merb-auth-more 0.9.9

data/LICENSE

@@ -0,0 +1,42 @@
+Copyright (c) 2008 Daniel Neighman
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Some of the code in this plugin is based on Restful Merb::Authentication by Rick Olsen.  License File here:
+
+Copyright (c) 2005 Rick Olson
+ 
+Permission is hereby granted, free of charge, to any person obtaining a copy of 
+this software and associated documentation files (the "Software"), to deal in 
+the Software without restriction, including without limitation the rights to 
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 
+the Software, and to permit persons to whom the Software is furnished to do so, 
+subject to the following conditions:
+ 
+The above copyright notice and this permission notice shall be included in all 
+copies or substantial portions of the Software.
+ 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS 
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR 
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+=======

data/README.textile

@@ -0,0 +1,50 @@
+merb-auth-more
+==============
+
+merb-auth-more provides stuff that's useful, but not core to the functionality of
+merb-auth. Strategies and "User" object mixins are here.
+
+h3. What Strategies are there?
+
+Strategies are really simple to implement, but we've made some basic ones available.  
+
+The built in ones are basic but should be enough to get you going for most things.  
+
+To specify them, simply require them.  For example,in lib/auth-strategies.rb
+
+<pre><code>
+Merb::Authentication.activate!(:default_password_form)
+Merb::Authentication.activate!(:default_openid)
+
+class MyApiLogin < ::Merb::Authentication::Strategy
+  def run!
+    # check for api login
+  end
+end
+</code></pre>
+
+So far there are:
+
+* :default_password_form
+* :default_basic_auth
+* :default_openid
+
+h3. "User" mixins
+
+To assist with your authenticating needs, there is user mixins available to enhance your user model
+for basic cases.  These really are just for the basic case, so if you need something extra you should 
+overwrite the methods, or implement (and share ;) ;) ) your requirements.
+
+To use these, require the specific mixin, and then include it into your "User" class.
+
+<pre><code>
+  require 'merb-auth-more/mixins/salted_user'
+  
+  class User
+    include Merb::Authentication::Mixins::SaltedUser
+    
+  end
+</code></pre>
+
+The salted user mixin provides basic salted SHA1 password authentication.  It implements the required User.authenticate method
+for use with the default password strategies.

data/Rakefile

@@ -0,0 +1,65 @@
+require 'rubygems'
+require 'rake/gempackagetask'
+require 'rubygems/specification'
+require 'date'
+require "spec/rake/spectask"
+require 'merb-core/version'
+require 'merb-core/tasks/merb_rake_helper'
+require 'rake/testtask'
+
+require File.join(File.dirname(__FILE__), "../../merb-core/lib/merb-core/version.rb")
+
+GEM_NAME = "merb-auth-more"
+GEM_VERSION = Merb::VERSION
+AUTHOR = "Daniel Neighman"
+EMAIL = "has.sox@gmail.com"
+HOMEPAGE = "http://merbivore.com/"
+SUMMARY = "Additional resources for use with the merb-auth-core authentication framework."
+
+spec = Gem::Specification.new do |s|
+  s.rubyforge_project = 'merb'
+  s.name = GEM_NAME
+  s.version = GEM_VERSION
+  s.platform = Gem::Platform::RUBY
+  s.has_rdoc = true
+  s.extra_rdoc_files = ["README.textile", "LICENSE", 'TODO']
+  s.summary = SUMMARY
+  s.description = s.summary
+  s.author = AUTHOR
+  s.email = EMAIL
+  s.homepage = HOMEPAGE
+  s.add_dependency("merb-auth-core", "= #{Merb::VERSION}")
+  s.require_path = 'lib'
+  s.files = %w(LICENSE README.textile Rakefile TODO) + Dir.glob("{lib,spec}/**/*")
+  
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.gem_spec = spec
+end
+
+desc "install the plugin as a gem"
+task :install do
+  Merb::RakeHelper.install(GEM_NAME, :version => GEM_VERSION)
+end
+
+desc "Uninstall the gem"
+task :uninstall do
+  Merb::RakeHelper.uninstall(GEM_NAME, :version => GEM_VERSION)
+end
+
+desc "Create a gemspec file"
+task :gemspec do
+  File.open("#{GEM_NAME}.gemspec", "w") do |file|
+    file.puts spec.to_ruby
+  end
+end
+
+desc "Run all specs"
+Spec::Rake::SpecTask.new("specs") do |t|
+  t.spec_opts = ["--format", "specdoc", "--colour"]
+  t.spec_files = Dir["spec/**/*_spec.rb"].sort
+  t.rcov = false
+  t.rcov_opts << '--sort' << 'coverage' << '--sort-reverse'
+  t.rcov_opts << '--only-uncovered'
+end

data/lib/merb-auth-more.rb

@@ -0,0 +1,24 @@
+# make sure we're running inside Merb
+if defined?(Merb::Plugins)
+  # Merb gives you a Merb::Plugins.config hash...feel free to put your stuff in your piece of it
+  Merb::Plugins.config[:"merb-auth_more"] = {
+    :chickens => false
+  }
+  
+  # Register the strategies so that plugins and apps may utilize them
+  basic_path = File.expand_path(File.dirname(__FILE__)) / "merb-auth-more" / "strategies" / "basic"
+  
+  Merb::Authentication.register(:default_basic_auth,    basic_path / "basic_auth.rb")
+  Merb::Authentication.register(:default_openid,        basic_path / "openid.rb")
+  Merb::Authentication.register(:default_password_form, basic_path / "password_form.rb")
+  
+  Merb::BootLoader.before_app_loads do
+    # require code that must be loaded before the application
+  end
+  
+  Merb::BootLoader.after_app_loads do
+    # code that can be required after the application loads
+  end
+  
+  Merb::Plugins.add_rakefiles "merb-auth-more/merbtasks"
+end

data/lib/merb-auth-more/merbtasks.rb

@@ -0,0 +1,6 @@
+namespace :"merb-auth_more" do
+  desc "Do something for merb-auth-more"
+  task :default do
+    puts "merb-auth-more doesn't do anything"
+  end
+end

data/lib/merb-auth-more/mixins/redirect_back.rb

@@ -0,0 +1,59 @@
+# Impelments redirect_back_or.  i.e. remembers where you've come from on a failed login
+# and stores this inforamtion in the session.  When you're finally logged in you can use
+# the redirect_back_or helper to redirect them either back where they came from, or a pre-defined url.
+# 
+# Here's some examples:
+#
+#  1. User visits login form and is logged in
+#     - redirect to the provided (default) url
+#
+#  2. User vists a page (/page) and gets kicked to login (raised Unauthenticated)
+#     - On successful login, the user may be redirect_back_or("/home") and they will 
+#       return to the /page url.  The /home  url is ignored
+#
+#
+
+#
+module Merb::AuthenticatedHelper
+  
+  # Add a helper to do the redirect_back_or  for you.  Also tidies up the session afterwards
+  # If there has been a failed login attempt on some page using this method
+  # you'll be redirected back to that page.  Otherwise redirect to the default_url
+  #
+  # To make sure you're not redirected back to the login page after a failed then successful login,
+  # you can include an ignore url.  Basically, if the return url == the ignore url go to the default_url
+  #
+  # set the ignore url via an :ignore option in the opts hash.
+  def redirect_back_or(default_url, opts = {})
+    if session.authentication.return_to_url && ![opts[:ignore]].flatten.include?(session.authentication.return_to_url)
+      redirect session.authentication.return_to_url, opts
+    else
+      redirect default_url, opts
+    end
+    session.authentication.return_to_url = nil
+  end
+  
+end
+
+
+class Application < Merb::Controller; end
+
+class Exceptions < Application
+  after  :_set_return_to,   :only => :unauthenticated
+
+  private   
+  def _set_return_to
+    session.authentication.return_to_url ||= request.uri unless request.exceptions.blank?
+  end
+end
+
+class Merb::Authentication
+
+  def return_to_url
+    @return_to_url ||= session[:return_to]
+  end
+  
+  def return_to_url=(return_url)
+    @return_to_url = session[:return_to] = return_url
+  end
+end

