authgasm 0.9.0 → 0.9.1

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,11 @@
1
+ == 0.9.1 released 2008-10-24
2
+
3
+ * Changed scope to id. Makes more sense to call it an id and fits better with the ActiveRecord model.
4
+ * Removed saving_from_session flag, apparently it is not needed.
5
+ * Fixed updating sessions to make more sense and be stricter.
6
+ * change last_click_at to last_request_at
7
+ * Only run "after" callbacks if the result is successful.
8
+
9
+ == 0.9.0 released 2008-10-24
10
+
11
+ * Initial release.
data/Manifest CHANGED
@@ -1,3 +1,4 @@
1
+ CHANGELOG.rdoc
1
2
  init.rb
2
3
  lib/authgasm/acts_as_authentic.rb
3
4
  lib/authgasm/controller.rb
@@ -21,10 +22,6 @@ test_app/app/helpers/user_sessions_helper.rb
21
22
  test_app/app/helpers/users_helper.rb
22
23
  test_app/app/models/user.rb
23
24
  test_app/app/models/user_session.rb
24
- test_app/app/views/asses/edit.html.erb
25
- test_app/app/views/asses/index.html.erb
26
- test_app/app/views/asses/new.html.erb
27
- test_app/app/views/asses/show.html.erb
28
25
  test_app/app/views/layouts/application.html.erb
29
26
  test_app/app/views/user_sessions/new.html.erb
30
27
  test_app/app/views/users/_form.erb
@@ -1,10 +1,16 @@
1
1
  = Authgasm
2
2
 
3
- Authgasm is "RESTful rails authentication done right"
3
+ Authgasm is "rails authentication done right"
4
4
 
5
- The last thing we need is another authentication solution for rails, right? That's what I thought. It was disappointing to find that all of the solutions were overly complicated, bloated, made too many assumptions about my app, written poorly, or were just plain confusing. I wanted something simple. Something that feels like it is a part of rails. Something that I could understand and not feel like authentication is this daunting / annoying task that litters my application with redundant code. So I decided to scratch my own itch by creating Authgasm.
5
+ The last thing we need is another authentication solution for rails, right? That's what I thought. It was disappointing to find that all of the current solutions were overly complicated, bloated, poorly written, littered my application with code, and were just plain confusing. They felt very Microsoftish. This is not the simple / elegant rails we all fell in love with. It's like some Microsoft .NET engineers decided to dabble in ruby / rails for a day and their project was to write an authentication solution. That's what went through my head when I was trying out all of the current solutions. It's time someone makes a "rails like" authentication solution. So I give you Authgasm...
6
6
 
7
- Wouldn't it be nice if we could do something like:
7
+ What if you could have authentication up and running in minutes without having to run a generator? All because it's simple, like everything else in rails.
8
+
9
+ What if creating a user session could be as simple as...
10
+
11
+ UserSession.create(params[:user])
12
+
13
+ What if your user sessions controller could look just like your other controllers...
8
14
 
9
15
  class UserSessionsController < ApplicationController
10
16
  def new
@@ -14,7 +20,7 @@ Wouldn't it be nice if we could do something like:
14
20
  def create
15
21
  @user_session = UserSession.new(params[:user_session])
16
22
  if @user_session.create
17
- redirect_to my_account_url
23
+ redirect_to account_url
18
24
  else
19
25
  render :action => :new
20
26
  end
@@ -38,7 +44,7 @@ Look familiar? If you didn't know any better, you would think UserSession was an
38
44
  <%= f.submit "Login" %>
39
45
  <% end %>
40
46
 
41
- Oh, and how about this...
47
+ Or how about persisting the session...
42
48
 
43
49
  class ApplicationController
44
50
  before_filter :load_user
@@ -50,7 +56,7 @@ Oh, and how about this...
50
56
  end
51
57
  end
52
58
 
53
- Authgasm makes this a reality. Hopefully I got your interest. This is just the tip of the ice berg. Keep reading to find out everything Authgasm can do.
59
+ Authgasm makes this a reality. This is just the tip of the ice berg. Keep reading to find out everything Authgasm can do.
54
60
 
