gonow-devise 1.2.rc

Sign up to get free protection for your applications and to get access to all the features.
Files changed (163) hide show
  1. data/CHANGELOG.rdoc +506 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +335 -0
  4. data/app/controllers/devise/confirmations_controller.rb +33 -0
  5. data/app/controllers/devise/oauth_callbacks_controller.rb +4 -0
  6. data/app/controllers/devise/passwords_controller.rb +41 -0
  7. data/app/controllers/devise/registrations_controller.rb +109 -0
  8. data/app/controllers/devise/sessions_controller.rb +24 -0
  9. data/app/controllers/devise/unlocks_controller.rb +34 -0
  10. data/app/helpers/devise_helper.rb +19 -0
  11. data/app/mailers/devise/mailer.rb +88 -0
  12. data/app/views/devise/confirmations/new.html.erb +12 -0
  13. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  14. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  15. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  16. data/app/views/devise/passwords/edit.html.erb +16 -0
  17. data/app/views/devise/passwords/new.html.erb +12 -0
  18. data/app/views/devise/registrations/edit.html.erb +25 -0
  19. data/app/views/devise/registrations/new.html.erb +18 -0
  20. data/app/views/devise/sessions/new.html.erb +17 -0
  21. data/app/views/devise/shared/_links.erb +25 -0
  22. data/app/views/devise/unlocks/new.html.erb +12 -0
  23. data/config/locales/en.yml +46 -0
  24. data/lib/devise.rb +372 -0
  25. data/lib/devise/controllers/helpers.rb +228 -0
  26. data/lib/devise/controllers/internal_helpers.rb +113 -0
  27. data/lib/devise/controllers/scoped_views.rb +33 -0
  28. data/lib/devise/controllers/url_helpers.rb +39 -0
  29. data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
  30. data/lib/devise/encryptors/base.rb +20 -0
  31. data/lib/devise/encryptors/clearance_sha1.rb +17 -0
  32. data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
  33. data/lib/devise/encryptors/sha1.rb +25 -0
  34. data/lib/devise/encryptors/sha512.rb +25 -0
  35. data/lib/devise/failure_app.rb +126 -0
  36. data/lib/devise/hooks/activatable.rb +11 -0
  37. data/lib/devise/hooks/forgetable.rb +12 -0
  38. data/lib/devise/hooks/rememberable.rb +45 -0
  39. data/lib/devise/hooks/timeoutable.rb +22 -0
  40. data/lib/devise/hooks/trackable.rb +9 -0
  41. data/lib/devise/mapping.rb +105 -0
  42. data/lib/devise/models.rb +66 -0
  43. data/lib/devise/models/authenticatable.rb +143 -0
  44. data/lib/devise/models/confirmable.rb +160 -0
  45. data/lib/devise/models/database_authenticatable.rb +94 -0
  46. data/lib/devise/models/encryptable.rb +65 -0
  47. data/lib/devise/models/lockable.rb +168 -0
  48. data/lib/devise/models/oauthable.rb +49 -0
  49. data/lib/devise/models/recoverable.rb +83 -0
  50. data/lib/devise/models/registerable.rb +21 -0
  51. data/lib/devise/models/rememberable.rb +122 -0
  52. data/lib/devise/models/timeoutable.rb +43 -0
  53. data/lib/devise/models/token_authenticatable.rb +72 -0
  54. data/lib/devise/models/trackable.rb +30 -0
  55. data/lib/devise/models/validatable.rb +64 -0
  56. data/lib/devise/modules.rb +30 -0
  57. data/lib/devise/oauth.rb +41 -0
  58. data/lib/devise/oauth/config.rb +33 -0
  59. data/lib/devise/oauth/helpers.rb +18 -0
  60. data/lib/devise/oauth/internal_helpers.rb +182 -0
  61. data/lib/devise/oauth/test_helpers.rb +29 -0
  62. data/lib/devise/oauth/url_helpers.rb +35 -0
  63. data/lib/devise/orm/active_record.rb +38 -0
  64. data/lib/devise/orm/mongoid.rb +31 -0
  65. data/lib/devise/path_checker.rb +18 -0
  66. data/lib/devise/rails.rb +68 -0
  67. data/lib/devise/rails/routes.rb +260 -0
  68. data/lib/devise/rails/warden_compat.rb +41 -0
