sinatra-authentication-nedludd 0.0.1

data/lib/views/show.haml

@@ -0,0 +1,7 @@
+#sinatra_authentication
+  %h1.page_title
+    - if @user.email
+      = @user.email
+  - if current_user.admin?
+    %h2 permission level
+    = @user.permission_level

data/lib/views/signup.haml

@@ -0,0 +1,21 @@
+#sinatra_authentication
+  - if Rack.const_defined?('Flash')
+    #sinatra_authentication_flash= flash[:notice]
+  %h1.page_title Signup
+  %form{:action => "/signup", :method => "post"}
+    .field
+      .label
+        %label{:for => "user_email"} Email
+      %input{ :id => "user_email", :name => "user[email]", :size => 30, :type => "text" }
+    .field
+      .label
+        %label{:for => "user_password"} Password
+      %input{ :id => "user_password", :name => "user[password]", :size => 30, :type => "password" }
+    .field
+      .label
+        %label{:for => "user_password_confirmation"} Confirm Password
+      %input{ :id => "user_password_confirmation", :name => "user[password_confirmation]", :size => 30, :type => "password" }
+    .buttons
+      %input{ :value => "Create account", :type => "submit" }
+      %a{:href => "/login", :class => 'sinatra_authentication_link'}
+        Login

data/readme.markdown

@@ -0,0 +1,161 @@
+### A little sinatra gem that implements user authentication, with support for DataMapper.
+
+(Forked from maxjustus' version.  I don't need TC or Mongo, nor Facebook integration)
+
+## INSTALLATION:
+
+In your sinatra app simply require "dm-core", "digest/sha1", 'rack-flash' (if you want flash messages) and then "sinatra-authentication" and turn on session storage with a super secret key, like so:
+
+    require "dm-core"
+    #for using auto_migrate!
+    require "dm-migrations"
+    require "digest/sha1"
+    require 'rack-flash'
+    require "sinatra-authentication"
+
+    use Rack::Session::Cookie, :secret => 'A1 sauce 1s so good you should use 1t on a11 yr st34ksssss'
+    #if you want flash messages
+    use Rack::Flash
+
+## DEFAULT ROUTES:
+
+* get      '/login'
+* get      '/logout'
+* get      '/signup'
+* get/post '/users'
+* get       '/users/:id'
+* get/post  '/users/:id/edit'
+* get       '/users/:id/delete'
+
+If you fetch any of the user pages using ajax, they will automatically render without a layout
+
+## FLASH MESSAGES
+
+Flash messages are implemented using rack-flash. To set them up add this to your code:
+
+    require 'rack-flash'
+
+    #be sure and do this after after 'use Rack:Session:Cookie...'
+    use Rack::Flash
+
+And then sinatra-authentication related flash messages will be made available through flash[:notice]
+
+    -# somewhere in a haml view:
+    = flash[:notice]
+
+## HELPER METHODS:
+
+This plugin provides the following helper methods for your sinatra app:
+
+* login_required
+  > which you place at the beginning of any routes you want to be protected
+* current_user
+* logged_in?
+* render_login_logout(html_attributes)
+  > Which renders login/logout and singup/edit account links.
+If you pass a hash of html parameters to render_login_logout all the links will get set to them.
+Which is useful for if you're using some sort of lightbox
+
+## SIMPLE PERMISSIONS:
+
+By default the user class includes a method called admin? which simply checks
+if user.permission_level == -1.
+
+you can take advantage of  this method in your views or controllers by calling
+current_user.admin?
+i.e.
+
+    - if current_user.admin?
+      %a{:href => "/adminey_link_route_thing"} do something adminey
+
+(these view examples are in HAML, by the way)
+
+You can also extend the user class with any convenience methods for determining permissions.
+i.e.
+
+    #somewhere in the murky depths of your sinatra app
+    class User
+      def peasant?
+        self.permission_level == 0
+      end
+    end
+
+then in your views you can do
+
+    - if current_user.peasant?
+      %h1 hello peasant!
+      %p Welcome to the caste system! It's very depressing.
+
+if no one is logged in, current_user returns a GuestUser instance, which responds to current_user.guest?
+with true, current_user.permission_level with 0 and any other method calls with false
+
+This makes some view logic easier since you don't always have to check if the user is logged in,
+although a logged_in? helper method is still provided
+
+
+## OVERRIDING DEFAULT VIEWS
+
+Right now if you're going to override sinatra-authentication's views, you have to override all of them.
+This is something I hope to change in a future release.
+
+To override the default view path do something like this:
+
+    set :sinatra_authentication_view_path, Pathname(__FILE__).dirname.expand_path + "my_views/"
+
+And then the views you'll need to define are:
+
+* show.haml
+* index.haml
+* signup.haml
+* login.haml
+* edit.haml
+
+The signup and edit form fields are named so they pass a hash called 'user' to the server:
+
+    %input{:name => "user[email]", :size => 30, :type => "text", :value => @user.email}
+    %input{:name => "user[password]", :size => 30, :type => "password"}
+    %input{:name => "user[password_confirmation]", :size => 30, :type => "password"}
+
+    %select{:name => "user[permission_level]"}
+      %option{:value => -1, :selected => @user.admin?}
+        Admin
+      %option{:value => 1, :selected => @user.permission_level == 1}
+        Authenticated user
+
+if you add attributes to the User class and pass them in the user hash your new attributes will be set along with the others.
+
+The login form fields just pass a field called email and a field called password:
+
+    %input{:name => "email", :size => 30, :type => "text"}
+    %input{:name => "password", :size => 30, :type => "password"}
+
+To add methods or properties to the User class, you have to access the underlying database user class, like so:
+
+    class DmUser
+      property :name, String
+      property :has_dog, Boolean, :default => false
+    end
+
+And then to access/update your newly defined attributes you use the User class:
+
+    current_user.name
+    current_user.has_dog
+
+    current_user.update({:has_dog => true})
+
+    new_user = User.set({:email => 'max@max.com' :password => 'hi', :password_confirmation => 'hi', :name => 'Max', :has_dog => false})
+
+    User.all(:has_dog => true).each do |user|
+      user.update({has_dog => false})
+    end
+
+    User.all(:has_dog => false).each do |user|
+      user.delete
+    end
+
+the User class passes additional method calls along to the interfacing database class, so calls to Datamapper functions should work as expected.
+
+The database user class is named
+
+    DmUser
+

