boilerplate_generator 0.0.1

data/History.txt

@@ -0,0 +1,3 @@
++++ 0.0.1 2007-05-07
+
++ Initial gem release

data/Manifest.txt

@@ -0,0 +1,32 @@
+History.txt
+Manifest.txt
+README.txt
+USAGE
+boilerplate_generator.rb
+lib/boilerplate_generator/version.rb
+templates/app/controllers/account_controller.rb
+templates/app/controllers/application.rb
+templates/app/controllers/user_controller.rb
+templates/app/helpers/account_helper.rb
+templates/app/helpers/user_helper.rb
+templates/app/models/user.rb
+templates/app/views/account/login.haml
+templates/app/views/account/login.html.erb
+templates/app/views/layouts/application.haml
+templates/app/views/layouts/application.html.erb
+templates/app/views/user/_form.haml
+templates/app/views/user/_form.html.erb
+templates/app/views/user/edit.haml
+templates/app/views/user/edit.html.erb
+templates/app/views/user/new.haml
+templates/app/views/user/new.html.erb
+templates/app/views/user/show.haml
+templates/app/views/user/show.html.erb
+templates/config/routes.rb
+templates/db/migrate/create_users.rb
+templates/lib/authentication_system.rb
+templates/test/fixtures/users.yml
+templates/test/functional/account_controller_test.rb
+templates/test/functional/user_controller_test.rb
+templates/test/test_helper.rb
+templates/test/unit/user_test.rb

data/README.txt

@@ -0,0 +1,152 @@
+= Boilerplate Generator
+
+Boilerplate is a generator for new Rails projects. It automatically creates a
+working account system for user login and registration, a basic layout, some
+named routes, and (of course) a comprehensive suite of tests.
+
+If you have any questions, comments, criticisms, or unmelted chocolate
+sundaes, please contact me via electronic mail. My address is
+packagetheif@gmail.com
+
+== Why?
+
+Because I get tired of creating the same basic things each time I start a new
+project.  Steeped in frustration, I extracted all the preliminary code from last
+project I created and packaged it up for posterity.
+
+== What's included?
+
+Nothing fancy, really. That's the whole idea: no smoke, no mirrors. Just simple
+code that's easy to modify and/or extend.
+
+models
+  A User model with support for hashed (and salted) passwords, all the necessary
+  validations, and an authenticate class method. Take a look at
+  db/migrate/###_create_users.rb if you want to see the schema definition
+  
+views
+  Views for login and signup, plus a simple xhtml layout that includes
+  the default javascript libraries
+  
+controllers
+  An account controller with index, login, signup, and logout actions; a
+  modified application_controller that mixes in the AuthenticationSystem module.
+  The current_user method returns a User object provided a User with an id equal
+  to session[:user] can be found; the authenticate method redirects to the
+  login_url if current_user returns false
+  
+routes
+  Named routes for signup_url, login_url, and logout_url and a resource route
+  for users (map.resource :user)
+  
+migrations
+  A migration to create the Users table
+
+tests
+  A comprehensive suite of tests covering the User model, and the all the
+  Account and User actions
+
+== Test Specs
+
+Account controller should:
+ * login user and redirect
+ * not login invalid user
+ * logout and redirect
+ * remember login if remember me is set
+ * not remember login if remember me is not set
+ * delete token on logout
+ * login automatically from cookie
+ * fail cookie login with expired cookie
+ * fail cookie login with invalid cookie
+
+User controller should:
+ * create user
+ * require login on create
+ * require unique login on create
+ * require password on create
+ * require password confirmation on create
+ * require email on create
+ * require valid email on create
+ * require authentication for show
+ * require authentication for edit
+ * require authentication for update
+ * accept http basic authentication
+
+User should:
+ * create user
+ * update user
+ * destroy user
+ * accept valid emails
+ * not allow invalid emails
+ * not allow spaces or dots in login
+ * reset password
+ * not rehash password when unchanged
+ * authenticate user
+ * set remember token
+ * unset remember token
+ * remember login for one week
+ * remember login until one week from now
+ * remember login for default two weeks
+
+== Usage
+
+Boilerplate is intended to be used on a fresh Rails application. You're free to
+use it on an app with code in it already; it will prompt you before it tries
+to overwrite any existing files.
+
+To generate the boilerplate code for your application, use the generate script:
+
+  $ ./script/generate boilerplate
+  
+Assuming you have the databases set up for your application, run the migration
+script which will create the User table:
+
+  $ rake db:migrate
+  
+Run the test suite to make sure everything is kosher:
+
+  $ rake test
+  
+== Generated files
+
+The following files are generated:
+
+  +-- app
+  |   |-- controllers
+  |   |   |-- account_controller.rb
+  |   |   |-- user_controller.rb
+  |   |   `-- application.rb
+  |   |-- models
+  |   |   `-- user.rb
+  |   `-- views
+  |       |-- account
+  |       |   |-- index.rhtml
+  |       |   |-- login.rhtml
+  |       |   `-- signup.rhtml
+  |       |-- user
+  |       |   |-- login.rhtml
+  |       |   |-- show.rhtml
+  |       |   `-- signup.rhtml
+  |       `-- layouts
+  |           `-- application.rhtml
+  |-- config
+  |   `-- routes.rb
+  |-- db
+  |   `-- migrate
+  |       |-- ###_create_sessions.rb
+  |       `-- ###_create_users.rb
+  |-- lib
+  |   `-- authentication_system.rb
+  `-- test
+      |-- fixtures
+      |   `-- users.yml
+      |-- functional
+      |   |-- user_controller_test.rb
+      |   `-- account_controller_test.rb
+      |-- test_helper.rb
+      `-- unit
+          `-- user_test.rb
+
+
+---
+Copyright (c) 2007 Jeffrey Allan Hardy, released under the MIT license

