devise_ennder 1.0.1.0.9

data/lib/devise/schema.rb

@@ -0,0 +1,73 @@
+module Devise
+  # Holds devise schema information. To use it, just include its methods
+  # and overwrite the apply_schema method.
+  module Schema
+
+    def authenticatable(*args)
+      ActiveSupport::Deprecation.warn "t.authenticatable in migrations is deprecated. Please use t.database_authenticatable instead.", caller
+      database_authenticatable(*args)
+    end
+
+    # Creates email, encrypted_password and password_salt.
+    #
+    # == Options
+    # * :null - When true, allow columns to be null.
+    def database_authenticatable(options={})
+      null    = options[:null] || false
+      default = options[:default] || ""
+
+      if options.delete(:encryptor)
+        ActiveSupport::Deprecation.warn ":encryptor as option is deprecated, simply remove it."
+      end
+
+      apply_schema :email,              String, :null => null, :default => default
+      apply_schema :encrypted_password, String, :null => null, :default => default, :limit => 128
+      apply_schema :password_salt,      String, :null => null, :default => default
+    end
+
+    # Creates authentication_token.
+    def token_authenticatable
+      apply_schema :authentication_token, String
+    end
+
+    # Creates confirmation_token, confirmed_at and confirmation_sent_at.
+    def confirmable
+      apply_schema :confirmation_token,   String
+      apply_schema :confirmed_at,         DateTime
+      apply_schema :confirmation_sent_at, DateTime
+    end
+
+    # Creates reset_password_token.
+    def recoverable
+      apply_schema :reset_password_token, String
+    end
+
+    # Creates remember_token and remember_created_at.
+    def rememberable
+      apply_schema :remember_token,      String
+      apply_schema :remember_created_at, DateTime
+    end
+
+    # Creates sign_in_count, current_sign_in_at, last_sign_in_at,
+    # current_sign_in_ip, last_sign_in_ip.
+    def trackable
+      apply_schema :sign_in_count,      Integer, :default => 0
+      apply_schema :current_sign_in_at, DateTime
+      apply_schema :last_sign_in_at,    DateTime
+      apply_schema :current_sign_in_ip, String
+      apply_schema :last_sign_in_ip,    String
+    end
+
+    # Creates failed_attempts, unlock_token and locked_at
+    def lockable
+      apply_schema :failed_attempts, Integer, :default => 0
+      apply_schema :unlock_token,    String
+      apply_schema :locked_at,       DateTime
+    end
+
+    # Overwrite with specific modification to create your own schema.
+    def apply_schema(name, type, options={})
+      raise NotImplementedError
+    end
+  end
+end

data/lib/devise/strategies/base.rb

@@ -0,0 +1,16 @@
+module Devise
+  module Strategies
+    # Base strategy for Devise. Responsible for verifying correct scope and mapping.
+    class Base < ::Warden::Strategies::Base
+      # Checks if a valid scope was given for devise and find mapping based on
+      # this scope.
+      def mapping
+        @mapping ||= begin
+          mapping = Devise.mappings[scope]
+          raise "Could not find mapping for #{scope}" unless mapping
+          mapping
+        end
+      end
+    end
+  end
+end

data/lib/devise/strategies/database_authenticatable.rb

@@ -0,0 +1,36 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Default strategy for signing in a user, based on his email and password.
+    # Redirects to sign_in page if it's not authenticated
+    class DatabaseAuthenticatable < Base
+      def valid?
+        valid_controller? && valid_params? && mapping.to.respond_to?(:authenticate)
+      end
+
+      # Authenticate a user based on email and password params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate(params[scope])
+          success!(resource)
+        else
+          fail(:invalid)
+        end
+      end
+
+      protected
+
+        def valid_controller?
+          params[:controller] =~ /sessions$/
+        end
+
+        def valid_params?
+          params[scope] && params[scope][:password].present?
+        end
+    end
+  end
+end
+
+Warden::Strategies.add(:database_authenticatable, Devise::Strategies::DatabaseAuthenticatable)

