monban 0.0.15 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: de0ec82d19c70154d42f8f7190037d760b4646f6
-  data.tar.gz: f48908fd2c9779d41abdc43ec9a275861c2b200a
+  metadata.gz: 4f3908fbff78befaa3da1b03f38c0d65d31727e0
+  data.tar.gz: 084f52a5bd3751d14600a9f7f54a3eb5a279f555
 SHA512:
-  metadata.gz: 358aab452b6adc7615911edcde97bbaba49cf55ebd3c5d485be15ab723fc76c6a94dc89901a7718be1d3732ea3f60805cd83f5bd29d70928d81015cc8f2f5884
-  data.tar.gz: bff158beadb5e27a3d4c1f32a37c138ac92ab358f3341139c175da0382644421c53ae57c9542f87a7de1c24e7c12dd07dea12544928fe503b47e98dc7023370d
+  metadata.gz: a71edfc56f62eaa9ce703b94e4475e1546a47da7960c426022f22d8f733989dad0106edf3a9c153ae9e4919e6f4ddfc27c0b71e2015a5219b9484d7bd82d50fc
+  data.tar.gz: f8aa579c7a1e9c9f1b4dfaeb3c13f0173853487f12e63b7abbb618f19f9bddd1d71c11ff928e6ee68fa972ca715a04a5b303d7ca29856ba8b81b0eb9e033c591

data/.gitignore

@@ -2,3 +2,6 @@ spec/rails_app/log/*
 spec/rails_app/tmp/*
 *.sqlite3
 pkg
+/.yardoc/
+/_yardoc/
+/doc/

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    monban (0.0.15)
+    monban (0.1.0)
       bcrypt
       rails
       warden

data/NEWS.rdoc

@@ -1,3 +1,16 @@
+== 0.1.0
+* Fix PasswordStrategy to use configuration options
+* Documentation
+* Renamed encryption to hashing
+* Renamed encrypted to digested
+* Renamed unencrypted to undigested
+* A configuration for `no_login_redirect` was added. This accepts anything that
+  can be passed to `redirect_to` and is used when `require_login` is called with
+  no logged in user.
+* A configuration for `no_login_handler` was added. This allows developers to
+  completely customize the response when `require_login` is called with no
+  logged in user.
+
 == 0.0.15
 * Delegate user_class correctly so that config returns class
 * Fixed issue authenticate session not allowing for multiple fields

data/README.md

@@ -1,3 +1,4 @@
+
 # Monban 門番
 
 [![Build Status](https://travis-ci.org/halogenandtoast/monban.png?branch=master)](https://travis-ci.org/halogenandtoast/monban)
@@ -36,7 +37,7 @@ And you're ready to start designing your authentication system.
 
 ## Generators
 
-If you'd like a good starting point for building an app using Monban, it is suggested to use the [monban generators](https://github.com/halogenandtoast/monban-generators).
+If you'd like a good starting point for building an app using Monban, it is suggested to use the [monban generators]
 
 ## Usage
 
@@ -78,7 +79,7 @@ Monban provides the following:
 Monban.test_mode!
 ```
 
-Which will change password encryption to provide plaintext responses instead of using BCrypt. This will allow you to write factories using the password_digest field:
+Which will change password hashing method to provide plaintext responses instead of using BCrypt. This will allow you to write factories using the password_digest field:
 