55
61
  == Helpful links
56
62
 
@@ -61,8 +67,6 @@ Authgasm makes this a reality. Hopefully I got your interest. This is just the t
61
67
 
62
68
  == Install and use
63
69
 
64
- Installing Authgasm and setting it up is very simple. Just like rails, Authgasm favors convention over configuration. As a result, it assumes a few things about your app. This guide will walk you through setting up Authgasm in your app and what Authgasm assumes.
65
-
66
70
  === Install the gem / plugin
67
71
 
68
72
  $ sudo gem install authgasm
@@ -73,37 +77,36 @@ Or as a plugin
73
77
 
74
78
  script/plugin install git://github.com/binarylogic/authgasm.git
75
79
 
76
- === Configuration
77
-
78
- Before we start, it is important you understand the basics behind Authgasm. Authgasm is split into 2 parts.
80
+ === Create your session
79
81
 
80
- 1. Your model that you will be authenticating with, such as User
81
- 2. Your session that represents a login, such as UserSession
82
+ For this walk through lets assume you are setting up a session for your User model.
82
83
 
83
- Each have their own configuration, so it can be as flexible as you need it to be. What's convenient is that the configuration for your model defaults to the configuration you set in your session. So if you set the configuration in your session, you won't have to repeat yourself in your model.
84
+ Create your user_session.rb file:
84
85
 
85
- For information on configuration please see Searchgasm::ActsAsAuthentic and Authgasm::Session::Config::ClassMethods
86
+ # app/models/user_session.rb
87
+ class UserSession < Authgasm::Session::Base
88
+ # configuration here, just like ActiveRecord, or in an initializer
89
+ # See Authgasm::Session::Config::ClassMethods for more details
90
+ end
86
91
 
87
- === Set up your model
92
+ It is important to set your configuration for your session before you set the configuration for your model. This will save you some time. Your model will try to guess its own configuration based on what you set in the session. These are completely separate, making Authgasm as flexible as it needs to be, but the majority of the time they will be the same and no one likes to repeat their self.
88
93
 
89
- Make sure you have a model that you will be authenticating with. For this example let's say you have a User model:
94
+ === Ensure proper database fields
90
95
 
91
- class User < ActiveRecord::Base
92
- acts_as_authentic # for options see documentation: Authgasm::ActsAsAuthentic
93
- end
94
-
95
96
  The user model needs to have the following columns. The names of these columns can be changed with configuration.
96
97
 
97
98
  t.string :login, :null => false
98
99
  t.string :crypted_password, :null => false
99
100
  t.string :password_salt, :null => false # not needed if you are encrypting your pw instead of using a hash algorithm
100
101
  t.string :remember_token, :null => false
101
- t.integer :loging_count # This is optional, it is a "magic" column, just like "created_at". See below for a list of all magic columns.
102
+ t.integer :login_count # This is optional, it is a "magic" column, just like "created_at". See below for a list of all magic columns.
102
103
 
103
- Create your user_session.rb file:
104
+ === Set up your model
104
105
 
105
- # app/models/user_session.rb
106
- class UserSession < Authgasm::Session::Base
106
+ Make sure you have a model that you will be authenticating with. For this example let's say you have a User model:
107
+
108
+ class User < ActiveRecord::Base
109
+ acts_as_authentic # for options see documentation: Authgasm::ActsAsAuthentic::ClassMethods
107
110
  end
108
111
 
109
112
  Done! Now go use it just like you would with any other ActiveRecord model (see above).
@@ -113,8 +116,8 @@ Done! Now go use it just like you would with any other ActiveRecord model (see a
113
116
  Just like ActiveRecord has "magic" columns, such as: created_at and updated_at. Authgasm has its own "magic" columns too:
114
117
 
