simplest_auth 0.1.1

data/README.textile

@@ -0,0 +1,107 @@
+h1. SimplestAuth
+
+simplest_auth is a gem to be used with Rails applications where RESTful Authentication is overkill - it handles authentication and nothing else (e.g. password resets, etc...)
+
+simplest_auth is now compatible with both ActiveRecord and DataMapper (the README displays examples for AR)
+
+h2. Installation
+
+SimplestAuth depends (for now) on the BCrypt gem, so install that first:
+
+<pre><code>$ sudo gem install bcrypt-ruby</code></pre>
+
+Configure for the gem:
+
+<pre><code>config.gem 'vigetlabs-simplest_auth', :lib => 'simplest_auth'</code></pre>
+
+h2. Usage
+
+SimplestAuth is an extension to the existing models and controllers in your Rails application.  It makes some decisions about how you structure your models, but will give you flexibility with naming and any ActiveRecord validations that you want to use.
+
+h3. Model Integration
+
+If you're starting out with a fresh User model, you just need an identifier such as @email@ and @crypted_password@ columns in your database:
+
+<pre><code>$ ./script/generate model User email:string crypted_password:string</code></pre>
+
+To get started, just use the @SimplestAuth::Model@ mix-in, and tell it how you want to identify, in your User class:
+
+<pre><code>
+    class User < ActiveRecord::Base
+      include SimplestAuth::Model
+      
+      authenticate_by :email
+    end
+</code></pre>
+
+The module provides accessors for both @password@ and @password_confirmation@, but you will need to provide the validations required for your application. A @password_required?@ method is defined, as well. Some sane defaults:
+
+<pre><code>
+    validates_presence_of :email
+    validates_uniqueness_of :email
+    
+    validates_presence_of :password, :on => :create
+    validates_confirmation_of :password, :if => :password_required?
+</code></pre>
+
+Before creating new records, the password is crypted before storing the User in the database.
+
+The full model class:
+
+<pre><code>
+    class User < ActiveRecord::Base
+      include SimplestAuth::Model
+      
+      validates_presence_of :email
+      validates_uniqueness_of :email
+      
+      validates_presence_of :password, :on => :create
+      validates_confirmation_of :password, :if => :password_required?
+    end
+</code></pre>
+
+h3. Controller
+
+To initialize the Controller functionality for use in your application, you need to include it in your @ApplicationController@:
+
+<pre><code>
+    class ApplicationController < ActionController::Base
+      include SimplestAuth::Controller
+    end
+</code></pre>
+
+The plugin defines the @user_class@ method so that it can find the appropriate object in your application, it defaults to User but can be Account or anything else. Once that is included, you can use the controller methods in your application - logging in, for example:
+
+<pre><code>
+    class SessionsController < ApplicationController
+      
+      def new; end
+      
+      def create
+        if user = User.authenticate(params[:email], params[:password])
+          self.current_user = user
+          flash[:notice] = 'Welcome!'
+          redirect_to root_path
+        else
+          flash.now[:error] =  "Couldn't locate a user with those credentials"
+          render :action => :new
+        end
+      end
+    end
+</code></pre>
+
+h3. Helpers
+
+The plug-in also defines some convenient helpers to use in your views:
+
+* *@current_user@*: The user object of the currently logged-in user (or nil if the user isn't logged-in)
+* *@logged_in?@*: Is there a user logged in?
+* *@authorized?@*: Is this user authorized? Defaults to simply checking for logged_in? Override for your authorization scheme.
+
+h2. TODO
+
+* Document the usage of helper methods (e.g. :logged_in? / :authorized?) in the controller
+
+h2. Credits
+
+Tony Pitale and Matt Swasey of Viget Labs (http://www.viget.com)

