salted_login_generator 1.1.1 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/salted_login_generator.rb +16 -1
- data/templates/README +41 -23
- data/templates/_view_edit.rhtml +0 -1
- data/templates/controller.rb +43 -36
- data/templates/controller_test.new.rb +328 -0
- data/templates/controller_test.old.rb +303 -0
- data/templates/controller_test.rb +97 -78
- data/templates/done +28 -0
- data/templates/helper.rb +12 -6
- data/templates/login_system.rb +11 -11
- data/templates/migration.rb +27 -0
- data/templates/notify.rb +6 -1
- data/templates/notify_change_password.rhtml +0 -5
- data/templates/notify_signup.rhtml +0 -1
- data/templates/user.rb +7 -5
- data/templates/user_model.erbsql +0 -1
- data/templates/user_test.rb +7 -7
- data/templates/users.yml +5 -10
- data/templates/view_change_password.rhtml +3 -3
- data/templates/view_edit.rhtml +8 -8
- data/templates/view_forgot_password.rhtml +3 -3
- data/templates/view_login.rhtml +2 -2
- data/templates/view_signup.rhtml +4 -4
- metadata +79 -70
@@ -1,5 +1,7 @@
|
|
1
1
|
require File.dirname(__FILE__) + '/../test_helper'
|
2
2
|
require '<%= file_name %>_controller'
|
3
|
+
# ADD to fix advance_by_days= problem
|
4
|
+
require File.dirname(__FILE__) + '/../mocks/test/time'
|
3
5
|
|
4
6
|
# Raise errors beyond the default web-based presentation
|
5
7
|
class <%= class_name %>Controller; def rescue_action(e) raise e end; end
|
@@ -7,22 +9,23 @@ class <%= class_name %>Controller; def rescue_action(e) raise e end; end
|
|
7
9
|
class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
8
10
|
|
9
11
|
fixtures :<%= plural_name %>
|
10
|
-
|
12
|
+
|
11
13
|
def setup
|
14
|
+
super
|
12
15
|
@controller = <%= class_name %>Controller.new
|
13
|
-
@request
|
14
|
-
@
|
16
|
+
@request = ActionController::TestRequest.new
|
17
|
+
@response = ActionController::TestResponse.new
|
15
18
|
end
|
16
19
|
|
17
20
|
def test_auth_bob
|
18
21
|
@request.session['return-to'] = "/bogus/location"
|
19
22
|
|
20
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
21
|
-
|
23
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
24
|
+
assert_not_nil @response.session["<%= singular_name %>"]
|
22
25
|
|
23
26
|
assert_equal @bob, @response.session["<%= singular_name %>"]
|
24
27
|
|
25
|
-
|
28
|
+
assert_equal("http://#{@request.host}/bogus/location", @response.redirect_url)
|
26
29
|
end
|
27
30
|
|
28
31
|
def do_test_signup(bad_password, bad_email)
|
@@ -31,19 +34,19 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
31
34
|
@request.session['return-to'] = "/bogus/location"
|
32
35
|
|
33
36
|
if not bad_password and not bad_email
|
34
|
-
post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "newpassword"
|
35
|
-
|
36
|
-
|
37
|
-
|
37
|
+
post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "newpassword" }
|
38
|
+
assert_nil session["<%= singular_name %>"]
|
39
|
+
|
40
|
+
assert_equal(@controller.url_for(:action => "login"), @response.redirect_url)
|
38
41
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
39
42
|
mail = ActionMailer::Base.deliveries[0]
|
40
43
|
assert_equal "newbob@test.com", mail.to_addrs[0].to_s
|
41
|
-
assert_match /login:\s+\w+\n/, mail.encoded
|
42
|
-
assert_match /password:\s+\w+\n/, mail.encoded
|
44
|
+
# assert_match /login:\s+\w+\n/, mail.encoded
|
45
|
+
# assert_match /password:\s+\w+\n/, mail.encoded
|
43
46
|
mail.encoded =~ /key=(.*?)"/
|
44
47
|
key = $1
|
45
48
|
|
46
|
-
<%= singular_name %> = <%= class_name %>.
