letmein 0.0.0

data/Gemfile

@@ -0,0 +1,13 @@
+source "http://rubygems.org"
+
+gem 'activerecord', '>=3.0.0'
+gem 'bcrypt-ruby', :require => 'bcrypt'
+
+group :development do
+  gem 'bundler', '~> 1.0.0'
+  gem 'jeweler', '~> 1.5.2'
+end
+
+group :test do
+  gem 'sqlite3'
+end

data/Gemfile.lock

@@ -0,0 +1,35 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    activemodel (3.0.5)
+      activesupport (= 3.0.5)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.5)
+      activemodel (= 3.0.5)
+      activesupport (= 3.0.5)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activesupport (3.0.5)
+    arel (2.0.9)
+    bcrypt-ruby (2.1.4)
+    builder (2.1.2)
+    git (1.2.5)
+    i18n (0.5.0)
+    jeweler (1.5.2)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    rake (0.8.7)
+    sqlite3 (1.3.3)
+    tzinfo (0.3.25)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activerecord (>= 3.0.0)
+  bcrypt-ruby
+  bundler (~> 1.0.0)
+  jeweler (~> 1.5.2)
+  sqlite3

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Oleg Khabarov
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,72 @@
+letmein
+=======
+
+**letmein** is a minimalistic authentication plugin for Rails applications. It doesn't have anything other than the LetMeIn::Session object that you can use to authenticate logins.
+
+Setup
+=====
+Assuming the model you want to authenticate has fields: *email*, *password_hash* and *password_salt* all you need to add for that model is this:
+    
+    class User < ActiveRecord::Base
+      letmein
+    end
+    
+If you want to use *username* instead of *email* and if maybe you prefer naming to password and salt columns to something else do this:
+    
+    class User < ActiveRecord::Base
+      letmein :username, :encrypted_password, :salt
+    end
+    
+When creating/updating a user record you have access to *password* accessor.
+    
+    >> user = User.new(:email => 'example@example.com', :password => 'letmein')
+    >> user.save!
+    >> user.password_hash 
+    => $2a$10$0MeSaaE3I7.0FQ5ZDcKPJeD1.FzqkcOZfEKNZ/DNN.w8xOwuFdBCm
+    >> user.password_salt
+    => $2a$10$0MeSaaE3I7.0FQ5ZDcKPJe
+    
+Authentication
+==============
+
+You authenticate using LetMeIn::Session object. Example:
+    
+    >> session = LetMeIn::Session.new(:email => 'example@example.com', :password => 'letmein')
+    >> session.save
+    => true
+    >> session.user
+    => #<User id: 1, email: "example@example.com" ... >
+    
+When credentials are invalid:
+    
+    >> session = LetMeIn::Session.new(:email => 'example@example.com', :password => 'bad_password')
+    >> session.save
+    => false
+    >> session.user
+    => nil
+    
+Usage
+=====
+There are no built-in routes/controllers/views/helpers or anything. I'm confident you can do those yourself, because you're awesome. But here's an example how you can implement the controller handling the login:
+
+    class SessionsController < ApplicationController
+      def create
+        @session = LetMeIn::Session.new(params)
+        @session.save!
+        session[:user_id] = @session.user.id
+        flash[:notice] = "Welcome back #{@session.user.name}!"
+        redirect_to '/'
+      rescue LetMeIn::Error
+        flash.now[:error] = 'Invalid Credentials'
+        render :action => :new
+      end
+    end
+    
+Upon successful login you have access to *session[:user_id]*. The rest is up to you.
+
+Copyright
+=========
+(c) 2011 Oleg Khabarov, released under the MIT license
+
+
+    

data/Rakefile

@@ -0,0 +1,38 @@
+require 'rubygems'
+
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name        = 'letmein'
+  gem.homepage    = 'http://github.com/GBH/letmein'
+  gem.license     = 'MIT'
+  gem.summary     = 'minimalistic authentication'
+  gem.description = 'minimalistic authentication'
+  gem.email       = "oleg@khabarov.ca"
+  gem.authors     = ['Oleg Khabarov']
+  # Include your dependencies below. Runtime dependencies are required when using your gem,
+  # and development dependencies are only needed for development (ie running rake tasks, tests, etc)
+  #  gem.add_runtime_dependency 'jabber4r', '> 0.1'
+  #  gem.add_development_dependency 'rspec', '> 1.2.3'
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/*_test.rb'
+  test.verbose = true
+end
+
+task :default => :test

