authlogic 3.4.6 → 3.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +2 -0
- data/.rubocop.yml +33 -0
- data/.rubocop_todo.yml +427 -0
- data/.travis.yml +24 -3
- data/CHANGELOG.md +9 -2
- data/CONTRIBUTING.md +40 -1
- data/Gemfile +1 -1
- data/README.md +295 -0
- data/Rakefile +10 -2
- data/authlogic.gemspec +6 -5
- data/lib/authlogic.rb +2 -2
- data/lib/authlogic/acts_as_authentic/base.rb +2 -2
- data/lib/authlogic/acts_as_authentic/email.rb +59 -14
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +4 -3
- data/lib/authlogic/acts_as_authentic/login.rb +62 -12
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +107 -53
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -9
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +2 -0
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +48 -35
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +19 -15
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +2 -2
- data/lib/authlogic/authenticates_many/association.rb +6 -5
- data/lib/authlogic/authenticates_many/base.rb +22 -12
- data/lib/authlogic/config.rb +2 -1
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +2 -1
- data/lib/authlogic/controller_adapters/rack_adapter.rb +3 -4
- data/lib/authlogic/controller_adapters/rails_adapter.rb +26 -14
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +1 -1
- data/lib/authlogic/crypto_providers/aes256.rb +16 -12
- data/lib/authlogic/crypto_providers/bcrypt.rb +10 -4
- data/lib/authlogic/crypto_providers/md5.rb +7 -7
- data/lib/authlogic/crypto_providers/scrypt.rb +10 -2
- data/lib/authlogic/crypto_providers/sha1.rb +3 -3
- data/lib/authlogic/crypto_providers/sha256.rb +3 -3
- data/lib/authlogic/crypto_providers/sha512.rb +4 -4
- data/lib/authlogic/crypto_providers/wordpress.rb +13 -13
- data/lib/authlogic/i18n.rb +22 -16
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +13 -12
- data/lib/authlogic/regex.rb +3 -3
- data/lib/authlogic/session/activation.rb +7 -6
- data/lib/authlogic/session/active_record_trickery.rb +1 -2
- data/lib/authlogic/session/base.rb +7 -6
- data/lib/authlogic/session/brute_force_protection.rb +58 -34
- data/lib/authlogic/session/callbacks.rb +16 -12
- data/lib/authlogic/session/cookies.rb +29 -14
- data/lib/authlogic/session/existence.rb +10 -10
- data/lib/authlogic/session/foundation.rb +11 -7
- data/lib/authlogic/session/http_auth.rb +6 -5
- data/lib/authlogic/session/id.rb +5 -4
- data/lib/authlogic/session/klass.rb +2 -1
- data/lib/authlogic/session/magic_columns.rb +21 -14
- data/lib/authlogic/session/magic_states.rb +25 -14
- data/lib/authlogic/session/params.rb +41 -26
- data/lib/authlogic/session/password.rb +62 -40
- data/lib/authlogic/session/perishable_token.rb +3 -2
- data/lib/authlogic/session/persistence.rb +3 -3
- data/lib/authlogic/session/priority_record.rb +5 -4
- data/lib/authlogic/session/scopes.rb +20 -9
- data/lib/authlogic/session/session.rb +9 -4
- data/lib/authlogic/session/timeout.rb +40 -23
- data/lib/authlogic/session/unauthorized_record.rb +6 -5
- data/lib/authlogic/session/validation.rb +18 -9
- data/lib/authlogic/test_case.rb +2 -2
- data/lib/authlogic/test_case/mock_controller.rb +9 -9
- data/lib/authlogic/test_case/mock_cookie_jar.rb +2 -2
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +2 -1
- data/lib/authlogic/test_case/rails_request_adapter.rb +5 -5
- data/test/acts_as_authentic_test/email_test.rb +29 -17
- data/test/acts_as_authentic_test/logged_in_status_test.rb +9 -3
- data/test/acts_as_authentic_test/login_test.rb +47 -13
- data/test/acts_as_authentic_test/magic_columns_test.rb +4 -4
- data/test/acts_as_authentic_test/password_test.rb +31 -21