data/lib/devise/strategies/http_authenticatable.rb

@@ -0,0 +1,59 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Sign in an user using HTTP authentication.
+    class HttpAuthenticatable < Base
+      def valid?
+        http_authentication? && mapping.to.respond_to?(:authenticate_with_http)
+      end
+
+      def authenticate!
+        username, password = username_and_password
+
+        if resource = mapping.to.authenticate_with_http(username, password)
+          success!(resource)
+        else
+          custom!([401, custom_headers, [response_body]])
+        end
+      end
+
+    private
+
+      def username_and_password
+        decode_credentials(request).split(/:/, 2)
+      end
+
+      def response_body
+        body   = "HTTP Basic: Access denied."
+        method = :"to_#{request_format.to_sym}"
+        {}.respond_to?(method) ? { :error => body }.send(method) : body
+      end
+
+      def http_authentication
+        request.env['HTTP_AUTHORIZATION']   ||
+        request.env['X-HTTP_AUTHORIZATION'] ||
+        request.env['X_HTTP_AUTHORIZATION'] ||
+        request.env['REDIRECT_X_HTTP_AUTHORIZATION']
+      end
+      alias :http_authentication? :http_authentication
+
+      def decode_credentials(request)
+        ActiveSupport::Base64.decode64(http_authentication.split(' ', 2).last || '')
+      end
+
+      def custom_headers
+        {
+          "Content-Type" => request_format.to_s,
+          "WWW-Authenticate" => %(Basic realm="#{Devise.http_authentication_realm.gsub(/"/, "")}")
+        }
+      end
+
+      def request_format
+        @request_format ||= Mime::Type.lookup_by_extension(request.template_format.to_s)
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:http_authenticatable, Devise::Strategies::HttpAuthenticatable)

data/lib/devise/strategies/rememberable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Remember the user through the remember token. This strategy is responsible
+    # to verify whether there is a cookie with the remember token, and to
+    # recreate the user from this cookie if it exists.  Must be called *before*
+    # authenticatable.
+    class Rememberable < Devise::Strategies::Base
+
+      # A valid strategy for rememberable needs a remember token in the cookies.
+      def valid?
+        remember_me_cookie.present? && mapping.to.respond_to?(:serialize_from_cookie)
+      end
+
+      # To authenticate a user we deserialize the cookie and attempt finding
+      # the record in the database. If the attempt fails, we pass to another
+      # strategy handle the authentication.
+      def authenticate!
+        if resource = mapping.to.serialize_from_cookie(remember_me_cookie)
+          success!(resource)
+        else
+          pass
+        end
+      end
+
+    private
+
+      # Accessor for remember cookie
+      def remember_me_cookie
+        @remember_me_cookie ||= request.cookies["remember_#{mapping.name}_token"]
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:rememberable, Devise::Strategies::Rememberable)

data/lib/devise/strategies/token_authenticatable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Strategy for signing in a user, based on a authenticatable token.
+    # Redirects to sign_in page if it's not authenticated.
+    class TokenAuthenticatable < Base
+      def valid?
+        mapping.to.respond_to?(:authenticate_with_token) && authentication_token(scope).present?
+      end
+
+      # Authenticate a user based on authenticatable token params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate_with_token(params[scope] || params)
+          success!(resource)
+        else
+          fail!(:invalid_token)
+        end
+      end
+
+    private
+
+      # Detect authentication token in params: scoped or not.
+      def authentication_token(scope)
+        if params[scope]
+          params[scope][mapping.to.token_authentication_key]
+        else
+          params[mapping.to.token_authentication_key]
+        end
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)

