RubyGems - kickoff - Versions diffs - 0.0.2 - Mend

kickoff 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (115) hide show

data/lib/generators/kickoff/authentication/templates/controller_authentication.rb ADDED Viewed

@@ -0,0 +1,60 @@
+# This module is included in your application controller which makes
+# several methods available to all controllers and views. Here's a
+# common example you might add to your application layout file.
+#
+#   <%% if logged_in? %>
+#     Welcome <%%= current_<%= user_singular_name %>.username %>.
+#     <%%= link_to "Edit profile", edit_current_<%= user_singular_name %>_path %> or
+#     <%%= link_to "Log out", logout_path %>
+#   <%% else %>
+#     <%%= link_to "Sign up", signup_path %> or
+#     <%%= link_to "log in", login_path %>.
+#   <%% end %>
+#
+# You can also restrict unregistered users from accessing a controller using
+# a before filter. For example.
+#
+#   before_filter :login_required, :except => [:index, :show]
+module ControllerAuthentication
+  def self.included(controller)
+    controller.send :helper_method, :current_<%= user_singular_name %>, :logged_in?, :redirect_to_target_or_default
+  end
+<%- if options[:authlogic] -%>
+  def current_<%= session_singular_name %>
+    return @current_<%= session_singular_name %> if defined?(@current_<%= session_singular_name %>)
+    @current_<%= session_singular_name %> = <%= session_class_name %>.find
+  end
+  def current_<%= user_singular_name %>
+    return @current_<%= user_singular_name %> if defined?(@current_<%= user_singular_name %>)
+    @current_<%= user_singular_name %> = current_<%= session_singular_name %> && current_<%= session_singular_name %>.record
+  end
+<%- else -%>
+  def current_<%= user_singular_name %>
+    @current_<%= user_singular_name %> ||= <%= user_class_name %>.find(session[:<%= user_singular_name %>_id]) if session[:<%= user_singular_name %>_id]
+  end
+<%- end -%>
+  def logged_in?
+    current_<%= user_singular_name %>
+  end
+  def login_required
+    unless logged_in?
+      store_target_location
+      redirect_to login_url, :alert => "You must first log in or sign up before accessing this page."
+    end
+  end
+  def redirect_to_target_or_default(default, *args)
+    redirect_to(session[:return_to] || default, *args)
+    session[:return_to] = nil
+  end
+  private
+  def store_target_location
+    session[:return_to] = request.url
+  end
+end

data/lib/generators/kickoff/authentication/templates/fixtures.yml ADDED Viewed

@@ -0,0 +1,24 @@
+# password: "secret"
+foo:
+  username: foo
+  email: foo@example.com
+<%- if options[:authlogic] -%>
+  persistence_token: d5ddba13ed4408ea2b0a12ab18ed2d2eda086279736bdc121ca726a11f1e4b99217d9c534c2cc4ebb22729349c8c5fdbe1529e1f2c3c5859c62ef4dd9feea25c
+  crypted_password: 3d16c326648cccafe3d4b4cb024475c381dda92f430dfedf6f933e1f61203bacb6bae2437849bdb43b06be335e23790e4aa03902b3c28c3bbbbe27d501e521f3
+  password_salt: n6z_wtpWoIsHgQb5IcFd
+<%- else -%>
+  password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
+  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
+<%- end -%>
+bar:
+  username: bar
+  email: bar@example.com
+<%- if options[:authlogic] -%>
+  persistence_token: 19e074bd7cb506ab3e7e53e41f24f0ab3221c8cb68111f4c1aa43965114ad734233979a50a9463537487cdca18c279ac91c4bc83693d589625d446493322394c
+  crypted_password: 3bc9f4113ca645a186765df3d31a9352d0067bf2304ba0cdd6b08a7f3d58c6668ab1762fa3e76aef466ea2ff188399d8e6c40244fa59312bb4112292dac9f7f0
+  password_salt: UiAh9ejabnKRxqsiK0xO
+<%- else -%>
+  password_hash: 3488f5f7efecab14b91eb96169e5e1ee518a569f
+  password_salt: bef65e058905c379436d80d1a32e7374b139e7b0
+<%- end -%>

data/lib/generators/kickoff/authentication/templates/migration.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class Create<%= user_plural_class_name %> < ActiveRecord::Migration
+  def self.up
+    create_table :<%= user_plural_name %> do |t|
+      t.string :username
+      t.string :email
+    <%- if options[:authlogic] -%>
+      t.string :persistence_token
+      t.string :crypted_password
+    <%- else -%>
+      t.string :password_hash
+    <%- end -%>
+      t.string :password_salt
+      t.timestamps
+    end
+  end
+  def self.down
+    drop_table :<%= user_plural_name %>
+  end
+end

data/lib/generators/kickoff/authentication/templates/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,41 @@
+class <%= session_plural_class_name %>Controller < ApplicationController
+<%- if options[:authlogic] -%>
+  def new
+    @<%= session_singular_name %> = <%= session_class_name %>.new
+  end
+  def create
+    @<%= session_singular_name %> = <%= session_class_name %>.new(params[:<%= session_singular_name %>])
+    if @<%= session_singular_name %>.save
+      redirect_to_target_or_default root_url, :notice => "Logged in successfully."
+    else
+      render :new
+    end
+  end
+  def destroy
+    @<%= session_singular_name %> = <%= session_class_name %>.find
+    @<%= session_singular_name %>.destroy
+    redirect_to root_url, :notice => "You have been logged out."
+  end
+<%- else -%>
+  def new
+  end
+  def create
+    <%= user_singular_name %> = <%= user_class_name %>.authenticate(params[:login], params[:password])
+    if <%= user_singular_name %>
+      session[:<%= user_singular_name %>_id] = <%= user_singular_name %>.id
+      redirect_to_target_or_default root_url, :notice => "Logged in successfully."
+    else
+      flash.now[:alert] = "Invalid login or password."
+      render :new
+    end
+  end
+  def destroy
+    session[:<%= user_singular_name %>_id] = nil
+    redirect_to root_url, :notice => "You have been logged out."
+  end
+<%- end -%>
+end

data/lib/generators/kickoff/authentication/templates/sessions_helper.rb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ module <%= session_plural_class_name %>Helper
2	+ end

data/lib/generators/kickoff/authentication/templates/tests/rspec/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= session_plural_class_name %>Controller do
+  fixtures :all
+  render_views
+  it "new action should render new template" do
+    get :new
+    response.should render_template(:new)
+  end
+<%- if options[:authlogic] -%>
+  it "create action should render new template when authentication is invalid" do
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+    response.should render_template(:new)
+    <%= session_class_name %>.find.should be_nil
+  end
+  it "create action should redirect when authentication is valid" do
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+    response.should redirect_to(root_url)
+    <%= session_class_name %>.find.<%= user_singular_name %>.should == <%= user_plural_name %>(:foo)
+  end
+<%- else -%>
+  it "create action should render new template when authentication is invalid" do
+    <%= user_class_name %>.stubs(:authenticate).returns(nil)
+    post :create
+    response.should render_template(:new)
+    session['<%= user_singular_name %>_id'].should be_nil
+  end
+  it "create action should redirect when authentication is valid" do
+    <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+    post :create
+    response.should redirect_to(root_url)
+    session['<%= user_singular_name %>_id'].should == <%= user_class_name %>.first.id
+  end
+<%- end -%>
+end

data/lib/generators/kickoff/authentication/templates/tests/rspec/user.rb ADDED Viewed

@@ -0,0 +1,83 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= user_class_name %> do
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_class_name %>.new(attributes)
+  end
+  before(:each) do
+    <%= user_class_name %>.delete_all
+  end
+  it "should be valid" do
+    new_<%= user_singular_name %>.should be_valid
+  end
+  it "should require username" do
+    new_<%= user_singular_name %>(:username => '').should have(1).error_on(:username)
+  end
+  it "should require password" do
+    new_<%= user_singular_name %>(:password => '').should have(1).error_on(:password)
+  end
+  it "should require well formed email" do
+    new_<%= user_singular_name %>(:email => 'foo@bar@example.com').should have(1).error_on(:email)
+  end
+  it "should validate uniqueness of email" do
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    new_<%= user_singular_name %>(:email => 'bar@example.com').should have(1).error_on(:email)
+  end
+  it "should validate uniqueness of username" do
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    new_<%= user_singular_name %>(:username => 'uniquename').should have(1).error_on(:username)
+  end
+  it "should not allow odd characters in username" do
+    new_<%= user_singular_name %>(:username => 'odd ^&(@)').should have(1).error_on(:username)
+  end
+  it "should validate password is longer than 3 characters" do
+    new_<%= user_singular_name %>(:password => 'bad').should have(1).error_on(:password)
+  end
+  it "should require matching password confirmation" do
+    new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').should have(1).error_on(:password)
+  end
+  it "should generate password hash and salt on create" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    <%= user_singular_name %>.password_hash.should_not be_nil
+    <%= user_singular_name %>.password_salt.should_not be_nil
+  end
+  it "should authenticate by username" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    <%= user_class_name %>.authenticate('foobar', 'secret').should == <%= user_singular_name %>
+  end
+  it "should authenticate by email" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    <%= user_class_name %>.authenticate('foo@bar.com', 'secret').should == <%= user_singular_name %>
+  end
+  it "should not authenticate bad username" do
+    <%= user_class_name %>.authenticate('nonexisting', 'secret').should be_nil
+  end
+  it "should not authenticate bad password" do
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    <%= user_class_name %>.authenticate('foobar', 'badpassword').should be_nil
+  end
+<%- end -%>
+end

data/lib/generators/kickoff/authentication/templates/tests/rspec/users_controller.rb ADDED Viewed

@@ -0,0 +1,56 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe <%= user_plural_class_name %>Controller do
+  fixtures :all
+  render_views
+  it "new action should render new template" do
+    get :new
+    response.should render_template(:new)
+  end
+  it "create action should render new template when model is invalid" do
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+    post :create
+    response.should render_template(:new)
+  end
+  it "create action should redirect when model is valid" do
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+    post :create
+    response.should redirect_to(root_url)
+  <%- unless options[:authlogic] -%>
+    session['<%= user_singular_name %>_id'].should == assigns['<%= user_singular_name %>'].id
+  <%- end -%>
+  end
+  it "edit action should redirect when not logged in" do
+    get :edit, :id => "ignored"
+    response.should redirect_to(login_url)
+  end
+  it "edit action should render edit template" do
+    @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+    get :edit, :id => "ignored"
+    response.should render_template(:edit)
+  end
+  it "update action should redirect when not logged in" do
+    put :update, :id => "ignored"
+    response.should redirect_to(login_url)
+  end
+  it "update action should render edit template when <%= user_singular_name %> is invalid" do
+    @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+    put :update, :id => "ignored"
+    response.should render_template(:edit)
+  end
+  it "update action should redirect when <%= user_singular_name %> is valid" do
+    @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+    <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+    put :update, :id => "ignored"
+    response.should redirect_to(root_url)
+  end
+end

data/lib/generators/kickoff/authentication/templates/tests/shoulda/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,40 @@
+require 'test_helper'
+class <%= session_plural_class_name %>ControllerTest < ActionController::TestCase
+  context "new action" do
+    should "render new template" do
+      get :new
+      assert_template 'new'
+    end
+  end
+  context "create action" do
+  <%- if options[:authlogic] -%>
+    should "render new template when authentication is invalid" do
+      post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+      assert_template 'new'
+      assert_nil <%= session_class_name %>.find
+    end
+    should "redirect when authentication is valid" do
+      post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+      assert_redirected_to root_url
+      assert_equal <%= user_plural_name %>(:foo), <%= session_class_name %>.find.<%= user_singular_name %>
+    end
+  <%- else -%>
+    should "render new template when authentication is invalid" do
+      <%= user_class_name %>.stubs(:authenticate).returns(nil)
+      post :create
+      assert_template 'new'
+      assert_nil session['<%= user_singular_name %>_id']
+    end
+    should "redirect when authentication is valid" do
+      <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+      post :create
+      assert_redirected_to root_url
+      assert_equal <%= user_class_name %>.first.id, session['<%= user_singular_name %>_id']
+    end
+  <%- end -%>
+  end
+end

data/lib/generators/kickoff/authentication/templates/tests/shoulda/user.rb ADDED Viewed

@@ -0,0 +1,85 @@
+require 'test_helper'
+class <%= user_class_name %>Test < ActiveSupport::TestCase
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_singular_name %> = <%= user_class_name %>.new(attributes)
+    <%= user_singular_name %>.valid? # run validations
+    <%= user_singular_name %>
+  end
+  def setup
+    <%= user_class_name %>.delete_all
+  end
+  should "be valid" do
+    assert new_<%= user_singular_name %>.valid?
+  end
+  should "require username" do
+    assert_equal ["can't be blank"], new_<%= user_singular_name %>(:username => '').errors[:username]
+  end
+  should "require password" do
+    assert_equal ["can't be blank"], new_<%= user_singular_name %>(:password => '').errors[:password]
+  end
+  should "require well formed email" do
+    assert_equal ["is invalid"], new_<%= user_singular_name %>(:email => 'foo@bar@example.com').errors[:email]
+  end
+  should "validate uniqueness of email" do
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    assert_equal ["has already been taken"], new_<%= user_singular_name %>(:email => 'bar@example.com').errors[:email]
+  end
+  should "validate uniqueness of username" do
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    assert_equal ["has already been taken"], new_<%= user_singular_name %>(:username => 'uniquename').errors[:username]
+  end
+  should "not allow odd characters in username" do
+    assert_equal ["should only contain letters, numbers, or .-_@"], new_<%= user_singular_name %>(:username => 'odd ^&(@)').errors[:username]
+  end
+  should "validate password is longer than 3 characters" do
+    assert_equal ["is too short (minimum is 4 characters)"], new_<%= user_singular_name %>(:password => 'bad').errors[:password]
+  end
+  should "require matching password confirmation" do
+    assert_equal ["doesn't match confirmation"], new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
+  end
+  should "generate password hash and salt on create" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    assert <%= user_singular_name %>.password_hash
+    assert <%= user_singular_name %>.password_salt
+  end
+  should "authenticate by username" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foobar', 'secret')
+  end
+  should "authenticate by email" do
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foo@bar.com', 'secret')
+  end
+  should "not authenticate bad username" do
+    assert_nil <%= user_class_name %>.authenticate('nonexisting', 'secret')
+  end
+  should "not authenticate bad password" do
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    assert_nil <%= user_class_name %>.authenticate('foobar', 'badpassword')
+  end
+<%- end -%>
+end

data/lib/generators/kickoff/authentication/templates/tests/shoulda/users_controller.rb ADDED Viewed

@@ -0,0 +1,61 @@
+require 'test_helper'
+class <%= user_plural_class_name %>ControllerTest < ActionController::TestCase
+  context "new action" do
+    should "render new template" do
+      get :new
+      assert_template 'new'
+    end
+  end
+  context "create action" do
+    should "render new template when <%= user_singular_name %> is invalid" do
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+      post :create
+      assert_template 'new'
+    end
+    should "redirect when <%= user_singular_name %> is valid" do
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+      post :create
+      assert_redirected_to root_url
+    <%- unless options[:authlogic] -%>
+      assert_equal assigns['<%= user_singular_name %>'].id, session['<%= user_singular_name %>_id']
+    <%- end -%>
+    end
+  end
+  context "edit action" do
+    should "redirect when not logged in" do
+      get :edit, :id => "ignored"
+      assert_redirected_to login_url
+    end
+    should "render edit template" do
+      @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+      get :edit, :id => "ignored"
+      assert_template 'edit'
+    end
+  end
+  context "update action" do
+    should "redirect when not logged in" do
+      put :update, :id => "ignored"
+      assert_redirected_to login_url
+    end
+    should "render edit template when <%= user_singular_name %> is invalid" do
+      @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(false)
+      put :update, :id => "ignored"
+      assert_template 'edit'
+    end
+    should "redirect when <%= user_singular_name %> is valid" do
+      @controller.stubs(:current_<%= user_singular_name %>).returns(<%= user_class_name %>.first)
+      <%= user_class_name %>.any_instance.stubs(:valid?).returns(true)
+      put :update, :id => "ignored"
+      assert_redirected_to root_url
+    end
+  end
+end

data/lib/generators/kickoff/authentication/templates/tests/testunit/sessions_controller.rb ADDED Viewed

@@ -0,0 +1,36 @@
+require 'test_helper'
+class <%= session_plural_class_name %>ControllerTest < ActionController::TestCase
+  def test_new
+    get :new
+    assert_template 'new'
+  end
+<%- if options[:authlogic] -%>
+  def test_create_invalid
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "badpassword" }
+    assert_template 'new'
+    assert_nil <%= session_class_name %>.find
+  end
+  def test_create_valid
+    post :create, :<%= session_singular_name %> => { :username => "foo", :password => "secret" }
+    assert_redirected_to root_url
+    assert_equal <%= user_plural_name %>(:foo), <%= session_class_name %>.find.<%= user_singular_name %>
+  end
+<%- else -%>
+  def test_create_invalid
+    <%= user_class_name %>.stubs(:authenticate).returns(nil)
+    post :create
+    assert_template 'new'
+    assert_nil session['<%= user_singular_name %>_id']
+  end
+  def test_create_valid
+    <%= user_class_name %>.stubs(:authenticate).returns(<%= user_class_name %>.first)
+    post :create
+    assert_redirected_to root_url
+    assert_equal <%= user_class_name %>.first.id, session['<%= user_singular_name %>_id']
+  end
+<%- end -%>
+end

data/lib/generators/kickoff/authentication/templates/tests/testunit/user.rb ADDED Viewed

@@ -0,0 +1,88 @@
+require 'test_helper'
+class <%= user_class_name %>Test < ActiveSupport::TestCase
+<%- unless options[:authlogic] -%>
+  def new_<%= user_singular_name %>(attributes = {})
+    attributes[:username] ||= 'foo'
+    attributes[:email] ||= 'foo@example.com'
+    attributes[:password] ||= 'abc123'
+    attributes[:password_confirmation] ||= attributes[:password]
+    <%= user_singular_name %> = <%= user_class_name %>.new(attributes)
+    <%= user_singular_name %>.valid? # run validations
+    <%= user_singular_name %>
+  end
+  def setup
+    <%= user_class_name %>.delete_all
+  end
+  def test_valid
+    assert new_<%= user_singular_name %>.valid?
+  end
+  def test_require_username
+    assert_equal ["can't be blank"], new_<%= user_singular_name %>(:username => '').errors[:username]
+  end
+  def test_require_password
+    assert_equal ["can't be blank"], new_<%= user_singular_name %>(:password => '').errors[:password]
+  end
+  def test_require_well_formed_email
+    assert_equal ["is invalid"], new_<%= user_singular_name %>(:email => 'foo@bar@example.com').errors[:email]
+  end
+  def test_validate_uniqueness_of_email
+    new_<%= user_singular_name %>(:email => 'bar@example.com').save!
+    assert_equal ["has already been taken"], new_<%= user_singular_name %>(:email => 'bar@example.com').errors[:email]
+  end
+  def test_validate_uniqueness_of_username
+    new_<%= user_singular_name %>(:username => 'uniquename').save!
+    assert_equal ["has already been taken"], new_<%= user_singular_name %>(:username => 'uniquename').errors[:username]
+  end
+  def test_validate_odd_characters_in_username
+    assert_equal ["should only contain letters, numbers, or .-_@"], new_<%= user_singular_name %>(:username => 'odd ^&(@)').errors[:username]
+  end
+  def test_validate_password_length
+    assert_equal ["is too short (minimum is 4 characters)"], new_<%= user_singular_name %>(:password => 'bad').errors[:password]
+  end
+  def test_require_matching_password_confirmation
+    assert_equal ["doesn't match confirmation"], new_<%= user_singular_name %>(:password_confirmation => 'nonmatching').errors[:password]
+  end
+  def test_generate_password_hash_and_salt_on_create
+    <%= user_singular_name %> = new_<%= user_singular_name %>
+    <%= user_singular_name %>.save!
+    assert <%= user_singular_name %>.password_hash
+    assert <%= user_singular_name %>.password_salt
+  end
+  def test_authenticate_by_username
+    <%= user_class_name %>.delete_all
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foobar', 'secret')
+  end
+  def test_authenticate_by_email
+    <%= user_class_name %>.delete_all
+    <%= user_singular_name %> = new_<%= user_singular_name %>(:email => 'foo@bar.com', :password => 'secret')
+    <%= user_singular_name %>.save!
+    assert_equal <%= user_singular_name %>, <%= user_class_name %>.authenticate('foo@bar.com', 'secret')
+  end
+  def test_authenticate_bad_username
+    assert_nil <%= user_class_name %>.authenticate('nonexisting', 'secret')
+  end
+  def test_authenticate_bad_password
+    <%= user_class_name %>.delete_all
+    new_<%= user_singular_name %>(:username => 'foobar', :password => 'secret').save!
+    assert_nil <%= user_class_name %>.authenticate('foobar', 'badpassword')
+  end
+<%- end -%>
+end