authgasm 0.9.0 → 0.9.1
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +11 -0
- data/Manifest +1 -4
- data/README.rdoc +82 -34
- data/authgasm.gemspec +5 -7
- data/lib/authgasm/acts_as_authentic.rb +28 -10
- data/lib/authgasm/session/active_record_trickery.rb +0 -4
- data/lib/authgasm/session/base.rb +19 -16
- data/lib/authgasm/session/callbacks.rb +4 -4
- data/lib/authgasm/session/config.rb +12 -3
- data/lib/authgasm/version.rb +1 -1
- data/test_app/app/views/users/show.html.erb +4 -0
- data/test_app/db/development.sqlite3 +0 -0
- data/test_app/db/migrate/20081023040052_create_users.rb +1 -0
- data/test_app/db/schema.rb +2 -1
- metadata +4 -6
- data/test_app/app/views/asses/edit.html.erb +0 -12
- data/test_app/app/views/asses/index.html.erb +0 -18
- data/test_app/app/views/asses/new.html.erb +0 -11
- data/test_app/app/views/asses/show.html.erb +0 -3
data/CHANGELOG.rdoc
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
== 0.9.1 released 2008-10-24
|
2
|
+
|
3
|
+
* Changed scope to id. Makes more sense to call it an id and fits better with the ActiveRecord model.
|
4
|
+
* Removed saving_from_session flag, apparently it is not needed.
|
5
|
+
* Fixed updating sessions to make more sense and be stricter.
|
6
|
+
* change last_click_at to last_request_at
|
7
|
+
* Only run "after" callbacks if the result is successful.
|
8
|
+
|
9
|
+
== 0.9.0 released 2008-10-24
|
10
|
+
|
11
|
+
* Initial release.
|
data/Manifest
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
CHANGELOG.rdoc
|
1
2
|
init.rb
|
2
3
|
lib/authgasm/acts_as_authentic.rb
|
3
4
|
lib/authgasm/controller.rb
|
@@ -21,10 +22,6 @@ test_app/app/helpers/user_sessions_helper.rb
|
|
21
22
|
test_app/app/helpers/users_helper.rb
|
22
23
|
test_app/app/models/user.rb
|
23
24
|
test_app/app/models/user_session.rb
|
24
|
-
test_app/app/views/asses/edit.html.erb
|
25
|
-
test_app/app/views/asses/index.html.erb
|
26
|
-
test_app/app/views/asses/new.html.erb
|
27
|
-
test_app/app/views/asses/show.html.erb
|
28
25
|
test_app/app/views/layouts/application.html.erb
|
29
26
|
test_app/app/views/user_sessions/new.html.erb
|
30
27
|
test_app/app/views/users/_form.erb
|
data/README.rdoc
CHANGED
@@ -1,10 +1,16 @@
|
|
1
1
|
= Authgasm
|
2
2
|
|
3
|
-
Authgasm is "
|
3
|
+
Authgasm is "rails authentication done right"
|
4
4
|
|
5
|
-
The last thing we need is another authentication solution for rails, right? That's what I thought. It was disappointing to find that all of the solutions were overly complicated, bloated,
|
5
|
+
The last thing we need is another authentication solution for rails, right? That's what I thought. It was disappointing to find that all of the current solutions were overly complicated, bloated, poorly written, littered my application with code, and were just plain confusing. They felt very Microsoftish. This is not the simple / elegant rails we all fell in love with. It's like some Microsoft .NET engineers decided to dabble in ruby / rails for a day and their project was to write an authentication solution. That's what went through my head when I was trying out all of the current solutions. It's time someone makes a "rails like" authentication solution. So I give you Authgasm...
|
6
6
|
|
7
|
-
|
7
|
+
What if you could have authentication up and running in minutes without having to run a generator? All because it's simple, like everything else in rails.
|
8
|
+
|
9
|
+
What if creating a user session could be as simple as...
|
10
|
+
|
11
|
+
UserSession.create(params[:user])
|
12
|
+
|
13
|
+
What if your user sessions controller could look just like your other controllers...
