authlogic 1.3.9 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of authlogic might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +9 -0
- data/Manifest +1 -0
- data/README.rdoc +22 -5
- data/Rakefile +1 -0
- data/authlogic.gemspec +5 -4
- data/lib/authlogic.rb +1 -0
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +8 -0
- data/lib/authlogic/controller_adapters/merb_adapter.rb +4 -0
- data/lib/authlogic/controller_adapters/rails_adapter.rb +4 -0
- data/lib/authlogic/i18n.rb +52 -0
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb +1 -1
- data/lib/authlogic/session/base.rb +17 -15
- data/lib/authlogic/session/config.rb +19 -98
- data/lib/authlogic/session/cookies.rb +3 -2
- data/lib/authlogic/session/params.rb +2 -1
- data/lib/authlogic/session/session.rb +1 -1
- data/lib/authlogic/session/timeout.rb +1 -1
- data/lib/authlogic/testing/test_unit_helpers.rb +2 -2
- data/lib/authlogic/version.rb +2 -2
- data/test/libs/mock_controller.rb +4 -0
- data/test/libs/mock_cookie_jar.rb +4 -0
- data/test/session_tests/base_test.rb +10 -11
- data/test/session_tests/config_test.rb +0 -84
- metadata +5 -3
data/CHANGELOG.rdoc
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
== 1.4.0 released 2009-1-28
|
|
2
|
+
|
|
3
|
+
* Added support for cookie domain, based on your frameworks session domain configuration
|
|
4
|
+
* Updated test helper functions to use the persistence token config value
|
|
5
|
+
* Check for UTC times when using Time.now for current_login_at and last_request_at
|
|
6
|
+
* Single access now looks for a single_access_allowed? method in your controllers to determine if single access should be allowed or not. Allowing you to define exactly when single access is allowed.
|
|
7
|
+
* Finding the authenticated record uses klass.primary_key instead of assuming id.
|
|
8
|
+
* BREAKS BACKWARDS COMPATIBILITY: New I18n solution implemented. See Authlogic::I18n for more information.
|
|
9
|
+
|
|
1
10
|
== 1.3.9 released 2009-1-9
|
|
2
11
|
|
|
3
12
|
* Added the disable_perishable_token_maintenance option to disable the automatic resetting of the perishable_token, meaning you will have to maintain this yourself.
|
data/Manifest
CHANGED
|
@@ -9,6 +9,7 @@ lib/authlogic/crypto_providers/aes256.rb
|
|
|
9
9
|
lib/authlogic/crypto_providers/bcrypt.rb
|
|
10
10
|
lib/authlogic/crypto_providers/sha1.rb
|
|
11
11
|
lib/authlogic/crypto_providers/sha512.rb
|
|
12
|
+
lib/authlogic/i18n.rb
|
|
12
13
|
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
|
|
13
14
|
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
|
|
14
15
|
lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb
|
data/README.rdoc
CHANGED
|
@@ -83,6 +83,9 @@ Or how about persisting the session...
|
|
|
83
83
|
* <b>Tutorial: Easily migrate from restful_authentication:</b> http://www.binarylogic.com/2008/11/23/tutorial-easily-migrate-from-restful_authentication-to-authlogic
|
|
84
84
|
* <b>Tutorial: Upgrade passwords easily with Authlogic:</b> http://www.binarylogic.com/2008/11/23/tutorial-upgrade-passwords-easily-with-authlogic
|
|
85
85
|
* <b>Bugs / feature suggestions:</b> http://binarylogic.lighthouseapp.com/projects/18752-authlogic
|
|
86
|
+
* <b>Google group:</b> http://groups.google.com/group/authlogic
|
|
87
|
+
|
|
88
|
+
If you find a bug or a problem please post it on lighthouse. If you need help with something or it is specific to your app, please use google groups. I check both regularly and get emails when anything happens, so that is the best place to get help.
|
|
86
89
|
|
|
87
90
|
== Install and use
|
|
88
91
|
|
|
@@ -297,7 +300,17 @@ This token is used to persist the user's session. This is the token that is stor
|
|
|
297
300
|
|
|
298
301
|
=== 2. Single access token (private feed access, etc.)
|
|
299
302
|
|
|
300
|
-
This token is used for single access only, it is not persisted. Meaning the user provides it, Authlogic grants them access, and that's it. If they want access again they need to provide the token again. Authlogic will *NEVER* store this value in the session or a cookie. For added security, by default this token is *ONLY* allowed for RSS and ATOM requests. Also, this token does *NOT* change with the password. Meaning if the user changes their password, this token will remain the same. Lastly, this token uses a "friendly"
|
|
303
|
+
This token is used for single access only, it is not persisted. Meaning the user provides it, Authlogic grants them access, and that's it. If they want access again they need to provide the token again. Authlogic will *NEVER* store this value in the session or a cookie. For added security, by default this token is *ONLY* allowed for RSS and ATOM requests. Also, this token does *NOT* change with the password. Meaning if the user changes their password, this token will remain the same. Lastly, this token uses a "friendly" token (see the URL example below) so that it is easier to email / copy and paste. You can change all of this with configuration (see Authlogic::Session::config), so if you don't like how this works by default, just set some simple configuration in your session.
|
|
304
|
+
|
|
305
|
+
For even more flexibility Authlogic looks for a method in your controller called single_access_allowed?. If that method exists and returns true Authlogic will try to log in the user with this method. Here is a quick example:
|
|
306
|
+
|
|
307
|
+
class UsersController < ApplicationController
|
|
308
|
+
private
|
|
309
|
+
def single_access_allowed?
|
|
310
|
+
action_name == "index"
|
|
311
|
+
end
|
|
312
|
+
|
|
313
|
+
The above will only allow logging in via the single access toke with the index method only.
|
|
301
314
|
|
|
302
315
|
This field is optional, if you want to use it just add the field to your database:
|
|
303
316
|
|
|
@@ -306,9 +319,9 @@ This field is optional, if you want to use it just add the field to your databas
|
|
|
306
319
|
|
|
307
320
|
This is great for private feed access. So your URL to that user's private feed could look something like:
|
|
308
321
|
|
|
309
|
-
http://www.mydomain.com/account/feed.rss?
