double_auth_engine 0.0.1

data/.gitignore

@@ -0,0 +1,7 @@
+.bundle/
+log/*.log
+pkg/
+spec/dummy/db/*.sqlite3
+spec/dummy/log/*.log
+spec/dummy/tmp/
+.idea/*

data/.rvmrc

@@ -0,0 +1 @@
+rvm use 1.9.2@double_auth_engine --create

data/Gemfile

@@ -0,0 +1,9 @@
+source "http://rubygems.org"
+
+gem "rails", "3.0.5"
+gem "sqlite3-ruby", :require => "sqlite3"
+gem "double_auth_engine", :path => "./"
+gem "capybara", ">= 0.4.0"
+gem "rspec-rails"
+gem "ffaker"
+gem "mail"

data/Gemfile.lock

@@ -0,0 +1,136 @@
+GIT
+  remote: git://github.com/jeremydurham/authlogic.git
+  revision: 8fc34e1d58ea52e5439e7001eacb6d383f2bf0a0
+  specs:
+    authlogic (2.1.6)
+      activesupport
+
+PATH
+  remote: .
+  specs:
+    double_auth_engine (0.0.1)
+      authlogic
+      declarative_authorization
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (3.0.5)
+      actionpack (= 3.0.5)
+      mail (~> 2.2.15)
+    actionpack (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.7)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.5)
+      activesupport (= 3.0.5)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
+    activesupport (3.0.5)
+    arel (2.0.9)
+    builder (2.1.2)
+    capybara (0.4.1.2)
+      celerity (>= 0.7.9)
+      culerity (>= 0.2.4)
+      mime-types (>= 1.16)
+      nokogiri (>= 1.3.3)
+      rack (>= 1.0.0)
+      rack-test (>= 0.5.4)
+      selenium-webdriver (>= 0.0.27)
+      xpath (~> 0.1.3)
+    celerity (0.8.9)
+    childprocess (0.1.8)
+      ffi (~> 1.0.6)
+    culerity (0.2.15)
+    declarative_authorization (0.5.2)
+    diff-lcs (1.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    ffaker (1.5.0)
+    ffi (1.0.7)
+      rake (>= 0.8.7)
+    i18n (0.5.0)
+    json_pure (1.5.1)
+    mail (2.2.15)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    nokogiri (1.4.4)
+    polyglot (0.3.1)
+    rack (1.2.2)
+    rack-mount (0.6.14)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.5)
+      actionmailer (= 3.0.5)
+      actionpack (= 3.0.5)
+      activerecord (= 3.0.5)
+      activeresource (= 3.0.5)
+      activesupport (= 3.0.5)
+      bundler (~> 1.0)
+      railties (= 3.0.5)
+    railties (3.0.5)
+      actionpack (= 3.0.5)
+      activesupport (= 3.0.5)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
+    rake (0.8.7)
+    rspec (2.5.0)
+      rspec-core (~> 2.5.0)
+      rspec-expectations (~> 2.5.0)
+      rspec-mocks (~> 2.5.0)
+    rspec-core (2.5.1)
+    rspec-expectations (2.5.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.5.0)
+    rspec-rails (2.5.0)
+      actionpack (~> 3.0)
+      activesupport (~> 3.0)
+      railties (~> 3.0)
+      rspec (~> 2.5.0)
+    rubyzip (0.9.4)
+    selenium-webdriver (0.1.4)
+      childprocess (>= 0.1.7)
+      ffi (>= 1.0.7)
+      json_pure
+      rubyzip
+    sqlite3 (1.3.3)
+    sqlite3-ruby (1.3.3)
+      sqlite3 (>= 1.3.3)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.25)
+    xpath (0.1.3)
+      nokogiri (~> 1.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  authlogic (= 2.1.6)!
+  capybara (>= 0.4.0)
+  double_auth_engine!
+  ffaker
+  mail
+  rails (= 3.0.5)
+  rspec-rails
+  sqlite3-ruby

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2011 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,59 @@
+# Double Auth Engine
+[Authlogic](https://github.com/binarylogic/authlogic) and [Declarative Authorization](https://github.com/stffn/declarative_authorization) together in one fantastic Rails engine. Bladow!
+
+## Usage
+1. Add double_auth_engine to Gemfile
+
+        gem "double_auth_engine"
+
+2. Rebundle
+
+        bundle install
+
+3. Run the DoubleAuthEngine install generator
+
+        rails g double_auth_engine:install
+
+4. Migrate your DB and seed it with default seeds (:user and :admin)
+
+        rake db:migrate:seed
+
+6. Update "default@dummy.com" within setup_mail.rb to the default address for your application. This address is used for the engine's password reset mailer.
+
+        class ActionMailer::Base
+          def from_with_default(input=nil)
+            return from_without_default(input) || "default@dummy.com" if input.nil?
+            from_without_default(input)
+          end
+          alias_method_chain :from, :default
+        end
+
+5. Start app
+
+        rails s
+
+## Readme Driven Development
+
+A <del>strike</del> means its done!
+
+* <del>Add Authlogic</del>
+* <del>Add Password Reset</del>
+* <del>Update generator with ActionMailer monkey patch</del>
+* <del>Update install generator to add include to ApplicationController</del>
+* <del>Update README for mailer settings</del>
+* <del>Authlogic specs</del>
+* <del>Add Declarative Authorization</del>
+* <del>Declarative Authorization specs</del>
+* Mailer specs
+* Style views
+
+## Versioning
+<strong>Version 0.0.1 </strong> - This project uses [Semantic Versioning](http://semver.org/)
+
+## Contributors
+All contributions are welcome. Fork repo, make changes, add specs, ensure all specs pass, send a pull request.
+
+* [Kyle Bolton](https://github.com/kb) - Creator
+* [Jeremy Durham](https://github.com/jeremydurham)
+
+Copyright (c) 2011 Kyle Bolton, released under the MIT license

data/Rakefile

@@ -0,0 +1,25 @@
+# encoding: UTF-8
+require 'rubygems'
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rake'
+require 'rake/rdoctask'
+
+require 'rspec/core'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec
+
+Rake::RDocTask.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'DoubleAuthEngine'
+  rdoc.options << '--line-numbers' << '--inline-source'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/app/controllers/password_resets_controller.rb

@@ -0,0 +1,3 @@
+class PasswordResetsController < ApplicationController
+  include DoubleAuthEngine::PasswordResetsControllerMixin
+end

data/app/controllers/user_sessions_controller.rb

@@ -0,0 +1,3 @@
+class UserSessionsController < ApplicationController
+  include DoubleAuthEngine::UserSessionsControllerMixin
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,3 @@
+class UsersController < ApplicationController
+  include DoubleAuthEngine::UsersControllerMixin
+end

data/app/mailers/notifier.rb

@@ -0,0 +1,8 @@
+class Notifier < ActionMailer::Base
+  def password_reset_instructions(user)
+    subject "Password Reset Instructions"
+    recipients user.email
+    sent_on Time.now
+    @edit_password_reset_url = edit_password_reset_url(user.perishable_token)
+  end
+end

data/app/models/assignment.rb

@@ -0,0 +1,3 @@
+class Assignment < ActiveRecord::Base
+  include DoubleAuthEngine::AssignmentMixin
+end

data/app/models/role.rb

@@ -0,0 +1,3 @@
+class Role < ActiveRecord::Base
+  include DoubleAuthEngine::RoleMixin
+end

data/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include DoubleAuthEngine::UserMixin
+end

data/app/models/user_session.rb

@@ -0,0 +1,3 @@
+class UserSession < Authlogic::Session::Base
+  include DoubleAuthEngine::UserSessionMixin
+end

data/app/views/notifier/password_reset_instructions.text.erb

@@ -0,0 +1,8 @@
+A request to reset your password has been made.
+If you did not make this request, simply ignore this email.
+If you did make this request just click the link below:
+
+<%= @edit_password_reset_url %>
+
+If the above URL does not work try copying and pasting it into your browser.
+If you continue to have problem please feel free to contact us.

data/app/views/password_resets/edit.html.erb

@@ -0,0 +1,5 @@
+<%= form_tag password_reset_path, :method => :put do %>
+  <%= label_tag :password, 'Enter your new password' %>
+  <%= password_field_tag :password, nil %>
+  <%= submit_tag %>
+<% end %>

data/app/views/password_resets/new.html.erb

@@ -0,0 +1,5 @@
+<%= form_tag password_resets_path do %>
+  <%= label_tag :email, nil %>
+  <%= text_field_tag :email, nil %>
+  <%= submit_tag %>
+<% end %>

data/app/views/user_sessions/new.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Login</title>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+<%= form_for @user_session do |f| %>
+  <%= f.label :email, "Email" %>
+  <%= f.text_field :email %>
+  <%= f.label :password, "Password" %>
+  <%= f.password_field :password %>
+  <%= link_to 'Forgot Password?', forgot_password_path %>
+  <%= f.submit "Login" %>
+<% end %>
+</body>
+</html>

