expertiza-authlogic 2.1.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (125) hide show
  1. data/CHANGELOG.rdoc +345 -0
  2. data/LICENSE +20 -0
  3. data/README.rdoc +246 -0
  4. data/Rakefile +41 -0
  5. data/VERSION.yml +5 -0
  6. data/expertiza-authlogic.gemspec +161 -0
  7. data/generators/session/session_generator.rb +9 -0
  8. data/generators/session/templates/session.rb +2 -0
  9. data/init.rb +1 -0
  10. data/lib/authlogic.rb +64 -0
  11. data/lib/authlogic/acts_as_authentic/base.rb +107 -0
  12. data/lib/authlogic/acts_as_authentic/email.rb +110 -0
  13. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +60 -0
  14. data/lib/authlogic/acts_as_authentic/login.rb +141 -0
  15. data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
  16. data/lib/authlogic/acts_as_authentic/password.rb +391 -0
  17. data/lib/authlogic/acts_as_authentic/perishable_token.rb +105 -0
  18. data/lib/authlogic/acts_as_authentic/persistence_token.rb +68 -0
  19. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +76 -0
  20. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +139 -0
  21. data/lib/authlogic/acts_as_authentic/single_access_token.rb +65 -0
  22. data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
  23. data/lib/authlogic/authenticates_many/association.rb +42 -0
  24. data/lib/authlogic/authenticates_many/base.rb +55 -0
  25. data/lib/authlogic/controller_adapters/abstract_adapter.rb +67 -0
  26. data/lib/authlogic/controller_adapters/merb_adapter.rb +30 -0
  27. data/lib/authlogic/controller_adapters/rails_adapter.rb +48 -0
  28. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +61 -0
  29. data/lib/authlogic/crypto_providers/aes256.rb +43 -0
  30. data/lib/authlogic/crypto_providers/bcrypt.rb +90 -0
  31. data/lib/authlogic/crypto_providers/md5.rb +34 -0
  32. data/lib/authlogic/crypto_providers/sha1.rb +35 -0
  33. data/lib/authlogic/crypto_providers/sha256.rb +50 -0
  34. data/lib/authlogic/crypto_providers/sha512.rb +50 -0
  35. data/lib/authlogic/crypto_providers/wordpress.rb +43 -0
  36. data/lib/authlogic/i18n.rb +83 -0
  37. data/lib/authlogic/i18n/translator.rb +15 -0
  38. data/lib/authlogic/random.rb +33 -0
  39. data/lib/authlogic/regex.rb +25 -0
  40. data/lib/authlogic/session/activation.rb +58 -0
  41. data/lib/authlogic/session/active_record_trickery.rb +64 -0
  42. data/lib/authlogic/session/base.rb +37 -0
  43. data/lib/authlogic/session/brute_force_protection.rb +96 -0
  44. data/lib/authlogic/session/callbacks.rb +99 -0
  45. data/lib/authlogic/session/cookies.rb +130 -0
  46. data/lib/authlogic/session/existence.rb +93 -0
  47. data/lib/authlogic/session/foundation.rb +63 -0
  48. data/lib/authlogic/session/http_auth.rb +58 -0
  49. data/lib/authlogic/session/id.rb +41 -0
  50. data/lib/authlogic/session/klass.rb +78 -0
  51. data/lib/authlogic/session/magic_columns.rb +95 -0
  52. data/lib/authlogic/session/magic_states.rb +59 -0
  53. data/lib/authlogic/session/params.rb +101 -0
  54. data/lib/authlogic/session/password.rb +240 -0
  55. data/lib/authlogic/session/perishable_token.rb +18 -0
  56. data/lib/authlogic/session/persistence.rb +70 -0
  57. data/lib/authlogic/session/priority_record.rb +34 -0
  58. data/lib/authlogic/session/scopes.rb +101 -0
  59. data/lib/authlogic/session/session.rb +62 -0
  60. data/lib/authlogic/session/timeout.rb +82 -0
  61. data/lib/authlogic/session/unauthorized_record.rb +50 -0
  62. data/lib/authlogic/session/validation.rb +82 -0
  63. data/lib/authlogic/test_case.rb +120 -0
  64. data/lib/authlogic/test_case/mock_controller.rb +45 -0
  65. data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -0
  66. data/lib/authlogic/test_case/mock_logger.rb +10 -0
