authlogic 3.4.3 → 3.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2d73042e9d99c9d01535d405c9e735a22967c1ed
-  data.tar.gz: 5ba70f01a348b3990451ab67e91dd6f49966290d
+  metadata.gz: 17095091ab5b4dcc1f590473c508b1399bc292a7
+  data.tar.gz: f5007fb710d07bb9c3ccc6b0739f6fdf991784de
 SHA512:
-  metadata.gz: 653df6e58f3a50a81cd85bd7304f2eb0895606d08b2969d41a817d8ad9ea40d6d2bcd669e069fbc28739c95371f2f1b4b992652efd75458b527eba88d74be023
-  data.tar.gz: f1f535422bd84ee1f11899490fec35c0822d07a28c8188d8037c10fef8971aaeaa35cdd767f24b11bf987bc4fa207ea921febf855cf56803e28c438ad7d34802
+  metadata.gz: f135d071afd20fe21989436341ecf97eeefbbf4c7b53b06a958e5ada571a8a564cbb0b913f164950d2e4fa197bf5a2d4f505e61002fc44c92d8f07995692ad65
+  data.tar.gz: c1d77b76d9a8d781145a532bbfe43f48be0992990efc0d8b5689abc551072a8bf8c1661bfc93c91e837be6d7cef973946df7b8d443c9d9dc559d0ff9bda06319

data/.travis.yml

@@ -9,6 +9,7 @@ gemfile:
   - test/gemfiles/Gemfile.rails-3.2.x
   - test/gemfiles/Gemfile.rails-4.0.x
   - test/gemfiles/Gemfile.rails-4.1.x
+  - test/gemfiles/Gemfile.rails-4.2.x
 
 matrix:
   exclude:

data/README.rdoc

@@ -49,8 +49,6 @@ You may specify how passwords are cryptographically hashed (or encrypted) by set
 
   c.crypto_provider = Authlogic::CryptoProviders::BCrypt
 
-NOTE: the default provider was changed from **Sha512** to **SCrypt** in version 3.4.0.
-
 Also, sessions are automatically maintained. You can switch this on and off with configuration, but the following will automatically log a user in after a successful registration:
 
   User.create(params[:user])
@@ -59,6 +57,19 @@ This also updates the session when the user changes his/her password.
 
 Authlogic is very flexible, it has a strong public API and a plethora of hooks to allow you to modify behavior and extend it. Check out the helpful links below to dig deeper.
 
+== Upgrading to Authlogic 3.4.0
+
+In version 3.4.0, the default crypto_provider was changed from *Sha512* to *SCrypt*.
+
+If you never set a crypto_provider and are upgrading, your passwords will break unless you set the original:
+
+  c.crypto_provider = Authlogic::CryptoProviders::Sha512
+
+And if you want to automatically upgrade from *Sha512* to *SCrypt* as users login:
+
+  c.transition_from_crypto_providers = [Authlogic::CryptoProviders::Sha512]
+  c.crypto_provider = Authlogic::CryptoProviders::SCrypt
+
 == Helpful links
 
 * <b>Documentation:</b> http://rdoc.info/projects/binarylogic/authlogic

data/authlogic.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "authlogic"
-  s.version     = "3.4.3"
+  s.version     = "3.4.4"
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Ben Johnson"]
   s.email       = ["bjohnson@binarylogic.com"]

data/lib/authlogic.rb

@@ -6,6 +6,7 @@ path = File.dirname(__FILE__) + "/authlogic/"
  "i18n",
  "random",
  "regex",
+ "config",
 
  "controller_adapters/abstract_adapter",
 

data/lib/authlogic/acts_as_authentic/base.rb

@@ -4,9 +4,9 @@ module Authlogic
     module Base
       def self.included(klass)
         klass.class_eval do
-          class_attribute :acts_as_authentic_modules, :acts_as_authentic_config
+          class_attribute :acts_as_authentic_modules
           self.acts_as_authentic_modules ||= []
-          self.acts_as_authentic_config  ||= {}
+          extend Authlogic::Config
           extend Config
         end
       end
@@ -76,17 +76,6 @@ module Authlogic
             end
           end
 