data/lib/merb-auth-more/mixins/salted_user.rb

@@ -0,0 +1,73 @@
+require "digest/sha1"
+class Merb::Authentication
+  module Mixins
+    # This mixin provides basic salted user password encryption.
+    # 
+    # Added properties:
+    #  :crypted_password, String
+    #  :salt,             String
+    #
+    # To use it simply require it and include it into your user class.
+    #
+    # class User
+    #   include Merb::Authentication::Mixins::SaltedUser
+    #
+    # end
+    #
+    module SaltedUser
+      
+      def self.included(base)
+        base.class_eval do 
+          attr_accessor :password, :password_confirmation
+          
+          include Merb::Authentication::Mixins::SaltedUser::InstanceMethods
+          extend  Merb::Authentication::Mixins::SaltedUser::ClassMethods
+          
+          path = File.expand_path(File.dirname(__FILE__)) / "salted_user"
+          if defined?(DataMapper) && DataMapper::Resource > self
+            require path / "dm_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::DMClassMethods)
+          elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
+            require path / "ar_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::ARClassMethods)
+          elsif defined?(Sequel) && ancestors.include?(Sequel::Model)
+            require path / "sq_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::SQClassMethods)
+          end
+          
+        end # base.class_eval
+      end # self.included
+      
+      
+      module ClassMethods
+        # Encrypts some data with the salt.
+        def encrypt(password, salt)
+          Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+        end
+      end    
+      
+      module InstanceMethods
+        def authenticated?(password)
+          crypted_password == encrypt(password)
+        end
+        
+        def encrypt(password)
+          self.class.encrypt(password, salt)
+        end
+        
+        def password_required?
+          crypted_password.blank? || !password.blank?
+        end
+        
+        def encrypt_password
+          return if password.blank?
+          self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{Merb::Authentication::Strategies::Basic::Base.login_param}--") if new_record?
+          self.crypted_password = encrypt(password)
+        end
+        
+      end # InstanceMethods
+      
+    end # SaltedUser    
+  end # Mixins
+end # Merb::Authentication
+

data/lib/merb-auth-more/mixins/salted_user/ar_salted_user.rb

@@ -0,0 +1,25 @@
+class Merb::Authentication
+  module Mixins
+    module SaltedUser
+      module ARClassMethods
+        
+        def self.extended(base)
+          base.class_eval do
+            
+            validates_presence_of     :password,                   :if => :password_required?
+            validates_presence_of     :password_confirmation,      :if => :password_required?
+            validates_confirmation_of :password,                   :if => :password_required?
+            
+            before_save :encrypt_password
+          end # base.class_eval
+                  
+        end # self.extended
+        
+        def authenticate(login, password)
+          @u = find(:first, :conditions => ["#{Merb::Authentication::Strategies::Basic::Base.login_param} = ?", login])
+          @u && @u.authenticated?(password) ? @u : nil
+        end
+      end # ARClassMethods
+    end # SaltedUser
+  end # Mixins
+end # Merb::Authentication 

data/lib/merb-auth-more/mixins/salted_user/dm_salted_user.rb

@@ -0,0 +1,26 @@
+class Merb::Authentication
+  module Mixins
+    module SaltedUser
+      module DMClassMethods
+        def self.extended(base)
+          base.class_eval do
+            
+            property :crypted_password,           String
+            property :salt,                       String
+            
+            validates_present        :password, :if => proc{|m| m.password_required?}
+            validates_is_confirmed   :password, :if => proc{|m| m.password_required?}
+            
+            before :save,   :encrypt_password
+          end # base.class_eval
+          
+        end # self.extended
+        
+        def authenticate(login, password)
+          @u = first(Merb::Authentication::Strategies::Basic::Base.login_param => login)
+          @u && @u.authenticated?(password) ? @u : nil
+        end
+      end # DMClassMethods      
+    end # SaltedUser
+  end # Mixins
+end # Merb::Authentication

data/lib/merb-auth-more/mixins/salted_user/sq_salted_user.rb

@@ -0,0 +1,35 @@
+class Merb::Authentication
+  module Mixins
+    module SaltedUser
+      module SQClassMethods
+        
+        def self.extended(base)
+          base.class_eval do
+            
+            validates_presence_of     :password,                   :if => :password_required?
+            validates_presence_of     :password_confirmation,      :if => :password_required?
+            validates_confirmation_of :password,                   :if => :password_required?
+            
+            before_save :encrypt_password
+
+            include Merb::Authentication::Mixins::SaltedUser::SQInstanceMethods
+
+          end # base.class_eval 
+          
+        end # self.extended
+        
+        def authenticate(login, password)
+          @u = find(Merb::Authentication::Strategies::Basic::Base.login_param => login)
+          @u && @u.authenticated?(password) ? @u : nil
+        end
+      end # SQClassMethods
+
+      module SQInstanceMethods
+        def new_record?
+          new?
+        end
+      end
+
+    end # SaltedUser
+  end # Mixins
+end # Merb::Authentication 

data/lib/merb-auth-more/strategies/abstract_password.rb

@@ -0,0 +1,31 @@
+class Merb::Authentication
+  module Strategies
+    # To use the password strategies, it is expected that you will provide
+    # an @authenticate@ method on your user class.  This should take two parameters
+    # login, and password.  It should return nil or the user object.
+    module Basic
+      
+      class Base < Merb::Authentication::Strategy
+        abstract!
+        
+        # Overwrite this method to customize the field
+        def self.password_param
+          (Merb::Plugins.config[:"merb-auth"][:password_param] || :password).to_s.to_sym
+        end
+        
+        # Overwrite this method to customize the field
+        def self.login_param
+          (Merb::Plugins.config[:"merb-auth"][:login_param] || :login).to_s.to_sym
+        end
+        
+        def password_param
+          @password_param ||= Base.password_param
+        end
+        
+        def login_param
+          @login_param ||= Base.login_param
+        end
+      end # Base      
+    end # Password
+  end # Strategies
+end # Merb::Authentication

data/lib/merb-auth-more/strategies/basic/basic_auth.rb

@@ -0,0 +1,76 @@
+require 'merb-auth-more/strategies/abstract_password'
+# This strategy is used with basic authentication in Merb.
+#
+# == Requirements
+#
+# == Methods
+#   <User>.authenticate(login_field, password_field)
+#
+class Merb::Authentication
+  module Strategies
+    module Basic
+      class BasicAuth < Base
+        
+        def run!
+          if basic_authentication?
+            basic_authentication do |login, password|
+              user = user_class.authenticate(login, password) 
+              unless user
+                request_basic_auth!
+              end
+              user
+            end
+          end
+        end
+        
+        def self.realm
+          @realm ||= "Application"
+        end
+        
+        cattr_writer :realm
+        def realm
+          @realm ||= self.class.realm
+        end
+        
+        cattr_accessor :failure_message
+        @@failure_message = "Login Required"
+        
+        private
+        def initialize(request, params)
+          super
+          @auth = Rack::Auth::Basic::Request.new(request.env)
+        end
+        
+        def basic_authentication?
+          @auth.provided? and @auth.basic?
+        end
+        
+        def username
+          basic_authentication? ? @auth.credentials.first : nil
+        end
+
+        def password
+          basic_authentication? ? @auth.credentials.last : nil
+        end
+        
+        def request_basic_auth!
+          self.status = Merb::Controller::Unauthorized.status
+          self.headers['WWW-Authenticate'] = 'Basic realm="%s"' % realm
+          self.body = self.class.failure_message
+          halt!
+        end
+        
+        def basic_authentication(realm = nil, &authenticator)
+          self.realm = realm if realm
+          if basic_authentication?
+            authenticator.call(*@auth.credentials)
+          else
+            false
+          end
+        end
+        
+        
+      end # BasicAuth
+    end # Password
+  end # Strategies
+end # Merb::Authentication

