restful-authentication 1.2.1

data/lib/generators/authenticated/templates/test/functional_test.rb

@@ -0,0 +1,82 @@
+require 'test_helper'
+require '<%= controller_file_name %>_controller'
+
+# Re-raise errors caught by the controller.
+class <%= controller_class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= controller_class_name %>ControllerTest < ActionController::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
+  # Then, you can remove it from this and the units test.
+  include AuthenticatedTestHelper
+
+  fixtures :<%= table_name %>
+
+  def test_should_login_and_redirect
+    post :create, :login => 'quentin', :password => 'monkey'
+    assert session[:<%= file_name %>_id]
+    assert_response :redirect
+  end
+
+  def test_should_fail_login_and_not_redirect
+    post :create, :login => 'quentin', :password => 'bad password'
+    assert_nil session[:<%= file_name %>_id]
+    assert_response :success
+  end
+
+  def test_should_logout
+    login_as :quentin
+    get :destroy
+    assert_nil session[:<%= file_name %>_id]
+    assert_response :redirect
+  end
+
+  def test_should_remember_me
+    @request.cookies["auth_token"] = nil
+    post :create, :login => 'quentin', :password => 'monkey', :remember_me => "1"
+    assert_not_nil @response.cookies["auth_token"]
+  end
+
+  def test_should_not_remember_me
+    @request.cookies["auth_token"] = nil
+    post :create, :login => 'quentin', :password => 'monkey', :remember_me => "0"
+    puts @response.cookies["auth_token"]
+    assert @response.cookies["auth_token"].blank?
+  end
+  
+  def test_should_delete_token_on_logout
+    login_as :quentin
+    get :destroy
+    assert @response.cookies["auth_token"].blank?
+  end
+
+  def test_should_login_with_cookie
+    <%= table_name %>(:quentin).remember_me
+    @request.cookies["auth_token"] = cookie_for(:quentin)
+    get :new
+    assert @controller.send(:logged_in?)
+  end
+
+  def test_should_fail_expired_cookie_login
+    <%= table_name %>(:quentin).remember_me
+    <%= table_name %>(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago
+    @request.cookies["auth_token"] = cookie_for(:quentin)
+    get :new
+    assert !@controller.send(:logged_in?)
+  end
+
+  def test_should_fail_cookie_login
+    <%= table_name %>(:quentin).remember_me
+    @request.cookies["auth_token"] = auth_token('invalid_auth_token')
+    get :new
+    assert !@controller.send(:logged_in?)
+  end
+
+  protected
+    def auth_token(token)
+      CGI::Cookie.new('name' => 'auth_token', 'value' => token)
+    end
+    
+    def cookie_for(<%= file_name %>)
+      auth_token <%= table_name %>(<%= file_name %>).remember_token
+    end
+end

data/lib/generators/authenticated/templates/test/mailer_test.rb

@@ -0,0 +1,32 @@
+require 'test_helper'
+require '<%= file_name %>_mailer'
+
+class <%= class_name %>MailerTest < ActionMailer::TestCase
+
+  def setup
+    @<%= file_name %> = <%= table_name %>(:quentin)
+  end
+
+
+  test "signup_notification" do
+    # Send the email, then test that it got queued
+    email = UserMailer.signup_notification(@<%= file_name %>).deliver
+   assert !ActionMailer::Base.deliveries.empty?
+
+   assert_equal [@<%= file_name %>.email], email.to
+    assert_equal "[YOURSITE] Please activate your new account", email.subject
+    assert_match /Your account has been created./, email.encoded
+    assert_match /Visit this url to activate your account/, email.encoded
+  end
+
+  test "activation" do
+    email = UserMailer.activation(@<%= file_name %>).deliver
+   assert !ActionMailer::Base.deliveries.empty?
+
+    assert_equal [@<%= file_name %>.email], email.to
+    assert_equal "[YOURSITE] Your account has been activated!", email.subject
+    assert_match /your account has been activated.  Welcome aboard!/, email.encoded
+    assert_match /http\:\/\/YOURSITE\//, email.encoded
+  end
+
+end

