authlogic 1.0.0 → 1.1.0

data/CHANGELOG.rdoc

@@ -1,3 +1,22 @@
+== 1.1.0 released 2008-11-05
+
+* Moved Rack standards into abstract_adapter for the controllers.
+* Added authenticating_with_credentials?, authenticating_with_unauthorized_record?
+* Fixed typo in abstract_adapter, black to block.
+* Cleaned up / reorganized tests.
+* Moved ActiveRecord additions to ORM Adapters name space to make way for Data Mapper.
+* Reorganized and modified acts_as_authentic to be free standing and not get info from the related session.
+* The session now gets its configuration from the model, since determining which fields are present is ORM specific.
+* Extracted session and cookie logic into their own modules.
+* Moved crypto providers into their own module and added a Sha1 provider to help with the restful_authentication transition.
+* Allow the unique_token method to use the alternate crypto_provider if it is a hash algorithm, otherwise default to Sha512.
+* Added last_request_at_threshold configuration option.
+* Changed Scoped class to AuthenticatesManyAssociation, like AR has HasManyAssociation, etc.
+* Added should_be_authentic shoulda macro.
+* Removed some magic from how sessions are initialized. See the initialize documentation, this method is a little more structured now, which was required for adding in openid.
+* Added in logging via a params token, which is friendly for feed URLs. Works just like cookies and sessions when persisting the session.
+* Added the option to use session.user, instead of session.record. This is based off of what model your session is authenticating with.
+
 == 1.0.0 released 2008-11-05
 
 * Checked for blank login counts, if a default wasnt set in the migrations.

data/Manifest

@@ -1,37 +1,51 @@
 CHANGELOG.rdoc
 init.rb
-lib/authlogic/active_record/acts_as_authentic.rb
-lib/authlogic/active_record/authenticates_many.rb
-lib/authlogic/active_record/scoped_session.rb
 lib/authlogic/controller_adapters/abstract_adapter.rb
 lib/authlogic/controller_adapters/merb_adapter.rb
 lib/authlogic/controller_adapters/rails_adapter.rb
+lib/authlogic/crypto_providers/sha1.rb
+lib/authlogic/crypto_providers/sha512.rb
+lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
+lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb
+lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb
+lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb
+lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb
+lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb
 lib/authlogic/session/active_record_trickery.rb
+lib/authlogic/session/authenticates_many_association.rb
 lib/authlogic/session/base.rb
 lib/authlogic/session/callbacks.rb
 lib/authlogic/session/config.rb
+lib/authlogic/session/cookies.rb
 lib/authlogic/session/errors.rb
+lib/authlogic/session/openid.rb
+lib/authlogic/session/params.rb
 lib/authlogic/session/scopes.rb
-lib/authlogic/sha512_crypto_provider.rb
+lib/authlogic/session/session.rb
+lib/authlogic/testing/shoulda_macros.rb
 lib/authlogic/version.rb
 lib/authlogic.rb
 Manifest
 MIT-LICENSE
 Rakefile
 README.rdoc
-test/active_record_acts_as_authentic_test.rb
-test/active_record_authenticates_many_test.rb
 test/fixtures/companies.yml
 test/fixtures/employees.yml
 test/fixtures/projects.yml
 test/fixtures/users.yml
+test/libs/aes128_crypto_provider.rb
+test/libs/mock_controller.rb
+test/libs/mock_cookie_jar.rb
+test/libs/mock_request.rb
+test/libs/ordered_hash.rb
+test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_test.rb
+test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb
+test/session_tests/active_record_trickery_test.rb
+test/session_tests/authenticates_many_association_test.rb
+test/session_tests/base_test.rb
+test/session_tests/config_test.rb
+test/session_tests/cookies_test.rb
+test/session_tests/params_test.rb
+test/session_tests/scopes_test.rb
+test/session_tests/session_test.rb
 test/test_helper.rb
-test/user_session_active_record_trickery_test.rb
-test/user_session_base_test.rb
-test/user_session_config_test.rb
-test/user_session_scopes_test.rb
-test_libs/aes128_crypto_provider.rb
-test_libs/mock_controller.rb
-test_libs/mock_cookie_jar.rb
-test_libs/mock_request.rb
-test_libs/ordered_hash.rb

data/README.rdoc

@@ -1,10 +1,12 @@
 = Authlogic
 
-Authlogic is a framework agnostic object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database. Put simply, its the Chuck Norris of authentication solutions for rails, merb, etc.
+Authlogic is a clean, simple, and unobtrusive ruby authentication solution. Put simply, its the Chuck Norris of authentication solutions for your framework of choice.
 
