namxam-devise 1.1.0.win

data/lib/devise/models/timeoutable.rb

@@ -0,0 +1,26 @@
+require 'devise/hooks/timeoutable'
+
+module Devise
+  module Models
+    # Timeoutable takes care of veryfing whether a user session has already
+    # expired or not. When a session expires after the configured time, the user
+    # will be asked for credentials again, it means, he/she will be redirected
+    # to the sign in page.
+    #
+    # Configuration:
+    #
+    #   timeout_in: the time you want to timeout the user session without activity.
+    module Timeoutable
+      extend ActiveSupport::Concern
+
+      # Checks whether the user session has expired based on configured time.
+      def timedout?(last_access)
+        last_access && last_access <= self.class.timeout_in.ago
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :timeout_in)
+      end
+    end
+  end
+end

data/lib/devise/models/token_authenticatable.rb

@@ -0,0 +1,60 @@
+require 'devise/strategies/token_authenticatable'
+
+module Devise
+  module Models
+    # The TokenAuthenticatable module is responsible for generating an authentication token and
+    # validating the authenticity of the same while signing in.
+    #
+    # This module only provides a few helpers to help you manage the token. Creating and resetting
+    # the token is your responsibility.
+    #
+    # == Configuration:
+    #
+    # You can overwrite configuration values by setting in globally in Devise (+Devise.setup+),
+    # using devise method, or overwriting the respective instance method.
+    #
+    # +token_authentication_key+ - Defines name of the authentication token params key. E.g. /users/sign_in?some_key=...
+    #
+    module TokenAuthenticatable
+      extend ActiveSupport::Concern
+
+      # Generate new authentication token (a.k.a. "single access token").
+      def reset_authentication_token
+        self.authentication_token = self.class.authentication_token
+      end
+
+      # Generate new authentication token and save the record.
+      def reset_authentication_token!
+        reset_authentication_token
+        self.save(:validate => false)
+      end
+
+      # Generate authentication token unless already exists.
+      def ensure_authentication_token
+        self.reset_authentication_token if self.authentication_token.blank?
+      end
+
+      # Generate authentication token unless already exists and save the record.
+      def ensure_authentication_token!
+        self.reset_authentication_token! if self.authentication_token.blank?
+      end
+
+      # Hook called after token authentication.
+      def after_token_authentication
+      end
+
+      module ClassMethods
+        def find_for_token_authentication(conditions)
+          find_for_authentication(:authentication_token => conditions[token_authentication_key])
+        end
+
+        # Generate a token checking if one does not already exist in the database.
+        def authentication_token
+          generate_token(:authentication_token)
+        end
+
+        ::Devise::Models.config(self, :token_authentication_key)
+      end
+    end
+  end
+end

data/lib/devise/models/trackable.rb

@@ -0,0 +1,30 @@
+require 'devise/hooks/trackable'
+
+module Devise
+  module Models
+    # Track information about your user sign in. It tracks the following columns:
+    #
+    # * sign_in_count      - Increased every time a sign in is made (by form, openid, oauth)
+    # * current_sign_in_at - A tiemstamp updated when the user signs in
+    # * last_sign_in_at    - Holds the timestamp of the previous sign in
+    # * current_sign_in_ip - The remote ip updated when the user sign in
+    # * last_sign_in_at    - Holds the remote ip of the previous sign in
+    #
+    module Trackable
+      def update_tracked_fields!(request)
+        old_current, new_current = self.current_sign_in_at, Time.now
+        self.last_sign_in_at     = old_current || new_current
+        self.current_sign_in_at  = new_current
+
+        old_current, new_current = self.current_sign_in_ip, request.remote_ip
+        self.last_sign_in_ip     = old_current || new_current
+        self.current_sign_in_ip  = new_current
+
+        self.sign_in_count ||= 0
+        self.sign_in_count += 1
+
+        save(:validate => false)
+      end
+    end
+  end
+end

