authlogic 3.1.3 → 3.2.0

data/.gitignore

@@ -7,3 +7,4 @@ coverage/*
 doc/*
 benchmarks/*
 .specification
+.rvmrc

data/Gemfile

@@ -1,2 +1,2 @@
 source :rubygems
-gemspec
+gemspec

data/Gemfile.lock

@@ -1,32 +1,34 @@
 PATH
   remote: .
   specs:
-    authlogic (3.1.2)
+    authlogic (3.2.0)
       activerecord (>= 3.0.0)
       activesupport (>= 3.0.0)
 
 GEM
   remote: http://rubygems.org/
   specs:
-    activemodel (3.2.6)
-      activesupport (= 3.2.6)
+    activemodel (3.2.9)
+      activesupport (= 3.2.9)
       builder (~> 3.0.0)
-    activerecord (3.2.6)
-      activemodel (= 3.2.6)
-      activesupport (= 3.2.6)
+    activerecord (3.2.9)
+      activemodel (= 3.2.9)
+      activesupport (= 3.2.9)
       arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activesupport (3.2.6)
+    activesupport (3.2.9)
       i18n (~> 0.6)
       multi_json (~> 1.0)
     arel (3.0.2)
     bcrypt-ruby (3.0.1)
-    builder (3.0.0)
-    i18n (0.6.0)
-    multi_json (1.3.6)
-    rake (0.9.2.2)
+    builder (3.0.4)
+    i18n (0.6.1)
+    multi_json (1.4.0)
+    rake (10.0.2)
+    scrypt (1.1.0)
     sqlite3 (1.3.6)
-    tzinfo (0.3.33)
+    timecop (0.5.4)
+    tzinfo (0.3.35)
 
 PLATFORMS
   ruby
@@ -35,4 +37,6 @@ DEPENDENCIES
   authlogic!
   bcrypt-ruby
   rake
+  scrypt
   sqlite3
+  timecop

data/README.rdoc

@@ -213,9 +213,9 @@ Or how about persisting the session...
 
 == Install & Use
 
-Install the gem
+Add to your gem file
 
-  $ gem 'authlogic'
+  gem 'authlogic'
 
 == Detailed Setup Tutorial
 
@@ -246,4 +246,4 @@ What inspired me to create Authlogic was the messiness of the current authentica
 6. <b>Easily extendable.</b> One of the distinct advantages of using a library is the ability to use its API, assuming it has one. Authlogic has an *excellent* public API, meaning it can easily be extended and grow beyond the core library. Checkout the "add ons" list above to see what I mean.
 
 
-Copyright (c) 2009 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license
+Copyright (c) 2012 {Ben Johnson of Binary Logic}[http://www.binarylogic.com], released under the MIT license

data/Rakefile

@@ -1,5 +1,5 @@
 require 'rubygems'
-require 'rake'
+require 'bundler'
 
 Bundler.setup
 

data/authlogic.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "authlogic"
-  s.version     = "3.1.3"
+  s.version     = "3.2.0"
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Ben Johnson"]
   s.email       = ["bjohnson@binarylogic.com"]
@@ -15,10 +15,12 @@ Gem::Specification.new do |s|
   s.add_dependency 'activesupport', '>= 3.0.0'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'bcrypt-ruby'
+  s.add_development_dependency 'scrypt'
   s.add_development_dependency 'sqlite3'
+  s.add_development_dependency 'timecop'
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
-end
+end

data/lib/authlogic.rb

@@ -15,6 +15,7 @@ AUTHLOGIC_PATH = File.dirname(__FILE__) + "/authlogic/"
  "crypto_providers/sha512",
  "crypto_providers/bcrypt",
  "crypto_providers/aes256",
+ "crypto_providers/scrypt",
  