data/lib/generators/authenticated/templates/test/model_functional_test.rb

@@ -0,0 +1,93 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require '<%= model_controller_file_name %>_controller'
+
+# Re-raise errors caught by the controller.
+class <%= model_controller_class_name %>Controller; def rescue_action(e) raise e end; end
+
+class <%= model_controller_class_name %>ControllerTest < ActionController::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead
+  # Then, you can remove it from this and the units test.
+  include AuthenticatedTestHelper
+
+  fixtures :<%= table_name %>
+
+  def test_should_allow_signup
+    assert_difference '<%= class_name %>.count' do
+      create_<%= file_name %>
+      assert_response :redirect
+    end
+  end
+
+  def test_should_require_login_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:login => nil)
+      assert assigns(:<%= file_name %>).errors.on(:login)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_password_confirmation_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:password_confirmation => nil)
+      assert assigns(:<%= file_name %>).errors.on(:password_confirmation)
+      assert_response :success
+    end
+  end
+
+  def test_should_require_email_on_signup
+    assert_no_difference '<%= class_name %>.count' do
+      create_<%= file_name %>(:email => nil)
+      assert assigns(:<%= file_name %>).errors.on(:email)
+      assert_response :success
+    end
+  end
+  <% if options[:stateful] %>
+  def test_should_sign_up_user_in_pending_state
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert assigns(:<%= file_name %>).pending?
+  end<% end %>
+
+  <% if options[:include_activation] %>
+  def test_should_sign_up_user_with_activation_code
+    create_<%= file_name %>
+    assigns(:<%= file_name %>).reload
+    assert_not_nil assigns(:<%= file_name %>).activation_code
+  end
+
+  def test_should_activate_user
+    assert_nil <%= class_name %>.authenticate('aaron', 'test')
+    get :activate, :activation_code => <%= table_name %>(:aaron).activation_code
+    assert_redirected_to '/login'
+    assert_not_nil flash[:notice]
+    assert_equal <%= table_name %>(:aaron), <%= class_name %>.authenticate('aaron', 'monkey')
+  end
+  
+  def test_should_not_activate_user_without_key
+    get :activate
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # in the event your routes deny this, we'll just bow out gracefully.
+  end
+
+  def test_should_not_activate_user_with_blank_key
+    get :activate, :activation_code => ''
+    assert_nil flash[:notice]
+  rescue ActionController::RoutingError
+    # well played, sir
+  end<% end %>
+
+  protected
+    def create_<%= file_name %>(options = {})
+      post :create, :<%= file_name %> => { :login => 'quire', :email => 'quire@example.com',
+        :password => 'quire69', :password_confirmation => 'quire69' }.merge(options)
+    end
+end

