nagybence-clearance 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/LICENSE +21 -0
- data/README.textile +205 -0
- data/Rakefile +53 -0
- data/TODO.textile +8 -0
- data/generators/clearance/USAGE +1 -0
- data/generators/clearance/clearance_generator.rb +92 -0
- data/generators/clearance/lib/insert_commands.rb +103 -0
- data/generators/clearance/lib/rake_commands.rb +22 -0
- data/generators/clearance/templates/README +54 -0
- data/generators/clearance/templates/app/controllers/application.rb +5 -0
- data/generators/clearance/templates/app/controllers/confirmations_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/passwords_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/sessions_controller.rb +3 -0
- data/generators/clearance/templates/app/controllers/users_controller.rb +3 -0
- data/generators/clearance/templates/app/models/clearance_mailer.rb +5 -0
- data/generators/clearance/templates/app/models/user.rb +3 -0
- data/generators/clearance/templates/app/views/clearance_mailer/change_password.html.erb +10 -0
- data/generators/clearance/templates/app/views/clearance_mailer/confirmation.html.erb +1 -0
- data/generators/clearance/templates/app/views/passwords/edit.html.erb +25 -0
- data/generators/clearance/templates/app/views/passwords/new.html.erb +15 -0
- data/generators/clearance/templates/app/views/sessions/new.html.erb +28 -0
- data/generators/clearance/templates/app/views/users/_form.html.erb +13 -0
- data/generators/clearance/templates/app/views/users/edit.html.erb +6 -0
- data/generators/clearance/templates/app/views/users/new.html.erb +6 -0
- data/generators/clearance/templates/db/migrate/create_users_with_clearance_columns.rb +21 -0
- data/generators/clearance/templates/db/migrate/update_users_with_clearance_columns.rb +42 -0
- data/generators/clearance/templates/test/factories/clearance.rb +16 -0
- data/generators/clearance/templates/test/functional/confirmations_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/passwords_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/sessions_controller_test.rb +5 -0
- data/generators/clearance/templates/test/functional/users_controller_test.rb +5 -0
- data/generators/clearance/templates/test/unit/clearance_mailer_test.rb +6 -0
- data/generators/clearance/templates/test/unit/user_test.rb +5 -0
- data/lib/clearance/app/controllers/application_controller.rb +84 -0
- data/lib/clearance/app/controllers/confirmations_controller.rb +42 -0
- data/lib/clearance/app/controllers/passwords_controller.rb +67 -0
- data/lib/clearance/app/controllers/sessions_controller.rb +68 -0
- data/lib/clearance/app/controllers/users_controller.rb +40 -0
- data/lib/clearance/app/models/clearance_mailer.rb +29 -0
- data/lib/clearance/app/models/user.rb +89 -0
- data/lib/clearance/test/functional/confirmations_controller_test.rb +44 -0
- data/lib/clearance/test/functional/passwords_controller_test.rb +175 -0
- data/lib/clearance/test/functional/sessions_controller_test.rb +194 -0
- data/lib/clearance/test/functional/users_controller_test.rb +72 -0
- data/lib/clearance/test/test_helper.rb +28 -0
- data/lib/clearance/test/unit/clearance_mailer_test.rb +65 -0
- data/lib/clearance/test/unit/user_test.rb +167 -0
- data/lib/clearance.rb +14 -0
- data/rails/init.rb +1 -0
- data/shoulda_macros/clearance.rb +173 -0
- metadata +132 -0
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
<h2>Sign in</h2>
|
|
2
|
+
|
|
3
|
+
<% form_for :session, :url => session_path do |form| %>
|
|
4
|
+
<div class="text_field">
|
|
5
|
+
<%= form.label :email %>
|
|
6
|
+
<%= form.text_field :email %>
|
|
7
|
+
</div>
|
|
8
|
+
<div class="text_field">
|
|
9
|
+
<%= form.label :password %>
|
|
10
|
+
<%= form.password_field :password %>
|
|
11
|
+
</div>
|
|
12
|
+
<div class="text_field">
|
|
13
|
+
<%= form.check_box :remember_me %>
|
|
14
|
+
<%= form.label :remember_me %>
|
|
15
|
+
</div>
|
|
16
|
+
<div class="submit_field">
|
|
17
|
+
<%= form.submit "Sign in", :disable_with => "Please wait..." %>
|
|
18
|
+
</div>
|
|
19
|
+
<% end %>
|
|
20
|
+
|
|
21
|
+
<ul>
|
|
22
|
+
<li>
|
|
23
|
+
<%= link_to "Register", new_user_path %>
|
|
24
|
+
</li>
|
|
25
|
+
<li>
|
|
26
|
+
<%= link_to "Forgot password?", new_password_path %>
|
|
27
|
+
</li>
|
|
28
|
+
</ul>
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
<%= form.error_messages %>
|
|
2
|
+
<div class="text_field">
|
|
3
|
+
<%= form.label :email %>
|
|
4
|
+
<%= form.text_field :email %>
|
|
5
|
+
</div>
|
|
6
|
+
<div class="password_field">
|
|
7
|
+
<%= form.label :password %>
|
|
8
|
+
<%= form.password_field :password %>
|
|
9
|
+
</div>
|
|
10
|
+
<div class="password_field">
|
|
11
|
+
<%= form.label :password_confirmation, "Verify password" %>
|
|
12
|
+
<%= form.password_field :password_confirmation %>
|
|
13
|
+
</div>
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
class CreateOrUpdateUsersWithClearanceColumns < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
create_table(:users) do |t|
|
|
4
|
+
t.string :email
|
|
5
|
+
t.string :encrypted_password, :limit => 128
|
|
6
|
+
t.string :salt, :limit => 128
|
|
7
|
+
t.string :remember_token
|
|
8
|
+
t.datetime :remember_token_expires_at
|
|
9
|
+
t.boolean :email_confirmed, :default => false, :null => false
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
add_index :users, [:email, :encrypted_password]
|
|
13
|
+
add_index :users, [:id, :salt]
|
|
14
|
+
add_index :users, :email
|
|
15
|
+
add_index :users, :remember_token
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def self.down
|
|
19
|
+
drop_table :users
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
class CreateOrUpdateUsersWithClearanceColumns < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
<%
|
|
4
|
+
existing_columns = ActiveRecord::Base.connection.columns(:users).collect { |each| each.name }
|
|
5
|
+
columns = [
|
|
6
|
+
[:email, 't.string :email'],
|
|
7
|
+
[:encrypted_password, 't.string :encrypted_password, :limit => 180'],
|
|
8
|
+
[:salt, 't.string :salt, :limit => 180'],
|
|
9
|
+
[:remember_token, 't.string :remember_token'],
|
|
10
|
+
[:remember_token_expires_at, 't.datetime :remember_token_expires_at'],
|
|
11
|
+
[:email_confirmed, 't.boolean :email_confirmed, :default => false, :null => false']
|
|
12
|
+
].delete_if {|c| existing_columns.include?(c.first.to_s)}
|
|
13
|
+
-%>
|
|
14
|
+
change_table(:users) do |t|
|
|
15
|
+
<% columns.each do |c| -%>
|
|
16
|
+
<%= c.last %>
|
|
17
|
+
<% end -%>
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
<%
|
|
21
|
+
existing_indexes = ActiveRecord::Base.connection.indexes(:users)
|
|
22
|
+
index_names = existing_indexes.collect { |each| each.name }
|
|
23
|
+
new_indexes = [
|
|
24
|
+
[:index_users_on_email_and_encrypted_password, 'add_index :users, [:email, :encrypted_password]'],
|
|
25
|
+
[:index_users_on_id_and_salt, 'add_index :users, [:id, :salt]'],
|
|
26
|
+
[:index_users_on_email, 'add_index :users, :email'],
|
|
27
|
+
[:index_users_on_remember_token, 'add_index :users, :remember_token']
|
|
28
|
+
].delete_if { |each| index_names.include?(each.first.to_s) }
|
|
29
|
+
-%>
|
|
30
|
+
<% new_indexes.each do |each| -%>
|
|
31
|
+
<%= each.last %>
|
|
32
|
+
<% end -%>
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def self.down
|
|
36
|
+
change_table(:users) do |t|
|
|
37
|
+
<% unless columns.empty? -%>
|
|
38
|
+
t.remove <%= columns.collect { |each| ":#{each.first}" }.join(',') %>
|
|
39
|
+
<% end -%>
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
Factory.sequence :email do |n|
|
|
2
|
+
"user#{n}@example.com"
|
|
3
|
+
end
|
|
4
|
+
|
|
5
|
+
Factory.define :registered_user, :class => 'user' do |user|
|
|
6
|
+
user.email { Factory.next :email }
|
|
7
|
+
user.password { "password" }
|
|
8
|
+
user.password_confirmation { "password" }
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
Factory.define :email_confirmed_user, :class => 'user' do |user|
|
|
12
|
+
user.email { Factory.next :email }
|
|
13
|
+
user.password { "password" }
|
|
14
|
+
user.password_confirmation { "password" }
|
|
15
|
+
user.email_confirmed { true }
|
|
16
|
+
end
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Controllers
|
|
4
|
+
module ApplicationController
|
|
5
|
+
|
|
6
|
+
def self.included(controller)
|
|
7
|
+
controller.class_eval do
|
|
8
|
+
|
|
9
|
+
helper_method :current_user
|
|
10
|
+
helper_method :signed_in?
|
|
11
|
+
|
|
12
|
+
hide_action :current_user, :signed_in?
|
|
13
|
+
|
|
14
|
+
def current_user
|
|
15
|
+
@_current_user ||= (user_from_session || user_from_cookie)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def signed_in?
|
|
19
|
+
! current_user.nil?
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
protected
|
|
23
|
+
|
|
24
|
+
def authenticate
|
|
25
|
+
deny_access unless signed_in?
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def user_from_session
|
|
29
|
+
if session[:user_id] && session[:salt]
|
|
30
|
+
user = User.find_by_id_and_salt(session[:user_id], session[:salt])
|
|
31
|
+
end
|
|
32
|
+
user && user.email_confirmed? ? user : nil
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def user_from_cookie
|
|
36
|
+
if cookies[:remember_token]
|
|
37
|
+
user = User.find_by_remember_token(cookies[:remember_token])
|
|
38
|
+
end
|
|
39
|
+
user && user.remember? ? user : nil
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Hook
|
|
43
|
+
def sign_user_in(user)
|
|
44
|
+
sign_in(user)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def sign_in(user)
|
|
48
|
+
if user
|
|
49
|
+
session[:user_id] = user.id
|
|
50
|
+
session[:salt] = user.salt
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def redirect_back_or(default)
|
|
55
|
+
session[:return_to] ||= params[:return_to]
|
|
56
|
+
if session[:return_to]
|
|
57
|
+
redirect_to(session[:return_to])
|
|
58
|
+
else
|
|
59
|
+
redirect_to(default)
|
|
60
|
+
end
|
|
61
|
+
session[:return_to] = nil
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def redirect_to_root
|
|
65
|
+
redirect_to root_url
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def store_location
|
|
69
|
+
session[:return_to] = request.request_uri
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def deny_access(flash_message = nil, opts = {})
|
|
73
|
+
store_location
|
|
74
|
+
flash[:failure] = flash_message if flash_message
|
|
75
|
+
render :template => "/sessions/new", :status => :unauthorized
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Controllers
|
|
4
|
+
module ConfirmationsController
|
|
5
|
+
|
|
6
|
+
def self.included(controller)
|
|
7
|
+
controller.class_eval do
|
|
8
|
+
|
|
9
|
+
before_filter :existing_user?, :only => :new
|
|
10
|
+
filter_parameter_logging :salt
|
|
11
|
+
|
|
12
|
+
def new
|
|
13
|
+
create
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def create
|
|
17
|
+
@user.confirm_email!
|
|
18
|
+
sign_user_in(@user)
|
|
19
|
+
flash[:success] = "Confirmed email and signed in."
|
|
20
|
+
redirect_to url_after_create
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
private
|
|
24
|
+
|
|
25
|
+
def existing_user?
|
|
26
|
+
@user = User.find_by_id_and_salt(params[:user_id], params[:salt])
|
|
27
|
+
if @user.nil?
|
|
28
|
+
render :nothing => true, :status => :not_found
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def url_after_create
|
|
33
|
+
root_url
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Controllers
|
|
4
|
+
module PasswordsController
|
|
5
|
+
|
|
6
|
+
def self.included(controller)
|
|
7
|
+
controller.class_eval do
|
|
8
|
+
|
|
9
|
+
before_filter :existing_user?, :only => [:edit, :update]
|
|
10
|
+
filter_parameter_logging :password, :password_confirmation
|
|
11
|
+
|
|
12
|
+
def new
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def create
|
|
16
|
+
user = User.find_by_email(params[:password][:email])
|
|
17
|
+
if user.nil?
