authlogic 4.0.1 → 4.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +43 -1
- data/.rubocop_todo.yml +23 -132
- data/CHANGELOG.md +12 -0
- data/CONTRIBUTING.md +10 -3
- data/Gemfile +2 -2
- data/Rakefile +6 -6
- data/authlogic.gemspec +13 -12
- data/lib/authlogic/acts_as_authentic/base.rb +12 -7
- data/lib/authlogic/acts_as_authentic/email.rb +16 -6
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +10 -5
- data/lib/authlogic/acts_as_authentic/login.rb +11 -5
- data/lib/authlogic/acts_as_authentic/password.rb +111 -57
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +6 -2
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +1 -1
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +2 -2
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +31 -3
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +11 -3
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +14 -2
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +6 -6
- data/lib/authlogic/authenticates_many/association.rb +2 -2
- data/lib/authlogic/authenticates_many/base.rb +27 -19
- data/lib/authlogic/controller_adapters/rack_adapter.rb +1 -1
- data/lib/authlogic/controller_adapters/rails_adapter.rb +6 -3
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +2 -2
- data/lib/authlogic/crypto_providers.rb +2 -0
- data/lib/authlogic/crypto_providers/bcrypt.rb +15 -9
- data/lib/authlogic/crypto_providers/md5.rb +2 -1
- data/lib/authlogic/crypto_providers/scrypt.rb +12 -7
- data/lib/authlogic/crypto_providers/sha256.rb +2 -1
- data/lib/authlogic/crypto_providers/wordpress.rb +31 -2
- data/lib/authlogic/i18n.rb +22 -17
- data/lib/authlogic/regex.rb +57 -29
- data/lib/authlogic/session/activation.rb +1 -1
- data/lib/authlogic/session/brute_force_protection.rb +2 -2
- data/lib/authlogic/session/callbacks.rb +43 -36
- data/lib/authlogic/session/cookies.rb +4 -2
- data/lib/authlogic/session/existence.rb +1 -1
- data/lib/authlogic/session/foundation.rb +5 -1
- data/lib/authlogic/session/http_auth.rb +2 -2
- data/lib/authlogic/session/klass.rb +2 -1
- data/lib/authlogic/session/magic_columns.rb +4 -2
- data/lib/authlogic/session/magic_states.rb +9 -10
- data/lib/authlogic/session/params.rb +11 -4
- data/lib/authlogic/session/password.rb +72 -38
- data/lib/authlogic/session/perishable_token.rb +2 -1
- data/lib/authlogic/session/persistence.rb +2 -1
- data/lib/authlogic/session/scopes.rb +26 -16
- data/lib/authlogic/session/unauthorized_record.rb +12 -7
- data/lib/authlogic/session/validation.rb +1 -1
- data/lib/authlogic/test_case/mock_controller.rb +1 -1
- data/lib/authlogic/test_case/mock_cookie_jar.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +1 -1
- data/lib/authlogic/version.rb +1 -1
- data/test/acts_as_authentic_test/base_test.rb +1 -1
- data/test/acts_as_authentic_test/email_test.rb +11 -11
- data/test/acts_as_authentic_test/logged_in_status_test.rb +4 -4
- data/test/acts_as_authentic_test/login_test.rb +2 -2
- data/test/acts_as_authentic_test/magic_columns_test.rb +1 -1
- data/test/acts_as_authentic_test/password_test.rb +1 -1
- data/test/acts_as_authentic_test/perishable_token_test.rb +2 -2
- data/test/acts_as_authentic_test/persistence_token_test.rb +1 -1
- data/test/acts_as_authentic_test/restful_authentication_test.rb +12 -3
- data/test/acts_as_authentic_test/session_maintenance_test.rb +1 -1
- data/test/acts_as_authentic_test/single_access_test.rb +1 -1
- data/test/adapter_test.rb +3 -3
- data/test/authenticates_many_test.rb +1 -1
- data/test/config_test.rb +9 -9
- data/test/crypto_provider_test/aes256_test.rb +1 -1
- data/test/crypto_provider_test/bcrypt_test.rb +1 -1
- data/test/crypto_provider_test/scrypt_test.rb +1 -1
- data/test/crypto_provider_test/sha1_test.rb +1 -1
