authlogic 4.4.2 → 5.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/authlogic.rb +4 -28
- data/lib/authlogic/acts_as_authentic/base.rb +3 -18
- data/lib/authlogic/acts_as_authentic/email.rb +3 -170
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +3 -1
- data/lib/authlogic/acts_as_authentic/login.rb +7 -174
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +7 -4
- data/lib/authlogic/acts_as_authentic/password.rb +54 -253
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +8 -5
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -4
- data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +36 -20
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +8 -6
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +10 -8
- data/lib/authlogic/config.rb +9 -1
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +7 -4
- data/lib/authlogic/controller_adapters/rack_adapter.rb +2 -0
- data/lib/authlogic/controller_adapters/rails_adapter.rb +19 -19
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +6 -0
- data/lib/authlogic/cookie_credentials.rb +63 -0
- data/lib/authlogic/crypto_providers.rb +5 -20
- data/lib/authlogic/crypto_providers/bcrypt.rb +3 -3
- data/lib/authlogic/crypto_providers/md5.rb +3 -6
- data/lib/authlogic/crypto_providers/scrypt.rb +2 -0
- data/lib/authlogic/crypto_providers/sha1.rb +4 -6
- data/lib/authlogic/crypto_providers/sha256.rb +2 -0
- data/lib/authlogic/crypto_providers/sha512.rb +6 -5
- data/lib/authlogic/i18n.rb +3 -1
- data/lib/authlogic/i18n/translator.rb +3 -0
- data/lib/authlogic/random.rb +2 -0
- data/lib/authlogic/session/base.rb +2087 -39
- data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
- data/lib/authlogic/test_case.rb +4 -0
- data/lib/authlogic/test_case/mock_controller.rb +2 -0
- data/lib/authlogic/test_case/mock_cookie_jar.rb +7 -0
- data/lib/authlogic/test_case/mock_logger.rb +2 -0
- data/lib/authlogic/test_case/mock_request.rb +2 -0
- data/lib/authlogic/test_case/rails_request_adapter.rb +2 -0
- data/lib/authlogic/version.rb +2 -1
- metadata +136 -182
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -28
- data/.github/ISSUE_TEMPLATE/feature_proposal.md +0 -32
- data/.github/triage.md +0 -86
- data/.gitignore +0 -15
- data/.rubocop.yml +0 -133
- data/.rubocop_todo.yml +0 -74
- data/.travis.yml +0 -24
- data/CHANGELOG.md +0 -326
- data/CONTRIBUTING.md +0 -91
- data/Gemfile +0 -6
- data/LICENSE +0 -20
- data/README.md +0 -439
- data/Rakefile +0 -21
- data/UPGRADING.md +0 -22
- data/authlogic.gemspec +0 -40
- data/doc/use_normal_rails_validation.md +0 -82
- data/gemfiles/Gemfile.rails-4.2.x +0 -6
- data/gemfiles/Gemfile.rails-5.1.x +0 -6
- data/gemfiles/Gemfile.rails-5.2.x +0 -6
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -106
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -35
- data/lib/authlogic/authenticates_many/association.rb +0 -50
- data/lib/authlogic/authenticates_many/base.rb +0 -81
- data/lib/authlogic/crypto_providers/aes256.rb +0 -71
- data/lib/authlogic/crypto_providers/wordpress.rb +0 -72
- data/lib/authlogic/regex.rb +0 -79
- data/lib/authlogic/session/activation.rb +0 -73
- data/lib/authlogic/session/active_record_trickery.rb +0 -65
- data/lib/authlogic/session/brute_force_protection.rb +0 -127
- data/lib/authlogic/session/callbacks.rb +0 -153
- data/lib/authlogic/session/cookies.rb +0 -296
- data/lib/authlogic/session/existence.rb +0 -103
- data/lib/authlogic/session/foundation.rb +0 -105
- data/lib/authlogic/session/http_auth.rb +0 -107
- data/lib/authlogic/session/id.rb +0 -53
- data/lib/authlogic/session/klass.rb +0 -73
- data/lib/authlogic/session/magic_columns.rb +0 -119
- data/lib/authlogic/session/magic_states.rb +0 -82
- data/lib/authlogic/session/params.rb +0 -130
- data/lib/authlogic/session/password.rb +0 -318
- data/lib/authlogic/session/perishable_token.rb +0 -24
- data/lib/authlogic/session/persistence.rb +0 -77
