authlogic 3.4.6 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (140) hide show
  1. checksums.yaml +5 -5
  2. data/.github/ISSUE_TEMPLATE.md +13 -0
  3. data/.github/triage.md +87 -0
  4. data/.gitignore +4 -0
  5. data/.rubocop.yml +127 -0
  6. data/.rubocop_todo.yml +65 -0
  7. data/.travis.yml +18 -10
  8. data/CHANGELOG.md +156 -6
  9. data/CONTRIBUTING.md +71 -3
  10. data/Gemfile +2 -2
  11. data/README.md +386 -0
  12. data/Rakefile +13 -7
  13. data/UPGRADING.md +22 -0
  14. data/authlogic.gemspec +33 -22
  15. data/lib/authlogic.rb +60 -52
  16. data/lib/authlogic/acts_as_authentic/base.rb +40 -26
  17. data/lib/authlogic/acts_as_authentic/email.rb +96 -32
  18. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
  19. data/lib/authlogic/acts_as_authentic/login.rb +114 -49
  20. data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
  21. data/lib/authlogic/acts_as_authentic/password.rb +296 -139
  22. data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
  23. data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
  24. data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
  25. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
  26. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
  27. data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
  28. data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
  29. data/lib/authlogic/authenticates_many/association.rb +22 -14
  30. data/lib/authlogic/authenticates_many/base.rb +35 -16
  31. data/lib/authlogic/config.rb +10 -10
  32. data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
  33. data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
  34. data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
  35. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
  36. data/lib/authlogic/crypto_providers.rb +91 -0
  37. data/lib/authlogic/crypto_providers/aes256.rb +42 -14
  38. data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
  39. data/lib/authlogic/crypto_providers/md5.rb +11 -9
  40. data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
  41. data/lib/authlogic/crypto_providers/sha1.rb +14 -8
  42. data/lib/authlogic/crypto_providers/sha256.rb +16 -12
  43. data/lib/authlogic/crypto_providers/sha512.rb +8 -24
  44. data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
  45. data/lib/authlogic/i18n.rb +33 -20
  46. data/lib/authlogic/i18n/translator.rb +1 -1
  47. data/lib/authlogic/random.rb +12 -29
  48. data/lib/authlogic/regex.rb +59 -27
  49. data/lib/authlogic/session/activation.rb +36 -23
  50. data/lib/authlogic/session/active_record_trickery.rb +13 -10
  51. data/lib/authlogic/session/base.rb +20 -8
  52. data/lib/authlogic/session/brute_force_protection.rb +87 -56
  53. data/lib/authlogic/session/callbacks.rb +99 -49
  54. data/lib/authlogic/session/cookies.rb +128 -59
  55. data/lib/authlogic/session/existence.rb +29 -19
  56. data/lib/authlogic/session/foundation.rb +70 -16
  57. data/lib/authlogic/session/http_auth.rb +39 -31
  58. data/lib/authlogic/session/id.rb +27 -15
  59. data/lib/authlogic/session/klass.rb +17 -13
  60. data/lib/authlogic/session/magic_columns.rb +78 -59
  61. data/lib/authlogic/session/magic_states.rb +50 -27
  62. data/lib/authlogic/session/params.rb +79 -50
  63. data/lib/authlogic/session/password.rb +197 -118
  64. data/lib/authlogic/session/perishable_token.rb +12 -6
  65. data/lib/authlogic/session/persistence.rb +20 -14
  66. data/lib/authlogic/session/priority_record.rb +20 -16
  67. data/lib/authlogic/session/scopes.rb +63 -33
  68. data/lib/authlogic/session/session.rb +40 -25
  69. data/lib/authlogic/session/timeout.rb +51 -34
  70. data/lib/authlogic/session/unauthorized_record.rb +24 -18
  71. data/lib/authlogic/session/validation.rb +32 -21
  72. data/lib/authlogic/test_case.rb +123 -35
  73. data/lib/authlogic/test_case/mock_controller.rb +14 -13
  74. data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
  75. data/lib/authlogic/test_case/mock_logger.rb +1 -1
  76. data/lib/authlogic/test_case/mock_request.rb +9 -4
  77. data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
  78. data/lib/authlogic/version.rb +21 -0
  79. data/test/acts_as_authentic_test/base_test.rb +1 -1
  80. data/test/acts_as_authentic_test/email_test.rb +80 -63
  81. data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
  82. data/test/acts_as_authentic_test/login_test.rb +91 -49
  83. data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
  84. data/test/acts_as_authentic_test/password_test.rb +82 -60
  85. data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
  86. data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
  87. data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
  88. data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
  89. data/test/acts_as_authentic_test/single_access_test.rb +15 -15
  90. data/test/adapter_test.rb +21 -0
  91. data/test/authenticates_many_test.rb +26 -11
  92. data/test/config_test.rb +9 -9
  93. data/test/crypto_provider_test/aes256_test.rb +3 -3