- data/test/acts_as_authentic_test/perishable_token_test.rb +15 -15
- data/test/acts_as_authentic_test/session_maintenance_test.rb +20 -13
- data/test/acts_as_authentic_test/single_access_test.rb +8 -8
- data/test/authenticates_many_test.rb +4 -4
- data/test/crypto_provider_test/aes256_test.rb +2 -2
- data/test/crypto_provider_test/scrypt_test.rb +1 -1
- data/test/crypto_provider_test/sha1_test.rb +3 -3
- data/test/crypto_provider_test/sha256_test.rb +1 -1
- data/test/crypto_provider_test/sha512_test.rb +2 -2
- data/test/gemfiles/Gemfile.rails-3.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/i18n_test.rb +5 -5
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +1 -1
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/random_test.rb +5 -4
- data/test/session_test/activation_test.rb +5 -5
- data/test/session_test/active_record_trickery_test.rb +7 -5
- data/test/session_test/cookies_test.rb +8 -6
- data/test/session_test/existence_test.rb +19 -13
- data/test/session_test/http_auth_test.rb +0 -3
- data/test/session_test/id_test.rb +2 -2
- data/test/session_test/klass_test.rb +1 -1
- data/test/session_test/magic_columns_test.rb +0 -3
- data/test/session_test/magic_states_test.rb +11 -11
- data/test/session_test/params_test.rb +10 -10
- data/test/session_test/password_test.rb +4 -5
- data/test/session_test/perishability_test.rb +3 -3
- data/test/session_test/scopes_test.rb +8 -8
- data/test/session_test/session_test.rb +5 -4
- data/test/session_test/timeout_test.rb +8 -8
- data/test/session_test/unauthorized_record_test.rb +2 -2
- data/test/session_test/validation_test.rb +3 -3
- data/test/test_helper.rb +9 -5
- metadata +54 -24
- data/README.rdoc +0 -232
@@ -8,26 +8,26 @@ module Authlogic
|
|
8
8
|
add_acts_as_authentic_module(Methods)
|
9
9
|
end
|
10
10
|
end
|
11
|
-
|
11
|
+
|
12
12
|
# Methods for the persistence token.
|
13
13
|
module Methods
|
14
14
|
def self.included(klass)
|
15
15
|
klass.class_eval do
|
16
16
|
extend ClassMethods
|
17
17
|
include InstanceMethods
|
18
|
-
|
18
|
+
|
19
19
|
if respond_to?(:after_password_set) && respond_to?(:after_password_verification)
|
20
20
|
after_password_set :reset_persistence_token
|
21
21
|
after_password_verification :reset_persistence_token!, :if => :reset_persistence_token?
|
22
22
|
end
|
23
|
-
|
23
|
+
|
24
24
|
validates_presence_of :persistence_token
|
25
25
|
validates_uniqueness_of :persistence_token, :if => :persistence_token_changed?
|
26
|
-
|
26
|
+
|
27
27
|
before_validation :reset_persistence_token, :if => :reset_persistence_token?
|
28
28
|
end
|
29
29
|
end
|
30
|
-
|
30
|
+
|
31
31
|
# Class level methods for the persistence token.
|
32
32
|
module ClassMethods
|
33
33
|
# Resets ALL persistence tokens in the database, which will require all users to reauthenticate.
|
@@ -42,22 +42,23 @@ module Authlogic
|
|
42
42
|
end while !records.blank?
|
43
43
|
end
|
44
44
|
end
|
45
|
-
|
45
|
+
|
46
46
|
# Instance level methods for the persistence token.
|
47
47
|
module InstanceMethods
|
48
48
|
# Resets the persistence_token field to a random hex value.
|
49
49
|
def reset_persistence_token
|
50
50
|
self.persistence_token = Authlogic::Random.hex_token
|
51
51
|
end
|
52
|
-
|
52
|
+
|
53
53
|
# Same as reset_persistence_token, but then saves the record.
|
54
54
|
def reset_persistence_token!
|
55
55
|
reset_persistence_token
|
56
56
|
save_without_session_maintenance(:validate => false)
|
57
57
|
end
|
58
58
|
alias_method :forget!, :reset_persistence_token!
|
59
|
-
|
59
|
+
|
60
60
|
private
|
61
|
+
|
61
62
|
def reset_persistence_token?
|
62
63
|
persistence_token.blank?
