okkez-multi_auth 0.0.1

data/app/models/activation_mailer.rb

@@ -0,0 +1,114 @@
+# -*- coding: utf-8 -*-
+
+# アクティベーションメーラ
+class ActivationMailer < ActionMailer::Base
+  include ActionMailerUtil
+
+  SubjectPrefix = "[#{MultiAuth.application_name}] "
+  FromAddress   = MultiAuth.from_address
+
+  def self.create_request_for_signup_params(options)
+    options = options.dup
+    recipients     = options.delete(:recipients)     || raise(ArgumentError)
+    activation_url = options.delete(:activation_url) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "ユーザ登録",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {:activation_url => activation_url},
+    }
+  end
+
+  def self.create_complete_for_signup_params(options)
+    options = options.dup
+    recipients = options.delete(:recipients) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "ユーザ登録完了",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {},
+    }
+  end
+
+  def self.create_request_for_credential_params(options)
+    options = options.dup
+    recipients     = options.delete(:recipients)     || raise(ArgumentError)
+    activation_url = options.delete(:activation_url) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "メールアドレス認証登録",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {:activation_url => activation_url},
+    }
+  end
+
+  def self.create_complete_for_credential_params(options)
+    options = options.dup
+    recipients = options.delete(:recipients) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "メールアドレス認証登録完了",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {},
+    }
+  end
+
+  def self.create_request_for_notice_params(options)
+    options = options.dup
+    recipients     = options.delete(:recipients)     || raise(ArgumentError)
+    activation_url = options.delete(:activation_url) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "通知先メールアドレス登録",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {:activation_url => activation_url},
+    }
+  end
+
+  def self.create_complete_for_notice_params(options)
+    options = options.dup
+    recipients = options.delete(:recipients) || raise(ArgumentError)
+    raise(ArgumentError) unless options.empty?
+
+    return {
+      :subject    => SubjectPrefix + "通知先メールアドレス登録完了",
+      :from       => FromAddress,
+      :recipients => recipients,
+      :body       => {},
+    }
+  end
+
+  def request_for_signup(options)
+    build_message(self.class.create_request_for_signup_params(options))
+  end
+
+  def complete_for_signup(options)
+    build_message(self.class.create_complete_for_signup_params(options))
+  end
+
+  def request_for_credential(options)
+    build_message(self.class.create_request_for_credential_params(options))
+  end
+
+  def complete_for_credential(options)
+    build_message(self.class.create_complete_for_credential_params(options))
+  end
+
+  def request_for_notice(options)
+    build_message(self.class.create_request_for_notice_params(options))
+  end
+
+  def complete_for_notice(options)
+    build_message(self.class.create_complete_for_notice_params(options))
+  end
+end