  94. data/test/crypto_provider_test/bcrypt_test.rb +1 -1
  95. data/test/crypto_provider_test/scrypt_test.rb +2 -2
  96. data/test/crypto_provider_test/sha1_test.rb +4 -4
  97. data/test/crypto_provider_test/sha256_test.rb +2 -2
  98. data/test/crypto_provider_test/sha512_test.rb +3 -3
  99. data/test/crypto_provider_test/wordpress_test.rb +24 -0
  100. data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
  101. data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
  102. data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
  103. data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
  104. data/test/gemfiles/Gemfile.rails-master +6 -0
  105. data/test/i18n_test.rb +9 -9
  106. data/test/libs/affiliate.rb +2 -2
  107. data/test/libs/company.rb +4 -4
  108. data/test/libs/employee.rb +2 -2
  109. data/test/libs/employee_session.rb +1 -1
  110. data/test/libs/ldaper.rb +1 -1
  111. data/test/libs/project.rb +1 -1
  112. data/test/libs/user_session.rb +2 -2
  113. data/test/random_test.rb +9 -38
  114. data/test/session_test/activation_test.rb +7 -7
  115. data/test/session_test/active_record_trickery_test.rb +9 -6
  116. data/test/session_test/brute_force_protection_test.rb +26 -21
  117. data/test/session_test/callbacks_test.rb +10 -4
  118. data/test/session_test/cookies_test.rb +54 -20
  119. data/test/session_test/existence_test.rb +45 -23
  120. data/test/session_test/foundation_test.rb +17 -1
  121. data/test/session_test/http_auth_test.rb +11 -12
  122. data/test/session_test/id_test.rb +3 -3
  123. data/test/session_test/klass_test.rb +2 -2
  124. data/test/session_test/magic_columns_test.rb +15 -17
  125. data/test/session_test/magic_states_test.rb +17 -19
  126. data/test/session_test/params_test.rb +26 -20
  127. data/test/session_test/password_test.rb +11 -12
  128. data/test/session_test/perishability_test.rb +5 -5
  129. data/test/session_test/persistence_test.rb +4 -3
  130. data/test/session_test/scopes_test.rb +15 -9
  131. data/test/session_test/session_test.rb +7 -6
  132. data/test/session_test/timeout_test.rb +16 -14
  133. data/test/session_test/unauthorized_record_test.rb +3 -3
  134. data/test/session_test/validation_test.rb +5 -5
  135. data/test/test_helper.rb +115 -49
  136. metadata +107 -36
  137. data/README.rdoc +0 -232
  138. data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
  139. data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
  140. data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -1,7 +1,8 @@
1
1
  module Authlogic
2
2
  module ActsAsAuthentic
3
- # This module is responsible for maintaining the single_access token. For more information the single access token and how to use it,
4
- # see the Authlogic::Session::Params module.
3
+ # This module is responsible for maintaining the single_access token. For more
4
+ # information the single access token and how to use it, see the
5
+ # Authlogic::Session::Params module.
5
6
  module SingleAccessToken
6
7
  def self.included(klass)
7
8
  klass.class_eval do
@@ -9,57 +10,72 @@ module Authlogic
9
10
  add_acts_as_authentic_module(Methods)
10
11
  end
11
12
  end
12
-
13
+
13
14
  # All configuration for the single_access token aspect of acts_as_authentic.
15
+ #
16
+ # These methods become class methods of ::ActiveRecord::Base.
14
17
  module Config
15
- # The single access token is used for authentication via URLs, such as a private feed. That being said,
16
- # if the user changes their password, that token probably shouldn't change. If it did, the user would have
17
- # to update all of their URLs. So be default this is option is disabled, if you need it, feel free to turn
18
- # it on.
18
+ # The single access token is used for authentication via URLs, such as a private
19
+ # feed. That being said, if the user changes their password, that token probably
20
+ # shouldn't change. If it did, the user would have to update all of their URLs. So
21
+ # be default this is option is disabled, if you need it, feel free to turn it on.
19
22
  #
20
23
  # * <tt>Default:</tt> false
21
24
  # * <tt>Accepts:</tt> Boolean
22
25
  def change_single_access_token_with_password(value = nil)
23
26
  rw_config(:change_single_access_token_with_password, value, false)
24
27
  end
25
- alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password
28
+ alias_method(
29
+ :change_single_access_token_with_password=,
30
+ :change_single_access_token_with_password
31
+ )
26
32
  end
27
-
33
+
28
34
  # All method, for the single_access token aspect of acts_as_authentic.
35
+ #
36
+ # This module, as one of the `acts_as_authentic_modules`, is only included
37
+ # into an ActiveRecord model if that model calls `acts_as_authentic`.
29
38
  module Methods
30
39
  def self.included(klass)
31
- return if !klass.column_names.include?("single_access_token")
32
-
40
+ return unless klass.column_names.include?("single_access_token")
41
+
33
42
  klass.class_eval do
34
43
  include InstanceMethods
35
- validates_uniqueness_of :single_access_token, :if => :single_access_token_changed?
36
- before_validation :reset_single_access_token, :if => :reset_single_access_token?
37
- after_password_set(:reset_single_access_token, :if => :change_single_access_token_with_password?) if respond_to?(:after_password_set)
44
+ validates_uniqueness_of :single_access_token, if: :single_access_token_changed?
45
+ before_validation :reset_single_access_token, if: :reset_single_access_token?
46
+ if respond_to?(:after_password_set)
47
+ after_password_set(
48
+ :reset_single_access_token,
49
+ if: :change_single_access_token_with_password?
50
+ )
51
+ end
38
52
  end
39
53
  end
40
-
54
+
55
+ # :nodoc:
41
56
  module InstanceMethods
42
57
  # Resets the single_access_token to a random friendly token.
43
58
  def reset_single_access_token
44
59
  self.single_access_token = Authlogic::Random.friendly_token
45
60
  end
46
-
61
+
47
62
  # same as reset_single_access_token, but then saves the record.
48
63
  def reset_single_access_token!
49
64
  reset_single_access_token
50
65
  save_without_session_maintenance
51
66
  end
52
-
67
+
53
68
  protected
54
- def reset_single_access_token?
55
- single_access_token.blank?
56
- end
57
-
58
- def change_single_access_token_with_password?
59
- self.class.change_single_access_token_with_password == true
60
- end
69
+
70
+ def reset_single_access_token?
71
+ single_access_token.blank?
72
+ end
73
+
74
+ def change_single_access_token_with_password?
75
+ self.class.change_single_access_token_with_password == true
76
+ end
61
77
  end
62
78
  end
63
79
  end
64
80
  end
65
- end
81
+ end
@@ -1,20 +1,20 @@
1
1
  module Authlogic
2
2
  module ActsAsAuthentic
3
- # Allows you to scope everything to specific fields.
4
- # See the Config submodule for more info.
5
- # For information on how to scope off of a parent object see Authlogic::AuthenticatesMany
3
+ # Allows you to scope everything to specific fields. See the Config
4
+ # submodule for more info. For information on how to scope off of a parent
5
+ # object see Authlogic::AuthenticatesMany
6
6
  module ValidationsScope
7
7
  def self.included(klass)
8
8
  klass.class_eval do
9
9
  extend Config
10
10
  end
11
11
  end
12
-
12
+
13
13
  # All configuration for the scope feature.
14
14
  module Config
15
- # Allows you to scope everything to specific field(s). Works just like validates_uniqueness_of.
16
- # For example, let's say a user belongs to a company, and you want to scope everything to the
17
- # company:
15
+ # Allows you to scope everything to specific field(s). Works just like
16
+ # validates_uniqueness_of. For example, let's say a user belongs to a
17
+ # company, and you want to scope everything to the company:
18
18
  #
19
19
  # acts_as_authentic do |c|
20
20
  # c.validations_scope = :company_id
@@ -29,4 +29,4 @@ module Authlogic
29
29
  end
30
30
  end
31
31
  end
32
- end
32
+ end
@@ -1,42 +1,50 @@
1
1
  module Authlogic
2
2
  module AuthenticatesMany
3
- # An object of this class is used as a proxy for the authenticates_many relationship. It basically allows you to "save" scope details
4
- # and call them on an object, which allows you to do the following:
3
+ # An object of this class is used as a proxy for the authenticates_many
4
+ # relationship. It basically allows you to "save" scope details and call
5
+ # them on an object, which allows you to do the following:
5
6
  #
6
7
  # @account.user_sessions.new
7
8
  # @account.user_sessions.find
8
9
  # # ... etc
9
10
  #
10
- # You can call all of the class level methods off of an object with a saved scope, so that calling the above methods scopes the user
11
- # sessions down to that specific account. To implement this via ActiveRecord do something like:
11
+ # You can call all of the class level methods off of an object with a saved
12
+ # scope, so that calling the above methods scopes the user sessions down to
13
+ # that specific account. To implement this via ActiveRecord do something
14
+ # like:
12
15
  #
13
16
  # class User < ActiveRecord::Base
14
17
  # authenticates_many :user_sessions
15
18
  # end
16
19
  class Association
17
20
  attr_accessor :klass, :find_options, :id
18
-
21
+
22
+ # - id: Usually `nil`, but if the `scope_cookies` option is used, then
23
+ # `id` is a string like "company_123". It may seem strange to refer
24
+ # to such a string as an "id", but the naming is intentional, and
25
+ # is derived from `Authlogic::Session::Id`.
19
26
  def initialize(klass, find_options, id)
20
27
  self.klass = klass
21
28
  self.find_options = find_options
22
29
  self.id = id
23
30
  end
24
-
25
- [:create, :create!, :find, :new].each do |method|
26
- class_eval <<-"end_eval", __FILE__, __LINE__
31
+
32
+ %i[create create! find new].each do |method|
33
+ class_eval <<-EOS, __FILE__, __LINE__ + 1
27
34
  def #{method}(*args)
28
35
  klass.with_scope(scope_options) do
29
36
  klass.#{method}(*args)
30
37
  end
31
38
  end
32
- end_eval
39
+ EOS
33
40
  end
34
41
  alias_method :build, :new
35
-
42
+
36
43
  private
37
- def scope_options
38
- {:find_options => find_options, :id => id}
