merb-auth-more 1.0.15 → 1.1.0.pre

data/Rakefile

@@ -1,59 +1,54 @@
-require File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "rake_helpers"))
-
-RUBY_FORGE_PROJECT = "merb-auth"
-GEM_NAME = "merb-auth-more"
-PKG_BUILD   = ENV['PKG_BUILD'] ? '.' + ENV['PKG_BUILD'] : ''
-GEM_VERSION = Merb::VERSION + PKG_BUILD
-
-AUTHOR = "Daniel Neighman"
-EMAIL = "has.sox@gmail.com"
-HOMEPAGE = "http://merbivore.com/"
-SUMMARY = "Additional resources for use with the merb-auth-core authentication framework."
-
-spec = Gem::Specification.new do |s|
-  s.rubyforge_project = 'merb'
-  s.name = GEM_NAME
-  s.version = GEM_VERSION
-  s.platform = Gem::Platform::RUBY
-  s.has_rdoc = true
-  s.extra_rdoc_files = ["README.textile", "LICENSE", 'TODO']
-  s.summary = SUMMARY
-  s.description = s.summary
-  s.author = AUTHOR
-  s.email = EMAIL
-  s.homepage = HOMEPAGE
-  s.add_dependency("merb-auth-core", ">= #{Merb::VERSION}")
-  s.require_path = 'lib'
-  s.files = %w(LICENSE README.textile Rakefile TODO) + Dir.glob("{lib,spec}/**/*")
-  
-end
+require 'rubygems'
+require 'rake'
 
-Rake::GemPackageTask.new(spec) do |pkg|
-  pkg.gem_spec = spec
-end
+# Load merb-auth-core version information
+require File.expand_path('../../merb-auth-core/lib/merb-auth-core/version', __FILE__)
 
-desc "install the plugin as a gem"
-task :install do
-  Merb::RakeHelper.install(GEM_NAME, :version => GEM_VERSION)
-end
+# Load this library's version information
+require File.expand_path('../lib/merb-auth-more/version', __FILE__)
 
-desc "Uninstall the gem"
-task :uninstall do
-  Merb::RakeHelper.uninstall(GEM_NAME, :version => GEM_VERSION)
-end
+begin
+
+  gem 'jeweler', '~> 1.4'
+  require 'jeweler'
+
+  Jeweler::Tasks.new do |gemspec|
+
+    gemspec.version     = Merb::Auth::More::VERSION.dup
+
+    gemspec.name        = "merb-auth-more"
+    gemspec.description = "Addons for merb-auth-core"
+    gemspec.summary     = "Additional resources for use with the merb-auth-core authentication framework."
+
+    gemspec.authors     = [ "Daniel Neighman" ]
+    gemspec.email       = "has.sox@gmail.com"
+    gemspec.homepage    = "http://merbivore.com/"
+
+    gemspec.files       = %w(LICENSE Rakefile README.textile TODO) + Dir['{lib,spec}/**/*']
+
+    # Runtime dependencies
+    gemspec.add_dependency 'merb-auth-core', "~> #{Merb::Auth::Core::VERSION}"
+
+    # Development dependencies              
+    gemspec.add_development_dependency 'rspec', ">= 1.2.9"
 
-desc "Create a gemspec file"
-task :gemspec do
-  File.open("#{GEM_NAME}.gemspec", "w") do |file|
-    file.puts spec.to_ruby
   end
+
+  Jeweler::GemcutterTasks.new
+
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |spec|
+  spec.spec_opts << '--options' << 'spec/spec.opts' if File.exists?('spec/spec.opts')
+  spec.libs << 'lib' << 'spec'
+  spec.spec_files = FileList['spec/**/*_spec.rb']
 end
 
-desc "Run all specs"
-Spec::Rake::SpecTask.new("spec") do |t|
-  t.spec_opts = ["--format", "specdoc", "--colour"]
-  t.spec_files = Dir["spec/**/*_spec.rb"].sort
-  t.rcov = false
-  t.rcov_opts << '--sort' << 'coverage' << '--sort-reverse'
-  t.rcov_opts << '--only-uncovered'
+Spec::Rake::SpecTask.new(:rcov) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
 end

data/lib/merb-auth-more.rb

@@ -1,3 +1,5 @@
+require 'merb-auth-core'
+
 # make sure we're running inside Merb
 if defined?(Merb::Plugins)
   # Merb gives you a Merb::Plugins.config hash...feel free to put your stuff in your piece of it
@@ -21,4 +23,4 @@ if defined?(Merb::Plugins)
   end
   