data/USAGE

@@ -0,0 +1,30 @@
+NAME
+   boilerplate - creates a working account system for user login and
+   registration
+
+SYNOPSIS
+  boilerplate
+
+DESCRIPTION
+   Automatically creates a working account system for user login and
+   registration, a basic layout, some named routes, and (of course) a
+   comprehensive suite of tests.
+
+   Boilerplate is intended to be used on a fresh Rails application.
+   You're free to use it on an app with code in it already; it will
+   prompt you before it tries to overwrite any existing files.
+
+EXAMPLE
+   To generate the boilerplate code for your application, use the
+   generate script:
+
+    ./script/generate boilerplate
+
+   Assuming you have the databases set up for your application, run
+   the migration script which will create the User table:
+
+    rake db:migrate
+
+   Run the test suite to make sure everything is kosher:
+
+    rake test

data/boilerplate_generator.rb

@@ -0,0 +1,69 @@
+class BoilerplateGenerator < Rails::Generator::Base
+  def manifest
+    record do |m|
+      # Set the file extension to use for templates
+      ext = (File.exist?('vendor/plugins/haml')) ? 'haml' : 'html.erb'
+
+      # Models
+      dir = 'app/models'
+      m.template File.join(dir, file = 'user.rb'), File.join(dir, file)
+
+      # Views
+      dir = 'app/views/account'
+      m.directory dir
+      m.template File.join(dir, file = "login.#{ext}"), File.join(dir, file)
+
+      dir = 'app/views/user'
+      m.directory dir
+      m.template File.join(dir, file = "_form.#{ext}"), File.join(dir, file)
+      m.template File.join(dir, file = "edit.#{ext}"),  File.join(dir, file)
+      m.template File.join(dir, file = "show.#{ext}"),  File.join(dir, file)
+      m.template File.join(dir, file = "new.#{ext}"),   File.join(dir, file)
+
+      # Layouts
+      dir = 'app/views/layouts'
+      m.template File.join(dir, file = "application.#{ext}"), File.join(dir, file)
+
+      # Helpers
+      dir = 'app/helpers'
+      m.template File.join(dir, file = 'account_helper.rb'), File.join(dir, file)
+      m.template File.join(dir, file = 'user_helper.rb'),    File.join(dir, file)
+
+      # Controllers
+      dir = 'app/controllers'
+      m.template File.join(dir, file = 'account_controller.rb'), File.join(dir, file)
+      m.template File.join(dir, file = 'user_controller.rb'),    File.join(dir, file)
+      m.template File.join(dir, file = 'application.rb'),        File.join(dir, file)
+
+      # Libraries
+      dir = 'lib'
+      m.template File.join(dir, file = 'authentication_system.rb'),  File.join(dir, file)
+
+      # Routes
+      dir = 'config'
+      m.template File.join(dir, file = 'routes.rb'), File.join(dir, file)
+
+      # Migrations
+      dir = 'db/migrate'
+      m.directory dir
+      m.migration_template File.join(dir, file = 'create_users.rb'), dir, :migration_file_name => file.sub(/\.rb$/, '')
+
+      # Test Helpers
+      dir = 'test'
+      m.template File.join(dir, file = 'test_helper.rb'), File.join(dir, file)
+
+      # Fixtures
+      dir = 'test/fixtures'
+      m.template File.join(dir, file = 'users.yml'), File.join(dir, file)
+
+      # Functional Tests
+      dir = 'test/functional'
+      m.template File.join(dir, file = 'account_controller_test.rb'), File.join(dir, file)
+      m.template File.join(dir, file = 'user_controller_test.rb'),    File.join(dir, file)
+
+      # Unit Tests
+      dir = 'test/unit'
+      m.template File.join(dir, file = 'user_test.rb'), File.join(dir, file)
+    end
+  end
+end