115
118
  Column name Description
116
- login_count Increased every time and explicit login is made. This will *NOT* increase if logging in by a session, cookie, or basic http auth
117
- last_click_at Updates every time the user logs in, either by explicitly logging in, or logging in by cookie, session, or http auth
119
+ login_count Increased every time an explicit login is made. This will *NOT* increase if logging in by a session, cookie, or basic http auth
120
+ last_request_at Updates every time the user logs in, either by explicitly logging in, or logging in by cookie, session, or http auth
118
121
  current_login_at Updates with the current time when an explicit login is made.
119
122
  last_login_at Updates with the value of current_login_at before it is reset.
120
123
  current_login_ip Updates with the request remote_ip when an explicit login is made.
@@ -129,7 +132,7 @@ Authgasm tries to check the state of the record before creating the session. If
129
132
  confirmed? Has the record been conirmed?
130
133
  inactive? Is the record marked as inactive?
131
134
 
132
- What's neat about these is that these are checked upon any type of login. When logging in explicitly, by cookie, session, or basic http auth. If any of these return false validation will fail and a session will not be created.
135
+ What's neat about this is that these are checked upon any type of login. When logging in explicitly, by cookie, session, or basic http auth. So if you mark a user inactive in the middle of their session they wont be logged back in next time they refresh the page. Giving you complete control.
133
136
 
134
137
  == Hooks / Callbacks
135
138
 
@@ -146,19 +149,64 @@ Just like ActiveRecord you can create your own hooks / callbacks so that you can
146
149
 
147
150
  == Automatic Session Updating
148
151
 
149
- This is one of my favorite features that I think is pretty cool. What if a user changes their password? You have to re-log them in with the new password, recreate the session, etc, pain in the ass. Or what if a user creates a new user account? You have to do the same thing. It makes your UsersController kind of dirty and it's kind of annoying. What's cool about this is that we pulled the UserSession down into the models, where we can play around with it. Why not have the User model take care of this for us in an after_save? Whoa! Now you don't have to worry about it at all. In fact, the acts_as_authentic method has an option to do this automatically for you. Zing! Man, Authgasm might be a little too awesome. So...
152
+ This is one of my favorite features that I think its pretty cool. It's things like this that make a library great and let you know you are on the right track.
153
+
154
+ What if a user changes their password? You have to re-log them in with the new password, recreate the session, etc, pain in the ass. Or what if a user creates a new user account? You have to do the same thing. Here's an even better one: what if a user is in the admin area and changes his own password? There might even be another place passwords can change. It shouldn't matter, your code should be written in a way where you don't have to remember to do this.
155
+
156
+ Instead of updating sessions all over the place, doesn't it make sense to do this at a lower level? Like the User model? You're saying "but Ben, models can't mess around with sessions and cookies". True...but Authgasm can, and you can access Authgasm just like a model. I know in most situations it's not good practice to do this but I view this in the same class as sweepers, and feel like it actually is good practice here. User sessions are directly tied to users, they should be connected on the model level.
157
+
158
+ Fear not, because the acts_as_authentic method you call in your model takes care of this for you, by adding an after_create and after_update callback to automatically keep the session up to date. You don't have to worry about it anymore. Don't even think about it. Let your UsersController deal with users, not users *AND* sessions. *ANYTIME* the user changes his password in *ANY* way, his session will be updated.
159
+
160
+ Here is basically how this is done....
150
161
 
151
- @current_user.password = "my new password"
152
- @current_user.confirm_password = "my new password"
153
- @current_user.save # automatically updates the sessions for you!
162
+ class User < ActiveRecord::Base
163
+ after_create :create_sessions!
164
+ after_update :update_sessions!
165
+
166
+ private
167
+ def create_sessions!
168
+ # create a new UserSession if they are not logged in
169
+ end
170
+
171
+ def update_sessions!
172
+ # find their session
173
+ # check that their session's record is the same one as this one: session.record == self
174
+ # update the session with the new info: session.update
175
+ end
176
+ end
177
+
178
+ Obviously there is a little more to it than this, but hopefully this clarifies any confusion. Lastly, this can be altered / disabled via a configuration option.
154
179
 
155
180
  When things come together like this I think its a sign that you are doing something right. Put that in your pipe and smoke it!
156
181
 