   Merb::Plugins.add_rakefiles "merb-auth-more/merbtasks"
-end
+end

data/lib/merb-auth-more/mixins/bcrypt_user.rb

@@ -0,0 +1,72 @@
+require 'bcrypt'
+require 'merb-auth-more/strategies/abstract_password'
+
+class Merb::Authentication
+  module Mixins
+    # This mixin provides basic salted user password encryption.
+    # 
+    # Added properties:
+    #  :crypted_password, String
+    #
+    # To use it simply require it and include it into your user class.
+    #
+    # class User
+    #   include Merb::Authentication::Mixins::SaltedUser
+    #
+    # end
+    #
+    module BCryptUser
+      
+      def self.included(base)
+        base.class_eval do 
+          attr_accessor :password, :password_confirmation
+
+          
+          include Merb::Authentication::Mixins::BCryptUser::InstanceMethods
+
+          
+          path = File.expand_path(File.dirname(__FILE__)) / "salted_user"
+          if defined?(DataMapper) && DataMapper::Resource > self
+            require path / "dm_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::DMClassMethods)
+          elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
+            require path / "ar_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::ARClassMethods)
+          elsif defined?(Sequel) && ancestors.include?(Sequel::Model)
+            require path / "sq_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::SQClassMethods)
+          elsif defined?(RelaxDB) && ancestors.include?(RelaxDB::Document)
+            require path / "relaxdb_salted_user"
+            extend(Merb::Authentication::Mixins::SaltedUser::RDBClassMethods)
+          end
+          
+        end # base.class_eval
+      end # self.included
+      
+      
+      module InstanceMethods
+        
+        def authenticated?(password)
+          bcrypt_password == password
+        end
+        
+        def bcrypt_password
+          @bcrypt_password ||=  BCrypt::Password.new(crypted_password)
+        end
+        
+        def password_required?
+          crypted_password.blank? || !password.blank?
+        end
+        
+        def encrypt_password
+          return if password.blank?
+          cost =  Merb::Plugins.config[:"merb-auth"][:bcrypt_cost] || BCrypt::Engine::DEFAULT_COST
+          self.crypted_password =  BCrypt::Password.create(password, :cost => cost)
+        end
+        
+      end # InstanceMethods
+      
+    end # SaltedUser    
+  end # Mixins
+end # Merb::Authentication
+

data/lib/merb-auth-more/mixins/redirect_back.rb

@@ -51,7 +51,7 @@ module Merb::Authentication::Mixins
     def _set_return_to
       unless request.exceptions.blank?
         session[:return_to] ||= []
-        session[:return_to] << request.uri
+        session[:return_to] << "#{Merb::Config[:path_prefix]}#{request.uri}"
         session[:return_to]
       end
     end

data/lib/merb-auth-more/mixins/salted_user.rb

@@ -1,5 +1,5 @@
-require "digest/sha1"
-require File.expand_path(File.dirname(__FILE__) / "..") / "strategies" / "abstract_password"
+require 'digest/sha1'
+require 'merb-auth-more/strategies/abstract_password'
 
 class Merb::Authentication
   module Mixins
@@ -25,18 +25,18 @@ class Merb::Authentication
           include Merb::Authentication::Mixins::SaltedUser::InstanceMethods
           extend  Merb::Authentication::Mixins::SaltedUser::ClassMethods
           