data/lib/boilerplate_generator/version.rb

@@ -0,0 +1,9 @@
+module BoilerplateGenerator #:nodoc:
+  module VERSION #:nodoc:
+    MAJOR = 0
+    MINOR = 0
+    TINY  = 1
+
+    STRING = [MAJOR, MINOR, TINY].join('.')
+  end
+end

data/templates/app/controllers/account_controller.rb

@@ -0,0 +1,19 @@
+class AccountController < ApplicationController
+  def login
+    if request.post?
+      if self.current_user = User.authenticate(params[:login], params[:password])
+        remember_current_user if params[:remember_me] == '1'
+        redirect_back_or_to user_url
+      else
+        flash[:error] = 'Invalid user/password combination'
+        redirect_to login_path
+      end
+    end
+  end
+
+  def logout
+    logout_current_user!
+    flash[:notice] = 'You have been logged out'
+    redirect_to login_path
+  end
+end

data/templates/app/controllers/application.rb

@@ -0,0 +1,6 @@
+class ApplicationController < ActionController::Base
+  include AuthenticationSystem
+  before_filter :authenticate_with_cookies
+
+  helper :all
+end

data/templates/app/controllers/user_controller.rb

@@ -0,0 +1,34 @@
+class UserController < ApplicationController
+  before_filter :authenticate, :except => [:new, :create]
+
+  def show
+    @user = current_user
+  end
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(params[:user])
+    if @user.save
+      self.current_user = @user
+      flash[:notice] = 'Thanks for signing up!'
+      redirect_to root_url
+    else
+      render :action => 'new'
+    end
+  end
+
+  def edit
+    @user = current_user
+  end
+
+  def update
+    @user = current_user
+    if @user.update_attributes(params[:user])
+      flash[:notice] = 'Account information updated'
+      redirect_to edit_user_url
+    end
+  end
+end

data/templates/app/helpers/account_helper.rb

@@ -0,0 +1,2 @@
+module AccountHelper
+end

data/templates/app/helpers/user_helper.rb

@@ -0,0 +1,2 @@
+module UserHelper
+end

data/templates/app/models/user.rb

@@ -0,0 +1,71 @@
+require 'digest/sha1'
+
+class User < ActiveRecord::Base
+  attr_accessor  :password
+
+  validates_presence_of     :login
+  validates_length_of       :login, :within => 3..40
+  validates_uniqueness_of   :login, :case_sensitive => false
+  validates_format_of       :login, :with => /^[\w-]+$/i, :message => 'cannot contain spaces or special characters'
+
+  validates_presence_of     :email
+  validates_format_of       :email, :with => /^[^@][\w.-]*@[\w.-]+[.][a-z]{2,4}$/i
+
+  validates_presence_of     :password,                   :if => :password_required?
+  validates_length_of       :password, :within => 4..40, :if => :password_required?
+  validates_presence_of     :password_confirmation,      :if => :password_required?
+  validates_confirmation_of :password,                   :if => :password_required?
+
+  validates_acceptance_of   :terms_of_service
+
+  before_save :hash_password
+
+  attr_protected :hashed_password, :remember_token, :remember_token_expires_at
+
+  def self.authenticate(login, password)
+    user = find_by_login(login)
+    return user if user && user.authenticated?(password)
+  end
+
+  def authenticated?(password)
+    hashed_password == encrypt(password)
+  end
+
+  def remember
+    remember_for 2.weeks
+  end
+
+  def remember_for(time)
+    remember_until time.from_now.utc
+  end
+
+  def remember_until(time)
+    self.remember_token_expires_at = time
+    self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
+    save
+  end
+
+  def forget
+    self.remember_token_expires_at = nil
+    self.remember_token = nil
+    save
+  end
+
+  def to_s
+    login
+  end
+
+  protected
+    def hash_password
+      return if password.blank?
+      self.hashed_password = encrypt(password)
+    end
+
+    def password_required?
+      hashed_password.blank? || !password.blank?
+    end
+
+    def encrypt(string)
+      Digest::SHA1.hexdigest(string)
+    end
+end

data/templates/app/views/account/login.haml

@@ -0,0 +1,16 @@
+%h1 Login
+
+- form_tag do
+  %fieldset
+    %p
+      Login:<br />
+      = text_field_tag :login
+    %p
+      Password:<br />
+      = password_field_tag :password
+    %p
+      = "#{check_box_tag :remember_me} Remember me for 2 weeks"
+    %p
+      = submit_tag 'Login'
+
+%h2= "Don't have an account? You should #{link_to 'Sign up!', new_user_url}"

