genki-restful-authentication 1.1.1

data/generators/authenticated/templates/test/mailer_test.rb

@@ -0,0 +1,31 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= file_name %>_mailer'
+
+class <%= class_name %>MailerTest < Test::Unit::TestCase
+  FIXTURES_PATH = File.dirname(__FILE__) + '/../fixtures'
+  CHARSET = "utf-8"
+
+  include ActionMailer::Quoting
+
+  def setup
+    ActionMailer::Base.delivery_method = :test
+    ActionMailer::Base.perform_deliveries = true
+    ActionMailer::Base.deliveries = []
+
+    @expected = TMail::Mail.new
+    @expected.set_content_type "text", "plain", { "charset" => CHARSET }
+  end
+
+  def test_dummy_test
+    #do nothing
+  end
+
+  private
+    def read_fixture(action)
+      IO.readlines("#{FIXTURES_PATH}/<%= file_name %>_mailer/#{action}")
+    end
+
+    def encode(subject)
+      quoted_printable(subject, CHARSET)
+    end
+end

data/generators/authenticated/templates/test/model_functional_test.rb

@@ -0,0 +1,93 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= model_controller_file_name %>_controller'
+
+# Re-raise errors caught by the controller.
+class <%= model_controller_class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= model_controller_class_name %>ControllerTest < ActionController::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
+  # Then, you can remove it from this and the units test.
+  include AuthenticatedTestHelper
+
+  fixtures :<%= table_name %>
+
+  def test_should_allow_signup
+    assert_difference '<%= class_name %>.count' do
+      create_<%= file_name %>
+      assert_response :redirect
+    end
+  end
+
+  def test_should_require_login_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:login => nil)
+      assert assigns(:<%= file_name %>).errors.on(:login)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_confirmation_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password_confirmation => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password_confirmation)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_email_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:email => nil)
+      assert assigns(:<%= file_name %>).errors.on(:email)
+      assert_response :success
+    end
+  end
+  <% if options[:stateful] %>
+  def test_should_sign_up_user_in_pending_state
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert assigns(:<%= file_name %>).pending?
+  end<% end %>
+
+  <% if options[:include_activation] %>
+  def test_should_sign_up_user_with_activation_code
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert_not_nil assigns(:<%= file_name %>).activation_code
+  end
+
+  def test_should_activate_user
+    assert_nil <%= class_name %>.authenticate('aaron', 'test')
+    get :activate, :activation_code => <%= table_name %>(:aaron).activation_code
+    assert_redirected_to '/<%= controller_routing_path %>/new'
+    assert_not_nil flash[:notice]
+    assert_equal <%= table_name %>(:aaron), <%= class_name %>.authenticate('aaron', 'monkey')
+  end
+  
+  def test_should_not_activate_user_without_key
+    get :activate
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # in the event your routes deny this, we'll just bow out gracefully.
+  end
+
+  def test_should_not_activate_user_with_blank_key
+    get :activate, :activation_code => ''
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # well played, sir
+  end<% end %>
+
+  protected
+    def create_<%= file_name %>(options = {})
+      post :create, :<%= file_name %> => { :login => 'quire', :email => 'quire@example.com',
+        :password => 'quire69', :password_confirmation => 'quire69' }.merge(options)
+    end
+end

data/generators/authenticated/templates/test/unit_test.rb

@@ -0,0 +1,164 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class <%= class_name %>Test < ActiveSupport::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead.
+  # Then, you can remove it from this and the functional test.
+  include AuthenticatedTestHelper
+  fixtures :<%= table_name %>
+
+  def test_should_create_<%= file_name %>
+    assert_difference '<%= class_name %>.count' do
+      <%= file_name %> = create_<%= file_name %>
+      assert !<%= file_name %>.new_record?, "#{<%= file_name %>.errors.full_messages.to_sentence}"
+    end
+  end
+<% if options[:include_activation] %>
+  def test_should_initialize_activation_code_upon_creation
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert_not_nil <%= file_name %>.activation_code
+  end
+<% end %><% if options[:stateful] %>
+  def test_should_create_and_start_in_pending_state
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert <%= file_name %>.pending?
+  end
+
+<% end %>
+  def test_should_require_login
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:login => nil)
+      assert u.errors.on(:login)
+    end
+  end
+
+  def test_should_require_password
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password => nil)
+      assert u.errors.on(:password)
+    end
+  end
+
+  def test_should_require_password_confirmation
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password_confirmation => nil)
+      assert u.errors.on(:password_confirmation)
+    end
+  end
+
+  def test_should_require_email
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:email => nil)
+      assert u.errors.on(:email)
+    end
+  end
+
+  def test_should_reset_password
+    <%= table_name %>(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'new password')
+  end
+
+  def test_should_not_rehash_password
+    <%= table_name %>(:quentin).update_attributes(:login => 'quentin2')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin2', 'monkey')
+  end
+
+  def test_should_authenticate_<%= file_name %>
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'monkey')
+  end
+
+  def test_should_set_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+  end
+
+  def test_should_unset_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    <%= table_name %>(:quentin).forget_me
+    assert_nil <%= table_name %>(:quentin).remember_token
+  end
+
+  def test_should_remember_me_for_one_week
+    before = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_for 1.week
+    after = 1.week.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+
+  def test_should_remember_me_until_one_week
+    time = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_until time
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert_equal <%= table_name %>(:quentin).remember_token_expires_at, time
+  end
+
+  def test_should_remember_me_default_two_weeks
+    before = 2.weeks.from_now.utc
+    <%= table_name %>(:quentin).remember_me
+    after = 2.weeks.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+<% if options[:stateful] %>
+  def test_should_register_passive_<%= file_name %>
+    <%= file_name %> = create_<%= file_name %>(:password => nil, :password_confirmation => nil)
+    assert <%= file_name %>.passive?
+    <%= file_name %>.update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    <%= file_name %>.register!
+    assert <%= file_name %>.pending?
+  end
+
+  def test_should_suspend_<%= file_name %>
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+  end
+
+  def test_suspended_<%= file_name %>_should_not_authenticate
+    <%= table_name %>(:quentin).suspend!
+    assert_not_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'test')
+  end
+
+  def test_should_unsuspend_<%= file_name %>_to_active_state
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).unsuspend!
+    assert <%= table_name %>(:quentin).active?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_nil_activation_code_and_activated_at_to_passive_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => nil, :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).passive?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_activation_code_and_nil_activated_at_to_pending_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => 'foo-bar', :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).pending?
+  end
+
+  def test_should_delete_<%= file_name %>
+    assert_nil <%= table_name %>(:quentin).deleted_at
+    <%= table_name %>(:quentin).delete!
+    assert_not_nil <%= table_name %>(:quentin).deleted_at
+    assert <%= table_name %>(:quentin).deleted?
+  end
+<% end %>
+protected
+  def create_<%= file_name %>(options = {})
+    record = <%= class_name %>.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
+    record.<% if options[:stateful] %>register! if record.valid?<% else %>save<% end %>
+    record
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+require File.join(File.dirname(__FILE__), "rails", "init")

data/lib/authentication.rb

@@ -0,0 +1,40 @@
+module Authentication
+  mattr_accessor :login_regex, :bad_login_message, 
+    :name_regex, :bad_name_message,
+    :email_name_regex, :domain_head_regex, :domain_tld_regex, :email_regex, :bad_email_message
+
+  self.login_regex       = /\A\w[\w\.\-_@]+\z/                     # ASCII, strict
+  # self.login_regex       = /\A[[:alnum:]][[:alnum:]\.\-_@]+\z/     # Unicode, strict
+  # self.login_regex       = /\A[^[:cntrl:]\\<>\/&]*\z/              # Unicode, permissive
+
+  self.bad_login_message = "use only letters, numbers, and .-_@ please.".freeze
+
+  self.name_regex        = /\A[^[:cntrl:]\\<>\/&]*\z/              # Unicode, permissive
+  self.bad_name_message  = "avoid non-printing characters and \\&gt;&lt;&amp;/ please.".freeze
+
+  self.email_name_regex  = '[\w\.%\+\-]+'.freeze
+  self.domain_head_regex = '(?:[A-Z0-9\-]+\.)+'.freeze
+  self.domain_tld_regex  = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)'.freeze
+  self.email_regex       = /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+  self.bad_email_message = "should look like an email address.".freeze
+
+  def self.included(recipient)
+    recipient.extend(ModelClassMethods)
+    recipient.class_eval do
+      include ModelInstanceMethods
+    end
+  end
+
+  module ModelClassMethods
+    def secure_digest(*args)
+      Digest::SHA1.hexdigest(args.flatten.join('--'))
+    end
+
+    def make_token
+      secure_digest(Time.now, (1..10).map{ rand.to_s })
+    end
+  end # class methods
+
+  module ModelInstanceMethods
+  end # instance methods
+end