-          path = File.expand_path(File.dirname(__FILE__)) / "salted_user"
+          path = "merb-auth-more/mixins/salted_user"
           if defined?(DataMapper) && DataMapper::Resource > self
-            require path / "dm_salted_user"
+            require "#{path}/dm_salted_user"
             extend(Merb::Authentication::Mixins::SaltedUser::DMClassMethods)
           elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
-            require path / "ar_salted_user"
+            require "#{path}/ar_salted_user"
             extend(Merb::Authentication::Mixins::SaltedUser::ARClassMethods)
           elsif defined?(Sequel) && ancestors.include?(Sequel::Model)
-            require path / "sq_salted_user"
+            require "#{path}/sq_salted_user"
             extend(Merb::Authentication::Mixins::SaltedUser::SQClassMethods)
           elsif defined?(RelaxDB) && ancestors.include?(RelaxDB::Document)
-            require path / "relaxdb_salted_user"
+            require "#{path}/relaxdb_salted_user"
             extend(Merb::Authentication::Mixins::SaltedUser::RDBClassMethods)
           end
           
@@ -66,7 +66,7 @@ class Merb::Authentication
         
         def encrypt_password
           return if password.blank?
-          self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{Merb::Authentication::Strategies::Basic::Base.login_param}--") if new_record?
+          self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{Merb::Authentication::Strategies::Basic::Base.login_param}--") if salt.blank?
           self.crypted_password = encrypt(password)
         end
         

data/lib/merb-auth-more/mixins/salted_user/dm_salted_user.rb

@@ -4,9 +4,12 @@ class Merb::Authentication
       module DMClassMethods
         def self.extended(base)
           base.class_eval do
-            
+
             property :crypted_password, String, :length => 60
-            property :salt,             String
+
+            if Merb::Authentication::Mixins::SaltedUser > base
+              property :salt, String
+            end
             
             validates_present        :password, :if => proc{|m| m.password_required?}
             validates_is_confirmed   :password, :if => proc{|m| m.password_required?}

data/lib/merb-auth-more/mixins/salted_user/relaxdb_salted_user.rb

@@ -7,8 +7,11 @@ class Merb::Authentication
           base.class_eval do
  
             property :crypted_password
-            property :salt
- 
+
+            if Merb::Authentication::Mixins::SaltedUser > base
+              property :salt
+            end
+
             before_save :password_checks
             
             def password_checks

data/lib/merb-auth-more/mixins/salted_user/sq_salted_user.rb

@@ -1,21 +1,48 @@
+require 'merb_sequel'
+
 class Merb::Authentication
   module Mixins
     module SaltedUser
+
+      module SQ3Hooks
+        def before_save
+          return false if super == false
+          encrypt_password
+        end
+      end
+
+      module SQ3Validations
+        def validate
+          validates_presence(:password) if password_required?
+          validates_presence(:password_confirmation) if password_required?
+          errors.add(:password, "Passwords are not the same") if password != password_confirmation
+        end
+      end
+
+      module SQInstanceMethods
+        unless Sequel::Model.instance_methods.include?(:new_record?)
+          def new_record?
+            self.new?
+          end
+        end
+
+        if Merb::Orms::Sequel.new_sequel?
+          include Merb::Authentication::Mixins::SaltedUser::SQ3Hooks
+          include Merb::Authentication::Mixins::SaltedUser::SQ3Validations
+        end
+      end
+
       module SQClassMethods
-        
         def self.extended(base)
           base.class_eval do
-            
-            validates_presence_of     :password,                   :if => :password_required?
-            validates_presence_of     :password_confirmation,      :if => :password_required?
-            validates_confirmation_of :password,                   :if => :password_required?
-            
-            before_save :encrypt_password
-
-            include Merb::Authentication::Mixins::SaltedUser::SQInstanceMethods
-
-          end # base.class_eval 
-          
+            unless Merb::Orms::Sequel.new_sequel?
+              before_save :encrypt_password
+              validates_presence_of     :password,                   :if => :password_required?
+              validates_presence_of     :password_confirmation,      :if => :password_required?
+              validates_confirmation_of :password,                   :if => :password_required?
+            end
+            include Merb::Authentication::Mixins::SaltedUser::SQInstanceMethods 
+          end
         end # self.extended
         
         def authenticate(login, password)
@@ -24,12 +51,6 @@ class Merb::Authentication
         end
       end # SQClassMethods
 
-      module SQInstanceMethods
-        def new_record?
-          new?
-        end
-      end
-
     end # SaltedUser
   end # Mixins
 end # Merb::Authentication 

data/lib/merb-auth-more/strategies/basic/basic_auth.rb

@@ -1,4 +1,5 @@
 require 'merb-auth-more/strategies/abstract_password'
+
 # This strategy is used with basic authentication in Merb.
 #
 # == Requirements

data/lib/merb-auth-more/strategies/basic/openid.rb

@@ -17,6 +17,7 @@
 #   :identity_url - A string for holding the identity_url associated with this user (overwritable)
 #
 # install the ruby-openid gem
+
 require 'openid'
 require 'openid/store/filesystem'
 require 'openid/extensions/sreg'

data/lib/merb-auth-more/strategies/basic/password_form.rb

@@ -1,4 +1,5 @@
 require 'merb-auth-more/strategies/abstract_password'
+
 # This strategy uses a login  and password parameter.
 #
 # Overwrite the :password_param, and :login_param

data/lib/merb-auth-more/version.rb

@@ -0,0 +1,7 @@
+module Merb
+  module Auth
+    module More
+      VERSION = '1.1.0.pre'.freeze
+    end
+  end
+end

data/spec/mixins/dm_bcrypt_user_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+require 'dm-core'
+require 'dm-validations'
+require 'merb-auth-more/mixins/bcrypt_user'
+
+describe "A DataMapper Bcrypt User" do
+
+  include UserHelper
+
+  before(:all) do
+
+    DataMapper.setup(:default, "sqlite3::memory:")
+
+    class DataMapperBcryptUser
+
+      include DataMapper::Resource
+      include Merb::Authentication::Mixins::BCryptUser
+
+      property :id,    Serial
+      property :email, String
+      property :login, String
+
+    end
+
+    DataMapper.auto_migrate!
+
+  end
+
+  before(:each) do
+    @user_class = DataMapperBcryptUser
+    @user_class.create(valid_user_params)
+    @new_user = @user_class.new(valid_user_params)
+  end
+
+  after(:each) do
+    DataMapperBcryptUser.all.destroy!
+  end
+
+  it_should_behave_like 'every encrypted user'
+  it_should_behave_like 'every bcrypt user'
+
+end

data/spec/mixins/dm_salted_user_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+require 'dm-core'
+require 'dm-validations'
+require 'merb-auth-more/mixins/salted_user'
+
+describe "A DataMapper Salted User" do
+
+  include UserHelper
+  
+  before(:all) do
+
+    DataMapper.setup(:default, "sqlite3::memory:")
+    
+    class DataMapperSaltedUser
+
+      include DataMapper::Resource
+      include Merb::Authentication::Mixins::SaltedUser
+      
+      property :id,    Serial
+      property :email, String
+      property :login, String
+
+    end
+
+    DataMapper.auto_migrate!
+
+  end
+
+  before(:each) do
+    @user_class = DataMapperSaltedUser
+    @user_class.create(valid_user_params)
+    @new_user = @user_class.new(valid_user_params)
+  end
+
+  after(:each) do
+    DataMapperSaltedUser.all.destroy!
+  end
+
+  it_should_behave_like 'every encrypted user'
+  it_should_behave_like 'every salted user'
+
+end

data/spec/mixins/redirect_back_spec.rb

@@ -1,5 +1,43 @@
-require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
-require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "mixins", "redirect_back")
+require 'spec_helper'
+require 'merb-auth-more/mixins/redirect_back'
+
+
+describe "every call to redirect_back", :shared => true do
+
+  it "should set the return_to in the session when sent to the exceptions controller from a failed login" do
+    r = request("/go_back")
+    r.status.should == Merb::Controller::Unauthenticated.status
+    r2 = login
+    r2.should redirect_to(@return_to_after_failed_login)
+  end
+
+  it  "should not set the return_to in the session when deliberately going to unauthenticated" do
+    r = login
+    r.should redirect_to("/")
+  end
+
+  it "should still redirect to the original even if it's failed many times" do
+    request("/go_back")
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    r = login
+    r.should redirect_to(@return_to_after_failed_login)
+  end
+
+  it "should not redirect back to a previous redirect back after being logged out" do
+    request("/go_back")
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    request("/login", :method => "put", :params => {:pass_auth => false})
+    r = login
+    r.should redirect_to(@return_to_after_failed_login)
+    request("/logout", :method => "delete")
+    r = login
+    r.should redirect_to("/")
+  end
+
+end
 