- data/test/crypto_provider_test/sha256_test.rb +1 -1
- data/test/crypto_provider_test/sha512_test.rb +1 -1
- data/test/crypto_provider_test/wordpress_test.rb +24 -0
- data/test/i18n_test.rb +3 -3
- data/test/libs/user_session.rb +2 -2
- data/test/random_test.rb +1 -1
- data/test/session_test/activation_test.rb +1 -1
- data/test/session_test/active_record_trickery_test.rb +3 -3
- data/test/session_test/brute_force_protection_test.rb +1 -1
- data/test/session_test/callbacks_test.rb +9 -3
- data/test/session_test/cookies_test.rb +11 -11
- data/test/session_test/existence_test.rb +1 -1
- data/test/session_test/foundation_test.rb +1 -1
- data/test/session_test/http_auth_test.rb +6 -6
- data/test/session_test/id_test.rb +1 -1
- data/test/session_test/klass_test.rb +1 -1
- data/test/session_test/magic_columns_test.rb +1 -1
- data/test/session_test/magic_states_test.rb +1 -1
- data/test/session_test/params_test.rb +7 -4
- data/test/session_test/password_test.rb +1 -1
- data/test/session_test/perishability_test.rb +1 -1
- data/test/session_test/persistence_test.rb +1 -1
- data/test/session_test/scopes_test.rb +9 -3
- data/test/session_test/session_test.rb +2 -2
- data/test/session_test/timeout_test.rb +1 -1
- data/test/session_test/unauthorized_record_test.rb +1 -1
- data/test/session_test/validation_test.rb +1 -1
- data/test/test_helper.rb +34 -14
- metadata +6 -4
@@ -1,9 +1,10 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module ActsAsAuthentic
|
3
|
-
# Since web applications are stateless there is not sure fire way to tell if
|
4
|
-
# from the database perspective. The best way to
|
5
|
-
#
|
6
|
-
#
|
3
|
+
# Since web applications are stateless there is not sure fire way to tell if
|
4
|
+
# a user is logged in or not, from the database perspective. The best way to
|
5
|
+
# do this is to provide a "timeout" based on inactivity. So if that user is
|
6
|
+
# inactive for a certain amount of time we assume they are logged out.
|
7
|
+
# That's what this module is all about.
|
7
8
|
module LoggedInStatus
|
8
9
|
def self.included(klass)
|
9
10
|
klass.class_eval do
|
@@ -52,11 +53,15 @@ module Authlogic
|
|
52
53
|
end
|
53
54
|
end
|
54
55
|
|
56
|
+
# :nodoc:
|
55
57
|
module InstanceMethods
|
56
58
|
# Returns true if the last_request_at > logged_in_timeout.
|
57
59
|
def logged_in?
|
58
60
|
unless respond_to?(:last_request_at)
|
59
|
-
raise
|
61
|
+
raise(
|
62
|
+
"Can not determine the records login state because " \
|
63
|
+
"there is no last_request_at column"
|
64
|
+
)
|
60
65
|
end
|
61
66
|
!last_request_at.nil? && last_request_at > logged_in_timeout.seconds.ago
|
62
67
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "authlogic/acts_as_authentic/queries/find_with_case"
|
2
2
|
|
3
3
|
module Authlogic
|
4
4
|
module ActsAsAuthentic
|
@@ -44,7 +44,10 @@ module Authlogic
|
|
44
44
|
def validates_length_of_login_field_options(value = nil)
|
45
45
|
rw_config(:validates_length_of_login_field_options, value, within: 3..100)
|
46
46
|
end
|
47
|
-
alias_method
|
47
|
+
alias_method(
|
48
|
+
:validates_length_of_login_field_options=,
|
49
|
+
:validates_length_of_login_field_options
|
50
|
+
)
|
48
51
|
|
49
52
|
# A convenience function to merge options into the
|
50
53
|
# validates_length_of_login_field_options. So instead of:
|
@@ -85,16 +88,19 @@ module Authlogic
|
|
85
88
|
rw_config(
|
86
89
|
:validates_format_of_login_field_options,
|
87
90
|
value,
|
88
|
-
with: Authlogic::Regex
|
91
|
+
with: Authlogic::Regex::LOGIN,
|
89
92
|
message: proc do
|
90
93
|
I18n.t(
|
91
|
-
|
94
|
+
"error_messages.login_invalid",
|
92
95
|
default: "should use only letters, numbers, spaces, and .-_@+ please."