|
63
64
|
end
|
@@ -65,4 +66,4 @@ module Authlogic
|
|
65
66
|
end
|
66
67
|
end
|
67
68
|
end
|
68
|
-
end
|
69
|
+
end
|
@@ -36,6 +36,7 @@ module Authlogic
|
|
36
36
|
alias_method :transition_from_restful_authentication=, :transition_from_restful_authentication
|
37
37
|
|
38
38
|
private
|
39
|
+
|
39
40
|
def set_restful_authentication_config
|
40
41
|
crypto_provider_key = act_like_restful_authentication ? :crypto_provider : :transition_from_crypto_providers
|
41
42
|
self.send("#{crypto_provider_key}=", CryptoProviders::Sha1)
|
@@ -48,6 +49,7 @@ module Authlogic
|
|
48
49
|
|
49
50
|
module InstanceMethods
|
50
51
|
private
|
52
|
+
|
51
53
|
def act_like_restful_authentication?
|
52
54
|
self.class.act_like_restful_authentication == true
|
53
55
|
end
|
@@ -1,22 +1,26 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module ActsAsAuthentic
|
3
|
-
# This is one of my favorite features that I think is pretty cool. It's
|
4
|
-
# and let you know you are on the
|
3
|
+
# This is one of my favorite features that I think is pretty cool. It's
|
4
|
+
# things like this that make a library great and let you know you are on the
|
5
|
+
# right track.
|
5
6
|
#
|
6
|
-
# Just to clear up any confusion, Authlogic stores both the record id and
|
7
|
-
# Why? So stale sessions can not be
|
8
|
-
#
|
9
|
-
#
|
7
|
+
# Just to clear up any confusion, Authlogic stores both the record id and
|
8
|
+
# the persistence token in the session. Why? So stale sessions can not be
|
9
|
+
# persisted. It stores the id so it can quickly find the record, and the
|
10
|
+
# persistence token to ensure no sessions are stale. So if the persistence
|
11
|
+
# token changes, the user must log back in.
|
10
12
|
#
|
11
|
-
# Well, the persistence token changes with the password. What happens if the
|
12
|
-
# He shouldn't have to log back in, he's the
|
13
|
+
# Well, the persistence token changes with the password. What happens if the
|
14
|
+
# user changes his own password? He shouldn't have to log back in, he's the
|
15
|
+
# one that made the change.
|
13
16
|
#
|
14
|
-
# That being said, wouldn't it be nice if their session and cookie
|
15
|
-
# Instead of cluttering up your
|
17
|
+
# That being said, wouldn't it be nice if their session and cookie
|
18
|
+
# information was automatically updated? Instead of cluttering up your
|
19
|
+
# controller with redundant session code. The same thing goes for new
|
16
20
|
# registrations.
|
17
21
|
#
|
18
|
-
# That's what this module is all about. This will automatically maintain the
|
19
|
-
# records are saved.
|
22
|
+
# That's what this module is all about. This will automatically maintain the
|
23
|
+
# cookie and session values as records are saved.
|
20
24
|
module SessionMaintenance
|
21
25
|
def self.included(klass)
|
22
26
|
klass.class_eval do
|
@@ -24,11 +28,12 @@ module Authlogic
|
|
24
28
|
add_acts_as_authentic_module(Methods)
|
25
29
|
end
|
26
30
|
end
|
27
|
-
|
31
|
+
|
28
32
|
module Config
|
29
|
-
# This is more of a convenience method. In order to turn off automatic
|
30
|
-
# set this to false, or you can also set
|
31
|
-
# the
|
33
|
+
# This is more of a convenience method. In order to turn off automatic
|
34
|
+
# maintenance of sessions just set this to false, or you can also set
|
35
|
+
# the session_ids method to a blank array. Both accomplish the same
|
36
|
+
# thing. This method is a little clearer in it's intentions though.
|
32
37
|
#
|
33
38
|
# * <tt>Default:</tt> true
|
34
39
|
# * <tt>Accepts:</tt> Boolean
|
@@ -36,9 +41,10 @@ module Authlogic
|
|
36
41
|
rw_config(:maintain_sessions, value, true)
