authlogic 4.0.1 → 4.1.0

data/lib/authlogic/acts_as_authentic/session_maintenance.rb

@@ -29,6 +29,8 @@ module Authlogic
         end
       end
 
+      # Configuration for the session maintenance aspect of acts_as_authentic.
+      # These methods become class methods of ::ActiveRecord::Base.
       module Config
         # In order to turn off automatic maintenance of sessions
         # after create, just set this to false.
@@ -68,12 +70,18 @@ module Authlogic
         # * <tt>Default:</tt> "#{klass.name}Session".constantize
         # * <tt>Accepts:</tt> Class
         def session_class(value = nil)
-          const = "#{base_class.name}Session".constantize rescue nil
+          const = begin
+                    "#{base_class.name}Session".constantize
+                  rescue NameError
+                    nil
+                  end
           rw_config(:session_class, value, const)
         end
         alias_method :session_class=, :session_class
       end
 
+      # This module, as one of the `acts_as_authentic_modules`, is only included
+      # into an ActiveRecord model if that model calls `acts_as_authentic`.
       module Methods
         def self.included(klass)
           klass.class_eval do
@@ -139,7 +147,7 @@ module Authlogic
             session_id = session_ids.first
             session_class.create(*[self, self, session_id].compact)
 
-            return true
+            true
           end
 
           def update_sessions
@@ -150,7 +158,7 @@ module Authlogic
               stale_session.save
             end
 
-            return true
+            true
           end
 
           def session_ids

data/lib/authlogic/acts_as_authentic/single_access_token.rb

@@ -12,6 +12,8 @@ module Authlogic
       end
 
       # All configuration for the single_access token aspect of acts_as_authentic.
+      #
+      # These methods become class methods of ::ActiveRecord::Base.
       module Config
         # The single access token is used for authentication via URLs, such as a private
         # feed. That being said, if the user changes their password, that token probably
@@ -23,10 +25,16 @@ module Authlogic
         def change_single_access_token_with_password(value = nil)
           rw_config(:change_single_access_token_with_password, value, false)
         end
-        alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password
+        alias_method(
+          :change_single_access_token_with_password=,
+          :change_single_access_token_with_password
+        )
       end
 
       # All method, for the single_access token aspect of acts_as_authentic.
+      #
+      # This module, as one of the `acts_as_authentic_modules`, is only included
+      # into an ActiveRecord model if that model calls `acts_as_authentic`.
       module Methods
         def self.included(klass)
           return unless klass.column_names.include?("single_access_token")
@@ -36,11 +44,15 @@ module Authlogic
             validates_uniqueness_of :single_access_token, if: :single_access_token_changed?
             before_validation :reset_single_access_token, if: :reset_single_access_token?
             if respond_to?(:after_password_set)
-              after_password_set(:reset_single_access_token, if: :change_single_access_token_with_password?)
+              after_password_set(
+                :reset_single_access_token,
+                if: :change_single_access_token_with_password?
+              )
             end
           end
         end
 
+        # :nodoc:
         module InstanceMethods
           # Resets the single_access_token to a random friendly token.
           def reset_single_access_token

data/lib/authlogic/acts_as_authentic/validations_scope.rb

@@ -1,8 +1,8 @@
 module Authlogic
   module ActsAsAuthentic
-    # Allows you to scope everything to specific fields.
-    # See the Config submodule for more info.
-    # For information on how to scope off of a parent object see Authlogic::AuthenticatesMany
+    # Allows you to scope everything to specific fields. See the Config
+    # submodule for more info. For information on how to scope off of a parent
+    # object see Authlogic::AuthenticatesMany
     module ValidationsScope
       def self.included(klass)
         klass.class_eval do
@@ -12,9 +12,9 @@ module Authlogic
 
       # All configuration for the scope feature.
       module Config
-        # Allows you to scope everything to specific field(s). Works just like validates_uniqueness_of.
-        # For example, let's say a user belongs to a company, and you want to scope everything to the
-        # company:
+        # Allows you to scope everything to specific field(s). Works just like
+        # validates_uniqueness_of. For example, let's say a user belongs to a
+        # company, and you want to scope everything to the company:
         #
         #   acts_as_authentic do |c|
         #     c.validations_scope = :company_id

data/lib/authlogic/authenticates_many/association.rb

@@ -29,8 +29,8 @@ module Authlogic
         self.id = id
       end
 
-      [:create, :create!, :find, :new].each do |method|
-        class_eval <<-EOS, __FILE__, __LINE__
+      %i[create create! find new].each do |method|
+        class_eval <<-EOS, __FILE__, __LINE__ + 1
           def #{method}(*args)
             klass.with_scope(scope_options) do
               klass.#{method}(*args)