|
93
96
|
)
|
94
97
|
end
|
95
98
|
)
|
96
99
|
end
|
97
|
-
alias_method
|
100
|
+
alias_method(
|
101
|
+
:validates_format_of_login_field_options=,
|
102
|
+
:validates_format_of_login_field_options
|
103
|
+
)
|
98
104
|
|
99
105
|
# See merge_validates_length_of_login_field_options. The same thing,
|
100
106
|
# except for validates_format_of_login_field_options
|
@@ -22,7 +22,13 @@ module Authlogic
|
|
22
22
|
rw_config(
|
23
23
|
:crypted_password_field,
|
24
24
|
value,
|
25
|
-
first_column_to_exist(
|
25
|
+
first_column_to_exist(
|
26
|
+
nil,
|
27
|
+
:crypted_password,
|
28
|
+
:encrypted_password,
|
29
|
+
:password_hash,
|
30
|
+
:pw_hash
|
31
|
+
)
|
26
32
|
)
|
27
33
|
end
|
28
34
|
alias_method :crypted_password_field=, :crypted_password_field
|
@@ -99,17 +105,25 @@ module Authlogic
|
|
99
105
|
# A hash of options for the validates_length_of call for the password field.
|
100
106
|
# Allows you to change this however you want.
|
101
107
|
#
|
102
|
-
#
|
103
|
-
# you can completely replace the hash or merge options into
|
104
|
-
#
|
105
|
-
# options
|
108
|
+
# **Keep in mind this is ruby. I wanted to keep this as flexible as
|
109
|
+
# possible, so you can completely replace the hash or merge options into
|
110
|
+
# it. Checkout the convenience function
|
111
|
+
# merge_validates_length_of_password_field_options to merge options.**
|
106
112
|
#
|
107
113
|
# * <tt>Default:</tt> {:minimum => 8, :if => :require_password?}
|
108
114
|
# * <tt>Accepts:</tt> Hash of options accepted by validates_length_of
|
109
115
|
def validates_length_of_password_field_options(value = nil)
|
110
|
-
rw_config(
|
116
|
+
rw_config(
|
117
|
+
:validates_length_of_password_field_options,
|
118
|
+
value,
|
119
|
+
minimum: 8,
|
120
|
+
if: :require_password?
|
121
|
+
)
|
111
122
|
end
|
112
|
-
alias_method
|
123
|
+
alias_method(
|
124
|
+
:validates_length_of_password_field_options=,
|
125
|
+
:validates_length_of_password_field_options
|
126
|
+
)
|
113
127
|
|
114
128
|
# A convenience function to merge options into the
|
115
129
|
# validates_length_of_login_field_options. So instead of:
|
@@ -125,18 +139,22 @@ module Authlogic
|
|
125
139
|
validates_length_of_password_field_options.merge(options)