  67. data/lib/authlogic/test_case/mock_request.rb +19 -0
  68. data/lib/authlogic/test_case/rails_request_adapter.rb +30 -0
  69. data/rails/init.rb +1 -0
  70. data/shoulda_macros/authlogic.rb +69 -0
  71. data/test/acts_as_authentic_test/base_test.rb +18 -0
  72. data/test/acts_as_authentic_test/email_test.rb +101 -0
  73. data/test/acts_as_authentic_test/logged_in_status_test.rb +36 -0
  74. data/test/acts_as_authentic_test/login_test.rb +109 -0
  75. data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
  76. data/test/acts_as_authentic_test/password_test.rb +245 -0
  77. data/test/acts_as_authentic_test/perishable_token_test.rb +90 -0
  78. data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
  79. data/test/acts_as_authentic_test/restful_authentication_test.rb +40 -0
  80. data/test/acts_as_authentic_test/session_maintenance_test.rb +84 -0
  81. data/test/acts_as_authentic_test/single_access_test.rb +44 -0
  82. data/test/authenticates_many_test.rb +16 -0
  83. data/test/crypto_provider_test/aes256_test.rb +14 -0
  84. data/test/crypto_provider_test/bcrypt_test.rb +14 -0
  85. data/test/crypto_provider_test/sha1_test.rb +23 -0
  86. data/test/crypto_provider_test/sha256_test.rb +14 -0
  87. data/test/crypto_provider_test/sha512_test.rb +14 -0
  88. data/test/fixtures/companies.yml +5 -0
  89. data/test/fixtures/employees.yml +17 -0
  90. data/test/fixtures/projects.yml +3 -0
  91. data/test/fixtures/users.yml +24 -0
  92. data/test/i18n_test.rb +33 -0
  93. data/test/libs/affiliate.rb +7 -0
  94. data/test/libs/company.rb +6 -0
  95. data/test/libs/employee.rb +7 -0
  96. data/test/libs/employee_session.rb +2 -0
  97. data/test/libs/ldaper.rb +3 -0
  98. data/test/libs/ordered_hash.rb +9 -0
  99. data/test/libs/project.rb +3 -0
  100. data/test/libs/user.rb +5 -0
  101. data/test/libs/user_session.rb +6 -0
  102. data/test/random_test.rb +42 -0
  103. data/test/session_test/activation_test.rb +43 -0
  104. data/test/session_test/active_record_trickery_test.rb +36 -0
  105. data/test/session_test/brute_force_protection_test.rb +101 -0
  106. data/test/session_test/callbacks_test.rb +6 -0
  107. data/test/session_test/cookies_test.rb +112 -0
  108. data/test/session_test/credentials_test.rb +0 -0
  109. data/test/session_test/existence_test.rb +64 -0
  110. data/test/session_test/http_auth_test.rb +28 -0
  111. data/test/session_test/id_test.rb +17 -0
  112. data/test/session_test/klass_test.rb +40 -0
  113. data/test/session_test/magic_columns_test.rb +62 -0
  114. data/test/session_test/magic_states_test.rb +60 -0
  115. data/test/session_test/params_test.rb +53 -0
  116. data/test/session_test/password_test.rb +106 -0
  117. data/test/session_test/perishability_test.rb +15 -0
  118. data/test/session_test/persistence_test.rb +21 -0
  119. data/test/session_test/scopes_test.rb +60 -0
  120. data/test/session_test/session_test.rb +59 -0
  121. data/test/session_test/timeout_test.rb +52 -0
  122. data/test/session_test/unauthorized_record_test.rb +13 -0
  123. data/test/session_test/validation_test.rb +23 -0
  124. data/test/test_helper.rb +182 -0
  125. metadata +205 -0
@@ -0,0 +1,105 @@
1
+ module Authlogic
2
+ module ActsAsAuthentic
3
+ # This provides a handy token that is "perishable". Meaning the token is only good for a certain amount of time. This is perfect for
4
+ # resetting password, confirming accounts, etc. Typically during these actions you send them this token in via their email. Once they
5
+ # use the token and do what they need to do, that token should expire. Don't worry about maintaining this, changing it, or expiring it
6
+ # yourself. Authlogic does all of this for you. See the sub modules for all of the tools Authlogic provides to you.