|
|
18
|
+
flash.now[:notice] = "Unknown email"
|
|
19
|
+
render :action => :new
|
|
20
|
+
else
|
|
21
|
+
ClearanceMailer.deliver_change_password user
|
|
22
|
+
flash[:notice] = "Details for changing your password have been sent"
|
|
23
|
+
redirect_to url_after_create
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def edit
|
|
28
|
+
@user = User.find_by_email_and_encrypted_password(params[:email],
|
|
29
|
+
params[:password])
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def update
|
|
33
|
+
@user = User.find_by_email_and_encrypted_password(params[:email],
|
|
34
|
+
params[:password])
|
|
35
|
+
if @user.update_attributes params[:user]
|
|
36
|
+
sign_user_in(@user)
|
|
37
|
+
redirect_to url_after_update
|
|
38
|
+
else
|
|
39
|
+
render :action => :edit
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
private
|
|
44
|
+
|
|
45
|
+
def existing_user?
|
|
46
|
+
user = User.find_by_email_and_encrypted_password(params[:email],
|
|
47
|
+
params[:password])
|
|
48
|
+
if user.nil?
|
|
49
|
+
render :nothing => true, :status => :not_found
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def url_after_create
|
|
54
|
+
new_session_url
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def url_after_update
|
|
58
|
+
root_url
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Controllers
|
|
4
|
+
module SessionsController
|
|
5
|
+
|
|
6
|
+
def self.included(controller)
|
|
7
|
+
controller.class_eval do
|
|
8
|
+
|
|
9
|
+
protect_from_forgery :except => :create
|
|
10
|
+
filter_parameter_logging :password
|
|
11
|
+
|
|
12
|
+
def create
|
|
13
|
+
@user = User.authenticate(params[:session][:email],
|
|
14
|
+
params[:session][:password])
|
|
15
|
+
if @user.nil?
|
|
16
|
+
flash.now[:notice] = "Bad email or password."
|
|
17
|
+
render :action => :new
|
|
18
|
+
else
|
|
19
|
+
if @user.email_confirmed?
|
|
20
|
+
remember(@user) if remember?
|
|
21
|
+
sign_user_in(@user)
|
|
22
|
+
flash[:notice] = "Signed in successfully"
|
|
23
|
+
redirect_back_or url_after_create
|
|
24
|
+
else
|
|
25
|
+
deny_access("User has not confirmed email.")
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def destroy
|
|
31
|
+
forget(current_user)
|
|
32
|
+
reset_session
|
|
33
|
+
flash[:notice] = "You have been signed out."
|
|
34
|
+
redirect_to url_after_destroy
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
private
|
|
38
|
+
|
|
39
|
+
def remember?
|
|
40
|
+
params[:session] && params[:session][:remember_me] == "1"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def remember(user)
|
|
44
|
+
user.remember_me!
|
|
45
|
+
cookies[:remember_token] = { :value => user.remember_token,
|
|
46
|
+
:expires => user.remember_token_expires_at }
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def forget(user)
|
|
50
|
+
user.forget_me! if user
|
|
51
|
+
cookies.delete :remember_token
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def url_after_create
|
|
55
|
+
root_url
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def url_after_destroy
|
|
59
|
+
new_session_url
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Controllers
|
|
4
|
+
module UsersController
|
|
5
|
+
|
|
6
|
+
def self.included(controller)
|
|
7
|
+
controller.class_eval do
|
|
8
|
+
|
|
9
|
+
before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in?
|
|
10
|
+
filter_parameter_logging :password
|
|
11
|
+
|
|
12
|
+
def new
|
|
13
|
+
@user = User.new(params[:user])
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def create
|
|
17
|
+
@user = User.new params[:user]
|
|
18
|
+
if @user.save
|
|
19
|
+
ClearanceMailer.deliver_confirmation @user
|
|
20
|
+
flash[:notice] = "You will receive an email within the next few minutes. " <<
|
|
21
|
+
"It contains instructions for you to confirm your account."
