gravis-clearance 0.3.7
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +21 -0
- data/README.textile +165 -0
- data/Rakefile +46 -0
- data/TODO.textile +22 -0
- data/generators/clearance/USAGE +1 -0
- data/generators/clearance/clearance_generator.rb +73 -0
- data/generators/clearance/templates/app/controllers/application.rb +5 -0
- data/generators/clearance/templates/app/controllers/confirmations_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/passwords_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/sessions_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/users_controller.rb +3 -0
- data/generators/clearance/templates/app/models/clearance_mailer.rb +5 -0
- data/generators/clearance/templates/app/models/user.rb +3 -0
- data/generators/clearance/templates/app/views/clearance_mailer/change_password.html.erb +6 -0
- data/generators/clearance/templates/app/views/clearance_mailer/confirmation.html.erb +1 -0
- data/generators/clearance/templates/app/views/confirmations/new.html.erb +6 -0
- data/generators/clearance/templates/app/views/passwords/edit.html.erb +23 -0
- data/generators/clearance/templates/app/views/passwords/new.html.erb +15 -0
- data/generators/clearance/templates/app/views/sessions/new.html.erb +26 -0
- data/generators/clearance/templates/app/views/users/_form.html.erb +13 -0
- data/generators/clearance/templates/app/views/users/edit.html.erb +4 -0
- data/generators/clearance/templates/app/views/users/new.html.erb +4 -0
- data/generators/clearance/templates/test/factories.rb +9 -0
- data/generators/clearance/templates/test/functional/confirmations_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/passwords_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/sessions_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/users_controller_test.rb +5 -0
- data/generators/clearance/templates/test/unit/clearance_mailer_test.rb +6 -0
- data/generators/clearance/templates/test/unit/user_test.rb +5 -0
- data/lib/clearance.rb +15 -0
- data/lib/clearance/app/controllers/application_controller.rb +84 -0
- data/lib/clearance/app/controllers/confirmations_controller.rb +46 -0
- data/lib/clearance/app/controllers/passwords_controller.rb +67 -0
- data/lib/clearance/app/controllers/sessions_controller.rb +79 -0
- data/lib/clearance/app/controllers/users_controller.rb +47 -0
- data/lib/clearance/app/models/clearance_mailer.rb +33 -0
- data/lib/clearance/app/models/user.rb +93 -0
- data/lib/clearance/test/functional/confirmations_controller_test.rb +85 -0
- data/lib/clearance/test/functional/passwords_controller_test.rb +188 -0
- data/lib/clearance/test/functional/sessions_controller_test.rb +148 -0
- data/lib/clearance/test/functional/users_controller_test.rb +67 -0
- data/lib/clearance/test/test_helper.rb +94 -0
- data/lib/clearance/test/unit/clearance_mailer_test.rb +63 -0
- data/lib/clearance/test/unit/user_test.rb +222 -0
- data/lib/clearance/version.rb +7 -0
- metadata +120 -0
data/LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License
|
2
|
+
|
3
|
+
Copyright (c) 2008 thoughtbot, inc.
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
13
|
+
all copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
21
|
+
THE SOFTWARE.
|
data/README.textile
ADDED
@@ -0,0 +1,165 @@
|
|
1
|
+
h1. Clearance
|
2
|
+
|
3
|
+
Simple, complete Ruby web app authentication.
