minimalist_authentication 0.6.4 → 0.6.5

data/.gitignore

@@ -3,3 +3,4 @@ coverage
 .loadpath
 .project
 .redcar
+*.gem

data/Gemfile

@@ -0,0 +1,2 @@
+source 'http://rubygems.org'
+gemspec

data/{test/rails_root/Gemfile.lock → Gemfile.lock}

@@ -1,3 +1,9 @@
+PATH
+  remote: .
+  specs:
+    minimalist_authentication (0.6.4)
+      bcrypt-ruby (~> 3.1.1)
+
 GEM
   remote: http://rubygems.org/
   specs:
@@ -29,6 +35,7 @@ GEM
       activesupport (= 3.0.5)
     activesupport (3.0.5)
     arel (2.0.10)
+    bcrypt-ruby (3.1.1)
     builder (2.1.2)
     erubis (2.6.6)
       abstract (>= 1.0.0)
@@ -62,18 +69,17 @@ GEM
       thor (~> 0.14.4)
     rake (0.9.2.2)
     sqlite3 (1.3.5)
-    sqlite3-ruby (1.3.3)
-      sqlite3 (>= 1.3.3)
     thor (0.14.6)
     treetop (1.4.10)
       polyglot
       polyglot (>= 0.3.1)
-    tzinfo (0.3.31)
+    tzinfo (0.3.32)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   factory_girl
+  minimalist_authentication!
   rails (= 3.0.5)
-  sqlite3-ruby
+  sqlite3

data/README.md

@@ -0,0 +1,55 @@
+[![Code Climate](https://codeclimate.com/badge.png)](https://codeclimate.com/github/wwidea/minimalist_authentication)
+
+MinimalistAuthentication
+========================
+
+A Rails authentication gem that takes a minimalist approach. It is designed to be simple to understand, use, and modify for your application.
+
+This gem was largely inspired by the restful-authentication plugin (http://github.com/technoweenie/restful-authentication/tree/master). I selected the essential methods for password based authentication, reorganized them, trimmed them down when possible, added a couple of features, and resisted the urge to start adding more.
+
+
+Installation
+============
+1) Add to your Gemfile:
+
+    gem 'minimalist_authentication'
+
+2) Create a user model:
+
+    ruby script/rails generate model user active:boolean email:string crypted_password:string salt:string using_digest_version:integer last_logged_in_at:datetime
+
+
+Example
+=======
+
+1) app/models/user.rb
+
+    class User < ActiveRecord::Base
+      include Minimalist::Authentication
+    end
+
+2) app/controllers/application.rb
+
+    class ApplicationController < ActionController::Base
+      include Minimalist::Authorization
+      
+      # Lock down everything by default
+      # use skip_before_filter to open up sepecific actions
+      prepend_before_filter :authorization_required
+    end
+
+3) app/controllers/sessions_controller.rb
+
+    class SessionsController < ApplicationController
+      include Minimalist::Sessions
+      skip_before_filter :authorization_required, :only => [:new, :create]
+    end
+
+4) test/test_helper.rb
+
+    class Test::Unit::TestCase
+      include Minimalist::TestHelper
+    end
+
+
+Copyright (c) 2009 Aaron Baldwin, released under the MIT license

data/Rakefile

@@ -1,6 +1,6 @@
 require 'rake'
 require 'rake/testtask'
-require 'rake/rdoctask'
+require 'rdoc/task'
 
 desc 'Default: run unit tests.'
 task :default => :test
@@ -28,7 +28,7 @@ task :rcov do
   rcov = "rcov --rails --text-summary -Ilib --exclude /gems/,/app/,/Library/"
   system("#{rcov} --html #{Dir.glob('test/**/*_test.rb').join(' ')}")
   if PLATFORM['darwin'] #Mac
-    system("open coverage/index.html") 
+    system("open coverage/index.html")
   elsif PLATFORM[/linux/] #Ubuntu, etc.
     system("/etc/alternatives/x-www-browser coverage/index.html")
   end

data/lib/minimalist/authentication.rb

@@ -15,21 +15,23 @@ module Minimalist
       base.extend(ClassMethods)
       base.class_eval do
         include InstanceMethods
-        
+
         attr_accessor :password
         before_save :encrypt_password
-        
+
         validates_presence_of     :email, :if => :validate_email_presence?
         validates_uniqueness_of   :email, :if => :validate_email_uniqueness?
         validates_format_of       :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i, :if => :validate_email_format?
         validates_presence_of     :password,                   :if => :password_required?
         validates_confirmation_of :password,                   :if => :password_required?
         validates_length_of       :password, :within => 6..40, :if => :password_required?
-        
+
         scope :active, :conditions => {:active => true}
+
+
       end
     end
-    
+
     module ClassMethods
       def authenticate(email, password)
         return if email.blank? || password.blank?
@@ -37,7 +39,7 @@ module Minimalist
         return unless user && user.authenticated?(password)
         return user
       end
-      
+
       def secure_digest(string, salt, version = 1)
         case version
           when 0 then Digest::MD5.hexdigest(string.to_s)
@@ -50,20 +52,20 @@ module Minimalist
       def make_token
         BCrypt::Engine.generate_salt(CALIBRATED_BCRYPT_COST)
       end
-      
+
       def guest
         new.tap do |user|
           user.email = GUEST_USER_EMAIL
         end
       end
     end
-    
+
     module InstanceMethods
-      
+
       def active?
         active
       end
-      
+
       def authenticated?(password)
         if crypted_password == encrypt(password)
           if self.respond_to?(:using_digest_version) and (using_digest_version != PREFERRED_DIGEST_VERSION or salt_cost < CALIBRATED_BCRYPT_COST)
@@ -77,38 +79,38 @@ module Minimalist
           return false
         end
       end
-      
+
       def logged_in
         self.class.update_all("last_logged_in_at='#{Time.now.to_s(:db)}'", "id=#{self.id}") # use update_all to avoid updated_on trigger
       end
-      
+
       def is_guest?
         email == GUEST_USER_EMAIL
       end
-      
+
       #######
       private
       #######
-      
+
       def password_required?
         active? && (crypted_password.blank? || !password.blank?)
       end
-      
+
       def encrypt(password)
         self.class.secure_digest(password, salt, digest_version)
       end
-      
+
       def encrypt_password
         return if password.blank?
         self.salt = self.class.make_token
         self.crypted_password = self.class.secure_digest(password, salt, (self.respond_to?(:using_digest_version) ? PREFERRED_DIGEST_VERSION : 1))
         self.using_digest_version = PREFERRED_DIGEST_VERSION if self.respond_to?(:using_digest_version)
       end
-      
+
       def digest_version
         self.respond_to?(:using_digest_version) ? (using_digest_version || 1) : 1
       end
-      
+
       def salt_cost
         BCrypt::Engine.valid_salt?(salt) ? salt.match(/\$[^\$]+\$([0-9]+)\$/)[1].to_i : 0
       end
@@ -118,15 +120,15 @@ module Minimalist
         # allows applications to turn off email validation
         true
       end
-      
+
       def validate_email_presence?
         validate_email? && active?
       end
-      
+
       def validate_email_format?
         validate_email? && active?
       end
-      
+
       def validate_email_uniqueness?
         validate_email? && active?
       end

data/lib/minimalist/version.rb

@@ -1,3 +1,3 @@
 module MinimalistAuthentication
-  VERSION = '0.6.4'
+  VERSION = '0.6.5'
 end

data/minimalist_authentication.gemspec

@@ -9,8 +9,12 @@ Gem::Specification.new do |s|
   s.homepage = "https://github.com/wwidea/minimalist_authentication"
   s.summary = %q{A Rails authentication plugin that takes a minimalist approach.}
   s.description = %q{A Rails authentication plugin that takes a minimalist approach. It is designed to be simple to understand, use, and modify for your application.}
-  
-  s.add_dependency('bcrypt-ruby', '~> 3.0.1')
+
+  s.add_dependency('bcrypt-ruby', '~> 3.1.1')
+
+  s.add_development_dependency('rails','3.0.5')
+  s.add_development_dependency('sqlite3')
+  s.add_development_dependency('factory_girl')
 
   s.files = `git ls-files`.split("\n")
   s.test_files = `git ls-files -- test/*`.split("\n")

data/test/authentication_test.rb

@@ -1,44 +1,48 @@
 require 'test_helper'
 
 class AuthenticationTest < ActiveSupport::TestCase
-  
+
   test "should not be able to set crypted_password through mass assignment" do
     user = Factory(:user)
     old_crypted_password = user.crypted_password
+    old_digest_version = user.using_digest_version
+    old_salt = user.salt
     user.update_attributes(:crypted_password => 'should not work')
+    assert_equal(old_digest_version, user.using_digest_version)
+    assert_equal(old_salt, user.salt)
     assert_equal(old_crypted_password, user.crypted_password)
   end
-  
+
   test "should return active user" do
     user = Factory(:user)
     assert_equal([user], User.active)
   end
-  
+
   test "should authenticate user" do
     user = Factory(:user)
     assert_equal(user, User.authenticate(user.email, 'password'))
   end
-  
+
   test "should fail to authenticate when email is blank" do
     user = Factory(:user)
     assert_nil(User.authenticate('', 'password'))
   end
-  
+
   test "should fail to authenticate when password is blank" do
     user = Factory(:user)
     assert_nil(User.authenticate(user.email, ''))
-  end  
-  
+  end
+
   test "should fail to authenticate when user is not active" do
     user = Factory(:user, :active => false)
     assert_nil(User.authenticate(user.email, 'password'))
   end
-  
+
   test "should fail to authenticate for incorrect password" do
     user = Factory(:user)
     assert_nil(User.authenticate(user.email, 'incorrect_password'))
   end
-  
+
   test "should create salt and encrypted_password for new user" do
     user = User.new(:email => 'test@testing.com', :password => 'testing')
     assert(user.save)
@@ -46,38 +50,38 @@ class AuthenticationTest < ActiveSupport::TestCase
     assert_not_nil(user.crypted_password)
     assert(user.authenticated?('testing'))
   end
-  
+
   test "should update last_logged_in_at without updating updated_at timestamp" do
     user = Factory(:user, :updated_at => 1.day.ago)
     updated_at = user.updated_at
     user.logged_in
     assert(user.updated_at == updated_at)
   end
-  
+
   test "guest should be guest" do
     assert(User.guest.is_guest?)
   end
-  
+
   test "should allow inactive user to pass validation without an email or password" do
     assert(User.new.valid?)
   end
-  
+
   test "should fail validation for active user without email" do
     user = User.new(:active => true)
     assert_equal(false, user.valid?)
     assert(user.errors[:email])
   end
-  
+
   test "should fail validation for active user without password" do
     user = User.new(:active => true)
     assert_equal(false, user.valid?)
     assert(user.errors[:password])
   end
-  
+
   test "should use latest digest version for new users" do
     assert_equal(User::PREFERRED_DIGEST_VERSION,Factory(:user).using_digest_version)
   end
-  
+
   test "should migrate legacy users to new digest version" do
     #Setup a user using the old digest version.
     #This wouldn't be necessary with fixtures.
@@ -89,11 +93,11 @@ class AuthenticationTest < ActiveSupport::TestCase
     assert(legacy_user.save)
     assert_equal(nil, legacy_user.reload.using_digest_version)
     assert_equal('86f156baf9e4868e6dcf910b65775efdeaa347d8',legacy_user.crypted_password)
-    
+
     # Ok, now we can finally do the test.
     legacy_crypted_password = legacy_user.crypted_password
     assert(legacy_user.authenticated?('my_password'))
-    assert_equal(2,legacy_user.reload.using_digest_version)
+    assert_equal(Minimalist::Authentication::PREFERRED_DIGEST_VERSION,legacy_user.reload.using_digest_version)
     assert_not_equal(legacy_crypted_password,legacy_user.crypted_password)
   end
 end

data/test/authorization_test.rb

@@ -3,73 +3,73 @@ require 'test_helper'
 class AuthorizationTest < ActiveSupport::TestCase
   def AuthorizationTest.helper_method(*args); end
   include Minimalist::Authorization
-  
+
   test "should return guest for current_user" do
     assert_equal('guest', current_user.email)
   end
-  
+
   test "should return logged_in user for current_user" do
     user = Factory(:user)
     session[:user_id] = user.id
     assert_equal(user, current_user)
   end
-  
+
   test "should pass authorization" do
     user = Factory(:user)
     session[:user_id] = user.id
     assert(authorization_required)
   end
-  
+
   test "should fail authorization" do
     assert_equal(new_session_path, authorization_required)
   end
-  
+
   test "should store location" do
     store_location
-    assert_equal(request.request_uri, session[:return_to])
+    assert_equal(request.fullpath, session['return_to'])
   end
-  
+
   test "should redirect to stored location" do
     store_location
     redirect_back_or_default('/')
-    assert_equal(request.request_uri, redirect_to)
+    assert_equal(request.fullpath, redirect_to)
   end
-  
+
   test "should redirect to stored location only once" do
     store_location
     redirect_back_or_default('/')
-    assert_equal(request.request_uri, redirect_to)
+    assert_equal(request.fullpath, redirect_to)
     redirect_back_or_default('/')
     assert_equal('/', redirect_to)
   end
-  
+
   test "should redirect to default" do
     redirect_back_or_default('/')
     assert_equal('/', redirect_to)
   end
-  
+
   #######
   private
   #######
-  
+
   def redirect_to(path = nil)
     @redirect_to = path if path
     return @redirect_to
   end
-  
+
   def session; @session ||= Hash.new; end
-  
+
   def action_name; nil; end
   def controller_name; nil; end
   def new_session_path; '/session/new'; end
-  
+
   def request
     (Class.new do
       def method
         :get
       end
-      
-      def request_uri
+
+      def fullpath
         'http://www.example.com'
       end
     end).new

data/test/factories.rb

@@ -1,8 +1,10 @@
 module Factories
+  salt = User.make_token
   Factory.define :user do |u|
     u.active true
     u.email 'test@testing.com'
-    u.password 'password'
-    u.password_confirmation 'password'
+    u.salt salt
+    u.crypted_password User.secure_digest('password',salt,Minimalist::Authentication::PREFERRED_DIGEST_VERSION)
+    u.using_digest_version Minimalist::Authentication::PREFERRED_DIGEST_VERSION
   end
 end

data/test/jenkins.bash

@@ -0,0 +1,9 @@
+#!/bin/bash
+bundle install
+
+cd test/rails_root
+bundle exec rake db:setup
+bundle exec rake db:test:prepare
+
+cd ../../
+bundle exec rake test

data/test/rails_root/app/models/user.rb

@@ -1,3 +1,4 @@
 class User < ActiveRecord::Base
   include Minimalist::Authentication
+  attr_protected :crypted_password, :salt, :using_digest_version
 end

data/test/rails_root/test/performance/browsing_test.rb

@@ -2,8 +2,8 @@ require 'test_helper'
 require 'rails/performance_test_help'
 
 # Profiling results for each test method are written to tmp/performance.
-class BrowsingTest < ActionDispatch::PerformanceTest
-  def test_homepage
-    get '/'
-  end
-end
+#class BrowsingTest < ActionDispatch::PerformanceTest
+#  def test_homepage
+#    get '/'
+#  end
+#end

data/test/test_helper.rb

@@ -1,4 +1,5 @@
-require File.dirname(__FILE__) + '/../init'
+require 'minimalist_authentication'
+require 'factory_girl'
 
 ENV["RAILS_ENV"] = "test"
 require File.expand_path('../rails_root/config/environment', __FILE__)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: minimalist_authentication
 version: !ruby/object:Gem::Version
-  version: 0.6.4
+  version: 0.6.5
   prerelease: 
 platform: ruby
 authors:
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-09-17 00:00:00.000000000 Z
+date: 2013-07-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
@@ -20,7 +20,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 3.0.1
+        version: 3.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -28,7 +28,55 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: 3.0.1
+        version: 3.1.1
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.5
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 3.0.5
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: factory_girl
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A Rails authentication plugin that takes a minimalist approach. It is
   designed to be simple to understand, use, and modify for your application.
 email:
@@ -38,10 +86,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - .gitignore
+- Gemfile
+- Gemfile.lock
 - MIT-LICENSE
-- README
+- README.md
 - Rakefile
-- init.rb
 - lib/app/views/sessions/_form.html.erb
 - lib/app/views/sessions/new.html.erb
 - lib/minimalist/authentication.rb
@@ -56,8 +105,7 @@ files:
 - test/authentication_test.rb
 - test/authorization_test.rb
 - test/factories.rb
-- test/rails_root/Gemfile
-- test/rails_root/Gemfile.lock
+- test/jenkins.bash
 - test/rails_root/README
 - test/rails_root/Rakefile
 - test/rails_root/app/controllers/application_controller.rb
@@ -120,8 +168,7 @@ test_files:
 - test/authentication_test.rb
 - test/authorization_test.rb
 - test/factories.rb
-- test/rails_root/Gemfile
-- test/rails_root/Gemfile.lock
+- test/jenkins.bash
 - test/rails_root/README
 - test/rails_root/Rakefile
 - test/rails_root/app/controllers/application_controller.rb
@@ -156,3 +203,4 @@ test_files:
 - test/rails_root/test/test_helper.rb
 - test/sessions_test.rb
 - test/test_helper.rb
+has_rdoc: 

data/README

@@ -1,45 +0,0 @@
-MinimalistAuthentication
-========================
-
-A Rails authentication plugin that takes a minimalist approach. It is designed to be simple to understand, use, and modify for your application.
-
-This plugin was largely inspired by the restful-authentication plugin (http://github.com/technoweenie/restful-authentication/tree/master). I selected the essential methods for password based authentication, reorganized them, trimmed them down when possible, added a couple of features, and resisted the urge to start adding more.
-
-
-Installation
-============
-script/plugin install git://github.com/aaron/minimalist_authentication.git
-
-ruby script/generate scaffold user active:boolean email:string crypted_password:string salt:string using_digest_version:integer last_logged_in_at:datetime
-
-
-Example
-=======
-
-app/models/user.rb
-class User < ActiveRecord::Base
-  include Minimalist::Authentication
-end
-
-app/controllers/application.rb
-class ApplicationController < ActionController::Base
-  include Minimalist::Authorization
-  
-  # Lock down everything by default
-  # use skip_before_filter to open up sepecific actions
-  prepend_before_filter :authorization_required
-end
-
-app/controllers/sessions_controller.rb
-class SessionsController < ApplicationController
-  include Minimalist::Sessions
-  skip_before_filter :authorization_required, :only => [:new, :create]
-end
-
-test/test_helper.rb
-class Test::Unit::TestCase
-  include Minimalist::TestHelper
-end
-
-
-Copyright (c) 2009 Aaron Baldwin, released under the MIT license

data/init.rb

@@ -1,2 +0,0 @@
-# Include hook code here
-require 'minimalist_authentication'

data/test/rails_root/Gemfile

@@ -1,33 +0,0 @@
-source 'http://rubygems.org'
-
-gem 'rails', '3.0.5'
-
-# Bundle edge Rails instead:
-# gem 'rails', :git => 'git://github.com/rails/rails.git'
-
-gem 'sqlite3-ruby', :require => 'sqlite3'
-
-# Use unicorn as the web server
-# gem 'unicorn'
-
-# Deploy with Capistrano
-# gem 'capistrano'
-
-# To use debugger (ruby-debug for Ruby 1.8.7+, ruby-debug19 for Ruby 1.9.2+)
-# gem 'ruby-debug'
-# gem 'ruby-debug19'
-
-# Bundle the extra gems:
-# gem 'bj'
-# gem 'nokogiri'
-# gem 'sqlite3-ruby', :require => 'sqlite3'
-# gem 'aws-s3', :require => 'aws/s3'
-
-gem 'factory_girl'
-
-# Bundle gems for the local environment. Make sure to
-# put test-only gems in this group so their generators
-# and rake tasks are available in development mode:
-# group :development, :test do
-#   gem 'webrat'
-# end