data/templates/app/views/account/login.html.erb

@@ -0,0 +1,17 @@
+<h1>Login</h1>
+
+<%% form_tag do -%>
+<fieldset>
+  <p><label for="login">Login:</label><br />
+  <%%= text_field_tag :login %></p> 
+
+  <p><label for="password">Password:</label><br />
+  <%%= password_field_tag :password %></p> 
+
+  <p><label><%%= check_box_tag :remember_me %> Remember me for 2 weeks</label></p>
+
+  <p><%%= submit_tag 'Login' %></p> 
+</fieldset>
+<%% end -%> 
+
+<h2>Don't have an account? You should <%%= link_to 'Sign up!', new_user_url %></h2>

data/templates/app/views/layouts/application.haml

@@ -0,0 +1,11 @@
+!!!
+%html
+  %head
+    %title= controller.controller_name.capitalize
+    %meta{'http-equiv' => 'Content-Type', 'content' => 'text/html; charset=utf-8'}/
+    = javascript_include_tag :defaults
+  %body
+    #container
+      #content
+        = [:notice, :error].collect {|k| content_tag(:div, flash[k], :class => "flash #{k}") if flash[k] }.join
+        = yield

data/templates/app/views/layouts/application.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html>
+  <head>
+    <title><%%= controller.controller_name.capitalize %></title>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+    <%%= javascript_include_tag :defaults %>
+  </head>
+
+  <body>
+    <div id="container">
+      <div id="content">
+        <%%= [:notice, :error].collect {|k| content_tag(:div, flash[k], :class => "flash #{k}") if flash[k] }.join %>
+        <%%= yield %>
+      </div>
+    </div>
+  </body>
+</html>

data/templates/app/views/user/_form.haml

@@ -0,0 +1,17 @@
+= error_messages_for 'user'
+
+%p
+  Login:<br />
+  = text_field :user, :login
+
+%p
+  Email:<br />
+  = text_field :user, :email
+
+%p
+  Password:<br />
+  = password_field :user, :password
+
+%p
+  Password confirmation:<br />
+  = password_field :user, :password_confirmation

data/templates/app/views/user/_form.html.erb

@@ -0,0 +1,13 @@
+<%%= error_messages_for 'user' %>
+
+<p><label>Login:</label><br />
+<%%= text_field :user, :login %></p>
+
+<p><label>Email:</label><br />
+<%%= text_field :user, :email %></p>
+
+<p><label>Password:</label><br />
+<%%= password_field :user, :password %></p>
+
+<p><label>Password confirmation:</label><br />
+<%%= password_field :user, :password_confirmation %></p>

data/templates/app/views/user/edit.haml

@@ -0,0 +1,7 @@
+%h1 Edit your account details
+
+- form_tag user_path, :method => :put do
+  %fieldset
+    = render :partial => 'form'
+    %p
+      = submit_tag 'Save Changes'

data/templates/app/views/user/edit.html.erb

@@ -0,0 +1,8 @@
+<h1>Edit your account details</h1>
+
+<%% form_tag user_path, :method => :put do -%>
+<fieldset>
+  <%%= render :partial => 'form' %>
+  <p><%%= submit_tag 'Save Changes' %></p>
+</fieldset>
+<%% end -%>

data/templates/app/views/user/new.haml

@@ -0,0 +1,11 @@
+%h1 Signup for an account
+
+- form_tag user_path do
+  %fieldset
+    = render :partial => 'form'
+    %p
+      = "#{check_box :user, :terms_of_service} Yes, I have read and accept your #{link_to 'terms of service'}"
+    %p
+      = submit_tag 'Signup'
+
+%h2= "Already have an account? #{link_to 'Log in', login_url}"

data/templates/app/views/user/new.html.erb

@@ -0,0 +1,11 @@
+<h1>Signup for an account</h1>
+
+<%% form_tag user_path do -%>
+<fieldset>
+  <%%= render :partial => 'form' %>
+  <p><label><%%= check_box :user, :terms_of_service %> Yes, I have read and accept your</label> <%%= link_to 'terms of service', '#' %></p>
+  <p><%%= submit_tag 'Signup' %></p>
+</fieldset>
+<%% end -%>
+
+<h2>Already have an account? <%%= link_to 'Log in', login_url %></h2>

data/templates/app/views/user/show.haml

@@ -0,0 +1,4 @@
+%h1 You are logged in
+
+= link_to 'logout', logout_url
+= link_to 'edit your account information', edit_user_path

data/templates/app/views/user/show.html.erb

@@ -0,0 +1,4 @@
+<h1>You are logged in</h1>
+
+<%%= link_to 'logout', logout_url %> |
+<%%= link_to 'edit your account information', edit_user_path %>

data/templates/config/routes.rb

@@ -0,0 +1,12 @@
+ActionController::Routing::Routes.draw do |map|
+  map.root :controller => 'account', :action => 'login'
+
+  map.login  'login',  :controller => 'account', :action => 'login'
+  map.logout 'logout', :controller => 'account', :action => 'logout'
+
+  map.resource :user
+
+  # Install the default routes as the lowest priority.
+  map.connect ':controller/:action/:id'
+  map.connect ':controller/:action/:id.:format'
+end

data/templates/db/migrate/create_users.rb

@@ -0,0 +1,18 @@
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.column :login,                     :string
+      t.column :email,                     :string
+      t.column :hashed_password,           :string
+      t.column :remember_token,            :string
+      t.column :remember_token_expires_at, :datetime
+      t.column :created_at,                :datetime
+      t.column :updated_at,                :datetime
+    end
+    add_index :users, [:login, :hashed_password]
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/templates/lib/authentication_system.rb

@@ -0,0 +1,167 @@
+# Heavily influenced by xal's original login_generator (circa 2004) and
+# technoweenie's acts_as_authenticated.
+#
+# Provides a simple authentication system with support for HTTP Basic
+# Authentication and remember-me goodness via cookies. To use simply
+# mix in to ApplicationController.
+#
+# Assumes a named login route (login_url), a User model with the class
+# method `authenticate(login, password)` and the following schema:
+#
+#   create_table :users do |t|
+#     t.column :login,                     :string
+#     t.column :email,                     :string
+#     t.column :hashed_password,           :string
+#     t.column :remember_token,            :string
+#     t.column :remember_token_expires_at, :datetime
+#   end
+#
+# ---
+# Copyright (c) 2006 Jeffrey Hardy (packagethief)
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+module AuthenticationSystem
+  protected
+
+  def self.included(controller)
+    controller.helper_method :current_user, :logged_in?
+    controller.filter_parameter_logging :password
+  end
+
+  def find_current_user
+    if session[:user_id]
+      User.find_by_id(session[:user_id]) 
+    else
+      authenticate_with_http_basic {|u, p| User.authenticate(u, p) }
+    end
+  end
+
+  def current_user
+    @current_user ||= find_current_user
+  end
+
+  def current_user=(user)
+    @current_user = user.is_a?(User) ? user : nil
+    session[:user_id] = @current_user ? @current_user.id : nil
+  end
+
+  def logged_in?
+    current_user.is_a?(User)
+  end
+
+  # Filter method to enforce a login requirement
+  # Apply as a before_filter on any controller you want to protect
+  def authenticate
+    (logged_in? && authorized?) ? true : access_denied
+  end
+
+  # Filter method to login a user using a cookie
+  # Apply as a before_filter on the application controller
+  def authenticate_with_cookies
+    return if logged_in? or cookies[:auth_token].nil?
+    self.current_user = User.find_by_remember_token(cookies[:auth_token])
+  end
+
+  # Overwrite in idividual controllers to control authorization
+  def authorized?
+    true
+  end
+
+  # Overwrite in idividual controllers to customize the flash message shown when authorization fails
+  def unauthorized_message
+    "Please login first and we'll send you right along"
+  end
+
+  # Sets the appropriate cookies to remember the current user
+  def remember_current_user
+    if logged_in?
+      current_user.remember
+      cookies[:auth_token] = { :value => current_user.remember_token, :expires => current_user.remember_token_expires_at }
+    end
+  end
+
+  # Logs out the current user by removing the session, cookie, and any HTTP auth data
+  def logout_current_user!
+    current_user.forget rescue nil
+    cookies.delete :auth_token
+    self.current_user = nil
+    request.env['HTTP_AUTHORIZATION'] = nil
+  end
+
+  def access_denied
+    respond_to do |format|
+      format.html do
+        store_location
+        flash[:notice] = unauthorized_message
+        redirect_to login_url
+      end
+      format.xml do
+        headers['Status'] = 'Unauthorized'
+        headers['WWW-Authenticate'] = 'Basic realm="Application"'
+        render :text => "401 Unauthorized\n", :status => :unauthorized
+      end
+    end
+    false
+  end
+
+  def store_location
+    session[:return_to] = request.request_uri
+  end
+
+  def redirect_back_or_to(options)
+    session[:return_to] ? redirect_to(session[:return_to]) : redirect_to(options)
+    session[:return_to] = nil
+  end
+
+  # Inspired by DHH's http_authentication plugin
+  # See http://dev.rubyonrails.org/svn/rails/plugins/http_authentication
+  def authenticate_with_http_basic(&login_procedure)
+    if authorization = request.env['HTTP_AUTHORIZATION'] || request.env['X-HTTP_AUTHORIZATION']
+      login_procedure.call(*Base64.decode64(authorization.split.last).split(/:/, 2)) 
+    end
+  end
+
+  # Helpers to make testing the functionality provided by this library
+  # easier. Include AuthenticationSystem::TestHelpers in RAILS_ROOT/test/test_helper.rb
+  module TestHelpers
+    def login_as(user)
+      @request.session[:user_id] = users(user.to_sym).id
+    end
+
+    def authenticate_as(login, password)
+      @request.env['HTTP_ACCEPT'] = @request.env['Content-Type'] = 'text/xml'
+      @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64.encode64("#{login}:#{password}")}"
+    end
+
+    def logout!
+      @request.session[:user_id] = nil
+      @controller.instance_variable_set('@current_user', nil)
+      @request.env['HTTP_AUTHORIZATION'] = nil
+    end
+
+    def auth_token(token)
+      CGI::Cookie.new('name' => 'auth_token', 'value' => token)
+    end
+
+    def cookie_for(user)
+      auth_token(users(user).remember_token)
+    end
+  end
+end

data/templates/test/fixtures/users.yml

@@ -0,0 +1,15 @@
+eugene:
+  id:              1
+  login:           'eugene'
+  email:           'eugene@example.com'
+  hashed_password: 'e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4' # => secret
+  created_at:      <%%= Time.now.to_s :db %>
+  updated_at:      <%%= Time.now.to_s :db %>
+
+arthur:
+  id:              2
+  login:           'arthur'
+  email:           'arthur@example.com'
+  hashed_password: 'e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4' # => secret
+  created_at:      <%%= Time.now.to_s :db %>
+  updated_at:      <%%= Time.now.to_s :db %>

data/templates/test/functional/account_controller_test.rb

@@ -0,0 +1,77 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'account_controller'
+
+# Re-raise errors caught by the controller.
+class AccountController; def rescue_action(e) raise e end; end
+
+class AccountControllerTest < Test::Unit::TestCase
+  fixtures :users
+
+  def setup
+    @controller = AccountController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  def test_should_login_user_and_redirect
+    post :login, :login => 'eugene', :password => 'secret'
+    assert @controller.send(:logged_in?)
+    assert session[:user_id]
+    assert_response :redirect
+  end
+
+  def test_should_not_login_invalid_user
+    post :login, :login => 'eugene', :password => 'bad password'
+    assert !@controller.send(:logged_in?)
+    assert_nil session[:user_id]
+    assert flash[:error]
+    assert_response :redirect
+  end
+
+  def test_should_logout_and_redirect
+    login_as :eugene
+    get :logout
+    assert_nil session[:user_id]
+    assert flash[:notice]
+    assert_response :redirect
+  end
+
+  def test_should_remember_login_if_remember_me_is_set
+    post :login, :login => 'eugene', :password => 'secret', :remember_me => "1"
+    assert @controller.send(:logged_in?)
+    assert_not_nil @response.cookies["auth_token"]
+  end
+
+  def test_should_not_remember_login_if_remember_me_is_not_set
+    post :login, :login => 'eugene', :password => 'secret', :remember_me => "0"
+    assert_nil @response.cookies["auth_token"]
+  end
+
+  def test_should_delete_token_on_logout
+    login_as :eugene
+    get :logout
+    assert_equal @response.cookies['auth_token'], []
+  end
+
+  def test_should_login_automatically_from_cookie
+    users(:eugene).remember
+    @request.cookies['auth_token'] = cookie_for(:eugene)
+    get :login
+    assert @controller.send(:logged_in?)
+  end
+
+  def test_should_fail_cookie_login_with_expired_cookie
+    users(:eugene).remember
+    users(:eugene).update_attribute :remember_token_expires_at, 5.minutes.ago.utc
+    @request.cookies['auth_token'] = cookie_for(:eugene)
+    get :login
+    assert_equal false, !@controller.send(:logged_in?)
+  end
+
+  def test_should_fail_cookie_login_with_invalid_cookie
+    users(:eugene).remember
+    @request.cookies['auth_token'] = auth_token('invalid_auth_token')
+    get :login
+    assert !@controller.send(:logged_in?)
+  end
+end

