salted_login_generator 1.0.1

data/USAGE

@@ -0,0 +1,27 @@
+NAME
+     login - creates a functional login system
+
+SYNOPSIS
+     login [Controller name]
+     
+     Good names are Account Myaccount Security
+
+DESCRIPTION
+     This generator creates a general purpose login system.
+
+     Included:
+      - a User model which uses MD5 encryption and salted hashes for passwords
+      - a Controller with signup, login, welcome and logoff actions
+      - a Notifier that integrates with the controller to prevent script based
+      	account creation (i.e., requires account verification from the registered
+	email address) and supports forgotten and changing passwords
+      - a mixin which lets you easily add advanced authentication 
+        features to your abstract base controller
+      - a user_model.sql with the minimal sql required to get the model to work. 
+      - extensive unit and functional test cases to make sure nothing breaks.
+            
+EXAMPLE
+      ./script/generate login Account
+
+     This will generate an Account controller with login and logout methods. 
+     The model is always called User 

data/salted_login_generator.rb

@@ -0,0 +1,52 @@
+class SaltedLoginGenerator < Rails::Generator::NamedBase
+  def manifest
+    record do |m|
+      
+      # Login module, controller class, functional test, and helper.
+      m.template "login_system.rb", "lib/login_system.rb"
+      m.template "controller.rb", File.join("app/controllers", class_path, "#{file_name}_controller.rb")
+      m.template "controller_test.rb", File.join("test/functional", class_path, "#{file_name}_controller_test.rb")
+      m.template "helper.rb", File.join("app/helpers", class_path, "#{file_name}_helper.rb")
+
+      # Model class, unit test, fixtures, and example schema.
+      m.template "user.rb", "app/models/user.rb"
+      m.template "notify.rb", File.join("app/models", "notify.rb")
+      m.template "user_test.rb", "test/unit/user_test.rb"
+      m.template "users.yml", "test/fixtures/users.yml"
+      m.template "user_model.sql", "db/user_model.sql"
+      m.template "app-config-development.yml", "config/environments/app-config-development.yml"
+      m.template "app-config-production.yml", "config/environments/app-config-production.yml"
+      m.template "app-config-test.yml", "config/environments/app-config-test.yml"
+
+      # Layout and stylesheet.
+      m.template "scaffold:layout.rhtml", "app/views/layouts/scaffold.rhtml"
+      m.template "scaffold:style.css", "public/stylesheets/scaffold.css"
+
+      # Views. 
+      m.directory File.join("app/views", class_path, file_name)
+      login_views.each do |action|
+        m.template "view_#{action}.rhtml",
+        File.join("app/views", class_path, file_name, "#{action}.rhtml")
+      end
+
+#      raise "1: #{class_path} 2: #{file_name}"
+      m.directory File.join("app/views", "notify")
+      notify_views.each do |action|
+        m.template "notify_#{action}.rhtml",
+        File.join("app/views", "notify", "#{action}.rhtml")
+      end
+
+      m.template "README", "README_LOGIN"
+    end
+  end
+
+  attr_accessor :controller_class_name
+  
+  def login_views
+    %w(welcome login logout signup forgot_password change_password)
+  end
+
+  def notify_views
+    %w(signup forgot_password change_password)
+  end
+end

