gravis-clearance 0.3.7

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2008 thoughtbot, inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.textile

@@ -0,0 +1,165 @@
+h1. Clearance
+
+Simple, complete Ruby web app authentication. 
+
+"We have clearance, Clarence.":http://www.youtube.com/v/mNRXJEE3Nz8
+
+h2. Gem installation (Rails 2.1+)
+
+In config/environments/test.rb:
+
+    config.gem 'mocha'
+    config.gem 'thoughtbot-shoulda',
+      :lib    => 'shoulda',
+      :source => "http://gems.github.com"
+    config.gem 'thoughtbot-factory_girl',
+      :lib    => 'factory_girl',
+      :source => "http://gems.github.com"
+
+In config/environment.rb:
+
+    config.gem "thoughtbot-clearance", :lib => 'clearance', :source => 'http://gems.github.com'
+
+Then:
+
+    rake gems:install
+    rake gems:unpack
+
+h2. Generator
+
+In a greenfield application, just run the generator:
+
+    script/generate clearance
+
+This will create:
+
+    app/controllers/confirmations_controller.rb
+    app/controllers/passwords_controller.rb
+    app/controllers/sessions_controller.rb
+    app/controllers/users_controller.rb
+    app/models/user.rb
+    app/models/user_mailer.rb
+    app/views/confirmations/new.html.erb
+    app/views/passwords/edit.html.erb
+    app/views/passwords/new.html.erb
+    app/views/sessions/new.html.erb
+    app/views/user_mailer/change_password.html.erb
+    app/views/user_mailer/confirmation.html.erb
+    app/views/users/_form.html.erb
+    app/views/users/edit.html.erb
+    app/views/users/new.html.erb
+    test/functional/confirmations_controller_test.rb
+    test/functional/passwords_controller_test.rb
+    test/functional/sessions_controller_test.rb
+    test/functional/users_controller_test.rb
+    test/unit/user_mailer_test.rb
+    test/unit/user_test.rb
+
+Add the corresponding Clearance module for any file(s) you don't want to override. They are namespaced exactly like the directory structure of a Rails app: 
+
+    app/models/user.rb already exists.
+    include Clearance::App::Models::User
+
+h2. Tests
+
+The tests use "Shoulda":http://thoughtbot.com/projects/shoulda >= 2.0.4 and "Factory Girl":http://thoughtbot.com/projects/factory_girl. You should create a User Factory:
+
+    Factory.sequence :email do |n|
+      "user#{n}@example.com"
+    end
+
+    Factory.define :user do |user|
+      user.email { Factory.next :email }
+      user.password "password"
+      user.password_confirmation "password"
+    end
+
+In test/test_helper.rb: 
+
+    class Test::Unit::TestCase
+      self.use_transactional_fixtures = true
+      self.use_instantiated_fixtures  = false
+      include Clearance::Test::TestHelper
+    end
+
+h2. Controllers
+
+In app/controllers/application_controller.rb:
+
+    class ApplicationController < ActionController::Base
+      helper :all
+      protect_from_forgery
+      include Clearance::App::Controllers::ApplicationController
+    end
+
+h2. Migration
+
+The generator will create a migration for you call @[timestamp]_create_users.rb@ in you @db/migrate@ directory. Please feel free to add field in the migrate before running @rake db:migrate@ .
+
+h2. Routes
+
+    map.resources :users
+    map.resource :session
+    map.resources :users, :has_one => :password
+    map.resources :users, :has_one => :confirmation
+    map.resources :passwords
+
+    map.register  '/register',  :controller => 'users',     :action => 'new'
+    map.login     '/login',     :controller => 'sessions',  :action => 'new'
+    map.logout    '/logout',    :controller => 'sessions',  :action => 'destroy'
+    
+
+h2. Environments
+
+In config/environments/test.rb and config/environments/development.rb:
+
+    HOST = "localhost"
+
+In config/environment.rb:
+
+    DO_NOT_REPLY = "donotreply@example.com"
+    PROJECT_NAME = "my_app_name"
+
+h2. Sessions Handling
+
+One identified (through new_session_path), the logged in user is available through the @current_user@ variable.
+Therefore, if you have a menu :
+
+    = link_to "Identification", new_session_url
+    |
+    = link_to "Inscription", new_user_url
+    
+You can test if the user has logged :
+
+    -if current_user
+        Welcome 
+        =link_to #{current_user.email}, logout_path
+    -else
+        = link_to "Identification", new_session_url
+        |
+        = link_to "Inscription", new_user_url
+
+h2. User account
+    
+Since User is a RESTful resource, you can use the current_user route directly :
+
+    -if current_user
+        Welcome 
+        =link_to current_user.email, current_user
+
+Be sure to implement an @edit@ action in your users controller.
+
+h2. Logout
+
+If you have used the routes above, you're created a direct route to logout :
+
+    =link_to "Click here to logout", logout_path
+
+h2. Authors
+
+* thoughtbot, inc.
+* Dan Croak
+* Jason Morrison
+* Mike Burns
+* Josh Nichols
+* Mike Breen