data/Rakefile

@@ -0,0 +1,51 @@
+require 'rubygems'
+require 'rake/gempackagetask'
+require 'rake/testtask'
+
+require 'lib/simplest_auth/version'
+
+task :default => :test
+
+spec = Gem::Specification.new do |s|
+  s.name            = 'simplest_auth'
+  s.version         = SimplestAuth::Version.to_s
+  s.summary         = "Simple implementation of authentication for Rails"
+  s.author          = 'Tony Pitale'
+  s.email           = 'tony.pitale@viget.com'
+  s.homepage        = 'http://viget.com/extend'
+  s.files           = %w(README.textile Rakefile) + Dir.glob("lib/**/*")
+  s.test_files      = Dir.glob("test/**/*_test.rb")
+  
+  s.add_dependency('bcrypt-ruby', '~> 2.0.5')
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.gem_spec = spec
+end
+
+Rake::TestTask.new do |t|
+  t.libs << 'test'
+  t.test_files = FileList["test/**/*_test.rb"]
+  t.verbose = true
+end
+
+desc 'Generate the gemspec to serve this Gem from Github'
+task :github do
+  file = File.dirname(__FILE__) + "/#{spec.name}.gemspec"
+  File.open(file, 'w') {|f| f << spec.to_ruby }
+  puts "Created gemspec: #{file}"
+end
+
+begin
+  require 'rcov/rcovtask'
+  
+  desc "Generate RCov coverage report"
+  Rcov::RcovTask.new(:rcov) do |t|
+    t.test_files = FileList['test/**/*_test.rb']
+    t.rcov_opts << "-x lib/simplest_auth.rb -x lib/simplest_auth/version.rb"
+  end
+rescue LoadError
+  nil
+end
+
+task :default => 'test'

data/lib/simplest_auth/controller.rb

@@ -0,0 +1,69 @@
+module SimplestAuth
+  class UndefinedMethodError < StandardError; end
+  
+  module Controller
+    def user_class
+      User
+    end
+
+    def authorized?
+      logged_in?
+    end
+
+    def access_denied
+      store_location
+      flash[:error] = login_message
+      redirect_to new_session_url
+    end
+    
+    def login_message
+      "Login or Registration Required"
+    end
+
+    def store_location
+      session[:return_to] = request.request_uri
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+
+    def login_required
+      authorized? || access_denied
+    end
+
+    def logged_in?
+      !current_user_id.nil?
+    end
+
+    def current_user
+      if @current_user.nil?
+        begin
+          @current_user = user_class.find(current_user_id)
+        rescue user_class::RecordNotFound
+          clear_session
+          @current_user = nil
+        end
+      end
+      @current_user
+    end
+
+    def current_user=(user)
+      session[:user_id] = user ? user.id : nil
+      @current_user = user || false
+    end
+
+    def current_user_id
+      session[:user_id]
+    end
+    
+    def clear_session
+      session[:user_id] = nil
+    end
+    
+    def self.included(base)
+      base.send :helper_method, :current_user, :logged_in?, :authorized? if base.respond_to? :helper_method
+    end
+  end
+end

data/lib/simplest_auth/model.rb

@@ -0,0 +1,79 @@
+module SimplestAuth
+  module Model
+    def self.included(base)
+      base.extend ClassMethods
+      base.send(:include, InstanceMethods)
+
+      base.class_eval do
+        attr_accessor :password, :password_confirmation
+      end
+
+      if base.active_record?
+        base.class_eval do
+          before_save :hash_password, :if => :password_required?
+        end
+      elsif base.data_mapper?
+        base.class_eval do
+          before :save, :hash_password, :if => :password_required?
+        end
+      end
+    end
+
+    module ClassMethods
+      def active_record?
+        defined?(ActiveRecord)
+      end
+
+      def data_mapper?
+        defined?(DataMapper)
+      end
+
+      def authenticate(email, password)
+        if active_record?
+          klass = find_by_email(email)
+        elsif data_mapper?
+          klass = first(:email => email)
+        end
+
+        (klass && klass.authentic?(password)) ? klass : nil
+      end
+
+      def authenticate_by(ident)
+        if active_record?
+          instance_eval <<-EOM
+            def authenticate(#{ident}, password)
+              klass = find_by_#{ident}(#{ident})
+              (klass && klass.authentic?(password)) ? klass : nil
+            end
+          EOM
+        elsif data_mapper?
+          instance_eval <<-EOM
+            def authenticate(#{ident}, password)
+              klass = first(:#{ident} => #{ident})
+              (klass && klass.authentic?(password)) ? klass : nil
+            end
+          EOM
+        end
+      end
+    end
+
+    module InstanceMethods
+      include BCrypt
+
+      RecordNotFound = Class.new(StandardError)
+
+      def authentic?(password)
+        Password.new(self.crypted_password) == password
+      end
+
+      private
+      def hash_password
+        self.crypted_password = Password.create(self.password) if password_required?
+      end
+
+      def password_required?
+        self.crypted_password.blank? || !self.password.blank?
+      end
+    end
+  end
+end

