mori 0.0.1 → 0.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0ee64fc60f4aa320446d6cddccf5be8fa3bbf432
-  data.tar.gz: 0702dbfb25aec136a1f6bb806efb41001a487922
+  metadata.gz: e216ffc7bd86384021962479ecd4fc801a2c820e
+  data.tar.gz: 2a15f5d7f9d804ce568dbcc5d80a52ed31ba6648
 SHA512:
-  metadata.gz: 941665ac96f3de8512dfc6c0d4cf73eae75dccd3d725ca1ef6176331df94d7f9e5720ed96d13ad13246643a989f17e7f33a964494d931809a3187b4521d1e8d7
-  data.tar.gz: 0ce4f4f2fc046f623ba0368ba74a9faa6b10eee0254f07d40bc857df081a7a53b86cd3241c7922ffee5989f959f0b8e5724a7eecf905a74141ffedf23b573bf8
+  metadata.gz: 05baff8ea62aac281ca8e652328ef7cec128d6bfb7544bc61b277f265020d850a1f1a6b524cf4e52cf3a548f33dd6d5f07faf09e40eddc5f5308649f4e26c123
+  data.tar.gz: ea8d7b8ff05f4fa0c51a6e4a9e1f3f2691341f8b18b4627fea78192b4819d0d079aaaf1d036e99e1f1c57a5ceebade50c5f42546fc6f0190c4650239897c1d62

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2014 YOURNAME
+Copyright 2014 Aaron Miler
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,6 +1,56 @@
 # Mori
 
-## Badgers
+### Badgers
 [![Code Climate](https://codeclimate.com/github/pineworks/mori.png)](https://codeclimate.com/github/pineworks/mori)
 [![Build Status](https://travis-ci.org/pineworks/mori.png?branch=master)](https://travis-ci.org/pineworks/mori)
 [![Coverage Status](https://coveralls.io/repos/pineworks/mori/badge.png?branch=master)](https://coveralls.io/r/pineworks/mori?branch=master)
+
+Mori is a lightweight Rails Engine built to handle authentication.
+
+Mori was built with the intention of being easy to overwrite, and easy to implement.
+
+## Installing
+
+Mori is a Rails Engine tested against Rails 3.2+ and Ruby 1.9.3+
+
+Include it in your Gemfile
+``` ruby
+gem 'mori'
+```
+
+Bundle
+```
+bundle install
+```
+
+After your development database exists, run the generator
+```
+rails g mori:install
+```
+
+The generator does the following:
+  - Inserts Mori::User in your User model
+  - Inserts Mori::Controller in your ApplicationController
+  - Creates a migration to add missing collumns, or create a new table.
+
+## Configuration
+
+Mori comes with configuration options. You can override defaults in `config/initializers/mori.rb`
+
+``` ruby
+Mori.configure do |config|
+
+  # Mori Default Configuration
+
+  config.from_email = 'reply@example.com'
+  config.app_name = Rails.application.class.parent_name.humanize
+  config.allow_sign_up = true
+  config.dashboard_path = '/'
+  config.after_sign_up_path = '/'
+  config.after_logout_path = '/'
+  config.token_expiration = 14
+end
+
+```
+
+

data/Rakefile

@@ -1,5 +1,6 @@
 begin
   require 'bundler/setup'
+  require 'thor'
 rescue LoadError
   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
 end

data/app/controllers/mori/base_controller.rb

@@ -0,0 +1,3 @@
+class Mori::BaseController < ApplicationController
+  layout 'mori/application'
+end

data/app/controllers/mori/invites_controller.rb

@@ -0,0 +1,37 @@
+class Mori::InvitesController < Mori::BaseController
+  before_filter :authenticate!, :only => [:new, :send]
+  def show
+    @user = Mori.configuration.user_model.find_by_invitation_token(params[:id])
+    if @user
+      render :template => 'invites/show'
+    else
+      redirect_to root_path
+    end
+  end
+
+  def new
+    render :template => 'invites/new'
+  end
+
+  def accept
+    config = Mori.configuration
+    valid, message = config.user_model.accept_invitation(user_params[:invitation_token], user_params[:password], user_params[:password_confirmation])
+    flash[:notice] = message
+    if valid
+      warden.authenticate!
+      redirect_to config.dashboard_path
+    else
+      redirect_to invite_path(user_params[:invitation_token])
+    end
+  end
+
+  def send_user
+    valid, message = Mori.configuration.user_model.invite(params[:email])
+    flash[:notice] = message
+    if valid
+      redirect_to Mori.configuration.dashboard_path
+    else
+      render :template => 'invites/new'
+    end
+  end
+end

