easy_auth 0.0.1.alpha.0 → 0.0.1.alpha.1

data/README.md

@@ -0,0 +1,49 @@
+# EasyAuth #
+
+[![Build Status](http://travis-ci.org/dockyard/easy_auth.png)](http://travis-ci.org/dockyard/easy_auth)
+
+Dead simple drop in authentication for Rails
+
+## Installation ##
+
+In your Gemfile add the following:
+
+```ruby
+gem 'easy_auth'
+```
+
+After running Bundler you'll need to install the migrations
+
+```ruby
+rake easy_auth:install:migrations
+```
+
+Then run your migrations.
+
+## Authors ##
+
+[Brian Cardarella](http://twitter.com/bcardarella)
+
+## Versioning ##
+
+This gem follows [Semantic Versioning](http://semver.org)
+
+## Want to help? ##
+
+Stable branches are created based upon each minor version. Please make
+pull requests to specific branches rather than master.
+
+Please make sure you include tests!
+
+Unles Rails drops support for Ruby 1.8.7 we will continue to use the
+hash-rocket syntax. Please respect this.
+
+Don't use tabs to indent, two spaces are the standard.
+
+## Legal ##
+
+[DockYard](http://dockyard.com), LLC © 2012
+
+[@dockyard](http://twitter.com/dockyard)
+
+[Licensed under the MIT license](http://www.opensource.org/licenses/mit-license.php)

data/app/controllers/authenticated_controller.rb

@@ -0,0 +1,3 @@
+class AuthenticatedController < ApplicationController
+  include EasyAuth::Controllers::Authenticated
+end

data/app/controllers/password_reset_controller.rb

@@ -0,0 +1,3 @@
+class PasswordResetController < ApplicationController
+  include EasyAuth::Controllers::PasswordReset
+end

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,3 @@
+class SessionsController < ApplicationController
+  include EasyAuth::Controllers::Sessions
+end

data/app/mailers/password_reset_mailer.rb

@@ -0,0 +1,4 @@
+class PasswordResetMailer < ActionMailer::Base
+  include EasyAuth::Mailers::PasswordReset
+  default from: "from@example.com"
+end

data/app/mixins/easy_auth/controllers/authenticated.rb

@@ -0,0 +1,14 @@
+module EasyAuth::Controllers::Authenticated
+  def self.included(base)
+    base.before_filter :attempt_to_authenticate
+  end
+
+  private
+
+  def attempt_to_authenticate
+    if user_not_signed_in?
+      session[:requested_path] = request.path
+      redirect_to main_app.sign_in_path
+    end
+  end
+end

data/app/mixins/easy_auth/controllers/password_reset.rb

@@ -0,0 +1,55 @@
+module EasyAuth::Controllers::PasswordReset
+  def self.included(base)
+    base.instance_eval do
+      before_filter :find_identity_from_reset_token, :only => [:edit, :update]
+    end
+  end
+
+  def new
+    @identity = EasyAuth.identity_model.new
+  end
+
+  def create
+    if @identity = EasyAuth.identity_model.where(:username => params[:identity][:username]).first
+      @identity.password_reset
+    else
+      @identity = EasyAuth.identity_model.new(params[:identity])
+    end
+
+    flash.now[:notice] = I18n.t('easy_auth.password_reset.create.notice')
+    render :new
+  end
+
+  def update
+    if @identity.update_attributes(scope_to_password_params(:identity))
+      after_successful_password_reset(@identity)
+    else
+      after_failed_sign_in(@identity)
+    end
+  end
+
+  private
+
+  def scope_to_password_params(key)
+    params[key].select { |k, v| ['password', 'password_confirmation'].include?(k) }
+  end
+
+  def find_identity_from_reset_token
+    @identity = EasyAuth.identity_model.where(:reset_token => params[:reset_token]).first
+  end
+
+  def after_successful_password_reset(identity)
+    session[:session_token] = identity.generate_session_token!
+    identity.update_attribute(:reset_token, nil)
+    redirect_to after_successful_password_reset_path(identity), :notice => I18n.t('easy_auth.password_reset.update.notice')
+  end
+
+  def after_successful_password_reset_path(identity)
+    identity.account
+  end
+
+  def after_failed_password_reset(identity)
+    flash.now[:error] = I18n.t('easy_auth.password_reset.update.error')
+    render :new
+  end
+end