data/lib/devise/test_helpers.rb

@@ -0,0 +1,90 @@
+module Devise
+  module TestHelpers
+    def self.included(base)
+      base.class_eval do
+        setup :setup_controller_for_warden, :warden if respond_to?(:setup)
+      end
+    end
+
+    # This is a Warden::Proxy customized for functional tests. It's meant to
+    # some of Warden::Manager responsibilities, as retrieving configuration
+    # options and calling the FailureApp.
+    class TestWarden < Warden::Proxy #:nodoc:
+      attr_reader :controller
+
+      def initialize(controller)
+        @controller = controller
+        manager = Warden::Manager.new(nil) do |config|
+          Devise.configure_warden(config)
+        end
+        super(controller.request.env, manager)
+      end
+
+      def authenticate!(*args)
+        catch_with_redirect { super }
+      end
+
+      def user(*args)
+        catch_with_redirect { super }
+      end
+
+      def catch_with_redirect(&block)
+        result = catch(:warden, &block)
+
+        if result.is_a?(Hash) && !custom_failure? && !@controller.send(:performed?)
+          result[:action] ||= :unauthenticated
+
+          env = @controller.request.env
+          env["PATH_INFO"] = "/#{result[:action]}"
+          env["warden.options"] = result
+          Warden::Manager._before_failure.each{ |hook| hook.call(env, result) }
+
+          status, headers, body = Devise::FailureApp.call(env).to_a
+          @controller.send :redirect_to, headers["Location"]
+        else
+          result
+        end
+      end
+    end
+
+    # We need to setup the environment variables and the response in the controller.
+    def setup_controller_for_warden #:nodoc:
+      @request.env['action_controller.rescue.request']  = @request
+      @request.env['action_controller.rescue.response'] = @response
+      @request.env['rack.session'] = session
+      @controller.response = @response
+    end
+
+    # Quick access to Warden::Proxy.
+    def warden #:nodoc:
+      @warden ||= (@request.env['warden'] = TestWarden.new(@controller))
+    end
+
+    # sign_in a given resource by storing its keys in the session.
+    #
+    # Examples:
+    #
+    #   sign_in :user, @user   # sign_in(scope, resource)
+    #   sign_in @user          # sign_in(resource)
+    #
+    def sign_in(resource_or_scope, resource=nil)
+      scope    ||= Devise::Mapping.find_scope!(resource_or_scope)
+      resource ||= resource_or_scope
+      warden.session_serializer.store(resource, scope)
+    end
+
+    # Sign out a given resource or scope by calling logout on Warden.
+    #
+    # Examples:
+    #
+    #   sign_out :user     # sign_out(scope)
+    #   sign_out @user     # sign_out(resource)
+    #
+    def sign_out(resource_or_scope)
+      scope = Devise::Mapping.find_scope!(resource_or_scope)
+      @controller.instance_variable_set(:"@current_#{scope}", nil)
+      warden.logout(scope)
+    end
+
+  end
+end

data/lib/devise/version.rb

@@ -0,0 +1,3 @@
+module Devise
+  VERSION = "1.0.9".freeze
+end

data/lib/devise.rb

@@ -0,0 +1,269 @@
+print "loading lib/devise.rb"
+
+
+module Devise
+  autoload :FailureApp, 'devise/failure_app'
+  autoload :Models, 'devise/models'
+  autoload :Schema, 'devise/schema'
+  autoload :TestHelpers, 'devise/test_helpers'
+
+  module Controllers
+    autoload :Helpers, 'devise/controllers/helpers'
+    autoload :InternalHelpers, 'devise/controllers/internal_helpers'
+    autoload :UrlHelpers, 'devise/controllers/url_helpers'
+  end
+
+  module Encryptors
+    autoload :Base, 'devise/encryptors/base'
+    autoload :Bcrypt, 'devise/encryptors/bcrypt'
+    autoload :AuthlogicSha512, 'devise/encryptors/authlogic_sha512'
+    autoload :ClearanceSha1, 'devise/encryptors/clearance_sha1'
+    autoload :RestfulAuthenticationSha1, 'devise/encryptors/restful_authentication_sha1'
+    autoload :Sha512, 'devise/encryptors/sha512'
+    autoload :Sha1, 'devise/encryptors/sha1'
+  end
+
+  module Orm
+    autoload :ActiveRecord, 'devise/orm/active_record'
+    autoload :DataMapper, 'devise/orm/data_mapper'
+    autoload :MongoMapper, 'devise/orm/mongo_mapper'
+  end
+
+  ALL = []
+
+  # Authentication ones first
+  ALL.push :database_authenticatable, :http_authenticatable, :token_authenticatable, :rememberable
+
+  # Misc after
+  ALL.push :recoverable, :registerable, :validatable
+
+  # The ones which can sign out after
+  ALL.push :activatable, :confirmable, :lockable, :timeoutable
+
+  # Stats for last, so we make sure the user is really signed in
+  ALL.push :trackable
+
+  # Maps controller names to devise modules.
+  CONTROLLERS = {
+    :sessions => [:database_authenticatable, :token_authenticatable],
+    :passwords => [:recoverable],
+    :confirmations => [:confirmable],
+    :registrations => [:registerable],
+    :unlocks => [:lockable]
+  }
+
+  # Routes for generating url helpers.
+  ROUTES = [:session, :password, :confirmation, :registration, :unlock]
+
+  STRATEGIES  = [:rememberable, :http_authenticatable, :token_authenticatable, :database_authenticatable]
+
+  TRUE_VALUES = [true, 1, '1', 't', 'T', 'true', 'TRUE']
+
+  # Maps the messages types that are used in flash message.
+  FLASH_MESSAGES = [:unauthenticated, :unconfirmed, :invalid, :invalid_token, :timeout, :inactive, :locked]
+
+  # Declare encryptors length which are used in migrations.
+  ENCRYPTORS_LENGTH = {
+    :sha1   => 40,
+    :sha512 => 128,
+    :clearance_sha1 => 40,
+    :restful_authentication_sha1 => 40,
+    :authlogic_sha512 => 128,
+    :bcrypt => 60
+  }
+
+  # Email regex used to validate email formats. Adapted from authlogic.
+  EMAIL_REGEX = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
+
+  # Used to encrypt password. Please generate one with rake secret.
+  mattr_accessor :pepper
+  @@pepper = nil
+
+  # The number of times to encrypt password.
+  mattr_accessor :stretches
+  @@stretches = 10
+
+  # Keys used when authenticating an user.
+  mattr_accessor :authentication_keys
+  @@authentication_keys = [ :email ]
+
+  # Time interval where the remember me token is valid.
+  mattr_accessor :remember_for
+  @@remember_for = 2.weeks
+
+  # Time interval you can access your account before confirming your account.
+  mattr_accessor :confirm_within
+  @@confirm_within = 0.days
+
+  # Time interval to timeout the user session without activity.
+  mattr_accessor :timeout_in
+  @@timeout_in = 30.minutes
+
+  # Used to define the password encryption algorithm.
+  mattr_accessor :encryptor
+  @@encryptor = :sha1
+
+  # Store scopes mappings.
+  mattr_accessor :mappings
+  @@mappings = ActiveSupport::OrderedHash.new
+
+  # Stores the chosen ORM.
+  mattr_accessor :orm
+  @@orm = :active_record
+
+  # TODO Remove
+  mattr_accessor :all
+  @@all = []
+
+  # Tells if devise should apply the schema in ORMs where devise declaration
+  # and schema belongs to the same class (as Datamapper and MongoMapper).
+  mattr_accessor :apply_schema
+  @@apply_schema = true
+
+  # Scoped views. Since it relies on fallbacks to render default views, it's
+  # turned off by default.
+  mattr_accessor :scoped_views
+  @@scoped_views = false
+
+  # Number of authentication tries before locking an account
+  mattr_accessor :maximum_attempts
+  @@maximum_attempts = 20
+
+  # Defines which strategy can be used to unlock an account.
+  # Values: :email, :time, :both
+  mattr_accessor :unlock_strategy
+  @@unlock_strategy = :both
+
+  # Time interval to unlock the account if :time is defined as unlock_strategy.
+  mattr_accessor :unlock_in
+  @@unlock_in = 1.hour
+
+  # Tell when to use the default scope, if one cannot be found from routes.
+  mattr_accessor :use_default_scope
+  @@use_default_scope = false
+
+  # The default scope which is used by warden.
+  mattr_accessor :default_scope
+  @@default_scope = nil
+
+  # Address which sends Devise e-mails.
+  mattr_accessor :mailer_sender
+  @@mailer_sender = nil
+
+  # Content Type of Devise e-mails.
+  mattr_accessor :mailer_content_type
+  @@mailer_content_type = 'text/html'
+
+  # Authentication token params key name of choice. E.g. /users/sign_in?some_key=...
+  mattr_accessor :token_authentication_key
+  @@token_authentication_key = :auth_token
+
+  # The realm used in Http Basic Authentication
+  mattr_accessor :http_authentication_realm
+  @@http_authentication_realm = "Application"
+
+  class << self
+    # Default way to setup Devise. Run script/generate devise_install to create
+    # a fresh initializer with all configuration values.
+    def setup
+      yield self
+    end
+
+    # Sets warden configuration using a block that will be invoked on warden
+    # initialization.
+    #
+    #  Devise.initialize do |config|
+    #    config.confirm_within = 2.days
+    #
+    #    config.warden do |manager|
+    #      # Configure warden to use other strategies, like oauth.
+    #      manager.oauth(:twitter)
+    #    end
+    #  end
+    def warden(&block)
+      @warden_config = block
+    end
+
+    # Configure default url options to be used within Devise and ActionController.
+    def default_url_options(&block)
+      who = Devise::Mapping.respond_to?(:singleton_class) ?
+        Devise::Mapping.singleton_class : Devise::Mapping.metaclass
+      who.send :define_method, :default_url_options, &block
+    end
+
+    # A method used internally to setup warden manager from the Rails initialize
+    # block.
+    def configure_warden(config) #:nodoc:
+      config.default_strategies *Devise::STRATEGIES
+      config.failure_app = Devise::FailureApp
+      config.silence_missing_strategies!
+      config.default_scope = Devise.default_scope
+
+      # If the user provided a warden hook, call it now.
+      @warden_config.try :call, config
+    end
+
+    # The class of the configured ORM
+    def orm_class
+      Devise::Orm.const_get(@@orm.to_s.camelize.to_sym)
+    end
+
+    # Generate a friendly string randomically to be used as token.
+    def friendly_token
+      ActiveSupport::SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
+    end
+
+    # Make Devise aware of an 3rd party Devise-module. For convenience.
+    #
+    # == Options:
+    #
+    #   +strategy+    - Boolean value representing if this module got a custom *strategy*.
+    #                   Default is +false+. Note: Devise will auto-detect this in such case if this is true.
+    #   +model+       - String representing a load path to a custom *model* for this module (to autoload).
+    #                   Default is +nil+ (i.e. +false+).
+    #   +controller+  - Symbol representing a name of an exisiting or custom *controller* for this module.
+    #                   Default is +nil+ (i.e. +false+).
+    #   +route+       - Symbol representing the name of a *route* related to this module which a set of
+    #                   route view helpers should be created for.
+    #                   Default is +nil+ (i.e. +false+).
+    #
+    # == Examples:
+    #
+    #   Devise.add_module(:party_module)
+    #   Devise.add_module(:party_module, :strategy => true, :controller => :sessions)
+    #   Devise.add_module(:party_module, :model => 'party_module/model')
+    #
+    def add_module(module_name, options = {})
+      Devise::ALL << module_name        unless Devise::ALL.include?(module_name)
+      Devise::STRATEGIES.unshift module_name if options[:strategy] && !Devise::STRATEGIES.include?(module_name)
+
+      if options[:controller]
+        controller = options[:controller].to_sym
+        Devise::CONTROLLERS[controller] ||= []
+        Devise::CONTROLLERS[controller].unshift module_name unless Devise::CONTROLLERS[controller].include?(module_name)
+      end
+
+      if options[:route]
+        Devise::ROUTES.unshift options[:route] unless Devise::ROUTES.include?(options[:route])
+      end
+
+      if options[:model]
+        Devise::Models.module_eval do
+          autoload :"#{module_name.to_s.classify}", options[:model]
+        end
+      end
+
+      Devise::Mapping.register module_name
+    end
+  end
+end
+
+begin
+  require 'warden'
+rescue
+  gem 'warden'
+  require 'warden'
+end
+
+require 'devise/mapping'
+require 'devise/rails'

data/lib/devise_ennder.rb

@@ -0,0 +1,3 @@
+# Ennder 2011 TODO retirer trace
+print "require 'devise' #(dans le plugin devise_ennder)\n"
+require 'devise'

data/lib/tasks/devise_ennder_tasks.rake

@@ -0,0 +1,11 @@
+namespace :devise_ennder do
+  desc "Synchronise les migrations du plugin devise_ennder vers l'appli"
+  task :sync_migrations do
+    system "rsync -ruv vendor/plugins/devise_ennder/db/migrate db"
+  end
+
+  desc "Synchronise le modèle user du plugin devise_ennder vers l'appli"
+  task :sync_user_model do
+    system "rsync -ruv vendor/plugins/devise_ennder/app/models/user.rb app/models"
+  end
+end