data/app/models/email_credential.rb

@@ -0,0 +1,89 @@
+# -*- coding: utf-8 -*-
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: email_credentials
+#
+#  id               :integer       not null, primary key
+#  created_at       :datetime      not null, index_email_credentials_on_created_at
+#  activation_token :string(40)    not null, index_email_credentials_on_activation_token(unique)
+#  user_id          :integer       not null, index_email_credentials_on_user_id
+#  email            :string(200)   not null, index_email_credentials_on_email(unique)
+#  hashed_password  :string(73)    not null
+#  activated_at     :datetime      index_email_credentials_on_activated_at
+#  loggedin_at      :datetime
+#
+
+# メール認証情報
+class EmailCredential < ActiveRecord::Base
+  EmailMaximumLength = 200
+  TokenLength  = 20
+  TokenPattern = TokenUtil.create_token_regexp(TokenLength)
+  HashedPasswordPattern = /\A([0-9a-f]{8}):([0-9a-f]{64})\z/
+  MaximumRecordsPerUser = 10
+
+  belongs_to :user
+
+  validates_presence_of :email
+  validates_presence_of :activation_token
+  validates_presence_of :hashed_password
+  validates_length_of :email, :maximum => EmailMaximumLength, :allow_nil => true
+  validates_format_of :activation_token, :with => TokenPattern, :allow_nil => true
+  validates_format_of :hashed_password, :with => HashedPasswordPattern, :allow_nil => true
+  validates_email_format_of :email,
+    :message => "%{fn}は有効なメールアドレスではありません。"
+  validates_uniqueness_of :email
+  validates_each(:user_id, :on => :create) { |record, attr, value|
+    if record.user && record.user.email_credentials(true).size >= MaximumRecordsPerUser
+      record.errors.add(attr, "これ以上%{fn}に#{_(record.class.to_s.downcase)}を追加できません。")
+    end
+  }
+
+  before_validation_on_create { |record|
+    if record.activation_token.blank?
+      record.activation_token = record.class.create_unique_activation_token
+    end
+  }
+
+  def self.create_unique_activation_token
+    return TokenUtil.create_unique_token(self, :activation_token, TokenLength)
+  end
+
+  def self.create_hashed_password(password)
+    salt = 8.times.map { rand(16).to_s(16) }.join
+    return salt + ":" + Digest::SHA256.hexdigest(salt + ":" + password)
+  end
+
+  def self.compare_hashed_password(password, hashed_password)
+    return false unless HashedPasswordPattern =~ hashed_password
+    salt, digest = $1, $2
+    return (Digest::SHA256.hexdigest(salt + ":" + password) == digest)
+  end
+
+  def self.authenticate(email, password)
+    credential = self.find_by_email(email)
+    return nil unless credential
+    return nil unless credential.authenticated?(password)
+    return credential
+  end
+
+  def authenticated?(password)
+    return false unless self.class.compare_hashed_password(password, self.hashed_password)
+    return false unless self.activated?
+    return true
+  end
+
+  def activated?
+    return !self.activated_at.nil?
+  end
+
+  def activate!
+    return false if self.activated?
+    self.update_attributes!(:activated_at => Time.now)
+    return true
+  end
+
+  def login!
+    self.update_attributes!(:loggedin_at => Time.now)
+  end
+end

data/app/models/email_credential_edit_form.rb

@@ -0,0 +1,52 @@
+# -*- coding: utf-8 -*-
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: active_forms
+#
+#  email                 :text
+#  password              :text
+#  password_confirmation :text
+#
+
+# メール認証情報編集フォーム
+class EmailCredentialEditForm < ActiveForm
+  PasswordLengthRange = 4..20
+  PasswordPattern     = /\A[\x21-\x7E]+\z/
+
+  column :email,                 :type => :text
+  column :password,              :type => :text
+  column :password_confirmation, :type => :text
+
+  N_("EmailCredentialEditForm|Email")
+  N_("EmailCredentialEditForm|Password")
+  N_("EmailCredentialEditForm|Password confirmation")
+
+  validates_presence_of :email
+  validates_presence_of :password
+  validates_presence_of :password_confirmation
+  validates_length_of :email, :maximum => EmailCredential::EmailMaximumLength, :allow_nil => true
+  validates_length_of :password, :in => PasswordLengthRange, :allow_nil => true
+  validates_format_of :password, :with => PasswordPattern, :allow_nil => true
+  validates_email_format_of :email,
+    :message => "%{fn}は有効なメールアドレスではありません。"
+  validates_each(:password) { |record, attr, value|
+    # MEMO: validates_confirmation_ofはpassword_confirmation属性を上書きしてしまうため、
+    #       ここでは使用できない。そのため、validates_confirmation_ofを参考に独自に実装。
+    confirmation = record.__send__("#{attr}_confirmation")
+    if confirmation.blank? || value != confirmation
+      record.errors.add(attr, :confirmation)
+    end
+  }
+
+  def masked_password
+    return self.password.to_s.gsub(/./, "*")
+  end
+
+  def to_email_credential_hash
+    return {
+      :email           => self.email,
+      :hashed_password => EmailCredential.create_hashed_password(self.password.to_s),
+    }
+  end
+end

data/app/models/email_login_form.rb

@@ -0,0 +1,24 @@
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: active_forms
+#
+#  email    :text
+#  password :text
+#
+
+# メールログインフォーム
+class EmailLoginForm < ActiveForm
+  column :email,    :type => :text
+  column :password, :type => :text
+
+  N_("EmailLoginForm|Email")
+  N_("EmailLoginForm|Password")
+
+  validates_presence_of :email
+  validates_presence_of :password
+
+  def authenticate
+    return EmailCredential.authenticate(self.email, self.password)
+  end
+end

data/app/models/email_password_edit_form.rb

@@ -0,0 +1,36 @@
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: active_forms
+#
+#  password              :text
+#  password_confirmation :text
+#
+
+# メール認証情報パスワード編集フォーム
+class EmailPasswordEditForm < ActiveForm
+  column :password,              :type => :text
+  column :password_confirmation, :type => :text
+
+  N_("EmailPasswordEditForm|Password")
+  N_("EmailPasswordEditForm|Password confirmation")
+
+  validates_presence_of :password
+  validates_presence_of :password_confirmation
+  validates_length_of :password, :in => EmailCredentialEditForm::PasswordLengthRange, :allow_nil => true
+  validates_format_of :password, :with => EmailCredentialEditForm::PasswordPattern, :allow_nil => true
+  validates_each(:password) { |record, attr, value|
+    # MEMO: validates_confirmation_ofはpassword_confirmation属性を上書きしてしまうため、
+    #       ここでは使用できない。そのため、validates_confirmation_ofを参考に独自に実装。
+    confirmation = record.__send__("#{attr}_confirmation")
+    if confirmation.blank? || value != confirmation
+      record.errors.add(attr, :confirmation)
+    end
+  }
+
+  def to_email_credential_hash
+    return {
+      :hashed_password => EmailCredential.create_hashed_password(self.password.to_s),
+    }
+  end
+end

data/app/models/open_id_credential.rb

@@ -0,0 +1,33 @@
+# -*- coding: utf-8 -*-
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: open_id_credentials
+#
+#  id           :integer       not null, primary key
+#  created_at   :datetime      not null
+#  user_id      :integer       not null, index_open_id_credentials_on_user_id
+#  identity_url :string(200)   not null, index_open_id_credentials_on_identity_url(unique)
+#  loggedin_at  :datetime
+#
+
+# OpenID認証情報
+class OpenIdCredential < ActiveRecord::Base
+  MaximumRecordsPerUser = 10
+
+  belongs_to :user
+
+  validates_presence_of :identity_url
+  validates_length_of :identity_url, :maximum => 200, :allow_nil => true
+  validates_format_of :identity_url, :with => URI.regexp(%w[http https]), :allow_nil => true
+  validates_uniqueness_of :identity_url
+  validates_each(:user_id, :on => :create) { |record, attr, value|
+    if record.user && record.user.open_id_credentials(true).size >= MaximumRecordsPerUser
+      record.errors.add(attr, "これ以上%{fn}に#{_(record.class.to_s.downcase)}を追加できません。")
+    end
+  }
+
+  def login!
+    self.update_attributes!(:loggedin_at => Time.now)
+  end
+end

data/app/models/open_id_login_form.rb

@@ -0,0 +1,17 @@
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: active_forms
+#
+#  openid_url :text
+#
+
+# OpenIDログインフォーム
+class OpenIdLoginForm < ActiveForm
+  column :openid_url, :type => :text
+
+  N_("OpenIdLoginForm|Openid url")
+
+  validates_presence_of :openid_url
+  validates_length_of :openid_url, :maximum => 200, :allow_nil => true
+end

data/app/models/session.rb

@@ -0,0 +1,19 @@
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: sessions
+#
+#  id         :integer       not null, primary key
+#  created_at :datetime      not null
+#  updated_at :datetime      not null, index_sessions_on_updated_at
+#  session_id :string(64)    not null, index_sessions_on_session_id(unique)
+#  data       :text
+#
+
+# セッション
+class Session < ActiveRecord::Base
+  def self.cleanup(seconds)
+    self.delete_all(["(sessions.updated_at < ?)", Time.now - seconds])
+    return nil
+  end
+end

data/app/models/user.rb

@@ -0,0 +1,37 @@
+# -*- coding: utf-8 -*-
+# == Schema Information
+# Schema version: 20090529051529
+#
+# Table name: users
+#
+#  id         :integer       not null, primary key
+#  created_at :datetime      not null
+#  updated_at :datetime      not null
+#  user_token :string(40)    not null, index_users_on_user_token(unique)
+#  nickname   :string(40)
+#
+
+# ユーザ
+class User < ActiveRecord::Base
+  NicknameMaximumLength = 40
+  TokenLength  = 20
+  TokenPattern = TokenUtil.create_token_regexp(TokenLength)
+
+  has_many :open_id_credentials
+  has_many :email_credentials
+
+  validates_presence_of :user_token
+  validates_length_of :nickname, :maximum => NicknameMaximumLength, :allow_nil => true
+  validates_format_of :user_token, :with => TokenPattern, :allow_nil => true
+  validates_uniqueness_of :user_token
+
+  before_validation_on_create { |record|
+    if record.user_token.blank?
+      record.user_token = record.class.create_unique_user_token
+    end
+  }
+
+  def self.create_unique_user_token
+    return TokenUtil.create_unique_token(self, :user_token, TokenLength)
+  end
+end

data/app/views/activation_mailer/complete_for_credential.erb

@@ -0,0 +1,4 @@
+メールアドレス認証の登録が完了しました。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/activation_mailer/complete_for_notice.erb

@@ -0,0 +1,4 @@
+通知先メールアドレスの登録が完了しました。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/activation_mailer/complete_for_signup.erb

@@ -0,0 +1,4 @@
+ユーザ登録が完了しました。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/activation_mailer/request_for_credential.erb

@@ -0,0 +1,11 @@
+メールアドレス認証を登録します。
+下記のURLへアクセスすることにより、登録が完了します。
+
+<%= @activation_url %>
+
+※ 携帯電話等でのアクセスに関して
+現時点では、Cookieに対応していない携帯電話等からは登録を行うことができません。
+お手数ではございますが、本メールをPC等に転送した上で、登録をお願いいたします。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/activation_mailer/request_for_notice.erb

@@ -0,0 +1,11 @@
+通知先メールアドレスを登録します。
+下記のURLへアクセスすることにより、登録が完了します。
+
+<%= @activation_url %>
+
+※ 携帯電話等でのアクセスに関して
+現時点では、Cookieに対応していない携帯電話等からは登録を行うことができません。
+お手数ではございますが、本メールをPC等に転送した上で、登録をお願いいたします。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/activation_mailer/request_for_signup.erb

@@ -0,0 +1,11 @@
+<%= MultiAuth.application_name %>へのユーザ登録、ありがとうございます。
+下記のURLへアクセスすることにより、登録が完了します。
+
+<%= @activation_url %>
+
+※ 携帯電話等でのアクセスに関して
+現時点では、Cookieに対応していない携帯電話等からは登録を行うことができません。
+お手数ではございますが、本メールをPC等に転送した上で、登録をお願いいたします。
+
+-- 
+<%= MultiAuth.application_name %>

data/app/views/auth/email/index.html.erb

@@ -0,0 +1,90 @@
+
+<%- @title = "ログイン" -%>
+<%- @enable_side_column = false -%>
+
+<%- additional_head { -%>
+  <style type="text/css">
+    #dialog
+    {
+        margin: 100px auto;
+        padding: 15px;
+        width: 400px;
+        border-width: 1px;
+        border-style: solid;
+        border-color: #CCCCCC;
+    }
+    #dialog h1
+    {
+        margin: 0 0 0.4em 0;
+        color: #666666;
+        font-size: 130%;
+        font-weight: bold;
+    }
+
+    table#email-login
+    {
+        margin: 0 auto;
+        border-collapse: collapse;
+        border-width: 0px;
+    }
+
+    table#email-login th,
+    table#email-login td
+    {
+        padding: 5px;
+        border-width: 0px;
+    }
+
+    table#email-login th
+    {
+        text-align: right;
+        font-size: 95%;
+        font-weight: bold;
+        vertical-align: top;
+        color: #666666;
+    }
+    table#email-login td
+    {
+        color: #333333;
+    }
+
+    div.fieldWithErrors label
+    {
+        color: #990000;
+    }
+    div.formError
+    {
+        font-size: 80%;
+        color: #990000;
+    }
+  </style>
+<%- } -%>
+
+<div id="dialog">
+  <h1>ログイン</h1>
+  <%- form_for(:login_form, @login_form, :url => {:action => "login"}) { |f| -%>
+    <table id="email-login">
+      <tr>
+        <th><%= f.label(:email) %></th>
+        <td>
+          <%= f.text_field(:email, :size => 30) %>
+          <%= error_message_on(:login_form, :email) %>
+        </td>
+      </tr>
+      <tr>
+        <th><%= f.label(:password) %></th>
+        <td>
+          <%= f.password_field(:password, :size => 30) %>
+          <%= error_message_on(:login_form, :password) %>
+        </td>
+      </tr>
+    </table>
+    <div style="text-align: center;"><%= submit_tag("ログイン") %></div>
+  <%- } -%>
+</div>
+
+<%- unless production? -%>
+  <div class="debug">
+    <%= error_messages_for(:login_form) %>
+  </div>
+<%- end -%>

data/app/views/auth/logged_in.html.erb

@@ -0,0 +1,21 @@
+
+<%- @title = "ログインしました" -%>
+<%- @enable_side_column = false -%>
+<%- @stylesheets = %[auth] -%>
+
+<%- additional_head { -%>
+  <%# MEMO: meta要素による自動遷移は無効化されている可能性があるため、JavaScriptによる遷移を併用する %>
+  <meta http-equiv="refresh" content="1; URL=<%= URI.escape(@return_path) %>" />
+  <script type="text/javascript">
+    // <![CDATA[
+    setTimeout(function() {
+      window.location = "<%= URI.escape(@return_path) %>";
+    }, 2000);
+    // ]]>
+  </script>
+<%- } -%>
+
+<div id="dialog">
+  <h1>ログインしました</h1>
+  <div class="message">ページが切り替わらない場合は <%= link_to(h(@return_path), @return_path) %> をクリックしてください。</div>
+</div>

data/app/views/auth/logged_out.html.erb

@@ -0,0 +1,21 @@
+
+<%- @title = "ログアウトしました" -%>
+<%- @enable_side_column = false -%>
+<%- @stylesheets = %[auth] -%>
+
+<%- additional_head { -%>
+  <%# MEMO: meta要素による自動遷移は無効化されている可能性があるため、JavaScriptによる遷移を併用する %>
+  <meta http-equiv="refresh" content="1; URL=<%= URI.escape(@return_path) %>" />
+  <script type="text/javascript">
+    // <![CDATA[
+    setTimeout(function() {
+      window.location = "<%= URI.escape(@return_path) %>";
+    }, 2000);
+    // ]]>
+  </script>
+<%- } -%>
+
+<div id="dialog">
+  <h1>ログアウトしました</h1>
+  <div class="message">ページが切り替わらない場合は <%= link_to(h(@return_path), @return_path) %> をクリックしてください。</div>
+</div>

data/app/views/auth/open_id/index.html.erb

@@ -0,0 +1,16 @@
+
+<%- @title = "ログイン" -%>
+
+<h1>OpenID によるログイン</h1>
+
+<%- form_tag(:action => "login") { -%>
+  <table border="1">
+    <tr>
+      <th><%= label_tag(:openid_url, "OpenID") %></th>
+      <td>
+        <%= text_field_tag(:openid_url, "", :size => 30) %>
+      </td>
+    </tr>
+  </table>
+  <div><%= submit_tag("ログイン") %></div>
+<%- } -%>

data/app/views/credentials/email/activated.html.erb

@@ -0,0 +1,4 @@
+
+<%- @title = "登録完了" -%>
+
+<h1><%=h @title %></h1>

data/app/views/credentials/email/activation.html.erb

@@ -0,0 +1,15 @@
+
+<%- @title = "アクティベーション" -%>
+
+<h1><%=h @title %></h1>
+
+<table border="1">
+  <tr>
+    <th>メールアドレス</th>
+    <td><%=h @email_credential.email %></td>
+  </tr>
+</table>
+
+<%- form_tag(:action => "activate") { -%>
+  <div><%= submit_tag("登録") %></div>
+<%- } -%>

data/app/views/credentials/email/created.html.erb

@@ -0,0 +1,15 @@
+
+<%- @title = "仮登録完了" -%>
+<%- @topic_path << ["トップ", root_path] -%>
+<%- @topic_path << ["ログイン設定", url_for(:controller => "/credentials")] -%>
+<%- @topic_path << [@title] -%>
+
+<h1><%=h @title %></h1>
+
+<div>指定されたメールアドレスにメールを送信しました。メールに記載されたURLにアクセスして、登録を完了してください。</div>
+<div><%= link_to(h("ログイン設定に戻る"), :controller => "/credentials", :action => "index") %></div>
+
+<%- unless production? -%>
+  <hr />
+  <%= link_to(h("アクティベーション"), :controller => "credentials/email", :action => "activation", :activation_token => @email_credential.activation_token) %>
+<%- end -%>