authlogic 3.8.0 → 4.5.0

data/{test/gemfiles → gemfiles}/Gemfile.rails-5.1.x

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
-gemspec :path => "./../.."
+gemspec :path => ".."
 
 gem "activerecord", "~> 5.1.0"
 gem "activesupport", "~> 5.1.0"
-gem 'sqlite3', :platforms => :ruby
+gem "sqlite3", "~> 1.3.6", platforms: :ruby

data/{test/gemfiles → gemfiles}/Gemfile.rails-5.2.x

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
-gemspec :path => "./../.."
+gemspec :path => ".."
 
 gem "activerecord", "~> 5.2.x"
 gem "activesupport", "~> 5.2.x"
-gem 'sqlite3', :platforms => :ruby
+gem "sqlite3", "~> 1.3.6", platforms: :ruby

data/lib/authlogic/acts_as_authentic/base.rb

@@ -11,11 +11,13 @@ module Authlogic
         end
       end
 
+      # The primary configuration of a model (often, `User`) for use with
+      # authlogic. These methods become class methods of ::ActiveRecord::Base.
       module Config
-        # This includes a lot of helpful methods for authenticating records which The Authlogic::Session module relies on.
-        # To use it just do:
+        # This includes a lot of helpful methods for authenticating records
+        # which the Authlogic::Session module relies on. To use it just do:
         #
-        #   class User < ActiveRecord::Base
+        #   class User < ApplicationRecord
         #     acts_as_authentic
         #   end
         #
@@ -26,11 +28,11 @@ module Authlogic
         #   end
         #
         # See the various sub modules for the configuration they provide.
-        def acts_as_authentic(unsupported_options = nil, &block)
+        def acts_as_authentic(unsupported_options = nil)
           # Stop all configuration if the DB is not set up
-          return if !db_setup?
+          return unless db_setup?
 
-          if !unsupported_options.nil?
+          unless unsupported_options.nil?
             raise ArgumentError.new(
               "You are using the old v1.X.X configuration method for " \
                 "Authlogic. Instead of passing a hash of configuration " \
@@ -43,12 +45,15 @@ module Authlogic
           acts_as_authentic_modules.each { |mod| include mod }
         end
 
-        # Since this part of Authlogic deals with another class, ActiveRecord, we can't just start including things
-        # in ActiveRecord itself. A lot of these module includes need to be triggered by the acts_as_authentic method
-        # call. For example, you don't want to start adding in email validations and what not into a model that has
-        # nothing to do with Authlogic.
+        # Since this part of Authlogic deals with another class, ActiveRecord,
+        # we can't just start including things in ActiveRecord itself. A lot of
+        # these module includes need to be triggered by the acts_as_authentic
+        # method call. For example, you don't want to start adding in email
+        # validations and what not into a model that has nothing to do with
+        # Authlogic.
         #
-        # That being said, this is your tool for extending Authlogic and "hooking" into the acts_as_authentic call.
+        # That being said, this is your tool for extending Authlogic and
+        # "hooking" into the acts_as_authentic call.
         def add_acts_as_authentic_module(mod, action = :append)
           modules = acts_as_authentic_modules.clone
           case action
@@ -61,7 +66,8 @@ module Authlogic
           self.acts_as_authentic_modules = modules
         end
 
-        # This is the same as add_acts_as_authentic_module, except that it removes the module from the list.
+        # This is the same as add_acts_as_authentic_module, except that it
+        # removes the module from the list.
         def remove_acts_as_authentic_module(mod)
           modules = acts_as_authentic_modules.clone
           modules.delete(mod)
@@ -70,21 +76,23 @@ module Authlogic
 
         private
 
-          def db_setup?
-            begin
-              column_names
-              true
-            rescue StandardError
-              false
-            end
-          end
+        def db_setup?
+          column_names
+          true
+        rescue StandardError
+          false
+        end
 
