salted_login_generator 1.1.1 → 2.0.0

data/templates/controller_test.rb

@@ -1,5 +1,7 @@
 require File.dirname(__FILE__) + '/../test_helper'
 require '<%= file_name %>_controller'
+# ADD to fix advance_by_days= problem
+require File.dirname(__FILE__) + '/../mocks/test/time'
 
 # Raise errors beyond the default web-based presentation
 class <%= class_name %>Controller; def rescue_action(e) raise e end; end
@@ -7,22 +9,23 @@ class <%= class_name %>Controller; def rescue_action(e) raise e end; end
 class <%= class_name %>ControllerTest < Test::Unit::TestCase
   
   fixtures :<%= plural_name %>
-  
+
   def setup
+    super
     @controller = <%= class_name %>Controller.new
-    @request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
-    @request.host = "localhost"
+    @request = ActionController::TestRequest.new
+    @response = ActionController::TestResponse.new
   end
   
   def test_auth_bob
     @request.session['return-to'] = "/bogus/location"
 
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+    assert_not_nil @response.session["<%= singular_name %>"]
 
     assert_equal @bob, @response.session["<%= singular_name %>"]
     
-    assert_redirect_url "http://#{@request.host}/bogus/location"
+    assert_equal("http://#{@request.host}/bogus/location", @response.redirect_url)
   end
   
   def do_test_signup(bad_password, bad_email)
@@ -31,19 +34,19 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
     @request.session['return-to'] = "/bogus/location"
 
     if not bad_password and not bad_email
-      post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "newpassword", "email" => "newbob@test.com" }
-      assert_session_has_no "<%= singular_name %>"
-    
-      assert_redirect_url(@controller.url_for(:action => "login"))
+      post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "newpassword" }
+      assert_nil session["<%= singular_name %>"]
+
+      assert_equal(@controller.url_for(:action => "login"), @response.redirect_url)
       assert_equal 1, ActionMailer::Base.deliveries.size
       mail = ActionMailer::Base.deliveries[0]
       assert_equal "newbob@test.com", mail.to_addrs[0].to_s
-      assert_match /login:\s+\w+\n/, mail.encoded
-      assert_match /password:\s+\w+\n/, mail.encoded
+#      assert_match /login:\s+\w+\n/, mail.encoded
+#      assert_match /password:\s+\w+\n/, mail.encoded
       mail.encoded =~ /key=(.*?)"/
       key = $1
 
-      <%= singular_name %> = <%= class_name %>.find_by_email("newbob@test.com")
+      <%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
       assert_not_nil <%= singular_name %>
       assert_equal 0, <%= singular_name %>.verified
 
@@ -51,32 +54,33 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
       Time.advance_by_days = 1
       get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "#{key}"
       Time.advance_by_days = 0
-      <%= singular_name %> = <%= class_name %>.find_by_email("newbob@test.com")
+      <%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
       assert_equal 0, <%= singular_name %>.verified
 
       # Then a bogus key.
       get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "boguskey"
-      <%= singular_name %> = <%= class_name %>.find_by_email("newbob@test.com")
+      <%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
       assert_equal 0, <%= singular_name %>.verified
 
       # Now the real one.
       get :welcome, "<%= singular_name %>"=> { "id" => "#{<%= singular_name %>.id}" }, "key" => "#{key}"
-      <%= singular_name %> = <%= class_name %>.find_by_email("newbob@test.com")
+      <%= singular_name %> = <%= class_name %>.find_by_login("newbob@test.com")
       assert_equal 1, <%= singular_name %>.verified
 
