edge-auth 0.0.1

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2012 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,3 @@
+= EdgeAuth
+
+This project rocks and uses MIT-LICENSE.

data/Rakefile

@@ -0,0 +1,27 @@
+#!/usr/bin/env rake
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+begin
+  require 'rdoc/task'
+rescue LoadError
+  require 'rdoc/rdoc'
+  require 'rake/rdoctask'
+  RDoc::Task = Rake::RDocTask
+end
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'EdgeAuth'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+Bundler::GemHelper.install_tasks
+

data/app/assets/javascripts/edge_auth/application.js

@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .

data/app/assets/stylesheets/edge_auth/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+*/

data/app/controllers/edge_auth/application_controller.rb

@@ -0,0 +1,4 @@
+module EdgeAuth
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/helpers/edge_auth/application_helper.rb

@@ -0,0 +1,4 @@
+module EdgeAuth
+  module ApplicationHelper
+  end
+end

data/app/models/edge_auth/identity.rb

@@ -0,0 +1,126 @@
+require 'mongoid/edge-state-machine'
+
+module EdgeAuth
+	class Identity
+	  include Mongoid::Document
+	  include Mongoid::Timestamps
+	  include Mongoid::EdgeStateMachine
+
+
+	  field :email                       , :type => String
+	  field :encrypted_password          , :type => String
+	  field :salt                        , :type => String
+	  field :state                       , :type => String
+	  field :activation_code             , :type => String
+	  field :activated_at                , :type => DateTime
+	  field :password_reset_code         , :type => String
+	  field :reset_password_mail_sent_at , :type => DateTime
+
+
+	  index :email, unique: true
+
+	  attr_accessor   :password, :updating_password
+	  attr_accessible :email, :password, :password_confirmation, :activation_code
+
+	  validates_presence_of       :email, on: :create
+	  validates_length_of         :email, maximum: 255, on: :create
+	  validates_uniqueness_of     :email, case_sensitive: false, on: :create
+	  validates_format_of         :email, with: /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i, on: :create
+
+	  validates_presence_of       :password, :if => :should_validate_password?
+	  validates_confirmation_of   :password, :if => :should_validate_password?
+	  validates_length_of         :password, minimum: 6, maximum: 40, :if => :should_validate_password?
+
+	  before_save :encrypt_password
+	  before_create :make_activation_code
+
+	  state_machine do
+		state :pending
+	    state :active
+	    state :blocked # the user in this state can't sign in
+
+	    event :activate do
+	      transition :from => [:pending], :to => :active, :on_transition => :do_activate
+	    end
+
+	    event :block do
+	      transition :from => [:pending, :active], :to => :blocked
+	    end
+	  end
+
+	  # Return true if the user's password matches the submitted password.
+	  def has_password?(submitted_password)
+	    encrypted_password == encrypt(submitted_password)
+	  end
+
+	  def self.authenticate(email, submitted_password)
+	    user = Identity.first(conditions: {email: email})
+	    return nil  if user.nil? or user.state == "blocked"
+	    return user if user.has_password?(submitted_password)
+	  end
+
+	  def self.authenticate_with_salt(id, cookie_salt)
+	    return nil if id.nil?
+	    user = Identity.first(conditions: {_id: id})
+	    (user && user.salt == cookie_salt) ? user : nil
+	  end
+
+	  def activated?
+	    if self.activated_at == nil
+	      return false
+	    end
+	    return true
+	  end
+
+	  def reset_password_expired?
+	    return self.reset_password_mail_sent_at < 1.day.ago
+	  end
+
+	  def reset_password
+	    self.password_reset_code = generate_token
+	    self.reset_password_mail_sent_at = Time.now.utc
+	    self.save!(validate: false)
+	    # we send the reset password mail
+	    #UserMailer.reset_password(self).deliver
+	  end
+
+	  def do_activate
+	    self.activated_at = Time.now.utc
+	    self.save!
+	  end
+  private
+
+	  def encrypt_password
+	    self.salt = make_salt if new_record?
+	    self.encrypted_password = encrypt(password) if should_validate_password?
+	  end
+
+	  def encrypt(s)
+	    secure_hash("#{salt}--#{s}")
+	  end
+
+	  def make_salt
+	    begin
+	      salt = secure_hash("#{Time.now.utc}--#{password}--#{SecureRandom.urlsafe_base64}")
+	      user = Identity.where(salt: salt)
+	    end while Identity.exists?(conditions: { salt: salt })
+	    return salt
+	  end
+
+	  def secure_hash(string)
+	    Digest::SHA2.hexdigest(string)
+	  end
+
+	  def make_activation_code
+	    self.activation_code = generate_token
+	  end
+
+	  def should_validate_password?
+	    updating_password || new_record?
+	  end
+
+	  def generate_token
+	    Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join )
+	  end
+	end
+end