data/app/controllers/mori/passwords_controller.rb

@@ -0,0 +1,59 @@
+class Mori::PasswordsController < Mori::BaseController
+  before_filter :authenticate!, :only => :change
+  def forgot
+    # View for sending password reset
+    if current_user
+      redirect_to Mori.configuration.dashboard_path
+    else
+      render :template => 'passwords/forgot'
+    end
+  end
+
+  def change
+    # View for change password
+    render :template => 'passwords/change'
+  end
+
+  def reset
+    redirect_to root_path unless params[:token]
+    @user = Mori.configuration.user_model.find_by_password_reset_token(params[:token])
+    if @user
+      render :template => 'passwords/reset'
+    else
+      redirect_to root_path
+    end
+  end
+
+  def send_reset
+    # Send Password Reset to User
+    if !Mori.configuration.user_model.forgot_password(params[:email])
+      render :template => 'passwords/forgot'
+    else
+      render :template => 'passwords/send_reset'
+    end
+  end
+
+  def update
+    # Update their password
+    valid, message = current_user.change_password(params[:password], params[:new_password], params[:new_password_confirmation])
+    if valid
+      flash[:notice] = t('flashes.password_changed_successfully')
+      redirect_to Mori.configuration.dashboard_path
+    else
+      flash[:notice] = message
+      render :template => 'passwords/change'
+    end
+  end
+
+  def reset_password
+    valid, message = Mori.configuration.user_model.reset_password(user_params[:password_reset_token], user_params[:password], user_params[:password_confirmation])
+    flash[:notice] = message
+    if valid
+      warden.authenticate!
+      redirect_to Mori.configuration.dashboard_path
+    else
+      flash[:notice] = message
+      redirect_to "/passwords/reset?token=#{user_params[:password_reset_token]}"
+    end
+  end
+end

data/app/controllers/mori/registrations_controller.rb

@@ -1,23 +1,48 @@
-class Mori::RegistrationsController < MoriController
+class Mori::RegistrationsController < Mori::BaseController
   def new
     if current_user
-      redirect_to Mori.configuration.after_login_url
+      redirect_to Mori.configuration.dashboard_path
+    else
+      @user = Mori.configuration.user_model.new
+      render :template => 'registrations/new'
     end
-    @user = Mori::User.new
   end
 
   def create
-    @user = Mori::User.new(user_params)
+    @user = user_from_params
     if @user.save
       warden.set_user(@user)
-      redirect_to Mori.configuration.after_signup_url
+      redirect_to Mori.configuration.after_sign_up_path
+    else
+      flash[:notice] = @user.errors.map { |k, v| "#{k} #{v}" }.join(' and ').humanize
+      render :template => 'registrations/new'
+    end
+  end
+
+  def confirmation
+    valid, message = Mori.configuration.user_model.confirm_email(params[:token])
+    if valid
+      flash[:notice] = message
+      redirect_to Mori.configuration.dashboard_path
     else
-      render "new"
+      flash[:notice] = message
+      redirect_to root_path
     end
   end
+
   private
 
+  def user_from_params
+    email = user_params.delete(:email)
+    password = user_params.delete(:password)
+
+    Mori.configuration.user_model.new().tap do |user|
+      user.email = email
+      user.password = password
+    end
+  end
+
   def user_params
-    params.require(:mori_user).permit(:username, :email, :password)
+    params[:user] || Hash.new
   end
 end

data/app/controllers/mori/sessions_controller.rb

@@ -1,17 +1,21 @@
-class Mori::SessionsController < MoriController
+class Mori::SessionsController < Mori::BaseController
   def new
-    redirect_to Mori.configuration.after_login_url if current_user
-    @user = Mori::User.new
-    flash.now.alert = warden.message if warden.message.present?
+    if current_user
+      redirect_to Mori.configuration.dashboard_path
+    else
+      @user = Mori.configuration.user_model.new
+      flash.now.alert = warden.message if warden.message.present?
+      render :template => 'sessions/new'
+    end
   end
 