182
+ == Multiple Sessions / Session Identifiers
183
+
184
+ You're asking: "why would I want multiple sessions?". Take this example:
185
+
186
+ You have an app where users login and then need to re-login to view / change their billing information. Similar to how Apples' me.com works, if you've ever used it. What you could do is have the user login with their normal session, then have an entirely new session that represents their "secure" session. But wait, this is 2 users sessions. No problem:
187
+
188
+ # regular user session
189
+ @user_session = UserSession.new
190
+ @user_session.id
191
+ # => nil
192
+
193
+ # secure user session
194
+ @secure_user_session = UserSession.new(:secure)
195
+ @secure_user_session.id
196
+ # => :secure
197
+
198
+ This will keep everything separate. The :secure session will store its info in a separate cookie, separate session, etc. Just set the id and you are good to go. Need to retrieve the session?
199
+
200
+ @user_session = UserSession.find
201
+ @secure_user_session = UserSession.find(:secure)
202
+
203
+ For more information on ids checkout Authgasm::Session::Base#initialize
204
+
157
205
  == How it works
158
206
 
159
- Interested in how this all works. Basically a before_filter is set in your controller which lets Authgasm know about the current controller object. This allows Authgasm to set sessions, cookies, login via basic http auth, etc. Don't worry, this is thread safe.
207
+ Interested in how all of this all works? Basically a before_filter is automatically set in your controller which lets Authgasm know about the current controller object. This allows Authgasm to set sessions, cookies, login via basic http auth, etc. If you are using rails in a multiple thread environment, don't worry. I kept that in mind and made this is thread safe.
160
208
 
161
- From there is it pretty simple. When you try to create a new session the record is authenticated and then all of the session / cookie magic is done for you.
209
+ From there it is pretty simple. When you try to create a new session the record is authenticated and then all of the session / cookie magic is done for you. The sky is the limit.
162
210
 
163
211
 
164
212
  Copyright (c) 2008 Ben Johnson of [Binary Logic](http://www.binarylogic.com), released under the MIT license
@@ -1,18 +1,18 @@
1
1
 
2
- # Gem::Specification for Authgasm-0.9.0
2
+ # Gem::Specification for Authgasm-0.9.1
3
3
  # Originally generated by Echoe
4
4
 
5
5
  --- !ruby/object:Gem::Specification
6
6
  name: authgasm
7
7
  version: !ruby/object:Gem::Version
8
- version: 0.9.0
8
+ version: 0.9.1
9
9
  platform: ruby
10
10
  authors:
11
11
  - Ben Johnson of Binary Logic
12
12
  autorequire:
13
13
  bindir: bin
14
14
 
15
- date: 2008-10-24 00:00:00 -04:00
15
+ date: 2008-10-26 00:00:00 -04:00
16
16
  default_executable:
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
@@ -52,6 +52,7 @@ executables: []
52
52
  extensions: []
53
53
 
