lobby 0.0.1a

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2013 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,3 @@
+= Lobby
+
+This project rocks and uses MIT-LICENSE.

data/Rakefile

@@ -0,0 +1,34 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Lobby'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/assets/javascripts/lobby/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/app/assets/stylesheets/lobby/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/app/controllers/lobby/application_controller.rb

@@ -0,0 +1,3 @@
+class Lobby::ApplicationController < ApplicationController
+
+end

data/app/controllers/lobby/application_controller.rb~

@@ -0,0 +1,6 @@
+module Lobby
+  class ApplicationController < ActionController::Base
+    protect_from_forgery
+    include Authentication
+  end
+end

data/app/controllers/lobby/confirmation_controller.rb

@@ -0,0 +1,46 @@
+module Lobby
+  class ConfirmationController < ApplicationController
+
+    def registration
+      @user = User.where( :signup_token => params[:token] ).first unless params[:token].nil?
+
+      if @user
+        @user.confirm_signup!
+        redirect_to log_in_url, flash: { success: t( 'confirmation.registration.flash.success' ) }
+      else
+        flash.now[:notice] = t( 'confirmation.registration.flash.error') if params[:token]
+      end
+    end
+
+    #
+    # User has lost email with signup token. we send this email again.
+    #
+
+    def resend_signup_token
+      flash[:notice] = nil
+      @user = User.find_by_email(params[:email])
+      if @user && @user.authenticate(params[:password])
+        if @user.resend_signup_token
+          redirect_to log_in_url, flash: { success: t( 'confirmation.resend_signup_token.flash.success' ) }
+        else
+          redirect_to log_in_url, flash: { danger: t( 'confirmation.resend_signup_token.flash.error' ) }
+        end
+      end
+    end
+
+
+    def new_email
+      @user = User.find_by_new_email_token( params[:token] ) unless params[:token].nil?
+      if @user
+        if @user.confirm_new_email!
+          redirect_to( root_url, :notice => t( '.flash.success' ))
+        else
+          flash[:notice] = t( '.flash.error' )
+        end
+      else
+        render :new_email_token
+      end
+    end
+
+  end
+end

data/app/controllers/lobby/confirmation_controller.rb~

@@ -0,0 +1,44 @@
+class ConfirmationController < ApplicationController
+
+  def registration
+    @user = User.where( :signup_token => params[:token] ).first unless params[:token].nil?
+
+    if @user
+      @user.confirm_signup!
+      redirect_to log_in_url, flash: { success: t( 'confirmation.registration.flash.success' ) }
+    else
+      flash.now[:notice] = t( 'confirmation.registration.flash.error') if params[:token]
+    end
+  end
+
+  #
+  # User has lost email with signup token. we send this email again.
+  #
+
+  def resend_signup_token
+    flash[:notice] = nil
+    @user = User.find_by_email(params[:email])
+    if @user && @user.authenticate(params[:password])
+      if @user.resend_signup_token
+        redirect_to log_in_url, flash: { success: t( 'confirmation.resend_signup_token.flash.success' ) }
+      else
+        redirect_to log_in_url, flash: { danger: t( 'confirmation.resend_signup_token.flash.error' ) }
+      end
+    end
+  end
+
+
+  def new_email
+    @user = User.find_by_new_email_token( params[:token] ) unless params[:token].nil?
+    if @user
+      if @user.confirm_new_email!
+        redirect_to( root_url, :notice => t( '.flash.success' ))
+      else
+        flash[:notice] = t( '.flash.error' )
+      end
+    else
+      render :new_email_token
+    end
+  end
+
+end

data/app/controllers/lobby/password_forgotten_controller.rb

@@ -0,0 +1,48 @@
+module Lobby
+  class PasswordForgottenController < ApplicationController
+
+    before_action :check_token, only: [:new, :create]
+
+    def new
+    end
+
+    def create
+      if @password_forgotten_form.submit(password_forgotten_form_params)
+        flash[:success] = t('.notice.success')
+        redirect_to log_in_url
+      else
+        render "new"
+      end
+    end
+
+    def order_new_password
+      if params[:email]
+        @user = User.where( :email => params[:email] ).first
+        if @user && @user.send_password_reset
+          # nothing special. Send always the same notice. so you can prevent from e-mail-guessing.
+        else
+          puts "*******************************"
+          puts "An non-existing email was given"
+          puts "*******************************"
+        end
+        flash[:success] = t( '.flash.success' )
+        redirect_to log_in_url
+      end
+    end
+
+
+    def check_token
+      @token = params[:token]
+      @password_forgotten_form = PasswordForgottenForm.new(@token)
+
+      if @password_forgotten_form.user.blank?
+        render :recover_password_auth
+        false
+      end
+    end
+
+    def password_forgotten_form_params
+      params.require(:password_forgotten_form).permit(:new_password, :new_password_confirmation)
+    end
+  end
+end

data/app/controllers/lobby/password_forgotten_controller.rb~

@@ -0,0 +1,48 @@
+module Lobby
+  class PasswordForgottenController < ApplicationController
+
+    before_action :check_token, only: [:new, :create]
+
+    def new
+    end
+
+    def create
+      if @password_forgotten_form.submit(password_forgotten_form_params)
+        flash[:success] = t('.notice.success')
+        redirect_to log_in_url
+      else
+        render "new"
+      end
+    end
+
+    def order_new_password
+      if params[:email]
+        @user = User.where( :email => params[:email] ).first
+        if @user && @user.send_password_reset
+          # nothing special. Send always the same notice. so you can prevent from e-mail-guessing.
+        else
+          puts "*******************************"
+          puts "An non-existing email was given"
+          puts "*******************************"
+        end
+        flash[:success] = t( '.flash.success' )
+        redirect_to log_in_url
+      end
+    end
+
+
+    def check_token
+      @token = params[:token]
+      @password_forgotten_form = Lobby::PasswordForgottenForm.new(@token)
+
+      if @password_forgotten_form.user.blank?
+        render :recover_password_auth
+        false
+      end
+    end
+
+    def password_forgotten_form_params
+      params.require(:password_forgotten_form).permit(:new_password, :new_password_confirmation)
+    end
+  end
+end

data/app/controllers/lobby/sessions_controller.rb

@@ -0,0 +1,33 @@
+module Lobby
+  class SessionsController < ApplicationController
+    def new
+    end
+
+    def create
+      @user = User.where('email = ? OR username = ?', params[:email], params[:email]).first
+      if @user && @user.authenticate(params[:password])
+        if @user.confirmed?
+          if @user.active?
+            session[:user_id] = @user.id
+            flash.now[:success] = t( 'sessions.create.flash.success' )
+            redirect_to root_url
+          else
+            flash.now[:danger] = t( 'sessions.create.flash.error.not_active' )
+            redirect_to log_in_url
+          end
+        else
+          flash.now[:danger] = t( 'sessions.create.flash.error.not_confirmed' )
+          redirect_to confirm_url( :action => "registration" )
+        end
+      else
+        flash.now[:danger] = t( 'sessions.create.flash.error.wrong_password_or_email' )
+        render :new
+      end
+    end
+
+    def destroy
+      session[:user_id] = nil
+      redirect_to root_url, flash: {success: t( 'sessions.destroy.success' ) }
+    end
+  end
+end

data/app/controllers/lobby/sessions_controller.rb~

@@ -0,0 +1,33 @@
+module Lobby
+  class SessionsController < ApplicationController
+    def new
+    end
+
+    def create
+      @user = User.where('email = ? OR username = ?', params[:email], params[:email]).first
+      if @user && @user.authenticate(params[:password])
+        if @user.confirmed?
+          if @user.active?
+            session[:user_id] = @user.id
+            flash.now[:success] = t( 'sessions.create.flash.success' )
+            redirect_to root_url
+          else
+            flash.now[:danger] = t( 'sessions.create.flash.error.not_active' )
+            redirect_to log_in_url
+          end
+        else
+          flash.now[:danger] = t( 'sessions.create.flash.error.not_confirmed' )
+          redirect_to confirm_url( :action => "registration" )
+        end
+      else
+        flash.now[:danger] = t( 'sessions.create.flash.error.wrong_password_or_email' )
+        render :new
+      end
+    end
+
+    def destroy
+      session[:user_id] = nil
+      redirect_to root_url, flash: {success: t( 'sessions.destroy.success' ) }
+    end
+  end
+end

data/app/controllers/lobby/users_controller.rb

@@ -0,0 +1,23 @@
+module Lobby
+  class UsersController < ApplicationController
+
+    def new
+      @user = User.new
+    end
+
+    def create
+      @user = User.new(user_params)
+      if @user.save
+        redirect_to log_in_url, flash: {success: t( '.success' ) }
+        @user.send_registration
+      else
+        render :new
+      end
+    end
+
+    def user_params
+      params.require(:user).permit(:email, :username, :password, :password_confirmation)
+    end
+
+  end
+end

data/app/controllers/lobby/users_controller.rb~

@@ -0,0 +1,23 @@
+module Lobby
+  class UsersController < ApplicationController
+
+    def new
+      @user = User.new
+    end
+
+    def create
+      @user = User.new(user_params)
+      if @user.save
+        redirect_to log_in_url, flash: {success: t( '.success' ) }
+        @user.send_registration
+      else
+        render :new
+      end
+    end
+
+    def user_params
+      params.require(:user).permit(:email, :username, :password, :password_confirmation)
+    end
+
+  end
+end

data/app/forms/password_forgotten_form.rb

@@ -0,0 +1,5 @@
+module Lobby
+  class PasswordForgottenForm < PasswordForgottenFormAbstract
+    USER_CLASS = "User"
+  end
+end

data/app/forms/password_forgotten_form.rb~

@@ -0,0 +1,5 @@
+module Lobby
+  class PasswordForgottenForm < Lobby::PasswordForgottenFormAbstract
+    USER_CLASS = "User"
+  end
+end

data/app/helpers/lobby/application_helper.rb

@@ -0,0 +1,4 @@
+module Lobby
+  module ApplicationHelper
+  end
+end

data/app/mailers/confirmation_mailer.rb

@@ -0,0 +1,30 @@
+module Lobby
+  class ConfirmationMailer < ActionMailer::Base
+
+    helper :application
+
+    default :from => APP_CONFIG['registration_mailer']['from']
+
+    def registration( user )
+      @confirmation_url = confirm_url( :registration, user.signup_token )
+      mail( :to => user.email, :subject => t( 'confirmation_mailer.registration.subject' ))
+    end
+
+    def resend_signup_token( user )
+      @user = user
+      @confirmation_url = confirm_url( :registration, @user.signup_token )
+      mail( :to => user.email, :subject => t( 'confirmation_mailer.resend_signup_token.subject' ))
+    end
+
+    def send_password_reset( user )
+      @confirmation_url = recover_password_form_url( :token => user.password_token )
+      mail( :to => user.email, :subject => t( 'confirmation_mailer.send_password_reset.subject' ))
+    end
+
+    def new_email_request( user )
+      @user = user
+      @confirmation_url = new_email_url( @user.new_email_token )
+      mail( :to => @user.new_email, :subject => t( 'confirmation_mailer.new_email_request.subject' ))
+    end
+  end
+end

data/app/mailers/confirmation_mailer.rb~

@@ -0,0 +1,28 @@
+class ConfirmationMailer < ActionMailer::Base
+
+  helper :application
+
+  default :from => APP_CONFIG['registration_mailer']['from']
+
+  def registration( user )
+    @confirmation_url = confirm_url( :registration, user.signup_token )
+    mail( :to => user.email, :subject => t( 'confirmation_mailer.registration.subject' ))
+  end
+
+  def resend_signup_token( user )
+    @user = user
+    @confirmation_url = confirm_url( :registration, @user.signup_token )
+    mail( :to => user.email, :subject => t( 'confirmation_mailer.resend_signup_token.subject' ))
+  end
+
+  def send_password_reset( user )
+    @confirmation_url = recover_password_form_url( :token => user.password_token )
+    mail( :to => user.email, :subject => t( 'confirmation_mailer.send_password_reset.subject' ))
+  end
+
+  def new_email_request( user )
+    @user = user
+    @confirmation_url = new_email_url( @user.new_email_token )
+    mail( :to => @user.new_email, :subject => t( 'confirmation_mailer.new_email_request.subject' ))
+  end
+end

data/app/models/auth_user.rb~

@@ -0,0 +1,100 @@
+module Lobby
+  module AuthUser
+
+    def self.included(base)
+      base.has_secure_password
+
+      base.validates :email, presence: true
+      base.validates :email, format: {with: EMAIL_REGEX, multiline: true}, if: Proc.new { |u| u.email.present? }
+      base.validates :email, uniqueness: true, :unless => :confirmed_duplicate, :on => :create, if: Proc.new { |u| u.email.present? }
+      base.validates :password, length: { minimum: 5 }, :on => :create, if: Proc.new { |u| u.password.present? }
+
+      base.extend ClassMethods
+    end
+
+
+    module ClassMethods
+      def confirmed
+        where("confirmed IS NOT NULL")
+      end
+
+      def with_email(email)
+        where(:email => email)
+      end
+
+    end
+
+
+    def confirmed_duplicate(test_mail = self.email)
+      if ((self.class.name.constantize.confirmed.with_email(test_mail).count == 0) ||
+          (self.class.name.constantize.with_email(test_mail).count == 0))
+        true
+      else
+        #self.id = self.class.name.constantize.confirmed.with_email(test_mail).first.id
+        false
+      end
+    end
+
+    def confirm_signup!
+      update_attribute(:confirmed, Time.now)
+      update_attribute(:signup_token, nil)
+      update_attribute(:active, true)
+    end
+
+    def confirm_new_email!
+      update_attribute(:email, new_email)
+      update_attribute(:new_email_token, nil)
+    end
+
+    def confirmed?
+      !self.confirmed.nil?
+    end
+
+    def active?
+      self.active == true
+    end
+
+    # Wenn der User sich registriert, dann wird ein signup_token für ihn hinterlegt.
+    # Dieser Token wird per Mail verschickt. Der User kann sich nun per Klick auf den
+    # Tokenlink verifizieren. Sollte die Mail nicht mehr erreichbar sein, so kann der User
+    # unter Angabe seiner Email einen neuen signup_Token anfordern. Der alte Token ist
+    # ab diesem Zeitpunkt ungültig.
+
+    # Nach erfolgreicher Verifizierung der Email-Adresse) wird das
+    # Feld confirmed mit einem Datum gefüllt. Ab diesem Zeitpunkt kann keine neuer
+    # Confirmation-Token generiert und verschickt werden.
+
+    def tokenmail(request)
+      ConfirmationMailer.send(request, self).deliver
+    end
+
+    def send_password_reset(with_mail = true)
+      return unless generate_token(:password_token)
+      if with_mail
+        tokenmail(:send_password_reset)
+      end
+    end
+
+    def send_registration
+      return unless generate_token(:signup_token)
+      tokenmail(:registration)
+    end
+
+    def resend_signup_token
+      return unless (!confirmed? && generate_token(:signup_token))
+      tokenmail(:resend_signup_token)
+    end
+
+    def send_new_email_request
+      return unless (confirmed? && generate_token(:new_email_token))
+      tokenmail(:new_email_request)
+    end
+
+
+    private
+
+    def generate_token( token )
+      (defined?( token ) && update_attribute( token, SecureRandom.hex(13) ))? true : false
+    end
+  end
+end

data/app/models/authentication.rb~

@@ -0,0 +1,13 @@
+module Lobby
+  module Authentication
+
+    def self.included(controller)
+      controller.send :helper_method, :current_user, :auth_with_username?
+    end
+
+    def current_user
+     @current_user ||= User.find(session[:user_id]) if session[:user_id]
+    end
+
+  end
+end