   def create
     warden.authenticate!
-    redirect_to Mori.configuration.after_login_url, notice: "You have logged in"
+    redirect_to Mori.configuration.dashboard_path, :notice => 'You have logged in'
   end
 
   def destroy
     warden.logout
-    redirect_to Mori.configuration.after_logout_url
+    redirect_to Mori.configuration.after_logout_path
   end
 end

data/app/helpers/mori_helper.rb

@@ -1,5 +1,5 @@
 module MoriHelper
-  def logout_link(text="Log Out")
+  def logout_link(text = 'Log Out')
     link_to text, logout_path, :method => :delete
   end
 end

data/app/mailers/mori_mailer.rb

@@ -0,0 +1,18 @@
+class MoriMailer < ActionMailer::Base
+  default :from => Mori.configuration.from_email
+
+  def forgot_password(user)
+    @user = user
+    mail(:to => user.email, :subject => "Your password on #{Mori.configuration.app_name} has been reset")
+  end
+
+  def invite_user(user)
+    @user = user
+    mail(:to => user.email, :subject => "You've been invited to #{Mori.configuration.app_name}")
+  end
+
+  def confirm_email(user)
+    @user = user
+    mail(:to => user.email, :subject => "Please confirm your email on #{Mori.configuration.app_name}")
+  end
+end

data/app/views/invites/new.html.erb

@@ -0,0 +1 @@
+<%= render :partial => 'mori_forms/invite_new_user_form' %>

data/app/views/invites/show.html.erb

@@ -0,0 +1 @@
+<%= render :partial => 'mori_forms/accept_invite' %>

data/app/views/layouts/mori/application.html.erb

@@ -8,7 +8,13 @@
 </head>
 <body>
 
-<%= yield %>
+  <div class="container">
+    <div class="row">
+      <div class="form-wrap col-md-4 col-md-offset-4">
+        <%= yield %>
+      </div>
+    </div>
+  </div>
 
 </body>
 </html>

data/app/views/layouts/mori/form.html.erb

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Mori</title>
+  <%= stylesheet_link_tag    "mori/application", media: "all" %>
+  <%= javascript_include_tag "mori/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+  <div class="container">
+    <%= yield %>
+  </div>
+
+</body>
+</html>

data/app/views/mori_forms/_accept_invite.html.erb

@@ -0,0 +1,16 @@
+<%= form_for @user, :url => accept_invites_path, :method => :put, :id => 'accept_invites_form', :class => 'mori_form' do |f| %>
+  <h3 class="form-title">Accept Invitation</h3>
+  <h4><%= flash[:notice] %></h4>
+    <%= f.hidden_field :invitation_token %>
+    <%= f.hidden_field :email %>
+  <div class="form-group">
+    <%= f.label :password %>
+    <%= f.password_field :password, :class => "form-control" %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password_confirmation %>
+    <%= f.password_field :password_confirmation, :class => "form-control" %>
+  </div>
+  <%= f.button "Accept", :type => :submit, :class => "btn btn-primary" %>
+
+<% end %>

data/app/views/mori_forms/_change_password.html.erb

@@ -0,0 +1,22 @@
+<%= form_tag passwords_path, :method => :post, :id => "password_change_form", :class => 'mori_form' do %>
+  <h3 class="form-title">Change Password</h3>
+  <% if flash[:notice] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:notice] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <div class="form-group">
+    <%= label_tag "Current Password" %>
+    <%= password_field_tag :password, "", :class => "form-control" %>
+  </div>
+  <div class="form-group">
+    <%= label_tag "New Password" %>
+    <%= password_field_tag :new_password, "", :class => "form-control" %>
+  </div>
+  <div class="form-group">
+    <%= label_tag "Confirm New Password" %>
+    <%= password_field_tag :new_password_confirmation, "", :class => "form-control" %>
+  </div>
+  <%= button_tag "Change Password", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_forms/_forgot_password.html.erb

@@ -0,0 +1,14 @@
+<%= form_tag send_reset_passwords_path, :id => "forgot_password_form", :class => 'mori-form' do %>
+  <h3 class="form-title">Reset My Password</h3>
+  <% if flash[:notice] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:notice] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <div class="form-group">
+    <%= label_tag "Email" %>
+    <%= text_field_tag :email, "", :class => "form-control" %>
+  </div>
+  <%= button_tag "Reset Password", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_forms/_invite_new_user_form.html.erb

@@ -0,0 +1,14 @@
+<%= form_tag send_user_invites_path, :id => "invite_new_user_form", :class => 'mori-form' do %>
+  <h3 class="form-title">Invite New User</h3>
+  <% if flash[:notice] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:notice] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <div class="form-group">
+    <%= label_tag :email, "E-mail" %>
+    <%= text_field_tag :email,"", :class => 'form-control' %>
+  </div>
+  <%= button_tag "Invite User", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_forms/_password_reset.html.erb

@@ -0,0 +1,20 @@
+<%= form_for @user, :url => reset_password_passwords_path, :method => :post, :class => 'mori-form' do |f| %>
+  <h3 class="form-title">Reset Password</h3>
+  <% if flash[:notice] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:notice] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <%= f.hidden_field :email %>
+  <%= f.hidden_field :password_reset_token %>
+  <div class="form-group">
+    <%= f.label :password, "New Password" %>
+    <%= f.password_field :password, :class => "form-control" %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password, "Confirm Password" %>
+    <%= f.password_field :password_confirmation, :class => "form-control" %>
+  </div>
+  <%= f.button "Update Password", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_forms/_registration.html.erb

@@ -0,0 +1,22 @@
+<%= form_for @user, :url => registrations_path, :method => :post, :class => 'mori-form' do |f| %>
+  <h3 class="form-title">Sign Up</h3>
+  <% if flash[:notice] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:notice] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <div class="form-group">
+    <%= f.label :email %>
+    <%= f.text_field :email, :class => 'form-control' %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password %>
+    <%= f.password_field :password, :class => 'form-control' %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password_confirmation %>
+    <%= f.password_field :password_confirmation, :class => 'form-control' %>
+  </div>
+  <%= f.button "Sign Up", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_forms/_sessions.html.erb

@@ -0,0 +1,18 @@
+<%= form_for @user, :url => sessions_path, :method => :post, :html => { :id => "new_session", :class => 'mori-form'} do |f| %>
+  <h3 class="form-title">Log In</h3>
+  <% if flash[:alert] %>
+    <div class="alert alert-danger alert-dismissable">
+      <%= flash[:alert] %>
+      <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
+    </div>
+  <% end %>
+  <div class="form-group">
+    <%= f.label :email %>
+    <%= f.text_field :email, :class => "form-control" %>
+  </div>
+  <div class="form-group">
+    <%= f.label :password %>
+    <%= f.password_field :password, :class => "form-control" %>
+  </div>
+  <%= f.button "Log In", :type => :submit, :class => "btn btn-primary" %>
+<% end %>

data/app/views/mori_mailer/confirm_email.html.erb

@@ -0,0 +1,4 @@
+<p><%=t 'emails.confirm.opening', :app_name => Mori.configuration.app_name %></p>
+<p><%=t 'emails.confirm.intro' %></p>
+<%= link_to('Confirm Your Email', confirmation_registrations_url(:token => @user.confirmation_token)) %>
+<p><%=t 'emails.confirm.closing', :app_name => Mori.configuration.app_name %></p>

data/app/views/mori_mailer/forgot_password.html.erb

@@ -0,0 +1,7 @@
+<p> <%=t 'emails.forgot.opening', :app_name => Mori.configuration.app_name %> </p>
+<p> <%=t 'emails.forgot.intro' %></p>
+<p> <%= link_to('Reset Password', forgot_passwords_url(:token => @user.password_reset_token)) %> </p>
+<p> <%=t 'emails.forgot.closing' %></p>
+<p>
+  If you did not do this, disregard this email
+</p>

data/app/views/mori_mailer/invite_user.html.erb

@@ -0,0 +1,5 @@
+<p><%=t 'emails.invite.opening', :app_name => Mori.configuration.app_name %></p>
+
+<%= link_to invite_url(:id => @user.invitation_token), "Accept Invitation" %>
+
+<p><%=t 'emails.invite.closing' %></p>

data/app/views/passwords/change.html.erb

@@ -0,0 +1 @@
+<%= render :partial => 'mori_forms/change_password' %>

data/app/views/passwords/forgot.html.erb

@@ -0,0 +1,2 @@
+<%= render :partial => 'mori_forms/forgot_password' %>
+<%= render :partial => 'shared/links' %>

data/app/views/passwords/reset.html.erb

@@ -0,0 +1 @@
+<%= render :partial => 'mori_forms/password_reset' %>

data/app/views/passwords/send_reset.html.erb

@@ -0,0 +1 @@
+<h1> Password Reset Sent </h1>

data/app/views/registrations/new.html.erb

@@ -0,0 +1,2 @@
+<%= render :partial => 'mori_forms/registration' %>
+<%= render :partial => 'shared/links' %>

data/app/views/sessions/new.html.erb

@@ -0,0 +1,2 @@
+<%= render :partial => 'mori_forms/sessions' %>
+<%= render :partial => 'shared/links' %>

data/app/views/shared/_links.html.erb

@@ -0,0 +1,11 @@
+<ul class="mori-links">
+  <% if controller_name != 'sessions' %>
+    <li><%= link_to "Sign In", login_path %></li>
+  <% end %>
+  <% if controller_name != 'registrations' %>
+    <li><%= link_to "Sign Up", sign_up_path %></li>
+  <% end %>
+  <% if controller_name != 'passwords' && controller_name != 'registrations' %>
+    <li><%= link_to "Forgot your password?", forgot_passwords_path %></li>
+  <% end %>
+</ul>

data/config/database.travis.yml

@@ -1,27 +1,5 @@
-postgresql: &postgresql
-  adapter: postgresql
-  username: postgres
-  password:
-  database: mori_<%= Rails.env %>
-  min_messages: ERROR
-
-user:
-  adapter: postgresql
-  username: postgres
-  password:
-  database: mori_users
-
-defaults: &defaults
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
   pool: 5
   timeout: 5000
-  host: localhost
-  <<: *<%= ENV['DB'] || "postgresql" %>
-  
-development:
-  <<: *defaults
-
-test:
-  <<: *defaults
-
-production:
-  <<: *defaults

data/config/initializers/warden.rb

@@ -8,20 +8,20 @@ Warden::Manager.serialize_into_session do |user|
 end
 
 Warden::Manager.serialize_from_session do |id|
-  Mori::User.find(id)
+  Mori.configuration.user_model.find(id)
 end
 
 Warden::Strategies.add(:password) do
   def valid?
-    params['mori_user']['email'] and params['mori_user']['password']
+    params['user'].present? and params['user']['email'] and params['user']['password']
   end
 
   def authenticate!
-    user = Mori::User.find_by_email(params['mori_user']['email'])
-    if user and user.authenticate(params['mori_user']['password'])
+    user = User.find_by_email(params['user']['email'])
+    if user and user.authenticate(params['user']['password'])
       success! user
     else
-      fail "Invalid login credentials"
+      fail! "Invalid login credentials"
     end
   end
 end

data/config/locales/mori.en.yml

@@ -1,17 +1,21 @@
 en:
-  mori_mailer:
-    confirm_email:
-      opening:
-        "Welcome to %{application_name}"
-      intro:
-        "Please note that some actions will require you to have a confirmed email. Follow the link below to confirm your email"
-      closing:
-        "If you didn't sign up for %{application_name}, please ignore this email"
-    invitation_email:
-      opening:
-        "You've been invited to %{application_name}"
-      intro:
-        "Follow the link below to accept the invitation"
-      closing:
-        "If you don't wish to accept the invitation to %{application_name}, simply ignore this email"
-
+  flashes:
+    passwords_did_not_match: Your passwords did not match, please try again
+    password_change_failed: We were unable to reset your password. Please try again
+    password_changed_sucessfully: Your password has been updated
+    password_has_been_reset: Your password has been reset
+    could_not_invite_user: Could not invite user
+    accepted_invitation_message: You have accepted the invitation, welcome magical user
+    logged_in: You have logged in
+  emails:
+    forgot:
+      opening: You have requested to reset your password on %{app_name}
+      intro: Please follow the link below and you can change your password
+      closing: If you did not request this, ignore this email. Your password has not been changed.
+    invite:
+      opening: You have been invited to %{app_name}, to accept the invitation click the link below
+      closing: To decline this invitation simply ignore this email.
+    confirm:
+      opening: Welcome to %{app_name}
+      intro: Please note that some actions will require you to have a confirmed email. Follow the link below to confirm your email
+      closing: If you didn't sign up for %{app_name}, please ignore this email