-          def rw_config(key, value, default_value = nil, read_value = nil)
-            if value == read_value
-              acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
-            else
-              config = acts_as_authentic_config.clone
-              config[key] = value
-              self.acts_as_authentic_config = config
-              value
-            end
-          end
-
           def first_column_to_exist(*columns_to_check)
             if db_setup?
               columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }

data/lib/authlogic/config.rb

@@ -0,0 +1,23 @@
+#encoding: utf-8
+module Authlogic
+  module Config
+    def self.extended(klass)
+      klass.class_eval do
+        class_attribute :acts_as_authentic_config
+        self.acts_as_authentic_config ||= {}
+      end
+    end
+
+    private
+      # This is a one-liner method to write a config setting, read the config
+      # setting, and also set a default value for the setting.
+      def rw_config(key, value, default_value = nil)
+        if value.nil?
+          acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
+        else
+          self.acts_as_authentic_config = acts_as_authentic_config.merge(key => value)
+          value
+        end
+      end
+  end
+end

data/lib/authlogic/session/active_record_trickery.rb

@@ -6,21 +6,21 @@ module Authlogic
     # advantage of the many ActiveRecord tools.
     module ActiveRecordTrickery
       def self.included(klass)
+        klass.extend ActiveModel::Naming
+        klass.extend ActiveModel::Translation
+
+        # Support ActiveModel::Name#name for Rails versions before 4.0.
+        if !klass.model_name.respond_to?(:name)
+          ActiveModel::Name.module_eval do
+            alias_method :name, :to_s
+          end
+        end
+
         klass.extend ClassMethods
         klass.send(:include, InstanceMethods)
       end
 
       module ClassMethods
-        # How to name the attributes of Authlogic, works JUST LIKE ActiveRecord, but instead it uses the following
-        # namespace:
-        #
-        #   authlogic.attributes.user_session.login
-        def human_attribute_name(attribute_key_name, options = {})
-          options[:count] ||= 1
-          options[:default] ||= attribute_key_name.to_s.humanize
-          I18n.t("attributes.#{name.underscore}.#{attribute_key_name}", options)
-        end
-
         # How to name the class, works JUST LIKE ActiveRecord, except it uses the following namespace:
         #
         #   authlogic.models.user_session
@@ -28,22 +28,10 @@ module Authlogic
           I18n.t("models.#{name.underscore}", {:count => 1, :default => name.humanize})
         end
 
-        # For rails >= 3.0
-        def model_name
-          if defined?(::ActiveModel)
-            ::ActiveModel::Name.new(self)
-          else
-            ::ActiveSupport::ModelName.new(self.to_s)
-          end
-        end
-
         def i18n_scope
           I18n.scope
         end
 
-        def lookup_ancestors
-          ancestors.select { |x| x.respond_to?(:model_name) }
-        end
       end
 
       module InstanceMethods

data/lib/authlogic/session/cookies.rb

@@ -43,8 +43,8 @@ module Authlogic
         #
         # * <tt>Default:</tt> 3.months
         # * <tt>Accepts:</tt> Integer, length of time in seconds, such as 60 or 3.months
-        def remember_me_for(value = :_read)
-          rw_config(:remember_me_for, value, 3.months, :_read)
+        def remember_me_for(value = nil)
+          rw_config(:remember_me_for, value, 3.months)
         end
         alias_method :remember_me_for=, :remember_me_for
 
@@ -206,7 +206,7 @@ module Authlogic
               controller.cookies[cookie_key] = generate_cookie_for_saving
             end
           end
-          
+
           def generate_cookie_for_saving
             remember_me_until_value = "::#{remember_me_until.iso8601}" if remember_me?
             {