data/app/views/edge_auth/_form.html.erb

@@ -0,0 +1,16 @@
+<%= simple_form_for @auth_form_model, @auth_form_options do |f| %>
+  <% if @auth_form_model.respond_to? :username %>
+    <%= f.input :username, :autofocus => :true, :placeholder => 'Username' %>
+  <% end %>
+  <%= f.input :email, :placeholder => "email@domain.com" %>
+  <%= f.input :password, :label => 'Password', :required => true %>
+  <%= f.input :password_confirmation, :required => true %>
+  <% if EdgeCaptcha::Engine.config.recaptcha[:enable] %>
+      <%= render 'edge_captcha/recaptcha' %>
+    <% unless @auth_form_model.errors[:recaptcha].empty? %>
+      <small class="error recaptcha"><%= display_all_error_messages @auth_form_model, :recaptcha %></small>
+    <% end %>
+  <% end %>
+  <hr />
+  <%= f.submit "Create new account", :class => "nice large radius blue button" %>
+<% end %>

data/app/views/layouts/edge_auth/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>EdgeAuth</title>
+  <%= stylesheet_link_tag    "edge-auth/application", :media => "all" %>
+  <%= javascript_include_tag "edge-auth/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/config/routes.rb

@@ -0,0 +1,2 @@
+EdgeAuth::Engine.routes.draw do
+end

data/lib/edge-auth/engine.rb

@@ -0,0 +1,17 @@
+module EdgeAuth
+  class Engine < ::Rails::Engine
+    isolate_namespace EdgeAuth
+    config.generators do |g|
+      g.test_framework      :rspec, :view_specs => false
+      g.fixture_replacement :factory_girl
+      g.orm                 :mongoid
+    end
+
+    config.recaptcha = {}
+    config.recaptcha[:enable]              = true
+    config.recaptcha[:private_key]         = '6Len6sISAAAAAOnvKTBhB-qav8UHClxqP2RAuIHE'
+    config.recaptcha[:public_key]          = '6Len6sISAAAAAFjJaGLIU7IxEEheifrB8HY2AQj7'
+    config.recaptcha[:api_server_url]      = "http://www.google.com/recaptcha/api/verify"
+    config.recaptcha[:ssl_api_service_url] = "https://www.google.com/recaptcha/api/verify"
+  end
+end

data/lib/edge-auth/version.rb

@@ -0,0 +1,3 @@
+module EdgeAuth
+  VERSION = "0.0.1"
+end

data/lib/edge-auth.rb

@@ -0,0 +1,31 @@
+require "edge-auth/engine"
+
+module EdgeAuth
+
+  #try and verify the captcha response. Then give out a message to flash
+  def self.verify_recaptcha(remote_ip, params)
+    
+    unless EdgeCaptcha::Engine.config.recaptcha[:enable]
+      return true
+    end
+
+    responce = Net::HTTP.post_form(URI.parse(EdgeCaptcha::Engine.config.recaptcha[:api_server_url]),
+      { :privatekey => EdgeCaptcha::Engine.config.recaptcha[:private_key],
+        :remoteip => remote_ip,
+        :challenge => params[:recaptcha_challenge_field],
+        :response => params[:recaptcha_response_field] })
+      
+    result = { :status => responce.body.split("\n")[0], 
+               :error_code => responce.body.split("\n")[1] }
+
+    if result[:error_code] == "incorrect-captcha-sol"
+      return false
+    elsif result[:error_code] == 'success'
+      return true
+    else
+      flash[:alert] = "There has been a unexpected error with the application. Please contact the administrator. error code: #{result[:error_code]}"
+      return false
+    end
+    return true
+  end
+end

data/lib/tasks/edge-auth_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :edge-auth do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,71 @@
+--- !ruby/object:Gem::Specification
+name: edge-auth
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Dan Persa
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-02-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: &23338900 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: *23338900
+description: EdgeAuth is an authentication solution
+email:
+- dan.persa@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- app/models/edge_auth/identity.rb
+- app/helpers/edge_auth/application_helper.rb
+- app/controllers/edge_auth/application_controller.rb
+- app/views/layouts/edge_auth/application.html.erb
+- app/views/edge_auth/_form.html.erb
+- app/assets/stylesheets/edge_auth/application.css
+- app/assets/javascripts/edge_auth/application.js
+- config/routes.rb
+- lib/tasks/edge-auth_tasks.rake
+- lib/edge-auth.rb
+- lib/edge-auth/engine.rb
+- lib/edge-auth/version.rb
+- MIT-LICENSE
+- Rakefile
+- README.rdoc
+homepage: https://github.com/danpersa/edge-auth
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.15
+signing_key: 
+specification_version: 3
+summary: EdgeAuth is an authentication solution
+test_files: []