  "authenticates_many/base",
  "authenticates_many/association",

data/lib/authlogic/acts_as_authentic/base.rb

@@ -10,7 +10,7 @@ module Authlogic
           extend Config
         end
       end
-      
+
       module Config
         # This includes a lot of helpful methods for authenticating records which The Authlogic::Session module relies on.
         # To use it just do:
@@ -28,15 +28,19 @@ module Authlogic
         # See the various sub modules for the configuration they provide.
         def acts_as_authentic(unsupported_options = nil, &block)
           # Stop all configuration if the DB is not set up
-          raise StandardError.new("You must establish a database connection before using acts_as_authentic") if !db_setup?
-          
-          raise ArgumentError.new("You are using the old v1.X.X configuration method for Authlogic. Instead of " +
-            "passing a hash of configuration options to acts_as_authentic, pass a block: acts_as_authentic { |c| c.my_option = my_value }") if !unsupported_options.nil?
-          
+          return if !db_setup?
+
+          if !unsupported_options.nil?
+            raise ArgumentError.new(
+              "You are using the old v1.X.X configuration method for Authlogic. Instead of passing a hash of " +
+              "configuration options to acts_as_authentic, pass a block: acts_as_authentic { |c| c.my_option = my_value }"
+            )
+          end
+
           yield self if block_given?
           acts_as_authentic_modules.each { |mod| include mod }
         end
-        
+
         # Since this part of Authlogic deals with another class, ActiveRecord, we can't just start including things
         # in ActiveRecord itself. A lot of these module includes need to be triggered by the acts_as_authentic method
         # call. For example, you don't want to start adding in email validations and what not into a model that has
@@ -54,7 +58,7 @@ module Authlogic
           modules.uniq!
           self.acts_as_authentic_modules = modules
         end
-        
+
         # This is the same as add_acts_as_authentic_module, except that it removes the module from the list.
         def remove_acts_as_authentic_module(mod)
           modules = acts_as_authentic_modules.clone
@@ -71,7 +75,7 @@ module Authlogic
               false
             end
           end
-          
+
           def rw_config(key, value, default_value = nil, read_value = nil)
             if value == read_value
               acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
@@ -82,7 +86,7 @@ module Authlogic
               value
             end
           end
-          
+
           def first_column_to_exist(*columns_to_check)
             if db_setup?
               columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }

data/lib/authlogic/acts_as_authentic/logged_in_status.rb

@@ -31,7 +31,7 @@ module Authlogic
 
           klass.class_eval do
             include InstanceMethods
-            scope :logged_in, lambda{ where("last_request_at > ?", logged_in_timeout.seconds.ago) }
+            scope :logged_in, lambda{ where("last_request_at > ? and current_login_at IS NOT NULL", logged_in_timeout.seconds.ago) }
             scope :logged_out, lambda{ where("last_request_at is NULL or last_request_at <= ?", logged_in_timeout.seconds.ago) }
           end
         end

data/lib/authlogic/acts_as_authentic/login.rb

@@ -94,7 +94,7 @@ module Authlogic
         # manner that they handle that. If you are using the login field and set false for the :case_sensitive option in
         # validates_uniqueness_of_login_field_options this method will modify the query to look something like:
         #
-        #   where("#{quoted_table_name}.#{field} LIKE ?", login).first
+        #   where("LOWER(#{quoted_table_name}.#{login_field}) = ?", login.downcase).first
         #
         # If you don't specify this it calls the good old find_by_* method:
         #
@@ -118,8 +118,7 @@ module Authlogic
             if sensitivity
               send("find_by_#{field}", value)
             else
-              like_word = ::ActiveRecord::Base.connection.adapter_name == "PostgreSQL" ? "ILIKE" : "LIKE"
-              where("#{quoted_table_name}.#{field} #{like_word} ?", value.mb_chars).first
+              where("LOWER(#{quoted_table_name}.#{field}) = ?", value.mb_chars.downcase).first
             end
           end
       end

data/lib/authlogic/acts_as_authentic/password.rb

@@ -306,7 +306,7 @@ module Authlogic
             # If the index > 0 then we are using an "transition from" crypto provider.
             # If the encryptor has a cost and the cost it outdated.
             # If we aren't using database values
-            # If we are using database values, only if the password hasnt change so we don't overwrite any changes
+            # If we are using database values, only if the password hasn't changed so we don't overwrite any changes
             def transition_password?(index, encryptor, crypted, check_against_database)
               (index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(send(crypted_password_field)))) &&
                 (!check_against_database || !send("#{crypted_password_field}_changed?"))

data/lib/authlogic/crypto_providers/aes256.rb

@@ -7,7 +7,7 @@ module Authlogic
     #
     #   Authlogic::CryptoProviders::AES256.key = "my really long and unique key, preferrably a bunch of random characters"
     #
-    # My final comment is that this is a strong encryption method, but its main weakness is that its reversible. If you do not need to reverse the hash
+    # My final comment is that this is a strong encryption method, but its main weakness is that it's reversible. If you do not need to reverse the hash
     # then you should consider Sha512 or BCrypt instead.
     #
     # Keep your key in a safe place, some even say the key should be stored on a separate server.
@@ -40,4 +40,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/crypto_providers/bcrypt.rb