data/lib/generators/authenticated/templates/test/unit_test.rb

@@ -0,0 +1,164 @@
+require 'test_helper'
+
+class <%= class_name %>Test < ActiveSupport::TestCase
+  # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead.
+  # Then, you can remove it from this and the functional test.
+  include AuthenticatedTestHelper
+  fixtures :<%= table_name %>
+
+  def test_should_create_<%= file_name %>
+    assert_difference '<%= class_name %>.count' do
+      <%= file_name %> = create_<%= file_name %>
+      assert !<%= file_name %>.new_record?, "#{<%= file_name %>.errors.full_messages.to_sentence}"
+    end
+  end
+<% if options[:include_activation] %>
+  def test_should_initialize_activation_code_upon_creation
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert_not_nil <%= file_name %>.activation_code
+  end
+<% end %><% if options[:stateful] %>
+  def test_should_create_and_start_in_pending_state
+    <%= file_name %> = create_<%= file_name %>
+    <%= file_name %>.reload
+    assert <%= file_name %>.pending?
+  end
+
+<% end %>
+  def test_should_require_login
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:login => nil)
+      assert u.errors.on(:login)
+    end
+  end
+
+  def test_should_require_password
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password => nil)
+      assert u.errors.on(:password)
+    end
+  end
+
+  def test_should_require_password_confirmation
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:password_confirmation => nil)
+      assert u.errors.on(:password_confirmation)
+    end
+  end
+
+  def test_should_require_email
+    assert_no_difference '<%= class_name %>.count' do
+      u = create_<%= file_name %>(:email => nil)
+      assert u.errors.on(:email)
+    end
+  end
+
+  def test_should_reset_password
+    <%= table_name %>(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'new password')
+  end
+
+  def test_should_not_rehash_password
+    <%= table_name %>(:quentin).update_attributes(:login => 'quentin2')
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin2', 'monkey')
+  end
+
+  def test_should_authenticate_<%= file_name %>
+    assert_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'monkey')
+  end
+
+  def test_should_set_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+  end
+
+  def test_should_unset_remember_token
+    <%= table_name %>(:quentin).remember_me
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    <%= table_name %>(:quentin).forget_me
+    assert_nil <%= table_name %>(:quentin).remember_token
+  end
+
+  def test_should_remember_me_for_one_week
+    before = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_for 1.week
+    after = 1.week.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+
+  def test_should_remember_me_until_one_week
+    time = 1.week.from_now.utc
+    <%= table_name %>(:quentin).remember_me_until time
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert_equal <%= table_name %>(:quentin).remember_token_expires_at, time
+  end
+
+  def test_should_remember_me_default_two_weeks
+    before = 2.weeks.from_now.utc
+    <%= table_name %>(:quentin).remember_me
+    after = 2.weeks.from_now.utc
+    assert_not_nil <%= table_name %>(:quentin).remember_token
+    assert_not_nil <%= table_name %>(:quentin).remember_token_expires_at
+    assert <%= table_name %>(:quentin).remember_token_expires_at.between?(before, after)
+  end
+<% if options[:stateful] %>
+  def test_should_register_passive_<%= file_name %>
+    <%= file_name %> = create_<%= file_name %>(:password => nil, :password_confirmation => nil)
+    assert <%= file_name %>.passive?
+    <%= file_name %>.update_attributes(:password => 'new password', :password_confirmation => 'new password')
+    <%= file_name %>.register!
+    assert <%= file_name %>.pending?
+  end
+
+  def test_should_suspend_<%= file_name %>
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+  end
+
+  def test_suspended_<%= file_name %>_should_not_authenticate
+    <%= table_name %>(:quentin).suspend!
+    assert_not_equal <%= table_name %>(:quentin), <%= class_name %>.authenticate('quentin', 'test')
+  end
+
+  def test_should_unsuspend_<%= file_name %>_to_active_state
+    <%= table_name %>(:quentin).suspend!
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).unsuspend!
+    assert <%= table_name %>(:quentin).active?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_nil_activation_code_and_activated_at_to_passive_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => nil, :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).passive?
+  end
+
+  def test_should_unsuspend_<%= file_name %>_with_activation_code_and_nil_activated_at_to_pending_state
+    <%= table_name %>(:quentin).suspend!
+    <%= class_name %>.update_all :activation_code => 'foo-bar', :activated_at => nil
+    assert <%= table_name %>(:quentin).suspended?
+    <%= table_name %>(:quentin).reload.unsuspend!
+    assert <%= table_name %>(:quentin).pending?
+  end
+
+  def test_should_delete_<%= file_name %>
+    assert_nil <%= table_name %>(:quentin).deleted_at
+    <%= table_name %>(:quentin).delete!
+    assert_not_nil <%= table_name %>(:quentin).deleted_at
+    assert <%= table_name %>(:quentin).deleted?
+  end
+<% end %>
+protected
+  def create_<%= file_name %>(options = {})
+    record = <%= class_name %>.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options))
+    record.<% if options[:stateful] %>register! if record.valid?<% else %>save<% end %>
+    record
+  end
+end

data/lib/tasks/auth.rake

@@ -0,0 +1,33 @@
+require 'digest/sha1'
+require 'erb'
+
+def site_keys_file
+  File.join("config", "initializers", "site_keys.rb")
+end
+
+def secure_digest(*args)
+  Digest::SHA1.hexdigest(args.flatten.join('--'))
+end
+
+def make_token
+  secure_digest(Time.now, (1..10).map{ rand.to_s })
+end
+
+def make_site_keys_rb
+  site_key = secure_digest(Time.now, (1..10).map{ rand.to_s })
+  site_key_erb = <<-EOF
+# key of 40 chars length
+REST_AUTH_SITE_KEY         = '#{site_key}'
+REST_AUTH_DIGEST_STRETCHES = 10
+EOF
+end
+
+namespace :auth do
+  namespace :gen do
+    desc "Generates config/initializers/site_keys.rb"
+    task :site_key do
+      file = ENV['file'] || site_keys_file
+      File.open(file, "w"){|f| f.write(make_site_keys_rb)}
+    end
+  end
+end

data/lib/trustification.rb

@@ -0,0 +1,14 @@
+module Trustification
+  def self.included(recipient)
+    recipient.extend(ModelClassMethods)
+    recipient.class_eval do
+      include ModelInstanceMethods
+    end
+  end
+
+  module ModelClassMethods
+  end # class methods
+
+  module ModelInstanceMethods
+  end # instance methods
+end