-          def first_column_to_exist(*columns_to_check)
-            if db_setup?
-              columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }
+        def first_column_to_exist(*columns_to_check)
+          if db_setup?
+            columns_to_check.each do |column_name|
+              if column_names.include?(column_name.to_s)
+                return column_name.to_sym
+              end
             end
-            columns_to_check.first && columns_to_check.first.to_sym
           end
+          columns_to_check.first&.to_sym
+        end
       end
     end
   end
@@ -98,7 +106,11 @@ end
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::Password
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::PerishableToken
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::PersistenceToken
+
+# RestfulAuthentication is deprecated. See comments in
+# acts_as_authentic/restful_authentication.rb
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::RestfulAuthentication
+
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::SessionMaintenance
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::SingleAccessToken
 ::ActiveRecord::Base.send :include, Authlogic::ActsAsAuthentic::ValidationsScope

data/lib/authlogic/acts_as_authentic/email.rb

@@ -1,9 +1,10 @@
 module Authlogic
   module ActsAsAuthentic
-    # Sometimes models won't have an explicit "login" or "username" field. Instead they want to use the email field.
-    # In this case, authlogic provides validations to make sure the email submited is actually a valid email. Don't worry,
-    # if you do have a login or username field, Authlogic will still validate your email field. One less thing you have to
-    # worry about.
+    # Sometimes models won't have an explicit "login" or "username" field.
+    # Instead they want to use the email field. In this case, authlogic provides
+    # validations to make sure the email submited is actually a valid email.
+    # Don't worry, if you do have a login or username field, Authlogic will
+    # still validate your email field. One less thing you have to worry about.
     module Email
       def self.included(klass)
         klass.class_eval do
@@ -27,33 +28,49 @@ module Authlogic
         #
         # * <tt>Default:</tt> true
         # * <tt>Accepts:</tt> Boolean
+        #
+        # @deprecated
         def validate_email_field(value = nil)
           rw_config(:validate_email_field, value, true)
         end
         alias_method :validate_email_field=, :validate_email_field
 
-        # A hash of options for the validates_length_of call for the email field. Allows you to change this however you want.
+        # A hash of options for the validates_length_of call for the email
+        # field. Allows you to change this however you want.
         #
-        # <b>Keep in mind this is ruby. I wanted to keep this as flexible as possible, so you can completely replace the hash or
-        # merge options into it. Checkout the convenience function merge_validates_length_of_email_field_options to merge
-        # options.</b>
+        # <b>Keep in mind this is ruby. I wanted to keep this as flexible as
+        # possible, so you can completely replace the hash or merge options into
+        # it. Checkout the convenience function
+        # merge_validates_length_of_email_field_options to merge options.</b>
         #
         # * <tt>Default:</tt> {:maximum => 100}
         # * <tt>Accepts:</tt> Hash of options accepted by validates_length_of
+        #
+        # @deprecated
         def validates_length_of_email_field_options(value = nil)
-          rw_config(:validates_length_of_email_field_options, value, { :maximum => 100 })
+          deprecate_authlogic_config("validates_length_of_email_field_options") if value
+          rw_config(:validates_length_of_email_field_options, value, maximum: 100)
         end
-        alias_method :validates_length_of_email_field_options=, :validates_length_of_email_field_options
+        alias_method(
+          :validates_length_of_email_field_options=,
+          :validates_length_of_email_field_options
+        )
 
-        # A convenience function to merge options into the validates_length_of_email_field_options. So instead of:
+        # A convenience function to merge options into the
+        # validates_length_of_email_field_options. So instead of:
         #
-        #   self.validates_length_of_email_field_options = validates_length_of_email_field_options.merge(:my_option => my_value)
+        #   self.validates_length_of_email_field_options =
+        #     validates_length_of_email_field_options.merge(:my_option => my_value)
         #
         # You can do this:
         #
         #   merge_validates_length_of_email_field_options :my_option => my_value
+        #
+        # @deprecated
         def merge_validates_length_of_email_field_options(options = {})
-          self.validates_length_of_email_field_options = validates_length_of_email_field_options.merge(options)
+          deprecate_authlogic_config("merge_validates_length_of_email_field_options")
+          self.validates_length_of_email_field_options =
+            validates_length_of_email_field_options.merge(options)
         end
 
