dcu-devise 1.0.7

data/lib/devise/orm/mongo_mapper.rb

@@ -0,0 +1,47 @@
+module Devise
+  module Orm
+    module MongoMapper
+      module InstanceMethods
+        def save(options={})
+          if options == false
+            super(:validate => false)
+          else
+            super
+          end
+        end
+      end
+
+      def self.included_modules_hook(klass)
+        klass.send :extend,  self
+        klass.send :include, InstanceMethods
+        yield
+
+        klass.devise_modules.each do |mod|
+          klass.send(mod) if klass.respond_to?(mod)
+        end
+      end
+
+      def find(*args)
+        case args.first
+        when :first, :all
+          send(args.shift, *args)
+        else
+          super
+        end
+      end
+
+      include Devise::Schema
+
+      # Tell how to apply schema methods. This automatically converts DateTime
+      # to Time, since MongoMapper does not recognize the former.
+      def apply_schema(name, type, options={})
+        return unless Devise.apply_schema
+        type = Time if type == DateTime
+        key name, type, options
+      end
+    end
+  end
+end
+
+MongoMapper::Document.extra_extensions << Devise::Models
+MongoMapper::EmbeddedDocument.extra_extensions << Devise::Models

data/lib/devise/rails.rb

@@ -0,0 +1,14 @@
+require 'devise/rails/routes'
+require 'devise/rails/warden_compat'
+
+Rails.configuration.after_initialize do
+  require "devise/orm/#{Devise.orm}"
+
+  # Adds Warden Manager to Rails middleware stack, configuring default devise
+  # strategy and also the failure app.
+  Rails.configuration.middleware.use Warden::Manager do |config|
+    Devise.configure_warden(config)
+  end
+
+  I18n.load_path.unshift File.expand_path(File.join(File.dirname(__FILE__), 'locales', 'en.yml'))
+end