|
37
42
|
end
|
38
43
|
alias_method :maintain_sessions=, :maintain_sessions
|
39
|
-
|
40
|
-
# As you may know, authlogic sessions can be separate by id (See
|
41
|
-
# specify here what session ids
|
44
|
+
|
45
|
+
# As you may know, authlogic sessions can be separate by id (See
|
46
|
+
# Authlogic::Session::Base#id). You can specify here what session ids
|
47
|
+
# you want auto maintained. By default it is the main session, which has
|
42
48
|
# an id of nil.
|
43
49
|
#
|
44
50
|
# * <tt>Default:</tt> [nil]
|
@@ -47,8 +53,9 @@ module Authlogic
|
|
47
53
|
rw_config(:session_ids, value, [nil])
|
48
54
|
end
|
49
55
|
alias_method :session_ids=, :session_ids
|
50
|
-
|
51
|
-
# The name of the associated session class. This is inferred by the name
|
56
|
+
|
57
|
+
# The name of the associated session class. This is inferred by the name
|
58
|
+
# of the model.
|
52
59
|
#
|
53
60
|
# * <tt>Default:</tt> "#{klass.name}Session".constantize
|
54
61
|
# * <tt>Accepts:</tt> Class
|
@@ -58,7 +65,7 @@ module Authlogic
|
|
58
65
|
end
|
59
66
|
alias_method :session_class=, :session_class
|
60
67
|
end
|
61
|
-
|
68
|
+
|
62
69
|
module Methods
|
63
70
|
def self.included(klass)
|
64
71
|
klass.class_eval do
|
@@ -66,7 +73,7 @@ module Authlogic
|
|
66
73
|
before_save :maintain_sessions, :if => :update_sessions?
|
67
74
|
end
|
68
75
|
end
|
69
|
-
|
76
|
+
|
70
77
|
# Save the record and skip session maintenance all together.
|
71
78
|
def save_without_session_maintenance(*args)
|
72
79
|
self.skip_session_maintenance = true
|
@@ -74,30 +81,36 @@ module Authlogic
|
|
74
81
|
self.skip_session_maintenance = false
|
75
82
|
result
|
76
83
|
end
|
77
|
-
|
84
|
+
|
78
85
|
private
|
86
|
+
|
79
87
|
def skip_session_maintenance=(value)
|
80
88
|
@skip_session_maintenance = value
|
81
89
|
end
|
82
|
-
|
90
|
+
|
83
91
|
def skip_session_maintenance
|
84
92
|
@skip_session_maintenance ||= false
|
85
93
|
end
|
86
|
-
|
94
|
+
|
87
95
|
def update_sessions?
|
88
|
-
!skip_session_maintenance &&
|
96
|
+
!skip_session_maintenance &&
|
97
|
+
session_class &&
|
98
|
+
session_class.activated? &&
|
99
|
+
self.class.maintain_sessions == true &&
|
100
|
+
!session_ids.blank? &&
|
101
|
+
persistence_token_changed?
|
89
102
|
end
|
90
|
-
|
103
|
+
|
91
104
|
def get_session_information
|
92
105
|
# Need to determine if we are completely logged out, or logged in as another user
|
93
106
|
@_sessions = []
|
94
|
-
|
107
|
+
|
95
108
|
session_ids.each do |session_id|
|
96
109
|
session = session_class.find(session_id, self)
|
97
110
|
@_sessions << session if session && session.record
|
98
111
|
end
|
99
112
|
end
|
100
|
-
|
113
|
+
|
101
114
|
def maintain_sessions
|
102
115
|
if @_sessions.empty?
|
103
116
|
create_session
|
@@ -105,7 +118,7 @@ module Authlogic
|
|
105
118
|
update_sessions
|
106
119
|
end
|
107
120
|
end
|
108
|
-
|
121
|
+
|
109
122
|
def create_session
|
110
123
|
# We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
|
111
124
|
# that need to be created after logging into the main session.
|
@@ -114,7 +127,7 @@ module Authlogic
|
|
114
127
|
|
115
128
|
return true
|
116
129
|
end
|
117
|
-
|
130
|
+
|
118
131
|
def update_sessions
|
119
132
|
# We found sessions above, let's update them with the new info
|
120
133
|
@_sessions.each do |stale_session|
|
@@ -125,15 +138,15 @@ module Authlogic
|
|
125
138
|
|
126
139
|
return true
|
127
140
|
end
|
128
|
-
|
141
|
+
|
129
142
|
def session_ids
|
130
143
|
self.class.session_ids
|
131
144
|
end
|
132
|
-
|
145
|
+
|
133
146
|
def session_class
|
134
147
|
self.class.session_class
|
135
148
|
end
|
136
149
|
end
|
137
150
|
end
|
138
151
|
end
|
139
|
-
end
|
152
|
+
end
|
@@ -1,7 +1,8 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module ActsAsAuthentic
