quo_vadis 1.1.2 → 1.2.0

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 # CHANGELOG
 
 
+## 1.2.0 (18 July 2012)
+
+* User activation.
+
+
 ## 1.1.2 (7 February 2012)
 
 * Replace ActiveSupport::SecureRandom with SecureRandom.

data/README.md

@@ -10,7 +10,7 @@ Features:
 * No surprises: it does what you expect.
 * Easy to customise.
 * Uses BCrypt to encrypt passwords.
-* Sign in, sign out, forgotten password, authenticate actions, remember user between browser sessions.
+* Sign in, sign out, forgotten password, authenticate actions, remember user between browser sessions, user activation.
 * Block accounts.
 * Let you choose which model(s) to authenticate (defaults to `User`).
 
@@ -25,7 +25,6 @@ Forthcoming features:
 What it doesn't and won't do:
 
 * Authorisation.
-* Sign up; that's user management, not authentication.
 * Work outside Rails 3.
 * OpenID, OAuth, LDAP, CAS, etc.
 * Separate identity from authentication services (cf OmniAuth).
@@ -106,36 +105,87 @@ Finally, write the change-password page ([example](https://github.com/airblade/q
 * PUT the parameter `:password` to `change_password_url(params[:token])`
 
 
-## Customisation
-
-You can customise the flash messages and mailer from/subject in `config/locales/quo_vadis.en.yml`.
+## Sign up (directly, without activation)
 
-You can customise the sign-in and sign-out redirects in `config/initializers/quo_vadis.rb`; they both default to the root route.  You can also hook into the sign-in and sign-out process if you need to run any other code.
+When you create a user, you need to sign them in.  Do this by calling `sign_in(user)` in your controller.  For example:
 
-If you want to add other session management type features, go right ahead: create a `SessionsController` as normal and carry on.
-
-You can skip the validation of authentication attributes (password etc) by overriding `should_authenticate?` in your model.  Perhaps only some of the users should be able to sign in, so you don't want to force them to have a password.
+    # In your app
+    class UsersController < ApplicationController
+      def create
+        @user = User.new params[:user]
+        if @user.save
+          sign_in @user    # <-- NOTE: sign in your user here
+        else
+          render 'new'
+        end
+      end
+    end
 
+The `sign_in(user)` method will redirect the user appropriately (you can configure this in `config/initializers/quo_vadis.rb`), as well as running any sign-in hook you may have defined in the initializer.
 
-## Sign up / user registration
 
-Quo Vadis doesn't offer sign-up because that's user management, not authentication.
+## Sign up (with activation)
 
-However if you have implemented user sign-up yourself, you need to be able to sign in a newly created user.  Do this by calling `sign_in(user)` in your controller.  For example:
+To create a user who must activate their account (via email) before they can sign in, do this:
 
     # In your app
     class UsersController < ApplicationController
       def create
-        @user = User.new params[:user]
+        @user = User.new_for_activation params[:user]    # <-- NOTE: different constructor
         if @user.save
-          sign_in @user    # <-- NOTE: sign in your user here
+          QuoVadis::SessionsController.new.invite_to_activate @user    # <-- NOTE: email user here
+          redirect_to root_path, notice: "Emailed sign-in instructions to #{@user.name}"  # or whatever
         else
           render 'new'
         end
       end
     end
 
-The `sign_in(user)` method will redirect the user appropriately (you can configure this in `config/initializers/quo_vadis.rb`), as well as running any sign-in hook you may have defined in the initializer.
+The user will receive an email with a link which takes them to a page (which you must write) where they can choose a username and password for themselves.  When they submit the form their new credentials are stored and they are signed in.
+
+Here's the workflow:
+
+1. [New user page, without username/password fields] You or user fills in and submits form.
+2. [Users controller] Create user and invite to activate.  See code snippet above.
+3. Quo Vadis emails the user a message with an invitation link.  The link is valid for 3 hours.
+4. [The email] The user clicks the link.
+5. [Invitation page] The user fills in their new username and password.
+6. Quo Vadis sets the user's username and password and signs the user in.
+
+It'll take you about 3 minutes to implement this.
+
+Update your user controller's `create` action as above.
+
+Write the mailer view, i.e. the email which will be sent to your new users ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/quo_vadis/notifier/invite.text.erb)).  The view must:
+
+* be at `app/views/quo_vadis/notifier/invite.text.erb`
+* render `@url` somewhere (this is the link the user clicks to go to the invitation page)
+
+You can also refer to `@user` in the email view, as well as any other data you pass to `invite_to_activate`.
+
+Configure the email's from address in `config/initializers/quo_vadis.rb`.
+
+Configure the default host so ActionMailer can generate the URL.  In `config/environments/<env>.rb`:
+
+    config.action_mailer.default_url_options = {:host => 'yourdomain.com'}
+
+Finally, write the invitation page ([example](https://github.com/airblade/quo_vadis/blob/master/test/dummy/app/views/sessions/invite.html.erb)).  The form must:
+
+* be in `app/views/sessions/invite.html.:format`
+* POST the parameters `:username` and `:password` to `activation_url(params[:token])`
+
+If the token expires and you need to generate a new one, re-invite the user with: `invite_to_activate @user`.
+
+
+## Customisation
+
+You can customise the flash messages and mailer from/subject in `config/locales/quo_vadis.en.yml`.
+
+You can customise the sign-in and sign-out redirects in `config/initializers/quo_vadis.rb`; they both default to the root route.  You can also hook into the sign-in and sign-out process if you need to run any other code.
+
+If you want to add other session management type features, go right ahead: create a `SessionsController` as normal and carry on.
+
+You can skip the validation of authentication attributes (password etc) by overriding `should_authenticate?` in your model.  Perhaps only some of the users should be able to sign in, so you don't want to force them to have a password.
 
 
 ## See also

data/app/controllers/quo_vadis/sessions_controller.rb

@@ -39,7 +39,7 @@ class QuoVadis::SessionsController < ApplicationController
       if params[:username].present? &&
           (user = QuoVadis.model_class.where(:username => params[:username]).first)
         if user.email.present?
-          user.generate_token
+          user.generate_token!
           QuoVadis::Notifier.change_password(user).deliver
           flash_if_present :notice, 'quo_vadis.flash.forgotten.sent_email'
           redirect_to :root
@@ -59,7 +59,7 @@ class QuoVadis::SessionsController < ApplicationController
     if QuoVadis.model_class.valid_token(params[:token]).first
       render 'sessions/edit'
     else
-      invalid_token
+      invalid_token :forgotten
     end
   end
 
@@ -79,15 +79,58 @@ class QuoVadis::SessionsController < ApplicationController
         render 'sessions/edit'
       end
     else
-      invalid_token
+      invalid_token :forgotten
     end
   end
 
+  # GET invitation_path /sign-in/invite/:token
+  def invite
+    if (user = QuoVadis.model_class.valid_token(params[:token]).first)
+      render 'sessions/invite'
+    else
+      invalid_token :activation
+    end
+  end
+
+  # POST activation_path /sign-in/accept/:token
+  def accept
+    if (user = QuoVadis.model_class.valid_token(params[:token]).first)
+      user.username, user.password = params[:username], params[:password]
+      # When we create a user who must activate their account, we give them
+      # a random username and password.  However we want to treat them as if
+      # they weren't set at all.
+      user.password_digest = nil if params[:password].blank?
+      if user.save
+        user.clear_token
+        flash_if_present :notice, 'quo_vadis.flash.activation.accepted'
+        sign_in user
+      else
+        render 'sessions/invite'
+      end
+    else
+      invalid_token :activation
+    end
+  end
+
+  # Invites a user to set up their sign-in credentials.
+  def invite_to_activate(user, data = {})
+    return false if user.email.blank?
+    user.generate_token!
+    QuoVadis::Notifier.invite(user, data).deliver
+    true
+  end
+  hide_action :send_invitation
+
   private
 
-  def invalid_token # :nodoc:
-    flash_if_present :alert, 'quo_vadis.flash.forgotten.invalid_token'
-    redirect_to forgotten_sign_in_url
+  def invalid_token(workflow) # :nodoc:
+    if workflow == :activation
+      flash_if_present :alert, 'quo_vadis.flash.activation.invalid_token'
+      redirect_to root_path
+    else
+      flash_if_present :alert, 'quo_vadis.flash.forgotten.invalid_token'
+      redirect_to forgotten_sign_in_url
+    end
   end
 
   def quo_vadis_layout # :nodoc:

data/app/mailers/quo_vadis/notifier.rb

@@ -6,7 +6,19 @@ module QuoVadis
     def change_password(user)
       @username = user.username
       @url = change_password_url user.token
-      mail :to => user.email, :from => QuoVadis.from, :subject => QuoVadis.subject
+      mail :to => user.email, :from => QuoVadis.from, :subject => QuoVadis.subject_change_password
+    end
+
+    # Sends an email to <tt>user</tt> with a link to a page where they
+    # can choose their username and password.
+    #
+    # `data` - hash of data to pass to view via instance variables.  A key of `:foo`
+    #          will be available via `@foo`.
+    def invite(user, data = {})
+      @user = user
+      @url = invitation_url user.token
+      data.each { |k,v| instance_variable_set :"@#{k}", v }
+      mail :to => user.email, :from => QuoVadis.from, :subject => QuoVadis.subject_invitation
     end
 
   end

data/app/models/model_mixin.rb

@@ -44,6 +44,17 @@ module ModelMixin
             nil
           end
         end
+
+        # Instantiates a user suitable for user-activation.
+        def new_for_activation(attributes = nil)
+          user = new attributes
+          # Satisfy username and password validations by setting to random values.
+          begin
+            user.username = SecureRandom.base64(10)
+          end while exists?(:username => user.username)
+          user.password = SecureRandom.base64(10)
+          user
+        end
       END
     end
   end
@@ -61,13 +72,18 @@ module ModelMixin
       end
     end
 
-    # Generates a unique, timestamped token which can be used in URLs, and
-    # saves the record.  This is part of the forgotten-password workflow.
+    # Generates a unique, timestamped token.
     def generate_token # :nodoc:
       begin
         self.token = url_friendly_token
       end while self.class.exists?(:token => token)
       self.token_created_at = Time.now.utc
+    end
+
+    # Generates a unique, timestamped token which can be used in URLs, and
+    # saves the record.  This is part of the forgotten-password workflow.
+    def generate_token! # :nodoc:
+      generate_token
       save
     end
 

data/config/locales/quo_vadis.en.yml

@@ -15,3 +15,7 @@ en:
         sent_email: "We've emailed you a link where you can change your password."
         invalid_token: "Sorry, this link isn't valid anymore."
         password_changed: "You have successfully changed your password and you're now signed in."
+
+      activation:
+        accepted: "Your account is active and you're now signed in."
+        invalid_token: "Sorry, this link isn't valid anymore."

data/config/routes.rb

@@ -6,8 +6,10 @@ Rails.application.routes.draw do
     get  'sign-in/forgotten'       => 'sessions#forgotten', :as => 'forgotten_sign_in'
     post 'sign-in/forgotten'       => 'sessions#forgotten', :as => 'forgotten_sign_in'
     constraints :token => /.+/ do
-      get 'sign-in/change-password/:token' => 'sessions#edit',   :as => 'change_password'
-      put 'sign-in/change-password/:token' => 'sessions#update', :as => 'change_password'
+      get  'sign-in/change-password/:token' => 'sessions#edit',   :as => 'change_password'
+      put  'sign-in/change-password/:token' => 'sessions#update', :as => 'change_password'
+      get  'sign-in/invite/:token'          => 'sessions#invite', :as => 'invitation'
+      post 'sign-in/accept/:token'          => 'sessions#accept', :as => 'activation'
     end
   end
 end

data/lib/generators/quo_vadis/templates/migration.rb.erb

@@ -3,9 +3,9 @@ class AddAuthenticationTo<%= model_name.pluralize.camelize %> < ActiveRecord::Mi
     add_column :<%= model_name.tableize %>, :username,         :string  # for user identification
     add_column :<%= model_name.tableize %>, :password_digest,  :string
 
-    add_column :<%= model_name.tableize %>, :email,            :string  # for forgotten-credentials
-    add_column :<%= model_name.tableize %>, :token,            :string  # for forgotten-credentials
-    add_column :<%= model_name.tableize %>, :token_created_at, :string  # for forgotten-credentials
+    add_column :<%= model_name.tableize %>, :email,            :string  # for forgotten-credentials / activation
+    add_column :<%= model_name.tableize %>, :token,            :string  # for forgotten-credentials / activation
+    add_column :<%= model_name.tableize %>, :token_created_at, :string  # for forgotten-credentials / activation
   end
 
   def self.down

data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb

@@ -73,14 +73,17 @@ QuoVadis.configure do |config|
 
 
   #
-  # Forgotten-password Mailer
+  # Forgotten-password and activation Mailer
   #
 
   # From whom the forgotten-password email should be sent.
   config.from = 'noreply@example.com'
 
   # Subject of the forgotten-password email.
-  config.subject = 'Change your password'
+  config.subject_change_password = 'Change your password'
+
+  # Subject of the invitation email.
+  config.subject_invitation = 'Activate your account'
 
 
   #

data/lib/quo_vadis/version.rb

@@ -1,3 +1,3 @@
 module QuoVadis
-  VERSION = '1.1.2'
+  VERSION = '1.2.0'
 end

data/lib/quo_vadis.rb

@@ -94,7 +94,7 @@ module QuoVadis
 
 
   #
-  # Forgotten-password Mailer
+  # Forgotten-password and activation Mailer
   #
 
   # From whom the forgotten-password email should be sent.
@@ -102,9 +102,12 @@ module QuoVadis
   @@from = 'noreply@example.com'
 
   # Subject of the forgotten-password email.
-  mattr_accessor :subject
-  @@subject = 'Change your password.'
+  mattr_accessor :subject_change_password
+  @@subject_change_password = 'Change your password.'
 
+  # Subject of the invitation email.
+  mattr_accessor :subject_invitation
+  @@subject_invitation = 'Activate your account'
 
 
   #

data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb

@@ -0,0 +1,8 @@
+Hello <%= @user.name %>,
+
+You can activate your account by clicking this link (valid for 3 hours):
+<%= @url %>
+
+<% if instance_variable_defined? :@foo %><%= @foo %><% end %>
+
+Thanks!

data/test/dummy/app/views/sessions/invite.html.erb

@@ -0,0 +1,15 @@
+<h1>Choose your username and password</h1>
+
+<%= form_tag activation_path(params[:token]) do %>
+  <p>
+    <%= label_tag :username %>
+    <%= text_field_tag :username %>
+  </p>
+  <p>
+    <%= label_tag :password %>
+    <%= password_field_tag :password %>
+  </p>
+  <p>
+    <%= submit_tag 'Save my details' %>
+  </p>
+<% end %>

data/test/dummy/config/initializers/quo_vadis.rb

@@ -68,7 +68,10 @@ QuoVadis.configure do |config|
   config.from = 'noreply@example.com'
 
   # Subject of the forgotten-password email.
-  config.subject = 'Change your password'
+  config.subject_change_password = 'Change your password'
+
+  # Subject of the invitation email.
+  config.subject_invitation = 'Activate your account'
 
 
   #

data/test/dummy/config/initializers/rack_patch.rb

@@ -0,0 +1,16 @@
+# TODO: remove once on Rack 1.3.0.
+# https://github.com/jnicklas/capybara/issues/87#issuecomment-2106788
+module Rack
+  module Utils
+
+    def escape(s)
+      CGI.escape s.to_s
+    end
+
+    def unescape(s)
+      CGI.unescape s
+    end
+
+  end
+end
+

data/test/dummy/config/locales/quo_vadis.en.yml

@@ -15,3 +15,7 @@ en:
         sent_email: "We've emailed you a link where you can change your password."
         invalid_token: "Sorry, this link isn't valid anymore."
         password_changed: "You have successfully changed your password and you're now signed in."
+
+      activation:
+        accepted: "Your account is active and you're now signed in."
+        invalid_token: "Sorry, this link isn't valid anymore."

data/test/integration/activation_test.rb

@@ -0,0 +1,98 @@
+require 'test_helper'
+
+class ActivationTest < ActiveSupport::IntegrationCase
+
+  teardown do
+    Capybara.reset_sessions!
+  end
+
+  test 'a user can be invited' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    assert user.save
+    assert QuoVadis::SessionsController.new.invite_to_activate user
+
+    assert ActionMailer::Base.deliveries.last
+    assert !ActionMailer::Base.deliveries.empty?
+    email = ActionMailer::Base.deliveries.last
+
+    assert_equal ['bob@example.com'],      email.to
+    assert_equal ['noreply@example.com'],  email.from
+    assert_equal 'Activate your account',  email.subject
+    # Why doesn't this use the default url option set up in test/test_helper.rb#9?
+    assert_match Regexp.new(Regexp.escape(invitation_url user.token, :host => 'www.example.com')), email.encoded
+  end
+
+  test 'a user without email cannot be invited' do
+    user = User.new_for_activation :name => 'Bob'
+    assert user.save
+    assert ! QuoVadis::SessionsController.new.invite_to_activate(user)
+  end
+
+  test 'user can accept a valid invitation and set valid credentials' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    user.generate_token
+    assert user.save
+
+    visit invitation_url(user.token, :host => 'www.example.com')
+    fill_in 'Username', :with => 'bob'
+    fill_in 'Password', :with => 'secret'
+    click_button 'Save my details'
+    assert_equal root_path, current_path
+    within '.flash.notice' do
+      assert page.has_content?("Your account is active and you're now signed in.")
+    end
+    assert_nil user.reload.token
+    assert_nil user.token_created_at
+  end
+
+  test 'user can accept a valid invitation but not set invalid credentials' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    user.generate_token
+    assert user.save
+
+    visit invitation_url(user.token, :host => 'www.example.com')
+    fill_in 'Username', :with => 'bob'
+    fill_in 'Password', :with => ''
+    click_button 'Save my details'
+    assert_equal activation_path(user.token), current_path
+    assert user.reload.token
+    assert user.token_created_at
+  end
+
+  test 'user cannot view an expired invitation' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    user.generate_token
+    assert user.save
+    user.update_attributes :token_created_at => 1.day.ago
+
+    visit invitation_url(user.token, :host => 'www.example.com')
+    assert_equal root_path, current_path
+    within '.flash.alert' do
+      assert page.has_content?("Sorry, this link isn't valid anymore.")
+    end
+  end
+
+  test 'user cannot accept an expired invitation' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    user.generate_token
+    assert user.save
+
+    visit invitation_url(user.token, :host => 'www.example.com')
+    user.update_attributes :token_created_at => 1.day.ago
+    fill_in 'Username', :with => 'bob'
+    fill_in 'Password', :with => 'secret'
+    click_button 'Save my details'
+    assert_equal root_path, current_path
+    within '.flash.alert' do
+      assert page.has_content?("Sorry, this link isn't valid anymore.")
+    end
+  end
+
+  test 'data can be passed to invitation email' do
+    user = User.new_for_activation :name => 'Bob', :email => 'bob@example.com'
+    assert user.save
+    assert QuoVadis::SessionsController.new.invite_to_activate user, :foo => 'Barbaz'
+    email = ActionMailer::Base.deliveries.last
+    assert_match Regexp.new('Barbaz'), email.encoded
+  end
+end

data/test/integration/config_test.rb

@@ -108,18 +108,25 @@ class ConfigTest < ActiveSupport::IntegrationCase
     assert page.has_content?('Sessions layout')
   end
 
-  test 'mailer from config' do
+  test 'change-password mailer from config' do
     QuoVadis.from = 'jim@example.com'
     (user = User.last).generate_token
     email = QuoVadis::Notifier.change_password(user)
     assert_equal ['jim@example.com'], email.from
   end
 
-  test 'mailer subject config' do
-    QuoVadis.subject = 'You idiot!'
+  test 'change-password mailer subject config' do
+    QuoVadis.subject_change_password = 'You idiot!'
     (user = User.last).generate_token
     email = QuoVadis::Notifier.change_password(user)
     assert_equal 'You idiot!', email.subject
   end
 
+  test 'invitation mailer subject config' do
+    QuoVadis.subject_invitation = 'Wooha'
+    (user = User.last).generate_token
+    email = QuoVadis::Notifier.invite(user)
+    assert_equal 'Wooha', email.subject
+  end
+
 end

data/test/integration/locale_test.rb

@@ -171,7 +171,7 @@ class LocaleTest < ActiveSupport::IntegrationCase
 
   test 'forgotten.password_changed flash' do
     user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-    User.last.generate_token
+    User.last.generate_token!
     visit change_password_path(User.last.token)
     fill_in :password, :with => 'topsecret'
     click_button 'Change my password'
@@ -184,7 +184,7 @@ class LocaleTest < ActiveSupport::IntegrationCase
     begin
       I18n.backend.store_translations :en, {:quo_vadis => {:flash => {:forgotten => {:password_changed => ''}}}}
       user_factory 'Bob', 'bob', 'secret', 'bob@example.com'
-      User.last.generate_token
+      User.last.generate_token!
       visit change_password_path(User.last.token)
       fill_in :password, :with => 'topsecret'
       click_button 'Change my password'

data/test/integration/sign_in_person_test.rb

@@ -14,13 +14,13 @@ class SignInPersonTest < ActiveSupport::IntegrationCase
 
     END
 
-    # person_factory 'James', 'jim', 'secret'
-    # sign_in_as 'jim', 'secret'
+    person_factory 'James', 'jim', 'secret'
+    sign_in_as 'jim', 'secret'
 
-    # assert_equal root_path, current_path
-    # within '.flash.notice' do
-    #   assert page.has_content?('You have successfully signed in.')
-    # end
+    assert_equal root_path, current_path
+    within '.flash.notice' do
+      assert page.has_content?('You have successfully signed in.')
+    end
   end
 
 end

data/test/test_helper.rb

@@ -56,7 +56,8 @@ def reset_quo_vadis_configuration
   QuoVadis.signed_out_hook       = nil
   QuoVadis.layout                = 'application'
   QuoVadis.from                  = 'noreply@example.com'
-  QuoVadis.subject               = 'Change your password'
+  QuoVadis.subject_change_password = 'Change your password'
+  QuoVadis.subject_invitation    = 'Activate your account'
   QuoVadis.remember_for          = 2.weeks
   QuoVadis.blocked               = false
 end

data/test/unit/user_test.rb

@@ -51,4 +51,14 @@ class UserTest < ActiveSupport::TestCase
     assert user.valid?
   end
 
+  test 'create for activation' do
+    user = User.new_for_activation :name => 'Bob'
+    assert user.valid?
+
+    user = User.new_for_activation :name => 'John', :username => 'john', :password => 'secret'
+    assert user.valid?
+    assert_not_equal 'john', user.username
+    assert_not_equal 'secret', user.password
+  end
+
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: quo_vadis
 version: !ruby/object:Gem::Version
-  version: 1.1.2
+  version: 1.2.0
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-02-07 00:00:00.000000000 Z
+date: 2012-07-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2157988380 !ruby/object:Gem::Requirement
+  requirement: &2156553540 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: '3.0'
   type: :runtime
   prerelease: false
-  version_requirements: *2157988380
+  version_requirements: *2156553540
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
-  requirement: &2157987500 !ruby/object:Gem::Requirement
+  requirement: &2156550300 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -32,10 +32,10 @@ dependencies:
         version: 3.0.0
   type: :runtime
   prerelease: false
-  version_requirements: *2157987500
+  version_requirements: *2156550300
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &2157986780 !ruby/object:Gem::Requirement
+  requirement: &2156568880 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -43,10 +43,10 @@ dependencies:
         version: 3.0.4
   type: :development
   prerelease: false
-  version_requirements: *2157986780
+  version_requirements: *2156568880
 - !ruby/object:Gem::Dependency
   name: sqlite3-ruby
-  requirement: &2157986100 !ruby/object:Gem::Requirement
+  requirement: &2156564820 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2157986100
+  version_requirements: *2156564820
 - !ruby/object:Gem::Dependency
   name: capybara
-  requirement: &2157967940 !ruby/object:Gem::Requirement
+  requirement: &2152428460 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -65,10 +65,10 @@ dependencies:
         version: '1.1'
   type: :development
   prerelease: false
-  version_requirements: *2157967940
+  version_requirements: *2152428460
 - !ruby/object:Gem::Dependency
   name: launchy
-  requirement: &2157967080 !ruby/object:Gem::Requirement
+  requirement: &2152426880 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2157967080
+  version_requirements: *2152426880
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &2157965940 !ruby/object:Gem::Requirement
+  requirement: &2152425340 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -87,7 +87,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *2157965940
+  version_requirements: *2152425340
 description: Simple username/password authentication for Rails 3.
 email:
 - boss@airbladesoftware.com
@@ -128,8 +128,10 @@ files:
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/layouts/sessions.html.erb
 - test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
+- test/dummy/app/views/quo_vadis/notifier/invite.text.erb
 - test/dummy/app/views/sessions/edit.html.erb
 - test/dummy/app/views/sessions/forgotten.html.erb
+- test/dummy/app/views/sessions/invite.html.erb
 - test/dummy/app/views/sessions/new.html.erb
 - test/dummy/app/views/users/new.html.erb
 - test/dummy/config.ru
@@ -144,6 +146,7 @@ files:
 - test/dummy/config/initializers/inflections.rb
 - test/dummy/config/initializers/mime_types.rb
 - test/dummy/config/initializers/quo_vadis.rb
+- test/dummy/config/initializers/rack_patch.rb
 - test/dummy/config/initializers/secret_token.rb
 - test/dummy/config/initializers/session_store.rb
 - test/dummy/config/locales/en.yml
@@ -167,6 +170,7 @@ files:
 - test/dummy/public/javascripts/rails.js
 - test/dummy/public/stylesheets/.gitkeep
 - test/dummy/script/rails
+- test/integration/activation_test.rb
 - test/integration/authenticate_test.rb
 - test/integration/blocked_test.rb
 - test/integration/config_test.rb
@@ -198,7 +202,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4176509777758211908
+      hash: -4183127178798820750
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -207,7 +211,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4176509777758211908
+      hash: -4183127178798820750
 requirements: []
 rubyforge_project: quo_vadis
 rubygems_version: 1.8.11
@@ -230,8 +234,10 @@ test_files:
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/app/views/layouts/sessions.html.erb
 - test/dummy/app/views/quo_vadis/notifier/change_password.text.erb
+- test/dummy/app/views/quo_vadis/notifier/invite.text.erb
 - test/dummy/app/views/sessions/edit.html.erb
 - test/dummy/app/views/sessions/forgotten.html.erb
+- test/dummy/app/views/sessions/invite.html.erb
 - test/dummy/app/views/sessions/new.html.erb
 - test/dummy/app/views/users/new.html.erb
 - test/dummy/config.ru
@@ -246,6 +252,7 @@ test_files:
 - test/dummy/config/initializers/inflections.rb
 - test/dummy/config/initializers/mime_types.rb
 - test/dummy/config/initializers/quo_vadis.rb
+- test/dummy/config/initializers/rack_patch.rb
 - test/dummy/config/initializers/secret_token.rb
 - test/dummy/config/initializers/session_store.rb
 - test/dummy/config/locales/en.yml
@@ -269,6 +276,7 @@ test_files:
 - test/dummy/public/javascripts/rails.js
 - test/dummy/public/stylesheets/.gitkeep
 - test/dummy/script/rails
+- test/integration/activation_test.rb
 - test/integration/authenticate_test.rb
 - test/integration/blocked_test.rb
 - test/integration/config_test.rb