RubyGems - cloudfoundry-devise - Versions diffs - 1.5.2 - Mend

cloudfoundry-devise 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (210) hide show

data/.gitignore +12 -0
data/.travis.yml +13 -0
data/CHANGELOG.rdoc +755 -0
data/Gemfile +35 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +366 -0
data/Rakefile +34 -0
data/app/controllers/devise/confirmations_controller.rb +46 -0
data/app/controllers/devise/omniauth_callbacks_controller.rb +26 -0
data/app/controllers/devise/passwords_controller.rb +50 -0
data/app/controllers/devise/registrations_controller.rb +114 -0
data/app/controllers/devise/sessions_controller.rb +49 -0
data/app/controllers/devise/unlocks_controller.rb +34 -0
data/app/helpers/devise_helper.rb +25 -0
data/app/mailers/devise/mailer.rb +15 -0
data/app/views/devise/confirmations/new.html.erb +12 -0
data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
data/app/views/devise/passwords/edit.html.erb +16 -0
data/app/views/devise/passwords/new.html.erb +12 -0
data/app/views/devise/registrations/edit.html.erb +25 -0
data/app/views/devise/registrations/new.html.erb +18 -0
data/app/views/devise/sessions/new.html.erb +17 -0
data/app/views/devise/shared/_links.erb +25 -0
data/app/views/devise/unlocks/new.html.erb +12 -0
data/cloudfoundry-devise.gemspec +25 -0
data/config/locales/en.yml +59 -0
data/lib/devise.rb +453 -0
data/lib/devise/controllers/helpers.rb +260 -0
data/lib/devise/controllers/internal_helpers.rb +161 -0
data/lib/devise/controllers/rememberable.rb +52 -0
data/lib/devise/controllers/scoped_views.rb +33 -0
data/lib/devise/controllers/shared_helpers.rb +26 -0
data/lib/devise/controllers/url_helpers.rb +53 -0
data/lib/devise/delegator.rb +16 -0
data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
data/lib/devise/encryptors/base.rb +20 -0
data/lib/devise/encryptors/clearance_sha1.rb +17 -0
data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
data/lib/devise/encryptors/sha1.rb +25 -0
data/lib/devise/encryptors/sha512.rb +25 -0
data/lib/devise/failure_app.rb +149 -0
data/lib/devise/hooks/activatable.rb +11 -0
data/lib/devise/hooks/forgetable.rb +9 -0
data/lib/devise/hooks/rememberable.rb +6 -0
data/lib/devise/hooks/timeoutable.rb +24 -0
data/lib/devise/hooks/trackable.rb +9 -0
data/lib/devise/mailers/helpers.rb +86 -0
data/lib/devise/mapping.rb +175 -0
data/lib/devise/models.rb +91 -0
data/lib/devise/models/authenticatable.rb +181 -0
data/lib/devise/models/confirmable.rb +220 -0
data/lib/devise/models/database_authenticatable.rb +122 -0
data/lib/devise/models/encryptable.rb +72 -0
data/lib/devise/models/lockable.rb +169 -0
data/lib/devise/models/omniauthable.rb +23 -0
data/lib/devise/models/recoverable.rb +136 -0
data/lib/devise/models/registerable.rb +21 -0
data/lib/devise/models/rememberable.rb +114 -0
data/lib/devise/models/serializable.rb +43 -0
data/lib/devise/models/timeoutable.rb +45 -0
data/lib/devise/models/token_authenticatable.rb +72 -0
data/lib/devise/models/trackable.rb +30 -0
data/lib/devise/models/validatable.rb +62 -0
data/lib/devise/modules.rb +30 -0
data/lib/devise/omniauth.rb +28 -0
data/lib/devise/omniauth/config.rb +45 -0
data/lib/devise/omniauth/url_helpers.rb +33 -0
data/lib/devise/orm/active_record.rb +44 -0
data/lib/devise/orm/mongoid.rb +31 -0
data/lib/devise/param_filter.rb +41 -0
data/lib/devise/path_checker.rb +18 -0
data/lib/devise/rails.rb +73 -0
data/lib/devise/rails/routes.rb +385 -0
data/lib/devise/rails/warden_compat.rb +120 -0
data/lib/devise/schema.rb +109 -0
data/lib/devise/strategies/authenticatable.rb +155 -0
data/lib/devise/strategies/base.rb +15 -0
data/lib/devise/strategies/database_authenticatable.rb +21 -0
data/lib/devise/strategies/rememberable.rb +53 -0
data/lib/devise/strategies/token_authenticatable.rb +57 -0
data/lib/devise/test_helpers.rb +90 -0
data/lib/devise/version.rb +3 -0
data/lib/generators/active_record/devise_generator.rb +71 -0
data/lib/generators/active_record/templates/migration.rb +29 -0
data/lib/generators/active_record/templates/migration_existing.rb +26 -0
data/lib/generators/devise/devise_generator.rb +22 -0
data/lib/generators/devise/install_generator.rb +24 -0
data/lib/generators/devise/orm_helpers.rb +31 -0
data/lib/generators/devise/views_generator.rb +98 -0
data/lib/generators/mongoid/devise_generator.rb +60 -0
data/lib/generators/templates/README +32 -0
data/lib/generators/templates/devise.rb +215 -0
data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +22 -0
data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +15 -0
data/test/controllers/helpers_test.rb +254 -0
data/test/controllers/internal_helpers_test.rb +96 -0
data/test/controllers/sessions_controller_test.rb +16 -0
data/test/controllers/url_helpers_test.rb +59 -0
data/test/delegator_test.rb +19 -0
data/test/devise_test.rb +72 -0
data/test/encryptors_test.rb +30 -0
data/test/failure_app_test.rb +207 -0
data/test/generators/active_record_generator_test.rb +47 -0
data/test/generators/devise_generator_test.rb +39 -0
data/test/generators/install_generator_test.rb +13 -0
data/test/generators/mongoid_generator_test.rb +23 -0
data/test/generators/views_generator_test.rb +52 -0
data/test/helpers/devise_helper_test.rb +51 -0
data/test/indifferent_hash.rb +33 -0
data/test/integration/authenticatable_test.rb +590 -0
data/test/integration/confirmable_test.rb +262 -0
data/test/integration/database_authenticatable_test.rb +82 -0
data/test/integration/http_authenticatable_test.rb +82 -0
data/test/integration/lockable_test.rb +212 -0
data/test/integration/omniauthable_test.rb +133 -0
data/test/integration/recoverable_test.rb +287 -0
data/test/integration/registerable_test.rb +335 -0
data/test/integration/rememberable_test.rb +158 -0
data/test/integration/timeoutable_test.rb +98 -0
data/test/integration/token_authenticatable_test.rb +148 -0
data/test/integration/trackable_test.rb +92 -0
data/test/mailers/confirmation_instructions_test.rb +95 -0
data/test/mailers/reset_password_instructions_test.rb +83 -0
data/test/mailers/unlock_instructions_test.rb +77 -0
data/test/mapping_test.rb +128 -0
data/test/models/confirmable_test.rb +334 -0
data/test/models/database_authenticatable_test.rb +167 -0
data/test/models/encryptable_test.rb +67 -0
data/test/models/lockable_test.rb +225 -0
data/test/models/recoverable_test.rb +198 -0
data/test/models/rememberable_test.rb +168 -0
data/test/models/serializable_test.rb +38 -0
data/test/models/timeoutable_test.rb +42 -0
data/test/models/token_authenticatable_test.rb +49 -0
data/test/models/trackable_test.rb +5 -0
data/test/models/validatable_test.rb +113 -0
data/test/models_test.rb +109 -0
data/test/omniauth/config_test.rb +57 -0
data/test/omniauth/url_helpers_test.rb +58 -0
data/test/orm/active_record.rb +9 -0
data/test/orm/mongoid.rb +14 -0
data/test/rails_app/Rakefile +10 -0
data/test/rails_app/app/active_record/admin.rb +6 -0
data/test/rails_app/app/active_record/shim.rb +2 -0
data/test/rails_app/app/active_record/user.rb +6 -0
data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
data/test/rails_app/app/controllers/admins_controller.rb +6 -0
data/test/rails_app/app/controllers/application_controller.rb +8 -0
data/test/rails_app/app/controllers/home_controller.rb +25 -0
data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
data/test/rails_app/app/controllers/users_controller.rb +23 -0
data/test/rails_app/app/helpers/application_helper.rb +3 -0
data/test/rails_app/app/mailers/users/mailer.rb +3 -0
data/test/rails_app/app/mongoid/admin.rb +24 -0
data/test/rails_app/app/mongoid/shim.rb +24 -0
data/test/rails_app/app/mongoid/user.rb +45 -0
data/test/rails_app/app/views/admins/index.html.erb +1 -0
data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
data/test/rails_app/app/views/home/index.html.erb +1 -0
data/test/rails_app/app/views/home/join.html.erb +1 -0
data/test/rails_app/app/views/home/private.html.erb +1 -0
data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
data/test/rails_app/app/views/layouts/application.html.erb +24 -0
data/test/rails_app/app/views/users/index.html.erb +1 -0
data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
data/test/rails_app/config.ru +4 -0
data/test/rails_app/config/application.rb +41 -0
data/test/rails_app/config/boot.rb +8 -0
data/test/rails_app/config/database.yml +18 -0
data/test/rails_app/config/environment.rb +5 -0
data/test/rails_app/config/environments/development.rb +18 -0
data/test/rails_app/config/environments/production.rb +33 -0
data/test/rails_app/config/environments/test.rb +33 -0
data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/test/rails_app/config/initializers/devise.rb +197 -0
data/test/rails_app/config/initializers/inflections.rb +2 -0
data/test/rails_app/config/initializers/secret_token.rb +2 -0
data/test/rails_app/config/routes.rb +87 -0
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +71 -0
data/test/rails_app/db/schema.rb +52 -0
data/test/rails_app/lib/shared_admin.rb +10 -0
data/test/rails_app/lib/shared_user.rb +26 -0
data/test/rails_app/public/404.html +26 -0
data/test/rails_app/public/422.html +26 -0
data/test/rails_app/public/500.html +26 -0
data/test/rails_app/public/favicon.ico +0 -0
data/test/rails_app/script/rails +10 -0
data/test/routes_test.rb +240 -0
data/test/support/assertions.rb +27 -0
data/test/support/helpers.rb +109 -0
data/test/support/integration.rb +88 -0
data/test/support/locale/en.yml +4 -0
data/test/support/webrat/integrations/rails.rb +24 -0
data/test/test_helper.rb +27 -0
data/test/test_helpers_test.rb +134 -0
metadata +295 -0

data/lib/devise/models/omniauthable.rb ADDED

@@ -0,0 +1,23 @@
+require 'devise/omniauth'
+module Devise
+  module Models
+    # Adds OmniAuth support to your model.
+    #
+    # == Options
+    #
+    # Oauthable adds the following options to devise_for:
+    #
+    #   * +omniauth_providers+: Which providers are avaialble to this model. It expects an array:
+    #
+    #       devise_for :database_authenticatable, :omniauthable, :omniauth_providers => [:twitter]
+    #
+    module Omniauthable
+      extend ActiveSupport::Concern
+      module ClassMethods
+        Devise::Models.config(self, :omniauth_providers)
+      end
+    end
+  end
+end

data/lib/devise/models/recoverable.rb ADDED

@@ -0,0 +1,136 @@
+module Devise
+  module Models
+    # Recoverable takes care of reseting the user password and send reset instructions.
+    #
+    # ==Options
+    #
+    # Recoverable adds the following options to devise_for:
+    #
+    #   * +reset_password_keys+: the keys you want to use when recovering the password for an account
+    #
+    # == Examples
+    #
+    #   # resets the user password and save the record, true if valid passwords are given, otherwise false
+    #   User.find(1).reset_password!('password123', 'password123')
+    #
+    #   # only resets the user password, without saving the record
+    #   user = User.find(1)
+    #   user.reset_password('password123', 'password123')
+    #
+    #   # creates a new token and send it with instructions about how to reset the password
+    #   User.find(1).send_reset_password_instructions
+    #
+    module Recoverable
+      extend ActiveSupport::Concern
+      # Update password saving the record and clearing token. Returns true if
+      # the passwords are valid and the record was saved, false otherwise.
+      def reset_password!(new_password, new_password_confirmation)
+        self.password = new_password
+        self.password_confirmation = new_password_confirmation
+        if valid?
+          clear_reset_password_token
+          after_password_reset
+        end
+        save
+      end
+      # Resets reset password token and send reset password instructions by email
+      def send_reset_password_instructions
+        generate_reset_password_token! if should_generate_token?
+        self.devise_mailer.reset_password_instructions(self).deliver
+      end
+      # Checks if the reset password token sent is within the limit time.
+      # We do this by calculating if the difference between today and the
+      # sending date does not exceed the confirm in time configured.
+      # Returns true if the resource is not responding to reset_password_sent_at at all.
+      # reset_password_within is a model configuration, must always be an integer value.
+      #
+      # Example:
+      #
+      #   # reset_password_within = 1.day and reset_password_sent_at = today
+      #   reset_password_period_valid?   # returns true
+      #
+      #   # reset_password_within = 5.days and reset_password_sent_at = 4.days.ago
+      #   reset_password_period_valid?   # returns true
+      #
+      #   # reset_password_within = 5.days and reset_password_sent_at = 5.days.ago
+      #   reset_password_period_valid?   # returns false
+      #
+      #   # reset_password_within = 0.days
+      #   reset_password_period_valid?   # will always return false
+      #
+      def reset_password_period_valid?
+        reset_password_sent_at && reset_password_sent_at.utc >= self.class.reset_password_within.ago
+      end
+      protected
+        def should_generate_token?
+          reset_password_token.nil? || !reset_password_period_valid?
+        end
+        # Generates a new random token for reset password
+        def generate_reset_password_token
+          self.reset_password_token = self.class.reset_password_token
+          self.reset_password_sent_at = Time.now.utc
+          self.reset_password_token
+        end
+        # Resets the reset password token with and save the record without
+        # validating
+        def generate_reset_password_token!
+          generate_reset_password_token && save(:validate => false)
+        end
+        # Removes reset_password token
+        def clear_reset_password_token
+          self.reset_password_token = nil
+          self.reset_password_sent_at = nil
+        end
+        def after_password_reset
+        end
+      module ClassMethods
+        # Attempt to find a user by its email. If a record is found, send new
+        # password instructions to it. If not user is found, returns a new user
+        # with an email not found error.
+        # Attributes must contain the user email
+        def send_reset_password_instructions(attributes={})
+          recoverable = find_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
+          recoverable.send_reset_password_instructions if recoverable.persisted?
+          recoverable
+        end
+        # Generate a token checking if one does not already exist in the database.
+        def reset_password_token
+          generate_token(:reset_password_token)
+        end
+        # Attempt to find a user by its reset_password_token to reset its
+        # password. If a user is found and token is still valid, reset its password and automatically
+        # try saving the record. If not user is found, returns a new user
+        # containing an error in reset_password_token attribute.
+        # Attributes must contain reset_password_token, password and confirmation
+        def reset_password_by_token(attributes={})
+          recoverable = find_or_initialize_with_error_by(:reset_password_token, attributes[:reset_password_token])
+          if recoverable.persisted?
+            if recoverable.reset_password_period_valid?
+              recoverable.reset_password!(attributes[:password], attributes[:password_confirmation])
+            else
+              recoverable.errors.add(:reset_password_token, :expired)
+            end
+          end
+          recoverable
+        end
+        Devise::Models.config(self, :reset_password_keys, :reset_password_within)
+      end
+    end
+  end
+end

data/lib/devise/models/registerable.rb ADDED

@@ -0,0 +1,21 @@
+module Devise
+  module Models
+    # Registerable is responsible for everything related to registering a new
+    # resource (ie user sign up).
+    module Registerable
+      extend ActiveSupport::Concern
+      module ClassMethods
+        # A convenience method that receives both parameters and session to
+        # initialize a user. This can be used by OAuth, for example, to send
+        # in the user token and be stored on initialization.
+        #
+        # By default discards all information sent by the session by calling
+        # new with params.
+        def new_with_session(params, session)
+          new(params)
+        end
+      end
+    end
+  end
+end

data/lib/devise/models/rememberable.rb ADDED

@@ -0,0 +1,114 @@
+require 'devise/strategies/rememberable'
+require 'devise/hooks/rememberable'
+require 'devise/hooks/forgetable'
+module Devise
+  module Models
+    # Rememberable manages generating and clearing token for remember the user
+    # from a saved cookie. Rememberable also has utility methods for dealing
+    # with serializing the user into the cookie and back from the cookie, trying
+    # to lookup the record based on the saved information.
+    # You probably wouldn't use rememberable methods directly, they are used
+    # mostly internally for handling the remember token.
+    #
+    # == Options
+    #
+    # Rememberable adds the following options in devise_for:
+    #
+    #   * +remember_for+: the time you want the user will be remembered without
+    #     asking for credentials. After this time the user will be blocked and
+    #     will have to enter his credentials again. This configuration is also
+    #     used to calculate the expires time for the cookie created to remember
+    #     the user. By default remember_for is 2.weeks.
+    #
+    #   * +extend_remember_period+: if true, extends the user's remember period
+    #     when remembered via cookie. False by default.
+    #
+    #   * +cookie_options+: configuration options passed to the created cookie.
+    #
+    # == Examples
+    #
+    #   User.find(1).remember_me!  # regenerating the token
+    #   User.find(1).forget_me!    # clearing the token
+    #
+    #   # generating info to put into cookies
+    #   User.serialize_into_cookie(user)
+    #
+    #   # lookup the user based on the incoming cookie information
+    #   User.serialize_from_cookie(cookie_string)
+    module Rememberable
+      extend ActiveSupport::Concern
+      attr_accessor :remember_me, :extend_remember_period
+      # Generate a new remember token and save the record without validations
+      # unless remember_across_browsers is true and the user already has a valid token.
+      def remember_me!(extend_period=false)
+        self.remember_created_at = Time.now.utc if generate_remember_timestamp?(extend_period)
+        save(:validate => false)
+      end
+      # If the record is persisted, remove the remember token (but only if
+      # it exists), and save the record without validations.
+      def forget_me!
+        if persisted?
+          self.remember_token = nil if respond_to?(:remember_token=)
+          self.remember_created_at = nil
+          save(:validate => false)
+        end
+      end
+      # Remember token should be expired if expiration time not overpass now.
+      def remember_expired?
+        remember_created_at.nil? || (remember_expires_at <= Time.now.utc)
+      end
+      # Remember token expires at created time + remember_for configuration
+      def remember_expires_at
+        remember_created_at + self.class.remember_for
+      end
+      def rememberable_value
+        if respond_to?(:authenticatable_salt) && (salt = authenticatable_salt)
+          salt
+        else
+          raise "The #{self.class.name} class does not respond to remember_token and " <<
+            "authenticatable_salt returns nil. In order to use rememberable, you must " <<
+            "add a remember_token field to your model or ensure a password is always set."
+        end
+      end
+      def cookie_options
+        self.class.cookie_options
+      end
+    protected
+      # Generate a timestamp if extend_remember_period is true, if no remember_token
+      # exists, or if an existing remember token has expired.
+      def generate_remember_timestamp?(extend_period) #:nodoc:
+        extend_period || remember_created_at.nil? || remember_expired?
+      end
+      module ClassMethods
+        # Create the cookie key using the record id and remember_token
+        def serialize_into_cookie(record)
+          [record.to_key, record.rememberable_value]
+        end
+        # Recreate the user based on the stored cookie
+        def serialize_from_cookie(id, remember_token)
+          record = to_adapter.get(id)
+          record if record && record.rememberable_value == remember_token && !record.remember_expired?
+        end
+        # Generate a token checking if one does not already exist in the database.
+        def remember_token
+          generate_token(:remember_token)
+        end
+        Devise::Models.config(self, :remember_for, :extend_remember_period, :cookie_options)
+      end
+    end
+  end
+end

data/lib/devise/models/serializable.rb ADDED

@@ -0,0 +1,43 @@
+module Devise
+  module Models
+    # This module redefine to_xml and serializable_hash in models for more
+    # secure defaults. By default, it removes from the serializable model
+    # all attributes that are *not* accessible. You can remove this default
+    # by using :force_except and passing a new list of attributes you want
+    # to exempt. All attributes given to :except will simply add names to
+    # exempt to Devise internal list.
+    module Serializable
+      extend ActiveSupport::Concern
+      # TODO: to_xml does not call serializable_hash. Hopefully someone will fix this in AR.
+      %w(to_xml serializable_hash).each do |method|
+        class_eval <<-RUBY, __FILE__, __LINE__
+          def #{method}(options=nil)
+            options ||= {}
+            if options.key?(:force_except)
+              options[:except] = options.delete(:force_except)
+              super(options)
+            elsif self.class.blacklist_keys?
+              except = Array(options[:except])
+              super(options.merge(:except => except + self.class.blacklist_keys))
+            else
+              super
+            end
+          end
+        RUBY
+      end
+      module ClassMethods
+        # Return true if we can retrieve blacklist keys from the record.
+        def blacklist_keys?
+          @has_except_keys ||= respond_to?(:accessible_attributes) && !accessible_attributes.to_a.empty?
+        end
+        # Returns keys that should be removed when serializing the record.
+        def blacklist_keys
+          @blacklist_keys ||= to_adapter.column_names.map(&:to_s) - accessible_attributes.to_a.map(&:to_s)
+        end
+      end
+    end
+  end
+end

data/lib/devise/models/timeoutable.rb ADDED

@@ -0,0 +1,45 @@
+require 'devise/hooks/timeoutable'
+module Devise
+  module Models
+    # Timeoutable takes care of veryfing whether a user session has already
+    # expired or not. When a session expires after the configured time, the user
+    # will be asked for credentials again, it means, he/she will be redirected
+    # to the sign in page.
+    #
+    # == Options
+    #
+    # Timeoutable adds the following options to devise_for:
+    #
+    #   * +timeout_in+: the interval to timeout the user session without activity.
+    #
+    # == Examples
+    #
+    #   user.timedout?(30.minutes.ago)
+    #
+    module Timeoutable
+      extend ActiveSupport::Concern
+      # Checks whether the user session has expired based on configured time.
+      def timedout?(last_access)
+        return false if remember_exists_and_not_expired?
+        !timeout_in.nil? && last_access && last_access <= timeout_in.ago
+      end
+      def timeout_in
+        self.class.timeout_in
+      end
+      private
+      def remember_exists_and_not_expired?
+        return false unless respond_to?(:remember_created_at)
+        remember_created_at && !remember_expired?
+      end
+      module ClassMethods
+        Devise::Models.config(self, :timeout_in)
+      end
+    end
+  end
+end

data/lib/devise/models/token_authenticatable.rb ADDED

@@ -0,0 +1,72 @@
+require 'devise/strategies/token_authenticatable'
+module Devise
+  module Models
+    # The TokenAuthenticatable module is responsible for generating an authentication token and
+    # validating the authenticity of the same while signing in.
+    #
+    # This module only provides a few helpers to help you manage the token, but it is up to you
+    # to choose how to use it. For example, if you want to have a new token every time the user
+    # saves his account, you can do the following:
+    #
+    #   before_save :reset_authentication_token
+    #
+    # On the other hand, if you want to generate token unless one exists, you should use instead:
+    #
+    #   before_save :ensure_authentication_token
+    #
+    # If you want to delete the token after it is used, you can do so in the
+    # after_token_authentication callback.
+    #
+    # == Options
+    #
+    # TokenAuthenticatable adds the following options to devise_for:
+    #
+    #   * +token_authentication_key+: Defines name of the authentication token params key. E.g. /users/sign_in?some_key=...
+    #
+    #   * +stateless_token+: By default, when you sign up with a token, Devise will store the user in session
+    #     as any other authentication strategy. You can set stateless_token to true to avoid this.
+    #
+    module TokenAuthenticatable
+      extend ActiveSupport::Concern
+      # Generate new authentication token (a.k.a. "single access token").
+      def reset_authentication_token
+        self.authentication_token = self.class.authentication_token
+      end
+      # Generate new authentication token and save the record.
+      def reset_authentication_token!
+        reset_authentication_token
+        save(:validate => false)
+      end
+      # Generate authentication token unless already exists.
+      def ensure_authentication_token
+        reset_authentication_token if authentication_token.blank?
+      end
+      # Generate authentication token unless already exists and save the record.
+      def ensure_authentication_token!
+        reset_authentication_token! if authentication_token.blank?
+      end
+      # Hook called after token authentication.
+      def after_token_authentication
+      end
+      module ClassMethods
+        def find_for_token_authentication(conditions)
+          find_for_authentication(:authentication_token => conditions[token_authentication_key])
+        end
+        # Generate a token checking if one does not already exist in the database.
+        def authentication_token
+          generate_token(:authentication_token)
+        end
+        ::Devise::Models.config(self, :token_authentication_key, :stateless_token)
+      end
+    end
+  end
+end