sinatra-authentication 0.0.5

data/.gitignore

@@ -0,0 +1,4 @@
+pkg/
+*.swp
+*.db
+*.tct

data/History.txt

@@ -0,0 +1,4 @@
+== 0.0.1 2009-04-06
+
+* 1 major enhancement:
+  * Initial release

data/Manifest

@@ -0,0 +1,24 @@
+History.txt
+Manifest
+Rakefile
+TODO
+lib/models/abstract_user.rb
+lib/models/datamapper_user.rb
+lib/models/dm_adapter.rb
+lib/models/rufus_tokyo_user.rb
+lib/models/tc_adapter.rb
+lib/sinatra-authentication.rb
+lib/views/edit.haml
+lib/views/index.haml
+lib/views/login.haml
+lib/views/show.haml
+lib/views/signup.haml
+readme.markdown
+test/datamapper_test.rb
+test/lib/dm_app.rb
+test/lib/helper.rb
+test/lib/tc_app.rb
+test/lib/test.db
+test/lib/users.tct
+test/route_tests.rb
+test/rufus_tokyo_test.rb

data/Rakefile

@@ -0,0 +1,25 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  
+  Jeweler::Tasks.new do |gemspec|
+    gemspec.name           = 'sinatra-authentication'
+    gemspec.version        = '0.0.5'
+    gemspec.description    = "Simple authentication plugin for sinatra."
+    gemspec.summary        = "Simple authentication plugin for sinatra."
+    gemspec.homepage       = "http://github.com/maxjustus/sinatra-authentication"
+    gemspec.author         = "Max Justus Spransy"
+    gemspec.email          = "maxjustus@gmail.com"
+    gemspec.add_dependency "sinatra"
+    gemspec.add_dependency "dm-core"
+    gemspec.add_dependency "dm-validations"
+    gemspec.add_dependency "dm-timestamps"
+    gemspec.add_dependency "rufus-tokyo"
+  end
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it first!"
+end
+
+Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].sort.each { |ext| load ext }

data/TODO

@@ -0,0 +1,53 @@
+TODO:
+    ensure all calls to new in adaptors are equivelant to "find or create by"
+      - this is done in the Tc adaptor, and essentially works in Dm adaptor
+        because I validate the uniqueness of email
+    implement some way to allow for the creation of users with different
+    permission levels in an untamperable manner. Perhaps with some secret key
+    that must be sent in the form
+  - look at other permissions systems for some feature ideas
+  - add a config method that you pass a hash for configuring it's behavior
+    - secret signup urls
+    - account activation through email
+
+  - ?implement a session store which isn't cookie based
+  - turn on sessions unless they're already on
+    - randomize the session key on every installation?
+  - clean up adapters
+    - write simple attribute declaration method for TcUser
+    - condense the adapters down to the simplest solution that could possibly work
+      - right now it's like I have two seperate goals, both which are important
+        one is to write a simple ORM for rufus tokyo, the other is to create a simple adapter
+        for different database backends. I think it would be better if I made the datamapper adapter more abstract
+        and the api simpler, and then changed the way the controllers and views work to interface with the more abstract and simpler adapter.
+        maybe make the adapter class called UserAdapter, and then TkUser and DmUser become User. All my controller method calls go to UserAdapter
+        but then for people wanting to talk to the model, they just use User, since they aren't dealing with multiple backends and thus don't need
+        a creepy adapter.
+
+  - make site admin work the same for dm and tc, because I like how permission == -2 is site admin, then you could set a user as site admin instead of it being limited to the first user created
+    and they wouldn't be deletable.
+    or maybe I just make a heirarchy for that so users with lower permissions can't delete users with higher.
+      just remember, this is supposed to be a simple authentication solution
+
+
+  - for the User adapter
+    - add pagination to all
+    - serious cleanup of rufus_tokyo_user.rb
+      - add virtual attribute declaration
+      - add validations
+      - remove the object syntax method_missing? and stick to hash accessors?
+      - or rather then use method missing, dynamically create class methods based in the contents of the hash?
+      - or create a validator tool for hashes. hash.valid?
+    - change User to AbstractUser and DmUser and TcUser to User
+
+  - add error messages for failed logins and stuff
+
+  - PROBLEM the way I have method missing working right now, it doesn't behave the same way I've documented, since I use it for attributes
+  - throw configuration errors on startup
+  - investigate why sinatra_auth doesn't seem to work unless it's the last thing required..
+
+  - add facebook connect
+    - using facebooker and frankie
+      - using the same method as datamapper vs tokyo in that the functionality is only included if the libraries are required
+        before sinatra_auth is.
+    - when a user signs in using facebook and doesn't have an email specified, an email field is included in the edit form.

