devise 1.0.11 → 1.1.pre

data/lib/devise/rails/warden_compat.rb

@@ -1,6 +1,6 @@
 module Warden::Mixins::Common
   def request
-    @request ||= env['action_controller.rescue.request']
+    @request ||= ActionDispatch::Request.new(env)
   end
 
   def reset_session!
@@ -9,7 +9,7 @@ module Warden::Mixins::Common
   end
 
   def response
-    @response ||= env['action_controller.rescue.response']
+    @response ||= env['action_controller.instance'].response
   end
 end
 
@@ -22,42 +22,4 @@ class Warden::SessionSerializer
     klass, id = keys
     klass.find(:first, :conditions => { :id => id })
   end
-end
-
-class ActionController::Request
-  def reset_session
-    session.destroy if session && session.respond_to?(:destroy)
-    self.session = {}
-  end
-end
-
-# Solve a bug in Rails where Set-Cookie is returning an array.
-class Devise::CookieSanitizer
-  SET_COOKIE = "Set-Cookie".freeze
-
-  def initialize(app)
-    @app = app
-  end
-
-  def call(env)
-    response = @app.call(env)
-    headers = response[1]
-    cookies = headers[SET_COOKIE]
-    if cookies.respond_to?(:join)
-      headers[SET_COOKIE] = cookies.join("\n").squeeze("\n")
-    end
-    response
-  end
-end
-
-Rails.configuration.middleware.insert_after ActionController::Failsafe, Devise::CookieSanitizer
-
-Warden::Manager.after_set_user :event => [:set_user, :authentication] do |record, warden, options|
-  if options[:scope] && warden.authenticated?(options[:scope])
-    request = warden.request
-    backup = request.session.to_hash
-    backup.delete(:session_id)
-    request.reset_session
-    request.session.update(backup)
-  end
-end
+end

data/lib/devise/schema.rb

@@ -3,55 +3,47 @@ module Devise
   # and overwrite the apply_schema method.
   module Schema
 
-    def authenticatable(*args)
-      ActiveSupport::Deprecation.warn "t.authenticatable in migrations is deprecated. Please use t.database_authenticatable instead.", caller
-      database_authenticatable(*args)
-    end
-
     # Creates email, encrypted_password and password_salt.
     #
     # == Options
     # * :null - When true, allow columns to be null.
-    def database_authenticatable(options={})
-      null    = options[:null] || false
-      default = options[:default] || ""
-
-      if options.delete(:encryptor)
-        ActiveSupport::Deprecation.warn ":encryptor as option is deprecated, simply remove it."
-      end
+    # * :encryptor - The encryptor going to be used, necessary for setting the proper encrypter password length.
+    def authenticatable(options={})
+      null       = options[:null] || false
+      encryptor  = options[:encryptor] || (respond_to?(:encryptor) ? self.encryptor : :sha1)
 
-      apply_schema :email,              String, :null => null, :default => default
-      apply_schema :encrypted_password, String, :null => null, :default => default, :limit => 128
-      apply_schema :password_salt,      String, :null => null, :default => default
+      apply_schema :email,              String, :null => null
+      apply_schema :encrypted_password, String, :null => null, :limit => Devise::ENCRYPTORS_LENGTH[encryptor]
+      apply_schema :password_salt,      String, :null => null
     end
 
     # Creates authentication_token.
     def token_authenticatable
-      apply_schema :authentication_token, String
+      apply_schema :authentication_token, String, :limit => 20
     end
 
     # Creates confirmation_token, confirmed_at and confirmation_sent_at.
     def confirmable
-      apply_schema :confirmation_token,   String
+      apply_schema :confirmation_token,   String, :limit => 20
       apply_schema :confirmed_at,         DateTime
       apply_schema :confirmation_sent_at, DateTime
     end
 
     # Creates reset_password_token.
     def recoverable
-      apply_schema :reset_password_token, String
+      apply_schema :reset_password_token, String, :limit => 20
     end
 