|
4
|
+
|
5
|
+
"We have clearance, Clarence.":http://www.youtube.com/v/mNRXJEE3Nz8
|
6
|
+
|
7
|
+
h2. Gem installation (Rails 2.1+)
|
8
|
+
|
9
|
+
In config/environments/test.rb:
|
10
|
+
|
11
|
+
config.gem 'mocha'
|
12
|
+
config.gem 'thoughtbot-shoulda',
|
13
|
+
:lib => 'shoulda',
|
14
|
+
:source => "http://gems.github.com"
|
15
|
+
config.gem 'thoughtbot-factory_girl',
|
16
|
+
:lib => 'factory_girl',
|
17
|
+
:source => "http://gems.github.com"
|
18
|
+
|
19
|
+
In config/environment.rb:
|
20
|
+
|
21
|
+
config.gem "thoughtbot-clearance", :lib => 'clearance', :source => 'http://gems.github.com'
|
22
|
+
|
23
|
+
Then:
|
24
|
+
|
25
|
+
rake gems:install
|
26
|
+
rake gems:unpack
|
27
|
+
|
28
|
+
h2. Generator
|
29
|
+
|
30
|
+
In a greenfield application, just run the generator:
|
31
|
+
|
32
|
+
script/generate clearance
|
33
|
+
|
34
|
+
This will create:
|
35
|
+
|
36
|
+
app/controllers/confirmations_controller.rb
|
37
|
+
app/controllers/passwords_controller.rb
|
38
|
+
app/controllers/sessions_controller.rb
|
39
|
+
app/controllers/users_controller.rb
|
40
|
+
app/models/user.rb
|
41
|
+
app/models/user_mailer.rb
|
42
|
+
app/views/confirmations/new.html.erb
|
43
|
+
app/views/passwords/edit.html.erb
|
44
|
+
app/views/passwords/new.html.erb
|
45
|
+
app/views/sessions/new.html.erb
|
46
|
+
app/views/user_mailer/change_password.html.erb
|
47
|
+
app/views/user_mailer/confirmation.html.erb
|
48
|
+
app/views/users/_form.html.erb
|
49
|
+
app/views/users/edit.html.erb
|
50
|
+
app/views/users/new.html.erb
|
51
|
+
test/functional/confirmations_controller_test.rb
|
52
|
+
test/functional/passwords_controller_test.rb
|
53
|
+
test/functional/sessions_controller_test.rb
|
54
|
+
test/functional/users_controller_test.rb
|
55
|
+
test/unit/user_mailer_test.rb
|
56
|
+
test/unit/user_test.rb
|
57
|
+
|
58
|
+
Add the corresponding Clearance module for any file(s) you don't want to override. They are namespaced exactly like the directory structure of a Rails app:
|
59
|
+
|
60
|
+
app/models/user.rb already exists.
|
61
|
+
include Clearance::App::Models::User
|
62
|
+
|
63
|
+
h2. Tests
|
64
|
+
|
65
|
+
The tests use "Shoulda":http://thoughtbot.com/projects/shoulda >= 2.0.4 and "Factory Girl":http://thoughtbot.com/projects/factory_girl. You should create a User Factory:
|
66
|
+
|
67
|
+
Factory.sequence :email do |n|
|
68
|
+
"user#{n}@example.com"
|
69
|
+
end
|
70
|
+
|
71
|
+
Factory.define :user do |user|
|
72
|
+
user.email { Factory.next :email }
|
73
|
+
user.password "password"
|
74
|
+
user.password_confirmation "password"
|
75
|
+
end
|
76
|
+
|
77
|
+
In test/test_helper.rb:
|
78
|
+
|
79
|
+
class Test::Unit::TestCase
|
80
|
+
self.use_transactional_fixtures = true
|
81
|
+
self.use_instantiated_fixtures = false
|
82
|
+
include Clearance::Test::TestHelper
|
83
|
+
end
|
84
|
+
|
85
|
+
h2. Controllers
|
86
|
+
|
87
|
+
In app/controllers/application_controller.rb:
|
88
|
+
|
89
|
+
class ApplicationController < ActionController::Base
|
90
|
+
helper :all
|
91
|
+
protect_from_forgery
|
92
|
+
include Clearance::App::Controllers::ApplicationController
|
93
|
+
end
|
94
|
+
|
95
|
+
h2. Migration
|
96
|
+
|
97
|
+
The generator will create a migration for you call @[timestamp]_create_users.rb@ in you @db/migrate@ directory. Please feel free to add field in the migrate before running @rake db:migrate@ .
|
98
|
+
|
99
|
+
h2. Routes
|
100
|
+
|
101
|
+
map.resources :users
|
102
|
+
map.resource :session
|
103
|
+
map.resources :users, :has_one => :password
|
104
|
+
map.resources :users, :has_one => :confirmation
|
105
|
+
map.resources :passwords
|
106
|
+
|
107
|
+
map.register '/register', :controller => 'users', :action => 'new'
|
108
|
+
map.login '/login', :controller => 'sessions', :action => 'new'
|
109
|
+
map.logout '/logout', :controller => 'sessions', :action => 'destroy'
|
110
|
+
|
111
|
+
|
112
|
+
h2. Environments
|
113
|
+
|
114
|
+
In config/environments/test.rb and config/environments/development.rb:
|
115
|
+
|
116
|
+
HOST = "localhost"
|
117
|
+
|
118
|
+
In config/environment.rb:
|
119
|
+
|
120
|
+
DO_NOT_REPLY = "donotreply@example.com"
|
121
|
+
PROJECT_NAME = "my_app_name"
|
122
|
+
|
123
|
+
h2. Sessions Handling
|
124
|
+
|
125
|
+
One identified (through new_session_path), the logged in user is available through the @current_user@ variable.
