authlogic 4.4.2 → 5.0.3

data/Rakefile

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-require "rubygems"
-require "bundler"
-
-Bundler.setup
-
-require "rake/testtask"
-Rake::TestTask.new(:test) do |test|
-  test.libs << "test"
-  test.pattern = "test/**/*_test.rb"
-  test.verbose = false
-
-  # Set interpreter warning level to 2 (verbose)
-  test.ruby_opts += ["-W2"]
-end
-
-require "rubocop/rake_task"
-RuboCop::RakeTask.new
-
-task default: %i[rubocop test]

data/UPGRADING.md

@@ -1,22 +0,0 @@
-# Upgrading Authlogic
-
-Supplemental instructions to complement CHANGELOG.md.
-
-## 3.4.0
-
-In version 3.4.0, released 2014-03-03, the default crypto_provider was changed
-from *Sha512* to *SCrypt*.
-
-If you never set a crypto_provider and are upgrading, your passwords will break
-unless you specify `Sha512`.
-
-``` ruby
-c.crypto_provider = Authlogic::CryptoProviders::Sha512
-```
-
-And if you want to automatically upgrade from *Sha512* to *SCrypt* as users login:
-
-```ruby
-c.transition_from_crypto_providers = [Authlogic::CryptoProviders::Sha512]
-c.crypto_provider = Authlogic::CryptoProviders::SCrypt
-```

data/authlogic.gemspec

@@ -1,40 +0,0 @@
-# frozen_string_literal: true
-
-require "English"
-$LOAD_PATH.push File.expand_path("lib", __dir__)
-require "authlogic/version"
-
-::Gem::Specification.new do |s|
-  s.name = "authlogic"
-  s.version = ::Authlogic.gem_version.to_s
-  s.platform = ::Gem::Platform::RUBY
-  s.authors = [
-    "Ben Johnson",
-    "Tieg Zaharia",
-    "Jared Beck"
-  ]
-  s.email = [
-    "bjohnson@binarylogic.com",
-    "tieg.zaharia@gmail.com",
-    "jared@jaredbeck.com"
-  ]
-  s.homepage = "http://github.com/binarylogic/authlogic"
-  s.summary = "A clean, simple, and unobtrusive ruby authentication solution."
-  s.license = "MIT"
-
-  s.required_ruby_version = ">= 2.3.0"
-  s.add_dependency "activerecord", [">= 4.2", "< 5.3"]
-  s.add_dependency "activesupport", [">= 4.2", "< 5.3"]
-  s.add_dependency "request_store", "~> 1.0"
-  s.add_dependency "scrypt", ">= 1.2", "< 4.0"
-  s.add_development_dependency "bcrypt", "~> 3.1"
-  s.add_development_dependency "byebug", "~> 10.0"
-  s.add_development_dependency "minitest-reporters", "~> 1.3"
-  s.add_development_dependency "rubocop", "~> 0.58.1"
-  s.add_development_dependency "timecop", "~> 0.7"
-
-  s.files = `git ls-files`.split("\n")
-  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
-  s.require_paths = ["lib"]
-end