  69. data/lib/devise/schema.rb +96 -0
  70. data/lib/devise/strategies/authenticatable.rb +150 -0
  71. data/lib/devise/strategies/base.rb +15 -0
  72. data/lib/devise/strategies/database_authenticatable.rb +21 -0
  73. data/lib/devise/strategies/rememberable.rb +51 -0
  74. data/lib/devise/strategies/token_authenticatable.rb +53 -0
  75. data/lib/devise/test_helpers.rb +100 -0
  76. data/lib/devise/version.rb +3 -0
  77. data/lib/generators/active_record/devise_generator.rb +28 -0
  78. data/lib/generators/active_record/templates/migration.rb +30 -0
  79. data/lib/generators/devise/devise_generator.rb +17 -0
  80. data/lib/generators/devise/install_generator.rb +24 -0
  81. data/lib/generators/devise/orm_helpers.rb +24 -0
  82. data/lib/generators/devise/views_generator.rb +63 -0
  83. data/lib/generators/mongoid/devise_generator.rb +17 -0
  84. data/lib/generators/templates/README +25 -0
  85. data/lib/generators/templates/devise.rb +168 -0
  86. data/test/controllers/helpers_test.rb +205 -0
  87. data/test/controllers/internal_helpers_test.rb +56 -0
  88. data/test/controllers/url_helpers_test.rb +59 -0
  89. data/test/devise_test.rb +65 -0
  90. data/test/encryptors_test.rb +30 -0
  91. data/test/failure_app_test.rb +148 -0
  92. data/test/generators/generators_test_helper.rb +4 -0
  93. data/test/generators/install_generator_test.rb +14 -0
  94. data/test/generators/views_generator_test.rb +37 -0
  95. data/test/integration/authenticatable_test.rb +424 -0
  96. data/test/integration/confirmable_test.rb +104 -0
  97. data/test/integration/database_authenticatable_test.rb +38 -0
  98. data/test/integration/http_authenticatable_test.rb +64 -0
  99. data/test/integration/lockable_test.rb +109 -0
  100. data/test/integration/oauthable_test.rb +244 -0
  101. data/test/integration/recoverable_test.rb +134 -0
  102. data/test/integration/registerable_test.rb +180 -0
  103. data/test/integration/rememberable_test.rb +179 -0
  104. data/test/integration/timeoutable_test.rb +89 -0
  105. data/test/integration/token_authenticatable_test.rb +99 -0
  106. data/test/integration/trackable_test.rb +64 -0
  107. data/test/mailers/confirmation_instructions_test.rb +84 -0
  108. data/test/mailers/reset_password_instructions_test.rb +72 -0
  109. data/test/mailers/unlock_instructions_test.rb +66 -0
  110. data/test/mapping_test.rb +95 -0
  111. data/test/models/confirmable_test.rb +221 -0
  112. data/test/models/database_authenticatable_test.rb +82 -0
  113. data/test/models/encryptable_test.rb +65 -0
  114. data/test/models/lockable_test.rb +204 -0
  115. data/test/models/oauthable_test.rb +21 -0
  116. data/test/models/recoverable_test.rb +155 -0
  117. data/test/models/rememberable_test.rb +271 -0
  118. data/test/models/timeoutable_test.rb +28 -0
  119. data/test/models/token_authenticatable_test.rb +37 -0
  120. data/test/models/trackable_test.rb +5 -0
  121. data/test/models/validatable_test.rb +99 -0
  122. data/test/models_test.rb +77 -0
  123. data/test/oauth/config_test.rb +44 -0
  124. data/test/oauth/url_helpers_test.rb +47 -0
  125. data/test/orm/active_record.rb +9 -0
  126. data/test/orm/mongoid.rb +10 -0
  127. data/test/rails_app/app/active_record/admin.rb +6 -0
  128. data/test/rails_app/app/active_record/shim.rb +2 -0
  129. data/test/rails_app/app/active_record/user.rb +8 -0
  130. data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
  131. data/test/rails_app/app/controllers/admins_controller.rb +6 -0
  132. data/test/rails_app/app/controllers/application_controller.rb +9 -0
  133. data/test/rails_app/app/controllers/home_controller.rb +12 -0