data/lib/models/abstract_user.rb

@@ -0,0 +1,49 @@
+if Object.const_defined?("DataMapper")
+  #require 'dm-core'
+  require 'dm-timestamps'
+  require 'dm-validations'
+  require Pathname(__FILE__).dirname.expand_path + "datamapper_user.rb"
+  require Pathname(__FILE__).dirname.expand_path + "dm_adapter.rb"
+elsif Object.const_defined?("Rufus")
+  require Pathname(__FILE__).dirname.expand_path + "rufus_tokyo_user.rb"
+  require Pathname(__FILE__).dirname.expand_path + "tc_adapter.rb"
+end
+
+class User
+  if Object.const_defined?("DataMapper")
+    include DmAdapter
+  elsif Object.const_defined?("Rufus")
+    include TcAdapter
+  else
+    throw "you need to require either 'dm-core' or 'rufus-tokyo' for sinatra-authentication to work"
+  end
+
+  def initialize(interfacing_class_instance)
+    @instance = interfacing_class_instance
+  end
+
+  def id
+    @instance.id
+  end
+
+  def self.authenticate(email, pass)
+    current_user = get(:email => email)
+    return nil if current_user.nil?
+    return current_user if User.encrypt(pass, current_user.salt) == current_user.hashed_password
+    nil
+  end
+
+  protected
+
+  def self.encrypt(pass, salt)
+    Digest::SHA1.hexdigest(pass+salt)
+  end
+
+  def self.random_string(len)
+    #generate a random password consisting of strings and digits
+    chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
+    newpass = ""
+    1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
+    return newpass
+  end
+end

data/lib/models/datamapper_user.rb

@@ -0,0 +1,38 @@
+class DmUser
+  include DataMapper::Resource
+
+  property :id, Serial
+  property :email, String, :key => true, :nullable => false, :length => (5..40), :unique => true, :format => :email_address
+  property :hashed_password, String
+  property :salt, String, :nullable => false
+  property :created_at, DateTime
+  property :permission_level, Integer, :default => 1
+
+  attr_accessor :password, :password_confirmation
+  #protected equievelant? :protected => true doesn't exist in dm 0.10.0
+  #protected :id, :salt
+  #doesn't behave correctly, I'm not even sure why I did this.
+
+  validates_present :password_confirmation, :unless => Proc.new { |t| t.hashed_password }
+  validates_present :password, :unless => Proc.new { |t| t.hashed_password }
+  validates_is_confirmed :password
+
+  def password=(pass)
+    @password = pass
+    self.salt = User.random_string(10) if !self.salt
+    self.hashed_password = User.encrypt(@password, self.salt)
+  end
+
+  def admin?
+    self.permission_level == -1 || self.id == 1
+  end
+
+  def site_admin?
+    self.id == 1
+  end
+  protected
+
+  def method_missing(m, *args)
+    return false
+  end
+end

