cadenero 0.0.2.a → 0.0.2.a1

data/README.md

@@ -18,19 +18,56 @@ Authentication Engine for Rails.API multitenant RESTful APIs based on Warden. It
 ### Why Cadenero?
 **"Cadenero"** is the spanish word for ["Bouncer (doorman)"](http://en.wikipedia.org/wiki/Bouncer_(doorman\)). The main function of **Cadenero** is to be a resource for authenticating consumers of the services that the API provides. As the real bouncers, **Cadenero** aims to provide security, check authorized access, to refuse entry for intoxication, aggressive behavior or non-compliance with statutory or establishment rules. 
 
+### Inatalling **Cadenero**
+Generate first your Rails.API app as usual using:
+```
+> rails-api new your_app --skip-test-unit
+```
+In the `Gemfile` add the following lines:
+```ruby
+gem 'cadenero', '~> 0.0.2.a1'
+gem 'pg'
+```
+In the `config/database.yml` replace the `sqlite3` adapter for `postgresql` as follow:
+```
+development:
+  adapter: postgresql
+  database: your_app_development 
+  min_messages: warning
+
+test:
+  adapter: postgresql
+  database: your_app_test 
+  min_messages: warning
+```
+
+Then run bundle, create the databases and the generator:
+```
+> bundle install; rake db:create; rails-api g cadenero:install
+```
+Finally run the server:
+```
+rails-api s
+```
+
+Check that you can access the API using the default account `www` and user `testy@example.com` with password `changeme˜ for that you can use [cURL](http://curl.haxx.se/) or [RESTClient](http://restclient.net/)
+
+Then have fun!
+
 ### Access Points
 **Cadenero** creates the following versioned routes for exposing the authentication RESTful API
 
 ```
-   v1_users_new GET  /v1/users/new(.:format) cadenero/v1/users#new
-        v1_root      /v1(.:format)           cadenero/v1/account/dashboard#index
-     v1_sign_in GET  /v1/sign_in(.:format)   cadenero/v1/account/sessions#new
-    v1_sessions POST /v1/sign_in(.:format)   cadenero/v1/account/sessions#create
-v1_user_sign_up GET  /v1/sign_up(.:format)   cadenero/v1/account/users#new
-v1_user_sign_up POST /v1/sign_up(.:format)   cadenero/v1/account/users#create
-     v1_sign_up GET  /v1/sign_up(.:format)   cadenero/v1/accounts#new
-    v1_accounts POST /v1/accounts(.:format)  cadenero/v1/accounts#create
-        v1_root      /v1(.:format)           cadenero/v1/dashboard#index
+    v1_root        /v1(.:format)          cadenero/v1/account/dashboard#index {:default=>:json}
+v1_sessions POST   /v1/sessions(.:format) cadenero/v1/account/sessions#create {:default=>:json}
+            DELETE /v1/sessions(.:format) cadenero/v1/account/sessions#delete {:default=>:json}
+   v1_users POST   /v1/users(.:format)    cadenero/v1/account/users#create {:default=>:json}
+v1_accounts POST   /v1/accounts(.:format) cadenero/v1/accounts#create {:default=>:json}
+       root        /                      cadenero/v1/account/dashboard#index {:default=>:json}
+```
+You can check then running:
+```
+rake routes
 ```
 
 ### The Cadenero Task List

data/app/controllers/cadenero/v1/account/dashboard_controller.rb

@@ -5,7 +5,7 @@ module Cadenero
     before_filter :authenticate_user!
 
     def index
-      
+      render json: {message: "Welcome #{current_user.email}"}, status: 201
     end
   end
 end

data/app/controllers/cadenero/v1/account/sessions_controller.rb

@@ -0,0 +1,27 @@
+require_dependency "cadenero/application_controller"
+
+module Cadenero::V1
+  class Account::SessionsController < Cadenero::ApplicationController
+    def create
+      Rails.logger.info "params: #{params}"
+      if env['warden'].authenticate(:password, :scope => :user)
+        render json: current_user, status: 201
+      else
+        render json: {errors: {user:["Invalid email or password"]}}, status: 422
+      end
+    end
+    def delete
+      user = Cadenero::User.find_by_id(params[:id])
+      Rails.logger.info "id: #{params[:id]}"
+      Rails.logger.info "user: #{user.to_json}"
+      Rails.logger.info "current_user.id: #{current_user}"
+      Rails.logger.info "user_signed_in?: #{user_signed_in?}"
+      if user_signed_in? 
+        env['warden'].logout(:user)
+        render json: {message: "Successful logout"}, status: 201
+      else
+        render json: {message: "Unsuccessful logout user with id"}, status: 401
+      end
+    end
+  end
+end

data/app/controllers/cadenero/v1/accounts_controller.rb

@@ -3,6 +3,10 @@ require_dependency "cadenero/application_controller"
 module Cadenero
   module V1
     class AccountsController < Cadenero::ApplicationController
+      def new
+        errors = %Q{Please sign up. posting the account json data as {account: { name: "Testy", subdomain: "test", owner_attributes: {email: "testy@example.com", password: "changeme", password_confirmation: "changeme"} }} to /v1/accounts/sign_up}
+        render json: {errors: errors, links: "/v1/accounts/sign_up"}, status: 422
+      end
       def create
         @account = Cadenero::V1::Account.create_with_owner(params[:account])
         if @account.valid?

data/app/extenders/controllers/application_controller_decorator.rb

@@ -23,7 +23,7 @@
     if user_signed_in?
       @current_user ||= begin
         user_id = env['warden'].user(:scope => :user)
-        Cadenero::User.find(user_id)
+        Cadenero::User.find_by_id(user_id)
       end
     end
   end
@@ -35,9 +35,10 @@
 
 # it the user is not authenticated returns a 422 and an informative error with the link for sign
   def authenticate_user!
+    Rails.logger.info "env['warden'].authenticated?(:user): #{env['warden'].authenticated?(:user)}"
     unless user_signed_in?
-      errors = "Please sign in. posting the user json credentials to /v1/sign_in"
-      render json: {errors: errors, links: "/v1/sign_in"}, status: 422
+      errors = %Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} to /v1/sessions}
+      render json: {errors: errors, links: "/v1/sessions"}, status: 422
     end
   end
 

data/app/serializers/cadenero/user_serializer.rb

@@ -4,5 +4,6 @@ module Cadenero
     attributes :id, :email
     has_many :members, :class_name => "Cadenero::Member"
     has_many :accounts, :through => :members
+
   end
 end

data/config/initializers/warden/strategies/password.rb

@@ -3,18 +3,27 @@ Warden::Strategies.add(:password) do
     ActionDispatch::Http::URL.extract_subdomains(request.host, 1)
   end
 
+  def json_params
+    unless params.empty?
+      params
+    else
+      @json ||= env['rack.input'].gets
+      JSON.parse(@json)
+    end
+  end
+
   def valid?
-    subdomain.present? && params["user"]
+    subdomain.present? && json_params["user"]
   end
   
   def authenticate!
     account = Cadenero::V1::Account.find_by_subdomain(subdomain)
     if account
-      u = account.users.find_by_email(params["user"]["email"])
-      if u.nil?
+      u = account.users.find_by_email(json_params["user"]["email"])
+      if u.nil? || u.blank?
         fail!
       else
-        u.authenticate(params["user"]["password"]) ? success!(u) : fail!
+        u.authenticate(json_params["user"]["password"]) ? success!(u) : fail!
       end
     else
       fail!

data/config/initializers/warden.rb

@@ -1,3 +1,4 @@
 Rails.application.config.middleware.use Warden::Manager do |manager|
+  manager.failure_app = Cadenero::V1::Account::DashboardController.action(:index)
   manager.default_strategies :password
 end

data/config/routes.rb

@@ -2,23 +2,18 @@ require 'cadenero/constraints/subdomain_required'
 
 Cadenero::Engine.routes.draw do
   namespace :v1 do
-    get "users/new"
-
     constraints(Cadenero::Constraints::SubdomainRequired) do
       scope :module => "account" do
-        root :to => "dashboard#index"
-        get '/sign_in', :to => "sessions#new"
-        post '/sign_in', :to => "sessions#create", :as => :sessions
-        get '/sign_up', :to => "users#new", :as => :user_sign_up
-        post '/sign_up', :to => "users#create", :as => :user_sign_up
+        root :to => "dashboard#index", default: :json
+        post '/sessions', :to => "sessions#create", default: :json
+        delete '/sessions', :to => "sessions#delete", default: :json
+        post '/users', :to => "users#create", default: :json
       end
     end
-    get '/sign_up', :to => "accounts#new", :as => :sign_up
-    post '/accounts', :to => "accounts#create", :as => :accounts
-
-    root :to => "dashboard#index"
+    post '/accounts', :to => "accounts#create", :as => :accounts, default: :json
 
   end
+  root :to => "v1/account/dashboard#index", default: :json
   # post '/v1/accounts', :to => "v1/accounts#create", :as => :accounts
 
 end

data/db/seeds.rb

@@ -1,2 +1,8 @@
-user = Cadenero::User.create(email: "testy@example.com", password: "changeme", password_confirmation: "changeme")
-Cadenero::V1::Account.create(name: 'Root Account for the Site', subdomain: 'www', owner: user)
+@account = Cadenero::V1::Account.create!(name: Cadenero.default_account_name, 
+                              subdomain: Cadenero.default_account_subdomain, 
+                              owner: Cadenero::User.create!(email: Cadenero.default_user_email,
+                                                            password: Cadenero.default_user_password, 
+                                                            password_confirmation: Cadenero.default_user_password))
+
+@account.create_schema
+@account.ensure_authentication_token!

data/lib/cadenero/engine.rb

@@ -1,5 +1,6 @@
 require 'warden'
 module Cadenero
+  
   class Engine < ::Rails::Engine
     isolate_namespace Cadenero
     config.middleware.use Warden::Manager do |manager|

data/lib/cadenero/version.rb

@@ -1,3 +1,3 @@
 module Cadenero
-  VERSION = "0.0.2.a"
+  VERSION = "0.0.2.a1"
 end

data/lib/cadenero.rb

@@ -26,4 +26,29 @@ require 'warden'
 require 'apartment'
 
 module Cadenero
+  mattr_accessor  :base_path, 
+                  :user_class, 
+                  :default_account_name, 
+                  :default_account_subdomain, 
+                  :default_user_email, 
+                  :default_user_password 
+
+  class << self
+    def base_path
+      @@base_path ||= Rails.application.routes.named_routes[:cadenero].path
+    end
+
+    def user_class
+      if @@user_class.is_a?(Class)
+        raise "You can no longer set Cadenero.user_class to be a class. Please use a string instead."
+      elsif @@user_class.is_a?(String)
+        begin
+          Object.const_get(@@user_class)
+        rescue NameError
+          @@user_class.constantize
+        end
+      end
+    end
+  end
+
 end

data/lib/generators/cadenero/install/templates/initializer.rb

@@ -1,8 +1,5 @@
 Cadenero.user_class = "<%= user_class %>"
-Cadenero.email_from_address = "please-change-me@example.com"
 # If you do not want to use gravatar for avatars then specify the method to use here:
-# Cadenero.avatar_user_method = :custom_avatar_url
-#Cadenero.per_page = <%= Cadenero.per_page.inspect %>
 
 
 # Rails.application.config.to_prepare do

data/lib/generators/cadenero/install_generator.rb

@@ -1,8 +1,12 @@
 require 'rails/generators'
 module Cadenero
   module Generators
-    class InstallGenerator < Rails::Generators::Base
+    class InstallGenerator < Rails::Generators::Base 
       class_option "user-class", :type => :string
+      class_option "default-account-name", :type => :string
+      class_option "default-account-subdomain", :type => :string
+      class_option "default-user-email", :type => :string
+      class_option "default-user-password", :type => :string
       class_option "no-migrate", :type => :boolean
       class_option "current-user-helper", :type => :string
 
@@ -18,13 +22,13 @@ module Cadenero
 
       def determine_user_class
         @user_class = options["user-class"].presence ||
-                      ask("What is your user class called? [User]").presence ||
+                      ask("What will be the name for your user class? [User]").presence ||
                       'User'
       end
 
       def determine_current_user_helper
         current_user_helper = options["current-user-helper"].presence ||
-                              ask("What is the current_user helper called in your app? [current_user]").presence ||
+                              ask("What will be the current_user helper called in your app? [current_user]").presence ||
                               :current_user
 
         puts "Defining cadenero_user method inside ApplicationController..."
@@ -43,6 +47,30 @@ module Cadenero
 
       end
 
+      def determine_default_account_name
+        Cadenero.default_account_name = options["default-account-name"].presence ||
+                      ask("What will be the name for the default account? [Root Account]").presence ||
+                      'Root Account'
+      end
+
+      def determine_default_account_subdomain
+        Cadenero.default_account_subdomain = options["default-account-subdomain"].presence ||
+                      ask("What will be the subdomain for the default account? [www]").presence ||
+                      'www'
+      end
+
+      def determine_default_user_email
+        Cadenero.default_user_email = options["default-user-email"].presence ||
+                      ask("What will be the email for the default user owner of the default account? [testy@example.com]").presence ||
+                      'testy@example.com'
+      end
+
+      def determine_default_user_password 
+        Cadenero.default_user_password  = options["default-user-password "].presence ||
+                      ask("What will be the password for the default user owner of the default account? [change-me]").presence ||
+                      'change-me'
+      end
+
       def add_cadenero_initializer
         path = "#{Rails.root}/config/initializers/cadenero.rb"
         if File.exists?(path)
@@ -62,6 +90,11 @@ module Cadenero
       end
 
       def seed_database
+        puts "default_account_name: #{Cadenero.default_account_name}"
+        puts "default_account_subdomain: #{Cadenero.default_account_subdomain}"
+        puts "default_user_email: #{Cadenero.default_user_email}"
+        puts "default_user_password: #{Cadenero.default_user_password}"
+  
         load "#{Rails.root}/config/initializers/cadenero.rb"
         unless options["no-migrate"]
           puts "Creating default cadenero account and owner"
@@ -73,10 +106,11 @@ module Cadenero
         puts "Mounting Cadenero::Engine at \"/\" in config/routes.rb..."
         insert_into_file("#{Rails.root}/config/routes.rb", :after => /routes.draw.do\n/) do
           %Q{
-  # This line mounts Cadenero's routes at / by default.
+  mount Cadenero::Engine, :at => "/" # This line mounts Cadenero's routes at / by default.
   # This means, any requests to the / URL of your application will go to Cadenero::V1:Account::DashboardController#index.
   # If you would like to change where this extension is mounted, simply change the :at option to something different
   # but that is discourage, the idea is to protect the whole site
+
 }
         end
       end
@@ -88,8 +122,6 @@ module Cadenero
 Here's what happened:\n\n}
 
         output += step("Cadenero's migrations were copied over into db/migrate.\n")
-        output += step("We created a new migration called AddCadeneroAdminToTable.
-   This creates a new field called \"cadenero_admin\" on your #{user_class} model's table.\n")
         output += step("A new method called `cadenero_user` was inserted into your ApplicationController.
    This lets Cadenero know what the current user of your application is.\n")
         output += step("A new file was created at config/initializers/cadenero.rb
@@ -97,25 +129,16 @@ Here's what happened:\n\n}
 
         unless options["no-migrate"]
 output += step("`rake db:migrate` was run, running all the migrations against your database.\n")
-        output += step("Seed forum and topic were loaded into your database.\n")
+        output += step("Seed account and user were loaded into your database.\n")
         end
         output += step("The engine was mounted in your config/routes.rb file using this line:
 
    mount Cadenero::Engine, :at => \"/\"
 
-   If you want to change where the forums are located, just change the \"/forums\" path at the end of this line to whatever you want.")
+   If you want to change where the forums are located, just change the \"/\" path at the end of this line to whatever you want.")
         output += %Q{\nAnd finally:
 
 #{step("We told you that Cadenero has been successfully installed and walked you through the steps.")}}
-        unless defined?(Devise)
-          output += %Q{We have detected you're not using Devise (which is OK with us, really!), so there's one extra step you'll need to do.
-
-   You'll need to define a "sign_in_path" method for Cadenero to use that points to the sign in path for your application. You can set Cadenero.sign_in_path to a String inside config/initializers/cadenero.rb to do this, or you can define it in your config/routes.rb file with a line like this:
-
-          get '/users/sign_in', :to => "users#sign_in"
-
-   Either way, Cadenero needs one of these two things in order to work properly. Please define them!}
-        end
         output += "\nIf you have any questions, comments or issues, please post them on our issues page: http://github.com/AgilTec/cadenero/issues.\n\n"
         output += "Thanks for using Cadenero!"
         puts output

data/spec/dummy/app/controllers/application_controller.rb

@@ -1,2 +1,8 @@
 class ApplicationController < ActionController::API
+
+  def cadenero_user
+    current_user
+  end
+  helper_method :cadenero_user
+
 end

data/spec/dummy/db/seeds.rb

@@ -0,0 +1,8 @@
+@account = Cadenero::V1::Account.create!(name: 'Root Account', 
+                              subdomain: 'www', 
+                              owner: Cadenero::User.create!(email: 'testy@example.com',
+                                                            password: '12345678', 
+                                                            password_confirmation: '12345678'))
+
+@account.create_schema
+@account.ensure_authentication_token!