     # Creates remember_token and remember_created_at.
     def rememberable
-      apply_schema :remember_token,      String
+      apply_schema :remember_token,      String, :limit => 20
       apply_schema :remember_created_at, DateTime
     end
 
     # Creates sign_in_count, current_sign_in_at, last_sign_in_at,
     # current_sign_in_ip, last_sign_in_ip.
     def trackable
-      apply_schema :sign_in_count,      Integer, :default => 0
+      apply_schema :sign_in_count,      Integer
       apply_schema :current_sign_in_at, DateTime
       apply_schema :last_sign_in_at,    DateTime
       apply_schema :current_sign_in_ip, String
@@ -61,7 +53,7 @@ module Devise
     # Creates failed_attempts, unlock_token and locked_at
     def lockable
       apply_schema :failed_attempts, Integer, :default => 0
-      apply_schema :unlock_token,    String
+      apply_schema :unlock_token,    String, :limit => 20
       apply_schema :locked_at,       DateTime
     end
 

data/lib/devise/strategies/{database_authenticatable.rb → authenticatable.rb}

@@ -4,7 +4,7 @@ module Devise
   module Strategies
     # Default strategy for signing in a user, based on his email and password.
     # Redirects to sign_in page if it's not authenticated
-    class DatabaseAuthenticatable < Base
+    class Authenticatable < Base
       def valid?
         valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate)
       end
@@ -16,7 +16,7 @@ module Devise
         if resource = mapping.to.authenticate(params[scope])
           success!(resource)
         else
-          fail(:invalid)
+          fail!(:invalid)
         end
       end
 
@@ -33,4 +33,4 @@ module Devise
   end
 end
 
-Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)
+Warden::Strategies.add(:authenticatable, Devise::Strategies::Authenticatable)

data/lib/devise/strategies/http_authenticatable.rb

@@ -5,7 +5,7 @@ module Devise
     # Sign in an user using HTTP authentication.
     class HttpAuthenticatable < Base
       def valid?
-        http_authentication? && mapping.to.respond_to?(:authenticate_with_http)
+        request.authorization && mapping.to.respond_to?(:authenticate_with_http)
       end
 
       def authenticate!
@@ -14,7 +14,7 @@ module Devise
         if resource = mapping.to.authenticate_with_http(username, password)
           success!(resource)
         else
-          custom!([401, custom_headers, [response_body]])
+          custom!([401, custom_headers, ["HTTP Basic: Access denied.\n"]])
         end
       end
 
@@ -24,34 +24,16 @@ module Devise
         decode_credentials(request).split(/:/, 2)
       end
 
-      def response_body
-        body   = "HTTP Basic: Access denied."
-        method = :"to_#{request_format.to_sym}"
-        {}.respond_to?(method) ? { :error => body }.send(method) : body
-      end
-
-      def http_authentication
-        request.env['HTTP_AUTHORIZATION']   ||
-        request.env['X-HTTP_AUTHORIZATION'] ||
-        request.env['X_HTTP_AUTHORIZATION'] ||
-        request.env['REDIRECT_X_HTTP_AUTHORIZATION']
-      end
-      alias :http_authentication? :http_authentication
-
       def decode_credentials(request)
-        ActiveSupport::Base64.decode64(http_authentication.split(' ', 2).last || '')
+        ActiveSupport::Base64.decode64(request.authorization.split(' ', 2).last || '')
       end
 
       def custom_headers
         {
-          "Content-Type" => request_format.to_s,
+          "Content-Type" => "text/plain",
           "WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
         }
       end
-
-      def request_format
-        @request_format ||= Mime::Type.lookup_by_extension(request.template_format.to_s)
-      end
     end
   end
 end

data/lib/devise/test_helpers.rb

@@ -24,10 +24,6 @@ module Devise
         catch_with_redirect { super }
       end
 
-      def user(*args)
-        catch_with_redirect { super }
-      end
-
       def catch_with_redirect(&block)
         result = catch(:warden, &block)
 