data/lib/models/dm_adapter.rb

@@ -0,0 +1,44 @@
+module DmAdapter
+  def self.included(base)
+    base.extend ClassMethods
+    base.class_eval { include DmAdapter::InstanceMethods }
+  end
+
+  module ClassMethods
+    def all
+      result = DmUser.all
+      result.collect {|instance| self.new instance}
+    end
+
+    def get(hash)
+      if user = DmUser.first(hash)
+        self.new user
+      else
+        nil
+      end
+    end
+
+    def set(attributes)
+      user = DmUser.new attributes
+      user.save
+      user
+    end
+
+    def delete(pk)
+      user = User.first(:id => pk)
+      user.destroy
+    end
+  end
+
+  module InstanceMethods
+    def update(attributes)
+      @instance.update_attributes attributes
+      @instance.save
+    end
+
+    def method_missing(meth, *args, &block)
+      #cool I just found out * on an array turns the array into a list of args for a function
+      @instance.send(meth, *args, &block)
+    end
+  end
+end

data/lib/models/rufus_tokyo_user.rb

@@ -0,0 +1,146 @@
+class TcUser
+  #include RufusOrm
+
+  #custom_attribute :salt
+  #custom_attribute :hashed_password
+  #custom_attribute :hashed_permission_level
+  #custom_attribute :created_at
+  #custom_attribute :created_at_i
+
+  #attribute method?
+  #if I'm gonna write all this, I might as well create a tinyyyy
+  #orm, that's more just like a way to define custom attributes for cabinets
+  #something worth noting though is that even datamapper defines custom
+  #attributes by allowing the developer to override setter methods.
+  #and it just calls all the setter methods defined in the model.
+  #the only trouble with this route is it assumes a predefined schema.
+  #and thus it knows what setter methods to call.
+  #I would write a class method that allows you to declare attributes like
+  #attribute :salt, with an optional block (which gets passed a hash of attributes)
+  #if a block isn't defined, it looks in the class for a salt=(attributes) function, calls it and marges the
+  #result into the hash going into the database, like 'attributes.merge{"salt" => result}'
+  #so my 'set' method or whatever I choose to call it, has to somehow look through each
+  #declared attribute, call the method associated with it, and merge the result into the hash going
+  #into the database.
+  #
+  #but what if I don't want an attribute passed in to be stored into the database? What if I just want to
+  #create a virtual attribute, for declaring other attributes?
+  #I might create a class variable that I store all the attributes in, and the I can get to it from any setter,
+  #and then after I've called all the setters, I store that class variable into the database.
+  #or, I do all of this on the instance level, and have a save method.
+
+  def initialize(attributes)
+    @attributes = attributes
+  end
+
+  def self.query(&block)
+    connection = TcUserTable.new
+    result_set = connection.query(&block)
+    result_set.collect! { |result_hash| TcUser.new(result_hash) }
+    connection.close
+    result_set
+  end
+
+  def self.get(key)
+    connection = TcUserTable.new
+    result = connection[key]
+    connection.close
+    if result
+      self.new(result.merge({:pk => key}))
+    else
+      false
+    end
+  end
+
+  def self.set(attributes)
+    #this way of validating is real crap, replace it with Validator maybe
+    #and maybe replace all this hash merging with setters for the various attributes that update @attributes, and then I can call save to store to the database
+    #or maybe just write a little method that makes hash merger look a little cleaner
+    pk = attributes.delete(:pk) if attributes[:pk]
+
+    email_regexp = /(\A(\s*)\Z)|(\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z)/i
+    if (attributes['password'] == attributes.delete('password_confirmation') && attributes['email'] =~ email_regexp)
+      password = attributes.delete('password')
+      attributes.merge!({'salt' => User.random_string(10)}) if !attributes['salt']
+      attributes.merge!('hashed_password' => User.encrypt(password, attributes['salt']))
+      permission_level = attributes['permission_level'] ? attributes['permission_level'] : '1'
+      attributes.merge!('permission_level' => permission_level)
+      attributes.merge!('created_at' => Time.now.to_s)
+      attributes.merge!('created_at_i' => Time.now.to_i.to_s)
+
+      connection = TcUserTable.new
+      pk ||= connection.genuid.to_s
+      #site admin if their first
+      attributes.merge!({'permission_level' => '-2'}) if pk == '1'
+      result = connection[pk] = attributes
+      #might not need this in newer version of rufus
+      result.merge!({:pk => pk})
+      connection.close
+      self.new(result)
+    else
+      false
+    end
+  end
+
+  def self.delete(pk)
+    connection = TcUserTable.new
+    connection.delete(pk)
+    connection.close
+  end
+
+  def update(attributes)
+    new_attributes = @attributes.merge(attributes)
+    TcUser.set(new_attributes)
+  end
+
+  def [](key)
+    @attributes[key]
+  end
+
+  #saves to database and returns self
+  def []=(key, value)
+    @attributes[key] = value
+    #change so that it sets the attributes and then you call save to save to the database?
+    connection = TcUserTable.new
+    connection[@attributes[:pk]] = @attributes.merge!({key => value})
+    connection.close
+    self
+  end
+
+  def id
+    @attributes[:pk]
+  end
+
+  def admin?
+    #-2 is the site admin
+    @attributes['permission_level'] == '-1' || @attributes['permission_level'] == '-2'
+  end
+
+  def site_admin?
+    @attributes['permission_level'] == '-2'
+  end
+
+  #from hash extension for making hashes like javascript objects
+  def method_missing(meth,*args)
+    if /=$/=~(meth=meth.id2name) then
+      self[meth[0...-1]] = (args.length<2 ? args[0] : args)
+    elsif @attributes[meth]
+      @attributes[meth]
+    else
+      false
+    end
+  end
+end
+
+class TcUserTable < Rufus::Tokyo::Table
+  @@path = false
+  def initialize
+    #make this path configurable somehow
+    raise "you need to define a path for the user cabinet to be stored at, like so: TcUserTable.cabinet_path = 'folder/where/you/wanna/store/your/database'" unless @@path
+    super(@@path + '/users.tct')
+  end
+
+  def self.cabinet_path=(path)
+    @@path = path
+  end
+end