data/templates/README

@@ -0,0 +1,141 @@
+== Installation
+
+Done generating the login system. but there are still a few things you have to
+do manually. First open your application.rb and add
+
+  require_dependency "login_system"
+
+to the top of the file and include the login system with
+
+  include LoginSystem 
+
+The beginning of your ApplicationController.
+It should look something like this : 
+
+  require_dependency "login_system"
+
+  class ApplicationController < ActionController::Base
+    include LoginSystem
+    model :user
+
+After you have done the modifications the the AbstractController you can import
+the user model into the database. This model is meant as an example and you
+should extend it. If you just want to get things up and running you can find
+some create table syntax in db/user_model.sql.
+
+The model :user is required when you are hitting problems to the degree of
+"Session could not be restored becuase not all items in it are known"
+
+You also need to addd the following at the end of your config/environment.rb file:
+
+require 'yaml'
+CONFIG = YAML::load(File.open("#{RAILS_ROOT}/config/environments/app-config-#{RAILS_ENV}.yml"))
+
+Under the 'enviroments' subdirectory, you'll find
+app-config-{development, production, test}.yml files. Edit these as appropriate.
+
+== Requirements
+
+You need a database table corresponding to the User model. 
+
+  mysql syntax:
+  CREATE TABLE users (
+    id int(11) NOT NULL auto_increment,
+    login varchar(80) default NULL,
+    password varchar(40) default NULL,
+    firstname varchar(40) default NULL,
+    lastname varchar(40) default NULL,
+    uuid char(32) default NULL,
+    salt char(32) default NULL,
+    verified INT default 0,    
+    PRIMARY KEY  (id)
+  );
+ 
+  postgres :
+  CREATE TABLE "users" (
+   "id" SERIAL NOT NULL UNIQUE,
+   "login" VARCHAR(80),
+   "password" VARCHAR,
+   "firstname" VARCHAR(80),
+   "lastname" VARCHAR(80),
+   "uuid" CHAR(32),
+   "salt" CHAR(32),
+   "verified" INT DEFAULT 0,
+   PRIMARY KEY("id")
+  ) WITH OIDS;
+
+
+  sqlite:
+  CREATE TABLE 'users' (
+    'id' INTEGER PRIMARY KEY NOT NULL,
+    'user' VARCHAR(80) DEFAULT NULL,
+    'password' VARCHAR(40) DEFAULT NULL,
+    'firstname' VARCHAR(40) DEFAULT NULL,
+    'lastname' VARCHAR(40) DEFAULT NULL,
+    'uuid' CHAR(32) DEFAULT NULL,
+    'salt' CHAR(32) DEFAULT NULL,
+    'verified' INT DEFAULT 0
+  );
+
+Of course your user model can have any amount of extra fields. This is just a
+starting point
+
+== How to use it 
+
+Now you can go around and happily add "before_filter :login_required" to the
+controllers which you would like to protect. 
+
+After integrating the login system with your rails application navigate to your
+new controller's signup method. There you can create a new account. After you
+are done you should have a look at your DB. Your freshly created user will be
+there but the password will be a sha1 hashed 40 digit mess. I find this should
+be the minimum of security which every page offering login&password should give
+its customers. Now you can move to one of those controllers which you protected
+with the before_filter :login_required snippet. You will automatically be re-
+directed to your freshly created login controller and you are asked for a
+password. After entering valid account data you will be taken back to the
+controller which you requested earlier. Simple huh?
+
+== Tips & Tricks
+
+How do I...
+
+  ... access the user who is currently logged in
+
+  A: You can get the user object from the session using @session['user']
+     Example: 
+       Welcome <%%= @session['user'].name %> 
+
+  ... restrict access to only a few methods? 
+  
+  A: Use before_filters build in scoping. 
+     Example: 
+       before_filter :login_required, :only => [:myaccount, :changepassword]
+       before_filter :login_required, :except => [:index]
+     
+  ... check if a user is logged-in in my views?
+  
+  A: @session['user'] will tell you. Here is an example helper which you can use to make this more pretty:
+     Example: 
+       def user?
+         !@session['user'].nil?
+       end
+
+  ... return a user to the page they came from before logging in?
+
+  A: The user will be send back to the last url which called the method "store_location"
+     Example:
+       User was at /articles/show/1, wants to log in.
+       in articles_controller.rb, add store_location to the show function and send the user
+       to the login form. 
+       After he logs in he will be send back to /articles/show/1
+
+
+You can find more help at http://wiki.rubyonrails.com/rails/show/LoginGenerator
+
+== Changelog
+
+1.0.5 Bugfix in generator code
+1.0.2 Updated the readme with more tips&tricks
+1.0.1 Fixed problem in the readme
+1.0.0 First gem release

data/templates/app-config-development.yml

@@ -0,0 +1,6 @@
+email_from:
+admin_email:
+server_env: development
+app_url:
+app_base_uri: 
+app_name:

data/templates/app-config-production.yml

@@ -0,0 +1,6 @@
+email_from:
+admin_email:
+server_env: production
+app_url:
+app_base_uri: 
+app_name:

data/templates/app-config-test.yml

@@ -0,0 +1,6 @@
+email_from:
+admin_email:
+server_env: test
+app_url:
+app_base_uri: 
+app_name:

data/templates/controller.rb

@@ -0,0 +1,117 @@
+class <%= class_name %>Controller < ApplicationController
+  model   :user
+  layout  'scaffold'
+
+  before_filter :login_required, :only => [:change_password]
+
+  def login
+    case @request.method
+    when :post
+      @user = User.new(@params['user'])
+      if @session['user'] = User.authenticate(@params['user']['login'], @params['user']['password'])
+        flash['notice'] = "Login successful"
+        @user = nil
+        redirect_back_or_default :action => 'welcome'
+      else
+        @login = @params['user']['login']
+        flash['message'] = "Login unsuccessful"
+      end
+    when :get
+      @user = User.new
+    end
+  end
+
+  def signup
+    case @request.method
+    when :post
+      @user = User.new(@params['user'])
+      begin
+        @user.transaction do
+          if @user.save
+            Notify.deliver_signup(@user, @params['user']['password'])
+            flash['notice'] = "Signup successful! Please check your registered email account to verify your account registration and continue with the login."
+            @user = nil
+            redirect_to :action => 'login'
+          end
+        end
+      rescue
+        flash['message'] = "Error creating account: confirmation email not sent"
+      end
+    when :get
+      @user = User.new
+    end      
+  end  
+  
+  def logout
+    @session['user'] = nil
+    redirect_to :action => 'login'
+  end
+
+  def change_password
+    case @request.method
+    when :post
+      @user = @session['user']
+      @user.attributes = @params['user']
+      begin
+        @user.transaction do
+          if @user.save
+            @user.change_password(@params['user']['password'])
+            Notify.deliver_change_password(@user, @params['user']['password'])
+            flash['notice'] = "Your updated password has been emailed to #{@user.email}"
+            @user = nil
+            redirect_back_or_default :action => 'welcome'
+          end
+        end
+      rescue
+        flash['message'] = "Your password could not be changed at this time. Please retry."
+      end
+    when :get
+      @user = User.new
+    end
+  end
+
+  def forgot_password
+    case @request.method
+    when :post
+      if @params['user']['email'].empty?
+        flash['message'] = "Please enter a valid email address"
+      else
+        @user = User.find_by_email(@params['user']['email'])
+        if @user.nil?
+          flash['message'] = "We could not find a user with the email address #{@params['user']['email']}"
+        else
+          @user.password_confirmation = @user.password
+          pass = @user.makepass
+          begin
+            @user.transaction do
+#              raise "1: #{@user.password_confirmation} 2: #{@user.password}" # = nil
+              if @user.save
+                @user.change_password(pass)
+                Notify.deliver_forgot_password(@user, pass)
+                flash['notice'] = "Your new password has been emailed to #{@params['user']['email']}"
+                @user = nil
+                redirect_to :action => 'login' unless !@session['user'].nil?
+                redirect_back_or_default :action => 'welcome'
+              end
+            end
+          rescue
+            flash['notice'] = "Your password could not be emailed to #{@params['user']['email']}"
+#            raise
+          end
+        end
+      end
+    when :get
+      @user = User.new
+    end
+  end
+
+  def verify
+    user = User.find_by_uuid(@params['id'])
+    user.verify
+    flash['notice'] = "Account verified!"
+    redirect_to :action => 'login'
+  end
+    
+  def welcome
+  end
+end

