authlogic 4.1.0 → 4.1.1

data/lib/authlogic/session/password.rb

@@ -134,6 +134,7 @@ module Authlogic
             configure_password_methods
             self.class.configured_password_methods = true
           end
+          instance_variable_set("@#{password_field}", nil)
           super
         end
 
@@ -179,136 +180,136 @@ module Authlogic
 
         private
 
-          def add_invalid_password_error
-            if generalize_credentials_error_messages?
-              add_general_credentials_error
-            else
-              errors.add(
-                password_field,
-                I18n.t("error_messages.password_invalid", default: "is not valid")
-              )
-            end
+        def add_invalid_password_error
+          if generalize_credentials_error_messages?
+            add_general_credentials_error
+          else
+            errors.add(
+              password_field,
+              I18n.t("error_messages.password_invalid", default: "is not valid")
+            )
           end
+        end
 
-          def add_login_not_found_error
-            if generalize_credentials_error_messages?
-              add_general_credentials_error
-            else
-              errors.add(
-                login_field,
-                I18n.t("error_messages.login_not_found", default: "is not valid")
-              )
-            end
+        def add_login_not_found_error
+          if generalize_credentials_error_messages?
+            add_general_credentials_error
+          else
+            errors.add(
+              login_field,
+              I18n.t("error_messages.login_not_found", default: "is not valid")
+            )
           end
+        end
 
-          def authenticating_with_password?
-            login_field && (!send(login_field).nil? || !send("protected_#{password_field}").nil?)
-          end
+        def authenticating_with_password?
+          login_field && (!send(login_field).nil? || !send("protected_#{password_field}").nil?)
+        end
 
-          def configure_password_methods
-            define_login_field_methods
-            define_password_field_methods
-          end
+        def configure_password_methods
+          define_login_field_methods
+          define_password_field_methods
+        end
 
-          def define_login_field_methods
-            return unless login_field
-            self.class.send(:attr_writer, login_field) unless respond_to?("#{login_field}=")
-            self.class.send(:attr_reader, login_field) unless respond_to?(login_field)
-          end
+        def define_login_field_methods
+          return unless login_field
+          self.class.send(:attr_writer, login_field) unless respond_to?("#{login_field}=")
+          self.class.send(:attr_reader, login_field) unless respond_to?(login_field)
+        end
 
-          def define_password_field_methods
-            return unless password_field
-            self.class.send(:attr_writer, password_field) unless respond_to?("#{password_field}=")
-            self.class.send(:define_method, password_field) {} unless respond_to?(password_field)
+        def define_password_field_methods
+          return unless password_field
+          self.class.send(:attr_writer, password_field) unless respond_to?("#{password_field}=")
+          self.class.send(:define_method, password_field) {} unless respond_to?(password_field)
 
-            # The password should not be accessible publicly. This way forms
-            # using form_for don't fill the password with the attempted
-            # password. To prevent this we just create this method that is
-            # private.
-            self.class.class_eval <<-EOS, __FILE__, __LINE__ + 1
+          # The password should not be accessible publicly. This way forms
+          # using form_for don't fill the password with the attempted
+          # password. To prevent this we just create this method that is
+          # private.
+          self.class.class_eval <<-EOS, __FILE__, __LINE__ + 1
               private
                 def protected_#{password_field}
                   @#{password_field}
                 end
             EOS
-          end
+        end
 
-          # In keeping with the metaphor of ActiveRecord, verification of the
-          # password is referred to as a "validation".
-          def validate_by_password
-            self.invalid_password = false
-            validate_by_password__blank_fields
-            return if errors.count > 0
-            self.attempted_record = search_for_record(find_by_login_method, send(login_field))
-            if attempted_record.blank?
-              add_login_not_found_error
-              return
-            end
-            validate_by_password__invalid_password
+        # In keeping with the metaphor of ActiveRecord, verification of the
+        # password is referred to as a "validation".
+        def validate_by_password
+          self.invalid_password = false
+          validate_by_password__blank_fields
+          return if errors.count > 0
+          self.attempted_record = search_for_record(find_by_login_method, send(login_field))
+          if attempted_record.blank?
+            add_login_not_found_error
+            return
           end
+          validate_by_password__invalid_password
+        end
 
-          def validate_by_password__blank_fields
-            if send(login_field).blank?
-              errors.add(
-                login_field,
-                I18n.t("error_messages.login_blank", default: "cannot be blank")
-              )
-            end
-            if send("protected_#{password_field}").blank?
-              errors.add(
-                password_field,
-                I18n.t("error_messages.password_blank", default: "cannot be blank")
-              )
-            end
+        def validate_by_password__blank_fields
+          if send(login_field).blank?
+            errors.add(
+              login_field,
+              I18n.t("error_messages.login_blank", default: "cannot be blank")
+            )
           end
-
-          # Verify the password, usually using `valid_password?` in
-          # `acts_as_authentic/password.rb`. If it cannot be verified, we
-          # refer to it as "invalid".
-          def validate_by_password__invalid_password
-            unless attempted_record.send(
-              verify_password_method,
-              send("protected_#{password_field}")
+          if send("protected_#{password_field}").blank?
+            errors.add(
+              password_field,
+              I18n.t("error_messages.password_blank", default: "cannot be blank")
             )
-              self.invalid_password = true
-              add_invalid_password_error
-            end
           end
+        end
 
-          attr_accessor :invalid_password
-
-          def find_by_login_method
-            self.class.find_by_login_method
+        # Verify the password, usually using `valid_password?` in
+        # `acts_as_authentic/password.rb`. If it cannot be verified, we
+        # refer to it as "invalid".
+        def validate_by_password__invalid_password
+          unless attempted_record.send(
+            verify_password_method,
+            send("protected_#{password_field}")
+          )
+            self.invalid_password = true
+            add_invalid_password_error
           end
+        end
 
-          def login_field
-            self.class.login_field
-          end
+        attr_accessor :invalid_password
 
-          def add_general_credentials_error
-            error_message =
-              if self.class.generalize_credentials_error_messages.is_a? String
-                self.class.generalize_credentials_error_messages
-              else
-                "#{login_field.to_s.humanize}/Password combination is not valid"
-              end
-            errors.add(
-              :base,
-              I18n.t("error_messages.general_credentials_error", default: error_message)
-            )
-          end
+        def find_by_login_method
+          self.class.find_by_login_method
+        end
 
-          def generalize_credentials_error_messages?
-            self.class.generalize_credentials_error_messages
-          end
+        def login_field
+          self.class.login_field
+        end
 
-          def password_field
-            self.class.password_field
-          end
+        def add_general_credentials_error
+          error_message =
+            if self.class.generalize_credentials_error_messages.is_a? String
+              self.class.generalize_credentials_error_messages
+            else
+              "#{login_field.to_s.humanize}/Password combination is not valid"
+            end
+          errors.add(
+            :base,
+            I18n.t("error_messages.general_credentials_error", default: error_message)
+          )
+        end
 
-          def verify_password_method
-            self.class.verify_password_method
-          end
+        def generalize_credentials_error_messages?
+          self.class.generalize_credentials_error_messages
+        end
+
+        def password_field
+          self.class.password_field
+        end
+
+        def verify_password_method
+          self.class.verify_password_method
+        end
       end
     end
   end

data/lib/authlogic/session/perishable_token.rb

@@ -13,12 +13,12 @@ module Authlogic
 
       private
 
-        def reset_perishable_token!
-          if record.respond_to?(:reset_perishable_token) &&
-              !record.disable_perishable_token_maintenance?
-            record.reset_perishable_token
-          end
+      def reset_perishable_token!
+        if record.respond_to?(:reset_perishable_token) &&
+            !record.disable_perishable_token_maintenance?
+          record.reset_perishable_token
         end
+      end
     end
   end
 end

data/lib/authlogic/session/persistence.rb

@@ -10,9 +10,10 @@ module Authlogic
       end
 
       module ClassMethods
-        # This is how you persist a session. This finds the record for the current session using
-        # a variety of methods. It basically tries to "log in" the user without the user having
-        # to explicitly log in. Check out the other Authlogic::Session modules for more information.
+        # This is how you persist a session. This finds the record for the
+        # current session using a variety of methods. It basically tries to "log
+        # in" the user without the user having to explicitly log in. Check out
+        # the other Authlogic::Session modules for more information.
         #
         # The best way to use this method is something like:
         #
@@ -56,7 +57,7 @@ module Authlogic
         def persisting?
           return true unless record.nil?
           self.attempted_record = nil
-          self.remember_me = !cookie_credentials.nil? && !cookie_credentials[2].nil?
+          self.remember_me = cookie_credentials_remember_me?
           before_persisting
           persist
           ensure_authentication_attempted

data/lib/authlogic/session/priority_record.rb

@@ -24,15 +24,15 @@ module Authlogic
 
       private
 
-        def attempted_record=(value)
-          value = priority_record if value == priority_record
-          super
-        end
+      def attempted_record=(value)
+        value = priority_record if value == priority_record
+        super
+      end
 