data/lib/simplest_auth/version.rb

@@ -0,0 +1,13 @@
+module SimplestAuth
+  module Version
+    
+    MAJOR = 0
+    MINOR = 1
+    TINY  = 1
+    
+    def self.to_s # :nodoc:
+      [MAJOR, MINOR, TINY].join('.')
+    end
+    
+  end
+end

data/lib/simplest_auth.rb

@@ -0,0 +1,13 @@
+begin
+  require 'bcrypt'
+rescue LoadError
+  begin
+    gem 'bcrypt-ruby'
+  rescue Gem::LoadError
+    puts "Please install the bcrypt-ruby gem"
+  end
+end
+
+# SimplestAuth
+require 'simplest_auth/model'
+require 'simplest_auth/controller'

data/test/unit/simplest_auth/ar_model_test.rb

@@ -0,0 +1,46 @@
+require File.dirname(__FILE__) + '/../../test_helper'
+
+ARUser = Class.new
+
+class ARUserTest < Test::Unit::TestCase
+  include BCrypt
+
+  context "with ActiveRecord" do
+    setup do
+      ARUser.stubs(:active_record?).returns(true)
+      ARUser.expects(:before_save).with(:hash_password, :if => :password_required?)
+      ARUser.send(:include, SimplestAuth::Model)
+    end
+
+    context "the ARUser class" do
+      should "redefine authenticate for AR" do
+        ARUser.expects(:instance_eval).with(kind_of(String))
+        ARUser.authenticate_by :email
+      end
+
+      should "have a default authenticate to email" do
+        user = mock do |m|
+          m.expects(:authentic?).with('password').returns(true)
+        end
+
+        ARUser.expects(:find_by_email).with('joe@schmoe.com').returns(user)
+        assert_equal user, ARUser.authenticate('joe@schmoe.com', 'password')
+      end
+
+      context "with authenticate_by set to username" do
+        setup do
+          ARUser.authenticate_by :username
+        end
+
+        should "find a user with email for authentication" do
+          user = mock do |m|
+            m.expects(:authentic?).with('password').returns(true)
+          end
+
+          ARUser.expects(:find_by_username).with('joeschmoe').returns(user)
+          assert_equal user, ARUser.authenticate('joeschmoe', 'password')
+        end
+      end
+    end
+  end
+end

