dcu-devise 1.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (139) hide show
  1. data/CHANGELOG.rdoc +378 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +260 -0
  4. data/Rakefile +53 -0
  5. data/TODO +2 -0
  6. data/app/controllers/confirmations_controller.rb +33 -0
  7. data/app/controllers/passwords_controller.rb +41 -0
  8. data/app/controllers/registrations_controller.rb +53 -0
  9. data/app/controllers/sessions_controller.rb +44 -0
  10. data/app/controllers/unlocks_controller.rb +41 -0
  11. data/app/models/devise_mailer.rb +68 -0
  12. data/app/views/confirmations/new.html.erb +12 -0
  13. data/app/views/devise_mailer/confirmation_instructions.html.erb +5 -0
  14. data/app/views/devise_mailer/reset_password_instructions.html.erb +8 -0
  15. data/app/views/devise_mailer/unlock_instructions.html.erb +7 -0
  16. data/app/views/passwords/edit.html.erb +16 -0
  17. data/app/views/passwords/new.html.erb +12 -0
  18. data/app/views/registrations/edit.html.erb +25 -0
  19. data/app/views/registrations/new.html.erb +17 -0
  20. data/app/views/sessions/new.html.erb +17 -0
  21. data/app/views/shared/_devise_links.erb +19 -0
  22. data/app/views/unlocks/new.html.erb +12 -0
  23. data/generators/devise/USAGE +5 -0
  24. data/generators/devise/devise_generator.rb +15 -0
  25. data/generators/devise/lib/route_devise.rb +32 -0
  26. data/generators/devise/templates/migration.rb +23 -0
  27. data/generators/devise/templates/model.rb +9 -0
  28. data/generators/devise_install/USAGE +3 -0
  29. data/generators/devise_install/devise_install_generator.rb +15 -0
  30. data/generators/devise_install/templates/README +23 -0
  31. data/generators/devise_install/templates/devise.rb +105 -0
  32. data/generators/devise_views/USAGE +3 -0
  33. data/generators/devise_views/devise_views_generator.rb +21 -0
  34. data/lib/devise.rb +264 -0
  35. data/lib/devise/controllers/helpers.rb +200 -0
  36. data/lib/devise/controllers/internal_helpers.rb +129 -0
  37. data/lib/devise/controllers/url_helpers.rb +41 -0
  38. data/lib/devise/encryptors/authlogic_sha512.rb +21 -0
  39. data/lib/devise/encryptors/base.rb +20 -0
  40. data/lib/devise/encryptors/bcrypt.rb +21 -0
  41. data/lib/devise/encryptors/clearance_sha1.rb +19 -0
  42. data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
  43. data/lib/devise/encryptors/sha1.rb +27 -0
  44. data/lib/devise/encryptors/sha512.rb +27 -0
  45. data/lib/devise/failure_app.rb +65 -0
  46. data/lib/devise/hooks/activatable.rb +15 -0
  47. data/lib/devise/hooks/rememberable.rb +32 -0
  48. data/lib/devise/hooks/timeoutable.rb +18 -0
  49. data/lib/devise/hooks/trackable.rb +18 -0
  50. data/lib/devise/locales/en.yml +35 -0
  51. data/lib/devise/mapping.rb +128 -0
  52. data/lib/devise/models.rb +117 -0
  53. data/lib/devise/models/activatable.rb +16 -0
  54. data/lib/devise/models/confirmable.rb +162 -0
  55. data/lib/devise/models/database_authenticatable.rb +144 -0
  56. data/lib/devise/models/http_authenticatable.rb +21 -0
  57. data/lib/devise/models/lockable.rb +150 -0
  58. data/lib/devise/models/recoverable.rb +80 -0
  59. data/lib/devise/models/registerable.rb +8 -0
  60. data/lib/devise/models/rememberable.rb +92 -0
  61. data/lib/devise/models/timeoutable.rb +28 -0
  62. data/lib/devise/models/token_authenticatable.rb +89 -0
  63. data/lib/devise/models/trackable.rb +16 -0
  64. data/lib/devise/models/validatable.rb +39 -0
  65. data/lib/devise/orm/active_record.rb +41 -0
  66. data/lib/devise/orm/data_mapper.rb +83 -0
  67. data/lib/devise/orm/mongo_mapper.rb +47 -0
  68. data/lib/devise/rails.rb +14 -0
  69. data/lib/devise/rails/routes.rb +125 -0
  70. data/lib/devise/rails/warden_compat.rb +25 -0
  71. data/lib/devise/schema.rb +73 -0
  72. data/lib/devise/strategies/base.rb +16 -0
  73. data/lib/devise/strategies/database_authenticatable.rb +36 -0
  74. data/lib/devise/strategies/http_authenticatable.rb +59 -0
  75. data/lib/devise/strategies/rememberable.rb +37 -0
  76. data/lib/devise/strategies/token_authenticatable.rb +37 -0
  77. data/lib/devise/test_helpers.rb +90 -0
  78. data/lib/devise/version.rb +3 -0
  79. data/rails/init.rb +2 -0
  80. data/test/controllers/helpers_test.rb +177 -0
  81. data/test/controllers/internal_helpers_test.rb +55 -0
  82. data/test/controllers/url_helpers_test.rb +47 -0
  83. data/test/devise_test.rb +74 -0
  84. data/test/encryptors_test.rb +31 -0
  85. data/test/failure_app_test.rb +44 -0
  86. data/test/integration/authenticatable_test.rb +271 -0
  87. data/test/integration/confirmable_test.rb +97 -0
  88. data/test/integration/http_authenticatable_test.rb +52 -0
  89. data/test/integration/lockable_test.rb +102 -0
  90. data/test/integration/rack_middleware_test.rb +47 -0
  91. data/test/integration/recoverable_test.rb +141 -0
  92. data/test/integration/registerable_test.rb +144 -0
  93. data/test/integration/rememberable_test.rb +71 -0
  94. data/test/integration/timeoutable_test.rb +68 -0
  95. data/test/integration/token_authenticatable_test.rb +55 -0
  96. data/test/integration/trackable_test.rb +64 -0
  97. data/test/mailers/confirmation_instructions_test.rb +86 -0
  98. data/test/mailers/reset_password_instructions_test.rb +68 -0
  99. data/test/mailers/unlock_instructions_test.rb +62 -0
  100. data/test/mapping_test.rb +148 -0
  101. data/test/models/authenticatable_test.rb +180 -0
  102. data/test/models/confirmable_test.rb +212 -0
  103. data/test/models/lockable_test.rb +202 -0
  104. data/test/models/recoverable_test.rb +138 -0
  105. data/test/models/rememberable_test.rb +135 -0
  106. data/test/models/timeoutable_test.rb +28 -0
  107. data/test/models/token_authenticatable_test.rb +51 -0
  108. data/test/models/trackable_test.rb +5 -0
  109. data/test/models/validatable_test.rb +106 -0
  110. data/test/models_test.rb +70 -0
  111. data/test/orm/active_record.rb +31 -0
  112. data/test/orm/mongo_mapper.rb +20 -0
  113. data/test/rails_app/app/active_record/admin.rb +7 -0
  114. data/test/rails_app/app/active_record/user.rb +7 -0
  115. data/test/rails_app/app/controllers/admins_controller.rb +6 -0
  116. data/test/rails_app/app/controllers/application_controller.rb +12 -0
  117. data/test/rails_app/app/controllers/home_controller.rb +4 -0
  118. data/test/rails_app/app/controllers/users_controller.rb +16 -0
  119. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  120. data/test/rails_app/app/mongo_mapper/admin.rb +13 -0
  121. data/test/rails_app/app/mongo_mapper/user.rb +14 -0
  122. data/test/rails_app/config/boot.rb +110 -0
  123. data/test/rails_app/config/environment.rb +42 -0
  124. data/test/rails_app/config/environments/development.rb +17 -0
  125. data/test/rails_app/config/environments/production.rb +28 -0
  126. data/test/rails_app/config/environments/test.rb +28 -0
  127. data/test/rails_app/config/initializers/devise.rb +82 -0
  128. data/test/rails_app/config/initializers/inflections.rb +2 -0
  129. data/test/rails_app/config/initializers/new_rails_defaults.rb +24 -0
  130. data/test/rails_app/config/initializers/session_store.rb +15 -0
  131. data/test/rails_app/config/routes.rb +21 -0
  132. data/test/routes_test.rb +110 -0
  133. data/test/support/assertions_helper.rb +37 -0
  134. data/test/support/integration_tests_helper.rb +71 -0
  135. data/test/support/test_silencer.rb +5 -0
  136. data/test/support/tests_helper.rb +39 -0
  137. data/test/test_helper.rb +21 -0
  138. data/test/test_helpers_test.rb +57 -0
  139. metadata +213 -0
@@ -0,0 +1,47 @@
1
+ module Devise
2
+ module Orm
3
+ module MongoMapper
4
+ module InstanceMethods
5
+ def save(options={})
6
+ if options == false
7
+ super(:validate => false)
8
+ else
9
+ super
10
+ end
11
+ end
12
+ end
13
+
14
+ def self.included_modules_hook(klass)
15
+ klass.send :extend, self
16
+ klass.send :include, InstanceMethods
17
+ yield
18
+
19
+ klass.devise_modules.each do |mod|
20
+ klass.send(mod) if klass.respond_to?(mod)
21
+ end
22
+ end
23
+
24
+ def find(*args)
25
+ case args.first
26
+ when :first, :all
27
+ send(args.shift, *args)
28
+ else
29
+ super
30
+ end
31
+ end
32
+
33
+ include Devise::Schema
34
+
35
+ # Tell how to apply schema methods. This automatically converts DateTime
36
+ # to Time, since MongoMapper does not recognize the former.
37
+ def apply_schema(name, type, options={})
38
+ return unless Devise.apply_schema
39
+ type = Time if type == DateTime
40
+ key name, type, options
41
+ end
42
+ end
43
+ end
44
+ end
45
+
46
+ MongoMapper::Document.extra_extensions << Devise::Models
47
+ MongoMapper::EmbeddedDocument.extra_extensions << Devise::Models
@@ -0,0 +1,14 @@
1
+ require 'devise/rails/routes'
2
+ require 'devise/rails/warden_compat'
3
+
4
+ Rails.configuration.after_initialize do
5
+ require "devise/orm/#{Devise.orm}"
6
+
7
+ # Adds Warden Manager to Rails middleware stack, configuring default devise
8
+ # strategy and also the failure app.
9
+ Rails.configuration.middleware.use Warden::Manager do |config|
10
+ Devise.configure_warden(config)
11
+ end
12
+
13
+ I18n.load_path.unshift File.expand_path(File.join(File.dirname(__FILE__), 'locales', 'en.yml'))
14
+ end
@@ -0,0 +1,125 @@
1
+ module ActionController::Routing
2
+ class RouteSet #:nodoc:
3
+
4
+ # Ensure Devise modules are included only after loading routes, because we
5
+ # need devise_for mappings already declared to create magic filters and
6
+ # helpers.
7
+ def load_routes_with_devise!
8
+ load_routes_without_devise!
9
+ return if Devise.mappings.empty?
10
+
11
+ ActionController::Base.send :include, Devise::Controllers::Helpers
12
+ ActionController::Base.send :include, Devise::Controllers::UrlHelpers
13
+
14
+ ActionView::Base.send :include, Devise::Controllers::UrlHelpers
15
+ end
16
+ alias_method_chain :load_routes!, :devise
17
+
18
+ class Mapper #:doc:
19
+ # Includes devise_for method for routes. This method is responsible to
20
+ # generate all needed routes for devise, based on what modules you have
21
+ # defined in your model.
22
+ # Examples: Let's say you have an User model configured to use
23
+ # authenticatable, confirmable and recoverable modules. After creating this
24
+ # inside your routes:
25
+ #
26
+ # map.devise_for :users
27
+ #
28
+ # this method is going to look inside your User model and create the
29
+ # needed routes:
30
+ #
31
+ # # Session routes for Authenticatable (default)
32
+ # new_user_session GET /users/sign_in {:controller=>"sessions", :action=>"new"}
33
+ # user_session POST /users/sign_in {:controller=>"sessions", :action=>"create"}
34
+ # destroy_user_session GET /users/sign_out {:controller=>"sessions", :action=>"destroy"}
35
+ #
36
+ # # Password routes for Recoverable, if User model has :recoverable configured
37
+ # new_user_password GET /users/password/new(.:format) {:controller=>"passwords", :action=>"new"}
38
+ # edit_user_password GET /users/password/edit(.:format) {:controller=>"passwords", :action=>"edit"}
39
+ # user_password PUT /users/password(.:format) {:controller=>"passwords", :action=>"update"}
40
+ # POST /users/password(.:format) {:controller=>"passwords", :action=>"create"}
41
+ #
42
+ # # Confirmation routes for Confirmable, if User model has :confirmable configured
43
+ # new_user_confirmation GET /users/confirmation/new(.:format) {:controller=>"confirmations", :action=>"new"}
44
+ # user_confirmation GET /users/confirmation(.:format) {:controller=>"confirmations", :action=>"show"}
45
+ # POST /users/confirmation(.:format) {:controller=>"confirmations", :action=>"create"}
46
+ #
47
+ # You can configure your routes with some options:
48
+ #
49
+ # * :class_name => setup a different class to be looked up by devise, if it cannot be correctly find by the route name.
50
+ #
51
+ # map.devise_for :users, :class_name => 'Account'
52
+ #
53
+ # * :as => allows you to setup path name that will be used, as rails routes does. The following route configuration would setup your route as /accounts instead of /users:
54
+ #
55
+ # map.devise_for :users, :as => 'accounts'
56
+ #
57
+ # * :scope => setup the scope name. This is used as the instance variable name in controller, as the name in routes and the scope given to warden. Defaults to the singular of the given name:
58
+ #
59
+ # map.devise_for :users, :scope => :account
60
+ #
61
+ # * :path_names => configure different path names to overwrite defaults :sign_in, :sign_out, :password and :confirmation.
62
+ #
63
+ # map.devise_for :users, :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification' }
64
+ #
65
+ # * :path_prefix => the path prefix to be used in all routes.
66
+ #
67
+ # map.devise_for :users, :path_prefix => "/:locale"
68
+ #
69
+ # Any other options will be passed to route definition. If you need conditions for your routes, just map:
70
+ #
71
+ # map.devise_for :users, :conditions => { :subdomain => /.+/ }
72
+ #
73
+ # If you are using a dynamic prefix, like :locale above, you need to configure default_url_options through Devise. You can do that in config/initializers/devise.rb or setting a Devise.default_url_options:
74
+ #
75
+ # Devise.default_url_options do
76
+ # { :locale => I18n.locale }
77
+ # end
78
+ #
79
+ def devise_for(*resources)
80
+ options = resources.extract_options!
81
+
82
+ resources.map!(&:to_sym)
83
+ resources.each do |resource|
84
+ mapping = Devise::Mapping.new(resource, options.dup)
85
+ Devise.default_scope ||= mapping.name
86
+ Devise.mappings[mapping.name] = mapping
87
+
88
+ route_options = mapping.route_options.merge(:path_prefix => mapping.raw_path, :name_prefix => "#{mapping.name}_")
89
+
90
+ with_options(route_options) do |routes|
91
+ mapping.for.each do |mod|
92
+ send(mod, routes, mapping) if self.respond_to?(mod, true)
93
+ end
94
+ end
95
+ end
96
+ end
97
+
98
+ protected
99
+
100
+ def database_authenticatable(routes, mapping)
101
+ routes.with_options(:controller => 'sessions', :name_prefix => nil) do |session|
102
+ session.send(:"new_#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'new', :conditions => { :method => :get })
103
+ session.send(:"#{mapping.name}_session", mapping.path_names[:sign_in], :action => 'create', :conditions => { :method => :post })
104
+ session.send(:"destroy_#{mapping.name}_session", mapping.path_names[:sign_out], :action => 'destroy', :conditions => { :method => :get })
105
+ end
106
+ end
107
+
108
+ def confirmable(routes, mapping)
109
+ routes.resource :confirmation, :only => [:new, :create, :show], :as => mapping.path_names[:confirmation]
110
+ end
111
+
112
+ def lockable(routes, mapping)
113
+ routes.resource :unlock, :only => [:new, :create, :show], :as => mapping.path_names[:unlock]
114
+ end
115
+
116
+ def recoverable(routes, mapping)
117
+ routes.resource :password, :only => [:new, :create, :edit, :update], :as => mapping.path_names[:password]
118
+ end
119
+
120
+ def registerable(routes, mapping)
121
+ routes.resource :registration, :only => [:new, :create, :edit, :update, :destroy], :as => mapping.raw_path[1..-1], :path_prefix => nil, :path_names => { :new => mapping.path_names[:sign_up] }
122
+ end
123
+ end
124
+ end
125
+ end
@@ -0,0 +1,25 @@
1
+ module Warden::Mixins::Common
2
+ def request
3
+ @request ||= env['action_controller.rescue.request']
4
+ end
5
+
6
+ def reset_session!
7
+ raw_session.inspect # why do I have to inspect it to get it to clear?
8
+ raw_session.clear
9
+ end
10
+
11
+ def response
12
+ @response ||= env['action_controller.rescue.response']
13
+ end
14
+ end
15
+
16
+ class Warden::SessionSerializer
17
+ def serialize(record)
18
+ [record.class, record.id]
19
+ end
20
+
21
+ def deserialize(keys)
22
+ klass, id = keys
23
+ klass.find(:first, :conditions => { :id => id })
24
+ end
25
+ end
@@ -0,0 +1,73 @@
1
+ module Devise
2
+ # Holds devise schema information. To use it, just include its methods
3
+ # and overwrite the apply_schema method.
4
+ module Schema
5
+
6
+ def authenticatable(*args)
7
+ ActiveSupport::Deprecation.warn "t.authenticatable in migrations is deprecated. Please use t.database_authenticatable instead.", caller
8
+ database_authenticatable(*args)
9
+ end
10
+
11
+ # Creates email, encrypted_password and password_salt.
12
+ #
13
+ # == Options
14
+ # * :null - When true, allow columns to be null.
15
+ def database_authenticatable(options={})
16
+ null = options[:null] || false
17
+ default = options[:default] || ""
18
+
19
+ if options.delete(:encryptor)
20
+ ActiveSupport::Deprecation.warn ":encryptor as option is deprecated, simply remove it."
21
+ end
22
+
23
+ apply_schema :email, String, :null => null, :default => default
24
+ apply_schema :encrypted_password, String, :null => null, :default => default, :limit => 128
25
+ apply_schema :password_salt, String, :null => null, :default => default
26
+ end
27
+
28
+ # Creates authentication_token.
29
+ def token_authenticatable
30
+ apply_schema :authentication_token, String
31
+ end
32
+
33
+ # Creates confirmation_token, confirmed_at and confirmation_sent_at.
34
+ def confirmable
35
+ apply_schema :confirmation_token, String
36
+ apply_schema :confirmed_at, DateTime
37
+ apply_schema :confirmation_sent_at, DateTime
38
+ end
39
+
40
+ # Creates reset_password_token.
41
+ def recoverable
42
+ apply_schema :reset_password_token, String
43
+ end
44
+
45
+ # Creates remember_token and remember_created_at.
46
+ def rememberable
47
+ apply_schema :remember_token, String
48
+ apply_schema :remember_created_at, DateTime
49
+ end
50
+
51
+ # Creates sign_in_count, current_sign_in_at, last_sign_in_at,
52
+ # current_sign_in_ip, last_sign_in_ip.
53
+ def trackable
54
+ apply_schema :sign_in_count, Integer, :default => 0
55
+ apply_schema :current_sign_in_at, DateTime
56
+ apply_schema :last_sign_in_at, DateTime
57
+ apply_schema :current_sign_in_ip, String
58
+ apply_schema :last_sign_in_ip, String
59
+ end
60
+
61
+ # Creates failed_attempts, unlock_token and locked_at
62
+ def lockable
63
+ apply_schema :failed_attempts, Integer, :default => 0
64
+ apply_schema :unlock_token, String
65
+ apply_schema :locked_at, DateTime
66
+ end
67
+
68
+ # Overwrite with specific modification to create your own schema.
69
+ def apply_schema(name, type, options={})
70
+ raise NotImplementedError
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,16 @@
1
+ module Devise
2
+ module Strategies
3
+ # Base strategy for Devise. Responsible for verifying correct scope and mapping.
4
+ class Base < ::Warden::Strategies::Base
5
+ # Checks if a valid scope was given for devise and find mapping based on
6
+ # this scope.
7
+ def mapping
8
+ @mapping ||= begin
9
+ mapping = Devise.mappings[scope]
10
+ raise "Could not find mapping for #{scope}" unless mapping
11
+ mapping
12
+ end
13
+ end
14
+ end
15
+ end
16
+ end
@@ -0,0 +1,36 @@
1
+ require 'devise/strategies/base'
2
+
3
+ module Devise
4
+ module Strategies
5
+ # Default strategy for signing in a user, based on his email and password.
6
+ # Redirects to sign_in page if it's not authenticated
7
+ class DatabaseAuthenticatable < Base
8
+ def valid?
9
+ valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate)
10
+ end
11
+
12
+ # Authenticate a user based on email and password params, returning to warden
13
+ # success and the authenticated user if everything is okay. Otherwise redirect
14
+ # to sign in page.
15
+ def authenticate!
16
+ if resource = mapping.to.authenticate(params[scope])
17
+ success!(resource)
18
+ else
19
+ fail(:invalid)
20
+ end
21
+ end
22
+
23
+ protected
24
+
25
+ def valid_controller?
26
+ params[:controller] =~ /sessions$/
27
+ end
28
+
29
+ def valid_params?
30
+ params[scope] && params[scope][:password].present?
31
+ end
32
+ end
33
+ end
34
+ end
35
+
36
+ Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)
@@ -0,0 +1,59 @@
1
+ require 'devise/strategies/base'
2
+
3
+ module Devise
4
+ module Strategies
5
+ # Sign in an user using HTTP authentication.
6
+ class HttpAuthenticatable < Base
7
+ def valid?
8
+ http_authentication? && mapping.to.respond_to?(:authenticate_with_http)
9
+ end
10
+
11
+ def authenticate!
12
+ username, password = username_and_password
13
+
14
+ if resource = mapping.to.authenticate_with_http(username, password)
15
+ success!(resource)
16
+ else
17
+ custom!([401, custom_headers, [response_body]])
18
+ end
19
+ end
20
+
21
+ private
22
+
23
+ def username_and_password
24
+ decode_credentials(request).split(/:/, 2)
25
+ end
26
+
27
+ def response_body
28
+ body = "HTTP Basic: Access denied."
29
+ method = :"to_#{request_format.to_sym}"
30
+ {}.respond_to?(method) ? { :error => body }.send(method) : body
31
+ end
32
+
33
+ def http_authentication
34
+ request.env['HTTP_AUTHORIZATION'] ||
35
+ request.env['X-HTTP_AUTHORIZATION'] ||
36
+ request.env['X_HTTP_AUTHORIZATION'] ||
37
+ request.env['REDIRECT_X_HTTP_AUTHORIZATION']
38
+ end
39
+ alias :http_authentication? :http_authentication
40
+
41
+ def decode_credentials(request)
42
+ ActiveSupport::Base64.decode64(http_authentication.split(' ', 2).last || '')
43
+ end
44
+
45
+ def custom_headers
46
+ {
47
+ "Content-Type" => request_format.to_s,
48
+ "WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
49
+ }
50
+ end
51
+
52
+ def request_format
53
+ @request_format ||= Mime::Type.lookup_by_extension(request.template_format.to_s)
54
+ end
55
+ end
56
+ end
57
+ end
58
+
59
+ Warden::Strategies.add(:http_authenticatable, Devise::Strategies::HttpAuthenticatable)
@@ -0,0 +1,37 @@
1
+ require 'devise/strategies/base'
2
+
3
+ module Devise
4
+ module Strategies
5
+ # Remember the user through the remember token. This strategy is responsible
6
+ # to verify whether there is a cookie with the remember token, and to
7
+ # recreate the user from this cookie if it exists. Must be called *before*
8
+ # authenticatable.
9
+ class Rememberable < Devise::Strategies::Base
10
+
11
+ # A valid strategy for rememberable needs a remember token in the cookies.
12
+ def valid?
13
+ remember_me_cookie.present? && mapping.to.respond_to?(:serialize_from_cookie)
14
+ end
15
+
16
+ # To authenticate a user we deserialize the cookie and attempt finding
17
+ # the record in the database. If the attempt fails, we pass to another
18
+ # strategy handle the authentication.
19
+ def authenticate!
20
+ if resource = mapping.to.serialize_from_cookie(remember_me_cookie)
21
+ success!(resource)
22
+ else
23
+ pass
24
+ end
25
+ end
26
+
27
+ private
28
+
29
+ # Accessor for remember cookie
30
+ def remember_me_cookie
31
+ @remember_me_cookie ||= request.cookies["remember_#{mapping.name}_token"]
32
+ end
33
+ end
34
+ end
35
+ end
36
+
37
+ Warden::Strategies.add(:rememberable, Devise::Strategies::Rememberable)
@@ -0,0 +1,37 @@
1
+ require 'devise/strategies/base'
2
+
3
+ module Devise
4
+ module Strategies
5
+ # Strategy for signing in a user, based on a authenticatable token.
6
+ # Redirects to sign_in page if it's not authenticated.
7
+ class TokenAuthenticatable < Base
8
+ def valid?
9
+ mapping.to.respond_to?(:authenticate_with_token) && authentication_token(scope).present?
10
+ end
11
+
12
+ # Authenticate a user based on authenticatable token params, returning to warden
13
+ # success and the authenticated user if everything is okay. Otherwise redirect
14
+ # to sign in page.
15
+ def authenticate!
16
+ if resource = mapping.to.authenticate_with_token(params[scope] || params)
17
+ success!(resource)
18
+ else
19
+ fail!(:invalid_token)
20
+ end
21
+ end
22
+
23
+ private
24
+
25
+ # Detect authentication token in params: scoped or not.
26
+ def authentication_token(scope)
27
+ if params[scope]
28
+ params[scope][mapping.to.token_authentication_key]
29
+ else
30
+ params[mapping.to.token_authentication_key]
31
+ end
32
+ end
33
+ end
34
+ end
35
+ end
36
+
37
+ Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)