sinatra-authentication 0.3.2 → 0.4.0

data/Rakefile

@@ -1,12 +1,13 @@
 require 'rubygems'
 require 'rake'
+#require 'spec/rake/spectask'
 
 begin
   require 'jeweler'
   
   Jeweler::Tasks.new do |gemspec|
     gemspec.name           = 'sinatra-authentication'
-    gemspec.version        = '0.3.2'
+    gemspec.version        = '0.4.0'
     gemspec.description    = "Simple authentication plugin for sinatra."
     gemspec.summary        = "Simple authentication plugin for sinatra."
     gemspec.homepage       = "http://github.com/maxjustus/sinatra-authentication"
@@ -36,3 +37,7 @@ Rake::TestTask.new do |t|
   t.verbose = true
 end
 
+#desc 'Run all specs'
+#Spec::Rake::SpecTask.new('specs') do |t|
+#  t.spec_files = FileList['spec/**/*.rb']
+#end

data/lib/models/abstract_user.rb

@@ -10,6 +10,12 @@ elsif Object.const_defined?("Rufus") && Rufus.const_defined?("Tokyo")
 elsif Object.const_defined?("MongoMapper")
   require Pathname(__FILE__).dirname.expand_path + "mongomapper_user.rb"
   require Pathname(__FILE__).dirname.expand_path + "mm_adapter.rb"
+elsif Object.const_defined?("Sequel")
+  require Pathname(__FILE__).dirname.expand_path + "sequel_user.rb"
+  require Pathname(__FILE__).dirname.expand_path + "sequel_adapter.rb"
+elsif Object.const_defined?("Mongoid")
+  require Pathname(__FILE__).dirname.expand_path + "mongoid_user.rb"
+  require Pathname(__FILE__).dirname.expand_path + "mongoid_adapter.rb"
 end
 
 class User
@@ -19,8 +25,12 @@ class User
     include TcAdapter
   elsif Object.const_defined?("MongoMapper")
     include MmAdapter 
+  elsif Object.const_defined?("Sequel")
+    include SequelAdapter
+  elsif Object.const_defined?("Mongoid")
+    include MongoidAdapter
   else
-    throw "you need to require either 'dm-core', 'mongo_mapper', or 'rufus-tokyo' for sinatra-authentication to work"
+    throw "you need to require either 'dm-core', 'mongo_mapper', 'sequel', 'mongoid', or 'rufus-tokyo' for sinatra-authentication to work"
   end
 
   def initialize(interfacing_class_instance)
@@ -38,6 +48,10 @@ class User
     nil
   end
 
+  def db_instance
+    @instance
+  end
+
   protected
 
   def self.encrypt(pass, salt)
@@ -51,4 +65,28 @@ class User
     1.upto(len) { |i| newpass << chars[rand(chars.size-1)] }
     return newpass
   end
+
+  #def self.page_limit
+  #  20
+  #end
+
+  #def self.page_offset(page = 0)
+  #  page.to_i * self.page_limit
+  #end
+end
+
+class Hash
+  def stringify
+    inject({}) do |options, (key, value)|
+      options[key.to_s] = value.to_s
+      options
+    end
+  end
+
+  def stringify!
+    each do |key, value|
+      delete(key)
+      store(key.to_s, value.to_s)
+    end
+  end
 end

data/lib/models/datamapper_user.rb

@@ -5,7 +5,8 @@ class DmUser
   property :email, String, :length => (5..40), :unique => true, :format => :email_address
   property :hashed_password, String
   property :salt, String
-  property :created_at, DateTime
+  #Was DateTime should be DateTime?
+  property :created_at, Time
   property :permission_level, Integer, :default => 1
   if Sinatra.const_defined?('FacebookObject')
     property :fb_uid, String

data/lib/models/dm_adapter.rb

@@ -6,8 +6,8 @@ module DmAdapter
 
   module ClassMethods
     #pass all args to this
-    def all(*args)
-      result = DmUser.all(*args)
+    def all
+      result = DmUser.all(:order => [:created_at.desc])
       result.collect {|instance| self.new instance}
     end
 
@@ -22,13 +22,13 @@ module DmAdapter
     def set(attributes)
       user = DmUser.new attributes
       user.save
-      user
+      self.new user
     end
 
     def set!(attributes)
       user = DmUser.new attributes
       user.save!
-      user
+      self.new user
     end
 
     def delete(pk)
@@ -38,8 +38,19 @@ module DmAdapter
   end
 
   module InstanceMethods
+    def valid
+      @instance.valid?
+    end
+
+    def errors
+      @instance.errors.collect do |k,v|
+        "#{k} #{v}"
+      end.join(', ')
+    end
+
     def update(attributes)
       @instance.update attributes
+      #self
     end
 
     def method_missing(meth, *args, &block)

data/lib/models/mm_adapter.rb

@@ -6,7 +6,7 @@ module MmAdapter
 
   module ClassMethods
     def all
-      result = MmUser.all
+      result = MmUser.all(:order => 'created_at desc')
       result.collect {|instance| self.new instance}
     end
 