 The last thing we need is another authentication solution, right? That's what I thought until I tried out some of the current solutions in both rails and merb. None of them felt right. They were either too complicated, bloated, littered my application with tons of code, or were just confusing. This is not the simple / elegant ruby we all fell in love with. We need a "ruby like" authentication solution. Authlogic is my attempt to satisfy that need...
 
-Let's take a rails application, wouldn't it be nice to keep your app up to date with the latest and greatest security techniques with a simple update of a plugin?
+Let's take a rails application...
+
+Wouldn't it be nice to keep your app up to date with the latest and greatest security techniques with a simple update of a plugin?
 
 What if you could have authentication up and running in minutes without having to run a generator? All because it's simple, like everything else.
 
@@ -54,7 +56,7 @@ Or how about persisting the session...
     protected
       def load_user
         @user_session = UserSession.find
-        @current_user = @user_session && @user_session.record
+        @current_user = @user_session && @user_session.user
       end
   end
 
@@ -69,13 +71,16 @@ Authlogic makes this a reality. This is just the tip of the ice berg. Keep readi
 
 == Install and use
 
-Install the gem / plugin
+Install the gem / plugin (recommended)
 
   $ sudo gem install authlogic
-  $ cd vendor/plugins
-  $ sudo gem unpack authlogic
 
-Or as a plugin
+Now add the gem dependency in your config:
+
+  # config/environment.rb
+  config.gem :authlogic
+
+Or you install this as a plugin (for older versions of rails)
 
   script/plugin install git://github.com/binarylogic/authlogic.git
 
@@ -86,14 +91,14 @@ Lets assume you are setting up a session for your User model.
 Create your user_session.rb file:
 
   # app/models/user_session.rb
-  class UserSession < Authgasm::Session::Base
+  class UserSession < Authlogic::Session::Base
     # configuration here, just like ActiveRecord, or in an initializer
-    # See Authgasm::Session::Config::ClassMethods for more details
+    # See Authlogic::Session::Config::ClassMethods for more details
   end
 
 === Ensure proper database fields
 
-The user model needs to have the following columns. The names of these columns can be changed with configuration. Better yet, Authgasm tries to guess these names by checking for the existence of common names. See Authgasm::Session::Config::ClassMethods for more details, but chances are you won't have to specify any configuration for your field names, even if they aren't the same names as below.
+The user model needs to have the following columns. The names of these columns can be changed with configuration. Better yet, Authlogic tries to guess these names by checking for the existence of common names. See Authlogic::Session::Config::ClassMethods for more details, but chances are you won't have to specify any configuration for your field names, even if they aren't the same names as below.
 
     t.string    :login, :null => false
     t.string    :crypted_password, :null => false
@@ -106,11 +111,9 @@ The user model needs to have the following columns. The names of these columns c
 Make sure you have a model that you will be authenticating with. For this example let's say you have a User model:
 
   class User < ActiveRecord::Base
-    acts_as_authentic # for options see documentation: Authgasm::ActsAsAuthentic::ClassMethods
+    acts_as_authentic # for options see documentation: Authlogic::ActsAsAuthentic::ClassMethods
   end
 
-The options for acts_as_authentic are based on the UserSession configuration. So if you specified configuration for your UserSession model you should not have to specify any options for acts_as_authentic, unless you want them to be different.
-
 Done! Now go use it just like you would with any other ActiveRecord model. Either glance at the code at the beginning of this readme or check out the tutorial (see above in "helpful links") for a more detailed walk through.
 