39
- end
44
+
45
+ def scope_options
46
+ { find_options: find_options, id: id }
47
+ end
40
48
  end
41
49
  end
42
- end
50
+ end
@@ -1,6 +1,7 @@
1
1
  module Authlogic
2
- # This allows you to scope your authentication. For example, let's say all users belong to an account, you want to make sure only users
3
- # that belong to that account can actually login into that account. Simple, just do:
2
+ # This allows you to scope your authentication. For example, let's say all users belong
3
+ # to an account, you want to make sure only users that belong to that account can
4
+ # actually login into that account. Simple, just do:
4
5
  #
5
6
  # class Account < ActiveRecord::Base
6
7
  # authenticates_many :user_sessions
@@ -16,39 +17,57 @@ module Authlogic
16
17
  # Checkout the authenticates_many method for a list of options.
17
18
  # You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
18
19
  module AuthenticatesMany
20
+ # These methods become class methods of ::ActiveRecord::Base.
19
21
  module Base
20
- # Allows you set essentially set up a relationship with your sessions. See module definition above for more details.
22
+ # Allows you to set up a relationship with your sessions. See module
23
+ # definition above for more details.
21
24
  #
22
25
  # === Options
23
26
  #
24
27
  # * <tt>session_class:</tt> default: "#{name}Session",
25
28
  # This is the related session class.
26
29
  #
27
- # * <tt>relationship_name:</tt> default: options[:session_class].klass_name.underscore.pluralize,
28
- # This is the name of the relationship you want to use to scope everything. For example an Account has many Users. There should be a relationship
29
- # called :users that you defined with a has_many. The reason we use the relationship is so you don't have to repeat yourself. The relatonship
30
- # could have all kinds of custom options. So instead of repeating yourself we essentially use the scope that the relationship creates.
30
+ # * <tt>relationship_name:</tt>
31
+ # default: options[:session_class].klass_name.underscore.pluralize,
32
+ # This is the name of the relationship you want to use to scope
33
+ # everything. For example an Account has many Users. There should be a
34
+ # relationship called :users that you defined with a has_many. The
35
+ # reason we use the relationship is so you don't have to repeat
36
+ # yourself. The relationship could have all kinds of custom options. So
37
+ # instead of repeating yourself we essentially use the scope that the
38
+ # relationship creates.
31
39
  #
32
40
  # * <tt>find_options:</tt> default: nil,
33
- # By default the find options are created from the relationship you specify with :relationship_name. But if you want to override this and
34
- # manually specify find_options you can do it here. Specify options just as you would in ActiveRecord::Base.find.
41
+ # By default the find options are created from the relationship you
42
+ # specify with :relationship_name. But if you want to override this and
43
+ # manually specify find_options you can do it here. Specify options just
44
+ # as you would in ActiveRecord::Base.find.
35
45
  #
36
46
  # * <tt>scope_cookies:</tt> default: false
37
- # By the nature of cookies they scope theirself if you are using subdomains to access accounts. If you aren't using subdomains you need to have
38
- # separate cookies for each account, assuming a user is logging into mroe than one account. Authlogic can take care of this for you by
39
- # prefixing the name of the cookie and sessin with the model id. You just need to tell Authlogic to do this by passing this option.
47
+ # By the nature of cookies they scope themselves if you are using
48
+ # subdomains to access accounts. If you aren't using subdomains you need
49
+ # to have separate cookies for each account, assuming a user is logging
50
+ # into more than one account. Authlogic can take care of this for you by
51
+ # prefixing the name of the cookie and session with the model id.
52
+ # Because it affects both cookies names and session keys, the name
53
+ # `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
54
+ # would have been better.
40
55
  def authenticates_many(name, options = {})
41
56
  options[:session_class] ||= name.to_s.classify.constantize
42
57
  options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
43
- class_eval <<-"end_eval", __FILE__, __LINE__
58
+ class_eval <<-EOS, __FILE__, __LINE__ + 1
44
59
  def #{name}
45
60
  find_options = #{options[:find_options].inspect} || #{options[:relationship_name]}.where(nil)
46
- @#{name} ||= Authlogic::AuthenticatesMany::Association.new(#{options[:session_class]}, find_options, #{options[:scope_cookies] ? "self.class.model_name.underscore + '_' + self.send(self.class.primary_key).to_s" : "nil"})
61
+ @#{name} ||= Authlogic::AuthenticatesMany::Association.new(
62
+ #{options[:session_class]},
63
+ find_options,
64
+ #{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : 'nil'}
65
+ )
47
66
  end
48
- end_eval
67
+ EOS
49
68
  end
50
69
  end
51
70
 
52
71
  ::ActiveRecord::Base.extend(Base) if defined?(::ActiveRecord)
53
72
  end
54
- end
73
+ end
@@ -1,4 +1,3 @@
1
- #encoding: utf-8
2
1
  module Authlogic
3
2
  module Config
4
3
  def self.extended(klass)
@@ -9,15 +8,16 @@ module Authlogic
9
8
  end
10
9
 
11
10
  private
12
- # This is a one-liner method to write a config setting, read the config
13
- # setting, and also set a default value for the setting.
14
- def rw_config(key, value, default_value = nil)
15
- if value.nil?
16
- acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
17
- else
18
- self.acts_as_authentic_config = acts_as_authentic_config.merge(key => value)
19
- value
20
- end
11
+
12
+ # This is a one-liner method to write a config setting, read the config
13
+ # setting, and also set a default value for the setting.
14
+ def rw_config(key, value, default_value = nil)
15
+ if value.nil?
16
+ acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
17
+ else
18
+ self.acts_as_authentic_config = acts_as_authentic_config.merge(key => value)
19
+ value
21
20
  end
21
+ end
22
22
  end
23
23
  end
@@ -3,16 +3,19 @@ module Authlogic
3
3
  # Allows you to use Authlogic in any framework you want, not just rails. See the RailsAdapter
4
4
  # for an example of how to adapt Authlogic to work with your framework.
5
5
  class AbstractAdapter
6
+ E_COOKIE_DOMAIN_ADAPTER = "The cookie_domain method has not been " \
7
+ "implemented by the controller adapter".freeze
8
+
6
9
  attr_accessor :controller
7
10
 
