entrance 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/entrance.gemspec +1 -1
- data/examples/rails-app/.gitignore +16 -0
- data/examples/rails-app/Gemfile +6 -0
- data/examples/rails-app/Gemfile.lock +96 -0
- data/examples/rails-app/README.rdoc +28 -0
- data/examples/rails-app/Rakefile +6 -0
- data/examples/rails-app/app/assets/images/.keep +0 -0
- data/examples/rails-app/app/assets/javascripts/application.js +16 -0
- data/examples/rails-app/app/assets/stylesheets/application.css +13 -0
- data/examples/rails-app/app/controllers/application_controller.rb +6 -0
- data/examples/rails-app/app/controllers/concerns/.keep +0 -0
- data/examples/rails-app/app/controllers/sessions_controller.rb +25 -0
- data/examples/rails-app/app/controllers/users_controller.rb +24 -0
- data/examples/rails-app/app/controllers/welcome_controller.rb +7 -0
- data/examples/rails-app/app/helpers/application_helper.rb +2 -0
- data/examples/rails-app/app/mailers/.keep +0 -0
- data/examples/rails-app/app/models/.keep +0 -0
- data/examples/rails-app/app/models/concerns/.keep +0 -0
- data/examples/rails-app/app/models/user.rb +3 -0
- data/examples/rails-app/app/views/layouts/application.html.erb +19 -0
- data/examples/rails-app/app/views/sessions/new.html.erb +29 -0
- data/examples/rails-app/app/views/users/new.html.erb +32 -0
- data/examples/rails-app/app/views/welcome/index.html.erb +3 -0
- data/examples/rails-app/bin/bundle +3 -0
- data/examples/rails-app/bin/rails +4 -0
- data/examples/rails-app/bin/rake +4 -0
- data/examples/rails-app/config/application.rb +24 -0
- data/examples/rails-app/config/boot.rb +4 -0
- data/examples/rails-app/config/database.yml +25 -0
- data/examples/rails-app/config/environment.rb +5 -0
- data/examples/rails-app/config/environments/development.rb +29 -0
- data/examples/rails-app/config/environments/production.rb +80 -0
- data/examples/rails-app/config/environments/test.rb +36 -0
- data/examples/rails-app/config/initializers/backtrace_silencers.rb +7 -0
- data/examples/rails-app/config/initializers/entrance.rb +9 -0
- data/examples/rails-app/config/initializers/filter_parameter_logging.rb +4 -0
- data/examples/rails-app/config/initializers/inflections.rb +16 -0
- data/examples/rails-app/config/initializers/mime_types.rb +5 -0
- data/examples/rails-app/config/initializers/secret_token.rb +12 -0
- data/examples/rails-app/config/initializers/session_store.rb +3 -0
- data/examples/rails-app/config/initializers/wrap_parameters.rb +14 -0
- data/examples/rails-app/config/locales/en.yml +23 -0
- data/examples/rails-app/config/routes.rb +12 -0
- data/examples/rails-app/config.ru +4 -0
- data/examples/rails-app/db/migrate/20150107032724_create_users.rb +21 -0
- data/examples/rails-app/db/schema.rb +28 -0
- data/examples/rails-app/db/seeds.rb +7 -0
- data/examples/rails-app/lib/assets/.keep +0 -0
- data/examples/rails-app/lib/tasks/.keep +0 -0
- data/examples/rails-app/log/.keep +0 -0
- data/examples/rails-app/public/404.html +58 -0
- data/examples/rails-app/public/422.html +58 -0
- data/examples/rails-app/public/500.html +57 -0
- data/examples/rails-app/public/favicon.ico +0 -0
- data/examples/rails-app/public/robots.txt +5 -0
- data/examples/rails-app/test/controllers/.keep +0 -0
- data/examples/rails-app/test/fixtures/.keep +0 -0
- data/examples/rails-app/test/fixtures/users.yml +11 -0
- data/examples/rails-app/test/helpers/.keep +0 -0
- data/examples/rails-app/test/integration/.keep +0 -0
- data/examples/rails-app/test/mailers/.keep +0 -0
- data/examples/rails-app/test/models/.keep +0 -0
- data/examples/rails-app/test/models/user_test.rb +7 -0
- data/examples/rails-app/test/test_helper.rb +15 -0
- data/examples/rails-app/vendor/assets/javascripts/.keep +0 -0
- data/examples/rails-app/vendor/assets/stylesheets/.keep +0 -0
- data/lib/entrance/ciphers.rb +7 -5
- data/lib/entrance/config.rb +21 -2
- data/lib/entrance/controller.rb +67 -27
- data/lib/entrance/model.rb +122 -75
- data/lib/entrance/version.rb +2 -2
- data/lib/entrance.rb +6 -0
- metadata +128 -46
- checksums.yaml +0 -7
@@ -0,0 +1,12 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Your secret key is used for verifying the integrity of signed cookies.
