mori 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e216ffc7bd86384021962479ecd4fc801a2c820e
-  data.tar.gz: 2a15f5d7f9d804ce568dbcc5d80a52ed31ba6648
+  metadata.gz: c64de49116a019d10f064bf237a0b8049b886007
+  data.tar.gz: 8dcf44b0ec535b9ac2db5e9d05a1eb6302a4af63
 SHA512:
-  metadata.gz: 05baff8ea62aac281ca8e652328ef7cec128d6bfb7544bc61b277f265020d850a1f1a6b524cf4e52cf3a548f33dd6d5f07faf09e40eddc5f5308649f4e26c123
-  data.tar.gz: ea8d7b8ff05f4fa0c51a6e4a9e1f3f2691341f8b18b4627fea78192b4819d0d079aaaf1d036e99e1f1c57a5ceebade50c5f42546fc6f0190c4650239897c1d62
+  metadata.gz: e574dc90eef8c8a93d92d4289031d2fb09b1b7bca380dbe17fe3ff101311a102fe03b170520823949cfda1ecbfacc6cdcee7c05a4194b3dbb3cd521c218df8b4
+  data.tar.gz: bc6a6a5881df6fd20d634838d76277f3b969d3604c7076e59f6039a2c24ab8298cd62d1ca7b0c5963b288c3d218c55d28f91475df90bd6b78ccc2f3aeeec51aa

data/app/controllers/mori/base_controller.rb

@@ -1,3 +1,16 @@
+# This controller is used as a baseline for all Mori Controllers
 class Mori::BaseController < ApplicationController
+
+  before_filter :mori_config, :set_token
   layout 'mori/application'
+
+  def mori_config
+    @config = Mori.configuration
+  end
+  def set_token
+    token, user = params[:token], params[:user]
+    if token or user
+      @token = token || user[:token]
+    end
+  end
 end

data/app/controllers/mori/invites_controller.rb

@@ -1,7 +1,8 @@
+# Mori::InvitesController handles the sending and acceping of invitations
 class Mori::InvitesController < Mori::BaseController
   before_filter :authenticate!, :only => [:new, :send]
   def show
-    @user = Mori.configuration.user_model.find_by_invitation_token(params[:id])
+    @user = @config.user_model.find_by_invitation_token(params[:id])
     if @user
       render :template => 'invites/show'
     else
@@ -14,24 +15,28 @@ class Mori::InvitesController < Mori::BaseController
   end
 
   def accept
-    config = Mori.configuration
-    valid, message = config.user_model.accept_invitation(user_params[:invitation_token], user_params[:password], user_params[:password_confirmation])
-    flash[:notice] = message
-    if valid
+    user = @config.user_model.find_by_invitation_token(@token)
+    if invitation_conditions(user)
+      user.accept_invitation(user_params[:password])
       warden.authenticate!
-      redirect_to config.dashboard_path
+      redirect_to @config.dashboard_path, :notice => I18n.t('flashes.logged_in')
     else
-      redirect_to invite_path(user_params[:invitation_token])
+      flash[:notice] = I18n.t('flashes.invalid_invitation_token')
+      redirect_to invite_path(@token)
     end
   end
 
   def send_user
-    valid, message = Mori.configuration.user_model.invite(params[:email])
+    valid, message = @config.user_model.invite(params[:email])
     flash[:notice] = message
     if valid
-      redirect_to Mori.configuration.dashboard_path
+      redirect_to @config.dashboard_path
     else
       render :template => 'invites/new'
     end
   end
+
+  def invitation_conditions(user)
+    user.invitation_sent > Mori::Token.expiration_date
+  end
 end

data/app/controllers/mori/passwords_controller.rb

@@ -1,9 +1,10 @@
+# Mori::PasswordsController is responsible for changing and resetting passwords
 class Mori::PasswordsController < Mori::BaseController
   before_filter :authenticate!, :only => :change
   def forgot
     # View for sending password reset
     if current_user
-      redirect_to Mori.configuration.dashboard_path
+      redirect_to @config.dashboard_path
     else
       render :template => 'passwords/forgot'
     end
@@ -15,8 +16,7 @@ class Mori::PasswordsController < Mori::BaseController
   end
 
   def reset
-    redirect_to root_path unless params[:token]
-    @user = Mori.configuration.user_model.find_by_password_reset_token(params[:token])
+    @user = @config.user_model.find_by_password_reset_token(@token) unless @token.blank?
     if @user
       render :template => 'passwords/reset'
     else
@@ -26,34 +26,39 @@ class Mori::PasswordsController < Mori::BaseController
 
   def send_reset
     # Send Password Reset to User
-    if !Mori.configuration.user_model.forgot_password(params[:email])
-      render :template => 'passwords/forgot'
-    else
+    if user = @config.user_model.find_by_normalized_email(params[:email])
+      user.forgot_password
       render :template => 'passwords/send_reset'
+    else
+      render :template => 'passwords/forgot'
     end
   end
 
   def update
     # Update their password
-    valid, message = current_user.change_password(params[:password], params[:new_password], params[:new_password_confirmation])
-    if valid
+    if password_change_conditions
+      current_user.change_password(params[:new_password])
       flash[:notice] = t('flashes.password_changed_successfully')
-      redirect_to Mori.configuration.dashboard_path
+      redirect_to @config.dashboard_path
     else
-      flash[:notice] = message
+      flash[:notice] = I18n.t('flashes.password_change_failed')
       render :template => 'passwords/change'
     end
   end
 
   def reset_password
-    valid, message = Mori.configuration.user_model.reset_password(user_params[:password_reset_token], user_params[:password], user_params[:password_confirmation])
-    flash[:notice] = message
-    if valid
-      warden.authenticate!
-      redirect_to Mori.configuration.dashboard_path
+    user = @config.user_model.find_by_password_reset_token @token
+    if @token != user.password_reset_token or user.password_reset_sent < Mori::Token.expiration_date
+      flash[:notice] = t('flashes.invalid_password_reset_token')
+      redirect_to "/passwords/reset?token=#{@token}"
     else
-      flash[:notice] = message
-      redirect_to "/passwords/reset?token=#{user_params[:password_reset_token]}"
+      user.reset_password(params[:new_password])
+      warden.authenticate!
+      redirect_to @config.dashboard_path
     end
   end
+
+  def password_change_conditions
+    current_user.authenticate(params[:password]) && params[:new_password] == params[:new_password_confirmation]
+  end
 end

data/app/controllers/mori/registrations_controller.rb

@@ -1,9 +1,10 @@
+# Mori::RegistrationsController is responsible for signing up new users
 class Mori::RegistrationsController < Mori::BaseController
   def new
     if current_user
-      redirect_to Mori.configuration.dashboard_path
+      redirect_to @config.dashboard_path
     else
-      @user = Mori.configuration.user_model.new
+      @user = @config.user_model.new
       render :template => 'registrations/new'
     end
   end
@@ -11,21 +12,22 @@ class Mori::RegistrationsController < Mori::BaseController
   def create
     @user = user_from_params
     if @user.save
-      warden.set_user(@user)
-      redirect_to Mori.configuration.after_sign_up_path
+      warden.authenticate!
+      redirect_to @config.after_sign_up_path
     else
-      flash[:notice] = @user.errors.map { |k, v| "#{k} #{v}" }.join(' and ').humanize
+      flash[:notice] = @user.errors.map { |key, val| "#{key} #{val}" }.join(' and ').humanize
       render :template => 'registrations/new'
     end
   end
 
   def confirmation
-    valid, message = Mori.configuration.user_model.confirm_email(params[:token])
-    if valid
-      flash[:notice] = message
-      redirect_to Mori.configuration.dashboard_path
+    user = @config.user_model.find_by_confirmation_token(@token)
+    if confirmation_conditions(user)
+      user.confirm_email
+      flash[:notice] = I18n.t('flashes.email_confirmed')
+      redirect_to @config.dashboard_path
     else
-      flash[:notice] = message
+      flash[:notice] = I18n.t('flashes.invalid_confirmation_token')
       redirect_to root_path
     end
   end
@@ -36,7 +38,7 @@ class Mori::RegistrationsController < Mori::BaseController
     email = user_params.delete(:email)
     password = user_params.delete(:password)
 
-    Mori.configuration.user_model.new().tap do |user|
+    @config.user_model.new().tap do |user|
       user.email = email
       user.password = password
     end
@@ -45,4 +47,12 @@ class Mori::RegistrationsController < Mori::BaseController
   def user_params
     params[:user] || Hash.new
   end
+
+  def confirmation_conditions(user)
+    begin
+      user.confirmation_sent > Mori::Token.expiration_date
+    rescue
+      return false
+    end
+  end
 end

data/app/controllers/mori/sessions_controller.rb

@@ -1,21 +1,22 @@
+# Mori::SessionsController is responsible for creating and destroying sessions
 class Mori::SessionsController < Mori::BaseController
   def new
     if current_user
-      redirect_to Mori.configuration.dashboard_path
+      redirect_to @config.dashboard_path
     else
-      @user = Mori.configuration.user_model.new
-      flash.now.alert = warden.message if warden.message.present?
+      @user = @config.user_model.new
+      flash.now.alert = warden.message
       render :template => 'sessions/new'
     end
   end
 
   def create
     warden.authenticate!
-    redirect_to Mori.configuration.dashboard_path, :notice => 'You have logged in'
+    redirect_to @config.dashboard_path, :notice => 'You have logged in'
   end
 
   def destroy
     warden.logout
-    redirect_to Mori.configuration.after_logout_path
+    redirect_to @config.after_logout_path
   end
 end

data/app/helpers/mori_helper.rb

@@ -1,5 +1,5 @@
 module MoriHelper
-  def logout_link(text = 'Log Out')
+  def mori_logout_link(text = 'Log Out')
     link_to text, logout_path, :method => :delete
   end
 end

data/app/mailers/mori_mailer.rb

@@ -1,3 +1,4 @@
+# MoriMailer sends Forgot Passwords, User Invitations, and Confirmation Emails
 class MoriMailer < ActionMailer::Base
   default :from => Mori.configuration.from_email
 

data/app/views/mori_forms/_accept_invite.html.erb

@@ -1,7 +1,7 @@
 <%= form_for @user, :url => accept_invites_path, :method => :put, :id => 'accept_invites_form', :class => 'mori_form' do |f| %>
   <h3 class="form-title">Accept Invitation</h3>
   <h4><%= flash[:notice] %></h4>
-    <%= f.hidden_field :invitation_token %>
+    <%= f.hidden_field :token, :value => @user.invitation_token %>
     <%= f.hidden_field :email %>
   <div class="form-group">
     <%= f.label :password %>

data/app/views/mori_forms/_password_reset.html.erb

@@ -7,7 +7,7 @@
     </div>
   <% end %>
   <%= f.hidden_field :email %>
-  <%= f.hidden_field :password_reset_token %>
+  <%= f.hidden_field :token, :value => @user.password_reset_token %>
   <div class="form-group">
     <%= f.label :password, "New Password" %>
     <%= f.password_field :password, :class => "form-control" %>

data/config/initializers/warden.rb

@@ -1,4 +1,4 @@
-Rails.application.config.middleware.use Warden::Manager do |manager|
+Rails.application.config.middleware.insert_after ActionDispatch::Flash, Warden::Manager do |manager|
   manager.default_strategies :password
   manager.failure_app = Mori::SessionsController.action(:new)
 end
@@ -13,15 +13,18 @@ end
 
 Warden::Strategies.add(:password) do
   def valid?
-    params['user'].present? and params['user']['email'] and params['user']['password']
+    user_params.present? and user_params['email'] and user_params['password']
   end
 
   def authenticate!
-    user = User.find_by_email(params['user']['email'])
-    if user and user.authenticate(params['user']['password'])
+    user = User.find_by_email(user_params['email'])
+    if user and user.authenticate(user_params['password'])
       success! user
     else
       fail! "Invalid login credentials"
     end
   end
+  def user_params
+    params['user']
+  end
 end

data/config/locales/mori.en.yml

@@ -4,6 +4,7 @@ en:
     password_change_failed: We were unable to reset your password. Please try again
     password_changed_sucessfully: Your password has been updated
     password_has_been_reset: Your password has been reset
+    invalid_password_reset_token: Password Reset Token is Invalid, please try resetting your password again
     could_not_invite_user: Could not invite user
     accepted_invitation_message: You have accepted the invitation, welcome magical user
     logged_in: You have logged in

data/lib/generators/mori/install/templates/README

@@ -0,0 +1,31 @@
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Mori Next steps:
+
+1. Configure the mailer to create full URLs in emails:
+
+    # config/environments/{development,test}.rb
+    config.action_mailer.default_url_options = { host: 'localhost:3000' }
+
+    In production it should be your app's domain name.
+
+2. Display session info and flashes. For example, in your application layout:
+
+    <% if signed_in? %>
+      Signed in as: <%= current_user.email %>
+      <%= mori_logout_link %>
+    <% else %>
+      <%= link_to 'Sign in', sign_in_path %>
+    <% end %>
+
+    <div id="flash">
+      <% flash.each do |key, value| %>
+        <div class="flash <%= key %>"><%= value %></div>
+      <% end %>
+    </div>
+
+3. Migrate the database:
+
+    rake db:migrate
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

data/lib/generators/mori/install/templates/db/migrate/add_mori_to_users.rb

@@ -1,23 +1,23 @@
 class AddMoriToUsers < ActiveRecord::Migration
   def self.up
     change_table :users  do |t|
-<% config[:new_columns].values.each do |column| -%>
-      <%= column %>
-<% end -%>
+      <% config[:new_columns].values.each do |column| -%>
+        <%= column %>
+      <% end -%>
     end
 
-<% config[:new_indexes].values.each do |index| -%>
-    <%= index %>
-<% end -%>
+    <% config[:new_indexes].values.each do |index| -%>
+      <%= index %>
+    <% end -%>
 
     end
   end
 
   def self.down
     change_table :users do |t|
-<% if config[:new_columns].any? -%>
-      t.remove <%= new_columns.keys.map { |column| ":#{column}" }.join(',') %>
-<% end -%>
+      <% if config[:new_columns].any? -%>
+        t.remove <%= new_columns.keys.map { |column| ":#{column}" }.join(',') %>
+      <% end -%>
     end
   end
 end

data/lib/mori/configuration.rb

@@ -1,4 +1,5 @@
 module Mori
+  # Mori Configuration is for setting application wide settings
   class Configuration
     attr_accessor \
       :from_email,

data/lib/mori/controller.rb

@@ -7,7 +7,7 @@ module Mori
     end
 
     def signed_in?
-      !current_user.nil?
+      current_user.preset?
     end
 
     def current_user
@@ -19,7 +19,8 @@ module Mori
     end
 
     def user_params
-      params[:user] if params[:user].present?
+      user = params[:user]
+      user if user.present?
     end
   end
 end

data/lib/mori/engine.rb

@@ -1,10 +1,11 @@
 module Mori
+  # Mori::Engine configuration file
   class Engine < ::Rails::Engine
-    config.generators do |g|
-      g.test_framework :rspec, :fixture => false
-      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
-      g.assets false
-      g.helper false
+    config.generators do |gen|
+      gen.test_framework :rspec, :fixture => false
+      gen.fixture_replacement :factory_girl, :dir => 'spec/factories'
+      gen.assets false
+      gen.helper false
     end
 
     initializer 'mori.filter' do |app|

data/lib/mori/token.rb

@@ -1,7 +1,11 @@
 module Mori
+  # Mori::Token is used to generate Password Reset, Invitaiton and Confirmation tokens
   class Token
     def self.new
-      SecureRandom.hex(20).encode('UTF-8')
+      SecureRandom.hex(10).encode('UTF-8')
+    end
+    def self.expiration_date
+      Date.today - Mori.configuration.token_expiration.days
     end
   end
 end

data/lib/mori/user.rb

@@ -16,38 +16,13 @@ module Mori
     module ClassMethods
 
       def find_by_normalized_email(email)
-        find_by_email normalize_email(email)
+        find_by_email(normalize_email(email))
       end
 
       def normalize_email(string)
         string.gsub(/\s+/, '').downcase
       end
 
-      def confirm_email(token)
-        user = find_by_confirmation_token(token)
-        return false, 'Invalid Confirmation Token' if user.blank?
-        return false, 'Expired Confirmation Token' if user.confirmation_sent < Date.today - Mori.configuration.token_expiration.days
-        user.confirmed = true
-        return true, 'Email Confirmed' if user.save
-      end
-
-      def accept_invitation(token, password, password_confirmation)
-        user = find_by_invitation_token(token)
-        return false, I18n.t('flashes.passwords_dont_match') if password != password_confirmation
-        return false, 'Expired Invitation Token' if user.invitation_sent < Date.today - Mori.configuration.token_expiration.days
-        user.password = password
-        return true, I18n.t('flashes.logged_in') if user.save
-      end
-
-      def reset_password(token, new_password, confirmation)
-        user = find_by_password_reset_token token
-        return false, 'Passwords do not match' if new_password != confirmation
-        return false, 'Invalid Password Reset Token' unless token == user.password_reset_token
-        return false, 'Expired Reset Token' if user.password_reset_sent < Date.today - Mori.configuration.token_expiration.days
-        user.password = new_password
-        user.save
-      end
-
       def invite(email)
         user = create(
           :email => email,
@@ -61,14 +36,6 @@ module Mori
         end
       end
 
-      def forgot_password(email)
-        user = find_by_normalized_email(email)
-        return false if user.blank?
-        user.password_reset_token = Token.new
-        user.password_reset_sent = Date.today
-        MoriMailer.forgot_password(user)
-        user.save
-      end
     end
 
     module Callbacks
@@ -91,16 +58,36 @@ module Mori
       end
     end
 
-    def change_password(password, new_password, confirm)
-      return false, I18n.t('flashes.password_change_failed') if ::BCrypt::Password.new(self.password) != password
-      return false, I18n.t('flashes.passwords_did_not_match') if new_password != confirm
+    def accept_invitation(password)
+      self.password = password
+      self.confirmed = true
+      self.save
+    end
+
+    def change_password(new_password)
       self.password = new_password
       save
     end
 
+    def forgot_password
+      self.password_reset_token = Token.new
+      self.password_reset_sent = Date.today
+      MoriMailer.forgot_password(self)
+      save
+    end
+
+    def confirm_email
+      self.confirmed = true
+      self.save
+    end
+
+    def reset_password(new_password)
+      self.password = new_password
+      self.save
+    end
+
     def authenticate(password)
-      return false if ::BCrypt::Password.new(self.password) != password
-      true
+      ::BCrypt::Password.new(self.password) == password
     end
 
     private

data/lib/mori/version.rb

@@ -1,3 +1,3 @@
 module Mori
-  VERSION = '0.1.0'
+  VERSION = '0.1.1'
 end

data/spec/dummy/app/views/application/index.html.erb

@@ -1,6 +1,6 @@
 <h1> Hello World </h1>
 <%= flash[:notice] %>
-<%= logout_link %>
+<%= mori_logout_link %>
 <br/>
 <%= link_to 'Sign In', login_path %>
 <br/>