ramon-devise 0.4.2

data/lib/devise/migrations.rb

@@ -0,0 +1,51 @@
+module Devise
+  # Helpers to migration:
+  #
+  #   create_table :accounts do |t|
+  #     t.authenticatable
+  #     t.confirmable
+  #     t.recoverable
+  #     t.rememberable
+  #     t.timestamps
+  #   end
+  #
+  # However this method does not add indexes. If you need them, here is the declaration:
+  #
+  #   add_index "accounts", ["email"],                :name => "email",                :unique => true
+  #   add_index "accounts", ["confirmation_token"],   :name => "confirmation_token",   :unique => true
+  #   add_index "accounts", ["reset_password_token"], :name => "reset_password_token", :unique => true
+  #
+  module Migrations
+
+    # Creates email, encrypted_password and password_salt.
+    #
+    def authenticatable(options={})
+      null = options[:null] || false
+      string :email,              :limit => 100, :null => null
+      string :encrypted_password, :limit =>  40, :null => null
+      string :password_salt,      :limit =>  20, :null => null
+    end
+
+    # Creates confirmation_token, confirmed_at and confirmation_sent_at.
+    #
+    def confirmable
+      string   :confirmation_token, :limit => 20
+      datetime :confirmed_at
+      datetime :confirmation_sent_at
+    end
+
+    # Creates reset_password_token.
+    #
+    def recoverable
+      string :reset_password_token, :limit => 20
+    end
+
+    # Creates remember_token and remember_created_at.
+    #
+    def rememberable
+      string   :remember_token, :limit => 20
+      datetime :remember_created_at
+    end
+
+  end
+end

data/lib/devise/models.rb

@@ -0,0 +1,105 @@
+module Devise
+  module Models
+    # Creates configuration values for Devise and for the given module.
+    #
+    #   Devise::Models.config(Devise::Authenticable, :stretches, 10)
+    #
+    # The line above creates:
+    #
+    #   1) An accessor called Devise.stretches, which value is used by default;
+    #
+    #   2) Some class methods for your model Model.stretches and Model.stretches=
+    #      which have higher priority than Devise.stretches;
+    #
+    #   3) And an instance method stretches.
+    #
+    # To add the class methods you need to have a module ClassMethods defined
+    # inside the given class.
+    #
+    def self.config(mod, accessor, default=nil) #:nodoc:
+      Devise.send :"#{accessor}=", default
+
+      mod.class_eval <<-METHOD, __FILE__, __LINE__
+        def #{accessor}
+          self.class.#{accessor}
+        end
+      METHOD
+
+      mod.const_get(:ClassMethods).class_eval <<-METHOD, __FILE__, __LINE__
+        def #{accessor}
+          if defined?(@#{accessor})
+            @#{accessor}
+          elsif superclass.respond_to?(:#{accessor})
+            superclass.#{accessor}
+          else
+            Devise.#{accessor}
+          end
+        end
+
+        def #{accessor}=(value)
+          @#{accessor} = value
+        end
+      METHOD
+    end
+
+    # Shortcut method for including all devise modules inside your model.
+    # You can give some extra options while declaring devise in your model:
+    #
+    # * except: convenient option that allows you to add all devise modules,
+    #   removing only the modules you setup here:
+    #
+    #    devise :all, :except => :rememberable
+    #
+    # You can also give the following configuration values in a hash: :pepper,
+    # :stretches, :confirm_within and :remember_for. Please check your Devise
+    # initialiazer for a complete description on those values.
+    #
+    # Examples:
+    #
+    #   # include only authenticatable module (default)
+    #   devise
+    #
+    #   # include authenticatable + confirmable modules
+    #   devise :confirmable
+    #
+    #   # include authenticatable + recoverable modules
+    #   devise :recoverable
+    #
+    #   # include authenticatable + rememberable modules
+    #   devise :rememberable
+    #
+    #   # include authenticatable + validatable modules
+    #   devise :validatable
+    #
+    #   # include authenticatable + confirmable + recoverable + rememberable + validatable
+    #   devise :confirmable, :recoverable, :rememberable, :validatable
+    #
+    #   # shortcut to include all modules (same as above)
+    #   devise :all
+    #
+    #   # include all except recoverable
+    #   devise :all, :except => :recoverable
+    #
+    def devise(*modules)
+      options  = modules.extract_options!
+
+      modules  = Devise::ALL if modules.include?(:all)
+      modules -= Array(options.delete(:except))
+      modules  = [:authenticatable] | modules
+
+      modules.each do |m|
+        devise_modules << m.to_sym
+        include Devise::Models.const_get(m.to_s.classify)
+      end
+
+      # Convert new keys to methods which overwrites Devise defaults
+      options.each { |key, value| send(:"#{key}=", value) }
+    end
+
+    # Stores all modules included inside the model, so we are able to verify
+    # which routes are needed.
+    def devise_modules
+      @devise_modules ||= []
+    end
+  end
+end

data/lib/devise/models/authenticatable.rb

@@ -0,0 +1,97 @@
+require 'digest/sha1'
+require 'devise/strategies/authenticatable'
+
+module Devise
+  module Models
+
+    # Authenticable Module, responsible for encrypting password and validating
+    # authenticity of a user while signing in.
+    #
+    # Configuration:
+    #
+    # You can overwrite configuration values by setting in globally in Devise,
+    # using devise method or overwriting the respective instance method.
+    #
+    #   pepper: encryption key used for creating encrypted password. Each time
+    #           password changes, it's gonna be encrypted again, and this key
+    #           is added to the password and salt to create a secure hash.
+    #           Always use `rake secret' to generate a new key.
+    #
+    #   stretches: defines how many times the password will be encrypted.
+    #
+    # Examples:
+    #
+    #    User.authenticate('email@test.com', 'password123')  # returns authenticated user or nil
+    #    User.find(1).valid_password?('password123')         # returns true/false
+    #
+    module Authenticatable
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+
+          attr_reader :password
+          attr_accessor :password_confirmation
+        end
+      end
+
+      # Regenerates password salt and encrypted password each time password is
+      # setted.
+      def password=(new_password)
+        @password = new_password
+        self.password_salt = friendly_token
+        self.encrypted_password = password_digest(@password)
+      end
+
+      # Verifies whether an incoming_password (ie from login) is the user
+      # password.
+      def valid_password?(incoming_password)
+        password_digest(incoming_password) == encrypted_password
+      end
+
+      protected
+
+        # Gererates a default password digest based on salt, pepper and the
+        # incoming password.
+        def password_digest(password_to_digest)
+          digest = pepper
+          stretches.times { digest = secure_digest(password_salt, digest, password_to_digest, pepper) }
+          digest
+        end
+
+        # Generate a SHA1 digest joining args. Generated token is something like
+        #
+        #   --arg1--arg2--arg3--argN--
+        def secure_digest(*tokens)
+          ::Digest::SHA1.hexdigest('--' << tokens.flatten.join('--') << '--')
+        end
+
+        # Generate a friendly string randomically to be used as token.
+        def friendly_token
+          ActiveSupport::SecureRandom.base64(15).tr('+/=', '-_ ').strip.delete("\n")
+        end
+
+      module ClassMethods
+        # Authenticate a user based on email and password. Returns the
+        # authenticated user if it's valid or nil.
+        # Attributes are :email and :password
+        def authenticate(attributes={})
+          authenticatable = find_by_email(attributes[:email])
+          authenticatable if authenticatable.try(:valid_password?, attributes[:password])
+        end
+
+        # Attempt to find a user by it's email. If not user is found, returns a
+        # new user with an email not found error.
+        def find_or_initialize_with_error_by_email(email)
+          perishable = find_or_initialize_by_email(email)
+          if perishable.new_record?
+            perishable.errors.add(:email, :not_found, :default => 'not found')
+          end
+          perishable
+        end
+      end
+
+      Devise::Models.config(self, :pepper)
+      Devise::Models.config(self, :stretches, 10)
+    end
+  end
+end

data/lib/devise/models/confirmable.rb

@@ -0,0 +1,156 @@
+require 'devise/hooks/confirmable'
+
+module Devise
+  module Models
+
+    # Confirmable is responsible to verify if an account is already confirmed to
+    # sign in, and to send emails with confirmation instructions.
+    # Confirmation instructions are sent to the user email after creating a
+    # record, after updating it's email and also when manually requested by
+    # a new confirmation instruction request.
+    # Whenever the user update it's email, his account is automatically unconfirmed,
+    # it means it won't be able to sign in again without confirming the account
+    # again through the email that was sent.
+    #
+    # Configuration:
+    #
+    #   confirm_within: the time you want the user will have to confirm it's account
+    #                   without blocking his access. When confirm_within is zero, the
+    #                   user won't be able to sign in without confirming. You can
+    #                   use this to let your user access some features of your
+    #                   application without confirming the account, but blocking it
+    #                   after a certain period (ie 7 days). By default confirm_within is
+    #                   zero, it means users always have to confirm to sign in.
+    #
+    # Examples:
+    #
+    #   User.find(1).confirm!      # returns true unless it's already confirmed
+    #   User.find(1).confirmed?    # true/false
+    #   User.find(1).send_confirmation_instructions # manually send instructions
+    #   User.find(1).reset_confirmation! # reset confirmation status and send instructions
+    module Confirmable
+
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+
+          before_create :generate_confirmation_token
+          after_create  :send_confirmation_instructions
+        end
+      end
+
+      # Confirm a user by setting it's confirmed_at to actual time. If the user
+      # is already confirmed, add en error to email field
+      def confirm!
+        unless_confirmed do
+          self.confirmation_token = nil
+          self.confirmed_at = Time.now
+          save(false)
+        end
+      end
+
+      # Verifies whether a user is confirmed or not
+      def confirmed?
+        !new_record? && confirmed_at?
+      end
+
+      # Send confirmation instructions by email
+      def send_confirmation_instructions
+        ::DeviseMailer.deliver_confirmation_instructions(self)
+      end
+
+      # Remove confirmation date and send confirmation instructions, to ensure
+      # after sending these instructions the user won't be able to sign in without
+      # confirming it's account
+      def reset_confirmation!
+        unless_confirmed do
+          generate_confirmation_token
+          save(false)
+          send_confirmation_instructions
+        end
+      end
+
+      # Verify whether a user is active to sign in or not. If the user is
+      # already confirmed, it should never be blocked. Otherwise we need to
+      # calculate if the confirm time has not expired for this user, in other
+      # words, if the confirmation is still valid.
+      def active?
+        confirmed? || confirmation_period_valid?
+      end
+
+      protected
+
+        # Checks if the confirmation for the user is within the limit time.
+        # We do this by calculating if the difference between today and the
+        # confirmation sent date does not exceed the confirm in time configured.
+        # Confirm_in is a model configuration, must always be an integer value.
+        #
+        # Example:
+        #
+        #   # confirm_within = 1.day and confirmation_sent_at = today
+        #   confirmation_period_valid?   # returns true
+        #
+        #   # confirm_within = 5.days and confirmation_sent_at = 4.days.ago
+        #   confirmation_period_valid?   # returns true
+        #
+        #   # confirm_within = 5.days and confirmation_sent_at = 5.days.ago
+        #   confirmation_period_valid?   # returns false
+        #
+        #   # confirm_within = 0.days
+        #   confirmation_period_valid?   # will always return false
+        #
+        def confirmation_period_valid?
+          confirmation_sent_at? &&
+            (Time.now.utc - confirmation_sent_at.utc) < confirm_within
+        end
+
+        # Checks whether the record is confirmed or not, yielding to the block
+        # if it's already confirmed, otherwise adds an error to email.
+        def unless_confirmed
+          unless confirmed?
+            yield
+          else
+            errors.add(:email, :already_confirmed, :default => 'already confirmed')
+            false
+          end
+        end
+
+        # Generates a new random token for confirmation, and stores the time
+        # this token is being generated
+        def generate_confirmation_token
+          self.confirmed_at = nil
+          self.confirmation_token = friendly_token
+          self.confirmation_sent_at = Time.now.utc
+        end
+
+      module ClassMethods
+
+        # Attempt to find a user by it's email. If a record is found, send new
+        # confirmation instructions to it. If not user is found, returns a new user
+        # with an email not found error.
+        # Options must contain the user email
+        def send_confirmation_instructions(attributes={})
+          confirmable = find_or_initialize_with_error_by_email(attributes[:email])
+          confirmable.reset_confirmation! unless confirmable.new_record?
+          confirmable
+        end
+
+        # Find a user by it's confirmation token and try to confirm it.
+        # If no user is found, returns a new user with an error.
+        # If the user is already confirmed, create an error for the user
+        # Options must have the confirmation_token
+        def confirm!(attributes={})
+          confirmable = find_or_initialize_by_confirmation_token(attributes[:confirmation_token])
+          if confirmable.new_record?
+            confirmable.errors.add(:confirmation_token, :invalid)
+          else
+            confirmable.confirm!
+          end
+          confirmable
+        end
+      end
+
+      Devise::Models.config(self, :confirm_within, 0.days)
+    end
+  end
+end

data/lib/devise/models/recoverable.rb

@@ -0,0 +1,88 @@
+module Devise
+  module Models
+
+    # Recoverable takes care of reseting the user password and send reset instructions
+    # Examples:
+    #
+    #   # resets the user password and save the record, true if valid passwords are given, otherwise false
+    #   User.find(1).reset_password!('password123', 'password123')
+    #   # only resets the user password, without saving the record
+    #   user = User.find(1)
+    #   user.reset_password('password123', 'password123')
+    #   # creates a new token and send it with instructions about how to reset the password
+    #   User.find(1).send_reset_password_instructions
+    module Recoverable
+      def self.included(base)
+        base.class_eval do
+          extend ClassMethods
+        end
+      end
+
+      # Update password
+      def reset_password(new_password, new_password_confirmation)
+        self.password = new_password
+        self.password_confirmation = new_password_confirmation
+      end
+
+      # Update password saving the record and clearing token. Returns true if
+      # the passwords are valid and the record was saved, false otherwise.
+      def reset_password!(new_password, new_password_confirmation)
+        reset_password(new_password, new_password_confirmation)
+        clear_reset_password_token if valid?
+        save
+      end
+
+      # Resets reset password token and send reset password instructions by email
+      def send_reset_password_instructions
+        generate_reset_password_token!
+        ::DeviseMailer.deliver_reset_password_instructions(self)
+      end
+
+      protected
+
+        # Generates a new random token for reset password
+        def generate_reset_password_token
+          self.reset_password_token = friendly_token
+        end
+
+        # Resets the reset password token with and save the record without
+        # validating
+        def generate_reset_password_token!
+          generate_reset_password_token && save(false)
+        end
+
+        # Removes reset_password token
+        def clear_reset_password_token
+          self.reset_password_token = nil
+        end
+
+      module ClassMethods
+
+        # Attempt to find a user by it's email. If a record is found, send new
+        # password instructions to it. If not user is found, returns a new user
+        # with an email not found error.
+        # Attributes must contain the user email
+        def send_reset_password_instructions(attributes={})
+          recoverable = find_or_initialize_with_error_by_email(attributes[:email])
+          recoverable.send_reset_password_instructions unless recoverable.new_record?
+          recoverable
+        end
+
+        # Attempt to find a user by it's reset_password_token to reset it's
+        # password. If a user is found, reset it's password and automatically
+        # try saving the record. If not user is found, returns a new user
+        # containing an error in reset_password_token attribute.
+        # Attributes must contain reset_password_token, password and confirmation
+        def reset_password!(attributes={})
+          recoverable = find_or_initialize_by_reset_password_token(attributes[:reset_password_token])
+          if recoverable.new_record?
+            recoverable.errors.add(:reset_password_token, :invalid)
+          else
+            recoverable.reset_password!(attributes[:password], attributes[:password_confirmation])
+          end
+          recoverable
+        end
+      end
+    end
+  end
+end