         # A hash of options for the validates_format_of call for the email
@@ -67,7 +84,11 @@ module Authlogic
         # To validate international email addresses, enable the provided
         # alternate regex:
         #
-        # * <tt>validates_format_of_email_field_options({:with => Authlogic::Regex.email_nonascii})</tt>
+        # ```
+        # validates_format_of_email_field_options(
+        #   with: Authlogic::Regex.email_nonascii
+        # )
+        # ```
         #
         # * <tt>Default:</tt>
         #
@@ -82,26 +103,35 @@ module Authlogic
         #         }
         #
         # * <tt>Accepts:</tt> Hash of options accepted by validates_format_of
+        #
+        # @deprecated
         def validates_format_of_email_field_options(value = nil)
+          deprecate_authlogic_config("validates_format_of_email_field_options") if value
           rw_config(
             :validates_format_of_email_field_options,
             value,
-            {
-              :with => Authlogic::Regex.email,
-              :message => Proc.new do
-                I18n.t(
-                  'error_messages.email_invalid',
-                  :default => "should look like an email address."
-                )
-              end
-            }
+            with: Authlogic::Regex::EMAIL,
+            message: proc do
+                       I18n.t(
+                         "error_messages.email_invalid",
+                         default: "should look like an email address."
+                       )
+                     end
           )
         end
-        alias_method :validates_format_of_email_field_options=, :validates_format_of_email_field_options
+        alias_method(
+          :validates_format_of_email_field_options=,
+          :validates_format_of_email_field_options
+        )
 
-        # See merge_validates_length_of_email_field_options. The same thing except for validates_format_of_email_field_options.
+        # See merge_validates_length_of_email_field_options. The same thing
+        # except for validates_format_of_email_field_options.
+        #
+        # @deprecated
         def merge_validates_format_of_email_field_options(options = {})
-          self.validates_format_of_email_field_options = validates_format_of_email_field_options.merge(options)
+          deprecate_authlogic_config("merge_validates_format_of_email_field_options")
+          self.validates_format_of_email_field_options =
+            validates_format_of_email_field_options.merge(options)
         end
 
         # A hash of options for the validates_uniqueness_of call for the email
@@ -122,15 +152,16 @@ module Authlogic
         #         }
         #
         # * <tt>Accepts:</tt> Hash of options accepted by validates_uniqueness_of
+        #
+        # @deprecated
         def validates_uniqueness_of_email_field_options(value = nil)
+          deprecate_authlogic_config("validates_uniqueness_of_email_field_options") if value
           rw_config(
             :validates_uniqueness_of_email_field_options,
             value,
-            {
-              :case_sensitive => false,
-              :scope => validations_scope,
-              :if => "#{email_field}_changed?".to_sym
-            }
+            case_sensitive: false,
+            scope: validations_scope,
+            if: "#{email_field}_changed?".to_sym
           )
         end
         alias_method(
@@ -140,7 +171,10 @@ module Authlogic
 
         # See merge_validates_length_of_email_field_options. The same thing
         # except for validates_uniqueness_of_email_field_options.
+        #
+        # @deprecated
         def merge_validates_uniqueness_of_email_field_options(options = {})
+          deprecate_authlogic_config("merge_validates_uniqueness_of_email_field_options")
           self.validates_uniqueness_of_email_field_options =
             validates_uniqueness_of_email_field_options.merge(options)
         end

data/lib/authlogic/acts_as_authentic/logged_in_status.rb

@@ -1,9 +1,10 @@
 module Authlogic
   module ActsAsAuthentic
-    # Since web applications are stateless there is not sure fire way to tell if a user is logged in or not,
-    # from the database perspective. The best way to do this is to provide a "timeout" based on inactivity.
-    # So if that user is inactive for a certain amount of time we assume they are logged out. That's what this
-    # module is all about.
+    # Since web applications are stateless there is not sure fire way to tell if
+    # a user is logged in or not, from the database perspective. The best way to
+    # do this is to provide a "timeout" based on inactivity. So if that user is
+    # inactive for a certain amount of time we assume they are logged out.
+    # That's what this module is all about.
     module LoggedInStatus
       def self.included(klass)
         klass.class_eval do
@@ -27,7 +28,7 @@ module Authlogic
       # All methods for the logged in status feature seat.
       module Methods
         def self.included(klass)
-          return if !klass.column_names.include?("last_request_at")
+          return unless klass.column_names.include?("last_request_at")
 
           klass.class_eval do
             include InstanceMethods
@@ -52,11 +53,15 @@ module Authlogic
           end
         end
 
