persistent_cookie_authentication_generator 0.0.1

data/templates/user_show.rhtml

@@ -0,0 +1,15 @@
+  <p><h2>User Details</h2></p><br/>
+
+  <% if flash[:notice] %><div class="notice"><%= flash[:notice] %></div><% end %>
+ 
+  <% for column in User.columns %>
+    <p>
+      <b class="attribute"><%= column.human_name %>:</b> <%=h @user.send(column.name) %>
+    </p>
+  <% end %>
+
+  
+  <p><%= button_to 'Edit My Details', :action => 'edit' %></p>
+  <p><%= button_to 'Change Password', :action => 'change_password' %></p>
+  <p><%= button_to 'Log out', :action => 'logout' %></p>
+  

data/templates/user_signup.rhtml

@@ -0,0 +1,29 @@
+<h1>Sign up</h1>
+
+<% if flash[:notice] %><div class="notice"><%= flash[:notice] %></div><% end %>
+
+<% form_for(:user, :url => { :action => 'user_signup' }) do |f| %>
+  <table>
+    <tr>
+      <td>Login ID(3-40 characters)</td>
+      <td><%= f.text_field(:login) %></td>
+    </tr>
+    <tr>
+      <td>Email</td>
+      <td><%= f.text_field(:email) %></td>
+    </tr>
+    <tr>
+      <td>Password(5-40 characters)</td>
+      <td><%= f.password_field(:password) %></td>
+    </tr>
+    <tr>
+      <td>Password confirmation</td>
+      <td><%= f.password_field(:password_confirmation) %></td>
+    </tr>
+  </table>
+
+  <p><%= submit_tag 'Sign Up' %></p>
+<% end %>
+
+
+

data/templates/user_system.rb

@@ -0,0 +1,158 @@
+require 'cgi'
+
+module UserSystem
+
+  protected
+
+  # check if the user is logged in. sends it to the log in page if it isnt.
+  def login_required
+ 
+    #check if the identity is not null(0), and the state is private
+    return true if session['identity'] != 0 and session['state'] == PRIVATE_STATE
+
+    # If not, is the user being authenticated by a token?
+    if params['user'] != nil
+      id = params['user']['id']
+      key = params['key']
+
+      if id and key
+        return true if User.authenticate_by_token(id, key)
+      end
+    end
+
+    # store current location so that we can come back after the user logged in
+    store_location
+ 
+    # call overwriteable reaction to unauthorized access
+    redirect_to :controller => "/user", :action => "login"
+
+    return false 
+  end
+
+
+
+  # checks if the browser has a cookie
+  def cookie_required
+    
+    #if it is in the protected/private state
+    if session['state'] != nil and session['state'] >= PROTECTED_STATE and session['identity'] != nil and session['identity'] > 0
+      return true
+    else
+
+      #set the cookie and reload, cos it wont be loaded in the current request
+      if session['cookie-set'] == nil  
+        store_location
+        session['cookie-set'] = "true"
+        cookies[COOKIE_NAME] =  { :value => LoginCookie.requireCookie(cookies[COOKIE_NAME]), :expires => 10.years.from_now }
+        redirect_back_or_default :action => 'login', :controller => 'user'
+      else
+        session['cookie-set'] = nil
+
+        #making sure the cookie is saved in the browser
+        identityID = LoginCookie.getIdentity(cookies[:hushyhushy])
+
+        if identityID > 0
+          setCurrentIdentity(identityID, PROTECTED_STATE)
+          return true
+        else
+          #force user to log in if cookies is not enabled
+          setCurrentIdentity(0, PUBLIC_STATE)
+
+          # store current location so that we can come back after the user logged in
+          store_location
+
+          # call overwriteable reaction to unauthorized access
+          redirect_to :controller => "/user", :action => "login"
+
+          return false
+        end
+
+      end
+    
+    end
+
+  end
+
+
+
+
+  # store current uri in  the session.
+  def store_location
+    session['return-to'] = request.request_uri
+
+    if request.post?
+      requestHash = request.parameters
+      requestHash.delete("commit")
+      requestHash.merge(request.path_parameters)
+
+      session['request-params'] = requestHash 
+    end
+  end
+
+
+
+  # move to the last store_location call or to the passed default one
+  def redirect_back_or_default(default)
+    if session['return-to'].nil?
+      redirect_to default
+    else
+      if session['request-params'].nil?
+        redirect_to session['return-to']
+      else
+        redirect_to session['request-params']
+        session['request-params'] = nil
+      end
+
+      session['return-to'] = nil
+    end
+  end
+
+
+
+  # resets the state and the identity
+  def resetSession
+    session['identity'] = 0
+    session['state'] = 0
+  end
+
+
+
+  # check that the status of the states
+  def checkPrivateState
+    if !(session['identity'] != nil && session['identity'] != 0 && session['state'] != nil && session['state'] == 2)
+      raise "not private state"
+    end
+  end
+
+  def checkProtectedState
+    if !(session['identity'] != nil && session['identity'] != 0 && session['state'] != nil && session['state'] >= 1)
+      raise "not protected state"
+    end
+  end
+
+
+    
+  # returns the user from the current session
+  def getCurrentUser
+    checkPrivateState
+    @identity = Identity.find(session['identity'])
+    
+    if @identity != nil && @identity.user != nil
+      return @identity.user
+    else
+      raise "user not found"
+    end
+  end  
+
+
+
+  # sets the identity
+  def setCurrentIdentity(identity, state)
+    raise "bad state" if state != PUBLIC_STATE and state != PROTECTED_STATE and state != PRIVATE_STATE
+
+    session['identity'] = identity
+    session['state'] =  state
+  end
+
+
+end

data/templates/user_test.rb

@@ -0,0 +1,72 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < Test::Unit::TestCase
+  
+  fixtures :users
+    
+  def test_auth
+    bobIdentityID = User.authenticate("bob", "atest")
+    assert_equal 1, bobIdentityID    
+  end
+
+
+  def test_bad_auth
+    funnyBobID = User.authenticate("funnybob", "atest")
+    assert_equal 0, funnyBobID
+  end
+
+
+  def test_password_change
+    @longbob = User.find(3)    
+    @longbob.change_password("nonbobpasswd")
+    @longbob.save
+    assert_equal @longbob.identity_id, User.authenticate("longbob", "nonbobpasswd")
+    assert_equal 0, User.authenticate("longbob", "alongtest")
+    @longbob.change_password("alongtest")
+    @longbob.save
+    assert_equal @longbob.identity_id, User.authenticate("longbob", "alongtest")
+    assert_equal 0, User.authenticate("longbob", "nonbobpasswd")
+  end
+  
+
+
+  def test_update_login
+    @user = User.find(1)
+    assert_equal "bob", @user.login
+	@user.login = "wow"
+	assert @user.save, @user.errors.full_messages.join("; ")
+	@user.reload
+	assert_equal "wow", @user.login
+  end
+
+
+
+  def test_update_verified
+    @user = User.find(1)
+    assert_equal 1, @user.verified
+	@user.verified = 0
+	assert @user.save, @user.errors.full_messages.join("; ")
+	@user.reload
+	assert_equal 0, @user.verified
+  end
+
+
+
+  def test_update_identity_id
+    @user = User.find(1)
+    assert_equal 1, @user.identity_id
+	@user.identity_id = 20
+	assert @user.save, @user.errors.full_messages.join("; ")
+	@user.reload
+	assert_equal 20, @user.identity_id
+  end
+
+
+
+  def test_destroy
+    @user = User.find(1)
+    @user.destroy
+	assert_raise(ActiveRecord::RecordNotFound) {User.find(1)}
+  end
+    
+end

data/templates/users.yml

@@ -0,0 +1,46 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+
+bob:
+  id: 1
+  login: bob
+  salted_password: ef94c16f6c124a4e84cc215c164767bfa25f6e92 # atest
+  salt: 7f8b036f9b647d46d22abdbfc8113f44a88f9889
+  email: bob@test.com
+  verified: 1
+  identity_id: 1
+  
+existingbob:
+  id: 2
+  login: existingbob
+  salted_password: 99d6b680d4bfa81cbd383ffa0390bb03323a0b9a # atest
+  salt: fc76daa7bc4e4b7833375cf9deca38beee4c5581
+  email: existingbob@test.com
+  verified: 1  
+  identity_id: 2
+
+longbob:
+  id: 3
+  login: longbob
+  salted_password: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
+  salt: c068e3671780f16898c0a8295ae8d82cc59713e2
+  email: longbob@test.com
+  verified: 1
+  identity_id: 3
+  
+deletebob1:
+  id: 4
+  login: deletebob1
+  salted_password: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
+  salt: c068e3671780f16898c0a8295ae8d82cc59713e2
+  email: deletebob1@test.com
+  verified: 1
+  identity_id: 4
+  
+deletebob2:
+  id: 5
+  login: deletebob2
+  salted_password: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
+  salt: c068e3671780f16898c0a8295ae8d82cc59713e2
+  email: deletebob2@test.com
+  verified: 1
+  identity_id: 5

metadata

@@ -0,0 +1,78 @@
+--- !ruby/object:Gem::Specification 
+name: persistent_cookie_authentication_generator
+version: !ruby/object:Gem::Version 
+  version: 0.0.1
+platform: ruby
+authors: 
+- Wong Liang Zan
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2008-07-05 00:00:00 +08:00
+default_executable: 
+dependencies: []
+
+description: Generates Rails code for an authentication system and persistent cookie management.
+email: zan@liangzan.net
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- MIT-LICENCE
+- USAGE
+- persistent_cookie_authentication_generator.rb
+- templates/identities.yml
+- templates/identity.rb
+- templates/login_cookie.rb
+- templates/login_cookies.yml
+- templates/migration.rb
+- templates/smtp_tls.rb
+- templates/user_change_password.rhtml
+- templates/user_controller.rb
+- templates/user_edit.rhtml
+- templates/user_environment.rb
+- templates/user_forgot_password.rhtml
+- templates/user_integration_test.rb
+- templates/user_login.rhtml
+- templates/user_notify_change_password.rhtml
+- templates/user_notify_forgot_password.rhtml
+- templates/user_notify.rb
+- templates/user_notify_signup.rhtml
+- templates/user.rb
+- templates/user_show.rhtml
+- templates/user_signup.rhtml
+- templates/users.yml
+- templates/user_system.rb
+- templates/user_test.rb
+has_rdoc: false
+homepage: http://liangzan.net
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: http://per-cookie-auth.rubyforge.org
+rubygems_version: 1.2.0
+signing_key: 
+specification_version: 1
+summary: Authentication ssytem with persistent cookie management
+test_files: []
+