 describe "redirect_back" do
   
@@ -60,38 +98,21 @@ describe "redirect_back" do
   def login
     request("/login", :method => "put", :params => {:pass_auth => true})
   end
-  
-  it "should set the return_to in the session when sent to the exceptions controller from a failed login" do
-    r = request("/go_back") 
-    r.status.should == Merb::Controller::Unauthenticated.status
-    r2 = login
-    r2.should redirect_to("/go_back")
-  end
-  
-  it  "should not set the return_to in the session when deliberately going to unauthenticated" do
-    r = login
-    r.should redirect_to("/")
-  end
-  
-  it "should still redirect to the original even if it's failed many times" do
-    request("/go_back")
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    r = login
-    r.should redirect_to("/go_back")
+
+  describe "without Merb::Config[:path_prefix]" do
+    before(:all) do
+      Merb::Config[:path_prefix] = nil
+      @return_to_after_failed_login = '/go_back'
+    end
+    it_should_behave_like 'every call to redirect_back'
   end
 
-  it "should not redirect back to a previous redirect back after being logged out" do
-    request("/go_back")
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    request("/login", :method => "put", :params => {:pass_auth => false})
-    r = login
-    r.should redirect_to("/go_back")
-    request("/logout", :method => "delete")
-    r = login
-    r.should redirect_to("/")
+  describe "without Merb::Config[:path_prefix]" do
+    before(:all) do
+      Merb::Config[:path_prefix] = '/myapp'
+      @return_to_after_failed_login = '/myapp/go_back'
+    end
+    it_should_behave_like 'every call to redirect_back'
   end
   
 end

data/spec/mixins/sq_bcrypt_user_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+require 'sequel'
+require 'merb_sequel'
+require 'merb-auth-more/mixins/bcrypt_user'
+
+DB = Sequel.sqlite unless Object.const_defined?('DB')
+
+describe "A Sequel Bcrypt User" do
+  
+  include UserHelper
+  
+  before(:all) do
+
+    DB.drop_table(:users) if DB.table_exists? :users
+    DB.create_table :users do
+      primary_key :id
+      column      :email,            :string
+      column      :login,            :string
+      column      :crypted_password, :string
+    end
+
+    class SequelBcryptUser < Sequel::Model
+      set_dataset :users
+      plugin(:validation_helpers) if Merb::Orms::Sequel.new_sequel?
+      include Merb::Authentication::Mixins::BCryptUser
+    end
+
+  end
+
+  before(:each) do
+    @user_class = SequelBcryptUser
+    @user_class.create(valid_user_params)
+    @new_user = @user_class.new(valid_user_params)
+  end
+
+  after(:each) do
+    SequelBcryptUser.delete
+  end
+
+  it_should_behave_like 'every encrypted user'
+  it_should_behave_like 'every bcrypt user'
+
+end

data/spec/mixins/sq_salted_user_spec.rb

@@ -0,0 +1,44 @@
+require 'spec_helper'
+require 'sequel'
+require 'merb_sequel'
+require 'merb-auth-more/mixins/salted_user'
+
+DB = Sequel.sqlite unless Object.const_defined?('DB')
+
+describe "A Sequel Salted User" do
+  
+  include UserHelper
+  
+  before(:all) do
+
+    DB.drop_table(:users) if DB.table_exists? :users
+    DB.create_table :users do
+      primary_key :id
+      column      :email,            :string
+      column      :login,            :string
+      column      :crypted_password, :string
+      column      :salt,             :string
+    end
+
+    class SequelSaltedUser < Sequel::Model
+      set_dataset :users
+      plugin(:validation_helpers) if Merb::Orms::Sequel.new_sequel?
+      include Merb::Authentication::Mixins::SaltedUser
+    end
+
+  end
+
+  before(:each) do
+    @user_class = SequelSaltedUser
+    @user_class.create(valid_user_params)
+    @new_user = @user_class.new(valid_user_params)
+  end
+
+  after(:each) do
+    SequelSaltedUser.delete
+  end
+
+  it_should_behave_like 'every encrypted user'
+  it_should_behave_like 'every salted user'
+
+end

data/spec/shared_user_spec.rb

@@ -0,0 +1,117 @@
+require 'spec_helper'
+
+module UserHelper
+
+  def valid_login
+    'fred'
+  end
+
+  def valid_email
+    'fred@example.com'
+  end
+
+  def valid_password
+    'sekrit'
+  end
+
+  def valid_user_params
+    {
+      :login                 => valid_login,
+      :email                 => valid_email,
+      :password              => valid_password,
+      :password_confirmation => valid_password
+    }
+  end
+
+end
+
+describe "every encrypted user", :shared => true do
+
+  describe "class" do
+
+    it "should authenticate valid credentials" do
+      @user_class.authenticate(valid_login, valid_password).should_not be_nil
+    end
+
+    it "should not authenticate an invalid login and an existing password" do
+      @user_class.authenticate("not_the_login", valid_password).should be_nil
+    end
+
+    it "should not authenticate a valid login and an invalid password" do
+      @user_class.authenticate(valid_login, "not_the_password").should be_nil
+    end
+
+    it "should not authenticate an invalid login and an unknown password" do
+      @user_class.authenticate("i_dont_exist", "not_the_password").should be_nil
+    end
+
+  end
+
+  describe "instance" do
+
+    it { @new_user.should respond_to(:password)              }
+    it { @new_user.should respond_to(:password_confirmation) }
+    it { @new_user.should respond_to(:crypted_password)      }
+
+    it "should require a password if a #password_required? returns true" do
+      @new_user.password = nil
+      @new_user.password_required?.should be_true
+      @new_user.should_not be_valid
+    end
+
+    it "should require a password_confirmation if #password_required? returns true" do
+      @new_user.password_confirmation = nil
+      @new_user.password_required?.should be_true
+      @new_user.should_not be_valid
+    end
+
+    it "should not require a password when saving an existing user" do
+      user = @user_class.first(:login => valid_login)
+      user.password.should be_nil
+      user.password_confirmation.should be_nil
+      user.login = "some_different_login_to_allow_saving"
+      user.save
+    end
+
+    it "should authenticate a user instance against a valid password" do
+      @user_class.first(:login => valid_login).should be_authenticated(valid_password)
+    end
+
+  end
+
+end
+
+describe 'every salted user', :shared => true do
+
+  it { @new_user.should respond_to(:salt) }
+
+  it "should set the salt" do
+    @new_user.salt.should be_nil
+    @new_user.send(:encrypt_password)
+    @new_user.salt.should_not be_nil    
+  end
+
+  it "should set the salt even when user is not new record but salt is blank" do
+    @new_user.save
+    @new_user.salt = nil
+    @new_user.send(:encrypt_password)
+    @new_user.salt.should_not be_nil
+  end
+
+end
+
+describe 'every bcrypt user', :shared => true do
+
+  it "should create a valid Bcrypt password" do
+    lambda { @new_user.bcrypt_password }.should raise_error(BCrypt::Errors::InvalidHash)
+    @new_user.send(:encrypt_password)
+    lambda { @new_user.bcrypt_password }.should_not raise_error(BCrypt::Errors::InvalidHash)
+  end
+
+  it "should use the cost set in Merb::Plugins.config[:'merb-auth'][:bcrypt_cost]" do
+    Merb::Plugins.config[:'merb-auth'][:bcrypt_cost] = 6
+    @new_user.send(:encrypt_password)
+    @new_user.bcrypt_password.cost.should == 6
+  end
+
+end

data/spec/spec.opts

@@ -0,0 +1,2 @@
+--format specdoc
+--colour

data/spec/spec_helper.rb

@@ -1,17 +1,38 @@
-$TESTING=true
-$:.push File.join(File.dirname(__FILE__), '..', 'lib')
+require "rubygems"
 
-require 'rubygems'
+# Use current merb-core sources if running from a typical dev checkout.
+lib = File.expand_path('../../../../merb/merb-core/lib', __FILE__)
+$LOAD_PATH.unshift(lib) if File.directory?(lib)
 require 'merb-core'
 require 'merb-core/test'
 require 'merb-core/dispatch/session'
-require 'spec' # Satisfies Autotest and anyone else not using the Rake tasks
+
+# Use current merb-auth-core sources if running from a typical dev checkout.
+lib = File.expand_path('../../../merb-auth-core/lib', __FILE__)
+$LOAD_PATH.unshift(lib) if File.directory?(lib)
 require 'merb-auth-core'
 
