simple_user_auth 0.0.5 → 0.0.6

data/.gitignore

@@ -2,3 +2,4 @@
 .bundle
 Gemfile.lock
 pkg/*
+test/dummy/log

data/README.rdoc

@@ -11,7 +11,8 @@ It also creates accessors for password and current_password (for password change
 
 In ApplicationController
     include SimpleUserAuth::Controller
-    can_sign_in :user # uses the User model.
+    before_filter :authenticate                 # authenticate checks to see if the user is signed in
+    can_sign_in :user, :deny => :deny_access    # uses the User model, if authentication fails deny_access will be called.
 
 In your Gemfile
     gem 'simple_user_auth', '>= 0.0.2'

data/Rakefile

@@ -1,2 +1,8 @@
 require 'bundler'
+require 'rake/testtask'
 Bundler::GemHelper.install_tasks
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'test'
+  t.pattern = 'test/*_test.rb'
+  t.verbose = true
+end

data/lib/simple_user_auth/version.rb

@@ -1,3 +1,3 @@
 module SimpleUserAuth
-  VERSION = "0.0.5"
+  VERSION = "0.0.6"
 end

data/lib/simple_user_auth.rb

@@ -6,13 +6,14 @@ module SimpleUserAuth
       klass.extend(ClassMethods)
       klass.class_eval do
         include ClassInstanceMethods
+        attr_accessor :password
+        attr_accessor :current_password
         validate :change_password_validator
+        validates :password_confirmation, :presence => { :if => :new_record_or_change_password? }
         validates :password,
           :presence     => { :if => :new_record_or_change_password? },
           :confirmation => { :if => :new_record_or_change_password? },
           :length       => { :within => 6..40, :if => :new_record_or_change_password? }
-        attr_accessor :password
-        attr_accessor :current_password
         before_save :encrypt_password   
       end
     end
@@ -97,10 +98,17 @@ module SimpleUserAuth
     module ClassMethods
       # The user model you'll be using.
       # e.g. can_sign_in :user
-      def can_sign_in(model)
+      # An optional callback specified with :deny is available that will be called upon authentication failure.
+      # e.g. can_sign_in :user, :deny => :my_deny_callback
+      def can_sign_in(model, args = {})
         klass = Kernel.const_get(model.to_s.camelize)
         write_inheritable_attribute(:user_model_for_sign_in, klass)
+        write_inheritable_attribute(:deny_access_callback, args[:deny])
       end
+      
+      def deny_access(callback)
+      end
+      
     end
     
     module ClassInstanceMethods
@@ -125,7 +133,7 @@ module SimpleUserAuth
       end
 
       def not_signed_in?
-        current_user.nil?
+        !signed_in?
       end
 
       def sign_out
@@ -136,26 +144,24 @@ module SimpleUserAuth
       def current_user?(user)
         user == current_user
       end
-
-      # Stores the location of the resource trying to be accessed and redirects to signin_path
-      def deny_access
-        store_location
-        redirect_to signin_path, :notice => "Please sign in to access this page."
-      end
-
-      # Redirects back to the stored location, or to the value passed.
-      def redirect_back_or(default)
-        redirect_to(session[:return_to] || default)
-        clear_return_to
-      end
       
-      # This is useful as a before filter, it will deny access unless signed in.
+      # This is useful as a before filter, it will call your deny access callback unless signed in.
       def authenticate
-        deny_access unless signed_in?
+        failed_authentication unless signed_in?
       end
 
       private
       
+      def failed_authentication
+        callback = self.class.read_inheritable_attribute(:deny_access_callback)
+        if callback && respond_to?(callback)
+          send(callback)
+        else
+          render :text => 'Access Denied', :status => 403
+        end
+        return false
+      end
+      
       def user_model
         self.class.read_inheritable_attribute(:user_model_for_sign_in)
       end
@@ -176,13 +182,6 @@ module SimpleUserAuth
         cookies.signed[remember_token_name] || [nil, nil]
       end
       
-      def store_location
-        session[:return_to] = request.fullpath
-      end
-      
-      def clear_return_to
-        session[:return_to] = nil
-      end
     end
     
   end

data/test/controller_test.rb

@@ -0,0 +1,52 @@
+require 'rails'
+require 'test_helper'
+
+class ControllerTest < ActionController::TestCase
+
+  def setup
+    @controller = DummyController.new
+    @user = User.create(:email => "info@zenstack.com", :password => "password", :password_confirmation => "password")
+  end
+  
+  def teardown
+    @user.destroy
+  end
+
+  test "get" do
+    get :index
+    assert_response :success
+  end
+  
+  test "authenticate" do
+    assert @controller.respond_to?(:authenticate)
+    get :new
+    assert_response 403
+    assert !assigns(:testvariable)
+    @controller.class.can_sign_in :user, :deny => :deny_access_callback
+    get :new
+    assert_response :redirect
+  end
+  
+  test "sign in" do
+    get :index
+    @controller.sign_in(@user)
+    get :new
+    assert_equal @controller.current_user, @user
+    assert @controller.current_user?(@user)
+    assert_response :success
+  end
+  
+  test "sign out" do
+    get :index
+    @controller.sign_in(@user)
+    @controller.sign_out
+    assert !@controller.current_user
+    assert !@controller.signed_in?
+    assert @controller.not_signed_in?
+  end
+  
+  test "can_sign_in" do
+    assert @controller.class.respond_to?(:can_sign_in)
+  end
+  
+end

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,3 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+end

data/test/dummy/app/controllers/dummy_controller.rb

@@ -0,0 +1,23 @@
+class DummyController < ApplicationController
+  
+  include SimpleUserAuth::Controller
+  
+
+  can_sign_in :user
+  
+  before_filter :authenticate, :only => :new
+  
+  def index
+    render :text => "Success"
+  end
+  
+  def new
+    @testvariable = true
+    render :text => "Success"
+  end
+  
+ def deny_access_callback
+    redirect_to dummy_index_path
+ end
+  
+end

data/test/dummy/app/models/user.rb

@@ -0,0 +1,6 @@
+
+
+class User < ActiveRecord::Base
+  include SimpleUserAuth::Model
+  authenticate_by :email
+end

data/test/dummy/config/application.rb

@@ -0,0 +1,42 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+# If you have a Gemfile, require the gems listed there, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(:default, Rails.env) if defined?(Bundler)
+
+module Dummy
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # JavaScript files you want as :defaults (application.js is always included).
+    # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+  end
+end

data/test/dummy/config/boot.rb

@@ -0,0 +1,6 @@
+require 'rubygems'
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])

data/test/dummy/config/database.yml

@@ -0,0 +1,5 @@
+test:
+  adapter: sqlite3
+  database: ":memory:"
+  pool: 5
+  timeout: 5000

data/test/dummy/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Dummy::Application.initialize!

data/test/dummy/config/environments/test.rb

@@ -0,0 +1,35 @@
+Dummy::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = true
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Use SQL instead of Active Record's schema dumper when creating the test database.
+  # This is necessary if your schema can't be completely dumped by the schema dumper,
+  # like if you have constraints or database-specific column types
+  # config.active_record.schema_format = :sql
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end

data/test/dummy/config/initializers/secret_token.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Dummy::Application.config.secret_token = 'b742bbea09a2328f4d77677298e0f33509264b5c7dd065aeffbcee6dfb3e38a91c69099b0495371a2844a03b7ff9139026e9f91cefc7f11e9039d56921e248ca'

data/test/dummy/config/initializers/session_store.rb

@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rails generate session_migration")
+# Dummy::Application.config.session_store :active_record_store

data/test/dummy/config/routes.rb

@@ -0,0 +1,3 @@
+Dummy::Application.routes.draw do
+  resources :dummy
+end

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Dummy::Application

data/test/dummy/db/migrate/20110506183728_create_users.rb

@@ -0,0 +1,14 @@
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :email
+      t.string :encrypted_password
+      t.string :salt
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/test/dummy/db/schema.rb

@@ -0,0 +1,23 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20110506183728) do
+
+  create_table "users", :force => true do |t|
+    t.string   "email"
+    t.string   "encrypted_password"
+    t.string   "salt"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/test/model_test.rb

@@ -0,0 +1,53 @@
+require "test_helper"
+
+class ModelTest < ActiveSupport::TestCase
+  
+  def setup
+   @user = User.create(:email => "info@zenstack.com", :password => "password", :password_confirmation => "password")
+  end
+  
+  def teardown
+    @user.destroy
+  end
+  
+  test "validations" do
+    user = User.new
+    assert !user.valid?, "Blank user validates"
+    
+    user.password = "foo"
+    assert !user.valid?, "Password is too short to validate"
+    
+    user.password = "foobar"
+    assert !user.valid?, "Password confirmation validation fails"
+    
+    user.password_confirmation = "foobar"
+    assert user.valid?, "Should pass validations"
+  end
+  
+  test "authenticate_by" do
+    assert User.respond_to?(:authenticate_by)
+  end
+  
+  test "authenticate" do
+    assert_equal(User.authenticate(@user.email, "password"), @user)
+    assert !User.authenticate("info@zenstack.com", "badpassword")
+  end
+  
+  test "authenticate_with_salt" do
+    assert_equal(@user, User.authenticate_with_salt(@user.id, @user.salt))
+  end
+  
+  test "has_password?" do
+    assert @user.has_password?("password")
+    assert !@user.has_password?("badpassword")
+  end
+  
+  test "change_password" do
+    user = User.new
+    assert !user.change_password?
+    user.password = "changemypassword"
+    assert user.change_password?
+  end
+  
+  
+end

data/test/test_helper.rb

@@ -0,0 +1,10 @@
+require 'rubygems'
+ENV["RAILS_ENV"] = "test"
+require File.expand_path('../../lib/simple_user_auth', __FILE__)
+require 'test/unit'
+require 'rails/test_help'
+require 'dummy/config/environment.rb'
+
+ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
+
+

metadata

@@ -2,7 +2,7 @@
 name: simple_user_auth
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.0.5
+  version: 0.0.6
 platform: ruby
 authors: 
 - Erich Menge
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-05-01 00:00:00 Z
+date: 2011-05-06 00:00:00 Z
 dependencies: []
 
 description: A simple no frills user authentication gem for my Rails projects.
@@ -29,6 +29,23 @@ files:
 - lib/simple_user_auth.rb
 - lib/simple_user_auth/version.rb
 - simple_user_auth.gemspec
+- test/controller_test.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/dummy_controller.rb
+- test/dummy/app/models/user.rb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/routes.rb
+- test/dummy/db/migrate/20110506183728_create_users.rb
+- test/dummy/db/schema.rb
+- test/model_test.rb
+- test/test_helper.rb
 homepage: ""
 licenses: []
 
@@ -52,10 +69,25 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: simple_user_auth
-rubygems_version: 1.7.2
+rubygems_version: 1.8.0
 signing_key: 
 specification_version: 3
 summary: A simple user authentication mixin for Rails
-test_files: []
-
-has_rdoc: 
+test_files: 
+- test/controller_test.rb
+- test/dummy/app/controllers/application_controller.rb
+- test/dummy/app/controllers/dummy_controller.rb
+- test/dummy/app/models/user.rb
+- test/dummy/config.ru
+- test/dummy/config/application.rb
+- test/dummy/config/boot.rb
+- test/dummy/config/database.yml
+- test/dummy/config/environment.rb
+- test/dummy/config/environments/test.rb
+- test/dummy/config/initializers/secret_token.rb
+- test/dummy/config/initializers/session_store.rb
+- test/dummy/config/routes.rb
+- test/dummy/db/migrate/20110506183728_create_users.rb
+- test/dummy/db/schema.rb
+- test/model_test.rb
+- test/test_helper.rb