54
54
  extra_rdoc_files:
55
+ - CHANGELOG.rdoc
55
56
  - lib/authgasm/acts_as_authentic.rb
56
57
  - lib/authgasm/controller.rb
57
58
  - lib/authgasm/session/active_record_trickery.rb
@@ -64,6 +65,7 @@ extra_rdoc_files:
64
65
  - lib/authgasm.rb
65
66
  - README.rdoc
66
67
  files:
68
+ - CHANGELOG.rdoc
67
69
  - init.rb
68
70
  - lib/authgasm/acts_as_authentic.rb
69
71
  - lib/authgasm/controller.rb
@@ -87,10 +89,6 @@ files:
87
89
  - test_app/app/helpers/users_helper.rb
88
90
  - test_app/app/models/user.rb
89
91
  - test_app/app/models/user_session.rb
90
- - test_app/app/views/asses/edit.html.erb
91
- - test_app/app/views/asses/index.html.erb
92
- - test_app/app/views/asses/new.html.erb
93
- - test_app/app/views/asses/show.html.erb
94
92
  - test_app/app/views/layouts/application.html.erb
95
93
  - test_app/app/views/user_sessions/new.html.erb
96
94
  - test_app/app/views/users/_form.erb
@@ -43,7 +43,7 @@ module Authgasm
43
43
  # * <tt>password_salt_field:</tt> default: depends on which columns are present, checks: password_salt, pw_salt, salt, if none are present defaults to password_salt. This is the name of the field your salt is stored, only relevant for a hash crypto provider.
44
44
  # * <tt>remember_token_field:</tt> default: options[:session_class].remember_token_field, the name of the field your remember token is stored. What the cookie stores so the session can be "remembered"
45
45
  # * <tt>logged_in_timeout:</tt> default: 10.minutes, this allows you to specify a time the determines if a user is logged in or out. Useful if you want to count how many users are currently logged in.
46
- # * <tt>session_scopes:</tt> default: [nil], the sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable. Should be an array of scopes. See Authgasm::Session::Base#initialize for information on scopes.
46
+ # * <tt>session_ids:</tt> default: [nil], the sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable. Should be an array of ids. See Authgasm::Session::Base#initialize for information on ids. The order is important. The first id should be your main session, the session they need to log into first. This is generally nil, meaning so explicitly set id.
47
47
  def acts_as_authentic(options = {})
48
48
  # Setup default options
49
49
  options[:session_class] ||= "#{name}Session".constantize
@@ -65,7 +65,7 @@ module Authgasm
65
65
  :password_salt
66
66
  options[:remember_token_field] ||= options[:session_class].remember_token_field
67
67
  options[:logged_in_timeout] ||= 10.minutes
68
- options[:session_scopes] ||= [nil]
68
+ options[:session_ids] ||= [nil]
69
69
 
70
70
  # Validations
71
71
  case options[:login_field_type]
@@ -91,11 +91,12 @@ module Authgasm
91
91
  end
92
92
 
93
93
  after_create :create_sessions!
94
- after_create :update_sessions!
94
+ after_update :update_sessions!
95
95
 
96
96
  # Attributes
97
97
  attr_writer "confirm_#{options[:password_field]}"
98
- attr_accessor "tried_to_set_#{options[:password_field]}", :saving_from_session
98
+ attr_accessor "tried_to_set_#{options[:password_field]}"
99
+ attr_protected "tried_to_set_#{options[:password_field]}"
99
100
 
100
101
  # Class methods
101
102
  class_eval <<-"end_eval", __FILE__, __LINE__
@@ -167,15 +168,32 @@ module Authgasm
167
168
 
168
169
  protected
169
170
  def create_sessions!
170
- #{options[:session_scopes].inspect}.each { |scope| #{options[:session_class]}.create(self) }
171
+ return if !#{options[:session_class]}.activated? || #{options[:session_ids].inspect}.blank?
172
+
173
+ # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
174
+ # that need to be created after logging into the main session.
175
+ session_id = #{options[:session_ids].inspect}.first
176
+
177
+ # If we are already logged in, ignore this completely. All that we care about is updating ourself.
178
+ next if #{options[:session_class]}.find(*[session_id].compact)
179
+
180
+ # Log me in
181
+ args = [self, session_id].compact
182
+ #{options[:session_class]}.create(*args)
171
183
  end
172
184
 
173
185
  def update_sessions!
174
- #{options[:session_scopes].inspect}.each { |scope| #{options[:session_class]}.update(self) }
175
- end
176
-
177
- def saving_from_session?
178
- saving_from_session == true
186
+ return if !#{options[:session_class]}.activated?
187
+
188
+ #{options[:session_ids].inspect}.each do |session_id|
189
+ session = #{options[:session_class]}.find(*[session_id].compact)
190
+
191
+ # Ignore if we can't find the session or the session isn't this record
192
+ next if !session || session.record != self
193
+
194
+ # We know we are logged in and this is our record, update the session
195
+ session.update
196
+ end
179
197
  end
180
198
 
181
199
  def tried_to_set_password?
@@ -17,10 +17,6 @@ module Authgasm
17
17
  end
18
18
 
