simple_user_auth 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/README.rdoc +2 -1
- data/Rakefile +6 -0
- data/lib/simple_user_auth/version.rb +1 -1
- data/lib/simple_user_auth.rb +24 -25
- data/test/controller_test.rb +52 -0
- data/test/dummy/app/controllers/application_controller.rb +3 -0
- data/test/dummy/app/controllers/dummy_controller.rb +23 -0
- data/test/dummy/app/models/user.rb +6 -0
- data/test/dummy/config/application.rb +42 -0
- data/test/dummy/config/boot.rb +6 -0
- data/test/dummy/config/database.yml +5 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/test.rb +35 -0
- data/test/dummy/config/initializers/secret_token.rb +7 -0
- data/test/dummy/config/initializers/session_store.rb +8 -0
- data/test/dummy/config/routes.rb +3 -0
- data/test/dummy/config.ru +4 -0
- data/test/dummy/db/migrate/20110506183728_create_users.rb +14 -0
- data/test/dummy/db/schema.rb +23 -0
- data/test/model_test.rb +53 -0
- data/test/test_helper.rb +10 -0
- metadata +38 -6
data/.gitignore
CHANGED
data/README.rdoc
CHANGED
@@ -11,7 +11,8 @@ It also creates accessors for password and current_password (for password change
|
|
11
11
|
|
12
12
|
In ApplicationController
|
13
13
|
include SimpleUserAuth::Controller
|
14
|
-
|
14
|
+
before_filter :authenticate # authenticate checks to see if the user is signed in
|
15
|
+
can_sign_in :user, :deny => :deny_access # uses the User model, if authentication fails deny_access will be called.
|
15
16
|
|
16
17
|
In your Gemfile
|
17
18
|
gem 'simple_user_auth', '>= 0.0.2'
|
data/Rakefile
CHANGED
data/lib/simple_user_auth.rb
CHANGED
@@ -6,13 +6,14 @@ module SimpleUserAuth
|
|
6
6
|
klass.extend(ClassMethods)
|
7
7
|
klass.class_eval do
|
8
8
|
include ClassInstanceMethods
|
9
|
+
attr_accessor :password
|
10
|
+
attr_accessor :current_password
|
9
11
|
validate :change_password_validator
|
12
|
+
validates :password_confirmation, :presence => { :if => :new_record_or_change_password? }
|
10
13
|
validates :password,
|
11
14
|
:presence => { :if => :new_record_or_change_password? },
|
12
15
|
:confirmation => { :if => :new_record_or_change_password? },
|
13
16
|
:length => { :within => 6..40, :if => :new_record_or_change_password? }
|
14
|
-
attr_accessor :password
|
15
|
-
attr_accessor :current_password
|
16
17
|
before_save :encrypt_password
|
17
18
|
end
|
18
19
|
end
|
@@ -97,10 +98,17 @@ module SimpleUserAuth
|
|
97
98
|
module ClassMethods
|
98
99
|
# The user model you'll be using.
|
99
100
|
# e.g. can_sign_in :user
|
100
|
-
|
101
|
+
# An optional callback specified with :deny is available that will be called upon authentication failure.
|
102
|
+
# e.g. can_sign_in :user, :deny => :my_deny_callback
|
103
|
+
def can_sign_in(model, args = {})
|
101
104
|
klass = Kernel.const_get(model.to_s.camelize)
|
102
105
|
write_inheritable_attribute(:user_model_for_sign_in, klass)
|
106
|
+
write_inheritable_attribute(:deny_access_callback, args[:deny])
|
103
107
|
end
|
108
|
+
|
109
|
+
def deny_access(callback)
|
110
|
+
end
|
111
|
+
|
104
112
|
end
|
105
113
|
|
106
114
|
module ClassInstanceMethods
|
@@ -125,7 +133,7 @@ module SimpleUserAuth
|
|
125
133
|
end
|
126
134
|
|
127
135
|
def not_signed_in?
|
128
|
-
|
136
|
+
!signed_in?