data/templates/test/functional/user_controller_test.rb

@@ -0,0 +1,119 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'user_controller'
+
+# Re-raise errors caught by the controller.
+class UserController; def rescue_action(e) raise e end; end
+
+class UserControllerTest < Test::Unit::TestCase
+  fixtures :users
+
+  def setup
+    @controller = UserController.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+  end
+
+  def test_should_create_user
+    assert_difference 'User.count' do
+      post :create, :user => valid_user
+      assert assigns(:user)
+      assert flash[:notice]
+      assert_response :redirect
+    end
+  end
+
+  def test_should_require_login_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:login => nil)
+      assert assigns(:user).errors.on(:login)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_unique_login_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:login => 'eugene')
+      assert assigns(:user).errors.on(:login)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:password => nil)
+      assert assigns(:user).errors.on(:password)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_confirmation_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:password_confirmation => nil)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_email_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:email => nil)
+      assert assigns(:user).errors.on(:email)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_valid_email_on_create
+    assert_no_difference 'User.count' do
+      post :create, :user => valid_user(:email => 'invalid@')
+      assert assigns(:user).errors.on(:email)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_authentication_for_show
+    get :show
+    assert_redirected_to login_url
+
+    @request.env['HTTP_ACCEPT'] = @request.env['Content-Type'] = 'text/xml'
+    get :show
+    assert_response :unauthorized
+  end
+
+  def test_should_require_authentication_for_edit
+    get :edit
+    assert_redirected_to login_url
+
+    @request.env['HTTP_ACCEPT'] = @request.env['Content-Type'] = 'text/xml'
+    get :edit
+    assert_response :unauthorized
+  end
+
+  def test_should_require_authentication_for_update
+    post :update
+    assert_redirected_to login_url
+
+    @request.env['HTTP_ACCEPT'] = @request.env['Content-Type'] = 'text/xml'
+    post :update
+    assert_response :unauthorized
+  end
+
+  def test_should_accept_http_basic_authentication
+    login_as('eugene')
+    get :edit
+    assert_response :success
+
+    logout!
+
+    # HTTP_AUTH
+    authenticate_as('eugene', 'secret')
+    get :edit
+    assert_response :success
+  end
+
+  protected
+    def valid_user(overrides = {})
+      { :login => 'rusty',
+        :email => 'rusty@example.com',
+        :password => 'secret',
+        :password_confirmation => 'secret' }.merge(overrides)
+    end
+end

data/templates/test/test_helper.rb

@@ -0,0 +1,37 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path(File.dirname(__FILE__) + "/../config/environment")
+require 'test_help'
+
+class Test::Unit::TestCase
+  # Transactional fixtures accelerate your tests by wrapping each test method
+  # in a transaction that's rolled back on completion.  This ensures that the
+  # test database remains unchanged so your fixtures don't have to be reloaded
+  # between every test method.  Fewer database queries means faster tests.
+  #
+  # Read Mike Clark's excellent walkthrough at
+  #   http://clarkware.com/cgi/blosxom/2005/10/24#Rails10FastTesting
+  #
+  # Every Active Record database supports transactions except MyISAM tables
+  # in MySQL.  Turn off transactional fixtures in this case; however, if you
+  # don't care one way or the other, switching from MyISAM to InnoDB tables
+  # is recommended.
+  self.use_transactional_fixtures = true
+
+  # Instantiated fixtures are slow, but give you @david where otherwise you
+  # would need people(:david).  If you don't want to migrate your existing
+  # test cases which use the @david style and don't mind the speed hit (each
+  # instantiated fixtures translates to a database query per test method),
+  # then set this back to true.
+  self.use_instantiated_fixtures  = false
+
+  # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order.
+  # If you need to control the loading order (due to foreign key constraints etc), you'll
+  # need to change this line to explicitly name the order you desire.
+  #
+  # Note: You'll currently still have to declare fixtures explicitly in integration tests
+  # -- they do not yet inherent this setting
+  #fixtures :all
+
+  # Mixin the helpers provided by the authentication library
+  include AuthenticationSystem::TestHelpers
+end

data/templates/test/unit/user_test.rb

@@ -0,0 +1,116 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < Test::Unit::TestCase
+  fixtures :users
+
+  def test_should_create_user
+    assert_difference 'User.count' do
+      user = User.create(valid_user)
+      assert !user.new_record?, "#{user.errors.full_messages.to_sentence}"
+    end
+  end
+
+  def test_should_update_user
+    u = users(:eugene)
+    attributes = {
+      :login => 'eugene_smith',
+      :email => 'eugene.smith@example.com',
+      :password => 'terces',
+      :password_confirmation => 'terces'
+    }
+    assert u.update_attributes(attributes), u.errors.full_messages
+  end
+
+  def test_should_destroy_user
+    assert_difference 'User.count', -1 do
+      User.find(:first).destroy
+    end
+  end
+
+  def test_should_accept_valid_emails
+    %w(user@example.com user@example.co.uk ab@cd.ef 1@example.ca john.q@example.com john_q-pub.lic@ex-ample.co.uk 8375309@90210.org).each do |email|
+      assert_valid User.new(valid_user(:email => email))
+    end
+  end
+
+  def test_should_not_allow_invalid_emails
+    user = User.new(valid_user)
+    
+    %w(@foo.bar foo@ foo@bar @).each do |email|
+      user.email = email
+      assert !user.valid?
+      assert user.errors.on(:email)
+    end
+  end
+
+  def test_should_not_allow_spaces_or_dots_in_login
+    user = User.new(valid_user)
+    
+    ['foo.bar', 'foo bar'].each do |login|
+      user.login = login
+      assert !user.valid?
+      assert user.errors.on(:login)
+    end
+  end
+
+  def test_should_reset_password
+    users(:eugene).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    assert_equal users(:eugene), User.authenticate('eugene', 'new password')
+  end
+
+  def test_should_not_rehash_password_when_unchanged
+    users(:eugene).update_attributes(:login => 'enegue')
+    assert_equal users(:eugene), User.authenticate('enegue', 'secret')
+  end
+
+  def test_should_authenticate_user
+    assert_equal users(:eugene), User.authenticate('eugene', 'secret')
+  end
+
+  def test_should_set_remember_token
+    users(:eugene).remember
+    assert_not_nil users(:eugene).remember_token
+    assert_not_nil users(:eugene).remember_token_expires_at
+  end
+
+  def test_should_unset_remember_token
+    users(:eugene).remember
+    assert_not_nil users(:eugene).remember_token
+    users(:eugene).forget
+    assert_nil users(:eugene).remember_token
+  end
+
+  def test_should_remember_login_for_one_week
+    before = 1.week.from_now.utc
+    users(:eugene).remember_for 1.week
+    after = 1.week.from_now.utc
+    assert_not_nil users(:eugene).remember_token
+    assert_not_nil users(:eugene).remember_token_expires_at
+    assert users(:eugene).remember_token_expires_at.between?(before, after)
+  end
+
+  def test_should_remember_login_until_one_week_from_now
+    time = 1.week.from_now.utc
+    users(:eugene).remember_until time
+    assert_not_nil users(:eugene).remember_token
+    assert_not_nil users(:eugene).remember_token_expires_at
+    assert_equal users(:eugene).remember_token_expires_at, time
+  end
+
+  def test_should_remember_login_for_default_two_weeks
+    before = 2.weeks.from_now.utc
+    users(:eugene).remember
+    after = 2.weeks.from_now.utc
+    assert_not_nil users(:eugene).remember_token
+    assert_not_nil users(:eugene).remember_token_expires_at
+    assert users(:eugene).remember_token_expires_at.between?(before, after)
+  end
+
+  protected
+    def valid_user(overrides={})
+      { :login => 'rusty',
+        :email => 'rusty@example.com',
+        :password => 'secret',
+        :password_confirmation => 'secret' }.merge(overrides)
+    end
+end

metadata

@@ -0,0 +1,77 @@
+--- !ruby/object:Gem::Specification 
+rubygems_version: 0.9.2
+specification_version: 1
+name: boilerplate_generator
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+date: 2007-05-08 00:00:00 -04:00
+summary: Boilerplate is a generator for new Rails projects
+require_paths: 
+- lib
+email: packagethief@gmail.com
+homepage: http://boilerplate.rubyforge.org
+rubyforge_project: boilerplate
+description: Boilerplate is a generator for new Rails projects
+autorequire: 
+default_executable: 
+bindir: bin
+has_rdoc: true
+required_ruby_version: !ruby/object:Gem::Version::Requirement 
+  requirements: 
+  - - ">"
+    - !ruby/object:Gem::Version 
+      version: 0.0.0
+  version: 
+platform: ruby
+signing_key: 
+cert_chain: 
+post_install_message: 
+authors: 
+- Jeffrey Hardy (packagethief)
+files: 
+- History.txt
+- Manifest.txt
+- README.txt
+- USAGE
+- boilerplate_generator.rb
+- lib/boilerplate_generator/version.rb
+- templates/app/controllers/account_controller.rb
+- templates/app/controllers/application.rb
+- templates/app/controllers/user_controller.rb
+- templates/app/helpers/account_helper.rb
+- templates/app/helpers/user_helper.rb
+- templates/app/models/user.rb
+- templates/app/views/account/login.haml
+- templates/app/views/account/login.html.erb
+- templates/app/views/layouts/application.haml
+- templates/app/views/layouts/application.html.erb
+- templates/app/views/user/_form.haml
+- templates/app/views/user/_form.html.erb
+- templates/app/views/user/edit.haml
+- templates/app/views/user/edit.html.erb
+- templates/app/views/user/new.haml
+- templates/app/views/user/new.html.erb
+- templates/app/views/user/show.haml
+- templates/app/views/user/show.html.erb
+- templates/config/routes.rb
+- templates/db/migrate/create_users.rb
+- templates/lib/authentication_system.rb
+- templates/test/fixtures/users.yml
+- templates/test/functional/account_controller_test.rb
+- templates/test/functional/user_controller_test.rb
+- templates/test/test_helper.rb
+- templates/test/unit/user_test.rb
+test_files: []
+
+rdoc_options: []
+
+extra_rdoc_files: []
+
+executables: []
+
+extensions: []
+
+requirements: []
+
+dependencies: []
+