data/doc/use_normal_rails_validation.md

@@ -1,82 +0,0 @@
-# Use Normal ActiveRecord Validation
-
-In Authlogic 4.4.0, [we deprecated][1] the features of Authlogic related to
-validating email, login, and password. In 5.0.0 these features will be dropped.
-Use normal ActiveRecord validations instead.
-
-## Instructions
-
-First, disable the deprecated Authlogic validations:
-
-    acts_as_authentic do |c|
-      c.validate_email_field = false
-      c.validate_login_field = false
-      c.validate_password_field = false
-    end
-
-Then, use normal ActiveRecord validations instead. For example, instead of
-the Authlogic method validates_length_of_email_field_options, use
-
-    validates :email, length: { ... }
-
-It might be a good idea to replace these one field at a time, ie. email,
-then login, then password; one field per commit.
-
-## Default Values
-
-The following validations represent the Authlogic < 5 defaults. Merge these
-defaults with any settings you may have overwritten.
-
-```
-validates :email,
-  format: {
-    with: ::Authlogic::Regex::EMAIL,
-    message: proc {
-      ::Authlogic::I18n.t(
-        "error_messages.email_invalid",
-        default: "should look like an email address."
-      )
-    }
-  },
-  length: { maximum: 100 },
-  uniqueness: {
-    case_sensitive: false,
-    if: :email_changed?
-  }
-
-validates :login,
-  format: {
-    with: ::Authlogic::Regex::LOGIN,
-    message: proc {
-      ::Authlogic::I18n.t(
-        "error_messages.login_invalid",
-        default: "should use only letters, numbers, spaces, and .-_@+ please."
-      )
-    }
-  },
-  length: { within: 3..100 },
-  uniqueness: {
-    case_sensitive: false,
-    if: :login_changed?
-  }
-
-validates :password,
-  confirmation: { if: :require_password? },
-  length: {
-    minimum: 8,
-    if: :require_password?
-  }
-validates :password_confirmation,
-  length: {
-    minimum: 8,
-    if: :require_password?
-}
-```
-
-## Motivation
-
-The deprecated features save people some time in the begginning, when setting up
-Authlogic. But, later in the life of a project, when these settings need to
-change, it is obscure compared to normal ActiveRecord validations.
-
-[1]: https://github.com/binarylogic/authlogic/pull/623

data/gemfiles/Gemfile.rails-4.2.x

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-gemspec :path => ".."
-
-gem "activerecord", "~> 4.2.8.rc1"
-gem "activesupport", "~> 4.2.8.rc1"
-gem 'sqlite3', :platforms => :ruby

data/gemfiles/Gemfile.rails-5.1.x

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-gemspec :path => ".."
-
-gem "activerecord", "~> 5.1.0"
-gem "activesupport", "~> 5.1.0"
-gem 'sqlite3', :platforms => :ruby

data/gemfiles/Gemfile.rails-5.2.x

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-gemspec :path => ".."
-
-gem "activerecord", "~> 5.2.x"
-gem "activesupport", "~> 5.2.x"
-gem 'sqlite3', :platforms => :ruby

data/lib/authlogic/acts_as_authentic/restful_authentication.rb

@@ -1,106 +0,0 @@
-module Authlogic
-  module ActsAsAuthentic
-    # This module is responsible for transitioning existing applications from
-    # the restful_authentication plugin.
-    module RestfulAuthentication
-      def self.included(klass)
-        klass.class_eval do
-          extend Config
-          include InstanceMethods
-        end
-      end
-
-      # Configures the restful_authentication aspect of acts_as_authentic.
-      # These methods become class methods of ::ActiveRecord::Base.
-      module Config
-        DPR_MSG = <<~STR.squish
-          Support for transitioning to authlogic from restful_authentication
-          (%s) is deprecated without replacement. restful_authentication is no
-          longer used in the ruby community, and the transition away from it is
-          complete. There is only one version of restful_authentication on
-          rubygems.org, it was released in 2009, and it's only compatible with
-          rails 2.3. It has been nine years since it was released.
-        STR
-
-        # Switching an existing app to Authlogic from restful_authentication? No
-        # problem, just set this true and your users won't know anything
-        # changed. From your database perspective nothing will change at all.
-        # Authlogic will continue to encrypt passwords just like
-        # restful_authentication, so your app won't skip a beat. Although, might
-        # consider transitioning your users to a newer and stronger algorithm.
-        # Checkout the transition_from_restful_authentication option.
-        #
-        # * <tt>Default:</tt> false
-        # * <tt>Accepts:</tt> Boolean
-        def act_like_restful_authentication(value = nil)
-          r = rw_config(:act_like_restful_authentication, value, false)
-          set_restful_authentication_config if value
-          r
-        end
-
-        def act_like_restful_authentication=(value = nil)
-          ::ActiveSupport::Deprecation.warn(
-            format(DPR_MSG, "act_like_restful_authentication="),
-            caller(1)
-          )
-          act_like_restful_authentication(value)
-        end
-
-        # This works just like act_like_restful_authentication except that it
-        # will start transitioning your users to the algorithm you specify with
-        # the crypto provider option. The next time they log in it will resave
-        # their password with the new algorithm and any new record will use the
-        # new algorithm as well. Make sure to update your users table if you are
-        # using the default migration since it will set crypted_password and
-        # salt columns to a maximum width of 40 characters which is not enough.
-        def transition_from_restful_authentication(value = nil)
-          r = rw_config(:transition_from_restful_authentication, value, false)
-          set_restful_authentication_config if value
-          r
-        end
-
-        def transition_from_restful_authentication=(value = nil)
-          ::ActiveSupport::Deprecation.warn(
-            format(DPR_MSG, "transition_from_restful_authentication="),
-            caller(1)
-          )
-          transition_from_restful_authentication(value)
-        end
-
-        private
-
-        def set_restful_authentication_config
-          self.restful_auth_crypto_provider = CryptoProviders::Sha1
-          if !defined?(::REST_AUTH_SITE_KEY) || ::REST_AUTH_SITE_KEY.nil?
-            unless defined?(::REST_AUTH_SITE_KEY)
-              class_eval("::REST_AUTH_SITE_KEY = ''", __FILE__, __LINE__)
-            end
-            CryptoProviders::Sha1.stretches = 1
-          end
-        end
-
-        # @api private
-        def restful_auth_crypto_provider=(provider)
-          if act_like_restful_authentication
-            self.crypto_provider = provider
-          else
-            self.transition_from_crypto_providers = provider
-          end
-        end
-      end
-
-      # :nodoc:
-      module InstanceMethods
-        private
-
-        def act_like_restful_authentication?
-          self.class.act_like_restful_authentication == true
-        end
-
-        def transition_from_restful_authentication?
-          self.class.transition_from_restful_authentication == true
-        end
-      end
-    end
-  end
-end

data/lib/authlogic/acts_as_authentic/validations_scope.rb

@@ -1,35 +0,0 @@
-module Authlogic
-  module ActsAsAuthentic
-    # Allows you to scope everything to specific fields. See the Config
-    # submodule for more info. For information on how to scope off of a parent
-    # object see Authlogic::AuthenticatesMany
-    module ValidationsScope
-      def self.included(klass)
-        klass.class_eval do
-          extend Config
-        end
-      end
-
-      # All configuration for the scope feature.
-      module Config
-        # Allows you to scope everything to specific field(s). Works just like
-        # validates_uniqueness_of. For example, let's say a user belongs to a
-        # company, and you want to scope everything to the company:
-        #
-        #   acts_as_authentic do |c|
-        #     c.validations_scope = :company_id
-        #   end
-        #
-        # * <tt>Default:</tt> nil
-        # * <tt>Accepts:</tt> Symbol or Array of symbols
-        #
-        # @deprecated
-        def validations_scope(value = nil)
-          deprecate_authlogic_config("validations_scope") if value
-          rw_config(:validations_scope, value)
-        end
-        alias_method :validations_scope=, :validations_scope
-      end
-    end
-  end
-end

data/lib/authlogic/authenticates_many/association.rb

@@ -1,50 +0,0 @@
-module Authlogic
-  module AuthenticatesMany
-    # An object of this class is used as a proxy for the authenticates_many
-    # relationship. It basically allows you to "save" scope details and call
-    # them on an object, which allows you to do the following:
-    #
-    #   @account.user_sessions.new
-    #   @account.user_sessions.find
-    #   # ... etc
-    #
-    # You can call all of the class level methods off of an object with a saved
-    # scope, so that calling the above methods scopes the user sessions down to
-    # that specific account. To implement this via ActiveRecord do something
-    # like:
-    #
-    #   class User < ApplicationRecord
-    #     authenticates_many :user_sessions
-    #   end
-    class Association
-      attr_accessor :klass, :find_options, :id
-
-      # - id: Usually `nil`, but if the `scope_cookies` option is used, then
-      #   `id` is a string like "company_123". It may seem strange to refer
-      #   to such a string as an "id", but the naming is intentional, and
-      #   is derived from `Authlogic::Session::Id`.
-      def initialize(klass, find_options, id)
-        self.klass = klass
-        self.find_options = find_options
-        self.id = id
-      end
-
-      %i[create create! find new].each do |method|
-        class_eval <<-EOS, __FILE__, __LINE__ + 1
-          def #{method}(*args)
-            klass.with_scope(scope_options) do
-              klass.#{method}(*args)
-            end
-          end
-        EOS
-      end
-      alias_method :build, :new
-
-      private
-
-      def scope_options
-        { find_options: find_options, id: id }
-      end
-    end
-  end
-end

data/lib/authlogic/authenticates_many/base.rb

@@ -1,81 +0,0 @@
-module Authlogic
-  # This allows you to scope your authentication. For example, let's say all users belong
-  # to an account, you want to make sure only users that belong to that account can
-  # actually login into that account. Simple, just do:
-  #
-  #   class Account < ApplicationRecord
-  #     authenticates_many :user_sessions
-  #   end
-  #
-  # Now you can scope sessions just like everything else in ActiveRecord:
-  #
-  #   @account.user_sessions.new(*args)
-  #   @account.user_sessions.create(*args)
-  #   @account.user_sessions.find(*args)
-  #   # ... etc
-  #
-  # Checkout the authenticates_many method for a list of options.
-  # You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
-  module AuthenticatesMany
-    # These methods become class methods of ::ActiveRecord::Base.
-    module Base
-      DPR_AUTH_MANY = <<~EOS.freeze
-        authenticates_many is deprecated without replacement. Let us know
-        if you would like to take over maintenance of this feature as a separate
-        gem. If no one volunteers to extract and maintain a new gem, then this
-        feature will simply be deleted.
-      EOS
-
-      # Allows you to set up a relationship with your sessions. See module
-      # definition above for more details.
-      #
-      # === Options
-      #
-      # * <tt>session_class:</tt> default: "#{name}Session",
-      #   This is the related session class.
-      #
-      # * <tt>relationship_name:</tt>
-      #   default: options[:session_class].klass_name.underscore.pluralize,
-      #   This is the name of the relationship you want to use to scope
-      #   everything. For example an Account has many Users. There should be a
-      #   relationship called :users that you defined with a has_many. The
-      #   reason we use the relationship is so you don't have to repeat
-      #   yourself. The relationship could have all kinds of custom options. So
-      #   instead of repeating yourself we essentially use the scope that the
-      #   relationship creates.
-      #
-      # * <tt>find_options:</tt> default: nil,
-      #   By default the find options are created from the relationship you
-      #   specify with :relationship_name. But if you want to override this and
-      #   manually specify find_options you can do it here. Specify options just
-      #   as you would in ActiveRecord::Base.find.
-      #
-      # * <tt>scope_cookies:</tt> default: false
-      #   By the nature of cookies they scope themselves if you are using
-      #   subdomains to access accounts. If you aren't using subdomains you need
-      #   to have separate cookies for each account, assuming a user is logging
-      #   into more than one account. Authlogic can take care of this for you by
-      #   prefixing the name of the cookie and session with the model id.
-      #   Because it affects both cookies names and session keys, the name
-      #   `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
-      #   would have been better.
-      def authenticates_many(name, options = {})
-        ::ActiveSupport::Deprecation.warn(DPR_AUTH_MANY)
-        options[:session_class] ||= name.to_s.classify.constantize
-        options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
-        class_eval <<-EOS, __FILE__, __LINE__ + 1
-          def #{name}
-            find_options = #{options[:find_options].inspect} || #{options[:relationship_name]}.where(nil)
-            @#{name} ||= Authlogic::AuthenticatesMany::Association.new(
-              #{options[:session_class]},
-              find_options,
-              #{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : 'nil'}
-            )
-          end
-        EOS
-      end
-    end
-
-    ::ActiveRecord::Base.extend(Base) if defined?(::ActiveRecord)
-  end
-end