RubyGems - josevalim-auth_helpers - Versions diffs - 0.1.2 → 0.2.0 - Mend

josevalim-auth_helpers 0.1.2 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

data/CHANGELOG +2 -7
data/README +54 -72
data/lib/auth_helpers.rb +8 -20
data/lib/auth_helpers/model/associatable.rb +5 -0
data/lib/auth_helpers/model/confirmable.rb +32 -42
data/lib/auth_helpers/model/recoverable.rb +27 -38
data/lib/auth_helpers/model/updatable.rb +39 -0
data/lib/auth_helpers/notifier.rb +20 -19
data/lib/auth_helpers/spec/confirmable.rb +24 -30
data/lib/auth_helpers/spec/notifier.rb +10 -11
data/lib/auth_helpers/spec/recoverable.rb +25 -32
data/lib/auth_helpers/spec/updatable.rb +37 -0
data/views/auth_helpers/notifier/create_confirmation.erb +1 -0
data/views/auth_helpers/notifier/resend_confirmation.erb +1 -0
data/views/auth_helpers/notifier/reset_password.erb +1 -1
data/views/auth_helpers/notifier/update_confirmation.erb +1 -0
metadata +10 -16
data/lib/auth_helpers/migration.rb +0 -56
data/lib/auth_helpers/model/authenticable.rb +0 -105
data/lib/auth_helpers/model/rememberable.rb +0 -71
data/lib/auth_helpers/model/validatable.rb +0 -43
data/lib/auth_helpers/spec/associatable.rb +0 -34
data/lib/auth_helpers/spec/authenticable.rb +0 -87
data/lib/auth_helpers/spec/rememberable.rb +0 -83
data/lib/auth_helpers/spec/validatable.rb +0 -29
data/views/auth_helpers/notifier/confirmation_code.erb +0 -1
data/views/auth_helpers/notifier/email_changed.erb +0 -1
data/views/auth_helpers/notifier/new_account.erb +0 -1

data/lib/auth_helpers/model/authenticable.rb DELETED Viewed

@@ -1,105 +0,0 @@
-require 'digest/sha1'
-require File.join(File.dirname(__FILE__), '..', 'notifier')
-module AuthHelpers
-  module Model
-    # Adds methods that helps you to authenticate an user. It requires that you set
-    # a constant called SALT in your model.
-    #
-    module Authenticable
-      def self.included(base)
-        base.send :attr_accessor, :email_confirmation, :password_confirmation
-        base.send :attr_accessible, :email, :email_confirmation, :password, :password_confirmation
-        base.extend ClassMethods
-      end
-      # Overwrite update attributes to deal with email, password and confirmations.
-      #
-      def update_attributes(options)
-        # Reject email if it didn't change or is blank
-        options.delete(:email)              if options[:email].blank? || options[:email] == self.email
-        options.delete(:email_confirmation) if options[:email_confirmation].blank?
-        # Reject password if it didn't change or is blank
-        options.delete(:password)              if options[:password].blank? || self.authenticate?(options[:password])
-        options.delete(:password_confirmation) if options[:password_confirmation].blank?
-        # Force confirmations (if confirmation is nil, it won't validate, it has to be at least blank)
-        options[:email_confirmation]    ||= '' if options[:email]
-        options[:password_confirmation] ||= '' if options[:password]
-        if super(options)
-          # Generate a new confirmation code, save and send it.
-          if options[:email] && respond_to?(:set_confirmation_code)
-            self.set_confirmation_code
-            self.save(false)
-            AuthHelpers::Notifier.deliver_email_changed(self)
-          end
-          return true
-        end
-        return false
-      end
-      # Authenticate the account by encrypting the password sent and comparing with the hashed password.
-      #
-      def authenticate?(auth_password)
-        self.hashed_password.not_blank? && self.class.send(:encrypt, auth_password, self.salt) == self.hashed_password
-      end
-      # Get the password
-      #
-      def password
-        @password
-      end
-      # Sets the password for this account by creating a salt and encrypting the password sent.
-      #
-      def password=(new_password)
-        @password = new_password
-        self.salt            = AuthHelpers.random_string(10)
-        self.hashed_password = self.class.send(:encrypt, @password, self.salt)
-      end
-      module ClassMethods
-        # Finds and authenticate an record, setting error messages in case the object
-        # can't be authenticated.
-        #
-        #   Account.find_and_authenticate(:email => 'my@email.com', :password => '123456')
-        #
-        def find_and_authenticate(options={})
-          authenticable = AuthHelpers.find_or_initialize_by_unless_blank(self, :email, options[:email])
-          unless authenticable.authenticate?(options[:password])
-            if options[:email].blank?
-              authenticable.errors.add :email, :blank
-            elsif options[:password].blank?
-              authenticable.errors.add :password, :blank
-            elsif authenticable.new_record?
-              authenticable.errors.add :email, :not_found, :email => options[:email]
-            else
-              authenticable.errors.add :password, :invalid, :email => options[:email]
-            end
-          end
-          return authenticable
-        end
-        protected
-          # Encrypts a string using a fixed salt and a variable salt.
-          #
-          def encrypt(password, salt)
-            return nil if password.blank? || salt.blank?
-            Digest::SHA1.hexdigest(password + self::SALT + salt)
-          end
-      end
-    end
-  end
-end

data/lib/auth_helpers/model/rememberable.rb DELETED Viewed

@@ -1,71 +0,0 @@
-require File.join(File.dirname(__FILE__), '..', 'notifier')
-module AuthHelpers
-  module Model
-    # Adds remember_me to the model. The token is valid for two weeks, you can
-    # can change this by overwriting the token_expiration_interval method.
-    #
-    module Rememberable
-      def self.included(base)
-        base.extend ClassMethods
-        base.class_eval do
-          attr_accessor   :remember_me
-          attr_accessible :remember_me
-          alias :remember_me? :remember_me
-        end
-      end
-      # Call to set and save a remember me token
-      #
-      def remember_me!
-        self.token = AuthHelpers.generate_unique_string_for(self.class, :token, 40)
-        self.token_expires_at = token_expiration_interval
-        self.save(false)
-      end
-      # Call to forget and save the token
-      #
-      def forget_me!
-        self.token = nil
-        self.token_expires_at = nil
-        self.save(false)
-      end
-      # Returns a hash to be store in session
-      #
-      def remember_me_cookie_hash
-        { :value => self.token, :expires => self.token_expires_at }
-      end
-      # Change if you want to set another token_expiration_interval or add
-      # custom logic (admin has one day token, clients have 2 weeks).
-      #
-      def token_expiration_interval
-        2.weeks.from_now
-      end
-      module ClassMethods
-        # Find the user with the given token only if it has not expired at.
-        #
-        def find_by_remember_me_token(token)
-          self.find(:first, :conditions => [ "token = ? AND token_expires_at > CURRENT_TIMESTAMP", token ])
-        end
-        # Overwrites find and authenticate to deal with the remember me key.
-        #
-        def find_and_authenticate(options={})
-          rememberable, remember_me = options.key?(:remember_me), options.delete(:remember_me)
-          authenticable = super(options)
-          if rememberable && authenticable.errors.empty?
-            remember_me == '1' ? authenticable.remember_me! : authenticable.forget_me!
-          end
-          authenticable
-        end
-      end
-    end
-  end
-end

data/lib/auth_helpers/model/validatable.rb DELETED Viewed

@@ -1,43 +0,0 @@
-module AuthHelpers
-  module Model
-    # Include validations.
-    #
-    # If you want to scope the validate uniqueness of, you have to set a constant
-    # SCOPE in your class.
-    #
-    #   class Account < ActiveRecord::Base
-    #     SALT  = 'my_project_salt'
-    #     SCOPE = [ :company_id ]
-    #
-    #     include AuthHelpers::Models::Authenticable
-    #     include AuthHelpers::Models::Validatable
-    #   end
-    #
-    # Another hook provided is the password_required? method. It always returns
-    # true, but you can overwrite it to add custom logic.
-    #
-    module Validatable
-      EMAIL_REGEXP = /^([^@"'><&\s\,\;]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i
-      def self.included(base)
-        base.class_eval do
-          validates_presence_of     :email
-          validates_length_of       :email, :maximum => 100,          :allow_blank => true
-          validates_format_of       :email, :with => EMAIL_REGEXP,    :allow_blank => true
-          validates_uniqueness_of   :email, :case_sensitive => false, :allow_blank => true,
-                                            :scope => (defined?(base::SCOPE) ? base::SCOPE : [])
-          validates_confirmation_of :email
-          validates_presence_of     :password, :if => :password_required?
-          validates_length_of       :password, :within => 6..20, :allow_blank => true
-          validates_confirmation_of :password
-          # Overwrite if password is not required or implement custom logic
-          def password_required?; true; end
-        end
-      end
-    end
-  end
-end

data/lib/auth_helpers/spec/associatable.rb DELETED Viewed

@@ -1,34 +0,0 @@
-module AuthHelpers
-  module Spec
-    module Associatable
-      def self.included(base)
-        klass = base.described_class
-        column = klass.columns.detect{|c| c.name =~ /_id$/ }
-        raise ScriptError, "Could not find a column that ends with id in #{base.name.tableize}" unless column
-        association = column.name.gsub(/_id$/, '').to_sym
-        polymorphic = !!klass.columns.detect{ |c| c.name == "#{association}_type" }
-        base.class_eval do
-          should_belong_to association, :validate => true, :dependent => :destroy,
-                                        :autosave => true, :polymorphic => polymorphic
-          it "should validate associated #{association}" do
-            associatable = base.described_class.create(@valid_attributes.merge(:"#{association}_attributes" => {}))
-            associatable.should_not be_valid
-            unless associatable.send(association).errors.empty?
-              associatable.errors.should be_empty # this should be blank since errors is
-                                                  # on the associated object.
-              associatable.send(association).errors.should_not be_empty
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/auth_helpers/spec/authenticable.rb DELETED Viewed

@@ -1,87 +0,0 @@
-module AuthHelpers
-  module Spec
-    module Authenticable
-      def self.included(base)
-        base.class_eval do
-          describe 'on authentication' do
-            it { should_not allow_mass_assignment_of(:salt, :hashed_password) }
-            it "should set a salt and hashed_password when assigning password" do
-              salt_value            = '0123456789'
-              password_value        = 'abcdef'
-              hashed_password_value = 'nice' * 10
-              AuthHelpers.should_receive(:random_string).with(10).and_return(salt_value)
-              base.described_class.should_receive(:encrypt).with(password_value, salt_value).and_return(hashed_password_value)
-              authenticable = base.described_class.new
-              authenticable.password = password_value
-              authenticable.salt.should            == salt_value
-              authenticable.hashed_password.should == hashed_password_value
-            end
-            it "should authenticate users with valid password" do
-              authenticable = base.described_class.new
-              authenticable.authenticate?('abcdef').should be_false
-              authenticable.password = 'abcdef'
-              authenticable.authenticate?(nil).should be_false
-              authenticable.authenticate?('notvalid').should be_false
-              authenticable.authenticate?('abcdef').should be_true
-            end
-            it "should find and authenticate an account by email" do
-              base.described_class.create!(@valid_attributes)
-              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password])
-              authenticable.errors.should be_empty
-              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password].to_s.reverse)
-              authenticable.errors.on(:password).should == authenticable.errors.generate_message(:password, :invalid, @valid_attributes)
-              authenticable = base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => '')
-              authenticable.errors.on(:password).should == authenticable.errors.generate_message(:password, :blank)
-              authenticable = base.described_class.find_and_authenticate(:email => 'does.not.exist@email.com', :password => @valid_attributes[:password].to_s.reverse)
-              authenticable.new_record?.should be_true
-              authenticable.errors.on(:email).should == authenticable.errors.generate_message(:email, :not_found)
-              authenticable = base.described_class.find_and_authenticate(:email => '', :password => 'notvalid')
-              authenticable.new_record?.should be_true
-              authenticable.errors.on(:email).should == authenticable.errors.generate_message(:email, :blank)
-            end
-            describe "on update" do
-              before(:each) do
-                @authenticable = base.described_class.create!(@valid_attributes)
-                ActionMailer::Base.deliveries = []
-              end
-              it "should ignore e-mail confirmation if e-mail has not changed" do
-                attributes = { :email => @authenticable.email, :email_confirmation => '' }
-                @authenticable.update_attributes(attributes).should be_true
-              end
-              it "should ignore password confirmation if password has not changed" do
-                attributes = { :password => @valid_attributes[:password], :password_confirmation => '' }
-                @authenticable.update_attributes(attributes).should be_true
-              end
-              if base.described_class.new.respond_to?(:set_confirmation_code, true)
-                it "should send an e-mail if e-mail changes" do
-                  attributes = { :email => @valid_attributes[:email].to_s.next, :email_confirmation => @valid_attributes[:email].to_s.next }
-                  @authenticable.update_attributes(attributes).should be_true
-                  @authenticable.email.should == @valid_attributes[:email].to_s.next
-                  ActionMailer::Base.deliveries.length.should == 1
-                end
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/auth_helpers/spec/rememberable.rb DELETED Viewed

@@ -1,83 +0,0 @@
-module AuthHelpers
-  module Spec
-    module Rememberable
-      def self.included(base)
-        base.class_eval do
-          describe 'when authenticating' do
-            before(:each){ @rememberable = base.described_class.create!(@valid_attributes) }
-            it 'should set the remember me token' do
-              @rememberable.remember_me!
-              @rememberable.token.should_not be_nil
-            end
-            it 'should set the remember me token creation date' do
-              @rememberable.remember_me!
-              @rememberable.token_expires_at.should_not be_nil
-            end
-            it 'should return a remember_me cookie hash' do
-              @rememberable.remember_me!
-              @rememberable.remember_me_cookie_hash[:value].should == @rememberable.token
-              @rememberable.remember_me_cookie_hash[:expires].should == @rememberable.token_expires_at
-            end
-            it 'should forget the remember me token' do
-              @rememberable.remember_me!
-              @rememberable.forget_me!
-              @rememberable.token.should be_nil
-            end
-            it 'should forget the remember me token creation date' do
-              @rememberable.remember_me!
-              @rememberable.forget_me!
-              @rememberable.token_expires_at.should be_nil
-            end
-            if base.described_class.ancestors.include?(::AuthHelpers::Model::Authenticable)
-              it 'should find, authenticate and set token if remember me is true' do
-                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password], :remember_me => "1")
-                @rememberable.reload
-                @rememberable.token.should_not be_nil
-              end
-              it 'should find, authenticate and clear token if remember me is false' do
-                @rememberable.remember_me!
-                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password], :remember_me => "0")
-                @rememberable.reload
-                @rememberable.token.should be_nil
-              end
-              it 'should not set or clear token if remember me is not set' do
-                @rememberable.remember_me!
-                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password])
-                @rememberable.reload
-                @rememberable.token.should_not be_nil
-              end
-              it 'should not set or clear token if user cannot authenticate' do
-                base.described_class.find_and_authenticate(:email => @valid_attributes[:email], :password => @valid_attributes[:password].to_s.next, :remember_me => "1")
-                @rememberable.reload
-                @rememberable.token.should be_nil
-              end
-            end
-            it 'should be found by remember me token' do
-              @rememberable.remember_me!
-              base.described_class.find_by_remember_me_token(@rememberable.token).should_not be_nil
-              base.described_class.find_by_remember_me_token(@rememberable.token.next).should be_nil
-            end
-            it 'should not be found if remember me token is expired' do
-              @rememberable.remember_me!
-              @rememberable.update_attribute(:token_expires_at, 1.day.ago)
-              base.described_class.find_by_remember_me_token(@rememberable.token).should be_nil
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/auth_helpers/spec/validatable.rb DELETED Viewed

@@ -1,29 +0,0 @@
-module AuthHelpers
-  module Spec
-    module Validatable
-      def self.included(base)
-        base.class_eval do
-          describe 'validation' do
-            should_validate_presence_of :email
-            should_validate_length_of :email, :within => 0..100, :allow_blank => true
-            should_validate_confirmation_of :email
-            it {
-              base.described_class.create!(@valid_attributes)
-              should validate_uniqueness_of(:email, :case_sensitive => false, :allow_blank => true,
-                                                    :scope => (defined?(base.described_class::SCOPE) ? base.described_class::SCOPE : []))
-            }
-            should_not_allow_values_for :email, 'josevalim', 'a@a@a.com', 'jose@com'
-            should_validate_presence_of :password
-            should_validate_length_of :password, :within => 6..20, :allow_blank => true
-            should_validate_confirmation_of :password
-          end
-        end
-      end
-    end
-  end
-end