data/lib/authlogic/authenticates_many/base.rb

@@ -17,8 +17,9 @@ module Authlogic
   # Checkout the authenticates_many method for a list of options.
   # You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
   module AuthenticatesMany
+    # These methods become class methods of ::ActiveRecord::Base.
     module Base
-      # Allows you set essentially set up a relationship with your sessions. See module
+      # Allows you to set up a relationship with your sessions. See module
       # definition above for more details.
       #
       # === Options
@@ -26,35 +27,42 @@ module Authlogic
       # * <tt>session_class:</tt> default: "#{name}Session",
       #   This is the related session class.
       #
-      # * <tt>relationship_name:</tt> default: options[:session_class].klass_name.underscore.pluralize,
-      #   This is the name of the relationship you want to use to scope everything. For
-      #   example an Account has many Users. There should be a relationship called :users
-      #   that you defined with a has_many. The reason we use the relationship is so you
-      #   don't have to repeat yourself. The relationship could have all kinds of custom
-      #   options. So instead of repeating yourself we essentially use the scope that the
+      # * <tt>relationship_name:</tt>
+      #   default: options[:session_class].klass_name.underscore.pluralize,
+      #   This is the name of the relationship you want to use to scope
+      #   everything. For example an Account has many Users. There should be a
+      #   relationship called :users that you defined with a has_many. The
+      #   reason we use the relationship is so you don't have to repeat
+      #   yourself. The relationship could have all kinds of custom options. So
+      #   instead of repeating yourself we essentially use the scope that the
       #   relationship creates.
       #
       # * <tt>find_options:</tt> default: nil,
-      #   By default the find options are created from the relationship you specify with
-      #   :relationship_name. But if you want to override this and manually specify
-      #   find_options you can do it here. Specify options just as you would in
-      #   ActiveRecord::Base.find.
+      #   By default the find options are created from the relationship you
+      #   specify with :relationship_name. But if you want to override this and
+      #   manually specify find_options you can do it here. Specify options just
+      #   as you would in ActiveRecord::Base.find.
       #
       # * <tt>scope_cookies:</tt> default: false
-      #   By the nature of cookies they scope themselves if you are using subdomains to
-      #   access accounts. If you aren't using subdomains you need to have separate
-      #   cookies for each account, assuming a user is logging into more than one account.
-      #   Authlogic can take care of this for you by prefixing the name of the cookie and
-      #   session with the model id. Because it affects both cookies names and session keys,
-      #   the name `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
+      #   By the nature of cookies they scope themselves if you are using
+      #   subdomains to access accounts. If you aren't using subdomains you need
+      #   to have separate cookies for each account, assuming a user is logging
+      #   into more than one account. Authlogic can take care of this for you by
+      #   prefixing the name of the cookie and session with the model id.
+      #   Because it affects both cookies names and session keys, the name
+      #   `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
       #   would have been better.
       def authenticates_many(name, options = {})
         options[:session_class] ||= name.to_s.classify.constantize
         options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
-        class_eval <<-EOS, __FILE__, __LINE__
+        class_eval <<-EOS, __FILE__, __LINE__ + 1
           def #{name}
             find_options = #{options[:find_options].inspect} || #{options[:relationship_name]}.where(nil)
-            @#{name} ||= Authlogic::AuthenticatesMany::Association.new(#{options[:session_class]}, find_options, #{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : "nil"})
+            @#{name} ||= Authlogic::AuthenticatesMany::Association.new(
+              #{options[:session_class]},
+              find_options,
+              #{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : 'nil'}
+            )
           end
         EOS
       end

data/lib/authlogic/controller_adapters/rack_adapter.rb

@@ -48,7 +48,7 @@ module Authlogic
           end
 
           def remote_ip
-            self.ip
+            ip
           end
         end
 

data/lib/authlogic/controller_adapters/rails_adapter.rb

@@ -1,4 +1,4 @@
-require 'action_controller'
+require "action_controller"
 
 module Authlogic
   module ControllerAdapters
@@ -20,7 +20,7 @@ module Authlogic
       end
 
       def cookie_domain
-        @cookie_domain_key ||= Rails::VERSION::STRING >= '2.3' ? :domain : :session_domain
+        @cookie_domain_key ||= Rails::VERSION::STRING >= "2.3" ? :domain : :session_domain
         controller.request.session_options[@cookie_domain_key]
       end
 