-      post :login, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword" }
-      assert_session_has "<%= singular_name %>"
+      post :login, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword" }
+      assert_not_nil session["<%= singular_name %>"]
       get :logout
     elsif bad_password
-      post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "bad", "password_confirmation" => "bad", "email" => "newbob@test.com" }
-      assert_session_has_no "<%= singular_name %>"
-      assert_invalid_column_on_record "<%= singular_name %>", "password"
-      assert_success
+      post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "bad", "password_confirmation" => "bad"}
+      assert_nil session["<%= singular_name %>"]
+      assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
+
+      assert_response(:success)
       assert_equal 0, ActionMailer::Base.deliveries.size
     elsif bad_email
       ActionMailer::Base.inject_one_error = true
-      post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "newpassword", "email" => "newbob@test.com" }
-      assert_session_has_no "<%= singular_name %>"
+      post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "newpassword" }
+      assert_nil session["<%= singular_name %>"]
       assert_equal 0, ActionMailer::Base.deliveries.size
     else
       # Invalid test case
@@ -85,14 +89,14 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
   end
   
   def test_edit
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     post :edit, "<%= singular_name %>" => { "firstname" => "Bob", "form" => "edit" }
-    assert_equal @response.session['<%= singular_name %>'].firstname, "Bob"
+    assert_equal @response.session["<%= singular_name %>"].firstname, "Bob"
 
     post :edit, "<%= singular_name %>" => { "firstname" => "", "form" => "edit" }
-    assert_equal @response.session['<%= singular_name %>'].firstname, ""
+    assert_equal @response.session["<%= singular_name %>"].firstname, ""
 
     get :logout
   end
@@ -101,41 +105,41 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
     ActionMailer::Base.deliveries = []
 
     # Immediate delete
-    post :login, "<%= singular_name %>" => { "login" => "deletebob1", "password" => "alongtest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "deletebob1@test.com", "password" => "alongtest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     <%= class_name %>System::CONFIG[:delayed_delete] = false
     post :edit, "<%= singular_name %>" => { "form" => "delete" }
     assert_equal 1, ActionMailer::Base.deliveries.size
 
-    assert_session_has_no "<%= singular_name %>"
-    post :login, "<%= singular_name %>" => { "login" => "deletebob1", "password" => "alongtest" }
-    assert_session_has_no "<%= singular_name %>"
+    assert_nil session["<%= singular_name %>"]
+    post :login, "<%= singular_name %>" => { "login" => "deletebob1@test.com", "password" => "alongtest" }
+    assert_nil session["<%= singular_name %>"]
 
     # Now try delayed delete
     ActionMailer::Base.deliveries = []
 
-    post :login, "<%= singular_name %>" => { "login" => "deletebob2", "password" => "alongtest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "deletebob2@test.com", "password" => "alongtest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     <%= class_name %>System::CONFIG[:delayed_delete] = true
     post :edit, "<%= singular_name %>" => { "form" => "delete" }
     assert_equal 1, ActionMailer::Base.deliveries.size
     mail = ActionMailer::Base.deliveries[0]
-    mail.encoded =~ /<%= singular_name%>\[id\]=(.*?)&key=(.*?)"/
+    mail.encoded =~ /<%= singular_name %>\[id\]=(.*?)&key=(.*?)"/
     id = $1
     key = $2
     post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "badkey"
-    assert_session_has_no "<%= singular_name %>"
+    assert_nil session["<%= singular_name %>"]
 
     # Advance the time past the delete date
     Time.advance_by_days = <%= class_name %>System::CONFIG[:delayed_delete_days]
     post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "#{key}"
-    assert_session_has_no "<%= singular_name %>"
-    Time.advance_by_days = 0
+    assert_nil session["<%= singular_name %>"]
 
+    Time.advance_by_days = 0
     post :restore_deleted, "<%= singular_name %>" => { "id" => "#{id}" }, "key" => "#{key}"
-    assert_session_has "<%= singular_name %>"
+    assert_not_nil session["<%= singular_name %>"]
     get :logout
   end
 
@@ -148,20 +152,20 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
   def do_change_password(bad_password, bad_email)
     ActionMailer::Base.deliveries = []
 
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     if not bad_password and not bad_email
       post :change_password, "<%= singular_name %>" => { "password" => "changed_password", "password_confirmation" => "changed_password" }
       assert_equal 1, ActionMailer::Base.deliveries.size
       mail = ActionMailer::Base.deliveries[0]
       assert_equal "bob@test.com", mail.to_addrs[0].to_s
-      assert_match /login:\s+\w+\n/, mail.encoded
-      assert_match /password:\s+\w+\n/, mail.encoded
+#      assert_match /login:\s+\w+\n/, mail.encoded
+#      assert_match /password:\s+\w+\n/, mail.encoded
     elsif bad_password
       post :change_password, "<%= singular_name %>" => { "password" => "bad", "password_confirmation" => "bad" }
-      assert_invalid_column_on_record "<%= singular_name %>", "password"
-      assert_success
+      assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
+      assert_response(:success)
       assert_equal 0, ActionMailer::Base.deliveries.size
     elsif bad_email
       ActionMailer::Base.inject_one_error = true
@@ -173,24 +177,28 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
     end
 
     get :logout
-    assert_session_has_no "<%= singular_name %>"
+    assert_nil session["<%= singular_name %>"]
 
     if not bad_password and not bad_email
-      post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "changed_password" }
-      assert_session_has "<%= singular_name %>"
+      post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "changed_password" }
+      assert_not_nil session["<%= singular_name %>"]
       post :change_password, "<%= singular_name %>" => { "password" => "atest", "password_confirmation" => "atest" }
       get :logout
     end
 
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     get :logout
   end
 
-  def test_change_password
+  def test_change_password0
     do_change_password(false, false)
+  end
+  def test_change_password1
     do_change_password(true, false)
+  end
+  def test_change_password2
     do_change_password(false, true)
   end
 
@@ -198,17 +206,17 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
     ActionMailer::Base.deliveries = []
 
     if logged_in
-      post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-      assert_session_has "<%= singular_name %>"
+      post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+      assert_not_nil session["<%= singular_name %>"]
     end
 
     @request.session['return-to'] = "/bogus/location"
     if not bad_address and not bad_email
-      post :forgot_password, "<%= singular_name %>" => { "email" => "bob@test.com" }
+      post :forgot_password, "<%= singular_name %>" => { "login" => "bob@test.com" }
       password = "anewpassword"
       if logged_in
         assert_equal 0, ActionMailer::Base.deliveries.size
-        assert_redirect_url(@controller.url_for(:action => "change_password"))
+        assert_equal(@controller.url_for(:action => "change_password"), @response.redirect_url)
         post :change_password, "<%= singular_name %>" => { "password" => "#{password}", "password_confirmation" => "#{password}" }
       else
         assert_equal 1, ActionMailer::Base.deliveries.size
@@ -218,15 +226,15 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
         id = $1
         key = $2
         post :change_password, "<%= singular_name %>" => { "password" => "#{password}", "password_confirmation" => "#{password}", "id" => "#{id}" }, "key" => "#{key}"
-        assert_session_has "<%= singular_name %>"
+        assert_not_nil session["<%= singular_name %>"]
         get :logout
       end
     elsif bad_address
-      post :forgot_password, "<%= singular_name %>" => { "email" => "bademail@test.com" }
+      post :forgot_password, "<%= singular_name %>" => { "login" => "bademail@test.com" }
       assert_equal 0, ActionMailer::Base.deliveries.size
     elsif bad_email
       ActionMailer::Base.inject_one_error = true
-      post :forgot_password, "<%= singular_name %>" => { "email" => "bob@test.com" }
+      post :forgot_password, "<%= singular_name %>" => { "login" => "bob@test.com" }
       assert_equal 0, ActionMailer::Base.deliveries.size
     else
       # Invalid test case
@@ -237,18 +245,18 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
       if logged_in
         get :logout
       else
-        assert_redirect_url(@controller.url_for(:action => "login"))
+        assert_equal(@controller.url_for(:action => "login"), @response.redirect_url)
       end
-      post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "#{password}" }
+      post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "#{password}" }
     else
       # Okay, make sure the database did not get changed
       if logged_in
         get :logout
       end
-      post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
+      post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
     end
 
-    assert_session_has "<%= singular_name %>"
+    assert_not_nil session["<%= singular_name %>"]
 
     # Put the old settings back
     if not bad_address and not bad_email
@@ -268,35 +276,46 @@ class <%= class_name %>ControllerTest < Test::Unit::TestCase
   def test_bad_signup
     @request.session['return-to'] = "/bogus/location"
 
