devise 0.1.0

data/lib/devise/controllers/url_helpers.rb

@@ -0,0 +1,47 @@
+module Devise
+  module Controllers
+    # Create url helpers to be used with resource/scope configuration. Acts as
+    # proxies to the generated routes created by devise.
+    # Resource param can be a string or symbol, a class, or an instance object.
+    # Example using a :user resource:
+    #
+    #   new_session_path(:user)      => new_user_session_path
+    #   session_path(:user)          => user_session_path
+    #   destroy_session_path(:user)  => destroy_user_session_path
+    #
+    #   new_password_path(:user)     => new_user_password_path
+    #   password_path(:user)         => user_password_path
+    #   edit_password_path(:user)    => edit_user_password_path
+    #
+    #   new_confirmation_path(:user) => new_user_confirmation_path
+    #   confirmation_path(:user)     => user_confirmation_path
+    module UrlHelpers
+
+      [:session, :password, :confirmation].each do |module_name|
+        [:path, :url].each do |path_or_url|
+          actions = [ nil, :new_ ]
+          actions << :edit_ if module_name == :password
+          actions << :destroy_ if module_name == :session
+
+          actions.each do |action|
+            class_eval <<-URL_HELPERS
+              def #{action}#{module_name}_#{path_or_url}(resource, *args)
+                resource = case resource
+                  when Symbol, String
+                    resource
+                  when Class
+                    resource.name.underscore
+                  else
+                    resource.class.name.underscore
+                end
+
+                send("#{action}\#{resource}_#{module_name}_#{path_or_url}", *args)
+              end
+            URL_HELPERS
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/devise/hooks/rememberable.rb

@@ -0,0 +1,24 @@
+# After authenticate hook to verify if the user in the given scope asked to be
+# remembered while he does not sign out. Generates a new remember token for
+# that specific user and adds a cookie with this user info to sign in this user
+# automatically without asking for credentials. Refer to rememberable strategy
+# for more info.
+Warden::Manager.after_authentication do |record, auth, options|
+  scope = options[:scope]
+  remember_me = auth.params[scope].try(:fetch, :remember_me, nil)
+
+  if Devise::TRUE_VALUES.include?(remember_me) && record.respond_to?(:remember_me!)
+    record.remember_me!
+    auth.cookies['remember_token'] = record.class.serialize_into_cookie(record)
+  end
+end
+
+# Before logout hook to forget the user in the given scope, only if rememberable
+# is activated for this scope. Also clear remember token to ensure the user
+# won't be remembered again.
+Warden::Manager.before_logout do |record, auth, scope|
+  if record.respond_to?(:forget_me!)
+    record.forget_me!
+    auth.cookies['remember_token'] = nil
+  end
+end

data/lib/devise/mapping.rb

@@ -0,0 +1,95 @@
+module Devise
+  # Responsible for handling devise mappings and routes configuration. Each
+  # resource configured by devise_for in routes is actually creating a mapping
+  # object. You can refer to devise_for in routes for usage options.
+  #
+  # The required value in devise_for is actually not used internally, but it's
+  # inflected to find all other values.
+  #
+  #   map.devise_for :users
+  #   mapping = Devise.mappings[:user]
+  #
+  #   mapping.name #=> :user
+  #   # is the scope used in controllers and warden, given in the route as :singular.
+  #
+  #   mapping.as   #=> "users"
+  #   # how the mapping should be search in the path, given in the route as :as.
+  #
+  #   mapping.to   #=> User
+  #   # is the class to be loaded from routes, given in the route as :class_name.
+  #
+  #   mapping.for  #=> [:authenticable]
+  #   # is the modules included in the class
+  #
+  class Mapping #:nodoc:
+    attr_reader :name, :as, :path_names
+
+    def initialize(name, options)
+      @as    = (options[:as] || name).to_sym
+      @klass = (options[:class_name] || name.to_s.classify).to_s
+      @name  = (options[:singular] || name.to_s.singularize).to_sym
+      @path_names = options[:path_names] || {}
+      setup_path_names
+    end
+
+    # Return modules for the mapping.
+    def for
+      @for ||= to.devise_modules
+    end
+
+    # Reload mapped class each time when cache_classes is false.
+    def to
+      return @to if @to
+      klass = @klass.constantize
+      @to = klass if Rails.configuration.cache_classes
+      klass
+    end
+
+    # Check if the respective controller has a module in the mapping class.
+    def allows?(controller)
+      self.for.include?(CONTROLLERS[controller.to_sym])
+    end
+
+    # Create magic predicates for verifying what module is activated by this map.
+    # Example:
+    #
+    #   def confirmable?
+    #     self.for.include?(:confirmable)
+    #   end
+    #
+    ALL.each do |m|
+      class_eval <<-METHOD, __FILE__, __LINE__
+        def #{m}?
+          self.for.include?(:#{m})
+        end
+      METHOD
+    end
+
+    private
+
+      # Configure default path names, allowing the user overwrite defaults by
+      # passing a hash in :path_names.
+      def setup_path_names
+        [:sign_in, :sign_out, :password, :confirmation].each do |path_name|
+          @path_names[path_name] ||= path_name.to_s
+        end
+      end
+  end
+
+  mattr_accessor :mappings
+  self.mappings = {}
+
+  # Loop through all mappings looking for a map that matches with the requested
+  # path (ie /users/sign_in). The important part here is the key :users. If no
+  # map is found just returns nil.
+  def self.find_mapping_by_path(path)
+    route = path.split("/")[1]
+    return nil unless route
+
+    route = route.to_sym
+    mappings.each do |key, map|
+      return map if map.as == route.to_sym
+    end
+    nil
+  end
+end