@@ -64,4 +64,7 @@ module Authlogic
   end
 end
 
-ActionController::Base.send(:include, Authlogic::ControllerAdapters::RailsAdapter::RailsImplementation)
+ActionController::Base.send(
+  :include,
+  Authlogic::ControllerAdapters::RailsAdapter::RailsImplementation
+)

data/lib/authlogic/controller_adapters/sinatra_adapter.rb

@@ -32,7 +32,7 @@ module Authlogic
         end
 
         def session
-          env['rack.session']
+          env["rack.session"]
         end
 
         def method_missing(meth, *args, &block)
@@ -42,7 +42,7 @@ module Authlogic
 
       class Adapter < AbstractAdapter
         def cookie_domain
-          env['SERVER_NAME']
+          env["SERVER_NAME"]
         end
 
         module Implementation

data/lib/authlogic/crypto_providers.rb

@@ -7,5 +7,7 @@ module Authlogic
     autoload :BCrypt, "authlogic/crypto_providers/bcrypt"
     autoload :AES256, "authlogic/crypto_providers/aes256"
     autoload :SCrypt, "authlogic/crypto_providers/scrypt"
+    # crypto_providers/wordpress.rb has never been autoloaded, and now it is
+    # deprecated.
   end
 end

data/lib/authlogic/crypto_providers/bcrypt.rb

@@ -16,10 +16,18 @@ module Authlogic
     #   require "benchmark"
     #
     #   Benchmark.bm(18) do |x|
-    #     x.report("BCrypt (cost = 10:") { 100.times { BCrypt::Password.create("mypass", :cost => 10) } }
-    #     x.report("BCrypt (cost = 4:") { 100.times { BCrypt::Password.create("mypass", :cost => 4) } }
-    #     x.report("Sha512:") { 100.times { Digest::SHA512.hexdigest("mypass") } }
-    #     x.report("Sha1:") { 100.times { Digest::SHA1.hexdigest("mypass") } }
+    #     x.report("BCrypt (cost = 10:") {
+    #       100.times { BCrypt::Password.create("mypass", :cost => 10) }
+    #     }
+    #     x.report("BCrypt (cost = 4:") {
+    #       100.times { BCrypt::Password.create("mypass", :cost => 4) }
+    #     }
+    #     x.report("Sha512:") {
+    #       100.times { Digest::SHA512.hexdigest("mypass") }
+    #     }
+    #     x.report("Sha1:") {
+    #       100.times { Digest::SHA1.hexdigest("mypass") }
+    #     }
     #   end
     #
     #                            user     system      total        real
@@ -95,11 +103,9 @@ module Authlogic
           end
 
           def new_from_hash(hash)
-            begin
-              ::BCrypt::Password.new(hash)
-            rescue ::BCrypt::Errors::InvalidHash
-              return nil
-            end
+            ::BCrypt::Password.new(hash)
+          rescue ::BCrypt::Errors::InvalidHash
+            nil
           end
       end
     end

data/lib/authlogic/crypto_providers/md5.rb

@@ -24,7 +24,8 @@ module Authlogic
           digest
         end
 
-        # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
+        # Does the crypted password match the tokens? Uses the same tokens that
+        # were used to encrypt.
         def matches?(crypted, *tokens)
           encrypt(*tokens) == crypted
         end

data/lib/authlogic/crypto_providers/scrypt.rb

@@ -19,7 +19,13 @@ module Authlogic
     #   end
     class SCrypt
       class << self
-        DEFAULTS = { key_len: 32, salt_size: 8, max_time: 0.2, max_mem: 1024 * 1024, max_memfrac: 0.5 }.freeze
+        DEFAULTS = {
+          key_len: 32,
+          salt_size: 8,
+          max_time: 0.2,
+          max_mem: 1024 * 1024,
+          max_memfrac: 0.5
+        }.freeze
 
         attr_writer :key_len, :salt_size, :max_time, :max_mem, :max_memfrac
         # Key length - length in bytes of generated key, from 16 to 512.
@@ -42,7 +48,8 @@ module Authlogic
           @max_mem ||= DEFAULTS[:max_mem]
         end
 
-        # Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.
+        # Max memory fraction - maximum memory out of all available. Always
+        # greater than zero and <= 0.5.
         def max_memfrac
           @max_memfrac ||= DEFAULTS[:max_memfrac]
         end
@@ -73,11 +80,9 @@ module Authlogic
           end
 
           def new_from_hash(hash)
-            begin
-              ::SCrypt::Password.new(hash)
-            rescue ::SCrypt::Errors::InvalidHash
-              return nil
-            end
+            ::SCrypt::Password.new(hash)
+          rescue ::SCrypt::Errors::InvalidHash
+            nil
           end
       end
     end

data/lib/authlogic/crypto_providers/sha256.rb

@@ -43,7 +43,8 @@ module Authlogic
           digest
         end
 
-        # Does the crypted password match the tokens? Uses the same tokens that were used to encrypt.
+        # Does the crypted password match the tokens? Uses the same tokens that
+        # were used to encrypt.
         def matches?(crypted, *tokens)
           encrypt(*tokens) == crypted
         end