 ```ruby
 FactoryGirl.define do
@@ -169,6 +170,26 @@ end
 
 ## Advanced Functionality
 
+### Authentication with username instead of email
+
+If you want to sign in with username instead of email just change the configuration option
+
+```ruby
+# config/initializers/monban.rb
+Monban.configure do |config|
+  config.user_lookup_field = :username
+end
+```
+
+If you used the monban:scaffold generator from [monban generators] you'll have to change the following four references to email.
+
+* In SessionsController#session_params
+* In UsersController#user_params
+* The email form field on sessions#new
+* The email form field on users#new
+
+### Using multiple lookup fields
+
 You may perform a look up on a user using multiple fields by doing something like the following:
 
 ```ruby
@@ -194,7 +215,43 @@ end
 
 This will allow the user to enter either their username or email to login
 
-### Limitations
+## Configuration
+
+Monban::Configuration has lots of options for changing how monban works. Currently the options you can change are as follows:
+
+### User values
+
+* **user_lookup_field**: (default `:email`) Field in the database to lookup a user by.
+* **user_token_field**: (default `:password`) Field the form submits containing the undigested password.
+* **user_token_store_field**: (default: `:password_digest`) Field in the database that stores the user's digested password.
+* **user_class**: (default: `User`) The user class.
+
+### Services
+
+* **sign_in_notice**: (default: `You must be signed in`) Rails flash message to set when user signs in.
+* **sign_in_service**: (default: `Monban::Services::SignIn`) Service for signing a user in.
+* **sign_up_service**: (default: `Monban::Services::SignUp`) Service for signing a user up.
+* **sign_out_service**: (default: `Monban::Services::SignOut`) Service for signing a user out.
+* **authentication_service**: (default: `Monban::Services::Authentication`) Service for authenticated a user.
+* **password_reset_service**: (default: `Monban::Services::PasswordReset`) Service for resetting a user's password.
+
+### Rails values
+
+* **no_login_handler**: A before_action for rails that handles when a user is not signed in.
+* **no_login_redirect**: Used by the no_login_handler to redirect the user
+
+### Methods
+
+* **hashing_method**: Method to hash an undigested password.
+* **token_comparison**: Method to compare a digested and undigested password.
+* **creation_method**: Method for creating a user.
+* **find_method**: Method for finding a user.
+
+### Warden Settings
+
+* **failure_app**: Necessary for warden to work. A rack app that handles failures in authentication.
+
+## Limitations
 
 Here are a few of the current limitations of monban:
 
@@ -207,3 +264,5 @@ Here are a few of the current limitations of monban:
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)
 5. Create new Pull Request
+
+[monban generators]: https://github.com/halogenandtoast/monban-generators

data/lib/monban.rb

@@ -10,6 +10,10 @@ require "monban/field_map"
 require "monban/strategies/password_strategy"
 require "active_support/core_ext/module/attribute_accessors"
 
+# Monban is an authentication toolkit designed to allow developers to create their own
+# authentication solutions. If you're interested in a default implementation try
+# {http://github.com/halogenandtoast/monban-generators Monban Generators}
+# @since 0.0.15
 module Monban
   mattr_accessor :warden_config
   mattr_accessor :config
@@ -19,42 +23,82 @@ module Monban
     autoload :ControllerHelpers, "monban/test/controller_helpers"
   end
 
-  def self.initialize warden_config, &block
-    setup_config(&block)
+  # initialize Monban. Sets up warden and the default configuration.
+  #
+  # @note This is used in {Monban::Railtie} in order to bootstrap Monban
+  # @param warden_config [Warden::Config] the configuration from warden
+  # @see Monban::Railtie
+  # @see Monban::Configuration
+  def self.initialize warden_config
+    setup_config
     setup_warden_config(warden_config)
   end
 
+  # compares the token (undigested password) to a digested password
+  #
+  # @param digest [String] A digested password
+  # @param token [String] An undigested password
+  # @see Monban::Configuration#default_token_comparison
+  # @return [Boolean] whether the token and digest match
   def self.compare_token(digest, token)
     config.token_comparison.call(digest, token)
   end
 
-  def self.encrypt_token(token)
-    config.encryption_method.call(token)
+  # hashes a token
+  #
+  # @param token [String] the password in undigested form
+  # @see Monban::Configuration#default_hashing_method
+  # @return [String] a digest of the token
+  def self.hash_token(token)
+    config.hashing_method.call(token)
   end
 
+  # the user class
+  #
+  # @see Monban::Configuration#setup_class_defaults
+  # @return [Class] the User class
   def self.user_class
     config.user_class
   end
 
+  # finds a user based on their credentials
+  #
+  # @param params [Hash] a hash of user parameters
+  # @param field_map [FieldMap] a field map in order to allow multiple lookup fields
+  # @see Monban::Configuration#default_find_method
+  # @return [User] if user is found
+  # @return [nil] if no user is found
   def self.lookup(params, field_map)
     fields = FieldMap.new(params, field_map).to_fields
     self.config.find_method.call(fields)
   end
 
+  # Puts monban into test mode. This will disable hashing passwords
+  # @note You must call this if you want to use monban in your tests
   def self.test_mode!
     Warden.test_mode!
     self.config ||= Monban::Configuration.new
-    config.encryption_method = ->(password) { password }
-    config.token_comparison = ->(digest, unencrypted_password) do
-      digest == unencrypted_password
+    config.hashing_method = ->(password) { password }
+    config.token_comparison = ->(digest, undigested_password) do
+      digest == undigested_password
     end
   end
 
+  # Configures monban
+  #
+  # @yield [configuration] Yield the current configuration
+  # @example A custom configuration
+  #   Monban.configure do |config|
+  #     config.user_lookup_field = :username
+  #     config.user_token_store_field = :hashed_password
+  #   end
   def self.configure(&block)
     self.config ||= Monban::Configuration.new
     yield self.config
   end
 
+  # Resets monban in between tests.
+  # @note You must call this between tests
   def self.test_reset!
     Warden.test_reset!
   end
@@ -63,9 +107,6 @@ module Monban
 
   def self.setup_config
     self.config ||= Monban::Configuration.new
-    if block_given?
-      yield config
-    end
   end
 
   def self.setup_warden_config(warden_config)

data/lib/monban/back_door.rb

@@ -1,9 +1,26 @@
 module Monban
+  # Middleware used in tests to allow users to be signed in directly, without
+  # having to load and submit the sign in form. The user should be provided by
+  # using the key :as in a hash passed to the path.
+  #
+  # @note This should only be used for testing purposes
+  # @since 0.0.15
+  # @example Using the backdoor in an rspec feature spec
+  #   feature "User dashboard" do
+  #     scenario "user visits dashboard" do
+  #       user = create(:user)
+  #       visit dashboard_path(as: user)
+  #       expect(page).to have_css("#dashboard")
+  #     end
+  #   end
   class BackDoor
+    # Create the a new BackDoor middleware for test purposes
+    # @return [BackDoor]
     def initialize(app)
       @app = app
     end
 
+    # Execute the BackDoor middleware signing in the user specified with :as
     def call(env)
       sign_in_through_the_back_door(env)
       @app.call(env)

data/lib/monban/configuration.rb

@@ -1,29 +1,37 @@
 module Monban
+  # Configuration options for Monban
+  # @since 0.0.15
   class Configuration
-
     attr_accessor :user_token_field, :user_token_store_field
-    attr_accessor :encryption_method, :token_comparison, :user_lookup_field
+    attr_accessor :hashing_method, :token_comparison, :user_lookup_field
     attr_accessor :sign_in_notice
     attr_accessor :sign_in_service, :sign_up_service, :sign_out_service
     attr_accessor :authentication_service, :password_reset_service
     attr_accessor :failure_app
     attr_accessor :creation_method, :find_method
+    attr_accessor :no_login_handler, :no_login_redirect
 
     attr_writer :user_class
 
     def initialize
       setup_class_defaults
-      setup_token_encryption
+      setup_token_hashing
       setup_notices
       setup_services
       setup_requirements
     end
 
+    # Default creation method. Can be overriden via {Monban.configure}
+    #
+    # @see #creation_method=
     def default_creation_method
       ->(params) { Monban.user_class.create(params) }
     end
 
-    def default_encryption_method
+    # Default hashing method. Can be overriden via {Monban.configure}
+    #
+    # @see #hashing_method=
+    def default_hashing_method
       ->(token) do
         if token.present?
           BCrypt::Password.create(token)
@@ -33,25 +41,47 @@ module Monban
       end
     end
 
+    # Default find method. Can be overriden via {Monban.configure}
+    #
+    # @see #find_method=
+    # @see Monban.user_class
     def default_find_method
       ->(params) { Monban.user_class.find_by(params) }
     end
 
-    def default_password_comparison
-      ->(digest, unencrypted_token) do
-        BCrypt::Password.new(digest) == unencrypted_token
+    # Default token comparison method. Can be overriden via {Monban.configure}
+    #
+    # @see #token_comparison=
+    def default_token_comparison
+      ->(digest, undigested_token) do
+        BCrypt::Password.new(digest) == undigested_token
       end
     end
 
+    # Default handler when user is not logged in. Can be overriden via {Monban.configure}
+    #
+    # @see #no_login_handler=
+    # @see #sign_in_notice
+    # @see #no_login_redirect
+    def default_no_login_handler
+      ->(controller) do
+        controller.flash.notice = Monban.config.sign_in_notice
+        controller.redirect_to Monban.config.no_login_redirect
+      end
+    end
+
+    # User class. Can be overriden via {Monban.configure}
+    #
+    # @see #user_class=
     def user_class
       @user_class.constantize
     end
 
     private
 
-    def setup_token_encryption
-      @encryption_method = default_encryption_method
-      @token_comparison = default_password_comparison
+    def setup_token_hashing
+      @hashing_method = default_hashing_method
+      @token_comparison = default_token_comparison
     end
 
     def setup_notices
@@ -65,19 +95,20 @@ module Monban
       @user_lookup_field = :email
       @creation_method = default_creation_method
       @find_method = default_find_method
+      @no_login_redirect = { controller: '/session', action: 'new' }
+      @no_login_handler = default_no_login_handler
     end
 
     def setup_services
-      @authentication_service = Monban::Authentication
-      @sign_in_service = Monban::SignIn
-      @sign_up_service = Monban::SignUp
-      @sign_out_service = Monban::SignOut
-      @password_reset_service = Monban::PasswordReset
+      @authentication_service = Monban::Services::Authentication
+      @sign_in_service = Monban::Services::SignIn
+      @sign_up_service = Monban::Services::SignUp
+      @sign_out_service = Monban::Services::SignOut
+      @password_reset_service = Monban::Services::PasswordReset
     end
 
     def setup_requirements
       @failure_app = lambda{|e|[401, {"Content-Type" => "text/plain"}, ["Authorization Failed"]] }
     end
   end
-
 end

data/lib/monban/constraints/signed_in.rb

@@ -1,6 +1,10 @@
 module Monban
   module Constraints
+    # Rails route constraint for signed in users
     class SignedIn
+      # Checks to see if the constraint is matched by having a user signed in
+      #
+      # @param request [Rack::Request] A rack request
       def matches?(request)
         warden = request.env["warden"]
         warden && warden.authenticated?

data/lib/monban/constraints/signed_out.rb

@@ -1,6 +1,10 @@
 module Monban
   module Constraints
+    # Rails route constraint for signed out users
     class SignedOut
+      # Checks to see if the constraint is matched by not having a user signed in
+      #
+      # @param request [Rack::Request] A rack request
       def matches?(request)
         warden = request.env["warden"]
         warden && warden.unauthenticated?

data/lib/monban/controller_helpers.rb

@@ -2,12 +2,21 @@ require 'bcrypt'
 require 'active_support/concern'
 
 module Monban
+  # Mixin to be included in Rails controllers.
+  # @since 0.0.15
   module ControllerHelpers
     extend ActiveSupport::Concern
     included do
       helper_method :current_user, :signed_in?
     end
 
+    # Sign in a user
+    #
+    # @note Uses the {Monban::Services::SignIn} service to create a session
+    #
+    # @param user [User] the user object to sign in
+    # @yield Yields to the block if the user is successfully signed in
+    # @return [Object] returns the value from calling perform on the {Monban::Services::SignIn} service
     def sign_in user
       Monban.config.sign_in_service.new(user, warden).perform.tap do |status|
         if status && block_given?
@@ -16,10 +25,22 @@ module Monban
       end
     end
 
+    # Sign out the current session
+    #
+    # @note Uses the {Monban::Services::SignOut} service to destroy the session
+    #
+    # @return [Object] returns the value from calling perform on the {Monban::Services::SignOut} service
     def sign_out
       Monban.config.sign_out_service.new(warden).perform
     end
 
+    # Sign up a user
+    #
+    # @note Uses the {Monban::Services::SignUp} service to create a user
+    #
+    # @param user_params [Hash] params containing lookup and token fields
+    # @yield Yields to the block if the user is signed up successfully
+    # @return [Object] returns the value from calling perform on the {Monban::Services::SignUp} service
     def sign_up user_params
       Monban.config.sign_up_service.new(user_params).perform.tap do |status|
         if status && block_given?
@@ -28,6 +49,53 @@ module Monban
       end
     end
 
+    # Authenticates a session.
+    #
+    # @note Uses the {Monban::Services::Authentication} service to verify the user's details
+    #
+    # @param session_params [Hash] params containing lookup and token fields
+    # @param field_map [Hash] Field map used for allowing users to sign in with multiple fields e.g. email and username
+    # @return [User] if authentication succeeded
+    # @return [nil] if authentication failed
+    # @example Basic usage
+    #   class SessionsController < ApplicationController
+    #     def create
+    #       user = authenticate_session(session_params)
+    #
+    #        if sign_in(user)
+    #          redirect_to(root_path)
+    #        else
+    #          render :new
+    #        end
+    #      end
+    #
+    #      private
+    #
+    #      def session_params
+    #        params.require(:session).permit(:email, :password)
+    #      end
+    #
+    #    end
+    # @example Using the field map to authenticate using multiple lookup fields
+    #   class SessionsController < ApplicationController
+    #     def create
+    #       user = authenticate_session(session_params, email_or_username: [:email, :username])
+    #
+    #        if sign_in(user)
+    #          redirect_to(root_path)
+    #        else
+    #          render :new
+    #        end
+    #      end
+    #
+    #      private
+    #
+    #      def session_params
+    #        params.require(:session).permit(:email_or_username, :password)
+    #      end
+    #
+    #    end
+
     def authenticate_session session_params, field_map = nil
       token_field = Monban.config.user_token_field
       password = session_params.fetch(token_field)
@@ -35,30 +103,55 @@ module Monban
       authenticate(user, password)
     end
 
+    # Authenticates a user given a password
+    #
+    # @note Uses the {Monban::Services::Authentication} service to verify the user's credentials
+    #
+    # @param user [User] the user
+    # @param password [String] the password