|
129
137
|
end
|
130
138
|
|
131
139
|
def sign_out
|
@@ -136,26 +144,24 @@ module SimpleUserAuth
|
|
136
144
|
def current_user?(user)
|
137
145
|
user == current_user
|
138
146
|
end
|
139
|
-
|
140
|
-
# Stores the location of the resource trying to be accessed and redirects to signin_path
|
141
|
-
def deny_access
|
142
|
-
store_location
|
143
|
-
redirect_to signin_path, :notice => "Please sign in to access this page."
|
144
|
-
end
|
145
|
-
|
146
|
-
# Redirects back to the stored location, or to the value passed.
|
147
|
-
def redirect_back_or(default)
|
148
|
-
redirect_to(session[:return_to] || default)
|
149
|
-
clear_return_to
|
150
|
-
end
|
151
147
|
|
152
|
-
# This is useful as a before filter, it will deny access unless signed in.
|
148
|
+
# This is useful as a before filter, it will call your deny access callback unless signed in.
|
153
149
|
def authenticate
|
154
|
-
|
150
|
+
failed_authentication unless signed_in?
|
155
151
|
end
|
156
152
|
|
157
153
|
private
|
158
154
|
|
155
|
+
def failed_authentication
|
156
|
+
callback = self.class.read_inheritable_attribute(:deny_access_callback)
|
157
|
+
if callback && respond_to?(callback)
|
158
|
+
send(callback)
|
159
|
+
else
|
160
|
+
render :text => 'Access Denied', :status => 403
|
161
|
+
end
|
162
|
+
return false
|
163
|
+
end
|
164
|
+
|
159
165
|
def user_model
|
160
166
|
self.class.read_inheritable_attribute(:user_model_for_sign_in)
|
161
167
|
end
|
@@ -176,13 +182,6 @@ module SimpleUserAuth
|
|
176
182
|
cookies.signed[remember_token_name] || [nil, nil]
|
177
183
|
end
|
178
184
|
|
179
|
-
def store_location
|
180
|
-
session[:return_to] = request.fullpath
|
181
|
-
end
|
182
|
-
|
183
|
-
def clear_return_to
|
184
|
-
session[:return_to] = nil
|
185
|
-
end
|
186
185
|
end
|
187
186
|
|
188
187
|
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'rails'
|
2
|
+
require 'test_helper'
|
3
|
+
|
4
|
+
class ControllerTest < ActionController::TestCase
|
5
|
+
|
6
|
+
def setup
|
7
|
+
@controller = DummyController.new
|
8
|
+
@user = User.create(:email => "info@zenstack.com", :password => "password", :password_confirmation => "password")
|
9
|
+
end
|
10
|
+
|
11
|
+
def teardown
|
12
|
+
@user.destroy
|
13
|
+
end
|
14
|
+
|
15
|
+
test "get" do
|
16
|
+
get :index
|
17
|
+
assert_response :success
|
18
|
+
end
|
19
|
+
|
20
|
+
test "authenticate" do
|
21
|
+
assert @controller.respond_to?(:authenticate)
|
22
|
+
get :new
|
23
|
+
assert_response 403
|
24
|
+
assert !assigns(:testvariable)
|
25
|
+
@controller.class.can_sign_in :user, :deny => :deny_access_callback
|
26
|
+
get :new
|
27
|
+
assert_response :redirect
|
28
|
+
end
|
29
|
+
|
30
|
+
test "sign in" do
|
31
|
+
get :index
|
32
|
+
@controller.sign_in(@user)
|
33
|
+
get :new
|
34
|
+
assert_equal @controller.current_user, @user
|
35
|
+
assert @controller.current_user?(@user)
|
36
|
+
assert_response :success
|
37
|
+
end
|
38
|
+
|
39
|
+
test "sign out" do
|
40
|
+
get :index
|
41
|
+
@controller.sign_in(@user)
|
42
|
+
@controller.sign_out
|
43
|
+
assert !@controller.current_user
|
44
|
+
assert !@controller.signed_in?
|
45
|
+
assert @controller.not_signed_in?
