authpwn_rails 0.14.3 → 0.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cc8216974a3bf1143ac13b338b9c4037075138f5
-  data.tar.gz: 436967faedbd3db9e2914686e72c25e7bff9efe0
+  metadata.gz: 33ed7937ffde31b3f49807f105a9ea828280a526
+  data.tar.gz: 8dc7fe902fcbb1a0c8d5c6146efae92ba8479414
 SHA512:
-  metadata.gz: b86272b9f314929400ea85547a975c0ac168ae096dcc90a8d1dbecbe58be456068d5df8103ac0c26581ceac0832ce06a0258efec03a65b8546513695734c1ed5
-  data.tar.gz: 114d8a0a0baabd93f021c11ff05d174b9d92e41a929ac7532ea568b9c9a7f65cbafa5c9bc0610cf5ffa0af5d95fb2b38382c696944ea9180c28c8ed6484120c7
+  metadata.gz: ff0e51ef128c6f72beaa411a6fdfab85a57c133a16d921042771dec63233cadf8acb2ed85b31b108b673abe890d9a797e13df57573d70ca4d5ad5047e906dae2
+  data.tar.gz: 41cdaf58878aa68500b1f7bc1d774fa7cfabea328fea7b90d896e043ade2d6c15a01142a4617d0ec842d3127046aee27064a8121813e8c91d56614b7784bcd42

data/Gemfile.rails3

@@ -1,4 +1,4 @@
-source :rubygems
+source 'https://rubygems.org'
 
 gem 'fbgraph_rails', '>= 0.2.2'
 

data/Gemfile.rails4

@@ -1,4 +1,4 @@
-source :rubygems
+source 'https://rubygems.org'
 
 gem 'fbgraph_rails', '>= 0.2.2'
 

data/VERSION

@@ -1 +1 @@
-0.14.3
+0.15.0

data/authpwn_rails.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |s|
   s.name = "authpwn_rails"
-  s.version = "0.14.3"
+  s.version = "0.15.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Victor Costan"]
@@ -52,6 +52,7 @@ Gem::Specification.new do |s|
     "lib/authpwn_rails/generators/templates/credential.rb",
     "lib/authpwn_rails/generators/templates/credentials.yml",
     "lib/authpwn_rails/generators/templates/initializer.rb",
+    "lib/authpwn_rails/generators/templates/session.rb",
     "lib/authpwn_rails/generators/templates/session/forbidden.html.erb",
     "lib/authpwn_rails/generators/templates/session/home.html.erb",
     "lib/authpwn_rails/generators/templates/session/new.html.erb",
@@ -72,6 +73,7 @@ Gem::Specification.new do |s|
     "lib/authpwn_rails/session.rb",
     "lib/authpwn_rails/session_controller.rb",
     "lib/authpwn_rails/session_mailer.rb",
+    "lib/authpwn_rails/session_model.rb",
     "lib/authpwn_rails/test_extensions.rb",
     "lib/authpwn_rails/user_extensions/email_field.rb",
     "lib/authpwn_rails/user_extensions/facebook_fields.rb",
@@ -107,6 +109,7 @@ Gem::Specification.new do |s|
     "test/routes_test.rb",
     "test/session_controller_api_test.rb",
     "test/session_mailer_api_test.rb",
+    "test/session_test.rb",
     "test/test_extensions_test.rb",
     "test/test_helper.rb",
     "test/user_extensions/email_field_test.rb",

data/lib/authpwn_rails/generators/all_generator.rb

@@ -21,13 +21,14 @@ class AllGenerator < Rails::Generators::Base
   end
 
   def create_session_controller
+    copy_file 'session.rb', File.join('app', 'models', 'session.rb')
     copy_file 'session_controller.rb',
               File.join('app', 'controllers', 'session_controller.rb')
     copy_file File.join('session_controller_test.rb'),
               File.join('test', 'functional', 'session_controller_test.rb')
 
     route "authpwn_session"
-    route "root :to => 'session#show'"
+    route "root to: 'session#show'"
   end
 
   def create_session_views
@@ -51,6 +52,12 @@ class AllGenerator < Rails::Generators::Base
   end
 