|
|
322
|
+
http://www.mydomain.com/account/feed.rss?user_credentials=4LiXF7FiGUppIPubBPey
|
|
310
323
|
|
|
311
|
-
The
|
|
324
|
+
The user_credentials parameter name is configurable (see Authlogic::Session::Config), but if that parameter exists Authlogic will automatically use it to try and grant that user access. You don't have to do a thing: UserSession.find will take care of it just like it does for everything else.
|
|
312
325
|
|
|
313
326
|
For more information see: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::SingleAccess
|
|
314
327
|
|
|
@@ -393,7 +406,7 @@ But what if you *don't* want to separate your cookies by subdomains? You can acc
|
|
|
393
406
|
|
|
394
407
|
ActionController::Base.session_options[:session_domain] = '.mydomain.com'
|
|
395
408
|
|
|
396
|
-
|
|
409
|
+
Notice the above is configuration for your session, not your cookies. Authlogic notices this and assume this is how you want to treat your cookies as well. As a result, it applies this domain to the cookies it sets. Now your session and all cookies act the same and are scoped under the same domain under Authlogic.
|
|
397
410
|
|
|
398
411
|
Now let's look at this from the other angle. What if you are *NOT* using subdomains, but still want to separate cookies for each account. Simple, set the :scope_cookies option for authenticate_many:
|
|
399
412
|
|
|
@@ -433,7 +446,7 @@ Think about financial websites, if you are inactive for a certain period of time
|
|
|
433
446
|
logout_on_timeout true # default if false
|
|
434
447
|
end
|
|
435
448
|
|
|
436
|
-
This will require a user to log back in if they are inactive for more than 10 minutes. In order for this feature to be used you must have a last_request_at datetime
|
|
449
|
+
This will require a user to log back in if they are inactive for more than 10 minutes. In order for this feature to be used you must have a last_request_at datetime column in your table for whatever model you are authenticating with.
|
|
437
450
|
|
|
438
451
|
== Automatic Session Updating
|
|
439
452
|
|
|
@@ -464,6 +477,10 @@ Obviously there is a little more to it than this, but hopefully this clarifies a
|
|
|
464
477
|
|
|
465
478
|
When things come together like this I think its a sign that you are doing something right. Put that in your pipe and smoke it!
|
|
466
479
|
|
|
480
|
+
== Internationalization (I18n)
|
|
481
|
+
|
|
482
|
+
Please see Authlogic::I18n for more information. Internationalization is very easy to implement, in fact if you are using the default rails I18n library then you don't need to do anything other than defining the messages in your localization configuration files. See Authlogic::I18n for a complete list of keys you need to define.
|
|
483
|
+
|
|
467
484
|
== Testing
|
|
468
485
|
|
|
469
486
|
Testing with authlogic is easy, there is a helper file that will add some convenient test helpers for you. In your test_helper.rb file do the following:
|
data/Rakefile
CHANGED
|
@@ -10,4 +10,5 @@ Echoe.new 'authlogic' do |p|
|
|
|
10
10
|
p.summary = "A clean, simple, and unobtrusive ruby authentication solution."
|
|
11
11
|
p.url = "http://github.com/binarylogic/authlogic"
|
|
12
12
|
p.dependencies = %w(activesupport echoe)
|
|
13
|
+
p.install_message = "BREAKS BACKWARDS COMPATIBILITY! This is only for those using I18n. If you were using the Authlogic configuration to implement I18n you need to update your configuration. A new cleaner approach has been implemented for I18n in Authlogic. See Authlogic::I18n for more details."
|
|
13
14
|
end
|
data/authlogic.gemspec
CHANGED
|
@@ -2,17 +2,18 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{authlogic}
|
|
5
|
-
s.version = "1.
|
|
5
|
+
s.version = "1.4.0"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
|
8
8
|
s.authors = ["Ben Johnson of Binary Logic"]
|
|
9
|
-
s.date = %q{2009-01-
|
|
9
|
+
s.date = %q{2009-01-28}
|
|
10
10
|
s.description = %q{A clean, simple, and unobtrusive ruby authentication solution.}
|
|
11
11
|
s.email = %q{bjohnson@binarylogic.com}
|
|
12
|
-
s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
|
|
13
|
-
s.files = ["CHANGELOG.rdoc", "generators/session/session_generator.rb", "generators/session/templates/session.rb", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "shoulda_macros/authlogic.rb", "test/crypto_provider_tests/aes256_test.rb", "test/crypto_provider_tests/bcrypt_test.rb", "test/crypto_provider_tests/sha1_test.rb", "test/crypto_provider_tests/sha512_test.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/libs/user.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/session_tests/timeout_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
|
|
12
|
+
s.extra_rdoc_files = ["CHANGELOG.rdoc", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/i18n.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "README.rdoc"]
|
|
13
|
+
s.files = ["CHANGELOG.rdoc", "generators/session/session_generator.rb", "generators/session/templates/session.rb", "init.rb", "lib/authlogic/controller_adapters/abstract_adapter.rb", "lib/authlogic/controller_adapters/merb_adapter.rb", "lib/authlogic/controller_adapters/rails_adapter.rb", "lib/authlogic/crypto_providers/aes256.rb", "lib/authlogic/crypto_providers/bcrypt.rb", "lib/authlogic/crypto_providers/sha1.rb", "lib/authlogic/crypto_providers/sha512.rb", "lib/authlogic/i18n.