data/lib/devise/models/validatable.rb

@@ -0,0 +1,53 @@
+module Devise
+  module Models
+
+    # Validatable creates all needed validations for a user email and password.
+    # It's optional, given you may want to create the validations by yourself.
+    # Automatically validate if the email is present, unique and it's format is
+    # valid. Also tests presence of password, confirmation and length
+    module Validatable
+      # All validations used by this module.
+      VALIDATIONS = [ :validates_presence_of, :validates_uniqueness_of, :validates_format_of,
+                      :validates_confirmation_of, :validates_length_of ].freeze
+
+      def self.included(base)
+        base.extend ClassMethods
+        assert_validations_api!(base)
+
+        base.class_eval do
+          validates_presence_of   :email
+          validates_uniqueness_of :email, :scope => authentication_keys[1..-1], :case_sensitive => false, :allow_blank => true
+          validates_format_of     :email, :with  => email_regexp, :allow_blank => true
+
+          with_options :if => :password_required? do |v|
+            v.validates_presence_of     :password
+            v.validates_confirmation_of :password
+            v.validates_length_of       :password, :within => password_length, :allow_blank => true
+          end
+        end
+      end
+
+      def self.assert_validations_api!(base) #:nodoc:
+        unavailable_validations = VALIDATIONS.select { |v| !base.respond_to?(v) }
+
+        unless unavailable_validations.empty?
+          raise "Could not use :validatable module since #{base} does not respond " <<
+                "to the following methods: #{unavailable_validations.to_sentence}."
+        end
+      end
+
+    protected
+
+      # Checks whether a password is needed or not. For validations only.
+      # Passwords are always required if it's a new record, or if the password
+      # or confirmation are being set somewhere.
+      def password_required?
+        !persisted? || !password.nil? || !password_confirmation.nil?
+      end
+
+      module ClassMethods
+        Devise::Models.config(self, :email_regexp, :password_length)
+      end
+    end
+  end
+end

data/lib/devise/modules.rb

@@ -0,0 +1,23 @@
+require 'active_support/core_ext/object/with_options'
+
+Devise.with_options :model => true do |d|
+  # Strategies first
+  d.with_options :strategy => true do |s|      
+    s.add_module :database_authenticatable, :controller => :sessions, :route => :session
+    s.add_module :token_authenticatable,    :controller => :sessions, :route => :session
+    s.add_module :rememberable
+  end
+
+  # Misc after   
+  d.add_module :recoverable,  :controller => :passwords,     :route => :password
+  d.add_module :registerable, :controller => :registrations, :route => :registration
+  d.add_module :validatable
+
+  # The ones which can sign out after
+  d.add_module :confirmable,  :controller => :confirmations, :route => :confirmation
+  d.add_module :lockable,     :controller => :unlocks,       :route => :unlock
+  d.add_module :timeoutable
+
+  # Stats for last, so we make sure the user is really signed in
+  d.add_module :trackable
+end

data/lib/devise/orm/active_record.rb

@@ -0,0 +1,36 @@
+module Devise
+  module Orm
+    # This module contains some helpers and handle schema (migrations):
+    #
+    #   create_table :accounts do |t|
+    #     t.database_authenticatable
+    #     t.confirmable
+    #     t.recoverable
+    #     t.rememberable
+    #     t.trackable
+    #     t.lockable
+    #     t.timestamps
+    #   end
+    #
+    # However this method does not add indexes. If you need them, here is the declaration:
+    #
+    #   add_index "accounts", ["email"],                :name => "email",                :unique => true
+    #   add_index "accounts", ["confirmation_token"],   :name => "confirmation_token",   :unique => true
+    #   add_index "accounts", ["reset_password_token"], :name => "reset_password_token", :unique => true
+    #
+    module ActiveRecord
+      module Schema
+        include Devise::Schema
+
+        # Tell how to apply schema methods.
+        def apply_devise_schema(name, type, options={})
+          column name, type.to_s.downcase.to_sym, options
+        end
+      end
+    end
+  end
+end
+
+ActiveRecord::Base.extend Devise::Models
+ActiveRecord::ConnectionAdapters::Table.send :include, Devise::Orm::ActiveRecord::Schema
+ActiveRecord::ConnectionAdapters::TableDefinition.send :include, Devise::Orm::ActiveRecord::Schema

data/lib/devise/orm/mongoid.rb

@@ -0,0 +1,29 @@
+module Devise
+  module Orm
+    module Mongoid
+      module Hook
+        def devise_modules_hook!
+          extend Schema
+          yield
+          return unless Devise.apply_schema
+          devise_modules.each { |m| send(m) if respond_to?(m, true) }
+        end
+      end
+
+      module Schema
+        include Devise::Schema
+
+        # Tell how to apply schema methods
+        def apply_devise_schema(name, type, options={})
+          type = Time if type == DateTime
+          field name, { :type => type }.merge(options)
+        end
+      end
+    end
+  end
+end
+
+Mongoid::Document::ClassMethods.class_eval do
+  include Devise::Models
+  include Devise::Orm::Mongoid::Hook
+end

data/lib/devise/path_checker.rb

@@ -0,0 +1,18 @@
+module Devise
+  class PathChecker
+    include Rails.application.routes.url_helpers
+
+    def self.default_url_options(*args)
+      ApplicationController.default_url_options(*args)
+    end
+
+    def initialize(env, scope)
+      @current_path = "/#{env["SCRIPT_NAME"]}/#{env["PATH_INFO"]}".squeeze("/")
+      @scope = scope
+    end
+
+    def signing_out?
+      @current_path == send("destroy_#{@scope}_session_path")
+    end
+  end
+end

data/lib/devise/rails.rb

@@ -0,0 +1,69 @@
+require 'devise/rails/routes'
+require 'devise/rails/warden_compat'
+
+# Include UrlHelpers in ActionController and ActionView as soon as they are loaded.
+ActiveSupport.on_load(:action_controller) { include Devise::Controllers::UrlHelpers }
+ActiveSupport.on_load(:action_view) { include Devise::Controllers::UrlHelpers }
+
+module Devise
+  class Engine < ::Rails::Engine
+    config.devise = Devise
+
+    config.app_middleware.use Warden::Manager do |config|
+      Devise.warden_config = config
+    end
+
+    # Force routes to be loaded if we are doing any eager load.
+    config.before_eager_load { |app| app.reload_routes! }
+
+    config.after_initialize do
+      Devise.encryptor ||= begin
+        warn "[WARNING] config.encryptor is not set in your config/initializers/devise.rb. " \
+          "Devise will then set it to :bcrypt. If you were using the previous default " \
+          "encryptor, please add config.encryptor = :sha1 to your configuration file." if Devise.mailer_sender
+        :authlogic_sha512
+      end
+    end
+
+    initializer "devise.add_filters" do |app|
+      app.config.filter_parameters += [:password, :password_confirmation]
+      app.config.filter_parameters.uniq
+    end
+
+    unless Rails.env.production?
+      config.after_initialize do
+        actions = [:confirmation_instructions, :reset_password_instructions, :unlock_instructions]
+
+        translations = begin
+          I18n.t("devise.mailer", :raise => true).map { |k, v| k if v.is_a?(String) }.compact
+        rescue Exception => e # Do not care if something fails
+          []
+        end
+
+        keys = actions & translations
+
+        keys.each do |key|
+          ActiveSupport::Deprecation.warn "The I18n message 'devise.mailer.#{key}' is deprecated. " \
+            "Please use 'devise.mailer.#{key}.subject' instead."
+        end
+      end
+
+      config.after_initialize do
+        flash = [:unauthenticated, :unconfirmed, :invalid, :invalid_token, :timeout, :inactive, :locked]
+
+        translations = begin
+          I18n.t("devise.sessions", :raise => true).keys
+        rescue Exception => e # Do not care if something fails
+          []
+        end
+
+        keys = flash & translations
+
+        if keys.any?
+          ActiveSupport::Deprecation.warn "The following I18n messages in 'devise.sessions' " \
+            "are deprecated: #{keys.to_sentence}. Please move them to 'devise.failure' instead."
+        end
+      end
+    end
+  end
+end

data/lib/devise/rails/routes.rb

@@ -0,0 +1,248 @@
+module ActionDispatch::Routing
+  class RouteSet #:nodoc:
+    # Ensure Devise modules are included only after loading routes, because we
+    # need devise_for mappings already declared to create filters and helpers.
+    def finalize_with_devise!
+      finalize_without_devise!
+      Devise.configure_warden!
+      ActionController::Base.send :include, Devise::Controllers::Helpers
+    end
+    alias_method_chain :finalize!, :devise
+  end
+
+  class Mapper
+    # Includes devise_for method for routes. This method is responsible to
+    # generate all needed routes for devise, based on what modules you have
+    # defined in your model.
+    #
+    # ==== Examples
+    #
+    # Let's say you have an User model configured to use authenticatable,
+    # confirmable and recoverable modules. After creating this inside your routes:
+    #
+    #   devise_for :users
+    #
+    # This method is going to look inside your User model and create the
+    # needed routes:
+    #
+    #  # Session routes for Authenticatable (default)
+    #       new_user_session GET  /users/sign_in                    {:controller=>"devise/sessions", :action=>"new"}
+    #           user_session POST /users/sign_in                    {:controller=>"devise/sessions", :action=>"create"}
+    #   destroy_user_session GET  /users/sign_out                   {:controller=>"devise/sessions", :action=>"destroy"}
+    #
+    #  # Password routes for Recoverable, if User model has :recoverable configured
+    #      new_user_password GET  /users/password/new(.:format)     {:controller=>"devise/passwords", :action=>"new"}
+    #     edit_user_password GET  /users/password/edit(.:format)    {:controller=>"devise/passwords", :action=>"edit"}
+    #          user_password PUT  /users/password(.:format)         {:controller=>"devise/passwords", :action=>"update"}
+    #                        POST /users/password(.:format)         {:controller=>"devise/passwords", :action=>"create"}
+    #
+    #  # Confirmation routes for Confirmable, if User model has :confirmable configured
+    #  new_user_confirmation GET  /users/confirmation/new(.:format) {:controller=>"devise/confirmations", :action=>"new"}
+    #      user_confirmation GET  /users/confirmation(.:format)     {:controller=>"devise/confirmations", :action=>"show"}
+    #                        POST /users/confirmation(.:format)     {:controller=>"devise/confirmations", :action=>"create"}
+    #
+    # ==== Options
+    #
+    # You can configure your routes with some options:
+    #
+    #  * :class_name => setup a different class to be looked up by devise,
+    #                   if it cannot be correctly find by the route name.
+    #
+    #      devise_for :users, :class_name => 'Account'
+    #
+    #  * :path => allows you to setup path name that will be used, as rails routes does.
+    #             The following route configuration would setup your route as /accounts instead of /users:
+    #
+    #      devise_for :users, :path => 'accounts'
+    #
+    #  * :singular => setup the singular name for the given resource. This is used as the instance variable name in
+    #                 controller, as the name in routes and the scope given to warden.
+    #
+    #      devise_for :users, :singular => :user
+    #
+    #  * :path_names => configure different path names to overwrite defaults :sign_in, :sign_out, :sign_up,
+    #                   :password, :confirmation, :unlock.
+    #
+    #      devise_for :users, :path_names => { :sign_in => 'login', :sign_out => 'logout', :password => 'secret', :confirmation => 'verification' }
+    #
+    #  * :controllers => the controller which should be used. All routes by default points to Devise controllers.
+    #    However, if you want them to point to custom controller, you should do:
+    #
+    #      devise_for :users, :controllers => { :sessions => "users/sessions" }
+    #
+    #  * :module => the namespace to find controlers. By default, devise will access devise/sessions,
+    #    devise/registrations and so on. If you want to namespace all at once, use module:
+    #
+    #      devise_for :users, :module => "users"
+    #
+    #    Notice that whenever you use namespace in the router DSL, it automatically sets the module.
+    #    So the following setup:
+    #
+    #      namespace :publisher
+    #        devise_for :account
+    #      end
+    #
+    #    Will use publisher/sessions controller instead of devise/sessions controller. You can revert
+    #    this by providing the :module option to devise_for.
+    #
+    #  * :skip => tell which controller you want to skip routes from being created:
+    #
+    #      devise_for :users, :skip => :sessions
+    #
+    # ==== Scoping
+    #
+    # Following Rails 3 routes DSL, you can nest devise_for calls inside a scope:
+    #
+    #   scope "/my" do
+    #     devise_for :users
+    #   end
+    #
+    # However, since Devise uses the request path to retrieve the current user, it has one caveats.
+    # If you are using a dynamic segment, as below:
+    #
+    #   scope ":locale" do
+    #     devise_for :users
+    #   end
+    #
+    # You are required to configure default_url_options in your ApplicationController class level, so
+    # Devise can pick it:
+    #
+    #   class ApplicationController < ActionController::Base
+    #     def self.default_url_options
+    #       { :locale => I18n.locale }
+    #     end
+    #   end
+    #
+    def devise_for(*resources)
+      options = resources.extract_options!
+
+      if as = options.delete(:as)
+        ActiveSupport::Deprecation.warn ":as is deprecated, please use :path instead."
+        options[:path] ||= as
+      end
+
+      if scope = options.delete(:scope)
+        ActiveSupport::Deprecation.warn ":scope is deprecated, please use :singular instead."
+        options[:singular] ||= scope
+      end
+
+      options[:as]          ||= @scope[:as]     if @scope[:as].present?
+      options[:module]      ||= @scope[:module] if @scope[:module].present?
+      options[:path_prefix] ||= @scope[:path]   if @scope[:path].present?
+      options[:path_names]    = (@scope[:path_names] || {}).merge(options[:path_names] || {})
+
+      resources.map!(&:to_sym)
+
+      resources.each do |resource|
+        mapping = Devise.add_mapping(resource, options)
+
+        begin
+          raise_no_devise_method_error!(mapping.class_name) unless mapping.to.respond_to?(:devise)
+        rescue NameError => e
+          raise unless mapping.class_name == resource.to_s.classify
+          warn "[WARNING] You provided devise_for #{resource.inspect} but there is " <<
+            "no model #{mapping.class_name} defined in your application"
+          next
+        rescue NoMethodError => e
+          raise unless e.message.include?("undefined method `devise'")
+          raise_no_devise_method_error!(mapping.class_name)
+        end
+
+        routes  = mapping.routes
+        routes -= Array(options.delete(:skip)).map { |s| s.to_s.singularize.to_sym }
+
+        devise_scope mapping.name do
+          yield if block_given?
+          with_devise_exclusive_scope mapping.fullpath, mapping.name do
+            routes.each { |mod| send(:"devise_#{mod}", mapping, mapping.controllers) }
+          end
+        end
+      end
+    end
+
+    # Allow you to add authentication request from the router:
+    #
+    #   authenticate(:user) do
+    #     resources :post
+    #   end
+    #
+    def authenticate(scope)
+      constraint = lambda do |request|
+        request.env["warden"].authenticate!(:scope => scope)
+      end
+
+      constraints(constraint) do
+        yield
+      end
+    end
+
+    # Sets the devise scope to be used in the controller. If you have custom routes,
+    # you are required to call this method (also aliased as :as) in order to specify
+    # to which controller it is targetted.
+    #
+    #   as :user do
+    #     get "sign_in", :to => "devise/sessions#new"
+    #   end
+    #
+    # Notice you cannot have two scopes mapping to the same URL. And remember, if
+    # you try to access a devise controller without specifying a scope, it will
+    # raise ActionNotFound error.
+    def devise_scope(scope)
+      constraint = lambda do |request|
+        request.env["devise.mapping"] = Devise.mappings[scope]
+        true
+      end
+
+      constraints(constraint) do
+        yield
+      end
+    end
+    alias :as :devise_scope
+
+    protected
+
+      def devise_session(mapping, controllers) #:nodoc:
+        scope :controller => controllers[:sessions], :as => :session do
+          get  :new,     :path => mapping.path_names[:sign_in]
+          post :create,  :path => mapping.path_names[:sign_in], :as => ""
+          get  :destroy, :path => mapping.path_names[:sign_out]
+        end
+      end
+ 
+      def devise_password(mapping, controllers) #:nodoc:
+        resource :password, :only => [:new, :create, :edit, :update],
+          :path => mapping.path_names[:password], :controller => controllers[:passwords]
+      end
+ 
+      def devise_confirmation(mapping, controllers) #:nodoc:
+        resource :confirmation, :only => [:new, :create, :show],
+          :path => mapping.path_names[:confirmation], :controller => controllers[:confirmations]
+      end
+ 
+      def devise_unlock(mapping, controllers) #:nodoc:
+        if mapping.to.unlock_strategy_enabled?(:email)
+          resource :unlock, :only => [:new, :create, :show],
+            :path => mapping.path_names[:unlock], :controller => controllers[:unlocks]
+        end
+      end
+
+      def devise_registration(mapping, controllers) #:nodoc:
+        resource :registration, :only => [:new, :create, :edit, :update, :destroy], :path => mapping.path_names[:registration],
+                 :path_names => { :new => mapping.path_names[:sign_up] }, :controller => controllers[:registrations]
+      end
+
+      def with_devise_exclusive_scope(new_path, new_as) #:nodoc:
+        old_as, old_path, old_module = @scope[:as], @scope[:path], @scope[:module]
+        @scope[:as], @scope[:path], @scope[:module] = new_as, new_path, nil
+        yield
+      ensure
+        @scope[:as], @scope[:path], @scope[:module] = old_as, old_path, old_module
+      end
+
+      def raise_no_devise_method_error!(klass) #:nodoc:
+        raise "#{klass} does not respond to 'devise' method. This usually means you haven't " <<
+          "loaded your ORM file or it's being loaded too late. To fix it, be sure to require 'devise/orm/YOUR_ORM' " <<
+          "inside 'config/initializers/devise.rb' or before your application definition in 'config/application.rb'"
+      end
+  end
+end