authgasm 0.9.0

data/lib/authgasm/session/callbacks.rb

@@ -0,0 +1,47 @@
+module Authgasm
+  module Session
+    # = Callbacks
+    #
+    # Just like in ActiveRecord you have before_save, before_validation, etc. You have similar callbacks with Authgasm, see all callbacks below.
+    module Callbacks
+      CALLBACKS = %w(before_create after_create before_destroy after_destroy before_update after_update before_validation after_validation)
+
+      def self.included(base) #:nodoc:
+        [:create, :destroy, :update, :valid?].each do |method|
+          base.send :alias_method_chain, method, :callbacks
+        end
+
+        base.send :include, ActiveSupport::Callbacks
+        base.define_callbacks *CALLBACKS
+      end
+            
+      def create_with_callbacks(updating = false) # :nodoc:
+        run_callbacks(:before_create)
+        result = create_without_callbacks(updating)
+        run_callbacks(:after_create)
+        result
+      end
+      
+      def destroy_with_callbacks # :nodoc:
+        run_callbacks(:before_destroy)
+        result = destroy_without_callbacks
+        run_callbacks(:after_destroy)
+        result
+      end
+      
+      def update_with_callbacks # :nodoc:
+        run_callbacks(:before_update)
+        result = update_without_callbacks
+        run_callbacks(:after_update)
+        result
+      end
+      
+      def valid_with_callbacks?(set_session = false) # :nodoc:
+        run_callbacks(:before_validation)
+        result = valid_without_callbacks?(set_session)
+        run_callbacks(:after_validation)
+        result
+      end
+    end
+  end
+end

