simple_user_auth 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.rdoc +6 -0
- data/lib/simple_user_auth/version.rb +1 -1
- data/lib/simple_user_auth.rb +59 -26
- metadata +1 -1
data/README.rdoc
CHANGED
|
@@ -6,6 +6,12 @@ In your model
|
|
|
6
6
|
include SimpleUserAuth::Model
|
|
7
7
|
authenticate_by :email # Authenticate the user by email attribute
|
|
8
8
|
|
|
9
|
+
This gem assumes that you have a field called encrypted_password and a field called salt in your user model.
|
|
10
|
+
It also creates accessors for password and current_password (for password changes).
|
|
11
|
+
|
|
9
12
|
In ApplicationController
|
|
10
13
|
include SimpleUserAuth::Controller
|
|
14
|
+
can_sign_in :user # uses the User model.
|
|
11
15
|
|
|
16
|
+
In your Gemfile
|
|
17
|
+
gem 'simple_user_auth', '>= 0.0.2'
|
data/lib/simple_user_auth.rb
CHANGED
|
@@ -2,7 +2,7 @@ module SimpleUserAuth
|
|
|
2
2
|
|
|
3
3
|
module Model
|
|
4
4
|
|
|
5
|
-
def self.included(klass)
|
|
5
|
+
def self.included(klass) # :nodoc:
|
|
6
6
|
klass.extend(ClassMethods)
|
|
7
7
|
klass.class_eval do
|
|
8
8
|
include ClassInstanceMethods
|
|
@@ -11,16 +11,22 @@ module SimpleUserAuth
|
|
|
11
11
|
:presence => { :if => :new_record_or_change_password? },
|
|
12
12
|
:confirmation => { :if => :new_record_or_change_password? },
|
|
13
13
|
:length => { :within => 6..40, :if => :new_record_or_change_password? }
|
|
14
|
-
|
|
14
|
+
attr_accessor :password
|
|
15
|
+
attr_accessor :current_password
|
|
16
|
+
before_save :encrypt_password
|
|
15
17
|
end
|
|
16
18
|
end
|
|
17
19
|
|
|
18
20
|
module ClassMethods
|
|
19
21
|
|
|
22
|
+
# Select the database field you want to find the user by with when you use the authenticate method
|
|
23
|
+
# e.g. authenticate_by(:email)
|
|
20
24
|
def authenticate_by(authenticator)
|
|
21
25
|
write_inheritable_attribute(:authenticator, authenticator)
|
|
22
26
|
end
|
|
23
27
|
|
|
28
|
+
# Finds the user in the database by the authenticator and verifys them against the submitted password
|
|
29
|
+
# e.g. User.authenticate(params[:session][:email], params[:session][:password])
|
|
24
30
|
def authenticate(search, submitted_password)
|
|
25
31
|
authenticator = read_inheritable_attribute(:authenticator)
|
|
26
32
|
user = find(:first, :conditions => ["#{authenticator} = ?", search])
|
|
@@ -28,33 +34,37 @@ module SimpleUserAuth
|
|
|
28
34
|
return user if user.has_password?(submitted_password)
|
|
29
35
|
end
|
|
30
36
|
|
|
31
|
-
|
|
37
|
+
# Finds a user by a given id and authenticates them based on the salt stored in a cookie.
|
|
38
|
+
def authenticate_with_salt(id, salt)
|
|
32
39
|
user = find_by_id(id)
|
|
33
|
-
(user && user.salt ==
|
|
40
|
+
(user && user.salt == salt) ? user : nil
|
|
34
41
|
end
|
|
35
42
|
|
|
36
43
|
end
|
|
37
44
|
|
|
38
45
|
module ClassInstanceMethods
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
errors.add(:old_password, "doesn't match.") unless has_password?(current_password)
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def change_password?
|
|
46
|
+
|
|
47
|
+
def change_password? #:nodoc:
|
|
46
48
|
@change_password ||= false
|
|
47
49
|
end
|
|
48
50
|
|
|
51
|
+
# Set this to true to enable replacing encrypted_password with the password accessor. Also enables validations for passwords.
|
|
49
52
|
def change_password=(bool)
|
|
50
53
|
@change_password = bool
|
|
51
54
|
end
|
|
52
|
-
|
|
55
|
+
|
|
56
|
+
# Checks to see if a user has a particular password
|
|
53
57
|
def has_password?(submitted_password)
|
|
54
58
|
encrypted_password == encrypt(submitted_password)
|
|
55
59
|
end
|
|
56
60
|
|
|
57
61
|
private
|
|
62
|
+
|
|
63
|
+
def change_password_validator
|
|
64
|
+
if change_password?
|
|
65
|
+
errors.add(:old_password, "doesn't match.") unless has_password?(current_password)
|
|
66
|
+
end
|
|
67
|
+
end
|
|
58
68
|
|
|
59
69
|
def encrypt_password
|
|
60
70
|
self.salt = make_salt if new_record?
|
|
@@ -81,28 +91,36 @@ module SimpleUserAuth
|
|
|
81
91
|
|
|
82
92
|
module Controller
|
|
83
93
|
|
|
84
|
-
def self.included(klass)
|
|
85
|
-
klass.
|
|
86
|
-
|
|
94
|
+
def self.included(klass) # :nodoc:
|
|
95
|
+
klass.extend(ClassMethods)
|
|
96
|
+
klass.class_eval do
|
|
97
|
+
include ClassInstanceMethods
|
|
98
|
+
helper_method :current_user, :signed_in?, :not_signed_in?, :current_user?
|
|
87
99
|
end
|
|
88
|
-
ActionView::Base.send(:include, ClassMethods)
|
|
89
100
|
end
|
|
90
101
|
|
|
91
102
|
module ClassMethods
|
|
103
|
+
# The user model you'll be using. This could be useful if there were different user models for different namespaces.
|
|
104
|
+
# e.g. can_sign_in :user
|
|
105
|
+
def can_sign_in(model)
|
|
106
|
+
klass = Kernel.const_get(model.to_s.camelize)
|
|
107
|
+
write_inheritable_attribute(:user_model_for_sign_in, klass)
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
module ClassInstanceMethods
|
|
92
112
|
|
|
113
|
+
# Signs in a user, if the second parameter is false (default) the cookie will last only the session.
|
|
93
114
|
def sign_in(user, remember_me = false)
|
|
94
115
|
if remember_me
|
|
95
|
-
cookies.permanent.signed[
|
|
116
|
+
cookies.permanent.signed[remember_token_name] = [user.id, user.salt]
|
|
96
117
|
else
|
|
97
|
-
cookies.signed[
|
|
118
|
+
cookies.signed[remember_token_name] = [user.id, user.salt]
|
|
98
119
|
end
|
|
99
120
|
self.current_user = user
|
|
100
121
|
end
|
|
101
122
|
|
|
102
|
-
|
|
103
|
-
@current_user = user
|
|
104
|
-
end
|
|
105
|
-
|
|
123
|
+
# Returns the user object of the currently signed in user.
|
|
106
124
|
def current_user
|
|
107
125
|
@current_user ||= user_from_remember_token
|
|
108
126
|
end
|
|
@@ -116,7 +134,7 @@ module SimpleUserAuth
|
|
|
116
134
|
end
|
|
117
135
|
|
|
118
136
|
def sign_out
|
|
119
|
-
cookies.delete(
|
|
137
|
+
cookies.delete(remember_token_name)
|
|
120
138
|
self.current_user = nil
|
|
121
139
|
end
|
|
122
140
|
|
|
@@ -124,28 +142,43 @@ module SimpleUserAuth
|
|
|
124
142
|
user == current_user
|
|
125
143
|
end
|
|
126
144
|
|
|
145
|
+
# Stores the location of the resource trying to be accessed and redirects to signin_path
|
|
127
146
|
def deny_access
|
|
128
147
|
store_location
|
|
129
148
|
redirect_to signin_path, :notice => "Please sign in to access this page."
|
|
130
149
|
end
|
|
131
150
|
|
|
151
|
+
# Redirects back to the stored location, or to the value passed.
|
|
132
152
|
def redirect_back_or(default)
|
|
133
153
|
redirect_to(session[:return_to] || default)
|
|
134
154
|
clear_return_to
|
|
135
155
|
end
|
|
136
|
-
|
|
156
|
+
|
|
157
|
+
# This is useful as a before filter, it will deny access unless signed in.
|
|
137
158
|
def authenticate
|
|
138
159
|
deny_access unless signed_in?
|
|
139
160
|
end
|
|
140
161
|
|
|
141
162
|
private
|
|
163
|
+
|
|
164
|
+
def user_model
|
|
165
|
+
self.class.read_inheritable_attribute(:user_model_for_sign_in)
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
def remember_token_name
|
|
169
|
+
"#{user_model.name.downcase}_remember_token".to_sym
|
|
170
|
+
end
|
|
171
|
+
|
|
172
|
+
def current_user=(user)
|
|
173
|
+
@current_user = user
|
|
174
|
+
end
|
|
142
175
|
|
|
143
176
|
def user_from_remember_token
|
|
144
|
-
|
|
177
|
+
user_model.authenticate_with_salt(*remember_token)
|
|
145
178
|
end
|
|
146
179
|
|
|
147
180
|
def remember_token
|
|
148
|
-
cookies.signed[
|
|
181
|
+
cookies.signed[remember_token_name] || [nil, nil]
|
|
149
182
|
end
|
|
150
183
|
|
|
151
184
|
def store_location
|