-Merb.start  :environment    => "test", 
-            :adapter        => "runner", 
-            :session_store  => "cookie", 
-            :session_secret_key => "d3a6e6f99a25004da82b71af8b9ed0ab71d3ea21"
+# Use current merb_sequel sources if running from a typical dev checkout.
+lib = File.expand_path('../../../../merb_sequel/lib', __FILE__)
+$LOAD_PATH.unshift(lib) if File.directory?(lib)
+require 'merb_sequel'
+
+# The lib under test
+require "merb-auth-more"
+
+# Satisfies Autotest and anyone else not using the Rake tasks
+require 'spec'
+
+require 'shared_user_spec'
+
+$TESTING=true
+
+Merb.start(
+  :environment        => "test",
+  :adapter            => "runner",
+  :session_store      => "cookie",
+  :session_secret_key => "d3a6e6f99a25004da82b71af8b9ed0ab71d3ea21"
+)
 
 module StrategyHelper
   def clear_strategies!

metadata

@@ -1,7 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: merb-auth-more
 version: !ruby/object:Gem::Version 
-  version: 1.0.15
+  prerelease: true
+  segments: 
+  - 1
+  - 1
+  - 0
+  - pre
+  version: 1.1.0.pre
 platform: ruby
 authors: 
 - Daniel Neighman
@@ -9,75 +15,104 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-11-04 00:00:00 +00:00
+date: 2010-02-21 00:00:00 +00:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: merb-auth-core
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 1
+        - 0
+        - pre
+        version: 1.1.0.pre
   type: :runtime
-  version_requirement: 
-  version_requirements: !ruby/object:Gem::Requirement 
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 1.0.15
-    version: 
-description: Additional resources for use with the merb-auth-core authentication framework.
+        segments: 
+        - 1
+        - 2
+        - 9
+        version: 1.2.9
+  type: :development
+  version_requirements: *id002
+description: Addons for merb-auth-core
 email: has.sox@gmail.com
 executables: []
 
 extensions: []
 
 extra_rdoc_files: 
-- README.textile
 - LICENSE
+- README.textile
 - TODO
 files: 
 - LICENSE
 - README.textile
 - Rakefile
 - TODO
+- lib/merb-auth-more.rb
 - lib/merb-auth-more/merbtasks.rb
+- lib/merb-auth-more/mixins/bcrypt_user.rb
 - lib/merb-auth-more/mixins/redirect_back.rb
+- lib/merb-auth-more/mixins/salted_user.rb
 - lib/merb-auth-more/mixins/salted_user/ar_salted_user.rb
 - lib/merb-auth-more/mixins/salted_user/dm_salted_user.rb
 - lib/merb-auth-more/mixins/salted_user/relaxdb_salted_user.rb
 - lib/merb-auth-more/mixins/salted_user/sq_salted_user.rb
-- lib/merb-auth-more/mixins/salted_user.rb
 - lib/merb-auth-more/strategies/abstract_password.rb
 - lib/merb-auth-more/strategies/basic/basic_auth.rb
 - lib/merb-auth-more/strategies/basic/openid.rb
 - lib/merb-auth-more/strategies/basic/password_form.rb
-- lib/merb-auth-more.rb
-- spec/merb-auth-more_spec.rb
+- lib/merb-auth-more/version.rb
+- spec/mixins/dm_bcrypt_user_spec.rb
+- spec/mixins/dm_salted_user_spec.rb
 - spec/mixins/redirect_back_spec.rb
-- spec/mixins/salted_user_spec.rb
+- spec/mixins/sq_bcrypt_user_spec.rb
+- spec/mixins/sq_salted_user_spec.rb
+- spec/shared_user_spec.rb
+- spec/spec.opts
 - spec/spec_helper.rb
 has_rdoc: true
 homepage: http://merbivore.com/
 licenses: []
 
 post_install_message: 
-rdoc_options: []
-
+rdoc_options: 
+- --charset=UTF-8
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version 
-      version: "0"
-  version: 
+      segments: 
+      - 1
+      - 3
+      - 1
+      version: 1.3.1
 requirements: []
 