|
49
|
+
<%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
|
47
50
|
assert_not_nil <%= singular_name %>
|
48
51
|
assert_equal 0, <%= singular_name %>.verified
|
49
52
|
|
@@ -51,32 +54,33 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
51
54
|
Time.advance_by_days = 1
|
52
55
|
get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "#{key}"
|
53
56
|
Time.advance_by_days = 0
|
54
|
-
<%= singular_name %> = <%= class_name %>.
|
57
|
+
<%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
|
55
58
|
assert_equal 0, <%= singular_name %>.verified
|
56
59
|
|
57
60
|
# Then a bogus key.
|
58
61
|
get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "boguskey"
|
59
|
-
<%= singular_name %> = <%= class_name %>.
|
62
|
+
<%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
|
60
63
|
assert_equal 0, <%= singular_name %>.verified
|
61
64
|
|
62
65
|
# Now the real one.
|
63
66
|
get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "#{key}"
|
64
|
-
<%= singular_name %> = <%= class_name %>.
|
67
|
+
<%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
|
65
68
|
assert_equal 1, <%= singular_name %>.verified
|
66
69
|
|
67
|
-
post :login, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword" }
|
68
|
-
|
70
|
+
post :login, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword" }
|
71
|
+
assert_not_nil session["<%= singular_name %>"]
|
69
72
|
get :logout
|
70
73
|
elsif bad_password
|
71
|
-
post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "bad", "password_confirmation" => "bad"
|
72
|
-
|
73
|
-
|
74
|
-
|
74
|
+
post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "bad", "password_confirmation" => "bad"}
|
75
|
+
assert_nil session["<%= singular_name %>"]
|
76
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
|
77
|
+
|
78
|
+
assert_response(:success)
|
75
79
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
76
80
|
elsif bad_email
|
77
81
|
ActionMailer::Base.inject_one_error = true
|
78
|
-
post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "newpassword"
|
79
|
-
|
82
|
+
post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "newpassword" }
|
83
|
+
assert_nil session["<%= singular_name %>"]
|
80
84
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
81
85
|
else
|
82
86
|
# Invalid test case
|
@@ -85,14 +89,14 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
85
89
|
end
|
86
90
|
|
87
91
|
def test_edit
|
88
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
89
|
-
|
92
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
93
|
+
assert_not_nil session["<%= singular_name %>"]
|
90
94
|
|
91
95
|
post :edit, "<%= singular_name %>" => { "firstname" => "Bob", "form" => "edit" }
|
92
|
-
assert_equal @response.session[
|
96
|
+
assert_equal @response.session["<%= singular_name %>"].firstname, "Bob"
|
93
97
|
|
94
98
|
post :edit, "<%= singular_name %>" => { "firstname" => "", "form" => "edit" }
|
95
|
-
assert_equal @response.session[
|
99
|
+
assert_equal @response.session["<%= singular_name %>"].firstname, ""
|
96
100
|
|
97
101
|
get :logout
|
98
102
|
end
|
@@ -101,41 +105,41 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
101
105
|
ActionMailer::Base.deliveries = []
|
102
106
|
|
103
107
|
# Immediate delete
|
104
|
-
post :login, "<%= singular_name %>" => { "login" => "deletebob1", "password" => "alongtest" }
|
105
|
-
|
108
|
+
post :login, "<%= singular_name %>" => { "login" => "deletebob1@test.com", "password" => "alongtest" }
|
109
|
+
assert_not_nil session["<%= singular_name %>"]
|
106
110
|
|
107
111
|
<%= class_name %>System::CONFIG[:delayed_delete] = false
|
108
112
|
post :edit, "<%= singular_name %>" => { "form" => "delete" }
|
109
113
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
110
114
|
|
111
|
-
|
112
|
-
post :login, "<%= singular_name %>" => { "login" => "deletebob1", "password" => "alongtest" }
|
113
|
-
|
115
|
+
assert_nil session["<%= singular_name %>"]
|
116
|
+
post :login, "<%= singular_name %>" => { "login" => "deletebob1@test.com", "password" => "alongtest" }
|
117
|
+
assert_nil session["<%= singular_name %>"]
|
114
118
|
|
115
119
|
# Now try delayed delete
|
116
120
|
ActionMailer::Base.deliveries = []
|
117
121
|
|
118
|
-
post :login, "<%= singular_name %>" => { "login" => "deletebob2", "password" => "alongtest" }
|
119
|
-
|
122
|
+
post :login, "<%= singular_name %>" => { "login" => "deletebob2@test.com", "password" => "alongtest" }
|
123
|
+
assert_not_nil session["<%= singular_name %>"]
|
120
124
|
|
121
125
|
<%= class_name %>System::CONFIG[:delayed_delete] = true
