RubyGems - letmein - Versions diffs - 0.0.5 → 0.0.6 - Mend

letmein 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

data/README.md CHANGED Viewed

@@ -1,26 +1,29 @@
 letmein
 =======
-**letmein** is a minimalistic authentication plugin for Rails applications. It doesn't have anything other than the LetMeIn::Session object that you can use to authenticate logins.
+**letmein** is a minimalistic authentication plugin for Rails 3 applications. It doesn't have anything other than the UserSession (or WhateverSession) object that you can use to authenticate logins.
 Setup
 =====
-Assuming the model you want to authenticate has fields: *email*, *password_hash* and *password_salt* all you need to add for that model is this:
-    class User < ActiveRecord::Base
-      letmein
-    end
-If you want to use *username* instead of *email* and if maybe you prefer naming from password and salt columns to something else do this:
+Plug the thing below into Gemfile and you know what to do after.
+    gem 'letmein'
+If you want to authenticate *User* with database fields *email*, *password_hash* and *password_salt* you don't need to do anything. If you're authenticating something else, you want something like this in your initializers:
-    class User < ActiveRecord::Base
-      letmein :username, :encrypted_password, :salt
-    end
+    LetMeIn.initialize(
+      :model      => 'Account',
+      :identifier => 'username',
+      :password   => 'password_crypt',
+      :salt       => 'salty_salt
+    )
-When creating/updating a user record you have access to *password* accessor.
+When creating/updating a record you have access to *password* accessor.
     >> user = User.new(:email => 'example@example.com', :password => 'letmein')
     >> user.save!
+    => true
     >> user.password_hash
     => $2a$10$0MeSaaE3I7.0FQ5ZDcKPJeD1.FzqkcOZfEKNZ/DNN.w8xOwuFdBCm
     >> user.password_salt
@@ -29,9 +32,9 @@ When creating/updating a user record you have access to *password* accessor.
 Authentication
 ==============
-You authenticate using LetMeIn::Session object. Example:
+You authenticate using UserSession object. Example:
-    >> session = LetMeIn::Session.new(:email => 'example@example.com', :password => 'letmein')
+    >> session = UserSession.new(:email => 'example@example.com', :password => 'letmein')
     >> session.save
     => true
     >> session.user
@@ -39,7 +42,7 @@ You authenticate using LetMeIn::Session object. Example:
 When credentials are invalid:
-    >> session = LetMeIn::Session.new(:email => 'example@example.com', :password => 'bad_password')
+    >> session = UserSession.new(:email => 'example@example.com', :password => 'bad_password')
     >> session.save
     => false
     >> session.user
@@ -47,15 +50,17 @@ When credentials are invalid:
 Usage
 =====
 There are no built-in routes/controllers/views/helpers or anything. I'm confident you can do those yourself, because you're awesome. But here's an example how you can implement the controller handling the login:
     class SessionsController < ApplicationController
       def create
-        @session = LetMeIn::Session.new(params)
+        @session = UserSession.new(params[:user_session])
         @session.save!
         session[:user_id] = @session.user.id
         flash[:notice] = "Welcome back #{@session.user.name}!"
         redirect_to '/'
       rescue LetMeIn::Error
         flash.now[:error] = 'Invalid Credentials'
         render :action => :new
@@ -64,9 +69,17 @@ There are no built-in routes/controllers/views/helpers or anything. I'm confiden
 Upon successful login you have access to *session[:user_id]*. The rest is up to you.
-Copyright
-=========
-(c) 2011 Oleg Khabarov, released under the MIT license
+Authenticating Multiple Models
+==============================
+Yes, you can do that too. Let's assume you also want to authenticate admins that don't have email addresses, but have usernames.
+    LetMeIn.initialize(
+      :model      => ['User', 'Admin'],
+      :identifier => ['email', 'username']
+    )
+Bam! You're done. Now you have an AdminSession object that will use *username* and *password* to authenticate.
+Copyright
+=========
+(c) 2011 Oleg Khabarov, released under the MIT license