|
8
14
|
|
9
15
|
class UserSessionsController < ApplicationController
|
10
16
|
def new
|
@@ -14,7 +20,7 @@ Wouldn't it be nice if we could do something like:
|
|
14
20
|
def create
|
15
21
|
@user_session = UserSession.new(params[:user_session])
|
16
22
|
if @user_session.create
|
17
|
-
redirect_to
|
23
|
+
redirect_to account_url
|
18
24
|
else
|
19
25
|
render :action => :new
|
20
26
|
end
|
@@ -38,7 +44,7 @@ Look familiar? If you didn't know any better, you would think UserSession was an
|
|
38
44
|
<%= f.submit "Login" %>
|
39
45
|
<% end %>
|
40
46
|
|
41
|
-
|
47
|
+
Or how about persisting the session...
|
42
48
|
|
43
49
|
class ApplicationController
|
44
50
|
before_filter :load_user
|
@@ -50,7 +56,7 @@ Oh, and how about this...
|
|
50
56
|
end
|
51
57
|
end
|
52
58
|
|
53
|
-
Authgasm makes this a reality.
|
59
|
+
Authgasm makes this a reality. This is just the tip of the ice berg. Keep reading to find out everything Authgasm can do.
|
54
60
|
|
55
61
|
== Helpful links
|
56
62
|
|
@@ -61,8 +67,6 @@ Authgasm makes this a reality. Hopefully I got your interest. This is just the t
|
|
61
67
|
|
62
68
|
== Install and use
|
63
69
|
|
64
|
-
Installing Authgasm and setting it up is very simple. Just like rails, Authgasm favors convention over configuration. As a result, it assumes a few things about your app. This guide will walk you through setting up Authgasm in your app and what Authgasm assumes.
|
65
|
-
|
66
70
|
=== Install the gem / plugin
|
67
71
|
|
68
72
|
$ sudo gem install authgasm
|
@@ -73,37 +77,36 @@ Or as a plugin
|
|
73
77
|
|
74
78
|
script/plugin install git://github.com/binarylogic/authgasm.git
|
75
79
|
|
76
|
-
===
|
77
|
-
|
78
|
-
Before we start, it is important you understand the basics behind Authgasm. Authgasm is split into 2 parts.
|
80
|
+
=== Create your session
|
79
81
|
|
80
|
-
|
81
|
-
2. Your session that represents a login, such as UserSession
|
82
|
+
For this walk through lets assume you are setting up a session for your User model.
|
82
83
|
|
83
|
-
|
84
|
+
Create your user_session.rb file:
|
84
85
|
|
85
|
-
|
86
|
+
# app/models/user_session.rb
|
87
|
+
class UserSession < Authgasm::Session::Base
|
88
|
+
# configuration here, just like ActiveRecord, or in an initializer
|
89
|
+
# See Authgasm::Session::Config::ClassMethods for more details
|
90
|
+
end
|
86
91
|
|
87
|
-
|
92
|
+
It is important to set your configuration for your session before you set the configuration for your model. This will save you some time. Your model will try to guess its own configuration based on what you set in the session. These are completely separate, making Authgasm as flexible as it needs to be, but the majority of the time they will be the same and no one likes to repeat their self.
|
88
93
|
|
89
|
-
|
94
|
+
=== Ensure proper database fields
|
90
95
|
|
91
|
-
class User < ActiveRecord::Base
|
92
|
-
acts_as_authentic # for options see documentation: Authgasm::ActsAsAuthentic
|
93
|
-
end
|
94
|
-
|
95
96
|
The user model needs to have the following columns. The names of these columns can be changed with configuration.
|
96
97
|
|
97
98
|
t.string :login, :null => false
|
98
99
|
t.string :crypted_password, :null => false
|
99
100
|
t.string :password_salt, :null => false # not needed if you are encrypting your pw instead of using a hash algorithm
|
100
101
|
t.string :remember_token, :null => false
|
101
|
-
t.integer :
|
102
|
+
t.integer :login_count # This is optional, it is a "magic" column, just like "created_at". See below for a list of all magic columns.