|
126
|
+
Therefore, if you have a menu :
|
127
|
+
|
128
|
+
= link_to "Identification", new_session_url
|
129
|
+
|
|
130
|
+
= link_to "Inscription", new_user_url
|
131
|
+
|
132
|
+
You can test if the user has logged :
|
133
|
+
|
134
|
+
-if current_user
|
135
|
+
Welcome
|
136
|
+
=link_to #{current_user.email}, logout_path
|
137
|
+
-else
|
138
|
+
= link_to "Identification", new_session_url
|
139
|
+
|
|
140
|
+
= link_to "Inscription", new_user_url
|
141
|
+
|
142
|
+
h2. User account
|
143
|
+
|
144
|
+
Since User is a RESTful resource, you can use the current_user route directly :
|
145
|
+
|
146
|
+
-if current_user
|
147
|
+
Welcome
|
148
|
+
=link_to current_user.email, current_user
|
149
|
+
|
150
|
+
Be sure to implement an @edit@ action in your users controller.
|
151
|
+
|
152
|
+
h2. Logout
|
153
|
+
|
154
|
+
If you have used the routes above, you're created a direct route to logout :
|
155
|
+
|
156
|
+
=link_to "Click here to logout", logout_path
|
157
|
+
|
158
|
+
h2. Authors
|
159
|
+
|
160
|
+
* thoughtbot, inc.
|
161
|
+
* Dan Croak
|
162
|
+
* Jason Morrison
|
163
|
+
* Mike Burns
|
164
|
+
* Josh Nichols
|
165
|
+
* Mike Breen
|
data/Rakefile
ADDED
@@ -0,0 +1,46 @@
|
|
1
|
+
require 'rake'
|
2
|
+
require 'rake/testtask'
|
3
|
+
|
4
|
+
test_files_pattern = 'test/rails_root/test/{unit,functional,other}/**/*_test.rb'
|
5
|
+
template = ENV['template'] || 'erb'
|
6
|
+
namespace :test do
|
7
|
+
Rake::TestTask.new(:all => 'generator:tests') do |t|
|
8
|
+
t.libs << 'lib'
|
9
|
+
t.pattern = test_files_pattern
|
10
|
+
t.verbose = false
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
namespace :generator do
|
15
|
+
desc "Run the generator on the tests"
|
16
|
+
task :tests do
|
17
|
+
FileList["generators/clearance/templates/**/*.*"].each do |f|
|
18
|
+
File.delete("test/rails_root/#{f.gsub("generators/clearance/templates/",'')}")
|
19
|
+
end
|
20
|
+
FileUtils.rm_r("test/rails_root/vendor/plugins/clearance")
|
21
|
+
system "mkdir -p test/rails_root/vendor/plugins/clearance"
|
22
|
+
system "cp -R generators test/rails_root/vendor/plugins/clearance"
|
23
|
+
system "cd test/rails_root && ./script/generate clearance"
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
desc "Run the test suite"
|
28
|
+
task :default => 'test:all'
|
29
|
+
|
30
|
+
spec = Gem::Specification.new do |s|
|
31
|
+
s.name = "clearance"
|
32
|
+
s.version = '0.3.7'
|
33
|
+
s.summary = "Simple, complete Rails authentication."
|
34
|
+
s.email = "support@thoughtbot.com"
|
35
|
+
s.homepage = "http://github.com/thoughtbot/clearance"
|
36
|
+
s.description = "Simple, complete Rails authentication scheme."
|
37
|
+
s.authors = ["thoughtbot, inc.", "Josh Nichols", "Mike Breen"]
|
38
|
+
s.files = FileList["[A-Z]*", "{generators,lib}/**/*"]
|
39
|
+
end
|
40
|
+
|
41
|
+
desc "Generate a gemspec file"
|
42
|
+
task :gemspec do
|
43
|
+
File.open("#{spec.name}.gemspec", 'w') do |f|
|
44
|
+
f.write spec.to_yaml
|
45
|
+
end
|
46
|
+
end
|
data/TODO.textile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
(highest priority first)
|
2
|
+
|
3
|
+
# activation code (like restful-auth) instead of salt?
|
4
|
+
# remove dependency on root_url?
|
5
|
+
# generator should print out instructions to include modules existing files
|
6
|
+
# check to make sure attr_accessible doesn't override and w/ attr_protected
|
7
|
+
# move shoulda macros in test_helper to shoulda_macros folder
|
8
|
+
# refactor Mailer default_url_options[:host] to something cleaner
|
9
|
+
# application controller uses protected, all other controllers use private
|
10
|
+
# add information about url_after_create to README or github wikis
|
11
|
+
|
12
|
+
ideas to steal from merb-auth:
|
13
|
+
|
14
|
+
# store current_user on the session, not controller
|
15
|
+
# respond with 401 Unauthorized when request requires authentication
|
16
|
+
# respond with 405 Method Not Allowed when action requested isn’t allowed
|
17
|
+
# 401 and 405 need to be in Exceptions controller or use safety_valve
|
18
|
+
# email confirmation is a strategy
|
19
|
+
# forgot password is a strategy
|
20
|
+
# salted password is a strategy
|
21
|
+
|
22
|
+
http://adam.speaksoutofturn.com/post/57615195/entication-vs-orization
|
@@ -0,0 +1 @@
|
|
1
|
+
script/generate clearance
|
@@ -0,0 +1,73 @@
|
|
1
|
+
class ClearanceGenerator < Rails::Generator::NamedBase
|
2
|
+
|
3
|
+
def manifest
|
4
|
+
record do |m|
|
5
|
+
m.directory File.join("app", "controllers")
|
6
|
+
["app/controllers/application.rb",
|
7
|
+
"app/controllers/confirmations_controller.rb",
|
8
|
+
"app/controllers/passwords_controller.rb",
|
9
|
+
"app/controllers/sessions_controller.rb",
|
10
|
+
"app/controllers/users_controller.rb"].each do |file|
|
11
|
+
m.file file, file
|
12
|
+
end
|
13
|
+
|
14
|
+
m.directory File.join("app", "models")
|
15
|
+
["app/models/user.rb",
|
16
|
+
"app/models/clearance_mailer.rb"].each do |file|
|
17
|
+
m.file file, file
|
18
|
+
end
|
19
|
+
|
20
|
+
m.directory File.join("app", "views")
|
21
|
+
m.directory File.join("app", "views", "confirmations")
|
22
|
+
["app/views/confirmations/new.html."+ file_name].each do |file|
|
23
|
+
m.file file, file
|
24
|
+
end
|
25
|
+
|
26
|
+
m.directory File.join("app", "views", "passwords")
|
27
|
+
["app/views/passwords/new.html." + file_name,
|
28
|
+
"app/views/passwords/edit.html." + file_name].each do |file|
|
29
|
+
m.file file, file
|
30
|
+
end
|
31
|
+
|
32
|
+
m.directory File.join("app", "views", "sessions")
|
33
|
+
["app/views/sessions/new.html." + file_name].each do |file|
|
34
|
+
m.file file, file
|
35
|
+
end
|
36
|
+
|
37
|
+
m.directory File.join("app", "views", "user_mailer")
|
38
|
+
["app/views/clearance_mailer/change_password.html." + file_name,
|
39
|
+
"app/views/clearance_mailer/confirmation.html." + file_name].each do |file|
|
40
|
+
m.file file, file
|
41
|
+
end
|
42
|
+
|
43
|
+
m.directory File.join("app", "views", "users")
|
44
|
+
["app/views/users/_form.html." + file_name,
|
45
|
+
"app/views/users/edit.html." + file_name,
|
46
|
+
"app/views/users/new.html." + file_name].each do |file|
|
47
|
+
m.file file, file
|
48
|
+
end
|
49
|
+
|
50
|
+
m.directory File.join("test", "functional")
|
51
|
+
["test/functional/confirmations_controller_test.rb",
|
52
|
+
"test/functional/passwords_controller_test.rb",
|
53
|
+
"test/functional/sessions_controller_test.rb",
|
54
|
+
"test/functional/users_controller_test.rb"].each do |file|
|
55
|
+
m.file file, file
|
56
|
+
end
|
57
|
+
|
58
|
+
m.directory File.join("test", "unit")
|
59
|
+
["test/unit/clearance_mailer_test.rb",
|
60
|
+
"test/unit/user_test.rb"].each do |file|
|
61
|
+
m.file file, file
|
62
|
+
end
|
63
|
+
|
64
|
+
["test/factories.rb"].each do |file|
|
65
|
+
m.file file, file
|
66
|
+
end
|
67
|
+
|
68
|
+
m.migration_template 'migration/migration.rb', "db/migrate", :migration_name => "CreateUsers", :migration_file_name => "create_users"
|
69
|
+
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
@@ -0,0 +1,6 @@
|
|
1
|
+
Someone, hopefully you, has requested that we send you a link to change your password.
|
2
|
+
|
3
|
+
Here's the link:
|
4
|
+
<%= edit_user_password_url @user, :email => @user.email, :password => @user.crypted_password %>
|
5
|
+
|
6
|
+
If you didn't request this, no need to freak out, your password hasn't been changed. You can just ignore this email.
|
@@ -0,0 +1 @@
|
|
1
|
+
<%= new_user_confirmation_url :user_id => @user, :salt => @user.salt %>
|
@@ -0,0 +1,23 @@
|
|
1
|
+
<p>
|
2
|
+
Your password has been reset. Choose a new password below.
|
3
|
+
</p>
|
4
|
+
|
5
|
+
<%= error_messages_for :user %>
|
6
|
+
<% form_for(:user,
|
7
|
+
:url => user_password_path(
|
8
|
+
@user,
|
9
|
+
:email => @user.email,
|
10
|
+
:password => @user.crypted_password),
|
11
|
+
:html => { :method => :put }) do |form| %>
|
12
|
+
<div class="password_field">
|
13
|
+
<%= form.label :password, 'Choose password' %>
|
14
|
+
<%= form.password_field :password %>
|
15
|
+
</div>
|
16
|
+
<div class="password_field">
|
17
|
+
<%= form.label :password_confirmation, 'Verify password' %>
|
18
|
+
<%= form.password_field :password_confirmation %>
|
19
|
+
</div>
|
20
|
+
<div class="submit_field">
|
21
|
+
<%= form.submit 'Save this password' %>
|
22
|
+
</div>
|
23
|
+
<% end %>
|
@@ -0,0 +1,15 @@
|
|
1
|
+
<h2>Change your password</h2>
|
2
|
+
|
3
|
+
<p>
|
4
|
+
We will email you a link to change your password.
|
5
|
+
</p>
|
6
|
+
|
7
|
+
<% form_for :password, :url => passwords_path do |form| %>
|
8
|
+
<div class="text_field">
|
9
|
+
<%= form.label :email, 'Email address' %>
|
10
|
+
<%= form.text_field :email %>
|
11
|
+
</div>
|
12
|
+
<div class="submit_field">
|
13
|
+
<%= form.submit 'Reset password' %>
|
14
|
+
</div>
|
15
|
+
<% end %>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<% form_for :session, :url => session_path do |form| %>
|
2
|
+
<div class="text_field">
|
3
|
+
<%= form.label :email %>
|
4
|
+
<%= form.text_field :email %>
|
5
|
+
</div>
|
6
|
+
<div class="text_field">
|
7
|
+
<%= form.label :password %>
|
8
|
+
<%= form.password_field :password %>
|
9
|
+
</div>
|
10
|
+
<div class="text_field">
|
11
|
+
<%= form.check_box :remember_me %>
|
12
|
+
<%= form.label :remember_me %>
|
13
|
+
</div>
|
14
|
+
<div class="submit_field">
|
15
|
+
<%= form.submit 'Login', :disable_with => 'Please wait...' %>
|
16
|
+
</div>
|
17
|
+
<% end %>
|
18
|
+
|
19
|
+
<ul>
|
20
|
+
<li>
|
21
|
+
<%= link_to "Sign up", new_user_path %>
|
22
|
+
</li>
|
23
|
+
<li>
|
24
|
+
<%= link_to "Forgot My Password", new_password_path %>
|
25
|
+
</li>
|
26
|
+
</ul>
|