authkit 0.0.1

data/lib/generators/authkit/templates/app/views/password_change/show.html.erb

@@ -0,0 +1,16 @@
+<h1>Please enter a new password</h1>
+
+<%= form_tag(password_change_path, method: "post") do %>
+  <%= hidden_field_tag :token, params[:token] %>
+
+  <div class="field">
+    <%= label_tag "password" %>
+    <%= password_field_tag "password" %>
+  </div>
+  <div class="field">
+    <%= label_tag "password_confirmation" %>
+    <%= password_field_tag "password_confirmation" %>
+  </div>
+
+  <%= submit_tag "Change" %>
+<% end %>

data/lib/generators/authkit/templates/app/views/password_reset/show.html.erb

@@ -0,0 +1,12 @@
+<h1>Reset your password</h1>
+
+<%= form_tag(password_reset_path, method: "post") do %>
+  <%= hidden_field_tag :token, params[:token] %>
+
+  <div class="field">
+    <%= label_tag "email", "Email or username" %>
+    <%= text_field_tag "email" %>
+  </div>
+
+  <%= submit_tag "Reset" %>
+<% end %>

data/lib/generators/authkit/templates/app/views/sessions/new.html.erb

@@ -0,0 +1,13 @@
+<h1>Sign In</h1>
+
+<%= form_tag(login_path, method: "post") do %>
+  <div class="field">
+    <%= label_tag "email", "Email or username" %>
+    <%= text_field_tag "email" %>
+  </div>
+  <div class="field">
+    <%= label_tag "password" %>
+    <%= password_field_tag "password" %>
+  </div>
+  <%= submit_tag "Login" %>
+<% end %>

data/lib/generators/authkit/templates/app/views/users/edit.html.erb

@@ -0,0 +1,58 @@
+<h1>Account</h1>
+
+<% if @user.errors.any? %>
+  <div id="error_explanation">
+    <div class="alert alert-error">
+      The form contains <%= pluralize(@user.errors.count, "error") %>.
+    </div>
+    <ul>
+    <% @user.errors.full_messages.each do |msg| %>
+      <li>* <%= msg %></li>
+    <% end %>
+    </ul>
+  </div>
+<% end %>
+
+<%= form_for @user do |f| %>
+  <div class="field">
+    <%= f.label "first_name" %>
+    <%= f.text_field "first_name" %>
+  </div>
+  <div class="field">
+    <%= f.label "last_name" %>
+    <%= f.text_field "last_name" %>
+  </div>
+  <div class="field">
+    <%= f.label "bio" %>
+    <%= f.text_area "bio" %>
+  </div>
+  <div class="field">
+    <%= f.label "website" %>
+    <%= f.text_field "website" %>
+  </div>
+  <div class="field">
+    <%= f.label "phone_number" %>
+    <%= f.text_field "phone_number" %>
+  </div>
+  <div class="field">
+    <%= f.label "phone_number" %>
+    <%= f.time_zone_select('time_zone', ActiveSupport::TimeZone.us_zones, :default => "Pacific Time (US & Canada)") %>
+  </div>
+  <div class="field">
+    <%= f.label "email" %>
+    <%= f.text_field "confirmation_email" %>
+  </div>
+  <div class="field">
+    <%= f.label "username" %>
+    <%= f.text_field "username" %>
+  </div>
+  <div class="field">
+    <%= f.label "password" %>
+    <%= f.password_field "password" %>
+  </div>
+  <div class="field">
+    <%= f.label "password_confirmation" %>
+    <%= f.password_field "password_confirmation" %>
+  </div>
+  <%= f.submit "Save" %>
+<% end %>