19
19
  module InstanceMethods # :nodoc:
20
- def id
21
- nil
22
- end
23
-
24
20
  def new_record?
25
21
  true
26
22
  end
@@ -44,11 +44,15 @@ module Authgasm
44
44
  # @current_user = @user_session && @user_session.record
45
45
  # end
46
46
  #
47
- # Accepts a single parameter as the scope. See initialize for more information on scopes.
48
- def find(scope = nil)
49
- args = [scope].compact
47
+ # Accepts a single parameter as the id. See initialize for more information on ids. Lastly, how it finds the session can be modified via configuration.
48
+ def find(id = nil)
49
+ args = [id].compact
50
50
  session = new(*args)
51
- return session if session.valid_session? || session.valid_cookie?(true) || session.valid_http_auth?(true)
51
+ find_with.each do |find_method|
52
+ args = []
53
+ args << true unless find_method == :session
54
+ return session if session.send("valid_#{find_method}?", *args)
55
+ end
52
56
  nil
53
57
  end
54
58
 
@@ -89,7 +93,7 @@ module Authgasm
89
93
  end
90
94
  end
91
95
 
92
- attr_accessor :login_with, :remember_me, :scope
96
+ attr_accessor :login_with, :remember_me, :id
93
97
  attr_reader :record, :unauthorized_record
94
98
 
95
99
  # You can initialize a session by doing any of the following:
@@ -98,18 +102,18 @@ module Authgasm
98
102
  # UserSession.new(login, password)
99
103
  # UserSession.new(:login => login, :password => password)
100
104
  #
101
- # If a user has more than one session you need to pass a scope so that Authgasm knows how to differentiate the sessions. The scope MUST be a Symbol.
105
+ # If a user has more than one session you need to pass an id so that Authgasm knows how to differentiate the sessions. The id MUST be a Symbol.
102
106
  #
103
- # UserSession.new(:my_scope)
104
- # UserSession.new(login, password, :my_scope)
105
- # UserSession.new({:login => loing, :password => password}, :my_scope)
107
+ # UserSession.new(:my_id)
108
+ # UserSession.new(login, password, :my_id)
109
+ # UserSession.new({:login => loing, :password => password}, :my_id)
106
110
  #
107
- # Scopes are rarely used, but they can be useful. For example, what if users allow other users to login into their account via proxy? Now that user can "technically" be logged into 2 accounts at once.
108
- # To solve this just pass a scope called :proxy, or whatever you want. Authgasm will separate everything out.s
111
+ # Ids are rarely used, but they can be useful. For example, what if users allow other users to login into their account via proxy? Now that user can "technically" be logged into 2 accounts at once.
112
+ # To solve this just pass a id called :proxy, or whatever you want. Authgasm will separate everything out.
109
113
  def initialize(*args)
110
114
  create_configurable_methods!
111
115
 
112
- self.scope = args.pop if args.last.is_a?(Symbol)
116
+ self.id = args.pop if args.last.is_a?(Symbol)
113
117
 
114
118
  case args.size
115
119
  when 1
@@ -153,7 +157,6 @@ module Authgasm
153
157
  record.current_login_ip = controller.request.remote_ip
154
158
  end
155
159
 
156
- record.saving_from_session = true
157
160
  record.save(false)
158
161
  end
159
162
 
@@ -186,6 +189,7 @@ module Authgasm
186
189
  @record = nil
187
190
  cookies.delete cookie_key
188
191
  session[session_key] = nil
192
+ true
189
193
  end
190
194
 
191
195
  # Errors when authentication fails, just like ActiveRecord errors. In fact it uses the same exact class.
@@ -267,9 +271,8 @@ module Authgasm
267
271
  # Now lets set the session to make things easier on successive requests. This is nice when logging in from a cookie, the next requests will be right from the session, which is quicker.
268
272
  if set_session
269
273
  session[session_key] = record.id
270
- if record.class.column_names.include?("last_click_at")
271
- record.last_click_at = Time.now
272
- record.saving_from_session = true
274
+ if record.class.column_names.include?("last_request_at")
275
+ record.last_request_at = Time.now
273
276
  record.save(false)
274
277
  end
275
278
  end
@@ -18,28 +18,28 @@ module Authgasm
18
18
  def create_with_callbacks(updating = false) # :nodoc:
19
19
  run_callbacks(:before_create)
20
20
  result = create_without_callbacks(updating)
21
- run_callbacks(:after_create)
21
+ run_callbacks(:after_create) if result
22
22
  result
23
23
  end
24
24
 