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb", "lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic.rb", "lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb", "lib/authlogic/session/active_record_trickery.rb", "lib/authlogic/session/authenticates_many_association.rb", "lib/authlogic/session/base.rb", "lib/authlogic/session/callbacks.rb", "lib/authlogic/session/config.rb", "lib/authlogic/session/cookies.rb", "lib/authlogic/session/errors.rb", "lib/authlogic/session/params.rb", "lib/authlogic/session/perishability.rb", "lib/authlogic/session/scopes.rb", "lib/authlogic/session/session.rb", "lib/authlogic/session/timeout.rb", "lib/authlogic/testing/test_unit_helpers.rb", "lib/authlogic/version.rb", "lib/authlogic.rb", "Manifest", "MIT-LICENSE", "Rakefile", "README.rdoc", "shoulda_macros/authlogic.rb", "test/crypto_provider_tests/aes256_test.rb", "test/crypto_provider_tests/bcrypt_test.rb", "test/crypto_provider_tests/sha1_test.rb", "test/crypto_provider_tests/sha512_test.rb", "test/fixtures/companies.yml", "test/fixtures/employees.yml", "test/fixtures/projects.yml", "test/fixtures/users.yml", "test/libs/mock_controller.rb", "test/libs/mock_cookie_jar.rb", "test/libs/mock_request.rb", "test/libs/ordered_hash.rb", "test/libs/user.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb", "test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb", "test/session_tests/active_record_trickery_test.rb", "test/session_tests/authenticates_many_association_test.rb", "test/session_tests/base_test.rb", "test/session_tests/config_test.rb", "test/session_tests/cookies_test.rb", "test/session_tests/params_test.rb", "test/session_tests/perishability_test.rb", "test/session_tests/scopes_test.rb", "test/session_tests/session_test.rb", "test/session_tests/timeout_test.rb", "test/test_helper.rb", "authlogic.gemspec"]
|
|
14
14
|
s.has_rdoc = true
|
|
15
15
|
s.homepage = %q{http://github.com/binarylogic/authlogic}
|
|
16
|
+
s.post_install_message = %q{BREAKS BACKWARDS COMPATIBILITY! This is only for those using I18n. If you were using the Authlogic configuration to implement I18n you need to update your configuration. A new cleaner approach has been implemented for I18n in Authlogic. See Authlogic::I18n for more details.}
|
|
16
17
|
s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic", "--main", "README.rdoc"]
|
|
17
18
|
s.require_paths = ["lib"]
|
|
18
19
|
s.rubyforge_project = %q{authlogic}
|
data/lib/authlogic.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
require "active_support"
|
|
2
2
|
|
|
3
3
|
require File.dirname(__FILE__) + "/authlogic/version"
|
|
4
|
+
require File.dirname(__FILE__) + "/authlogic/i18n"
|
|
4
5
|
|
|
5
6
|
require File.dirname(__FILE__) + "/authlogic/controller_adapters/abstract_adapter"
|
|
6
7
|
require File.dirname(__FILE__) + "/authlogic/controller_adapters/rails_adapter" if defined?(Rails)
|
|
@@ -22,6 +22,10 @@ module Authlogic
|
|
|
22
22
|
def cookies
|
|
23
23
|
controller.cookies
|
|
24
24
|
end
|
|
25
|
+
|
|
26
|
+
def cookie_domain
|
|
27
|
+
raise NotImplementedError.new("The cookie_domain method has not been implemented by the controller adapter")
|
|
28
|
+
end
|
|
25
29
|
|
|
26
30
|
def params
|
|
27
31
|
controller.params
|
|
@@ -39,6 +43,10 @@ module Authlogic
|
|
|
39
43
|
controller.session
|
|
40
44
|
end
|
|
41
45
|
|
|
46
|
+
def single_access_allowed?
|
|
47
|
+
controller.respond_to?(:single_access_allowed?, true) && controller.send(:single_access_allowed?)
|
|
48
|
+
end
|
|
49
|
+
|
|
42
50
|
private
|
|
43
51
|
def method_missing(id, *args, &block)
|
|
44
52
|
controller.send(id, *args, &block)
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
module Authlogic
|
|
2
|
+
# I18n
|
|
3
|
+
#
|
|
4
|
+
# Allows any message, error message, etc to use internationalization. In earlier versions of Authlogic each message was translated via configuration.
|
|
5
|
+
# This cluttered up the configuration and cluttered up Authlogic. So all translation has been extracted out into this class. Now all messages pass through
|
|
6
|
+
# this class, making it much easier to implement in I18n library / plugin you want. Use this as a layer that sits between Authlogic and whatever I18n
|
|
7
|
+
# library you want to use.
|
|
8
|
+
#
|
|
9
|
+
# By default this uses the rails I18n library, if it exists. If it doesnt exist it just returns the default english message. Using the Authlogic I18n class
|
|
10
|
+
# works EXACTLY like the rails I18n class. Here is how all messages are translated internally with Authlogic:
|
|
11
|
+
#
|
|
12
|
+
# Authlogic::I18n.t('error_messages.password_invalid', :default => "is invalid")
|
|
13
|
+
#
|
|
14
|
+
# If you use a different I18n library or plugin just redefine the t method in the Authlogic::I18n class to do whatever you want with those options. For example:
|
|
15
|
+
#
|
|
16
|
+
# # config/initializers/authlogic.rb
|
|
17
|
+
# module MyAuthlogicI18nAdapter
|
|
18
|
+
# def t(key, options = {})
|
|
19
|
+
# # you will have key which will be something like: "error_messages.password_invalid"
|
|
20
|
+
# # you will also have options[:default], which will be the default english version of the message
|
|
21
|
+
# # do whatever you want here with the arguments passed to you.
|
|
22
|
+
# end
|
|
23
|
+
# end
|
|
24
|
+
#
|
|
25
|
+
# Authlogic::I18n.extend MyAuthlogicI18nAdapter
|
|
26
|
+
#
|
|
27
|
+
# That it's! Here is a complete list of the keys that are passed. Just defined these however you wish:
|
|
28
|
+
#
|
|
29
|
+
# authlogic:
|
|
30
|
+
# error_messages:
|
|
31
|
+
# login_blank: can not be blank
|
|
32
|
+
# login_not_found: does not exist
|
|
33
|
+
# password_blank: can not be blank
|
|
34
|
+
# password_invlid: is not valid
|
|
35
|
+
# not_active: Your account is not active
|
|
36
|
+
# not_confirmed: Your account is not confirmed
|
|
37
|
+
# not_approved: Your account is not approved
|
|
38
|
+
# blank_record: You can not login with a blank record
|
|
39
|
+
# new_record: You can not login with a new record
|
|
40
|
+
class I18n
|
|
41
|
+
class << self
|
|
42
|
+
# All message translation is passed to this method. The first argument is the key for the message. The second is options, see the rails I18n library for a list of options used.
|
|
43
|
+
def t(key, options = {})
|
|
44
|
+
if defined?(::I18n)
|
|
45
|
+
::I18n.t(key, options.merge(:scope => :authlogic))
|
|
46
|
+
else
|
|
47
|
+
options[:default]
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
end
|
|
@@ -77,7 +77,7 @@ module Authlogic
|
|
|
77
77
|
# By default it tries to reset this token as much as possible, which is done via a before_validation callback. If for some reason you want to maintain this yourself just
|
|
78
78
|
# set this to true and use the reset_perishable_token and reset_perishable_token! methods to maintain it yourself.
|
|
79
79
|
#
|
|
80
|
-
# * <tt>
|
|
80
|
+
# * <tt>persistence_token_field</tt> - default: :persistence_token, :remember_token, or :cookie_tokien, depending on which column is present,
|
|
81
81
|
# defaults to :persistence_token if none are present,
|
|
82
82
|
# This is the name of the field your persistence token is stored. The persistence token is a unique token that is stored in the users cookie and
|
|
83
83
|
# session. This way you have complete control of when sessions expire and you don't have to change passwords to expire sessions. This also
|
|
@@ -9,14 +9,16 @@ module Authlogic
|
|
|
9
9
|
class << self
|
|
10
10
|
attr_accessor :methods_configured
|
|
11
11
|
|
|
12
|
-
# Returns true if a controller
|
|
13
|
-
# without establishing a DB connection. In your framework environment this is done for you, but if you are using Authlogic outside of your
|
|
14
|
-
# object to Authlogic via Authlogic::Session::Base.controller = obj.
|
|
12
|
+
# Returns true if a controller has been set and can be used properly. This MUST be set before anything can be done. Similar to how ActiveRecord won't allow you to do anything
|
|
13
|
+
# without establishing a DB connection. In your framework environment this is done for you, but if you are using Authlogic outside of your framework, you need to assign a controller
|
|
14
|
+
# object to Authlogic via Authlogic::Session::Base.controller = obj. See the controller= method for more information.
|
|
15
15
|
def activated?
|
|
16
|
-
!controller.
|
|
16
|
+
!controller.nil?
|
|
17
17
|
end
|
|
18
18
|
|
|
19
|
-
|
|
19
|
+
# This accepts a controller object wrapped with the Authlogic controller adapter. The controller adapters close the gap between the different controllers in each framework.
|
|
20
|
+
# That being said, Authlogic is expecting your object's class to extend Authlogic::ControllerAdapters::AbstractAdapter. See Authlogic::ControllerAdapters for more info.
|
|
21
|
+
def controller=(value)
|
|
20
22
|
Thread.current[:authlogic_controller] = value
|
|
21
23
|
end
|
|
22
24
|
|
|
@@ -33,7 +35,7 @@ module Authlogic
|
|
|
33
35
|
session.save(&block)
|
|
34
36
|
end
|
|
35
37
|
|
|
36
|
-
# Same as create but calls create!, which raises an exception when authentication fails
|
|
38
|
+
# Same as create but calls create!, which raises an exception when authentication fails.
|
|
37
39
|
def create!(*args)
|
|
38
40
|
session = new(*args)
|
|
39
41
|
session.save!
|
|
@@ -67,7 +69,7 @@ module Authlogic
|
|
|
67
69
|
end
|
|
68
70
|
|
|
69
71
|
# The name of the class that this session is authenticating with. For example, the UserSession class will authenticate with the User class
|
|
70
|
-
# unless you specify otherwise in your configuration.
|
|
72
|
+
# unless you specify otherwise in your configuration. See authenticate_with for information on how to change this value.
|
|
71
73
|
def klass
|
|
72
74
|
@klass ||=
|
|
73
75
|
if klass_name
|
|
@@ -275,7 +277,7 @@ module Authlogic
|
|
|
275
277
|
|
|
276
278
|
if record.respond_to?(:current_login_at)
|
|
277
279
|
record.last_login_at = record.current_login_at if record.respond_to?(:last_login_at)
|
|
278
|
-
record.current_login_at = Time.now
|
|
280
|
+
record.current_login_at = klass.default_timezone == :utc ? Time.now.utc : Time.now
|
|
279
281
|
end
|
|
280
282
|
|
|
281
283
|
if record.respond_to?(:current_login_ip)
|
|
@@ -410,19 +412,19 @@ module Authlogic
|
|
|
410
412
|
|
|
411
413
|
case authenticating_with
|
|
412
414
|
when :password
|
|
413
|
-
errors.add(login_field,
|
|
414
|
-
errors.add(password_field,
|
|
415
|
+
errors.add(login_field, I18n.t('error_messages.login_blank', :default => "can not be blank")) if send(login_field).blank?
|
|
416
|
+
errors.add(password_field, I18n.t('error_messages.password_blank', :default => "can not be blank")) if send("protected_#{password_field}").blank?
|
|
415
417
|
return false if errors.count > 0
|
|
416
418
|
|
|
417
419
|
unchecked_record = search_for_record(find_by_login_method, send(login_field))
|
|
418
420
|
|
|
419
421
|
if unchecked_record.blank?
|
|
420
|
-
errors.add(login_field,
|
|
422
|
+
errors.add(login_field, I18n.t('error_messages.login_not_found', :default => "does not exist"))
|
|
421
423
|
return false
|
|
422
424
|
end
|
|
423
425
|
|
|
424
426
|
unless unchecked_record.send(verify_password_method, send("protected_#{password_field}"))
|
|
425
|
-
errors.add(password_field,
|
|
427
|
+
errors.add(password_field, I18n.t('error_messages.password_invalid', :default => "is not valid"))
|
|
426
428
|
return false
|
|
427
429
|
end
|
|
428
430
|
|
|
@@ -431,12 +433,12 @@ module Authlogic
|
|
|
431
433
|
unchecked_record = unauthorized_record
|
|
432
434
|
|
|
433
435
|
if unchecked_record.blank?
|
|
434
|
-
errors.add_to_base("You can not login with a blank record
|
|
436
|
+
errors.add_to_base(I18n.t('error_messages.blank_record', :default => "You can not login with a blank record"))
|
|
435
437
|
return false
|
|
436
438
|
end
|
|
437
439
|
|
|
438
440
|
if unchecked_record.new_record?
