persistent_cookie_authentication_generator 0.0.1

data/templates/smtp_tls.rb

@@ -0,0 +1,67 @@
+require "openssl"
+require "net/smtp"
+
+Net::SMTP.class_eval do
+  private
+  def do_start(helodomain, user, secret, authtype)
+    raise IOError, 'SMTP session already started' if @started
+    check_auth_args user, secret, authtype if user or secret
+
+    sock = timeout(@open_timeout) { TCPSocket.open(@address, @port) }
+    @socket = Net::InternetMessageIO.new(sock)
+    @socket.read_timeout = 60 #@read_timeout
+    #@socket.debug_output = STDERR #@debug_output
+
+    check_response(critical { recv_response() })
+    do_helo(helodomain)
+
+    if starttls
+      raise 'openssl library not installed' unless defined?(OpenSSL)
+      ssl = OpenSSL::SSL::SSLSocket.new(sock)
+      ssl.sync_close = true
+      ssl.connect
+      @socket = Net::InternetMessageIO.new(ssl)
+      @socket.read_timeout = 60 #@read_timeout
+      #@socket.debug_output = STDERR #@debug_output
+      do_helo(helodomain)
+    end
+
+    authenticate user, secret, authtype if user
+    @started = true
+  ensure
+    unless @started
+      # authentication failed, cancel connection.
+      @socket.close if not @started and @socket and not @socket.closed?
+      @socket = nil
+    end
+  end
+
+  def do_helo(helodomain)
+     begin
+      if @esmtp
+        ehlo helodomain
+      else
+        helo helodomain
+      end
+    rescue Net::ProtocolError
+      if @esmtp
+        @esmtp = false
+        @error_occured = false
+        retry
+      end
+      raise
+    end
+  end
+
+  def starttls
+    getok('STARTTLS') rescue return false
+    return true
+  end
+
+  def quit
+    begin
+      getok('QUIT')
+    rescue EOFError, OpenSSL::SSL::SSLError
+    end
+  end
+end

data/templates/user.rb

@@ -0,0 +1,147 @@
+require 'digest/sha1'
+
+class User < ActiveRecord::Base
+    
+    belongs_to :identity
+
+    attr_accessor :new_password
+
+    after_save '@new_password = false'
+    after_validation :crypt_password
+
+    validates_presence_of :login
+    validates_length_of :login, :within => 3..40
+    validates_uniqueness_of :login
+    
+    validates_presence_of :email
+    validates_uniqueness_of :email
+
+    validates_presence_of :password, :if => :validate_password?
+    validates_confirmation_of :password, :if => :validate_password?
+    validates_length_of :password, { :minimum => 5, :if => :validate_password? }
+    validates_length_of :password, { :maximum => 40, :if => :validate_password? }
+
+
+    #initialising
+    def initialize(attributes = nil)
+      super
+      @new_password = false
+    end
+
+    
+    
+    #authentiacation
+    def self.authenticate(login, password)
+      userFound = find(:first, :conditions => ["login = ? AND verified = 1", login])
+        
+      if userFound != nil
+        authenticatedUser = find(:first, :conditions => ["login = ? AND verified = 1 AND salted_password = ?", login, salted_password(userFound.salt, hashed(password)) ])
+        if authenticatedUser != nil
+          return authenticatedUser.identity_id 
+        else
+          return 0
+        end
+      else
+        return 0
+      end
+    end
+
+    
+    
+    #authenticate by token
+    def self.authenticate_by_token(id, token)
+      userFound = find(:first, :conditions => ["id = ? AND security_token = ?", id, token])
+
+      if userFound.nil? or !userFound.update_verified
+        return false
+      else
+        return true
+      end
+    end
+
+    
+    
+    # update the token
+    def update_verified
+      write_attribute("verified", 1)
+      update_without_callbacks
+    end
+
+
+    
+    #generate a security token
+    def generate_security_token(hours = nil)
+      if not hours.nil? or self.security_token.nil? 
+        return new_security_token(hours)
+      else
+        return self.security_token
+      end
+    end
+
+
+
+    # changing the password
+    def change_password(pass, confirm = nil)
+      self.password = pass
+      self.password_confirmation = confirm.nil? ? pass : confirm
+      @new_password = true
+    end
+    
+
+
+    # generate a random password
+    def generate_random_string(password_length)
+      chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
+      newPassword = ""
+      1.upto(password_length) { |i| newPassword << chars[rand(chars.size-1)] }
+      return newPassword
+    end
+
+
+    
+    protected
+
+    attr_accessor :password, :password_confirmation
+  
+  
+    # validating the password
+    def validate_password?
+        @new_password
+    end
+
+
+
+    # hashing a string
+    def self.hashed(str)
+      return Digest::SHA1.hexdigest("change-me--#{str}--")[0..39]
+    end
+
+
+  
+    # encrypting the password
+    def crypt_password
+      if @new_password
+        write_attribute("salt", self.class.hashed("salt-#{Time.now}"))
+        write_attribute("salted_password", self.class.salted_password(salt, self.class.hashed(@password)))
+      end
+    end
+
+    
+    
+    # security token
+    def new_security_token(hours = nil)
+      write_attribute('security_token', self.class.hashed(self.salted_password + Time.now.to_i.to_s + rand.to_s))
+      update_without_callbacks
+      return self.security_token
+    end
+
+
+    
+    # salting the password. can i add sugar instead?
+    def self.salted_password(salt, hashed_password)
+      hashed(salt + hashed_password)
+    end
+
+end
+
+

data/templates/user_change_password.rhtml

@@ -0,0 +1,22 @@
+<h1>Change Password</h1>
+
+<% if flash[:notice] %><div class="notice"><%= flash[:notice] %></div><% end %>
+
+<% form_for(:user, :url => { :action => 'update_password' }) do |f| %>
+  <table>
+    <tr>
+      <td>Current Password</td>
+      <td><%= password_field_tag 'current_password' %></td>
+    </tr>
+    <tr>
+      <td>New Password</td>
+      <td><%= f.password_field(:password) %></td>
+    </tr>
+    <tr>
+      <td>New Password confirmation</td>
+      <td><%= f.password_field(:password_confirmation) %></td>
+    </tr>
+  </table>
+
+  <p><%= submit_tag 'Change Password' %></p>
+<% end %>

data/templates/user_controller.rb

@@ -0,0 +1,302 @@
+class UserController < ApplicationController
+
+    before_filter :login_required, :only => [:logout, :change_password, :update_password, :edit, :update, :welcome, :show]
+
+    # login landing page
+    def login
+    end
+
+
+
+    # the login part
+    def user_login    	    
+      resetSession
+      userIdentity = User.authenticate(params[:user][:login], params[:user][:password])
+
+      if userIdentity > 0
+        flash[:notice] = "Welcome"
+        setCurrentIdentity(userIdentity, PRIVATE_STATE)
+        setCookie(userIdentity, cookies[COOKIE_NAME])
+    	redirect_back_or_default :action => 'show'
+      else
+        flash[:notice] = "Wrong user name or password. Please try again"
+        redirect_to :action => 'login'
+      end
+    end
+
+
+    
+    # the logout part
+    def logout
+      resetSession
+      flash[:notice] = "You have logged out"
+      redirect_to :action => 'login'
+    end
+
+
+
+    # sign up page
+    def signup
+    end
+
+
+
+    # creating the user and sending the sign up email
+    def user_signup
+      #defensive programming
+      if params[:user] == nil
+        raise "null input"
+      end
+
+      @user = User.new(params[:user])
+      @user.new_password = true
+  
+      #creating the identity for it
+      @identity = Identity.new
+
+      if !@identity.save
+        raise "cannot create identity"
+      end
+
+      @user.identity = @identity
+
+      if @user.save
+        key = @user.generate_security_token
+        url = url_for(:action => 'welcome')
+        url += "?user[id]=#{@user.id}&key=#{key}"
+		  
+        UserNotify.deliver_signup(@user, params[:user][:password], url)
+        flash[:notice] = "Sign up has succeeded. Please check your email for activation instructions"
+        redirect_to :action => 'login'
+      else
+        @identity.destroy #clears the identity as the user is not valid
+
+        if @user.errors.empty? == false
+          showErr(@user)
+          redirect_to :action => 'signup'
+        else
+          raise "Problem saving the user"
+        end
+      end
+    end  
+
+
+    
+    # change password form
+    def change_password
+    end
+
+
+
+    # changing the password
+    def update_password
+      @user = getCurrentUser     
+
+      if User.authenticate(@user.login, params[:current_password]) != 0
+        @user.change_password(params[:user][:password], params[:user][:password_confirmation])
+    
+        if @user.save
+          UserNotify.deliver_change_password(@user, params[:user][:password])
+          flash[:notice] = "Password is changed successfully"
+          redirect_to :action => 'show'
+        else
+          if @user.errors.empty? == false
+            showErr(@user)
+            redirect_to :action => 'change_password'
+          else
+            raise "Problem updating the password"
+          end
+        end
+      else
+         flash[:notice] = "Your previous password is incorrect. Please try again"
+         redirect_to :action => 'change_password'
+      end
+    end
+
+
+
+    # forgot your pasword page
+    def forgot_password
+    end
+
+
+
+    # send the user an email with the new password
+    def send_new_password
+      # defensive programming
+      if params[:user] == nil
+        raise "null inputs"
+      end
+
+      @user = User.find_by_email(params[:user][:email])	
+
+      if @user != nil      	  
+        randomPassword = @user.generate_random_string(8)
+        @user.change_password(randomPassword, randomPassword)
+
+        if @user.save
+          UserNotify.deliver_forgot_password(@user, randomPassword)
+          flash[:notice] = "Email is sent successfully"
+          redirect_back_or_default :action => 'login'
+        else
+          raise "failed to save password changes"
+        end
+
+      else
+        flash[:notice] = "The email is not valid"
+        redirect_to :action => 'login',  :controller => 'user'
+      end
+    end
+
+
+
+    # editing the user
+    def edit       
+      @user = getCurrentUser 
+    end
+
+
+    
+    # updating the user details
+    def update
+      @user = getCurrentUser
+
+      if @user.update_attributes(params[:user])
+        flash[:notice] = "Update is successful"
+        redirect_to :action => 'show'
+      else
+        if @user.errors.empty? == false
+          showErr(@user)
+          redirect_to :action => 'edit'
+        else
+          raise "Problem saving the user."
+        end
+      end        
+    end
+
+   
+
+    # welcome screen
+    def welcome
+      # defensive programming
+      if params[:user] == nil
+        redirect_to :action => 'login'
+      end
+
+      @user = User.new(params[:user])
+	
+      if User.authenticate_by_token(params[:user][:id], params[:key])  
+        flash[:notice] = "Verification successful. Please Login"
+      	redirect_to :action => 'login'
+      else
+        flash[:notice] = "Verification unsuccessful. Please try again in a moment's time"
+        redirect_to :action => 'login'
+      end
+    end
+
+
+    
+    # the user home page
+    def show
+      @user = getCurrentUser		
+    end
+
+
+    private    
+    
+    
+    
+    # showing the errors if there're
+    def showErr(obj)
+      # defensive programming
+      if obj == nil
+        raise "null inputs"
+      end
+
+      errMsg = String.new
+	  obj.errors.each_full { |msg| errMsg << msg << ". " }
+	  flash[:notice] = "Oops...There're some errors. " + errMsg
+    end
+
+
+
+    # sets the cookie for this identity on the browser 
+    def setCookie(identityID, cookieValue)
+      if cookieValue != nil && cookieValue.length > 0
+        if LoginCookie.verifyIdentity(cookieValue, identityID)
+          newCookie = LoginCookie.regenerateCookie(cookieValue)
+          associateWithIdentity(newCookie, LoginCookie.getIdentity(cookieValue))
+          cookies[COOKIE_NAME] = { :value => newCookie, :expires => 10.years.from_now } 
+        elsif LoginCookie.isAnonymousIdentity(cookieValue) 
+          mergeIdentity(cookieValue, identityID)
+        else
+          newCookie = LoginCookie.generateCookie(getCurrentUser.login, nil)
+          associateWithIdentity(newCookie, identityID)
+          cookies[COOKIE_NAME] = { :value => newCookie, :expires => 10.years.from_now } 
+        end
+      else
+        newCookie = LoginCookie.generateCookie(getCurrentUser.login, nil)
+        associateWithIdentity(newCookie, identityID)
+        cookies[COOKIE_NAME] = { :value => newCookie, :expires => 10.years.from_now } 
+      end
+    end
+
+
+
+    # merge the anonymous identity to a known identity(identity which has a user)
+    def mergeIdentity(anonymousCookieValue, knownIdentityID)
+      # defensive programming
+      if anonymousCookieValue == nil || knownIdentityID == nil
+        return false
+      end
+
+      return false if !LoginCookie.isAnonymous(anonymousCookieValue)
+
+      loginValue = LoginCookie.getCookieLogin(anonymousCookieValue)
+
+      #getting the both anonymous user's identity and the known identity
+      anonymousCookie = LoginCookie.find(:first, :conditions => ["login = ?", loginValue])
+      anonymousIdentity = anonymousCookie.identity
+
+      knownIdentity = Identity.find(knownIdentityID)
+
+      return false if anonymousIdentity == nil || knownIdentity == nil
+      
+      #transferring the cookies
+      anonymousIdentity.login_cookies.each { |cookie|
+        cookie.identity_id = knownIdentity.id
+        cookie.save
+      }
+
+      #finally send the identity to its grave
+      anonymousIdentity.destroy
+
+      return true
+    end
+
+
+    
+    # associating the cookie with the identity
+    def associateWithIdentity(cookieValue, identityID)
+      #defensive programming
+      if identityID == nil || identityID == 0 || cookieValue == nil
+        raise "null inputs"
+      end
+
+      userIdentity = Identity.find(identityID)
+      cookieFound = LoginCookie.getCookieRef(cookieValue)
+
+      if userIdentity != nil && cookieFound != nil
+      
+        if userIdentity.login_cookies == nil
+          userIdentity.login_cookies = cookieFound
+        else
+          userIdentity.login_cookies << cookieFound
+        end
+
+        userIdentity.save
+      end
+    end
+
+end
+