@@ -30,7 +30,7 @@ module Authlogic
     #
     # You can play around with the cost to get that perfect balance between performance and security.
     #
-    # Decided BCrypt is for you? Just insall the bcrypt gem:
+    # Decided BCrypt is for you? Just install the bcrypt gem:
     #
     #   gem install bcrypt-ruby
     #
@@ -87,4 +87,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/crypto_providers/scrypt.rb

@@ -0,0 +1,80 @@
+begin
+  require "scrypt"
+rescue LoadError
+  "sudo gem install scrypt"
+end
+
+module Authlogic
+  module CryptoProviders
+    # If you want a stronger hashing algorithm, but would prefer not to use BCrypt, SCrypt is another option.
+    # SCrypt is newer and less popular (and so less-tested), but it's designed specifically to avoid a theoretical
+    # hardware attack against BCrypt. Just as with BCrypt, you are sacrificing performance relative to SHA2 algorithms,
+    # but the increased security may well be worth it. (That performance sacrifice is the exact reason it's much, much
+    # harder for an attacker to brute-force your paswords).
+    # Decided SCrypt is for you? Just install the bcrypt gem:
+    #
+    #   gem install scrypt
+    #
+    # Tell acts_as_authentic to use it:
+    #
+    #   acts_as_authentic do |c|
+    #     c.crypto_provider = Authlogic::CryptoProviders::SCrypt
+    #   end
+    class SCrypt
+      class << self
+        DEFAULTS = {:key_len => 32, :salt_size => 8, :max_time => 0.2, :max_mem => 1024 * 1024, :max_memfrac => 0.5}
+
+        attr_writer :key_len, :salt_size, :max_time, :max_mem, :max_memfrac
+        # Key length - length in bytes of generated key, from 16 to 512.
+        def key_len
+          @key_len ||= DEFAULTS[:key_len]
+        end
+
+        # Salt size - size in bytes of random salt, from 8 to 32
+        def salt_size
+          @salt_size ||= DEFAULTS[:salt_size]
+        end
+
+        # Max time - maximum time spent in computation
+        def max_time
+          @max_time ||= DEFAULTS[:max_time]
+        end
+
+        # Max memory - maximum memory usage. The minimum is always 1MB
+        def max_mem
+          @max_mem ||= DEFAULTS[:max_mem]
+        end
+
+        # Max memory fraction - maximum memory out of all available. Always greater than zero and <= 0.5.
+        def max_memfrac
+          @max_memfrac ||= DEFAULTS[:max_memfrac]
+        end
+
+        # Creates an SCrypt hash for the password passed.
+        def encrypt(*tokens)
+          ::SCrypt::Password.create(join_tokens(tokens), :key_len => key_len, :salt_size => salt_size, :max_mem => max_mem, :max_memfrac => max_memfrac, :max_time => max_time)
+        end
+
+        # Does the hash match the tokens? Uses the same tokens that were used to encrypt.
+        def matches?(hash, *tokens)
+          hash = new_from_hash(hash)
+          return false if hash.blank?
+          hash == join_tokens(tokens)
+        end
+
+        private
+          def join_tokens(tokens)
+            tokens.flatten.join
+          end
+          
+          def new_from_hash(hash)
+            begin
+              ::SCrypt::Password.new(hash)
+            rescue ::SCrypt::Errors::InvalidHash
+              return nil
+            end
+          end
+      end
+    end
+  end
+end

data/lib/authlogic/crypto_providers/sha1.rb

@@ -3,7 +3,7 @@ require "digest/sha1"
 module Authlogic
   module CryptoProviders
     # This class was made for the users transitioning from restful_authentication. I highly discourage using this
-    # crypto provider as it inferior to your other options. Please use any other provider offered by Authlogic.
+    # crypto provider as it is far inferior to your other options. Please use any other provider offered by Authlogic.
     class Sha1
       class << self
         def join_token
@@ -32,4 +32,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/crypto_providers/sha256.rb

@@ -27,7 +27,7 @@ module Authlogic
       class << self
         attr_accessor :join_token
         