data/lib/authgasm/session/config.rb

@@ -0,0 +1,193 @@
+module Authgasm
+  module Session
+    module Config # :nodoc:
+      def self.included(klass)
+        klass.extend(ClassMethods)
+        klass.send(:include, InstanceMethods)
+      end
+      
+      # = Config
+      #
+      # Configuration is simple. The configuration options are just class methods. Just put this in your config/initializers directory
+      #
+      #   UserSession.configure do |config|
+      #     config.authenticate_with = User
+      #     # ... more configuration
+      #   end
+      #
+      # or you can set your configuration in the session class directly:
+      #
+      #   class UserSession < Authgasm::Session::Base
+      #     self.authenticate_with = User
+      #     # ... more configuration
+      #   end
+      #
+      # or...
+      #
+      #   class UserSession < Authgasm::Session::Base
+      #     configure do |config|
+      #       config.authenticate_with = User
+      #       # ... more configuration
+      #     end
+      #   end
+      #
+      # See the methods belows for all configuration options.
+      module ClassMethods
+        # Lets you change which model to use for authentication.
+        #
+        # * <tt>Default:</tt> inferred from the class name. UserSession would automatically try User
+        # * <tt>Accepts:</tt> an ActiveRecord class
+        def authenticate_with=(klass)
+          @klass_name = klass.name
+          @klass = klass
+        end
+        
+        # Convenience method that lets you easily set configuration, see examples above
+        def configure
+          yield self
+        end
+        
+        # The authentication credentials are stored in a cookie as: user#{cookie_separator}crypted_password.
+        #
+        # * <tt>Default:</tt> ":::"
+        # * <tt>Accepts:</tt> String
+        def cookie_separator
+          @cookie_separator ||= ":::"
+        end
+        attr_writer :cookie_separator
+        
+        # The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems.
+        # Also, if a scope is set it will be inserted into the beginning of the string. Exmaple:
+        #
+        #   session = UserSession.new(:super_high_secret)
+        #   session.cookie_key => "super_high_secret_user_credentials"
+        #
+        # * <tt>Default:</tt> "#{klass_name.underscore}_credentials"
+        # * <tt>Accepts:</tt> String
+        def cookie_key
+          @cookie_key ||= "#{klass_name.underscore}_credentials"
+        end
+        attr_writer :cookie_key
+        
+        # The name of the method used to find the record by the login. What's nifty about this is that you can do anything in your method, Authgasm will just pass you the login.
+        #
+        # Let's say you allow users to login by username or email. Set this to "find_login", or whatever method you want. Then in your model create a class method like:
+        #
+        #   def self.find_login(login)
+        #     find_by_login(login) || find_by_email(login)
+        #   end
+        #
+        # * <tt>Default:</tt> "find_by_#{login_field}"
+        # * <tt>Accepts:</tt> Symbol or String
+        def find_by_login_method
+          @find_by_login_method ||= "find_by_#{login_field}"
+        end
+        attr_writer :find_by_login_method
+        
+        # The name of the method you want Authgasm to create for storing the login / username. Keep in mind this is just for your Authgasm::Session, if you want it can be something completely different
+        # than the field in your model. So if you wanted people to login with a field called "login" and then find users by email this is compeltely doable. See the find_by_login_method configuration option for
+        # more details.
+        #
+        # * <tt>Default:</tt> Guesses based on the model columns, tries login, username, and email. If none are present it defaults to login
+        # * <tt>Accepts:</tt> Symbol or String
+        def login_field
+          @login_field ||= (klass.columns.include?("login") && :login) || (klass.columns.include?("username") && :username) || (klass.columns.include?("email") && :email) || :login
+        end
+        attr_writer :login_field
+        
+        # Works exactly like login_field, but for the password instead.
+        #
+        # * <tt>Default:</tt> Guesses based on the model columns, tries password and pass. If none are present it defaults to password
+        # * <tt>Accepts:</tt> Symbol or String
+        def password_field
+          @password_field ||= (klass.columns.include?("password") && :password) || (klass.columns.include?("pass") && :pass) || :password
+        end
+        attr_writer :password_field
+        
+        # The length of time until the cookie expires.
+        #
+        # * <tt>Default:</tt> 3.months
+        # * <tt>Accepts:</tt> Integer, length of time in seconds, such as 60 or 3.months
+        def remember_me_for
+          return @remember_me_for if @set_remember_me_for
+          @remember_me_for ||= 3.months
+        end
+        
+        def remember_me_for=(value)  # :nodoc:
+          @set_remember_me_for = true
+          @remember_me_for = value
+        end
+        
+        # The name of the field that the remember token is stored. This is for cookies. Let's say you set up your app and want all users to be remembered for 6 months. Then you realize that might be a little too
+        # long. Well they already have a cookie set to expire in 6 months. Without a token you would have to reset their password, which obviously isn't feasible. So instead of messing with their password
+        # just reset their remember token. Next time they access the site and try to login via a cookie it will be rejected and they will have to relogin.
+        #
+        # * <tt>Default:</tt> Guesses based on the model columns, tries remember_token, remember_key, cookie_token, and cookie_key. If none are present it defaults to remember_token
+        # * <tt>Accepts:</tt> Symbol or String
+        def remember_token_field
+          @remember_token_field ||=
+            (klass.columns.include?("remember_token") && :remember_token) ||
+            (klass.columns.include?("remember_key") && :remember_key) ||
+            (klass.columns.include?("cookie_token") && :cookie_token) ||
+            (klass.columns.include?("cookie_key") && :cookie_key) ||
+            :remember_token
+        end
+        attr_writer :remember_token_field
+        
+        # Works exactly like cookie_key, but for sessions. See cookie_key for more info.
+        #
+        # * <tt>Default:</tt> :#{klass_name.underscore}_id
+        # * <tt>Accepts:</tt> Symbol or String
+        def session_key
+          @session_key ||= "#{klass_name.underscore}_id".to_sym
+        end
+        attr_writer :session_key
+        
+        # The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password.
+        #
+        # * <tt>Default:</tt> "valid_#{password_field}?"
+        # * <tt>Accepts:</tt> Symbol or String
+        def verify_password_method
+          @verify_password_method ||= "valid_#{password_field}?"
+        end
+        attr_writer :verify_password_method
+      end
+      
+      module InstanceMethods # :nodoc:
+        def cookie_key
+          key_parts = [scope, self.class.cookie_key].compact
+          key_parts.join("_")
+        end
+        
+        def find_by_login_method
+          self.class.find_by_login_method
+        end
+      
+        def login_field
+          self.class.login_field
+        end
+      
+        def password_field
+          self.class.password_field
+        end
+        
+        def remember_me_for
+          self.class.remember_me_for
+        end
+        
+        def remember_token_field
+          self.class.remember_token_field
+        end
+        
+        def session_key
+          key_parts = [scope, self.class.session_key].compact
+          key_parts.join("_")
+        end
+      
+        def verify_password_method
+          self.class.verify_password_method
+        end
+      end
+    end
+  end
+end