-    post :signup, "<%= singular_name %>" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "wrong" }
-    assert_invalid_column_on_record "<%= singular_name %>", "password"
-    assert_success
-    
+    post :signup, "<%= singular_name %>" => { "login" => "newbob@test.com", "password" => "newpassword", "password_confirmation" => "wrong" }
+    assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
+    assert_response(:success)
+
     post :signup, "<%= singular_name %>" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "newpassword" }
-    assert_invalid_column_on_record "<%= singular_name %>", "login"
-    assert_success
+    assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:login))
+    assert_response(:success)
 
     post :signup, "<%= singular_name %>" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "wrong" }
-    assert_invalid_column_on_record "<%= singular_name %>", ["login", "password"]
-    assert_success
+    assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:login))
+    assert(find_record_in_template("<%= singular_name %>").errors.invalid?(:password))
+    assert_response(:success)
   end
 
   def test_invalid_login
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "not_correct" }
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "not_correct" }
      
-    assert_session_has_no "<%= singular_name %>"
+    assert_nil session["<%= singular_name %>"]
     
-    assert_template_has "login"
+    assert(@response.has_template_object?("login"))
   end
   
   def test_login_logoff
 
-    post :login, "<%= singular_name %>" => { "login" => "bob", "password" => "atest" }
-    assert_session_has "<%= singular_name %>"
+    post :login, "<%= singular_name %>" => { "login" => "bob@test.com", "password" => "atest" }
+    assert_not_nil session["<%= singular_name %>"]
 
     get :logout
-    assert_session_has_no "<%= singular_name %>"
+    assert_nil session["<%= singular_name %>"]
 
   end
-  
+
+  # deprecated assertions
+  def find_record_in_template(key = nil)
+    assert_not_nil assigns(key)
+    record = @response.template_objects[key]
+    
+    assert_not_nil(record)
+    assert_kind_of ActiveRecord::Base, record
+    
+    return record
+  end  
 end

data/templates/done

@@ -0,0 +1,28 @@
+rm -fr saltedloginfix2/ ; rails -d mysql saltedloginfix2; cd saltedloginfix2/ ;  script/generate salted_login User Localization; mysql -u root -pDelphes59 -e "create database saltedloginfix2_development"; mysql -u root -pDelphes59 -e "create database saltedloginfix2_test"; rake test ; cd ..
+
+_view_edit.rhtml # remove email
+_view_password.rhtml
+controller
+controller_test
+helper
+login_environment
+login_system
+mock_notify
+mock_time
+notify
+notify_change_password
+notify_delete
+notify_forgot_password
+notify_pending_delete
+notify_signup
+user.rb
+user_model.erbsql
+user_test.rb
+users.yml
+view_change_password
+view_edit
+view_forget_password
+view_login
+view_logout
+view_signup
+view_welcome

data/templates/helper.rb

@@ -69,12 +69,12 @@ module <%= class_name %>Helper
     opts = DEFAULT_HEAD_OPTIONS.dup
     opts.update(options.symbolize_keys)
     s = "<h3>#{label}</h3>"
-    if @flash['notice'] and not opts[:notice].nil? and opts[:notice]
-      notice = "<div><p>#{@flash['notice']}</p></div>"
+    if flash['notice'] and not opts[:notice].nil? and opts[:notice]
+      notice = "<div><p>#{flash['notice']}</p></div>"
       s = s + notice
     end
-    if @flash['message'] and not opts[:message].nil? and opts[:message]
-      message = "<div id=\"ErrorExplanation\"><p>#{@flash['message']}</p></div>"
+    if flash['message'] and not opts[:message].nil? and opts[:message]
+      message = "<div id=\"ErrorExplanation\"><p>#{flash['message']}</p></div>"
       s = s + message
     end
     if not opts[:error].nil? and opts[:error]
@@ -97,9 +97,15 @@ EOL
     l(:"#{@controller.controller_name}_#{name}_message")
   end
 