data/lib/authlogic/crypto_providers/wordpress.rb

@@ -1,9 +1,38 @@
-require 'digest/md5'
+require "digest/md5"
+
+::ActiveSupport::Deprecation.warn(
+  <<-EOS,
+    authlogic/crypto_providers/wordpress.rb is deprecated without replacement.
+    Yes, the entire file. Don't `require` it. Let us know ASAP if you are still
+    using it.
+
+    Reasons for deprecation: This file is not autoloaded by
+    `authlogic/crypto_providers.rb`. It's not documented. There are no tests.
+    So, it's likely used by a *very* small number of people, if any. It's never
+    had any contributions except by its original author, Jeffry Degrande, in
+    2009. It is unclear why it should live in the main authlogic codebase. It
+    could be in a separate gem, authlogic-wordpress, or it could just live in
+    Jeffry's codebase, if he still even needs it, in 2018, nine years later.
+  EOS
+  caller(1)
+)
+
 module Authlogic
   module CryptoProviders
+    # Crypto provider to transition from wordpress user accounts. Written by
+    # Jeffry Degrande in 2009. First released in 2.1.3.
+    #
+    # Problems:
+    #
+    # - There are no tests.
+    # - We can't even figure out how to run this without it crashing.
+    # - Presumably it implements some spec, but it doesn't mention which.
+    # - It is not documented anywhere.
+    # - There is no PR associated with this, and no discussion about it could be found.
+    #
     class Wordpress
       class << self
-        ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'.freeze
+        ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".freeze
 
         def matches?(crypted, *tokens)
           stretches = 1 << ITOA64.index(crypted[3, 1])

data/lib/authlogic/i18n.rb

@@ -1,35 +1,40 @@
 require "authlogic/i18n/translator"
 
 module Authlogic
-  # This class allows any message in Authlogic to use internationalization. In earlier
-  # versions of Authlogic each message was translated via configuration. This cluttered up
-  # the configuration and cluttered up Authlogic. So all translation has been extracted
-  # out into this class. Now all messages pass through this class, making it much easier
-  # to implement in I18n library / plugin you want. Use this as a layer that sits between
-  # Authlogic and whatever I18n library you want to use.
+  # This class allows any message in Authlogic to use internationalization. In
+  # earlier versions of Authlogic each message was translated via configuration.
+  # This cluttered up the configuration and cluttered up Authlogic. So all
+  # translation has been extracted out into this class. Now all messages pass
+  # through this class, making it much easier to implement in I18n library /
+  # plugin you want. Use this as a layer that sits between Authlogic and
+  # whatever I18n library you want to use.
   #
-  # By default this uses the rails I18n library, if it exists. If it doesn't exist it just
-  # returns the default English message. The Authlogic I18n class works EXACTLY like the
-  # rails I18n class. This is because the arguments are delegated to this class.
+  # By default this uses the rails I18n library, if it exists. If it doesn't
+  # exist it just returns the default English message. The Authlogic I18n class
+  # works EXACTLY like the rails I18n class. This is because the arguments are
+  # delegated to this class.
   #
   # Here is how all messages are translated internally with Authlogic:
   #
   #   Authlogic::I18n.t('error_messages.password_invalid', :default => "is invalid")
   #
-  # If you use a different I18n library just replace the build-in I18n::Translator class
-  # with your own. For example:
+  # If you use a different I18n library just replace the build-in
+  # I18n::Translator class with your own. For example:
   #
   #   class MyAuthlogicI18nTranslator
   #     def translate(key, options = {})
-  #       # you will have key which will be something like: "error_messages.password_invalid"
-  #       # you will also have options[:default], which will be the default English version of the message
+  #       # you will have key which will be something like:
+  #       # "error_messages.password_invalid"
+  #       # you will also have options[:default], which will be the default
+  #       # English version of the message
   #       # do whatever you want here with the arguments passed to you.
   #     end
   #   end
   #
   #   Authlogic::I18n.translator = MyAuthlogicI18nTranslator.new
   #
-  # That it's! Here is a complete list of the keys that are passed. Just define these however you wish:
+  # That it's! Here is a complete list of the keys that are passed. Just define
+  # these however you wish:
   #
   #   authlogic:
   #     error_messages:
@@ -81,9 +86,9 @@ module Authlogic
         @@translator = translator
       end
 
-      # All message translation is passed to this method. The first argument is the key
-      # for the message. The second is options, see the rails I18n library for a list of
-      # options used.
+      # All message translation is passed to this method. The first argument is
+      # the key for the message. The second is options, see the rails I18n
+      # library for a list of options used.
       def translate(key, options = {})
         translator.translate key, { scope: I18n.scope }.merge(options)
       end