data/lib/authgasm/session/errors.rb

@@ -0,0 +1,12 @@
+module Authgasm
+  module Session
+    class Errors < ::ActiveRecord::Errors # :nodoc:
+    end
+    
+    class SessionInvalid < ::StandardError # :nodoc:
+      def initialize(session)
+        super("Authentication failed: #{session.errors.full_messages.to_sentence}")
+      end
+    end
+  end
+end

data/lib/authgasm/sha256_crypto_provider.rb

@@ -0,0 +1,13 @@
+module Authgasm
+  # = Sha256 Crypto Provider
+  #
+  # The acts_as_authentic method allows you to pass a :crypto_provider option. This allows you to use any type of encryption you like. Just create a class with a class level encrypt and decrypt method.
+  # The password will be passed as the single parameter to each of these methods so you can do your magic.
+  #
+  # If you are encrypting via a hash just don't include a decrypt method, since hashes can't be decrypted. Authgasm will notice this adjust accordingly.
+  class Sha256CryptoProvider
+    def self.encrypt(pass)
+      Digest::SHA256.hexdigest(pass)
+    end
+  end
+end

data/lib/authgasm/version.rb

@@ -0,0 +1,56 @@
+module Authgasm # :nodoc:
+  # = Version
+  #
+  # A class for describing the current version of a library. The version
+  # consists of three parts: the +major+ number, the +minor+ number, and the
+  # +tiny+ (or +patch+) number.
+  class Version
+    
+    include Comparable
+  
+    # A convenience method for instantiating a new Version instance with the
+    # given +major+, +minor+, and +tiny+ components.
+    def self.[](major, minor, tiny)
+      new(major, minor, tiny)
+    end
+
+    attr_reader :major, :minor, :tiny
+
+    # Create a new Version object with the given components.
+    def initialize(major, minor, tiny)
+      @major, @minor, @tiny = major, minor, tiny
+    end
+
+    # Compare this version to the given +version+ object.
+    def <=>(version)
+      to_i <=> version.to_i
+    end
+
+    # Converts this version object to a string, where each of the three
+    # version components are joined by the '.' character. E.g., 2.0.0.
+    def to_s
+      @to_s ||= [@major, @minor, @tiny].join(".")
+    end
+
+    # Converts this version to a canonical integer that may be compared
+    # against other version objects.
+    def to_i
+      @to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
+    end
+    
+    def to_a
+      [@major, @minor, @tiny]
+    end
+
+    MAJOR = 0
+    MINOR = 9
+    TINY  = 0
+
+    # The current version as a Version instance
+    CURRENT = new(MAJOR, MINOR, TINY)
+    # The current version as a String
+    STRING = CURRENT.to_s
+    
+  end
+  
+end

data/test_app/README

@@ -0,0 +1,256 @@
+== Welcome to Rails
+
+Rails is a web-application framework that includes everything needed to create 
+database-backed web applications according to the Model-View-Control pattern. 
+
+This pattern splits the view (also called the presentation) into "dumb" templates
+that are primarily responsible for inserting pre-built data in between HTML tags.
+The model contains the "smart" domain objects (such as Account, Product, Person,
+Post) that holds all the business logic and knows how to persist themselves to
+a database. The controller handles the incoming requests (such as Save New Account,
+Update Product, Show Post) by manipulating the model and directing data to the view.
+
+In Rails, the model is handled by what's called an object-relational mapping
+layer entitled Active Record. This layer allows you to present the data from
+database rows as objects and embellish these data objects with business logic
+methods. You can read more about Active Record in
+link:files/vendor/rails/activerecord/README.html.
+
+The controller and view are handled by the Action Pack, which handles both
+layers by its two parts: Action View and Action Controller. These two layers
+are bundled in a single package due to their heavy interdependence. This is
+unlike the relationship between the Active Record and Action Pack that is much
+more separate. Each of these packages can be used independently outside of
+Rails.  You can read more about Action Pack in
+link:files/vendor/rails/actionpack/README.html.
+
+
+== Getting Started
+
+1. At the command prompt, start a new Rails application using the <tt>rails</tt> command
+   and your application name. Ex: rails myapp
+2. Change directory into myapp and start the web server: <tt>script/server</tt> (run with --help for options)
+3. Go to http://localhost:3000/ and get "Welcome aboard: You're riding the Rails!"
+4. Follow the guidelines to start developing your application
+
+
+== Web Servers
+
+By default, Rails will try to use Mongrel and lighttpd if they are installed, otherwise
+Rails will use WEBrick, the webserver that ships with Ruby. When you run script/server,
+Rails will check if Mongrel exists, then lighttpd and finally fall back to WEBrick. This ensures
+that you can always get up and running quickly.
+
+Mongrel is a Ruby-based webserver with a C component (which requires compilation) that is
+suitable for development and deployment of Rails applications. If you have Ruby Gems installed,
+getting up and running with mongrel is as easy as: <tt>gem install mongrel</tt>.
+More info at: http://mongrel.rubyforge.org
+
+If Mongrel is not installed, Rails will look for lighttpd. It's considerably faster than
+Mongrel and WEBrick and also suited for production use, but requires additional
+installation and currently only works well on OS X/Unix (Windows users are encouraged
+to start with Mongrel). We recommend version 1.4.11 and higher. You can download it from
+http://www.lighttpd.net.
+
+And finally, if neither Mongrel or lighttpd are installed, Rails will use the built-in Ruby
+web server, WEBrick. WEBrick is a small Ruby web server suitable for development, but not
+for production.
+
+But of course its also possible to run Rails on any platform that supports FCGI.
+Apache, LiteSpeed, IIS are just a few. For more information on FCGI,
+please visit: http://wiki.rubyonrails.com/rails/pages/FastCGI
+
+
+== Apache .htaccess example
+
+# General Apache options
+AddHandler fastcgi-script .fcgi
+AddHandler cgi-script .cgi
+Options +FollowSymLinks +ExecCGI
+
+# If you don't want Rails to look in certain directories,
+# use the following rewrite rules so that Apache won't rewrite certain requests
+# 
+# Example:
+#   RewriteCond %{REQUEST_URI} ^/notrails.*
+#   RewriteRule .* - [L]
+
+# Redirect all requests not available on the filesystem to Rails
+# By default the cgi dispatcher is used which is very slow
+# 
+# For better performance replace the dispatcher with the fastcgi one
+#
+# Example:
+#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
+RewriteEngine On
+
+# If your Rails application is accessed via an Alias directive,
+# then you MUST also set the RewriteBase in this htaccess file.
+#
+# Example:
+#   Alias /myrailsapp /path/to/myrailsapp/public
+#   RewriteBase /myrailsapp
+
+RewriteRule ^$ index.html [QSA]
+RewriteRule ^([^.]+)$ $1.html [QSA]
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
+
+# In case Rails experiences terminal errors
+# Instead of displaying this message you can supply a file here which will be rendered instead
+# 
+# Example:
+#   ErrorDocument 500 /500.html
+
+ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
+
+
+== Debugging Rails
+
+Sometimes your application goes wrong.  Fortunately there are a lot of tools that
+will help you debug it and get it back on the rails.
+
+First area to check is the application log files.  Have "tail -f" commands running
+on the server.log and development.log. Rails will automatically display debugging
+and runtime information to these files. Debugging info will also be shown in the
+browser on requests from 127.0.0.1.
+
+You can also log your own messages directly into the log file from your code using
+the Ruby logger class from inside your controllers. Example:
+
+  class WeblogController < ActionController::Base
+    def destroy
+      @weblog = Weblog.find(params[:id])
+      @weblog.destroy
+      logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
+    end
+  end
+
+The result will be a message in your log file along the lines of:
+
+  Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1
+
+More information on how to use the logger is at http://www.ruby-doc.org/core/
+
+Also, Ruby documentation can be found at http://www.ruby-lang.org/ including:
+
+* The Learning Ruby (Pickaxe) Book: http://www.ruby-doc.org/docs/ProgrammingRuby/
+* Learn to Program: http://pine.fm/LearnToProgram/  (a beginners guide)
+
+These two online (and free) books will bring you up to speed on the Ruby language
+and also on programming in general.
+
+
+== Debugger
+
+Debugger support is available through the debugger command when you start your Mongrel or
+Webrick server with --debugger. This means that you can break out of execution at any point
+in the code, investigate and change the model, AND then resume execution! 
+You need to install ruby-debug to run the server in debugging mode. With gems, use 'gem install ruby-debug'
+Example:
+
+  class WeblogController < ActionController::Base
+    def index
+      @posts = Post.find(:all)
+      debugger
+    end
+  end
+
+So the controller will accept the action, run the first line, then present you
+with a IRB prompt in the server window. Here you can do things like:
+
+  >> @posts.inspect
+  => "[#<Post:0x14a6be8 @attributes={\"title\"=>nil, \"body\"=>nil, \"id\"=>\"1\"}>,
+       #<Post:0x14a6620 @attributes={\"title\"=>\"Rails you know!\", \"body\"=>\"Only ten..\", \"id\"=>\"2\"}>]"
+  >> @posts.first.title = "hello from a debugger"
+  => "hello from a debugger"
+
+...and even better is that you can examine how your runtime objects actually work:
+
+  >> f = @posts.first
+  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
+  >> f.
+  Display all 152 possibilities? (y or n)
+
+Finally, when you're ready to resume execution, you enter "cont"
+
+
+== Console
+
+You can interact with the domain model by starting the console through <tt>script/console</tt>.
+Here you'll have all parts of the application configured, just like it is when the
+application is running. You can inspect domain models, change values, and save to the
+database. Starting the script without arguments will launch it in the development environment.
+Passing an argument will specify a different environment, like <tt>script/console production</tt>.
+
+To reload your controllers and models after launching the console run <tt>reload!</tt>
+
+== dbconsole
+
+You can go to the command line of your database directly through <tt>script/dbconsole</tt>.
+You would be connected to the database with the credentials defined in database.yml.
+Starting the script without arguments will connect you to the development database. Passing an
+argument will connect you to a different database, like <tt>script/dbconsole production</tt>.
+Currently works for mysql, postgresql and sqlite.
+
+== Description of Contents
+
+app
+  Holds all the code that's specific to this particular application.
+
+app/controllers
+  Holds controllers that should be named like weblogs_controller.rb for
+  automated URL mapping. All controllers should descend from ApplicationController
+  which itself descends from ActionController::Base.
+
+app/models
+  Holds models that should be named like post.rb.
+  Most models will descend from ActiveRecord::Base.
+
+app/views
+  Holds the template files for the view that should be named like
+  weblogs/index.html.erb for the WeblogsController#index action. All views use eRuby
+  syntax.
+
+app/views/layouts
+  Holds the template files for layouts to be used with views. This models the common
+  header/footer method of wrapping views. In your views, define a layout using the
+  <tt>layout :default</tt> and create a file named default.html.erb. Inside default.html.erb,
+  call <% yield %> to render the view using this layout.
+
+app/helpers
+  Holds view helpers that should be named like weblogs_helper.rb. These are generated
+  for you automatically when using script/generate for controllers. Helpers can be used to
+  wrap functionality for your views into methods.
+
+config
+  Configuration files for the Rails environment, the routing map, the database, and other dependencies.
+
+db
+  Contains the database schema in schema.rb.  db/migrate contains all
+  the sequence of Migrations for your schema.
+
+doc
+  This directory is where your application documentation will be stored when generated
+  using <tt>rake doc:app</tt>
+
+lib
+  Application specific libraries. Basically, any kind of custom code that doesn't
+  belong under controllers, models, or helpers. This directory is in the load path.
+
+public
+  The directory available for the web server. Contains subdirectories for images, stylesheets,
+  and javascripts. Also contains the dispatchers and the default HTML files. This should be
+  set as the DOCUMENT_ROOT of your web server.
+
+script
+  Helper scripts for automation and generation.
+
+test
+  Unit and functional tests along with fixtures. When using the script/generate scripts, template
+  test files will be generated for you and placed in this directory.
+
+vendor
+  External libraries that the application depends on. Also includes the plugins subdirectory.
+  If the app has frozen rails, those gems also go here, under vendor/rails/.
+  This directory is in the load path.