-        # The number of times to loop through the encryption. This is ten because that is what restful_authentication defaults to.
+        # The number of times to loop through the encryption.
         def stretches
           @stretches ||= 20
         end

data/lib/authlogic/session/cookies.rb

@@ -110,6 +110,12 @@ module Authlogic
           remember_me_for.from_now
         end
 
+        # Has the cookie expired due to current time being greater than remember_me_until.
+        def remember_me_expired?
+          return unless remember_me?
+          (Time.parse(cookie_credentials[2]) < Time.now)
+        end
+
         # If the cookie should be marked as secure (SSL only)
         def secure
           return @secure if defined?(@secure)
@@ -164,8 +170,9 @@ module Authlogic
           end
           
           def save_cookie
+            remember_me_until_value = "::#{remember_me_until}" if remember_me?
             controller.cookies[cookie_key] = {
-              :value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}",
+              :value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}#{remember_me_until_value}",
               :expires => remember_me_until,
               :secure => secure,
               :httponly => httponly,

data/lib/authlogic/session/persistence.rb

@@ -51,6 +51,7 @@ module Authlogic
         def persisting?
           return true if !record.nil?
           self.attempted_record = nil
+          self.remember_me = !cookie_credentials.nil? && !cookie_credentials[2].nil?
           before_persisting
           persist
           ensure_authentication_attempted
@@ -67,4 +68,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/session/timeout.rb

@@ -58,7 +58,11 @@ module Authlogic
         # Tells you if the record is stale or not. Meaning the record has timed out. This will only return true if you set logout_on_timeout to true in your configuration.
         # Basically how a bank website works. If you aren't active over a certain period of time your session becomes stale and requires you to log back in.
         def stale?
-          !stale_record.nil? || (logout_on_timeout? && record && record.logged_out?)
+          if remember_me?
+            remember_me_expired?
+          else
+            !stale_record.nil? || (logout_on_timeout? && record && record.logged_out?)
+          end
         end
     
         private
@@ -79,4 +83,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/test/acts_as_authentic_test/base_test.rb

@@ -14,5 +14,12 @@ module ActsAsAuthenticTest
         User.acts_as_authentic({})
       end
     end
+    
+    def test_acts_as_authentic_with_no_table
+      klass = Class.new(ActiveRecord::Base)
+      assert_nothing_raised do
+        klass.acts_as_authentic
+      end
+    end
   end
 end

data/test/acts_as_authentic_test/logged_in_status_test.rb

@@ -3,41 +3,44 @@ require 'test_helper'
 module ActsAsAuthenticTest
   class LoggedInStatusTest < ActiveSupport::TestCase
     ERROR_MSG = 'Multiple calls to %s should result in different relations'
-    
+
     def test_logged_in_timeout_config
       assert_equal 10.minutes.to_i, User.logged_in_timeout
       assert_equal 10.minutes.to_i, Employee.logged_in_timeout
-      
+
       User.logged_in_timeout = 1.hour
       assert_equal 1.hour.to_i, User.logged_in_timeout
       User.logged_in_timeout 10.minutes
       assert_equal 10.minutes.to_i, User.logged_in_timeout
     end
-    
+
     def test_named_scope_logged_in
-      # Testing that the scope returned differs, because the time it was called should be 
-      # slightly different. This is an attempt to make sure the scope is lambda wrapped 
+      # Testing that the scope returned differs, because the time it was called should be
+      # slightly different. This is an attempt to make sure the scope is lambda wrapped
       # so that it is re-evaluated every time its called. My biggest concern is that the
       # test happens so fast that the test fails... I just don't know a better way to test it!
       assert User.logged_in.where_values != User.logged_in.where_values, ERROR_MSG % '#logged_in'
-      
+
       assert_equal 0, User.logged_in.count
-      User.first.update_attribute(:last_request_at, Time.now)
+      user = User.first
+      user.last_request_at = Time.now
+      user.current_login_at = Time.now
+      user.save!
       assert_equal 1, User.logged_in.count
     end
-    
+
     def test_named_scope_logged_out
-      # Testing that the scope returned differs, because the time it was called should be 
-      # slightly different. This is an attempt to make sure the scope is lambda wrapped 
+      # Testing that the scope returned differs, because the time it was called should be
+      # slightly different. This is an attempt to make sure the scope is lambda wrapped
       # so that it is re-evaluated every time its called. My biggest concern is that the
       # test happens so fast that the test fails... I just don't know a better way to test it!
       assert User.logged_in.where_values != User.logged_out.where_values, ERROR_MSG % '#logged_out'
-      
+
       assert_equal 2, User.logged_out.count
       User.first.update_attribute(:last_request_at, Time.now)
       assert_equal 1, User.logged_out.count
     end
-    
+
     def test_logged_in_logged_out
       u = User.first
       assert !u.logged_in?