25
25
  def destroy_with_callbacks # :nodoc:
26
26
  run_callbacks(:before_destroy)
27
27
  result = destroy_without_callbacks
28
- run_callbacks(:after_destroy)
28
+ run_callbacks(:after_destroy) if result
29
29
  result
30
30
  end
31
31
 
32
32
  def update_with_callbacks # :nodoc:
33
33
  run_callbacks(:before_update)
34
34
  result = update_without_callbacks
35
- run_callbacks(:after_update)
35
+ run_callbacks(:after_update) if result
36
36
  result
37
37
  end
38
38
 
39
39
  def valid_with_callbacks?(set_session = false) # :nodoc:
40
40
  run_callbacks(:before_validation)
41
41
  result = valid_without_callbacks?(set_session)
42
- run_callbacks(:after_validation)
42
+ run_callbacks(:after_validation) if result
43
43
  result
44
44
  end
45
45
  end
@@ -57,7 +57,7 @@ module Authgasm
57
57
  attr_writer :cookie_separator
58
58
 
59
59
  # The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems.
60
- # Also, if a scope is set it will be inserted into the beginning of the string. Exmaple:
60
+ # Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
61
61
  #
62
62
  # session = UserSession.new(:super_high_secret)
63
63
  # session.cookie_key => "super_high_secret_user_credentials"
@@ -84,6 +84,15 @@ module Authgasm
84
84
  end
85
85
  attr_writer :find_by_login_method
86
86
 
87
+ # Calling UserSession.find tries to find the user session by session, then cookie, then basic http auth. This option allows you to change the order or remove any of these.
88
+ #
89
+ # * <tt>Default:</tt> [:session, :cookie, :http_auth]
90
+ # * <tt>Accepts:</tt> Array, and can only use any of the 3 options above
91
+ def find_with
92
+ @find_with ||= [:session, :cookie, :http_auth]
93
+ end
94
+ attr_writer :find_with
95
+
87
96
  # The name of the method you want Authgasm to create for storing the login / username. Keep in mind this is just for your Authgasm::Session, if you want it can be something completely different
88
97
  # than the field in your model. So if you wanted people to login with a field called "login" and then find users by email this is compeltely doable. See the find_by_login_method configuration option for
89
98
  # more details.
@@ -155,7 +164,7 @@ module Authgasm
155
164
 
156
165
  module InstanceMethods # :nodoc:
157
166
  def cookie_key
158
- key_parts = [scope, self.class.cookie_key].compact
167
+ key_parts = [id, self.class.cookie_key].compact
159
168
  key_parts.join("_")
160
169
  end
161
170
 
@@ -180,7 +189,7 @@ module Authgasm
180
189
  end
181
190
 
182
191
  def session_key
183
- key_parts = [scope, self.class.session_key].compact
192
+ key_parts = [id, self.class.session_key].compact
184
193
  key_parts.join("_")
185
194
  end
186
195
 