|
126
140
|
end
|
127
141
|
|
128
|
-
# A hash of options for the validates_confirmation_of call for the
|
129
|
-
# Allows you to change this however you want.
|
142
|
+
# A hash of options for the validates_confirmation_of call for the
|
143
|
+
# password field. Allows you to change this however you want.
|
130
144
|
#
|
131
|
-
#
|
132
|
-
# you can completely replace the hash or merge options into
|
133
|
-
#
|
134
|
-
# options
|
145
|
+
# **Keep in mind this is ruby. I wanted to keep this as flexible as
|
146
|
+
# possible, so you can completely replace the hash or merge options into
|
147
|
+
# it. Checkout the convenience function
|
148
|
+
# merge_validates_length_of_password_field_options to merge options.**
|
135
149
|
#
|
136
150
|
# * <tt>Default:</tt> {:if => :require_password?}
|
137
151
|
# * <tt>Accepts:</tt> Hash of options accepted by validates_confirmation_of
|
138
152
|
def validates_confirmation_of_password_field_options(value = nil)
|
139
|
-
rw_config(
|
153
|
+
rw_config(
|
154
|
+
:validates_confirmation_of_password_field_options,
|
155
|
+
value,
|
156
|
+
if: :require_password?
|
157
|
+
)
|
140
158
|
end
|
141
159
|
alias_method :validates_confirmation_of_password_field_options=,
|
142
160
|
:validates_confirmation_of_password_field_options
|
@@ -188,31 +206,41 @@ module Authlogic
|
|
188
206
|
end
|
189
207
|
alias_method :crypto_provider=, :crypto_provider
|
190
208
|
|
191
|
-
# Let's say you originally encrypted your passwords with Sha1. Sha1 is
|
192
|
-
# join the party with MD5 and you want to switch to
|
193
|
-
# problem, just specify your new and improved
|
194
|
-
# option and then let Authlogic know
|
195
|
-
#
|
196
|
-
#
|
197
|
-
#
|
198
|
-
#
|
209
|
+
# Let's say you originally encrypted your passwords with Sha1. Sha1 is
|
210
|
+
# starting to join the party with MD5 and you want to switch to
|
211
|
+
# something stronger. No problem, just specify your new and improved
|
212
|
+
# algorithm with the crypt_provider option and then let Authlogic know
|
213
|
+
# you are transitioning from Sha1 using this option. Authlogic will take
|
214
|
+
# care of everything, including transitioning your users to the new
|
215
|
+
# algorithm. The next time a user logs in, they will be granted access
|
216
|
+
# using the old algorithm and their password will be resaved with the
|
217
|
+
# new algorithm. All new users will obviously use the new algorithm as
|
218
|
+
# well.
|
199
219
|
#
|
200
|
-
# Lastly, if you want to transition again, you can pass an array of
|
201
|
-
# providers. So you can transition from as many algorithms as you
|
220
|
+
# Lastly, if you want to transition again, you can pass an array of
|
221
|
+
# crypto providers. So you can transition from as many algorithms as you
|
222
|
+
# want.
|
202
223
|
#
|
203
224
|
# * <tt>Default:</tt> nil
|
204
225
|
# * <tt>Accepts:</tt> Class or Array
|
205
226
|
def transition_from_crypto_providers(value = nil)
|
206
|
-
rw_config(
|
227
|
+
rw_config(
|
228
|
+
:transition_from_crypto_providers,
|
229
|
+
(!value.nil? && [value].flatten.compact) || value,
|
230
|
+
[]
|
231
|
+
)
|
207
232
|
end
|
208
233
|
alias_method :transition_from_crypto_providers=, :transition_from_crypto_providers