data/Rakefile

@@ -0,0 +1,46 @@
+require 'rake'
+require 'rake/testtask'
+ 
+test_files_pattern = 'test/rails_root/test/{unit,functional,other}/**/*_test.rb'
+template = ENV['template'] || 'erb'
+namespace :test do
+  Rake::TestTask.new(:all => 'generator:tests') do |t|
+    t.libs << 'lib'
+    t.pattern = test_files_pattern
+    t.verbose = false
+  end
+end
+
+namespace :generator do
+  desc "Run the generator on the tests"
+  task :tests do
+    FileList["generators/clearance/templates/**/*.*"].each do |f|
+      File.delete("test/rails_root/#{f.gsub("generators/clearance/templates/",'')}")
+    end
+    FileUtils.rm_r("test/rails_root/vendor/plugins/clearance")
+    system "mkdir -p test/rails_root/vendor/plugins/clearance"
+    system "cp -R generators test/rails_root/vendor/plugins/clearance"
+    system "cd test/rails_root && ./script/generate clearance"
+  end
+end
+
+desc "Run the test suite"
+task :default => 'test:all'
+
+spec = Gem::Specification.new do |s|
+  s.name = "clearance"
+  s.version = '0.3.7'
+  s.summary = "Simple, complete Rails authentication."
+  s.email = "support@thoughtbot.com"
+  s.homepage = "http://github.com/thoughtbot/clearance"
+  s.description = "Simple, complete Rails authentication scheme."
+  s.authors = ["thoughtbot, inc.", "Josh Nichols", "Mike Breen"]
+  s.files = FileList["[A-Z]*", "{generators,lib}/**/*"]
+end
+
+desc "Generate a gemspec file"
+task :gemspec do
+  File.open("#{spec.name}.gemspec", 'w') do |f|
+    f.write spec.to_yaml
+  end
+end

data/TODO.textile

@@ -0,0 +1,22 @@
+(highest priority first)
+
+# activation code (like restful-auth) instead of salt?
+# remove dependency on root_url?
+# generator should print out instructions to include modules existing files
+# check to make sure attr_accessible doesn't override and w/ attr_protected
+# move shoulda macros in test_helper to shoulda_macros folder
+# refactor Mailer default_url_options[:host] to something cleaner
+# application controller uses protected, all other controllers use private
+# add information about url_after_create to README or github wikis
+
+ideas to steal from merb-auth:
+
+# store current_user on the session, not controller
+# respond with 401 Unauthorized when request requires authentication 
+# respond with 405 Method Not Allowed when action requested isn’t allowed
+# 401 and 405 need to be in Exceptions controller or use safety_valve
+# email confirmation is a strategy
+# forgot password is a strategy
+# salted password is a strategy
+
+http://adam.speaksoutofturn.com/post/57615195/entication-vs-orization

data/generators/clearance/USAGE

@@ -0,0 +1 @@
+script/generate clearance

data/generators/clearance/clearance_generator.rb

@@ -0,0 +1,73 @@
+class ClearanceGenerator < Rails::Generator::NamedBase
+  
+  def manifest
+    record do |m|
+      m.directory File.join("app", "controllers")
+      ["app/controllers/application.rb",
+       "app/controllers/confirmations_controller.rb",
+       "app/controllers/passwords_controller.rb", 
+       "app/controllers/sessions_controller.rb", 
+       "app/controllers/users_controller.rb"].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "models")
+      ["app/models/user.rb",
+       "app/models/clearance_mailer.rb"].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "views")
+      m.directory File.join("app", "views", "confirmations")
+      ["app/views/confirmations/new.html."+ file_name].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "views", "passwords")
+      ["app/views/passwords/new.html." + file_name,
+       "app/views/passwords/edit.html." + file_name].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "views", "sessions")
+      ["app/views/sessions/new.html." + file_name].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "views", "user_mailer")
+      ["app/views/clearance_mailer/change_password.html." + file_name,
+       "app/views/clearance_mailer/confirmation.html." + file_name].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("app", "views", "users")
+      ["app/views/users/_form.html." + file_name,
+       "app/views/users/edit.html." + file_name,
+       "app/views/users/new.html." + file_name].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("test", "functional")
+      ["test/functional/confirmations_controller_test.rb",
+       "test/functional/passwords_controller_test.rb",
+       "test/functional/sessions_controller_test.rb",
+       "test/functional/users_controller_test.rb"].each do |file|
+        m.file file, file
+      end
+      
+      m.directory File.join("test", "unit")
+      ["test/unit/clearance_mailer_test.rb",
+       "test/unit/user_test.rb"].each do |file|
+        m.file file, file
+      end
+      
+      ["test/factories.rb"].each do |file|
+        m.file file, file
+      end
+      
+      m.migration_template 'migration/migration.rb', "db/migrate", :migration_name => "CreateUsers", :migration_file_name => "create_users"
+             
+    end
+  end
+  
+end

data/generators/clearance/templates/app/controllers/application.rb

@@ -0,0 +1,5 @@
+class ApplicationController < ActionController::Base
+  helper :all
+  protect_from_forgery
+  include Clearance::App::Controllers::ApplicationController
+end

data/generators/clearance/templates/app/controllers/confirmations_controller.rb

@@ -0,0 +1,3 @@
+class ConfirmationsController < ApplicationController
+  include Clearance::App::Controllers::ConfirmationsController
+end

data/generators/clearance/templates/app/controllers/passwords_controller.rb

@@ -0,0 +1,3 @@
+class PasswordsController < ApplicationController
+  include Clearance::App::Controllers::PasswordsController
+end

data/generators/clearance/templates/app/controllers/sessions_controller.rb

@@ -0,0 +1,3 @@
+class SessionsController < ApplicationController
+  include Clearance::App::Controllers::SessionsController
+end

data/generators/clearance/templates/app/controllers/users_controller.rb

@@ -0,0 +1,3 @@
+class UsersController < ApplicationController
+  include Clearance::App::Controllers::UsersController
+end

data/generators/clearance/templates/app/models/clearance_mailer.rb

@@ -0,0 +1,5 @@
+class ClearanceMailer < ActionMailer::Base
+  default_url_options[:host] = HOST
+  
+  include Clearance::App::Models::ClearanceMailer
+end

data/generators/clearance/templates/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include Clearance::App::Models::User
+end

data/generators/clearance/templates/app/views/clearance_mailer/change_password.html.erb

@@ -0,0 +1,6 @@
+Someone, hopefully you, has requested that we send you a link to change your password.
+
+Here's the link:
+<%= edit_user_password_url @user, :email => @user.email, :password => @user.crypted_password %>
+
+If you didn't request this, no need to freak out, your password hasn't been changed.  You can just ignore this email.

data/generators/clearance/templates/app/views/clearance_mailer/confirmation.html.erb

@@ -0,0 +1 @@
+<%= new_user_confirmation_url :user_id => @user, :salt => @user.salt %>

data/generators/clearance/templates/app/views/confirmations/new.html.erb

@@ -0,0 +1,6 @@
+<% form_for :user, :url => user_confirmation_path(:user_id => @user,
+                                                  :salt => @user.salt) do |form| %>
+  <div class="submit_field">
+    <%= form.submit 'Confirm' %>
+  </div>
+<% end %>

data/generators/clearance/templates/app/views/passwords/edit.html.erb

@@ -0,0 +1,23 @@
+<p>
+  Your password has been reset. Choose a new password below.
+</p>
+
+<%= error_messages_for :user %>
+<% form_for(:user,
+            :url => user_password_path(
+              @user,
+              :email => @user.email,
+              :password => @user.crypted_password),
+            :html => { :method => :put }) do |form| %>
+  <div class="password_field">
+    <%= form.label :password, 'Choose password' %>
+    <%= form.password_field :password %>
+  </div>
+  <div class="password_field">
+    <%= form.label :password_confirmation, 'Verify password' %>
+    <%= form.password_field :password_confirmation %>
+  </div>
+  <div class="submit_field">
+    <%= form.submit 'Save this password' %>
+  </div>
+<% end %>

data/generators/clearance/templates/app/views/passwords/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Change your password</h2>
+
+<p>
+  We will email you a link to change your password.
+</p>
+
+<% form_for :password, :url => passwords_path do |form| %>
+  <div class="text_field">
+    <%= form.label :email, 'Email address' %>
+    <%= form.text_field :email %>
+  </div>
+  <div class="submit_field">
+    <%= form.submit 'Reset password' %>
+  </div>
+<% end %>

data/generators/clearance/templates/app/views/sessions/new.html.erb

@@ -0,0 +1,26 @@
+<% form_for :session, :url => session_path do |form| %>
+  <div class="text_field">
+    <%= form.label :email %>
+    <%= form.text_field :email %>  
+  </div>
+  <div class="text_field">
+    <%= form.label :password %>
+    <%= form.password_field :password %>
+  </div>
+  <div class="text_field">
+    <%= form.check_box :remember_me %>
+    <%= form.label :remember_me %>
+  </div>
+  <div class="submit_field">
+    <%= form.submit 'Login', :disable_with => 'Please wait...' %>
+  </div>
+<% end %>
+
+<ul>
+  <li>
+    <%= link_to "Sign up", new_user_path %>
+  </li>
+  <li>
+    <%= link_to "Forgot My Password", new_password_path %>
+  </li>
+</ul>