+    # @return [User] if authentication succeeded
+    # @return [nil] if authentication failed
     def authenticate user, password
       Monban.config.authentication_service.new(user, password).perform
     end
 
+    # Resets a user's password
+    #
+    # @note Uses the {Monban::Services::PasswordReset} service to change a user's password
+    #
+    # @param user [User] the user
+    # @param password [String] the password
     def reset_password user, password
       Monban.config.password_reset_service.new(user, password).perform
     end
 
+    # @api private
     def warden
       request.env['warden']
     end
 
+    # helper_method that returns the current user
+    #
+    # @return [User] if user is signed in
+    # @return [nil] if user is not signed in
     def current_user
       @current_user ||= warden.user
     end
 
+    # helper_method that checks if there is a user signed in
+    #
+    # @return [User] if user is signed in
+    # @return [nil] if user is not signed in
     def signed_in?
       warden.user
     end
 
+    # before_action that determines what to do when the user is not signed in
+    #
+    # @note Uses the no login handler
     def require_login
       unless signed_in?
-        flash.notice = Monban.config.sign_in_notice
-        redirect_to controller: '/sessions', action: 'new'
+        Monban.config.no_login_handler.call(self)
       end
     end
   end

data/lib/monban/field_map.rb

@@ -1,10 +1,20 @@
 module Monban
+  # FieldMap is used to allow multiple lookup fields. For instance if you
+  # wanted to allow a user to sign in via email or username. This is used
+  # internally by the authenticate_session controller helper
+  # @since 0.0.15
   class FieldMap
+    # @param params [Hash] hash of parameters
+    # @param field_map [Hash] hash of values to map
     def initialize params, field_map
       @params = params
       @field_map = field_map
     end
 
+    # converts params into values that can be passed into a where clause
+    #
+    # @return [Array] if initialized with field_map
+    # @return [Hash] if not initialized with field_map
     def to_fields
       if @field_map
         params_from_field_map

data/lib/monban/railtie.rb

@@ -1,6 +1,8 @@
 require 'warden'
 
 module Monban
+  # Railtie for Monban. Injects the Warden middleware and initializes Monban.
+  # @since 0.0.15
   class Railtie < Rails::Railtie
     config.app_middleware.use Warden::Manager do |config|
       Monban.initialize(config)

data/lib/monban/services/authentication.rb

@@ -1,26 +1,38 @@
 module Monban
-  class Authentication
-    def initialize user, unencrypted_token
-      @user = user
-      @unencrypted_token = unencrypted_token
-    end
+  module Services
+    # Authentication service. Checks to see if the credentials provided are valid
+    # @since 0.0.15
+    class Authentication
+      # Initialize service
+      #
+      # @param user [User] A user object
+      # @param undigested_token [String] An undigested password
+      def initialize user, undigested_token
+        @user = user
+        @undigested_token = undigested_token
+      end
 
-    def perform
-      if authenticated?
-        @user
-      else
-        false
+      # Perform the service
+      #
+      # @return [User] if authentication succeeds
+      # @return [false] if authentication fails
+      def perform
+        if authenticated?
+          @user
+        else
+          false
+        end
       end
-    end
 
-    private
+      private
 
-    def authenticated?
-      @user && Monban.compare_token(@user.send(token_store_field), @unencrypted_token)
-    end
+      def authenticated?
+        @user && Monban.compare_token(@user.send(token_store_field), @undigested_token)
+      end
 
-    def token_store_field
-      Monban.config.user_token_store_field
+      def token_store_field
+        Monban.config.user_token_store_field
+      end
     end
   end
 end

data/lib/monban/services/password_reset.rb

@@ -1,14 +1,23 @@
 module Monban
-  class PasswordReset
-    def initialize user, password
-      @user = user
-      @password = password
-    end
+  module Services
+    # Password reset service. Updates the password on a User
+    # @since 0.0.15
+    class PasswordReset
+      # Initialize service
+      #
+      # @param user [User] A user object
+      # @param new_password [String] The new undigested password for a user
+      def initialize user, new_password
+        @user = user
+        @new_password = new_password
+      end
 
-    def perform
-      field = Monban.config.user_token_store_field
-      encrypted_password = Monban.encrypt_token(@password)
-      @user[field] = encrypted_password
+      # Perform the service.
+      def perform
+        field = Monban.config.user_token_store_field
+        digested_password = Monban.hash_token(@new_password)
+        @user[field] = digested_password
+      end
     end
   end
 end

data/lib/monban/services/sign_in.rb

@@ -1,12 +1,21 @@
 module Monban
-  class SignIn
-    def initialize user, warden
-      @user = user
-      @warden = warden
-    end
+  module Services
+    # Sign in service. Signs the user in via warden
+    # @since 0.0.15
+    class SignIn
+      # Initialize service
+      #
+      # @param user [User] A user object
+      # @param warden [Warden] warden
+      def initialize user, warden
+        @user = user
+        @warden = warden
+      end
 
-    def perform
-      @warden.set_user(@user)
+      # Perform the service
+      def perform
+        @warden.set_user(@user)
+      end
     end
   end
 end

data/lib/monban/services/sign_out.rb

@@ -1,11 +1,19 @@
 module Monban
-  class SignOut
-    def initialize warden
-      @warden = warden
-    end
+  module Services
+    # Sign out service. Signs the user out via warden
+    # @since 0.0.15
+    class SignOut
+      # Initialize service
+      #
+      # @param warden [Warden] warden
+      def initialize warden
+        @warden = warden
+      end
 
-    def perform
-      @warden.logout
+      # Perform the service
+      def perform
+        @warden.logout
+      end
     end
   end
 end

data/lib/monban/services/sign_up.rb

@@ -1,31 +1,40 @@
 module Monban
-  class SignUp
-    def initialize user_params
-      encrypted_token = token_digest(user_params)
-      @user_params = user_params.
-        except(token_field).
-        merge(token_store_field.to_sym => encrypted_token)
-    end
+  module Services
+    # Sign up service. Signs the user up
+    # @since 0.0.15
+    class SignUp
+      # Initialize service
+      #
+      # @param user_params [Hash] A hash of user credentials. Should contain the lookup and token fields
+      def initialize user_params
+        digested_token = token_digest(user_params)
+        @user_params = user_params.
+          except(token_field).
+          merge(token_store_field.to_sym => digested_token)
+      end
 
-    def perform
-      Monban.config.creation_method.call(@user_params.to_hash)
-    end
+      # Performs the service
+      # @see Monban::Configuration.default_creation_method
+      def perform
+        Monban.config.creation_method.call(@user_params.to_hash)
+      end
 
-    private
+      private
 
-    def token_digest(user_params)
-      unencrypted_token = user_params[token_field]
-      unless unencrypted_token.empty?
-        Monban.encrypt_token(unencrypted_token)
+      def token_digest(user_params)
+        undigested_token = user_params[token_field]
+        unless undigested_token.empty?
+          Monban.hash_token(undigested_token)
+        end
       end
-    end
 
-    def token_store_field
-      Monban.config.user_token_store_field
-    end
+      def token_store_field
+        Monban.config.user_token_store_field
+      end
 
-    def token_field
-      Monban.config.user_token_field
+      def token_field
+        Monban.config.user_token_field
+      end
     end
   end
 end

data/lib/monban/strategies/password_strategy.rb

@@ -2,16 +2,41 @@ require 'warden'
 
 module Monban
   module Strategies
+    # Password strategy for warden
+    # @since 0.0.15
     class PasswordStrategy < ::Warden::Strategies::Base
+
+      # Checks if strategy should be executed
+      # @return [Boolean]
       def valid?
-        params[:email] || params[:password]
+        lookup_field_value || token_field_value
       end
 
+
+      # Authenticates for warden
       def authenticate!
-        user = Monban.user_class.find_by(email: params[:email])
-        auth = Authentication.new(user, params[:password])
+        user = Monban.user_class.find_by(lookup_field => lookup_field_value)
+        auth = Monban.config.authentication_service.new(user, token_field_value)
         auth.authenticated? ? success!(user) : fail!("Could not log in")
       end
+
+      private
+
+      def lookup_field_value
+        params[lookup_field]
+      end
+
+      def token_field_value
+        params[token_field]
+      end
+
+      def lookup_field
+        Monban.config.user_lookup_field
+      end
+
+      def token_field
+        Monban.config.user_token_field
+      end
     end
   end
 end

data/lib/monban/test/controller_helpers.rb

@@ -2,6 +2,9 @@ require 'warden'
 
 module Monban
   module Test
+    # These are test helpers for controller specs
+    # @note these have only been tested with rspec controller specs
+    # @since 0.0.15
     module ControllerHelpers
       def self.included(base)
         base.class_eval do
@@ -9,18 +12,18 @@ module Monban
         end
       end
 
-      def store_controller_for_warden
-        @request.env['action_controller.instance'] = @controller
-      end
-
+      # Signs a user in for tests
+      # @param user [User] the user to sign in
       def sign_in(user)
         @controller.sign_in(user)
       end
 
+      # Signs the user out in tests
       def sign_out
         @controller.sign_out
       end
 
+      # A mock of warden for tests
       def warden
         @warden ||= begin
           manager = Warden::Manager.new(nil) do |config|
@@ -29,6 +32,12 @@ module Monban
           @request.env['warden'] = Warden::Proxy.new(@request.env, manager)
         end
       end
+
+      private
+      def store_controller_for_warden
+        @request.env['action_controller.instance'] = @controller
+      end
+
     end
   end
 end

data/lib/monban/test/helpers.rb

@@ -1,12 +1,18 @@
 module Monban
   module Test
+    # Helpers for integration or feature specs
+    # @note these have only been tested with rspec integration and feature specs
+    # @since 0.0.15
     module Helpers
       include Warden::Test::Helpers
 
+      # Sign a user in
+      # @param user [User] user to sign in
       def sign_in user
         login_as user
       end
 
+      # Sign a user out