8
11
  def initialize(controller)
9
12
  self.controller = controller
10
13
  end
11
14
 
12
- def authenticate_with_http_basic(&block)
15
+ def authenticate_with_http_basic
13
16
  @auth = Rack::Auth::Basic::Request.new(controller.request.env)
14
- if @auth.provided? and @auth.basic?
15
- block.call(*@auth.credentials)
17
+ if @auth.provided? && @auth.basic?
18
+ yield(*@auth.credentials)
16
19
  else
17
20
  false
18
21
  end
@@ -23,7 +26,7 @@ module Authlogic
23
26
  end
24
27
 
25
28
  def cookie_domain
26
- raise NotImplementedError.new("The cookie_domain method has not been implemented by the controller adapter")
29
+ raise NotImplementedError.new(E_COOKIE_DOMAIN_ADAPTER)
27
30
  end
28
31
 
29
32
  def params
@@ -50,18 +53,43 @@ module Authlogic
50
53
  controller.send(:single_access_allowed?)
51
54
  end
52
55
 
53
- def responds_to_last_request_update_allowed?
54
- controller.respond_to?(:last_request_update_allowed?, true)
56
+ # You can disable the updating of `last_request_at`
57
+ # on a per-controller basis.
58
+ #
59
+ # # in your controller
60
+ # def last_request_update_allowed?
61
+ # false
62
+ # end
63
+ #
64
+ # For example, what if you had a javascript function that polled the
65
+ # server updating how much time is left in their session before it
66
+ # times out. Obviously you would want to ignore this request, because
67
+ # then the user would never time out. So you can do something like
68
+ # this in your controller:
69
+ #
70
+ # def last_request_update_allowed?
71
+ # action_name != "update_session_time_left"
72
+ # end
73
+ #
74
+ # See `authlogic/session/magic_columns.rb` to learn more about the
75
+ # `last_request_at` column itself.
76
+ def last_request_update_allowed?
77
+ if controller.respond_to?(:last_request_update_allowed?, true)
78
+ controller.send(:last_request_update_allowed?)
79
+ else
80
+ true
81
+ end
55
82
  end
56
83
 
57
- def last_request_update_allowed?
58
- controller.send(:last_request_update_allowed?)
84
+ def respond_to_missing?(*args)
85
+ super(*args) || controller.respond_to?(*args)
59
86
  end
60
87
 
61
88
  private
62
- def method_missing(id, *args, &block)
63
- controller.send(id, *args, &block)
64
- end
89
+
90
+ def method_missing(id, *args, &block)
91
+ controller.send(id, *args, &block)
92
+ end
65
93
  end
66
94
  end
67
- end
95
+ end
@@ -37,27 +37,34 @@ module Authlogic
37
37
  # end
38
38
  #
39
39
  class RackAdapter < AbstractAdapter
40
-
41
40
  def initialize(env)
42
41
  # We use the Rack::Request object as the controller object.
43
42
  # For this to work, we have to add some glue.
44
43
  request = Rack::Request.new(env)
45
44
 
46
45
  request.instance_eval do
47
- def request; self; end
48
- def remote_ip; self.ip; end
46
+ def request
47
+ self
48
+ end
49
+
50
+ def remote_ip
51
+ ip
52
+ end
49
53
  end
50
54
 
51
55
  super(request)
52
56
  Authlogic::Session::Base.controller = self
53
57
  end
54
58
 
55
- # Rack Requests stores cookies with not just the value, but also with flags and expire information in the hash.
56
- # Authlogic does not like this, so we drop everything except the cookie value
59
+ # Rack Requests stores cookies with not just the value, but also with
60
+ # flags and expire information in the hash. Authlogic does not like this,
61
+ # so we drop everything except the cookie value.
57
62
  def cookies
58
- controller.cookies.map{|key, value_hash| {key => value_hash[:value]} }.inject(:merge) || {}
63
+ controller
64
+ .cookies
65
+ .map { |key, value_hash| { key => value_hash[:value] } }
66
+ .inject(:merge) || {}
59
67
  end
60
68
  end
61
69
  end
62
-
63
- end
70
+ end
@@ -1,50 +1,70 @@
1
- require 'action_controller'
1
+ require "action_controller"
2
2
 