|
209
234
|
end
|
210
235
|
|
211
236
|
# Callbacks / hooks to allow other modules to modify the behavior of this module.
|
212
237
|
module Callbacks
|
213
|
-
|
214
|
-
|
215
|
-
|
238
|
+
# Does the order of this array matter?
|
239
|
+
METHODS = %w[
|
240
|
+
before_password_set
|
241
|
+
after_password_set
|
242
|
+
before_password_verification
|
243
|
+
after_password_verification
|
216
244
|
].freeze
|
217
245
|
|
218
246
|
def self.included(klass)
|
@@ -220,10 +248,9 @@ module Authlogic
|
|
220
248
|
klass.define_callbacks(*METHODS)
|
221
249
|
|
222
250
|
# If Rails 3, support the new callback syntax
|
223
|
-
|
224
|
-
if klass.send(singleton_class_method_name).method_defined?(:set_callback)
|
251
|
+
if klass.singleton_class.method_defined?(:set_callback)
|
225
252
|
METHODS.each do |method|
|
226
|
-
klass.class_eval <<-EOS, __FILE__, __LINE__
|
253
|
+
klass.class_eval <<-EOS, __FILE__, __LINE__ + 1
|
227
254
|
def self.#{method}(*methods, &block)
|
228
255
|
set_callback :#{method}, *methods, &block
|
229
256
|
end
|
@@ -237,7 +264,7 @@ module Authlogic
|
|
237
264
|
# by using calling `private` here in the module. Maybe we can set the
|
238
265
|
# privacy inside `included`?
|
239
266
|
METHODS.each do |method|
|
240
|
-
class_eval <<-EOS, __FILE__, __LINE__
|
267
|
+
class_eval <<-EOS, __FILE__, __LINE__ + 1
|
241
268
|
def #{method}
|
242
269
|
run_callbacks(:#{method}) { |result, object| result == false }
|
243
270
|
end
|
@@ -272,6 +299,7 @@ module Authlogic
|
|
272
299
|
end
|
273
300
|
end
|
274
301
|
|
302
|
+
# :nodoc:
|
275
303
|
module InstanceMethods
|
276
304
|
# The password
|
277
305
|
def password
|
@@ -284,40 +312,48 @@ module Authlogic
|
|
284
312
|
return if ignore_blank_passwords? && pass.blank?
|
285
313
|
before_password_set
|
286
314
|
@password = pass
|
287
|
-
|
288
|
-
|
315
|
+
if password_salt_field
|
316
|
+
send("#{password_salt_field}=", Authlogic::Random.friendly_token)
|
317
|
+
end
|
318
|
+
encryptor_args_type = act_like_restful_authentication? ? :restful_authentication : nil
|
289
319
|
send(
|
290
320
|
"#{crypted_password_field}=",
|
291
|
-
crypto_provider.encrypt(
|
321
|
+
crypto_provider.encrypt(
|
322
|
+
*encrypt_arguments(@password, false, encryptor_args_type)
|
323
|
+
)
|
292
324
|
)
|
293
325
|
@password_changed = true
|
294
326
|
after_password_set
|
295
327
|
end
|
296
328
|
|
297
|
-
# Accepts a raw password to determine if it is the correct password
|
298
|
-
#
|
299
|
-
#
|
300
|
-
#
|
301
|
-
# the database or the value in the object
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
329
|
+
# Accepts a raw password to determine if it is the correct password.
|
330
|
+
#
|
331
|
+
# - attempted_password [String] - password entered by user
|
332
|
+
# - check_against_database [boolean] - Should we check the password
|
333
|
+
# against the value in the database or the value in the object?
|
334
|
+
# Default taken from config option check_passwords_against_database.
|
335
|
+
# See config method for more information.
|
336
|
+
def valid_password?(
|
337
|
+
attempted_password,
|
338
|
+
check_against_database = check_passwords_against_database?
|
339
|
+
)
|
340
|
+
crypted = crypted_password_to_validate_against(check_against_database)
|
310
341
|
return false if attempted_password.blank? || crypted.blank?
|
311
342
|
before_password_verification
|
312
343
|
|
313
344
|
crypto_providers.each_with_index do |encryptor, index|
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
345
|
+
next unless encryptor_matches?(
|
346
|
+
crypted,
|
347
|
+
encryptor,
|
348
|
+
index,
|
349
|
+
attempted_password,
|
350
|
+
check_against_database
|
351
|
+
)
|
352
|
+
if transition_password?(index, encryptor, check_against_database)
|
353
|
+
transition_password(attempted_password)
|
320
354
|
end
|
355
|
+
after_password_verification
|
356
|
+
return true
|
321
357
|
end
|
322
358
|
|
323
359
|
false
|
@@ -340,6 +376,14 @@ module Authlogic
|
|
340
376
|
|
341
377
|
private
|
342
378
|
|
379
|
+
def crypted_password_to_validate_against(check_against_database)
|
380
|
+
if check_against_database && send("#{crypted_password_field}_changed?")
|
381
|
+
send("#{crypted_password_field}_was")
|
382
|
+
else
|
383
|
+
send(crypted_password_field)
|
384
|
+
end
|
385
|
+
end
|
386
|
+
|
343
387
|
def check_passwords_against_database?
|
344
388
|
self.class.check_passwords_against_database == true
|
345
389
|
end
|
@@ -372,15 +416,25 @@ module Authlogic
|
|
372
416
|
end
|
373
417
|
|
374
418
|
# Given `encryptor`, does `attempted_password` match the `crypted` password?
|
375
|
-
def encryptor_matches?(
|
419
|
+
def encryptor_matches?(
|
420
|
+
crypted,
|
421
|
+
encryptor,
|
422
|
+
index,
|
423
|
+
attempted_password,
|
424
|
+
check_against_database
|
425
|
+
)
|
376
426
|
# The arguments_type for the transitioning from restful_authentication
|
377
|
-
acting_restful = act_like_restful_authentication? && index
|
427
|
+
acting_restful = act_like_restful_authentication? && index.zero?
|
378
428
|
transitioning = transition_from_restful_authentication? &&
|
379
429
|
index > 0 &&
|
380
430
|
encryptor == Authlogic::CryptoProviders::Sha1
|
381
431
|
restful = acting_restful || transitioning
|
382
432
|
arguments_type = restful ? :restful_authentication : nil
|
383
|
-
encryptor_args = encrypt_arguments(
|
433
|
+
encryptor_args = encrypt_arguments(
|
434
|
+
attempted_password,
|
435
|
+
check_against_database,
|
436
|
+
arguments_type
|
437
|
+
)
|
384
438
|
encryptor.matches?(crypted, *encryptor_args)
|
385
439
|
end
|
386
440
|
|
@@ -27,7 +27,11 @@ module Authlogic
|
|
27
27
|
# * <tt>Default:</tt> 10.minutes
|
28
28
|
# * <tt>Accepts:</tt> Fixnum
|
29
29
|
def perishable_token_valid_for(value = nil)
|
30
|
-
rw_config(
|
30
|
+
rw_config(
|
31
|
+
:perishable_token_valid_for,
|
32
|
+
(!value.nil? && value.to_i) || value,
|
33
|
+
10.minutes.to_i
|
34
|
+
)
|
31
35
|
end
|
32
36
|
alias_method :perishable_token_valid_for=, :perishable_token_valid_for
|
33
37
|
|
@@ -69,7 +73,7 @@ module Authlogic
|
|
69
73
|
# second parameter:
|
70
74
|
#
|
71
75
|
# User.find_using_perishable_token(token, 1.hour)
|
72
|
-
def find_using_perishable_token(token, age =
|
76
|
+
def find_using_perishable_token(token, age = perishable_token_valid_for)
|
73
77
|
return if token.blank?