+        # :nodoc:
         module InstanceMethods
           # Returns true if the last_request_at > logged_in_timeout.
           def logged_in?
             unless respond_to?(:last_request_at)
-              raise "Can not determine the records login state because there is no last_request_at column"
+              raise(
+                "Can not determine the records login state because " \
+                  "there is no last_request_at column"
+              )
             end
             !last_request_at.nil? && last_request_at > logged_in_timeout.seconds.ago
           end
@@ -68,9 +73,9 @@ module Authlogic
 
           private
 
-            def logged_in_timeout
-              self.class.logged_in_timeout
-            end
+          def logged_in_timeout
+            self.class.logged_in_timeout
+          end
         end
       end
     end

data/lib/authlogic/acts_as_authentic/login.rb

@@ -1,3 +1,5 @@
+require "authlogic/acts_as_authentic/queries/find_with_case"
+
 module Authlogic
   module ActsAsAuthentic
     # Handles everything related to the login field.
@@ -24,6 +26,8 @@ module Authlogic
         #
         # * <tt>Default:</tt> true
         # * <tt>Accepts:</tt> Boolean
+        #
+        # @deprecated
         def validate_login_field(value = nil)
           rw_config(:validate_login_field, value, true)
         end
@@ -39,10 +43,16 @@ module Authlogic
         #
         # * <tt>Default:</tt> {:within => 3..100}
         # * <tt>Accepts:</tt> Hash of options accepted by validates_length_of
+        #
+        # @deprecated
         def validates_length_of_login_field_options(value = nil)
-          rw_config(:validates_length_of_login_field_options, value, { :within => 3..100 })
+          deprecate_authlogic_config("validates_length_of_login_field_options") if value
+          rw_config(:validates_length_of_login_field_options, value, within: 3..100)
         end
-        alias_method :validates_length_of_login_field_options=, :validates_length_of_login_field_options
+        alias_method(
+          :validates_length_of_login_field_options=,
+          :validates_length_of_login_field_options
+        )
 
         # A convenience function to merge options into the
         # validates_length_of_login_field_options. So instead of:
@@ -53,8 +63,12 @@ module Authlogic
         # You can do this:
         #
         #   merge_validates_length_of_login_field_options :my_option => my_value
+        #
+        # @deprecated
         def merge_validates_length_of_login_field_options(options = {})
-          self.validates_length_of_login_field_options = validates_length_of_login_field_options.merge(options)
+          deprecate_authlogic_config("merge_validates_length_of_login_field_options")
+          self.validates_length_of_login_field_options =
+            validates_length_of_login_field_options.merge(options)
         end
 
         # A hash of options for the validates_format_of call for the login
@@ -78,27 +92,35 @@ module Authlogic
         #         }
         #
         # * <tt>Accepts:</tt> Hash of options accepted by validates_format_of
+        #
+        # @deprecated
         def validates_format_of_login_field_options(value = nil)
+          deprecate_authlogic_config("validates_format_of_login_field_options") if value
           rw_config(
             :validates_format_of_login_field_options,
             value,
-            {
-              :with => Authlogic::Regex.login,
-              :message => proc do
-                I18n.t(
-                  'error_messages.login_invalid',
-                  :default => "should use only letters, numbers, spaces, and .-_@+ please."
-                )
-              end
-            }
+            with: Authlogic::Regex::LOGIN,
+            message: proc do
+                       I18n.t(
+                         "error_messages.login_invalid",
+                         default: "should use only letters, numbers, spaces, and .-_@+ please."
+                       )
+                     end
           )
         end
-        alias_method :validates_format_of_login_field_options=, :validates_format_of_login_field_options
+        alias_method(
+          :validates_format_of_login_field_options=,
+          :validates_format_of_login_field_options
+        )
 
         # See merge_validates_length_of_login_field_options. The same thing,
         # except for validates_format_of_login_field_options
+        #
+        # @deprecated
         def merge_validates_format_of_login_field_options(options = {})
-          self.validates_format_of_login_field_options = validates_format_of_login_field_options.merge(options)
+          deprecate_authlogic_config("merge_validates_format_of_login_field_options")
+          self.validates_format_of_login_field_options =
+            validates_format_of_login_field_options.merge(options)
         end
 