  134. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
  135. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
  136. data/test/rails_app/app/controllers/users_controller.rb +18 -0
  137. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  138. data/test/rails_app/app/mongoid/admin.rb +9 -0
  139. data/test/rails_app/app/mongoid/shim.rb +24 -0
  140. data/test/rails_app/app/mongoid/user.rb +10 -0
  141. data/test/rails_app/config/application.rb +35 -0
  142. data/test/rails_app/config/boot.rb +13 -0
  143. data/test/rails_app/config/environment.rb +5 -0
  144. data/test/rails_app/config/environments/development.rb +19 -0
  145. data/test/rails_app/config/environments/production.rb +33 -0
  146. data/test/rails_app/config/environments/test.rb +33 -0
  147. data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
  148. data/test/rails_app/config/initializers/devise.rb +172 -0
  149. data/test/rails_app/config/initializers/inflections.rb +2 -0
  150. data/test/rails_app/config/initializers/secret_token.rb +2 -0
  151. data/test/rails_app/config/routes.rb +54 -0
  152. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +31 -0
  153. data/test/rails_app/db/schema.rb +52 -0
  154. data/test/rails_app/lib/shared_admin.rb +9 -0
  155. data/test/rails_app/lib/shared_user.rb +48 -0
  156. data/test/routes_test.rb +189 -0
  157. data/test/support/assertions.rb +24 -0
  158. data/test/support/helpers.rb +60 -0
  159. data/test/support/integration.rb +88 -0
  160. data/test/support/webrat/integrations/rails.rb +24 -0
  161. data/test/test_helper.rb +23 -0
  162. data/test/test_helpers_test.rb +101 -0
  163. metadata +357 -0
@@ -0,0 +1,20 @@
1
+ Copyright 2009 Plataforma Tecnologia. http://blog.plataformatec.com.br
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -0,0 +1,335 @@
1
+ == Devise
2
+
3
+ Devise is a flexible authentication solution for Rails based on Warden. It:
4
+
5
+ * Is Rack based;
6
+ * Is a complete MVC solution based on Rails engines;
7
+ * Allows you to have multiple roles (or models/scopes) signed in at the same time;
8
+ * Is based on a modularity concept: use just what you really need.
9
+
10
+ It's composed of 12 modules:
11
+
12
+ * Database Authenticatable: encrypts and stores a password in the database to validate the authenticity of an user while signing in. The authentication can be done both through POST requests or HTTP Basic Authentication.
13
+ * Token Authenticatable: signs in a user based on an authentication token (also known as "single access token"). The token can be given both through query string or HTTP Basic Authentication.
14
+ * Oauthable: adds OAuth2 support;
15
+ * Confirmable: sends emails with confirmation instructions and verifies whether an account is already confirmed during sign in.
16
+ * Recoverable: resets the user password and sends reset instructions.
17
+ * Registerable: handles signing up users through a registration process, also allowing them to edit and destroy their account.
18
+ * Rememberable: manages generating and clearing a token for remembering the user from a saved cookie.
19
+ * Trackable: tracks sign in count, timestamps and IP address.
20
+ * Timeoutable: expires sessions that have no activity in a specified period of time.
21
+ * Validatable: provides validations of email and password. It's optional and can be customized, so you're able to define your own validations.
22
+ * Lockable: locks an account after a specified number of failed sign-in attempts. Can unlock via email or after a specified time period.
23
+ * Encryptable: allows support of other authentication mechanisms besides Bcrypt (the default).
