fingerrails 0.1.0

data/templates/app/controllers/passwords_controller.rb

@@ -0,0 +1,46 @@
+require 'net/smtp'
+
+class PasswordsController < ApplicationController
+  allow_access :all
+  
+  prepend_before_filter :find_member_by_token, :only => [:edit, :update]
+  
+  def create
+    if @member = Member.find_by_email(params[:email])
+      @member.generate_reset_password_token!
+      Mailer.deliver_reset_password_message(@member, edit_password_url(:id => @member.reset_password_token))
+      render :sent
+    else
+      flash[:error] = "We couldn’t find an account with the email address you entered. Please try again."
+      render :new
+    end
+  rescue Net::SMTPError => e
+    smtp_error(e)
+    render :new
+  end
+  
+  def update
+    @member.password = params[:password]
+    if @member.save
+      render :reset
+    else
+      render :edit
+    end
+  end
+  
+  private
+  
+  def find_member_by_token
+    unless @member = Member.find_by_reset_password_token(params[:id])
+      send_response_document :not_found
+    end
+  end
+  
+  def smtp_error(e)
+    logger.error "#{e.class} raised while trying to email: #{e.message}
+
+#{e.backtrace.join("
+")}"
+    flash[:error] = "We're sorry, but your email could not be sent. Please try again later."
+  end
+end

data/templates/app/controllers/sessions_controller.rb

@@ -0,0 +1,26 @@
+class SessionsController < ApplicationController
+  allow_access :all
+  
+  def new
+    still_authentication_needed!
+    @unauthenticated = Member.new
+  end
+  
+  def create
+    @unauthenticated = Member.authenticate(params[:member])
+    if @unauthenticated.errors.blank?
+      login(@unauthenticated)
+      finish_authentication_needed! || redirect_to(root_url)
+    else
+      still_authentication_needed!
+      flash[:login_error] = @unauthenticated.errors.on(:base)
+      render :new
+    end
+  end
+  
+  def clear
+    logout
+    flash[:notice] = "You are now logged out."
+    redirect_to root_url
+  end
+end

data/templates/app/helpers/application_helper.rb

@@ -0,0 +1,20 @@
+module ApplicationHelper
+  def nav_link_to(label, url, options={})
+    if current_page?(url)
+      options[:class] ? options[:class] << ' current' : options[:class] = 'current'
+    end
+    link_to(label, url, options)
+  end
+  
+  def nav_item(label, url, options={})
+    shallow = options.delete(:shallow)
+    
+    classes = (options[:class] || '').split(' ')
+    if (shallow and request.request_uri == url) or (!shallow and request.request_uri.start_with?(url))
+      classes << 'current'
+    end
+    options[:class] = classes.empty? ? nil : classes.join(' ')
+    
+    content_tag(:li, link_to(label, url), options)
+  end
+end

data/templates/app/models/mailer.rb

@@ -0,0 +1,8 @@
+class Mailer < ActionMailer::Base
+  def reset_password_message(member, url)
+    recipients member.email
+    from       SYSTEM_EMAIL_ADDRESS
+    subject    "[{{AppName}}] Confirm password reset"
+    body       :member => member, :url => url
+  end
+end

data/templates/app/models/member.rb

@@ -0,0 +1,10 @@
+class Member < ActiveRecord::Base
+  embrace :authentication
+  
+  attr_accessible :email
+  
+  private
+  
+  validates_uniqueness_of :email
+  validates_email :email
+end

data/templates/app/models/member/authentication.rb

@@ -0,0 +1,44 @@
+require 'digest/sha1'
+
+class Member
+  attr_accessible :password, :verify_password
+  
+  def generate_reset_password_token!
+    update_attribute :reset_password_token, Token.generate
+  end
+  
+  attr_reader :password
+  def password=(password)
+    self.hashed_password = self.class.hash_password(password)
+  end
+  
+  def verify_password=(password)
+    @verify_password = self.class.hash_password(password)
+  end
+  
+  def self.hash_password(password)
+    ::Digest::SHA1.hexdigest(password)
+  end
+  
+  # Authenticates credentials. Takes a hash with a :email and :password, returns an instance of Member.
+  # The Member has errors on base when the user isn't authenticated.
+  def self.authenticate(params={})
+    unless member = find_by_email_and_hashed_password(params[:email], hash_password(params[:password]))
+      member = Member.new
+      member.errors.add_to_base("The username and/or email you entered is invalid. Please try again.")
+      member
+    else
+      member
+    end
+  end
+  
+  private
+  
+  def password_is_not_blank
+    if hashed_password == self.class.hash_password('')
+      errors.add(:password, "can't be blank")
+    end
+  end
+  
+  validate :password_is_not_blank
+end

data/templates/app/views/layouts/_application_javascript_includes.html.erb

@@ -0,0 +1,3 @@
+<%#= javascript_include_tag(%w(prototype effects controls) +
+ %w() + # add app specific libs
+ %w(ready), :cache => (Rails.env == 'production')) %>

data/templates/app/views/layouts/_head.html.erb

@@ -0,0 +1,3 @@
+<meta charset="UTF-8">
+<title><%=h [@title, '{{AppName}}'].compact.join(' · ') %></title>
+<%= stylesheet_link_tag %w(reset default), :media => 'all', :cache => 'application' %>

data/templates/app/views/layouts/application.html.erb

@@ -0,0 +1,25 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <%= render :partial => 'layouts/head' %>
+  </head>
+  <body>
+    <div id="wrapper">
+      <div id="header">
+        <a id="logo" href="/">{{AppName}}</a>
+        <%= render :partial => 'sessions/status' %>
+        
+        <ul id="navigation">
+          <%= nav_item 'Home', root_path, :class => 'first', :shallow => true %>
+          <%= nav_item 'Members', members_path, :class => 'last' %>
+        </ul>
+      </div>
+      
+      <div id="main">
+        <%= yield :layout %>
+      </div>
+    </div>
+    
+    <%= render :partial => 'layouts/application_javascript_includes' %>
+  </body>
+</html>

data/templates/app/views/mailer/reset_password_message.erb

@@ -0,0 +1,8 @@
+Hi,
+
+Forgot your password? Click on the link below to set a new password.
+
+<%= @url %>
+
+Kind regards,
+{{AppName}}

data/templates/app/views/members/edit.html.erb

@@ -0,0 +1,21 @@
+<% @title = 'Edit profile' %>
+
+<div>
+  <% form_for @member do |f| %>
+    <h2>Edit profile</h2>
+    
+    <%= error_messages_for :member %>
+    
+    <div class="fields">
+      <div class="field">
+        <div class="label"><%= f.label :email %></div>
+        <div class="field"><%= f.text_field :email %></div>
+      </div>
+      
+      <div class="submit">
+        <%= f.submit 'Update profile' %>
+        <%= link_to 'Back', root_path, :class => 'cancel' %>
+      </div>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/members/new.html.erb

@@ -0,0 +1,26 @@
+<% @title = 'Sign up' %>
+
+<div>
+  <% form_for @member do |f| %>
+    <h2>Sign up</h2>
+    
+    <%= error_messages_for :member %>
+    
+    <div class="fields">
+      <div class="field">
+        <div class="label"><%= f.label :email %></div>
+        <div class="field"><%= f.text_field :email %></div>
+      </div>
+      
+      <div class="field">
+        <div class="label"><%= f.label :password %></div>
+        <div class="field"><%= f.password_field :password %></div>
+      </div>
+      
+      <div class="submit">
+        <%= f.submit 'Sign up' %>
+        <%= link_to 'Back', root_path, :class => 'cancel' %>
+      </div>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/members/show.html.erb

@@ -0,0 +1,3 @@
+<% @title = @member.email %>
+
+Member show: <%= @member.email %>

data/templates/app/views/passwords/edit.html.erb

@@ -0,0 +1,22 @@
+<% @title = 'Choose a new password' %>
+
+<div>
+  <% form_tag password_path(:id => @member.reset_password_token), :method => :put do %>
+    <h2><%= @title = 'Choose a new password' %></h2>
+    <p>You’ll be able to log in after you’ve chosen a new password.</p>
+    
+    <% if @member.errors.on(:password) %>
+      <div class="errorExplanation">The password can’t be blank.</div>
+    <% end %>
+    
+    <div>
+      <div class="label"><%= label_tag :password, 'New password' %></div>
+      <div class="field"><%= password_field_tag :password %></div>
+    </div>
+    
+    <div>
+      <%= submit_tag 'Continue' %>
+      <%= link_to 'Cancel', root_path, :class => 'cancel' %>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/passwords/new.html.erb

@@ -0,0 +1,22 @@
+<% @title = 'Choose a new password' %>
+
+<div>
+  <% form_tag passwords_path do %>
+    <h2>Forgot password?</h2>
+    <p>Please enter your email address and we’ll send further instructions on how to choose a new password.</p>
+    
+    <% unless flash[:error].blank? %>
+      <div class="errorExplanation"><%= flash[:error] %></div>
+    <% end %>
+    
+    <div class="field">
+      <div class="label"><%= label_tag :email, 'Email address' %></div>
+      <div class="field"><%= text_field_tag :email %></div>
+    </div>
+    
+    <div class="submit">
+      <%= submit_tag 'Continue' %>
+      <%= link_to 'Cancel', root_path, :class => 'cancel' %>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/passwords/reset.html.erb