@@ -49,10 +45,7 @@ module Devise
 
     # We need to setup the environment variables and the response in the controller.
     def setup_controller_for_warden #:nodoc:
-      @request.env['action_controller.rescue.request']  = @request
-      @request.env['action_controller.rescue.response'] = @response
-      @request.env['rack.session'] = session
-      @controller.response = @response
+      @request.env['action_controller.instance'] = @controller
     end
 
     # Quick access to Warden::Proxy.

data/lib/devise/version.rb

@@ -1,3 +1,3 @@
 module Devise
-  VERSION = "1.0.11".freeze
+  VERSION = "1.1.pre".freeze
 end

data/lib/generators/devise/devise_generator.rb

@@ -0,0 +1,57 @@
+require 'rails/generators/migration'
+
+class DeviseGenerator < Rails::Generators::NamedBase
+  include Rails::Generators::Migration
+
+  desc "Generates a model with the given NAME (if one does not exist) with devise " <<
+       "configuration plus a migration file and devise routes."
+
+  def self.source_root
+    @_devise_source_root ||= File.expand_path("../templates", __FILE__)
+  end
+
+  def self.orm_has_migration?
+    Rails::Generators.options[:rails][:orm] == :active_record
+  end
+
+  def self.next_migration_number(path)
+    Time.now.utc.strftime("%Y%m%d%H%M%S")
+  end
+
+  class_option :migration, :type => :boolean, :default => orm_has_migration?
+
+  def invoke_orm_model
+    if File.exists?(File.join(destination_root, model_path))
+      say "* Model already exists. Adding Devise behavior."
+    else
+      invoke "model", [name], :migration => false
+    end
+  end
+
+  def inject_devise_config_into_model
+    inject_into_class model_path, class_name, <<-CONTENT
+  # Include default devise modules. Others available are:
+  # :http_authenticatable, :token_authenticatable, :lockable, :timeoutable and :activatable
+  devise :registerable, :authenticatable, :confirmable, :recoverable,
+         :rememberable, :trackable, :validatable
+
+  # Setup accessible (or protected) attributes for your model
+  attr_accessible :email, :password, :password_confirmation
+CONTENT
+  end
+
+  def copy_migration_template
+    return unless options.migration?
+    migration_template "migration.rb", "db/migrate/devise_create_#{table_name}"
+  end
+
+  def add_devise_routes
+    route "devise_for :#{table_name}"
+  end
+
+  protected
+
+    def model_path
+      @model_path ||= File.join("app", "models", "#{file_path}.rb")
+    end
+end

data/{generators → lib/generators}/devise/templates/migration.rb

@@ -1,7 +1,7 @@
 class DeviseCreate<%= table_name.camelize %> < ActiveRecord::Migration
   def self.up
     create_table(:<%= table_name %>) do |t|
-      t.database_authenticatable :null => false
+      t.authenticatable :encryptor => :sha1, :null => false
       t.confirmable
       t.recoverable
       t.rememberable

data/lib/generators/devise_install/devise_install_generator.rb

@@ -0,0 +1,25 @@
+class DeviseInstallGenerator < Rails::Generators::Base
+  desc "Creates a Devise initializer and copy locale files to your application."
+
+  def self.source_root
+    @_devise_source_root ||= File.expand_path("../templates", __FILE__)
+  end
+
+  def copy_initializer
+    template "devise.rb", "config/initializers/devise.rb"
+  end
+
+  def copy_locale
+    copy_file "../../../../config/locales/en.yml", "config/locales/devise.en.yml"    
+  end
+
+  def show_readme
+    readme "README"
+  end
+
+  protected
+  
+  def readme(path)
+    say File.read(File.expand_path(path, self.class.source_root))
+  end
+end

data/{generators → lib/generators}/devise_install/templates/README

@@ -1,3 +1,4 @@
+
 ===============================================================================
 
 Some setup you must do manually if you haven't yet:
@@ -10,14 +11,9 @@ Some setup you must do manually if you haven't yet:
      This is a required Rails configuration. In production is must be the
      actual host of your application
 
-  2. Ensure you have defined root_url to *something* in your config/routes.rb:
-
-       map.root :controller => 'home'
-
- 3. Ensure you have a default layout in app/views/layouts and it shows
-     flash messages. For example:
+  2. Ensure you have defined root_url to *something* in your config/routes.rb.
+     For example:
 
-       <p class="notice"><%= flash[:notice] %></p>
-       <p class="alert"><%= flash[:alert] %></p>
+       root :to => "home#index"
 
 ===============================================================================

data/{generators → lib/generators}/devise_install/templates/devise.rb

@@ -3,9 +3,6 @@
 Devise.setup do |config|
   # Configure the e-mail address which will be shown in DeviseMailer.
   config.mailer_sender = "please-change-me@config-initializers-devise.com"
-  
-  # Configure the content type of DeviseMailer mails (defaults to text/html")
-  # config.mailer_content_type = "text/plain"
 
   # ==> Configuration for :authenticatable
   # Invoke `rake secret` and use the printed value to setup a pepper to generate

data/lib/generators/devise_views/devise_views_generator.rb

@@ -0,0 +1,11 @@
+class DeviseViewsGenerator < Rails::Generators::Base
+  desc "Copies all Devise views to your application."
+
+  def self.source_root
+    @_devise_source_root ||= File.expand_path("../../../../app/views", __FILE__)
+  end
+
+  def copy_views
+    directory "devise"
+  end
+end

data/test/controllers/helpers_test.rb

@@ -11,16 +11,29 @@ class MockController < ApplicationController
   def path
     ''
   end
+
+  def index
+  end
+
+  def host_with_port
+    "test.host:3000"
+  end
+
+  def protocol
+    "http"
+  end
+
+  def symbolized_path_parameters
+    {}
+  end
 end
 
 class ControllerAuthenticableTest < ActionController::TestCase
   tests MockController
 
   def setup
-    @controller = MockController.new
     @mock_warden = OpenStruct.new
     @controller.env = { 'warden' => @mock_warden }
-    @controller.session = {}
   end
 
   test 'setup warden' do
@@ -36,13 +49,6 @@ class ControllerAuthenticableTest < ActionController::TestCase
     @controller.signed_in?(:my_scope)
   end
 
-  test 'proxy anybody_signed_in? to signed_in?' do
-    Devise.mappings.keys.each { |scope| # :user, :admin, :manager
-      @controller.expects(:signed_in?).with(scope)
-    }
-    @controller.anybody_signed_in?
-  end
-
   test 'proxy current_admin to authenticate with admin scope' do
     @mock_warden.expects(:authenticate).with(:scope => :admin)
     @controller.current_admin

data/test/devise_test.rb

@@ -25,7 +25,7 @@ class DeviseTest < ActiveSupport::TestCase
     Devise.configure_warden(config)
 
     assert_equal Devise::FailureApp, config.failure_app
-    assert_equal [:rememberable, :http_authenticatable, :token_authenticatable, :database_authenticatable], config.default_strategies
+    assert_equal [:rememberable, :http_authenticatable, :token_authenticatable, :authenticatable], config.default_strategies
     assert_equal :user, config.default_scope
     assert config.silence_missing_strategies?
   end
@@ -63,11 +63,6 @@ class DeviseTest < ActiveSupport::TestCase
     Devise::ALL.delete(:kivi)
     Devise::CONTROLLERS.delete(:fruits)
 
-    assert_nothing_raised(Exception) { Devise.add_module(:carrot, :route => :vegetable) }
-    assert_equal 1, Devise::ROUTES.select { |v| v == :vegetable }.size
-    Devise::ALL.delete(:carrot)
-    Devise::ROUTES.delete(:vegetable)
-
     assert_nothing_raised(Exception) { Devise.add_module(:authenticatable_again, :model => 'devise/model/authenticatable') }
     assert defined?(Devise::Models::AuthenticatableAgain)
   end