@@ -44,7 +44,7 @@ module Authgasm # :nodoc:
44
44
 
45
45
  MAJOR = 0
46
46
  MINOR = 9
47
- TINY = 0
47
+ TINY = 1
48
48
 
49
49
  # The current version as a Version instance
50
50
  CURRENT = new(MAJOR, MINOR, TINY)
@@ -5,6 +5,10 @@
5
5
  <td>Login:</td>
6
6
  <td><%= @current_user.login %></td>
7
7
  </tr>
8
+ <tr>
9
+ <td>Login count:</td>
10
+ <td><%= @current_user.login_count %></td>
11
+ </tr>
8
12
  <tr>
9
13
  <td>First name:</td>
10
14
  <td><%= @current_user.first_name %></td>
@@ -2,6 +2,7 @@ class CreateUsers < ActiveRecord::Migration
2
2
  def self.up
3
3
  create_table :users do |t|
4
4
  t.timestamps
5
+ t.integer :login_count, :null => false, :default => 0
5
6
  t.string :login, :null => false
6
7
  t.string :crypted_password
7
8
  t.string :password_salt
@@ -14,7 +14,8 @@ ActiveRecord::Schema.define(:version => 20081023040052) do
14
14
  create_table "users", :force => true do |t|
15
15
  t.datetime "created_at"
16
16
  t.datetime "updated_at"
17
- t.string "login", :null => false
17
+ t.integer "login_count", :default => 0, :null => false
18
+ t.string "login", :null => false
18
19
  t.string "crypted_password"
19
20
  t.string "password_salt"
20
21
  t.string "remember_token"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authgasm
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.9.0
4
+ version: 0.9.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ben Johnson of Binary Logic
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-10-24 00:00:00 -04:00
12
+ date: 2008-10-26 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -49,6 +49,7 @@ executables: []
49
49
  extensions: []
50
50
 
51
51
  extra_rdoc_files:
52
+ - CHANGELOG.rdoc
52
53
  - lib/authgasm/acts_as_authentic.rb
53
54
  - lib/authgasm/controller.rb
54
55
  - lib/authgasm/session/active_record_trickery.rb
@@ -61,6 +62,7 @@ extra_rdoc_files:
61
62
  - lib/authgasm.rb
62
63
  - README.rdoc
63
64
  files:
65
+ - CHANGELOG.rdoc
64
66
  - init.rb
65
67
  - lib/authgasm/acts_as_authentic.rb
66
68
  - lib/authgasm/controller.rb
@@ -84,10 +86,6 @@ files:
84
86
  - test_app/app/helpers/users_helper.rb
85
87
  - test_app/app/models/user.rb
86
88
  - test_app/app/models/user_session.rb
87
- - test_app/app/views/asses/edit.html.erb
88
- - test_app/app/views/asses/index.html.erb
89
- - test_app/app/views/asses/new.html.erb
90
- - test_app/app/views/asses/show.html.erb
91
89
  - test_app/app/views/layouts/application.html.erb
92
90
  - test_app/app/views/user_sessions/new.html.erb
93
91
  - test_app/app/views/users/_form.erb
@@ -1,12 +0,0 @@
1
- <h1>Editing ass</h1>
2
-
3
- <% form_for(@ass) do |f| %>
4
- <%= f.error_messages %>
5
-
6
- <p>
7
- <%= f.submit "Update" %>
8
- </p>
9
- <% end %>
10
-
11
- <%= link_to 'Show', @ass %> |
12
- <%= link_to 'Back', asses_path %>
@@ -1,18 +0,0 @@
1
- <h1>Listing asses</h1>
2
-
3
- <table>
4
- <tr>
5
- </tr>
6
-
7
- <% for ass in @asses %>
8
- <tr>
9
- <td><%= link_to 'Show', ass %></td>
10
- <td><%= link_to 'Edit', edit_ass_path(ass) %></td>
11
- <td><%= link_to 'Destroy', ass, :confirm => 'Are you sure?', :method => :delete %></td>
12
- </tr>
13
- <% end %>
14
- </table>
15
-
16
- <br />
17
-
18
- <%= link_to 'New ass', new_ass_path %>
@@ -1,11 +0,0 @@
1
- <h1>New ass</h1>
2
-
3
- <% form_for(@ass) do |f| %>
4
- <%= f.error_messages %>
5
-
6
- <p>
7
- <%= f.submit "Create" %>
8
- </p>
9
- <% end %>
10
-
11
- <%= link_to 'Back', asses_path %>
@@ -1,3 +0,0 @@
1
-
2
- <%= link_to 'Edit', edit_ass_path(@ass) %> |
3
- <%= link_to 'Back', asses_path %>