clearance 0.12.0 → 0.13.0

data/Appraisals

@@ -2,11 +2,6 @@ appraise "3.0.9" do
   gem "rails", "3.0.9"
 end
 
-appraise "3.1.0.rc4" do
-  gem "rails", "3.1.0.rc4"
-  gem 'sass-rails'
-  gem 'coffee-script'
-  gem 'uglifier'
-  gem 'jquery-rails'
-  gem 'turn'
+appraise "3.1.0" do
+  gem "rails", "3.1.0"
 end

data/CHANGELOG.md

@@ -1,8 +1,16 @@
+0.13.0
+-------------------
+
+* [#170] In Clearance's optional generated features, use pure Capybara instead of depending on Cucumber's removed web_steps, paths, and selectors. (Dan Croak)
+* [#167] Extract SHA-1-specific code out of `User` into `PasswordStrategies` module. (Vladimir Andrijevik)
+* [#164] Extract sign in form so that other methods can be added easily. (Subhash Chandra)
+* [#165] Test against Rails 3.1. (Dan Croak) Required upgrades to Diesel and Appraisal. (Dan Croak, Mike Burns, Chad Pytel)
+* [#160] Improved README documentation for overrides. (Dan Croak)
+
 0.12.0
 -------------------
 
 * [#129] Denying access redirects to root_url when signed in, sign_in_url when signed out. (Dan Croak)
-* New configuration setting: denied_access_url. (Dan Croak)
 * Using flash :notice key everywhere now instead of :success and :failure. More in line with Rails conventions. (Dan Croak)
 * [#149] redirect_back_or on sign up. (Dan Croak)
 * [#147] Resetting password no longer redirects to sign in page. It displays a message telling them to look for an email. (Dan Croak)

data/CONTRIBUTING.md

@@ -0,0 +1,38 @@
+We love pull requests. Here's a quick guide:
+
+1. Fork the repo.
+
+2. Run the tests. We only take pull requests with passing tests, and it's great
+to know that you have a clean slate: `bundle && rake`
+
+3. Add a test for your change. Only refactoring and documentation changes
+require no new tests. If you are adding functionality or fixing a bug, we need
+a test!
+
+4. Make the test pass.
+
+5. Push to your fork and submit a pull request.
+
+
+At this point you're waiting on us. We like to at least comment on, if not
+accept, pull requests within three business days (and, typically, one business
+day). We may suggest some changes or improvements or alternatives.
+
+Some things that will increase the chance that your pull request is accepted,
+taken straight from the Ruby on Rails guide:
+
+* Use Rails idioms and helpers
+* Include tests that fail without your code, and pass with it
+* Update the documentation, the surrounding one, examples elsewhere, guides,
+  whatever is affected by your contribution
+
+Syntax:
+
+* Two spaces, no tabs.
+* No trailing whitespace. Blank lines should not have any space.
+* Prefer &&/|| over and/or.
+* MyClass.my_method(my_arg) not my_method( my_arg ) or my_method my_arg.
+* a = b and not a=b.
+* Follow the conventions you see used in the source already.
+
+And in case we didn't emphasize it enough: we love tests!

data/Gemfile

@@ -1,17 +1,9 @@
 source "http://rubygems.org"
+gemspec
 
-gem "rails", "3.0.9"
-gem "sqlite3"
-
-gem "diesel", :git => "git://github.com/thoughtbot/diesel.git"
-
-gem "cucumber-rails", '1.0.0'
-gem "capybara", "1.0.0"
+gem "capybara", "~> 1.0.0"
 gem "factory_girl_rails"
 gem "shoulda-matchers", :git => "git://github.com/thoughtbot/shoulda-matchers.git"
 gem "database_cleaner"
-gem "rspec-rails", "~> 2.6.0"
 gem "launchy"
-gem "mocha"
-gem "appraisal", :git => "git://github.com/thoughtbot/appraisal.git"
 gem "aruba", "~> 0.4.2"

data/Gemfile.lock

@@ -1,25 +1,16 @@
-GIT
-  remote: git://github.com/thoughtbot/appraisal.git
-  revision: f8029181543b4bc4bdea03735a3b1e558fd66501
-  specs:
-    appraisal (0.3.5)
-      aruba (~> 0.4.2)
-      bundler
-      rake
-
-GIT
-  remote: git://github.com/thoughtbot/diesel.git
-  revision: f68a990573e2684bb4645a90876603de0a772b69
-  specs:
-    diesel (0.1.4)
-      railties
-
 GIT
   remote: git://github.com/thoughtbot/shoulda-matchers.git
-  revision: a922b8ec38b65ae3274f194e90eaff6ac642d0b1
+  revision: 5190a39bba699d4989c2500c98622b505e2de828
   specs:
     shoulda-matchers (1.0.0.beta3)
 
+PATH
+  remote: .
+  specs:
+    clearance (0.12.0)
+      diesel (~> 0.1.5)
+      rails (>= 3.0)
+
 GEM
   remote: http://rubygems.org/
   specs:
@@ -50,54 +41,58 @@ GEM
       activemodel (= 3.0.9)
       activesupport (= 3.0.9)
     activesupport (3.0.9)
+    addressable (2.2.6)
+    appraisal (0.3.8)
+      bundler
+      rake
     arel (2.0.10)
-    aruba (0.4.3)
+    aruba (0.4.6)
       bcat (>= 0.6.1)
-      childprocess (>= 0.1.9)
-      cucumber (>= 0.10.7)
+      childprocess (>= 0.2.0)
+      cucumber (>= 1.0.2)
       rdiscount (>= 1.6.8)
       rspec (>= 2.6.0)
     bcat (0.6.1)
       rack (~> 1.0)
     builder (2.1.2)
-    capybara (1.0.0)
+    capybara (1.0.1)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
-      selenium-webdriver (~> 0.2.0)
+      selenium-webdriver (~> 2.0)
       xpath (~> 0.1.4)
-    childprocess (0.1.9)
+    childprocess (0.2.2)
       ffi (~> 1.0.6)
-    configuration (1.3.1)
-    cucumber (1.0.0)
+    cucumber (1.0.2)
       builder (>= 2.1.2)
       diff-lcs (>= 1.1.2)
-      gherkin (~> 2.4.1)
+      gherkin (~> 2.4.5)
       json (>= 1.4.6)
       term-ansicolor (>= 1.0.5)
-    cucumber-rails (1.0.0)
+    cucumber-rails (1.0.2)
       capybara (>= 1.0.0)
       cucumber (~> 1.0.0)
-      nokogiri (>= 1.4.4)
-      rack-test (>= 0.5.7)
+      nokogiri (>= 1.4.6)
     database_cleaner (0.6.7)
-    diff-lcs (1.1.2)
+    diesel (0.1.5)
+      railties
+    diff-lcs (1.1.3)
     erubis (2.6.6)
       abstract (>= 1.0.0)
-    factory_girl (1.3.3)
-    factory_girl_rails (1.0.1)
-      factory_girl (~> 1.3)
+    factory_girl (2.0.5)
+    factory_girl_rails (1.1.0)
+      factory_girl (~> 2.0.0)
       railties (>= 3.0.0)
     ffi (1.0.9)
-    gherkin (2.4.1)
+    gherkin (2.4.16)
       json (>= 1.4.6)
     i18n (0.5.0)
-    json (1.5.3)
-    json_pure (1.5.3)
-    launchy (0.4.0)
-      configuration (>= 0.0.5)
-      rake (>= 0.8.1)
+    json (1.5.4)
+    json_pure (1.5.4)
+      spruz (~> 0.2.8)
+    launchy (2.0.5)
+      addressable (~> 2.2.6)
     mail (2.2.19)
       activesupport (>= 2.3.6)
       i18n (>= 0.4.0)
@@ -105,7 +100,7 @@ GEM
       treetop (~> 1.4.8)
     mime-types (1.16)
     mocha (0.9.12)
-    nokogiri (1.4.6)
+    nokogiri (1.5.0)
     polyglot (0.3.1)
     rack (1.2.3)
     rack-mount (0.6.14)
@@ -143,13 +138,14 @@ GEM
       railties (~> 3.0)
       rspec (~> 2.6.0)
     rubyzip (0.9.4)
-    selenium-webdriver (0.2.2)
-      childprocess (>= 0.1.9)
+    selenium-webdriver (2.5.0)
+      childprocess (>= 0.2.1)
       ffi (>= 1.0.7)
       json_pure
       rubyzip
-    sqlite3 (1.3.3)
-    term-ansicolor (1.0.5)
+    spruz (0.2.13)
+    sqlite3 (1.3.4)
+    term-ansicolor (1.0.6)
     thor (0.14.6)
     treetop (1.4.9)
       polyglot (>= 0.3.1)
@@ -161,16 +157,16 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  appraisal!
+  appraisal (~> 0.3.8)
   aruba (~> 0.4.2)
-  capybara (= 1.0.0)
-  cucumber-rails (= 1.0.0)
+  bundler (~> 1.0.0)
+  capybara (~> 1.0.0)
+  clearance!
+  cucumber-rails (~> 1.0.2)
   database_cleaner
-  diesel!
   factory_girl_rails
   launchy
   mocha
-  rails (= 3.0.9)
   rspec-rails (~> 2.6.0)
   shoulda-matchers!
   sqlite3

data/LICENSE

@@ -1,6 +1,6 @@
 The MIT License
 
-Copyright (c) 2008 thoughtbot, inc.
+Copyright (c) 2008-2011 thoughtbot, inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -59,13 +59,53 @@ the current_user method.
       current_user.articles
     end
 
-Customizing
------------
+If you want to know whether the current user is signed in or out, you can use
+these methods in controllers, views, or helpers:
 
-Clearance is intended to be small, simple, well-tested, and easy to extend.
+    signed_in?
+    signed_out?
 
-If you ever need to change the logic in any of the four provided controllers,
-subclass the Clearance controller. You don't need to do this by default.
+Typically, you want to have something like this in your app, maybe in a layout:
+
+    <% if signed_in? %>
+      <%= current_user.email %>
+      <%= link_to "Sign out", sign_out_path, :method => :delete %>
+    <% else %>
+      <%= link_to "Sign in", sign_in_path %>
+    <% end %>
+
+If you ever want to authenticate the user some place other than sessions/new,
+maybe in an API:
+
+    User.authenticate("email@example.com", "password")
+
+Clearance will deliver one email on your app's behalf: when a user resets their password. Therefore, you should change the default email address that email comes from:
+
+    # config/initializers/clearance.rb
+    Clearance.configure do |config|
+      config.mailer_sender = "me@example.com"
+    end
+
+Overriding defaults
+-------------------
+
+Clearance is intended to be small, simple, well-tested, and easy to override defaults.
+
+Overriding routes
+-----------------
+
+See [config/routes.rb](https://github.com/thoughtbot/clearance/blob/master/config/routes.rb) for the default behavior.
+
+To override a Clearance route, redefine it:
+
+    resource :session, :controller => 'sessions'
+
+Overriding controllers
+----------------------
+
+See [app/controllers/clearance](https://github.com/thoughtbot/clearance/tree/master/app/controllers/clearance) for the default behavior.
+
+To override a Clearance controller, subclass it:
 
     class SessionsController < Clearance::SessionsController
       def new
@@ -77,24 +117,88 @@ subclass the Clearance controller. You don't need to do this by default.
       end
     end
 
-and add your route in config/routes.rb:
+You may want to override entire actions:
 
-    resource :session, :controller => 'sessions'
+    def new
+    end
+
+Or, you may want to override private methods that actions use:
+
+    url_after_create
+    url_after_update
+    url_after_destroy
+    flash_failure_after_create
+    flash_failure_after_update
+    flash_failure_when_forbidden
+    forbid_missing_token
+    forbid_non_existent_user
+
+Overriding translations
+-----------------------
+
+All flash messages and email subject lines are stored in [i18n translations](http://guides.rubyonrails.org/i18n.html). Override them like any other translation.
+
+Overriding views
+----------------
 
-See config/routes.rb for all the routes Clearance provides.
+See [app/views](https://github.com/thoughtbot/clearance/tree/master/app/views) for the default behavior.
 
-Actions that redirect (create, update, and destroy) in Clearance controllers
-can be overridden by re-defining url_after_(action) methods as seen above.
+To override those **views**, create them in your own `app/views` directory.
 
-Clearance is an engine, so it provides views for you. If you want to customize those views, there is a handy shortcut to copy the views into your app:
+There is a shortcut to copy all Clearance views into your app:
 
     rails generate clearance:views
 
+Overriding the model
+--------------------
+
+If you want to override the **model** behavior, you can include sub-modules of `Clearance::User`:
+
+    extend  Clearance::User::ClassMethods
+    include Clearance::User::Validations
+    include Clearance::User::Callbacks
+
+`ClassMethods` contains the `User.authenticate(email, password)` method.
+
+`Validations` contains validations for email and password.
+
+`Callbacks` contains `ActiveRecord` callbacks downcasing the email and generating a remember token.
+
+Overriding the password strategy
+--------------------------------
+
+By default, Clearance uses SHA1 encryption of the user's password. You can provide your own password strategy by creating a module that conforms to an API of two instance methods:
+
+    def authenticated?
+    end
+
+    def encrypt_password
+    end
+
+See [lib/clearance/password_strategies/sha1.rb](https://github.com/thoughtbot/clearance/blob/master/lib/clearance/password_strategies/sha1.rb) for the default behavior.
+
+Once you have an API-compliant module, load it with:
+
+    Clearance.configure do |config|
+      config.password_strategy = MyPasswordStrategy
+    end
+
 Optional Cucumber features
 --------------------------
 
-As your app evolves, you want to know that authentication still works. If you
-use [Cucumber](http://cukes.info), run the Clearance features generator:
+Clearance's Cucumber features are dependent on:
+
+* Cucumber
+* Capybara
+* RSpec
+* Factory Girl
+
+As your app evolves, you want to know that authentication still works. If you've
+installed [Cucumber](http://cukes.info) into your app:
+
+    rails generate cucumber:install
+
+Then, you can use the Clearance features generator:
 
     rails generate clearance:features
 
@@ -145,6 +249,11 @@ Example:
       it { should respond_with(:success) }
     end
 
+Contributing
+------------
+
+Please see CONTRIBUTING.md for details.
+
 Credits
 -------
 

data/Rakefile

@@ -3,7 +3,7 @@
 require 'rubygems'
 require 'bundler/setup'
 require 'rake'
-require 'rake/gempackagetask'
+require 'rubygems/package_task'
 require 'cucumber/rake/task'
 require 'diesel/tasks'
 require 'rspec/core/rake_task'

data/VERSION

@@ -1 +1 @@
-0.12.0
+0.13.0

data/app/views/sessions/_form.html.erb

@@ -0,0 +1,13 @@
+<%= form_for :session, :url => session_path do |form| %>
+  <div class="text_field">
+    <%= form.label :email %>
+    <%= form.text_field :email, :type => "email" %>
+  </div>
+  <div class="text_field">
+    <%= form.label :password %>
+    <%= form.password_field :password %>
+  </div>
+  <div class="submit_field">
+    <%= form.submit "Sign in" %>
+  </div>
+<% end %>