data/lib/merb-auth-more/strategies/basic/openid.rb

@@ -0,0 +1,129 @@
+# The openid strategy attempts to login users based on the OpenID protocol 
+# http://openid.net/
+# 
+# Overwrite the on_sucess!, on_failure!, on_setup_needed!, and on_cancel! to customize events.
+#
+# Overwite the required_reg_fields method to require different sreg fields.  Default is email and nickname
+#
+# Overwrite the openid_store method to customize your session store
+#
+# == Requirments
+#
+# === Routes:
+#   :openid - an action that is accessilbe via http GET and protected via ensure_authenticated
+#   :signup - a url accessed via GET that takes a user to a signup form (overwritable)
+#
+# === Attributes
+#   :identity_url - A string for holding the identity_url associated with this user (overwritable)
+#
+# install the ruby-openid gem
+require 'openid'
+require 'openid/store/filesystem'
+require 'openid/extensions/sreg'
+
+class Merb::Authentication
+  module Strategies
+    module Basic
+      class OpenID < Base
+        def run!
+          if request.params[:'openid.mode']
+            response = consumer.complete(request.send(:query_params), "#{request.protocol}://#{request.host}" + request.path)
+            case response.status.to_s
+            when 'success'
+              sreg_response = ::OpenID::SReg::Response.from_success_response(response)
+              result = on_success!(response, sreg_response)
+              Merb.logger.info "\n\n#{result.inspect}\n\n"
+              result
+            when 'failure'
+              on_failure!(response)
+            when  'setup_needed'
+              on_setup_needed!(response)
+            when 'cancel'
+              on_cancel!(response)
+            end
+          elsif identity_url = params[:openid_url]
+            begin
+              openid_request = consumer.begin(identity_url)
+              openid_reg = ::OpenID::SReg::Request.new
+              openid_reg.request_fields(required_reg_fields)
+              openid_request.add_extension(openid_reg)
+              redirect_to = "#{request.protocol}://#{request.host}#{Merb::Router.url(:openid)}"
+              redirect!(openid_request.redirect_url("#{request.protocol}://#{request.host}", redirect_to))
+            rescue ::OpenID::OpenIDError => e
+              request.session.authentication.errors.clear!
+              request.session.authentication.errors.add(:openid, 'The OpenID verification failed')
+              nil
+            end
+          end
+        end # run!
+        
+        
+        # Overwrite the on_success! method with the required behavior for successful logins
+        #
+        # @api overwritable
+        def on_success!(response, sreg_response)
+          if user = find_user_by_identity_url(response.identity_url)
+            user
+          else
+            request.session[:'openid.url'] = response.identity_url
+            required_reg_fields.each do |f|
+              session[:"openid.#{f}"] = sreg_response.data[f] if sreg_response.data[f]
+            end if sreg_response
+            redirect!(Merb::Router.url(:signup))
+          end
+        end
+        
+        # Overwrite the on_failure! method with the required behavior for failed logins
+        #
+        # @api overwritable
+        def on_failure!(response)
+          session.authentication.errors.clear!
+          session.authentication.errors.add(:openid, 'OpenID verification failed, maybe the provider is down? Or the session timed out')
+          nil
+        end
+        
+        #
+        # @api overwritable
+        def on_setup_needed!(response)
+          request.session.authentication.errors.clear!
+          request.session.authentication.errors.add(:openid, 'OpenID does not seem to be configured correctly')
+          nil
+        end
+        
+         #
+         # @api overwritable
+        def on_cancel!(response)
+          request.session.authentication.errors.clear!
+          request.session.authentication.errors.add(:openid, 'OpenID rejected our request')
+          nil
+        end
+        
+        #
+        # @api overwritable
+        def required_reg_fields
+          ['nickname', 'email']
+        end
+        
+        # Overwrite this to support an ORM other than DataMapper
+        #
+        # @api overwritable
+        def find_user_by_identity_url(url)
+          user_class.first(:identity_url => url)
+        end
+        
+        # Overwrite this method to set your store
+        #
+        # @api overwritable
+        def openid_store
+          ::OpenID::Store::Filesystem.new("#{Merb.root}/tmp/openid")
+        end
+        
+        private
+        def consumer
+          @consumer ||= ::OpenID::Consumer.new(request.session, openid_store)
+        end
+              
+      end # OpenID
+    end # Basic
+  end # Strategies
+end # Merb::Authentication

data/lib/merb-auth-more/strategies/basic/password_form.rb

@@ -0,0 +1,32 @@
+require 'merb-auth-more/strategies/abstract_password'
+# This strategy uses a login  and password parameter.
+#
+# Overwrite the :password_param, and :login_param
+# to return the name of the field (on the form) that you're using the 
+# login with.  These can be strings or symbols
+#
+# == Required
+#
+# === Methods
+# <User>.authenticate(login_param, password_param)
+#
+class Merb::Authentication
+  module Strategies
+    module Basic
+      class Form < Base
+        
+        def run!
+          if request.params[login_param] && request.params[password_param]
+            user = user_class.authenticate(request.params[login_param], request.params[password_param])
+            if !user
+              request.session.authentication.errors.clear!
+              request.session.authentication.errors.add(login_param, "#{login_param.to_s.capitalize} or #{password_param.to_s.capitalize} were incorrect")
+            end
+            user
+          end
+        end # run!
+        
+      end # Form
+    end # Password
+  end # Strategies
+end # Authentication

data/spec/merb-auth-more_spec.rb

@@ -0,0 +1,4 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe "merb-auth-more" do
+end

data/spec/mixins/redirect_back_spec.rb

@@ -0,0 +1,84 @@
+require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
+require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "mixins", "redirect_back")
+
+describe "redirect_back" do
+  
+  before(:all) do
+    clear_strategies!
+    
+    class Merb::Authentication
+      def store_user(user); user; end
+      def fetch_user(session_info); session_info; end
+    end
+    
+    class MyStrategy < Merb::Authentication::Strategy; def run!; request.env["USER"]; end; end
+    
+    class Application < Merb::Controller; end
+    
+    class Exceptions < Application
+      def unauthenticated; end
+    end
+
+    class MyController < Application
+      before :ensure_authenticated
+
+      def index; "HERE!" end
+
+    end
+  end 
+  
+  it "should set the return_to in the session when sent to the exceptions controller from a failed login" do
+    controller = dispatch_to(Exceptions, :unauthenticated, {}, {:user => "winna", :request_uri => "go_back"}) do |c|
+      c.request.exceptions =  [Merb::Controller::Unauthenticated.new]
+    end
+    controller.session.authentication.return_to_url.should == "go_back"
+  end
+  
+  it  "should not set the return_to in the session when deliberately going to unauthenticated" do
+    controller = dispatch_to(Exceptions, :unauthenticated, {}, {:user => "winna", :request_uri => "don't_go_back"}) do |c|
+      c.request.exceptions = []
+    end
+    controller.session.authentication.return_to_url.should be_nil
+  end
+  
+  it "should not set the return_to when loggin into a controller directly" do 
+    controller = dispatch_to(MyController, :index, {}, :user => "winna", :request_uri => "NOOO")
+    controller.session.authentication.return_to_url.should be_nil
+  end
+  
+  describe "redirect_back helper" do
+    
+    before(:each) do
+      @with_redirect = dispatch_to(Exceptions, :unauthenticated, {}, :user => "WINNA", :request_uri => "request_uri") do |c|
+        c.request.exceptions = [Merb::Controller::Unauthenticated.new]
+      end
+      @no_redirect = dispatch_to(MyController, :index, {}, :user => "winna", :request_uri => "NOOO")
+    end
+    
+    it "should provide the url stored in the session" do
+      @with_redirect.session.authentication.return_to_url.should == "request_uri"
+      @with_redirect.redirect_back_or("/some/path")
+      @with_redirect.headers["Location"].should == "request_uri"
+    end
+    
+    it "should provide the url passed in by default when there is no return_to" do
+      @no_redirect.session.authentication.return_to_url.should be_nil
+      @no_redirect.redirect_back_or("/some/path")
+      @no_redirect.headers["Location"].should ==  "/some/path"
+    end
+    
+    it "should wipe out the return_to in the session after the redirect" do
+      @with_redirect.session.authentication.return_to_url.should == "request_uri"
+      @with_redirect.redirect_back_or("somewhere")
+      @with_redirect.headers["Location"].should == "request_uri"
+      @with_redirect.session.authentication.return_to_url.should be_nil
+    end
+    
+    it "should ignore a return_to if it's the same as the ignore url" do
+      @with_redirect.redirect_back_or("somewhere", :ignore => "request_uri")
+      @with_redirect.headers["Location"].should == "somewhere"
+    end
+     
+  end
+  
+end

data/spec/mixins/salted_user_spec.rb

@@ -0,0 +1,105 @@
+require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
+require 'dm-core'
+require 'dm-validations'
+require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "strategies", "abstract_password")
+require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "mixins", "salted_user")
+
+describe "A Salted User" do
+  
+  before(:all) do
+    DataMapper.setup(:default, "sqlite3::memory:")
+    
+    class Utilisateur
+      include DataMapper::Resource
+      include Merb::Authentication::Mixins::SaltedUser
+      
+      property :id, Serial
+      property :email, String
+      property :login, String
+    end
+    Utilisateur.auto_migrate!
+  end
+  
+  after(:each) do
+    Utilisateur.all.destroy!
+  end
+  
+  def default_user_params
+    {:login => "fred", :email => "fred@example.com", :password => "sekrit", :password_confirmation => "sekrit"}
+  end
+  
+  it "should authenticate a user using a class method" do
+    user = Utilisateur.new(default_user_params)
+    user.save
+    user.should_not be_new_record
+    Utilisateur.authenticate("fred", "sekrit").should_not be_nil
+  end
+  
+  it "should not authenticate a user using the wrong password" do
+    user = Utilisateur.new(default_user_params)  
+    user.save
+    Utilisateur.authenticate("fred", "not_the_password").should be_nil
+  end
+  
+  it "should not authenticate a user using the wrong login" do
+    user = Utilisateur.create(default_user_params)  
+    Utilisateur.authenticate("not_the_login@blah.com", "sekrit").should be_nil
+  end
+  
+  it "should not authenticate a user that does not exist" do
+    Utilisateur.authenticate("i_dont_exist", "password").should be_nil
+  end
+  
+  describe "passwords" do
+    before(:each) do
+      @user = Utilisateur.new(default_user_params)
+    end
+    
+    it{@user.should respond_to(:password)}
+    it{@user.should respond_to(:password_confirmation)}
+    it{@user.should respond_to(:crypted_password)}
+    
+    it "should require password if password is required" do
+      user = Utilisateur.new(:login => "fred", :email => "fred@example.com")
+      user.stub!(:password_required?).and_return(true)
+      user.valid?
+      user.errors.on(:password).should_not be_nil
+      user.errors.on(:password).should_not be_empty
+    end
+    
+    it "should set the salt" do
+      @user.salt.should be_nil
+      @user.send(:encrypt_password)
+      @user.salt.should_not be_nil    
+    end
+    
+    it "should require the password on create" do
+      user = Utilisateur.new(:login => "fred", :email => "fred@example.com")
+      user.save
+      user.errors.on(:password).should_not be_nil
+      user.errors.on(:password).should_not be_empty
+    end
+    
+    it "should require password_confirmation if the password_required?" do
+      user = Utilisateur.new(:login => "fred", :email => "fred@example.com", :password => "sekrit")
+      user.save
+      (user.errors.on(:password) || user.errors.on(:password_confirmation)).should_not be_nil
+    end
+     
+    it "should autenticate against a password" do
+      @user.save    
+      @user.should be_authenticated("sekrit")
+    end
+    
+    it "should not require a password when saving an existing user" do
+      @user.save
+      @user.should_not be_a_new_record
+      @user = Utilisateur.first(:login => "fred")
+      @user.password.should be_nil
+      @user.password_confirmation.should be_nil
+      @user.login = "some_different_login_to_allow_saving"
+      (@user.save).should be_true
+    end
+    
+  end  
+end

data/spec/spec_helper.rb

@@ -0,0 +1,34 @@
+$TESTING=true
+$:.push File.join(File.dirname(__FILE__), '..', 'lib')
+
+require 'rubygems'
+require 'merb-core'
+require 'merb-core/test'
+require 'merb-core/dispatch/session'
+require 'spec' # Satisfies Autotest and anyone else not using the Rake tasks
+require 'merb-auth-core'
+
+Merb.start  :environment    => "test", 
+            :adapter        => "runner", 
+            :session_store  => "cookie", 
+            :session_secret_key => "d3a6e6f99a25004da82b71af8b9ed0ab71d3ea21"
+
+module StrategyHelper
+  def clear_strategies!
+    Merb::Authentication.strategies.each do |s|
+      begin
+        Object.class_eval{ remove_const(s.name) if defined?(s)}
+      rescue
+      end
+    end
+    Merb::Authentication.strategies.clear
+    Merb::Authentication.default_strategy_order.clear
+  end
+end
+
+Spec::Runner.configure do |config|
+  config.include(Merb::Test::ViewHelper)
+  config.include(Merb::Test::RouteHelper)
+  config.include(Merb::Test::ControllerHelper)
+  config.include(StrategyHelper)
+end

metadata

@@ -0,0 +1,88 @@
+--- !ruby/object:Gem::Specification 
+name: merb-auth-more
+version: !ruby/object:Gem::Version 
+  version: 0.9.9
+platform: ruby
+authors: 
+- Daniel Neighman
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-10-13 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: merb-auth-core
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - "="
+      - !ruby/object:Gem::Version 
+        version: 0.9.9
+    version: 
+description: Additional resources for use with the merb-auth-core authentication framework.
+email: has.sox@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.textile
+- LICENSE
+- TODO
+files: 
+- LICENSE
+- README.textile
+- Rakefile
+- TODO
+- lib/merb-auth-more
+- lib/merb-auth-more/merbtasks.rb
+- lib/merb-auth-more/mixins
+- lib/merb-auth-more/mixins/redirect_back.rb
+- lib/merb-auth-more/mixins/salted_user
+- lib/merb-auth-more/mixins/salted_user/ar_salted_user.rb
+- lib/merb-auth-more/mixins/salted_user/dm_salted_user.rb
+- lib/merb-auth-more/mixins/salted_user/sq_salted_user.rb
+- lib/merb-auth-more/mixins/salted_user.rb
+- lib/merb-auth-more/strategies
+- lib/merb-auth-more/strategies/abstract_password.rb
+- lib/merb-auth-more/strategies/basic
+- lib/merb-auth-more/strategies/basic/basic_auth.rb
+- lib/merb-auth-more/strategies/basic/openid.rb
+- lib/merb-auth-more/strategies/basic/password_form.rb
+- lib/merb-auth-more.rb
+- spec/merb-auth-more_spec.rb
+- spec/mixins
+- spec/mixins/redirect_back_spec.rb
+- spec/mixins/salted_user_spec.rb
+- spec/spec_helper.rb
+has_rdoc: true
+homepage: http://merbivore.com/
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: merb
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 2
+summary: Additional resources for use with the merb-auth-core authentication framework.
+test_files: []
+