|
74
78
|
age = age.to_i
|
75
79
|
|
@@ -28,7 +28,7 @@ module Authlogic
|
|
28
28
|
|
29
29
|
# @api private
|
30
30
|
def bind(relation)
|
31
|
-
if AR_GEM_VERSION >= Gem::Version.new(
|
31
|
+
if AR_GEM_VERSION >= Gem::Version.new("5")
|
32
32
|
bind = ActiveRecord::Relation::QueryAttribute.new(
|
33
33
|
@field,
|
34
34
|
@value,
|
@@ -49,7 +49,7 @@ module Authlogic
|
|
49
49
|
@model_class.columns_hash[@field],
|
50
50
|
@value
|
51
51
|
)
|
52
|
-
elsif AR_GEM_VERSION >= Gem::Version.new(
|
52
|
+
elsif AR_GEM_VERSION >= Gem::Version.new("5.0")
|
53
53
|
@model_class.connection.case_sensitive_comparison(
|
54
54
|
@model_class.arel_table,
|
55
55
|
@field,
|
@@ -10,7 +10,18 @@ module Authlogic
|
|
10
10
|
end
|
11
11
|
end
|
12
12
|
|
13
|
+
# Configures the restful_authentication aspect of acts_as_authentic.
|
14
|
+
# These methods become class methods of ::ActiveRecord::Base.
|
13
15
|
module Config
|
16
|
+
DPR_MSG = <<-STR.squish
|
17
|
+
Support for transitioning to authlogic from restful_authentication
|
18
|
+
(%s) is deprecated without replacement. restful_authentication is no
|
19
|
+
longer used in the ruby community, and the transition away from it is
|
20
|
+
complete. There is only one version of restful_authentication on
|
21
|
+
rubygems.org, it was released in 2009, and it's only compatible with
|
22
|
+
rails 2.3. It has been nine years since it was released.
|
23
|
+
STR
|
24
|
+
|
14
25
|
# Switching an existing app to Authlogic from restful_authentication? No
|
15
26
|
# problem, just set this true and your users won't know anything
|
16
27
|
# changed. From your database perspective nothing will change at all.
|
@@ -26,7 +37,14 @@ module Authlogic
|
|
26
37
|
set_restful_authentication_config if value
|
27
38
|
r
|
28
39
|
end
|
29
|
-
|
40
|
+
|
41
|
+
def act_like_restful_authentication=(value = nil)
|
42
|
+
::ActiveSupport::Deprecation.warn(
|
43
|
+
format(DPR_MSG, "act_like_restful_authentication="),
|
44
|
+
caller(1)
|
45
|
+
)
|
46
|
+
act_like_restful_authentication(value)
|
47
|
+
end
|
30
48
|
|
31
49
|
# This works just like act_like_restful_authentication except that it
|
32
50
|
# will start transitioning your users to the algorithm you specify with
|
@@ -40,14 +58,23 @@ module Authlogic
|
|
40
58
|
set_restful_authentication_config if value
|
41
59
|
r
|
42
60
|
end
|
43
|
-
|
61
|
+
|
62
|
+
def transition_from_restful_authentication=(value = nil)
|
63
|
+
::ActiveSupport::Deprecation.warn(
|
64
|
+
format(DPR_MSG, "transition_from_restful_authentication="),
|
65
|
+
caller(1)
|
66
|
+
)
|
67
|
+
transition_from_restful_authentication(value)
|
68
|
+
end
|
44
69
|
|
45
70
|
private
|
46
71
|
|
47
72
|
def set_restful_authentication_config
|
48
73
|
self.restful_auth_crypto_provider = CryptoProviders::Sha1
|
49
74
|
if !defined?(::REST_AUTH_SITE_KEY) || ::REST_AUTH_SITE_KEY.nil?
|
50
|
-
|
75
|
+
unless defined?(::REST_AUTH_SITE_KEY)
|
76
|
+
class_eval("::REST_AUTH_SITE_KEY = ''", __FILE__, __LINE__)
|
77
|
+
end
|
51
78
|
CryptoProviders::Sha1.stretches = 1
|
52
79
|
end
|
53
80
|
end
|
@@ -62,6 +89,7 @@ module Authlogic
|
|
62
89
|
end
|
63
90
|
end
|
64
91
|
|
92
|
+
# :nodoc:
|
65
93
|
module InstanceMethods
|
66
94
|
private
|
67
95
|
|