authlogic 3.0.2 → 3.0.3

data/Gemfile

@@ -1,6 +1,6 @@
 source :rubygems
 
-gem 'activerecord', '~> 3.0.7'
+gem 'activerecord', '>= 3.0.7'
 
 group :test do
   gem 'bcrypt-ruby'

data/Gemfile.lock

@@ -42,7 +42,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  activerecord (~> 3.0.7)
+  activerecord (>= 3.0.7)
   bcrypt-ruby
   jeweler
   ruby-debug19

data/README.rdoc

@@ -1,5 +1,7 @@
 = Authlogic
 
+** Please note the latest version is compatible with rails 3 only. Rails 2 should use version 2.X.X **
+
 Authlogic is a clean, simple, and unobtrusive ruby authentication solution.
 
 A code example can replace a thousand words...
@@ -70,7 +72,9 @@ If you find a bug or a problem please post it in the issues section. If you need
 * <b>Authlogic Facebook Connect (New JS API):</b> http://github.com/studybyte/authlogic_facebook_connect
 * <b>Authlogic Facebook Shim</b> http://github.com/james2m/authlogic_facebook_shim
 * <b>Authlogic OAuth (Twitter):</b> http://github.com/jrallison/authlogic_oauth
+* <b>Authlogic Oauth and OpenID:</b> http://github.com/viatropos/authlogic-connect
 * <b>Authlogic PAM:</b> http://github.com/nbudin/authlogic_pam
+* <b>Authlogic x509:</b> http://github.com/auth-scc/authlogic_x509
 
 If you create one of your own, please let me know about it so I can add it to this list. Or just fork the project, add your link, and send me a pull request.
 
@@ -152,7 +156,7 @@ What if your user sessions controller could look just like your other controller
     def new
       @user_session = UserSession.new
     end
-    
+
     def create
       @user_session = UserSession.new(params[:user_session])
       if @user_session.save
@@ -161,7 +165,7 @@ What if your user sessions controller could look just like your other controller
         render :action => :new
       end
     end
-    
+
     def destroy
       current_user_session.destroy
       redirect_to new_user_session_url
@@ -185,13 +189,13 @@ Or how about persisting the session...
 
   class ApplicationController
     helper_method :current_user_session, :current_user
-    
+
     private
       def current_user_session
         return @current_user_session if defined?(@current_user_session)
         @current_user_session = UserSession.find
       end
-      
+
       def current_user
         return @current_user if defined?(@current_user)
         @current_user = current_user_session && current_user_session.user
@@ -202,17 +206,15 @@ Or how about persisting the session...
 
 Install the gem / plugin (recommended)
 
-From rubyforge:
+Rails 3:
 
   $ sudo gem install authlogic
 
-Or from github:
-
-  $ sudo gem install binarylogic-authlogic
+Rails 2:
 
-Now just add the gem dependency in your projects configuration.
+  $ sudo gem install authlogic --version=2.1.6
 
-Or you can install this as a plugin:
+Or install as a plugin:
 
   script/plugin install git://github.com/binarylogic/authlogic.git
 

data/VERSION.yml

@@ -1,5 +1,5 @@
 --- 
 :major: 3
 :minor: 0
-:patch: 2
+:patch: 3
 :build: 