data/app/views/users/new.html.erb

@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>New User</title>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+<%= form_for @user do |f| %>
+  <%= f.label :name, "Name" %>
+  <%= f.text_field :name %>
+  <%= f.label :email, "Email" %>
+  <%= f.text_field :email %>
+  <%= f.label :password, "Password" %>
+  <%= f.password_field :password %>
+  <%= f.label :password_confirmation, "Re-enter password" %>
+  <%= f.password_field :password_confirmation %>
+  <%= f.submit %>
+<% end %>
+</body>
+</html>

data/app/views/users/show.html.erb

@@ -0,0 +1,2 @@
+<%= @user.name %>
+<%= @user.email %>

data/config/routes.rb

@@ -0,0 +1,11 @@
+Rails.application.routes.draw do
+  match 'signup', :to => 'users#new'
+  match 'login', :to => 'user_sessions#new'
+  match 'logout', :to => 'user_sessions#destroy'
+
+  resources :users
+  resources :user_sessions
+
+  match '/forgot_password', :controller => 'password_resets', :action => 'new'
+  resources :password_resets
+end

data/double_auth_engine.gemspec

@@ -0,0 +1,26 @@
+# -*- encoding: utf-8 -*-
+lib = File.expand_path('../lib/', __FILE__)
+$:.unshift lib unless $:.include?(lib)
+
+require "double_auth_engine/version"
+
+Gem::Specification.new do |s|
+  s.name        = "double_auth_engine"
+  s.version     = DoubleAuthEngine::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Kyle Bolton"]
+  s.email       = "kyle.bolton@gmail.com'"
+  s.homepage    = "https://github.com/kb/double_auth_engine"
+  s.license     = "MIT"
+  s.summary     = "Authlogic and Declarative Authorization Engine"
+  s.description = "Authlogic and Declarative Authorization Engine for Rails 3"
+
+  s.required_rubygems_version = ">= 1.3.6"
+
+  s.add_dependency("kb-authlogic")
+  s.add_dependency("declarative_authorization")
+
+  s.files = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files spec/*`.split("\n")
+  s.require_paths = ["lib"]
+end

data/lib/double_auth_engine/controllers/application_controller_mixin.rb

@@ -0,0 +1,42 @@
+module DoubleAuthEngine
+  module ApplicationControllerMixin
+    def self.included(base)
+      base.class_eval do
+        before_filter :require_user
+        helper_method :current_user_session, :current_user
+      end
+      base.send :include, InstanceMethods
+    end
+
+    module InstanceMethods
+      protected
+      def current_user_session
+        return @current_user_session if defined?(@current_user_session)
+        @current_user_session = UserSession.find
+      end
+
+      def current_user
+        return @current_user if defined?(@current_user)
+        @current_user = current_user_session && current_user_session.record
+      end
+
+      def require_user
+        unless current_user
+          store_location
+          flash[:notice] = "You must be logged in to access this page" unless request.fullpath == root_path
+          redirect_to login_url
+          false
+        end
+      end
+
+      def store_location
+        session[:return_to] = request.fullpath
+      end
+
+      def redirect_back_or_default(default)
+        redirect_to(session[:return_to] || default)
+        session[:return_to] = nil
+      end
+    end
+  end
+end

data/lib/double_auth_engine/controllers/password_resets_controller_mixin.rb

@@ -0,0 +1,49 @@
+module DoubleAuthEngine
+  module PasswordResetsControllerMixin
+    def self.included(base)
+      base.class_eval do
+        skip_before_filter :require_user
+        before_filter :load_user_using_perishable_token, :only => [:edit, :update]
+      end
+      base.send :include, InstanceMethods
+    end
+
+    module InstanceMethods
+      def new
+      end
+
+      def create
+        @user = User.find_by_email(params[:email])
+        if @user
+          @user.deliver_password_reset_instructions!
+          redirect_to root_url, :notice => 'Instructions to reset your password have been emailed to you. Please check your email.'
+        else
+          redirect_to new_password_reset_url, :notice => 'No user was found with that email address'
+        end
+      end
+
+      def edit
+      end
+
+      def update
+        @user.password              = params[:password]
+        @user.password_confirmation = params[:password]
+        if @user.save
+          flash[:success] = "Your password was successfully updated"
+          redirect_to root_url
+        else
+          render :action => :edit
+        end
+      end
+
+      private
+      def load_user_using_perishable_token
+        @user = User.find_using_perishable_token(params[:id])
+        unless @user
+          flash[:error] = "We're sorry, but we could not locate your account"
+          redirect_to root_url
+        end
+      end
+    end
+  end
+end

data/lib/double_auth_engine/controllers/user_sessions_controller_mixin.rb

@@ -0,0 +1,34 @@
+module DoubleAuthEngine
+  module UserSessionsControllerMixin
+    def self.included(base)
+      base.class_eval do
+        skip_before_filter :require_user, :only => [:new, :create]
+        respond_to :html, :json, :js
+      end
+      base.send :include, InstanceMethods
+    end
+
+    module InstanceMethods
+      def new
+        @user_session = UserSession.new
+        render :layout => false
+      end
+
+      def create
+        @user_session = UserSession.new(params[:user_session])
+        if @user_session.save
+          redirect_to root_url
+        else
+          render :action => 'new'
+        end
+      end
+
+      def destroy
+        @user_session = UserSession.find(params[:id])
+        @user_session.destroy
+        flash[:notice] = 'Successfully logged out'
+        redirect_to root_url
+      end
+    end
+  end
+end

data/lib/double_auth_engine/controllers/users_controller_mixin.rb

@@ -0,0 +1,63 @@
+module DoubleAuthEngine
+  module UsersControllerMixin
+    def self.included(base)
+      base.class_eval do
+        skip_before_filter :require_user, :only => [:new, :create]
+        filter_access_to [:edit, :update], :attribute_check => true
+        respond_to :html, :json, :js
+      end
+      base.send :include, InstanceMethods
+    end
+
+    module InstanceMethods
+      def index
+        @users = User.all
+        respond_with(@users)
+      end
+
+      def show
+        @user = User.find(params[:id])
+        respond_with @user
+      end
+
+      def new
+        @user = User.new
+        respond_with @user
+      end
+
+      def create
+        @user = User.new(params[:user])
+        if @user.save
+          flash[:notice] = 'User successfully created'
+          respond_with(@user)
+        else
+          render :action => 'new'
+        end
+      end
+
+      def edit
+        @user = User.find(params[:id])
+        respond_with(@user)
+      end
+
+      def update
+        @user = User.find(params[:id])
+        if @user.update_attributes(params[:user])
+          flash[:notice] = 'User successfully updated'
+          respond_with(@user)
+        else
+          render :action => 'edit'
+        end
+      end
+
+      def destroy
+        @user = User.find(params[:id])
+        @user.destroy
+        respond_to do |format|
+          format.html { redirect_to(users_url) }
+          format.xml { head :ok }
+        end
+      end
+    end
+  end
+end

data/lib/double_auth_engine/generators/double_auth_engine/install_generator.rb

@@ -0,0 +1,48 @@
+require 'rails/generators'
+
+module DoubleAuthEngine
+  class InstallGenerator < Rails::Generators::Base
+    include Rails::Generators::Migration
+
+    def self.source_root
+      @source_root ||= File.join(File.dirname(__FILE__), 'templates')
+    end
+
+    def self.next_migration_number(path)
+      unless @prev_migration_nr
+        @prev_migration_nr = Time.now.utc.strftime("%Y%m%d%H%M%S").to_i
+      else
+        @prev_migration_nr += 1
+      end
+      @prev_migration_nr.to_s
+    end
+
+    def create_migration_files
+      migration_template "user_migration.rb", "db/migrate/create_users.rb"
+      migration_template "role_migration.rb", "db/migrate/create_roles.rb"
+      migration_template "assignment_migration.rb", "db/migrate/create_assignments.rb"
+    end
+
+    def create_initializer_file
+      copy_file "setup_mail_initializer.rb", "config/initializers/setup_mail.rb"
+    end
+
+    def create_authorization_file
+      copy_file "authorization_rules.rb", "config/authorization_rules.rb"
+    end
+
+    def update_application_controller
+      insert_into_file "app/controllers/application_controller.rb", :after => "class ApplicationController < ActionController::Base\n" do
+        "\tinclude DoubleAuthEngine::ApplicationControllerMixin\n"
+      end
+    end
+
+    # Passing a block to append_to_file would not format nicely,
+    # which is why I opted for separate append statements. Don't judge.
+    def add_roles
+      append_to_file "db/seeds.rb", "if Role.all.empty?\n"
+      append_to_file "db/seeds.rb", "\tRole.create(:name => 'admin')\n"
+      append_to_file "db/seeds.rb", "end\n"
+    end
+  end
+end

data/lib/double_auth_engine/generators/double_auth_engine/templates/assignment_migration.rb

@@ -0,0 +1,13 @@
+class CreateAssignments < ActiveRecord::Migration
+  def self.up
+    create_table :assignments do |t|
+      t.belongs_to :user
+      t.belongs_to :role
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :assignments
+  end
+end