   def create_session_mailer_views
+    copy_file File.join('session_mailer', 'email_verification_email.html.erb'),
+              File.join('app', 'views', 'session_mailer',
+                        'email_verification_email.html.erb')
+    copy_file File.join('session_mailer', 'email_verification_email.text.erb'),
+              File.join('app', 'views', 'session_mailer',
+                        'email_verification_email.text.erb')
     copy_file File.join('session_mailer', 'reset_password_email.html.erb'),
               File.join('app', 'views', 'session_mailer',
                         'reset_password_email.html.erb')

data/lib/authpwn_rails/generators/templates/session/new.html.erb

@@ -12,29 +12,28 @@
 </p>
 <% end %>
 
-<%= form_tag session_path do %>
+<%= form_for @session, url: session_path do |f| %>
   <div class="field">
-    <%= label_tag :email, 'Email Address' %><br />
+    <%= f.label :email, 'Email Address' %><br />
     <span class="value">
-      <%= email_field_tag :email, @email, autofocus: true, required: true,
+      <%= f.email_field :email, autofocus: true, required: true,
             placeholder: 'your@email.com' %>
     </span>
   </div>
 
   <div class="field">
-    <%= label_tag :password %><br />
+    <%= f.label :password %><br />
     <span class="value">
-      <%= password_field_tag :password %>
+      <%= f.password_field :password %>
     </span>
   </div>
 
   <div class="actions">
-    <%= button_tag 'Log in', name: 'login', value: 'requested' %>
-    <%= button_tag 'Reset Password', name: 'reset_password',
+    <%= f.button 'Log in', name: 'login', value: 'requested' %>
+    <%= f.button 'Reset Password', name: 'reset_password',
           value: 'requested', formaction: reset_password_session_path %>
-
-    <% if @redirect_url %>
-    <%= hidden_field_tag :redirect_url, @redirect_url %>
-    <% end %>
   </div>
+  <% if @redirect_url %>
+  <%= hidden_field_tag :redirect_url, @redirect_url %>
+  <% end %>
 <% end %>

data/lib/authpwn_rails/generators/templates/session.rb

@@ -0,0 +1,6 @@
+# Virtual model for the information collected when a user signs in.
+class Session
+  include Authpwn::SessionModel
+
+  # Add your extensions to the Session class here.
+end

data/lib/authpwn_rails/generators/templates/session_controller_test.rb

@@ -20,7 +20,8 @@ class SessionControllerTest < ActionController::TestCase
     old_token = credentials(:jane_session_token)
     old_token.updated_at = Time.now - 1.year
     old_token.save!
-    post :create, email: @email_credential.email, password: 'password'
+    post :create, session: { email: @email_credential.email,
+                             password: 'password' }
     assert_equal @user, session_current_user, 'session'
     assert_redirected_to session_url
     assert_nil Tokens::Base.with_code(old_token.code).first,
@@ -53,8 +54,8 @@ class SessionControllerTest < ActionController::TestCase
     assert_template :new
 
     assert_select 'form[action=?]', session_path do
-      assert_select 'input[name="email"]'
-      assert_select 'input[name="password"]'
+      assert_select 'input[name=?]', 'session[email]'
+      assert_select 'input[name=?]', 'session[password]'
       assert_select 'button[name="login"]'
       assert_select 'button[name="reset_password"]'
     end

data/lib/authpwn_rails/session_controller.rb

@@ -21,7 +21,7 @@ module SessionController
 
   # GET /session/new
   def new
-    @email = params[:email]
+    @session = Session.from_params params
     @redirect_url = flash[:auth_redirect_url]
     redirect_to session_url if current_user
   end
@@ -58,8 +58,8 @@ module SessionController
     return reset_password if params[:reset_password]
 
     @redirect_url = params[:redirect_url] || session_url
-    @email = params[:email]
-    auth = User.authenticate_signin @email, params[:password]
+    @session = Session.from_params params
+    auth = User.authenticate_signin @session.email, @session.password
     unless auth.kind_of? Symbol
       set_session_current_user auth
       Tokens::SessionUid.remove_expired if auto_purge_sessions
@@ -92,12 +92,12 @@ module SessionController
 