|
|
22
|
+
redirect_to url_after_create
|
|
23
|
+
else
|
|
24
|
+
render :action => "new"
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
private
|
|
29
|
+
|
|
30
|
+
def url_after_create
|
|
31
|
+
new_session_url
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module App
|
|
3
|
+
module Models
|
|
4
|
+
module ClearanceMailer
|
|
5
|
+
|
|
6
|
+
def self.included(mailer)
|
|
7
|
+
mailer.class_eval do
|
|
8
|
+
|
|
9
|
+
def change_password(user)
|
|
10
|
+
from DO_NOT_REPLY
|
|
11
|
+
recipients user.email
|
|
12
|
+
subject "Change your password"
|
|
13
|
+
body :user => user
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def confirmation(user)
|
|
17
|
+
from DO_NOT_REPLY
|
|
18
|
+
recipients user.email
|
|
19
|
+
subject "Account confirmation"
|
|
20
|
+
body :user => user
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
end
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
require 'digest/sha2'
|
|
2
|
+
|
|
3
|
+
module Clearance
|
|
4
|
+
module App
|
|
5
|
+
module Models
|
|
6
|
+
module User
|
|
7
|
+
|
|
8
|
+
def self.included(model)
|
|
9
|
+
model.class_eval do
|
|
10
|
+
|
|
11
|
+
attr_accessible :email, :password, :password_confirmation
|
|
12
|
+
attr_accessor :password, :password_confirmation
|
|
13
|
+
|
|
14
|
+
validates_presence_of :email
|
|
15
|
+
validates_presence_of :password, :if => :password_required?
|
|
16
|
+
validates_confirmation_of :password, :if => :password_required?
|
|
17
|
+
validates_uniqueness_of :email, :case_sensitive => false
|
|
18
|
+
validates_format_of :email, :with => %r{.+@.+\..+}
|
|
19
|
+
|
|
20
|
+
before_save :initialize_salt, :encrypt_password, :downcase_email
|
|
21
|
+
|
|
22
|
+
def self.authenticate(email, password)
|
|
23
|
+
user = find(:first, :conditions => ['LOWER(email) = ?', email.to_s.downcase])
|
|
24
|
+
user && user.authenticated?(password) ? user : nil
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def authenticated?(password)
|
|
28
|
+
encrypted_password == encrypt(password)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def encrypt(string)
|
|
32
|
+
hash("--#{salt}--#{string}--")
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def remember?
|
|
36
|
+
remember_token_expires_at && Time.now.utc < remember_token_expires_at
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def remember_me!
|
|
40
|
+
remember_me_until 2.weeks.from_now.utc
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def remember_me_until(time)
|
|
44
|
+
self.update_attribute :remember_token_expires_at, time
|
|
45
|
+
self.update_attribute :remember_token,
|
|
46
|
+
encrypt("--#{remember_token_expires_at}--#{password}--")
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def forget_me!
|
|
50
|
+
self.update_attribute :remember_token_expires_at, nil
|
|
51
|
+
self.update_attribute :remember_token, nil
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def confirm_email!
|
|
55
|
+
self.update_attribute :email_confirmed, true
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
protected
|
|
59
|
+
|
|
60
|
+
def hash(string)
|
|
61
|
+
Digest::SHA512.hexdigest(string)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def initialize_salt
|
|
65
|
+
if new_record?
|
|
66
|
+
self.salt = hash("--#{Time.now.utc.to_s}--#{password}--")
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def encrypt_password
|
|
71
|
+
return if password.blank?
|
|
72
|
+
self.encrypted_password = encrypt(password)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def password_required?
|
|
76
|
+
encrypted_password.blank? || !password.blank?
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def downcase_email
|
|
80
|
+
self.email = email.to_s.downcase
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
module Clearance
|
|
2
|
+
module Test
|
|
3
|
+
module Functional
|
|
4
|
+
module ConfirmationsControllerTest
|
|
5
|
+
|
|
6
|
+
def self.included(controller_test)
|
|
7
|
+
controller_test.class_eval do
|
|
8
|
+
|
|
9
|
+
should_filter_params :salt
|
|
10
|
+
|
|
11
|
+
context "Given a user whose email has not been confirmed" do
|
|
12
|
+
setup { @user = Factory(:registered_user) }
|
|
13
|
+
|
|
14
|
+
context "on GET to #new with correct id and salt" do
|
|
15
|
+
setup do
|
|
16
|
+
get :new, :user_id => @user.to_param, :salt => @user.salt
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
should_set_the_flash_to /confirmed email/i
|
|
20
|
+
should_set_the_flash_to /signed in/i
|
|
21
|
+
should_be_signed_in_and_email_confirmed_as { @user }
|
|
22
|
+
should_redirect_to_url_after_create
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
context "on GET to #new with incorrect salt" do
|
|
26
|
+
setup do
|
|
27
|
+
salt = ""
|
|
28
|
+
assert_not_equal salt, @user.salt
|
|
29
|
+
|
|
30
|
+
get :new, :user_id => @user.to_param, :salt => salt
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
should_respond_with :not_found
|
|
34
|
+
should_render_nothing
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|