josevalim-auth_helpers 0.1.0

data/CHANGELOG

@@ -0,0 +1,17 @@
+# Version 0.1
+
+* First version with the following modules:
+
+  AuthHelpers::Model::Associatable
+  AuthHelpers::Model::Authenticable
+  AuthHelpers::Model::Confirmable
+  AuthHelpers::Model::Recoverable
+  AuthHelpers::Model::Rememberable
+  AuthHelpers::Model::Validatable
+
+Plus:
+
+  AuthHelpers::Notifier
+  AuthHelpers::Migration
+
+The first to deal with Notifications and the second with migrations.

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 José Valim
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README

@@ -0,0 +1,175 @@
-------------
+AuthHelpers
+License: MIT
+Version: 0.1
+
+You can also read this README in pretty html at the GitHub project Wiki page:
+
+  http://wiki.github.com/josevalim/auth_helpers
+
+Description
+-----------
+
+AuthHelpers is a collection of modules to include in your model to deal with
+authentication.
+
+Why? Authentication is something that you need to do right since the beginning,
+otherwise it will haunt you until the end of the project.
+
+Gladly, Rails community has two awesome gems for this: Clearance and AuthLogic.
+While the first gives you a simple but full, ready-to-go engine, the second
+is a complex, fully featured authencation library.
+
+While working in different projects, requisites change and sometimes you need
+something that works between something simple and something fully featured. This
+is the scope of AuthHelpers: you have modules and you include them where you
+want.
+
+Installation
+------------
+
+Install AuthHelpers is very easy. It is stored in GitHub, so just run the
+following:
+
+   gem sources -a http://gems.github.com
+   sudo gem install josevalim-auth_helpers
+
+If you want it as plugin, just do:
+
+   script/plugin install git://github.com/josevalim/auth_helpers.git
+
+Modules
+-------
+
+  class Account < ActiveRecord::Base
+    SALT = APP_NAME
+
+    include AuthHelpers::Model::Associatable
+    include AuthHelpers::Model::Authenticable
+    include AuthHelpers::Model::Confirmable
+    include AuthHelpers::Model::Recoverable
+    include AuthHelpers::Model::Rememberable
+    include AuthHelpers::Model::Validatable
+  end
+
+== Associatable
+
+This module automatically creates a belongs_to association for the first *_id
+in the table. This module exists because, whenever it's possible, I follow the
+pattern of having an account model and then all accountable objects uses this
+model (it autodetects polymorphic associations too).
+
+== Authenticable
+
+It adds password, salt and encrypt behavior. Adds find_and_authenticate class
+method and authenticate?(password) as instance method. It requires a constant
+named SALT set in your model. 
+
+== Confirmable
+
+Adds the confirmation_code handling. It sends an e-mail to the user on account
+creation, and adds find_and_confirm, find_and_resend_confirmation_code as class
+methods and confirmed? and confirm as instance methods.
+
+When used with Authenticable, also sends an e-mail with a new confirmation code
+whenever the user changes his e-mail address.
+
+== Recoverable
+
+Adds the reset_password_code handling. Adds find_and_resend_confirmation_code
+and find_and_reset_password class methods.
+
+== Rememberable
+
+Manages a token to be stored in cookies. Adds find_by_remember_me_token (which
+only returns a record if the token hasn't expired yet), remember_me! and forget_me!
+methods.
+
+Whenever used with Authentication, it handles the remember_me method inside
+find_and_authenticate.
+
+== Validatable
+
+Add validations to your e-mail and password. If you have a constant in your model
+named SCOPE, it will add this to validate_uniqueness_of.
+
+Specs
+-----
+
+All those modules comes with specs, that's why the library has not tests per se.
+So if you want to test the Account model declared above, just do:
+
+  describe Account do
+    include AuthHelpers::Spec::Associatable
+    include AuthHelpers::Spec::Authenticable
+    include AuthHelpers::Spec::Confirmable
+    include AuthHelpers::Spec::Recoverable
+    include AuthHelpers::Spec::Rememberable
+    include AuthHelpers::Spec::Validatable
+
+    before(:each) do
+      @valid_attributes = {
+        :email                 => "is.valid@email.com",
+        :email_confirmation    => "is.valid@email.com",
+        :password              => "abcdef",
+        :password_confirmation => "abcdef"
+      }
+    end
+
+    it "should create a new instance given valid attributes" do
+      Account.create!(@valid_attributes)
+    end
+  end
+
+The only requisite you have for the tests is to have a @valid_attributes instance
+variable set with a hash of valid attributes. You also need Remarkable to run
+those tests.
+
+Migrations
+----------
+
+While AuthHelpers gives you the flexibity to choose which model you want to add
+your validations, it takes from you the freedom to choose what are the column
+names. However it makes easier to create your migrations. This is a migration up
+example for the Account model above:
+
+  create_table :accounts do |t|
+    t.references :accountable, :polymorphic => true
+    t.extend AuthHelpers::Migration
+
+    t.authenticable
+    t.confirmable
+    t.recoverable
+    t.rememberable
+    t.timestamps
+  end
+
+Notifications
+
+AuthHelpers also comes with default notification files. At some point you will
+want to prettify your notification views, so you just need to do:
+
+  AuthHelpers::Notifier.sender = %("José Valim" <jose.valim@gmail.com>)
+  AuthHelpers::Notifier.template_root = "#{RAILS_ROOT}/app/views"
+
+Then make a copy of the plugin views folder to your app/views and start to work
+on them.
+
+Need more?
+----------
+
+I'm open to extend this library to include more modules. So if you want an
+Invitable module, fork the project, add it and then send it to me. I will pull
+it in gladly.
+
+Example app
+-----------
+
+http://github.com/josevalim/starter
+
+Bugs and Feedback
+-----------------
+
+If you discover any bugs, please send an e-mail to jose.valim@gmail.com
+
+Copyright (c) 2009 José Valim
+http://josevalim.blogspot.com/