@@ -19,32 +19,44 @@ module MmAdapter
     end
 
     def set(attributes)
-      puts attributes.inspect
+      #puts attributes.inspect
       user = MmUser.new attributes
-      puts user.inspect
-      puts user.to_json
-      user.save
-      user
+      user.id = nil unless user.save
+      self.new user
     end
 
     def set!(attributes)
       user = MmUser.new attributes
-      user.save!
-      user
+      user.save(:validate => false)
+      self.new user
     end
 
     def delete(pk)
-      user = User.first(:id => pk)
+      user = MmUser.first(:id => pk)
+      #returns nil on success. Is this correct? Will it return something else on failure?
       user.destroy
+      user.destroyed?
     end
   end
 
   module InstanceMethods
+    def valid
+      @instance.valid?
+    end
+
     def update(attributes)
       @instance.update_attributes attributes
       @instance.save
     end
 
+    def saved
+      @instance.valid?
+    end
+
+    def errors
+      @instance.errors.full_messages.join(', ')
+    end
+
     def method_missing(meth, *args, &block)
       #cool I just found out * on an array turns the array into a list of args for a function
       @instance.send(meth, *args, &block)

data/lib/models/mongoid_adapter.rb

@@ -0,0 +1,67 @@
+module MongoidAdapter 
+  def self.included(base)
+    base.extend ClassMethods
+    base.class_eval { include MongoidAdapter::InstanceMethods }
+  end
+
+  module ClassMethods
+    def all
+      result = MongoidUser.criteria.order_by([[:created_at, :desc]])
+      result.collect {|instance| self.new instance }
+    end
+
+    def get(hash)
+      if user = MongoidUser.first(:conditions => hash)
+        self.new user
+      else
+        nil
+      end
+    end
+
+    def set(attributes)
+      #puts attributes.inspect
+      user = MongoidUser.new attributes
+      #puts user.inspect
+      #puts user.to_json
+      user.save
+      self.new user
+    end
+
+    def set!(attributes)
+      user = MongoidUser.new attributes
+      user.save(:validate => false)
+      self.new user
+    end
+
+    def delete(pk)
+      user = MongoidUser.find(pk)
+      #returns nil on success. Is this correct? Will it return something else on failure?
+      user.destroy
+      user.destroyed?
+    end
+  end
+
+  module InstanceMethods
+    def valid
+      @instance.valid?
+    end
+
+    def update(attributes)
+      @instance.update_attributes(attributes)
+      @instance.save
+    end
+
+    def saved
+      @instance.valid?
+    end
+
+    def errors
+      @instance.errors.full_messages.join(', ')
+    end
+
+    def method_missing(meth, *args, &block)
+      #cool I just found out * on an array turns the array into a list of args for a function
+      @instance.send(meth, *args, &block)
+    end
+  end
+end

data/lib/models/mongoid_user.rb

@@ -0,0 +1,41 @@
+class MongoidUser 
+  include Mongoid::Document
+  include Mongoid::Timestamps
+  field :email
+  field :hashed_password
+  field :salt
+  field :permission_level, :type => Integer, :default => 1
+  if Sinatra.const_defined?('FacebookObject')
+    field :fb_uid
+  end
+
+  # Validations
+  validates_uniqueness_of :email
+  validates_format_of :email, :with => /(\A(\s*)\Z)|(\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z)/i
+  validates_presence_of :password
+  validates_confirmation_of :password
+
+  #attr_protected :_id, :salt
+
+  attr_accessor :password, :password_confirmation
+
+  def password=(pass)
+    @password = pass
+    self.salt = User.random_string(10) if !self.salt
+    self.hashed_password = User.encrypt(@password, self.salt)
+  end
+
+  def admin?
+    self.permission_level == -1 || self.id == 1
+  end
+
+  def site_admin?
+    self.id == 1
+  end
+
+  protected
+
+  def method_missing(m, *args)
+    return false
+  end
+end

data/lib/models/mongomapper_user.rb

@@ -1,7 +1,8 @@
 class MmUser 
   include MongoMapper::Document
 
-  key :email, String, :length => (5..40), :unique => true 
+  email_regexp = /(\A(\s*)\Z)|(\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z)/i
+  key :email, String, :unique => true, :format => email_regexp
   key :hashed_password, String
   key :salt, String
   key :permission_level, Integer, :default => 1
@@ -12,13 +13,8 @@ class MmUser
   timestamps!
 
   attr_accessor :password, :password_confirmation
-  #protected equievelant? :protected => true doesn't exist in dm 0.10.0
-  #protected :id, :salt
-  #doesn't behave correctly, I'm not even sure why I did this.
-
-  #validates_presence_of :password_confirmation, :unless => Proc.new { |t| t.hashed_password }
-  #validates_presence_of :password, :unless => Proc.new { |t| t.hashed_password }
-  #validates_is_confirmed :password
+  validates_presence_of :password, :allow_blank => true
+  validates_confirmation_of :password
 
   def password=(pass)
     @password = pass

data/lib/models/rufus_tokyo_user.rb

@@ -1,4 +1,5 @@
 class TcUser
+  attr_accessor :errors
   #include RufusOrm
 
   #custom_attribute :salt
@@ -29,8 +30,13 @@ class TcUser
   #and then after I've called all the setters, I store that class variable into the database.
   #or, I do all of this on the instance level, and have a save method.
 
-  def initialize(attributes)
+  def initialize(attributes, errors = [])
     @attributes = attributes
+    if @attributes['created_at']
+      @attributes['created_at'] = Time.parse(@attributes['created_at'])
+    end
+
+    @errors = errors
   end
 
   def self.query(&block)
@@ -58,26 +64,46 @@ class TcUser
     #or maybe just write a little method that makes hash merger look a little cleaner
     pk = attributes.delete(:pk) if attributes[:pk]
 
+    errors = []
+
     email_regexp = /(\A(\s*)\Z)|(\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z)/i
-    if attributes['email'] =~ email_regexp
-      if attributes['password'] == attributes.delete('password_confirmation') && attributes['password'] != nil
-        password = attributes.delete('password')
-        attributes.merge!({'salt' => User.random_string(10)}) if !attributes['salt']
-        attributes.merge!('hashed_password' => User.encrypt(password, attributes['salt']))
-        permission_level = attributes['permission_level'] ? attributes['permission_level'] : '1'
-        attributes.merge!('permission_level' => permission_level)
-        unless attributes['created_at']
-          attributes.merge!('created_at' => Time.now.to_s)
-          attributes.merge!('created_at_i' => Time.now.to_i.to_s)
-        end
+    attributes = attributes.stringify
+
+    unless attributes['email'] =~ email_regexp
+      errors << 'Email is invalid'
+    end
+
+    if attributes['password'] != attributes.delete('password_confirmation') && attributes['password'] != nil
+      errors << "Passwords don't match"
+    end
+
+    if attributes['password'] != nil && attributes['password'].length == 0
+      errors << "You need to provide a password"
+    end
+
+    if errors.length == 0
+      password = attributes.delete('password')
+      if !attributes['salt']
+        salt = User.random_string(10)
+        attributes.merge!({'salt' => salt})
+        attributes.merge!('hashed_password' => User.encrypt(password, salt))
+      end
+      permission_level = attributes['permission_level'] ? attributes['permission_level'] : '1'
+      attributes.merge!('permission_level' => permission_level)
+      if attributes['created_at']
+        attributes.merge!('created_at_i' => Time.parse(attributes['created_at']).to_i)
+      else
+        attributes.merge!('created_at' => Time.now.to_s)
+        attributes.merge!('created_at_i' => Time.now.to_i.to_s)
       end
 
       existing_user = TcUser.query do |q|
         q.add 'email', :streq, attributes['email']
       end[0]
 
-      if existing_user && existing_user['pk'] != attributes['pk']
-        return false
+      if existing_user && existing_user[:pk] != pk
+        errors << "Email is already taken"
+        return self.new(attributes, errors)
       else
         connection = TcUserTable.new
         pk ||= connection.genuid.to_s
@@ -87,10 +113,10 @@ class TcUser
         #might not need this in newer version of rufus
         result.merge!({:pk => pk})
         connection.close
-        self.new(result)
+        self.new(result, errors)
       end
     else
-      false
+      self.new(attributes, errors)
     end
   end
 
@@ -110,8 +136,11 @@ class TcUser
   end
 
   def update(attributes)
+    self.errors = []
     new_attributes = @attributes.merge(attributes)
-    TcUser.set(new_attributes)
+    updated_user = TcUser.set(new_attributes)
+    self.errors = updated_user.errors
+    updated_user.errors.length < 1
   end
 
   def [](key)
@@ -133,11 +162,11 @@ class TcUser
   end
 
   def admin?
-    #-2 is the site admin
-    @attributes['permission_level'] == '-1' || @attributes['permission_level'] == '-2'
+    @attributes['permission_level'] == '-1' || site_admin?
   end
 
   def site_admin?
+    #-2 is the site admin
     @attributes['permission_level'] == '-2'
   end