|
122
126
|
post :edit, "<%= singular_name %>" => { "form" => "delete" }
|
123
127
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
124
128
|
mail = ActionMailer::Base.deliveries[0]
|
125
|
-
mail.encoded =~ /<%= singular_name%>\[id\]=(.*?)&key=(.*?)"/
|
129
|
+
mail.encoded =~ /<%= singular_name %>\[id\]=(.*?)&key=(.*?)"/
|
126
130
|
id = $1
|
127
131
|
key = $2
|
128
132
|
post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "badkey"
|
129
|
-
|
133
|
+
assert_nil session["<%= singular_name %>"]
|
130
134
|
|
131
135
|
# Advance the time past the delete date
|
132
136
|
Time.advance_by_days = <%= class_name %>System::CONFIG[:delayed_delete_days]
|
133
137
|
post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "#{key}"
|
134
|
-
|
135
|
-
Time.advance_by_days = 0
|
138
|
+
assert_nil session["<%= singular_name %>"]
|
136
139
|
|
140
|
+
Time.advance_by_days = 0
|
137
141
|
post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "#{key}"
|
138
|
-
|
142
|
+
assert_not_nil session["<%= singular_name %>"]
|
139
143
|
get :logout
|
140
144
|
end
|
141
145
|
|
@@ -148,20 +152,20 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
148
152
|
def do_change_password(bad_password, bad_email)
|
149
153
|
ActionMailer::Base.deliveries = []
|
150
154
|
|
151
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
152
|
-
|
155
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
156
|
+
assert_not_nil session["<%= singular_name %>"]
|
153
157
|
|
154
158
|
if not bad_password and not bad_email
|
155
159
|
post :change_password, "<%= singular_name %>" => { "password" => "changed_password", "password_confirmation" => "changed_password" }
|
156
160
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
157
161
|
mail = ActionMailer::Base.deliveries[0]
|
158
162
|
assert_equal "bob@test.com", mail.to_addrs[0].to_s
|
159
|
-
assert_match /login:\s+\w+\n/, mail.encoded
|
160
|
-
assert_match /password:\s+\w+\n/, mail.encoded
|
163
|
+
# assert_match /login:\s+\w+\n/, mail.encoded
|
164
|
+
# assert_match /password:\s+\w+\n/, mail.encoded
|
161
165
|
elsif bad_password
|
162
166
|
post :change_password, "<%= singular_name %>" => { "password" => "bad", "password_confirmation" => "bad" }
|
163
|
-
|
164
|
-
|
167
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
|
168
|
+
assert_response(:success)
|
165
169
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
166
170
|
elsif bad_email
|
167
171
|
ActionMailer::Base.inject_one_error = true
|
@@ -173,24 +177,28 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
173
177
|
end
|
174
178
|
|
175
179
|
get :logout
|
176
|
-
|
180
|
+
assert_nil session["<%= singular_name %>"]
|
177
181
|
|
178
182
|
if not bad_password and not bad_email
|
179
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "changed_password" }
|
180
|
-
|
183
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "changed_password" }
|
184
|
+
assert_not_nil session["<%= singular_name %>"]
|
181
185
|
post :change_password, "<%= singular_name %>" => { "password" => "atest", "password_confirmation" => "atest" }
|
182
186
|
get :logout
|
183
187
|
end
|
184
188
|
|
185
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
186
|
-
|
189
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
190
|
+
assert_not_nil session["<%= singular_name %>"]
|
187
191
|
|
188
192
|
get :logout
|
189
193
|
end
|
190
194
|
|
191
|
-
def
|
195
|
+
def test_change_password0
|
192
196
|
do_change_password(false, false)
|
197
|
+
end
|
198
|
+
def test_change_password1
|
193
199
|
do_change_password(true, false)
|
200
|
+
end
|
201
|
+
def test_change_password2
|
194
202
|
do_change_password(false, true)
|
195
203
|
end
|
196
204
|
|
@@ -198,17 +206,17 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
198
206
|
ActionMailer::Base.deliveries = []
|
199
207
|
|
200
208
|
if logged_in
|
201
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
202
|
-
|
209
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
210
|
+
assert_not_nil session["<%= singular_name %>"]
|
203
211
|
end
|
204
212
|
|
205
213
|
@request.session['return-to'] = "/bogus/location"
|
206
214
|
if not bad_address and not bad_email
|
207
|
-
post :forgot_password, "<%= singular_name %>" => { "
|
215
|
+
post :forgot_password, "<%= singular_name %>" => { "login" => "bob@test.com" }
|
208
216
|
password = "anewpassword"
|
209
217
|
if logged_in
|
210
218
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
211
|
-
|
219
|
+
assert_equal(@controller.url_for(:action => "change_password"), @response.redirect_url)
|
212
220
|