data/lib/authlogic/session/foundation.rb

@@ -6,34 +6,16 @@ module Authlogic
     module Foundation
       def self.included(klass)
         klass.class_eval do
-          class_attribute :acts_as_authentic_config
-          self.acts_as_authentic_config  ||= {}
-          
-          extend ClassMethods
+          extend Authlogic::Config
           include InstanceMethods
         end
       end
-      
-      module ClassMethods
-        private
-          def rw_config(key, value, default_value = nil, read_value = nil)
-            if value == read_value
-              return acts_as_authentic_config[key] if acts_as_authentic_config.include?(key)
-              rw_config(key, default_value) unless default_value.nil?
-            else
-              config = acts_as_authentic_config.clone
-              config[key] = value
-              self.acts_as_authentic_config = config
-              value
-            end
-          end
-      end
-      
+
       module InstanceMethods
         def initialize(*args)
           self.credentials = args
         end
-        
+
         # The credentials you passed to create your session. See credentials= for more info.
         def credentials
           []
@@ -54,11 +36,11 @@ module Authlogic
         #   session.credentials = [my_user_object, true, :my_id]
         def credentials=(values)
         end
-        
+
         def inspect
           "#<#{self.class.name}: #{credentials.blank? ? "no credentials provided" : credentials.inspect}>"
         end
-                
+
         private
           def build_key(last_part)
             last_part

data/test/acts_as_authentic_test/base_test.rb

@@ -8,13 +8,13 @@ module ActsAsAuthenticTest
         end
       end
     end
-    
+
     def test_acts_as_authentic_with_old_config
       assert_raise(ArgumentError) do
         User.acts_as_authentic({})
       end
     end
-    
+
     def test_acts_as_authentic_with_no_table
       klass = Class.new(ActiveRecord::Base)
       assert_nothing_raised do
@@ -22,4 +22,4 @@ module ActsAsAuthenticTest
       end
     end
   end
-end
+end

data/test/acts_as_authentic_test/email_test.rb

@@ -38,13 +38,13 @@ module ActsAsAuthenticTest
 
       options = User.validates_format_of_email_field_options
       message = options.delete(:message)
-      assert message.kind_of?(Proc)     
+      assert message.kind_of?(Proc)
       assert_equal dmessage, message.call
       assert_equal default, options
 
       options = Employee.validates_format_of_email_field_options
       message = options.delete(:message)
-      assert message.kind_of?(Proc)     
+      assert message.kind_of?(Proc)
       assert_equal dmessage, message.call
       assert_equal default, options
 
@@ -56,15 +56,12 @@ module ActsAsAuthenticTest
     end
 
     def test_deferred_error_message_translation
-
       # ensure we successfully loaded the test locale
       assert I18n.available_locales.include?(:lol), "Test locale failed to load"
 
-      original_locale = I18n.locale
-      I18n.locale = 'lol'
-      message = I18n.t("authlogic.error_messages.email_invalid")
+      I18n.with_locale('lol') do
+        message = I18n.t("authlogic.error_messages.email_invalid")
 
-      begin
         cat = User.new
         cat.email = 'meow'
         cat.valid?
@@ -74,9 +71,6 @@ module ActsAsAuthenticTest
         error = error.first if error.is_a?(Array)
 
         assert_equal message, error
-
-      ensure
-        I18n.locale = original_locale
       end
     end
 
@@ -122,7 +116,7 @@ module ActsAsAuthenticTest
       u.email = "dakota.d'ux@gmail.com"
       u.valid?
       assert u.errors[:email].size == 0
-      
+
       u.email = "<script>alert(123);</script>\nnobody@example.com"
       assert !u.valid?
       assert u.errors[:email].size > 0
@@ -143,4 +137,4 @@ module ActsAsAuthenticTest
       assert u.errors[:email].size == 0
     end
   end
-end
+end

data/test/acts_as_authentic_test/logged_in_status_test.rb

@@ -19,7 +19,10 @@ module ActsAsAuthenticTest
       # slightly different. This is an attempt to make sure the scope is lambda wrapped
       # so that it is re-evaluated every time its called. My biggest concern is that the
       # test happens so fast that the test fails... I just don't know a better way to test it!
-      assert User.logged_in.where_values != User.logged_in.where_values, ERROR_MSG % '#logged_in'
+      query1 = User.logged_in.where_values
+      sleep 0.1
+      query2 = User.logged_in.where_values
+      assert query1 != query2, ERROR_MSG % '#logged_in'
 