data/sinatra-authentication-nedludd.gemspec

@@ -0,0 +1,97 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{sinatra-authentication-nedludd}
+  s.version = "0.0.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Max Justus Spransy" "Tim Hermans"]
+  s.date = %q{2010-06-29}
+  s.description = %q{Simple authentication plugin for sinatra.}
+  s.email = ["maxjustus@gmail.com" "thermans@gmail.com"]
+  s.extra_rdoc_files = [
+    "TODO"
+  ]
+  s.files = [
+    ".gitignore",
+     "History.txt",
+     "Manifest",
+     "Rakefile",
+     "TODO",
+     "example/dm_extend_app.rb",
+     "example/dm_sinbook.rb",
+     "example/extend_views/edit.haml",
+     "example/extend_views/index.haml",
+     "example/extend_views/login.haml",
+     "example/extend_views/show.haml",
+     "example/extend_views/signup.haml",
+     "example/mm_app.rb",
+     "example/tc_app.rb",
+     "example/tc_sinbook.rb",
+     "lib/models/abstract_user.rb",
+     "lib/models/datamapper_user.rb",
+     "lib/models/dm_adapter.rb",
+     "lib/sinatra-authentication.rb",
+     "lib/views/edit.haml",
+     "lib/views/index.haml",
+     "lib/views/login.haml",
+     "lib/views/show.haml",
+     "lib/views/signup.haml",
+     "readme.markdown",
+     "sinatra-authentication-nedludd.gemspec",
+     "test/datamapper_test.rb",
+     "test/lib/dm_app.rb",
+     "test/lib/dm_extend_app.rb",
+     "test/lib/extend_views/edit.haml",
+     "test/lib/extend_views/index.haml",
+     "test/lib/extend_views/login.haml",
+     "test/lib/extend_views/show.haml",
+     "test/lib/extend_views/signup.haml",
+     "test/lib/helper.rb",
+     "test/route_tests.rb"
+  ]
+  s.homepage = %q{http://github.com/nedludd/sinatra-authentication}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Simple authentication plugin for sinatra.}
+  s.test_files = [
+    "test/route_tests.rb",
+     "test/datamapper_test.rb",
+     "test/lib/dm_app.rb",
+     "test/lib/helper.rb",
+     "test/lib/dm_extend_app.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<sinatra>, [">= 0"])
+      s.add_runtime_dependency(%q<dm-core>, [">= 0"])
+      s.add_runtime_dependency(%q<dm-migrations>, [">= 0"])
+      s.add_runtime_dependency(%q<dm-validations>, [">= 0"])
+      s.add_runtime_dependency(%q<dm-timestamps>, [">= 0"])
+      s.add_runtime_dependency(%q<rack-flash>, [">= 0"])
+    else
+      s.add_dependency(%q<sinatra>, [">= 0"])
+      s.add_dependency(%q<dm-core>, [">= 0"])
+      s.add_dependency(%q<dm-migrations>, [">= 0"])
+      s.add_dependency(%q<dm-validations>, [">= 0"])
+      s.add_dependency(%q<dm-timestamps>, [">= 0"])
+      s.add_dependency(%q<rack-flash>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<sinatra>, [">= 0"])
+    s.add_dependency(%q<dm-core>, [">= 0"])
+    s.add_dependency(%q<dm-migrations>, [">= 0"])
+    s.add_dependency(%q<dm-validations>, [">= 0"])
+    s.add_dependency(%q<dm-timestamps>, [">= 0"])
+    s.add_dependency(%q<rack-flash>, [">= 0"])
+  end
+end
+

data/test/datamapper_test.rb

@@ -0,0 +1,5 @@
+require 'lib/dm_app'
+require 'lib/helper'
+require 'test/unit'
+require 'rack/test'
+require 'route_tests'

