innetra-easy_authentication 0.1.0

data/Rakefile

@@ -0,0 +1,14 @@
+require 'rubygems'
+require 'rake'
+require 'echoe'
+
+Echoe.new('easy_authentication', '0.1.0') do |e|
+  e.description    = "Easy Role Authentication for Ruby on Rails 2.2 (i18n)"
+  e.url            = "http://github.com/innetra/easy_role_authentication"
+  e.author         = "Ivan Torres"
+  e.email          = "mexpolk@gmail.com"
+  e.ignore_pattern = ["tmp/*", "script/*"]
+  e.development_dependencies = []
+end
+
+Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].each { |f| load f }

data/easy_authentication.gemspec

@@ -0,0 +1,32 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{easy_authentication}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Ivan Torres"]
+  s.date = %q{2009-01-17}
+  s.description = %q{Easy Role Authentication for Ruby on Rails 2.2 (i18n)}
+  s.email = %q{mexpolk@gmail.com}
+  s.extra_rdoc_files = ["tasks/sysadmin.rake", "tasks/rights.rake", "lib/user_methods.rb", "lib/password_authentication.rb", "lib/helper_methods.rb", "lib/controller_methods.rb", "lib/cookie_authentication.rb"]
+  s.files = ["easy_authentication.gemspec", "Manifest", "tasks/sysadmin.rake", "tasks/rights.rake", "generators/easy_authentication/templates/stylesheets/users.css", "generators/easy_authentication/templates/stylesheets/login.css", "generators/easy_authentication/templates/stylesheets/roles.css", "generators/easy_authentication/templates/stylesheets/default.css", "generators/easy_authentication/templates/helpers/shadowbox_helper.rb", "generators/easy_authentication/templates/helpers/form_helper.rb", "generators/easy_authentication/templates/migrations/easy_authentication.rb", "generators/easy_authentication/templates/views/user_roles/edit.html.erb", "generators/easy_authentication/templates/views/user_password/edit.html.erb", "generators/easy_authentication/templates/views/user_password/reset_password.html.erb", "generators/easy_authentication/templates/views/user_password/forgot_password.html.erb", "generators/easy_authentication/templates/views/sessions/new.html.erb", "generators/easy_authentication/templates/views/users/index.html.erb", "generators/easy_authentication/templates/views/users/show.html.erb", "generators/easy_authentication/templates/views/users/_user.html.erb", "generators/easy_authentication/templates/views/users/edit.html.erb", "generators/easy_authentication/templates/views/users/new.html.erb", "generators/easy_authentication/templates/views/users/_form.html.erb", "generators/easy_authentication/templates/views/roles/index.html.erb", "generators/easy_authentication/templates/views/roles/show.html.erb", "generators/easy_authentication/templates/views/roles/edit.html.erb", "generators/easy_authentication/templates/views/roles/new.html.erb", "generators/easy_authentication/templates/views/roles/_form.html.erb", "generators/easy_authentication/templates/site_keys.rb", "generators/easy_authentication/templates/models/user_mailer.rb", "generators/easy_authentication/templates/models/right.rb", "generators/easy_authentication/templates/models/user.rb", "generators/easy_authentication/templates/models/role.rb", "generators/easy_authentication/templates/controllers/user_roles_controller.rb", "generators/easy_authentication/templates/controllers/sessions_controller.rb", "generators/easy_authentication/templates/controllers/roles_controller.rb", "generators/easy_authentication/templates/controllers/user_password_controller.rb", "generators/easy_authentication/templates/controllers/users_controller.rb", "generators/easy_authentication/templates/locales/en.easy_authentication.yml", "generators/easy_authentication/templates/locales/es-MX.easy_authentication.yml", "generators/easy_authentication/templates/layouts/easy_authentication_login.erb", "generators/easy_authentication/templates/layouts/easy_authentication.erb", "generators/easy_authentication/easy_authentication_generator.rb", "test/test_helper.rb", "test/easy_authentication_test.rb", "Rakefile", "init.rb", "lib/user_methods.rb", "lib/password_authentication.rb", "lib/helper_methods.rb", "lib/controller_methods.rb", "lib/cookie_authentication.rb"]
+  s.has_rdoc = true
+  s.homepage = %q{http://github.com/innetra/easy_role_authentication}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Easy_authentication"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{easy_authentication}
+  s.rubygems_version = %q{1.3.1}
+  s.summary = %q{Easy Role Authentication for Ruby on Rails 2.2 (i18n)}
+  s.test_files = ["test/test_helper.rb", "test/easy_authentication_test.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/generators/easy_authentication/easy_authentication_generator.rb

@@ -0,0 +1,163 @@
+require "digest/sha1"
+class EasyAuthenticationGenerator < Rails::Generator::Base
+
+  default_options :skip_layout => false, :skip_migrations => false,
+    :skip_routes => false
+
+  def manifest
+    record do |m|
+
+      # Controllers
+      controllers.each do |controller_name|
+        m.template "controllers/#{controller_name}_controller.rb",
+          File.join("app/controllers", "#{controller_name}_controller.rb")
+        m.directory(File.join("app/views", controller_name))
+      end
+
+      # Helpers
+      helpers.each do |helper_name|
+        m.template "helpers/#{helper_name}_helper.rb",
+          File.join("app/helpers", "#{helper_name}_helper.rb")
+      end
+
+      # Views
+      views.each do |view_name|
+        m.template "views/#{view_name}.html.erb",
+          File.join("app/views", "#{view_name}.html.erb")
+      end
+
+      # EasyAuthentication Layouts
+      unless options[:skip_layouts]
+        # Only if layout creation is needed.
+        m.template "layouts/easy_authentication.erb",
+          File.join("app/views/layouts", "easy_authentication.erb")
+      end
+      m.template "layouts/easy_authentication_login.erb",
+        File.join("app/views/layouts", "easy_authentication_login.erb")
+
+      # Stylesheets
+      unless options[:skip_css]
+        m.directory("public/stylesheets/easy_authentication")
+        stylesheets.each do |stylesheet_name|
+          m.template "stylesheets/#{stylesheet_name}.css",
+            File.join("public/stylesheets/easy_authentication", "#{stylesheet_name}.css")
+        end
+      end
+
+      # Models
+      models.each do |model_name|
+        m.template "models/#{model_name}.rb",
+          File.join("app/models", "#{model_name}.rb")
+      end
+
+      # Site Keys
+      unless defined? AUTH_SITE_KEY
+        m.template "site_keys.rb", "config/initializers/site_keys.rb",
+          :assigns => {
+            :auth_site_key => make_token,
+            :auth_digest_stretches => 10
+          }
+      end
+
+      # Locales
+      m.template "locales/en.easy_authentication.yml",
+        "config/locales/en.easy_authentication.yml"
+      m.template "locales/es-MX.easy_authentication.yml",
+        "config/locales/es-MX.easy_authentication.yml"
+
+      # Necessary Routes
+      unless options[:skip_routes]
+        generate_routes
+      end
+
+      # Migrations
+      unless options[:skip_migrations]
+        m.migration_template "migrations/easy_authentication.rb", "db/migrate",
+          :migration_file_name => "create_easy_authentication"
+      end
+
+    end
+  end
+
+  protected
+
+    def secure_digest(*args)
+      Digest::SHA1.hexdigest(args.flatten.join("--"))
+    end
+
+    def make_token
+      secure_digest(Time.now, (1..10).map{ rand.to_s })
+    end
+
+    def controllers
+      %w[ roles sessions user_roles users user_password ]
+    end
+
+    def helpers
+      %w[ form shadowbox ]
+    end
+
+    def views
+      %w[ roles/edit roles/_form roles/index roles/new roles/show sessions/new
+        user_roles/edit users/edit users/index users/new users/show users/_user
+        users/_form user_password/edit user_password/forgot_password
+        user_password/reset_password ]
+    end
+
+    def stylesheets
+      %w[ default login roles users ]
+    end
+
+    def models
+      %w[ right role user ]
+    end
+
+    def banner
+      "Usage: #{$0} easy_authentication"
+    end
+
+    def add_options!(opt)
+      opt.separator ""
+      opt.separator "Options:"
+      opt.on("--skip-layout",
+        "Don't generate the authentication layout for views (I'll user my own)") { |v| options[:skip_layout] = v }
+      opt.on("--skip-migrations",
+        "Don't generate migrations") { |v| options[:skip_migrations] = v }
+      opt.on("--skip-routes",
+        "Don't map resources in routes file") { |v| options[:skip_routes] = v }
+    end
+
+    def gsub_file(relative_destination, regexp, *args, &block)
+      path = destination_path(relative_destination)
+      content = File.read(path).gsub(regexp, *args, &block)
+      File.open(path, 'wb') { |file| file.write(content) }
+    end
+
+    def generate_routes
+      sentinel = 'ActionController::Routing::Routes.draw do |map|'
+
+      # Do not change indentation in this method!!!
+      gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+        %{#{match}\n
+  # Easy Authentication
+  map.login "/login", :controller => "sessions", :action => "new"
+  map.logout "/logout", :controller => "sessions", :action => "destroy"
+  map.forgot_password "/forgot_password", :controller => "user_password",
+    :action => "forgot_password"
+  map.reset_password "/reset_password/:login/:token",
+    :controller => "user_password", :action => "reset_password", :method => "get"
+  map.reset_password "/reset_password",
+    :controller => "user_password", :action => "update_password", :method => "post"
+  map.change_password "/change_password", :controller => "user_password",
+    :action => "edit"
+
+  map.resources :roles
+  map.resources :sessions, :only => [:create]
+  map.resources :users
+  map.resources :user_roles, :only => [:edit, :update]
+  map.resources :user_password, :only => [:edit, :update]
+  # Easy Authentication
+        }
+      end
+    end
+end

data/generators/easy_authentication/templates/controllers/roles_controller.rb

@@ -0,0 +1,79 @@
+class RolesController < ApplicationController
+
+<% unless options[:skip_layout] -%>
+  layout "easy_authentication"
+<% end -%>
+
+  before_filter :fetch_right_groups, :only => [:new, :edit]
+
+  def index
+    @roles = Role.all
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.xml  { render :xml => @roles }
+    end
+  end
+
+  def new
+    @role = Role.new
+
+    respond_to do |format|
+      format.html # new.html.erb
+      format.xml  { render :xml => @role }
+    end
+  end
+
+  def create
+    params[:role][:right_ids] ||= []
+    @role = Role.new(params[:role])
+
+    respond_to do |format|
+      if @role.save
+        flash[:notice] = t("roles.flash.create")
+        format.html { redirect_to(@role) }
+        format.xml  { render :xml => @role, :status => :created, :location => @role }
+      else
+        format.html { render :action => "new" }
+        format.xml  { render :xml => @role.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  def show
+    @role = Role.find_by_id(params[:id])
+    @right_groups = @role.rights.all(:order => "controller_name, action_name").group_by { |p| p.controller_name }
+
+    respond_to do |format|
+      format.html # show.html.erb
+      format.xml  { render :xml => @role }
+    end
+  end
+
+  def edit
+    @role = Role.find_by_id(params[:id])
+  end
+
+  def update
+    @role = Role.find_by_id(params[:id])
+
+    respond_to do |format|
+      if @role.update_attributes(params[:role])
+        flash[:notice] = t("roles.flash.update")
+        format.html { redirect_to(@role) }
+        format.xml  { head :ok }
+      else
+        @right_groups = Right.all(:order => "controller_name, action_name").group_by { |p| p.controller_name }
+        format.html { render :action => "edit" }
+        format.xml  { render :xml => @role.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  protected
+
+  def fetch_right_groups
+    @right_groups = Right.all(:order => "controller_name, action_name").group_by { |p| p.controller_name }
+  end
+
+end

data/generators/easy_authentication/templates/controllers/sessions_controller.rb

@@ -0,0 +1,44 @@
+class SessionsController < ApplicationController
+
+  layout "easy_authentication_login"
+
+  skip_before_filter :login_required, :only => [:new, :create]
+
+  def new
+  end
+
+  def create
+    logout_keeping_session!
+    user = User.authenticate(params[:login], params[:password])
+    if user
+      # Protects against session fixation attacks, causes request forgery
+      # protection if user resubmits an earlier form using back
+      # button. Uncomment if you understand the tradeoffs.
+      # reset_session
+      self.current_user = user
+      new_cookie_flag = (params[:remember_me] == "1")
+      handle_remember_cookie! new_cookie_flag
+      redirect_back_or_default('/')
+      flash[:notice] = t("sessions.flash.login", :full_name => user.full_name)
+    else
+      note_failed_signin
+      @login       = params[:login]
+      @remember_me = params[:remember_me]
+      render :action => 'new'
+    end
+  end
+
+  def destroy
+    logout_killing_session!
+    flash[:notice] = t("sessions.flash.logout")
+    redirect_back_or_default('/')
+  end
+
+protected
+  # Track failed login attempts
+  def note_failed_signin
+    flash[:error] = t("sessions.flash.error")
+    logger.warn "Failed login for '#{params[:login]}' from #{request.remote_ip} at #{Time.now.utc}"
+  end
+
+end

data/generators/easy_authentication/templates/controllers/user_password_controller.rb

@@ -0,0 +1,82 @@
+class UserPasswordController < ApplicationController
+
+<% unless options[:skip_layout] -%>
+  layout "easy_authentication", :only => [ :edit, :update ]
+<% end -%>
+
+  skip_before_filter :login_required, :except => [ :edit, :update ]
+
+  def edit
+    @user = User.find_by_login(params[:id])
+  end
+
+  def update
+    @user = User.find_by_login(params[:id])
+
+    respond_to do |format|
+      if @user.authenticated?(params[:user][:current_password])
+        if @user.update_attributes(params[:user])
+          flash[:notice] = t("user_password.edit.flash.update")
+          format.html { redirect_to(home_url) }
+          format.xml  { head :ok }
+        else
+          format.html { render :action => "edit" }
+          format.xml  { render :xml => @user.errors,
+              :status => :unprocessable_entity }
+        end
+      else
+        flash[:error] = t("user_password.edit.flash.update_error")
+        format.html { render :action => "edit" }
+        format.xml  { render :xml => @user.errors,
+              :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  def forgot_password
+    respond_to do |format|
+      format.html { render :layout => "easy_authentication_login" }
+    end
+  end
+
+  def send_password_token
+
+    if User.reset_password(params[:login])
+      flash[:notice] = t("user_password.send_password_token.flash.sent")
+    else
+      flash[:error] = t("user_password.send_password_token.flash.error")
+    end
+
+    respond_to do |format|
+      format.html { redirect_to(login_url) }
+    end
+
+  end
+
+  def reset_password
+    respond_to do |format|
+      if @user = User.find_by_login_and_password_reset_token(params[:login], params[:token])
+        format.html { render :layout => "easy_authentication_login" }
+      else
+        flash[:error] = t("user_password.reset_password.flash.invalid_token")
+        format.html { redirect_to(login_url) }
+      end
+    end
+  end
+
+  def update_password
+    @user = User.find_by_login_and_password_reset_token(params[:user][:login], params[:user][:password_reset_token])
+    params[:user][:password_reset_token] = nil
+
+    respond_to do |format|
+      if @user.update_attributes(params[:user])
+        format.html { redirect_to(login_url) }
+      else
+        flash[:error] = t("user_password.reset_password.flash.invalid_token")
+        logger.info @user.errors.inspect
+        format.html { render :action => "reset_password" }
+      end
+    end
+  end
+
+end

data/generators/easy_authentication/templates/controllers/user_roles_controller.rb

@@ -0,0 +1,34 @@
+class UserRolesController < ApplicationController
+
+<% unless options[:skip_layout] -%>
+  layout "easy_authentication"
+<% end -%>
+
+  before_filter :load_roles
+
+  def edit
+    @user = User.find_by_login(params[:id])
+  end
+
+  def update
+    @user = User.find_by_login(params[:id])
+
+    respond_to do |format|
+      if @user.update_attributes(params[:user])
+        flash[:notice] = t("user_roles.flash.update")
+        format.html { redirect_to(user_url(@user)) }
+        format.xml  { head :ok }
+      else
+        format.html { render :action => "edit" }
+        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+
+  protected
+
+    def load_roles
+      @roles = Role.all
+    end
+
+end