   # POST /session/reset_password
   def reset_password
-    @email = params[:email]
-    credential = Credentials::Email.with @email
+    email = params[:email]
+    credential = Credentials::Email.with email
 
     if user = (credential && credential.user)
       token = Tokens::PasswordReset.random_for user
-      ::SessionMailer.reset_password_email(@email, token, root_url).deliver
+      ::SessionMailer.reset_password_email(email, token, root_url).deliver
     end
 
     respond_to do |format|

data/lib/authpwn_rails/session_model.rb

@@ -0,0 +1,60 @@
+require 'active_model'
+
+
+# :nodoc: namespace
+module Authpwn
+
+# Included by the model class that collects sign-up information.
+#
+# Parts of the codebase assume the model will be named Session.
+module SessionModel
+  extend ActiveSupport::Concern
+
+  included do
+    if defined? ActiveModel::Model
+      # Rails 4.
+      include ActiveModel::Model
+    else
+      # Rails 3.
+      include ActiveModel::Conversion
+      extend  ActiveModel::Naming
+      extend  ActiveModel::Translation
+      include ActiveModel::Validations
+
+      def initialize(params={})
+        params.each do |attr, value|
+          self.public_send("#{attr}=", value)
+        end if params
+
+        super()
+      end
+      def persisted?
+        false
+      end
+    end
+
+    # The e-mail used to sign up.
+    attr_accessor :email
+
+    # The password used to sign up.
+    attr_accessor :password
+  end
+
+  # Class methods on models that include Authpwn::SessionModel.
+  module ClassMethods
+    # Extracts signup information from a controller's params hash.
+    #
+    # @param [Hash] params the parameters received by a controller action
+    # @return [Session] new Session instance containing the signup information
+    def from_params(params)
+      if params[:session]
+        self.new email: params[:session][:email],
+                 password: params[:session][:password]
+      else
+        self.new email: params[:email], password: params[:password]
+      end
+    end
+  end  # module Authpwn::SessionModel::ClassMethods
+end  # namespace Authpwn::SessionModel
+
+end  # namespace Authpwn

data/lib/authpwn_rails.rb

@@ -9,6 +9,7 @@ module Authpwn
   autoload :Expires, 'authpwn_rails/expires.rb'
   autoload :SessionController, 'authpwn_rails/session_controller.rb'
   autoload :SessionMailer, 'authpwn_rails/session_mailer.rb'
+  autoload :SessionModel, 'authpwn_rails/session_model.rb'
   autoload :UserModel, 'authpwn_rails/user_model.rb'
 
   # Contains extensions to the User model.

data/test/helpers/db_setup.rb

@@ -37,6 +37,7 @@ CreateCredentials.migrate :up
 
 require 'authpwn_rails/generators/templates/user.rb'
 require 'authpwn_rails/generators/templates/credential.rb'
+require 'authpwn_rails/generators/templates/session.rb'
 
 class ActiveSupport::TestCase
   include ActiveRecord::TestFixtures

data/test/session_controller_api_test.rb

@@ -80,6 +80,16 @@ class SessionControllerApiTest < ActionController::TestCase
   end
 
   test "create logs in with good account details" do
+    post :create, session: { email: @email_credential.email,
+                             password: 'password' }
+    assert_equal @user, assigns(:current_user), 'instance variable'
+    assert_equal @user, session_current_user, 'session'
+    assert_nil flash[:alert], 'no alert'
+    assert_nil flash[:auth_redirect_url], 'no redirect URL in flash'
+    assert_redirected_to session_url
+  end
+
+  test "create logs in with good raw account details" do
     post :create, email: @email_credential.email, password: 'password'
     assert_equal @user, assigns(:current_user), 'instance variable'
     assert_equal @user, session_current_user, 'session'
@@ -93,7 +103,8 @@ class SessionControllerApiTest < ActionController::TestCase
     old_token = credentials(:jane_session_token)
     old_token.updated_at = Time.now - 1.year
     old_token.save!
-    post :create, email: @email_credential.email, password: 'password'
+    post :create, session: { email: @email_credential.email,
+                             password: 'password' }
     assert_equal @user, session_current_user, 'session'
     assert_nil Tokens::Base.with_code(old_token.code).first,
                'old session not purged'
@@ -136,15 +147,15 @@ class SessionControllerApiTest < ActionController::TestCase
 
   test "create redirects properly with good account details" do
     url = 'http://authpwn.redirect.url'
-    post :create, email: @email_credential.email, password: 'password',
-                  redirect_url: url
+    post :create, session: { email: @email_credential.email,
+                             password: 'password' }, redirect_url: url
     assert_redirected_to url
     assert_nil flash[:alert], 'no alert'
     assert_nil flash[:auth_redirect_url], 'no redirect URL in flash'
   end
 
   test "create does not log in with bad password" do
-    post :create, email: @email_credential.email, password: 'fail'
+    post :create, session: { email: @email_credential.email, password: 'fail' }
     assert_redirected_to new_session_url
     assert_nil assigns(:current_user), 'instance variable'
     assert_nil session_current_user, 'session'
@@ -155,7 +166,8 @@ class SessionControllerApiTest < ActionController::TestCase
   test "create does not log in with expired password" do
     @password_credential.updated_at = Time.now - 2.years
     @password_credential.save!
-    post :create, email: @email_credential.email, password: 'password'
+    post :create, session: { email: @email_credential.email,
+                             password: 'password' }
     assert_redirected_to new_session_url
     assert_nil assigns(:current_user), 'instance variable'
     assert_nil session_current_user, 'session'
@@ -168,7 +180,7 @@ class SessionControllerApiTest < ActionController::TestCase
     old_token = credentials(:jane_session_token)
     old_token.updated_at = Time.now - 1.year
     old_token.save!
-    post :create, email: @email_credential.email, password: 'fail'
+    post :create, session: { email: @email_credential.email, password: 'fail' }
     assert_nil session_current_user, 'session'
     assert_equal old_token, Tokens::Base.with_code(old_token.code).first,
                'old session purged'
@@ -176,7 +188,8 @@ class SessionControllerApiTest < ActionController::TestCase
 
   test "create does not log in blocked accounts" do
     with_blocked_credential @email_credential do
-      post :create, email: @email_credential.email, password: 'password'
+      post :create, session: { email: @email_credential.email,
+                               password: 'password' }
     end
     assert_redirected_to new_session_url
     assert_nil assigns(:current_user), 'instance variable'
@@ -233,8 +246,8 @@ class SessionControllerApiTest < ActionController::TestCase
 
   test "create maintains redirect_url for bad logins" do
     url = 'http://authpwn.redirect.url'
-    post :create, email: @email_credential.email, password: 'fail',
-                  redirect_url: url
+    post :create, session: { email: @email_credential.email,
+                             password: 'fail' }, redirect_url: url
     assert_redirected_to new_session_url
     assert_match(/Invalid /, flash[:alert])
     assert_equal url, flash[:auth_redirect_url]

data/test/session_test.rb

@@ -0,0 +1,26 @@
+require File.expand_path('../test_helper', __FILE__)
+
+class SessionTest < ActiveSupport::TestCase
+  def setup
+    @session = Session.new email: 'costan@gmail.com', password: 'secret'
+  end
+
+  test 'setup' do
+    assert @session.valid?
+  end
+
+  test 'from_params with raw values' do
+    session = Session.from_params email: 'costan@gmail.com', password: 'secret'
+
+    assert_equal 'costan@gmail.com', session.email
+    assert_equal 'secret', session.password
+  end
+
+  test 'from_params with object' do
+    session = Session.from_params session: { email: 'costan@gmail.com',
+                                             password: 'secret' }
+
+    assert_equal 'costan@gmail.com', session.email
+    assert_equal 'secret', session.password
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authpwn_rails
 version: !ruby/object:Gem::Version
-  version: 0.14.3
+  version: 0.15.0
 platform: ruby
 authors:
 - Victor Costan
@@ -179,6 +179,7 @@ files:
 - lib/authpwn_rails/generators/templates/credential.rb
 - lib/authpwn_rails/generators/templates/credentials.yml
 - lib/authpwn_rails/generators/templates/initializer.rb
+- lib/authpwn_rails/generators/templates/session.rb
 - lib/authpwn_rails/generators/templates/session/forbidden.html.erb
 - lib/authpwn_rails/generators/templates/session/home.html.erb
 - lib/authpwn_rails/generators/templates/session/new.html.erb
@@ -199,6 +200,7 @@ files:
 - lib/authpwn_rails/session.rb
 - lib/authpwn_rails/session_controller.rb
 - lib/authpwn_rails/session_mailer.rb
+- lib/authpwn_rails/session_model.rb
 - lib/authpwn_rails/test_extensions.rb
 - lib/authpwn_rails/user_extensions/email_field.rb
 - lib/authpwn_rails/user_extensions/facebook_fields.rb
@@ -234,6 +236,7 @@ files:
 - test/routes_test.rb
 - test/session_controller_api_test.rb
 - test/session_mailer_api_test.rb
+- test/session_test.rb
 - test/test_extensions_test.rb
 - test/test_helper.rb
 - test/user_extensions/email_field_test.rb