|
3
|
-
# This module is responsible for maintaining the single_access token. For more
|
4
|
-
#
|
3
|
+
# This module is responsible for maintaining the single_access token. For more
|
4
|
+
# information the single access token and how to use it, see the
|
5
|
+
# Authlogic::Session::Params module.
|
5
6
|
module SingleAccessToken
|
6
7
|
def self.included(klass)
|
7
8
|
klass.class_eval do
|
@@ -9,13 +10,13 @@ module Authlogic
|
|
9
10
|
add_acts_as_authentic_module(Methods)
|
10
11
|
end
|
11
12
|
end
|
12
|
-
|
13
|
+
|
13
14
|
# All configuration for the single_access token aspect of acts_as_authentic.
|
14
15
|
module Config
|
15
|
-
# The single access token is used for authentication via URLs, such as a private
|
16
|
-
# if the user changes their password, that token probably
|
17
|
-
#
|
18
|
-
# it on.
|
16
|
+
# The single access token is used for authentication via URLs, such as a private
|
17
|
+
# feed. That being said, if the user changes their password, that token probably
|
18
|
+
# shouldn't change. If it did, the user would have to update all of their URLs. So
|
19
|
+
# be default this is option is disabled, if you need it, feel free to turn it on.
|
19
20
|
#
|
20
21
|
# * <tt>Default:</tt> false
|
21
22
|
# * <tt>Accepts:</tt> Boolean
|
@@ -24,37 +25,40 @@ module Authlogic
|
|
24
25
|
end
|
25
26
|
alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password
|
26
27
|
end
|
27
|
-
|
28
|
+
|
28
29
|
# All method, for the single_access token aspect of acts_as_authentic.
|
29
30
|
module Methods
|
30
31
|
def self.included(klass)
|
31
32
|
return if !klass.column_names.include?("single_access_token")
|
32
|
-
|
33
|
+
|
33
34
|
klass.class_eval do
|
34
35
|
include InstanceMethods
|
35
36
|
validates_uniqueness_of :single_access_token, :if => :single_access_token_changed?
|
36
37
|
before_validation :reset_single_access_token, :if => :reset_single_access_token?
|
37
|
-
|
38
|
+
if respond_to?(:after_password_set)
|
39
|
+
after_password_set(:reset_single_access_token, :if => :change_single_access_token_with_password?)
|
40
|
+
end
|
38
41
|
end
|
39
42
|
end
|
40
|
-
|
43
|
+
|
41
44
|
module InstanceMethods
|
42
45
|
# Resets the single_access_token to a random friendly token.
|
43
46
|
def reset_single_access_token
|
44
47
|
self.single_access_token = Authlogic::Random.friendly_token
|
45
48
|
end
|
46
|
-
|
49
|
+
|
47
50
|
# same as reset_single_access_token, but then saves the record.
|
48
51
|
def reset_single_access_token!
|
49
52
|
reset_single_access_token
|
50
53
|
save_without_session_maintenance
|
51
54
|
end
|
52
|
-
|
55
|
+
|
53
56
|
protected
|
57
|
+
|
54
58
|
def reset_single_access_token?
|
55
59
|
single_access_token.blank?
|
56
60
|
end
|
57
|
-
|
61
|
+
|
58
62
|
def change_single_access_token_with_password?