|
|
439
|
-
errors.add_to_base("You can not login with a new record
|
|
441
|
+
errors.add_to_base(I18n.t('error_messages.new_record', :default => "You can not login with a new record"))
|
|
440
442
|
return false
|
|
441
443
|
end
|
|
442
444
|
|
|
@@ -450,7 +452,7 @@ module Authlogic
|
|
|
450
452
|
return true if disable_magic_states?
|
|
451
453
|
[:active, :approved, :confirmed].each do |required_status|
|
|
452
454
|
if record.respond_to?("#{required_status}?") && !record.send("#{required_status}?")
|
|
453
|
-
errors.add_to_base(
|
|
455
|
+
errors.add_to_base(I18n.t("errors_messages.not_#{required_status}", :default => "Your account is not #{required_status}"))
|
|
454
456
|
return false
|
|
455
457
|
end
|
|
456
458
|
end
|
|
@@ -134,29 +134,13 @@ module Authlogic
|
|
|
134
134
|
end
|
|
135
135
|
alias_method :last_request_at_threshold=, :last_request_at_threshold
|
|
136
136
|
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
# * <tt>Default:</tt> "can not be blank"
|
|
140
|
-
# * <tt>Accepts:</tt> String
|
|
141
|
-
def login_blank_message(value = nil)
|
|
142
|
-
if value.nil?
|
|
143
|
-
read_inheritable_attribute(:login_blank_message) || login_blank_message("can not be blank")
|
|
144
|
-
else
|
|
145
|
-
write_inheritable_attribute(:login_blank_message, value)
|
|
146
|
-
end
|
|
137
|
+
def login_blank_message(value = nil) # :nodoc:
|
|
138
|
+
new_i18n_error
|
|
147
139
|
end
|
|
148
140
|
alias_method :login_blank_message=, :login_blank_message
|
|
149
141
|
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
# * <tt>Default:</tt> "does not exist"
|
|
153
|
-
# * <tt>Accepts:</tt> String
|
|
154
|
-
def login_not_found_message(value = nil)
|
|
155
|
-
if value.nil?
|
|
156
|
-
read_inheritable_attribute(:login_not_found_message) || login_not_found_message("does not exist")
|
|
157
|
-
else
|
|
158
|
-
write_inheritable_attribute(:login_not_found_message, value)
|
|
159
|
-
end
|
|
142
|
+
def login_not_found_message(value = nil) # :nodoc:
|
|
143
|
+
new_i18n_error
|
|
160
144
|
end
|
|
161
145
|
alias_method :login_not_found_message=, :login_not_found_message
|
|
162
146
|
|
|
@@ -196,42 +180,18 @@ module Authlogic
|
|
|
196
180
|
end
|
|
197
181
|
alias_method :logout_on_timeout=, :logout_on_timeout
|
|
198
182
|
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
# * <tt>Default:</tt> "Your account is not active"
|
|
202
|
-
# * <tt>Accepts:</tt> String
|
|
203
|
-
def not_active_message(value = nil)
|
|
204
|
-
if value.nil?
|
|
205
|
-
read_inheritable_attribute(:not_active_message) || not_active_message("Your account is not active")
|
|
206
|
-
else
|
|
207
|
-
write_inheritable_attribute(:not_active_message, value)
|
|
208
|
-
end
|
|
183
|
+
def not_active_message(value = nil) # :nodoc:
|
|
184
|
+
new_i18n_error
|
|
209
185
|
end
|
|
210
186
|
alias_method :not_active_message=, :not_active_message
|
|
211
187
|
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
# * <tt>Default:</tt> "Your account is not approved"
|
|
215
|
-
# * <tt>Accepts:</tt> String
|
|
216
|
-
def not_approved_message(value = nil)
|
|
217
|
-
if value.nil?
|
|
218
|
-
read_inheritable_attribute(:not_approved_message) || not_approved_message("Your account is not approved")
|
|
219
|
-
else
|
|
220
|
-
write_inheritable_attribute(:not_approved_message, value)
|
|
221
|
-
end
|
|
188
|
+
def not_approved_message(value = nil) # :nodoc:
|
|
189
|
+
new_i18n_error
|
|
222
190
|
end
|
|
223
191
|
alias_method :not_approved_message=, :not_approved_message
|
|
224
192
|
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
# * <tt>Default:</tt> "Your account is not confirmed"
|
|
228
|
-
# * <tt>Accepts:</tt> String
|
|
229
|
-
def not_confirmed_message(value = nil)
|
|
230
|
-
if value.nil?
|
|
231
|
-
read_inheritable_attribute(:not_confirmed_message) || not_confirmed_message("Your account is not confirmed")
|
|
232
|
-
else
|
|
233
|
-
write_inheritable_attribute(:not_confirmed_message, value)
|
|
234
|
-
end
|
|
193
|
+
def not_confirmed_message(value = nil) # :nodoc:
|
|
194
|
+
new_i18n_error
|
|
235
195
|
end
|
|
236
196
|
alias_method :not_confirmed_message=, :not_confirmed_message
|
|
237
197
|
|
|
@@ -253,16 +213,8 @@ module Authlogic
|
|
|
253
213
|
end
|
|
254
214
|
alias_method :params_key=, :params_key
|
|
255
215
|
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
# * <tt>Default:</tt> "can not be blank"
|
|
259
|
-
# * <tt>Accepts:</tt> String
|
|
260
|
-
def password_blank_message(value = nil)
|
|
261
|
-
if value.nil?
|
|
262
|
-
read_inheritable_attribute(:password_blank_message) || password_blank_message("can not be blank")
|
|
263
|
-
else
|
|
264
|
-
write_inheritable_attribute(:password_blank_message, value)
|
|
265
|
-
end
|
|
216
|
+
def password_blank_message(value = nil) # :nodoc:
|
|
217
|
+
new_i18n_error
|
|
266
218
|
end
|
|
267
219
|
alias_method :password_blank_message=, :password_blank_message
|
|
268
220
|
|
|
@@ -279,16 +231,8 @@ module Authlogic
|
|
|
279
231
|
end
|
|
280
232
|
alias_method :password_field=, :password_field
|
|
281
233
|
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
# * <tt>Default:</tt> "is invalid"
|
|
285
|
-
# * <tt>Accepts:</tt> String
|
|
286
|
-
def password_invalid_message(value = nil)
|
|
287
|
-
if value.nil?