|
4
|
+
# If you change this key, all old signed cookies will become invalid!
|
5
|
+
|
6
|
+
# Make sure the secret is at least 30 characters and all random,
|
7
|
+
# no regular words or you'll be exposed to dictionary attacks.
|
8
|
+
# You can use `rake secret` to generate a secure secret key.
|
9
|
+
|
10
|
+
# Make sure your secret_key_base is kept private
|
11
|
+
# if you're sharing your code publicly.
|
12
|
+
RailsApp::Application.config.secret_key_base = 'c201e15ab7b6b117cc24f351cd3d19903ad98e80066bffe0903f50361278804ac891e0b192264f22f2dde1f5fed86d2cc5aa2bb8b31ea22f22699df0c4f0923f'
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# This file contains settings for ActionController::ParamsWrapper which
|
4
|
+
# is enabled by default.
|
5
|
+
|
6
|
+
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
|
7
|
+
ActiveSupport.on_load(:action_controller) do
|
8
|
+
wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
|
9
|
+
end
|
10
|
+
|
11
|
+
# To enable root element in JSON for ActiveRecord objects.
|
12
|
+
# ActiveSupport.on_load(:active_record) do
|
13
|
+
# self.include_root_in_json = true
|
14
|
+
# end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# Files in the config/locales directory are used for internationalization
|
2
|
+
# and are automatically loaded by Rails. If you want to use locales other
|
3
|
+
# than English, add the necessary files in this directory.
|
4
|
+
#
|
5
|
+
# To use the locales, use `I18n.t`:
|
6
|
+
#
|
7
|
+
# I18n.t 'hello'
|
8
|
+
#
|
9
|
+
# In views, this is aliased to just `t`:
|
10
|
+
#
|
11
|
+
# <%= t('hello') %>
|
12
|
+
#
|
13
|
+
# To use a different locale, set it with `I18n.locale`:
|
14
|
+
#
|
15
|
+
# I18n.locale = :es
|
16
|
+
#
|
17
|
+
# This would use the information in config/locales/es.yml.
|
18
|
+
#
|
19
|
+
# To learn more, please read the Rails Internationalization guide
|
20
|
+
# available at http://guides.rubyonrails.org/i18n.html.
|
21
|
+
|
22
|
+
en:
|
23
|
+
hello: "Hello world"
|
@@ -0,0 +1,21 @@
|
|
1
|
+
class CreateUsers < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table :users do |t|
|
4
|
+
t.string :name
|
5
|
+
|
6
|
+
# email/password
|
7
|
+
t.string :email, :unique => true
|
8
|
+
t.string :password_hash
|
9
|
+
|
10
|
+
# 'remember me' support
|
11
|
+
t.string :remember_token
|
12
|
+
t.datetime :remember_token_expires_at
|
13
|
+
|
14
|
+
# reset password support
|
15
|
+
t.string :reset_token
|
16
|
+
t.datetime :reset_token_expires_at
|
17
|
+
|
18
|
+
t.timestamps
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
# This file is auto-generated from the current state of the database. Instead
|
3
|
+
# of editing this file, please use the migrations feature of Active Record to
|
4
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
5
|
+
#
|
6
|
+
# Note that this schema.rb definition is the authoritative source for your
|
7
|
+
# database schema. If you need to create the application database on another
|
8
|
+
# system, you should be using db:schema:load, not running all the migrations
|
9
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
10
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
11
|
+
#
|
12
|
+
# It's strongly recommended that you check this file into your version control system.
|
13
|
+
|
14
|
+
ActiveRecord::Schema.define(version: 20150107032724) do
|
15
|
+
|
16
|
+
create_table "users", force: true do |t|
|
17
|
+
t.string "name"
|
18
|
+
t.string "email"
|
19
|
+
t.string "password_hash"
|
20
|
+
t.string "remember_token"
|
21
|
+
t.datetime "remember_token_expires_at"
|
22
|
+
t.string "reset_token"
|
23
|
+
t.datetime "reset_token_expires_at"
|
24
|
+
t.datetime "created_at"
|
25
|
+
t.datetime "updated_at"
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# This file should contain all the record creation needed to seed the database with its default values.
|
2
|
+
# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
|
3
|
+
#
|
4
|
+
# Examples:
|
5
|
+
#
|
6
|
+
# cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
|
7
|
+
# Mayor.create(name: 'Emanuel', city: cities.first)
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,58 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The page you were looking for doesn't exist (404)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/404.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>The page you were looking for doesn't exist.</h1>
|
54
|
+
<p>You may have mistyped the address or the page may have moved.</p>
|
55
|
+
</div>
|
56
|
+
<p>If you are the application owner check the logs for more information.</p>
|
57
|
+
</body>
|
58
|
+
</html>
|
@@ -0,0 +1,58 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>The change you wanted was rejected (422)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/422.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>The change you wanted was rejected.</h1>
|
54
|
+
<p>Maybe you tried to change something you didn't have access to.</p>
|
55
|
+
</div>
|
56
|
+
<p>If you are the application owner check the logs for more information.</p>
|
57
|
+
</body>
|
58
|
+
</html>
|
@@ -0,0 +1,57 @@
|
|
1
|
+
<!DOCTYPE html>
|
2
|
+
<html>
|
3
|
+
<head>
|
4
|
+
<title>We're sorry, but something went wrong (500)</title>
|
5
|
+
<style>
|
6
|
+
body {
|
7
|
+
background-color: #EFEFEF;
|
8
|
+
color: #2E2F30;
|
9
|
+
text-align: center;
|
10
|
+
font-family: arial, sans-serif;
|
11
|
+
}
|
12
|
+
|
13
|
+
div.dialog {
|
14
|
+
width: 25em;
|
15
|
+
margin: 4em auto 0 auto;
|
16
|
+
border: 1px solid #CCC;
|
17
|
+
border-right-color: #999;
|
18
|
+
border-left-color: #999;
|
19
|
+
border-bottom-color: #BBB;
|
20
|
+
border-top: #B00100 solid 4px;
|
21
|
+
border-top-left-radius: 9px;
|
22
|
+
border-top-right-radius: 9px;
|
23
|
+
background-color: white;
|
24
|
+
padding: 7px 4em 0 4em;
|
25
|
+
}
|
26
|
+
|
27
|
+
h1 {
|
28
|
+
font-size: 100%;
|
29
|
+
color: #730E15;
|
30
|
+
line-height: 1.5em;
|
31
|
+
}
|
32
|
+
|
33
|
+
body > p {
|
34
|
+
width: 33em;
|
35
|
+
margin: 0 auto 1em;
|
36
|
+
padding: 1em 0;
|
37
|
+
background-color: #F7F7F7;
|
38
|
+
border: 1px solid #CCC;
|
39
|
+
border-right-color: #999;
|
40
|
+
border-bottom-color: #999;
|
41
|
+
border-bottom-left-radius: 4px;
|
42
|
+
border-bottom-right-radius: 4px;
|
43
|
+
border-top-color: #DADADA;
|
44
|
+
color: #666;
|
45
|
+
box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
|
46
|
+
}
|
47
|
+
</style>
|
48
|
+
</head>
|
49
|
+
|
50
|
+
<body>
|
51
|
+
<!-- This file lives in public/500.html -->
|
52
|
+
<div class="dialog">
|
53
|
+
<h1>We're sorry, but something went wrong.</h1>
|
54
|
+
</div>
|
55
|
+
<p>If you are the application owner check the logs for more information.</p>
|
56
|
+
</body>
|
57
|
+
</html>
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
2
|
+
|
3
|
+
# This model initially had no columns defined. If you add columns to the
|
4
|
+
# model remove the '{}' from the fixture names and add the columns immediately
|
5
|
+
# below each fixture, per the syntax in the comments below
|
6
|
+
#
|
7
|
+
one: {}
|
8
|
+
# column: value
|
9
|
+
#
|
10
|
+
two: {}
|
11
|
+
# column: value
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
ENV["RAILS_ENV"] ||= "test"
|
2
|
+
require File.expand_path('../../config/environment', __FILE__)
|
3
|
+
require 'rails/test_help'
|
4
|
+
|
5
|
+
class ActiveSupport::TestCase
|
6
|
+
ActiveRecord::Migration.check_pending!
|
7
|
+
|
8
|
+
# Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
|
9
|
+
#
|
10
|
+
# Note: You'll currently still have to declare fixtures explicitly in integration tests
|
11
|
+
# -- they do not yet inherit this setting
|
12
|
+
fixtures :all
|
13
|
+
|
14
|
+
# Add more helper methods to be used by all tests here...
|
15
|
+
end
|
File without changes
|
File without changes
|
data/lib/entrance/ciphers.rb
CHANGED
@@ -9,8 +9,8 @@ module Entrance
|
|
9
9
|
|
10
10
|
JOIN_STRING = '--'
|
11
11
|
|
12
|
-
def self.
|
13
|
-
|
12
|
+
def self.match?(stored, given, salt = nil)
|
13
|
+
stored === encrypt(given, salt)
|
14
14
|
end
|
15
15
|
|
16
16
|
# same logic as restful authentication
|
@@ -30,12 +30,14 @@ module Entrance
|
|
30
30
|
|
31
31
|
module BCrypt
|
32
32
|
|
33
|
-
|
34
|
-
|
33
|
+
# https://github.com/codahale/bcrypt-ruby
|
34
|
+
def self.match?(stored, given, salt = nil)
|
35
|
+
::BCrypt::Password.new(stored) == given
|
36
|
+
# ::BCrypt::Password.new(stored) == encrypt(given)
|
35
37
|
end
|
36
38
|
|
37
39
|
def self.encrypt(password, salt = nil)
|
38
|
-
BCrypt::Password.create(password)
|
40
|
+
::BCrypt::Password.create(password)
|
39
41
|
end
|
40
42
|
|
41
43
|
end
|
data/lib/entrance/config.rb
CHANGED
@@ -4,7 +4,7 @@ module Entrance
|
|
4
4
|
|
5
5
|
attr_accessor *%w(
|
6
6
|
model cipher secret stretches
|
7
|
-
username_attr password_attr salt_attr
|
7
|
+
unique_key username_attr password_attr salt_attr
|
8
8
|
remember_token_attr remember_until_attr reset_token_attr reset_until_attr
|
9
9
|
access_denied_redirect_to access_denied_message_key
|
10
10
|
reset_password_mailer reset_password_method reset_password_window remember_for
|
@@ -13,10 +13,11 @@ module Entrance
|
|
13
13
|
|
14
14
|
def initialize
|
15
15
|
@model = 'User'
|
16
|
-
@cipher = Ciphers::BCrypt # or Ciphers::SHA1
|
16
|
+
@cipher = Entrance::Ciphers::BCrypt # or Entrance::Ciphers::SHA1
|
17
17
|
@secret = nil
|
18
18
|
@stretches = 10
|
19
19
|
@salt_attr = nil
|
20
|
+
@unique_key = 'id'
|
20
21
|
@username_attr = 'email'
|
21
22
|
@password_attr = 'password_hash'
|
22
23
|
@remember_token_attr = 'remember_token'
|
@@ -35,6 +36,24 @@ module Entrance
|
|
35
36
|
@cookie_httponly = false
|
36
37
|
end
|
37
38
|
|
39
|
+
def validate!
|
40
|
+
if cipher == Ciphers::SHA1 && secret.nil?
|
41
|
+
raise "The SHA1 cipher requires a valid config.secret to be set."
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def can?(what, val = nil)
|
46
|
+
if val
|
47
|
+
instance_variable_set("@can_#{what}", val)
|
48
|
+
else
|
49
|
+
!!instance_variable_get("@can_#{what}")
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
def permit!(option)
|
54
|
+
raise "#{option} is disabled!" unless can?(option)
|
55
|
+
end
|
56
|
+
|
38
57
|
end
|
39
58
|
|
40
59
|
end
|
data/lib/entrance/controller.rb
CHANGED
@@ -9,7 +9,7 @@ module Entrance
|
|
9
9
|
end
|
10
10
|
|
11
11
|
def authenticate_and_login(username, password, remember_me = false)
|
12
|
-
if user = Entrance.
|
12
|
+
if user = Entrance.model.authenticate(username, password)
|
13
13
|
login!(user, remember_me)
|
14
14
|
user
|
15
15
|
end
|
@@ -17,18 +17,19 @@ module Entrance
|
|
17
17
|
|
18
18
|
def login!(user, remember_me = false)
|
19
19
|
self.current_user = user
|
20
|
-
remember_or_forget(remember_me)
|
20
|
+
remember_or_forget(remember_me) if Entrance.config.can?(:remember)
|
21
21
|
end
|
22
22
|
|
23
23
|
def logout!
|
24
24
|
if logged_in?
|
25
|
-
current_user.forget_me!
|
25
|
+
current_user.forget_me! if Entrance.config.can?(:remember)
|
26
26
|
self.current_user = nil
|
27
27
|
end
|
28
|
-
delete_remember_cookie
|
28
|
+
delete_remember_cookie if Entrance.config.can?(:remember)
|
29
29
|
end
|
30
30
|
|
31
|
-
def login_required
|
31
|
+
def login_required(opts = {})
|
32
|
+
return if opts[:except] and opts[:except].include?(request.path_info)
|
32
33
|
logged_in? || access_denied
|
33
34
|
end
|
34
35
|
|
@@ -46,13 +47,16 @@ module Entrance
|
|
46
47
|
|
47
48
|
private
|
48
49
|
|
50
|
+
# new_user may be nil (when logging out) or an instance of the Entrance.model class
|
49
51
|
def current_user=(new_user)
|
50
|
-
raise "Invalid user: #{new_user}" unless new_user.nil? or new_user.is_a?(Entrance.
|
51
|
-
session[:user_id] = new_user ? new_user.
|
52
|
+
raise "Invalid user: #{new_user}" unless new_user.nil? or new_user.is_a?(Entrance.model)
|
53
|
+
session[:user_id] = new_user ? new_user.send(Entrance.config.unique_key) : nil
|
52
54
|
@current_user = new_user # should be nil when logging out
|
53
55
|
end
|
54
56
|
|
55
57
|
def remember_or_forget(remember_me)
|
58
|
+
Entrance.config.permit!(:remember)
|
59
|
+
|
56
60
|
if remember_me
|
57
61
|
current_user.remember_me!
|
58
62
|
set_remember_cookie
|
@@ -65,27 +69,23 @@ module Entrance
|
|
65
69
|
def access_denied
|
66
70
|
store_location
|
67
71
|
if request.xhr?
|
68
|
-
|
72
|
+
return_401
|
69
73
|
else
|
70
|
-
if
|
71
|
-
|
72
|
-
else
|
73
|
-
flash[:notice] = 'Access denied.'
|
74
|
-
end
|
75
|
-
redirect_to Entrance.config.access_denied_redirect_to
|
74
|
+
set_flash_message if respond_to?(:flash)
|
75
|
+
common_redirect(Entrance.config.access_denied_redirect_to)
|
76
76
|
end
|
77
77
|
end
|
78
78
|
|
79
79
|
def login_from_session
|
80
|
-
self.current_user =
|
80
|
+
self.current_user = Entrance.model.where(session[:user_id]).first if session[:user_id]
|
81
81
|
end
|
82
82
|
|
83
83
|
def login_from_cookie
|
84
|
-
return unless cookies[REMEMBER_ME_TOKEN]
|
84
|
+
return unless Entrance.config.can?(:remember) && request.cookies[REMEMBER_ME_TOKEN]
|
85
85
|
|
86
86
|
query = {}
|
87
|
-
query[Entrance.config.remember_token_attr] = cookies[REMEMBER_ME_TOKEN]
|
88
|
-
if user =
|
87
|
+
query[Entrance.config.remember_token_attr] = request.cookies[REMEMBER_ME_TOKEN]
|
88
|
+
if user = Entrance.model.where(query).first \
|
89
89
|
and user.send(Entrance.config.remember_until_attr) > Time.now
|
90
90
|
self.current_user = user
|
91
91
|
# user.update_remember_token_expiration!
|
@@ -94,16 +94,16 @@ module Entrance
|
|
94
94
|
end
|
95
95
|
|
96
96
|
def store_location
|
97
|
-
session[:return_to] = request.
|
97
|
+
session[:return_to] = request.fullpath
|
98
98
|
end
|
99
99
|
|
100
100
|
def redirect_to_stored_or(default_path)
|
101
|
-
|
101
|
+
common_redirect(session[:return_to] || default_path)
|
102
102
|
session[:return_to] = nil
|
103
103
|
end
|
104
104
|
|
105
105
|
def redirect_to_back_or(default_path)
|
106
|
-
|
106
|
+
common_redirect(request.env['HTTP_REFERER'] || default_path)
|
107
107
|
end
|
108
108
|
|
109
109
|
def set_remember_cookie
|
@@ -116,17 +116,57 @@ module Entrance
|
|
116
116
|
}
|
117
117
|
values[:domain] = Entrance.config.cookie_domain if Entrance.config.cookie_domain
|
118
118
|
|
119
|
-
|
119
|
+
set_cookie!(REMEMBER_ME_TOKEN, values)
|
120
120
|
end
|
121
121
|
|
122
122
|
def delete_remember_cookie
|
123
|
-
|
124
|
-
|
123
|
+
delete_cookie!(REMEMBER_ME_TOKEN)
|
124
|
+
end
|
125
|
+
|
126
|
+
############################################
|
127
|
+
# compat stuff between rails & sinatra
|
128
|
+
|
129
|
+
def set_cookie!(name, cookie)
|
130
|
+
if respond_to?(:cookie)
|
131
|
+
cookies[name] = cookie
|
132
|
+
else
|
133
|
+
response.set_cookie(name, cookie)
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
def delete_cookie!(name)
|
138
|
+
if respond_to?(:cookie)
|
139
|
+
cookies.delete(name)
|
140
|
+
else
|
141
|
+
response.delete_cookie(name)
|
142
|
+
end
|
125
143
|
end
|
126
144
|
|
127
|
-
|
128
|
-
|
129
|
-
|
145
|
+
def return_401
|
146
|
+
if respond_to?(:halt) # sinatra
|
147
|
+
halt(401)
|
148
|
+
else # rails
|
149
|
+
render :nothing => true, :status => 401
|
150
|
+
end
|
151
|
+
end
|
152
|
+
|
153
|
+
def set_flash_message
|
154
|
+
return unless respond_to?(:flash)
|
155
|
+
|
156
|
+
if Entrance.config.access_denied_message_key
|
157
|
+
flash[:notice] = I18n.t(Entrance.config.access_denied_message_key)
|
158
|
+
else
|
159
|
+
flash[:notice] = 'Access denied.'
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
163
|
+
def common_redirect(url)
|
164
|
+
if respond_to?(:redirect)
|
165
|
+
redirect(to(url)) # sinatra
|
166
|
+
else
|
167
|
+
redirect_to(url) # rails
|
168
|
+
end
|
169
|
+
end
|
130
170
|
|
131
171
|
end
|
132
172
|
|