data/lib/generators/authkit/templates/app/views/users/new.html.erb

@@ -0,0 +1,58 @@
+<h1>Sign Up</h1>
+
+<% if @user.errors.any? %>
+  <div id="error_explanation">
+    <div class="alert alert-error">
+      The form contains <%= pluralize(@user.errors.count, "error") %>.
+    </div>
+    <ul>
+    <% @user.errors.full_messages.each do |msg| %>
+      <li>* <%= msg %></li>
+    <% end %>
+    </ul>
+  </div>
+<% end %>
+
+<%= form_for @user do |f| %>
+  <div class="field">
+    <%= f.label "first_name" %>
+    <%= f.text_field "first_name" %>
+  </div>
+  <div class="field">
+    <%= f.label "last_name" %>
+    <%= f.text_field "last_name" %>
+  </div>
+  <div class="field">
+    <%= f.label "bio" %>
+    <%= f.text_area "bio" %>
+  </div>
+  <div class="field">
+    <%= f.label "website" %>
+    <%= f.text_field "website" %>
+  </div>
+  <div class="field">
+    <%= f.label "phone_number" %>
+    <%= f.text_field "phone_number" %>
+  </div>
+  <div class="field">
+    <%= f.label "phone_number" %>
+    <%= f.time_zone_select('time_zone', ActiveSupport::TimeZone.us_zones, :default => "Pacific Time (US & Canada)") %>
+  </div>
+  <div class="field">
+    <%= f.label "email" %>
+    <%= f.text_field "email" %>
+  </div>
+  <div class="field">
+    <%= f.label "username" %>
+    <%= f.text_field "username" %>
+  </div>
+  <div class="field">
+    <%= f.label "password" %>
+    <%= f.text_field "password" %>
+  </div>
+  <div class="field">
+    <%= f.label "password_confirmation" %>
+    <%= f.text_field "password_confirmation" %>
+  </div>
+  <%= f.submit "Sign up" %>
+<% end %>

data/lib/generators/authkit/templates/db/migrate/add_authkit_fields_to_users.rb

@@ -0,0 +1,110 @@
+# Generated by Authkit.
+#
+# Add fields to the users table for managing authentication.
+#
+class AddAuthkitFieldsToUsers < ActiveRecord::Migration
+  def self.up
+    add_column :users, :email, :string, :default => "", :null => false
+    add_column :users, :password_digest, :string, :default => "", :null => false
+    add_column :users, :username, :string, :limit => 64
+
+    add_column :users, :time_zone, :string, :default => "Eastern Time (US & Canada)"
+    add_column :users, :first_name, :string
+    add_column :users, :last_name, :string
+    add_column :users, :bio, :text
+    add_column :users, :website, :string
+    add_column :users, :phone_number, :string
+
+    # One time password key for two-factor auth
+    add_column :users, :otp_secret_key, :string
+
+    # Tracking
+    add_column :users, :sign_in_count, :integer, :default => 0
+    add_column :users, :current_sign_in_at, :datetime
+    add_column :users, :last_sign_in_at, :datetime
+    add_column :users, :current_sign_in_ip, :string
+    add_column :users, :last_sign_in_ip, :string
+
+    # Analytics
+    add_column :users, :original_source, :string
+    add_column :users, :session_source, :string
+    add_column :users, :first_visit_at, :datetime
+    add_column :users, :last_visit_at, :datetime
+
+    # Forgot password / Password reset
+    add_column :users, :reset_password_token, :string
+    add_column :users, :reset_password_token_created_at, :datetime
+
+    # Remember
+    add_column :users, :remember_token, :string
+    add_column :users, :remember_token_created_at, :datetime
+
+    # Confirmation
+    add_column :users, :confirmation_email, :string
+    add_column :users, :confirmation_token, :string
+    add_column :users, :confirmation_token_created_at, :string
+
+    # Lockout
+    add_column :users, :failed_attempts, :integer, :default => 0
+    add_column :users, :locked_at, :datetime
+    add_column :users, :unlock_token, :string
+    add_column :users, :unlock_token_created_at, :datetime
+
+    # Make sure the validations are enforced
+    add_index :users, :email, :unique => true
+    add_index :users, :username, :unique => true
+    add_index :users, :reset_password_token, :unique => true
+    add_index :users, :remember_token, :unique => true
+    add_index :users, :confirmation_token, :unique => true
+    add_index :users, :unlock_token, :unique => true
+
+  end
+
+  def self.down
+    drop_column :users, :email
+    drop_column :users, :password_digest
+    drop_column :users, :username
+
+    drop_column :users, :time_zone
+    drop_column :users, :first_name
+    drop_column :users, :last_name
+    drop_column :users, :bio
+    drop_column :users, :website
+    drop_column :users, :phone_number
+
+    drop_column :users, :otp_secret_key
+
+    # Tracking
+    drop_column :users, :sign_in_count
+    drop_column :users, :current_sign_in_at
+    drop_column :users, :last_sign_in_at
+    drop_column :users, :current_sign_in_ip
+    drop_column :users, :last_sign_in_ip
+
+    # Analytics
+    drop_column :users, :original_source
+    drop_column :users, :session_source
+    drop_column :users, :first_visit_at
+    drop_column :users, :last_visit_at
+
+    # Forgot password / Password reset
+    drop_column :users, :reset_password_token
+    drop_column :users, :reset_password_created_at
+
+    # Remember
+    drop_column :users, :remember_token
+    drop_column :users, :remember_token_created_at
+
+    # Confirmation
+    drop_column :users, :confirmation_email
+    drop_column :users, :confirmation_token
+    drop_column :users, :confirmation_token_created_at
+
+    # Lockout
+    drop_column :users, :failed_attempts
+    drop_column :users, :locked_at
+    drop_column :users, :unlock_token
+    drop_column :users, :unlock_token_created_at
+  end
+end
+

data/lib/generators/authkit/templates/db/migrate/create_users.rb

@@ -0,0 +1,17 @@
+# Generated by Authkit.
+#
+# Create a users table for managing authentication. Fields to handle
+# the authentication are created in the AddAuthkitFieldsToUsers
+# migration.
+#
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/lib/generators/authkit/templates/lib/email_format_validator.rb

@@ -0,0 +1,11 @@
+class EmailFormatValidator < ActiveModel::EachValidator
+  def validate_each(object, attribute, value)
+    unless EmailFormatValidator::is_valid_email(value)
+      object.errors[attribute] << (options[:message] || "is not a valid email address")
+    end
+  end
+
+  def self.is_valid_email(value)
+    value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+  end
+end

data/lib/generators/authkit/templates/spec/controllers/application_controller_spec.rb

@@ -0,0 +1,188 @@
+require 'spec_helper'
+
+describe ApplicationController do
+  let(:user_params) { { email: "test@example.com", username: "test", password: "example", password_confirmation: "example" } }
+  let(:user) { User.new(user_params) }
+  let(:logged_in_session) { { user_id: "1" } }
+  let(:unknown_session) { { user_id: "2" } }
+
+  before(:each) do
+    User.stub(:find_by).with("1").and_return(user)
+  end
+
+  controller do
+    before_filter :require_login, only: [:index]
+    before_filter :require_token, only: [:show]
+
+    def new
+      head :ok
+    end
+
+    def index
+      head :ok
+    end
+
+    def show
+      head :ok
+    end
+  end
+
+  describe "current_user" do
+    it "returns nil if there is no current user" do
+      get :new
+      controller.send(:current_user).should be_nil
+    end
+
+    it "does not perform multiple finds" do
+      User.should_receive(:find_by)
+      get :new, {}, unknown_session
+      controller.send(:current_user).should be_nil
+    end
+
+    it "finds the current user in the session" do
+      get :new, {}, logged_in_session
+      controller.send(:current_user).should == user
+    end
+
+    it "finds the current user from the remember cookie" do
+      # Need to sign the cookie
+      request.env["action_dispatch.secret_token"] = "SECRET"
+      verifier = ActiveSupport::MessageVerifier.new(request.env["action_dispatch.secret_token".freeze])
+      request.cookies[:remember] = verifier.generate("TOKEN")
+      User.should_receive(:user_from_remember_token).with("TOKEN").and_return(user)
+      get :index
+      controller.send(:current_user).should == user
+    end
+
+    it "sets the time zone" do
+      user.should_receive(:time_zone).and_return("Pacific Time (US & Canada)")
+      get :index, {}, logged_in_session
+      Time.zone.name.should == "Pacific Time (US & Canada)"
+    end
+
+    it "has a logged in helper method" do
+      get :new, {}, logged_in_session
+      controller.should be_logged_in
+    end
+  end
+
+  describe "tracking" do
+    it "does not allow tracking if there is a do not track header" do
+      request.headers["DNT"] = "1"
+      get :new
+      controller.send(:allow_tracking?).should == false
+    end
+
+    it "allows tracking if there is no do not track header" do
+      get :new
+      controller.send(:allow_tracking?).should == true
+    end
+  end
+
+  describe "when requiring a user" do
+    it "allows access if there is a user" do
+      get :index, {}, logged_in_session
+      response.should be_success
+    end
+
+    it "stores the return path" do
+      get :index, {}
+      session[:return_url].should == "/anonymous"
+    end
+
+    describe "when responding to html" do
+      it "sets the flash message" do
+        get :index, {}
+        flash.should_not be_empty
+      end
+
+      it "redirecs the user to login" do
+        get :index, {}
+        response.should be_redirect
+      end
+    end
+
+    describe "when responding to json" do
+      it "returns a forbidden status" do
+        get :index, {format: :json}
+        response.code.should == "403"
+      end
+    end
+  end
+
+  describe "tokens" do
+    it "requires a user token" do
+      User.should_receive(:user_from_token).with('testtoken').and_return(user)
+      get 'show', {id: '1',  token: 'testtoken'}
+    end
+
+    it "returns an error if there is no user token" do
+      User.should_receive(:user_from_token).with('testtoken').and_return(nil)
+      controller.should_receive(:deny_user)
+      get 'show', {id: '1',  token: 'testtoken'}
+    end
+
+    it "verifies the token" do
+      request.env["action_dispatch.secret_token"] = "SECRET"
+      verifier = ActiveSupport::MessageVerifier.new(request.env["action_dispatch.secret_token".freeze])
+      token = verifier.generate("TOKEN")
+      User.should_receive(:user_from_token).with(token).and_return(user)
+      get 'show', {id: '1', token: token}
+    end
+  end
+
+  describe "login" do
+    it "tracks the login" do
+      get :new
+      user.should_receive(:track_sign_in)
+      controller.send(:login, user)
+    end
+
+    it "remembers the user using a token and cookie" do
+      get :new
+      controller.should_receive(:set_remember_cookie)
+      user.should_receive(:set_token).with(:remember_token).and_return(:true)
+      controller.send(:login, user)
+    end
+
+    it "resets the session" do
+      get :new
+      controller.should_receive(:reset_session)
+      controller.send(:login, user)
+    end
+  end
+
+  describe "logout" do
+    it "resets the session" do
+      get :index, {}, logged_in_session
+      controller.should_receive(:reset_session)
+      controller.send(:logout)
+    end
+
+    it "logs the user out" do
+      get :index, {}, logged_in_session
+      controller.send(:logout)
+      controller.send(:current_user).should be_nil
+    end
+
+    it "clears the remember token" do
+      get :index, {}, logged_in_session
+      user.should_receive(:clear_remember_token).and_return(:true)
+      controller.send(:logout)
+    end
+  end
+
+  it "sets the remember cookie" do
+    request.env["action_dispatch.secret_token"] = "SECRET"
+    get :new
+    controller.send(:login, user)
+    cookies.permanent.signed[:remember].should == user.remember_token
+  end
+
+  it "redirects to a stored session location if present" do
+    get :new, {}, {return_url: "/return"}
+    controller.should_receive(:redirect_to).with("/return").and_return(true)
+    controller.send(:redirect_back_or_default)
+  end
+end
+