data/test/crypto_provider_test/bcrypt_test.rb

@@ -1,7 +1,7 @@
 require 'test_helper'
 
 module CryptoProviderTest
-  class BCrpytTest < ActiveSupport::TestCase
+  class BCryptTest < ActiveSupport::TestCase
     def test_encrypt
       assert Authlogic::CryptoProviders::BCrypt.encrypt("mypass")
     end
@@ -11,4 +11,4 @@ module CryptoProviderTest
       assert Authlogic::CryptoProviders::BCrypt.matches?(hash, "mypass")
     end
   end
-end
+end

data/test/crypto_provider_test/scrypt_test.rb

@@ -0,0 +1,14 @@
+require 'test_helper'
+
+module CryptoProviderTest
+  class SCryptTest < ActiveSupport::TestCase
+    def test_encrypt
+      assert Authlogic::CryptoProviders::SCrypt.encrypt("mypass")
+    end
+    
+    def test_matches
+      hash = Authlogic::CryptoProviders::SCrypt.encrypt("mypass")
+      assert Authlogic::CryptoProviders::SCrypt.matches?(hash, "mypass")
+    end
+  end
+end

data/test/session_test/cookies_test.rb

@@ -116,6 +116,19 @@ module SessionTest
         assert_equal ben, session.record
       end
 
+      def test_remember_me_expired
+        ben = users(:ben)
+        session = UserSession.new(ben)
+        session.remember_me = true
+        assert session.save
+        assert !session.remember_me_expired?
+
+        session = UserSession.new(ben)
+        session.remember_me = false
+        assert session.save
+        assert !session.remember_me_expired?
+      end
+
       def test_after_save_save_cookie
         ben = users(:ben)
         session = UserSession.new(ben)
@@ -123,6 +136,14 @@ module SessionTest
         assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
       end
 
+      def test_after_save_save_cookie_with_remember_me
+        ben = users(:ben)
+        session = UserSession.new(ben)
+        session.remember_me = true
+        assert session.save
+        assert_equal "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until}", controller.cookies["user_credentials"]
+      end
+
       def test_after_destroy_destroy_cookie
         ben = users(:ben)
         set_cookie_for(ben)

data/test/session_test/persistence_test.rb

@@ -17,5 +17,16 @@ module SessionTest
     def test_persisting
       # tested thoroughly in test_find
     end
+
+    def test_should_set_remember_me_on_the_next_request
+      ben = users(:ben)
+      session = UserSession.new(ben)
+      session.remember_me = true
+      assert !UserSession.remember_me
+      assert session.save
+      assert session.remember_me?
+      session = UserSession.find(ben)
+      assert session.remember_me?
+    end
   end
-end
+end

data/test/session_test/timeout_test.rb

@@ -38,6 +38,34 @@ module SessionTest
       
         UserSession.logout_on_timeout = false
       end
+
+      def test_should_be_stale_with_expired_remember_date
+        UserSession.logout_on_timeout = true
+        UserSession.remember_me = true
+        UserSession.remember_me_for = 3.months
+        ben = users(:ben)
+        assert ben.save
+        session = UserSession.new(ben)
+        assert session.save
+        Timecop.freeze(Time.now + 4.month)
+        assert session.persisting?
+        assert session.stale?
+        UserSession.remember_me = false
+      end
+
+      def test_should_not_be_stale_with_valid_remember_date
+        UserSession.logout_on_timeout = true # Default is 10.minutes
+        UserSession.remember_me = true
+        UserSession.remember_me_for = 3.months
+        ben = users(:ben)
+        assert ben.save
+        session = UserSession.new(ben)
+        assert session.save
+        Timecop.freeze(Time.now + 2.months)
+        assert session.persisting?
+        assert !session.stale?
+        UserSession.remember_me = false
+      end
       
       def test_successful_login
         UserSession.logout_on_timeout = true
@@ -49,4 +77,4 @@ module SessionTest
       end
     end
   end
-end
+end

data/test/test_helper.rb

@@ -2,6 +2,7 @@ require "test/unit"
 require "rubygems"
 require "active_record"
 require "active_record/fixtures"
+require "timecop"
 
 #ActiveRecord::Schema.verbose = false
 ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authlogic
 version: !ruby/object:Gem::Version
-  version: 3.1.3
+  version: 3.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-06-13 00:00:00.000000000 Z
+date: 2012-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -75,6 +75,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: scrypt
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -91,6 +107,22 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A clean, simple, and unobtrusive ruby authentication solution.
 email:
 - bjohnson@binarylogic.com
@@ -104,10 +136,7 @@ files:
 - LICENSE
 - README.rdoc
 - Rakefile
-- VERSION.yml
 - authlogic.gemspec
-- generators/session/session_generator.rb
-- generators/session/templates/session.rb
 - init.rb
 - lib/authlogic.rb
 - lib/authlogic/acts_as_authentic/base.rb
@@ -131,6 +160,7 @@ files:
 - lib/authlogic/crypto_providers/aes256.rb
 - lib/authlogic/crypto_providers/bcrypt.rb
 - lib/authlogic/crypto_providers/md5.rb
+- lib/authlogic/crypto_providers/scrypt.rb
 - lib/authlogic/crypto_providers/sha1.rb
 - lib/authlogic/crypto_providers/sha256.rb
 - lib/authlogic/crypto_providers/sha512.rb
@@ -168,10 +198,6 @@ files:
 - lib/authlogic/test_case/mock_logger.rb
 - lib/authlogic/test_case/mock_request.rb
 - lib/authlogic/test_case/rails_request_adapter.rb
-- lib/generators/authlogic/USAGE
-- lib/generators/authlogic/session_generator.rb
-- lib/generators/authlogic/templates/session.rb
-- rails/init.rb
 - shoulda_macros/authlogic.rb
 - test/acts_as_authentic_test/base_test.rb
 - test/acts_as_authentic_test/email_test.rb
@@ -187,6 +213,7 @@ files:
 - test/authenticates_many_test.rb
 - test/crypto_provider_test/aes256_test.rb
 - test/crypto_provider_test/bcrypt_test.rb
+- test/crypto_provider_test/scrypt_test.rb
 - test/crypto_provider_test/sha1_test.rb
 - test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb
@@ -266,6 +293,7 @@ test_files:
 - test/authenticates_many_test.rb
 - test/crypto_provider_test/aes256_test.rb
 - test/crypto_provider_test/bcrypt_test.rb
+- test/crypto_provider_test/scrypt_test.rb
 - test/crypto_provider_test/sha1_test.rb
 - test/crypto_provider_test/sha256_test.rb
 - test/crypto_provider_test/sha512_test.rb

data/VERSION.yml

@@ -1,5 +0,0 @@
----
-:major: 3
-:minor: 1
-:patch: 2
-:build: 

data/generators/session/session_generator.rb

@@ -1,9 +0,0 @@
-class SessionGenerator < Rails::Generator::NamedBase
-  def manifest
-    record do |m|
-      m.class_collisions class_name
-      m.directory File.join('app/models', class_path)
-      m.template 'session.rb', File.join('app/models', class_path, "#{file_name}.rb")
-    end
-  end
-end

data/generators/session/templates/session.rb

@@ -1,2 +0,0 @@
-class <%= class_name %> < Authlogic::Session::Base
-end

data/lib/generators/authlogic/USAGE

@@ -1,8 +0,0 @@
-Description:
-    Create session model that represents the user’s current session.
-
-Example:
-    rails generate authlogic:session UserSession
-
-    This will create:
-        Model UserSession in app/models directory 

data/lib/generators/authlogic/session_generator.rb

@@ -1,14 +0,0 @@
-module Authlogic
-  class SessionGenerator < Rails::Generators::Base
-    source_root File.expand_path('../templates', __FILE__)
-    argument :session_class_name, :type => :string, :default => "Session"
-
-    def self.banner
-      "rails generate authlogic:#{generator_name} #{self.arguments.map{ |a| a.usage }.join(' ')} [options]"
-    end
-  
-    def generate_session
-      template "session.rb", "app/models/#{session_class_name.underscore}.rb"
-    end
-  end
-end

data/lib/generators/authlogic/templates/session.rb

@@ -1,2 +0,0 @@
-class <%= session_class_name %> < Authlogic::Session::Base
-end

data/rails/init.rb

@@ -1 +0,0 @@
-require "authlogic"