       def sign_out
         logout
       end

data/lib/monban/version.rb

@@ -1,3 +1,4 @@
 module Monban
-  VERSION = "0.0.15"
+  # 0.1.0
+  VERSION = "0.1.0"
 end

data/spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb

@@ -2,7 +2,7 @@ require 'spec_helper'
 
 feature 'Visitor signs in with invalid form' do
   scenario 'is not signed in' do
-    Monban::SignUp.new(email: 'email@example.com', password: 'password').perform
+    Monban::Services::SignUp.new(email: 'email@example.com', password: 'password').perform
     visit invalid_sign_in_path
     fill_in "session_password", with: 'password'
     click_button 'go'

data/spec/monban/controller_helpers_spec.rb

@@ -16,7 +16,7 @@ module Monban
     end
 
     class Dummy
-      attr_reader :redirected, :flash, :request
+      attr_reader :redirected, :redirected_to, :flash, :request
       def initialize warden
         @warden = warden
         @flash = Flash.new
@@ -25,6 +25,7 @@ module Monban
       end
       def redirect_to path
         @redirected = true
+        @redirected_to = path
       end
       def env
         { "warden" => @warden }
@@ -59,7 +60,7 @@ module Monban
     it 'performs a sign out' do
       sign_out = double()
       sign_out.should_receive(:perform)
-      SignOut.should_receive(:new).with(@warden).and_return(sign_out)
+      Services::SignOut.should_receive(:new).with(@warden).and_return(sign_out)
       @dummy.sign_out
     end
 
@@ -88,7 +89,7 @@ module Monban
       authentication = double()
       authentication.should_receive(:perform).and_return(user)
       Monban.should_receive(:lookup).with({email: 'a@b.com'}, nil).and_return(user)
-      Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
+      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
       @dummy.authenticate_session(session_params).should == user
     end
 
@@ -99,7 +100,7 @@ module Monban
       authentication = double()
       authentication.should_receive(:perform).and_return(user)
       Monban.should_receive(:lookup).with(session_params.except(:password), field_map).and_return(user)
-      Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
+      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
       @dummy.authenticate_session(session_params, field_map).should == user
     end
 
@@ -111,7 +112,7 @@ module Monban
       authentication = double()
       authentication.should_receive(:perform).and_return(false)
       Monban.should_receive(:lookup).with(session_params, nil).and_return(user)
-      Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
+      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
       @dummy.authenticate_session(session_params).should == false
     end
 
@@ -120,7 +121,7 @@ module Monban
       password = double()
       authentication = double()
       authentication.should_receive(:perform)
-      Authentication.should_receive(:new).with(user, password).and_return(authentication)
+      Services::Authentication.should_receive(:new).with(user, password).and_return(authentication)
       @dummy.authenticate user, password
     end
 
@@ -139,6 +140,7 @@ module Monban
       @warden.should_receive(:user).and_return(false)
       @dummy.require_login
       expect(@dummy.redirected).to eq(true)
+      expect(@dummy.redirected_to).to eq(Monban.config.no_login_redirect)
       expect(@dummy.flash.notice).to eq(Monban.config.sign_in_notice)
     end
 
@@ -156,7 +158,7 @@ module Monban
       user = double()
       sign_in = double()
       sign_in.should_receive(:perform).and_return(success)
-      SignIn.should_receive(:new).with(user, @warden).and_return(sign_in)
+      Services::SignIn.should_receive(:new).with(user, @warden).and_return(sign_in)
       user
     end
 
@@ -164,7 +166,7 @@ module Monban
       user_params = double()
       sign_up = double()
       sign_up.should_receive(:perform).and_return(success)
-      SignUp.should_receive(:new).with(user_params).and_return(sign_up)
+      Services::SignUp.should_receive(:new).with(user_params).and_return(sign_up)
       user_params
     end
   end

data/spec/monban/services/authentication_spec.rb

@@ -1,11 +1,11 @@
 require 'spec_helper'
 require 'monban/services/authentication'
 
-describe Monban::Authentication, '#authentication' do
+describe Monban::Services::Authentication, '#authentication' do
   it 'is authenticated for a valid password' do
     password_digest = BCrypt::Password.create('password')
     user = double(password_digest: password_digest)
-    auth = Monban::Authentication.new(user, 'password')
+    auth = Monban::Services::Authentication.new(user, 'password')
 
     expect(auth.perform).to eq(user)
   end
@@ -13,13 +13,13 @@ describe Monban::Authentication, '#authentication' do
   it 'is not authenticated for the wrong password' do
     password_digest = BCrypt::Password.create('password')
     user = double(password_digest: password_digest)
-    auth = Monban::Authentication.new(user, 'drowssap')
+    auth = Monban::Services::Authentication.new(user, 'drowssap')
 
     expect(auth.perform).to eq(false)
   end
 
   it 'is not authenticated without a user' do
-    auth = Monban::Authentication.new(nil, 'password')
+    auth = Monban::Services::Authentication.new(nil, 'password')
     expect(auth.perform).to eq(false)
   end
 end

data/spec/monban/services/password_reset_spec.rb

@@ -2,22 +2,22 @@ require 'spec_helper'
 require 'monban/services/password_reset'
 require 'ostruct'
 
-describe Monban::PasswordReset do
+describe Monban::Services::PasswordReset do
   before do
-    Monban.config.encryption_method = ->(password) { password + "secret" }
+    Monban.config.hashing_method = ->(password) { password + "secret" }
   end
 
-  it 'updates the password with the encryption strategy' do
-    password_digest = Monban.encrypt_token('password')
+  it 'updates the password with the hashing strategy' do
+    password_digest = Monban.hash_token('password')
     user = double()
     field = Monban.config.user_token_store_field
     user.should_receive(:[]=).with(field, 'passwordsecret')
-    password_reset = Monban::PasswordReset.new(user, 'password')
+    password_reset = Monban::Services::PasswordReset.new(user, 'password')
 
     password_reset.perform
   end
 
   after do
-    Monban.config.encryption_method = Monban.config.default_encryption_method
+    Monban.config.hashing_method = Monban.config.default_hashing_method
   end
 end

data/spec/monban/services/sign_in_spec.rb

@@ -1,12 +1,12 @@
 require 'spec_helper'
 require 'monban/services/sign_in'
 
-describe Monban::SignIn, '#perform' do
+describe Monban::Services::SignIn, '#perform' do
   it 'signs the user in' do
     user = double()
     warden = double()
     warden.should_receive(:set_user).with(user)
 
-    Monban::SignIn.new(user, warden).perform
+    Monban::Services::SignIn.new(user, warden).perform
   end
 end

data/spec/monban/services/sign_out_spec.rb

@@ -1,11 +1,11 @@
 require 'spec_helper'
 require 'monban/services/sign_out'
 
-describe Monban::SignOut, '#perform' do
+describe Monban::Services::SignOut, '#perform' do
   it 'signs out the user' do
     warden = double()
     warden.should_receive(:logout)
 
-    Monban::SignOut.new(warden).perform
+    Monban::Services::SignOut.new(warden).perform
   end
 end

data/spec/monban/services/sign_up_spec.rb

@@ -1,12 +1,12 @@
 require 'spec_helper'
 require 'monban/services/sign_up'
 
-describe Monban::SignUp, '#perform' do
+describe Monban::Services::SignUp, '#perform' do
   it 'creates a user with the right parameters' do
     allow(User).to receive(:create)
     user_params = { email: 'email@example.com', password: 'password' }
 
-    Monban::SignUp.new(user_params).perform
+    Monban::Services::SignUp.new(user_params).perform
     expect(User).to have_received(:create) do |args|
       expect(args[:email]).to eq(user_params[:email])
       expect(Monban.compare_token(args[:password_digest], 'password')).to be_true
@@ -19,7 +19,7 @@ describe Monban::SignUp, '#perform' do
     user_params = { email: 'email@example.com', password: 'password' }
 
     with_monban_config(creation_method: user_create_double) do
-      Monban::SignUp.new(user_params).perform
+      Monban::Services::SignUp.new(user_params).perform
     end
 
     expect(user_create_double).to have_received(:call) do |args|
@@ -31,7 +31,7 @@ describe Monban::SignUp, '#perform' do
     allow(User).to receive(:create)
     user_params = { email: 'email@example.com', password: '' }
 
-    Monban::SignUp.new(user_params).perform
+    Monban::Services::SignUp.new(user_params).perform
     expect(User).to have_received(:create) do |args|
       expect(args[:password_digest]).to be_nil
     end

data/spec/monban/strategies/password_strategy_spec.rb

@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+module Monban
+  module Strategies
+    describe PasswordStrategy do
+      it "bases lookup and token on config values" do
+        params = HashWithIndifferentAccess.new(username: 'test', the_password: 'password')
+
+        with_monban_config(user_lookup_field: "username", user_token_field: "the_password") do
+          env = Rack::MockRequest.env_for("/", params: params)
+          strategy = PasswordStrategy.new(env)
+          expect(strategy).to be_valid
+        end
+      end
+
+      it "it doesn't trigger if params are not provided" do
+        env = Rack::MockRequest.env_for("/")
+        strategy = PasswordStrategy.new(env)
+        expect(strategy).not_to be_valid
+      end
+    end
+  end
+end

data/spec/monban_spec.rb

@@ -8,7 +8,7 @@ describe 'Monban' do
 
   it "provides a .test_mode!" do
     Monban.test_mode!
-    expect(Monban.encrypt_token('password')).to eql('password')
+    expect(Monban.hash_token('password')).to eql('password')
     expect(Monban.compare_token('password', 'password')).to be_true
   end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: monban
 version: !ruby/object:Gem::Version
-  version: 0.0.15
+  version: 0.1.0
 platform: ruby
 authors:
 - halogenandtoast
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-12 00:00:00.000000000 Z
+date: 2014-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -186,6 +186,7 @@ files:
 - spec/monban/services/sign_in_spec.rb
 - spec/monban/services/sign_out_spec.rb
 - spec/monban/services/sign_up_spec.rb
+- spec/monban/strategies/password_strategy_spec.rb
 - spec/monban/test_controller_helpers_spec.rb
 - spec/monban/test_helpers_spec.rb
 - spec/monban_spec.rb
@@ -266,6 +267,7 @@ test_files:
 - spec/monban/services/sign_in_spec.rb
 - spec/monban/services/sign_out_spec.rb
 - spec/monban/services/sign_up_spec.rb
+- spec/monban/strategies/password_strategy_spec.rb
 - spec/monban/test_controller_helpers_spec.rb
 - spec/monban/test_helpers_spec.rb
 - spec/monban_spec.rb