post :change_password, "<%= singular_name %>" => { "password" => "#{password}", "password_confirmation" => "#{password}" }
|
213
221
|
else
|
214
222
|
assert_equal 1, ActionMailer::Base.deliveries.size
|
@@ -218,15 +226,15 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
218
226
|
id = $1
|
219
227
|
key = $2
|
220
228
|
post :change_password, "<%= singular_name %>" => { "password" => "#{password}", "password_confirmation" => "#{password}", "id" => "#{id}" }, "key" => "#{key}"
|
221
|
-
|
229
|
+
assert_not_nil session["<%= singular_name %>"]
|
222
230
|
get :logout
|
223
231
|
end
|
224
232
|
elsif bad_address
|
225
|
-
post :forgot_password, "<%= singular_name %>" => { "
|
233
|
+
post :forgot_password, "<%= singular_name %>" => { "login" => "bademail@test.com" }
|
226
234
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
227
235
|
elsif bad_email
|
228
236
|
ActionMailer::Base.inject_one_error = true
|
229
|
-
post :forgot_password, "<%= singular_name %>" => { "
|
237
|
+
post :forgot_password, "<%= singular_name %>" => { "login" => "bob@test.com" }
|
230
238
|
assert_equal 0, ActionMailer::Base.deliveries.size
|
231
239
|
else
|
232
240
|
# Invalid test case
|
@@ -237,18 +245,18 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
237
245
|
if logged_in
|
238
246
|
get :logout
|
239
247
|
else
|
240
|
-
|
248
|
+
assert_equal(@controller.url_for(:action => "login"), @response.redirect_url)
|
241
249
|
end
|
242
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "#{password}" }
|
250
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "#{password}" }
|
243
251
|
else
|
244
252
|
# Okay, make sure the database did not get changed
|
245
253
|
if logged_in
|
246
254
|
get :logout
|
247
255
|
end
|
248
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
256
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
249
257
|
end
|
250
258
|
|
251
|
-
|
259
|
+
assert_not_nil session["<%= singular_name %>"]
|
252
260
|
|
253
261
|
# Put the old settings back
|
254
262
|
if not bad_address and not bad_email
|
@@ -268,35 +276,46 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
|
|
268
276
|
def test_bad_signup
|
269
277
|
@request.session['return-to'] = "/bogus/location"
|
270
278
|
|
271
|
-
post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "wrong" }
|
272
|
-
|
273
|
-
|
274
|
-
|
279
|
+
post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "wrong" }
|
280
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
|
281
|
+
assert_response(:success)
|
282
|
+
|
275
283
|
post :signup, "<%= singular_name %>" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "newpassword" }
|
276
|
-
|
277
|
-
|
284
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:login))
|
285
|
+
assert_response(:success)
|
278
286
|
|
279
287
|
post :signup, "<%= singular_name %>" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "wrong" }
|
280
|
-
|
281
|
-
|
288
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:login))
|
289
|
+
assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
|
290
|
+
assert_response(:success)
|
282
291
|
end
|
283
292
|
|
284
293
|
def test_invalid_login
|
285
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "not_correct" }
|
294
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "not_correct" }
|
286
295
|
|
287
|
-
|
296
|
+
assert_nil session["<%= singular_name %>"]
|
288
297
|
|
289
|
-
|
298
|
+
assert(@response.has_template_object?("login"))
|
290
299
|
end
|
291
300
|
|
292
301
|
def test_login_logoff
|
293
302
|
|
294
|
-
post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
|
295
|
-
|
303
|
+
post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
|
304
|
+
assert_not_nil session["<%= singular_name %>"]
|
296
305
|
|
297
306
|
get :logout
|
298
|
-
|
307
|
+
assert_nil session["<%= singular_name %>"]
|
299
308
|
|
300
309
|
end
|
301
|
-
|
310
|
+
|
311
|
+
# deprecated assertions
|
312
|
+
def find_record_in_template(key = nil)
|
313
|
+
assert_not_nil assigns(key)
|
314
|
+
record = @response.template_objects[key]
|
315
|
+
|
316
|
+
assert_not_nil(record)
|
317
|
+
assert_kind_of ActiveRecord::Base, record
|
318
|
+
|
319
|
+
return record
|
320
|
+
end
|
302
321
|
end
|
data/templates/done
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
rm -fr saltedloginfix2/ ; rails -d mysql saltedloginfix2; cd saltedloginfix2/ ; script/generate salted_login User Localization; mysql -u root -pDelphes59 -e "create database saltedloginfix2_development"; mysql -u root -pDelphes59 -e "create database saltedloginfix2_test"; rake test ; cd ..