data/lib/devise/migrations.rb

@@ -0,0 +1,50 @@
+module Devise
+  # Helpers to migration:
+  #
+  #   create_table :accounts do |t|
+  #     t.authenticable
+  #     t.confirmable
+  #     t.recoverable
+  #     t.rememberable
+  #     t.timestamps
+  #   end
+  #
+  # However this method does not add indexes. If you need them, here is the declaration:
+  #
+  #   add_index "accounts", ["email"],                :name => "email",                :unique => true
+  #   add_index "accounts", ["confirmation_token"],   :name => "confirmation_token",   :unique => true
+  #   add_index "accounts", ["reset_password_token"], :name => "reset_password_token", :unique => true
+  #
+  module Migrations
+
+    # Creates email, encrypted_password and password_salt.
+    #
+    def authenticable
+      string :email,              :limit => 100, :null => false
+      string :encrypted_password, :limit =>  40, :null => false
+      string :password_salt,      :limit =>  20, :null => false
+    end
+
+    # Creates confirmation_token, confirmed_at and confirmation_sent_at.
+    #
+    def confirmable
+      string   :confirmation_token, :limit => 20
+      datetime :confirmed_at
+      datetime :confirmation_sent_at
+    end
+
+    # Creates reset_password_token.
+    #
+    def recoverable
+      string :reset_password_token, :limit => 20
+    end
+
+    # Creates remember_token and remember_expires_at.
+    #
+    def rememberable
+      string   :remember_token, :limit => 20
+      datetime :remember_expires_at
+    end
+
+  end
+end

data/lib/devise/models/authenticable.rb

@@ -0,0 +1,98 @@
+require 'digest/sha1'
+
+module Devise
+  module Models
+
+    # Authenticable Module, responsible for encrypting password and validating
+    # authenticity of a user while signing in.
+    #
+    # Configuration:
+    #
+    # You can overwrite configuration values by setting in globally in Devise,
+    # using devise method or overwriting the respective instance method.
+    #
+    #   pepper: encryption key used for creating encrypted password. Each time
+    #           password changes, it's gonna be encrypted again, and this key
+    #           is added to the password and salt to create a secure hash.
+    #           Always use `rake secret' to generate a new key.
+    #
+    #   stretches: defines how many times the password will be encrypted.
+    #
+    # Examples:
+    #
+    #    User.authenticate('email@test.com', 'password123')  # returns authenticated user or nil
+    #    User.find(1).valid_password?('password123')         # returns true/false
+    #
+    module Authenticable
+      Devise.model_config(self, :pepper)
+      Devise.model_config(self, :stretches, 10)
+
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+
+          attr_reader :password
+          attr_accessor :password_confirmation
+          attr_accessible :email, :password, :password_confirmation
+        end
+      end
+
+      # Regenerates password salt and encrypted password each time password is
+      # setted.
+      def password=(new_password)
+        @password = new_password
+        self.password_salt = friendly_token
+        self.encrypted_password = password_digest(@password)
+      end
+
+      # Verifies whether an incoming_password (ie from login) is the user
+      # password.
+      def valid_password?(incoming_password)
+        password_digest(incoming_password) == encrypted_password
+      end
+
+      protected
+
+        # Gererates a default password digest based on salt, pepper and the
+        # incoming password.
+        def password_digest(password_to_digest)
+          digest = pepper
+          stretches.times { digest = secure_digest(password_salt, digest, password_to_digest, pepper) }
+          digest
+        end
+
+        # Generate a SHA1 digest joining args. Generated token is something like
+        #
+        #   --arg1--arg2--arg3--argN--
+        def secure_digest(*tokens)
+          ::Digest::SHA1.hexdigest('--' << tokens.flatten.join('--') << '--')
+        end
+
+        # Generate a friendly string randomically to be used as token.
+        def friendly_token
+          ActiveSupport::SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
+        end
+
+      module ClassMethods
+
+        # Authenticate a user based on email and password. Returns the
+        # authenticated user if it's valid or nil.
+        # Attributes are :email and :password
+        def authenticate(attributes={})
+          authenticable = find_by_email(attributes[:email])
+          authenticable if authenticable.try(:valid_password?, attributes[:password])
+        end
+
+        # Attempt to find a user by it's email. If not user is found, returns a
+        # new user with an email not found error.
+        def find_or_initialize_with_error_by_email(email)
+          perishable = find_or_initialize_by_email(email)
+          if perishable.new_record?
+            perishable.errors.add(:email, :not_found, :default => 'not found')
+          end
+          perishable
+        end
+      end
+    end
+  end
+end

data/lib/devise/models/confirmable.rb

@@ -0,0 +1,125 @@
+module Devise
+  module Models
+
+    # Confirmable is responsible to verify if an account is already confirmed to
+    # sign in, and to send emails with confirmation instructions.
+    # Confirmation instructions are sent to the user email after creating a
+    # record, after updating it's email and also when manually requested by
+    # a new confirmation instruction request.
+    # Whenever the user update it's email, his account is automatically unconfirmed,
+    # it means it won't be able to sign in again without confirming the account
+    # again through the email that was sent.
+    # Examples:
+    #
+    #   User.find(1).confirm!      # returns true unless it's already confirmed
+    #   User.find(1).confirmed?    # true/false
+    #   User.find(1).send_confirmation_instructions # manually send instructions
+    #   User.find(1).reset_confirmation! # reset confirmation status and send instructions
+    module Confirmable
+
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+
+          before_save :reset_confirmation, :if => :email_changed?
+          after_save  :send_confirmation_instructions, :if => :email_changed?
+        end
+      end
+
+      # Confirm a user by setting it's confirmed_at to actual time. If the user
+      # is already confirmed, add en error to email field
+      def confirm!
+        unless_confirmed do
+          clear_confirmation_token
+          update_attribute(:confirmed_at, Time.now)
+        end
+      end
+
+      # Verifies whether a user is confirmed or not
+      def confirmed?
+        !new_record? && confirmed_at?
+      end
+
+      # Send confirmation instructions by email
+      def send_confirmation_instructions
+        ::Notifier.deliver_confirmation_instructions(self)
+      end
+
+      # Remove confirmation date and send confirmation instructions, to ensure
+      # after sending these instructions the user won't be able to sign in without
+      # confirming it's account
+      def reset_confirmation!
+        unless_confirmed do
+          reset_confirmation
+          save(false)
+          send_confirmation_instructions
+        end
+      end
+
+      protected
+
+        # Remove confirmation date from the user, ensuring after a user update
+        # it's email, it won't be able to sign in without confirming it.
+        def reset_confirmation
+          generate_confirmation_token
+          self.confirmed_at = nil
+        end
+
+        # Checks whether the record is confirmed or not, yielding to the block
+        # if it's already confirmed, otherwise adds an error to email.
+        def unless_confirmed
+          unless confirmed?
+            yield
+          else
+            errors.add(:email, :already_confirmed, :default => 'already confirmed')
+            false
+          end
+        end
+
+        # Generates a new random token for confirmation, and stores the time
+        # this token is being generated
+        def generate_confirmation_token
+          self.confirmation_token = friendly_token
+          self.confirmation_sent_at = Time.now.utc
+        end
+
+        # Resets the confirmation token with and save the record without
+        # validating.
+        def generate_confirmation_token!
+          generate_confirmation_token && save(false)
+        end
+
+        # Removes confirmation token
+        def clear_confirmation_token
+          self.confirmation_token = nil
+        end
+
+      module ClassMethods
+
+        # Attempt to find a user by it's email. If a record is found, send new
+        # confirmation instructions to it. If not user is found, returns a new user
+        # with an email not found error.
+        # Options must contain the user email
+        def send_confirmation_instructions(attributes={})
+          confirmable = find_or_initialize_with_error_by_email(attributes[:email])
+          confirmable.reset_confirmation! unless confirmable.new_record?
+          confirmable
+        end
+
+        # Find a user by it's confirmation token and try to confirm it.
+        # If no user is found, returns a new user with an error.
+        # If the user is already confirmed, create an error for the user
+        # Options must have the confirmation_token
+        def confirm!(attributes={})
+          confirmable = find_or_initialize_by_confirmation_token(attributes[:confirmation_token])
+          if confirmable.new_record?
+            confirmable.errors.add(:confirmation_token, :invalid)
+          else
+            confirmable.confirm!
+          end
+          confirmable
+        end
+      end
+    end
+  end
+end

data/lib/devise/models/recoverable.rb

@@ -0,0 +1,88 @@
+module Devise
+  module Models
+
+    # Recoverable takes care of reseting the user password and send reset instructions
+    # Examples:
+    #
+    #   # resets the user password and save the record, true if valid passwords are given, otherwise false
+    #   User.find(1).reset_password!('password123', 'password123')
+    #   # only resets the user password, without saving the record
+    #   user = User.find(1)
+    #   user.reset_password('password123', 'password123')
+    #   # creates a new token and send it with instructions about how to reset the password
+    #   User.find(1).send_reset_password_instructions
+    module Recoverable
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+        end
+      end
+
+      # Update password
+      def reset_password(new_password, new_password_confirmation)
+        self.password = new_password
+        self.password_confirmation = new_password_confirmation
+      end
+
+      # Update password saving the record and clearing token. Returns true if
+      # the passwords are valid and the record was saved, false otherwise.
+      def reset_password!(new_password, new_password_confirmation)
+        reset_password(new_password, new_password_confirmation)
+        clear_reset_password_token if valid?
+        save
+      end
+
+      # Resets reset password token and send reset password instructions by email
+      def send_reset_password_instructions
+        generate_reset_password_token!
+        ::Notifier.deliver_reset_password_instructions(self)
+      end
+
+      protected
+
+        # Generates a new random token for reset password
+        def generate_reset_password_token
+          self.reset_password_token = friendly_token
+        end
+
+        # Resets the reset password token with and save the record without
+        # validating
+        def generate_reset_password_token!
+          generate_reset_password_token && save(false)
+        end
+
+        # Removes reset_password token
+        def clear_reset_password_token
+          self.reset_password_token = nil
+        end
+
+      module ClassMethods
+
+        # Attempt to find a user by it's email. If a record is found, send new
+        # password instructions to it. If not user is found, returns a new user
+        # with an email not found error.
+        # Attributes must contain the user email
+        def send_reset_password_instructions(attributes={})
+          recoverable = find_or_initialize_with_error_by_email(attributes[:email])
+          recoverable.send_reset_password_instructions unless recoverable.new_record?
+          recoverable
+        end
+
+        # Attempt to find a user by it's reset_password_token to reset it's
+        # password. If a user is found, reset it's password and automatically
+        # try saving the record. If not user is found, returns a new user
+        # containing an error in reset_password_token attribute.
+        # Attributes must contain reset_password_token, password and confirmation
+        def reset_password!(attributes={})
+          recoverable = find_or_initialize_by_reset_password_token(attributes[:reset_password_token])
+          if recoverable.new_record?
+            recoverable.errors.add(:reset_password_token, :invalid)
+          else
+            recoverable.reset_password!(attributes[:password], attributes[:password_confirmation])
+          end
+          recoverable
+        end
+      end
+    end
+  end
+end