data/test/unit/simplest_auth/controller_test.rb

@@ -0,0 +1,144 @@
+require File.dirname(__FILE__) + '/../../test_helper'
+
+class User
+  class RecordNotFound < StandardError; end
+end
+
+class ControllerTest < Test::Unit::TestCase
+  include SimplestAuth::Controller
+
+  context "the Controller module" do
+    should "know if a user is authorized" do
+      stubs(:logged_in?).returns(true)
+      assert authorized?
+    end
+    
+    should "redirect to a new session if access is denied" do
+      stubs(:store_location)
+      expects(:redirect_to).with("")
+      stubs(:new_session_url).returns("")
+      stubs(:flash).returns({})
+      access_denied
+    end
+    
+    should "set the error flash if access is denied" do
+      stubs(:store_location)
+      stubs(:redirect_to).with("")
+      stubs(:new_session_url).returns("")
+      stubs(:login_message).returns("blah")
+      flash_stub = {}
+      stubs(:flash).returns(flash_stub)
+      access_denied
+      assert_equal "blah", flash_stub[:error]
+    end
+    
+    should "store the location of the desired page before redirecting" do
+      expects(:store_location)
+      stubs(:redirect_to)
+      stubs(:new_session_url)
+      stubs(:flash).returns({})
+      access_denied
+    end
+    
+    should "store the location of the current request to session" do
+      expects(:session).returns({})
+      stubs(:request).returns(stub(:request_uri => ''))
+      store_location
+    end
+    
+    should "redirect back to the stored uri" do
+      stubs(:session).returns({:return_to => 'somewhere'})
+      expects(:redirect_to).with('somewhere')
+      redirect_back_or_default('')
+    end
+    
+    should "redirect to a default location if the session url is nil" do
+      stubs(:session).returns({:return_to => nil})
+      expects(:redirect_to).with('default')
+      redirect_back_or_default('default')
+    end
+    
+    should "clear the session stored url after redirect" do
+      session = {:return_to => 'somewhere'}
+      stubs(:session).returns(session)
+      stubs(:redirect_to)
+      redirect_back_or_default('')
+      assert_nil session[:return_to]
+    end
+    
+    should "know if login is required from authorized method" do
+      stubs(:authorized?).returns(true)
+      assert login_required
+    end
+    
+    should "consider access denied if login is required and not authorized" do
+      stubs(:authorized?).returns(false)
+      expects(:access_denied)
+      login_required
+    end
+    
+    should "know if a user is logged in" do
+      stubs(:current_user_id).returns(1)
+      assert logged_in?
+    end
+    
+    should "know if a user is not logged in" do
+      stubs(:current_user_id).returns(nil)
+      assert_equal false, logged_in?
+    end
+    
+    should "find the current user" do
+      user_stub = stub()
+      user_stub.stubs(:find).with(1).returns("user")
+      
+      stubs(:current_user_id).returns(1)
+      stubs(:user_class).returns(user_stub)
+      
+      assert_equal "user", current_user
+    end
+    
+    should "return nil for the current user if it doesn't exist" do
+      User.stubs(:find).with('1').raises(User::RecordNotFound)
+      stubs(:current_user_id).with().returns('1')
+      stubs(:clear_session)
+
+      assert_nil current_user
+    end
+    
+    should "be able to clear its session variables" do
+      expects(:session).with().returns(mock() {|m| m.expects(:[]=).with(:user_id, nil) })
+      clear_session
+    end
+    
+    should "clear the :user_id from session if the user cannot be found" do
+      User.stubs(:find).with('1').raises(User::RecordNotFound)
+      stubs(:current_user_id).with().returns('1')
+      expects(:clear_session).with()
+
+      current_user
+    end
+    
+    should "allow assigning to the current user" do
+      stubs(:session).returns({})
+      user = mock(:id => 1)
+      self.current_user = user
+    end
+    
+    should "save the current user to avoid lookup" do
+      stubs(:session).returns({})
+      user = stub(:id => 1)
+      self.current_user = user
+      assert_equal user, current_user
+    end
+    
+    should "know the current user id from session" do
+      stubs(:session).returns({:user_id => 1})
+      assert_equal 1, current_user_id
+    end
+    
+    should "have a default login error message" do
+      assert_equal "Login or Registration Required", login_message
+    end
+  end
+  
+end

data/test/unit/simplest_auth/dm_model_test.rb

@@ -0,0 +1,47 @@
+require File.dirname(__FILE__) + '/../../test_helper'
+
+DMUser = Class.new
+
+class DMUserTest < Test::Unit::TestCase
+  include BCrypt
+
+  context "with DataMapper" do
+    setup do
+      DMUser.stubs(:active_record?).returns(false)
+      DMUser.stubs(:data_mapper?).returns(true)
+      DMUser.expects(:before).with(:save, :hash_password, :if => :password_required?)
+      DMUser.send(:include, SimplestAuth::Model)
+    end
+
+    context "the DMUser class" do
+      should "redefine authenticate for DM" do
+        DMUser.expects(:instance_eval).with(kind_of(String))
+        DMUser.authenticate_by :email
+      end
+
+      should "have a default authenticate to email" do
+        user = mock do |m|
+          m.expects(:authentic?).with('password').returns(true)
+        end
+
+        DMUser.expects(:first).with(:email => 'joe@schmoe.com').returns(user)
+        assert_equal user, DMUser.authenticate('joe@schmoe.com', 'password')
+      end
+  
+      context "with authenticate_by set to username" do
+        setup do
+          DMUser.authenticate_by :username
+        end
+
+        should "find a user with email for authentication" do
+          user = mock do |m|
+            m.expects(:authentic?).with('password').returns(true)
+          end
+
+          DMUser.expects(:first).with(:username => 'joeschmoe').returns(user)
+          assert_equal user, DMUser.authenticate('joeschmoe', 'password')
+        end
+      end
+    end
+  end
+end