|
59
63
|
self.class.change_single_access_token_with_password == true
|
60
64
|
end
|
@@ -62,4 +66,4 @@ module Authlogic
|
|
62
66
|
end
|
63
67
|
end
|
64
68
|
end
|
65
|
-
end
|
69
|
+
end
|
@@ -9,7 +9,7 @@ module Authlogic
|
|
9
9
|
extend Config
|
10
10
|
end
|
11
11
|
end
|
12
|
-
|
12
|
+
|
13
13
|
# All configuration for the scope feature.
|
14
14
|
module Config
|
15
15
|
# Allows you to scope everything to specific field(s). Works just like validates_uniqueness_of.
|
@@ -29,4 +29,4 @@ module Authlogic
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
end
|
32
|
-
end
|
32
|
+
end
|
@@ -15,13 +15,13 @@ module Authlogic
|
|
15
15
|
# end
|
16
16
|
class Association
|
17
17
|
attr_accessor :klass, :find_options, :id
|
18
|
-
|
18
|
+
|
19
19
|
def initialize(klass, find_options, id)
|
20
20
|
self.klass = klass
|
21
21
|
self.find_options = find_options
|
22
22
|
self.id = id
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
[:create, :create!, :find, :new].each do |method|
|
26
26
|
class_eval <<-"end_eval", __FILE__, __LINE__
|
27
27
|
def #{method}(*args)
|
@@ -32,11 +32,12 @@ module Authlogic
|
|
32
32
|
end_eval
|
33
33
|
end
|
34
34
|
alias_method :build, :new
|
35
|
-
|
35
|
+
|
36
36
|
private
|
37
|
+
|
37
38
|
def scope_options
|
38
|
-
{:find_options => find_options, :id => id}
|
39
|
+
{ :find_options => find_options, :id => id }
|
39
40
|
end
|
40
41
|
end
|
41
42
|
end
|
42
|
-
end
|
43
|
+
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
module Authlogic
|
2
|
-
# This allows you to scope your authentication. For example, let's say all users belong
|
3
|
-
#
|
2
|
+
# This allows you to scope your authentication. For example, let's say all users belong
|
3
|
+
# to an account, you want to make sure only users that belong to that account can
|
4
|
+
# actually login into that account. Simple, just do:
|
4
5
|
#
|
5
6
|
# class Account < ActiveRecord::Base
|
6
7
|
# authenticates_many :user_sessions
|
@@ -17,7 +18,8 @@ module Authlogic
|
|
17
18
|
# You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
|
18
19
|
module AuthenticatesMany
|
19
20
|
module Base
|
20
|
-
# Allows you set essentially set up a relationship with your sessions. See module
|
21
|
+
# Allows you set essentially set up a relationship with your sessions. See module
|
22
|
+
# definition above for more details.
|
21
23
|
#
|
22
24
|
# === Options
|
23
25
|
#
|
@@ -25,18 +27,26 @@ module Authlogic
|
|
25
27
|
# This is the related session class.
|
26
28
|
#
|
27
29
|
# * <tt>relationship_name:</tt> default: options[:session_class].klass_name.underscore.pluralize,
|
28
|
-
# This is the name of the relationship you want to use to scope everything. For
|
29
|
-
#
|
30
|
-
#
|
30
|
+
# This is the name of the relationship you want to use to scope everything. For
|
31
|
+
# example an Account has many Users. There should be a relationship called :users
|
32
|
+
# that you defined with a has_many. The reason we use the relationship is so you
|
33
|
+
# don't have to repeat yourself. The relationship could have all kinds of custom
|
34
|
+
# options. So instead of repeating yourself we essentially use the scope that the
|
35
|
+
# relationship creates.
|
31
36
|
#
|
32
37
|
# * <tt>find_options:</tt> default: nil,
|
33
|
-
# By default the find options are created from the relationship you specify with
|
34
|
-
#
|
38
|
+
# By default the find options are created from the relationship you specify with
|
39
|
+
# :relationship_name. But if you want to override this and manually specify
|
40
|
+
# find_options you can do it here. Specify options just as you would in
|
41
|
+
# ActiveRecord::Base.find.
|
35
42
|
#
|
36
43
|
# * <tt>scope_cookies:</tt> default: false
|
37
|
-
# By the nature of cookies they scope
|
38
|
-
#
|
39
|
-
#
|
44
|
+
# By the nature of cookies they scope themselves if you are using subdomains to
|
45
|
+
# access accounts. If you aren't using subdomains you need to have separate
|
46
|
+
# cookies for each account, assuming a user is logging into mroe than one account.
|
47
|
+
# Authlogic can take care of this for you by prefixing the name of the cookie and
|
48
|
+
# sessin with the model id. You just need to tell Authlogic to do this by passing
|
49
|
+
# this option.
|
40
50
|
def authenticates_many(name, options = {})
|
41
51
|
options[:session_class] ||= name.to_s.classify.constantize
|
42
52
|
options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
|
@@ -51,4 +61,4 @@ module Authlogic
|
|
51
61
|
|
52
62
|
::ActiveRecord::Base.extend(Base) if defined?(::ActiveRecord)
|
53
63
|
end
|
54
|
-
end
|
64
|
+
end
|
data/lib/authlogic/config.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
#encoding: utf-8
|
1
|
+
# encoding: utf-8
|
2
2
|
module Authlogic
|
3
3
|
module Config
|
4
4
|
def self.extended(klass)
|
@@ -9,6 +9,7 @@ module Authlogic
|
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
12
|
+
|
12
13
|
# This is a one-liner method to write a config setting, read the config
|
13
14
|
# setting, and also set a default value for the setting.
|
14
15
|
def rw_config(key, value, default_value = nil)
|