janus 0.7.0 → 0.8.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: db69af223011b34004ed7c3b3d3b0b94d1c143ae
+  data.tar.gz: 4648e6814dc5578a272ca63d93d021e7d6753e8c
+SHA512:
+  metadata.gz: 0ab6bbc22c50eff38c2162aecad2ce3db7a1ba8a21c17cc06a1cb0a96b554bb2322626747176b294a92efd10a0569f7d269244e09a0df6d6a2bbf8ce7dc38d62
+  data.tar.gz: 23e1f598b215370df21ae5b3e20e10ababf958c275364a717e060f228fa2192f66abe2a0cab981fc63f60b5778403f954da1841a78a25003547458775bfe0927

checksums.yaml.gz.sig

@@ -0,0 +1,2 @@
+�����\5�r_�,!<}w�S��@4�\���3��:�u��{�%�.y�!(��
����
+�� @?�sV�O =M�=;	E„�XT��d�Ė��5r��B�]N���cS|�K��V�0�NZ$�������y;q'r�Q��9�|�b%�/˾���mdž��7�cOи�u�o����yFb����m=��N��se�w_|�t�:��𒲰'PEb����a�
	��?A�$��#�t5�j�^.WA���[�

data.tar.gz.sig

@@ -0,0 +1,3 @@
+ȮA��$ݷ��qQ�F�w�����[�Rtb�巤�a�}\�ښ�bF����m��g�GM����漯nuLɋ�+��WL�qD�ĆW��9�m�*?�
+���>��x#��F�30|M���nYi���ϑ�3�/Ӥ#U=�}�*�
+E�ԗ <��B�

data/.gitignore

@@ -0,0 +1,4 @@
+doc/
+pkg/
+*.swp
+gemfiles/*.lock

data/.travis.yml

@@ -0,0 +1,18 @@
+language: ruby
+script: bundle exec rake test
+
+rvm:
+  - 1.9.3
+  - 2.0.0
+  - 2.1.0
+
+gemfile:
+  - Gemfile
+  - gemfiles/Gemfile.rails-4.0-stable
+  - gemfiles/Gemfile.rails-3.2-stable
+  - gemfiles/Gemfile.rails-head
+
+matrix:
+  allow_failures:
+    - gemfile: gemfiles/Gemfile.rails-head
+

data/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Julien Portalier
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -13,7 +13,7 @@ being sent from the controllers and never from the models.
 
 - full auth system with strategies and hooks;
 - scoped auth for parallel authentications (like +users+, +admin_users+, etc.);
-- abstract controllers ready to use;
+- abstract controllers and mailer ready to use;
 - generators to have everything generated automatically;
 - use only what you need at anytime.
 
@@ -23,6 +23,8 @@ As for the strategies and hooks:
   to auth users with passwords (plus registration and password reset);
 - {RemoteAuthenticatable}[http://rdoc.info/github/ysbaddaden/janus/Janus/Models/RemoteAuthenticatable]
   to keep users signed in across top level domains;
+- {TokenAuthenticatable}[http://rdoc.info/github/ysbaddaden/janus/Janus/Models/TokenAuthenticatable]
+  to auth users with unique tokens;
 - {Confirmable}[http://rdoc.info/github/ysbaddaden/janus/Janus/Models/RemoteAuthenticatable]
   to have users confirm their emails upon registration;
 - {Rememberable}[http://rdoc.info/github/ysbaddaden/janus/Janus/Models/Rememberable]
@@ -77,14 +79,11 @@ Here is the list of all the current strategies:
 - +password+     — reset password (using an email exchanged token)
 - +track+        — track current and previous user's sign in date and IP
 - +remote+       — keeps users signed in different top level domains
-
+- +token+        — get users signed in (with an unique token)
 
 == TODO
 
-- Differenciate mailers per resource, by looking for User::Mailer or AdminUser::Mailer classes.
 - Reconfirmable when email changes.
-- Simple configuration to use scrypt instead of bcrypt for password encryption.
-- TokenAuthenticatable strategy.
 - Rememberable across top level domains.
 - Omniauthable (or shall we let the user do it himself?)
 - Providing an OAuth 1.0 service whould be cool.

data/Rakefile

@@ -0,0 +1,22 @@
+require 'rake'
+require 'rake/testtask'
+require 'rdoc/task'
+
+task :default => :test
+
+desc 'Test the Janus rack middleware.'
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  #t.pattern = 'test/{unit,functional,integration,generators}/**/*_test.rb'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = true
+end
+
+Rake::RDocTask.new do |rdoc|
+  rdoc.title = "Janus"
+  rdoc.main = "README.rdoc"
+  rdoc.rdoc_dir = "doc"
+  rdoc.rdoc_files.include("README.rdoc", "lib/**/*.rb")
+  rdoc.options << "--charset=utf-8"
+end
+

data/VERSION

@@ -0,0 +1 @@
+0.8.0

data/certs/ysbaddaden.pem

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAmCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBBMQ8wDQYDVQQDDAZqdWxp
+ZW4xGTAXBgoJkiaJk/IsZAEZFglwb3J0YWxpZXIxEzARBgoJkiaJk/IsZAEZFgNj
+b20wHhcNMTQwMTE0MjIzMTQ4WhcNMTUwMTE0MjIzMTQ4WjBBMQ8wDQYDVQQDDAZq
+dWxpZW4xGTAXBgoJkiaJk/IsZAEZFglwb3J0YWxpZXIxEzARBgoJkiaJk/IsZAEZ
+FgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpxWuWRJXEz2+p
+2EW4NOPzkKloRLWoj+WQnqhQKT46GbH3ToDId8AMELTDIKpTQFiG2ty6D7S4IBFv
+7ceFKNk/EJc17mSYE1DzrtItor2/eeGC1zeNfvLjyDtyHKyKUZ891C1D0so5coUx
+2YbDW5npFkJkPaA5GneH7DFaCoIFLrD7ekbzaZAjlH+EH2fhd1XLhSsPEIiE+OnD
+ilWnsPoRJAZwQOiVAtvh7xuc+29uSNndIIm2rU00SxbJnzsAq9ZddwPpMU/UcQpD
+4gCBCaNGzrLz4+upQdYEOuggM7rR3P934qfhIwb+aRGglqdNunmUrdCuhsGXrxq2
+FvqwDvFZAgMBAAGjezB5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0GA1UdDgQW
+BBQoESDCnNz3LmbpUzOrGeXOpk9sqjAfBgNVHREEGDAWgRRqdWxpZW5AcG9ydGFs
+aWVyLmNvbTAfBgNVHRIEGDAWgRRqdWxpZW5AcG9ydGFsaWVyLmNvbTANBgkqhkiG
+9w0BAQUFAAOCAQEAML4w0F/VF0gi5JqMqYSO05TakAauG8jQX0hov5H8M0Xhl79G
+BdUllH0QEw0cP6J2g46zAk0FGHIGthx0OKKi5YMYTs/KPqOVIAcJslt2sGIC1Ukm
+wpOWIg1XMe68+JVTktBKcBFAvc0pLtty1TgdSd2wr7KQgfmBU9I8G6AoPYhJOhkG
+SHTTSX3ms2/XePuSnyOfir/AQC7U0NalnKLNdwY9gkEdNwiTf5Ga/lZVDQ607bow
+KVqCN//9bevjMk5OiMi9X3Wu/GtVWDwC6OTWFWKd54KgbuWlakO8LC1SMmStnCIF
+W4qpyMWMZMcB4ZN/0mUVzY5xwrislBtsmQVUSw==
+-----END CERTIFICATE-----

data/janus.gemspec

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/janus/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Julien Portalier"]
+  gem.email         = ["julien@portalier.com"]
+  gem.description   = gem.summary = "Authentication engine for Ruby on Rails"
+  gem.homepage      = "http://github.com/ysbaddaden/janus"
+  gem.license       = "MIT"
+
+  gem.files         = `git ls-files | grep -Ev '^(Gemfile|gemfiles|test)'`.split("\n")
+  gem.test_files    = `git ls-files -- test/*`.split("\n")
+  gem.name          = "janus"
+  gem.require_paths = ["lib"]
+  gem.version       = Janus::VERSION::STRING
+
+  gem.cert_chain    = ['certs/ysbaddaden.pem']
+  gem.signing_key   = File.expand_path('~/.ssh/gem-private_key.pem') if $0 =~ /gem\z/
+
+  gem.add_dependency 'addressable'
+
+  gem.add_development_dependency 'rails', '>= 3.0.0'
+  gem.add_development_dependency 'sqlite3'
+  gem.add_development_dependency 'bcrypt-ruby'
+  gem.add_development_dependency 'scrypt'
+  gem.add_development_dependency 'minitest'
+  gem.add_development_dependency 'capybara'
+end

data/lib/generators/janus/resource_generator.rb

@@ -17,16 +17,17 @@ module Janus
         attributes += %w{reset_password_token:string:uniq reset_password_sent_at:datetime} if strategies.include?('password')
         attributes += %w{session_token:string:uniq} if strategies.include?('remote')
         attributes += %w{sign_in_count:integer last_sign_in_at:datetime last_sign_in_ip:string current_sign_in_at:datetime current_sign_in_ip:string} if strategies.include?('track')
+        attributes += %w{authentication_token:string:uniq authentication_token_created_at:datetime} if strategies.include?('token')
         generate('model', attributes.join(' '))
 
         modules = [
-          "  include Janus::Models::Base",
           "  include Janus::Models::DatabaseAuthenticatable",
         ]
         modules << "  include Janus::Models::Rememberable" if strategies.include?('remember')
         modules << "  include Janus::Models::Confirmable" if strategies.include?('confirmation')
         modules << "  include Janus::Models::Trackable" if strategies.include?('track')
         modules << "  include Janus::Models::RemoteAuthenticatable" if strategies.include?('remote')
+        modules << "  include Janus::Models::TokenAuthenticatable" if strategies.include?('token')
         inject_into_class "app/models/#{singular_name}.rb", class_name, modules.join("\n") + "\n"
       end
 
@@ -51,6 +52,21 @@ module Janus
         end
       end
 
+      def create_mailer
+        return unless strategies.include?('registration') or strategies.include?('confirmation') or strategies.include?('password')
+        template 'mailer.rb', "app/mailers/#{singular_name}_mailer.rb"
+
+        if strategies.include?('confirmation')
+          template 'mailer/confirmation_instructions.html.erb', "app/views/#{singular_name}_mailer/confirmation_instructions.html.erb"
+          template 'mailer/confirmation_instructions.text.erb', "app/views/#{singular_name}_mailer/confirmation_instructions.text.erb"
+        end
+
+        if strategies.include?('password')
+          template 'mailer/reset_password_instructions.html.erb', "app/views/#{singular_name}_mailer/reset_password_instructions.html.erb"
+          template 'mailer/reset_password_instructions.text.erb', "app/views/#{singular_name}_mailer/reset_password_instructions.text.erb"
+        end
+      end
+
       def add_janus_route
         route "janus :#{plural_name}, " + controllers.map { |ctrl| ":#{ctrl} => true" }.join(', ')
       end

data/lib/generators/templates/janus.rb

@@ -2,14 +2,14 @@ Janus.config do |config|
   config.contact_email = "contact@some-example-domain.com"
 
   # DatabaseAuthenticatable
-  config.authentication_keys = [ :email ]
+  config.authentication_keys = [:email]
 
-  # you may use bcrypt:
+  # bcrypt:
   config.encryptor = :bcrypt
-  config.stretches = 10
+  config.stretches = Rails.env.test? ? 1 : 10
   config.pepper = <%= SecureRandom.hex(64).inspect %>
 
-  # or you prefer scrypt:
+  # scrypt:
   # config.encryptor = :scrypt
   # config.scrypt_options = { :max_time => 0.25 }
 
@@ -21,5 +21,9 @@ Janus.config do |config|
   # config.extend_remember_period = false
 
   # RemoteAuthenticatable
-  # config.remote_authentication_key = :auth_token
+  # config.remote_authentication_key = :remote_token
+
+  # TokenAuthenticatable
+  # config.token_authentication_key = :auth_token
+  # self.reusable_authentication_token = true
 end

data/lib/generators/templates/mailer.rb

@@ -0,0 +1,3 @@
+class <%= class_name %>Mailer < Janus::Mailer
+  default from: 'me@example.com'
+end

data/lib/generators/templates/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,7 @@
+<p><%%= t('janus.mailer.hello') %><p>
+
+<p><%%= t('janus.mailer.confirmation_instructions.confirm') %></p>
+
+<p><%%= link_to t('janus.mailer.confirmation_instructions.confirm_my_account'),
+  <%= singular_name %>_confirmation_url(@<%= class_name %>.confirmation_key => @<%= singular_name %>.confirmation_token) %></p>
+

data/lib/generators/templates/mailer/confirmation_instructions.text.erb

@@ -0,0 +1,7 @@
+<%%= t('janus.mailer.hello') %>
+
+<%%= t('janus.mailer.confirmation_instructions.confirm') %>
+
+<%%= link_to t('janus.mailer.confirmation_instructions.confirm_my_account'),
+  <%= singular_name %>_confirmation_url(@<%= class_name %>.confirmation_key => @<%= singular_name %>.confirmation_token) %>
+

data/lib/generators/templates/mailer/reset_password_instructions.html.erb

@@ -0,0 +1,9 @@
+<p><%%= t('janus.mailer.hello') %><p>
+
+<p><%%= t('janus.mailer.reset_password_instructions.infos') %></p>
+
+<p><%%= link_to t('janus.mailer.reset_password_instructions.change_password_link'),
+  edit_<%= singular_name %>_password_url(:token => @<%= singular_name %>.reset_password_token) %></p>
+
+<p><%%= t('janus.mailer.reset_password_instructions.please_ignore_your_password_wont_change') %></p>
+

data/lib/generators/templates/mailer/reset_password_instructions.text.erb

@@ -0,0 +1,7 @@
+<%%= t('janus.mailer.hello') %>
+
+<%%= t('janus.mailer.reset_password_instructions.infos') %>
+<%%= edit_<%= singular_name %>_password_url(:token => @<%= singular_name %>.reset_password_token) %>
+
+<%%= t('janus.mailer.reset_password_instructions.please_ignore_your_password_wont_change') %>
+

data/lib/janus.rb

@@ -1,4 +1,5 @@
 require 'active_support/core_ext/class'
+require 'janus/version'
 require 'janus/config'
 require 'janus/hooks'
 require 'janus/strategies'
@@ -25,12 +26,14 @@ module Janus
     autoload :RemoteAuthenticatable,   'janus/models/remote_authenticatable'
     autoload :RemoteToken,             'janus/models/remote_token'
     autoload :Trackable,               'janus/models/trackable'
+    autoload :TokenAuthenticatable,    'janus/models/token_authenticatable'
   end
 
   module Strategies
     autoload :Base,                    'janus/strategies/base'
     autoload :Rememberable,            'janus/strategies/rememberable'
     autoload :RemoteAuthenticatable,   'janus/strategies/remote_authenticatable'
+    autoload :TokenAuthenticatable,    'janus/strategies/token_authenticatable'
   end
 
   def self.scope_for(user_or_scope)

data/lib/janus/config.rb

@@ -9,7 +9,7 @@ module Janus
     self.authentication_keys = [ :email ]
 
     self.encryptor = :bcrypt
-#    self.encryptor = :scrypt
+    #self.encryptor = :scrypt
 
     # bcrypt config
     self.stretches = 10
@@ -21,16 +21,22 @@ module Janus
     # Confirmable
     mattr_accessor :confirmation_key #,reconfirmable
     self.confirmation_key = :confirm_token
-#    self.reconfirmable = true
+    #self.reconfirmable = true
 
     # Rememberable
     mattr_accessor :remember_for, :extend_remember_period #, :remember_across_browsers
     self.remember_for = 1.year
     self.extend_remember_period = false
-#    self.remember_across_browsers = false
+    #self.remember_across_browsers = false
 
     # RemoteAuthenticatable
     mattr_accessor :remote_authentication_key
     self.remote_authentication_key = :remote_token
+
+    # TokenAuthenticatable
+    mattr_accessor :token_authentication_key, :token_authentication_valid_for, :reusable_authentication_token
+    self.token_authentication_key = :auth_token
+    self.token_authentication_valid_for = nil
+    self.reusable_authentication_token = true
   end
 end

data/lib/janus/controllers/confirmations_controller.rb

@@ -37,7 +37,7 @@ class Janus::ConfirmationsController < ApplicationController
     self.resource = resource_class.find_for_database_authentication(params[resource_name])
 
     if resource
-      JanusMailer.confirmation_instructions(resource).deliver
+      mailer_class.confirmation_instructions(resource).deliver
 
       respond_to do |format|
         format.html { redirect_to root_url, :notice => t('flash.janus.confirmations.create.email_sent') }

data/lib/janus/controllers/internal_helpers.rb

@@ -32,7 +32,8 @@ module Janus
       instance_variable_set(:"@#{janus_scope}", value)
     end
 
-    # Returns the `User` class (or `Admin` or whatever) as detected by janus_scope.
+    # Returns the `User` class (or `Admin` or whatever) as detected by
+    # janus_scope.
     def resource_class
       @resource_class ||= janus_scope.camelize.constantize
     end
@@ -41,5 +42,11 @@ module Janus
     def resource_name
       janus_scope
     end
+
+    # Returns the `UserMailer` class (or `AdminMailer` or whatever) as detected
+    # by janus_scope.
+    def mailer_class
+      @mailer_class ||= (janus_scope.camelize + 'Mailer').constantize
+    end
   end
 end

data/lib/janus/controllers/passwords_controller.rb

@@ -15,7 +15,7 @@ class Janus::PasswordsController < ApplicationController
 
     if resource
       resource.generate_reset_password_token!
-      JanusMailer.reset_password_instructions(resource).deliver
+      mailer_class.reset_password_instructions(resource).deliver
 
       respond_to do |format|
         format.html { redirect_to root_url, :notice => t('flash.janus.passwords.create.email_sent') }

data/lib/janus/controllers/registrations_controller.rb

@@ -21,7 +21,7 @@ class Janus::RegistrationsController < ApplicationController
 
     if resource.save
       janus.login(resource, :scope => janus_scope, :rememberable => true)
-      JanusMailer.confirmation_instructions(resource).deliver if resource.respond_to?(:confirm!)
+      mailer_class.confirmation_instructions(resource).deliver if resource.respond_to?(:confirm!)
     else
       resource.clean_up_passwords
     end

data/lib/janus/controllers/sessions_controller.rb

@@ -93,11 +93,12 @@ class Janus::SessionsController < ApplicationController
   #
   def never_return_to(scope)
     scope = Janus.scope_for(scope)
-    [
-      new_session_path(scope),
-      new_password_path(scope),
-      edit_password_path(scope)
-    ]
+    list = [new_session_path(scope)]
+    begin
+      list + [ destroy_session_path(scope), new_password_path(scope), edit_password_path(scope) ]
+    rescue NoMethodError
+      list
+    end
   end
 
   # Either redirects the user to after_sign_in_url or to <tt>params[:return_to]</tt>.

data/lib/janus/models/confirmable.rb

@@ -10,6 +10,8 @@ module Janus
       extend ActiveSupport::Concern
 
       included do
+        include Janus::Models::Base unless include?(Janus::Models::Base)
+
         begin
           attr_protected :confirmation_token, :confirmation_sent_at, :confirmed_at
         rescue

data/lib/janus/models/database_authenticatable.rb

@@ -1,11 +1,11 @@
 begin
   require 'bcrypt'
-rescue
+rescue LoadError
 end
 
 begin
   require 'scrypt'
-rescue
+rescue LoadError
 end
 
 module Janus
@@ -31,6 +31,8 @@ module Janus
       extend ActiveSupport::Concern
 
       included do
+        include Janus::Models::Base unless include?(Janus::Models::Base)
+
         begin
           attr_protected :encrypted_password, :reset_password_token, :reset_password_sent_at
         rescue