authlogic 1.2.1 → 1.2.2

data/CHANGELOG.rdoc

@@ -1,3 +1,12 @@
+== 1.2.2 released 2008-11-19
+
+* Added allow_blank_login_and_password_field and allow_blank_email_field options to acts_as_authentic, which allows you to have alternative logins, such as OpenID
+* In the session Authlogic now also stores the record id. We use this id to find the record and then check the token against the record, thus allowing for quicker database lookups, while getting the same security.
+* Skip validation for reset_perishable_token!
+* Added checks for uniqueness validations to only perform if the values have changed, this cuts down on DB queries
+* Abstract controller adapter now uses ruby's simple delegator class
+* Allow to save with a block: user_session.save { |result| }, result will either be false or self, this is useful when implementing OpenID and other methods
+
 == 1.2.1 released 2008-11-19
 
 * Added build method to authenticates_many association to act like AR association collections.

data/Manifest

@@ -21,6 +21,7 @@ lib/authlogic/session/callbacks.rb
 lib/authlogic/session/config.rb
 lib/authlogic/session/cookies.rb
 lib/authlogic/session/errors.rb
+lib/authlogic/session/openid.rb
 lib/authlogic/session/params.rb
 lib/authlogic/session/perishability.rb
 lib/authlogic/session/scopes.rb

data/README.rdoc

@@ -71,8 +71,8 @@ Authlogic makes this a reality. This is just the tip of the ice berg. Keep readi
 == Helpful links
 
 *	<b>Documentation:</b> http://authlogic.rubyforge.org
-*	<b>Authlogic setup tutorial:</b> http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup
-*	<b>Authlogic reset passwords tutorial:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
+*	<b>Tutorial: Authlogic basic setup:</b> http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup
+*	<b>Tutorial: Reset passwords with Authlogic the RESTful way:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
 *	<b>Live example of the setup tutorial above (with source):</b> http://authlogic_example.binarylogic.com
 * <b>Bugs / feature suggestions:</b> http://binarylogic.lighthouseapp.com/projects/18752-authlogic
 
@@ -211,7 +211,7 @@ This token is used to persist the user's session. This is the token that is stor
 
 === Single access token
 
-This token is used for single access only, it is not persisted. Meaning the user provides it, Authlogic grants them access, and that's it. If they want access again they need to provide the token again. Authlogic will *NEVER* store this value in the session or a cookie. Also, for added security, by default this token is *ONLY* allowed for RSS and ATOM requests. Lastly, this token does *NOT* change with the password. Meaning if the user changes their password, this token will remain the same. You can change all of this with configuration (see Authlogic::Session::config), so if you don't like how this works by default, just set some simple configuration in your session.
+This token is used for single access only, it is not persisted. Meaning the user provides it, Authlogic grants them access, and that's it. If they want access again they need to provide the token again. Authlogic will *NEVER* store this value in the session or a cookie. For added security, by default this token is *ONLY* allowed for RSS and ATOM requests. Also, this token does *NOT* change with the password. Meaning if the user changes their password, this token will remain the same. Lastly, this token uses a "friendly" toke (see the URL example below) so that it is easier to email / copy and paste. You can change all of this with configuration (see Authlogic::Session::config), so if you don't like how this works by default, just set some simple configuration in your session.
 
 This field is optional, if you want to use it just add the field to your database:
 
@@ -250,6 +250,8 @@ That's all you need to do to locate the record. Here is what it does for extra s
 1. Ignores blank tokens all together. If a blank token is passed nil will be returned.
 2. It checks the age of the token, by default the threshold is 10 minutes, meaning if the token is older than 10 minutes, it is not valid and no record will be returned. You can change the default or just override it by passing the threshold as the second parameter. If you don't want a threshold at all, pass 0.
 
+Just like the single access token this uses a friendly token, so it is easier to email / copy and paste.
+
 For a detailed tutorial on how to reset password using this token see the helpful links section above.
 
 For more information see: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Perishability

data/Rakefile

@@ -1,14 +1,19 @@
 require 'rubygems'
-require 'echoe'
-
 require File.dirname(__FILE__) << "/lib/authlogic/version"
 
-Echoe.new 'authlogic' do |p|
-  p.version = Authlogic::Version::STRING
-  p.author = "Ben Johnson of Binary Logic"
-  p.email  = 'bjohnson@binarylogic.com'
-  p.project = 'authlogic'
-  p.summary = "A clean, simple, and unobtrusive ruby authentication solution."
-  p.url = "http://github.com/binarylogic/authlogic"
-  p.dependencies = %w(activesupport)
+begin
+  require 'echoe'
+  
+  Echoe.new 'authlogic' do |p|
+    p.version = Authlogic::Version::STRING
+    p.author = "Ben Johnson of Binary Logic"
+    p.email  = 'bjohnson@binarylogic.com'
+    p.project = 'authlogic'
+    p.summary = "A clean, simple, and unobtrusive ruby authentication solution."
+    p.url = "http://github.com/binarylogic/authlogic"
+    p.dependencies = %w(activesupport)
+  end
+rescue LoadError => boom
+  puts "You are missing a dependency required for meta-operations on this gem."
+  puts "#{boom.to_s.capitalize}."
 end

data/authlogic.gemspec

@@ -2,15 +2,15 @@
 
 Gem::Specification.new do |s|
   s.name = %q{authlogic}
-  s.version = "1.2.1"
+  s.version = "1.2.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Ben Johnson of Binary Logic"]
-  s.date = %q{2008-11-19}
+  s.date = %q{2008-11-20}
   s.description = %q{A clean, simple, and unobtrusive ruby authentication solution.}
   s.email = %q{bjohnson@binarylogic.com}
-  s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
-  s.files = ["CHANGELOG.rdoc", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "shoulda_macros/authlogic.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/aes128_crypto_provider.rb", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
+  s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/openid.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
+  s.files = ["CHANGELOG.rdoc", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/openid.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "shoulda_macros/authlogic.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/aes128_crypto_provider.rb", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
   s.has_rdoc = true
   s.homepage = %q{http://github.com/binarylogic/authlogic}
   s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic", "--main", "README.rdoc"]

data/lib/authlogic/controller_adapters/abstract_adapter.rb

@@ -2,15 +2,9 @@ module Authlogic
   module ControllerAdapters # :nodoc:
     # = Abstract Adapter
     # Allows you to use Authlogic in any framework you want, not just rails. See tha RailsAdapter for an example of how to adapter Authlogic to work with your framework.
-    class AbstractAdapter
-      attr_accessor :controller
-      
-      def initialize(controller)
-        self.controller = controller
-      end
-      
+    class AbstractAdapter < SimpleDelegator
       def authenticate_with_http_basic(&block)
-        @auth = Rack::Auth::Basic::Request.new(controller.request.env)
+        @auth = Rack::Auth::Basic::Request.new(__getobj__.request.env)
         if @auth.provided? and @auth.basic?
           block.call(*@auth.credentials)
         else
@@ -18,25 +12,9 @@ module Authlogic
         end
       end
       
-      def cookies
-        controller.cookies
-      end
-      
-      def params
-        controller.params
-      end
-      
-      def request
-        controller.request
-      end
-      
       def request_content_type
         request.content_type
       end
-      
-      def session
-        controller.session
-      end
     end
   end
 end

data/lib/authlogic/controller_adapters/rails_adapter.rb

@@ -5,11 +5,11 @@ module Authlogic
     # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
     class RailsAdapter < AbstractAdapter
       def authenticate_with_http_basic(&block)
-        controller.authenticate_with_http_basic(&block)
+        __getobj__.authenticate_with_http_basic(&block)
       end
       
       def cookies
-        controller.send(:cookies)
+        __getobj__.send(:cookies)
       end
       
       def request_content_type

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb

@@ -41,6 +41,9 @@ module Authlogic
         # * <tt>login_field_regex_failed_message</tt> - the message to use when the validates_format_of for the login field fails. This depends on if you are
         #   performing :email or :login regex.
         #
+        # * <tt>allow_blank_login_and_password_fields</tt> - default: false,
+        #   Tells authlogic if it should allow blank values for the login and password. This is useful is you provide alternate authentication methods, such as OpenID.
+        #
         # * <tt>email_field</tt> - default: :email, depending on if it is present, if :email is not present defaults to nil
         #   The name of the field used to store the email address. Only specify this if you arent using this as your :login_field.
         #   
@@ -51,6 +54,9 @@ module Authlogic
         #   This is used in validates_format_of for the :email_field.
         #   
         # * <tt>email_field_regex_failed_message</tt> - the message to use when the validates_format_of for the email field fails.
+        #
+        # * <tt>allow_blank_email_field</tt> - default: false,
+        #   Tells Authlogic if it should allow blank values for the email address.
         #   
         # * <tt>change_single_access_token_with_password</tt> - default: false,
         #   When a user changes their password do you want the single access token to change as well? That's what this configuration option is all about.
@@ -127,6 +133,7 @@ module Authlogic
             options[:email_field] = first_column_to_exist(nil, :email) unless options.key?(:email_field)
             options[:email_field] = nil if options[:email_field] == options[:login_field]
             options[:validate_email_field] = true unless options.key?(:validate_email_field)
+            options[:allow_blank_login_and_password]
             
             email_name_regex  = '[\w\.%\+\-]+'
             domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
@@ -140,7 +147,7 @@ module Authlogic
               options[:login_field_regex_failed_message] ||= options[:email_field_regex_failed_message]
             else
               options[:login_field_regex] ||= /\A\w[\w\.\-_@ ]+\z/
-              options[:login_field_regex_failed_message] ||= "use only letters, numbers, spaces, and .-_@ please."
+              options[:login_field_regex_failed_message] ||= "should use only letters, numbers, spaces, and .-_@ please."
             end
           
             options[:password_field] ||= :password

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb

@@ -24,28 +24,28 @@ module Authlogic
               if options[:validate_login_field]
                 case options[:login_field_type]
                 when :email
-                  validates_length_of options[:login_field], :within => 6..100
-                  validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message]
+                  validates_length_of options[:login_field], :within => 6..100, :allow_blank => options[:allow_blank_login_and_password_fields]
+                  validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message], :allow_blank => options[:allow_blank_login_and_password_fields]
                 else
-                  validates_length_of options[:login_field], :within => 2..100, :allow_blank => true
-                  validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message]
+                  validates_length_of options[:login_field], :within => 2..100, :allow_blank => options[:allow_blank_login_and_password_fields]
+                  validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message], :allow_blank => options[:allow_blank_login_and_password_fields]
                 end
-              
-                validates_uniqueness_of options[:login_field], :scope => options[:scope]
+                
+                validates_uniqueness_of options[:login_field], :scope => options[:scope], :allow_blank => options[:allow_blank_login_and_password_fields], :if => Proc.new { |record| (record.respond_to?("#{options[:login_field]}_changed?") && record.send("#{options[:login_field]}_changed?")) || !record.respond_to?("#{options[:login_field]}_changed?") }
               end
-            
+              
               if options[:validate_email_field] && options[:email_field]
-                validates_length_of options[:email_field], :within => 6..100
-                validates_format_of options[:email_field], :with => options[:email_field_regex], :message => options[:email_field_regex_failed_message]
-                validates_uniqueness_of options[:email_field], :scope => options[:scope]
+                validates_length_of options[:email_field], :within => 6..100, :allow_blank => options[:allow_blank_email_field]
+                validates_format_of options[:email_field], :with => options[:email_field_regex], :message => options[:email_field_regex_failed_message], :allow_blank => options[:allow_blank_email_field]
+                validates_uniqueness_of options[:email_field], :scope => options[:scope], :allow_blank => options[:allow_blank_email_field], :if => Proc.new { |record| (record.respond_to?("#{options[:email_field]}_changed?") && record.send("#{options[:email_field]}_changed?")) || !record.respond_to?("#{options[:email_field]}_changed?") }
               end
-          
+              
               validate :validate_password if options[:validate_password_field]
             end
-          
+            
             attr_writer "confirm_#{options[:password_field]}"
             attr_accessor "tried_to_set_#{options[:password_field]}"
-          
+            
             class_eval <<-"end_eval", __FILE__, __LINE__
               def self.friendly_unique_token
                 chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
@@ -53,7 +53,7 @@ module Authlogic
                 1.upto(20) { |i| newpass << chars[rand(chars.size-1)] }
                 newpass
               end
-            
+              
               def #{options[:password_field]}=(pass)
                 return if pass.blank?
                 self.tried_to_set_#{options[:password_field]} = true
@@ -61,35 +61,37 @@ module Authlogic
                 self.#{options[:password_salt_field]} = self.class.unique_token
                 self.#{options[:crypted_password_field]} = #{options[:crypto_provider]}.encrypt(@#{options[:password_field]} + #{options[:password_salt_field]})
               end
-            
+              
               def valid_#{options[:password_field]}?(attempted_password)
                 return false if attempted_password.blank? || #{options[:crypted_password_field]}.blank? || #{options[:password_salt_field]}.blank?
                 (#{options[:crypto_provider]}.respond_to?(:decrypt) && #{options[:crypto_provider]}.decrypt(#{options[:crypted_password_field]}) == attempted_password + #{options[:password_salt_field]}) ||
                   (!#{options[:crypto_provider]}.respond_to?(:decrypt) && #{options[:crypto_provider]}.encrypt(attempted_password + #{options[:password_salt_field]}) == #{options[:crypted_password_field]})
               end
-            
+              
               def #{options[:password_field]}; end
               def confirm_#{options[:password_field]}; end
-            
+              
               def reset_#{options[:password_field]}
                 friendly_token = self.class.friendly_unique_token
                 self.#{options[:password_field]} = friendly_token
                 self.confirm_#{options[:password_field]} = friendly_token
               end
               alias_method :randomize_password, :reset_password
-            
+              
               def reset_#{options[:password_field]}!
                 reset_#{options[:password_field]}
                 save_without_session_maintenance(false)
               end
               alias_method :randomize_password!, :reset_password!
-            
+                
               protected
                 def tried_to_set_password?
                   tried_to_set_password == true
                 end
-              
+                
                 def validate_password
+                  return if #{options[:allow_blank_login_and_password_fields].inspect} && @#{options[:password_field]}.blank? && @confirm_#{options[:password_field]}.blank?
+                  
                   if new_record? || tried_to_set_#{options[:password_field]}?
                     if @#{options[:password_field]}.blank?
                       errors.add(:#{options[:password_field]}, #{options[:password_blank_message].inspect})

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb

@@ -24,9 +24,9 @@ module Authlogic
             return if options[:perishable_token_field].blank?
             
             class_eval <<-"end_eval", __FILE__, __LINE__
-              validates_uniqueness_of :#{options[:perishable_token_field]}
+              validates_uniqueness_of :#{options[:perishable_token_field]}, :if => Proc.new { |record| (record.respond_to?("#{options[:perishable_token_field]}_changed?") && record.send("#{options[:perishable_token_field]}_changed?")) || !record.respond_to?("#{options[:perishable_token_field]}_changed?") }
               
-              before_validation :reset_#{options[:perishable_token_field]}, :unless => :resetting_#{options[:perishable_token_field]}?
+              before_validation :reset_#{options[:perishable_token_field]}
               
               def self.find_using_#{options[:perishable_token_field]}(token, age = #{options[:perishable_token_valid_for]})
                 return if token.blank?
@@ -49,16 +49,8 @@ module Authlogic
               
               def reset_#{options[:perishable_token_field]}!
                 reset_#{options[:perishable_token_field]}
-                @resetting_#{options[:perishable_token_field]} = true
-                result = save_without_session_maintenance
-                @resetting_#{options[:perishable_token_field]} = false
-                result
+                save_without_session_maintenance(false)
               end
-              
-              private
-                def resetting_#{options[:perishable_token_field]}?
-                  @resetting_#{options[:perishable_token_field]} == true
-                end
             end_eval
           end
         end

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb

@@ -22,7 +22,7 @@ module Authlogic
           def acts_as_authentic_with_persistence(options = {})
             acts_as_authentic_without_persistence(options)
           
-            validates_uniqueness_of options[:persistence_token_field]
+            validates_uniqueness_of options[:persistence_token_field], :if => Proc.new { |record| (record.respond_to?("#{options[:persistence_token_field]}_changed?") && record.send("#{options[:persistence_token_field]}_changed?")) || !record.respond_to?("#{options[:persistence_token_field]}_changed?") }
           
             def forget_all!
               # Paginate these to save on memory

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb

@@ -22,7 +22,7 @@ module Authlogic
             return if options[:single_access_token_field].blank?
             
             class_eval <<-"end_eval", __FILE__, __LINE__
-              validates_uniqueness_of :#{options[:single_access_token_field]}
+              validates_uniqueness_of :#{options[:single_access_token_field]}, :if => Proc.new { |record| (record.respond_to?("#{options[:single_access_token_field]}_changed?") && record.send("#{options[:single_access_token_field]}_changed?")) || !record.respond_to?("#{options[:single_access_token_field]}_changed?") }
             
               before_validation :set_#{options[:single_access_token_field]}_field
             

data/lib/authlogic/session/base.rb

@@ -26,9 +26,9 @@ module Authlogic
         #
         #   session = UserSession.new
         #   session.create
-        def create(*args)
+        def create(*args, &block)
           session = new(*args)
-          session.save
+          session.save(&block)
         end
         
         # Same as create but calls create!, which raises an exception when authentication fails
@@ -150,9 +150,9 @@ module Authlogic
       def credentials=(values)
         return if values.blank? || !values.is_a?(Hash)
         values.symbolize_keys!
-        [login_field.to_sym, password_field.to_sym, :remember_me].each do |field|
-          next if values[field].blank?
-          send("#{field}=", values[field])
+        values.each do |field, value|
+          next if value.blank?
+          send("#{field}=", value)
         end
       end
       
@@ -272,7 +272,8 @@ module Authlogic
       # 2. sets session
       # 3. sets cookie
       # 4. updates magic fields
-      def save
+      def save(&block)
+        result = nil
         if valid?
           record.login_count = (record.login_count.blank? ? 1 : record.login_count + 1) if record.respond_to?(:login_count)
           
@@ -289,8 +290,13 @@ module Authlogic
           record.save_without_session_maintenance(false)
           
           self.new_session = false
-          self
+          result = self
+        else
+          result = false
         end
+        
+        yield result if block_given?
+        result
       end
       
       # Same as save but raises an exception when authentication fails
@@ -411,6 +417,8 @@ module Authlogic
               errors.add(password_field, password_invalid_message)
               return false
             end
+            
+            self.record = unchecked_record
           when :unauthorized_record
             unchecked_record = unauthorized_record
             
@@ -423,9 +431,10 @@ module Authlogic
               errors.add_to_base("You can not login with a new record.")
               return false
             end
+            
+            self.record = unchecked_record
           end
           
-          self.record = unchecked_record
           true
         end
         

data/lib/authlogic/session/callbacks.rb

@@ -49,14 +49,14 @@ module Authlogic
       #   after_save
       #   before_update # only if new_session? == false
       #   before_create # only if new_session? == true
-      def save_with_callbacks
+      def save_with_callbacks(&block)
         run_callbacks(:before_save)
         if new_session?
           run_callbacks(:before_create)
         else
           run_callbacks(:before_update)
         end
-        result = save_without_callbacks
+        result = save_without_callbacks(&block)
         if result
           run_callbacks(:after_save)
           

data/lib/authlogic/session/config.rb

@@ -45,6 +45,19 @@ module Authlogic
           yield self
         end
         
+        # This works just like ActiveRecord's attr_accessible, except by default this ONLY allows the login, password, and remember me option.
+        #
+        # * <tt>Default:</tt> {:login_field}, {:password_field}, :remember_me, set to nil to disable
+        # * <tt>Accepts:</tt> String
+        def attr_accessible(*values)
+          if values.blank?
+            read_inheritable_attribute(:attr_accessible) || attr_accessible(login_field, password_field, :remember_me)
+          else
+            write_inheritable_attribute(:attr_accessible, value)
+          end
+        end
+        alias_method :attr_accessible=, :attr_accessible
+        
         # The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems.
         # Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
         #

data/lib/authlogic/session/openid.rb

@@ -0,0 +1,17 @@
+module Authlogic
+  module Session
+    # = Session
+    #
+    # Handles all parts of authentication that deal with sessions. Such as persisting a session and saving / destroy a session.
+    module OpenID
+      def self.included(klass)
+        klass.class_eval do
+          attr_accessor :
+          alias_method_chain :credentials=, :openid
+        end
+      end
+      
+      # Tries to validate the session from information in the session
+      def credentials_with_openid=(value)
+        self.credentials_without_openid
+      end

data/lib/authlogic/session/session.rb

@@ -12,8 +12,19 @@ module Authlogic
       
       # Tries to validate the session from information in the session
       def valid_session?
-        if session_credentials
-          self.unauthorized_record = search_for_record("find_by_#{persistence_token_field}", session_credentials)
+        persistence_token, record_id = session_credentials
+        if !persistence_token.blank?
+          if record_id
+            record = search_for_record("find_by_id", record_id)
+            self.unauthorized_record = record if record && record.send(persistence_token_field) == persistence_token
+          else
+            # For backwards compatibility, will eventually be removed, just need to let the sessions update theirself
+            record = search_for_record("find_by_#{persistence_token_field}", persistence_token)
+            if record
+              controller.session["#{session_key}_id"] = record.send(record.class.primary_key)
+              self.unauthorized_record = record
+            end
+          end
           return valid?
         end
         
@@ -22,11 +33,12 @@ module Authlogic
       
       private
         def session_credentials
-          controller.session[session_key]
+          [controller.session[session_key], controller.session["#{session_key}_id"]].compact
         end
         
         def update_session!
           controller.session[session_key] = record && record.send(persistence_token_field)
+          controller.session["#{session_key}_id"] = record && record.send(record.class.primary_key)
         end
     end
   end

data/lib/authlogic/version.rb

@@ -44,7 +44,7 @@ module Authlogic # :nodoc:
 
     MAJOR = 1
     MINOR = 2
-    TINY  = 1
+    TINY  = 2
 
     # The current version as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb

@@ -16,7 +16,7 @@ module ORMAdaptersTests
             :single_access_token_field => :single_access_token,
             :login_field_regex => /\A\w[\w\.\-_@ ]+\z/,
             :session_ids => [nil],
-            :login_field_regex_failed_message => "use only letters, numbers, spaces, and .-_@ please.",
+            :login_field_regex_failed_message => "should use only letters, numbers, spaces, and .-_@ please.",
             :persistence_token_field => :persistence_token,
             :password_field => :password,
             :logged_in_timeout => 600,

data/test/session_tests/base_test.rb

@@ -55,10 +55,10 @@ module SessionTests
       
       assert UserSession.find
       last_request_at = ben.reload.last_request_at
-      sleep(1.1)
+      sleep(0.5)
       assert UserSession.find
       assert_equal last_request_at, ben.reload.last_request_at
-      sleep(1.1)
+      sleep(2)
       assert UserSession.find
       assert_not_equal last_request_at, ben.reload.last_request_at
       
@@ -212,7 +212,7 @@ module SessionTests
       assert session.new_session?
     end
     
-    def test_save_with_record
+    def test_save_with_credentials
       ben = users(:ben)
       session = UserSession.new(:login => ben.login, :password => "benrocks")
       assert session.save
@@ -220,11 +220,9 @@ module SessionTests
       assert_equal 1, session.record.login_count
       assert Time.now >= session.record.current_login_at
       assert_equal "1.1.1.1", session.record.current_login_ip
-      unset_cookie
-      unset_session
     end
     
-    def test_save_with_credentials
+    def test_save_with_record
       ben = users(:ben)
       session = UserSession.new(ben)
       assert session.save
@@ -234,6 +232,19 @@ module SessionTests
       assert_equal "1.1.1.1", session.record.current_login_ip
     end
     
+    def test_save_with_block
+      ben = users(:ben)
+      session = UserSession.new(:login => ben.login, :password => "benrocks")
+      block_result = session.save do |result|
+        assert result
+      end
+      assert_equal session, block_result
+      assert !session.new_session?
+      assert_equal 1, session.record.login_count
+      assert Time.now >= session.record.current_login_at
+      assert_equal "1.1.1.1", session.record.current_login_ip
+    end
+    
     def test_save_with_bang
       session = UserSession.new
       assert_raise(Authlogic::Session::SessionInvalid) { session.save! }

data/test/test_helper.rb

@@ -157,9 +157,10 @@ class Test::Unit::TestCase
     
     def set_session_for(user, id = nil)
       @controller.session["user_credentials"] = user.persistence_token
+      @controller.session["user_credentials_id"] = user.id
     end
     
     def unset_session
-      @controller.session["user_credentials"] = nil
+      @controller.session["user_credentials"] = @controller.session["user_credentials_id"] = nil
     end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: authlogic
 version: !ruby/object:Gem::Version 
-  version: 1.2.1
+  version: 1.2.2
 platform: ruby
 authors: 
 - Ben Johnson of Binary Logic
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2008-11-19 00:00:00 -05:00
+date: 2008-11-20 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -61,6 +61,7 @@ extra_rdoc_files:
 - lib/authlogic/session/config.rb
 - lib/authlogic/session/cookies.rb
 - lib/authlogic/session/errors.rb
+- lib/authlogic/session/openid.rb
 - lib/authlogic/session/params.rb
 - lib/authlogic/session/perishability.rb
 - lib/authlogic/session/scopes.rb
@@ -92,6 +93,7 @@ files:
 - lib/authlogic/session/config.rb
 - lib/authlogic/session/cookies.rb
 - lib/authlogic/session/errors.rb
+- lib/authlogic/session/openid.rb
 - lib/authlogic/session/params.rb
 - lib/authlogic/session/perishability.rb
 - lib/authlogic/session/scopes.rb