data/test/unit/simplest_auth/model_test.rb

@@ -0,0 +1,79 @@
+require File.dirname(__FILE__) + '/../../test_helper'
+
+class User; end
+
+class UserTest < Test::Unit::TestCase
+  include BCrypt
+
+  context "with no ORM" do
+    setup do
+      User.stubs(:active_record?).returns(false)
+      User.stubs(:data_mapper?).returns(false)
+      User.send(:include, SimplestAuth::Model)
+    end
+
+    should "return nil for authenticate" do
+      assert_equal nil, User.authenticate('email', 'password')
+    end
+  end
+
+  context "an instance of the User class" do
+    setup do
+      User.send(:include, SimplestAuth::Model)
+      @user = User.new
+      @user.stubs(:crypted_password).returns('abcdefg')
+    end
+
+    should "determine if a password is authentic" do
+      password_stub = stub
+      password_stub.stubs(:==).with('password').returns(true)
+      Password.stubs(:new).with('abcdefg').returns(password_stub)
+
+      assert @user.authentic?('password')
+    end
+
+    should "determine when a password is not authentic" do
+      password_stub = stub
+      password_stub.stubs(:==).with('password').returns(false)
+      Password.stubs(:new).with('abcdefg').returns(password_stub)
+      
+      assert_equal false, @user.authentic?('password')
+    end
+
+    should "use the Password class == method for comparison" do
+      password_stub = mock
+      password_stub.expects(:==).with('password').returns(true)
+      Password.stubs(:new).with('abcdefg').returns(password_stub)
+      
+      @user.authentic?('password')
+    end
+
+    should "use a new Password made from crypted_password" do
+      password_stub = stub
+      password_stub.stubs(:==).with('password').returns(true)
+      Password.expects(:new).with('abcdefg').returns(password_stub)
+      
+      @user.authentic?('password')
+    end
+
+    should "hash a password using bcrypt" do
+      @user.stubs(:password_required?).returns(true)
+      @user.expects(:crypted_password=).with('abcdefg')
+      @user.password = 'password'
+      Password.expects(:create).with('password').returns('abcdefg')
+
+      @user.send(:hash_password)
+    end
+
+    should "require a password if crypted password is blank" do
+      @user.stubs(:crypted_password).returns(stub(:blank? => true))
+      assert_equal true, @user.send(:password_required?)
+    end
+
+    should "require a password if a password has been set" do
+      @user.stubs(:crypted_password).returns(stub(:blank? => false))
+      @user.stubs(:password).returns(stub(:blank? => false))
+      assert_equal true, @user.send(:password_required?)
+    end
+  end
+end

metadata

@@ -0,0 +1,75 @@
+--- !ruby/object:Gem::Specification 
+name: simplest_auth
+version: !ruby/object:Gem::Version 
+  version: 0.1.1
+platform: ruby
+authors: 
+- Tony Pitale
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-05-03 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: bcrypt-ruby
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        version: 2.0.5
+    version: 
+description: 
+email: tony.pitale@viget.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- README.textile
+- Rakefile
+- lib/simplest_auth
+- lib/simplest_auth/controller.rb
+- lib/simplest_auth/model.rb
+- lib/simplest_auth/version.rb
+- lib/simplest_auth.rb
+- test/unit/simplest_auth/ar_model_test.rb
+- test/unit/simplest_auth/controller_test.rb
+- test/unit/simplest_auth/dm_model_test.rb
+- test/unit/simplest_auth/model_test.rb
+has_rdoc: false
+homepage: http://viget.com/extend
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.1
+signing_key: 
+specification_version: 2
+summary: Simple implementation of authentication for Rails
+test_files: 
+- test/unit/simplest_auth/ar_model_test.rb
+- test/unit/simplest_auth/controller_test.rb
+- test/unit/simplest_auth/dm_model_test.rb
+- test/unit/simplest_auth/model_test.rb