7
+ module PerishableToken
8
+ def self.included(klass)
9
+ klass.class_eval do
10
+ extend Config
11
+ add_acts_as_authentic_module(Methods)
12
+ end
13
+ end
14
+
15
+ # Change how the perishable token works.
16
+ module Config
17
+ # When using the find_using_perishable_token method the token can expire. If the token is expired, no
18
+ # record will be returned. Use this option to specify how long the token is valid for.
19
+ #
20
+ # * <tt>Default:</tt> 10.minutes
21
+ # * <tt>Accepts:</tt> Fixnum
22
+ def perishable_token_valid_for(value = nil)
23
+ rw_config(:perishable_token_valid_for, (!value.nil? && value.to_i) || value, 10.minutes.to_i)
24
+ end
25
+ alias_method :perishable_token_valid_for=, :perishable_token_valid_for
26
+
27
+ # Authlogic tries to expire and change the perishable token as much as possible, without comprising
28
+ # it's purpose. This is for security reasons. If you want to manage it yourself, you can stop
29
+ # Authlogic from getting your in way by setting this to true.
30
+ #
31
+ # * <tt>Default:</tt> false
32
+ # * <tt>Accepts:</tt> Boolean
33
+ def disable_perishable_token_maintenance(value = nil)
34
+ rw_config(:disable_perishable_token_maintenance, value, false)
35
+ end
36
+ alias_method :disable_perishable_token_maintenance=, :disable_perishable_token_maintenance
37
+ end
38
+
39
+ # All methods relating to the perishable token.
40
+ module Methods
41
+ def self.included(klass)
42
+ return if !klass.column_names.include?("perishable_token")
43
+
44
+ klass.class_eval do
45
+ extend ClassMethods
46
+ include InstanceMethods
47
+
48
+ validates_uniqueness_of :perishable_token, :if => :perishable_token_changed?
49
+ before_save :reset_perishable_token, :unless => :disable_perishable_token_maintenance?
50
+ end
51
+ end
52
+
53
+ # Class level methods for the perishable token
54
+ module ClassMethods
55
+ # Use this methdo to find a record with a perishable token. This method does 2 things for you:
56
+ #
57
+ # 1. It ignores blank tokens
58
+ # 2. It enforces the perishable_token_valid_for configuration option.
59
+ #
60
+ # If you want to use a different timeout value, just pass it as the second parameter:
61
+ #
62
+ # User.find_using_perishable_token(token, 1.hour)
63
+ def find_using_perishable_token(token, age = self.perishable_token_valid_for)
64
+ return if token.blank?
65
+ age = age.to_i
66
+
67
+ conditions_sql = "perishable_token = ?"
68
+ conditions_subs = [token]
69
+
70
+ if column_names.include?("updated_at") && age > 0
71
+ conditions_sql += " and updated_at > ?"
72
+ conditions_subs << age.seconds.ago
73
+ end
74
+
75
+ find(:first, :conditions => [conditions_sql, *conditions_subs])
76
+ end
77
+
78
+ # This method will raise ActiveRecord::NotFound if no record is found.
79
+ def find_using_perishable_token!(token, age = perishable_token_valid_for)
80
+ find_using_perishable_token(token, age) || raise(ActiveRecord::RecordNotFound)
81
+ end
82
+ end
83
+
84
+ # Instance level methods for the perishable token.
85
+ module InstanceMethods
86
+ # Resets the perishable token to a random friendly token.
87
+ def reset_perishable_token
88
+ self.perishable_token = Random.friendly_token
89
+ end
90
+
91
+ # Same as reset_perishable_token, but then saves the record afterwards.
92
+ def reset_perishable_token!
93
+ reset_perishable_token
94
+ save_without_session_maintenance(false)
95
+ end
96
+
97
+ # A convenience method based on the disable_perishable_token_maintenance configuration option.
98
+ def disable_perishable_token_maintenance?
99
+ self.class.disable_perishable_token_maintenance == true
100
+ end
101
+ end
102
+ end
103
+ end
104
+ end
105
+ end
@@ -0,0 +1,68 @@
1
+ module Authlogic
2
+ module ActsAsAuthentic
3
+ # Maintains the persistence token, the token responsible for persisting sessions. This token
4
+ # gets stores in the session and the cookie.
5
+ module PersistenceToken
6
+ def self.included(klass)
7
+ klass.class_eval do
8
+ add_acts_as_authentic_module(Methods)
9
+ end
10
+ end
11
+
12
+ # Methods for the persistence token.
13
+ module Methods
14
+ def self.included(klass)
15
+ klass.class_eval do
16
+ extend ClassMethods
17
+ include InstanceMethods
18
+
19
+ if respond_to?(:after_password_set) && respond_to?(:after_password_verification)
20
+ after_password_set :reset_persistence_token
21
+ after_password_verification :reset_persistence_token!, :if => :reset_persistence_token?
22
+ end
23
+
24
+ validates_presence_of :persistence_token
25
+ validates_uniqueness_of :persistence_token, :if => :persistence_token_changed?
26
+
27
+ before_validation :reset_persistence_token, :if => :reset_persistence_token?
28
+ end
29
+ end
30
+
31
+ # Class level methods for the persistence token.
32
+ module ClassMethods
33
+ # Resets ALL persistence tokens in the database, which will require all users to reauthenticate.
34
+ def forget_all
35
+ # Paginate these to save on memory
36
+ records = nil
37
+ i = 0
38
+ begin
39
+ records = find(:all, :limit => 50, :offset => i)
40
+ records.each { |record| record.forget! }
41
+ i += 50
42
+ end while !records.blank?
43
+ end
44
+ end
45
+
46
+ # Instance level methods for the persistence token.
47
+ module InstanceMethods
48
+ # Resets the persistence_token field to a random hex value.
49
+ def reset_persistence_token
50
+ self.persistence_token = Authlogic::Random.hex_token
51
+ end
52
+
53
+ # Same as reset_persistence_token, but then saves the record.
54
+ def reset_persistence_token!
55
+ reset_persistence_token
56
+ save_without_session_maintenance(false)
57
+ end
58
+ alias_method :forget!, :reset_persistence_token!
59
+
60
+ private
61
+ def reset_persistence_token?
62
+ persistence_token.blank?
63
+ end
64
+ end
65
+ end
66
+ end
67
+ end
68
+ end
@@ -0,0 +1,76 @@
1
+ module Authlogic
2
+ module ActsAsAuthentic
3
+ # This module is responsible for transitioning existing applications from the restful_authentication plugin.
4
+ module RestfulAuthentication
5
+ def self.included(klass)
6
+ klass.class_eval do
7
+ extend Config
8
+ include InstanceMethods
9
+ end
10
+ end
11
+
12
+ module Config
13
+ # Switching an existing app to Authlogic from restful_authentication? No problem, just set this true and your users won't know
14
+ # anything changed. From your database perspective nothing will change at all. Authlogic will continue to encrypt passwords
15
+ # just like restful_authentication, so your app won't skip a beat. Although, might consider transitioning your users to a newer
16
+ # and stronger algorithm. Checkout the transition_from_restful_authentication option.
17
+ #
18
+ # * <tt>Default:</tt> false
19
+ # * <tt>Accepts:</tt> Boolean
20
+ def act_like_restful_authentication(value = nil)
21
+ r = rw_config(:act_like_restful_authentication, value, false)
22
+ set_restful_authentication_config if value
23
+ r
24
+ end
25
+ alias_method :act_like_restful_authentication=, :act_like_restful_authentication
26
+
27
+ # If migrating from an password encryption system that prepends the salt to the raw password before hashing, set this to true.
28
+ #
29
+ # * <tt>Default:</tt> false
30
+ # * <tt>Accepts:</tt> Boolean
31
+ def salt_first(value = nil)
32
+ r = rw_config(:salt_first, value, false)
33
+ set_restful_authentication_config if value
34
+ r
35
+ end
36
+ alias_method :salt_first=, :salt_first
37
+
38
+ # This works just like act_like_restful_authentication except that it will start transitioning your users to the algorithm you
39
+ # specify with the crypto provider option. The next time they log in it will resave their password with the new algorithm
40
+ # and any new record will use the new algorithm as well. Make sure to update your users table if you are using the default
41
+ # migration since it will set crypted_password and salt columns to a maximum width of 40 characters which is not enough.
42
+ def transition_from_restful_authentication(value = nil)
43
+ r = rw_config(:transition_from_restful_authentication, value, false)
44
+ set_restful_authentication_config if value
45
+ r
46
+ end
47
+ alias_method :transition_from_restful_authentication=, :transition_from_restful_authentication
48
+
49
+ private
50
+ def set_restful_authentication_config
51
+ crypto_provider_key = act_like_restful_authentication ? :crypto_provider : :transition_from_crypto_providers
52
+ self.send("#{crypto_provider_key}=", CryptoProviders::Sha1)
53
+ if !defined?(::REST_AUTH_SITE_KEY) || ::REST_AUTH_SITE_KEY.nil?
54
+ class_eval("::REST_AUTH_SITE_KEY = ''") if !defined?(::REST_AUTH_SITE_KEY)
55
+ CryptoProviders::Sha1.stretches = 1
56
+ end
57
+ end
58
+ end
59
+
60
+ module InstanceMethods
61
+ private
62
+ def act_like_restful_authentication?
63
+ self.class.act_like_restful_authentication == true
64
+ end
65
+
66
+ def transition_from_restful_authentication?
67
+ self.class.transition_from_restful_authentication == true
68
+ end
69
+
70
+ def salt_first?
71
+ self.class.salt_first == true
72
+ end
73
+ end
74
+ end
75
+ end
76
+ end
@@ -0,0 +1,139 @@
1
+ module Authlogic
2
+ module ActsAsAuthentic
3
+ # This is one of my favorite features that I think is pretty cool. It's things like this that make a library great
4
+ # and let you know you are on the right track.
5
+ #
6
+ # Just to clear up any confusion, Authlogic stores both the record id and the persistence token in the session.
7
+ # Why? So stale sessions can not be persisted. It stores the id so it can quickly find the record, and the
8
+ # persistence token to ensure no sessions are stale. So if the persistence token changes, the user must log
9
+ # back in.
10
+ #
11
+ # Well, the persistence token changes with the password. What happens if the user changes his own password?
12
+ # He shouldn't have to log back in, he's the one that made the change.
13
+ #
14
+ # That being said, wouldn't it be nice if their session and cookie information was automatically updated?
15
+ # Instead of cluttering up your controller with redundant session code. The same thing goes for new
16
+ # registrations.
17
+ #
18
+ # That's what this module is all about. This will automatically maintain the cookie and session values as
19
+ # records are saved.
20
+ module SessionMaintenance
21
+ def self.included(klass)
22
+ klass.class_eval do
23
+ extend Config
24
+ add_acts_as_authentic_module(Methods)
25
+ end
26
+ end
27
+
28
+ module Config
29
+ # This is more of a convenience method. In order to turn off automatic maintenance of sessions just
30
+ # set this to false, or you can also set the session_ids method to a blank array. Both accomplish
31
+ # the same thing. This method is a little clearer in it's intentions though.
32
+ #
33
+ # * <tt>Default:</tt> true
34
+ # * <tt>Accepts:</tt> Boolean
35
+ def maintain_sessions(value = nil)
36
+ rw_config(:maintain_sessions, value, true)
37
+ end
38
+ alias_method :maintain_sessions=, :maintain_sessions
39
+
40
+ # As you may know, authlogic sessions can be separate by id (See Authlogic::Session::Base#id). You can
41
+ # specify here what session ids you want auto maintained. By default it is the main session, which has
42
+ # an id of nil.
43
+ #
44
+ # * <tt>Default:</tt> [nil]
45
+ # * <tt>Accepts:</tt> Array
46
+ def session_ids(value = nil)
47
+ rw_config(:session_ids, value, [nil])
48
+ end
49
+ alias_method :session_ids=, :session_ids
50
+
51
+ # The name of the associated session class. This is inferred by the name of the model.
52
+ #
53
+ # * <tt>Default:</tt> "#{klass.name}Session".constantize
54
+ # * <tt>Accepts:</tt> Class
55
+ def session_class(value = nil)
56
+ const = "#{base_class.name}Session".constantize rescue nil
57
+ rw_config(:session_class, value, const)
58
+ end
59
+ alias_method :session_class=, :session_class
60
+ end
61
+
62
+ module Methods
63
+ def self.included(klass)
64
+ klass.class_eval do
65
+ before_save :get_session_information, :if => :update_sessions?
66
+ before_save :maintain_sessions, :if => :update_sessions?
67
+ end
68
+ end
69
+
70
+ # Save the record and skip session maintenance all together.