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.5
1	+ 0.0.6

data/letmein.gemspec CHANGED Viewed

@@ -5,11 +5,11 @@
 Gem::Specification.new do |s|
   s.name = %q{letmein}
-  s.version = "0.0.5"
+  s.version = "0.0.6"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Oleg Khabarov"]
-  s.date = %q{2011-03-27}
+  s.date = %q{2011-03-28}
   s.description = %q{minimalistic authentication}
   s.email = %q{oleg@khabarov.ca}
   s.extra_rdoc_files = [

data/lib/letmein.rb CHANGED Viewed

@@ -3,15 +3,7 @@ require 'bcrypt'
 module LetMeIn
-  mattr_accessor :model, :identifier, :password, :salt
-  def self.initialize(params = {})
-    @@model       = params[:model]      || 'User'
-    @@identifier  = params[:identifier] || 'email'
-    @@password    = params[:password]   || 'password_hash'
-    @@salt        = params[:salt]       || 'password_salt'
-    @@model.constantize.send :include, LetMeIn::Model
-  end
+  Error = Class.new StandardError
   class Railtie < Rails::Railtie
     config.after_initialize do
@@ -19,7 +11,81 @@ module LetMeIn
     end
   end
-  class Error < StandardError
+  mattr_accessor :models, :identifiers, :passwords, :salts
+  def self.initialize(params = {})
+    @@models      = [params[:model]      || 'User'          ].flatten
+    @@identifiers = [params[:identifier] || 'email'         ].flatten
+    @@passwords   = [params[:password]   || 'password_hash' ].flatten
+    @@salts       = [params[:salt]       || 'password_salt' ].flatten
+    def self.accessor(name, index = 0)
+      name = name.to_s.pluralize
+      self.send(name)[index] || self.send(name)[0]
+    end
+    @@models.each do |model|
+      model.constantize.send :include, LetMeIn::Model
+      Object.const_set("#{model.to_s.camelize}Session", Class.new do
+        include ActiveModel::Validations
+        attr_accessor :identifier, :password, :authenticated_object
+        validate :authenticate
+        def initialize(params = { })
+          unless params.blank?
+            i = LetMeIn.accessor(:identifier, LetMeIn.models.index(self.class.to_s.gsub('Session','')))
+            self.identifier = params[:identifier] || params[i.to_sym]
+            self.password   = params[:password]
+          end
+        end
+        def save
+          self.valid?
+        end
+        def save!
+          save || raise(LetMeIn::Error, 'Failed to authenticate')
+        end
+        def self.create(params = {})
+          object = self.new(params); object.save; object
+        end
+        def self.create!(params = {})
+          object = self.new(params); object.save!; object
+        end
+        def method_missing(method_name, *args)
+          m = self.class.to_s.gsub('Session','')
+          i = LetMeIn.accessor(:identifier, LetMeIn.models.index(m))
+          case method_name.to_s
+            when i            then self.identifier
+            when "#{i}="      then self.identifier = args[0]
+            when m.underscore then self.authenticated_object
+            else super
+          end
+        end
+        def authenticate
+          m = self.class.to_s.gsub('Session','')
+          i = LetMeIn.accessor(:identifier, LetMeIn.models.index(m))
+          p = LetMeIn.accessor(:password, LetMeIn.models.index(m))
+          s = LetMeIn.accessor(:password, LetMeIn.models.index(m))
+          object = m.constantize.send("find_by_#{i}", self.identifier)
+          self.authenticated_object = if object && object.send(p) == BCrypt::Engine.hash_secret(self.password, object.send(s))
+            object
+          else
+            errors.add :base, 'Failed to authenticate'
+            nil
+          end
+        end
+        def to_key
+          nil
+        end
+      end)
+    end
   end
   module Model
@@ -27,74 +93,16 @@ module LetMeIn
       base.instance_eval do
         attr_accessor :password
         before_save :encrypt_password
-      end
-      base.class_eval do
-        class_eval %Q^
-          def encrypt_password
-            if password.present?
-              self.send("#{LetMeIn.salt}=", BCrypt::Engine.generate_salt)
-              self.send("#{LetMeIn.password}=", BCrypt::Engine.hash_secret(password, self.send(LetMeIn.salt)))
-            end
+        define_method :encrypt_password do
+          if password.present?
+            p = LetMeIn.accessor(:password, LetMeIn.models.index(self.class.to_s))
+            s = LetMeIn.accessor(:salt, LetMeIn.models.index(self.class.to_s))
+            self.send("#{s}=", BCrypt::Engine.generate_salt)
+            self.send("#{p}=", BCrypt::Engine.hash_secret(password, self.send(s)))
           end
-        ^
-      end
-    end
-  end
-  class Session
-    include ActiveModel::Validations
-    attr_accessor :identifier, :password, :authenticated_object
-    validate :authenticate
-    def initialize(params = { })
-      unless params.blank?
-        self.identifier = params[:identifier] || params[LetMeIn.identifier.to_sym]
-        self.password   = params[:password]
+        end
       end
     end
-    def save
-      self.valid?
-    end
-    def save!
-      save || raise(LetMeIn::Error, 'Failed to authenticate')
-    end
-    def self.create(params = {})
-      object = self.new(params)
-      object.save
-      object
-    end
-    def self.create!(params = {})
-      object = self.new(params)
-      object.save!
-      object
-    end
-    # Mapping to the identifier and authenticated object accessor
-    def method_missing(method_name, *args)
-      case method_name.to_s
-        when LetMeIn.identifier       then self.identifier
-        when "#{LetMeIn.identifier}=" then self.identifier = args[0]
-        when LetMeIn.model.underscore then self.authenticated_object
-        else super
-      end
-    end
-    def authenticate
-      object = LetMeIn.model.constantize.send("find_by_#{LetMeIn.identifier}", self.identifier)
-      self.authenticated_object = if object && object.send(LetMeIn.password) == BCrypt::Engine.hash_secret(self.password, object.send(LetMeIn.salt))
-        object
-      else
-        errors.add(:base, 'Failed to authenticate')
-        nil
-      end
-    end
-    def to_key
-      nil
-    end
   end
 end

data/test/letmein_test.rb CHANGED Viewed

@@ -7,11 +7,8 @@ ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => ':me
 $stdout_orig = $stdout
 $stdout = StringIO.new
-class User < ActiveRecord::Base
-  # example values for password info:
-  #   pass: $2a$10$0MeSaaE3I7.0FQ5ZDcKPJeD1.FzqkcOZfEKNZ/DNN.w8xOwuFdBCm
-  #   salt: $2a$10$0MeSaaE3I7.0FQ5ZDcKPJe
-end
+class User  < ActiveRecord::Base ; end
+class Admin < ActiveRecord::Base ; end
 class LetMeInTest < Test::Unit::TestCase
   def setup
@@ -22,22 +19,35 @@ class LetMeInTest < Test::Unit::TestCase
         t.column :password_hash,  :string
         t.column :password_salt,  :string
       end
+      create_table :admins do |t|
+        t.column :username,   :string
+        t.column :pass_hash,  :string
+        t.column :pass_salt,  :string
+      end
     end
-    LetMeIn.initialize
+    LetMeIn.initialize(
+      :model      => ['User', 'Admin'],
+      :identifier => ['email', 'username'],
+      :password   => ['password_hash', 'pass_hash'],
+      :salt       => ['password_salt', 'pass_salt']
+    )
     User.create!(:email => 'test@test.test', :password => 'test')
+    Admin.create!(:username => 'admin', :password => 'test')
   end
   def teardown
     ActiveRecord::Base.connection.tables.each do |table|
       ActiveRecord::Base.connection.drop_table(table)
     end
+    Object.send(:remove_const, :UserSession)
+    Object.send(:remove_const, :AdminSession)
   end
   def test_configuration_initialization
-    assert_equal 'User',          LetMeIn.model
-    assert_equal 'email',         LetMeIn.identifier
-    assert_equal 'password_hash', LetMeIn.password
-    assert_equal 'password_salt', LetMeIn.salt
+    assert_equal ['User', 'Admin'],               LetMeIn.models
+    assert_equal ['email', 'username'],           LetMeIn.identifiers
+    assert_equal ['password_hash', 'pass_hash'],  LetMeIn.passwords
+    assert_equal ['password_salt', 'pass_salt'],  LetMeIn.salts
   end
   def test_model_password_saving
@@ -47,8 +57,15 @@ class LetMeInTest < Test::Unit::TestCase
     assert_match /.{29}/, user.password_salt
   end
+  def test_model_password_saving_secondary
+    user = Admin.first
+    assert_equal nil, user.password
+    assert_match /.{60}/, user.pass_hash
+    assert_match /.{29}/, user.pass_salt
+  end
   def test_session_initialization
-    session = LetMeIn::Session.new(:email => 'test@test.test', :password => 'test_pass')
+    session = UserSession.new(:email => 'test@test.test', :password => 'test_pass')
     assert_equal 'test@test.test', session.identifier
     assert_equal 'test@test.test', session.email
     assert_equal 'test_pass', session.password
@@ -61,15 +78,36 @@ class LetMeInTest < Test::Unit::TestCase
     assert_equal nil, session.user
   end
+  def test_session_initialization_secondary
+    session = AdminSession.new(:username => 'admin', :password => 'test_pass')
+    assert_equal 'admin', session.identifier
+    assert_equal 'admin', session.username
+    assert_equal 'test_pass', session.password
+    session.username = 'new_admin'
+    assert_equal 'new_admin', session.identifier
+    assert_equal 'new_admin', session.username
+    assert_equal nil, session.authenticated_object
+    assert_equal nil, session.admin
+  end
   def test_session_authentication
-    session = LetMeIn::Session.create(:email => User.first.email, :password => 'test')
+    session = UserSession.create(:email => User.first.email, :password => 'test')
     assert session.errors.blank?
     assert_equal User.first, session.authenticated_object
     assert_equal User.first, session.user
   end
+  def test_session_authentication_secondary
+    session = AdminSession.create(:username => Admin.first.username, :password => 'test')
+    assert session.errors.blank?
+    assert_equal Admin.first, session.authenticated_object
+    assert_equal Admin.first, session.admin
+  end
   def test_session_authentication_failure
-    session = LetMeIn::Session.create(:email => User.first.email, :password => 'bad_pass')
+    session = UserSession.create(:email => User.first.email, :password => 'bad_pass')
     assert session.errors.present?
     assert_equal 'Failed to authenticate', session.errors[:base].first
     assert_equal nil, session.authenticated_object
@@ -77,7 +115,7 @@ class LetMeInTest < Test::Unit::TestCase
   end
   def test_session_authentication_exception
-    session = LetMeIn::Session.new(:email => User.first.email, :password => 'bad_pass')
+    session = UserSession.new(:email => User.first.email, :password => 'bad_pass')
     begin
       session.save!
     rescue LetMeIn::Error => e

metadata CHANGED Viewed

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments:
   - 0
   - 0
-  - 5
-  version: 0.0.5
+  - 6
+  version: 0.0.6
 platform: ruby
 authors:
 - Oleg Khabarov
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-03-27 00:00:00 -04:00
+date: 2011-03-28 00:00:00 -04:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
@@ -108,7 +108,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      hash: 2972491954571850709
+      hash: 833678063283115753
       segments:
       - 0
       version: "0"