data/init.rb

@@ -0,0 +1 @@
+require File.join(File.dirname(__FILE__), 'lib', 'auth_helpers')

data/lib/auth_helpers/migration.rb

@@ -0,0 +1,56 @@
+module AuthHelpers
+  # Helpers to migration:
+  #
+  #   create_table :accounts do |t|
+  #     t.extend AuthHelpers::Migration
+  #     
+  #     t.authenticable
+  #     t.confirmable
+  #     t.recoverable
+  #     t.rememberable
+  #     t.timestamps
+  #   end
+  #
+  # However this method does not add indexes. If you need them, here is the declaration:
+  #
+  #   add_index "accounts", ["email"],               :name => "email",               :unique => true
+  #   add_index "accounts", ["token"],               :name => "token",               :unique => true
+  #   add_index "accounts", ["confirmation_code"],   :name => "confirmation_code",   :unique => true
+  #   add_index "accounts", ["reset_password_code"], :name => "reset_password_code", :unique => true
+  #
+  # E-mail index should be slightly changed with you are working with polymorphic
+  # associations.
+  #
+  module Migration
+
+    # Creates email, hashed_password and salt.
+    #
+    def authenticable
+      self.string :email,           :limit => 100, :null => false, :default => ''
+      self.string :hashed_password, :limit =>  40, :null => false, :default => ''
+      self.string :salt,            :limit =>  10, :null => false, :default => ''
+    end
+
+    # Creates confirmation_code, confirmed_at and confirmation_sent_at.
+    #
+    def confirmable
+      self.string   :confirmation_code, :limit =>  40, :null => true
+      self.datetime :confirmed_at
+      self.datetime :confirmation_sent_at
+    end
+
+    # Creates reset_password_code.
+    #
+    def recoverable
+      self.string :reset_password_code, :limit =>  40, :null => true
+    end
+
+    # Creates token and token_created_at.
+    #
+    def rememberable
+      self.string   :token, :limit =>  40, :null => true
+      self.datetime :token_expires_at
+    end
+
+  end
+end

data/lib/auth_helpers/model/associatable.rb

@@ -0,0 +1,47 @@
+module AuthHelpers
+  module Model
+
+    # Checks for a column that ends with _id in the included model. Then it adds
+    # a belongs_to association, accepts_nested_attributes_for and make the nested
+    # attributes accessible.
+    #
+    # Also includes a hook called remove_association_error, that removes the nested
+    # attribute errors from the parent object.
+    #
+    # Finally, if the *_id in the table has also *_type. It considers a polymorphic
+    # association.
+    #
+    module Associatable
+      def self.included(base)
+        column = base.columns.detect{|c| c.name =~ /_id$/ }
+        raise ScriptError, "Could not find a column that ends with id in #{base.name.tableize}" unless column
+
+        association = column.name.gsub(/_id$/, '').to_sym
+        polymorphic = !!base.columns.detect{ |c| c.name == "#{association}_type" }
+
+        base.class_eval do
+          belongs_to association, :validate => true, :dependent => :destroy,
+                                  :autosave => true, :polymorphic => polymorphic
+
+          accepts_nested_attributes_for association
+          attr_accessible :"#{association}_attributes"
+
+          after_validation :remove_association_error
+        end
+
+        base.class_eval <<-ASSOCIATION
+          # Remove association errors from the message
+          #
+          def remove_association_error
+            self.errors.each do |key, value|
+              next unless key.to_s =~ /^#{association}_/
+              self.errors.instance_variable_get('@errors').delete(key)
+            end
+          end
+          protected :remove_association_error
+        ASSOCIATION
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/model/authenticable.rb

@@ -0,0 +1,105 @@
+require 'digest/sha1'
+require File.join(File.dirname(__FILE__), '..', 'notifier')
+
+module AuthHelpers
+  module Model
+
+    # Adds methods that helps you to authenticate an user. It requires that you set
+    # a constant called SALT in your model.
+    #
+    module Authenticable
+      def self.included(base)
+        base.send :attr_accessor, :email_confirmation, :password_confirmation
+        base.send :attr_accessible, :email, :email_confirmation, :password, :password_confirmation
+        base.extend ClassMethods
+      end
+
+      # Overwrite update attributes to deal with email, password and confirmations.
+      #
+      def update_attributes(options)
+        # Reject email if it didn't change or is blank
+        options.delete(:email)              if options[:email].blank? || options[:email] == self.email
+        options.delete(:email_confirmation) if options[:email_confirmation].blank?
+
+        # Reject password if it didn't change or is blank
+        options.delete(:password)              if options[:password].blank? || self.authenticate?(options[:password])
+        options.delete(:password_confirmation) if options[:password_confirmation].blank?
+
+        # Force confirmations (if confirmation is nil, it won't validate, it has to be at least blank)
+        options[:email_confirmation]    ||= '' if options[:email]
+        options[:password_confirmation] ||= '' if options[:password]
+
+        if super(options)
+          # Generate a new confirmation code, save and send it. 
+          if options[:email] && respond_to?(:set_confirmation_code)
+            self.set_confirmation_code
+            self.save(false)
+
+            AuthHelpers::Notifier.deliver_email_changed(self)
+          end
+
+          return true
+        end
+
+        return false
+      end
+
+      # Authenticate the account by encrypting the password sent and comparing with the hashed password.
+      #
+      def authenticate?(auth_password)
+        self.hashed_password.not_blank? && self.class.send(:encrypt, auth_password, self.salt) == self.hashed_password
+      end
+
+      # Get the password
+      #
+      def password
+        @password
+      end
+
+      # Sets the password for this account by creating a salt and encrypting the password sent.
+      #
+      def password=(new_password)
+        @password = new_password
+
+        self.salt            = AuthHelpers.random_string(10)
+        self.hashed_password = self.class.send(:encrypt, @password, self.salt)
+      end
+
+      module ClassMethods
+
+        # Finds and authenticate an record, setting error messages in case the object
+        # can't be authenticated.
+        #
+        #   Account.find_and_authenticate(:email => 'my@email.com', :password => '123456')
+        #
+        def find_and_authenticate(options={})
+          authenticable = AuthHelpers.find_or_initialize_by_unless_blank(self, :email, options[:email])
+
+          unless authenticable.authenticate?(options[:password])
+            if options[:email].blank?
+              authenticable.errors.add :email, :blank
+            elsif options[:password].blank?
+              authenticable.errors.add :password, :blank
+            elsif authenticable.new_record?
+              authenticable.errors.add :email, :not_found, :email => options[:email]
+            else
+              authenticable.errors.add :password, :invalid, :email => options[:email]
+            end
+          end
+
+          return authenticable
+        end
+
+        protected
+
+          # Encrypts a string using a fixed salt and a variable salt.
+          #
+          def encrypt(password, salt)
+            return nil if password.blank? || salt.blank?
+            Digest::SHA1.hexdigest(password + self::SALT + salt)
+          end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/model/confirmable.rb

@@ -0,0 +1,85 @@
+require File.join(File.dirname(__FILE__), '..', 'notifier')
+
+module AuthHelpers
+  module Model
+
+    # Adds a module that deals with confirmations.
+    #
+    module Confirmable
+      def self.included(base)
+        base.extend ClassMethods
+        base.send :before_create, :set_confirmation_code
+        base.send :after_create,  :send_new_account_notification
+      end
+
+      # Returns true if is not a new record and the confirmation code is blank.
+      #
+      def confirmed?
+        !self.new_record? && self.confirmation_code.blank?
+      end
+
+      # Confirms an account by setting :confirmation_code to nil and setting the
+      # confirmed_at field.
+      #
+      def confirm!
+        self.confirmation_code = nil
+        self.confirmed_at = Time.now.utc
+        return self.save(false)
+      end
+
+      protected
+
+        # Generates a confirmation_code and sets confirmation_sent_at.
+        # Does not save the object because it's used as a filter.
+        #
+        def set_confirmation_code
+          self.confirmation_code    = AuthHelpers.generate_unique_string_for(self.class, :confirmation_code, 40)
+          self.confirmation_sent_at = Time.now.utc
+          return true
+        end
+
+        # Send a notification to new account. Used as filter.
+        #
+        def send_new_account_notification
+          AuthHelpers::Notifier.deliver_new_account(self)
+        end
+
+      module ClassMethods
+
+        # Receives a confirmation code, find the respective account and tries to set its confirmation code to nil.
+        # If something goes wrong, return an account object with errors.
+        #
+        def find_and_confirm(sent_confirmation_code)
+          confirmable = AuthHelpers.find_or_initialize_by_unless_blank(self, :confirmation_code, sent_confirmation_code)
+
+          if confirmable.new_record?
+            confirmable.errors.add :confirmation_code, :invalid
+          else
+            confirmable.confirm!
+          end
+
+          return confirmable
+        end
+
+        # Receives a hash with email and tries to find the account to resend the confirmation code.
+        # If the e-mail can't be found or the account is already confirmed, return an account object
+        # with errors.
+        #
+        def find_and_resend_confirmation_code(options = {})
+          confirmable = AuthHelpers.find_or_initialize_by_unless_blank(self, :email, options[:email])
+
+          if confirmable.new_record?
+            confirmable.errors.add :email, :not_found
+          elsif confirmable.confirmed?
+            confirmable.errors.add :email, :already_confirmed
+          else
+            AuthHelpers::Notifier.deliver_confirmation_code(confirmable)
+          end
+
+          return confirmable
+        end
+      end
+
+    end
+  end
+end

data/lib/auth_helpers/model/recoverable.rb

@@ -0,0 +1,74 @@
+require File.join(File.dirname(__FILE__), '..', 'notifier')
+
+module AuthHelpers
+  module Model
+
+    # Adds a module that deals with forgot your password.
+    #
+    module Recoverable
+      def self.included(base)
+        base.send(:attr_accessible, :reset_password_code)
+        base.extend ClassMethods
+      end
+
+      # Reset the password with the new_password is equals its confirmation and
+      # set reset password code to nil.
+      # 
+      def reset_password!(new_password, new_password_confirmation)
+        self.password              = new_password
+        self.password_confirmation = new_password_confirmation
+
+        if self.valid?
+          self.reset_password_code = nil
+          return self.save
+        end
+
+        false
+      end
+
+      # Set a reset password code in the database and send it through e-mail
+      #
+      def send_reset_password_code
+        new_code = AuthHelpers.generate_unique_string_for(self.class, :reset_password_code, 40)
+        self.update_attribute(:reset_password_code, new_code)
+
+        AuthHelpers::Notifier.deliver_reset_password(self)
+        return true
+      end
+
+      module ClassMethods
+
+        # Receives a hash with reset_password_code, password and password confirmation.
+        # Tries to find the account with the sent password code, and then, if password and password
+        # confirmation matches, changes the password. Otherwise return an account object with errors.
+        #
+        def find_and_reset_password(options={})
+          recoverable = AuthHelpers.find_or_initialize_by_unless_blank(self, :reset_password_code, options[:reset_password_code])
+
+          if recoverable.new_record?
+            recoverable.errors.add :reset_password_code, :invalid
+          else
+            recoverable.reset_password!(options[:password], options[:password_confirmation])
+          end
+
+          return recoverable
+        end
+
+        # Receives a hash with email and tries to find the account to send a new reset password code.
+        # If the e-mail can't be found return an account object with errors.
+        #
+        def find_and_send_reset_password_code(options={})
+          recoverable = AuthHelpers.find_or_initialize_by_unless_blank(self, :email, options[:email])
+
+          if recoverable.new_record?
+            recoverable.errors.add :email, :not_found, options
+          else
+            recoverable.send_reset_password_code
+          end
+
+          return recoverable
+        end
+      end
+    end
+  end
+end

data/lib/auth_helpers/model/rememberable.rb

@@ -0,0 +1,65 @@
+require File.join(File.dirname(__FILE__), '..', 'notifier')
+
+module AuthHelpers
+  module Model
+
+    # Adds remember_me to the model. The token is valid for two weeks, you can
+    # can change this by overwriting the token_expiration_interval method.
+    #
+    module Rememberable
+      def self.included(base)
+        base.extend ClassMethods
+        base.class_eval do
+          attr_accessor   :remember_me
+          attr_accessible :remember_me
+          alias :remember_me? :remember_me
+        end
+      end
+
+      # Call to set and save a remember me token
+      #
+      def remember_me!
+        self.token = AuthHelpers.generate_unique_string_for(self.class, :token, 40)
+        self.token_expires_at = token_expiration_interval
+        self.save(false)
+      end
+
+      # Call to forget and save the token
+      #
+      def forget_me!
+        self.token = nil
+        self.token_expires_at = nil
+        self.save(false)
+      end
+
+      # Change if you want to set another token_expiration_interval or add
+      # custom logic (admin has one day token, clients have 2 weeks).
+      #
+      def token_expiration_interval
+        2.weeks.from_now
+      end
+
+      module ClassMethods
+        # Find the user with the given token only if it has not expired at.
+        #
+        def find_by_remember_me_token(token)
+          self.find(:first, :conditions => [ "token = ? AND token_expires_at > CURRENT_TIMESTAMP", token ])
+        end
+
+        # Overwrites find and authenticate to deal with the remember me key.
+        #
+        def find_and_authenticate(options={})
+          rememberable, remember_me = options.key?(:remember_me), options.delete(:remember_me)
+          authenticable = super(options)
+
+          if rememberable && authenticable.errors.empty?
+            remember_me == '1' ? authenticable.remember_me! : authenticable.forget_me!
+          end
+
+          authenticable
+        end
+      end
+
+    end
+  end
+end

data/lib/auth_helpers/model/validatable.rb

@@ -0,0 +1,43 @@
+module AuthHelpers
+  module Model
+
+    # Include validations.
+    #
+    # If you want to scope the validate uniqueness of, you have to set a constant
+    # SCOPE in your class.
+    #
+    #   class Account < ActiveRecord::Base
+    #     SALT  = 'my_project_salt'
+    #     SCOPE = [ :company_id ]
+    #
+    #     include AuthHelpers::Models::Authenticable
+    #     include AuthHelpers::Models::Validatable
+    #   end
+    #
+    # Another hook provided is the password_required? method. It always returns
+    # true, but you can overwrite it to add custom logic.
+    #
+    module Validatable
+      EMAIL_REGEXP = /^([^@"'><&\s\,\;]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i
+
+      def self.included(base)
+        base.class_eval do
+          validates_presence_of     :email
+          validates_length_of       :email, :maximum => 100,          :allow_blank => true
+          validates_format_of       :email, :with => EMAIL_REGEXP,    :allow_blank => true
+          validates_uniqueness_of   :email, :case_sensitive => false, :allow_blank => true,
+                                            :scope => (defined?(base::SCOPE) ? base::SCOPE : [])
+          validates_confirmation_of :email
+
+          validates_presence_of     :password, :if => :password_required?
+          validates_length_of       :password, :within => 6..20, :allow_blank => true
+          validates_confirmation_of :password
+
+          # Overwrite if password is not required or implement custom logic
+          def password_required?; true; end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/notifier.rb

@@ -0,0 +1,54 @@
+module AuthHelpers
+  # The class responsable to send e-mails.
+  #
+  # It uses default views in the auth_helpers/views. If you want to customize
+  # them, just do:
+  #
+  #   AuthHelpers::Notifier.template_root = "#{RAILS_ROOT}/app/views"
+  #
+  # And put your new views at: "RAILS_ROOT/app/views/auth_helpers/notifier/"
+  #
+  # You should also configure the sender and content_type:
+  #
+  #   AuthHelpers::Notifier.sender = %("José Valim" <jose.valim@gmail.com>)
+  #   AuthHelpers::Notifier.content_type = 'text/html'
+  #
+  class Notifier < ActionMailer::Base
+    class << self; attr_accessor :sender, :content_type end
+
+    self.content_type  = 'text/html'
+    self.template_root = File.join(File.dirname(__FILE__), '..', '..', 'views')
+
+    def new_account(record)
+      @subject = I18n.t 'actionmailer.auth_helpers.new_account', :default => 'New account'
+      set_ivars!(:confirmable, record)
+    end
+
+    def email_changed(record)
+      @subject = I18n.t 'actionmailer.auth_helpers.email_changed', :default => 'You changed your e-mail'
+      set_ivars!(:confirmable, record)
+    end
+
+    def reset_password(record)
+      @subject = I18n.t 'actionmailer.auth_helpers.reset_password', :default => 'Reset password'
+      set_ivars!(:recoverable, record)
+    end
+
+    def confirmation_code(record)
+      @subject = I18n.t 'actionmailer.auth_helpers.confirmation_code', :default => 'Confirmation code'
+      set_ivars!(:confirmable, record)
+    end
+
+    protected
+
+      def set_ivars!(assign, record)
+        @from         = self.class.sender
+        @content_type = self.class.content_type
+        @body[assign] = record
+        @recipients   = record.email
+        @sent_on      = Time.now.utc
+        @headers      = {}
+      end
+
+  end
+end

data/lib/auth_helpers/spec/associatable.rb

@@ -0,0 +1,34 @@
+module AuthHelpers
+  module Spec
+
+    module Associatable
+      def self.included(base)
+        klass = base.described_class
+
+        column = klass.columns.detect{|c| c.name =~ /_id$/ }
+        raise ScriptError, "Could not find a column that ends with id in #{base.name.tableize}" unless column
+
+        association = column.name.gsub(/_id$/, '').to_sym
+        polymorphic = !!klass.columns.detect{ |c| c.name == "#{association}_type" }
+
+        base.class_eval do
+          should_belong_to association, :validate => true, :dependent => :destroy,
+                                        :autosave => true, :polymorphic => polymorphic
+
+          it "should validate associated #{association}" do
+            associatable = base.described_class.create(@valid_attributes.merge(:"#{association}_attributes" => {}))
+            associatable.should_not be_valid
+
+            unless associatable.send(association).errors.empty?
+              associatable.errors.should be_empty # this should be blank since errors is
+                                                  # on the associated object.
+
+              associatable.send(association).errors.should_not be_empty
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/spec/authenticable.rb

@@ -0,0 +1,87 @@
+module AuthHelpers
+  module Spec
+
+    module Authenticable
+      def self.included(base)
+        base.class_eval do
+          describe 'on authentication' do
+            it { should_not allow_mass_assignment_of(:salt, :hashed_password) }
+
+            it "should set a salt and hashed_password when assigning password" do
+              salt_value            = '0123456789'
+              password_value        = 'abcdef'
+              hashed_password_value = 'nice' * 10
+
+              AuthHelpers.should_receive(:random_string).with(10).and_return(salt_value)
+              base.described_class.should_receive(:encrypt).with(password_value, salt_value).and_return(hashed_password_value)
+
+              authenticable = base.described_class.new
+              authenticable.password = password_value
+
+              authenticable.salt.should            == salt_value
+              authenticable.hashed_password.should == hashed_password_value
+            end
+
+            it "should authenticate users with valid password" do
+              authenticable = base.described_class.new
+              authenticable.authenticate?('abcdef').should be_false
+
+              authenticable.password = 'abcdef'
+              authenticable.authenticate?(nil).should be_false
+              authenticable.authenticate?('notvalid').should be_false
+              authenticable.authenticate?('abcdef').should be_true
+            end
+
+            it "should find and authenticate an account by email" do
+              base.described_class.create!(@valid_attributes)
+
+              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password])
+              authenticable.errors.should be_empty
+
+              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password].to_s.reverse)
+              authenticable.errors.on(:password).should == authenticable.errors.generate_message(:password, :invalid, @valid_attributes)
+
+              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => '')
+              authenticable.errors.on(:password).should == authenticable.errors.generate_message(:password, :blank)
+
+              authenticable = base.described_class.find_and_authenticate(:email => 'does.not.exist@email.com', :password => @valid_attributes[:password].to_s.reverse)
+              authenticable.new_record?.should be_true
+              authenticable.errors.on(:email).should == authenticable.errors.generate_message(:email, :not_found)
+
+              authenticable = base.described_class.find_and_authenticate(:email => '', :password => 'notvalid')
+              authenticable.new_record?.should be_true
+              authenticable.errors.on(:email).should == authenticable.errors.generate_message(:email, :blank)
+            end
+
+            describe "on update" do
+              before(:each) do
+                @authenticable = base.described_class.create!(@valid_attributes)
+                ActionMailer::Base.deliveries = []
+              end
+
+              it "should ignore e-mail confirmation if e-mail has not changed" do
+                attributes = { :email => @authenticable.email, :email_confirmation => '' }
+                @authenticable.update_attributes(attributes).should be_true
+              end
+
+              it "should ignore password confirmation if password has not changed" do
+                attributes = { :password => @valid_attributes[:password], :password_confirmation => '' }
+                @authenticable.update_attributes(attributes).should be_true
+              end
+
+              if base.described_class.new.respond_to?(:set_confirmation_code, true)
+                it "should send an e-mail if e-mail changes" do
+                  attributes = { :email => @valid_attributes[:email].to_s.next, :email_confirmation => @valid_attributes[:email].to_s.next }
+                  @authenticable.update_attributes(attributes).should be_true
+                  @authenticable.email.should == @valid_attributes[:email].to_s.next
+                  ActionMailer::Base.deliveries.length.should == 1
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/spec/confirmable.rb

@@ -0,0 +1,101 @@
+module AuthHelpers
+  module Spec
+
+    module Confirmable
+      def self.included(base)
+        base.class_eval do
+          describe 'confirmation' do
+            before(:each) do
+              ActionMailer::Base.deliveries = []
+              @confirmable = base.described_class.create!(@valid_attributes)
+            end
+
+            it { should_not allow_mass_assignment_of(:confirmation_code) }
+
+            it 'should remove confirmation code' do
+              @confirmable.confirm!
+              @confirmable.confirmation_code.should be_nil
+            end
+
+            it 'should set the date account was confirmed' do
+              @confirmable.confirmed_at.should be_nil
+              @confirmable.confirm!
+              @confirmable.confirmed_at.should_not be_nil
+            end
+
+            it "should say when a record is confirmed or not" do
+              base.described_class.new.confirmed?.should be_false
+              @confirmable.confirmed?.should be_false
+
+              @confirmable.confirm!
+              @confirmable.confirmed?.should be_true
+            end
+
+            describe 'on create' do
+              it "should set confirmation_code" do
+                @confirmable.confirmation_code.length.should == 40
+              end
+
+              it "should set confirmation_sent_at" do
+                @confirmable.confirmation_sent_at.should_not be_blank
+              end
+
+              it "should send a new account notification" do
+                ActionMailer::Base.deliveries.length.should == 1
+              end
+            end
+
+            describe 'with a valid confirmation code' do
+              it "should confirm his account" do
+                record = base.described_class.find_and_confirm(@confirmable.confirmation_code)
+                record.errors.should be_empty
+              end
+
+              it "should clean confirmation code" do
+                base.described_class.find_and_confirm(@confirmable.confirmation_code)
+                @confirmable.reload
+                @confirmable.confirmation_code.should be_nil
+              end
+
+              it "should set confirmed_at date" do
+                record = base.described_class.find_and_confirm(@confirmable.confirmation_code)
+                record.confirmed_at.should_not be_nil
+              end
+            end
+
+            describe 'with an invalid confirmation code' do
+              it "should set an error message" do
+                record = base.described_class.find_and_confirm('invalid_code')
+                record.errors.on(:confirmation_code).should == record.errors.generate_message(:confirmation_code, :invalid)
+              end
+            end
+
+            describe 'when lost confirmation code' do
+              before(:each){ ActionMailer::Base.deliveries = [] }
+
+              it "should resend confirmation code if account is not confirmed" do
+                record = base.described_class.find_and_resend_confirmation_code(:email => @confirmable.email)
+                record.errors.should be_empty
+                ActionMailer::Base.deliveries.length.should == 1
+              end
+
+              it "should not resend confirmation code if account is confirmed" do
+                @confirmable.confirm!
+                record = base.described_class.find_and_resend_confirmation_code(:email => @confirmable.email)
+                record.errors.on(:email).should == record.errors.generate_message(:email, :already_confirmed)
+                ActionMailer::Base.deliveries.length.should == 0
+              end
+
+              it "should show a error message on resend confirmation code if e-mail is not valid" do
+                record = base.described_class.find_and_resend_confirmation_code(:email => 'invalid')
+                record.errors.on(:email).should == record.errors.generate_message(:email, :not_found)
+                ActionMailer::Base.deliveries.length.should == 0
+              end
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/spec/notifier.rb

@@ -0,0 +1,43 @@
+require 'ostruct'
+
+module AuthHelpers
+  module Spec
+    module Notifier
+      def self.included(base)
+        base.class_eval do
+          before(:each) do
+            @member = OpenStruct.new(:email               => 'recipient@email.com',
+                                     :confirmation_code   => '0123456789',
+                                     :reset_password_code => 'abcdefghij')
+          end
+
+          it "should deliver new account notification" do
+            email = ::AuthHelpers::Notifier.create_new_account(@member)
+            email.to.should == [ 'recipient@email.com' ]
+            email.body.should match(/#{@member.confirmation_code}/)
+          end
+
+          it "should deliver email changed notification" do
+            email = ::AuthHelpers::Notifier.create_email_changed(@member)
+            email.to.should == [ 'recipient@email.com' ]
+            email.body.should match(/#{@member.confirmation_code}/)
+          end
+
+          it "should deliver reset password code" do
+            email = ::AuthHelpers::Notifier.create_reset_password(@member)
+            email.to.should == [ 'recipient@email.com' ]
+            email.body.should match(/#{@member.reset_password_code}/)
+          end
+
+          it "should resend confirmation code" do
+            email = ::AuthHelpers::Notifier.create_confirmation_code(@member)
+            email.to.should == [ 'recipient@email.com' ]
+            email.body.should match(/#{@member.confirmation_code}/)
+          end
+        end
+      end
+    end
+  end
+end
+
+

data/lib/auth_helpers/spec/recoverable.rb

@@ -0,0 +1,61 @@
+module AuthHelpers
+  module Spec
+
+    module Recoverable
+      def self.included(base)
+        base.class_eval do
+          describe 'when forgot password' do
+            before(:each) do
+              @recoverable = base.described_class.create!(@valid_attributes)
+              ActionMailer::Base.deliveries = []
+            end
+
+            it "should send a reset password code to the user" do
+              record = base.described_class.find_and_send_reset_password_code(:email => @recoverable.email)
+              record.errors.should be_empty
+              record.reset_password_code.should_not be_blank
+              ActionMailer::Base.deliveries.length.should == 1
+            end
+
+            describe 'and reset password code is sent' do
+              before(:each) do
+                base.described_class.find_and_send_reset_password_code(:email => @recoverable.email)
+                @recoverable.reload
+              end
+
+              it "should reset password if reset password code is valid" do
+                record = base.described_class.find_and_reset_password(:reset_password_code => @recoverable.reset_password_code, :password => '654321', :password_confirmation => '654321')
+                record.errors.should be_empty
+
+                record = base.described_class.find_and_authenticate(:email => @recoverable.email, :password => '654321')
+                record.errors.should be_empty
+              end
+
+              it "should not reset password if the given reset password code is invalid" do
+                record = base.described_class.find_and_reset_password(:reset_password_code => 'invalid_pass_code', :password => '654321', :password_confirmation => '654321')
+                record.errors.on(:reset_password_code).should == record.errors.generate_message(:reset_password_code, :invalid)
+                record = base.described_class.find_and_authenticate(:email => @recoverable.email, :password => '654321')
+                record.errors.should_not be_empty
+              end
+
+              it "should not reset password if password doesn't match confirmation" do
+                record = base.described_class.find_and_reset_password(:reset_password_code => @recoverable.reset_password_code, :password => '654321', :password_confirmation => '123456')
+                record.errors.on(:password).should == record.errors.generate_message(:password, :confirmation)
+
+                record = base.described_class.find_and_authenticate(:email => @recoverable.email, :password => '654321')
+                record.errors.should_not be_empty
+              end
+
+              it "should clean reset_password_code when password is successfully reset" do
+                base.described_class.find_and_reset_password(:reset_password_code => @recoverable.reset_password_code, :password => '654321', :password_confirmation => '654321')
+                @recoverable.reload
+                @recoverable.reset_password_code.should be_nil
+              end
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/spec/rememberable.rb

@@ -0,0 +1,77 @@
+module AuthHelpers
+  module Spec
+
+    module Rememberable
+      def self.included(base)
+        base.class_eval do
+          describe 'when authenticating' do
+            before(:each){ @rememberable = base.described_class.create!(@valid_attributes) }
+
+            it 'should set the remember me token' do
+              @rememberable.remember_me!
+              @rememberable.token.should_not be_nil
+            end
+
+            it 'should set the remember me token creation date' do
+              @rememberable.remember_me!
+              @rememberable.token_expires_at.should_not be_nil
+            end
+
+            it 'should forget the remember me token' do
+              @rememberable.remember_me!
+              @rememberable.forget_me!
+              @rememberable.token.should be_nil
+            end
+
+            it 'should forget the remember me token creation date' do
+              @rememberable.remember_me!
+              @rememberable.forget_me!
+              @rememberable.token_expires_at.should be_nil
+            end
+
+            if base.described_class.ancestors.include?(::AuthHelpers::Model::Authenticable)
+              it 'should find, authenticate and set token if remember me is true' do
+                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password], :remember_me => "1")
+                @rememberable.reload
+                @rememberable.token.should_not be_nil
+              end
+
+              it 'should find, authenticate and clear token if remember me is false' do
+                @rememberable.remember_me!
+                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password], :remember_me => "0")
+                @rememberable.reload
+                @rememberable.token.should be_nil
+              end
+
+              it 'should not set or clear token if remember me is not set' do
+                @rememberable.remember_me!
+                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password])
+                @rememberable.reload
+                @rememberable.token.should_not be_nil
+              end
+
+              it 'should not set or clear token if user cannot authenticate' do
+                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password].to_s.next, :remember_me => "1")
+                @rememberable.reload
+                @rememberable.token.should be_nil
+              end
+            end
+
+            it 'should be found by remember me token' do
+              @rememberable.remember_me!
+              base.described_class.find_by_remember_me_token(@rememberable.token).should_not be_nil
+              base.described_class.find_by_remember_me_token(@rememberable.token.next).should be_nil
+            end
+
+            it 'should not be found if remember me token is expired' do
+              @rememberable.remember_me!
+              @rememberable.update_attribute(:token_expires_at, 1.day.ago)
+              base.described_class.find_by_remember_me_token(@rememberable.token).should be_nil
+            end
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers/spec/validatable.rb

@@ -0,0 +1,29 @@
+module AuthHelpers
+  module Spec
+
+    module Validatable
+      def self.included(base)
+        base.class_eval do
+          describe 'validation' do
+            should_validate_presence_of :email
+            should_validate_length_of :email, :within => 0..100, :allow_blank => true
+            should_validate_confirmation_of :email
+
+            it {
+              base.described_class.create!(@valid_attributes)
+              should validate_uniqueness_of(:email, :case_sensitive => false, :allow_blank => true,
+                                                    :scope => (defined?(base.described_class::SCOPE) ? base.described_class::SCOPE : []))
+            }
+
+            should_not_allow_values_for :email, 'josevalim', 'a@a@a.com', 'jose@com'
+
+            should_validate_presence_of :password
+            should_validate_length_of :password, :within => 6..20, :allow_blank => true
+            should_validate_confirmation_of :password
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/auth_helpers.rb

@@ -0,0 +1,34 @@
+module AuthHelpers
+  # Helper that find or initialize an object by attribute only if the given value is not blank.
+  # If it's blank, create a new object using :new.
+  #
+  def self.find_or_initialize_by_unless_blank(klass, attr, value)
+    if value.blank?
+      klass.new
+    else
+      klass.send(:"find_or_initialize_by_#{attr}", value)
+    end
+  end
+
+  # Helpers that generates a unique code for the given attribute by checking in
+  # the database if the code already exists.
+  #
+  def self.generate_unique_string_for(klass, attr, length=40)
+    begin
+      value = AuthHelpers.random_string(length)
+    end while klass.send(:"find_by_#{attr}", value)
+
+    value
+  end
+
+  # Create a random string with the given length using letters and numbers.
+  #
+  def self.random_string(length)
+    chars = ('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a
+
+    newpass = ''
+    1.upto(length) { |i| newpass << chars.rand }
+
+    return newpass
+  end
+end

metadata

@@ -0,0 +1,82 @@
+--- !ruby/object:Gem::Specification 
+name: josevalim-auth_helpers
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- "Jos\xC3\xA9 Valim"
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-04-23 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: remarkable_rails
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: 3.0.7
+    version: 
+description: AuthHelpers is a collection of modules to include in your model to deal with authentication.
+email: jose.valim@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README
+files: 
+- CHANGELOG
+- MIT-LICENSE
+- README
+- init.rb
+- lib/auth_helpers.rb
+- lib/auth_helpers/migration.rb
+- lib/auth_helpers/notifier.rb
+- lib/auth_helpers/model/associatable.rb
+- lib/auth_helpers/model/authenticable.rb
+- lib/auth_helpers/model/confirmable.rb
+- lib/auth_helpers/model/recoverable.rb
+- lib/auth_helpers/model/rememberable.rb
+- lib/auth_helpers/model/validatable.rb
+- lib/auth_helpers/spec/associatable.rb
+- lib/auth_helpers/spec/authenticable.rb
+- lib/auth_helpers/spec/confirmable.rb
+- lib/auth_helpers/spec/notifier.rb
+- lib/auth_helpers/spec/recoverable.rb
+- lib/auth_helpers/spec/rememberable.rb
+- lib/auth_helpers/spec/validatable.rb
+has_rdoc: true
+homepage: http://github.com/josevalim/auth_helpers
+post_install_message: 
+rdoc_options: 
+- --main
+- README
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: AuthHelpers is a collection of modules to include in your model to deal with authentication.
+test_files: []
+