caleb-restful-authentication 1.1.1

data/generators/authenticated/templates/test/functional_test.rb

@@ -0,0 +1,82 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= controller_file_name %>_controller'
+
+# Re-raise errors caught by the controller.
+class <%= controller_class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= controller_class_name %>ControllerTest < ActionController::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
+  # Then, you can remove it from this and the units test.
+  include AuthenticatedTestHelper
+
+  fixtures :<%= table_name %>
+
+  def test_should_login_and_redirect
+    post :create, :<%= options[:login_field_name] -%> => 'quentin<%= "@example.com" if options[:email_as_login] -%>', :password => 'monkey'
+    assert session[:<%= file_name %>_id]
+    assert_response :redirect
+  end
+
+  def test_should_fail_login_and_not_redirect
+    post :create, :<%= options[:login_field_name] -%> => 'quentin<%= "@example.com" if options[:email_as_login] -%>', :password => 'bad password'
+    assert_nil session[:<%= file_name %>_id]
+    assert_response :success
+  end
+
+  def test_should_logout
+    login_as :quentin
+    get :destroy
+    assert_nil session[:<%= file_name %>_id]
+    assert_response :redirect
+  end
+
+  def test_should_remember_me
+    @request.cookies["auth_token"] = nil
+    post :create, :<%= options[:login_field_name] -%> => 'quentin<%= "@example.com" if options[:email_as_login] -%>', :password => 'monkey', :remember_me => "1"
+    assert_not_nil @response.cookies["auth_token"]
+  end
+
+  def test_should_not_remember_me
+    @request.cookies["auth_token"] = nil
+    post :create, :<%= options[:login_field_name] -%> => 'quentin<%= "@example.com" if options[:email_as_login] -%>', :password => 'monkey', :remember_me => "0"
+    puts @response.cookies["auth_token"]
+    assert @response.cookies["auth_token"].blank?
+  end
+  
+  def test_should_delete_token_on_logout
+    login_as :quentin
+    get :destroy
+    assert @response.cookies["auth_token"].blank?
+  end
+
+  def test_should_login_with_cookie
+    <%= table_name %>(:quentin).remember_me
+    @request.cookies["auth_token"] = cookie_for(:quentin)
+    get :new
+    assert @controller.send(:logged_in?)
+  end
+
+  def test_should_fail_expired_cookie_login
+    <%= table_name %>(:quentin).remember_me
+    <%= table_name %>(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago
+    @request.cookies["auth_token"] = cookie_for(:quentin)
+    get :new
+    assert !@controller.send(:logged_in?)
+  end
+
+  def test_should_fail_cookie_login
+    <%= table_name %>(:quentin).remember_me
+    @request.cookies["auth_token"] = auth_token('invalid_auth_token')
+    get :new
+    assert !@controller.send(:logged_in?)
+  end
+
+  protected
+    def auth_token(token)
+      CGI::Cookie.new('name' => 'auth_token', 'value' => token)
+    end
+    
+    def cookie_for(<%= file_name %>)
+      auth_token <%= table_name %>(<%= file_name %>).remember_token
+    end
+end

data/generators/authenticated/templates/test/mailer_test.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= file_name %>_mailer'
+
+class <%= class_name %>MailerTest < Test::Unit::TestCase
+  FIXTURES_PATH = File.dirname(__FILE__) + '/../fixtures'
+  CHARSET = "utf-8"
+
+  include ActionMailer::Quoting
+
+  def setup
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+
+    @expected = TMail::Mail.new
+    @expected.set_content_type "text", "plain", { "charset" => CHARSET }
+  end
+
+  def test_dummy_test
+    #do nothing
+  end
+
+  private
+    def read_fixture(action)
+      IO.readlines("#{FIXTURES_PATH}/<%= file_name %>_mailer/#{action}")
+    end
+
+    def encode(subject)
+      quoted_printable(subject, CHARSET)
+    end
+end

data/generators/authenticated/templates/test/model_functional_test.rb

@@ -0,0 +1,95 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= model_controller_file_name %>_controller'
+
+# Re-raise errors caught by the controller.
+class <%= model_controller_class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= model_controller_class_name %>ControllerTest < ActionController::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
+  # Then, you can remove it from this and the units test.
+  include AuthenticatedTestHelper
+
+  fixtures :<%= table_name %>
+
+  def test_should_allow_signup
+    assert_difference '<%= class_name %>.count' do
+      create_<%= file_name %>
+      assert_response :redirect
+    end
+  end
+
+  <% unless options[:email_as_login] -%>
+  def test_should_require_login_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:login => nil)
+      assert assigns(:<%= file_name %>).errors.on(:login)
+      assert_response :success
+    end
+  end
+  <% end -%>
+
+  def test_should_require_password_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_confirmation_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password_confirmation => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password_confirmation)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_email_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:email => nil)
+      assert assigns(:<%= file_name %>).errors.on(:email)
+      assert_response :success
+    end
+  end
+  <% if options[:stateful] %>
+  def test_should_sign_up_user_in_pending_state
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert assigns(:<%= file_name %>).pending?
+  end<% end %>
+
+  <% if options[:include_activation] %>
+  def test_should_sign_up_user_with_activation_code
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert_not_nil assigns(:<%= file_name %>).activation_code
+  end
+
+  def test_should_activate_user
+    assert_nil <%= class_name %>.authenticate('aaron<%= "@example.com" if options[:email_as_login] -%>', 'test')
+    get :activate, :activation_code => <%= table_name %>(:aaron).activation_code
+    assert_redirected_to '/<%= controller_routing_path %>/new'
+    assert_not_nil flash[:notice]
+    assert_equal <%= table_name %>(:aaron), <%= class_name %>.authenticate('aaron<%= "@example.com" if options[:email_as_login] -%>', 'monkey')
+  end
+  
+  def test_should_not_activate_user_without_key
+    get :activate
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # in the event your routes deny this, we'll just bow out gracefully.
+  end
+
+  def test_should_not_activate_user_with_blank_key
+    get :activate, :activation_code => ''
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # well played, sir
+  end<% end %>
+
+  protected
+    def create_<%= file_name %>(options = {})
+      post :create, :<%= file_name %> => { <% unless options[:email_as_login] -%>:login => 'quire', <% end -%>:email => 'quire@example.com',
+        :password => 'quire69', :password_confirmation => 'quire69' }.merge(options)
+    end
+end

data/generators/authenticated/templates/test/unit_test.rb

@@ -0,0 +1,166 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class <%= class_name %>Test < ActiveSupport::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead.
+  # Then, you can remove it from this and the functional test.
+  include AuthenticatedTestHelper
+  fixtures :<%= table_name %>
+
+  def test_should_create_<%= file_name %>
+    assert_difference '<%= class_name %>.count' do
+      <%= file_name %> = create_<%= file_name %>
+      assert !<%= file_name %>.new_record?, "#{<%= file_name %>.errors.full_messages.to_sentence}"
+    end
+  end
+<% if options[:include_activation] %>
+  def test_should_initialize_activation_code_upon_creation
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert_not_nil <%= file_name %>.activation_code
+  end
+<% end %><% if options[:stateful] %>
+  def test_should_create_and_start_in_pending_state
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert <%= file_name %>.pending?
+  end
+
+<% end %>
+<% unless options[:email_as_login] -%>
+  def test_should_require_login
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:login => nil)
+      assert u.errors.on(:login)
+    end
+  end
+<% end -%>
+
+  def test_should_require_password
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password => nil)
+      assert u.errors.on(:password)
+    end
+  end
+
+  def test_should_require_password_confirmation
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password_confirmation => nil)
+      assert u.errors.on(:password_confirmation)
+    end
+  end
+
+  def test_should_require_email
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:email => nil)
+      assert u.errors.on(:email)
+    end
+  end
+
+  def test_should_reset_password
+    <%= table_name %>(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin<%= "@example.com" if options[:email_as_login] -%>', 'new password')
+  end
+
+  def test_should_not_rehash_password
+    <%= table_name %>(:quentin).update_attributes(:<%= options[:login_field_name] -%> => 'quentin2')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin2<%= "@example.com" if options[:email_as_login] -%>', 'monkey')
+  end
+
+  def test_should_authenticate_<%= file_name %>
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin<%= "@example.com" if options[:email_as_login] -%>', 'monkey')
+  end
+
+  def test_should_set_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+  end
+
+  def test_should_unset_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    <%= table_name %>(:quentin).forget_me
+    assert_nil <%= table_name %>(:quentin).remember_token
+  end
+
+  def test_should_remember_me_for_one_week
+    before = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_for 1.week
+    after = 1.week.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+
+  def test_should_remember_me_until_one_week
+    time = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_until time
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert_equal <%= table_name %>(:quentin).remember_token_expires_at, time
+  end
+
+  def test_should_remember_me_default_two_weeks
+    before = 2.weeks.from_now.utc
+    <%= table_name %>(:quentin).remember_me
+    after = 2.weeks.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+<% if options[:stateful] %>
+  def test_should_register_passive_<%= file_name %>
+    <%= file_name %> = create_<%= file_name %>(:password => nil, :password_confirmation => nil)
+    assert <%= file_name %>.passive?
+    <%= file_name %>.update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    <%= file_name %>.register!
+    assert <%= file_name %>.pending?
+  end
+
+  def test_should_suspend_<%= file_name %>
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+  end
+
+  def test_suspended_<%= file_name %>_should_not_authenticate
+    <%= table_name %>(:quentin).suspend!
+    assert_not_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin<%= "@example.com" if options[:email_as_login] -%>', 'test')
+  end
+
+  def test_should_unsuspend_<%= file_name %>_to_active_state
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).unsuspend!
+    assert <%= table_name %>(:quentin).active?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_nil_activation_code_and_activated_at_to_passive_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => nil, :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).passive?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_activation_code_and_nil_activated_at_to_pending_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => 'foo-bar', :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).pending?
+  end
+
+  def test_should_delete_<%= file_name %>
+    assert_nil <%= table_name %>(:quentin).deleted_at
+    <%= table_name %>(:quentin).delete!
+    assert_not_nil <%= table_name %>(:quentin).deleted_at
+    assert <%= table_name %>(:quentin).deleted?
+  end
+<% end %>
+protected
+  def create_<%= file_name %>(options = {})
+    record = <%= class_name %>.new({ <% unless options[:email_as_login] -%>:login => 'quire', <% end -%>:email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
+    record.<% if options[:stateful] %>register! if record.valid?<% else %>save<% end %>
+    record
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+require File.join(File.dirname(__FILE__), "rails", "init")

data/lib/authentication.rb

@@ -0,0 +1,40 @@
+module Authentication
+  mattr_accessor :login_regex, :bad_login_message, 
+    :name_regex, :bad_name_message,
+    :email_name_regex, :domain_head_regex, :domain_tld_regex, :email_regex, :bad_email_message
+
+  self.login_regex       = /\A\w[\w\.\-_@]+\z/                     # ASCII, strict
+  # self.login_regex       = /\A[[:alnum:]][[:alnum:]\.\-_@]+\z/     # Unicode, strict
+  # self.login_regex       = /\A[^[:cntrl:]\\<>\/&]*\z/              # Unicode, permissive
+
+  self.bad_login_message = "use only letters, numbers, and .-_@ please.".freeze
+
+  self.name_regex        = /\A[^[:cntrl:]\\<>\/&]*\z/              # Unicode, permissive
+  self.bad_name_message  = "avoid non-printing characters and \\&gt;&lt;&amp;/ please.".freeze
+
+  self.email_name_regex  = '[\w\.%\+\-]+'.freeze
+  self.domain_head_regex = '(?:[A-Z0-9\-]+\.)+'.freeze
+  self.domain_tld_regex  = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)'.freeze
+  self.email_regex       = /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+  self.bad_email_message = "should look like an email address.".freeze
+
+  def self.included(recipient)
+    recipient.extend(ModelClassMethods)
+    recipient.class_eval do
+      include ModelInstanceMethods
+    end
+  end
+
+  module ModelClassMethods
+    def secure_digest(*args)
+      Digest::SHA1.hexdigest(args.flatten.join('--'))
+    end
+
+    def make_token
+      secure_digest(Time.now, (1..10).map{ rand.to_s })
+    end
+  end # class methods
+
+  module ModelInstanceMethods
+  end # instance methods
+end

data/lib/authentication/by_cookie_token.rb

@@ -0,0 +1,82 @@
+# -*- coding: mule-utf-8 -*-
+module Authentication
+  module ByCookieToken
+    # Stuff directives into including module 
+    def self.included(recipient)
+      recipient.extend(ModelClassMethods)
+      recipient.class_eval do
+        include ModelInstanceMethods
+      end
+    end
+
+    #
+    # Class Methods
+    #
+    module ModelClassMethods
+    end # class methods
+
+    #
+    # Instance Methods
+    #
+    module ModelInstanceMethods
+      def remember_token?
+        (!remember_token.blank?) && 
+          remember_token_expires_at && (Time.now.utc < remember_token_expires_at.utc)
+      end
+
+      # These create and unset the fields required for remembering users between browser closes
+      def remember_me
+        remember_me_for 2.weeks
+      end
+
+      def remember_me_for(time)
+        remember_me_until time.from_now.utc
+      end
+
+      def remember_me_until(time)
+        self.remember_token_expires_at = time
+        self.remember_token            = self.class.make_token
+        save(false)
+      end
+
+      # refresh token (keeping same expires_at) if it exists
+      def refresh_token
+        if remember_token?
+          self.remember_token = self.class.make_token 
+          save(false)      
+        end
+      end
+
+      # 
+      # Deletes the server-side record of the authentication token.  The
+      # client-side (browser cookie) and server-side (this remember_token) must
+      # always be deleted together.
+      #
+      def forget_me
+        self.remember_token_expires_at = nil
+        self.remember_token            = nil
+        save(false)
+      end
+    end # instance methods
+  end
+
+  module ByCookieTokenController
+    # Stuff directives into including module 
+    def self.included( recipient )
+      recipient.extend( ControllerClassMethods )
+      recipient.class_eval do
+        include ControllerInstanceMethods
+      end
+    end
+
+    #
+    # Class Methods
+    #
+    module ControllerClassMethods
+    end # class methods
+    
+    module ControllerInstanceMethods
+    end # instance methods
+  end
+end
+