data/templates/controller_test.rb

@@ -0,0 +1,174 @@
+require File.dirname(__FILE__) + '/../test_helper'
+require 'account_controller'
+
+# Raise errors beyond the default web-based presentation
+class AccountController; def rescue_action(e) raise e end; end
+
+class AccountControllerTest < Test::Unit::TestCase
+  
+  fixtures :users
+  
+  def setup
+    @controller = AccountController.new
+    @request, @response = ActionController::TestRequest.new, ActionController::TestResponse.new
+    @request.host = "localhost"
+  end
+  
+  def test_auth_bob
+    @request.session['return-to'] = "/bogus/location"
+
+    post :login, "user" => { "login" => "bob", "password" => "atest" }
+    assert_session_has "user"
+
+    assert_equal @bob, @response.session["user"]
+    
+    assert_redirect_url "/bogus/location"
+  end
+  
+  def test_signup
+    ActionMailer::Base.deliveries = []
+    @request.session['return-to'] = "/bogus/location"
+
+    post :signup, "user" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "newpassword", "email" => "newbob@test.com" }
+    assert_session_has_no "user"
+    
+    assert_redirect_url(@controller.url_for(:action => "login"))
+    assert_equal 1, ActionMailer::Base.deliveries.size
+    mail = ActionMailer::Base.deliveries[0]
+    assert_equal "newbob@test.com", mail.to_addrs[0].to_s
+    assert_match /login:\s+\w+\n/, mail.encoded
+    assert_match /password:\s+\w+\n/, mail.encoded
+
+    user = User.find_by_email("newbob@test.com")
+    assert_not_nil user
+    assert_equal 0, user.verified
+    post :verify, "id" => user.uuid.to_s
+    user = User.find_by_email("newbob@test.com")
+    assert_equal 1, user.verified
+    assert_redirect_url(@controller.url_for(:action => "login"))
+  end
+
+  def do_change_password(bad)
+    ActionMailer::Base.deliveries = []
+
+    post :login, "user" => { "login" => "bob", "password" => "atest" }
+    assert_session_has "user"
+
+    @request.session['return-to'] = "/bogus/location"
+    if not bad
+      post :change_password, "user" => { "password" => "changed_password", "password_confirmation" => "changed_password" }
+      assert_equal 1, ActionMailer::Base.deliveries.size
+      mail = ActionMailer::Base.deliveries[0]
+      assert_equal "bob@test.com", mail.to_addrs[0].to_s
+      assert_match /login:\s+\w+\n/, mail.encoded
+      assert_match /password:\s+\w+\n/, mail.encoded
+
+      assert_redirect_url "/bogus/location"
+    else
+      post :change_password, "user" => { "password" => "bad", "password_confirmation" => "bad" }
+      assert_invalid_column_on_record "user", "password"
+      assert_success
+      assert_equal 0, ActionMailer::Base.deliveries.size
+    end
+
+    get :logout
+    assert_session_has_no "user"
+
+    if not bad
+      post :login, "user" => { "login" => "bob", "password" => "changed_password" }
+      assert_session_has "user"
+      post :change_password, "user" => { "password" => "atest", "password_confirmation" => "atest" }
+    else
+      post :login, "user" => { "login" => "bob", "password" => "atest" }
+      assert_session_has "user"
+    end
+
+    get :logout
+  end
+
+  def test_change_password
+    do_change_password(false)
+    do_change_password(true)
+  end
+
+  def do_forgot_password(bad, logged_in)
+    ActionMailer::Base.deliveries = []
+
+    if logged_in
+      post :login, "user" => { "login" => "bob", "password" => "atest" }
+      assert_session_has "user"
+    end
+
+    @request.session['return-to'] = "/bogus/location"
+    if bad
+      post :forgot_password, "user" => { "email" => "bademail@test.com" }
+      assert_equal 0, ActionMailer::Base.deliveries.size
+      assert_flash_has "message"
+    else
+      post :forgot_password, "user" => { "email" => "bob@test.com" }
+      assert_equal 1, ActionMailer::Base.deliveries.size
+      mail = ActionMailer::Base.deliveries[0]
+      assert_equal "bob@test.com", mail.to_addrs[0].to_s
+      assert_match /login:\s+\w+\n/, mail.encoded
+      assert_match /password:\s+\w{8}\n/, mail.encoded
+      mail.encoded =~ /password:\s+(\w{8})\n/
+      password = $1
+    end
+
+    if logged_in
+      assert_redirect_url "/bogus/location"
+    else
+      if not bad
+        assert_redirect_url(@controller.url_for(:action => "login"))
+        post :login, "user" => { "login" => "bob", "password" => "#{password}" }
+      end
+    end
+
+    if not bad
+      post :change_password, "user" => { "password" => "atest", "password_confirmation" => "atest" }
+      get :logout
+    end
+  end
+
+  def test_forgot_password
+    do_forgot_password(false, false)
+    do_forgot_password(false, true)
+    do_forgot_password(true, false)
+  end
+
+  def test_bad_signup
+    @request.session['return-to'] = "/bogus/location"
+
+    post :signup, "user" => { "login" => "newbob", "password" => "newpassword", "password_confirmation" => "wrong" }
+    assert_invalid_column_on_record "user", "password"
+    assert_success
+    
+    post :signup, "user" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "newpassword" }
+    assert_invalid_column_on_record "user", "login"
+    assert_success
+
+    post :signup, "user" => { "login" => "yo", "password" => "newpassword", "password_confirmation" => "wrong" }
+    assert_invalid_column_on_record "user", ["login", "password"]
+    assert_success
+  end
+
+  def test_invalid_login
+    post :login, "user" => { "login" => "bob", "password" => "not_correct" }
+     
+    assert_session_has_no "user"
+    
+    assert_flash_has "message"
+    assert_template_has "login"
+  end
+  
+  def test_login_logoff
+
+    post :login, "user" => { "login" => "bob", "password" => "atest" }
+    assert_session_has "user"
+
+    get :logout
+    assert_session_has_no "user"
+
+  end
+  
+end

data/templates/helper.rb

@@ -0,0 +1,2 @@
+module <%= class_name %>Helper
+end

data/templates/login_system.rb

@@ -0,0 +1,87 @@
+require_dependency "user"
+
+module LoginSystem 
+  
+  protected
+  
+  # overwrite this if you want to restrict access to only a few actions
+  # or if you want to check if the user has the correct rights  
+  # example:
+  #
+  #  # only allow nonbobs
+  #  def authorize?(user)
+  #    user.login != "bob"
+  #  end
+  def authorize?(user)
+     true
+  end
+  
+  # overwrite this method if you only want to protect certain actions of the controller
+  # example:
+  # 
+  #  # don't protect the login and the about method
+  #  def protect?(action)
+  #    if ['action', 'about'].include?(action)
+  #       return false
+  #    else
+  #       return true
+  #    end
+  #  end
+  def protect?(action)
+    true
+  end
+   
+  # login_required filter. add 
+  #
+  #   before_filter :login_required
+  #
+  # if the controller should be under any rights management. 
+  # for finer access control you can overwrite
+  #   
+  #   def authorize?(user)
+  # 
+  def login_required
+    
+    if not protect?(action_name)
+      return true  
+    end
+
+    if @session['user'] and authorize?(@session['user'])
+      return true
+    end
+
+    # store current location so that we can 
+    # come back after the user logged in
+    store_location
+  
+    # call overwriteable reaction to unauthorized access
+    access_denied
+    return false 
+  end
+
+  # overwrite if you want to have special behavior in case the user is not authorized
+  # to access the current operation. 
+  # the default action is to redirect to the login screen
+  # example use :
+  # a popup window might just close itself for instance
+  def access_denied
+    redirect_to :controller=>"/<%= file_name %>", :action =>"login"
+  end  
+  
+  # store current uri in  the session.
+  # we can return to this location by calling return_location
+  def store_location
+    @session['return-to'] = @request.request_uri
+  end
+
+  # move to the last store_location call or to the passed default one
+  def redirect_back_or_default(default)
+    if @session['return-to'].nil?
+      redirect_to default
+    else
+      redirect_to_url @session['return-to']
+      @session['return-to'] = nil
+    end
+  end
+
+end

data/templates/notify.rb

@@ -0,0 +1,44 @@
+class Notify < ActionMailer::Base
+  def signup(user, password='<what you entered on the website>', url=nil, sent_on=Time.now)
+    # Email header info
+    @recipients = "#{user.email}"
+    @from       = CONFIG['email_from'].to_s
+    @subject    = "[#{CONFIG['app_name']}] Welcome to #{CONFIG['app_name']}!"
+    @sent_on    = sent_on
+
+    # Email body substitutions
+    @body["name"] = "#{user.firstname} #{user.lastname}"
+    @body["login"] = user.login
+    @body["password"] = password
+    @body["url"] = url || CONFIG['app_url'].to_s
+    @body["uuid"] = user.uuid
+  end
+
+  def forgot_password(user, password, url=nil, sent_on=Time.now)
+    # Email header info
+    @recipients = "#{user.email}"
+    @from       = CONFIG['email_from'].to_s
+    @subject    = "[#{CONFIG['app_name']}] Welcome to #{CONFIG['app_name']}!"
+    @sent_on    = sent_on
+
+    # Email body substitutions
+    @body["name"] = "#{user.firstname} #{user.lastname}"
+    @body["login"] = user.login
+    @body["password"] = password
+    @body["url"] = url || CONFIG['app_url'].to_s
+  end
+
+  def change_password(user, password, url=nil, sent_on=Time.now)
+    # Email header info
+    @recipients = "#{user.email}"
+    @from       = CONFIG['email_from'].to_s
+    @subject    = "[#{CONFIG['app_name']}] Welcome to #{CONFIG['app_name']}!"
+    @sent_on    = sent_on
+
+    # Email body substitutions
+    @body["name"] = "#{user.firstname} #{user.lastname}"
+    @body["login"] = user.login
+    @body["password"] = password
+    @body["url"] = url || CONFIG['app_url'].to_s
+  end
+end

data/templates/notify_change_password.rhtml

@@ -0,0 +1,10 @@
+Dear <%%= @name %>,
+
+At your request, logbook has changed your password. If it was not at your request, then you should be aware that someone has access to your account and requested this change.
+
+Your new login credentials are:
+
+  login:    <%%= @login %>
+  password: <%%= @password %>
+ 
+<%%= @url %>

data/templates/notify_forgot_password.rhtml

@@ -0,0 +1,12 @@
+Dear <%%= @name %>,
+
+At your request, logbook has reset your password. If it was not at your request, then you should be aware that someone has entered your email address as theirs in the forgotten password section of logbook.
+
+Your new login credentials are:
+
+  login:    <%%= @login %>
+  password: <%%= @password %>
+ 
+It's advisable for you to change your password as soon as you login. It's as simple as navigating to 'Preferences' and clicking on 'Change Password'.
+
+<%%= @url %>

data/templates/notify_signup.rhtml

@@ -0,0 +1,12 @@
+Welcome to logbook, <%%= @name %>.
+
+Your login credentials are:
+
+  login:    <%%= @login %>
+  password: <%%= @password %>
+
+Please click on the following link to confirm your registration:
+
+<a href="<%%= @url%>account/verify/<%%= @uuid %>">Click me!</a>
+
+<%%= @url %>

data/templates/user.rb

@@ -0,0 +1,56 @@
+require 'digest/md5'
+
+# this model expects a certain database layout and its based on the name/login pattern. 
+class User < ActiveRecord::Base
+
+  def self.authenticate(login, pass)
+    u = find_first(["login = ? AND verified = 1", login])
+    if u.nil?
+      return nil
+    end
+    find_first(["login = ? AND password = ? AND verified = 1", login, salted_password(u.salt, hashed(pass))])
+  end
+
+  def change_password(pass)
+    update_attribute("salt", self.class.hashed("salt-#{Time.now}"))
+    update_attribute("password", self.class.salted_password(salt, self.class.hashed(pass)))
+  end
+    
+  def makepass
+    chars = ("a".."z").to_a + (1..9).to_a
+    chars = chars.sort_by { rand }
+    s = chars[0..7].to_s
+  end
+
+  def verify
+    update_attribute("verified", 1)
+  end
+
+  protected
+
+  def self.hashed(str)
+    return Digest::MD5.hexdigest("change-me--#{str}--")[0..31]
+  end
+
+  before_create :generate_uuid, :crypt_password
+  
+  def crypt_password
+    write_attribute("salt", self.class.hashed("salt-#{Time.now}"))
+    write_attribute("password", self.class.salted_password(salt, self.class.hashed(password)))
+  end
+
+  def generate_uuid
+    self.uuid = self.class.hashed("uuid-#{Time.now}")
+  end
+
+  def self.salted_password(salt, hashed_password)
+    hashed(salt + hashed_password)
+  end
+
+  validates_length_of :login, :within => 3..40
+  validates_length_of :password, :within => 5..40
+  validates_presence_of :login, :password, :password_confirmation
+  validates_uniqueness_of :login, :on => :create
+  validates_uniqueness_of :email, :on => :create
+  validates_confirmation_of :password
+end

data/templates/user_model.sql

@@ -0,0 +1,15 @@
+CREATE TABLE users (
+  id int NOT NULL auto_increment,
+  login varchar(80) default NULL,
+  password varchar(40) default NULL,
+  email varchar(60) default NULL,
+  firstname varchar(40) default NULL,
+  lastname varchar(40) default NULL,
+  uuid char(32) default NULL,
+  salt char(32) default NULL,
+  verified INT default 0,
+  created_at DATETIME default NULL,
+  updated_at DATETIME default NULL,
+  logged_in_at DATETIME default NULL,
+  PRIMARY KEY (id)
+);

data/templates/user_test.rb

@@ -0,0 +1,90 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UserTest < Test::Unit::TestCase
+  
+  fixtures :users
+    
+  def test_auth
+    
+    assert_equal  @bob, User.authenticate("bob", "atest")    
+    assert_nil    User.authenticate("nonbob", "atest")
+    
+  end
+
+
+  def test_passwordchange
+        
+    @longbob.change_password("nonbobpasswd")
+    assert_equal @longbob, User.authenticate("longbob", "nonbobpasswd")
+    assert_nil   User.authenticate("longbob", "alongtest")
+    @longbob.change_password("alongtest")
+    assert_equal @longbob, User.authenticate("longbob", "alongtest")
+    assert_nil   User.authenticate("longbob", "nonbobpasswd")
+        
+  end
+  
+  def test_disallowed_passwords
+    
+    u = User.new    
+    u.login = "nonbob"
+
+    u.password = u.password_confirmation = "tiny"
+    assert !u.save     
+    assert u.errors.invalid?('password')
+
+    u.password = u.password_confirmation = "hugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehugehuge"
+    assert !u.save     
+    assert u.errors.invalid?('password')
+        
+    u.password = u.password_confirmation = ""
+    assert !u.save    
+    assert u.errors.invalid?('password')
+        
+    u.password = u.password_confirmation = "bobs_secure_password"
+    assert u.save     
+    assert u.errors.empty?
+        
+  end
+  
+  def test_bad_logins
+
+    u = User.new  
+    u.password = u.password_confirmation = "bobs_secure_password"
+
+    u.login = "x"
+    assert !u.save     
+    assert u.errors.invalid?('login')
+    
+    u.login = "hugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhugebobhug"
+    assert !u.save     
+    assert u.errors.invalid?('login')
+
+    u.login = ""
+    assert !u.save
+    assert u.errors.invalid?('login')
+
+    u.login = "okbob"
+    assert u.save  
+    assert u.errors.empty?
+      
+  end
+
+
+  def test_collision
+    u = User.new
+    u.login      = "existingbob"
+    u.password = u.password_confirmation = "bobs_secure_password"
+    assert !u.save
+  end
+
+
+  def test_create
+    u = User.new
+    u.login      = "nonexistingbob"
+    u.password = u.password_confirmation = "bobs_secure_password"
+      
+    assert u.save  
+    
+  end
+  
+end

data/templates/users.yml

@@ -0,0 +1,25 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+
+bob:
+  id: 1000001
+  login: bob
+  password: 914a1dc3b25d0e37548826941aa9876a # atest
+  salt: 6b03707e55eb8fbecb69b04a28539180
+  email: bob@test.com
+  verified: 1
+  
+existingbob:
+  id: 1000002
+  login: existingbob
+  password: 900a99c96ebddd41dc15c87169de1f65 # atest
+  salt: e77e00345e8a9e26c77fb9c1f2e690e7
+  email: existingbob@test.com
+  verified: 1  
+
+longbob:
+  id: 1000003
+  login: longbob
+  password: bc9ce7077ba7e7e5f5e2ca3efd1e7690 # alongtest
+  salt: 5e6f3f50b1232072d1bdad4b49b4cf1f
+  email: longbob@test.com
+  verified: 1

data/templates/view_change_password.rhtml

@@ -0,0 +1,35 @@
+<%%= start_form_tag :action=> "change_password" %>
+
+<div title="Change password" class="form">
+  <h3>Change Password</h3> 
+  <%% if @flash['notice'] %>
+    <div>
+      <p><%%= @flash['notice'] %></p>
+    </div>
+  <%% end %>
+  <%% if @flash['message'] %>
+    <div id="ErrorExplanation">
+      <h2><%%= @flash['message'] %></h2>
+    </div>
+  <%% end %>
+  <%%= error_messages_for 'user' %><br/>
+   
+  <div class="form-padding">
+    <p>
+      Enter your new password in the fields below and click 'Change Password'
+      to have a new password sent to your email inbox.
+    </p>
+    <label for="user_password">Choose password:</label><br/>
+    <%%= password_field "user", "password", :size => 30, :value => "" %><br/>
+    <label for="user_password_confirmation">Confirm password:</label><br/>
+    <%%= password_field "user", "password_confirmation", :size => 30, :value => "" %><br/>
+
+    <div class="button-bar">
+      <%%= submit_tag "Change password" %>
+      <%%= link_to 'Cancel', :action=> 'login' %>
+    </div>
+  </div>
+</div>
+
+<%%= end_form_tag %>
+

data/templates/view_forgot_password.rhtml

@@ -0,0 +1,32 @@
+<%%= start_form_tag :action=> "forgot_password" %>
+
+<div title="Forgotten password" class="form">
+  <h3>Forgotten Password</h3> 
+  <%% if @flash['notice'] %>
+    <div>
+      <p><%%= @flash['notice'] %></p>
+    </div>
+  <%% end %>
+  <%% if @flash['message'] %>
+    <div id="ErrorExplanation">
+      <h2><%%= @flash['message'] %></h2>
+    </div>
+  <%% end %>
+   
+  <div class="form-padding">
+    <p>
+      Enter your email address in the field below and click 'Reset Password'
+      to have a new password sent to your email inbox.
+    </p>
+    <label for="user_email">Email:</label><br/>
+    <%%= text_field "user", "email", :size => 30, :value => "" %><br/>
+
+    <div class="button-bar">
+      <%%= submit_tag "Reset password" %>
+      <%%= link_to 'Cancel', :action=> 'login' %>
+    </div>
+  </div>
+</div>
+
+<%%= end_form_tag %>
+

data/templates/view_login.rhtml

@@ -0,0 +1,31 @@
+<%%= start_form_tag :action=> "login" %>
+
+<div title="Account login" class="form">
+  <h3>Please login</h3>
+  <%% if @flash['notice'] %>
+    <div>
+      <p><%%= @flash['notice'] %></p>
+    </div>
+  <%% end %>
+  <%% if @flash['message'] %>
+    <div id="ErrorExplanation">
+      <h2><%%= @flash['message'] %></h2>
+    </div>
+  <%% end %>
+
+  <div class="form-padding">
+    <label for="user_login">Login:</label><br/>
+    <%%= text_field "user", "login", :size => 30 %><br/>
+    <label for="user_password">Password:</label><br/>
+    <%%= password_field "user", "password", :size => 30, :value => "" %><br/>
+
+    <div class="button-bar">
+      <%%= submit_tag "Login" %>
+      <%%= link_to 'Register for an account', :action => 'signup' %> | 
+      <%%= link_to 'Forgot your password?', :action => 'forgot_password' %>
+    </div>
+  </div>
+</div>
+
+<%%= end_form_tag %>
+

data/templates/view_logout.rhtml

@@ -0,0 +1,10 @@
+
+<div class="memo">
+    <h3>Logoff</h3>
+
+    <p>You are now logged out of the system...</p>
+      
+    <%%= link_to "&#171; login", :action=>"login"%>  
+      
+</div>
+

data/templates/view_signup.rhtml

@@ -0,0 +1,27 @@
+<%%= start_form_tag :action=> "signup" %>
+
+<div title="Account signup" class="form">
+  <h3>Signup</h3>
+  <%% if @flash['message'] %>
+    <div id="ErrorExplanation">
+      <h2><%%= @flash['message'] %></h2>
+    </div>
+  <%% end %>
+  <%%= error_messages_for 'user' %><br/>
+  
+  <div class="form-padding">
+    <label for="user_login">Desired login:</label><br/>
+    <%%= text_field "user", "login", :size => 30 %><br/>
+    <label for="user_email">Email address:</label><br/>
+    <%%= text_field "user", "email", :size => 30 %><br/>
+    <label for="user_password">Choose password:</label><br/>
+    <%%= password_field "user", "password", :size => 30, :value => "" %><br/>
+    <label for="user_password_confirmation">Confirm password:</label><br/>
+    <%%= password_field "user", "password_confirmation", :size => 30, :value => "" %><br/>
+
+    <div class="button-bar">
+      <%%= submit_tag "Signup" %>
+    </div>
+  <div>
+<%%= end_form_tag %>
+

data/templates/view_welcome.rhtml

@@ -0,0 +1,13 @@
+
+<div class="memo">
+    <h3>Welcome</h3>
+
+    <p>You are now logged into the system...</p>
+    <p>
+    Since you are here it's safe to assume the application never called store_location, otherwise
+    you would have been redirected somewhere else after a successful login.
+    </p>
+      
+    <%%= link_to "&#171; logout", :action=>"logout"%>  
+      
+</div>

metadata

@@ -0,0 +1,71 @@
+--- !ruby/object:Gem::Specification 
+rubygems_version: 0.8.8
+specification_version: 1
+name: salted_login_generator
+version: !ruby/object:Gem::Version 
+  version: 1.0.1
+date: 2005-04-05
+summary: "[Rails] Login generator with salted passwords."
+require_paths: 
+  - "."
+email: jhosteny@mac.com
+homepage: 
+rubyforge_project: 
+description: Generates Rails code implementing a login system for your Rails app.
+autorequire: 
+default_executable: 
+bindir: bin
+has_rdoc: false
+required_ruby_version: !ruby/object:Gem::Version::Requirement 
+  requirements: 
+    - 
+      - ">"
+      - !ruby/object:Gem::Version 
+        version: 0.0.0
+  version: 
+platform: ruby
+authors: 
+  - Tobias Luetke
+  - Joe Hosteny
+files: 
+  - USAGE
+  - salted_login_generator.rb
+  - templates/controller.rb
+  - templates/controller_test.rb
+  - templates/helper.rb
+  - templates/login_system.rb
+  - templates/README
+  - templates/user.rb
+  - templates/user_test.rb
+  - templates/users.yml
+  - templates/view_login.rhtml
+  - templates/view_logout.rhtml
+  - templates/view_signup.rhtml
+  - templates/view_welcome.rhtml
+  - templates/user_model.sql
+  - templates/notify.rb
+  - templates/view_forgot_password.rhtml
+  - templates/view_change_password.rhtml
+  - templates/notify_signup.rhtml
+  - templates/notify_forgot_password.rhtml
+  - templates/notify_change_password.rhtml
+  - templates/app-config-development.yml
+  - templates/app-config-production.yml
+  - templates/app-config-test.yml
+test_files: []
+rdoc_options: []
+extra_rdoc_files: []
+executables: []
+extensions: []
+requirements: []
+dependencies: 
+  - !ruby/object:Gem::Dependency 
+    name: rails
+    version_requirement: 
+    version_requirements: !ruby/object:Gem::Version::Requirement 
+      requirements: 
+        - 
+          - ">="
+          - !ruby/object:Gem::Version 
+            version: 0.10.0
+      version: