authlogic-nicho 6.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 8ad4cd9e890d43f43836ade14ecbf8df7dee14e5adaa4b1fee938f6da376261e
+  data.tar.gz: 8c033ffc5009db9c533b6d1b2015b2cb43715d28d89f3631c4552f9484c6bffc
+SHA512:
+  metadata.gz: e5b64a65cb7af995b92d3cd1eff8b47313a28241aac981373593437ca7a430d40c5c6046d01c5451e8040e60f6c66384eac8e6b242a98c1366fa599fee0d7270
+  data.tar.gz: 1e7edcbcc47eb555d5a28a668a0840f37d56f99deff602001a98bbacddb48037e528c575660a5dc5282cf538e2aceb7ee20bca28859fbae836f99566a636f7df

data/lib/authlogic/acts_as_authentic/base.rb

@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+
+module Authlogic
+  module ActsAsAuthentic
+    # Provides the base functionality for acts_as_authentic
+    module Base
+      def self.included(klass)
+        klass.class_eval do
+          class_attribute :acts_as_authentic_modules
+          self.acts_as_authentic_modules ||= []
+          extend Authlogic::Config
+          extend Config
+        end
+      end
+
+      # The primary configuration of a model (often, `User`) for use with
+      # authlogic. These methods become class methods of ::ActiveRecord::Base.
+      module Config
+        # This includes a lot of helpful methods for authenticating records
+        # which the Authlogic::Session module relies on. To use it just do:
+        #
+        #   class User < ApplicationRecord
+        #     acts_as_authentic
+        #   end
+        #
+        # Configuration is easy:
+        #
+        #   acts_as_authentic do |c|
+        #     c.my_configuration_option = my_value
+        #   end
+        #
+        # See the various sub modules for the configuration they provide.
+        def acts_as_authentic
+          yield self if block_given?
+          return unless db_setup?
+          acts_as_authentic_modules.each { |mod| include mod }
+        end
+
+        # Since this part of Authlogic deals with another class, ActiveRecord,
+        # we can't just start including things in ActiveRecord itself. A lot of
+        # these module includes need to be triggered by the acts_as_authentic
+        # method call. For example, you don't want to start adding in email
+        # validations and what not into a model that has nothing to do with
+        # Authlogic.
+        #
+        # That being said, this is your tool for extending Authlogic and
+        # "hooking" into the acts_as_authentic call.
+        def add_acts_as_authentic_module(mod, action = :append)
+          modules = acts_as_authentic_modules.clone
+          case action
+          when :append
+            modules << mod
+          when :prepend
+            modules = [mod] + modules
+          end
+          modules.uniq!
+          self.acts_as_authentic_modules = modules
+        end
+
+        # This is the same as add_acts_as_authentic_module, except that it
+        # removes the module from the list.
+        def remove_acts_as_authentic_module(mod)
+          modules = acts_as_authentic_modules.clone
+          modules.delete(mod)
+          self.acts_as_authentic_modules = modules
+        end
+
+        # Some Authlogic modules requires a database connection with a existing
+        # users table by the moment when you call the `acts_as_authentic`
+        # method. If you try to call `acts_as_authentic` without a database
+        # connection, it will raise a `Authlogic::ModelSetupError`.
+        #
+        # If you rely on the User model before the database is setup correctly,
+        # set this field to false.
+        # * <tt>Default:</tt> false
+        # * <tt>Accepts:</tt> Boolean
+        def raise_on_model_setup_error(value = nil)
+          rw_config(:raise_on_model_setup_error, value, false)
+        end
+        alias raise_on_model_setup_error= raise_on_model_setup_error
+
+        private
+
+        def db_setup?
+          column_names
+          true
+        rescue StandardError
+          raise ModelSetupError if raise_on_model_setup_error
+          false
+        end
+
+        def first_column_to_exist(*columns_to_check)
+          if db_setup?
+            columns_to_check.each do |column_name|
+              if column_names.include?(column_name.to_s)
+                return column_name.to_sym
+              end
+            end
+          end
+          columns_to_check.first&.to_sym
+        end
+      end
+    end
+  end
+end
+
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::Base
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::Email
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::LoggedInStatus
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::Login
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::MagicColumns
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::Password
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::PerishableToken
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::PersistenceToken
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::SessionMaintenance
+::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::SingleAccessToken

data/lib/authlogic/acts_as_authentic/email.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Authlogic
+  module ActsAsAuthentic
+    # Sometimes models won't have an explicit "login" or "username" field.
+    # Instead they want to use the email field. In this case, authlogic provides
+    # validations to make sure the email submited is actually a valid email.
+    # Don't worry, if you do have a login or username field, Authlogic will
+    # still validate your email field. One less thing you have to worry about.
+    module Email
+      def self.included(klass)
+        klass.class_eval do
+          extend Config
+        end
+      end
+
+      # Configuration to modify how Authlogic handles the email field.
+      module Config
+        # The name of the field that stores email addresses.
+        #
+        # * <tt>Default:</tt> :email, if it exists
+        # * <tt>Accepts:</tt> Symbol
+        def email_field(value = nil)
+          rw_config(:email_field, value, first_column_to_exist(nil, :email, :email_address))
+        end
+        alias email_field= email_field
+      end
+    end
+  end
+end

data/lib/authlogic/acts_as_authentic/logged_in_status.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+module Authlogic
+  module ActsAsAuthentic
+    # Since web applications are stateless there is not sure fire way to tell if
+    # a user is logged in or not, from the database perspective. The best way to
+    # do this is to provide a "timeout" based on inactivity. So if that user is
+    # inactive for a certain amount of time we assume they are logged out.
+    # That's what this module is all about.
+    module LoggedInStatus
+      def self.included(klass)
+        klass.class_eval do
+          extend Config
+          add_acts_as_authentic_module(Methods)
+        end
+      end
+
+      # All configuration for the logged in status feature set.
+      module Config
+        # The timeout to determine when a user is logged in or not.
+        #
+        # * <tt>Default:</tt> 10.minutes
+        # * <tt>Accepts:</tt> Fixnum
+        def logged_in_timeout(value = nil)
+          rw_config(:logged_in_timeout, (!value.nil? && value.to_i) || value, 10.minutes.to_i)
+        end
+        alias logged_in_timeout= logged_in_timeout
+      end
+
+      # All methods for the logged in status feature seat.
+      module Methods
+        def self.included(klass)
+          return unless klass.column_names.include?("last_request_at")
+
+          klass.class_eval do
+            include InstanceMethods
+            scope(
+              :logged_in,
+              lambda do
+                where(
+                  "last_request_at > ? and current_login_at IS NOT NULL",
+                  logged_in_timeout.seconds.ago
+                )
+              end
+            )
+            scope(
+              :logged_out,
+              lambda do
+                where(
+                  "last_request_at is NULL or last_request_at <= ?",
+                  logged_in_timeout.seconds.ago
+                )
+              end
+            )
+          end
+        end
+
+        # :nodoc:
+        module InstanceMethods
+          # Returns true if the last_request_at > logged_in_timeout.
+          def logged_in?
+            unless respond_to?(:last_request_at)
+              raise(
+                "Can not determine the records login state because " \
+                  "there is no last_request_at column"
+              )
+            end
+            !last_request_at.nil? && last_request_at > logged_in_timeout.seconds.ago
+          end
+
+          # Opposite of logged_in?
+          def logged_out?
+            !logged_in?
+          end
+
+          private
+
+          def logged_in_timeout
+            self.class.logged_in_timeout
+          end
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/acts_as_authentic/login.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require "authlogic/acts_as_authentic/queries/case_sensitivity"
+require "authlogic/acts_as_authentic/queries/find_with_case"
+
+module Authlogic
+  module ActsAsAuthentic
+    # Handles everything related to the login field.
+    module Login
+      def self.included(klass)
+        klass.class_eval do
+          extend Config
+        end
+      end
+
+      # Configuration for the login field.
+      module Config
+        # The name of the login field in the database.
+        #
+        # * <tt>Default:</tt> :login or :username, if they exist
+        # * <tt>Accepts:</tt> Symbol
+        def login_field(value = nil)
+          rw_config(:login_field, value, first_column_to_exist(nil, :login, :username))
+        end
+        alias login_field= login_field
+
+        # This method allows you to find a record with the given login. If you
+        # notice, with Active Record you have the UniquenessValidator class.
+        # They give you a :case_sensitive option. I handle this in the same
+        # manner that they handle that. If you are using the login field, set
+        # false for the :case_sensitive option in
+        # validates_uniqueness_of_login_field_options and the column doesn't
+        # have a case-insensitive collation, this method will modify the query
+        # to look something like:
+        #
+        #   "LOWER(#{quoted_table_name}.#{login_field}) = LOWER(#{login})"
+        #
+        # If you don't specify this it just uses a regular case-sensitive search
+        # (with the binary modifier if necessary):
+        #
+        #   "BINARY #{login_field} = #{login}"
+        #
+        # The above also applies for using email as your login, except that you
+        # need to set the :case_sensitive in
+        # validates_uniqueness_of_email_field_options to false.
+        #
+        # @api public
+        def find_by_smart_case_login_field(login)
+          field = login_field || email_field
+          sensitive = Queries::CaseSensitivity.new(self, field).sensitive?
+          find_with_case(field, login, sensitive)
+        end
+
+        private
+
+        # @api private
+        def find_with_case(field, value, sensitive)
+          Queries::FindWithCase.new(self, field, value, sensitive).execute
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/acts_as_authentic/magic_columns.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Authlogic
+  module ActsAsAuthentic
+    # Magic columns are like ActiveRecord's created_at and updated_at columns.
+    # They are "magically" maintained for you. Authlogic has the same thing, but
+    # these are maintained on the session side. Please see "Magic Columns" in
+    # `Session::Base` for more details. This module merely adds validations for
+    # the magic columns if they exist.
+    module MagicColumns
+      def self.included(klass)
+        klass.class_eval do
+          add_acts_as_authentic_module(Methods)
+        end
+      end
+
+      # Methods relating to the magic columns
+      module Methods
+        def self.included(klass)
+          klass.class_eval do
+            if column_names.include?("login_count")
+              validates_numericality_of :login_count,
+                only_integer: true,
+                greater_than_or_equal_to: 0,
+                allow_nil: true
+            end
+            if column_names.include?("failed_login_count")
+              validates_numericality_of :failed_login_count,
+                only_integer: true,
+                greater_than_or_equal_to: 0,
+                allow_nil: true
+            end
+          end
+        end
+      end
+    end
+  end
+end