24
+
25
+ == Information
26
+
27
+ === The Devise Wiki
28
+
29
+ The Devise Wiki has lots of additional information about Devise including many "how-to" articles and answers to the most frequently asked questions. Please browse the Wiki after finishing this README:
30
+
31
+ http://wiki.github.com/plataformatec/devise
32
+
33
+ === Bug reports
34
+
35
+ If you discover a problem with Devise, we would like to know about it. However, we ask that you please review these guidelines before submitting a bug report:
36
+
37
+ http://github.com/plataformatec/devise/wiki/Bug-reports
38
+
39
+ If you found a security bug, do *NOT* use the GitHub Issue tracker. Send private GitHub message or email to the maintainers listed in the bottom of the README.
40
+
41
+ === Google Group
42
+
43
+ If you have any questions, comments, or concerns please use the Google Group instead of the GitHub Issues tracker:
44
+
45
+ http://groups.google.com/group/plataformatec-devise
46
+
47
+ === RDocs
48
+
49
+ You can view the Devise documentation in RDoc format here:
50
+
51
+ http://rubydoc.info/github/plataformatec/devise/master/frames
52
+
53
+ If you need to use Devise with Rails 2.3, you can always run `gem server` from the command line after you install the gem to access the old documentation.
54
+
55
+ === Example Applications
56
+
57
+ There are a few example applications available on GitHub that demonstrate various features of Devise with different versions of Rails. You can view them here:
58
+
59
+ http://github.com/plataformatec/devise/wiki/Example-Applications
60
+
61
+ === Extensions
62
+
63
+ Our community has created a number of extensions that add functionality above and beyond what is included with Devise. You can view a list of available extensions and add your own here:
64
+
65
+ http://github.com/plataformatec/devise/wiki/Extensions
66
+
67
+ === Contributing
68
+
69
+ We hope that you will consider contributing to Devise. Please read this short overview for some information about how to get started:
70
+
71
+ http://github.com/plataformatec/devise/wiki/Contributing
72
+
73
+ == Installation
74
+
75
+ You can use the latest Rails 3 gem with the latest Devise gem:
76
+
77
+ gem install devise
78
+
79
+ After you install Devise and add it to your Gemfile, you need to run the generator:
80
+
81
+ rails generate devise:install
82
+
83
+ The generator will install an initializer which describes ALL Devise's configuration options and you MUST take a look at it. When you are done, you are ready to add Devise to any of your models using the generator:
84
+
85
+ rails generate devise MODEL
86
+
87
+ Replace MODEL by the class name you want to add devise, like User, Admin, etc. This will create a model (if one does not exist) and configure it with default Devise modules. The generator will also create a migration file (if your ORM support them) and configure your routes. Continue reading this file to understand exactly what the generator produces and how to use it.
88
+
89
+ Support for Rails 2.3.x can be found by installing Devise 1.0.x from the v1.0 branch.
90
+
91
+ == Getting started
92
+
93
+ This is a walkthrough with all steps you need to setup a devise resource, including model, migration, route files, and optional configuration.
94
+
95
+ Devise must be set up within the model (or models) you want to use. Devise routes must be created inside your config/routes.rb file.
96
+
97
+ We're assuming here you want a User model with some Devise modules, as outlined below:
98
+
99
+ class User < ActiveRecord::Base
100
+ devise :database_authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :validatable
101
+ end
102
+
103
+ After you choose which modules to use, you need to set up your migrations. Luckily, Devise has some helpers to save you from this boring work:
104
+
105
+ create_table :users do |t|
106
+ t.database_authenticatable
107
+ t.confirmable
108
+ t.recoverable
109
+ t.rememberable
110
+ t.trackable
111
+ t.timestamps
112
+ end
113
+
114
+ Devise doesn't use _attr_accessible_ or _attr_protected_ inside its modules, so be sure to define attributes as accessible or protected in your model.
115
+
116
+ Configure your routes after setting up your model. Open your config/routes.rb file and add:
117
+
118
+ devise_for :users
119
+
120
+ This will use your User model to create a set of needed routes (you can see them by running `rake routes`). If you invoked the devise generator, you noticed that this is exactly what the generator produces for us: model, routes and migrations.