-        def save_record(alternate_record = nil)
-          r = alternate_record || record
-          super if r != priority_record
-        end
+      def save_record(alternate_record = nil)
+        r = alternate_record || record
+        super if r != priority_record
+      end
     end
   end
 end

data/lib/authlogic/session/scopes.rb

@@ -89,9 +89,9 @@ module Authlogic
 
         private
 
-          def scope=(value)
-            RequestStore.store[:authlogic_scope] = value
-          end
+        def scope=(value)
+          RequestStore.store[:authlogic_scope] = value
+        end
       end
 
       module InstanceMethods
@@ -108,30 +108,30 @@ module Authlogic
 
         private
 
-          # Used for things like cookie_key, session_key, etc.
-          def build_key(last_part)
-            [scope[:id], super].compact.join("_")
-          end
+        # Used for things like cookie_key, session_key, etc.
+        def build_key(last_part)
+          [scope[:id], super].compact.join("_")
+        end
 
-          # `args[0]` is the name of an AR method, like
-          # `find_by_single_access_token`.
-          def search_for_record(*args)
-            search_scope.scoping do
-              klass.send(*args)
-            end
+        # `args[0]` is the name of an AR method, like
+        # `find_by_single_access_token`.
+        def search_for_record(*args)
+          search_scope.scoping do
+            klass.send(*args)
           end
+        end
 
-          # Returns an AR relation representing the scope of the search. The
-          # relation is either provided directly by, or defined by
-          # `find_options`.
-          def search_scope
-            if scope[:find_options].is_a?(ActiveRecord::Relation)
-              scope[:find_options]
-            else
-              conditions = scope[:find_options] && scope[:find_options][:conditions] || {}
-              klass.send(:where, conditions)
-            end
+        # Returns an AR relation representing the scope of the search. The
+        # relation is either provided directly by, or defined by
+        # `find_options`.
+        def search_scope
+          if scope[:find_options].is_a?(ActiveRecord::Relation)
+            scope[:find_options]
+          else
+            conditions = scope[:find_options] && scope[:find_options][:conditions] || {}
+            klass.send(:where, conditions)
           end
+        end
       end
     end
   end

data/lib/authlogic/session/timeout.rb

@@ -83,20 +83,20 @@ module Authlogic
 
         private
 
-          def reset_stale_state
-            self.stale_record = nil
-          end
+        def reset_stale_state
+          self.stale_record = nil
+        end
 
-          def enforce_timeout
-            if stale?
-              self.stale_record = record
-              self.record = nil
-            end
+        def enforce_timeout
+          if stale?
+            self.stale_record = record
+            self.record = nil
           end
+        end
 
-          def logout_on_timeout?
-            self.class.logout_on_timeout == true
-          end
+        def logout_on_timeout?
+          self.class.logout_on_timeout == true
+        end
       end
     end
   end

data/lib/authlogic/session/unauthorized_record.rb

@@ -44,13 +44,13 @@ module Authlogic
 
       private
 
-        def authenticating_with_unauthorized_record?
-          !unauthorized_record.nil?
-        end
+      def authenticating_with_unauthorized_record?
+        !unauthorized_record.nil?
+      end
 
-        def validate_by_unauthorized_record
-          self.attempted_record = unauthorized_record
-        end
+      def validate_by_unauthorized_record
+        self.attempted_record = unauthorized_record
+      end
     end
   end
 end

data/lib/authlogic/session/validation.rb

@@ -77,17 +77,17 @@ module Authlogic
 
       private
 
-        def ensure_authentication_attempted
-          if errors.empty? && attempted_record.nil?
-            errors.add(
-              :base,
-              I18n.t(
-                "error_messages.no_authentication_details",
-                default: "You did not provide any details for authentication."
-              )
+      def ensure_authentication_attempted
+        if errors.empty? && attempted_record.nil?
+          errors.add(
+            :base,
+            I18n.t(
+              "error_messages.no_authentication_details",
+              default: "You did not provide any details for authentication."
             )
-          end
+          )
         end
+      end
     end
   end
 end