|
2
|
+
|
3
|
+
_view_edit.rhtml # remove email
|
4
|
+
_view_password.rhtml
|
5
|
+
controller
|
6
|
+
controller_test
|
7
|
+
helper
|
8
|
+
login_environment
|
9
|
+
login_system
|
10
|
+
mock_notify
|
11
|
+
mock_time
|
12
|
+
notify
|
13
|
+
notify_change_password
|
14
|
+
notify_delete
|
15
|
+
notify_forgot_password
|
16
|
+
notify_pending_delete
|
17
|
+
notify_signup
|
18
|
+
user.rb
|
19
|
+
user_model.erbsql
|
20
|
+
user_test.rb
|
21
|
+
users.yml
|
22
|
+
view_change_password
|
23
|
+
view_edit
|
24
|
+
view_forget_password
|
25
|
+
view_login
|
26
|
+
view_logout
|
27
|
+
view_signup
|
28
|
+
view_welcome
|
data/templates/helper.rb
CHANGED
@@ -69,12 +69,12 @@ module <%= class_name %>Helper
|
|
69
69
|
opts = DEFAULT_HEAD_OPTIONS.dup
|
70
70
|
opts.update(options.symbolize_keys)
|
71
71
|
s = "<h3>#{label}</h3>"
|
72
|
-
if
|
73
|
-
notice = "<div><p>#{
|
72
|
+
if flash['notice'] and not opts[:notice].nil? and opts[:notice]
|
73
|
+
notice = "<div><p>#{flash['notice']}</p></div>"
|
74
74
|
s = s + notice
|
75
75
|
end
|
76
|
-
if
|
77
|
-
message = "<div id=\"ErrorExplanation\"><p>#{
|
76
|
+
if flash['message'] and not opts[:message].nil? and opts[:message]
|
77
|
+
message = "<div id=\"ErrorExplanation\"><p>#{flash['message']}</p></div>"
|
78
78
|
s = s + message
|
79
79
|
end
|
80
80
|
if not opts[:error].nil? and opts[:error]
|
@@ -97,9 +97,15 @@ EOL
|
|
97
97
|
l(:"#{@controller.controller_name}_#{name}_message")
|
98
98
|
end
|
99
99
|
|
100
|
-
|
100
|
+
# from http://devblog.famundo.com/articles/2007/03/28/lost-in-binding-adventures-in-ruby-metaprogramming
|
101
|
+
def form_tag_helper(options = {}, &block)
|
101
102
|
url = url_for(:action => "#{@controller.action_name}")
|
102
|
-
|
103
|
+
_erbout = eval('_erbout', block)
|
104
|
+
form_tag(url, options) do
|
105
|
+
eval "_erbout = %q[#{_erbout}]"
|
106
|
+
yield
|
107
|
+
end
|
108
|
+
eval "_erbout = %q[#{_erbout}]", block
|
103
109
|
end
|
104
110
|
|
105
111
|
def attributes(hash)
|
data/templates/login_system.rb
CHANGED
@@ -44,7 +44,7 @@ module <%= class_name %>System
|
|
44
44
|
return true
|
45
45
|
end
|
46
46
|
|
47
|
-
if <%= singular_name %>? and authorize?(
|
47
|
+
if <%= singular_name %>? and authorize?(session['<%= singular_name %>'])