       assert_equal 0, User.logged_in.count
       user = User.first

data/test/acts_as_authentic_test/password_test.rb

@@ -5,33 +5,33 @@ module ActsAsAuthenticTest
     def test_crypted_password_field_config
       assert_equal :crypted_password, User.crypted_password_field
       assert_equal :crypted_password, Employee.crypted_password_field
-      
+
       User.crypted_password_field = :nope
       assert_equal :nope, User.crypted_password_field
       User.crypted_password_field :crypted_password
       assert_equal :crypted_password, User.crypted_password_field
     end
-    
+
     def test_password_salt_field_config
       assert_equal :password_salt, User.password_salt_field
       assert_equal :password_salt, Employee.password_salt_field
-      
+
       User.password_salt_field = :nope
       assert_equal :nope, User.password_salt_field
       User.password_salt_field :password_salt
       assert_equal :password_salt, User.password_salt_field
     end
-    
+
     def test_ignore_blank_passwords_config
       assert User.ignore_blank_passwords
       assert Employee.ignore_blank_passwords
-      
+
       User.ignore_blank_passwords = false
       assert !User.ignore_blank_passwords
       User.ignore_blank_passwords true
       assert User.ignore_blank_passwords
     end
-    
+
     def test_check_passwords_against_database
       assert User.check_passwords_against_database
       User.check_passwords_against_database = false
@@ -39,125 +39,118 @@ module ActsAsAuthenticTest
       User.check_passwords_against_database true
       assert User.check_passwords_against_database
     end
-    
+
     def test_validate_password_field_config
       assert User.validate_password_field
       assert Employee.validate_password_field
-      
+
       User.validate_password_field = false
       assert !User.validate_password_field
       User.validate_password_field true
       assert User.validate_password_field
     end
-    
+
     def test_validates_length_of_password_field_options_config
       default = {:minimum => 4, :if => :require_password?}
       assert_equal default, User.validates_length_of_password_field_options
       assert_equal default, Employee.validates_length_of_password_field_options
-      
+
       User.validates_length_of_password_field_options = {:yes => "no"}
       assert_equal({:yes => "no"}, User.validates_length_of_password_field_options)
       User.validates_length_of_password_field_options default
       assert_equal default, User.validates_length_of_password_field_options
     end
-    
+
     def test_validates_confirmation_of_password_field_options_config
       default = {:if => :require_password?}
       assert_equal default, User.validates_confirmation_of_password_field_options
       assert_equal default, Employee.validates_confirmation_of_password_field_options
-      
+
       User.validates_confirmation_of_password_field_options = {:yes => "no"}
       assert_equal({:yes => "no"}, User.validates_confirmation_of_password_field_options)
       User.validates_confirmation_of_password_field_options default
       assert_equal default, User.validates_confirmation_of_password_field_options
     end
-    
+
     def test_validates_length_of_password_confirmation_field_options_config
       default = {:minimum => 4, :if => :require_password?}
       assert_equal default, User.validates_length_of_password_confirmation_field_options
       assert_equal default, Employee.validates_length_of_password_confirmation_field_options
-      
+
       User.validates_length_of_password_confirmation_field_options = {:yes => "no"}
       assert_equal({:yes => "no"}, User.validates_length_of_password_confirmation_field_options)
       User.validates_length_of_password_confirmation_field_options default
       assert_equal default, User.validates_length_of_password_confirmation_field_options
     end
-    
+
     def test_crypto_provider_config
       assert_equal Authlogic::CryptoProviders::SCrypt, User.crypto_provider
       assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
-      
+
       User.crypto_provider = Authlogic::CryptoProviders::BCrypt
       assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
       User.crypto_provider Authlogic::CryptoProviders::Sha512
       assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
     end
-    
+
     def test_transition_from_crypto_providers_config
-      assert_equal [], User.transition_from_crypto_providers
+      assert_equal [Authlogic::CryptoProviders::Sha512], User.transition_from_crypto_providers
       assert_equal [], Employee.transition_from_crypto_providers
-      
+
       User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
       assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
       User.transition_from_crypto_providers []
       assert_equal [], User.transition_from_crypto_providers
     end
-    
+
     def test_validates_length_of_password
-      u = User.new
-      u.password_confirmation = "test2"
-      assert !u.valid?
-      assert u.errors[:password].size > 0
-      
-      u.password = "test"
+      u = User.new(login: "abcde", email: "abcde@test.com", password: "abcde", password_confirmation: "abcde")
+      assert u.valid?
+
+      u.password = u.password_confirmation = "abc"
       assert !u.valid?
 