@@ -0,0 +1,9 @@
+<div>
+  <% form_tag new_session_path, :method => :get do %>
+    <h2><%=h @title = 'Choose a new password' %></h2>
+    <p>Your password has been changed.</p>
+    <div>
+      <%= submit_tag 'Okay' %>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/passwords/sent.html.erb

@@ -0,0 +1,11 @@
+<% @title = 'Choose a new password' %>
+
+<div>
+  <% form_tag root_path, :method => :get do %>
+    <h2>Forgot password?</h2>
+    <p>We’ve sent further instructions on how to choose a new password by email.</p>
+    <div>
+      <%= submit_tag 'Okay' %>
+    </div>
+  <% end %>
+</div>

data/templates/app/views/sessions/_form.html.erb

@@ -0,0 +1,22 @@
+<% form_for(@unauthenticated || Member.new, :url => session_path) do |f| %>
+  <h2><%=h @title = 'Log in' %></h2>
+  
+  <% if flash[:login_error] %>
+    <div class="errorExplanation"><%= flash[:login_error] %></div>
+  <% end %>
+  
+  <div class="field">
+    <div class="label"><%= f.label :email %></div>
+    <div class="field"><%= f.text_field :email, :tabindex => 1 %></div>
+  </div>
+  
+  <div class="field">
+    <div class="label"><%= f.label :password %> <%= link_to 'forgot password?', new_password_path, :tabindex => 5 %></div>
+    <div class="field"><%= f.password_field :password, :tabindex => 2 %></div>
+  </div>
+  
+  <div class="field">
+    <%= f.submit 'Log in', :tabindex => 4 %>
+    <%= link_to 'Cancel', root_path, :class => 'cancel', :tabindex => 5 %>
+  </div>
+<% end %>

data/templates/app/views/sessions/_status.html.erb

@@ -0,0 +1,9 @@
+<p id="member">
+  <% if @authenticated %>
+    <%= nav_link_to 'Profile', @authenticated %>
+    <%= link_to 'Log out', clear_session_path %>
+  <% else %>
+    <%= nav_link_to 'Log in', new_session_path, 'class' => 'login' %>
+    <%= nav_link_to 'Sign up', new_member_path %>
+  <% end %>
+</p>

data/templates/app/views/sessions/new.html.erb

@@ -0,0 +1,5 @@
+<% @title = 'Log in' %>
+
+<div>
+  <%= render :partial => 'sessions/form' %>
+</div>

data/templates/config/database.yml

@@ -0,0 +1,18 @@
+development:
+  adapter: mysql
+  encoding: utf8
+  reconnect: false
+  database: {{app_name}}_development
+  pool: 5
+test:
+  adapter: mysql
+  encoding: utf8
+  reconnect: false
+  database: {{app_name}}_test
+  pool: 5
+production:
+  adapter: mysql
+  encoding: utf8
+  reconnect: false
+  database: {{app_name}}_production
+  pool: 5

data/templates/lib/active_record_ext.rb

@@ -0,0 +1,26 @@
+module ActiveRecord
+  module Ext
+    # Loads various parts of a class definition, a simple way to separate large classes.
+    #
+    #   class Member
+    #     embrace :authentication
+    #   end
+    def embrace(*parts)
+      parts.each do |part|
+        require_dependency "#{name.downcase}/#{part}"
+      end
+    end
+  end
+  
+  module BasicScopes
+    def self.included(base)
+      base.named_scope(:order, Proc.new do |attribute, direction|
+        order = "#{attribute}"
+        order << " #{direction.to_s.upcase}" unless direction.blank?
+        { :order => order }
+      end)
+      
+      base.named_scope :limit, Proc.new { |limit| { :limit => limit } }
+    end
+  end
+end

data/templates/lib/token.rb

@@ -0,0 +1,9 @@
+module Token
+  DEFAULT_LENGTH = 8
+  
+  def self.generate(requested_length=DEFAULT_LENGTH)
+    length = requested_length.odd? ? requested_length + 1 : requested_length
+    token = (1..length/2).map { |i| (1..2).map { (i.odd? ? ('a'..'z') : ('0'..'9')).to_a.rand }.join }.join
+    token[0...requested_length]
+  end
+end

data/templates/public/403.html

@@ -0,0 +1,29 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+       "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=UTF-8" />
+  <title>Access forbidden (403)</title>
+  <style type="text/css">
+    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
+    div.dialog {
+      width: 25em;
+      padding: 0 4em;
+      margin: 4em auto 0 auto;
+      border: 1px solid #ccc;
+      border-right-color: #999;
+      border-bottom-color: #999;
+    }
+    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/403.html -->
+  <div class="dialog">
+    <h1>Access forbidden.</h1>
+  </div>
+</body>
+</html>