|
48
48
|
return true
|
49
49
|
end
|
50
50
|
|
@@ -69,30 +69,30 @@ module <%= class_name %>System
|
|
69
69
|
# store current uri in the session.
|
70
70
|
# we can return to this location by calling return_location
|
71
71
|
def store_location
|
72
|
-
|
72
|
+
session['return-to'] = request.request_uri
|
73
73
|
end
|
74
74
|
|
75
75
|
# move to the last store_location call or to the passed default one
|
76
76
|
def redirect_back_or_default(default)
|
77
|
-
if
|
77
|
+
if session['return-to'].nil?
|
78
78
|
redirect_to default
|
79
79
|
else
|
80
|
-
|
81
|
-
|
80
|
+
redirect_to(url_for(session['return-to']))
|
81
|
+
session['return-to'] = nil
|
82
82
|
end
|
83
83
|
end
|
84
84
|
|
85
85
|
def <%= singular_name %>?
|
86
86
|
# First, is the user already authenticated?
|
87
|
-
return true if not
|
87
|
+
return true if not session['<%= singular_name %>'].nil?
|
88
88
|
|
89
89
|
# If not, is the user being authenticated by a token?
|
90
|
-
return false if not
|
91
|
-
id =
|
92
|
-
key =
|
90
|
+
return false if not params['<%= singular_name %>']
|
91
|
+
id = params['<%= singular_name %>']['id']
|
92
|
+
key = params['key']
|
93
93
|
if id and key
|
94
|
-
|
95
|
-
return true if not
|
94
|
+
session['<%= singular_name %>'] = <%= class_name %>.authenticate_by_token(id, key)
|
95
|
+
return true if not session['<%= singular_name %>'].nil?
|
96
96
|
end
|
97
97
|
|
98
98
|
# Everything failed
|
@@ -0,0 +1,27 @@
|
|
1
|
+
class Create<%= class_name.pluralize %> < ActiveRecord::Migration
|
2
|
+
def self.up
|
3
|
+
create= <<END_OF_STRING
|
4
|
+
CREATE TABLE <%= plural_name %> (
|
5
|
+
id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
|
6
|
+
login VARCHAR(80) NOT NULL,
|
7
|
+
salted_password VARCHAR(40) NOT NULL,
|
8
|
+
firstname VARCHAR(40),
|
9
|
+
lastname VARCHAR(40),
|
10
|
+
salt CHAR(40) NOT NULL,
|
11
|
+
verified INT default 0,
|
12
|
+
role VARCHAR(40) default NULL,
|
13
|
+
security_token CHAR(40) default NULL,
|
14
|
+
token_expiry DATETIME default NULL,
|
15
|
+
created_at DATETIME default NULL,
|
16
|
+
updated_at DATETIME default NULL,
|
17
|
+
logged_in_at DATETIME default NULL,
|
18
|
+
deleted INT default 0,
|
19
|
+
delete_after DATETIME default NULL
|
20
|
+
) TYPE=InnoDB DEFAULT CHARSET=utf8;
|
21
|
+
END_OF_STRING
|
22
|
+
execute create
|
23
|
+
end
|
24
|
+
def self.down
|
25
|
+
drop_table :<%= plural_name %>
|
26
|
+
end
|
27
|
+
end
|
data/templates/notify.rb
CHANGED
@@ -11,6 +11,7 @@ class <%= class_name %>Notify < ActionMailer::Base
|
|
11
11
|
@body["password"] = password
|
12
12
|
@body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
|
13
13
|
@body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
|
14
|
+
@body = render_message("<%= singular_name %>_notify/signup", @body)
|
14
15
|
end
|
15
16
|
|
16
17
|
def forgot_password(<%= singular_name %>, url=nil)
|
@@ -24,6 +25,7 @@ class <%= class_name %>Notify < ActionMailer::Base
|
|
24
25
|
@body["login"] = <%= singular_name %>.login
|
25
26
|
@body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
|
26
27
|
@body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
|
28
|
+
@body = render_message("<%= singular_name %>_notify/forgot_password", @body)
|
27
29
|
end
|
28
30
|
|
29
31
|
def change_password(<%= singular_name %>, password, url=nil)
|
@@ -38,6 +40,7 @@ class <%= class_name %>Notify < ActionMailer::Base
|
|
38
40
|
@body["password"] = password
|
39
41
|
@body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
|
40
42
|
@body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
|
43
|
+
@body = render_message("<%= singular_name %>_notify/change_password", @body)
|
41
44
|
end
|
42
45
|
|
43
46
|
def pending_delete(<%= singular_name %>, url=nil)
|
@@ -51,6 +54,7 @@ class <%= class_name %>Notify < ActionMailer::Base
|
|
51
54
|
@body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
|
52
55
|
@body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
|
53
56
|
@body["days"] = <%= class_name %>System::CONFIG[:delayed_delete_days].to_s
|
57
|
+
@body = render_message("<%= singular_name %>_notify/pending_delete", @body)
|
54
58
|
end
|
55
59
|
|
56
60
|
def delete(<%= singular_name %>, url=nil)
|
@@ -63,10 +67,11 @@ class <%= class_name %>Notify < ActionMailer::Base
|
|
63
67
|
@body["name"] = "#{<%= singular_name %>.firstname} #{<%= singular_name %>.lastname}"
|
64
68
|
@body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
|
65
69
|
@body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
|
70
|
+
@body = render_message("<%= singular_name %>_notify/delete", @body)
|
66
71
|
end
|
67
72
|
|
68
73
|
def setup_email(<%= singular_name %>)
|
69
|
-
@recipients = "#{<%= singular_name %>.
|
74
|
+
@recipients = "#{<%= singular_name %>.login}"
|
70
75
|
@from = <%= class_name %>System::CONFIG[:email_from].to_s
|
71
76
|
@subject = "[#{<%= class_name %>System::CONFIG[:app_name]}] "
|
72
77
|
@sent_on = Time.now
|
@@ -2,9 +2,4 @@ Dear <%%= @name %>,
|
|
2
2
|
|
3
3
|
At your request, <%%= @app_name %> has changed your password. If it was not at your request, then you should be aware that someone has access to your account and requested this change.
|
4
4
|
|
5
|
-
Your new login credentials are:
|
6
|
-
|
7
|
-
login: <%%= @login %>
|
8
|
-
password: <%%= @password %>
|
9
|
-
|
10
5
|
<%%= @url %>
|
data/templates/user.rb
CHANGED
@@ -11,15 +11,18 @@ class <%= class_name %> < ActiveRecord::Base
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def self.authenticate(login, pass)
|
14
|
-
|
15
|
-
|
16
|
-
|
14
|
+
begin
|
15
|
+
u = find(:first, :conditions => ["login = ? AND verified = 1 AND deleted = 0", login])
|
16
|
+
return find(:first, :conditions => ["login = ? AND salted_password = ? AND verified = 1", login, salted_password(u.salt, hashed(pass))])
|
17
|
+
rescue
|
18
|
+
return nil
|
19
|
+
end
|
17
20
|
end
|
18
21
|
|
19
22
|
def self.authenticate_by_token(id, token)
|
20
23
|
# Allow logins for deleted accounts, but only via this method (and
|
21
24
|
# not the regular authenticate call)
|
22
|
-
u =
|
25
|
+
u = find(:first, :conditions => ["id = ? AND security_token = ?", id, token])
|
23
26
|
return nil if u.nil? or u.token_expired?
|
24
27
|
return nil if false == u.update_expiry
|
25
28
|
u
|
@@ -104,7 +107,6 @@ class <%= class_name %> < ActiveRecord::Base
|
|
104
107
|
validates_presence_of :login, :on => :create
|
105
108
|
validates_length_of :login, :within => 3..40, :on => :create
|
106
109
|
validates_uniqueness_of :login, :on => :create
|
107
|
-
validates_uniqueness_of :email, :on => :create
|
108
110
|
|
109
111
|
validates_presence_of :password, :if => :validate_password?
|
110
112
|
validates_confirmation_of :password, :if => :validate_password?
|
data/templates/user_model.erbsql
CHANGED