-      if ActiveModel.respond_to?(:version) and ActiveModel.version.segments.first >= 4
-        assert u.errors[:password_confirmation].size == 5
-      else
-        assert u.errors[:password_confirmation].size == 0
-      end
+      assert u.errors[:password].include?("is too short (minimum is 4 characters)")
+      assert u.errors[:password_confirmation].include?("is too short (minimum is 4 characters)")
     end
-    
+
     def test_validates_confirmation_of_password
-      u = User.new
-      u.password = "test"
-      u.password_confirmation = "test2"
+      u = User.new(login: "abcde", email: "abcde@test.com", password: "abcde", password_confirmation: "abcde")
+      assert u.valid?
+
+      u.password_confirmation = "abcdefgh"
       assert !u.valid?
-#      assert u.errors[:password].size > 0
+
       if ActiveModel.respond_to?(:version) and ActiveModel.version.segments.first >= 4
-        assert u.errors[:password_confirmation].size > 0
+        assert u.errors[:password_confirmation].include?("doesn't match Password")
       else
-        assert u.errors[:password].size > 0
+        assert u.errors[:password].include?("doesn't match confirmation")
       end
-      u.password_confirmation = "test"
-      assert !u.valid?
-      assert u.errors[:password].size == 0
     end
-    
+
     def test_validates_length_of_password_confirmation
       u = User.new
-      
+
       u.password = "test"
       u.password_confirmation = ""
       assert !u.valid?
       assert u.errors[:password_confirmation].size > 0
-      
+
       u.password_confirmation = "test"
       assert !u.valid?
       assert u.errors[:password_confirmation].size == 0
-      
+
       ben = users(:ben)
       assert ben.valid?
-      
+
       ben.password = "newpass"
       assert !ben.valid?
       assert ben.errors[:password_confirmation].size > 0
-      
+
       ben.password_confirmation = "newpass"
       assert ben.valid?
     end
-    
+
     def test_password
       u = User.new
       old_password_salt = u.password_salt
@@ -166,60 +159,61 @@ module ActsAsAuthenticTest
       assert_not_equal old_password_salt, u.password_salt
       assert_not_equal old_crypted_password, u.crypted_password
     end
-    
+
     def test_transitioning_password
       ben = users(:ben)
+
       transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
       transition_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
       transition_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
     end
-    
+
     def test_checks_password_against_database
       ben = users(:aaron)
       ben.password = "new pass"
       assert !ben.valid_password?("new pass")
       assert ben.valid_password?("aaronrocks")
     end
-    
+
     def test_checks_password_against_database_and_always_fails_on_new_records
       user = User.new
       user.password = "new pass"
       assert !user.valid_password?("new pass")
     end
-    
+
     def test_checks_password_against_object
       ben = users(:ben)
       ben.password = "new pass"
       assert ben.valid_password?("new pass", false)
       assert !ben.valid_password?("benrocks", false)
     end
-    
+
     def test_reset_password
       ben = users(:ben)
       old_crypted_password = ben.crypted_password
       old_password_salt = ben.password_salt
-      
+
       # soft reset
       ben.reset_password
       assert_not_equal old_crypted_password, ben.crypted_password
       assert_not_equal old_password_salt, ben.password_salt
-      
+
       # make sure it didn't go into the db
       ben.reload
       assert_equal old_crypted_password, ben.crypted_password
       assert_equal old_password_salt, ben.password_salt
-      
+
       # hard reset
       assert ben.reset_password!
       assert_not_equal old_crypted_password, ben.crypted_password
       assert_not_equal old_password_salt, ben.password_salt
-      
+
       # make sure it did go into the db
       ben.reload
       assert_not_equal old_crypted_password, ben.crypted_password
       assert_not_equal old_password_salt, ben.password_salt
     end
-    
+
     private
       def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
         records = [records] unless records.is_a?(Array)
@@ -233,7 +227,7 @@ module ActsAsAuthenticTest
           assert record.valid_password?(password_for(record))
           assert_not_equal old_hash.to_s, record.crypted_password.to_s
           assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
-          
+
           old_hash = record.crypted_password
           old_persistence_token = record.persistence_token
           assert record.valid_password?(password_for(record))