data/lib/authentication/by_cookie_token.rb

@@ -0,0 +1,82 @@
+# -*- coding: utf-8 -*-
+module Authentication
+  module ByCookieToken
+    # Stuff directives into including module 
+    def self.included(recipient)
+      recipient.extend(ModelClassMethods)
+      recipient.class_eval do
+        include ModelInstanceMethods
+      end
+    end
+
+    #
+    # Class Methods
+    #
+    module ModelClassMethods
+    end # class methods
+
+    #
+    # Instance Methods
+    #
+    module ModelInstanceMethods
+      def remember_token?
+        (!remember_token.blank?) && 
+          remember_token_expires_at && (Time.now.utc < remember_token_expires_at.utc)
+      end
+
+      # These create and unset the fields required for remembering users between browser closes
+      def remember_me
+        remember_me_for 2.weeks
+      end
+
+      def remember_me_for(time)
+        remember_me_until time.from_now.utc
+      end
+
+      def remember_me_until(time)
+        self.remember_token_expires_at = time
+        self.remember_token            = self.class.make_token
+        save(false)
+      end
+
+      # refresh token (keeping same expires_at) if it exists
+      def refresh_token
+        if remember_token?
+          self.remember_token = self.class.make_token 
+          save(false)      
+        end
+      end
+
+      # 
+      # Deletes the server-side record of the authentication token.  The
+      # client-side (browser cookie) and server-side (this remember_token) must
+      # always be deleted together.
+      #
+      def forget_me
+        self.remember_token_expires_at = nil
+        self.remember_token            = nil
+        save(false)
+      end
+    end # instance methods
+  end
+
+  module ByCookieTokenController
+    # Stuff directives into including module 
+    def self.included( recipient )
+      recipient.extend( ControllerClassMethods )
+      recipient.class_eval do
+        include ControllerInstanceMethods
+      end
+    end
+
+    #
+    # Class Methods
+    #
+    module ControllerClassMethods
+    end # class methods
+    
+    module ControllerInstanceMethods
+    end # instance methods
+  end
+end
+

data/lib/authentication/by_password.rb

@@ -0,0 +1,64 @@
+module Authentication
+  module ByPassword
+    # Stuff directives into including module
+    def self.included(recipient)
+      recipient.extend(ModelClassMethods)
+      recipient.class_eval do
+        include ModelInstanceMethods
+        
+        # Virtual attribute for the unencrypted password
+        attr_accessor :password
+        validates_presence_of     :password,                   :if => :password_required?
+        validates_presence_of     :password_confirmation,      :if => :password_required?
+        validates_confirmation_of :password,                   :if => :password_required?
+        validates_length_of       :password, :within => 6..40, :if => :password_required?
+        before_save :encrypt_password
+      end
+    end # #included directives
+
+    #
+    # Class Methods
+    #
+    module ModelClassMethods
+      # This provides a modest increased defense against a dictionary attack if
+      # your db were ever compromised, but will invalidate existing passwords.
+      # See the README and the file config/initializers/site_keys.rb
+      #
+      # It may not be obvious, but if you set REST_AUTH_SITE_KEY to nil and
+      # REST_AUTH_DIGEST_STRETCHES to 1 you'll have backwards compatibility with
+      # older versions of restful-authentication.
+      def password_digest(password, salt)
+        digest = REST_AUTH_SITE_KEY
+        REST_AUTH_DIGEST_STRETCHES.times do
+          digest = secure_digest(digest, salt, password, REST_AUTH_SITE_KEY)
+        end
+        digest
+      end      
+    end # class methods
+
+    #
+    # Instance Methods
+    #
+    module ModelInstanceMethods
+      
+      # Encrypts the password with the user salt
+      def encrypt(password)
+        self.class.password_digest(password, salt)
+      end
+      
+      def authenticated?(password)
+        crypted_password == encrypt(password)
+      end
+      
+      # before filter 
+      def encrypt_password
+        return if password.blank?
+        self.salt = self.class.make_token if new_record?
+        self.crypted_password = encrypt(password)
+      end
+      def password_required?
+        crypted_password.blank? || !password.blank?
+      end
+    end # instance methods
+  end
+end