data/lib/models/tc_adapter.rb

@@ -0,0 +1,73 @@
+module TcAdapter
+  def self.included(base)
+    base.extend ClassMethods
+    base.class_eval {
+      include TcAdapter::InstanceMethods
+      alias :class_id :id
+    }
+  end
+
+  module ClassMethods
+    #TODO add pagination
+    def all
+      result = TcUser.query do |q|
+        q.order_by 'created_at_i', :numdesc
+      end
+
+      #these will be the same for all adapters, they should be defined in the user class, and these methods should have a different name?
+      result.collect {|instance| self.new instance }
+    end
+
+    def get(hash)
+      #because with TcUser email and id are the same because the email is the id
+      if hash[:email]
+        result = TcUser.query do |q|
+          q.add 'email', :streq, hash[:email]
+        end[0]
+        #the zero is because this returns an array but get should return the first result
+      elsif hash[:id]
+        pk = hash[:id]
+        result = TcUser.get(pk)
+      end
+
+      if result
+        self.new result
+      else
+        nil
+      end
+    end
+
+    def set(attributes)
+      user = TcUser.query do |q|
+        q.add 'email', :streq, attributes['email']
+      end
+
+      if user == [] #no user
+        self.new TcUser.set(attributes)
+      else
+        false
+      end
+    end
+
+    def delete(pk)
+      #true or false
+      !!TcUser.delete(pk)
+    end
+  end
+
+  module InstanceMethods
+    def update(attributes)
+      @instance.update attributes
+    end
+
+    def method_missing(meth, *args, &block)
+      #cool I just found out * on an array turn the array into a list of args for a function
+      @instance.send(meth, *args, &block)
+    end
+
+    #this was the only thing that didn't get passed on to method_missing because this is a method of object doh
+    def id
+      @instance.id
+    end
+  end
+end

data/lib/sinatra-authentication.rb

@@ -0,0 +1,206 @@
+require 'sinatra/base'
+require 'pathname'
+require Pathname(__FILE__).dirname.expand_path + "models/abstract_user"
+
+module SinatraAuthentication
+  VERSION = "0.0.3"
+end
+
+module Sinatra
+  module LilAuthentication
+    def self.registered(app)
+      #INVESTIGATE
+      #the possibility of sinatra having an array of view_paths to load from
+      #PROBLEM
+      #sinatra 9.1.1 doesn't have multiple view capability anywhere
+      #so to get around I have to do it totally manually by
+      #loading the view from this path into a string and rendering it
+      set :lil_authentication_view_path, Pathname(__FILE__).dirname.expand_path + "views/"
+
+      #TODO write captain sinatra developer man and inform him that the documentation
+      #concerning the writing of extensions is somewhat outdaded/incorrect.
+      #you do not need to to do self.get/self.post when writing an extension
+      #In fact, it doesn't work. You have to use the plain old sinatra DSL
+
+      get '/users' do
+        @users = User.all
+        if @users != []
+          haml get_view_as_string("index.haml"), :layout => use_layout?
+        else
+          redirect '/signup'
+        end
+      end
+
+      get '/users/:id' do
+        login_required
+
+        #INVESTIGATE
+        #
+        #WHY THE HECK WON'T GET RETURN ANYTHING?
+        #if I user User.get(params[:id]) it returns nil for some inexplicable reason
+        @user = User.get(:id => params[:id])
+        haml get_view_as_string("show.haml"), :layout => use_layout?
+      end
+
+      #convenience for ajax but maybe entirely stupid and unnecesary
+      get '/logged_in' do
+        if session[:user]
+          "true"
+        else
+          "false"
+        end
+      end
+
+      get '/login' do
+        haml get_view_as_string("login.haml"), :layout => use_layout?
+      end
+
+      post '/login' do
+          if user = User.authenticate(params[:email], params[:password])
+            session[:user] = user.id
+            redirect '/'
+          else
+            redirect '/login'
+          end
+      end
+
+      get '/logout' do
+        session[:user] = nil
+        @message = "in case it weren't obvious, you've logged out"
+        redirect '/'
+      end
+
+      get '/signup' do
+        haml get_view_as_string("signup.haml"), :layout => use_layout?
+      end
+
+      post '/signup' do
+        @user = User.set(params[:user])
+        if @user
+          session[:user] = @user.id
+          redirect '/'
+        else
+          session[:flash] = "failure!"
+          redirect '/'
+        end
+      end
+
+      get '/users/:id/edit' do
+        login_required
+        redirect "/users" unless current_user.admin? || current_user == params[:id]
+
+        @user = User.get(:id => params[:id])
+        haml get_view_as_string("edit.haml"), :layout => use_layout?
+      end
+
+      post '/users/:id/edit' do
+        login_required
+        redirect "/users" unless current_user.admin? || current_user == params[:id]
+
+        user = User.get(:id => params[:id])
+        user_attributes = params[:user]
+        if params[:user][:password] == ""
+            user_attributes.delete("password")
+            user_attributes.delete("password_confirmation")
+        end
+
+        if user.update(user_attributes)
+          redirect "/users/#{user.id}"
+        else
+          throw user.errors
+        end
+      end
+
+      get '/users/:id/delete' do
+        login_required
+        redirect "/users" unless current_user.admin? || current_user == params[:id]
+
+        if User.delete(params[:id])
+          session[:flash] = "way to go, you deleted a user"
+        else
+          session[:flash] = "deletion failed, for whatever reason"
+        end
+        redirect '/'
+      end
+    end
+  end
+
+  module Helpers
+    def login_required
+      if session[:user]
+        return true
+      else
+        session[:return_to] = request.fullpath
+        redirect '/login'
+        return false
+      end
+    end
+
+    def current_user
+      if session[:user]
+        User.get(:id => session[:user])
+      else
+        GuestUser.new
+      end
+    end
+
+    def logged_in?
+      !!session[:user]
+    end
+
+    def use_layout?
+      !request.xhr?
+    end
+
+    #BECAUSE sinatra 9.1.1 can't load views from different paths properly
+    def get_view_as_string(filename)
+      view = options.lil_authentication_view_path + filename
+      data = ""
+      f = File.open(view, "r")
+      f.each_line do |line|
+        data += line
+      end
+      return data
+    end
+
+    def render_login_logout(html_attributes = {:class => ""})
+    css_classes = html_attributes.delete(:class)
+    parameters = ''
+    html_attributes.each_pair do |attribute, value|
+      parameters += "#{attribute}=\"#{value}\" "
+    end
+
+      result = "<div id='sinatra-authentication-login-logout' >"
+      if logged_in?
+        logout_parameters = html_attributes
+        # a tad janky?
+        logout_parameters.delete(:rel)
+        result += "<a href='/users/#{current_user.id}/edit' class='#{css_classes} sinatra-authentication-edit' #{parameters}>edit account</a> "
+        result += "<a href='/logout' class='#{css_classes} sinatra-authentication-logout' #{logout_parameters}>logout</a>"
+      else
+        result += "<a href='/signup' class='#{css_classes} sinatra-authentication-signup' #{parameters}>signup</a> "
+        result += "<a href='/login' class='#{css_classes} sinatra-authentication-login' #{parameters}>login</a>"
+      end
+
+      result += "</div>"
+    end
+  end
+
+  register LilAuthentication
+end
+
+class GuestUser
+  def guest?
+    true
+  end
+
+  def permission_level
+    0
+  end
+
+  # current_user.admin? returns false. current_user.has_a_baby? returns false.
+  # (which is a bit of an assumption I suppose)
+  def method_missing(m, *args)
+    return false
+  end
+end

data/lib/views/edit.haml

@@ -0,0 +1,21 @@
+#sinatra_authentication
+  %h1
+    Editing
+    = @user.email
+  %form{:action => "/users/#{@user.id}/edit", :method => "post"}
+    %input{ :id => "user_password", :name => "user[password]", :size => 30, :type => "password" }
+    new password
+    %br
+    %input{ :id => "user_password_confirmation", :name => "user[password_confirmation]", :size => 30, :type => "password" }
+    confirm
+    -# don't render permission field if admin and editing yourself so you don't shoot yourself in the foot
+    - if current_user.admin? && current_user.id != @user.id
+      %br
+      %select{ :id => "permission_level", :name => "user[permission_level]" }
+        %option{:value => -1, :selected => @user.admin?}
+          admin
+        %option{:value => 1, :selected => @user.permission_level == 1}
+          authenticated user
+      permission level
+    %br
+    %input{ :value => "update", :type => "submit" }

data/lib/views/index.haml

@@ -0,0 +1,23 @@
+#sinatra_authentication
+  %h1 Users
+  %table
+    %tr
+      %th email
+      - if current_user.admin?
+        %th permission level
+    - @users.each do |user|
+      %tr
+        %td= user.email
+        - if current_user.admin?
+          %td= user.permission_level
+        %td
+          %a{:href => "/users/#{user.id}"} show
+        - if current_user.admin?
+          %td
+            %a{:href => "/users/#{user.id}/edit"} edit
+          %td
+            -# this doesn't work for tk
+            - if !user.site_admin?
+              %a{:href => "/users/#{user.id}/delete", :onclick => "return confirm('you sure?')"} delete
+            - else
+              site admin

data/lib/views/login.haml

@@ -0,0 +1,10 @@
+#sinatra_authentication
+  %h1 Login
+  %form{:action => "/login", :method => "post"}
+    %input{:id => "user_email", :name => "email", :size => 30, :type => "text"}
+    email
+    %br
+    %input{:id => "user_password", :name => "password", :size => 30, :type => "password"}
+    password
+    %br
+    %input{:value => "login", :type => "submit"}

data/lib/views/show.haml

@@ -0,0 +1,6 @@
+#sinatra_authentication
+  %h1= @user.email
+  -  current_user.admin?
+  - if current_user.admin?
+    %h2 permission level
+    = @user.permission_level

data/lib/views/signup.haml

@@ -0,0 +1,13 @@
+#sinatra_authentication
+  %h1 Signup
+  %form{:action => "/signup", :method => "post"}
+    %input{ :id => "user_email", :name => "user[email]", :size => 30, :type => "text" }
+    email
+    %br
+    %input{ :id => "user_password", :name => "user[password]", :size => 30, :type => "password" }
+    password
+    %br
+    %input{ :id => "user_password_confirmation", :name => "user[password_confirmation]", :size => 30, :type => "password" }
+    confirm
+    %br
+    %input{ :value => "sign up", :type => "submit" }

data/readme.markdown

@@ -0,0 +1,92 @@
+### a little sinatra gem that implements user authentication, with support for both datamapper and rufus-tokyo
+
+## INSTALLATION:
+
+in your sinatra app simply require either "dm-core" or "rufus-tokyo" and then "sinatra-authentication" and turn on session storage
+with a super secret key, like so:
+
+    require "dm-core"
+    require "sinatra-authentication"
+
+    use Rack::Session::Cookie, :secret => 'A1 sauce 1s so good you should use 1t on a11 yr st34ksssss'
+
+  If you're using rufus-tokyo, you also need to set the database path for Users. like so:
+
+    require "rufus_tokyo"
+    require "sinatra-authentication"
+    TcUserTable.cabinet_path = File.dirname(__FILE__) + 'folder/where/you/wanna/store/your/database'
+
+    use Rack::Session::Cookie, :secret => 'A1 sauce 1s so good you should use 1t on a11 yr st34ksssss'
+
+## DEFAULT ROUTES:
+
+* get      '/login'
+* get      '/logout'
+* get      '/signup'
+* get/post '/users'
+* get       '/users/:id'
+* get/post  '/users/:id/edit'
+* get       '/users/:id/delete'
+
+If you fetch any of the user pages using ajax, they will automatically render without a layout
+
+## HELPER METHODS:
+
+This plugin provides the following helper methods for your sinatra app:
+
+* login_required
+  > which you place at the beginning of any routes you want to be protected
+* current_user
+* logged_in?
+* render_login_logout(html_attributes)
+  > Which renders login/logout and singup/edit account links.
+If you pass a hash of html parameters to render_login_logout all the links will get set to them.
+Which useful for if you're using some sort of lightbox
+
+## SIMPLE PERMISSIONS:
+
+By default the user class includes a method called admin? which simply checks
+if user.permission_level == -1.
+
+you can take advantage of  this method in your views or controllers by calling
+current_user.admin?
+i.e.
+
+    - if current_user.admin?
+      %a{:href => "/adminey_link_route_thing"} do something adminey
+
+(these view examples are in HAML, by the way)
+
+You can also extend the user class with any convenience methods for determining permissions.
+i.e.
+
+    #somewhere in the murky depths of your sinatra app
+    class User
+      def peasant?
+        self.permission_level == 0
+      end
+    end
+
+then in your views you can do
+
+    - if current_user.peasant?
+      %h1 hello peasant!
+      %p Welcome to the caste system! It's very depressing.
+
+if no one is logged in, current_user returns a GuestUser instance, which responds to current_user.guest?
+with true, current_user.permission_level with 0 and any other method calls with false
+
+This makes some view logic easier since you don't always have to check if the user is logged in,
+although a logged_in? helper method is still provided
+
+## RUFUS TOKYO
+
+when using rufus-tokyo, current_user returns a hash, so to get the primary key of the current_user you would do current_user[:pk].
+if you wanna set an attribute, you can do something like current_user["has_a_dog"] = true
+and if you want to open a connection with the cabinet directly, you can do something like
+
+    user_connection = TcUser.new
+    users_with_gmail = user_connection.query do |q|
+      q.add 'email', :strinc, 'gmail'
+    end
+    user_connection.close

data/test/datamapper_test.rb

@@ -0,0 +1,5 @@
+require 'lib/dm_app'
+require 'lib/helper'
+require 'test/unit'
+require 'rack/test'
+require 'route_tests'

data/test/lib/dm_app.rb

@@ -0,0 +1,18 @@
+require 'rubygems'
+require 'sinatra'
+require 'haml'
+require 'dm-core'
+require File.join(File.dirname(__FILE__), '../../lib/sinatra-authentication')
+
+DataMapper.setup(:default, "sqlite3://#{Dir.pwd}/test.db")
+DataMapper.auto_migrate!
+
+use Rack::Session::Cookie, :secret => "heyhihello"
+
+set :environment, 'development'
+set :public, 'public'
+set :views,  'views'
+
+get '/' do
+  haml "hi", :layout => :layout
+end

data/test/lib/helper.rb

@@ -0,0 +1,9 @@
+class TestHelper
+  def self.gen_user
+    {'user[email]' => 'yodawg@gmail.com', 'user[password]' => 'password', 'user[password_confirmation]' => 'password'}
+  end
+end
+
+def app
+  Sinatra::Application
+end

data/test/lib/tc_app.rb

@@ -0,0 +1,16 @@
+require 'rubygems'
+require 'sinatra'
+require 'haml'
+require 'rufus/tokyo'
+require File.join(File.dirname(__FILE__), '../../lib/sinatra-authentication')
+
+use Rack::Session::Cookie, :secret => "heyhihello"
+TcUserTable.cabinet_path = File.dirname(__FILE__)
+
+set :environment, 'development'
+set :public, 'public'
+set :views,  'views'
+
+get '/' do
+  haml "hi", :layout => :layout
+end

data/test/route_tests.rb

@@ -0,0 +1,29 @@
+Test::Unit::TestCase.send :include, Rack::Test::Methods
+
+class SinatraAuthDataMapperTest < Test::Unit::TestCase
+
+  def setup
+    post '/signup', TestHelper.gen_user
+    follow_redirect!
+    get '/logout'
+  end
+
+  def test_should_login
+    post '/login', {'email' => TestHelper.gen_user['user[email]'], 'password' => TestHelper.gen_user['user[password]']}
+    follow_redirect!
+
+    assert_equal 'http://example.org/', last_request.url
+    #assert cookie_jar['user']
+    assert last_request.env['rack.session'][:user]
+    assert last_response.ok?
+  end
+
+  def test_should_logout
+    post '/login', {'email' => TestHelper.gen_user['user[email]'], 'password' => TestHelper.gen_user['user[password]']}
+    get '/logout'
+    follow_redirect!
+
+    assert !last_request.env['rack.session'][:user]
+    assert_equal 'http://example.org/', last_request.url
+  end
+end

data/test/rufus_tokyo_test.rb

@@ -0,0 +1,5 @@
+require 'lib/tc_app'
+require 'lib/helper'
+require 'test/unit'
+require 'rack/test'
+require 'route_tests'

metadata

@@ -0,0 +1,131 @@
+--- !ruby/object:Gem::Specification 
+name: sinatra-authentication
+version: !ruby/object:Gem::Version 
+  version: 0.0.5
+platform: ruby
+authors: 
+- Max Justus Spransy
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-11-07 00:00:00 -06:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: sinatra
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: dm-core
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: dm-validations
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: dm-timestamps
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+- !ruby/object:Gem::Dependency 
+  name: rufus-tokyo
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: Simple authentication plugin for sinatra.
+email: maxjustus@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- History.txt
+- Manifest
+- Rakefile
+- TODO
+- lib/models/abstract_user.rb
+- lib/models/datamapper_user.rb
+- lib/models/dm_adapter.rb
+- lib/models/rufus_tokyo_user.rb
+- lib/models/tc_adapter.rb
+- lib/sinatra-authentication.rb
+- lib/views/edit.haml
+- lib/views/index.haml
+- lib/views/login.haml
+- lib/views/show.haml
+- lib/views/signup.haml
+- readme.markdown
+- test/datamapper_test.rb
+- test/lib/dm_app.rb
+- test/lib/helper.rb
+- test/lib/tc_app.rb
+- test/route_tests.rb
+- test/rufus_tokyo_test.rb
+has_rdoc: true
+homepage: http://github.com/maxjustus/sinatra-authentication
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Simple authentication plugin for sinatra.
+test_files: 
+- test/lib/tc_app.rb
+- test/lib/helper.rb
+- test/lib/dm_app.rb
+- test/datamapper_test.rb
+- test/rufus_tokyo_test.rb
+- test/route_tests.rb