121
+
122
+ Don't forget to run rake db:migrate and you are ready to go! But don't stop reading here, we still have a lot to tell you.
123
+
124
+ === Controller filters and helpers
125
+
126
+ Devise will create some helpers to use inside your controllers and views. To set up a controller with user authentication, just add this before_filter:
127
+
128
+ before_filter :authenticate_user!
129
+
130
+ To verify if a user is signed in, use the following helper:
131
+
132
+ user_signed_in?
133
+
134
+ For the current signed-in user, this helper is available:
135
+
136
+ current_user
137
+
138
+ You can access the session for this scope:
139
+
140
+ user_session
141
+
142
+ After signing in a user, confirming the account or updating the password, Devise will look for a scoped root path to redirect. Example: For a :user resource, it will use user_root_path if it exists, otherwise default root_path will be used. This means that you need to set the root inside your routes:
143
+
144
+ root :to => "home"
145
+
146
+ You can also overwrite after_sign_in_path_for and after_sign_out_path_for to customize your redirect hooks.
147
+
148
+ Finally, you need to set up default url options for the mailer in each environment. Here is the configuration for config/environments/development.rb:
149
+
150
+ config.action_mailer.default_url_options = { :host => 'localhost:3000' }
151
+
152
+ === Configuring Models
153
+
154
+ The devise method in your models also accepts some options to configure its modules. For example, you can choose which encryptor to use in database_authenticatable:
155
+
156
+ devise :database_authenticatable, :confirmable, :recoverable, :stretches => 20
157
+
158
+ Besides :stretches, you can define :pepper, :encryptor, :confirm_within, :remember_for, :timeout_in, :unlock_in and other values. For details, see the initializer file that was created when you invoked the "devise:install" generator described above.
159
+
160
+ === Configuring multiple models
161
+
162
+ Devise allows you to set up as many roles as you want. For example, you may have a User model and also want an Admin model with just authentication, trackable, lockable and timeoutable features and no confirmation or password-recovery features. Just follow these steps:
163
+
164
+ # Create a migration with the required fields
165
+ create_table :admins do |t|
166
+ t.database_authenticatable
167
+ t.lockable
168
+ t.trackable
169
+ t.timestamps
170
+ end
171
+
172
+ # Inside your Admin model
173
+ devise :database_authenticatable, :trackable, :timeoutable, :lockable
174
+
175
+ # Inside your routes
176
+ devise_for :admins
177
+
178
+ # Inside your protected controller
179
+ before_filter :authenticate_admin!
180
+
181
+ # Inside your controllers and views
182
+ admin_signed_in?
183
+ current_admin
184
+ admin_session
185
+
186
+ === Configuring views
187
+
188
+ We built Devise to help you quickly develop an application that uses authentication. However, we don't want to be in your way when you need to customize it.
189
+
190
+ Since Devise is an engine, all its views are packaged inside the gem. These views will help you get started, but after sometime you may want to change them. If this is the case, you just need to invoke the following generator, and it will copy all views to your application:
191
+
192
+ rails generate devise:views
193
+
194
+ If you are using HAML, you will need hpricot installed to convert Devise views to HAML.
195
+
196
+ If you have more than one role in your application (such as "User" and "Admin"), you will notice that Devise uses the same views for all roles. Fortunately, Devise offers an easy way to customize views. All you need to do is set "config.scoped_views = true" inside "config/initializers/devise.rb".
197
+
198
+ After doing so, you will be able to have views based on the role like "users/sessions/new" and "admins/sessions/new". If no view is found within the scope, Devise will use the default view at "devise/sessions/new". You can also use the generator to generate scoped views:
199
+
200
+ rails generate devise:views users
201
+
202
+ === Configuring controllers
203
+
204
+ If the customization at the views level is not enough, you can customize each controller by following these steps:
205
+
206
+ 1) Create your custom controller, for example a Admins::SessionsController:
207
+
208
+ class Admins::SessionsController < Devise::SessionsController
209
+ end
210
+
211
+ 2) Tell the router to use this controller:
212
+
213
+ devise_for :admins, :controllers => { :sessions => "admins/sessions" }
214
+
215
+ 3) And since we changed the controller, it won't use the "devise/sessions" views, so remember to copy "devise/sessions" to "admin/sessions".
216
+
217
+ Remember that Devise uses flash messages to let users know if sign in was successful or failed. Devise expects your application to call "flash[:notice]" and "flash[:alert]" as appropriate.
218
+
219
+ === Configuring routes
220
+
221
+ Devise also ships with default routes. If you need to customize them, you should probably be able to do it through the devise_for method. It accepts several options like :class_name, :path_prefix and so on, including the possibility to change path names for I18n:
222
+
223
+ devise_for :users, :path => "usuarios", :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification', :unlock => 'unblock', :registration => 'register', :sign_up => 'cmon_let_me_in' }
224
+
225
+ Be sure to check devise_for documentation for details.
226
+
227
+ If you have the need for more deep customization, for instance to also allow "/sign_in" besides "/users/sign_in", all you need to do is to create your routes normally and wrap them in a +devise_scope+ block in the router:
228
+
229
+ devise_scope :user do
230
+ get "sign_in", :to => "devise/sessions#new"
231
+ end
232
+
233
+ This way you tell devise to use the scope :user when "/sign_in" is accessed. Notice +devise_scope+ is also aliased as +as+ and you can also give a block to +devise_for+, resulting in the same behavior:
234
+
235
+ devise_for :users do
236
+ get "sign_in", :to => "devise/sessions#new"
237
+ end
238
+
239
+ Feel free to choose the one you prefer!
240
+
241
+ === I18n
242
+
243
+ Devise uses flash messages with I18n with the flash keys :success and :failure. To customize your app, you can set up your locale file:
244
+
245
+ en:
246
+ devise:
247
+ sessions:
248
+ signed_in: 'Signed in successfully.'
249
+
250
+ You can also create distinct messages based on the resource you've configured using the singular name given in routes:
251
+
252
+ en:
253
+ devise:
254
+ sessions:
255
+ user:
256
+ signed_in: 'Welcome user, you are signed in.'
257
+ admin:
258
+ signed_in: 'Hello admin!'
259
+
260
+ The Devise mailer uses a similar pattern to create subject messages:
261
+
262
+ en:
263
+ devise:
264
+ mailer:
265
+ confirmation_instructions:
266
+ subject: 'Hello everybody!'
267
+ user_subject: 'Hello User! Please confirm your email'
268
+ reset_password_instructions:
269
+ subject: 'Reset instructions'
270
+
271
+ Take a look at our locale file to check all available messages. You may also be interested in one of the many translations that are available on our wiki:
272
+
273
+ http://github.com/plataformatec/devise/wiki/I18n
274
+
275
+ === Test helpers
276
+
277
+ Devise includes some tests helpers for functional specs. To use them, you just need to include Devise::TestHelpers in your test class and use the sign_in and sign_out method. Such methods have the same signature as in controllers:
278
+
279
+ sign_in :user, @user # sign_in(scope, resource)
280
+ sign_in @user # sign_in(resource)
281
+
282
+ sign_out :user # sign_out(scope)
283
+ sign_out @user # sign_out(resource)
284
+
285
+ You can include the Devise Test Helpers in all of your tests by adding the following to the bottom of your test/test_helper.rb file:
286
+
287
+ class ActionController::TestCase
288
+ include Devise::TestHelpers
289
+ end
290
+
291
+ If you're using RSpec and want the helpers automatically included within all +describe+ blocks, add a file called spec/support/devise.rb with the following contents:
292
+
293
+ RSpec.configure do |config|
294
+ config.include Devise::TestHelpers, :type => :controller
295
+ end
296
+
297
+ Do not use such helpers for integration tests such as Cucumber or Webrat. Instead, fill in the form or explicitly set the user in session. For more tips, check the wiki (http://wiki.github.com/plataformatec/devise).
298
+
299
+ === OAuth2
300
+
301
+ Devise comes with OAuth support out of the box if you're using Devise from the git repository (for now). You can read more about OAuth2 support in the wiki:
302
+
303
+ * http://github.com/plataformatec/devise/wiki/OAuth2:-Overview
304
+ * http://github.com/plataformatec/devise/wiki/OAuth2:-Testing
305
+
306
+ === Other ORMs
307
+
308
+ Devise supports ActiveRecord (default) and Mongoid. To choose other ORM, you just need to require it in the initializer file.
309
+
310
+ === Migrating from other solutions
311
+
312
+ Devise implements encryption strategies for Clearance, Authlogic and Restful-Authentication. To make use of these strategies, you need set the desired encryptor in the encryptor initializer config option and add :encryptable to your model. You might also need to rename your encrypted password and salt columns to match Devise's fields (encrypted_password and password_salt).
313
+
314
+ == Additional information
315
+
316
+ === Warden
317
+
318
+ Devise is based on Warden, which is a general Rack authentication framework created by Daniel Neighman. We encourage you to read more about Warden here:
319
+
320
+ http://github.com/hassox/warden
321
+
322
+ === Contributors
323
+
324
+ We have a long list of valued contributors. Check them all at:
325
+
326
+ http://github.com/plataformatec/devise/contributors
327
+
328
+ === Maintainers
329
+
330
+ * José Valim (http://github.com/josevalim)
331
+ * Carlos Antônio da Silva (http://github.com/carlosantoniodasilva)
332
+
333
+ == License
334
+
335
+ MIT License. Copyright 2010 Plataforma Tecnologia. http://blog.plataformatec.com.br
@@ -0,0 +1,33 @@
1
+ class Devise::ConfirmationsController < ApplicationController
2
+ include Devise::Controllers::InternalHelpers
3
+
4
+ # GET /resource/confirmation/new
5
+ def new
6
+ build_resource({})
7
+ render_with_scope :new
8
+ end
9
+
10
+ # POST /resource/confirmation
11
+ def create
12
+ self.resource = resource_class.send_confirmation_instructions(params[resource_name])
13
+
14
+ if resource.errors.empty?
15
+ set_flash_message :notice, :send_instructions
16
+ redirect_to new_session_path(resource_name)
17
+ else
18
+ render_with_scope :new
19
+ end
20
+ end
21
+
22
+ # GET /resource/confirmation?confirmation_token=abcdef
23
+ def show
24
+ self.resource = resource_class.confirm_by_token(params[:confirmation_token])
25
+
26
+ if resource.errors.empty?
27
+ set_flash_message :notice, :confirmed
28
+ sign_in_and_redirect(resource_name, resource)
29
+ else
30
+ render_with_scope :new
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,4 @@
1
+ class Devise::OauthCallbacksController < ApplicationController
2
+ include Devise::Controllers::InternalHelpers
3
+ include Devise::Oauth::InternalHelpers
4
+ end
@@ -0,0 +1,41 @@
1
+ class Devise::PasswordsController < ApplicationController
2
+ prepend_before_filter :require_no_authentication
3
+ include Devise::Controllers::InternalHelpers
4
+
5
+ # GET /resource/password/new
6
+ def new
7
+ build_resource({})
8
+ render_with_scope :new
9
+ end
10
+
11
+ # POST /resource/password
12
+ def create
13
+ self.resource = resource_class.send_reset_password_instructions(params[resource_name])
14
+
15
+ if resource.errors.empty?
16
+ set_flash_message :notice, :send_instructions
17
+ redirect_to new_session_path(resource_name)
18
+ else
19
+ render_with_scope :new
20
+ end
21
+ end
22
+
23
+ # GET /resource/password/edit?reset_password_token=abcdef
24
+ def edit
25
+ self.resource = resource_class.new
26
+ resource.reset_password_token = params[:reset_password_token]
27
+ render_with_scope :edit
28
+ end
29
+
30
+ # PUT /resource/password
31
+ def update
32
+ self.resource = resource_class.reset_password_by_token(params[resource_name])
33
+
34
+ if resource.errors.empty?
