login_sugar_generator 0.9.4

data/templates/controller_test.rb

@@ -0,0 +1,254 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= singular_name %>_controller'
+require '<%= singular_name %>_notify'
+
+# Raise errors beyond the default web-based presentation
+class <%= class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= class_name %>ControllerTest < Test::Unit::TestCase
+  self.use_transactional_fixtures = false
+  fixtures :<%= plural_name %>
+
+  def setup
+    @controller = <%= class_name %>Controller.new
+    @request    = ActionController::TestRequest.new
+    @response   = ActionController::TestResponse.new
+    @request.host = "localhost"
+    ActionMailer::Base.inject_one_error = false
+    ActionMailer::Base.deliveries = []
+  end
+  
+  def test_login__valid_login__redirects_as_specified
+    @request.session[:return_to] = "/bogus/location"
+    post :login, :<%= singular_name %> => { :login => "tesla", :password => "atest" }
+    assert_logged_in <%= plural_name %>(:tesla)
+    assert_response :redirect
+    assert_equal "http://#{@request.host}/bogus/location", @response.redirect_url
+  end
+
+  def test_login__valid_login__shows_welcome_as_default
+    post :login, :<%= singular_name %> => { :login => "tesla", :password => "atest" }
+    assert_logged_in <%= plural_name %>(:tesla)
+    assert_response :redirect
+    assert_equal @controller.url_for(:action => 'welcome'), @response.redirect_url
+  end
+
+  def test_login__wrong_password
+    post :login, :<%= singular_name %> => { :login => "tesla", :password => "wrong password" }
+    assert_not_logged_in
+    assert_template 'login'
+    assert_contains "Login failed", flash['message']
+  end
+
+  def test_login__wrong_login
+    post :login, :<%= singular_name %> => { :login => "wrong login", :password => "atest" }
+    assert_not_logged_in
+    assert_template 'login'
+    assert_contains "Login failed", flash['message']
+  end
+
+  def test_login__deleted_<%= singular_name %>_cant_login
+    post :login, :<%= singular_name %> => { :login => "deleted_tesla", :password => "atest" }
+    assert_not_logged_in
+    assert_template 'login'
+    assert_contains "Login failed", flash['message']
+  end
+  
+  def test_signup
+    post_signup :login => "new<%= singular_name %>",
+                :password => "password", :password_confirmation => "password",
+                :email => "newemail@example.com"
+    assert_not_logged_in
+    assert_redirected_to_login
+    assert_equal 1, ActionMailer::Base.deliveries.size
+
+    mail = ActionMailer::Base.deliveries[0]
+    assert_equal "newemail@example.com", mail.to_addrs[0].to_s
+    assert_match /login:\s+\w+\n/, mail.encoded
+    assert_match /password:\s+\w+\n/, mail.encoded
+    <%= singular_name %> = <%= class_name %>.find_by_email("newemail@example.com")
+    assert_match /<%= file_name %>\[id\]=#{<%= singular_name %>.id}/, mail.encoded
+    assert_match /key=#{<%= singular_name %>.security_token}/, mail.encoded
+    assert !<%= singular_name %>.verified
+  end
+
+  def test_signup__validates_password_min_length
+    post_signup :login => "tesla_rhea", :password => "bad", :password_confirmation => "bad", :email => "someone@example.com"
+    assert_password_validation_fails
+  end
+
+  def test_signup__raises_delivery_errors
+    ActionMailer::Base.inject_one_error = true
+    post_signup :login => "newtesla",
+                :password => "newpassword", :password_confirmation => "newpassword",
+                :email => "newtesla@example.com"
+    assert_not_logged_in
+    assert_equal 0, ActionMailer::Base.deliveries.size
+    assert_contains "confirmation email not sent", flash['message']
+  end
+
+  def test_signup__mismatched_passwords
+    post :signup, :<%= singular_name %> => { :login => "newtesla", :password => "newpassword", :password_confirmation => "wrong" }
+    <%= singular_name %> = assigns(:<%= singular_name %>)
+    assert_equal 1, <%= singular_name %>.errors.size
+    assert_not_nil <%= singular_name %>.errors['password']
+  end
+  
+  def test_signup__bad_login
+    post_signup :login => "yo", :password => "newpassword", :password_confirmation => "newpassword"
+    <%= singular_name %> = assigns(:<%= singular_name %>)
+    assert_equal 1, <%= singular_name %>.errors.size
+    assert_not_nil <%= singular_name %>.errors['login']
+  end
+
+  def test_welcome
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    get :welcome, :<%= singular_name %>=> { :id => <%= singular_name %>.id }, :key => <%= singular_name %>.security_token
+    <%= singular_name %>.reload
+    assert <%= singular_name %>.verified
+    assert_logged_in( <%= singular_name %> )
+  end
+
+  def test_welcome__fails_if_expired_token
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    Clock.advance_by_days 2 # now past verification deadline
+    get :welcome, :<%= singular_name %>=> { :id => <%= singular_name %>.id }, :key => <%= singular_name %>.security_token
+    <%= singular_name %>.reload
+    assert !<%= singular_name %>.verified
+    assert_not_logged_in
+  end
+
+  def test_welcome__fails_if_bad_token
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    Clock.time = Time.now # now before deadline, but with bad token
+    get :welcome, :<%= singular_name %>=> { :id => <%= singular_name %>.id }, :key => "boguskey"
+    <%= singular_name %>.reload
+    assert !<%= singular_name %>.verified
+    assert_not_logged_in
+  end
+
+  def test_edit
+    tesla = <%= plural_name %>(:tesla)
+    set_logged_in tesla
+    post :edit, :<%= singular_name %> => { :first_name => "Bob", :form => "edit" }
+    tesla.reload
+    assert_equal tesla.first_name, "Bob"
+  end
+
+  def test_delete
+    <%= singular_name %> = <%= plural_name %>(:deletable_<%= singular_name %>)
+    set_logged_in <%= singular_name %>
+    post :edit, "<%= singular_name %>" => { "form" => "delete" }
+    <%= singular_name %>.reload
+    assert <%= singular_name %>.deleted
+    assert_not_logged_in
+  end
+
+  def test_change_password
+    <%= singular_name %> = <%= plural_name %>(:tesla)
+    set_logged_in <%= singular_name %>
+    post :change_password, :<%= singular_name %> => { :password => "changed_password", :password_onfirmation => "changed_password" }
+    assert_equal 1, ActionMailer::Base.deliveries.size
+    mail = ActionMailer::Base.deliveries[0]
+    assert_equal "tesla@example.com", mail.to_addrs[0].to_s
+    assert_match /login:\s+\w+\n/, mail.encoded
+    assert_match /password:\s+\w+\n/, mail.encoded
+    assert_equal <%= singular_name %>, <%= class_name %>.authenticate(<%= singular_name %>.login, 'changed_password')
+  end
+
+  def test_change_password__confirms_password
+    set_logged_in <%= plural_name %>(:tesla)
+    post :change_password, :<%= singular_name %> => { :password => "bad", :password_confirmation => "bad" }
+    <%= singular_name %> = assigns(:<%= singular_name %>)
+    assert_equal 1, <%= singular_name %>.errors.size
+    assert_not_nil <%= singular_name %>.errors['password']
+    assert_response :success
+    assert_equal 0, ActionMailer::Base.deliveries.size
+  end
+
+  def test_change_password__succeeds_despite_delivery_errors
+    set_logged_in <%= plural_name %>(:tesla)
+    ActionMailer::Base.inject_one_error = true
+    post :change_password, :<%= singular_name %> => { :password => "changed_password", :password_confirmation => "changed_password" }
+    assert_equal 0, ActionMailer::Base.deliveries.size
+    assert_equal <%= plural_name %>(:tesla), <%= class_name %>.authenticate(<%= plural_name %>(:tesla).login, 'changed_password')
+  end
+
+  def test_forgot_password__when_logged_in_redirects_to_change_password
+    <%= singular_name %> = <%= plural_name %>(:tesla)
+    set_logged_in <%= singular_name %>
+    post :forgot_password, :<%= singular_name %> => { :email => <%= singular_name %>.email }
+    assert_equal 0, ActionMailer::Base.deliveries.size
+    assert_response :redirect
+    assert_equal @controller.url_for(:action => "change_password"), @response.redirect_url
+  end
+
+  def test_forgot_password__requires_valid_email_address
+    post :forgot_password, :<%= singular_name %> => { :email => "" }
+    assert_equal 0, ActionMailer::Base.deliveries.size
+    assert_match /Please enter a valid email address./, @response.body
+  end
+
+  def test_forgot_password__ignores_unknown_email_address
+    post :forgot_password, :<%= singular_name %> => { :email => "unknown_email@example.com" }
+    assert_equal 0, ActionMailer::Base.deliveries.size
+  end
+
+  def test_forgot_password__reports_delivery_error
+    ActionMailer::Base.inject_one_error = true
+    post :forgot_password, :<%= singular_name %> => { :email => <%= plural_name %>(:tesla).email }
+    assert_equal 0, ActionMailer::Base.deliveries.size
+    assert_match /Your password could not be emailed/, @response.body
+  end
+
+  def test_invalid_login
+    post :login, :<%= singular_name %> => { :login => "tesla", :password => "not_correct" }
+    assert_not_logged_in
+    assert_response :success
+    assert_template 'login'
+  end
+  
+  def test_logout
+    set_logged_in <%= plural_name %>(:tesla)
+    get :logout
+    assert_not_logged_in
+  end
+
+  private
+
+  def set_logged_in( <%= singular_name %> )
+    @request.session[:<%= singular_name %>_id] = <%= singular_name %>.id
+  end
+
+  def assert_logged_in( <%= singular_name %> )
+    assert_equal <%= singular_name %>.id, @request.session[:<%= singular_name %>_id]
+    assert_equal <%= singular_name %>, assigns(:current_<%= singular_name %>)
+  end
+
+  def assert_not_logged_in
+    assert_nil @request.session[:<%= singular_name %>_id]
+    assert_nil assigns(:current_<%= singular_name %>)
+  end
+
+  def assert_redirected_to_login
+    assert_equal @controller.url_for(:action => "login"), @response.redirect_url
+  end
+
+  def post_signup( <%= singular_name %>_params )
+    post :signup, "<%= singular_name %>" => <%= singular_name %>_params
+  end
+
+  def assert_password_validation_fails
+    <%= singular_name %> = assigns(:<%= singular_name %>)
+    assert_equal 1, <%= singular_name %>.errors.size
+    assert_not_nil <%= singular_name %>.errors['password']
+    assert_response :success
+    assert_equal 0, ActionMailer::Base.deliveries.size
+  end
+
+  def assert_contains( target, container )
+    assert !container.nil?, %Q( Failed to find "#{target}" in nil String )
+    assert container.include?(target)
+  end
+
+end

data/templates/create_db

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require File.dirname(__FILE__) + '/../config/environment'
+require 'rubygems'
+require_gem 'db_structure'
+
+DBStructure::db_structure

data/templates/helper.rb

@@ -0,0 +1,41 @@
+module <%= class_name %>Helper
+
+  DEFAULT_HEAD_OPTIONS = {
+    :notice => true,
+    :message => true,
+    :error => false
+  }.freeze unless defined? DEFAULT_HEAD_OPTIONS 
+
+  def title_helper
+    "#{@controller.controller_class_name} #{@controller.action_name}"
+  end
+
+  def head_helper(label, options = {})
+    notice = message = error = nil
+    opts = DEFAULT_HEAD_OPTIONS.dup
+    opts.update(options.symbolize_keys)
+    s = "<h3>#{label}</h3>"
+    if @flash['notice'] and not opts[:notice].nil? and opts[:notice]
+      notice = "<div><p>#{@flash['notice']}</p></div>"
+      s = s + notice
+    end
+    if @flash['message'] and not opts[:message].nil? and opts[:message]
+      message = "<div id=\"ErrorExplanation\"><p>#{@flash['message']}</p></div>"
+      s = s + message
+    end
+    if not opts[:error].nil? and opts[:error]
+     error = error_messages_for('<%= singular_name %>')
+     if not error.nil?
+       error = error + "<br/>"
+       s = s + error
+     end
+   end
+   return s
+  end
+
+  def start_form_tag_helper(options = {})
+    url = url_for(:action => "#{@controller.action_name}")
+    "#{self.send(:start_form_tag, url, options)}"
+  end
+
+end

data/templates/integration_test.rb

@@ -0,0 +1,95 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= singular_name %>_controller'
+require '<%= singular_name %>_notify'
+
+class <%= class_name %>SystemTest < ActionController::IntegrationTest
+  self.use_transactional_fixtures = false
+  fixtures :<%= plural_name %>
+
+  def setup
+    ActionMailer::Base.inject_one_error = false
+    ActionMailer::Base.deliveries = []
+  end
+
+  def test_signup_and_verify
+    Clock.time = Time.now
+    post url_for( :controller => '<%= singular_name %>', :action => 'signup'),
+         :<%= singular_name %> => { :login => "new<%= singular_name %>",
+                    :password => "password", :password_confirmation => "password",
+                    :email => "newemail@example.com" }
+           
+    assert_not_logged_in
+    assert_redirected_to_login
+    assert_equal 1, ActionMailer::Base.deliveries.size
+
+    mail = ActionMailer::Base.deliveries[0]
+    assert_equal "newemail@example.com", mail.to_addrs[0].to_s
+    assert_match /login:\s+\w+\n/, mail.encoded
+    assert_match /password:\s+\w+\n/, mail.encoded
+    mail.encoded =~ /<%= file_name %>\[id\]=(\d+)&key=(.*?)"/
+    id = $1
+    key = $2
+
+    Clock.advance_by_days 2 # now past verification deadline
+
+    get url_for( :controller => '<%= singular_name %>', :action => 'welcome'),
+        :<%= singular_name %>=> { :id => id }, :key => key
+    assert_redirected_to_login
+    <%= singular_name %> = <%= class_name %>.find_by_id id
+    assert !<%= singular_name %>.verified
+    assert_not_logged_in
+
+    Clock.time = Time.now # now before deadline
+    get url_for( :controller => '<%= singular_name %>', :action => 'welcome'),
+        :<%= singular_name %>=> { :id => "#{id}" }, :key => "boguskey"
+    assert_redirected_to_login
+    assert_not_logged_in
+    <%= singular_name %>.reload
+    assert !<%= singular_name %>.verified
+
+    get url_for( :controller => '<%= singular_name %>', :action => 'welcome'),
+        :<%= singular_name %>=> { :id => "#{<%= singular_name %>.id}" }, :key => "#{key}"
+    assert_response :success
+    <%= singular_name %>.reload
+    assert <%= singular_name %>.verified
+    assert_logged_in( <%= singular_name %> )
+  end
+
+  def test_forgot_password__allows_change_password_after_mailing_key
+    <%= singular_name %> = <%= plural_name %>(:tesla)
+    post url_for( :controller => '<%= singular_name %>', :action => 'forgot_password'), :<%= singular_name %> => { :email => <%= singular_name %>.email }
+    assert_equal 1, ActionMailer::Base.deliveries.size
+    mail = ActionMailer::Base.deliveries[0]
+    assert_equal <%= plural_name %>(:tesla).email, mail.to_addrs[0].to_s
+    mail.encoded =~ /<%= file_name %>\[id\]=(.*?)&key=(.*?)"/
+    id = $1
+    key = $2
+    post url_for( :controller => '<%= singular_name %>', :action => 'change_password'),
+         :<%= singular_name %> => { :password => "newpassword",
+                    :password_confirmation => "newpassword",
+                    :id => id },
+         :key => key
+    <%= singular_name %>.reload
+    assert_logged_in <%= singular_name %>
+    assert_equal <%= singular_name %>, <%= class_name %>.authenticate(<%= singular_name %>.login, 'newpassword')
+  end
+
+
+
+  private
+  def assert_logged_in( <%= singular_name %> )
+    assert_equal <%= singular_name %>.id, request.session[:<%= singular_name %>_id]
+    assert_equal <%= singular_name %>, assigns(:current_<%= singular_name %>)
+  end
+
+  def assert_not_logged_in
+    assert_nil request.session[:<%= singular_name %>_id]
+    assert_nil assigns(:current_<%= singular_name %>)
+  end
+
+  def assert_redirected_to_login
+    assert_response :redirect
+    assert_equal controller.url_for(:action => "login"), response.redirect_url
+  end
+
+end

data/templates/layout.rhtml

@@ -0,0 +1,13 @@
+<html>
+<head>
+  <title>: <%%= controller.action_name %></title>
+  <%%= stylesheet_link_tag '<%= singular_name %>' %>
+</head>
+<body>
+
+<p style="color: green"><%%= flash[:notice] %></p>
+
+<%%= yield  %>
+
+</body>
+</html>

data/templates/login_environment.rb

@@ -0,0 +1,21 @@
+module <%= class_name %>System
+  CONFIG = {
+    # Source address for <%= singular_name %> emails
+    :email_from => 'foo@example.com',
+
+    # Destination email for system errors
+    :admin_email => 'foo@example.com',
+
+    # Sent in emails to <%= plural_name %>
+    :app_url => 'http://example.com/',
+
+    # Sent in emails to <%= plural_name %>
+    :app_name => 'Login Sugar',
+
+    # Email charset
+    :mail_charset => 'utf-8',
+
+    # Security token lifetime in hours
+    :security_token_life_hours => 24,
+  }
+end

data/templates/login_system.rb

@@ -0,0 +1,54 @@
+module <%= class_name %>System
+
+  protected
+
+  # authenticate_<%= singular_name %> filter. add
+  #
+  #   before_filter :authenticate_<%= singular_name %>
+  #
+  def authenticate_<%= singular_name %>
+    return true if authenticated_<%= singular_name %>?
+    session[:return_to] = request.request_uri
+    access_denied
+    return false 
+  end
+
+  # overwrite if you want to have special behavior in case the <%= singular_name %> is not authorized
+  # to access the current operation. 
+  # the default action is to redirect to the login screen
+  # example use :
+  # a popup window might just close itself for instance
+  def access_denied
+    redirect_to :controller => "/<%= file_name %>", :action => "login"
+  end  
+
+  def redirect_back_or_default(default)
+    if session[:return_to].nil?
+      redirect_to default
+    else
+      redirect_to_url session[:return_to]
+      session[:return_to] = nil
+    end
+  end
+
+  def authenticated_<%= singular_name %>?
+    if session[:<%= singular_name %>_id]
+      @current_<%= singular_name %> = <%= class_name %>.find_by_id(session[:<%= singular_name %>_id])
+      return false if @current_<%= singular_name %>.nil? 
+      return true
+    end
+
+    # If not, is the <%= singular_name %> being authenticated by a token (created by signup/forgot password actions)?
+    return false if not params['<%= singular_name %>']
+    id = params['<%= singular_name %>']['id']
+    key = params['key']
+    if id and key
+      @current_<%= singular_name %> = <%= class_name %>.authenticate_by_token(id, key)
+      session[:<%= singular_name %>_id] = @current_<%= singular_name %> ? @current_<%= singular_name %>.id : nil
+      return true if not @current_<%= singular_name %>.nil?
+    end
+
+    # Everything failed
+    return false
+  end
+end