table :users do |t|
+    change_table :<%= table_name %> do |t|
 <% config[:new_columns].values.each do |column| -%>
       <%= column %>
 <% end -%>
@@ -12,7 +12,7 @@ class AddAuthenticateToUsers < ActiveRecord::Migration
   end
 
   def self.down
-    change_table :users do |t|
+    change_table :<%= table_name %> do |t|
 <% if config[:new_columns].any? -%>
       t.remove <%= new_columns.keys.map { |column| ":#{column}" }.join(", ") %>
 <% end -%>

data/lib/generators/authenticate/install/templates/db/migrate/create_users.rb

@@ -1,7 +1,6 @@
 class CreateUsers < ActiveRecord::Migration
   def change
-
-    create_table :users do |t|
+    create_table :<%= table_name %> do |t|
     <% config[:new_columns].values.each do |column| -%>
       <%= column %>
     <% end -%>

data/lib/generators/authenticate/routes/routes_generator.rb

@@ -1,8 +1,11 @@
 require 'rails/generators/base'
+require 'generators/authenticate/helpers'
 
 module Authenticate
   module Generators
     class RoutesGenerator < Rails::Generators::Base
+      include Authenticate::Generators::Helpers
+
       source_root File.expand_path('../templates', __FILE__)
 
       def add_authenticate_routes
@@ -20,7 +23,8 @@ module Authenticate
       private
 
       def authenticate_routes
-        File.read(routes_file_path)
+        @user_model = Authenticate.configuration.user_model_route_key
+        ERB.new(File.read(routes_file_path)).result(binding)
       end
 
       def routes_file_path

data/lib/generators/authenticate/routes/templates/routes.rb

@@ -1,7 +1,7 @@
 resource :session, controller: 'authenticate/sessions', only: [:create, :new, :destroy]
   resources :passwords, controller: 'authenticate/passwords', only: [:new, :create]
 
-  resource :users, controller: 'authenticate/users', only: [:new, :create] do
+  resource :<%= @user_model %>, controller: 'authenticate/users', only: [:new, :create] do
     resources :passwords, controller: 'authenticate/passwords', only: [:edit, :update]
   end
 

data/spec/model/db_password_spec.rb

@@ -3,31 +3,68 @@ require 'authenticate/model/db_password'
 
 
 describe Authenticate::Model::DbPassword do
+  describe 'Passwords' do
 
-  it 'validates password' do
-    user = build(:user, :without_password)
-    user.save
-    expect(user.errors.count).to be(1)
-    expect(user.errors.messages[:password]).to eq(["can't be blank"])
-  end
+    context '#password_match?' do
+      subject { create(:user, password: 'password') }
 
-  it 'matches a password' do
-    user = create(:user)
-    expect(user.password_match? 'password').to be_truthy
-  end
+      it 'matches a password' do
+        expect(subject.password_match? 'password').to be_truthy
+      end
 
-  it 'fails to match a bad password' do
-    user = create(:user)
-    expect(user.password_match? 'bad password').to be_falsey
-  end
+      it 'fails to match a bad password' do
+        expect(subject.password_match? 'bad password').to be_falsey
+      end
 
-  it 'sets a password' do
-    user = create(:user)
-    user.password = 'new_password'
-    user.save!
+      it 'saves passwords' do
+        subject.password = 'new_password'
+        subject.save!
 
-    user = User.find(user.id)
-    expect(user.password_match? 'new_password').to be_truthy
-  end
+        user = User.find(subject.id)
+        expect(user.password_match? 'new_password').to be_truthy
+      end
+    end
+
+    describe 'Validations' do
+      before(:all) {
+        Authenticate.configure do |config|
+          config.password_length = 8..128
+        end
+      }
+
+      context 'on a new user' do
+        it 'should not be valid without a password' do
+          user = build(:user, :without_password)
+          expect(user).to_not be_valid
+        end
+
+        it 'should be not be valid with a short password' do
+          user = build(:user, password: 'short')
+          expect(user).to_not be_valid
+        end
 
+        it 'is valid with a long password' do
+          user = build(:user, password: 'thisisalongpassword')
+          expect(user).to be_valid
+        end
+      end
+
+      context 'on an existing user' do
+        subject { create(:user, password: 'password') }
+
+        it { is_expected.to be_valid  }
+
+        it 'should not be valid with an empty password' do
+          subject.password = ''
+          expect(subject).to_not be_valid
+        end
+
+        it 'should be valid with a new (valid) password' do
+          subject.password = 'new password'
+          expect(subject).to be_valid
+        end
+      end
+    end
+
+  end
 end

data/spec/model/email_spec.rb

@@ -14,7 +14,7 @@ describe Authenticate::Model::Email do
 
   it 'extracts credentials from params' do
     params = {session:{email:'foo', password:'bar'}}
-    expect(User.credentials(params)).to match_array(['foo', 'bar'])
+    expect(User.credentials(params)).to match_array(%w(foo bar))
   end
 
   it 'authenticates from credentials' do

data/spec/model/password_reset_spec.rb

@@ -55,17 +55,17 @@ describe Authenticate::Model::PasswordReset do
       }
 
       it 'allows password update within time limit' do
-        expect(subject.update_password 'chongo').to be_truthy
+        expect(subject.update_password 'password2').to be_truthy
       end
 
       it 'clears password reset token' do
-        subject.update_password 'chongo'
+        subject.update_password 'password2'
         expect(subject.password_reset_token).to be_nil
       end
 
       it 'generates a new session token' do
         token = subject.session_token
-        subject.update_password 'chongo'
+        subject.update_password 'password2'
         expect(subject.session_token).to_not eq(token)
       end
 
@@ -73,7 +73,7 @@ describe Authenticate::Model::PasswordReset do
 
     it 'stops password update after time limit' do
       subject.password_reset_sent_at = 6.minutes.ago
-      expect(subject.update_password 'chongo').to be_falsey
+      expect(subject.update_password 'password2').to be_falsey
     end
 
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authenticate
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Justin Tomich
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-10 00:00:00.000000000 Z
+date: 2016-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -185,6 +185,7 @@ files:
 - lib/authenticate/version.rb
 - lib/generators/authenticate/controllers/USAGE
 - lib/generators/authenticate/controllers/controllers_generator.rb
+- lib/generators/authenticate/helpers.rb
 - lib/generators/authenticate/install/USAGE
 - lib/generators/authenticate/install/install_generator.rb
 - lib/generators/authenticate/install/templates/authenticate.rb