71
+ def save_without_session_maintenance(*args)
72
+ self.skip_session_maintenance = true
73
+ result = save(*args)
74
+ self.skip_session_maintenance = false
75
+ result
76
+ end
77
+
78
+ private
79
+ def skip_session_maintenance=(value)
80
+ @skip_session_maintenance = value
81
+ end
82
+
83
+ def skip_session_maintenance
84
+ @skip_session_maintenance ||= false
85
+ end
86
+
87
+ def update_sessions?
88
+ !skip_session_maintenance && session_class && session_class.activated? && self.class.maintain_sessions == true && !session_ids.blank? && persistence_token_changed?
89
+ end
90
+
91
+ def get_session_information
92
+ # Need to determine if we are completely logged out, or logged in as another user
93
+ @_sessions = []
94
+
95
+ session_ids.each do |session_id|
96
+ session = session_class.find(session_id, self)
97
+ @_sessions << session if session && session.record
98
+ end
99
+ end
100
+
101
+ def maintain_sessions
102
+ if @_sessions.empty?
103
+ create_session
104
+ else
105
+ update_sessions
106
+ end
107
+ end
108
+
109
+ def create_session
110
+ # We only want to automatically login into the first session, since this is the main session. The other sessions are sessions
111
+ # that need to be created after logging into the main session.
112
+ session_id = session_ids.first
113
+ session_class.create(*[self, self, session_id].compact)
114
+
115
+ return true
116
+ end
117
+
118
+ def update_sessions
119
+ # We found sessions above, let's update them with the new info
120
+ @_sessions.each do |stale_session|
121
+ next if stale_session.record != self
122
+ stale_session.unauthorized_record = self
123
+ stale_session.save
124
+ end
125
+
126
+ return true
127
+ end
128
+
129
+ def session_ids
130
+ self.class.session_ids
131
+ end
132
+
133
+ def session_class
134
+ self.class.session_class
135
+ end
136
+ end
137
+ end
138
+ end
139
+ end
@@ -0,0 +1,65 @@
1
+ module Authlogic
2
+ module ActsAsAuthentic
3
+ # This module is responsible for maintaining the single_access token. For more information the single access token and how to use it,
4
+ # see the Authlogic::Session::Params module.
5
+ module SingleAccessToken
6
+ def self.included(klass)
7
+ klass.class_eval do
8
+ extend Config
9
+ add_acts_as_authentic_module(Methods)
10
+ end
11
+ end
12
+
13
+ # All configuration for the single_access token aspect of acts_as_authentic.
14
+ module Config
15
+ # The single access token is used for authentication via URLs, such as a private feed. That being said,
16
+ # if the user changes their password, that token probably shouldn't change. If it did, the user would have
17
+ # to update all of their URLs. So be default this is option is disabled, if you need it, feel free to turn
18
+ # it on.
19
+ #
20
+ # * <tt>Default:</tt> false
21
+ # * <tt>Accepts:</tt> Boolean
22
+ def change_single_access_token_with_password(value = nil)
23
+ rw_config(:change_single_access_token_with_password, value, false)
24
+ end
25
+ alias_method :change_single_access_token_with_password=, :change_single_access_token_with_password
26
+ end
27
+
28
+ # All method, for the single_access token aspect of acts_as_authentic.
29
+ module Methods
30
+ def self.included(klass)
31
+ return if !klass.column_names.include?("single_access_token")
32
+
33
+ klass.class_eval do
34
+ include InstanceMethods
35
+ validates_uniqueness_of :single_access_token, :if => :single_access_token_changed?
36
+ before_validation :reset_single_access_token, :if => :reset_single_access_token?
37
+ after_password_set(:reset_single_access_token, :if => :change_single_access_token_with_password?) if respond_to?(:after_password_set)
38
+ end
39
+ end
40
+
41
+ module InstanceMethods
42
+ # Resets the single_access_token to a random friendly token.
43
+ def reset_single_access_token
44
+ self.single_access_token = Authlogic::Random.friendly_token
45
+ end
46
+
47
+ # same as reset_single_access_token, but then saves the record.
48
+ def reset_single_access_token!
49
+ reset_single_access_token
50
+ save_without_session_maintenance
51
+ end
52
+
53
+ protected
54
+ def reset_single_access_token?
55
+ single_access_token.blank?
56
+ end
57
+
58
+ def change_single_access_token_with_password?
59
+ self.class.change_single_access_token_with_password == true
60
+ end
61
+ end
62
+ end
63
+ end
64
+ end
65
+ end