3
3
  module Authlogic
4
4
  module ControllerAdapters
5
- # Adapts authlogic to work with rails. The point is to close the gap between what authlogic expects and what the rails controller object
6
- # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
5
+ # Adapts authlogic to work with rails. The point is to close the gap between
6
+ # what authlogic expects and what the rails controller object provides.
7
+ # Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite,
8
+ # etc.
7
9
  class RailsAdapter < AbstractAdapter
8
10
  class AuthlogicLoadedTooLateError < StandardError; end
9
-
11
+
10
12
  def authenticate_with_http_basic(&block)
11
13
  controller.authenticate_with_http_basic(&block)
12
14
  end
13
-
15
+
16
+ # Returns a `ActionDispatch::Cookies::CookieJar`. See the AC guide
17
+ # http://guides.rubyonrails.org/action_controller_overview.html#cookies
14
18
  def cookies
15
19
  controller.send(:cookies)
16
20
  end
17
-
21
+
18
22
  def cookie_domain
19
- @cookie_domain_key ||= Rails::VERSION::STRING >= '2.3' ? :domain : :session_domain
23
+ @cookie_domain_key ||= Rails::VERSION::STRING >= "2.3" ? :domain : :session_domain
20
24
  controller.request.session_options[@cookie_domain_key]
21
25
  end
22
-
26
+
23
27
  def request_content_type
24
28
  request.format.to_s
25
29
  end
26
-
27
- # Lets Authlogic know about the controller object via a before filter, AKA "activates" authlogic.
30
+
31
+ # Lets Authlogic know about the controller object via a before filter, AKA
32
+ # "activates" authlogic.
28
33
  module RailsImplementation
29
34
  def self.included(klass) # :nodoc:
30
35
  if defined?(::ApplicationController)
31
- raise AuthlogicLoadedTooLateError.new("Authlogic is trying to prepend a before_filter in ActionController::Base to active itself" +
32
- ", the problem is that ApplicationController has already been loaded meaning the before_filter won't get copied into your" +
33
- " application. Generally this is due to another gem or plugin requiring your ApplicationController prematurely, such as" +
34
- " the resource_controller plugin. The solution is to require Authlogic before these other gems / plugins. Please require" +
35
- " authlogic first to get rid of this error.")
36
+ raise AuthlogicLoadedTooLateError.new(
37
+ <<-EOS.strip_heredoc
38
+ Authlogic is trying to add a callback to ActionController::Base
39
+ but ApplicationController has already been loaded, so the
40
+ callback won't be copied into your application. Generally this
41
+ is due to another gem or plugin requiring your
42
+ ApplicationController prematurely, such as the
43
+ resource_controller plugin. Please require Authlogic first,
44
+ before these other gems / plugins.
45
+ EOS
46
+ )
47
+ end
48
+
49
+ # In Rails 4.0.2, the *_filter methods were renamed to *_action.
50
+ if klass.respond_to? :prepend_before_action
51
+ klass.prepend_before_action :activate_authlogic
52
+ else
53
+ klass.prepend_before_filter :activate_authlogic
36
54
  end
37
-
38
- klass.prepend_before_filter :activate_authlogic
39
55
  end
40
-
56
+
41
57
  private
42
- def activate_authlogic
43
- Authlogic::Session::Base.controller = RailsAdapter.new(self)
44
- end
58
+
59
+ def activate_authlogic
60
+ Authlogic::Session::Base.controller = RailsAdapter.new(self)
61
+ end
45
62
  end
46
63
  end
47
64
  end
48
65
  end
49
66
 
50
- ActionController::Base.send(:include, Authlogic::ControllerAdapters::RailsAdapter::RailsImplementation)
67
+ ActionController::Base.send(
68
+ :include,
69
+ Authlogic::ControllerAdapters::RailsAdapter::RailsImplementation
70
+ )