- data/lib/authlogic/session/priority_record.rb +0 -38
- data/lib/authlogic/session/scopes.rb +0 -138
- data/lib/authlogic/session/session.rb +0 -77
- data/lib/authlogic/session/timeout.rb +0 -103
- data/lib/authlogic/session/unauthorized_record.rb +0 -56
- data/lib/authlogic/session/validation.rb +0 -93
- data/test/acts_as_authentic_test/base_test.rb +0 -27
- data/test/acts_as_authentic_test/email_test.rb +0 -241
- data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -64
- data/test/acts_as_authentic_test/login_test.rb +0 -153
- data/test/acts_as_authentic_test/magic_columns_test.rb +0 -29
- data/test/acts_as_authentic_test/password_test.rb +0 -263
- data/test/acts_as_authentic_test/perishable_token_test.rb +0 -98
- data/test/acts_as_authentic_test/persistence_token_test.rb +0 -62
- data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -48
- data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -150
- data/test/acts_as_authentic_test/single_access_test.rb +0 -46
- data/test/adapter_test.rb +0 -23
- data/test/authenticates_many_test.rb +0 -33
- data/test/config_test.rb +0 -38
- data/test/crypto_provider_test/aes256_test.rb +0 -16
- data/test/crypto_provider_test/bcrypt_test.rb +0 -16
- data/test/crypto_provider_test/scrypt_test.rb +0 -16
- data/test/crypto_provider_test/sha1_test.rb +0 -25
- data/test/crypto_provider_test/sha256_test.rb +0 -16
- data/test/crypto_provider_test/sha512_test.rb +0 -16
- data/test/crypto_provider_test/wordpress_test.rb +0 -26
- data/test/fixtures/companies.yml +0 -5
- data/test/fixtures/employees.yml +0 -17
- data/test/fixtures/projects.yml +0 -3
- data/test/fixtures/users.yml +0 -41
- data/test/i18n/lol.yml +0 -4
- data/test/i18n_test.rb +0 -35
- data/test/libs/affiliate.rb +0 -9
- data/test/libs/company.rb +0 -8
- data/test/libs/employee.rb +0 -9
- data/test/libs/employee_session.rb +0 -4
- data/test/libs/ldaper.rb +0 -5
- data/test/libs/project.rb +0 -5
- data/test/libs/user.rb +0 -9
- data/test/libs/user_session.rb +0 -27
- data/test/random_test.rb +0 -15
- data/test/session_test/activation_test.rb +0 -45
- data/test/session_test/active_record_trickery_test.rb +0 -78
- data/test/session_test/brute_force_protection_test.rb +0 -110
- data/test/session_test/callbacks_test.rb +0 -42
- data/test/session_test/cookies_test.rb +0 -226
- data/test/session_test/credentials_test.rb +0 -0
- data/test/session_test/existence_test.rb +0 -88
- data/test/session_test/foundation_test.rb +0 -24
- data/test/session_test/http_auth_test.rb +0 -60
- data/test/session_test/id_test.rb +0 -19
- data/test/session_test/klass_test.rb +0 -42
- data/test/session_test/magic_columns_test.rb +0 -62
- data/test/session_test/magic_states_test.rb +0 -60
- data/test/session_test/params_test.rb +0 -61
- data/test/session_test/password_test.rb +0 -107
- data/test/session_test/perishability_test.rb +0 -17
- data/test/session_test/persistence_test.rb +0 -35
- data/test/session_test/scopes_test.rb +0 -68
- data/test/session_test/session_test.rb +0 -80
- data/test/session_test/timeout_test.rb +0 -84
- data/test/session_test/unauthorized_record_test.rb +0 -15
- data/test/session_test/validation_test.rb +0 -25
- data/test/test_helper.rb +0 -272
data/Rakefile
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "rubygems"
|
4
|
-
require "bundler"
|
5
|
-
|
6
|
-
Bundler.setup
|
7
|
-
|
8
|
-
require "rake/testtask"
|
9
|
-
Rake::TestTask.new(:test) do |test|
|
10
|
-
test.libs << "test"
|
11
|
-
test.pattern = "test/**/*_test.rb"
|
12
|
-
test.verbose = false
|
13
|
-
|
14
|
-
# Set interpreter warning level to 2 (verbose)
|
15
|
-
test.ruby_opts += ["-W2"]
|
16
|
-
end
|
17
|
-
|
18
|
-
require "rubocop/rake_task"
|
19
|
-
RuboCop::RakeTask.new
|
20
|
-
|
21
|
-
task default: %i[rubocop test]
|
data/UPGRADING.md
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
# Upgrading Authlogic
|
2
|
-
|
3
|
-
Supplemental instructions to complement CHANGELOG.md.
|
4
|
-
|
5
|
-
## 3.4.0
|
6
|
-
|
7
|
-
In version 3.4.0, released 2014-03-03, the default crypto_provider was changed
|
8
|
-
from *Sha512* to *SCrypt*.
|
9
|
-
|
10
|
-
If you never set a crypto_provider and are upgrading, your passwords will break
|
11
|
-
unless you specify `Sha512`.
|
12
|
-
|
13
|
-
``` ruby
|
14
|
-
c.crypto_provider = Authlogic::CryptoProviders::Sha512
|
15
|
-
```
|
16
|
-
|
17
|
-
And if you want to automatically upgrade from *Sha512* to *SCrypt* as users login:
|
18
|
-
|
19
|
-
```ruby
|
20
|
-
c.transition_from_crypto_providers = [Authlogic::CryptoProviders::Sha512]
|
21
|
-
c.crypto_provider = Authlogic::CryptoProviders::SCrypt
|
22
|
-
```
|
data/authlogic.gemspec
DELETED
@@ -1,40 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require "English"
|
4
|
-
$LOAD_PATH.push File.expand_path("lib", __dir__)
|
5
|
-
require "authlogic/version"
|
6
|
-
|
7
|
-
::Gem::Specification.new do |s|
|
8
|
-
s.name = "authlogic"
|
9
|
-
s.version = ::Authlogic.gem_version.to_s
|
10
|
-
s.platform = ::Gem::Platform::RUBY
|
11
|
-
s.authors = [
|
12
|
-
"Ben Johnson",
|
13
|
-
"Tieg Zaharia",
|
14
|
-
"Jared Beck"
|
15
|
-
]
|
16
|
-
s.email = [
|
17
|
-
"bjohnson@binarylogic.com",
|
18
|
-
"tieg.zaharia@gmail.com",
|
19
|
-
"jared@jaredbeck.com"
|
20
|
-
]
|
21
|
-
s.homepage = "http://github.com/binarylogic/authlogic"
|
22
|
-
s.summary = "A clean, simple, and unobtrusive ruby authentication solution."
|
23
|
-
s.license = "MIT"
|
24
|
-
|
25
|
-
s.required_ruby_version = ">= 2.3.0"
|
26
|
-
s.add_dependency "activerecord", [">= 4.2", "< 5.3"]
|
27
|
-
s.add_dependency "activesupport", [">= 4.2", "< 5.3"]
|
28
|
-
s.add_dependency "request_store", "~> 1.0"
|
29
|
-
s.add_dependency "scrypt", ">= 1.2", "< 4.0"
|
30
|
-
s.add_development_dependency "bcrypt", "~> 3.1"
|
31
|
-
s.add_development_dependency "byebug", "~> 10.0"
|
32
|
-
s.add_development_dependency "minitest-reporters", "~> 1.3"
|
33
|
-
s.add_development_dependency "rubocop", "~> 0.58.1"
|
34
|
-
s.add_development_dependency "timecop", "~> 0.7"
|
35
|
-
|
36
|
-
s.files = `git ls-files`.split("\n")
|
37
|
-
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
38
|
-
s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
|
39
|
-
s.require_paths = ["lib"]
|
40
|
-
end
|
@@ -1,82 +0,0 @@
|
|
1
|
-
# Use Normal ActiveRecord Validation
|
2
|
-
|
3
|
-
In Authlogic 4.4.0, [we deprecated][1] the features of Authlogic related to
|
4
|
-
validating email, login, and password. In 5.0.0 these features will be dropped.
|
5
|
-
Use normal ActiveRecord validations instead.