data/VERSION

@@ -0,0 +1 @@
+0.0.0

data/lib/letmein.rb

@@ -0,0 +1,108 @@
+require 'active_record'
+require 'bcrypt'
+
+module LetMeIn
+  
+  class Error < StandardError
+  end
+  
+  class Configuration
+    attr_accessor :model, :identifier, :password, :salt
+    
+    def initialize
+      @model      = nil
+      @identifier = 'email'
+      @password   = 'password_hash'
+      @salt       = 'password_salt'
+    end
+  end
+  
+  class Session
+    include ActiveModel::Validations
+    attr_accessor :identifier, :password, :authenticated_object
+    validate :authenticate
+    
+    def initialize(params = {})
+      self.identifier = params[:identifier] || params[LetMeIn.configuration.identifier.to_sym]
+      self.password   = params[:password]
+    end
+    
+    def save
+      self.valid?
+    end
+    
+    def save!
+      save || raise(LetMeIn::Error, 'Failed to authenticate')
+    end
+    
+    def self.create(params = {})
+      object = self.new(params)
+      object.save
+      object
+    end
+    
+    def self.create!(params = {})
+      object = self.new(params)
+      object.save!
+      object
+    end
+    
+    # Mapping to the identifier and authenticated object accessor
+    def method_missing(method_name, *args)
+      case method_name.to_s
+      when LetMeIn.configuration.identifier
+        self.identifier
+      when "#{LetMeIn.configuration.identifier}="
+        self.identifier = args[0]
+      when LetMeIn.configuration.model.underscore
+        self.authenticated_object
+      else
+        super
+      end
+    end
+    
+    def authenticate
+      object = LetMeIn.configuration.model.constantize.send("find_by_#{LetMeIn.configuration.identifier}", self.identifier)
+      self.authenticated_object = if object && object.send(LetMeIn.configuration.password) == BCrypt::Engine.hash_secret(self.password, object.send(LetMeIn.configuration.salt))
+        object
+      else
+        errors.add(:base, 'Failed to authenticate')
+        nil
+      end
+    end
+  end
+  
+  def self.configuration
+    @configuration ||= LetMeIn::Configuration.new
+  end
+  
+  module Model
+    def self.included(base)
+      base.extend ClassMethods
+    end
+    
+    module ClassMethods
+      def letmein(*args)
+        LetMeIn.configuration.model       = self.to_s
+        LetMeIn.configuration.identifier  = args[0].to_s if args[0]
+        LetMeIn.configuration.password    = args[1].to_s if args[1]
+        LetMeIn.configuration.salt        = args[2].to_s if args[2]
+        
+        attr_accessor :password
+        
+        before_save :encrypt_password
+        
+        class_eval %Q^
+          def encrypt_password
+            if password.present?
+              self.send("#{LetMeIn.configuration.salt}=", BCrypt::Engine.generate_salt)
+              self.send("#{LetMeIn.configuration.password}=", BCrypt::Engine.hash_secret(password, self.send(LetMeIn.configuration.salt)))
+            end
+          end
+        ^
+      end
+    end
+  end
+end
+
+ActiveRecord::Base.send :include, LetMeIn::Model

data/test/letmein_test.rb

@@ -0,0 +1,101 @@
+require 'test/unit'
+require 'active_record'
+require 'letmein'
+require 'sqlite3'
+
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => ':memory:')
+$stdout_orig = $stdout
+$stdout = StringIO.new
+
+class User < ActiveRecord::Base
+  # example values for password info:
+  #   pass: $2a$10$0MeSaaE3I7.0FQ5ZDcKPJeD1.FzqkcOZfEKNZ/DNN.w8xOwuFdBCm
+  #   salt: $2a$10$0MeSaaE3I7.0FQ5ZDcKPJe
+  letmein :username, :pass_crypt, :pass_salt
+end
+
+class LetMeInTest < Test::Unit::TestCase
+  def setup
+    ActiveRecord::Base.logger
+    ActiveRecord::Schema.define(:version => 1) do
+      create_table :users do |t|
+        t.column :username,   :string
+        t.column :pass_crypt, :string
+        t.column :pass_salt,  :string
+      end
+    end
+  end
+  
+  def teardown
+    ActiveRecord::Base.connection.tables.each do |table|
+      ActiveRecord::Base.connection.drop_table(table)
+    end
+  end
+  
+  def test_configuration_defaults
+    assert config = LetMeIn::Configuration.new
+    assert_equal nil,             config.model
+    assert_equal 'email',         config.identifier
+    assert_equal 'password_hash', config.password
+    assert_equal 'password_salt', config.salt
+  end
+  
+  def test_configuration_initialization
+    conf = LetMeIn.configuration
+    assert_equal 'User',        conf.model
+    assert_equal 'username',    conf.identifier
+    assert_equal 'pass_crypt',  conf.password
+    assert_equal 'pass_salt',   conf.salt
+  end
+  
+  def test_model_password_saving
+    user = User.new(:username => 'test', :password => 'test')
+    user.save!
+    user = User.find(user.id)
+    assert_equal nil, user.password
+    assert_match /.{60}/, user.pass_crypt
+    assert_match /.{29}/, user.pass_salt
+  end
+  
+  def test_session_initialization
+    session = LetMeIn::Session.new(:username => 'test_user', :password => 'test_pass')
+    assert_equal 'test_user', session.identifier
+    assert_equal 'test_user', session.username
+    assert_equal 'test_pass', session.password
+    
+    session.username = 'new_user'
+    assert_equal 'new_user', session.identifier
+    assert_equal 'new_user', session.username
+    
+    assert_equal nil, session.authenticated_object
+    assert_equal nil, session.user
+  end
+  
+  def test_session_authentication
+    user = User.create!(:username => 'test', :password => 'test')
+    session = LetMeIn::Session.create(:username => 'test', :password => 'test')
+    assert session.errors.blank?
+    assert_equal user, session.authenticated_object
+    assert_equal user, session.user
+  end
+  
+  def test_session_authentication_failure
+    user = User.create!(:username => 'test', :password => 'test')
+    session = LetMeIn::Session.create(:username => 'test', :password => 'bad_pass')
+    assert session.errors.present?
+    assert_equal 'Failed to authenticate', session.errors[:base].first
+    assert_equal nil, session.authenticated_object
+    assert_equal nil, session.user
+  end
+  
+  def test_session_authentication_exception
+    user = User.create!(:username => 'test', :password => 'test')
+    session = LetMeIn::Session.new(:username => 'test', :password => 'bad_pass')
+    begin
+      session.save!
+    rescue LetMeIn::Error => e
+      assert_equal 'Failed to authenticate', e.to_s
+    end
+    assert_equal nil, session.authenticated_object
+  end
+end

metadata

@@ -0,0 +1,130 @@
+--- !ruby/object:Gem::Specification 
+name: letmein
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 0
+  version: 0.0.0
+platform: ruby
+authors: 
+- Oleg Khabarov
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-03-24 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: activerecord
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 3
+        - 0
+        - 0
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: bcrypt-ruby
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  prerelease: false
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 0
+        - 0
+        version: 1.0.0
+  type: :development
+  prerelease: false
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: jeweler
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 5
+        - 2
+        version: 1.5.2
+  type: :development
+  prerelease: false
+  version_requirements: *id004
+description: minimalistic authentication
+email: oleg@khabarov.ca
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.md
+files: 
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- Rakefile
+- VERSION
+- lib/letmein.rb
+- test/letmein_test.rb
+has_rdoc: true
+homepage: http://github.com/GBH/letmein
+licenses: 
+- MIT
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: -4484474238260419459
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: minimalistic authentication
+test_files: 
+- test/letmein_test.rb