35
+ set_flash_message :notice, :updated
36
+ sign_in_and_redirect(resource_name, resource)
37
+ else
38
+ render_with_scope :edit
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,109 @@
1
+ class Devise::RegistrationsController < ApplicationController
2
+ prepend_before_filter :require_no_authentication, :only => [ :new, :create, :cancel ]
3
+ prepend_before_filter :authenticate_scope!, :only => [:edit, :update, :destroy]
4
+ include Devise::Controllers::InternalHelpers
5
+
6
+ # GET /resource/sign_up
7
+ def new
8
+ build_resource({})
9
+ render_with_scope :new
10
+ end
11
+
12
+ # POST /resource/sign_up
13
+ def create
14
+ build_resource
15
+
16
+ if resource.save
17
+ if resource.active?
18
+ set_flash_message :notice, :signed_up
19
+ sign_in_and_redirect(resource_name, resource)
20
+ else
21
+ set_flash_message :notice, :inactive_signed_up, :reason => resource.inactive_message.to_s
22
+ redirect_to after_inactive_sign_up_path_for(resource)
23
+ end
24
+ else
25
+ clean_up_passwords(resource)
26
+ render_with_scope :new
27
+ end
28
+ end
29
+
30
+ # GET /resource/edit
31
+ def edit
32
+ render_with_scope :edit
33
+ end
34
+
35
+ # PUT /resource
36
+ def update
37
+ if resource.update_with_password(params[resource_name])
38
+ set_flash_message :notice, :updated
39
+ sign_in resource_name, resource, :bypass => true
40
+ redirect_to after_update_path_for(resource)
41
+ else
42
+ clean_up_passwords(resource)
43
+ render_with_scope :edit
44
+ end
45
+ end
46
+
47
+ # DELETE /resource
48
+ def destroy
49
+ resource.destroy
50
+ sign_out_and_redirect(self.resource)
51
+ set_flash_message :notice, :destroyed
52
+ end
53
+
54
+ # GET /resource/cancel
55
+ # Forces the session data which is usually expired after sign
56
+ # in to be expired now. This is useful if the user wants to
57
+ # cancel oauth signing in/up in the middle of the process,
58
+ # removing all OAuth session data.
59
+ def cancel
60
+ expire_session_data_after_sign_in!
61
+ redirect_to new_registration_path(resource_name)
62
+ end
63
+
64
+ protected
65
+
66
+ # Build a devise resource passing in the session. Useful to move
67
+ # temporary session data to the newly created user.
68
+ def build_resource(hash=nil)
69
+ hash ||= params[resource_name] || {}
70
+ self.resource = resource_class.new_with_session(hash, session)
71
+ end
72
+
73
+ # The path used after sign up. You need to overwrite this method
74
+ # in your own RegistrationsController.
75
+ def after_sign_up_path_for(resource)
76
+ after_sign_in_path_for(resource)
77
+ end
78
+
79
+ # Overwrite redirect_for_sign_in so it takes uses after_sign_up_path_for.
80
+ def redirect_for_sign_in(scope, resource) #:nodoc:
81
+ redirect_to stored_location_for(scope) || after_sign_up_path_for(resource)
82
+ end
83
+
84
+ # The path used after sign up for inactive accounts. You need to overwrite
85
+ # this method in your own RegistrationsController.
86
+ def after_inactive_sign_up_path_for(resource)
87
+ root_path
88
+ end
89
+
90
+ # The default url to be used after updating a resource. You need to overwrite
91
+ # this method in your own RegistrationsController.
92
+ def after_update_path_for(resource)
93
+ if defined?(super)
94
+ ActiveSupport::Deprecation.warn "Defining after_update_path_for in ApplicationController " <<
95
+ "is deprecated. Please add a RegistrationsController to your application and define it there."
96
+ super
97
+ else
98
+ after_sign_in_path_for(resource)
99
+ end
100
+ end
101
+
102
+ # Authenticates the current scope and gets a copy of the current resource.
103
+ # We need to use a copy because we don't want actions like update changing
104
+ # the current user in place.
105
+ def authenticate_scope!
106
+ send(:"authenticate_#{resource_name}!")
107
+ self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
108
+ end
109
+ end