 == Magic Columns
@@ -269,7 +272,6 @@ Here is basically how this is done....
 
   class User < ActiveRecord::Base
     after_save :maintain_sessions!
-    after_update :update_sessions!
     
     private
       def maintain_sessions!
@@ -286,7 +288,7 @@ When things come together like this I think its a sign that you are doing someth
 
 I designed Authlogic to be framework agnostic, meaning it doesn't care what framework you use it in. Right out of the box it supports rails and merb. I have not had the opportunity to use other frameworks, but the only thing stopping Authlogic from being used in other frameworks is a simple adapter. Check out controller_adapters/rails_adapter, or controller_adapters/merb_adapter.
 
-Since pretty much all of the frameworks in ruby follow the Rack conventions, the code should be very similar across adapters. You're saying "but Ben, why not just hook into Rack and avoid the need for controller adapters all together?". It's not that simple, because rails doesn't inherit from the Rack::Request class, plus there are small differences between how rack is implemented in each framework. Authlogic has to hook into your controller with a before_filter anyways, so it can "activate" itself. Why not just use the controller object?
+Since pretty much all of the frameworks in ruby follow the Rack conventions, the code should be very similar across adapters. In fact that abstract adapter assumes you are using Rack. If you are using it properly there really isn't any code you should have to write. Check out the merb_adapter to see for yourself. You're saying "but Ben, why not just hook into Rack and avoid the need for controller adapters all together?". It's not that simple, because rails doesn't inherit from the Rack::Request class, plus there are small differences between how rack is implemented in each framework. Authlogic has to hook into your controller with a before_filter anyways, so it can "activate" itself. Why not just use the controller object?
 
 The point in all of this rambling is that implementing Authlogic is as simple as creating an adapter. I created both the rails and merb adapters in under 10 minutes. If you have an adapter you created and would like to add please let me know and I will add it into the source.
 

data/Rakefile

@@ -8,7 +8,7 @@ Echoe.new 'authlogic' do |p|
   p.author = "Ben Johnson of Binary Logic"
   p.email  = 'bjohnson@binarylogic.com'
   p.project = 'authlogic'
-  p.summary = "Framework agnostic object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database."
+  p.summary = "A clean, simple, and unobtrusive ruby authentication solution."
   p.url = "http://github.com/binarylogic/authlogic"
   p.dependencies = %w(activesupport activerecord)
   p.include_rakefile = true

data/authlogic.gemspec

@@ -1,22 +1,22 @@
 Gem::Specification.new do |s|
   s.name = %q{authlogic}
-  s.version = "1.0.0"
+  s.version = "1.1.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.authors = ["Ben Johnson of Binary Logic"]
-  s.date = %q{2008-11-05}
-  s.description = %q{Framework agnostic object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.}
+  s.date = %q{2008-11-13}
+  s.description = %q{A clean, simple, and unobtrusive ruby authentication solution.}
   s.email = %q{bjohnson@binarylogic.com}
-  s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/active_record/acts_as_authentic.rb", "lib/authlogic/active_record/authenticates_many.rb", "lib/authlogic/active_record/scoped_session.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/sha512_crypto_provider.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
-  s.files = ["CHANGELOG.rdoc", "init.rb", "lib/authlogic/active_record/acts_as_authentic.rb", "lib/authlogic/active_record/authenticates_many.rb", "lib/authlogic/active_record/scoped_session.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/sha512_crypto_provider.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "test/active_record_acts_as_authentic_test.rb", "test/active_record_authenticates_many_test.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/test_helper.rb", "test/user_session_active_record_trickery_test.rb", "test/user_session_base_test.rb", "test/user_session_config_test.rb", "test/user_session_scopes_test.rb", "test_libs/aes128_crypto_provider.rb", "test_libs/mock_controller.rb", "test_libs/mock_cookie_jar.rb", "test_libs/mock_request.rb", "test_libs/ordered_hash.rb", "authlogic.gemspec"]
+  s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/openid.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/testing/shoulda_macros.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
+  s.files = ["CHANGELOG.rdoc", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/openid.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/testing/shoulda_macros.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/aes128_crypto_provider.rb", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
   s.has_rdoc = true
   s.homepage = %q{http://github.com/binarylogic/authlogic}
   s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic", "--main", "README.rdoc"]
   s.require_paths = ["lib"]
   s.rubyforge_project = %q{authlogic}
   s.rubygems_version = %q{1.2.0}
-  s.summary = %q{Framework agnostic object based authentication solution that handles all of the non sense for you. It's as easy as ActiveRecord is with a database.}
-  s.test_files = ["test/active_record_acts_as_authentic_test.rb", "test/active_record_authenticates_many_test.rb", "test/test_helper.rb", "test/user_session_active_record_trickery_test.rb", "test/user_session_base_test.rb", "test/user_session_config_test.rb", "test/user_session_scopes_test.rb"]
+  s.summary = %q{A clean, simple, and unobtrusive ruby authentication solution.}
+  s.test_files = ["test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/test_helper.rb"]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION

data/lib/authlogic.rb

@@ -6,24 +6,41 @@ require File.dirname(__FILE__) + "/authlogic/controller_adapters/abstract_adapte
 require File.dirname(__FILE__) + "/authlogic/controller_adapters/rails_adapter" if defined?(Rails)
 require File.dirname(__FILE__) + "/authlogic/controller_adapters/merb_adapter" if defined?(Merb)
 
-require File.dirname(__FILE__) + "/authlogic/sha512_crypto_provider"
+require File.dirname(__FILE__) + "/authlogic/crypto_providers/sha1"
+require File.dirname(__FILE__) + "/authlogic/crypto_providers/sha512"
 
-require File.dirname(__FILE__) + "/authlogic/active_record/acts_as_authentic"
-require File.dirname(__FILE__) + "/authlogic/active_record/authenticates_many"
-require File.dirname(__FILE__) + "/authlogic/active_record/scoped_session"
+if defined?(ActiveRecord)
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/acts_as_authentic"
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials"
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in"
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence"
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance"
+  require File.dirname(__FILE__) + "/authlogic/orm_adapters/active_record_adapter/authenticates_many"
+end
 
+require File.dirname(__FILE__) + "/authlogic/session/authenticates_many_association"
 require File.dirname(__FILE__) + "/authlogic/session/active_record_trickery"
 require File.dirname(__FILE__) + "/authlogic/session/callbacks"
 require File.dirname(__FILE__) + "/authlogic/session/config"
+require File.dirname(__FILE__) + "/authlogic/session/cookies"
 require File.dirname(__FILE__) + "/authlogic/session/errors"
+#require File.dirname(__FILE__) + "/authlogic/session/openid"
+require File.dirname(__FILE__) + "/authlogic/session/params"
+require File.dirname(__FILE__) + "/authlogic/session/session"
 require File.dirname(__FILE__) + "/authlogic/session/scopes"
 require File.dirname(__FILE__) + "/authlogic/session/base"
 
+require File.dirname(__FILE__) + "/authlogic/testing/shoulda_macros"
+
 module Authlogic
   module Session
     class Base
       include ActiveRecordTrickery
       include Callbacks
+      include Cookies
+      #include OpenID
+      include Params
+      include Session
       include Scopes
     end
   end

data/lib/authlogic/controller_adapters/abstract_adapter.rb

@@ -3,20 +3,35 @@ module Authlogic
     # = Abstract Adapter
     # Allows you to use Authlogic in any framework you want, not just rails. See tha RailsAdapter for an example of how to adapter Authlogic to work with your framework.
     class AbstractAdapter
+      attr_accessor :controller
+      
+      def initialize(controller)
+        self.controller = controller
+      end
+      
       def authenticate_with_http_basic(&block)
-        black.call(nil, nil)
+        @auth = Rack::Auth::Basic::Request.new(controller.request.env)
+        if @auth.provided? and @auth.basic?
+          block.call(*@auth.credentials)
+        else
+          false
+        end
       end
       
       def cookies
-        {}
+        controller.cookies
+      end
+      
+      def params
+        controller.params
       end
       
       def request
-        nil
+        controller.request
       end
       
       def session
-        {}
+        controller.session
       end
     end
   end

data/lib/authlogic/controller_adapters/merb_adapter.rb

@@ -4,33 +4,6 @@ module Authlogic
     # Adapts authlogic to work with merb. The point is to close the gap between what authlogic expects and what the merb controller object
     # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
     class MerbAdapter < AbstractAdapter
-      attr_accessor :controller
-      
-      def initialize(controller)
-        self.controller = controller
-      end
-      
-      def authenticate_with_http_basic(&block)
-        @auth = Rack::Auth::Basic::Request.new(controller.request.env)
-        if @auth.provided? and @auth.basic?
-          black.call(*@auth.credentials)
-        else
-          false
-        end
-      end
-      
-      def cookies
-        controller.cookies
-      end
-      
-      def request
-        controller.request
-      end
-      
-      def session
-        controller.session
-      end
-      
       # = Merb Implementation
       # Lets Authlogic know about the controller object, AKA "activates" authlogic.
       module MerbImplementation

data/lib/authlogic/controller_adapters/rails_adapter.rb

@@ -4,12 +4,6 @@ module Authlogic
     # Adapts authlogic to work with rails. The point is to close the gap between what authlogic expects and what the rails controller object
     # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
     class RailsAdapter < AbstractAdapter
-      attr_accessor :controller
-      
-      def initialize(controller)
-        self.controller = controller
-      end
-      
       def authenticate_with_http_basic(&block)
         controller.authenticate_with_http_basic(&block)
       end
@@ -18,14 +12,6 @@ module Authlogic
         controller.send(:cookies)
       end
       
-      def request
-        controller.request
-      end
-      
-      def session
-        controller.session
-      end
-      
       # = Rails Implementation
       # Lets Authlogic know about the controller object, AKA "activates" authlogic.
       module RailsImplementation

data/lib/authlogic/crypto_providers/sha1.rb

@@ -0,0 +1,24 @@
+require "digest/sha1"
+
+module Authlogic
+  module CryptoProviders
+    # = Sha1
+    #
+    # Uses the Sha1 hash algorithm to encrypt passwords. This class is useful if you are migrating from restful_authentication. This uses the
+    # exact same excryption algorithm with 10 stretches, just like restful_authentication.
+    class Sha1
+      class << self
+        def stretches
+          @stretches ||= 10
+        end
+        attr_writer :stretches
+        
+        def encrypt(pass)
+          digest = pass
+          stretches.times { digest = Digest::SHA1.hexdigest(digest) }
+          digest
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/crypto_providers/sha512.rb

@@ -0,0 +1,30 @@
+require "digest/sha2"
+
+module Authlogic
+  # = Crypto Providers
+  #
+  # The acts_as_authentic method allows you to pass a :crypto_provider option. This allows you to use any type of encryption you like.
+  # Just create a class with a class level encrypt and decrypt method. The password will be passed as the single parameter to each of these
+  # methods so you can do your magic.
+  #
+  # If you are encrypting via a hash just don't include a decrypt method, since hashes can't be decrypted. Authlogic will notice this adjust accordingly.
+  module CryptoProviders
+    # = Sha512
+    #
+    # Uses the Sha512 hash algorithm to encrypt passwords.
+    class Sha512
+      class << self
+        def stretches
+          @stretches ||= 20
+        end
+        attr_writer :stretches
+        
+        def encrypt(pass)
+          digest = pass
+          stretches.times { digest = Digest::SHA512.hexdigest(digest) }
+          digest
+        end
+      end
+    end
+  end
+end

data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb

@@ -0,0 +1,89 @@
+module Authlogic
+  module ORMAdapters # :nodoc:
+    module ActiveRecordAdapter # :nodoc:
+      # = Acts As Authentic
+      # Provides the acts_as_authentic method to include in your models to help with authentication. See method below.
+      module ActsAsAuthentic
+        # Call this method in your model to add in basic authentication madness that your authlogic session expects.
+        #
+        # === Methods
+        # For example purposes lets assume you have a User model.
+        #
+        #   Class method name           Description
+        #   User.crypto_provider        The class that you set in your :crypto_provider option
+        #   User.forget_all!            Finds all records, loops through them, and calls forget! on each record. This is paginated to save on memory.
+        #   User.unique_token           returns unique token generated by your :crypto_provider
+        #
+        #   Named Scopes
+        #   User.logged_in              Find all users who are logged in, based on your :logged_in_timeout option.
+        #   User.logged_out             Same as above, but logged out.
+        #
+        #   Isntace method name
+        #   user.password=              Method name based on the :password_field option. This is used to set the password. Pass the *raw* password to this.
+        #   user.confirm_password=      Confirms the password, needed to change the password.
+        #   user.valid_password?(pass)  Determines if the password passed is valid. The password could be encrypted or raw.
+        #   user.reset_password         Resets the password to a random password using only letters and numbers.
+        #   user.reset_password!        The same as reset_password but saves the record.
+        #   user.logged_in?             Based on the :logged_in_timeout option. Tells you if the user is logged in or not.
+        #   user.forget!                Changes their remember token, making their cookie and session invalid. A way to log the user out withouth changing their password.
+        #
+        # === Options
+        #
+        # * <tt>session_class:</tt> default: "#{name}Session",
+        #   This is the related session class. A lot of the configuration will be based off of the configuration values of this class.
+        #   
+        # * <tt>crypto_provider:</tt> default: Authlogic::CryptoProviders::Sha512,
+        #   This is the class that provides your encryption. By default Authlogic provides its own crypto provider that uses Sha512 encrypton.
+        #   
+        # * <tt>login_field:</tt> default: options[:session_class].login_field,
+        #   The name of the field used for logging in, this is guess based on what columns are in your db. Only specify if you aren't using:
+        #   login, username, or email
+        #   
+        # * <tt>login_field_type:</tt> default: options[:login_field] == :email ? :email : :login,
+        #   Tells authlogic how to validation the field, what regex to use, etc. If the field name is email it will automatically use email,
+        #   otherwise it uses login.
+        #   
+        # * <tt>login_field_regex:</tt> default: if email then typical email regex, otherwise typical login regex.
+        #   This is used in validates_format_of for the login_field.
+        #   
+        # * <tt>login_field_regex_message:</tt> the message to use when the validates_format_of for the login field fails.
+        #   
+        # * <tt>password_field:</tt> default: options[:session_class].password_field,
+        #   This is the name of the field to set the password, *NOT* the field the encrypted password is stored.
+        #   
+        # * <tt>crypted_password_field:</tt> default: depends on which columns are present,
+        #   The name of the database field where your encrypted password is stored. If the name of the field is different from any of the following
+        #   you need to specify it with this option: crypted_password, encrypted_password, password_hash, pw_hash
+        #   
+        # * <tt>password_salt_field:</tt> default: depends on which columns are present,
+        #   This is the name of the field in your database that stores your password salt. If the name of the field is different from any of the
+        #   following then you need to specify it with this option: password_salt, pw_salt, salt
+        #   
+        # * <tt>remember_token_field:</tt> default: options[:session_class].remember_token_field,
+        #   This is the name of the field your remember_token is stored. The remember token is a unique token that is stored in the users cookie and
+        #   session. This way you have complete control of when session expire and you don't have to change passwords to expire sessions. This also
+        #   ensures that stale sessions can not be persisted. By stale, I mean sessions that are logged in using an outdated password. If the name
+        #   of the field is anything other than the following you need to specify it with this option: remember_token, remember_key, cookie_token,
+        #   cookie_key
+        #   
+        # * <tt>scope:</tt> default: nil,
+        #   This scopes validations. If all of your users belong to an account you might want to scope everything to the account. Just pass :account_id
+        #   
+        # * <tt>logged_in_timeout:</tt> default: 10.minutes,
+        #   This is really just a nifty feature to tell if a user is logged in or not. It's based on activity. So if the user in inactive longer than
+        #   the value you pass here they are assumed "logged out".
+        #   
+        # * <tt>session_ids:</tt> default: [nil],
+        #   The sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable.
+        #   Should be an array of ids. See the Authlogic::Session documentation for information on ids. The order is important.
+        #   The first id should be your main session, the session they need to log into first. This is generally nil. When you don't specify an id
+        #   in your session you are really just inexplicitly saying you want to use the id of nil.
+        def acts_as_authentic(options = {})
+          # All logic for this method is split up into sub modules. This a stub to create a method chain off of and provide documentation.
+        end
+      end
+    end
+  end
+end
+
+ActiveRecord::Base.extend Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic