login_sugar_generator 0.9.4

data/templates/migration_login_sugar.rb

@@ -0,0 +1,21 @@
+class LoginSugar < ActiveRecord::Migration
+  def self.up
+    create_table :<%= plural_name %>, :force => true do |t|
+      t.column :login, :string, :limit => 80, :null => false
+      t.column :salted_password, :string, :limit => 40, :null => false
+      t.column :email, :string, :limit => 60, :null => false
+      t.column :first_name, :string, :limit => 40
+      t.column :last_name, :string, :limit => 40
+      t.column :salt, 'CHAR(40)', :null => false
+      t.column :verified, :boolean, :default => false
+      t.column :role, :string, :limit => 40, :default => nil
+      t.column :security_token, 'CHAR(40)', :default => nil
+      t.column :token_expiry, :datetime, :default => nil
+      t.column :deleted, :boolean, :default => false
+    end
+  end
+
+  def self.down
+    drop_table :<%= plural_name %>
+  end
+end

data/templates/mock_clock.rb

@@ -0,0 +1,14 @@
+
+class Clock
+  @@time = Time.now
+  cattr_writer :time
+
+  def self.now
+    @@time
+  end
+
+  def self.advance_by_days( days )
+    @@time += (days * 60 *60 * 24)
+  end
+
+end

data/templates/mock_notify.rb

@@ -0,0 +1,16 @@
+require 'models/<%= file_name %>_notify.rb'
+
+ActionMailer::Base.class_eval {
+  @@inject_one_error = false
+  cattr_accessor :inject_one_error
+
+  private
+  def perform_delivery_test(mail)
+    if inject_one_error
+      ActionMailer::Base::inject_one_error = false
+      raise "Failed to send email" if raise_delivery_errors
+    else
+      deliveries << mail
+    end
+  end
+}

data/templates/notify.rb

@@ -0,0 +1,50 @@
+class <%= class_name %>Notify < ActionMailer::Base
+  def signup(<%= singular_name %>, password, url=nil)
+    setup_email(<%= singular_name %>)
+
+    # Email header info
+    @subject += "Welcome to #{<%= class_name %>System::CONFIG[:app_name]}!"
+
+    # Email body substitutions
+    @body["name"] = "#{<%= singular_name %>.first_name} #{<%= singular_name %>.last_name}"
+    @body["login"] = <%= singular_name %>.login
+    @body["password"] = password
+    @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
+    @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+  end
+
+  def forgot_password(<%= singular_name %>, url=nil)
+    setup_email(<%= singular_name %>)
+
+    # Email header info
+    @subject += "Forgotten password notification"
+
+    # Email body substitutions
+    @body["name"] = "#{<%= singular_name %>.first_name} #{<%= singular_name %>.last_name}"
+    @body["login"] = <%= singular_name %>.login
+    @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
+    @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+  end
+
+  def change_password(<%= singular_name %>, password, url=nil)
+    setup_email(<%= singular_name %>)
+
+    # Email header info
+    @subject += "Changed password notification"
+
+    # Email body substitutions
+    @body["name"] = "#{<%= singular_name %>.first_name} #{<%= singular_name %>.last_name}"
+    @body["login"] = <%= singular_name %>.login
+    @body["password"] = password
+    @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
+    @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+  end
+
+  def setup_email(<%= singular_name %>)
+    @recipients = "#{<%= singular_name %>.email}"
+    @from       = <%= class_name %>System::CONFIG[:email_from].to_s
+    @subject    = "[#{<%= class_name %>System::CONFIG[:app_name]}] "
+    @sent_on    = Time.now
+    @headers['Content-Type'] = "text/plain; charset=#{<%= class_name %>System::CONFIG[:mail_charset]}; format=flowed"
+  end
+end

data/templates/notify_change_password.rhtml

@@ -0,0 +1,10 @@
+Dear <%%= @name %>,
+
+At your request, <%%= @app_name %> has changed your password. If it was not at your request, then you should be aware that someone has access to your account and requested this change.
+
+Your new login credentials are:
+
+  login:    <%%= @login %>
+  password: <%%= @password %>
+ 
+<%%= @url %>

data/templates/notify_delete.rhtml

@@ -0,0 +1,5 @@
+Dear <%%= @name %>,
+
+At your request, <%%= @app_name %> has permanently deleted your account.
+ 
+<%%= @url %>

data/templates/notify_forgot_password.rhtml

@@ -0,0 +1,11 @@
+Dear <%%= @name %>,
+
+At your request, <%%= @app_name %> has sent you the following URL so that you may reset your password. If it was not at your request, then you should be aware that someone has entered your email address as theirs in the forgotten password section of <%%= @app_name %>.
+
+Please click on the following link to go to the change password page:
+
+<a href="<%%= @url%>">Click me!</a>
+ 
+It's advisable for you to change your password as soon as you login.
+
+<%%= @url %>

data/templates/notify_pending_delete.rhtml

@@ -0,0 +1,9 @@
+Dear <%%= @name %>,
+
+At your request, <%%= @app_name %> has marked your account for deletion. If it was not at your request, then you should be aware that someone has access to your account and requested this change.
+
+The following link is provided for you to restore your deleted account. If you click on this link within the next <%%= @days %> days, your account will not be deleted. Otherwise, simply ignore this email and your account will be permanently deleted after that time.
+
+<a href="<%%= @url%>">Click me!</a>
+ 
+<%%= @url %>

data/templates/notify_signup.rhtml

@@ -0,0 +1,12 @@
+Welcome to <%%= @app_name %>, <%%= @name %>.
+
+Your login credentials are:
+
+  login:    <%%= @login %>
+  password: <%%= @password %>
+
+Please click on the following link to confirm your registration:
+
+<a href="<%%= @url%>">Click me!</a>
+
+<%%= @url %>

data/templates/stylesheet.css

@@ -0,0 +1,74 @@
+body { background-color: #fff; color: #333; }
+
+body, p, ol, ul, td {
+  font-family: verdana, arial, helvetica, sans-serif;
+  font-size:   13px;
+  line-height: 18px;
+}
+
+pre {
+  background-color: #eee;
+  padding: 10px;
+  font-size: 11px;
+}
+
+a { color: #000; }
+a:visited { color: #666; }
+a:hover { color: #fff; background-color:#000; }
+
+.fieldWithErrors {
+  padding: 2px;
+  background-color: red;
+  display: table;
+}
+
+#errorExplanation {
+  width: 400px;
+  border: 2px solid red;
+  padding: 7px;
+  padding-bottom: 12px;
+  margin-bottom: 20px;
+  background-color: #f0f0f0;
+}
+
+#errorExplanation h2 {
+  text-align: left;
+  font-weight: bold;
+  padding: 5px 5px 5px 15px;
+  font-size: 12px;
+  margin: -7px;
+  background-color: #c00;
+  color: #fff;
+}
+
+#errorExplanation p {
+  color: #333;
+  margin-bottom: 0;
+  padding: 5px;
+}
+
+#errorExplanation ul li {
+  font-size: 12px;
+  list-style: square;
+}
+
+div.uploadStatus {
+  margin: 5px;
+}
+
+div.progressBar {
+  margin: 5px;
+}
+
+div.progressBar div.border {
+  background-color: #fff;
+  border: 1px solid grey;
+  width: 100%;
+}
+
+div.progressBar div.background {
+  background-color: #333;
+  height: 18px;
+  width: 0%;
+}
+

data/templates/user.rb

@@ -0,0 +1,101 @@
+require 'digest/sha1'
+
+# this model expects a certain database layout and its based on the name/login pattern. 
+class <%= class_name %> < ActiveRecord::Base
+  attr_accessor :password_needs_confirmation
+
+  after_save '@password_needs_confirmation = false'
+  after_validation :crypt_password
+
+  validates_presence_of :login, :on => :create
+  validates_length_of :login, :within => 3..40, :on => :create
+  validates_uniqueness_of :login, :on => :create
+  validates_uniqueness_of :email, :on => :create
+
+  validates_presence_of :password, :if => :validate_password?
+  validates_confirmation_of :password, :if => :validate_password?
+  validates_length_of :password, { :minimum => 5, :if => :validate_password? }
+  validates_length_of :password, { :maximum => 40, :if => :validate_password? }
+
+  def initialize(attributes = nil)
+    super
+    @password_needs_confirmation = false
+  end
+
+  def self.authenticate(login, pass)
+    u = find_first(["login = ? AND verified = TRUE AND deleted = FALSE", login])
+    return nil if u.nil?
+    find_first(["login = ? AND salted_password = ? AND verified = TRUE", login, salted_password(u.salt, hashed(pass))])
+  end
+
+  def self.authenticate_by_token(id, token)
+    # Allow logins for deleted accounts, but only via this method (and
+    # not the regular authenticate call)
+    logger.info "Attempting authorization of #{id} with #{token}"
+    u = find_first(["id = ? AND security_token = ?", id, token])
+    if u
+      logger.info "Authenticated by token: #{u.inspect}"
+    else
+      logger.info "Not authenticated" if u.nil?
+    end
+    return nil if (u.nil? or u.token_expired?)
+    u.update_attribute :verified, true
+    return u
+  end
+
+  def token_expired?
+    self.security_token and self.token_expiry and (Clock.now > self.token_expiry)
+  end
+
+  def generate_security_token
+    if self.security_token.nil? or self.token_expiry.nil? or (Clock.now.to_i + token_lifetime / 2) >= self.token_expiry.to_i
+      token = new_security_token
+      return token
+    else
+      return self.security_token
+    end
+  end
+
+  def change_password(pass, confirm = nil)
+    self.password = pass
+    self.password_confirmation = confirm.nil? ? pass : confirm
+    @password_needs_confirmation = true
+  end
+
+  def token_lifetime
+    <%= class_name %>System::CONFIG[:security_token_life_hours] * 60 * 60
+  end
+
+
+  protected
+
+  attr_accessor :password, :password_confirmation
+
+  def validate_password?
+    @password_needs_confirmation
+  end
+
+  def self.hashed(str)
+    return Digest::SHA1.hexdigest("change-me--#{str}--")[0..39]
+  end
+
+  def crypt_password
+    if @password_needs_confirmation
+      write_attribute("salt", self.class.hashed("salt-#{Clock.now}"))
+      write_attribute("salted_password", self.class.salted_password(salt, self.class.hashed(@password)))
+    end
+  end
+
+  def new_security_token
+    expiry = Time.at(Clock.now.to_i + token_lifetime)
+    write_attribute('security_token', self.class.hashed(self.salted_password + Clock.now.to_i.to_s + rand.to_s))
+    write_attribute('token_expiry', expiry)
+    update_without_callbacks
+    return self.security_token
+  end
+
+  def self.salted_password(salt, hashed_password)
+    hashed(salt + hashed_password)
+  end
+end
+

data/templates/user_model.erbsql

@@ -0,0 +1,18 @@
+CREATE TABLE <%= plural_name %> (
+  id <%%= @pk %>,
+  login VARCHAR(80) NOT NULL,
+  salted_password VARCHAR(40) NOT NULL,
+  email VARCHAR(60) NOT NULL,
+  first_name VARCHAR(40) default NULL,
+  last_name VARCHAR(40) default NULL,
+  salt CHAR(40) NOT NULL,
+  verified INT default 0,
+  role VARCHAR(40) default NULL,
+  security_token CHAR(40) default NULL,
+  token_expiry <%%= @datetime %> default NULL,
+  created_at <%%= @datetime %> default NULL,
+  updated_at <%%= @datetime %> default NULL,
+  logged_in_at <%%= @datetime %> default NULL,
+  deleted INT default 0,
+  delete_after <%%= @datetime %> default NULL
+) <%%= @options %>;

data/templates/user_test.rb

@@ -0,0 +1,133 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class <%= class_name %>Test < Test::Unit::TestCase
+  fixtures :<%= plural_name %>
+  self.use_transactional_fixtures = false
+
+  def test_authenticate
+    assert_equal <%= plural_name %>(:tesla), <%= class_name %>.authenticate(<%= plural_name %>(:tesla).login, "atest")
+    assert_nil <%= class_name %>.authenticate("nontesla", "atest")
+    assert_nil <%= class_name %>.authenticate(<%= plural_name %>(:tesla), "wrong password")
+  end
+
+  def test_authenticate_by_token
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    assert_equal <%= singular_name %>, <%= class_name %>.authenticate_by_token(<%= singular_name %>.id, <%= singular_name %>.security_token)
+  end
+
+  def test_authenticate_by_token__fails_if_expired
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    Clock.time = Clock.now + 2.days
+    assert_nil <%= class_name %>.authenticate_by_token(<%= singular_name %>.id, <%= singular_name %>.security_token)
+  end
+
+  def test_authenticate_by_token__fails_if_bad_token
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    assert_nil <%= class_name %>.authenticate_by_token(<%= singular_name %>.id, 'bad_token')
+  end
+
+  def test_authenticate_by_token__fails_if_bad_id
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    assert_nil <%= class_name %>.authenticate_by_token(-1, <%= singular_name %>.security_token)
+  end
+
+  def test_change_password
+    <%= singular_name %> = <%= plural_name %>(:long_<%= singular_name %>)
+    <%= singular_name %>.change_password("a new password")
+    <%= singular_name %>.save
+    assert_equal <%= singular_name %>, <%= class_name %>.authenticate(<%= singular_name %>.login, "a new password")
+    assert_nil <%= class_name %>.authenticate(<%= singular_name %>.login, "alongtest")
+  end
+
+  def test_generate_security_token
+    <%= singular_name %> = <%= class_name %>.new :login => '<%= singular_name %>', :email => '<%= singular_name %>@example.com', :salt => 'salt', :salted_password => 'tlas'
+    <%= singular_name %>.save
+    token = <%= singular_name %>.generate_security_token
+    assert_not_nil token
+    <%= singular_name %>.reload
+    assert_equal token, <%= singular_name %>.security_token
+    assert_equal (Clock.now + <%= singular_name %>.token_lifetime).to_i, <%= singular_name %>.token_expiry.to_i
+  end
+
+  def test_generate_security_token__reuses_token_when_not_stale
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    Clock.time = Clock.now + <%= singular_name %>.token_lifetime/2 - 1
+    assert_equal <%= singular_name %>.security_token, <%= singular_name %>.generate_security_token 
+  end
+
+  def test_generate_security_token__generates_new_token_when_getting_stale
+    <%= singular_name %> = <%= plural_name %>(:unverified_<%= singular_name %>)
+    Clock.time = Clock.now + <%= singular_name %>.token_lifetime/2
+    assert_not_equal <%= singular_name %>.security_token, <%= singular_name %>.generate_security_token 
+  end
+
+  def test_change_password__disallowed_passwords
+    u = <%= class_name %>.new
+    u.login = "test_<%= singular_name %>"
+    u.email = 'disallowed_password@example.com'
+
+    u.change_password("tiny")
+    assert !u.save     
+    assert u.errors.invalid?('password')
+
+    u.change_password("hugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehuge")
+    assert !u.save     
+    assert u.errors.invalid?('password')
+        
+    u.change_password("")
+    assert !u.save    
+    assert u.errors.invalid?('password')
+        
+    u.change_password("a_s3cure_p4ssword")
+    assert u.save     
+    assert u.errors.empty?
+  end
+  
+  def test_validates_login
+    u = <%= class_name %>.new
+    u.change_password("teslas_secure_password")
+    u.email = 'bad_login_tesla@example.com'
+
+    u.login = "x"
+    assert !u.save     
+    assert u.errors.invalid?(:login)
+    
+    u.login = "hugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahugeteslahug"
+    assert !u.save     
+    assert u.errors.invalid?(:login)
+
+    u.login = ""
+    assert !u.save
+    assert u.errors.invalid?(:login)
+
+    u.login = "oktesla"
+    assert u.save
+    assert u.errors.empty?
+      
+  end
+
+  def test_create
+    u = <%= class_name %>.new
+    u.login = "nonexisting_<%= singular_name %>"
+    u.email = 'nonexisting_email@example.com'
+    u.change_password("password")
+    assert u.save
+  end
+
+  def test_create__validates_unique_login
+    u = <%= class_name %>.new
+    u.login = <%= plural_name %>(:tesla).login
+    u.email = 'new@example.com'
+    u.change_password("password")
+    assert !u.save
+  end
+
+  def test_create__validates_unique_email
+    u = <%= class_name %>.new
+    u.login = 'new_<%= singular_name %>'
+    u.email= <%= plural_name %>(:tesla).email
+    u.change_password("password")
+    assert !u.save
+  end
+
+end