data/app/mixins/easy_auth/controllers/sessions.rb

@@ -0,0 +1,39 @@
+module EasyAuth::Controllers::Sessions
+  def new
+    @identity = EasyAuth.identity_model.new
+  end
+
+  def create
+    if identity = EasyAuth.identity_model.authenticate(params[:identity])
+      session[:session_token] = identity.generate_session_token!
+      after_successful_sign_in(identity)
+    else
+      @identity = EasyAuth.identity_model.new(params[:identity])
+      after_failed_sign_in(@identity)
+    end
+  end
+
+  def destroy
+    session.delete(:session_token)
+    after_sign_out
+  end
+
+  private
+
+  def after_successful_sign_in(identity)
+    redirect_to session.delete(:requested_path) || after_successful_sign_in_path(identity), :notice => I18n.t('easy_auth.sessions.create.notice')
+  end
+
+  def after_successful_sign_in_path(identity)
+    identity.account
+  end
+
+  def after_failed_sign_in(identity)
+    flash.now[:error] = I18n.t('easy_auth.sessions.create.error')
+    render :new
+  end
+
+  def after_sign_out
+    redirect_to main_app.root_path, :notice => I18n.t('easy_auth.sessions.delete.notice')
+  end
+end

data/app/mixins/easy_auth/helpers.rb

@@ -0,0 +1,34 @@
+module EasyAuth
+  module Helpers
+    def self.included(base)
+      base.class_eval do
+        helper_method :current_account, :current_user, :account_signed_in?, :user_signed_in?, :account_not_signed_in?, :user_not_signed_in?
+      end
+    end
+
+    def current_account
+      if session[:session_token]
+        begin
+          @current_account ||= EasyAuth.identity_model.find_by_session_token(session[:session_token]).account
+        rescue
+          @current_account = nil
+          session.delete(:session_token)
+        end
+      end
+
+      @current_account
+    end
+    alias :current_user :current_account
+
+    def account_signed_in?
+      current_account
+    end
+    alias :user_signed_in? :account_signed_in?
+
+    def account_not_signed_in?
+      !account_signed_in?
+    end
+    alias :user_not_signed_in? :account_not_signed_in?
+
+  end
+end

data/app/mixins/easy_auth/mailers/password_reset.rb

@@ -0,0 +1,11 @@
+module EasyAuth::Mailers::PasswordReset
+  def self.included(base)
+    base.clear_action_methods!
+  end
+
+  def reset(id)
+    @identity = EasyAuth.identity_model.find(id)
+    @url = edit_password_url(@identity.reset_token)
+    mail :to => @identity.account.email, :subject => 'Password reset'
+  end
+end

data/app/mixins/easy_auth/models/account.rb

@@ -0,0 +1,45 @@
+module EasyAuth::Models::Account
+  class NoIdentityUsernameError < StandardError; end
+  def self.included(base)
+    base.class_eval do
+      unless respond_to?(:identity_username_attribute)
+        def self.identity_username_attribute
+          if column_names.include?('username')
+            :username
+          elsif column_names.include?('email')
+            :email
+          else
+            raise EasyAuth::Models::Account::NoIdentityUsernameError, 'your model must have either a #username or #email attribute. Or you must override the .identity_username_attribute class method'
+          end
+        end
+      end
+
+      def identity_username_attribute
+        self.send(self.class.identity_username_attribute)
+      end
+
+      has_one :identity, :as => :account
+      before_create :setup_identity
+      before_update :update_identity
+
+      attr_accessor :password
+      validates :password, :presence => { :on => :create }, :confirmation => true
+      attr_accessible :password, :password_confirmation
+      validates identity_username_attribute, :presence => true
+    end
+  end
+
+  private
+
+  def setup_identity
+    build_identity(identity_attributes)
+  end
+
+  def update_identity
+    identity.update_attributes(identity_attributes)
+  end
+
+  def identity_attributes
+    { :username => self.identity_username_attribute, :password => self.password, :password_confirmation => self.password_confirmation }
+  end
+end

data/app/mixins/easy_auth/models/identity.rb

@@ -0,0 +1,35 @@
+module EasyAuth::Models::Identity
+  def self.included(base)
+    base.class_eval do
+      belongs_to :account, :polymorphic => true
+      has_secure_password
+      attr_accessible :username, :password, :password_confirmation
+
+      def self.authenticate(attributes = nil)
+        return nil if attributes.nil?
+
+        if identity = where(arel_table[:username].matches(attributes[:username].try(&:strip))).first.try(:authenticate, attributes[:password])
+          identity
+        else
+          nil
+        end
+      end
+    end
+  end
+
+  def password_reset
+    update_attribute(:reset_token, URI.escape(_generate_token(:reset).gsub(/[\.|\\\/]/,'')))
+    PasswordResetMailer.reset(self.id).deliver
+  end
+
+  def generate_session_token!
+    self.update_attribute(:session_token, _generate_token(:session))
+    self.session_token
+  end
+
+  private
+
+  def _generate_token(type)
+    BCrypt::Password.create("#{id}-#{type}_token-#{DateTime.current}")
+  end
+end

data/app/models/identity.rb

@@ -0,0 +1,3 @@
+class Identity < ActiveRecord::Base
+  include EasyAuth::Models::Identity
+end

data/app/views/password_reset/edit.html.erb

@@ -0,0 +1,7 @@
+<%= form_for @identity, :url => main_app.edit_password_path(params[:reset_token]) do |f| %>
+  <%= f.label :password %>
+  <%= f.text_field :password %>
+  <%= f.label :password_confirmation %>
+  <%= f.text_field :password_confirmation %>
+  <%= f.submit 'Submit' %>
+<% end %>

data/app/views/password_reset/new.html.erb

@@ -0,0 +1,5 @@
+<%= form_for @identity, :url => main_app.password_reset_path do |f| %>
+  <%= f.label :username %>
+  <%= f.text_field :username %>
+  <%= f.submit 'Submit' %>
+<% end %>

data/app/views/password_reset_mailer/reset.html.erb

@@ -0,0 +1 @@
+<%= link_to 'Reset password', @url %>

data/app/views/password_reset_mailer/reset.text.erb

@@ -0,0 +1 @@
+Reset password: <%= @url %>

data/app/views/sessions/new.html.erb

@@ -0,0 +1,7 @@
+<%= form_for @identity, :url => main_app.sign_in_path do |f| %>
+  <%= f.label :username %>
+  <%= f.text_field :username %>
+  <%= f.label :password %>
+  <%= f.password_field :password %>
+  <%= f.submit 'Submit' %>
+<% end %>

data/config/locales/en.yml

@@ -0,0 +1,14 @@
+en:
+  easy_auth:
+    sessions:
+      create:
+        notice: 'You have been signed in.'
+        error: 'Could not sign you in. Please check your credentials.'
+      delete:
+        notice: 'You have been signed out.'
+    password_reset:
+      create:
+        notice: 'Please check your email for your password reset link.'
+      update:
+        notice: 'Your password has been updated.'
+        error: 'There was an issue updating your password.'

data/db/migrate/20120227014023_create_identities.rb

@@ -0,0 +1,17 @@
+class CreateIdentities < ActiveRecord::Migration
+  def change
+    create_table :identities do |t|
+      t.string  :username
+      t.string  :password_digest
+      t.string  :account_type
+      t.integer :account_id
+      t.string  :reset_token
+      t.string  :session_token
+      t.timestamps
+    end
+
+    [:username, :reset_token, :session_token].each do |column|
+      add_index :identities, column
+    end
+  end
+end

data/lib/easy_auth/engine.rb

@@ -1,5 +1,14 @@
 module EasyAuth
   class Engine < ::Rails::Engine
     isolate_namespace EasyAuth
+
+    initializer 'filter_parameters' do |app|
+      app.config.filter_parameters += [:password]
+      app.config.filter_parameters.uniq!
+    end
+
+    config.generators do |g|
+      g.test_framework :rspec, :view_specs => false
+    end
   end
 end

data/lib/easy_auth/routes.rb

@@ -0,0 +1,21 @@
+module ActionDispatch::Routing
+  class Mapper
+    def easy_auth_routes
+      easy_auth_session_routes
+      easy_auth_password_reset_routes
+    end
+
+    def easy_auth_session_routes
+      get  '/sign_out' => 'sessions#destroy', :as => :sign_out
+      get  '/sign_in'  => 'sessions#new',     :as => :sign_in
+      post '/sign_in'  => 'sessions#create'
+    end
+
+    def easy_auth_password_reset_routes
+      get  '/password_reset' => 'password_reset#new', :as => :password_reset
+      post '/password_reset' => 'password_reset#create'
+      get  '/password_reset/:reset_token' => 'password_reset#edit', :as => :edit_password
+      put  '/password_reset/:reset_token' => 'password_reset#update'
+    end
+  end
+end

data/lib/easy_auth/version.rb

@@ -1,3 +1,3 @@
 module EasyAuth
-  VERSION = '0.0.1.alpha.0'
+  VERSION = '0.0.1.alpha.1'
 end

data/lib/easy_auth.rb

@@ -1,4 +1,8 @@
-require "easy_auth/engine"
+require 'easy_auth/engine'
+require 'easy_auth/routes'
 
 module EasyAuth
+  def self.identity_model
+    Identity
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: easy_auth
 version: !ruby/object:Gem::Version
-  version: 0.0.1.alpha.0
+  version: 0.0.1.alpha.1
   prerelease: 6
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-02-19 00:00:00.000000000Z
+date: 2012-05-07 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70170282857740 !ruby/object:Gem::Requirement
+  requirement: &70277957196260 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,98 @@ dependencies:
         version: 3.2.1
   type: :runtime
   prerelease: false
-  version_requirements: *70170282857740
+  version_requirements: *70277957196260
+- !ruby/object:Gem::Dependency
+  name: bcrypt-ruby
+  requirement: &70277957194540 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70277957194540
 - !ruby/object:Gem::Dependency
   name: sqlite3
-  requirement: &70170282851920 !ruby/object:Gem::Requirement
+  requirement: &70277957192280 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957192280
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: &70277957175740 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957175740
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: &70277957173520 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957173520
+- !ruby/object:Gem::Dependency
+  name: capybara-email
+  requirement: &70277957172440 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957172440
+- !ruby/object:Gem::Dependency
+  name: valid_attribute
+  requirement: &70277957171180 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957171180
+- !ruby/object:Gem::Dependency
+  name: factory_girl_rails
+  requirement: &70277957169080 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957169080
+- !ruby/object:Gem::Dependency
+  name: bourne
+  requirement: &70277957167740 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: *70277957167740
+- !ruby/object:Gem::Dependency
+  name: debugger
+  requirement: &70277957165780 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,8 +120,8 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *70170282851920
-description: EasyAuth.
+  version_requirements: *70277957165780
+description: EasyAuth
 email:
 - brian@dockyard.com
 - bcardarella@gmail.com
@@ -41,19 +129,35 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- app/assets/javascripts/easy_auth/application.js
-- app/assets/stylesheets/easy_auth/application.css
-- app/controllers/easy_auth/application_controller.rb
-- app/helpers/easy_auth/application_helper.rb
+- app/controllers/authenticated_controller.rb
+- app/controllers/password_reset_controller.rb
+- app/controllers/sessions_controller.rb
+- app/mailers/password_reset_mailer.rb
+- app/mixins/easy_auth/controllers/authenticated.rb
+- app/mixins/easy_auth/controllers/password_reset.rb
+- app/mixins/easy_auth/controllers/sessions.rb
+- app/mixins/easy_auth/helpers.rb
+- app/mixins/easy_auth/mailers/password_reset.rb
+- app/mixins/easy_auth/models/account.rb
+- app/mixins/easy_auth/models/identity.rb
+- app/models/identity.rb
 - app/views/layouts/easy_auth/application.html.erb
+- app/views/password_reset/edit.html.erb
+- app/views/password_reset/new.html.erb
+- app/views/password_reset_mailer/reset.html.erb
+- app/views/password_reset_mailer/reset.text.erb
+- app/views/sessions/new.html.erb
+- config/locales/en.yml
 - config/routes.rb
+- db/migrate/20120227014023_create_identities.rb
 - lib/easy_auth/engine.rb
+- lib/easy_auth/routes.rb
 - lib/easy_auth/version.rb
 - lib/easy_auth.rb
 - lib/tasks/easy_auth_tasks.rake
 - MIT-LICENSE
 - Rakefile
-- README.rdoc
+- README.md
 homepage: https://github.com/dockyard/easy_auth
 licenses: []
 post_install_message: 
@@ -68,7 +172,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 3680409662779058770
+      hash: -3970848794038147418
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -80,5 +184,5 @@ rubyforge_project:
 rubygems_version: 1.8.15
 signing_key: 
 specification_version: 3
-summary: EasyAuth.
+summary: EasyAuth
 test_files: []

data/README.rdoc

@@ -1,3 +0,0 @@
-= EasyAuth
-
-This project rocks and uses MIT-LICENSE.

data/app/assets/javascripts/easy_auth/application.js

@@ -1,15 +0,0 @@
-// This is a manifest file that'll be compiled into application.js, which will include all the files
-// listed below.
-//
-// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
-// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
-//
-// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
-// the compiled file.
-//
-// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
-// GO AFTER THE REQUIRES BELOW.
-//
-//= require jquery
-//= require jquery_ujs
-//= require_tree .

data/app/assets/stylesheets/easy_auth/application.css

@@ -1,13 +0,0 @@
-/*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the top of the
- * compiled file, but it's generally better to create a new file per style scope.
- *
- *= require_self
- *= require_tree .
-*/

data/app/controllers/easy_auth/application_controller.rb

@@ -1,4 +0,0 @@
-module EasyAuth
-  class ApplicationController < ActionController::Base
-  end
-end

data/app/helpers/easy_auth/application_helper.rb

@@ -1,4 +0,0 @@
-module EasyAuth
-  module ApplicationHelper
-  end
-end