authlogic 1.4.3 → 2.0.0

data/Manifest

@@ -1,76 +0,0 @@
-CHANGELOG.rdoc
-generators/session/session_generator.rb
-generators/session/templates/session.rb
-init.rb
-lib/authlogic/controller_adapters/abstract_adapter.rb
-lib/authlogic/controller_adapters/merb_adapter.rb
-lib/authlogic/controller_adapters/rails_adapter.rb
-lib/authlogic/crypto_providers/aes256.rb
-lib/authlogic/crypto_providers/bcrypt.rb
-lib/authlogic/crypto_providers/sha1.rb
-lib/authlogic/crypto_providers/sha512.rb
-lib/authlogic/i18n.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb
-lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb
-lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb
-lib/authlogic/session/active_record_trickery.rb
-lib/authlogic/session/authenticates_many_association.rb
-lib/authlogic/session/base.rb
-lib/authlogic/session/brute_force_protection.rb
-lib/authlogic/session/callbacks.rb
-lib/authlogic/session/config.rb
-lib/authlogic/session/cookies.rb
-lib/authlogic/session/errors.rb
-lib/authlogic/session/params.rb
-lib/authlogic/session/perishability.rb
-lib/authlogic/session/record_info.rb
-lib/authlogic/session/scopes.rb
-lib/authlogic/session/session.rb
-lib/authlogic/session/timeout.rb
-lib/authlogic/testing/test_unit_helpers.rb
-lib/authlogic/version.rb
-lib/authlogic.rb
-Manifest
-MIT-LICENSE
-Rakefile
-README.rdoc
-shoulda_macros/authlogic.rb
-test/crypto_provider_tests/aes256_test.rb
-test/crypto_provider_tests/bcrypt_test.rb
-test/crypto_provider_tests/sha1_test.rb
-test/crypto_provider_tests/sha512_test.rb
-test/fixtures/companies.yml
-test/fixtures/employees.yml
-test/fixtures/projects.yml
-test/fixtures/users.yml
-test/libs/mock_controller.rb
-test/libs/mock_cookie_jar.rb
-test/libs/mock_request.rb
-test/libs/ordered_hash.rb
-test/libs/user.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb
-test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb
-test/session_tests/active_record_trickery_test.rb
-test/session_tests/authenticates_many_association_test.rb
-test/session_tests/base_test.rb
-test/session_tests/brute_force_protection_test.rb
-test/session_tests/config_test.rb
-test/session_tests/cookies_test.rb
-test/session_tests/params_test.rb
-test/session_tests/perishability_test.rb
-test/session_tests/scopes_test.rb
-test/session_tests/session_test.rb
-test/session_tests/timeout_test.rb
-test/test_helper.rb

data/authlogic.gemspec

@@ -1,38 +0,0 @@
-# -*- encoding: utf-8 -*-
-
-Gem::Specification.new do |s|
-  s.name = %q{authlogic}
-  s.version = "1.4.3"
-
-  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Ben Johnson of Binary Logic"]
-  s.date = %q{2009-02-22}
-  s.description = %q{A clean, simple, and unobtrusive ruby authentication solution.}
-  s.email = %q{bjohnson@binarylogic.com}
-  s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/i18n.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/brute_force_protection.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/record_info.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
-  s.files = ["CHANGELOG.rdoc", "generators/session/session_generator.rb", "generators/session/templates/session.rb", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/i18n.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/brute_force_protection.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/record_info.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "shoulda_macros/authlogic.rb", "test/crypto_provider_tests/aes256_test.rb", "test/crypto_provider_tests/bcrypt_test.rb", "test/crypto_provider_tests/sha1_test.rb", "test/crypto_provider_tests/sha512_test.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/libs/user.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/brute_force_protection_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/session_tests/timeout_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
-  s.has_rdoc = true
-  s.homepage = %q{http://github.com/binarylogic/authlogic}
-  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic", "--main", "README.rdoc"]
-  s.require_paths = ["lib"]
-  s.rubyforge_project = %q{authlogic}
-  s.rubygems_version = %q{1.3.1}
-  s.summary = %q{A clean, simple, and unobtrusive ruby authentication solution.}
-  s.test_files = ["test/crypto_provider_tests/aes256_test.rb", "test/crypto_provider_tests/bcrypt_test.rb", "test/crypto_provider_tests/sha1_test.rb", "test/crypto_provider_tests/sha512_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/brute_force_protection_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/session_tests/timeout_test.rb", "test/test_helper.rb"]
-
-  if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 2
-
-    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<activesupport>, [">= 0"])
-      s.add_runtime_dependency(%q<echoe>, [">= 0"])
-    else
-      s.add_dependency(%q<activesupport>, [">= 0"])
-      s.add_dependency(%q<echoe>, [">= 0"])
-    end
-  else
-    s.add_dependency(%q<activesupport>, [">= 0"])
-    s.add_dependency(%q<echoe>, [">= 0"])
-  end
-end

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb

@@ -1,22 +0,0 @@
-module Authlogic
-  module ORMAdapters # :nodoc:
-    module ActiveRecordAdapter # :nodoc:
-      # = Acts As Authentic
-      #
-      # Provides the acts_as_authentic method to include in your models to help with authentication. You can include it as follows:
-      #
-      #   class User < ActiveRecord::Base
-      #     acts_as_authentic :option => "value"
-      #   end
-      #
-      # For a list of configuration options see the ActsAsAuthentic::Config module.
-      module ActsAsAuthentic
-        # All logic for this method is split up into sub modules. See sub modules for more details.
-        def acts_as_authentic(options = {})
-        end
-      end
-    end
-  end
-end
-
-ActiveRecord::Base.extend Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb

@@ -1,238 +0,0 @@
-module Authlogic
-  module ORMAdapters
-    module ActiveRecordAdapter
-      module ActsAsAuthentic
-        # = Config
-        #
-        # Allows you to set various configuration when calling acts_as_authentic. Pass your configuration like the following:
-        #
-        #   class User < ActiveRecord::Base
-        #     acts_as_authentic :my_option => "my value"
-        #   end
-        #
-        # === Class Methods
-        #
-        # * <tt>acts_as_authentic_config</tt> - returns a hash of the acts_as_authentic configuration, including the defaults
-        #
-        # === General Options
-        #
-        # * <tt>session_class</tt> - default: "#{name}Session",
-        #   This is the related session class. A lot of the configuration will be based off of the configuration values of this class.
-        #   
-        # * <tt>crypto_provider</tt> - default: Authlogic::CryptoProviders::Sha512,
-        #   This is the class that provides your encryption. By default Authlogic provides its own crypto provider that uses Sha512 encrypton.
-        #
-        # * <tt>transition_from_crypto_provider</tt> - default: nil,
-        #   This will transition your users to a new encryption algorithm. Let's say you are using Sha1 and you want to transition to Sha512. Just set the
-        #   :crypto_provider option to Authlogic::CryptoProviders::Sha512 and then set this option to Authlogic::CryptoProviders::Sha1. Every time a user
-        #   logs in their password will be resaved with the new algorithm and all new registrations will use the new algorithm as well.
-        #
-        # * <tt>act_like_restful_authentication</tt> - default: false,
-        #   If you are migrating from restful_authentication you will want to set this to true, this way your users will still be able to log in and it will seems as
-        #   if nothing has changed. If you don't do this none of your users will be able to log in. If you are starting a new project I do not recommend enabling this
-        #   as the password encryption algorithm used in restful_authentication (Sha1) is not as secure as the one used in authlogic (Sha512). IF you REALLY want to be secure
-        #   checkout Authlogic::CryptoProviders::BCrypt.
-        #
-        # * <tt>transition_from_restful_authentication</tt> - default: false,
-        #   This works just like :transition_from_crypto_provider, but it makes some special exceptions so that your users will transition from restful_authentication, since
-        #   restful_authentication does things a little different than Authlogic.
-        #
-        # * <tt>login_field</tt> - default: :login, :username, or :email, depending on which column is present, if none are present defaults to :login
-        #   The name of the field used for logging in. Only specify if you aren't using any of the defaults.
-        #   
-        # * <tt>login_field_type</tt> - default: options[:login_field] == :email ? :email : :login,
-        #   Tells authlogic how to validation the field, what regex to use, etc. If the field name is email it will automatically use :email,
-        #   otherwise it uses :login.
-        #
-        # * <tt>password_field</tt> - default: :password,
-        #   This is the name of the field to set the password, *NOT* the field the encrypted password is stored. Defaults the what the configuration
-        #
-        # * <tt>crypted_password_field</tt> - default: :crypted_password, :encrypted_password, :password_hash, :pw_hash, depends on which columns are present, if none are present defaults to nil
-        #   The name of the database field where your encrypted password is stored.
-        #
-        # * <tt>password_salt_field</tt> - default: :password_salt, :pw_salt, or :salt, depending on which column is present, defaults to :password_salt if none are present,
-        #   This is the name of the field in your database that stores your password salt.
-        #
-        # * <tt>email_field</tt> - default: :email, depending on if it is present, if :email is not present defaults to nil
-        #   The name of the field used to store the email address. Only specify this if you arent using this as your :login_field.
-        #
-        # * <tt>single_access_token_field</tt> - default: :single_access_token, :feed_token, or :feeds_token, depending on which column is present, if none are present defaults to nil
-        #   This is the name of the field to login with single access, mainly used for private feed access. Only specify if the name of the field is different
-        #   then the defaults. See the "Single Access" section in the README for more details on how single access works.
-        #
-        # * <tt>change_single_access_token_with_password</tt> - default: false,
-        #   When a user changes their password do you want the single access token to change as well? That's what this configuration option is all about.
-        #
-        # * <tt>perishable_token_field</tt> - default: :perishable_token, :password_reset_token, :pw_reset_token, :reset_password_token, or :reset_pw_token, depending on which column is present, if none are present defaults to nil
-        #   This is the name of the field in your database that stores your perishable token. The token you should use to confirm your users or allow a password reset. Authlogic takes care
-        #   of maintaining this for you and making sure it changes when needed. Use this token for whatever you want, but keep in mind it is temporary, hence the term "perishable".
-        #
-        # * <tt>perishable_token_valid_for</tt> - default: 10.minutes,
-        #   Authlogic gives you a sepcial method for finding records by the perishable token (see Authlogic::ORMAdapters::ActiveRecordAdapter::ActcsAsAuthentic::Perishability). In this method
-        #   it checks for the age of the token. If the token is older than whatever you specify here, a record will NOT be returned. This way the tokens are perishable, thus making this system much
-        #   more secure.
-        #
-        # * <tt>disable_perishble_token_maintenance</tt> - default: false,
-        #   Authlogic automatically maintains when to reset the perishable_token. This token should reset frequently because it is "perishable", but how frequent depends on your app.
-        #   By default it tries to reset this token as much as possible, which is done via a before_validation callback. If for some reason you want to maintain this yourself just
-        #   set this to true and use the reset_perishable_token and reset_perishable_token! methods to maintain it yourself.
-        #   
-        # * <tt>persistence_token_field</tt> - default: :persistence_token, :remember_token, or :cookie_tokien, depending on which column is present,
-        #   defaults to :persistence_token if none are present,
-        #   This is the name of the field your persistence token is stored. The persistence token is a unique token that is stored in the users cookie and
-        #   session. This way you have complete control of when sessions expire and you don't have to change passwords to expire sessions. This also
-        #   ensures that stale sessions can not be persisted. By stale, I mean sessions that are logged in using an outdated password.
-        #   
-        # * <tt>logged_in_timeout</tt> - default: 10.minutes,
-        #   This is a nifty feature to tell if a user is logged in or not. It's based on activity. So if the user in inactive longer than
-        #   the value passed here they are assumed "logged out". This uses the last_request_at field, this field must be present for this option to take effect.
-        #   
-        # * <tt>session_ids</tt> - default: [nil],
-        #   The sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable.
-        #   Should be an array of ids. See the Authlogic::Session documentation for information on ids. The order is important.
-        #   The first id should be your main session, the session they need to log into first. This is generally nil. When you don't specify an id
-        #   in your session you are really just inexplicitly saying you want to use the id of nil.
-        #
-        # === Validation Options
-        #
-        # * <tt>validate_fields</tt> - default: true,
-        #   Tells Authlogic if it should validate ANY of the fields: login_field, email_field, and password_field. If set to false, no validations will be set for any of these fields.
-        #
-        # * <tt>validate_login_field</tt> - default: true,
-        #   Tells authlogic if it should validate the :login_field. If set to false, no validations will be set for this field at all.
-        #
-        # * <tt>validate_email_field</tt> - default: true,
-        #   Tells Authlogic if it should validate the email field. If set to false, no validations will be set for this field at all.
-        #
-        # * <tt>validate_password_field</tt> - default: :password,
-        #   Tells authlogic if it should validate the :password_field. If set to false, no validations will be set for this field at all.
-        #
-        # * <tt>scope</tt> - default: nil,
-        #   This scopes validations. If all of your users belong to an account you might want to scope everything to the account. Just pass :account_id
-        #
-        # * <tt>validation_options</tt> - default: {},
-        #   Options to pass to ALL validations. These are the options ActiveRecord supplies with their validation methods, see the ActiveRecord documentation for more details.
-        #
-        # * <tt>login_field_validation_options</tt> - default: {},
-        #   The same as :validation_options but these are only applied to validations that pertain to the :login_field
-        #
-        # * <tt>login_field_validates_length_of_options</tt> - default: :login_field_type == :email ? {:within => 6..100} : {:within => 2..100},
-        #   These options are applied to the validates_length_of call for the :login_field
-        #
-        # * <tt>login_field_validates_format_of_options</tt> - default: :login_field_type == :email ? {:with => standard_email_regex, :message => "should look like an email address."} : {:with => standard_login_regex, :message => "should use only letters, numbers, spaces, and .-_@ please."},
-        #   These options are applied to the validates_format_of call for the :login_field
-        #
-        # * <tt>login_field_validates_uniqueness_of_options</tt> - default: {:allow_blank => true},
-        #   These options are applied to the validates_uniqueness_of call for the :login_field, the :allow_blank => true just prevents the error message when you have options login fields
-        #   such as an OpenID field. The other validations will make sure the field is not actaully blank.
-        #
-        # * <tt>password_field_validation_options</tt> - default: {},
-        #   The same as :validation_options but these are only applied to validations that pertain to the :password_field
-        #
-        # * <tt>password_field_validates_length_of_options</tt> - default: {:minimum => 4},
-        #   These options are applied to the validates_length_of call for the :password_field
-        #
-        # * <tt>password_field_validates_confirmation_of_options</tt> - default: {},
-        #   These options are applied to the validates_confirmation_of call for the :password_field
-        #
-        # * <tt>password_confirmation_field_validates_presence_of_options</tt> - default: {},
-        #   These options are applied to the validates_presence_of call for the :password_confirmation_field.
-        #
-        # * <tt>email_field_validation_options</tt> - default: {},
-        #   The same as :validation_options but these are only applied to validations that pertain to the :email_field
-        #
-        # * <tt>email_field_validates_length_of_options</tt> - default: same as :login_field if :login_field_type == :email,
-        #   These options are applied to the validates_length_of call for the :email_field
-        #
-        # * <tt>email_field_validates_format_of_options</tt> - default: same as :login_field if :login_field_type == :email,
-        #   These options are applied to the validates_format_of call for the :email_field
-        #
-        # * <tt>email_field_validates_uniqueness_of_options</tt> - default: same as :login_field if :login_field_type == :email,
-        #   These options are applied to the validates_uniqueness_of call for the :email_field
-        module Config
-          def acts_as_authentic_with_config(options = {})
-            # Stop all configuration if the DB is not set up
-            begin
-              column_names
-            rescue Exception
-              return
-            end
-            
-            # Base configuration
-            options[:session_class] ||= "#{name}Session"
-            options[:crypto_provider] ||= CryptoProviders::Sha512
-            options[:login_field] ||= first_column_to_exist(:login, :username, :email)
-            options[:login_field_type] ||= options[:login_field] == :email ? :email : :login
-            options[:password_field] ||= :password
-            options[:crypted_password_field] ||= first_column_to_exist(:crypted_password, :encrypted_password, :password_hash, :pw_hash)
-            options[:password_salt_field] ||= first_column_to_exist(:password_salt, :pw_salt, :salt)
-            
-            options[:email_field] = first_column_to_exist(nil, :email) unless options.key?(:email_field)
-            options[:email_field] = nil if options[:email_field] == options[:login_field]
-            options[:persistence_token_field] ||= options[:remember_token_field] || first_column_to_exist(:persistence_token, :remember_token, :cookie_token)
-            options[:single_access_token_field] ||= first_column_to_exist(nil, :single_access_token, :feed_token, :feeds_token)
-            options[:perishable_token_field] ||= options[:password_reset_token_field] || first_column_to_exist(nil, :perishable_token, :password_reset_token, :pw_reset_token, :reset_password_token, :reset_pw_token, :activation_token)
-            options[:perishable_token_valid_for] ||= 10.minutes
-            options[:perishable_token_valid_for] = options[:perishable_token_valid_for].to_i
-            options[:logged_in_timeout] ||= 10.minutes
-            options[:logged_in_timeout] = options[:logged_in_timeout].to_i
-            options[:session_ids] ||= [nil]
-            
-            # Validation configuration
-            options[:validate_fields] = true unless options.key?(:validate_fields)
-            options[:validate_login_field] = true unless options.key?(:validate_login_field)
-            options[:validate_password_field] = true unless options.key?(:validate_password_field)
-            options[:validate_email_field] = true unless options.key?(:validate_email_field)
-            
-            options[:validation_options] ||= {}
-            
-            [:login, :password, :email].each do |field_name|
-              field_key = "#{field_name}_field_validation_options".to_sym
-              options[field_key] = options[:validation_options].merge(options[field_key] || {})
-              
-              validation_types = field_name == :password ? [:length, :confirmation] : [:length, :format, :uniqueness]
-              validation_types.each do |validation_type|
-                validation_key = "#{field_name}_field_validates_#{validation_type}_of_options".to_sym
-                options[validation_key] = options[field_key].merge(options[validation_key] || {})
-              end
-            end
-            
-            options[:password_confirmation_field_validates_presence_of_options] ||= {}
-            
-            if options[:scope]
-              options[:login_field_validates_uniqueness_of_options][:scope] ||= options[:scope]
-              options[:email_field_validates_uniqueness_of_options][:scope] ||= options[:scope]
-            end
-            
-            if options[:act_like_restful_authentication] || options[:transition_from_restful_authentication]
-              crypto_provider_key = options[:act_like_restful_authentication] ? :crypto_provider : :transition_from_crypto_provider
-              options[crypto_provider_key] = CryptoProviders::Sha1
-              if !defined?(REST_AUTH_SITE_KEY) || REST_AUTH_SITE_KEY.nil?
-                class_eval("::REST_AUTH_SITE_KEY = nil") unless defined?(REST_AUTH_SITE_KEY)
-                options[crypto_provider_key].stretches = 1
-              end
-            end
-            
-            options[:transition_from_crypto_provider] = [options[:transition_from_crypto_provider]].compact unless options[:transition_from_crypto_provider].is_a?(Array)
-            
-            cattr_accessor :acts_as_authentic_config
-            self.acts_as_authentic_config = options
-            acts_as_authentic_without_config(options)
-          end
-          
-          def first_column_to_exist(*columns_to_check) # :nodoc:
-            columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }
-            columns_to_check.first ? columns_to_check.first.to_sym : nil
-          end
-        end
-      end
-    end
-  end
-end
-
-ActiveRecord::Base.class_eval do
-  class << self
-    include Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Config
-    alias_method_chain :acts_as_authentic, :config
-  end
-end

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb

@@ -1,155 +0,0 @@
-module Authlogic
-  module ORMAdapters
-    module ActiveRecordAdapter
-      module ActsAsAuthentic
-        # = Credentials
-        #
-        # Handles any credential specific code, such as validating the login, encrpyting the password, etc.
-        #
-        # === Class Methods
-        #
-        # * <tt>friendly_unique_token</tt> - returns a random string of 20 alphanumeric characters. Used when resetting the password. This is a more user friendly token then a long Sha512 hash.
-        #
-        # === Instance Methods
-        #
-        # * <tt>{options[:password_field]}=(value)</tt> - encrypts a raw password and sets it to your crypted_password_field. Also sets the password_salt to a random token.
-        # * <tt>valid_{options[:password_field]}?(password_to_check)</tt> - checks is the password is valid. The password passed must be the raw password, not encrypted.
-        # * <tt>reset_{options[:password_field]}</tt> - resets the password using the friendly_unique_token class method
-        # * <tt>reset_{options[:password_field]}!</tt> - calls reset_password and then saves the record
-        module Credentials
-          def acts_as_authentic_with_credentials(options = {})
-            acts_as_authentic_without_credentials(options)
-            
-            if options[:validate_fields]
-              email_name_regex  = '[\w\.%\+\-]+'
-              domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
-              domain_tld_regex  = '(?:[A-Z]{2}|aero|ag|asia|at|be|biz|ca|cc|cn|com|de|edu|eu|fm|gov|gs|jobs|jp|in|info|me|mil|mobi|museum|ms|name|net|nu|nz|org|tc|tw|tv|uk|us|vg|ws)'
-              email_field_regex ||= /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
-              
-              if options[:validate_login_field]
-                case options[:login_field_type]
-                when :email
-                  validates_length_of options[:login_field], sanitize_validation_length_options({:within => 6..100}, options[:login_field_validates_length_of_options])
-                  validates_format_of options[:login_field], {:with => email_field_regex, :message => I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}.merge(options[:login_field_validates_format_of_options])
-                else
-                  validates_length_of options[:login_field], sanitize_validation_length_options({:within => 2..100}, options[:login_field_validates_length_of_options])
-                  validates_format_of options[:login_field], {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}.merge(options[:login_field_validates_format_of_options])
-                end
-                
-                validates_uniqueness_of options[:login_field], {:allow_blank => true}.merge(options[:login_field_validates_uniqueness_of_options].merge(:if => "#{options[:login_field]}_changed?".to_sym))
-              end
-              
-              if options[:validate_password_field]
-                validates_length_of options[:password_field], sanitize_validation_length_options({:minimum => 4}, options[:password_field_validates_length_of_options].merge(:if => "validate_#{options[:password_field]}?".to_sym))
-                validates_confirmation_of options[:password_field], options[:password_field_validates_confirmation_of_options].merge(:if => "#{options[:password_salt_field]}_changed?".to_sym)
-                validates_presence_of "#{options[:password_field]}_confirmation", options[:password_confirmation_field_validates_presence_of_options].merge(:if => "#{options[:password_salt_field]}_changed?".to_sym)
-              end
-              
-              if options[:validate_email_field] && options[:email_field]
-                validates_length_of options[:email_field], sanitize_validation_length_options({:within => 6..100}, options[:email_field_validates_length_of_options])
-                validates_format_of options[:email_field], {:with => email_field_regex, :message => I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}.merge(options[:email_field_validates_format_of_options])
-                validates_uniqueness_of options[:email_field], options[:email_field_validates_uniqueness_of_options].merge(:if => "#{options[:email_field]}_changed?".to_sym)
-              end
-            end
-            
-            attr_accessor "validate_#{options[:password_field]}".to_sym
-            attr_reader options[:password_field]
-            
-            class_eval <<-"end_eval", __FILE__, __LINE__
-              def self.friendly_unique_token
-                chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
-                newpass = ""
-                1.upto(20) { |i| newpass << chars[rand(chars.size-1)] }
-                newpass
-              end
-              
-              def #{options[:password_field]}=(pass)
-                return if pass.blank?
-                @#{options[:password_field]} = pass
-                self.#{options[:password_salt_field]} = self.class.unique_token
-                self.#{options[:crypted_password_field]} = #{options[:crypto_provider]}.encrypt(*encrypt_arguments(@#{options[:password_field]}, #{options[:act_like_restful_authentication].inspect} ? :restful_authentication : nil))
-              end
-              
-              def valid_#{options[:password_field]}?(attempted_password)
-                return false if attempted_password.blank? || #{options[:crypted_password_field]}.blank? || #{options[:password_salt_field]}.blank?
-                
-                ([#{options[:crypto_provider]}] + #{options[:transition_from_crypto_provider].inspect}).each_with_index do |encryptor, index|
-                  # The arguments_type of for the transitioning from restful_authentication
-                  arguments_type = (#{options[:act_like_restful_authentication].inspect} && index == 0) ||
-                    (#{options[:transition_from_restful_authentication].inspect} && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1) ?
-                    :restful_authentication : nil
-                  
-                  if encryptor.matches?(#{options[:crypted_password_field]}, *encrypt_arguments(attempted_password, arguments_type))
-                    # If we are transitioning from an older encryption algorithm and the password is still using the old algorithm
-                    # then let's reset the password using the new algorithm. If the algorithm has a cost (BCrypt) and the cost has changed, update the password with
-                    # the new cost.
-                    if index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(#{options[:crypted_password_field]}))
-                      self.password = attempted_password
-                      save(false)
-                    end
-                    
-                    return true
-                  end
-                end
-                
-                false
-              end
-              
-              def reset_#{options[:password_field]}
-                friendly_token = self.class.friendly_unique_token
-                self.#{options[:password_field]} = friendly_token
-                self.#{options[:password_field]}_confirmation = friendly_token
-              end
-              alias_method :randomize_#{options[:password_field]}, :reset_#{options[:password_field]}
-              
-              def confirm_#{options[:password_field]}
-                raise "confirm_#{options[:password_field]} has been removed, please use #{options[:password_field]}_confirmation. " +
-                  "As this is the field that ActiveRecord automatically creates with validates_confirmation_of."
-              end
-              
-              def reset_#{options[:password_field]}!
-                reset_#{options[:password_field]}
-                save_without_session_maintenance(false)
-              end
-              alias_method :randomize_#{options[:password_field]}!, :reset_#{options[:password_field]}!
-              
-              def validate_#{options[:password_field]}?
-                case #{options[:password_field_validates_length_of_options][:if].inspect}
-                when String
-                  return false if !eval('#{options[:password_field_validates_length_of_options][:if]}')
-                when Symbol
-                  return false if !send(#{options[:password_field_validates_length_of_options][:if].inspect})
-                end
-                
-                new_record? || #{options[:password_salt_field]}_changed? || #{options[:crypted_password_field]}.blank? || ["true", "1", "yes"].include?(validate_#{options[:password_field]}.to_s)
-              end
-              
-              private
-                def encrypt_arguments(raw_password, arguments_type = nil)
-                  case arguments_type
-                  when :restful_authentication
-                    [REST_AUTH_SITE_KEY, #{options[:password_salt_field]}, raw_password, REST_AUTH_SITE_KEY]
-                  else
-                    [raw_password, #{options[:password_salt_field]}]
-                  end
-                end
-            end_eval
-          end
-          
-          def sanitize_validation_length_options(defaults, options)
-            length_keys = [:minimum, :maximum, :in, :within, :is]
-            length_keys.each { |key| defaults.delete(key) } if options.keys.find { |key| length_keys.include?(key.to_sym) }
-            defaults.merge(options)
-          end
-        end
-      end
-    end
-  end
-end
-
-ActiveRecord::Base.class_eval do
-  class << self
-    include Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Credentials
-    alias_method_chain :acts_as_authentic, :credentials
-  end
-end