         # A hash of options for the validates_uniqueness_of call for the login
@@ -118,15 +140,16 @@ module Authlogic
         #         }
         #
         # * <tt>Accepts:</tt> Hash of options accepted by validates_uniqueness_of
+        #
+        # @deprecated
         def validates_uniqueness_of_login_field_options(value = nil)
+          deprecate_authlogic_config("validates_uniqueness_of_login_field_options") if value
           rw_config(
             :validates_uniqueness_of_login_field_options,
             value,
-            {
-              :case_sensitive => false,
-              :scope => validations_scope,
-              :if => "#{login_field}_changed?".to_sym
-            }
+            case_sensitive: false,
+            scope: validations_scope,
+            if: "#{login_field}_changed?".to_sym
           )
         end
         alias_method(
@@ -136,7 +159,10 @@ module Authlogic
 
         # See merge_validates_length_of_login_field_options. The same thing,
         # except for validates_uniqueness_of_login_field_options
+        #
+        # @deprecated
         def merge_validates_uniqueness_of_login_field_options(options = {})
+          deprecate_authlogic_config("merge_validates_uniqueness_of_login_field_options")
           self.validates_uniqueness_of_login_field_options =
             validates_uniqueness_of_login_field_options.merge(options)
         end
@@ -160,40 +186,30 @@ module Authlogic
         # The above also applies for using email as your login, except that you
         # need to set the :case_sensitive in
         # validates_uniqueness_of_email_field_options to false.
+        #
+        # @api public
         def find_by_smart_case_login_field(login)
           if login_field
-            find_with_case(login_field, login, validates_uniqueness_of_login_field_options[:case_sensitive] != false)
+            find_with_case(
+              login_field,
+              login,
+              validates_uniqueness_of_login_field_options[:case_sensitive] != false
+            )
           else
-            find_with_case(email_field, login, validates_uniqueness_of_email_field_options[:case_sensitive] != false)
+            find_with_case(
+              email_field,
+              login,
+              validates_uniqueness_of_email_field_options[:case_sensitive] != false
+            )
           end
         end
 
         private
 
-          def find_with_case(field, value, sensitivity = true)
-            ar_gem_version = Gem::Version.new(ActiveRecord::VERSION::STRING)
-
-            relation = if not sensitivity
-              connection.case_insensitive_comparison(arel_table, field.to_s, columns_hash[field.to_s], value)
-            elsif ar_gem_version >= Gem::Version.new('5.0')
-              connection.case_sensitive_comparison(arel_table, field.to_s, columns_hash[field.to_s], value)
-            else
-              if ar_gem_version < Gem::Version.new('4.2')
-                value = connection.case_sensitive_modifier(value)
-              else
-                value = connection.case_sensitive_modifier(value, field.to_s)
-              end
-              arel_table[field.to_s].eq(value)
-            end
-
-            # bind value in rails 5
-            if ar_gem_version >= Gem::Version.new('5')
-              bind = ActiveRecord::Relation::QueryAttribute.new(field.to_s, value, ActiveRecord::Type::Value.new)
-              where(relation, bind).first
-            else
-              where(relation).first
-            end
-          end
+        # @api private
+        def find_with_case(field, value, sensitive)
+          Queries::FindWithCase.new(self, field, value, sensitive).execute
+        end
       end
 
       # All methods relating to the login field

data/lib/authlogic/acts_as_authentic/magic_columns.rb

@@ -17,15 +17,15 @@ module Authlogic
           klass.class_eval do
             if column_names.include?("login_count")
               validates_numericality_of :login_count,
-                :only_integer => true,
-                :greater_than_or_equal_to => 0,
-                :allow_nil => true
+                only_integer: true,
+                greater_than_or_equal_to: 0,
+                allow_nil: true
             end
             if column_names.include?("failed_login_count")
               validates_numericality_of :failed_login_count,
-                :only_integer => true,
-                :greater_than_or_equal_to => 0,
-                :allow_nil => true
+                only_integer: true,
+                greater_than_or_equal_to: 0,
+                allow_nil: true
             end
           end
         end