|
6
|
-
|
7
|
-
## Instructions
|
8
|
-
|
9
|
-
First, disable the deprecated Authlogic validations:
|
10
|
-
|
11
|
-
acts_as_authentic do |c|
|
12
|
-
c.validate_email_field = false
|
13
|
-
c.validate_login_field = false
|
14
|
-
c.validate_password_field = false
|
15
|
-
end
|
16
|
-
|
17
|
-
Then, use normal ActiveRecord validations instead. For example, instead of
|
18
|
-
the Authlogic method validates_length_of_email_field_options, use
|
19
|
-
|
20
|
-
validates :email, length: { ... }
|
21
|
-
|
22
|
-
It might be a good idea to replace these one field at a time, ie. email,
|
23
|
-
then login, then password; one field per commit.
|
24
|
-
|
25
|
-
## Default Values
|
26
|
-
|
27
|
-
The following validations represent the Authlogic < 5 defaults. Merge these
|
28
|
-
defaults with any settings you may have overwritten.
|
29
|
-
|
30
|
-
```
|
31
|
-
validates :email,
|
32
|
-
format: {
|
33
|
-
with: ::Authlogic::Regex::EMAIL,
|
34
|
-
message: proc {
|
35
|
-
::Authlogic::I18n.t(
|
36
|
-
"error_messages.email_invalid",
|
37
|
-
default: "should look like an email address."
|
38
|
-
)
|
39
|
-
}
|
40
|
-
},
|
41
|
-
length: { maximum: 100 },
|
42
|
-
uniqueness: {
|
43
|
-
case_sensitive: false,
|
44
|
-
if: :email_changed?
|
45
|
-
}
|
46
|
-
|
47
|
-
validates :login,
|
48
|
-
format: {
|
49
|
-
with: ::Authlogic::Regex::LOGIN,
|
50
|
-
message: proc {
|
51
|
-
::Authlogic::I18n.t(
|
52
|
-
"error_messages.login_invalid",
|
53
|
-
default: "should use only letters, numbers, spaces, and .-_@+ please."
|
54
|
-
)
|
55
|
-
}
|
56
|
-
},
|
57
|
-
length: { within: 3..100 },
|
58
|
-
uniqueness: {
|
59
|
-
case_sensitive: false,
|
60
|
-
if: :login_changed?
|
61
|
-
}
|
62
|
-
|
63
|
-
validates :password,
|
64
|
-
confirmation: { if: :require_password? },
|
65
|
-
length: {
|
66
|
-
minimum: 8,
|
67
|
-
if: :require_password?
|
68
|
-
}
|
69
|
-
validates :password_confirmation,
|
70
|
-
length: {
|
71
|
-
minimum: 8,
|
72
|
-
if: :require_password?
|
73
|
-
}
|
74
|
-
```
|
75
|
-
|
76
|
-
## Motivation
|
77
|
-
|
78
|
-
The deprecated features save people some time in the begginning, when setting up
|
79
|
-
Authlogic. But, later in the life of a project, when these settings need to
|
80
|
-
change, it is obscure compared to normal ActiveRecord validations.
|
81
|
-
|
82
|
-
[1]: https://github.com/binarylogic/authlogic/pull/623
|
@@ -1,106 +0,0 @@
|
|
1
|
-
module Authlogic
|
2
|
-
module ActsAsAuthentic
|
3
|
-
# This module is responsible for transitioning existing applications from
|
4
|
-
# the restful_authentication plugin.
|
5
|
-
module RestfulAuthentication
|
6
|
-
def self.included(klass)
|
7
|
-
klass.class_eval do
|
8
|
-
extend Config
|
9
|
-
include InstanceMethods
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
# Configures the restful_authentication aspect of acts_as_authentic.
|
14
|
-
# These methods become class methods of ::ActiveRecord::Base.
|
15
|
-
module Config
|
16
|
-
DPR_MSG = <<~STR.squish
|
17
|
-
Support for transitioning to authlogic from restful_authentication
|
18
|
-
(%s) is deprecated without replacement. restful_authentication is no
|
19
|
-
longer used in the ruby community, and the transition away from it is
|
20
|
-
complete. There is only one version of restful_authentication on
|
21
|
-
rubygems.org, it was released in 2009, and it's only compatible with
|
22
|
-
rails 2.3. It has been nine years since it was released.
|
23
|
-
STR
|
24
|
-
|
25
|
-
# Switching an existing app to Authlogic from restful_authentication? No
|
26
|
-
# problem, just set this true and your users won't know anything
|
27
|
-
# changed. From your database perspective nothing will change at all.
|
28
|
-
# Authlogic will continue to encrypt passwords just like
|
29
|
-
# restful_authentication, so your app won't skip a beat. Although, might
|
30
|
-
# consider transitioning your users to a newer and stronger algorithm.
|
31
|
-
# Checkout the transition_from_restful_authentication option.
|
32
|
-
#
|
33
|
-
# * <tt>Default:</tt> false
|
34
|
-
# * <tt>Accepts:</tt> Boolean
|
35
|
-
def act_like_restful_authentication(value = nil)
|
36
|
-
r = rw_config(:act_like_restful_authentication, value, false)
|
37
|
-
set_restful_authentication_config if value
|
38
|
-
r
|
39
|
-
end
|
40
|
-
|
41
|
-
def act_like_restful_authentication=(value = nil)
|
42
|
-
::ActiveSupport::Deprecation.warn(
|
43
|
-
format(DPR_MSG, "act_like_restful_authentication="),
|
44
|
-
caller(1)
|
45
|
-
)
|
46
|
-
act_like_restful_authentication(value)
|
47
|
-
end
|
48
|
-
|
49
|
-
# This works just like act_like_restful_authentication except that it
|
50
|
-
# will start transitioning your users to the algorithm you specify with
|
51
|
-
# the crypto provider option. The next time they log in it will resave
|
52
|
-
# their password with the new algorithm and any new record will use the
|
53
|
-
# new algorithm as well. Make sure to update your users table if you are
|
54
|
-
# using the default migration since it will set crypted_password and
|
55
|
-
# salt columns to a maximum width of 40 characters which is not enough.
|
56
|
-
def transition_from_restful_authentication(value = nil)
|
57
|
-
r = rw_config(:transition_from_restful_authentication, value, false)
|
58
|
-
set_restful_authentication_config if value
|
59
|
-
r
|
60
|
-
end
|
61
|
-
|
62
|
-
def transition_from_restful_authentication=(value = nil)
|
63
|
-
::ActiveSupport::Deprecation.warn(
|
64
|
-
format(DPR_MSG, "transition_from_restful_authentication="),
|
65
|
-
caller(1)
|
66
|
-
)
|
67
|
-
transition_from_restful_authentication(value)
|
68
|
-
end
|
69
|
-
|
70
|
-
private
|
71
|
-
|
72
|
-
def set_restful_authentication_config
|
73
|
-
self.restful_auth_crypto_provider = CryptoProviders::Sha1
|
74
|
-
if !defined?(::REST_AUTH_SITE_KEY) || ::REST_AUTH_SITE_KEY.nil?
|
75
|
-
unless defined?(::REST_AUTH_SITE_KEY)
|
76
|
-
class_eval("::REST_AUTH_SITE_KEY = ''", __FILE__, __LINE__)
|
77
|
-
end
|
78
|
-
CryptoProviders::Sha1.stretches = 1
|
79
|
-
end
|
80
|
-
end
|
81
|
-
|
82
|
-
# @api private
|
83
|
-
def restful_auth_crypto_provider=(provider)
|
84
|
-
if act_like_restful_authentication
|
85
|
-
self.crypto_provider = provider
|
86
|
-
else
|
87
|
-
self.transition_from_crypto_providers = provider
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
|
-
# :nodoc:
|
93
|
-
module InstanceMethods
|
94
|
-
private
|
95
|
-
|
96
|
-
def act_like_restful_authentication?
|
97
|
-
self.class.act_like_restful_authentication == true
|
98
|
-
end
|
99
|
-
|
100
|
-
def transition_from_restful_authentication?
|
101
|
-
self.class.transition_from_restful_authentication == true
|
102
|
-
end
|
103
|
-
end
|
104
|
-
end
|
105
|
-
end
|
106
|
-
end
|
@@ -1,35 +0,0 @@
|
|
1
|
-
module Authlogic
|
2
|
-
module ActsAsAuthentic
|
3
|
-
# Allows you to scope everything to specific fields. See the Config
|
4
|
-
# submodule for more info. For information on how to scope off of a parent
|
5
|
-
# object see Authlogic::AuthenticatesMany
|
6
|
-
module ValidationsScope
|
7
|
-
def self.included(klass)
|
8
|
-
klass.class_eval do
|
9
|
-
extend Config
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
# All configuration for the scope feature.
|
14
|
-
module Config
|
15
|
-
# Allows you to scope everything to specific field(s). Works just like
|
16
|
-
# validates_uniqueness_of. For example, let's say a user belongs to a
|
17
|
-
# company, and you want to scope everything to the company:
|
18
|
-
#
|
19
|
-
# acts_as_authentic do |c|
|
20
|
-
# c.validations_scope = :company_id
|
21
|
-
# end
|
22
|
-
#
|
23
|
-
# * <tt>Default:</tt> nil
|
24
|
-
# * <tt>Accepts:</tt> Symbol or Array of symbols
|
25
|
-
#
|
26
|
-
# @deprecated
|
27
|
-
def validations_scope(value = nil)
|
28
|
-
deprecate_authlogic_config("validations_scope") if value
|
29
|
-
rw_config(:validations_scope, value)
|
30
|
-
end
|
31
|
-
alias_method :validations_scope=, :validations_scope
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
35
|
-
end
|
@@ -1,50 +0,0 @@
|
|
1
|
-
module Authlogic
|
2
|
-
module AuthenticatesMany
|
3
|
-
# An object of this class is used as a proxy for the authenticates_many
|
4
|
-
# relationship. It basically allows you to "save" scope details and call
|
5
|
-
# them on an object, which allows you to do the following:
|
6
|
-
#
|
7
|
-
# @account.user_sessions.new
|
8
|
-
# @account.user_sessions.find
|
9
|
-
# # ... etc
|
10
|
-
#
|
11
|
-
# You can call all of the class level methods off of an object with a saved
|
12
|
-
# scope, so that calling the above methods scopes the user sessions down to
|
13
|
-
# that specific account. To implement this via ActiveRecord do something
|
14
|
-
# like:
|
15
|
-
#
|
16
|
-
# class User < ApplicationRecord
|
17
|
-
# authenticates_many :user_sessions
|
18
|
-
# end
|
19
|
-
class Association
|
20
|
-
attr_accessor :klass, :find_options, :id
|
21
|
-
|
22
|
-
# - id: Usually `nil`, but if the `scope_cookies` option is used, then
|
23
|
-
# `id` is a string like "company_123". It may seem strange to refer
|
24
|
-
# to such a string as an "id", but the naming is intentional, and
|
25
|
-
# is derived from `Authlogic::Session::Id`.
|
26
|
-
def initialize(klass, find_options, id)
|
27
|
-
self.klass = klass
|
28
|
-
self.find_options = find_options
|
29
|
-
self.id = id
|
30
|
-
end
|
31
|
-
|
32
|
-
%i[create create! find new].each do |method|
|
33
|
-
class_eval <<-EOS, __FILE__, __LINE__ + 1
|
34
|
-
def #{method}(*args)
|
35
|
-
klass.with_scope(scope_options) do
|
36
|
-
klass.#{method}(*args)
|
37
|
-
end
|
38
|
-
end
|
39
|
-
EOS
|
40
|
-
end
|
41
|
-
alias_method :build, :new
|
42
|
-
|
43
|
-
private
|
44
|
-
|
45
|
-
def scope_options
|
46
|
-
{ find_options: find_options, id: id }
|
47
|
-
end
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
@@ -1,81 +0,0 @@
|
|
1
|
-
module Authlogic
|
2
|
-
# This allows you to scope your authentication. For example, let's say all users belong
|
3
|
-
# to an account, you want to make sure only users that belong to that account can
|
4
|
-
# actually login into that account. Simple, just do:
|
5
|
-
#
|
6
|
-
# class Account < ApplicationRecord
|
7
|
-
# authenticates_many :user_sessions
|
8
|
-
# end
|
9
|
-
#
|
10
|
-
# Now you can scope sessions just like everything else in ActiveRecord:
|
11
|
-
#
|
12
|
-
# @account.user_sessions.new(*args)
|
13
|
-
# @account.user_sessions.create(*args)
|
14
|
-
# @account.user_sessions.find(*args)
|
15
|
-
# # ... etc
|
16
|
-
#
|
17
|
-
# Checkout the authenticates_many method for a list of options.
|
18
|
-
# You may also want to checkout Authlogic::ActsAsAuthentic::Scope to scope your model.
|
19
|
-
module AuthenticatesMany
|
20
|
-
# These methods become class methods of ::ActiveRecord::Base.
|
21
|
-
module Base
|
22
|
-
DPR_AUTH_MANY = <<~EOS.freeze
|
23
|
-
authenticates_many is deprecated without replacement. Let us know
|
24
|
-
if you would like to take over maintenance of this feature as a separate
|
25
|
-
gem. If no one volunteers to extract and maintain a new gem, then this
|
26
|
-
feature will simply be deleted.
|
27
|
-
EOS
|
28
|
-
|
29
|
-
# Allows you to set up a relationship with your sessions. See module
|
30
|
-
# definition above for more details.
|
31
|
-
#
|
32
|
-
# === Options
|
33
|
-
#
|
34
|
-
# * <tt>session_class:</tt> default: "#{name}Session",
|
35
|
-
# This is the related session class.
|
36
|
-
#
|
37
|
-
# * <tt>relationship_name:</tt>
|
38
|
-
# default: options[:session_class].klass_name.underscore.pluralize,
|
39
|
-
# This is the name of the relationship you want to use to scope
|
40
|
-
# everything. For example an Account has many Users. There should be a
|
41
|
-
# relationship called :users that you defined with a has_many. The
|
42
|
-
# reason we use the relationship is so you don't have to repeat
|
43
|
-
# yourself. The relationship could have all kinds of custom options. So
|
44
|
-
# instead of repeating yourself we essentially use the scope that the
|
45
|
-
# relationship creates.
|
46
|
-
#
|
47
|
-
# * <tt>find_options:</tt> default: nil,
|
48
|
-
# By default the find options are created from the relationship you
|
49
|
-
# specify with :relationship_name. But if you want to override this and
|
50
|
-
# manually specify find_options you can do it here. Specify options just
|
51
|
-
# as you would in ActiveRecord::Base.find.
|
52
|
-
#
|
53
|
-
# * <tt>scope_cookies:</tt> default: false
|
54
|
-
# By the nature of cookies they scope themselves if you are using
|
55
|
-
# subdomains to access accounts. If you aren't using subdomains you need
|
56
|
-
# to have separate cookies for each account, assuming a user is logging
|
57
|
-
# into more than one account. Authlogic can take care of this for you by
|
58
|
-
# prefixing the name of the cookie and session with the model id.
|
59
|
-
# Because it affects both cookies names and session keys, the name
|
60
|
-
# `scope_cookies` is misleading. Perhaps simply `scope` or `scoped`
|
61
|
-
# would have been better.
|
62
|
-
def authenticates_many(name, options = {})
|
63
|
-
::ActiveSupport::Deprecation.warn(DPR_AUTH_MANY)
|
64
|
-
options[:session_class] ||= name.to_s.classify.constantize
|
65
|
-
options[:relationship_name] ||= options[:session_class].klass_name.underscore.pluralize
|
66
|
-
class_eval <<-EOS, __FILE__, __LINE__ + 1
|
67
|
-
def #{name}
|
68
|
-
find_options = #{options[:find_options].inspect} || #{options[:relationship_name]}.where(nil)
|
69
|
-
@#{name} ||= Authlogic::AuthenticatesMany::Association.new(
|
70
|
-
#{options[:session_class]},
|
71
|
-
find_options,
|
72
|
-
#{options[:scope_cookies] ? "self.class.model_name.name.underscore + '_' + self.send(self.class.primary_key).to_s" : 'nil'}
|
73
|
-
)
|
74
|
-
end
|
75
|
-
EOS
|
76
|
-
end
|
77
|
-
end
|
78
|
-
|
79
|
-
::ActiveRecord::Base.extend(Base) if defined?(::ActiveRecord)
|
80
|
-
end
|
81
|
-
end
|