quo_vadis 1.4.2 → 2.0.0

data/app/mailers/quo_vadis/notifier.rb

@@ -1,30 +0,0 @@
-module QuoVadis
-  class Notifier < ActionMailer::Base
-
-    # Sends an email to <tt>user</tt> with a link to a page where they
-    # can change their password.
-    def change_password(user)
-      @username = user.username
-      @url = change_password_url user.token
-      mail :to => user.email, :from => QuoVadis.from, :subject => I18n.t('quo_vadis.notifier.change_password.subject')
-    end
-
-    # Sends an email to <tt>user</tt> with a link to a page where they
-    # can choose their username and password.
-    #
-    # `data` - hash of data to pass to view via instance variables.  A key of `:foo`
-    #          will be available via `@foo`.  `:from` and `:subject` are deleted from
-    #          the hash and used to override `QuoVadis#from` and `#subject_invitation`.
-    def invite(user, data = {})
-      @user = user
-      @url = invitation_url user.token
-      
-      from    = data.delete(:from)    || QuoVadis.from
-      subject = data.delete(:subject) || I18n.t('quo_vadis.notifier.invite.subject')
-
-      data.each { |k,v| instance_variable_set :"@#{k}", v }
-      mail :to => user.email, :from => from, :subject => subject
-    end
-
-  end
-end

data/app/models/model_mixin.rb

@@ -1,128 +0,0 @@
-require 'bcrypt'
-
-module ModelMixin
-
-  def self.included(base)
-    base.send :extend, ClassMethods
-  end
-
-  module ClassMethods
-    # Adds methods to set and authenticate against a password stored encrypted by BCrypt.
-    # Also adds methods to generate and clear a token, used to retrieve the record of a
-    # user who has forgotten their password.
-    #
-    # Note that if a password isn't supplied when creating a user, the error will be on
-    # the `password_digest` attribute.
-    def authenticates
-      send :include, InstanceMethodsOnActivation
-
-      attr_reader    :password
-      attr_protected :password_digest
-
-      validates :username,        :presence => true, :uniqueness => {case_sensitive: false}, :if => :should_authenticate?
-      validates :password_digest, :presence => true, :if => :should_authenticate?
-
-      scope :valid_token, lambda { |token| where("token = ? AND token_created_at > ?", token, 24.hours.ago) }
-
-      instance_eval <<-END, __FILE__, __LINE__ + 1
-        # Returns the user with the given <tt>username</tt> if the given password is
-        # correct, and <tt>nil</tt> otherwise.
-        def authenticate(username, plain_text_password)
-          return nil unless username.present?
-          user = where(:username => username).first
-          if user && user.has_matching_password?(plain_text_password)
-            user
-          else
-            nil
-          end
-        end
-
-        def find_by_salt(id, salt) # :nodoc:
-          user = find_by_id id
-          if user && user.has_matching_salt?(salt)
-            user
-          else
-            nil
-          end
-        end
-
-        # [Deprecated] Instantiates a user suitable for user-activation.
-        #
-        # NOTE: use instance method `#randomise_credentials` instead.
-        def new_for_activation(attributes = nil)
-          user = new attributes
-          user.randomise_credentials
-          user
-        end
-      END
-    end
-  end
-
-  module InstanceMethodsOnActivation
-    # Override this in your model if you need to bypass the Quo Vadis validations.
-    def should_authenticate?
-      true
-    end
-
-    # Sets the `username` and `password` to random values.
-    # Use this for a user who should authenticate where they need to activate
-    # themselves first.
-    def randomise_credentials
-      begin
-        self.username = SecureRandom.base64(10)
-      end while self.class.exists?(:username => username)
-      self.password = SecureRandom.base64(10)
-    end
-
-    def password=(plain_text_password) # :nodoc:
-      @password = plain_text_password
-      unless @password.blank?
-        self.password_digest = BCrypt::Password.create plain_text_password
-      end
-    end
-
-    # Generates a unique, timestamped token.
-    def generate_token # :nodoc:
-      begin
-        self.token = url_friendly_token
-      end while self.class.exists?(:token => token)
-      self.token_created_at = Time.now.utc
-    end
-
-    # Generates a unique, timestamped token which can be used in URLs, and
-    # saves the record.  This is part of the forgotten-password workflow.
-    def generate_token! # :nodoc:
-      generate_token
-      save
-    end
-
-    # Clears the user's timestamped token and saves the record.
-    # This is part of the forgotten-password workflow.
-    def clear_token # :nodoc:
-      update_attributes :token => nil, :token_created_at => nil
-    end
-
-    # Returns true if the given <tt>plain_text_password</tt> is the user's
-    # password, and false otherwise.
-    def has_matching_password?(plain_text_password) # :nodoc:
-      BCrypt::Password.new(password_digest) == plain_text_password
-    end
-
-    # Returns true if the given <tt>salt</tt> is the user's salt,
-    # and false otherwise.
-    def has_matching_salt?(salt) # :nodoc:
-      password_salt == salt
-    end
-
-    def password_salt # :nodoc:
-      BCrypt::Password.new(password_digest).salt
-    end
-
-    private
-
-    def url_friendly_token # :nodoc:
-      SecureRandom.base64(10).tr('+/=', 'xyz')
-    end
-  end
-
-end

data/lib/generators/quo_vadis/templates/migration.rb.erb

@@ -1,18 +0,0 @@
-class AddAuthenticationTo<%= model_name.pluralize.camelize %> < ActiveRecord::Migration
-  def self.up
-    add_column :<%= model_name.tableize %>, :username,         :string  # for user identification
-    add_column :<%= model_name.tableize %>, :password_digest,  :string
-
-    add_column :<%= model_name.tableize %>, :email,            :string  # for forgotten-credentials / activation
-    add_column :<%= model_name.tableize %>, :token,            :string  # for forgotten-credentials / activation
-    add_column :<%= model_name.tableize %>, :token_created_at, :string  # for forgotten-credentials / activation
-  end
-
-  def self.down
-    remove_column :<%= model_name.tableize %>, :username
-    remove_column :<%= model_name.tableize %>, :password_digest
-    remove_column :<%= model_name.tableize %>, :email
-    remove_column :<%= model_name.tableize %>, :token
-    remove_column :<%= model_name.tableize %>, :token_created_at
-  end
-end

data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb

@@ -1,96 +0,0 @@
-QuoVadis.configure do |config|
-
-  # The model we want to authenticate.
-  config.model = '<%= model_name.pluralize.classify %>'
-
-
-  #
-  # Sign in
-  #
-
-  # The URL to redirect the user to after s/he signs in.
-  # Use a proc if the URL depends on the user on controller.  E.g.:
-  #
-  # config.signed_in_url = Proc.new do |user, controller|
-  #   user.admin? ? :admin : :root
-  # end
-  #
-  # See also `:override_original_url`.
-  config.signed_in_url = :root
-
-  # Whether the `:signed_in_url` should override the URL the user was trying
-  # to reach when they were made to authenticate.
-  config.override_original_url = false
-
-  # Code to run when the user has signed in.  E.g.:
-  #
-  # config.signed_in_hook = Proc.new do |user, controller|
-  #   user.increment! :sign_in_count  # assuming this attribute exists
-  # end
-  config.signed_in_hook = nil
-
-  # Code to run when someone has tried but failed to sign in.  E.g.:
-  #
-  # config.failed_sign_in_hook = Proc.new do |controller|
-  #   Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
-  # end
-  config.failed_sign_in_hook = nil
-
-  # How long to remember user across browser sessions.
-  # Set to <tt>nil</tt> to never remember user.
-  config.remember_for = 2.weeks
-
-  # The domain to use for remember-me cookies.
-  config.cookie_domain = :all
-
-  # Code to run to determine whether the sign-in process is blocked to the user.  E.g.:
-  #
-  # config.blocked = Proc.new do |controller|
-  #   # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
-  #   SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
-  # end
-  config.blocked = false
-
-
-  #
-  # Sign out
-  #
-
-  # The URL to redirect the user to after s/he signs out.
-  # Use a proc if the URL depends on the controller.  E.g.:
-  #
-  # config.signed_out_url = Proc.new do |controller|
-  #   controller.root_url(:subdomain => nil)
-  # end
-  config.signed_out_url = :root
-
-  # Code to run just before the user has signed out.  E.g.:
-  #
-  # config.signed_out_hook = Proc.new do |user, controller|
-  #   controller.session.reset
-  # end
-  config.signed_out_hook = nil
-
-
-  #
-  # Forgotten-password and activation Mailer
-  #
-
-  # From whom the forgotten-password email should be sent.
-  config.from = 'noreply@example.com'
-
-  # Subject of the forgotten-password email.
-  config.subject_change_password = 'Change your password'
-
-  # Subject of the invitation email.
-  config.subject_invitation = 'Activate your account'
-
-
-  #
-  # Miscellaneous
-  #
-
-  # Layout for the sign-in view.  Pass a string or a symbol.
-  config.layout = 'application'
-
-end

data/test/dummy/.gitignore

@@ -1,2 +0,0 @@
-db/*.sqlite3
-tmp

data/test/dummy/Rakefile

@@ -1,7 +0,0 @@
-# Add your own tasks in files placed in lib/tasks ending in .rake,
-# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-
-require File.expand_path('../config/application', __FILE__)
-require 'rake'
-
-Dummy::Application.load_tasks

data/test/dummy/app/controllers/application_controller.rb

@@ -1,3 +0,0 @@
-class ApplicationController < ActionController::Base
-  protect_from_forgery
-end

data/test/dummy/app/controllers/articles_controller.rb

@@ -1,20 +0,0 @@
-class ArticlesController < ApplicationController
-  before_filter :authenticate, :except => [:index, :show]
-
-  def index
-    @articles = Article.all
-  end
-
-  def new
-    @article = Article.new
-  end
-
-  def create
-    @article = Article.new params[:article]
-    if @article.save
-      redirect_to :action => 'index'
-    else
-      render 'new'
-    end
-  end
-end

data/test/dummy/app/controllers/users_controller.rb

@@ -1,17 +0,0 @@
-class UsersController < ActionController::Base
-
-  def new
-    @user = User.new
-  end
-
-  def create
-    @user = User.new params[:user]
-    if @user.save
-      flash[:notice] = 'You have signed up!'
-      sign_in @user  # <-- Quo Vadis sign-in hook
-    else
-      render 'new'
-    end
-  end
-
-end

data/test/dummy/app/helpers/application_helper.rb

@@ -1,2 +0,0 @@
-module ApplicationHelper
-end

data/test/dummy/app/helpers/articles_helper.rb

@@ -1,2 +0,0 @@
-module ArticlesHelper
-end

data/test/dummy/app/models/article.rb

@@ -1,2 +0,0 @@
-class Article < ActiveRecord::Base
-end

data/test/dummy/app/models/person.rb

@@ -1,3 +0,0 @@
-class Person < ActiveRecord::Base
-  authenticates
-end

data/test/dummy/app/models/user.rb

@@ -1,3 +0,0 @@
-class User < ActiveRecord::Base
-  authenticates
-end

data/test/dummy/app/views/articles/index.html.erb

@@ -1 +0,0 @@
-<h1>Articles</h1>

data/test/dummy/app/views/articles/new.html.erb

@@ -1,11 +0,0 @@
-<h1>New Article</h1>
-
-<%= form_for @article do |f| %>
-  <%= f.label :title %>
-  <%= f.text_field :title %>
-
-  <%= f.label :content %>
-  <%= f.text_area :content %>
-
-  <%= f.submit %>
-<% end %>

data/test/dummy/app/views/layouts/application.html.erb

@@ -1,30 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <title>Dummy</title>
-  <%= csrf_meta_tag %>
-</head>
-<body>
-
-  <div id='topnav'>
-    <% if authenticated? %>
-      You are signed in as
-      <% if defined?(current_user) %>
-        <%= current_user.name %>.
-      <% elsif defined?(current_person) %>
-        <%= current_person.name %>.
-      <% end %>
-      <%= link_to 'Sign out', sign_out_path %>
-    <% else %>
-      <%= link_to 'Sign in', sign_in_path %>
-    <% end %>
-  </div>
-
-  <% flash.each do |key, value| %>
-    <div class='flash <%= key %>'><%= value %></div>
-  <% end %>
-
-<%= yield %>
-
-</body>
-</html>

data/test/dummy/app/views/layouts/sessions.html.erb

@@ -1,3 +0,0 @@
-<div>Sessions layout</div>
-
-<%= yield %>

data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb

@@ -1,9 +0,0 @@
-Hello <%= @username %>,
-
-We've received a request to change your password.  If this wasn't you,
-please ignore this email and your password will be left alone.
-
-If you do want to change your password, just click this link (valid for 24 hours):
-<%= @url %>
-
-Thanks!

data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb

@@ -1,8 +0,0 @@
-Hello <%= @user.name %>,
-
-You can activate your account by clicking this link (valid for 24 hours):
-<%= @url %>
-
-<% if instance_variable_defined? :@foo %><%= @foo %><% end %>
-
-Thanks!

data/test/dummy/app/views/sessions/edit.html.erb

@@ -1,11 +0,0 @@
-<h1>Change your password</h1>
-
-<%= form_tag change_password_path(params[:token]), :method => :put do %>
-  <p>
-    <%= label_tag :password %>
-    <%= password_field_tag :password %>
-  </p>
-  <p>
-    <%= submit_tag 'Change my password' %>
-  </p>
-<% end %>