clearance 0.12.0 → 0.13.0

data/gemfiles/3.1.0.gemfile

@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+
+source "http://rubygems.org"
+
+gem "capybara", "~> 1.0.0"
+gem "factory_girl_rails"
+gem "shoulda-matchers", :git=>"git://github.com/thoughtbot/shoulda-matchers.git"
+gem "database_cleaner"
+gem "launchy"
+gem "aruba", "~> 0.4.2"
+gem "rails", "3.1.0"
+
+gemspec :path=>"../"

data/gemfiles/3.1.0.gemfile.lock

@@ -0,0 +1,187 @@
+GIT
+  remote: git://github.com/thoughtbot/shoulda-matchers.git
+  revision: 5190a39bba699d4989c2500c98622b505e2de828
+  specs:
+    shoulda-matchers (1.0.0.beta3)
+
+PATH
+  remote: /Users/croaky/dev/clearance
+  specs:
+    clearance (0.12.0)
+      diesel (~> 0.1.5)
+      rails (>= 3.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    actionmailer (3.1.0)
+      actionpack (= 3.1.0)
+      mail (~> 2.3.0)
+    actionpack (3.1.0)
+      activemodel (= 3.1.0)
+      activesupport (= 3.1.0)
+      builder (~> 3.0.0)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6)
+      rack (~> 1.3.2)
+      rack-cache (~> 1.0.3)
+      rack-mount (~> 0.8.2)
+      rack-test (~> 0.6.1)
+      sprockets (~> 2.0.0)
+    activemodel (3.1.0)
+      activesupport (= 3.1.0)
+      bcrypt-ruby (~> 3.0.0)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activerecord (3.1.0)
+      activemodel (= 3.1.0)
+      activesupport (= 3.1.0)
+      arel (~> 2.2.1)
+      tzinfo (~> 0.3.29)
+    activeresource (3.1.0)
+      activemodel (= 3.1.0)
+      activesupport (= 3.1.0)
+    activesupport (3.1.0)
+      multi_json (~> 1.0)
+    addressable (2.2.6)
+    appraisal (0.3.8)
+      bundler
+      rake
+    arel (2.2.1)
+    aruba (0.4.6)
+      bcat (>= 0.6.1)
+      childprocess (>= 0.2.0)
+      cucumber (>= 1.0.2)
+      rdiscount (>= 1.6.8)
+      rspec (>= 2.6.0)
+    bcat (0.6.1)
+      rack (~> 1.0)
+    bcrypt-ruby (3.0.0)
+    builder (3.0.0)
+    capybara (1.0.1)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      selenium-webdriver (~> 2.0)
+      xpath (~> 0.1.4)
+    childprocess (0.2.2)
+      ffi (~> 1.0.6)
+    cucumber (1.0.2)
+      builder (>= 2.1.2)
+      diff-lcs (>= 1.1.2)
+      gherkin (~> 2.4.5)
+      json (>= 1.4.6)
+      term-ansicolor (>= 1.0.5)
+    cucumber-rails (1.0.2)
+      capybara (>= 1.0.0)
+      cucumber (~> 1.0.0)
+      nokogiri (>= 1.4.6)
+    database_cleaner (0.6.7)
+    diesel (0.1.5)
+      railties
+    diff-lcs (1.1.3)
+    erubis (2.7.0)
+    factory_girl (2.0.5)
+    factory_girl_rails (1.1.0)
+      factory_girl (~> 2.0.0)
+      railties (>= 3.0.0)
+    ffi (1.0.9)
+    gherkin (2.4.16)
+      json (>= 1.4.6)
+    hike (1.2.1)
+    i18n (0.6.0)
+    json (1.5.4)
+    json_pure (1.5.4)
+      spruz (~> 0.2.8)
+    launchy (2.0.5)
+      addressable (~> 2.2.6)
+    mail (2.3.0)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    mocha (0.9.12)
+    multi_json (1.0.3)
+    nokogiri (1.5.0)
+    polyglot (0.3.2)
+    rack (1.3.2)
+    rack-cache (1.0.3)
+      rack (>= 0.4)
+    rack-mount (0.8.3)
+      rack (>= 1.0.0)
+    rack-ssl (1.3.2)
+      rack
+    rack-test (0.6.1)
+      rack (>= 1.0)
+    rails (3.1.0)
+      actionmailer (= 3.1.0)
+      actionpack (= 3.1.0)
+      activerecord (= 3.1.0)
+      activeresource (= 3.1.0)
+      activesupport (= 3.1.0)
+      bundler (~> 1.0)
+      railties (= 3.1.0)
+    railties (3.1.0)
+      actionpack (= 3.1.0)
+      activesupport (= 3.1.0)
+      rack-ssl (~> 1.3.2)
+      rake (>= 0.8.7)
+      rdoc (~> 3.4)
+      thor (~> 0.14.6)
+    rake (0.9.2)
+    rdiscount (1.6.8)
+    rdoc (3.9.4)
+    rspec (2.6.0)
+      rspec-core (~> 2.6.0)
+      rspec-expectations (~> 2.6.0)
+      rspec-mocks (~> 2.6.0)
+    rspec-core (2.6.4)
+    rspec-expectations (2.6.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.6.0)
+    rspec-rails (2.6.1)
+      actionpack (~> 3.0)
+      activesupport (~> 3.0)
+      railties (~> 3.0)
+      rspec (~> 2.6.0)
+    rubyzip (0.9.4)
+    selenium-webdriver (2.5.0)
+      childprocess (>= 0.2.1)
+      ffi (>= 1.0.7)
+      json_pure
+      rubyzip
+    sprockets (2.0.0)
+      hike (~> 1.2)
+      rack (~> 1.0)
+      tilt (!= 1.3.0, ~> 1.1)
+    spruz (0.2.13)
+    sqlite3 (1.3.4)
+    term-ansicolor (1.0.6)
+    thor (0.14.6)
+    tilt (1.3.3)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.29)
+    xpath (0.1.4)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  appraisal (~> 0.3.8)
+  aruba (~> 0.4.2)
+  bundler (~> 1.0.0)
+  capybara (~> 1.0.0)
+  clearance!
+  cucumber-rails (~> 1.0.2)
+  database_cleaner
+  factory_girl_rails
+  launchy
+  mocha
+  rails (= 3.1.0)
+  rspec-rails (~> 2.6.0)
+  shoulda-matchers!
+  sqlite3

data/lib/clearance.rb

@@ -2,3 +2,4 @@ require 'clearance/configuration'
 require 'clearance/authentication'
 require 'clearance/user'
 require 'clearance/engine'
+require 'clearance/password_strategies'

data/lib/clearance/configuration.rb

@@ -1,6 +1,6 @@
 module Clearance
   class Configuration
-    attr_accessor :mailer_sender, :cookie_expiration
+    attr_accessor :mailer_sender, :cookie_expiration, :password_strategy
 
     def initialize
       @mailer_sender     = 'donotreply@example.com'
@@ -24,6 +24,7 @@ module Clearance
   #   Clearance.configure do |config|
   #     config.mailer_sender     = 'me@example.com'
   #     config.cookie_expiration = lambda { 2.weeks.from_now.utc }
+  #     config.password_strategy = MyPasswordStrategy
   #   end
   def self.configure
     self.configuration ||= Configuration.new

data/lib/clearance/password_strategies.rb

@@ -0,0 +1,5 @@
+module Clearance
+  module PasswordStrategies
+    autoload :SHA1, 'clearance/password_strategies/sha1'
+  end
+end

data/lib/clearance/password_strategies/sha1.rb

@@ -0,0 +1,46 @@
+require 'digest/sha1'
+
+module Clearance
+  module PasswordStrategies
+    module SHA1
+      extend ActiveSupport::Concern
+
+      # Am I authenticated with given password?
+      #
+      # @param [String] plain-text password
+      # @return [true, false]
+      # @example
+      #   user.authenticated?('password')
+      def authenticated?(password)
+        encrypted_password == encrypt(password)
+      end
+
+      protected
+
+      def encrypt_password
+        initialize_salt_if_necessary
+        if password.present?
+          self.encrypted_password = encrypt(password)
+        end
+      end
+
+      def generate_hash(string)
+        if RUBY_VERSION >= '1.9'
+          Digest::SHA1.hexdigest(string).encode('UTF-8')
+        else
+          Digest::SHA1.hexdigest(string)
+        end
+      end
+
+      def encrypt(string)
+        generate_hash("--#{salt}--#{string}--")
+      end
+
+      def initialize_salt_if_necessary
+        if salt.blank?
+          self.salt = generate_random_code
+        end
+      end
+    end
+  end
+end

data/lib/clearance/user.rb

@@ -10,15 +10,18 @@ module Clearance
     # extend and include à la carte.
     #
     # @example
-    #   include Callbacks
+    #   include Clearance::User::Callbacks
     #
     # @see Validations
     # @see Callbacks
     included do
-      attr_accessor :password, :password_changing
+      attr_accessor :password_changing
+      attr_reader :password
 
       include Validations
       include Callbacks
+
+      include (Clearance.configuration.password_strategy || Clearance::PasswordStrategies::SHA1)
     end
 
     module ClassMethods
@@ -60,22 +63,10 @@ module Clearance
       # salt, token, password encryption are handled before_save.
       included do
         before_validation :downcase_email
-        before_save   :initialize_salt,
-                      :encrypt_password
         before_create :generate_remember_token
       end
     end
 
-    # Am I authenticated with given password?
-    #
-    # @param [String] plain-text password
-    # @return [true, false]
-    # @example
-    #   user.authenticated?('password')
-    def authenticated?(password)
-      encrypted_password == encrypt(password)
-    end
-
     # Set the remember token.
     #
     # @deprecated Use {#reset_remember_token!} instead
@@ -117,16 +108,13 @@ module Clearance
       save
     end
 
-    protected
-
-    def generate_hash(string)
-      if RUBY_VERSION >= '1.9'
-        Digest::SHA1.hexdigest(string).encode('UTF-8')
-      else
-        Digest::SHA1.hexdigest(string)
-      end
+    def password=(unencrypted_password)
+      @password = unencrypted_password
+      encrypt_password
     end
 
+    protected
+
     def generate_random_code(length = 20)
       if RUBY_VERSION >= '1.9'
         SecureRandom.hex(length).encode('UTF-8')
@@ -135,22 +123,6 @@ module Clearance
       end
     end
 
-    def encrypt(string)
-      generate_hash("--#{salt}--#{string}--")
-    end
-
-    def initialize_salt
-      if salt.blank?
-        self.salt = generate_random_code
-      end
-    end
-
-    def encrypt_password
-      if password.present?
-        self.encrypted_password = encrypt(password)
-      end
-    end
-
     def generate_remember_token
       self.remember_token = generate_random_code
     end

data/lib/generators/clearance/features/features_generator.rb

@@ -3,16 +3,6 @@ require 'diesel/generators/features_base'
 module Clearance
   module Generators
     class FeaturesGenerator < Diesel::Generators::FeaturesBase
-      def inject_paths
-        inject_into_file "features/support/paths.rb", :after => "# Add more mappings here.\n" do
-    "    when /the sign up page/i
-          sign_up_path
-        when /the sign in page/i
-          sign_in_path
-        when /the password reset request page/i
-          new_password_path\n"
-        end
-      end
     end
   end
 end

data/spec/models/clearance_user_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Clearance::User do
+  subject do
+    Class.new do
+      def self.validates_presence_of(*args); end
+      def self.validates_uniqueness_of(*args); end
+      def self.validates_format_of(*args); end
+      def self.before_validation(*args); end
+      def self.before_create(*args); end
+
+      include Clearance::User
+    end.new
+  end
+
+  describe "when Clearance.configuration.password_strategy is set" do
+    let(:mock_password_strategy) { Module.new }
+
+    before { Clearance.configuration.password_strategy = mock_password_strategy }
+
+    it "includes the value it is set to" do
+      subject.should be_kind_of(mock_password_strategy)
+    end
+  end
+
+  describe "when Clearance.configuration.password_strategy is not set" do
+    before { Clearance.configuration.password_strategy = nil }
+
+    it "includes Clearance::PasswordStrategies::SHA1" do
+      subject.should be_kind_of(Clearance::PasswordStrategies::SHA1)
+    end
+  end
+end

data/spec/models/sha1_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe Clearance::PasswordStrategies::SHA1 do
+  subject do
+    Class.new do
+      attr_accessor :salt, :password, :encrypted_password
+      include Clearance::PasswordStrategies::SHA1
+
+      def generate_random_code; "code"; end
+    end.new
+  end
+
+  describe "#encrypt_password" do
+    context "when the password is set" do
+      let(:salt) { "salt" }
+      let(:password) { "password" }
+
+      before do
+        subject.salt = salt
+        subject.password = password
+        subject.send(:encrypt_password)
+      end
+
+      it "should encrypt the password using SHA1 into encrypted_password" do
+        expected = Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+
+        subject.encrypted_password.should == expected
+      end
+    end
+
+    context "when the salt is not set" do
+      before do
+        subject.salt = nil
+
+        subject.send(:encrypt_password)
+      end
+
+      it "should initialize the salt" do
+        subject.salt.should_not be_nil
+      end
+    end
+  end
+end