|
46
|
+
end
|
47
|
+
|
48
|
+
test "can_sign_in" do
|
49
|
+
assert @controller.class.respond_to?(:can_sign_in)
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
class DummyController < ApplicationController
|
2
|
+
|
3
|
+
include SimpleUserAuth::Controller
|
4
|
+
|
5
|
+
|
6
|
+
can_sign_in :user
|
7
|
+
|
8
|
+
before_filter :authenticate, :only => :new
|
9
|
+
|
10
|
+
def index
|
11
|
+
render :text => "Success"
|
12
|
+
end
|
13
|
+
|
14
|
+
def new
|
15
|
+
@testvariable = true
|
16
|
+
render :text => "Success"
|
17
|
+
end
|
18
|
+
|
19
|
+
def deny_access_callback
|
20
|
+
redirect_to dummy_index_path
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
@@ -0,0 +1,42 @@
|
|
1
|
+
require File.expand_path('../boot', __FILE__)
|
2
|
+
|
3
|
+
require 'rails/all'
|
4
|
+
|
5
|
+
# If you have a Gemfile, require the gems listed there, including any gems
|
6
|
+
# you've limited to :test, :development, or :production.
|
7
|
+
Bundler.require(:default, Rails.env) if defined?(Bundler)
|
8
|
+
|
9
|
+
module Dummy
|
10
|
+
class Application < Rails::Application
|
11
|
+
# Settings in config/environments/* take precedence over those specified here.
|
12
|
+
# Application configuration should go into files in config/initializers
|
13
|
+
# -- all .rb files in that directory are automatically loaded.
|
14
|
+
|
15
|
+
# Custom directories with classes and modules you want to be autoloadable.
|
16
|
+
# config.autoload_paths += %W(#{config.root}/extras)
|
17
|
+
|
18
|
+
# Only load the plugins named here, in the order given (default is alphabetical).
|
19
|
+
# :all can be used as a placeholder for all plugins not explicitly named.
|
20
|
+
# config.plugins = [ :exception_notification, :ssl_requirement, :all ]
|
21
|
+
|
22
|
+
# Activate observers that should always be running.
|
23
|
+
# config.active_record.observers = :cacher, :garbage_collector, :forum_observer
|
24
|
+
|
25
|
+
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
|
26
|
+
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
|
27
|
+
# config.time_zone = 'Central Time (US & Canada)'
|
28
|
+
|
29
|
+
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
|
30
|
+
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
31
|
+
# config.i18n.default_locale = :de
|
32
|
+
|
33
|
+
# JavaScript files you want as :defaults (application.js is always included).
|
34
|
+
# config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
|
35
|
+
|
36
|
+
# Configure the default encoding used in templates for Ruby 1.9.
|
37
|
+
config.encoding = "utf-8"
|
38
|
+
|
39
|
+
# Configure sensitive parameters which will be filtered from the log file.
|
40
|
+
config.filter_parameters += [:password]
|
41
|
+
end
|
42
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
Dummy::Application.configure do
|
2
|
+
# Settings specified here will take precedence over those in config/application.rb
|
3
|
+
|
4
|
+
# The test environment is used exclusively to run your application's
|
5
|
+
# test suite. You never need to work with it otherwise. Remember that
|
6
|
+
# your test database is "scratch space" for the test suite and is wiped
|
7
|
+
# and recreated between test runs. Don't rely on the data there!
|
8
|
+
config.cache_classes = true
|
9
|
+
|
10
|
+
# Log error messages when you accidentally call methods on nil.
|
11
|
+
config.whiny_nils = true
|
12
|
+
|
13
|
+
# Show full error reports and disable caching
|
14
|
+
config.consider_all_requests_local = true
|
15
|
+
config.action_controller.perform_caching = false
|
16
|
+
|
17
|
+
# Raise exceptions instead of rendering exception templates
|
18
|
+
config.action_dispatch.show_exceptions = false
|
19
|
+
|
20
|
+
# Disable request forgery protection in test environment
|
21
|
+
config.action_controller.allow_forgery_protection = false
|
22
|
+
|
23
|
+
# Tell Action Mailer not to deliver emails to the real world.
|
24
|
+
# The :test delivery method accumulates sent emails in the
|
25
|
+
# ActionMailer::Base.deliveries array.
|
26
|
+
config.action_mailer.delivery_method = :test
|
27
|
+
|
28
|
+
# Use SQL instead of Active Record's schema dumper when creating the test database.
|
29
|
+
# This is necessary if your schema can't be completely dumped by the schema dumper,
|
30
|
+
# like if you have constraints or database-specific column types
|
31
|
+
# config.active_record.schema_format = :sql
|
32
|
+
|
33
|
+
# Print deprecation notices to the stderr
|
34
|
+
config.active_support.deprecation = :stderr
|
35
|
+
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
# Your secret key for verifying the integrity of signed cookies.
|
4
|
+
# If you change this key, all old signed cookies will become invalid!
|
5
|
+
# Make sure the secret is at least 30 characters and all random,
|
6
|
+
# no regular words or you'll be exposed to dictionary attacks.
|
7
|
+
Dummy::Application.config.secret_token = 'b742bbea09a2328f4d77677298e0f33509264b5c7dd065aeffbcee6dfb3e38a91c69099b0495371a2844a03b7ff9139026e9f91cefc7f11e9039d56921e248ca'
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Be sure to restart your server when you modify this file.
|
2
|
+
|
3
|
+
Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
|
4
|
+
|
5
|
+
# Use the database for sessions instead of the cookie-based default,
|
6
|
+
# which shouldn't be used to store highly confidential information
|
7
|
+
# (create the session table with "rails generate session_migration")
|
8
|
+
# Dummy::Application.config.session_store :active_record_store
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# This file is auto-generated from the current state of the database. Instead
|
2
|
+
# of editing this file, please use the migrations feature of Active Record to
|
3
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
4
|
+
#
|
5
|
+
# Note that this schema.rb definition is the authoritative source for your
|
6
|
+
# database schema. If you need to create the application database on another
|
7
|
+
# system, you should be using db:schema:load, not running all the migrations
|
8
|
+
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
|
9
|
+
# you'll amass, the slower it'll run and the greater likelihood for issues).
|
10
|
+
#
|
11
|
+
# It's strongly recommended to check this file into your version control system.
|
12
|
+
|
13
|
+
ActiveRecord::Schema.define(:version => 20110506183728) do
|
14
|
+
|
15
|
+
create_table "users", :force => true do |t|
|
16
|
+
t.string "email"
|
17
|
+
t.string "encrypted_password"
|
18
|
+
t.string "salt"
|
19
|
+
t.datetime "created_at"
|
20
|
+
t.datetime "updated_at"
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
data/test/model_test.rb
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
class ModelTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@user = User.create(:email => "info@zenstack.com", :password => "password", :password_confirmation => "password")
|
7
|
+
end
|
8
|
+
|
9
|
+
def teardown
|
10
|
+
@user.destroy
|
11
|
+
end
|
12
|
+
|
13
|
+
test "validations" do
|
14
|
+
user = User.new
|
15
|
+
assert !user.valid?, "Blank user validates"
|
16
|
+
|
17
|
+
user.password = "foo"
|
18
|
+
assert !user.valid?, "Password is too short to validate"
|
19
|
+
|
20
|
+
user.password = "foobar"
|
21
|
+
assert !user.valid?, "Password confirmation validation fails"
|
22
|
+
|
23
|
+
user.password_confirmation = "foobar"
|
24
|
+
assert user.valid?, "Should pass validations"
|
25
|
+
end
|
26
|
+
|
27
|
+
test "authenticate_by" do
|
28
|
+
assert User.respond_to?(:authenticate_by)
|
29
|
+
end
|
30
|
+
|
31
|
+
test "authenticate" do
|
32
|
+
assert_equal(User.authenticate(@user.email, "password"), @user)
|
33
|
+
assert !User.authenticate("info@zenstack.com", "badpassword")
|
34
|
+
end
|
35
|
+
|
36
|
+
test "authenticate_with_salt" do
|
37
|
+
assert_equal(@user, User.authenticate_with_salt(@user.id, @user.salt))
|
38
|
+
end
|
39
|
+
|
40
|
+
test "has_password?" do
|
41
|
+
assert @user.has_password?("password")
|
42
|
+
assert !@user.has_password?("badpassword")
|
43
|
+
end
|
44
|
+
|
45
|
+
test "change_password" do
|
46
|
+
user = User.new
|
47
|
+
assert !user.change_password?
|
48
|
+
user.password = "changemypassword"
|
49
|
+
assert user.change_password?
|
50
|
+
end
|
51
|
+
|
52
|
+
|
53
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,10 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
ENV["RAILS_ENV"] = "test"
|
3
|
+
require File.expand_path('../../lib/simple_user_auth', __FILE__)
|
4
|
+
require 'test/unit'
|
5
|
+
require 'rails/test_help'
|
6
|
+
require 'dummy/config/environment.rb'
|
7
|
+
|
8
|
+
ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
|
9
|
+
|
10
|
+
|
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: simple_user_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.0.
|
5
|
+
version: 0.0.6
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Erich Menge
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2011-05-
|
13
|
+
date: 2011-05-06 00:00:00 Z
|
14
14
|
dependencies: []
|
15
15
|
|
16
16
|
description: A simple no frills user authentication gem for my Rails projects.
|
@@ -29,6 +29,23 @@ files:
|
|
29
29
|
- lib/simple_user_auth.rb
|
30
30
|
- lib/simple_user_auth/version.rb
|
31
31
|
- simple_user_auth.gemspec
|
32
|
+
- test/controller_test.rb
|
33
|
+
- test/dummy/app/controllers/application_controller.rb
|
34
|
+
- test/dummy/app/controllers/dummy_controller.rb
|
35
|
+
- test/dummy/app/models/user.rb
|
36
|
+
- test/dummy/config.ru
|
37
|
+
- test/dummy/config/application.rb
|
38
|
+
- test/dummy/config/boot.rb
|
39
|
+
- test/dummy/config/database.yml
|
40
|
+
- test/dummy/config/environment.rb
|
41
|
+
- test/dummy/config/environments/test.rb
|
42
|
+
- test/dummy/config/initializers/secret_token.rb
|
43
|
+
- test/dummy/config/initializers/session_store.rb
|
44
|
+
- test/dummy/config/routes.rb
|
45
|
+
- test/dummy/db/migrate/20110506183728_create_users.rb
|
46
|
+
- test/dummy/db/schema.rb
|
47
|
+
- test/model_test.rb
|
48
|
+
- test/test_helper.rb
|
32
49
|
homepage: ""
|
33
50
|
licenses: []
|
34
51
|
|
@@ -52,10 +69,25 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
52
69
|
requirements: []
|
53
70
|
|
54
71
|
rubyforge_project: simple_user_auth
|
55
|
-
rubygems_version: 1.
|
72
|
+
rubygems_version: 1.8.0
|
56
73
|
signing_key:
|
57
74
|
specification_version: 3
|
58
75
|
summary: A simple user authentication mixin for Rails
|
59
|
-
test_files:
|
60
|
-
|
61
|
-
|
76
|
+
test_files:
|
77
|
+
- test/controller_test.rb
|
78
|
+
- test/dummy/app/controllers/application_controller.rb
|
79
|
+
- test/dummy/app/controllers/dummy_controller.rb
|
80
|
+
- test/dummy/app/models/user.rb
|
81
|
+
- test/dummy/config.ru
|
82
|
+
- test/dummy/config/application.rb
|
83
|
+
- test/dummy/config/boot.rb
|
84
|
+
- test/dummy/config/database.yml
|
85
|
+
- test/dummy/config/environment.rb
|
86
|
+
- test/dummy/config/environments/test.rb
|
87
|
+
- test/dummy/config/initializers/secret_token.rb
|
88
|
+
- test/dummy/config/initializers/session_store.rb
|
89
|
+
- test/dummy/config/routes.rb
|
90
|
+
- test/dummy/db/migrate/20110506183728_create_users.rb
|
91
|
+
- test/dummy/db/schema.rb
|
92
|
+
- test/model_test.rb
|
93
|
+
- test/test_helper.rb
|