data/lib/trustification/email_validation.rb

@@ -0,0 +1,20 @@
+module Trustification
+  module EmailValidation
+    unless Object.constants.include? "CONSTANTS_DEFINED"
+      CONSTANTS_DEFINED = true # sorry for the C idiom
+    end
+    
+    def self.included(recipient)
+      recipient.extend(ClassMethods)
+      recipient.class_eval do
+        include InstanceMethods
+      end
+    end
+
+    module ClassMethods
+    end # class methods
+
+    module InstanceMethods
+    end # instance methods
+  end
+end

metadata

@@ -0,0 +1,105 @@
+--- !ruby/object:Gem::Specification
+name: restful-authentication
+version: !ruby/object:Gem::Version
+  version: 1.2.1
+  prerelease: 
+platform: ruby
+authors:
+- jpablobr
+- Rick Olson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-09-06 00:00:00.000000000Z
+dependencies: []
+description: Generates common user authentication code for Rails/Merb, with a full
+  test/unit and rspec suite and optional Acts as State Machine support built-in..
+email: xjpablobrx@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- README.textile
+files:
+- CHANGELOG
+- README.textile
+- Rakefile
+- TODO
+- lib/authorization.rb
+- lib/generators/authenticated/authenticated_generator.rb
+- lib/generators/authenticated/USAGE
+- lib/generators/authenticated/templates/site_keys.rb
+- lib/generators/authenticated/templates/model.rb
+- lib/generators/authenticated/templates/controller.rb
+- lib/generators/authenticated/templates/model_controller.rb
+- lib/generators/authenticated/templates/login.html.erb
+- lib/generators/authenticated/templates/signup.html.erb
+- lib/generators/authenticated/templates/authenticated_test_helper.rb
+- lib/generators/authenticated/templates/features/step_definitions/rest_auth_features_helper.rb
+- lib/generators/authenticated/templates/features/step_definitions/ra_env.rb
+- lib/generators/authenticated/templates/features/step_definitions/ra_navigation_steps.rb
+- lib/generators/authenticated/templates/features/step_definitions/user_steps.rb
+- lib/generators/authenticated/templates/features/step_definitions/ra_resource_steps.rb
+- lib/generators/authenticated/templates/features/step_definitions/ra_response_steps.rb
+- lib/generators/authenticated/templates/features/accounts.feature
+- lib/generators/authenticated/templates/features/sessions.feature
+- lib/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb
+- lib/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb
+- lib/generators/authenticated/templates/spec/controllers/access_control_spec.rb
+- lib/generators/authenticated/templates/spec/controllers/users_controller_spec.rb
+- lib/generators/authenticated/templates/spec/models/user_spec.rb
+- lib/generators/authenticated/templates/spec/helpers/users_helper_spec.rb
+- lib/generators/authenticated/templates/spec/fixtures/users.yml
+- lib/generators/authenticated/templates/activation.erb
+- lib/generators/authenticated/templates/observer.rb
+- lib/generators/authenticated/templates/model_helper_spec.rb
+- lib/generators/authenticated/templates/migration.rb
+- lib/generators/authenticated/templates/model_helper.rb
+- lib/generators/authenticated/templates/helper.rb
+- lib/generators/authenticated/templates/test/model_functional_test.rb
+- lib/generators/authenticated/templates/test/mailer_test.rb
+- lib/generators/authenticated/templates/test/functional_test.rb
+- lib/generators/authenticated/templates/test/unit_test.rb
+- lib/generators/authenticated/templates/mailer.rb
+- lib/generators/authenticated/templates/_model_partial.html.erb
+- lib/generators/authenticated/templates/authenticated_system.rb
+- lib/generators/authenticated/templates/signup_notification.erb
+- lib/trustification.rb
+- lib/tasks/auth.rake
+- lib/authentication/by_cookie_token.rb
+- lib/authentication/by_password.rb
+- lib/authentication.rb
+- lib/authorization/aasm_roles.rb
+- lib/authorization/stateful_roles.rb
+- lib/trustification/email_validation.rb
+- init.rb
+homepage: http://github.com/jpablobr/restful-authentication
+licenses: []
+post_install_message: ! "**************************************************\n\n  Thank
+  you for installing restful-authentication-1.2.1!\n\n  This version works with versions
+  of rails >= 3.0\n\n**************************************************\n"
+rdoc_options:
+- --main
+- README.textile
+- --charset=UTF-8
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>'
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.8
+signing_key: 
+specification_version: 3
+summary: Generates code for user login and authentication
+test_files: []
+has_rdoc: