shingara-devise 0.4.3

data/app/views/sessions/new.html.erb

@@ -0,0 +1,23 @@
+<h2>Sign in</h2>
+
+<% form_for resource_name, resource, :url => session_path(resource_name) do |f| -%>
+  <p><%= f.label :email %></p>
+  <p><%= f.text_field :email %></p>
+
+  <p><%= f.label :password %></p>
+  <p><%= f.password_field :password %></p>
+
+  <% if devise_mapping.rememberable? -%>
+    <p><%= f.check_box :remember_me %> <%= f.label :remember_me %></p>
+  <% end -%>
+
+  <p><%= f.submit "Sign in" %></p>
+<% end -%>
+
+<%- if devise_mapping.recoverable? %>
+  <%= link_to "Forgot password?", new_password_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.confirmable? %>
+  <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
+<% end -%>

data/generators/devise/USAGE

@@ -0,0 +1,5 @@
+To create a devise resource user:
+
+    script/generate devise User
+
+This will generate a model named User, a route map for devise called :users, and a migration file for table :users with all devise modules.

data/generators/devise/devise_generator.rb

@@ -0,0 +1,25 @@
+require File.expand_path(File.dirname(__FILE__) + "/lib/route_devise.rb")
+
+class DeviseGenerator < Rails::Generator::NamedBase
+
+  def manifest
+    record do |m|
+      # Check for class naming collisions.
+      m.class_collisions(class_name)
+
+      # Model
+      m.directory(File.join('app', 'models', class_path))
+      m.template 'model.rb', File.join('app', 'models', "#{file_path}.rb")
+
+      # Migration
+      m.migration_template 'migration.rb', 'db/migrate', :migration_file_name => "devise_create_#{table_name}"
+
+      # Routing
+      m.route_devise table_name
+
+      # Readme
+      m.readme "README"
+    end
+  end
+
+end

data/generators/devise/lib/route_devise.rb

@@ -0,0 +1,32 @@
+module Rails
+  module Generator
+    module Commands
+      class Create < Base
+
+        # Create devise route. Based on route_resources
+        def route_devise(*resources)
+          resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
+          sentinel = 'ActionController::Routing::Routes.draw do |map|'
+
+          logger.route "map.devise_for #{resource_list}"
+          unless options[:pretend]
+            gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+              "#{match}\n  map.devise_for #{resource_list}\n"
+            end
+          end
+        end
+      end
+
+      class Destroy < RewindBase
+
+        # Destroy devise route. Based on route_resources
+        def route_devise(*resources)
+          resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
+          look_for = "\n  map.devise_for #{resource_list}\n"
+          logger.route "map.devise_for #{resource_list}"
+          gsub_file 'config/routes.rb', /(#{look_for})/mi, ''
+        end
+      end
+    end
+  end
+end

data/generators/devise/templates/README

@@ -0,0 +1,22 @@
+
+================================================================================
+
+Some setup you must do manually if you haven't yet:
+
+1. Setup defaut url options for your specific environment. Here is an example of development environment:
+
+    config.action_mailer.default_url_options = { :host => 'localhost:3000' }
+
+It's a Rails required configuration. In production it must be the actual host your application is deployed to.
+
+2. Setup default sender for mails. In config/environment.rb:
+
+    DeviseMailer.sender = "test@example.com"
+
+You can also configure this value by running script/generate devise_install and setting config.mailer_sender,
+
+3. Ensure you have defined root_url to *something* in your config/routes.rb:
+
+    map.root :controller => 'home'
+
+================================================================================

data/generators/devise/templates/migration.rb

@@ -0,0 +1,20 @@
+class DeviseCreate<%= table_name.camelize %> < ActiveRecord::Migration
+  def self.up
+    create_table(:<%= table_name %>) do |t|
+      t.authenticatable :encryptor => :sha1
+      t.confirmable
+      t.recoverable
+      t.rememberable
+
+      t.timestamps
+    end
+
+    add_index :<%= table_name %>, :email,                :unique => true
+    add_index :<%= table_name %>, :confirmation_token,   :unique => true
+    add_index :<%= table_name %>, :reset_password_token, :unique => true
+  end
+
+  def self.down
+    drop_table :<%= table_name %>
+  end
+end

data/generators/devise/templates/model.rb

@@ -0,0 +1,5 @@
+class <%= class_name %> < ActiveRecord::Base
+  devise :all
+  # Setup accessible (or protected) attributes for your model
+  attr_accessible :email, :password, :password_confirmation
+end

data/generators/devise_install/USAGE

@@ -0,0 +1,3 @@
+To copy a Devise initializer to your Rails App, with some configuration values, just do:
+
+    script/generate devise_install

data/generators/devise_install/devise_install_generator.rb

@@ -0,0 +1,9 @@
+class DeviseInstallGenerator < Rails::Generator::Base
+
+  def manifest
+    record do |m|
+      m.file "devise.rb", "config/initializers/devise.rb"
+    end
+  end
+
+end

data/generators/devise_install/templates/devise.rb

@@ -0,0 +1,47 @@
+# Use this hook to configure devise mailer, warden hooks and so forth. The first
+# four configuration values can also be set straight in your models.
+Devise.setup do |config|
+  # Invoke `rake secret` and use the printed value to setup a pepper to generate
+  # the encrypted password. By default no pepper is used.
+  # config.pepper = "rake secret output"
+
+  # Configure how many times you want the password is reencrypted. Default is 10.
+  # config.stretches = 10
+
+  # Define which will be the encryption algorithm. Supported algorithms are :sha1
+  # (default) and :sha512. Devise also supports encryptors from others authentication
+  # frameworks as :clearance_sha1, :authlogic_sha512 (then you should set stretches
+  # above to 20 for default behavior) and :restful_authentication_sha1 (then you
+  # should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
+  # config.encryptor = :sha1
+
+  # The time you want give to your user to confirm his account. During this time
+  # he will be able to access your application without confirming. Default is nil.
+  # config.confirm_within = 2.days
+
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # Configure the e-mail address which will be shown in DeviseMailer.
+  # config.mailer_sender = "foo.bar@yourapp.com"
+
+  # If you want to use other strategies, that are not (yet) supported by Devise,
+  # you can configure them inside the config.warden block. The example below
+  # allows you to setup OAuth, using http://github.com/roman/warden_oauth
+  #
+  # config.warden do |manager|
+  #   manager.oauth(:twitter) do |twitter|
+  #     twitter.consumer_secret = <YOUR CONSUMER SECRET>
+  #     twitter.consumer_key  = <YOUR CONSUMER KEY>
+  #     twitter.options :site => 'http://twitter.com'
+  #   end
+  #   manager.default_strategies.unshift :twitter_oauth
+  # end
+
+  # Configure default_url_options if you are using dynamic segments in :path_prefix
+  # for devise_for.
+  #
+  # config.default_url_options do
+  #   { :locale => I18n.locale }
+  # end
+end

data/generators/devise_views/USAGE

@@ -0,0 +1,3 @@
+To copy all session, password, confirmation and mailer views from devise to your app just run the following command:
+
+    script/generate devise_views

data/generators/devise_views/devise_views_generator.rb

@@ -0,0 +1,24 @@
+class DeviseViewsGenerator < Rails::Generator::Base
+
+  def initialize(*args)
+    super
+    @source_root = options[:source] || File.join(spec.path, '..', '..')
+  end
+
+  def manifest
+    record do |m|
+      m.directory "app/views"
+
+      Dir[File.join(@source_root, "app", "views", "**/*.erb")].each do |file|
+        file = file.gsub(@source_root, "")[1..-1]
+
+        m.directory  File.dirname(file)
+        m.file       file, file
+      end
+
+      m.directory "config/locales"
+      m.file "lib/devise/locales/en.yml", "config/locales/devise.en.yml"
+    end
+  end
+
+end

data/init.rb

@@ -0,0 +1,2 @@
+# We need to load devise here to ensure routes extensions are loaded.
+require 'devise'

data/lib/devise/controllers/filters.rb

@@ -0,0 +1,111 @@
+module Devise
+  module Controllers
+    # Those filters are convenience methods added to ApplicationController to
+    # deal with Warden.
+    module Filters
+
+      def self.included(base)
+        base.class_eval do
+          helper_method :warden, :signed_in?, :devise_controller?,
+                        *Devise.mappings.keys.map { |m| [:"current_#{m}", :"#{m}_signed_in?"] }.flatten
+
+          # Use devise default_url_options. We have to declare it here to overwrite
+          # default definitions.
+          def default_url_options(options=nil)
+            Devise::Mapping.default_url_options
+          end
+        end
+      end
+
+      # The main accessor for the warden proxy instance
+      def warden
+        request.env['warden']
+      end
+
+      # Return true if it's a devise_controller. false to all controllers unless
+      # the controllers defined inside devise. Useful if you want to apply a before
+      # filter to all controller, except the ones in devise:
+      #
+      #   before_filter :my_filter, :unless => { |c| c.devise_controller? }
+      def devise_controller?
+        false
+      end
+
+      # Attempts to authenticate the given scope by running authentication hooks,
+      # but does not redirect in case of failures.
+      def authenticate(scope)
+        warden.authenticate(:scope => scope)
+      end
+
+      # Attempts to authenticate the given scope by running authentication hooks,
+      # redirecting in case of failures.
+      def authenticate!(scope)
+        warden.authenticate!(:scope => scope)
+      end
+
+      # Check if the given scope is signed in session, without running
+      # authentication hooks.
+      def signed_in?(scope)
+        warden.authenticated?(scope)
+      end
+
+      # Set the warden user with the scope, signing in the resource automatically,
+      # without running hooks.
+      def sign_in(scope, resource)
+        warden.set_user(resource, :scope => scope)
+      end
+
+      # Sign out based on scope.
+      def sign_out(scope, *args)
+        warden.user(scope) # Without loading user here, before_logout hook is not called
+        warden.raw_session.inspect # Without this inspect here. The session does not clear.
+        warden.logout(scope, *args)
+      end
+
+      # Define authentication filters and accessor helpers based on mappings.
+      # These filters should be used inside the controllers as before_filters,
+      # so you can control the scope of the user who should be signed in to
+      # access that specific controller/action.
+      # Example:
+      #
+      #   Maps:
+      #     User => :authenticatable
+      #     Admin => :authenticatable
+      #
+      #   Generated methods:
+      #     authenticate_user!  # Signs user in or redirect
+      #     authenticate_admin! # Signs admin in or redirect
+      #     user_signed_in?     # Checks whether there is an user signed in or not
+      #     admin_signed_in?    # Checks whether there is an admin signed in or not
+      #     current_user        # Current signed in user
+      #     current_admin       # Currend signed in admin
+      #     user_session        # Session data available only to the user scope
+      #     admin_session       # Session data available only to the admin scope
+      #
+      #   Use:
+      #     before_filter :authenticate_user!  # Tell devise to use :user map
+      #     before_filter :authenticate_admin! # Tell devise to use :admin map
+      #
+      Devise.mappings.each_key do |mapping|
+        class_eval <<-METHODS, __FILE__, __LINE__
+          def authenticate_#{mapping}!
+            warden.authenticate!(:scope => :#{mapping})
+          end
+
+          def #{mapping}_signed_in?
+            warden.authenticated?(:#{mapping})
+          end
+
+          def current_#{mapping}
+            @current_#{mapping} ||= warden.user(:#{mapping})
+          end
+
+          def #{mapping}_session
+            warden.session(:#{mapping})
+          end
+        METHODS
+      end
+
+    end
+  end
+end

data/lib/devise/controllers/helpers.rb

@@ -0,0 +1,130 @@
+module Devise
+  module Controllers
+    # Those helpers are used only inside Devise controllers and should not be
+    # included in ApplicationController since they all depend on the url being
+    # accessed.
+    module Helpers
+
+      def self.included(base)
+        base.class_eval do
+          helper_method :resource, :resource_name, :resource_class, :devise_mapping, :devise_controller?
+          hide_action   :resource, :resource_name, :resource_class, :devise_mapping, :devise_controller?
+
+          skip_before_filter *Devise.mappings.keys.map { |m| :"authenticate_#{m}!" }
+          before_filter :is_devise_resource?
+        end
+      end
+
+      # Gets the actual resource stored in the instance variable
+      def resource
+        instance_variable_get(:"@#{resource_name}")
+      end
+
+      # Proxy to devise map name
+      def resource_name
+        devise_mapping.name
+      end
+
+      # Proxy to devise map class
+      def resource_class
+        devise_mapping.to
+      end
+
+      # Attempt to find the mapped route for devise based on request path
+      def devise_mapping
+        @devise_mapping ||= Devise::Mapping.find_by_path(request.path)
+      end
+
+      # Overwrites devise_controller? to return true
+      def devise_controller?
+        true
+      end
+
+    protected
+
+      # Redirects to stored uri before signing in or the default path and clear
+      # return to.
+      def redirect_back_or_to(default)
+        redirect_to(return_to || default)
+        clear_return_to
+      end
+
+      # Access to scoped stored uri
+      def return_to
+        session[:"#{resource_name}.return_to"]
+      end
+
+      # Clear scoped stored uri
+      def clear_return_to
+        session[:"#{resource_name}.return_to"] = nil
+      end
+
+      # Checks for the existence of the resource root path. If it exists,
+      # returns it, otherwise returns the default root_path.
+      # Used after authenticating a user, confirming it's account or updating
+      # it's password, so we are able to redirect to scoped root paths.
+      # Examples (for a user scope):
+      #   map.user_root '/users', :controller => 'users' # creates user_root_path
+      #
+      #   map.namespace :users do |users|
+      #     users.root # creates user_root_path
+      #   end
+      def home_or_root_path
+        home_path = :"#{resource_name}_root_path"
+        respond_to?(home_path, true) ? send(home_path) : root_path
+      end
+
+      # Checks whether it's a devise mapped resource or not.
+      def is_devise_resource? #:nodoc:
+        raise ActionController::UnknownAction unless devise_mapping && devise_mapping.allows?(controller_name)
+      end
+
+      # Sets the resource creating an instance variable
+      def resource=(new_resource)
+        instance_variable_set(:"@#{resource_name}", new_resource)
+      end
+
+      # Build a devise resource without setting password and password confirmation fields.
+      def build_resource
+        self.resource ||= begin
+          attributes = params[resource_name].try(:except, :password, :password_confirmation)
+          resource_class.new(attributes)
+        end
+      end
+
+      # Helper for use in before_filters where no authentication is required.
+      #
+      # Example:
+      #   before_filter :require_no_authentication, :only => :new
+      def require_no_authentication
+        redirect_to home_or_root_path if warden.authenticated?(resource_name)
+      end
+
+      # Sets the flash message with :key, using I18n. By default you are able
+      # to setup your messages using specific resource scope, and if no one is
+      # found we look to default scope.
+      # Example (i18n locale file):
+      #
+      #   en:
+      #     devise:
+      #       passwords:
+      #         #default_scope_messages - only if resource_scope is not found
+      #         user:
+      #           #resource_scope_messages
+      #
+      # Please refer to README or en.yml locale file to check what messages are
+      # available.
+      def set_flash_message(key, kind, now=false)
+        flash_hash = now ? flash.now : flash
+        flash_hash[key] = I18n.t(:"#{resource_name}.#{kind}",
+                            :scope => [:devise, controller_name.to_sym], :default => kind)
+      end
+
+      # Shortcut to set flash.now message. Same rules applied from set_flash_message
+      def set_now_flash_message(key, kind)
+        set_flash_message(key, kind, true)
+      end
+
+    end
+  end
+end

data/lib/devise/controllers/url_helpers.rb

@@ -0,0 +1,49 @@
+module Devise
+  module Controllers
+    # Create url helpers to be used with resource/scope configuration. Acts as
+    # proxies to the generated routes created by devise.
+    # Resource param can be a string or symbol, a class, or an instance object.
+    # Example using a :user resource:
+    #
+    #   new_session_path(:user)      => new_user_session_path
+    #   session_path(:user)          => user_session_path
+    #   destroy_session_path(:user)  => destroy_user_session_path
+    #
+    #   new_password_path(:user)     => new_user_password_path
+    #   password_path(:user)         => user_password_path
+    #   edit_password_path(:user)    => edit_user_password_path
+    #
+    #   new_confirmation_path(:user) => new_user_confirmation_path
+    #   confirmation_path(:user)     => user_confirmation_path
+    #
+    # Those helpers are added to your ApplicationController.
+    module UrlHelpers
+
+      [:session, :password, :confirmation].each do |module_name|
+        [:path, :url].each do |path_or_url|
+          actions = [ nil, :new_ ]
+          actions << :edit_    if module_name == :password
+          actions << :destroy_ if module_name == :session
+
+          actions.each do |action|
+            class_eval <<-URL_HELPERS
+              def #{action}#{module_name}_#{path_or_url}(resource, *args)
+                resource = case resource
+                  when Symbol, String
+                    resource
+                  when Class
+                    resource.name.underscore
+                  else
+                    resource.class.name.underscore
+                end
+
+                send("#{action}\#{resource}_#{module_name}_#{path_or_url}", *args)
+              end
+            URL_HELPERS
+          end
+        end
+      end
+
+    end
+  end
+end

data/lib/devise/encryptors/authlogic_sha512.rb

@@ -0,0 +1,28 @@
+require "digest/sha2"
+
+module Devise
+  # Implements a way of adding different encryptions.
+  # The class should implement a self.digest method that taks the following params:
+  #   - password
+  #   - stretches: the number of times the encryption will be applied
+  #   - salt: the password salt as defined by devise
+  #   - pepper: Devise config option
+  #
+  module Encryptors
+    # = AuthlogicSha512
+    # Simulates Authlogic's default encryption mechanism.
+    # Warning: it uses Devise's stretches configuration to port Authlogic's one. Should be set to 20 in the initializer to silumate
+    #  the default behavior.
+    class AuthlogicSha512
+      
+      # Gererates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = [password, salt].flatten.join('')
+        stretches.times { digest = Digest::SHA512.hexdigest(digest) }
+        digest
+      end
+
+    end
+  end
+end

data/lib/devise/encryptors/clearance_sha1.rb

@@ -0,0 +1,26 @@
+require "digest/sha1"
+
+module Devise
+  # Implements a way of adding different encryptions.
+  # The class should implement a self.digest method that taks the following params:
+  #   - password
+  #   - stretches: the number of times the encryption will be applied
+  #   - salt: the password salt as defined by devise
+  #   - pepper: Devise config option
+  #
+  module Encryptors
+    # = ClearanceSha1
+    # Simulates Clearance's default encryption mechanism.
+    # Warning: it uses Devise's pepper to port the concept of REST_AUTH_SITE_KEY
+    # Warning: it uses Devise's stretches configuration to port the concept of REST_AUTH_DIGEST_STRETCHES
+    class ClearanceSha1
+      
+      # Gererates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        Digest::SHA1.hexdigest("--#{salt}--#{password}--")
+      end
+
+    end
+  end
+end

data/lib/devise/encryptors/restful_authentication_sha1.rb

@@ -0,0 +1,29 @@
+require "digest/sha1"
+
+module Devise
+  # Implements a way of adding different encryptions.
+  # The class should implement a self.digest method that taks the following params:
+  #   - password
+  #   - stretches: the number of times the encryption will be applied
+  #   - salt: the password salt as defined by devise
+  #   - pepper: Devise config option
+  #
+  module Encryptors
+    # = RestfulAuthenticationSha1
+    # Simulates Restful Authentication's default encryption mechanism.
+    # Warning: it uses Devise's pepper to port the concept of REST_AUTH_SITE_KEY
+    # Warning: it uses Devise's stretches configuration to port the concept of REST_AUTH_DIGEST_STRETCHES. Should be set to 10 in 
+    # the initializer to silumate the default behavior.
+    class RestfulAuthenticationSha1
+      
+      # Gererates a default password digest based on salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = pepper
+        stretches.times { digest = Digest::SHA1.hexdigest([digest, salt, password, pepper].flatten.join('--')) }
+        digest
+      end
+
+    end
+  end
+end

data/lib/devise/encryptors/sha1.rb

@@ -0,0 +1,34 @@
+require "digest/sha1"
+
+module Devise
+  # Implements a way of adding different encryptions.
+  # The class should implement a self.digest method that taks the following params:
+  #   - password
+  #   - stretches: the number of times the encryption will be applied
+  #   - salt: the password salt as defined by devise
+  #   - pepper: Devise config option
+  #
+  module Encryptors
+    # = Sha1
+    # Uses the Sha1 hash algorithm to encrypt passwords.
+    class Sha1
+      
+      # Gererates a default password digest based on stretches, salt, pepper and the
+      # incoming password.
+      def self.digest(password, stretches, salt, pepper)
+        digest = pepper
+        stretches.times { digest = self.secure_digest(salt, digest, password, pepper) }
+        digest
+      end
+
+      private
+
+        # Generate a SHA1 digest joining args. Generated token is something like
+        #   --arg1--arg2--arg3--argN--
+        def self.secure_digest(*tokens)
+          ::Digest::SHA1.hexdigest('--' << tokens.flatten.join('--') << '--')
+        end        
+      
+    end
+  end
+end