authlogic 3.4.6 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/.rubocop.yml +33 -0
- data/.rubocop_todo.yml +427 -0
- data/.travis.yml +24 -3
- data/CHANGELOG.md +9 -2
- data/CONTRIBUTING.md +40 -1
- data/Gemfile +1 -1
- data/README.md +295 -0
- data/Rakefile +10 -2
- data/authlogic.gemspec +6 -5
- data/lib/authlogic.rb +2 -2
- data/lib/authlogic/acts_as_authentic/base.rb +2 -2
- data/lib/authlogic/acts_as_authentic/email.rb +59 -14
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +4 -3
- data/lib/authlogic/acts_as_authentic/login.rb +62 -12
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +107 -53
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -9
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +2 -0
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +48 -35
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +19 -15
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +2 -2
- data/lib/authlogic/authenticates_many/association.rb +6 -5
- data/lib/authlogic/authenticates_many/base.rb +22 -12
- data/lib/authlogic/config.rb +2 -1
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +2 -1
- data/lib/authlogic/controller_adapters/rack_adapter.rb +3 -4
- data/lib/authlogic/controller_adapters/rails_adapter.rb +26 -14
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +1 -1
- data/lib/authlogic/crypto_providers/aes256.rb +16 -12
- data/lib/authlogic/crypto_providers/bcrypt.rb +10 -4
- data/lib/authlogic/crypto_providers/md5.rb +7 -7
- data/lib/authlogic/crypto_providers/scrypt.rb +10 -2
- data/lib/authlogic/crypto_providers/sha1.rb +3 -3
- data/lib/authlogic/crypto_providers/sha256.rb +3 -3
- data/lib/authlogic/crypto_providers/sha512.rb +4 -4
- data/lib/authlogic/crypto_providers/wordpress.rb +13 -13
- data/lib/authlogic/i18n.rb +22 -16
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +13 -12
- data/lib/authlogic/regex.rb +3 -3
- data/lib/authlogic/session/activation.rb +7 -6
- data/lib/authlogic/session/active_record_trickery.rb +1 -2
- data/lib/authlogic/session/base.rb +7 -6
- data/lib/authlogic/session/brute_force_protection.rb +58 -34
- data/lib/authlogic/session/callbacks.rb +16 -12
- data/lib/authlogic/session/cookies.rb +29 -14
- data/lib/authlogic/session/existence.rb +10 -10
- data/lib/authlogic/session/foundation.rb +11 -7
- data/lib/authlogic/session/http_auth.rb +6 -5
- data/lib/authlogic/session/id.rb +5 -4
- data/lib/authlogic/session/klass.rb +2 -1
- data/lib/authlogic/session/magic_columns.rb +21 -14
- data/lib/authlogic/session/magic_states.rb +25 -14
- data/lib/authlogic/session/params.rb +41 -26
- data/lib/authlogic/session/password.rb +62 -40
- data/lib/authlogic/session/perishable_token.rb +3 -2
- data/lib/authlogic/session/persistence.rb +3 -3
- data/lib/authlogic/session/priority_record.rb +5 -4
- data/lib/authlogic/session/scopes.rb +20 -9
- data/lib/authlogic/session/session.rb +9 -4
- data/lib/authlogic/session/timeout.rb +40 -23
- data/lib/authlogic/session/unauthorized_record.rb +6 -5
- data/lib/authlogic/session/validation.rb +18 -9
- data/lib/authlogic/test_case.rb +2 -2
- data/lib/authlogic/test_case/mock_controller.rb +9 -9
- data/lib/authlogic/test_case/mock_cookie_jar.rb +2 -2
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +2 -1
- data/lib/authlogic/test_case/rails_request_adapter.rb +5 -5
- data/test/acts_as_authentic_test/email_test.rb +29 -17
- data/test/acts_as_authentic_test/logged_in_status_test.rb +9 -3
- data/test/acts_as_authentic_test/login_test.rb +47 -13
- data/test/acts_as_authentic_test/magic_columns_test.rb +4 -4
- data/test/acts_as_authentic_test/password_test.rb +31 -21
- data/test/acts_as_authentic_test/perishable_token_test.rb +15 -15
- data/test/acts_as_authentic_test/session_maintenance_test.rb +20 -13
- data/test/acts_as_authentic_test/single_access_test.rb +8 -8
- data/test/authenticates_many_test.rb +4 -4
- data/test/crypto_provider_test/aes256_test.rb +2 -2
- data/test/crypto_provider_test/scrypt_test.rb +1 -1
- data/test/crypto_provider_test/sha1_test.rb +3 -3
- data/test/crypto_provider_test/sha256_test.rb +1 -1
- data/test/crypto_provider_test/sha512_test.rb +2 -2
- data/test/gemfiles/Gemfile.rails-3.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/i18n_test.rb +5 -5
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +1 -1
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/random_test.rb +5 -4
- data/test/session_test/activation_test.rb +5 -5
- data/test/session_test/active_record_trickery_test.rb +7 -5
- data/test/session_test/cookies_test.rb +8 -6
- data/test/session_test/existence_test.rb +19 -13
- data/test/session_test/http_auth_test.rb +0 -3
- data/test/session_test/id_test.rb +2 -2
- data/test/session_test/klass_test.rb +1 -1
- data/test/session_test/magic_columns_test.rb +0 -3
- data/test/session_test/magic_states_test.rb +11 -11
- data/test/session_test/params_test.rb +10 -10
- data/test/session_test/password_test.rb +4 -5
- data/test/session_test/perishability_test.rb +3 -3
- data/test/session_test/scopes_test.rb +8 -8
- data/test/session_test/session_test.rb +5 -4
- data/test/session_test/timeout_test.rb +8 -8
- data/test/session_test/unauthorized_record_test.rb +2 -2
- data/test/session_test/validation_test.rb +3 -3
- data/test/test_helper.rb +9 -5
- metadata +54 -24
- data/README.rdoc +0 -232
@@ -8,26 +8,26 @@ module Authlogic
|
|
8
8
|
add_acts_as_authentic_module(Methods)
|
9
9
|
end
|
10
10
|
end
|
11
|
-
|
11
|
+
|
12
12
|
# Methods for the persistence token.
|
13
13
|
module Methods
|
14
14
|
def self.included(klass)
|
15
15
|
klass.class_eval do
|
16
16
|
extend ClassMethods
|
17
17
|
include InstanceMethods
|
18
|
-
|
18
|
+
|
19
19
|
if respond_to?(:after_password_set) && respond_to?(:after_password_verification)
|
20
20
|
after_password_set :reset_persistence_token
|
21
21
|
after_password_verification :reset_persistence_token!, :if => :reset_persistence_token?
|
22
22
|
end
|
23
|
-
|
23
|
+
|
24
24
|
validates_presence_of :persistence_token
|
25
25
|
validates_uniqueness_of :persistence_token, :if => :persistence_token_changed?
|
26
|
-
|
26
|
+
|
27
27
|
before_validation :reset_persistence_token, :if => :reset_persistence_token?
|
28
28
|
end
|
29
29
|
end
|
30
|
-
|
30
|
+
|
31
31
|
# Class level methods for the persistence token.
|
32
32
|
module ClassMethods
|
33
33
|
# Resets ALL persistence tokens in the database, which will require all users to reauthenticate.
|
@@ -42,22 +42,23 @@ module Authlogic
|
|
42
42
|
end while !records.blank?
|
43
43
|
end
|
44
44
|
end
|
45
|
-
|
45
|
+
|
46
46
|
# Instance level methods for the persistence token.
|
47
47
|
module InstanceMethods
|
48
48
|
# Resets the persistence_token field to a random hex value.
|
49
49
|
def reset_persistence_token
|
50
50
|
self.persistence_token = Authlogic::Random.hex_token
|
51
51
|
end
|
52
|
-
|
52
|
+
|
53
53
|
# Same as reset_persistence_token, but then saves the record.
|
54
54
|
def reset_persistence_token!
|
55
55
|
reset_persistence_token
|
56
56
|
save_without_session_maintenance(:validate => false)
|
57
57
|
end
|
58
58
|
alias_method :forget!, :reset_persistence_token!
|
59
|
-
|
59
|
+
|
60
60
|
private
|
61
|
+
|
61
62
|
def reset_persistence_token?
|
62
63
|
persistence_token.blank?
|
63
64
|
end
|
@@ -65,4 +66,4 @@ module Authlogic
|
|
65
66
|
end
|
66
67
|
end
|
67
68
|
end
|
68
|
-
end
|
69
|
+
end
|
@@ -36,6 +36,7 @@ module Authlogic
|
|
36
36
|
alias_method :transition_from_restful_authentication=, :transition_from_restful_authentication
|
37
37
|
|
38
38
|
private
|
39
|
+
|
39
40
|
def set_restful_authentication_config
|
40
41
|
crypto_provider_key = act_like_restful_authentication ? :crypto_provider : :transition_from_crypto_providers
|
41
42
|
self.send("#{crypto_provider_key}=", CryptoProviders::Sha1)
|
@@ -48,6 +49,7 @@ module Authlogic
|
|
48
49
|
|
49
50
|
module InstanceMethods
|
50
51
|
private
|
52
|
+
|
51
53
|
def act_like_restful_authentication?
|
52
54
|
self.class.act_like_restful_authentication == true
|
53
55
|
end
|
@@ -1,22 +1,26 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module ActsAsAuthentic
|
3
|
-
# This is one of my favorite features that I think is pretty cool. It's
|
4
|
-
# and let you know you are on the
|
3
|
+
# This is one of my favorite features that I think is pretty cool. It's
|
4
|
+
# things like this that make a library great and let you know you are on the
|
5
|
+
# right track.
|
5
6
|
#
|
6
|
-
# Just to clear up any confusion, Authlogic stores both the record id and
|
7
|
-
# Why? So stale sessions can not be
|
8
|
-
#
|
9
|
-
#
|
7
|
+
# Just to clear up any confusion, Authlogic stores both the record id and
|
8
|
+
# the persistence token in the session. Why? So stale sessions can not be
|
9
|
+
# persisted. It stores the id so it can quickly find the record, and the
|
10
|
+
# persistence token to ensure no sessions are stale. So if the persistence
|
11
|
+
# token changes, the user must log back in.
|
10
12
|
#
|
11
|
-
# Well, the persistence token changes with the password. What happens if the
|
12
|
-
# He shouldn't have to log back in, he's the
|
13
|
+
# Well, the persistence token changes with the password. What happens if the
|
14
|
+
# user changes his own password? He shouldn't have to log back in, he's the
|
15
|
+
# one that made the change.
|
13
16
|
#
|
14
|
-
# That being said, wouldn't it be nice if their session and cookie
|
15
|
-
# Instead of cluttering up your
|
17
|
+
# That being said, wouldn't it be nice if their session and cookie
|
18
|
+
# information was automatically updated? Instead of cluttering up your
|
19
|
+
# controller with redundant session code. The same thing goes for new
|
16
20
|
# registrations.
|
17
21
|
#
|
18
|
-
# That's what this module is all about. This will automatically maintain the
|
19
|
-
# records are saved.
|
22
|
+
# That's what this module is all about. This will automatically maintain the
|
23
|
+
# cookie and session values as records are saved.
|
20
24
|
module SessionMaintenance
|
21
25
|
def self.included(klass)
|
22
26
|
klass.class_eval do
|
@@ -24,11 +28,12 @@ module Authlogic
|
|
24
28
|
add_acts_as_authentic_module(Methods)
|
25
29
|
end
|
26
30
|
end
|
27
|
-
|
31
|
+
|
28
32
|
module Config
|
29
|
-
# This is more of a convenience method. In order to turn off automatic
|
30
|
-
# set this to false, or you can also set
|
31
|
-
# the
|
33
|
+
# This is more of a convenience method. In order to turn off automatic
|
34
|
+
# maintenance of sessions just set this to false, or you can also set
|
35
|
+
# the session_ids method to a blank array. Both accomplish the same
|
36
|
+
# thing. This method is a little clearer in it's intentions though.
|
32
37
|
#
|
33
38
|
# * <tt>Default:</tt> true
|
34
39
|
# * <tt>Accepts:</tt> Boolean
|
@@ -36,9 +41,10 @@ module Authlogic
|
|
36
41
|
rw_config(:maintain_sessions, value, true)
|
37
42
|
end
|
38
43
|
alias_method :maintain_sessions=, :maintain_sessions
|
39
|
-
|
40
|
-
# As you may know, authlogic sessions can be separate by id (See
|
41
|
-
# specify here what session ids
|
44
|
+
|
45
|
+
# As you may know, authlogic sessions can be separate by id (See
|
46
|
+
# Authlogic::Session::Base#id). You can specify here what session ids
|
47
|
+
# you want auto maintained. By default it is the main session, which has
|
42
48
|
# an id of nil.
|
43
49
|
#
|
44
50
|
# * <tt>Default:</tt> [nil]
|
@@ -47,8 +53,9 @@ module Authlogic
|
|
47
53
|
rw_config(:session_ids, value, [nil])
|
48
54
|
end
|
49
55
|
alias_method :session_ids=, :session_ids
|
50
|
-
|
51
|
-
# The name of the associated session class. This is inferred by the name
|
56
|
+
|
57
|
+
# The name of the associated session class. This is inferred by the name
|
58
|
+
# of the model.
|
52
59
|
#
|
53
60
|
# * <tt>Default:</tt> "#{klass.name}Session".constantize
|
54
61
|
# * <tt>Accepts:</tt> Class
|
@@ -58,7 +65,7 @@ module Authlogic
|
|
58
65
|
end
|
59
66
|
alias_method :session_class=, :session_class
|
60
67
|
end
|
61
|
-
|
68
|
+
|
62
69
|
module Methods
|
63
70
|
def self.included(klass)
|
64
71
|
klass.class_eval do
|
@@ -66,7 +73,7 @@ module Authlogic
|
|
66
73
|
before_save :maintain_sessions, :if => :update_sessions?
|
67
74
|
end
|
68
75
|
end
|
69
|
-
|
76
|
+
|
70
77
|
# Save the record and skip session maintenance all together.
|
71
78
|
def save_without_session_maintenance(*args)
|
72
79
|
self.skip_session_maintenance = true
|
@@ -74,30 +81,36 @@ module Authlogic
|
|
74
81
|
self.skip_session_maintenance = false
|
75
82
|
result
|
76
83
|
end
|
77
|
-
|
84
|
+
|
78
85
|
private
|
86
|
+
|
79
87
|
def skip_session_maintenance=(value)
|
80
88
|
@skip_session_maintenance = value
|
81
89
|
end
|
82
|
-
|
90
|
+
|
83
91
|
def skip_session_maintenance
|
84
92
|
@skip_session_maintenance ||= false
|
85
93
|
end
|
86
|
-
|
94
|
+
|
87
95
|
def update_sessions?
|
88
|
-
!skip_session_maintenance &&
|
96
|
+
!skip_session_maintenance &&
|
97
|
+
session_class &&
|
98
|
+
session_class.activated? &&
|
99
|
+
self.class.maintain_sessions == true &&
|
100
|
+
!session_ids.blank? &&
|
101
|
+
persistence_token_changed?
|
89
102
|
end
|
90
|
-
|
103
|
+
|
91
104
|
def get_session_information
|
92
105
|
# Need to determine if we are completely logged out, or logged in as another user
|
93
106
|
@_sessions = []
|
94
|
-
|
107
|
+
|
95
108
|
session_ids.each do |session_id|
|
96
109
|
session = session_class.find(session_id, self)
|
97
110
|
@_sessions << session if session && session.record
|
98
111
|
end
|
99
112
|
end
|
100
|
-
|
113
|
+
|
101
114
|
def maintain_sessions
|
102
115
|
if @_sessions.empty?
|
103
116
|
create_session
|
@@ -105,7 +118,7 @@ module Authlogic
|
|
105
118
|
update_sessions
|
106
119
|
end
|
107
120
|
end
|
108
|
-
|
121
|
+
|
109
122
|
def create_session
|
110
123
|
# We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
|
111
124
|
# that need to be created after logging into the main session.
|
@@ -114,7 +127,7 @@ module Authlogic
|
|
114
127
|
|
115
128
|
return true
|
116
129
|
end
|
117
|
-
|
130
|
+
|
118
131
|
def update_sessions
|
119
132
|
# We found sessions above, let's update them with the new info
|
120
133
|
@_sessions.each do |stale_session|
|
@@ -125,15 +138,15 @@ module Authlogic
|
|
125
138
|
|
126
139
|
return true
|
127
140
|
end
|
128
|
-
|
141
|
+
|
129
142
|
def session_ids
|
130
143
|
self.class.session_ids
|
131
144
|
end
|
132
|
-
|
145
|
+
|
133
146
|
def session_class
|
134
147
|
self.class.session_class
|
135
148
|
end
|
136
149
|
end
|
137
150
|
end
|
138
151
|
end
|
139
|
-
end
|
152
|
+
end
|
@@ -1,7 +1,8 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module ActsAsAuthentic
|
3
|
-
# This module is responsible for maintaining the single_access token. For more
|
4
|
-
#
|
3
|
+
# This module is responsible for maintaining the single_access token. For more
|
4
|
+
# information the single access token and how to use it, see the
|
5
|
+
# Authlogic::Session::Params module.
|
5
6
|
module SingleAccessToken
|
6
7
|
def self.included(klass)
|
7
8
|
klass.class_eval do
|
@@ -9,13 +10,13 @@ module Authlogic
|
|
9
10
|
add_acts_as_authentic_module(Methods)
|
10
11
|
end
|
11
12
|
end
|
12
|
-
|
13
|
+
|
13
14
|
# All configuration for the single_access token aspect of acts_as_authentic.
|
14
15
|
module Config
|
15
|
-
# The single access token is used for authentication via URLs, such as a private
|
16
|
-
# if the user changes their password, that token probably
|
17
|
-
#
|
18
|
-
# it on.
|
16
|
+
# The single access token is used for authentication via URLs, such as a private
|
17
|
+
# feed. That being said, if the user changes their password, that token probably
|
18
|
+
# shouldn't change. If it did, the user would have to update all of their URLs. So
|
19
|
+
# be default this is option is disabled, if you need it, feel free to turn it on.
|
19
20
|
#
|
20
21
|
# * <tt>Default:</tt> false
|
21
22
|
# * <tt>Accepts:</tt> Boolean
|
@@ -24,37 +25,40 @@ module Authlogic
|
|
24
25
|
end
|
25
26
|
alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password
|
26
27
|
end
|
27
|
-
|
28
|
+
|
28
29
|
# All method, for the single_access token aspect of acts_as_authentic.
|
29
30
|
module Methods
|
30
31
|
def self.included(klass)
|
31
32
|
return if !klass.column_names.include?("single_access_token")
|
32
|
-
|
33
|
+
|
33
34
|
klass.class_eval do
|
34
35
|
include InstanceMethods
|
35
36
|
validates_uniqueness_of :single_access_token, :if => :single_access_token_changed?
|
36
37
|
before_validation :reset_single_access_token, :if => :reset_single_access_token?
|
37
|
-
|
38
|
+
if respond_to?(:after_password_set)
|
39
|
+
after_password_set(:reset_single_access_token, :if => :change_single_access_token_with_password?)
|
40
|
+
end
|
38
41
|
end
|
39
42
|
end
|
40
|
-
|
43
|
+
|
41
44
|
module InstanceMethods
|
42
45
|
# Resets the single_access_token to a random friendly token.
|
43
46
|
def reset_single_access_token
|
44
47
|
self.single_access_token = Authlogic::Random.friendly_token
|
45
48
|
end
|
46
|
-
|
49
|
+
|
47
50
|
# same as reset_single_access_token, but then saves the record.
|
48
51
|
def reset_single_access_token!
|
49
52
|
reset_single_access_token
|
50
53
|
save_without_session_maintenance
|
51
54
|
end
|
52
|
-
|
55
|
+
|
53
56
|
protected
|
57
|
+
|
54
58
|
def reset_single_access_token?
|
55
59
|
single_access_token.blank?
|
56
60
|
end
|
57
|
-
|
61
|
+
|
58
62
|
def change_single_access_token_with_password?
|
59
63
|
self.class.change_single_access_token_with_password == true
|
60
64
|
end
|
@@ -62,4 +66,4 @@ module Authlogic
|
|
62
66
|
end
|
63
67
|
end
|
64
68
|
end
|
65
|
-
end
|
69
|
+
end
|
@@ -9,7 +9,7 @@ module Authlogic
|
|
9
9
|
extend Config
|
10
10
|
end
|
11
11
|
end
|
12
|
-
|
12
|
+
|
13
13
|
# All configuration for the scope feature.
|
14
14
|
module Config
|
15
15
|
# Allows you to scope everything to specific field(s). Works just like validates_uniqueness_of.
|
@@ -29,4 +29,4 @@ module Authlogic
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
end
|
32
|
-
end
|
32
|
+
end
|
@@ -15,13 +15,13 @@ module Authlogic
|
|
15
15
|
# end
|
16
16
|
class Association
|
17
17
|
attr_accessor :klass, :find_options, :id
|
18
|
-
|
18
|
+
|
19
19
|
def initialize(klass, find_options, id)
|
20
20
|
self.klass = klass
|
21
21
|
self.find_options = find_options
|
22
22
|
self.id = id
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
[:create, :create!, :find, :new].each do |method|
|
26
26
|
class_eval <<-"end_eval", __FILE__, __LINE__
|
27
27
|
def #{method}(*args)
|
@@ -32,11 +32,12 @@ module Authlogic
|
|
32
32
|
end_eval
|
33
33
|
end
|
34
34
|
alias_method :build, :new
|
35
|
-
|
35
|
+
|
36
36
|
private
|
37
|
+
|
37
38
|
def scope_options
|
38
|
-
{:find_options => find_options, :id => id}
|
39
|
+
{ :find_options => find_options, :id => id }
|
39
40
|
end
|
40
41
|
end
|
41
42
|
end
|
42
|
-
end
|
43
|
+
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
module Authlogic
|
2
|
-
# This allows you to scope your authentication. For example, let's say all users belong
|
3
|
-
#
|
2
|
+
# This allows you to scope your authentication. For example, let's say all users belong
|
3
|
+
# to an account, you want to make sure only users that belong to that account can
|
4
|
+
# actually login into that account. Simple, just do:
|
4
5
|
#
|
5
6
|
# class Account < ActiveRecord::Base
|
6
7
|
# authenticates_many :user_sessions
|
@@ -17,7 +18,8 @@ module Authlogic
|
|
17
18
|
# You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
|
18
19
|
module AuthenticatesMany
|
19
20
|
module Base
|
20
|
-
# Allows you set essentially set up a relationship with your sessions. See module
|
21
|
+
# Allows you set essentially set up a relationship with your sessions. See module
|
22
|
+
# definition above for more details.
|
21
23
|
#
|
22
24
|
# === Options
|
23
25
|
#
|
@@ -25,18 +27,26 @@ module Authlogic
|
|
25
27
|
# This is the related session class.
|
26
28
|
#
|
27
29
|
# * <tt>relationship_name:</tt> default: options[:session_class].klass_name.underscore.pluralize,
|
28
|
-
# This is the name of the relationship you want to use to scope everything. For
|
29
|
-
#
|
30
|
-
#
|
30
|
+
# This is the name of the relationship you want to use to scope everything. For
|
31
|
+
# example an Account has many Users. There should be a relationship called :users
|
32
|
+
# that you defined with a has_many. The reason we use the relationship is so you
|
33
|
+
# don't have to repeat yourself. The relationship could have all kinds of custom
|
34
|
+
# options. So instead of repeating yourself we essentially use the scope that the
|
35
|
+
# relationship creates.
|
31
36
|
#
|
32
37
|
# * <tt>find_options:</tt> default: nil,
|
33
|
-
# By default the find options are created from the relationship you specify with
|
34
|
-
#
|
38
|
+
# By default the find options are created from the relationship you specify with
|
39
|
+
# :relationship_name. But if you want to override this and manually specify
|
40
|
+
# find_options you can do it here. Specify options just as you would in
|
41
|
+
# ActiveRecord::Base.find.
|
35
42
|
#
|
36
43
|
# * <tt>scope_cookies:</tt> default: false
|
37
|
-
# By the nature of cookies they scope
|
38
|
-
#
|
39
|
-
#
|
44
|
+
# By the nature of cookies they scope themselves if you are using subdomains to
|
45
|
+
# access accounts. If you aren't using subdomains you need to have separate
|
46
|
+
# cookies for each account, assuming a user is logging into mroe than one account.
|
47
|
+
# Authlogic can take care of this for you by prefixing the name of the cookie and
|
48
|
+
# sessin with the model id. You just need to tell Authlogic to do this by passing
|
49
|
+
# this option.
|
40
50
|
def authenticates_many(name, options = {})
|
41
51
|
options[:session_class] ||= name.to_s.classify.constantize
|
42
52
|
options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
|
@@ -51,4 +61,4 @@ module Authlogic
|
|
51
61
|
|
52
62
|
::ActiveRecord::Base.extend(Base) if defined?(::ActiveRecord)
|
53
63
|
end
|
54
|
-
end
|
64
|
+
end
|
data/lib/authlogic/config.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
#encoding: utf-8
|
1
|
+
# encoding: utf-8
|
2
2
|
module Authlogic
|
3
3
|
module Config
|
4
4
|
def self.extended(klass)
|
@@ -9,6 +9,7 @@ module Authlogic
|
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
12
|
+
|
12
13
|
# This is a one-liner method to write a config setting, read the config
|
13
14
|
# setting, and also set a default value for the setting.
|
14
15
|
def rw_config(key, value, default_value = nil)
|