-rubyforge_project: merb
-rubygems_version: 1.3.5
+rubyforge_project: 
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: Additional resources for use with the merb-auth-core authentication framework.

data/spec/merb-auth-more_spec.rb

@@ -1,4 +0,0 @@
-require File.dirname(__FILE__) + '/spec_helper'
-
-describe "merb-auth-more" do
-end

data/spec/mixins/salted_user_spec.rb

@@ -1,105 +0,0 @@
-require File.join(File.dirname(__FILE__), "..", 'spec_helper.rb')
-require 'dm-core'
-require 'dm-validations'
-require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "strategies", "abstract_password")
-require File.join(File.expand_path(File.dirname(__FILE__)), "..", ".." ,"lib", "merb-auth-more", "mixins", "salted_user")
-
-describe "A Salted User" do
-  
-  before(:all) do
-    DataMapper.setup(:default, "sqlite3::memory:")
-    
-    class Utilisateur
-      include DataMapper::Resource
-      include Merb::Authentication::Mixins::SaltedUser
-      
-      property :id, Serial
-      property :email, String
-      property :login, String
-    end
-    Utilisateur.auto_migrate!
-  end
-  
-  after(:each) do
-    Utilisateur.all.destroy!
-  end
-  
-  def default_user_params
-    {:login => "fred", :email => "fred@example.com", :password => "sekrit", :password_confirmation => "sekrit"}
-  end
-  
-  it "should authenticate a user using a class method" do
-    user = Utilisateur.new(default_user_params)
-    user.save
-    user.should_not be_new_record
-    Utilisateur.authenticate("fred", "sekrit").should_not be_nil
-  end
-  
-  it "should not authenticate a user using the wrong password" do
-    user = Utilisateur.new(default_user_params)  
-    user.save
-    Utilisateur.authenticate("fred", "not_the_password").should be_nil
-  end
-  
-  it "should not authenticate a user using the wrong login" do
-    user = Utilisateur.create(default_user_params)  
-    Utilisateur.authenticate("not_the_login@blah.com", "sekrit").should be_nil
-  end
-  
-  it "should not authenticate a user that does not exist" do
-    Utilisateur.authenticate("i_dont_exist", "password").should be_nil
-  end
-  
-  describe "passwords" do
-    before(:each) do
-      @user = Utilisateur.new(default_user_params)
-    end
-    
-    it{@user.should respond_to(:password)}
-    it{@user.should respond_to(:password_confirmation)}
-    it{@user.should respond_to(:crypted_password)}
-    
-    it "should require password if password is required" do
-      user = Utilisateur.new(:login => "fred", :email => "fred@example.com")
-      user.stub!(:password_required?).and_return(true)
-      user.valid?
-      user.errors.on(:password).should_not be_nil
-      user.errors.on(:password).should_not be_empty
-    end
-    
-    it "should set the salt" do
-      @user.salt.should be_nil
-      @user.send(:encrypt_password)
-      @user.salt.should_not be_nil    
-    end
-    
-    it "should require the password on create" do
-      user = Utilisateur.new(:login => "fred", :email => "fred@example.com")
-      user.save
-      user.errors.on(:password).should_not be_nil
-      user.errors.on(:password).should_not be_empty
-    end
-    
-    it "should require password_confirmation if the password_required?" do
-      user = Utilisateur.new(:login => "fred", :email => "fred@example.com", :password => "sekrit")
-      user.save
-      (user.errors.on(:password) || user.errors.on(:password_confirmation)).should_not be_nil
-    end
-     
-    it "should autenticate against a password" do
-      @user.save    
-      @user.should be_authenticated("sekrit")
-    end
-    
-    it "should not require a password when saving an existing user" do
-      @user.save
-      @user.should_not be_a_new_record
-      @user = Utilisateur.first(:login => "fred")
-      @user.password.should be_nil
-      @user.password_confirmation.should be_nil
-      @user.login = "some_different_login_to_allow_saving"
-      (@user.save).should be_true
-    end
-    
-  end  
-end