|
|
288
|
-
read_inheritable_attribute(:password_invalid_message) || password_invalid_message("is invalid")
|
|
289
|
-
else
|
|
290
|
-
write_inheritable_attribute(:password_invalid_message, value)
|
|
291
|
-
end
|
|
234
|
+
def password_invalid_message(value = nil) # :nodoc:
|
|
235
|
+
new_i18n_error
|
|
292
236
|
end
|
|
293
237
|
alias_method :password_invalid_message=, :password_invalid_message
|
|
294
238
|
|
|
@@ -357,6 +301,11 @@ module Authlogic
|
|
|
357
301
|
end
|
|
358
302
|
end
|
|
359
303
|
alias_method :verify_password_method=, :verify_password_method
|
|
304
|
+
|
|
305
|
+
private
|
|
306
|
+
def new_i18n_error
|
|
307
|
+
raise NotImplementedError.new("As of v 1.4.0 Authlogic implements a new I18n solution that is much cleaner and easier. Please see Authlogic::I18n for more information on how to provide internationalization in Authlogic.")
|
|
308
|
+
end
|
|
360
309
|
end
|
|
361
310
|
|
|
362
311
|
module InstanceMethods # :nodoc:
|
|
@@ -383,14 +332,6 @@ module Authlogic
|
|
|
383
332
|
def last_request_at_threshold
|
|
384
333
|
self.class.last_request_at_threshold
|
|
385
334
|
end
|
|
386
|
-
|
|
387
|
-
def login_blank_message
|
|
388
|
-
self.class.login_blank_message
|
|
389
|
-
end
|
|
390
|
-
|
|
391
|
-
def login_not_found_message
|
|
392
|
-
self.class.login_not_found_message
|
|
393
|
-
end
|
|
394
335
|
|
|
395
336
|
def login_field
|
|
396
337
|
self.class.login_field
|
|
@@ -400,18 +341,6 @@ module Authlogic
|
|
|
400
341
|
self.class.logout_on_timeout == true
|
|
401
342
|
end
|
|
402
343
|
|
|
403
|
-
def not_active_message
|
|
404
|
-
self.class.not_active_message
|
|
405
|
-
end
|
|
406
|
-
|
|
407
|
-
def not_approved_message
|
|
408
|
-
self.class.not_approved_message
|
|
409
|
-
end
|
|
410
|
-
|
|
411
|
-
def not_confirmed_message
|
|
412
|
-
self.class.not_confirmed_message
|
|
413
|
-
end
|
|
414
|
-
|
|
415
344
|
def params_allowed_request_types
|
|
416
345
|
build_key(self.class.params_allowed_request_types)
|
|
417
346
|
end
|
|
@@ -419,19 +348,11 @@ module Authlogic
|
|
|
419
348
|
def params_key
|
|
420
349
|
build_key(self.class.params_key)
|
|
421
350
|
end
|
|
422
|
-
|
|
423
|
-
def password_blank_message
|
|
424
|
-
self.class.password_blank_message
|
|
425
|
-
end
|
|
426
351
|
|
|
427
352
|
def password_field
|
|
428
353
|
self.class.password_field
|
|
429
354
|
end
|
|
430
355
|
|
|
431
|
-
def password_invalid_message
|
|
432
|
-
self.class.password_invalid_message
|
|
433
|
-
end
|
|
434
|
-
|
|
435
356
|
def perishable_token_field
|
|
436
357
|
klass.acts_as_authentic_config[:perishable_token_field]
|
|
437
358
|
end
|
|
@@ -27,12 +27,13 @@ module Authlogic
|
|
|
27
27
|
def save_cookie
|
|
28
28
|
controller.cookies[cookie_key] = {
|
|
29
29
|
:value => record.send(persistence_token_field),
|
|
30
|
-
:expires => remember_me_until
|
|
30
|
+
:expires => remember_me_until,
|
|
31
|
+
:domain => controller.cookie_domain
|
|
31
32
|
}
|
|
32
33
|
end
|
|
33
34
|
|
|
34
35
|
def destroy_cookie
|
|
35
|
-
controller.cookies.delete cookie_key
|
|
36
|
+
controller.cookies.delete cookie_key, :domain => controller.cookie_domain
|
|
36
37
|
end
|
|
37
38
|
end
|
|
38
39
|
end
|
|
@@ -9,10 +9,11 @@ module Authlogic
|
|
|
9
9
|
#
|
|
10
10
|
# Wait, what is a single access token? It is all explained in the README. Checkout the "Tokens" section in the README, there is section about
|
|
11
11
|
# single access tokens. For security reasons, this type of authentication is ONLY available via single access tokens, you can NOT pass your persistence token.
|
|
12
|
+
# Which means you must have a single_access_token field in your database.
|
|
12
13
|
module Params
|
|
13
14
|
# Tries to validate the session from information in the params token
|
|
14
15
|
def valid_params?
|
|
15
|
-
if params_credentials && single_access_token_field && (single_access_allowed_request_types.include?(controller.request_content_type) || single_access_allowed_request_types.include?(:all))
|
|
16
|
+
if params_credentials && single_access_token_field && (single_access_allowed_request_types.include?(controller.request_content_type) || single_access_allowed_request_types.include?(:all) || controller.single_access_allowed?)
|
|
16
17
|
self.unauthorized_record = search_for_record("find_by_#{single_access_token_field}", params_credentials)
|
|
17
18
|
self.persisting = false
|
|
18
19
|
return true if valid?
|
|
@@ -15,7 +15,7 @@ module Authlogic
|
|
|
15
15
|
persistence_token, record_id = session_credentials
|
|
16
16
|
if !persistence_token.blank?
|
|
17
17
|
if record_id
|
|
18
|
-
record = search_for_record("
|
|
18
|
+
record = search_for_record("find_by_#{klass.primary_key}", record_id)
|
|
19
19
|
self.unauthorized_record = record if record && record.send(persistence_token_field) == persistence_token
|
|
20
20
|
else
|
|
21
21
|
# For backwards compatibility, will eventually be removed, just need to let the sessions update theirself
|
|
@@ -19,7 +19,7 @@ module Authlogic
|
|
|
19
19
|
private
|
|
20
20
|
def update_last_request_at!
|
|
21
21
|
if record.class.column_names.include?("last_request_at") && (record.last_request_at.blank? || last_request_at_threshold.to_i.seconds.ago >= record.last_request_at)
|
|
22
|
-
record.last_request_at = Time.now
|
|
22
|
+
record.last_request_at = klass.default_timezone == :utc ? Time.now.utc : Time.now
|
|
23
23
|
record.save_without_session_maintenance(false)
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ module Authlogic
|
|
|
16
16
|
# Sets the session for a record. This way when you execute a request in your test, session values will be present.
|
|
17
17
|
def set_session_for(record)
|
|
18
18
|
session_class = session_class(record)
|
|
19
|
-
@request.session[session_class.session_key] = record.
|
|
19
|
+
@request.session[session_class.session_key] = record.send(record.class.acts_as_authentic_config[:persistence_token_field])
|
|
20
20
|
@request.session["#{session_class.session_key}_id"] = record.id
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
# Sets the cookie for a record. This way when you execute a request in your test, cookie values will be present.
|
|
24
24
|
def set_cookie_for(record)
|
|
25
25
|
session_class = session_class(record)
|
|
26
|
-
@request.cookies[session_class.cookie_key] = record.
|
|
26
|
+
@request.cookies[session_class.cookie_key] = record.record.send(record.class.acts_as_authentic_config[:persistence_token_field])
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
# Sets the HTTP_AUTHORIZATION header for basic HTTP auth. This way when you execute a request in your test that is trying to authenticate
|
data/lib/authlogic/version.rb
CHANGED
|
@@ -78,7 +78,6 @@ module SessionTests
|
|
|
78
78
|
assert session.respond_to?(:password=)
|
|
79
79
|
assert session.respond_to?(:protected_password, true)
|
|
80
80
|
|
|
81
|
-
|
|
82
81
|
session = UserSession.new(:my_id)
|
|
83
82
|
assert_equal :my_id, session.id
|
|
84
83
|
|
|
@@ -259,36 +258,36 @@ module SessionTests
|
|
|
259
258
|
end
|
|
260
259
|
|
|
261
260
|
def test_valid_record
|
|
262
|
-
session = UserSession.new
|
|
261
|
+
session = UserSession.new
|
|
263
262
|
ben = users(:ben)
|
|
264
263
|
session.send(:record=, ben)
|
|
265
|
-
assert session.send
|
|
264
|
+
assert session.send(:valid_record?)
|
|
266
265
|
assert session.errors.empty?
|
|
267
|
-
|
|
266
|
+
|
|
268
267
|
ben.update_attribute(:active, false)
|
|
269
268
|
assert !session.send(:valid_record?)
|
|
270
269
|
assert session.errors.on_base.size > 0
|
|
271
|
-
|
|
270
|
+
|
|
272
271
|
ben.active = true
|
|
273
272
|
ben.approved = false
|
|
274
273
|
ben.save
|
|
275
274
|
assert !session.send(:valid_record?)
|
|
276
275
|
assert session.errors.on_base.size > 0
|
|
277
|
-
|
|
276
|
+
|
|
278
277
|
ben.approved = true
|
|
279
278
|
ben.confirmed = false
|
|
280
279
|
ben.save
|
|
281
|
-
assert !session.send(:valid_record?)
|
|
280
|
+
assert !session.send(:valid_record?)
|
|
282
281
|
assert session.errors.on_base.size > 0
|
|
283
|
-
|
|
282
|
+
|
|
284
283
|
ben.approved = false
|
|
285
284
|
ben.confirmed = false
|
|
286
285
|
ben.active = false
|
|
287
|
-
|
|
286
|
+
|
|
288
287
|
UserSession.disable_magic_states = true
|
|
289
288
|
session = UserSession.new
|
|
290
|
-
session.send(:record=, ben)
|
|
291
|
-
assert session.send
|
|
289
|
+
session.send(:record=, ben)
|
|
290
|
+
assert session.send(:valid_record?)
|
|
292
291
|
end
|
|
293
292
|
|
|
294
293
|
def test_valid_http_auth
|
|
@@ -76,30 +76,6 @@ module SessionTests
|
|
|
76
76
|
session = UserSession.new
|
|
77
77
|
assert_equal 0, session.last_request_at_threshold
|
|
78
78
|
end
|
|
79
|
-
|
|
80
|
-
def test_login_blank_message
|
|
81
|
-
UserSession.login_blank_message = "message"
|
|
82
|
-
assert_equal "message", UserSession.login_blank_message
|
|
83
|
-
session = UserSession.new
|
|
84
|
-
assert_equal "message", session.login_blank_message
|
|
85
|
-
|
|
86
|
-
UserSession.login_blank_message "can not be blank"
|
|
87
|
-
assert_equal "can not be blank", UserSession.login_blank_message
|
|
88
|
-
session = UserSession.new
|
|
89
|
-
assert_equal "can not be blank", session.login_blank_message
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
def test_login_not_found_message
|
|
93
|
-
UserSession.login_not_found_message = "message"
|
|
94
|
-
assert_equal "message", UserSession.login_not_found_message
|
|
95
|
-
session = UserSession.new
|
|
96
|
-
assert_equal "message", session.login_not_found_message
|
|
97
|
-
|
|
98
|
-
UserSession.login_not_found_message "does not exist"
|
|
99
|
-
assert_equal "does not exist", UserSession.login_not_found_message
|
|
100
|
-
session = UserSession.new
|
|
101
|
-
assert_equal "does not exist", session.login_not_found_message
|
|
102
|
-
end
|
|
103
79
|
|
|
104
80
|
def test_login_field
|
|
105
81
|
UserSession.methods_configured = false
|
|
@@ -116,42 +92,6 @@ module SessionTests
|
|
|
116
92
|
assert session.respond_to?(:login)
|
|
117
93
|
end
|
|
118
94
|
|
|
119
|
-
def test_not_active_message
|
|
120
|
-
UserSession.not_active_message = "message"
|
|
121
|
-
assert_equal "message", UserSession.not_active_message
|
|
122
|
-
session = UserSession.new
|
|
123
|
-
assert_equal "message", session.not_active_message
|
|
124
|
-
|
|
125
|
-
UserSession.not_active_message "Your account is not active"
|
|
126
|
-
assert_equal "Your account is not active", UserSession.not_active_message
|
|
127
|
-
session = UserSession.new
|
|
128
|
-
assert_equal "Your account is not active", session.not_active_message
|
|
129
|
-
end
|
|
130
|
-
|
|
131
|
-
def test_not_approved_message
|
|
132
|
-
UserSession.not_approved_message = "message"
|
|
133
|
-
assert_equal "message", UserSession.not_approved_message
|
|
134
|
-
session = UserSession.new
|
|
135
|
-
assert_equal "message", session.not_approved_message
|
|
136
|
-
|
|
137
|
-
UserSession.not_approved_message "Your account is not approved"
|
|
138
|
-
assert_equal "Your account is not approved", UserSession.not_approved_message
|
|
139
|
-
session = UserSession.new
|
|
140
|
-
assert_equal "Your account is not approved", session.not_approved_message
|
|
141
|
-
end
|
|
142
|
-
|
|
143
|
-
def test_not_confirmed_message
|
|
144
|
-
UserSession.not_confirmed_message = "message"
|
|
145
|
-
assert_equal "message", UserSession.not_confirmed_message
|
|
146
|
-
session = UserSession.new
|
|
147
|
-
assert_equal "message", session.not_confirmed_message
|
|
148
|
-
|
|
149
|
-
UserSession.not_confirmed_message "Your account is not confirmed"
|
|
150
|
-
assert_equal "Your account is not confirmed", UserSession.not_confirmed_message
|
|
151
|
-
session = UserSession.new
|
|
152
|
-
assert_equal "Your account is not confirmed", session.not_confirmed_message
|
|
153
|
-
end
|
|
154
|
-
|
|
155
95
|
def test_params_key
|
|
156
96
|
UserSession.params_key = "my_params_key"
|
|
157
97
|
assert_equal "my_params_key", UserSession.params_key
|
|
@@ -163,18 +103,6 @@ module SessionTests
|
|
|
163
103
|
session = UserSession.new
|
|
164
104
|
assert_equal "user_credentials", session.params_key
|
|
165
105
|
end
|
|
166
|
-
|
|
167
|
-
def test_password_blank_message
|
|
168
|
-
UserSession.password_blank_message = "message"
|
|
169
|
-
assert_equal "message", UserSession.password_blank_message
|
|
170
|
-
session = UserSession.new
|
|
171
|
-
assert_equal "message", session.password_blank_message
|
|
172
|
-
|
|
173
|
-
UserSession.password_blank_message "can not be blank"
|
|
174
|
-
assert_equal "can not be blank", UserSession.password_blank_message
|
|
175
|
-
session = UserSession.new
|
|
176
|
-
assert_equal "can not be blank", session.password_blank_message
|
|
177
|
-
end
|
|
178
106
|
|
|
179
107
|
def test_password_field
|
|
180
108
|
UserSession.methods_configured = false
|
|
@@ -190,18 +118,6 @@ module SessionTests
|
|
|
190
118
|
assert_equal :password, session.password_field
|
|
191
119
|
assert session.respond_to?(:password)
|
|
192
120
|
end
|
|
193
|
-
|
|
194
|
-
def test_password_invalid_message
|
|
195
|
-
UserSession.password_invalid_message = "message"
|
|
196
|
-
assert_equal "message", UserSession.password_invalid_message
|
|
197
|
-
session = UserSession.new
|
|
198
|
-
assert_equal "message", session.password_invalid_message
|
|
199
|
-
|
|
200
|
-
UserSession.password_invalid_message "is invalid"
|
|
201
|
-
assert_equal "is invalid", UserSession.password_invalid_message
|
|
202
|
-
session = UserSession.new
|
|
203
|
-
assert_equal "is invalid", session.password_invalid_message
|
|
204
|
-
end
|
|
205
121
|
|
|
206
122
|
def test_remember_me
|
|
207
123
|
UserSession.remember_me = true
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Johnson of Binary Logic
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-01-
|
|
12
|
+
date: 2009-01-28 00:00:00 -05:00
|
|
13
13
|
default_executable:
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
@@ -57,6 +57,7 @@ extra_rdoc_files:
|
|
|
57
57
|
- lib/authlogic/crypto_providers/bcrypt.rb
|
|
58
58
|
- lib/authlogic/crypto_providers/sha1.rb
|
|
59
59
|
- lib/authlogic/crypto_providers/sha512.rb
|
|
60
|
+
- lib/authlogic/i18n.rb
|
|
60
61
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
|
|
61
62
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
|
|
62
63
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb
|
|
@@ -94,6 +95,7 @@ files:
|
|
|
94
95
|
- lib/authlogic/crypto_providers/bcrypt.rb
|
|
95
96
|
- lib/authlogic/crypto_providers/sha1.rb
|
|
96
97
|
- lib/authlogic/crypto_providers/sha512.rb
|
|
98
|
+
- lib/authlogic/i18n.rb
|
|
97
99
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
|
|
98
100
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
|
|
99
101
|
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb
|
|
@@ -158,7 +160,7 @@ files:
|
|
|
158
160
|
- authlogic.gemspec
|
|
159
161
|
has_rdoc: true
|
|
160
162
|
homepage: http://github.com/binarylogic/authlogic
|
|
161
|
-
post_install_message:
|
|
163
|
+
post_install_message: BREAKS BACKWARDS COMPATIBILITY! This is only for those using I18n. If you were using the Authlogic configuration to implement I18n you need to update your configuration. A new cleaner approach has been implemented for I18n in Authlogic. See Authlogic::I18n for more details.
|
|
162
164
|
rdoc_options:
|
|
163
165
|
- --line-numbers
|
|
164
166
|
- --inline-source
|