data/lib/devise/rails/routes.rb

@@ -0,0 +1,125 @@
+module ActionController::Routing
+  class RouteSet #:nodoc:
+
+    # Ensure Devise modules are included only after loading routes, because we
+    # need devise_for mappings already declared to create magic filters and
+    # helpers.
+    def load_routes_with_devise!
+      load_routes_without_devise!
+      return if Devise.mappings.empty?
+
+      ActionController::Base.send :include, Devise::Controllers::Helpers
+      ActionController::Base.send :include, Devise::Controllers::UrlHelpers
+
+      ActionView::Base.send :include, Devise::Controllers::UrlHelpers
+    end
+    alias_method_chain :load_routes!, :devise
+
+    class Mapper #:doc:
+      # Includes devise_for method for routes. This method is responsible to
+      # generate all needed routes for devise, based on what modules you have
+      # defined in your model.
+      # Examples: Let's say you have an User model configured to use
+      # authenticatable, confirmable and recoverable modules. After creating this
+      # inside your routes:
+      #
+      #   map.devise_for :users
+      #
+      # this method is going to look inside your User model and create the
+      # needed routes:
+      #
+      #  # Session routes for Authenticatable (default)
+      #       new_user_session GET  /users/sign_in                    {:controller=>"sessions", :action=>"new"}
+      #           user_session POST /users/sign_in                    {:controller=>"sessions", :action=>"create"}
+      #   destroy_user_session GET  /users/sign_out                   {:controller=>"sessions", :action=>"destroy"}
+      #
+      #  # Password routes for Recoverable, if User model has :recoverable configured
+      #      new_user_password GET  /users/password/new(.:format)     {:controller=>"passwords", :action=>"new"}
+      #     edit_user_password GET  /users/password/edit(.:format)    {:controller=>"passwords", :action=>"edit"}
+      #          user_password PUT  /users/password(.:format)         {:controller=>"passwords", :action=>"update"}
+      #                        POST /users/password(.:format)         {:controller=>"passwords", :action=>"create"}
+      #
+      #  # Confirmation routes for Confirmable, if User model has :confirmable configured
+      #  new_user_confirmation GET  /users/confirmation/new(.:format) {:controller=>"confirmations", :action=>"new"}
+      #      user_confirmation GET  /users/confirmation(.:format)     {:controller=>"confirmations", :action=>"show"}
+      #                        POST /users/confirmation(.:format)     {:controller=>"confirmations", :action=>"create"}
+      #
+      # You can configure your routes with some options:
+      #
+      #  * :class_name => setup a different class to be looked up by devise, if it cannot be correctly find by the route name.
+      #
+      #    map.devise_for :users, :class_name => 'Account'
+      #
+      #  * :as => allows you to setup path name that will be used, as rails routes does. The following route configuration would setup your route as /accounts instead of /users:
+      #
+      #    map.devise_for :users, :as => 'accounts'
+      #
+      #  * :scope => setup the scope name. This is used as the instance variable name in controller, as the name in routes and the scope given to warden. Defaults to the singular of the given name:
+      #
+      #    map.devise_for :users, :scope => :account
+      #
+      #  * :path_names => configure different path names to overwrite defaults :sign_in, :sign_out, :password and :confirmation.
+      #
+      #    map.devise_for :users, :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification' }
+      #
+      #  * :path_prefix => the path prefix to be used in all routes.
+      #
+      #    map.devise_for :users, :path_prefix => "/:locale"
+      #
+      #  Any other options will be passed to route definition. If you need conditions for your routes, just map:
+      #
+      #    map.devise_for :users, :conditions => { :subdomain => /.+/ }
+      #
+      #  If you are using a dynamic prefix, like :locale above, you need to configure default_url_options through Devise. You can do that in config/initializers/devise.rb or setting a Devise.default_url_options:
+      #
+      #    Devise.default_url_options do
+      #      { :locale => I18n.locale }
+      #    end
+      #
+      def devise_for(*resources)
+        options = resources.extract_options!
+
+        resources.map!(&:to_sym)
+        resources.each do |resource|
+          mapping = Devise::Mapping.new(resource, options.dup)
+          Devise.default_scope ||= mapping.name
+          Devise.mappings[mapping.name] = mapping
+
+          route_options = mapping.route_options.merge(:path_prefix => mapping.raw_path, :name_prefix => "#{mapping.name}_")
+
+          with_options(route_options) do |routes|
+            mapping.for.each do |mod|
+              send(mod, routes, mapping) if self.respond_to?(mod, true)
+            end
+          end
+        end
+      end
+
+      protected
+
+        def database_authenticatable(routes, mapping)
+          routes.with_options(:controller => 'sessions', :name_prefix => nil) do |session|
+            session.send(:"new_#{mapping.name}_session",     mapping.path_names[:sign_in],  :action => 'new',     :conditions => { :method => :get })
+            session.send(:"#{mapping.name}_session",         mapping.path_names[:sign_in],  :action => 'create',  :conditions => { :method => :post })
+            session.send(:"destroy_#{mapping.name}_session", mapping.path_names[:sign_out], :action => 'destroy', :conditions => { :method => :get })
+          end
+        end
+
+        def confirmable(routes, mapping)
+          routes.resource :confirmation, :only => [:new, :create, :show], :as => mapping.path_names[:confirmation]
+        end
+
+        def lockable(routes, mapping)
+          routes.resource :unlock, :only => [:new, :create, :show], :as => mapping.path_names[:unlock]
+        end
+
+        def recoverable(routes, mapping)
+          routes.resource :password, :only => [:new, :create, :edit, :update], :as => mapping.path_names[:password]
+        end
+
+        def registerable(routes, mapping)
+          routes.resource :registration, :only => [:new, :create, :edit, :update, :destroy], :as => mapping.raw_path[1..-1], :path_prefix => nil, :path_names => { :new => mapping.path_names[:sign_up] }
+        end
+    end
+  end
+end

data/lib/devise/rails/warden_compat.rb

@@ -0,0 +1,25 @@
+module Warden::Mixins::Common
+  def request
+    @request ||= env['action_controller.rescue.request']
+  end
+
+  def reset_session!
+    raw_session.inspect # why do I have to inspect it to get it to clear?
+    raw_session.clear
+  end
+
+  def response
+    @response ||= env['action_controller.rescue.response']
+  end
+end
+
+class Warden::SessionSerializer
+  def serialize(record)
+    [record.class, record.id]
+  end
+
+  def deserialize(keys)
+    klass, id = keys
+    klass.find(:first, :conditions => { :id => id })
+  end
+end

data/lib/devise/schema.rb

@@ -0,0 +1,73 @@
+module Devise
+  # Holds devise schema information. To use it, just include its methods
+  # and overwrite the apply_schema method.
+  module Schema
+
+    def authenticatable(*args)
+      ActiveSupport::Deprecation.warn "t.authenticatable in migrations is deprecated. Please use t.database_authenticatable instead.", caller
+      database_authenticatable(*args)
+    end
+
+    # Creates email, encrypted_password and password_salt.
+    #
+    # == Options
+    # * :null - When true, allow columns to be null.
+    def database_authenticatable(options={})
+      null    = options[:null] || false
+      default = options[:default] || ""
+
+      if options.delete(:encryptor)
+        ActiveSupport::Deprecation.warn ":encryptor as option is deprecated, simply remove it."
+      end
+
+      apply_schema :email,              String, :null => null, :default => default
+      apply_schema :encrypted_password, String, :null => null, :default => default, :limit => 128
+      apply_schema :password_salt,      String, :null => null, :default => default
+    end
+
+    # Creates authentication_token.
+    def token_authenticatable
+      apply_schema :authentication_token, String
+    end
+
+    # Creates confirmation_token, confirmed_at and confirmation_sent_at.
+    def confirmable
+      apply_schema :confirmation_token,   String
+      apply_schema :confirmed_at,         DateTime
+      apply_schema :confirmation_sent_at, DateTime
+    end
+
+    # Creates reset_password_token.
+    def recoverable
+      apply_schema :reset_password_token, String
+    end
+
+    # Creates remember_token and remember_created_at.
+    def rememberable
+      apply_schema :remember_token,      String
+      apply_schema :remember_created_at, DateTime
+    end
+
+    # Creates sign_in_count, current_sign_in_at, last_sign_in_at,
+    # current_sign_in_ip, last_sign_in_ip.
+    def trackable
+      apply_schema :sign_in_count,      Integer, :default => 0
+      apply_schema :current_sign_in_at, DateTime
+      apply_schema :last_sign_in_at,    DateTime
+      apply_schema :current_sign_in_ip, String
+      apply_schema :last_sign_in_ip,    String
+    end
+
+    # Creates failed_attempts, unlock_token and locked_at
+    def lockable
+      apply_schema :failed_attempts, Integer, :default => 0
+      apply_schema :unlock_token,    String
+      apply_schema :locked_at,       DateTime
+    end
+
+    # Overwrite with specific modification to create your own schema.
+    def apply_schema(name, type, options={})
+      raise NotImplementedError
+    end
+  end
+end

data/lib/devise/strategies/base.rb

@@ -0,0 +1,16 @@
+module Devise
+  module Strategies
+    # Base strategy for Devise. Responsible for verifying correct scope and mapping.
+    class Base < ::Warden::Strategies::Base
+      # Checks if a valid scope was given for devise and find mapping based on
+      # this scope.
+      def mapping
+        @mapping ||= begin
+          mapping = Devise.mappings[scope]
+          raise "Could not find mapping for #{scope}" unless mapping
+          mapping
+        end
+      end
+    end
+  end
+end

data/lib/devise/strategies/database_authenticatable.rb

@@ -0,0 +1,36 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Default strategy for signing in a user, based on his email and password.
+    # Redirects to sign_in page if it's not authenticated
+    class DatabaseAuthenticatable < Base
+      def valid?
+        valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate)
+      end
+
+      # Authenticate a user based on email and password params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate(params[scope])
+          success!(resource)
+        else
+          fail(:invalid)
+        end
+      end
+
+      protected
+
+        def valid_controller?
+          params[:controller] =~ /sessions$/
+        end
+
+        def valid_params?
+          params[scope] && params[scope][:password].present?
+        end
+    end
+  end
+end
+
+Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)

data/lib/devise/strategies/http_authenticatable.rb

@@ -0,0 +1,59 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Sign in an user using HTTP authentication.
+    class HttpAuthenticatable < Base
+      def valid?
+        http_authentication? && mapping.to.respond_to?(:authenticate_with_http)
+      end
+
+      def authenticate!
+        username, password = username_and_password
+
+        if resource = mapping.to.authenticate_with_http(username, password)
+          success!(resource)
+        else
+          custom!([401, custom_headers, [response_body]])
+        end
+      end
+
+    private
+
+      def username_and_password
+        decode_credentials(request).split(/:/, 2)
+      end
+
+      def response_body
+        body   = "HTTP Basic: Access denied."
+        method = :"to_#{request_format.to_sym}"
+        {}.respond_to?(method) ? { :error => body }.send(method) : body
+      end
+
+      def http_authentication
+        request.env['HTTP_AUTHORIZATION']   ||
+        request.env['X-HTTP_AUTHORIZATION'] ||
+        request.env['X_HTTP_AUTHORIZATION'] ||
+        request.env['REDIRECT_X_HTTP_AUTHORIZATION']
+      end
+      alias :http_authentication? :http_authentication
+
+      def decode_credentials(request)
+        ActiveSupport::Base64.decode64(http_authentication.split(' ', 2).last || '')
+      end
+
+      def custom_headers
+        {
+          "Content-Type" => request_format.to_s,
+          "WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
+        }
+      end
+
+      def request_format
+        @request_format ||= Mime::Type.lookup_by_extension(request.template_format.to_s)
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:http_authenticatable, Devise::Strategies::HttpAuthenticatable)

data/lib/devise/strategies/rememberable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Remember the user through the remember token. This strategy is responsible
+    # to verify whether there is a cookie with the remember token, and to
+    # recreate the user from this cookie if it exists.  Must be called *before*
+    # authenticatable.
+    class Rememberable < Devise::Strategies::Base
+
+      # A valid strategy for rememberable needs a remember token in the cookies.
+      def valid?
+        remember_me_cookie.present? && mapping.to.respond_to?(:serialize_from_cookie)
+      end
+
+      # To authenticate a user we deserialize the cookie and attempt finding
+      # the record in the database. If the attempt fails, we pass to another
+      # strategy handle the authentication.
+      def authenticate!
+        if resource = mapping.to.serialize_from_cookie(remember_me_cookie)
+          success!(resource)
+        else
+          pass
+        end
+      end
+
+    private
+
+      # Accessor for remember cookie
+      def remember_me_cookie
+        @remember_me_cookie ||= request.cookies["remember_#{mapping.name}_token"]
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:rememberable, Devise::Strategies::Rememberable)

data/lib/devise/strategies/token_authenticatable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Strategy for signing in a user, based on a authenticatable token.
+    # Redirects to sign_in page if it's not authenticated.
+    class TokenAuthenticatable < Base
+      def valid?
+        mapping.to.respond_to?(:authenticate_with_token) && authentication_token(scope).present?
+      end
+
+      # Authenticate a user based on authenticatable token params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate_with_token(params[scope] || params)
+          success!(resource)
+        else
+          fail!(:invalid_token)
+        end
+      end
+
+    private
+
+      # Detect authentication token in params: scoped or not.
+      def authentication_token(scope)
+        if params[scope]
+          params[scope][mapping.to.token_authentication_key]
+        else
+          params[mapping.to.token_authentication_key]
+        end
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)