data/test/lib/dm_app.rb

@@ -0,0 +1,20 @@
+require 'rubygems'
+require 'sinatra'
+require 'haml'
+require 'dm-core'
+require 'rack-flash'
+require File.join(File.dirname(__FILE__), '../../lib/sinatra-authentication')
+
+DataMapper.setup(:default, "sqlite3://#{Dir.pwd}/test.db")
+DataMapper.auto_migrate!
+
+use Rack::Session::Cookie, :secret => "heyhihello"
+use Rack::Flash
+
+set :environment, 'development'
+set :public, 'public'
+set :views,  'views'
+
+get '/' do
+  haml "= render_login_logout", :layout => :layout
+end

data/test/lib/dm_extend_app.rb

@@ -0,0 +1,27 @@
+require 'rubygems'
+require 'sinatra'
+require 'haml'
+require 'dm-core'
+require 'rack-flash'
+require File.join(File.dirname(__FILE__), '../../lib/sinatra-authentication')
+
+
+class DmUser
+  property :name, String
+end
+
+DataMapper.setup(:default, "sqlite3://#{Dir.pwd}/test.db")
+DataMapper.auto_migrate!
+
+set :sinatra_authentication_view_path, Pathname(__FILE__).dirname.expand_path + "extend_views/"
+use Rack::Session::Cookie, :secret => "heyhihello"
+use Rack::Flash
+
+set :environment, 'development'
+set :public, 'public'
+set :views,  'views'
+
+get '/' do
+  puts User.all(:name => 'max')
+  haml "= render_login_logout", :layout => :layout
+end

data/test/lib/extend_views/edit.haml

@@ -0,0 +1,42 @@
+#sinatra_authentication
+  #sinatra_authentication_flash= session[:flash]
+  %h1
+    Edit
+    - if @user.id == current_user.id
+      account
+    - else
+      - if @user.email
+        = @user.email
+      - elsif @user.fb_uid
+        <fb:name uid=#{@user.fb_uid} linked='false' />
+      - else
+        account
+  %form{:action => "/users/#{@user.id}/edit", :method => "post"}
+    .field
+      .label
+        %label{:for => "user_email"} Email
+      %input{ :id => "user_email", :name => "user[email]", :size => 30, :type => "text", :value => @user.email }
+    .field
+      .label
+        %label{:for => "user_password"} New password
+      %input{ :id => "user_password", :name => "user[password]", :size => 30, :type => "password" }
+    .field
+      .label
+        %label{:for => "user_password_confirmation"} Confirm
+      %input{ :id => "user_password_confirmation", :name => "user[password_confirmation]", :size => 30, :type => "password" }
+    -# don't render permission field if admin and editing yourself so you don't shoot yourself in the foot
+    - if current_user.admin? && current_user.id != @user.id
+      .field
+        .label
+          %label{:for => 'permission_level'}  Permission level
+        %select{ :id => "permission_level", :name => "user[permission_level]" }
+          %option{:value => -1, :selected => @user.admin?}
+            Admin
+          %option{:value => 1, :selected => @user.permission_level == 1}
+            Authenticated user
+    .buttons
+      %input{ :value => "Update", :type => "submit" }
+      - if Sinatra.const_defined?('FacebookObject')
+        - unless @user.fb_uid
+          |
+          = render_facebook_connect_link('Link account with Facebook')

data/test/lib/extend_views/index.haml

@@ -0,0 +1,31 @@
+#sinatra_authentication
+  %h1.page_title Users
+  %table
+    %tr
+      %th
+      - if current_user.admin?
+        %th permission level
+    - @users.each do |user|
+      %tr
+        %td
+          - if user.email
+            = user.email
+          - elsif user.fb_uid
+            <fb:name uid=#{user.fb_uid} />
+          - else
+            "user #{user.id}"
+        - if current_user.admin?
+          %td= user.permission_level
+        %td
+          = user.name
+        %td
+          %a{:href => "/users/#{user.id}"} show
+        - if current_user.admin?
+          %td
+            %a{:href => "/users/#{user.id}/edit"} edit
+          %td
+            -# this doesn't work for tk
+            - if !user.site_admin?
+              %a{:href => "/users/#{user.id}/delete", :onclick => "return confirm('you sure?')"} delete
+            - else
+              site admin

data/test/lib/extend_views/login.haml

@@ -0,0 +1,21 @@
+#sinatra_authentication
+  #sinatra_authentication_flash= session[:flash]
+  %h1.page_title Login
+  %form{:action => "/login", :method => "post"}
+    .field
+      .label
+        %label{:for => "user_email'"} Email
+      %input{:id => "user_email", :name => "email", :size => 30, :type => "text"}
+    .field
+      .label
+        %label{:for => "user_password"} Password
+      %input{:id => "user_password", :name => "password", :size => 30, :type => "password"}
+    .buttons
+      %input{:value => "login", :type => "submit"}
+      %a{:href => "/signup", :class => 'sinatra_authentication_link'}
+        Signup
+    - if Sinatra.const_defined?('FacebookObject')
+      .third_party_signup
+        %h3.section_title One click login:
+        .login_link.facebook_login
+          = render_facebook_connect_link('Login using facebook', :size => 'large')