-  def start_form_tag_helper(options = {})
+# from http://devblog.famundo.com/articles/2007/03/28/lost-in-binding-adventures-in-ruby-metaprogramming
+  def form_tag_helper(options = {}, &block)
     url = url_for(:action => "#{@controller.action_name}")
-    "#{self.send(:start_form_tag, url, options)}"
+    _erbout = eval('_erbout', block)
+    form_tag(url, options) do
+      eval "_erbout = %q[#{_erbout}]"
+      yield
+    end
+    eval "_erbout = %q[#{_erbout}]", block    
   end
 
   def attributes(hash)

data/templates/login_system.rb

@@ -44,7 +44,7 @@ module <%= class_name %>System
       return true  
     end
 
-    if <%= singular_name %>? and authorize?(@session['<%= singular_name %>'])
+    if <%= singular_name %>? and authorize?(session['<%= singular_name %>'])
       return true
     end
 
@@ -69,30 +69,30 @@ module <%= class_name %>System
   # store current uri in  the session.
   # we can return to this location by calling return_location
   def store_location
-    @session['return-to'] = @request.request_uri
+    session['return-to'] = request.request_uri
   end
 
   # move to the last store_location call or to the passed default one
   def redirect_back_or_default(default)
-    if @session['return-to'].nil?
+    if session['return-to'].nil?
       redirect_to default
     else
-      redirect_to_url @session['return-to']
-      @session['return-to'] = nil
+      redirect_to(url_for(session['return-to']))
+      session['return-to'] = nil
     end
   end
 
   def <%= singular_name %>?
     # First, is the user already authenticated?
-    return true if not @session['<%= singular_name %>'].nil?
+    return true if not session['<%= singular_name %>'].nil?
 
     # If not, is the user being authenticated by a token?
-    return false if not @params['<%= singular_name %>']
-    id = @params['<%= singular_name %>']['id']
-    key = @params['key']
+    return false if not params['<%= singular_name %>']
+    id = params['<%= singular_name %>']['id']
+    key = params['key']
     if id and key
-      @session['<%= singular_name %>'] = <%= class_name %>.authenticate_by_token(id, key)
-      return true if not @session['<%= singular_name %>'].nil?
+      session['<%= singular_name %>'] = <%= class_name %>.authenticate_by_token(id, key)
+      return true if not session['<%= singular_name %>'].nil?
     end
 
     # Everything failed

data/templates/migration.rb

@@ -0,0 +1,27 @@
+class Create<%= class_name.pluralize %> < ActiveRecord::Migration
+  def self.up
+    create= <<END_OF_STRING
+      CREATE TABLE <%= plural_name %> (
+        id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+        login VARCHAR(80) NOT NULL,
+        salted_password VARCHAR(40) NOT NULL,
+        firstname VARCHAR(40),
+        lastname VARCHAR(40),
+        salt CHAR(40) NOT NULL,
+        verified INT default 0,
+        role VARCHAR(40) default NULL,
+        security_token CHAR(40) default NULL,
+        token_expiry DATETIME default NULL,
+        created_at DATETIME default NULL,
+        updated_at DATETIME default NULL,
+        logged_in_at DATETIME default NULL,
+        deleted INT default 0,
+        delete_after DATETIME default NULL
+      ) TYPE=InnoDB DEFAULT CHARSET=utf8;
+END_OF_STRING
+      execute create
+  end
+  def self.down
+    drop_table :<%= plural_name %>
+  end
+end

data/templates/notify.rb

@@ -11,6 +11,7 @@ class <%= class_name %>Notify < ActionMailer::Base
     @body["password"] = password
     @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
     @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+    @body = render_message("<%= singular_name %>_notify/signup", @body)
   end
 
   def forgot_password(<%= singular_name %>, url=nil)
@@ -24,6 +25,7 @@ class <%= class_name %>Notify < ActionMailer::Base
     @body["login"] = <%= singular_name %>.login
     @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
     @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+    @body = render_message("<%= singular_name %>_notify/forgot_password", @body)
   end
 
   def change_password(<%= singular_name %>, password, url=nil)
@@ -38,6 +40,7 @@ class <%= class_name %>Notify < ActionMailer::Base
     @body["password"] = password
     @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
     @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+    @body = render_message("<%= singular_name %>_notify/change_password", @body)
   end
 
   def pending_delete(<%= singular_name %>, url=nil)
@@ -51,6 +54,7 @@ class <%= class_name %>Notify < ActionMailer::Base
     @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
     @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
     @body["days"] = <%= class_name %>System::CONFIG[:delayed_delete_days].to_s
+    @body = render_message("<%= singular_name %>_notify/pending_delete", @body)
   end
 
   def delete(<%= singular_name %>, url=nil)
@@ -63,10 +67,11 @@ class <%= class_name %>Notify < ActionMailer::Base
     @body["name"] = "#{<%= singular_name %>.firstname} #{<%= singular_name %>.lastname}"
     @body["url"] = url || <%= class_name %>System::CONFIG[:app_url].to_s
     @body["app_name"] = <%= class_name %>System::CONFIG[:app_name].to_s
+    @body = render_message("<%= singular_name %>_notify/delete", @body)
   end
 
   def setup_email(<%= singular_name %>)
-    @recipients = "#{<%= singular_name %>.email}"
+    @recipients = "#{<%= singular_name %>.login}"
     @from       = <%= class_name %>System::CONFIG[:email_from].to_s
     @subject    = "[#{<%= class_name %>System::CONFIG[:app_name]}] "
     @sent_on    = Time.now

data/templates/notify_change_password.rhtml

@@ -2,9 +2,4 @@ Dear <%%= @name %>,
 
 At your request, <%%= @app_name %> has changed your password. If it was not at your request, then you should be aware that someone has access to your account and requested this change.
 
-Your new login credentials are:
-
-  login:    <%%= @login %>
-  password: <%%= @password %>
- 
 <%%= @url %>

data/templates/notify_signup.rhtml

@@ -3,7 +3,6 @@ Welcome to <%%= @app_name %>, <%%= @name %>.
 Your login credentials are:
 
   login:    <%%= @login %>
-  password: <%%= @password %>
 
 Please click on the following link to confirm your registration:
 

data/templates/user.rb

@@ -11,15 +11,18 @@ class <%= class_name %> < ActiveRecord::Base
   end
 
   def self.authenticate(login, pass)
-    u = find_first(["login = ? AND verified = 1 AND deleted = 0", login])
-    return nil if u.nil?
-    find_first(["login = ? AND salted_password = ? AND verified = 1", login, salted_password(u.salt, hashed(pass))])
+    begin
+      u = find(:first, :conditions => ["login = ? AND verified = 1 AND deleted = 0", login])    
+      return find(:first, :conditions => ["login = ? AND salted_password = ? AND verified = 1", login, salted_password(u.salt, hashed(pass))])
+    rescue
+      return nil
+    end
   end
 
   def self.authenticate_by_token(id, token)
     # Allow logins for deleted accounts, but only via this method (and
     # not the regular authenticate call)
-    u = find_first(["id = ? AND security_token = ?", id, token])
+    u = find(:first, :conditions => ["id = ? AND security_token = ?", id, token])
     return nil if u.nil? or u.token_expired?
     return nil if false == u.update_expiry
     u
@@ -104,7 +107,6 @@ class <%= class_name %> < ActiveRecord::Base
   validates_presence_of :login, :on => :create
   validates_length_of :login, :within => 3..40, :on => :create
   validates_uniqueness_of :login, :on => :create
-  validates_uniqueness_of :email, :on => :create
 
   validates_presence_of :password, :if => :validate_password?
   validates_confirmation_of :password, :if => :validate_password?

data/templates/user_model.erbsql

@@ -2,7 +2,6 @@ CREATE TABLE <%= plural_name %> (
   id <%%= @pk %>,
   login VARCHAR(80) NOT NULL,
   salted_password VARCHAR(40) NOT NULL,
-  email VARCHAR(60) NOT NULL,
   firstname VARCHAR(40) default NULL,
   lastname VARCHAR(40) default NULL,
   salt CHAR(40) NOT NULL,