|
102
103
|
|
103
|
-
|
104
|
+
=== Set up your model
|
104
105
|
|
105
|
-
|
106
|
-
|
106
|
+
Make sure you have a model that you will be authenticating with. For this example let's say you have a User model:
|
107
|
+
|
108
|
+
class User < ActiveRecord::Base
|
109
|
+
acts_as_authentic # for options see documentation: Authgasm::ActsAsAuthentic::ClassMethods
|
107
110
|
end
|
108
111
|
|
109
112
|
Done! Now go use it just like you would with any other ActiveRecord model (see above).
|
@@ -113,8 +116,8 @@ Done! Now go use it just like you would with any other ActiveRecord model (see a
|
|
113
116
|
Just like ActiveRecord has "magic" columns, such as: created_at and updated_at. Authgasm has its own "magic" columns too:
|
114
117
|
|
115
118
|
Column name Description
|
116
|
-
login_count Increased every time
|
117
|
-
|
119
|
+
login_count Increased every time an explicit login is made. This will *NOT* increase if logging in by a session, cookie, or basic http auth
|
120
|
+
last_request_at Updates every time the user logs in, either by explicitly logging in, or logging in by cookie, session, or http auth
|
118
121
|
current_login_at Updates with the current time when an explicit login is made.
|
119
122
|
last_login_at Updates with the value of current_login_at before it is reset.
|
120
123
|
current_login_ip Updates with the request remote_ip when an explicit login is made.
|
@@ -129,7 +132,7 @@ Authgasm tries to check the state of the record before creating the session. If
|
|
129
132
|
confirmed? Has the record been conirmed?
|
130
133
|
inactive? Is the record marked as inactive?
|
131
134
|
|
132
|
-
What's neat about
|
135
|
+
What's neat about this is that these are checked upon any type of login. When logging in explicitly, by cookie, session, or basic http auth. So if you mark a user inactive in the middle of their session they wont be logged back in next time they refresh the page. Giving you complete control.
|
133
136
|
|
134
137
|
== Hooks / Callbacks
|
135
138
|
|
@@ -146,19 +149,64 @@ Just like ActiveRecord you can create your own hooks / callbacks so that you can
|
|
146
149
|
|
147
150
|
== Automatic Session Updating
|
148
151
|
|
149
|
-
This is one of my favorite features that I think
|
152
|
+
This is one of my favorite features that I think its pretty cool. It's things like this that make a library great and let you know you are on the right track.
|
153
|
+
|
154
|
+
What if a user changes their password? You have to re-log them in with the new password, recreate the session, etc, pain in the ass. Or what if a user creates a new user account? You have to do the same thing. Here's an even better one: what if a user is in the admin area and changes his own password? There might even be another place passwords can change. It shouldn't matter, your code should be written in a way where you don't have to remember to do this.
|
155
|
+
|
156
|
+
Instead of updating sessions all over the place, doesn't it make sense to do this at a lower level? Like the User model? You're saying "but Ben, models can't mess around with sessions and cookies". True...but Authgasm can, and you can access Authgasm just like a model. I know in most situations it's not good practice to do this but I view this in the same class as sweepers, and feel like it actually is good practice here. User sessions are directly tied to users, they should be connected on the model level.
|
157
|
+
|
158
|
+
Fear not, because the acts_as_authentic method you call in your model takes care of this for you, by adding an after_create and after_update callback to automatically keep the session up to date. You don't have to worry about it anymore. Don't even think about it. Let your UsersController deal with users, not users *AND* sessions. *ANYTIME* the user changes his password in *ANY* way, his session will be updated.
|
159
|
+
|
160
|
+
Here is basically how this is done....
|
150
161
|
|
151
|
-
|
152
|
-
|
153
|
-
|
162
|
+
class User < ActiveRecord::Base
|
163
|
+
after_create :create_sessions!
|
164
|
+
after_update :update_sessions!
|
165
|
+
|
166
|
+
private
|
167
|
+
def create_sessions!
|
168
|
+
# create a new UserSession if they are not logged in
|
169
|
+
end
|
170
|
+
|
171
|
+
def update_sessions!
|
172
|
+
# find their session
|
173
|
+
# check that their session's record is the same one as this one: session.record == self
|
174
|
+
# update the session with the new info: session.update
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
Obviously there is a little more to it than this, but hopefully this clarifies any confusion. Lastly, this can be altered / disabled via a configuration option.
|
154
179
|
|
155
180
|
When things come together like this I think its a sign that you are doing something right. Put that in your pipe and smoke it!
|
156
181
|
|
182
|
+
== Multiple Sessions / Session Identifiers
|
183
|
+
|
184
|
+
You're asking: "why would I want multiple sessions?". Take this example:
|
185
|
+
|
186
|
+
You have an app where users login and then need to re-login to view / change their billing information. Similar to how Apples' me.com works, if you've ever used it. What you could do is have the user login with their normal session, then have an entirely new session that represents their "secure" session. But wait, this is 2 users sessions. No problem:
|
187
|
+
|
188
|
+
# regular user session
|
189
|
+
@user_session = UserSession.new
|
190
|
+
@user_session.id
|
191
|
+
# => nil
|
192
|
+
|
193
|
+
# secure user session
|
194
|
+
@secure_user_session = UserSession.new(:secure)
|
195
|
+
@secure_user_session.id
|
196
|
+
# => :secure
|
197
|
+
|
198
|
+
This will keep everything separate. The :secure session will store its info in a separate cookie, separate session, etc. Just set the id and you are good to go. Need to retrieve the session?
|
199
|
+
|
200
|
+
@user_session = UserSession.find
|
201
|
+
@secure_user_session = UserSession.find(:secure)
|
202
|
+
|
203
|
+
For more information on ids checkout Authgasm::Session::Base#initialize
|
204
|
+
|
157
205
|
== How it works
|
158
206
|
|
159
|
-
Interested in how this all works
|
207
|
+
Interested in how all of this all works? Basically a before_filter is automatically set in your controller which lets Authgasm know about the current controller object. This allows Authgasm to set sessions, cookies, login via basic http auth, etc. If you are using rails in a multiple thread environment, don't worry. I kept that in mind and made this is thread safe.
|
160
208
|
|
161
|
-
From there is
|
209
|
+
From there it is pretty simple. When you try to create a new session the record is authenticated and then all of the session / cookie magic is done for you. The sky is the limit.
|
162
210
|
|
163
211
|
|
164
212
|
Copyright (c) 2008 Ben Johnson of [Binary Logic](http://www.binarylogic.com), released under the MIT license
|
data/authgasm.gemspec
CHANGED
@@ -1,18 +1,18 @@
|
|
1
1
|
|
2
|
-
# Gem::Specification for Authgasm-0.9.
|
2
|
+
# Gem::Specification for Authgasm-0.9.1
|
3
3
|
# Originally generated by Echoe
|
4
4
|
|
5
5
|
--- !ruby/object:Gem::Specification
|
6
6
|
name: authgasm
|
7
7
|
version: !ruby/object:Gem::Version
|
8
|
-
version: 0.9.
|
8
|
+
version: 0.9.1
|
9
9
|
platform: ruby
|
10
10
|
authors:
|
11
11
|
- Ben Johnson of Binary Logic
|
12
12
|
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
|
15
|
-
date: 2008-10-
|
15
|
+
date: 2008-10-26 00:00:00 -04:00
|
16
16
|
default_executable:
|
17
17
|
dependencies:
|
18
18
|
- !ruby/object:Gem::Dependency
|
@@ -52,6 +52,7 @@ executables: []
|
|
52
52
|
extensions: []
|
53
53
|
|
54
54
|
extra_rdoc_files:
|
55
|
+
- CHANGELOG.rdoc
|
55
56
|
- lib/authgasm/acts_as_authentic.rb
|
56
57
|
- lib/authgasm/controller.rb
|
57
58
|
- lib/authgasm/session/active_record_trickery.rb
|
@@ -64,6 +65,7 @@ extra_rdoc_files:
|
|
64
65
|
- lib/authgasm.rb
|
65
66
|
- README.rdoc
|
66
67
|
files:
|
68
|
+
- CHANGELOG.rdoc
|
67
69
|
- init.rb
|
68
70
|
- lib/authgasm/acts_as_authentic.rb
|
69
71
|
- lib/authgasm/controller.rb
|
@@ -87,10 +89,6 @@ files:
|
|
87
89
|
- test_app/app/helpers/users_helper.rb
|
88
90
|
- test_app/app/models/user.rb
|
89
91
|
- test_app/app/models/user_session.rb
|
90
|
-
- test_app/app/views/asses/edit.html.erb
|
91
|
-
- test_app/app/views/asses/index.html.erb
|
92
|
-
- test_app/app/views/asses/new.html.erb
|
93
|
-
- test_app/app/views/asses/show.html.erb
|
94
92
|
- test_app/app/views/layouts/application.html.erb
|
95
93
|
- test_app/app/views/user_sessions/new.html.erb
|
96
94
|
- test_app/app/views/users/_form.erb
|
@@ -43,7 +43,7 @@ module Authgasm
|
|
43
43
|
# * <tt>password_salt_field:</tt> default: depends on which columns are present, checks: password_salt, pw_salt, salt, if none are present defaults to password_salt. This is the name of the field your salt is stored, only relevant for a hash crypto provider.
|
44
44
|
# * <tt>remember_token_field:</tt> default: options[:session_class].remember_token_field, the name of the field your remember token is stored. What the cookie stores so the session can be "remembered"
|
45
45
|
# * <tt>logged_in_timeout:</tt> default: 10.minutes, this allows you to specify a time the determines if a user is logged in or out. Useful if you want to count how many users are currently logged in.
|
46
|
-
# * <tt>
|
46
|
+
# * <tt>session_ids:</tt> default: [nil], the sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable. Should be an array of ids. See Authgasm::Session::Base#initialize for information on ids. The order is important. The first id should be your main session, the session they need to log into first. This is generally nil, meaning so explicitly set id.
|
47
47
|
def acts_as_authentic(options = {})
|
48
48
|
# Setup default options
|
49
49
|
options[:session_class] ||= "#{name}Session".constantize
|
@@ -65,7 +65,7 @@ module Authgasm
|
|
65
65
|
:password_salt
|
66
66
|
options[:remember_token_field] ||= options[:session_class].remember_token_field
|
67
67
|
options[:logged_in_timeout] ||= 10.minutes
|
68
|
-
options[:
|
68
|
+
options[:session_ids] ||= [nil]
|
69
69
|
|
70
70
|
# Validations
|
71
71
|
case options[:login_field_type]
|
@@ -91,11 +91,12 @@ module Authgasm
|
|
91
91
|
end
|
92
92
|
|
93
93
|
after_create :create_sessions!
|
94
|
-
|
94
|
+
after_update :update_sessions!
|
95
95
|
|
96
96
|
# Attributes
|
97
97
|
attr_writer "confirm_#{options[:password_field]}"
|
98
|
-
attr_accessor "tried_to_set_#{options[:password_field]}"
|
98
|
+
attr_accessor "tried_to_set_#{options[:password_field]}"
|
99
|
+
attr_protected "tried_to_set_#{options[:password_field]}"
|
99
100
|
|
100
101
|
# Class methods
|
101
102
|
class_eval <<-"end_eval", __FILE__, __LINE__
|
@@ -167,15 +168,32 @@ module Authgasm
|
|
167
168
|
|
168
169
|
protected
|
169
170
|
def create_sessions!
|
170
|
-
|
171
|
+
return if !#{options[:session_class]}.activated? || #{options[:session_ids].inspect}.blank?
|
172
|
+
|
173
|
+
# We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
|
174
|
+
# that need to be created after logging into the main session.
|
175
|
+
session_id = #{options[:session_ids].inspect}.first
|
176
|
+
|
177
|
+
# If we are already logged in, ignore this completely. All that we care about is updating ourself.
|
178
|
+
next if #{options[:session_class]}.find(*[session_id].compact)
|
179
|
+
|
180
|
+
# Log me in
|
181
|
+
args = [self, session_id].compact
|
182
|
+
#{options[:session_class]}.create(*args)
|
171
183
|
end
|
172
184
|
|
173
185
|
def update_sessions!
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
186
|
+
return if !#{options[:session_class]}.activated?
|
187
|
+
|
188
|
+
#{options[:session_ids].inspect}.each do |session_id|
|
189
|
+
session = #{options[:session_class]}.find(*[session_id].compact)
|
190
|
+
|
191
|
+
# Ignore if we can't find the session or the session isn't this record
|
192
|
+
next if !session || session.record != self
|
193
|
+
|
194
|
+
# We know we are logged in and this is our record, update the session
|
195
|
+
session.update
|
196
|
+
end
|
179
197
|
end
|
180
198
|
|
181
199
|
def tried_to_set_password?
|
@@ -44,11 +44,15 @@ module Authgasm
|
|
44
44
|
# @current_user = @user_session && @user_session.record
|
45
45
|
# end
|
46
46
|
#
|
47
|
-
# Accepts a single parameter as the
|
48
|
-
def find(
|
49
|
-
args = [
|
47
|
+
# Accepts a single parameter as the id. See initialize for more information on ids. Lastly, how it finds the session can be modified via configuration.
|
48
|
+
def find(id = nil)
|
49
|
+
args = [id].compact
|
50
50
|
session = new(*args)
|
51
|
-
|
51
|
+
find_with.each do |find_method|
|
52
|
+
args = []
|
53
|
+
args << true unless find_method == :session
|
54
|
+
return session if session.send("valid_#{find_method}?", *args)
|
55
|
+
end
|
52
56
|
nil
|
53
57
|
end
|
54
58
|
|
@@ -89,7 +93,7 @@ module Authgasm
|
|
89
93
|
end
|
90
94
|
end
|
91
95
|
|
92
|
-
attr_accessor :login_with, :remember_me, :
|
96
|
+
attr_accessor :login_with, :remember_me, :id
|
93
97
|
attr_reader :record, :unauthorized_record
|
94
98
|
|
95
99
|
# You can initialize a session by doing any of the following:
|
@@ -98,18 +102,18 @@ module Authgasm
|
|
98
102
|
# UserSession.new(login, password)
|
99
103
|
# UserSession.new(:login => login, :password => password)
|
100
104
|
#
|
101
|
-
# If a user has more than one session you need to pass
|
105
|
+
# If a user has more than one session you need to pass an id so that Authgasm knows how to differentiate the sessions. The id MUST be a Symbol.
|
102
106
|
#
|
103
|
-
# UserSession.new(:
|
104
|
-
# UserSession.new(login, password, :
|
105
|
-
# UserSession.new({:login => loing, :password => password}, :
|
107
|
+
# UserSession.new(:my_id)
|
108
|
+
# UserSession.new(login, password, :my_id)
|
109
|
+
# UserSession.new({:login => loing, :password => password}, :my_id)
|
106
110
|
#
|
107
|
-
#
|
108
|
-
# To solve this just pass a
|
111
|
+
# Ids are rarely used, but they can be useful. For example, what if users allow other users to login into their account via proxy? Now that user can "technically" be logged into 2 accounts at once.
|
112
|
+
# To solve this just pass a id called :proxy, or whatever you want. Authgasm will separate everything out.
|
109
113
|
def initialize(*args)
|
110
114
|
create_configurable_methods!
|
111
115
|
|
112
|
-
self.
|
116
|
+
self.id = args.pop if args.last.is_a?(Symbol)
|
113
117
|
|
114
118
|
case args.size
|
115
119
|
when 1
|
@@ -153,7 +157,6 @@ module Authgasm
|
|
153
157
|
record.current_login_ip = controller.request.remote_ip
|
154
158
|
end
|
155
159
|
|
156
|
-
record.saving_from_session = true
|
157
160
|
record.save(false)
|
158
161
|
end
|
159
162
|
|
@@ -186,6 +189,7 @@ module Authgasm
|
|
186
189
|
@record = nil
|
187
190
|
cookies.delete cookie_key
|
188
191
|
session[session_key] = nil
|
192
|
+
true
|
189
193
|
end
|
190
194
|
|
191
195
|
# Errors when authentication fails, just like ActiveRecord errors. In fact it uses the same exact class.
|
@@ -267,9 +271,8 @@ module Authgasm
|
|
267
271
|
# Now lets set the session to make things easier on successive requests. This is nice when logging in from a cookie, the next requests will be right from the session, which is quicker.
|
268
272
|
if set_session
|
269
273
|
session[session_key] = record.id
|
270
|
-
if record.class.column_names.include?("
|
271
|
-
record.
|
272
|
-
record.saving_from_session = true
|
274
|
+
if record.class.column_names.include?("last_request_at")
|
275
|
+
record.last_request_at = Time.now
|
273
276
|
record.save(false)
|
274
277
|
end
|
275
278
|
end
|
@@ -18,28 +18,28 @@ module Authgasm
|
|
18
18
|
def create_with_callbacks(updating = false) # :nodoc:
|
19
19
|
run_callbacks(:before_create)
|
20
20
|
result = create_without_callbacks(updating)
|
21
|
-
run_callbacks(:after_create)
|
21
|
+
run_callbacks(:after_create) if result
|
22
22
|
result
|
23
23
|
end
|
24
24
|
|
25
25
|
def destroy_with_callbacks # :nodoc:
|
26
26
|
run_callbacks(:before_destroy)
|
27
27
|
result = destroy_without_callbacks
|
28
|
-
run_callbacks(:after_destroy)
|
28
|
+
run_callbacks(:after_destroy) if result
|
29
29
|
result
|
30
30
|
end
|
31
31
|
|
32
32
|
def update_with_callbacks # :nodoc:
|
33
33
|
run_callbacks(:before_update)
|
34
34
|
result = update_without_callbacks
|
35
|
-
run_callbacks(:after_update)
|
35
|
+
run_callbacks(:after_update) if result
|
36
36
|
result
|
37
37
|
end
|
38
38
|
|
39
39
|
def valid_with_callbacks?(set_session = false) # :nodoc:
|
40
40
|
run_callbacks(:before_validation)
|
41
41
|
result = valid_without_callbacks?(set_session)
|
42
|
-
run_callbacks(:after_validation)
|
42
|
+
run_callbacks(:after_validation) if result
|
43
43
|
result
|
44
44
|
end
|
45
45
|
end
|
@@ -57,7 +57,7 @@ module Authgasm
|
|
57
57
|
attr_writer :cookie_separator
|
58
58
|
|
59
59
|
# The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems.
|
60
|
-
# Also, if a
|
60
|
+
# Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
|
61
61
|
#
|
62
62
|
# session = UserSession.new(:super_high_secret)
|
63
63
|
# session.cookie_key => "super_high_secret_user_credentials"
|
@@ -84,6 +84,15 @@ module Authgasm
|
|
84
84
|
end
|
85
85
|
attr_writer :find_by_login_method
|
86
86
|
|
87
|
+
# Calling UserSession.find tries to find the user session by session, then cookie, then basic http auth. This option allows you to change the order or remove any of these.
|
88
|
+
#
|
89
|
+
# * <tt>Default:</tt> [:session, :cookie, :http_auth]
|
90
|
+
# * <tt>Accepts:</tt> Array, and can only use any of the 3 options above
|
91
|
+
def find_with
|
92
|
+
@find_with ||= [:session, :cookie, :http_auth]
|
93
|
+
end
|
94
|
+
attr_writer :find_with
|
95
|
+
|
87
96
|
# The name of the method you want Authgasm to create for storing the login / username. Keep in mind this is just for your Authgasm::Session, if you want it can be something completely different
|
88
97
|
# than the field in your model. So if you wanted people to login with a field called "login" and then find users by email this is compeltely doable. See the find_by_login_method configuration option for
|
89
98
|
# more details.
|
@@ -155,7 +164,7 @@ module Authgasm
|
|
155
164
|
|
156
165
|
module InstanceMethods # :nodoc:
|
157
166
|
def cookie_key
|
158
|
-
key_parts = [
|
167
|
+
key_parts = [id, self.class.cookie_key].compact
|
159
168
|
key_parts.join("_")
|
160
169
|
end
|
161
170
|
|
@@ -180,7 +189,7 @@ module Authgasm
|
|
180
189
|
end
|
181
190
|
|
182
191
|
def session_key
|
183
|
-
key_parts = [
|
192
|
+
key_parts = [id, self.class.session_key].compact
|
184
193
|
key_parts.join("_")
|
185
194
|
end
|
186
195
|
|
data/lib/authgasm/version.rb
CHANGED
Binary file
|
data/test_app/db/schema.rb
CHANGED
@@ -14,7 +14,8 @@ ActiveRecord::Schema.define(:version => 20081023040052) do
|
|
14
14
|
create_table "users", :force => true do |t|
|
15
15
|
t.datetime "created_at"
|
16
16
|
t.datetime "updated_at"
|
17
|
-
t.
|
17
|
+
t.integer "login_count", :default => 0, :null => false
|
18
|
+
t.string "login", :null => false
|
18
19
|
t.string "crypted_password"
|
19
20
|
t.string "password_salt"
|
20
21
|
t.string "remember_token"
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authgasm
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.9.
|
4
|
+
version: 0.9.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ben Johnson of Binary Logic
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2008-10-
|
12
|
+
date: 2008-10-26 00:00:00 -04:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -49,6 +49,7 @@ executables: []
|
|
49
49
|
extensions: []
|
50
50
|
|
51
51
|
extra_rdoc_files:
|
52
|
+
- CHANGELOG.rdoc
|
52
53
|
- lib/authgasm/acts_as_authentic.rb
|
53
54
|
- lib/authgasm/controller.rb
|
54
55
|
- lib/authgasm/session/active_record_trickery.rb
|
@@ -61,6 +62,7 @@ extra_rdoc_files:
|
|
61
62
|
- lib/authgasm.rb
|
62
63
|
- README.rdoc
|
63
64
|
files:
|
65
|
+
- CHANGELOG.rdoc
|
64
66
|
- init.rb
|
65
67
|
- lib/authgasm/acts_as_authentic.rb
|
66
68
|
- lib/authgasm/controller.rb
|
@@ -84,10 +86,6 @@ files:
|
|
84
86
|
- test_app/app/helpers/users_helper.rb
|
85
87
|
- test_app/app/models/user.rb
|
86
88
|
- test_app/app/models/user_session.rb
|
87
|
-
- test_app/app/views/asses/edit.html.erb
|
88
|
-
- test_app/app/views/asses/index.html.erb
|
89
|
-
- test_app/app/views/asses/new.html.erb
|
90
|
-
- test_app/app/views/asses/show.html.erb
|
91
89
|
- test_app/app/views/layouts/application.html.erb
|
92
90
|
- test_app/app/views/user_sessions/new.html.erb
|
93
91
|
- test_app/app/views/users/_form.erb
|
@@ -1,18 +0,0 @@
|
|
1
|
-
<h1>Listing asses</h1>
|
2
|
-
|
3
|
-
<table>
|
4
|
-
<tr>
|
5
|
-
</tr>
|
6
|
-
|
7
|
-
<% for ass in @asses %>
|
8
|
-
<tr>
|
9
|
-
<td><%= link_to 'Show', ass %></td>
|
10
|
-
<td><%= link_to 'Edit', edit_ass_path(ass) %></td>
|
11
|
-
<td><%= link_to 'Destroy', ass, :confirm => 'Are you sure?', :method => :delete %></td>
|
12
|
-
</tr>
|
13
|
-
<% end %>
|
14
|
-
</table>
|
15
|
-
|
16
|
-
<br />
|
17
|
-
|
18
|
-
<%= link_to 'New ass', new_ass_path %>
|