data/authlogic.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{authlogic}
-  s.version = "3.0.2"
+  s.version = "3.0.3"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Ben Johnson of Binary Logic"]
-  s.date = %q{2011-04-30}
+  s.date = %q{2011-05-17}
   s.email = %q{bjohnson@binarylogic.com}
   s.extra_rdoc_files = [
     "LICENSE",
@@ -206,15 +206,15 @@ Gem::Specification.new do |s|
     s.specification_version = 3
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<activerecord>, ["~> 3.0.7"])
-      s.add_runtime_dependency(%q<activerecord>, ["~> 3.0.7"])
+      s.add_runtime_dependency(%q<activerecord>, [">= 3.0.7"])
+      s.add_runtime_dependency(%q<activerecord>, [">= 3.0.7"])
     else
-      s.add_dependency(%q<activerecord>, ["~> 3.0.7"])
-      s.add_dependency(%q<activerecord>, ["~> 3.0.7"])
+      s.add_dependency(%q<activerecord>, [">= 3.0.7"])
+      s.add_dependency(%q<activerecord>, [">= 3.0.7"])
     end
   else
-    s.add_dependency(%q<activerecord>, ["~> 3.0.7"])
-    s.add_dependency(%q<activerecord>, ["~> 3.0.7"])
+    s.add_dependency(%q<activerecord>, [">= 3.0.7"])
+    s.add_dependency(%q<activerecord>, [">= 3.0.7"])
   end
 end
 

data/lib/authlogic/acts_as_authentic/base.rb

@@ -4,6 +4,9 @@ module Authlogic
     module Base
       def self.included(klass)
         klass.class_eval do
+          class_attribute :acts_as_authentic_modules, :acts_as_authentic_config
+          self.acts_as_authentic_modules ||= []
+          self.acts_as_authentic_config  ||= {}
           extend Config
         end
       end
@@ -41,7 +44,7 @@ module Authlogic
         #
         # That being said, this is your tool for extending Authlogic and "hooking" into the acts_as_authentic call.
         def add_acts_as_authentic_module(mod, action = :append)
-          modules = acts_as_authentic_modules
+          modules = acts_as_authentic_modules.clone
           case action
           when :append
             modules << mod
@@ -49,21 +52,17 @@ module Authlogic
             modules = [mod] + modules
           end
           modules.uniq!
-          write_inheritable_attribute(:acts_as_authentic_modules, modules)
+          self.acts_as_authentic_modules = modules
         end
         
         # This is the same as add_acts_as_authentic_module, except that it removes the module from the list.
         def remove_acts_as_authentic_module(mod)
-          acts_as_authentic_modules.delete(mod)
-          acts_as_authentic_modules
+          modules = acts_as_authentic_modules.clone
+          modules.delete(mod)
+          self.acts_as_authentic_modules = modules
         end
-        
+
         private
-          def acts_as_authentic_modules
-            key = :acts_as_authentic_modules
-            inheritable_attributes.include?(key) ? read_inheritable_attribute(key) : []
-          end
-          
           def db_setup?
             begin
               column_names
@@ -75,9 +74,12 @@ module Authlogic
           
           def rw_config(key, value, default_value = nil, read_value = nil)
             if value == read_value
-              inheritable_attributes.include?(key) ? read_inheritable_attribute(key) : default_value
+              acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
             else
-              write_inheritable_attribute(key, value)
+              config = acts_as_authentic_config.clone
+              config[key] = value
+              self.acts_as_authentic_config = config
+              value
             end
           end
           

data/lib/authlogic/acts_as_authentic/login.rb

@@ -9,7 +9,7 @@ module Authlogic
         end
       end
 
-      # Confguration for the login field.
+      # Configuration for the login field.
       module Config
         # The name of the login field in the database.
         #
@@ -20,7 +20,7 @@ module Authlogic
         end
         alias_method :login_field=, :login_field
 
-        # Whether or not the validate the login field
+        # Whether or not to validate the login field
         #
         # * <tt>Default:</tt> true
         # * <tt>Accepts:</tt> Boolean
@@ -42,7 +42,7 @@ module Authlogic
         end
         alias_method :validates_length_of_login_field_options=, :validates_length_of_login_field_options
 
-        # A convenience function to merge options into the validates_length_of_login_field_options. So intead of:
+        # A convenience function to merge options into the validates_length_of_login_field_options. So instead of:
         #
         #   self.validates_length_of_login_field_options = validates_length_of_login_field_options.merge(:my_option => my_value)
         #
@@ -89,7 +89,7 @@ module Authlogic
           self.validates_uniqueness_of_login_field_options = validates_uniqueness_of_login_field_options.merge(options)
         end
 
-        # This method allows you to find a record with the given login. If you notice, with ActiveRecord you have the
+        # This method allows you to find a record with the given login. If you notice, with Active Record you have the
         # validates_uniqueness_of validation function. They give you a :case_sensitive option. I handle this in the same
         # manner that they handle that. If you are using the login field and set false for the :case_sensitive option in
         # validates_uniqueness_of_login_field_options this method will modify the query to look something like:

data/lib/authlogic/session/foundation.rb

@@ -6,6 +6,9 @@ module Authlogic
     module Foundation
       def self.included(klass)
         klass.class_eval do
+          class_attribute :acts_as_authentic_config
+          self.acts_as_authentic_config  ||= {}
+          
           extend ClassMethods
           include InstanceMethods
         end
@@ -15,10 +18,13 @@ module Authlogic
         private
           def rw_config(key, value, default_value = nil, read_value = nil)
             if value == read_value
-              return read_inheritable_attribute(key) if inheritable_attributes.include?(key)
-              write_inheritable_attribute(key, default_value)
+              return acts_as_authentic_config[key] if acts_as_authentic_config.include?(key)
+              rw_config(key, default_value)
             else
-              write_inheritable_attribute(key, value)
+              config = acts_as_authentic_config.clone
+              config[key] = value
+              self.acts_as_authentic_config = config
+              value
             end
           end
       end

data/lib/authlogic/session/http_auth.rb

@@ -28,6 +28,41 @@ module Authlogic
           rw_config(:allow_http_basic_auth, value, true)
         end
         alias_method :allow_http_basic_auth=, :allow_http_basic_auth
+
+        # Whether or not to request HTTP authentication
+        #
+        # If set to true and no HTTP authentication credentials are sent with
+        # the request, the Rails controller method
+        # authenticate_or_request_with_http_basic will be used and a '401
+        # Authorization Required' header will be sent with the response.  In
+        # most cases, this will cause the classic HTTP authentication popup to
+        # appear in the users browser.
+        #
+        # If set to false, the Rails controller method
+        # authenticate_with_http_basic is used and no 401 header is sent.
+        #
+        # Note: This parameter has no effect unless allow_http_basic_auth is
+        # true
+        #
+        # * <tt>Default:</tt> false
+        # * <tt>Accepts:</tt> Boolean
+        def request_http_basic_auth(value = nil)
+          rw_config(:request_http_basic_auth, value, false)
+        end
+        alias_method :request_http_basic_auth=, :request_http_basic_auth
+
+        # HTTP authentication realm
+        #
+        # Sets the HTTP authentication realm.
+        #
+        # Note: This option has no effect unless request_http_basic_auth is true
+        #
+        # * <tt>Default:</tt> 'Application'
+        # * <tt>Accepts:</tt> String
+        def http_basic_auth_realm(value = nil)
+          rw_config(:http_basic_auth_realm, value, 'Application')
+        end
+        alias_method :http_basic_auth_realm=, :http_basic_auth_realm
       end
       
       # Instance methods for the HTTP basic auth feature of authlogic.
@@ -38,13 +73,19 @@ module Authlogic
           end
         
           def persist_by_http_auth
-            controller.authenticate_with_http_basic do |login, password|
+            login_proc = Proc.new do |login, password|
               if !login.blank? && !password.blank?
                 send("#{login_field}=", login)
                 send("#{password_field}=", password)
                 return valid?
               end
             end
+
+            if self.class.request_http_basic_auth
+              controller.authenticate_or_request_with_http_basic(self.class.http_basic_auth_realm, &login_proc)
+            else
+              controller.authenticate_with_http_basic(&login_proc)
+            end
         
             false
           end
@@ -55,4 +96,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/test_case/mock_controller.rb

@@ -3,7 +3,7 @@ module Authlogic
     # Basically acts like a controller but doesn't do anything. Authlogic can interact with this, do it's thing and then you
     # can look at the controller object to see if anything changed.
     class MockController < ControllerAdapters::AbstractAdapter
-      attr_accessor :http_user, :http_password
+      attr_accessor :http_user, :http_password, :realm
       attr_writer :request_content_type
   
       def initialize
@@ -13,6 +13,12 @@ module Authlogic
         yield http_user, http_password
       end
   
+      def authenticate_or_request_with_http_basic(realm = 'DefaultRealm', &block)
+        self.realm = realm
+        @http_auth_requested = true
+        yield http_user, http_password
+      end
+
       def cookies
         @cookies ||= MockCookieJar.new
       end
@@ -40,6 +46,10 @@ module Authlogic
       def session
         @session ||= {}
       end
+
+      def http_auth_requested?
+        @http_auth_requested ||= false
+      end
     end
   end
-end
+end

data/test/session_test/http_auth_test.rb

@@ -10,19 +10,47 @@ module SessionTest
         UserSession.allow_http_basic_auth true
         assert_equal true, UserSession.allow_http_basic_auth
       end
+
+      def test_request_http_basic_auth
+        UserSession.request_http_basic_auth = true
+        assert_equal true, UserSession.request_http_basic_auth
+
+        UserSession.request_http_basic_auth = false
+        assert_equal false, UserSession.request_http_basic_auth
+      end
+
+      def test_http_basic_auth_realm
+        assert_equal 'Application', UserSession.http_basic_auth_realm
+
+        UserSession.http_basic_auth_realm = 'TestRealm'
+        assert_equal 'TestRealm', UserSession.http_basic_auth_realm
+      end
     end
     
     class InstanceMethodsTest < ActiveSupport::TestCase
       def test_persist_persist_by_http_auth
         ben = users(:ben)
-        http_basic_auth_for { assert !UserSession.find }
+        http_basic_auth_for do
+          assert !UserSession.find
+        end
+        http_basic_auth_for(ben) do
+          assert session = UserSession.find
+          assert_equal ben, session.record
+          assert_equal ben.login, session.login
+          assert_equal "benrocks", session.send(:protected_password)
+          assert !controller.http_auth_requested?
+        end
+        UserSession.request_http_basic_auth = true
+        UserSession.http_basic_auth_realm = 'PersistTestRealm'
         http_basic_auth_for(ben) do
           assert session = UserSession.find
           assert_equal ben, session.record
           assert_equal ben.login, session.login
           assert_equal "benrocks", session.send(:protected_password)
+          assert_equal 'PersistTestRealm', controller.realm
+          assert controller.http_auth_requested?
         end
       end
     end
   end
-end
+end

data/test/test_helper.rb

@@ -6,6 +6,9 @@ require "active_record/fixtures"
 
 #ActiveRecord::Schema.verbose = false
 ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
+logger = Logger.new(STDOUT)
+logger.level= Logger::FATAL
+ActiveRecord::Base.logger = logger
 
 ActiveRecord::Base.configurations = true
 ActiveRecord::Schema.define(:version => 1) do
@@ -127,7 +130,7 @@ class ActiveSupport::TestCase
         controller.http_password = password_for(user)
       end
       yield
-      controller.http_user = controller.http_password = nil
+      controller.http_user = controller.http_password = controller.realm = nil
     end
 
     def set_cookie_for(user, id = nil)

metadata

@@ -2,7 +2,7 @@
 name: authlogic
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 3.0.2
+  version: 3.0.3
 platform: ruby
 authors: 
 - Ben Johnson of Binary Logic
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-30 00:00:00 -04:00
+date: 2011-05-17 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -18,7 +18,7 @@ dependencies:
   requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
         version: 3.0.7
   type: :runtime
@@ -29,7 +29,7 @@ dependencies:
   requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version 
         version: 3.0.7
   type: :runtime
@@ -187,7 +187,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 4144864465011850466
+      hash: 3531025750012429530
       segments: 
       - 0
       version: "0"