sinatra-security 0.1.6 → 0.2.0

data/.gitignore

@@ -19,3 +19,5 @@ rdoc
 pkg
 
 ## PROJECT::SPECIFIC
+/doc
+/.yardoc

data/VERSION

@@ -1 +1 @@
-0.1.6
+0.2.0

data/lib/sinatra/security.rb

@@ -2,6 +2,8 @@ require 'sinatra/base'
 
 module Sinatra
   module Security
+    VERSION = "0.2.0"
+
     autoload :Helpers,        'sinatra/security/helpers'
     autoload :User,           'sinatra/security/user'
     autoload :Validations,    'sinatra/security/validations'
@@ -12,12 +14,43 @@ module Sinatra
     def self.registered(app)
       app.helpers Helpers
 
+      app.set :login_error_message, "Wrong Email and/or Password combination."
+      app.set :login_url,           "/login"
+      app.set :login_user_class,    :User
+      app.set :ignored_by_return_to, /(jpe?g|png|gif|css|js)$/
+        
       app.post '/login' do
         if authenticate(params)
-          redirect_to_stored
+          redirect_to_return_url
         else
-          session[:error] = "Wrong Username/Email and Password combination."
-          redirect '/login'
+          session[:error] = settings.login_error_message
+          redirect settings.login_url
+        end
+      end
+    end
+    
+    # Allows you to declaratively declare secured locations based on their
+    # path prefix.
+    #
+    # @example
+    #   
+    #   require_login '/admin'
+    #
+    #   get '/admin/posts' do
+    #     # Posts here
+    #   end
+    #
+    #   get '/admin/users' do
+    #     # Users here
+    #   end
+    #
+    # @param [#to_s] path_prefix a string to match again the start of 
+    #                request.fullpath
+    # @return [nil]
+    def require_login(path_prefix)
+      before do
+        if request.fullpath =~ /^#{path_prefix}/
+          require_login
         end
       end
     end

data/lib/sinatra/security/helpers.rb

@@ -1,51 +1,132 @@
 module Sinatra
   module Security
     module Helpers
-      def redirect_to_stored
-        if return_to = session[:return_to]
-          session[:return_to] = nil
-          redirect return_to
-        else
-          redirect "/"
-        end
-      end
+      # The main gateway. This method will redirect if no user is currently
+      # authenticated. 
+      #
+      # @example
+      #
+      #   get '/secured' do
+      #     require_login
+      #
+      #     # do super private thing here
+      #   end
+      #
+      # @param [String] login_url (defaults to /login) the url of the login form.
+      #                 take not that even if you specify a different login form,
+      #                 the POST action for that form should still be '/login'.
+      def require_login(login_url = settings.login_url)
+        return if logged_in?
 
-      def authenticate(params)
-        if user = ::User.authenticate(params[:username], params[:password])
-          session[:user] = user.id
+        if should_return_to?(request.fullpath)
+          session[:return_to] = request.fullpath
         end
+        redirect login_url
       end
-
-      def require_login
-        if logged_in?
-          return true
-        else
-          if should_return_to?(request.fullpath)
-            session[:return_to] = request.fullpath
-          end
-          redirect "/login"
-          return false
-        end
+  
+      # Dynamic redirection based on the return path that was set.
+      #
+      # @example
+      #   
+      #   # By default assumes you use :return_to and '/'.
+      #   # You can use this in your code as well. i.e.
+      #   get '/fb/login' do
+      #     session[:fb_return_to] = params[:from]
+      #     # redirect to fb OAuth URI here.
+      #   end
+      #
+      #   get '/fb/success' do
+      #     # successfully processed, save whatever here
+      #     redirect_to_return_url :fb_return_to, "/home"
+      #   end
+      #
+      # @param [Symbol] session_key the key in the session, defaults to
+      #                 :return_to.
+      # @param [String] default url when no stored value is found in
+      #                 session[session_key]. defaults to '/'.
+      def redirect_to_return_url(session_key = :return_to, default = '/')
+        redirect session.delete(:return_to) || default
       end
-
-      def current_user
-        @current_user ||= ::User[session[:user]] if session[:user]
+      
+      # Returns the currently logged in user, identified through 
+      # session[:user]. The default finder uses User[id], based on Ohm's
+      # finder method.
+      #
+      # @see http://ohm.keyvalue.org
+      #
+      # @example
+      #   
+      #   # ActiveRecord style finders
+      #   current_user(lambda { |id| User.find(id) })
+      #
+      #   # Also, if you change the settings to use a different user class,
+      #   # then that will be respected
+      #   set :login_user_class, :SuperUser
+      #
+      #   # assuming session[:user] == 1
+      #   current_user == SuperUser[1]
+      #   # => true
+      #
+      # @param [Proc] finder (defaults to User[id]) allows you to pass in a
+      #               different finder method. 
+      # @return [User] or alternatively, an instance of settings.login_user_class
+      def current_user(finder = lambda { |id| __USER__[id] })
+        @current_user ||= finder.call(session[:user]) if session[:user]
       end
-
+      
+      # @return [true] if the user is logged in
+      # @return [false] if the user is not logged in
       def logged_in?
         !! current_user
       end
-
+    
+      # Used for simple atomic authorization rules on a per action / route 
+      # basis. 
+      #
+      # @example
+      #
+      #   get '/posts/:id/edit' do |id|
+      #     post = Post[id]
+      #     ensure_current_user post.author # halts to a 404 if not satisfied.
+      #
+      #     # the rest of this gets executed when 
+      #     # the author is indeed the current user.
+      #   end
+      #
+      # @param [User] a user object.
       def ensure_current_user(user)
         halt 404 unless user == current_user
       end
-
+  
+      # The method says it all. Mostly for keeping responsibility where it 
+      # belongs, instead of letting the application code deal with the session
+      # keys themselves.
       def logout!
         session.delete(:user) 
       end
+     
+      # Internally used by the POST /login route handler.
+      #
+      # @param [Hash] opts The hash containing :username and :password.
+      # @option opts [#to_s] :username The username of a User.
+      # @option opts [String] :password The password of a User.
+      # @return [String] the `id` of the user if found.
+      # @return [nil] if no user matches the :username / :password combination.
+      def authenticate(opts)
+        if user = __USER__.authenticate(opts[:username], opts[:password])
+          session[:user] = user.id
+        end
+      end
 
-      def should_return_to?(path)
-        !(path =~ /(jpe?g|png|gif|css|js)$/)
+      # @private transforms settings.login_user_class to a constant, 
+      #          and used by current_user
+      def __USER__
+        Object.const_get(settings.login_user_class)
+      end
+  
+      # @private internally used by Sinatra::Security::Helpers#require_login
+      def should_return_to?(path, ignored = settings.ignored_by_return_to)
+        !(path =~ ignored)
       end
     end
   end

data/lib/sinatra/security/identification.rb

@@ -1,17 +1,55 @@
 module Sinatra
   module Security
+    # The identification module is mixed into Sinatra::Security::User. The
+    # API loosely applies to Ohm, although it will work with ActiveRecord.
+    #
+    # @example
+    #
+    #   class User < Ohm::Model
+    #     include Sinatra::Security::User
+    #   end
+    #
+    #   User.respond_to?(:find_by_login)
+    #   # => true
+    #
+    #   User.respond_to?(:authenticate)
+    #   # => true
+    #
+    # If you wish to override any of these, it's as simple as defining your
+    # own method in your User class.
     module Identification
-      def find_by_login(login)
-        find(:email => login).first
-      end
-
-      def authenticate(login, pass)
+      # Finds the User matching the given login / password combination.
+      # @see Sinatra::Security::Helpers#authenticate
+      #
+      # @param [#to_s] login the value of `:email` in your datastore.
+      # @param [String] password the raw password for the user in `:email`.
+      # @return [User] the user matching the credentials if found.
+      # @return [nil]  if no matching user found.
+      def authenticate(login, password)
         if user = find_by_login(login)
-          if Sinatra::Security::Password::Hashing.check(pass, user.crypted_password)
+          if Sinatra::Security::Password::Hashing.check(password, user.crypted_password)
             user
           end
         end
       end
+
+      # Used internally by User::authenticate to find the user given the 
+      # `:email` value.
+      #
+      # @param [#to_s] login the value of `:email` in your datastore. You may
+      #                also override the key used. 
+      # @return [User] an instance of User if found.
+      # @return [nil]  if no user found with the given login value.
+      #
+      # @see Sinatra::Security::LoginField::attr_name
+      def find_by_login(login)
+        find(__LOGIN_FIELD__ => login).first
+      end
+
+    protected
+      def __LOGIN_FIELD__
+        Sinatra::Security::LoginField.attr_name 
+      end
     end
   end
 end

data/lib/sinatra/security/login_field.rb

@@ -1,11 +1,44 @@
 module Sinatra
   module Security
+    # This module allows you to customize the name of the login field used
+    # in your datastore. By default :email is used.
+    #
+    # @example
+    #   
+    #   # somewhere in your code during bootstrapping
+    #   require 'sinatra/security'
+    #   Sinatra::Security::LoginField.attr_name :login
+    #
+    #   # then in your actual user.rb or something...
+    #   class User < Ohm::Model
+    #     include Sinatra::Security::User
+    #     # at this point the following are done:
+    #     # attribute :login
+    #     # index :login
+    #   end
     module LoginField
+      # @example
+      #   
+      #   Sinatra::Security::LoginField.attr_name :username
+      #
+      #   class User < Ohm::Model
+      #     include Sinatra::Security::User
+      #     # effectively executes the following:
+      #     # attribute :username
+      #     # index :username
+      #   end
+      #
+      # @overload attr_name()
+      #   Get the value of attr_name.
+      # @overload attr_name(attr_name)
+      #   @param [#to_sym] attr_name the attr_name to be used e.g. 
+      #                    :username, :login.
+      # @return [Symbol] the current attr_name.
       def self.attr_name(attr_name = nil)
-        @attr_name = attr_name if attr_name
+        @attr_name = attr_name.to_sym if attr_name
         @attr_name
       end
-      attr_name(:email)
+      attr_name :email
       
       def self.included(user)
         user.attribute LoginField.attr_name
@@ -13,4 +46,4 @@ module Sinatra
       end
     end
   end
-end
+end

data/lib/sinatra/security/password.rb

@@ -2,16 +2,36 @@ require 'digest/sha2'
 
 module Sinatra
   module Security
+    # This module handles everything related to password handling.
+    # 
+    # @example
+    #   
+    #   class User < Ohm::Model
+    #     include Sinatra::Security::Password
+    #   end
+    #
+    #   User.attributes == [:crypted_password]
+    #   # => true
+    #
+    #   User.new.respond_to?(:password)
+    #   # => true
+    #
+    #   User.new.respond_to?(:password_confirmation)
+    #   # => true
+    #       
+    # @see http://ohm.keyvalue.org for information about Ohm::Model.
     module Password
-      def self.included(base)
-        base.send :attribute, :crypted_password
-        base.send :attr_accessor, :password, :password_confirmation
+      def self.included(model)
+        model.attribute :crypted_password
+
+        model.send :attr_accessor, :password, :password_confirmation
       end
 
     protected
+      # @private internally called by Ohm after validation when persisting.
       def write
         if !password.to_s.empty?
-          write_local :crypted_password, Sinatra::Security::Password::Hashing.update(password)
+          write_local :crypted_password, Hashing.encrypt(password)
         end
 
         super
@@ -20,24 +40,61 @@ module Sinatra
       module Hashing
         extend self
 
-        # Generates a new salt and rehashes the password
-        def update(password)
-          salt = self.salt
-          hash = self.hash(password,salt)
-          self.store(hash, salt)
+        # Given any string generates a string which includes both the
+        # 128 character (SHA512) hash and the salt.
+        #
+        # By default the salt is a 64 character pseudo-random string.
+        #
+        # @example
+        #
+        #   include Sinatra::Security
+        #
+        #   crypted = Password::Hashing.encrypt('123')
+        #   crypted.length == 192
+        #   # => true
+        #
+        #   crypted = Password::Hashing.encrypt('123', '123456789012')
+        #   crypted.length == 140 # i.e. 128 + 12 chars
+        #   # => true
+        #
+        #   crypted = Password::Hashing.encrypt('123')
+        #   Password::Hashing.check('123', crypted)
+        #   # => true
+        #   
+        #
+        # @param [String] password any string with any length.
+        # @param [String] salt (defaults to Hashing#salt) any string.
+        # @return [String] a string holding the crypted password and the salt.
+        #
+        # @see Sinatra::Security::Password::Hashing#check
+        def encrypt(password, salt = self.generate_salt)
+          serialize(hash(password, salt), salt)
         end
 
-        # Checks the password against the stored password
-        def check(password, stored)
-          hash = self.get_hash(stored)
-          salt = self.get_salt(stored)
+        # Checks the password against the serialized password.
+        #
+        # @example
+        #
+        #   include Sinatra::Security
+        #   crypted = Password::Hashing.encrypt('123')
+        #   Password::Hashing.check('123', crypted)
+        #   # => true
+        #
+        # @param [String] password a string to check against crypted.
+        # @param [String] crypted the serialized string containing the 
+        #                 hash and salt.
+        #
+        # @return [true] if the password matches the hash / salt combination.
+        # @return [false] if the password does not match the hash / salt.
+        def check(password, crypted)
+          hash, salt = unserialize(crypted)
 
           self.hash(password, salt) == hash
         end
 
       protected
         # Generates a psuedo-random 64 character string
-        def salt
+        def generate_salt
           salt = ""
           64.times { 
             salt << (i = Kernel.rand(62); i += ((i < 10) ? 48 : ((i < 36) ? 55 : 61 ))).chr }
@@ -50,18 +107,13 @@ module Sinatra
         end
 
         # Mixes the hash and salt together for storage
-        def store(hash, salt)
+        def serialize(hash, salt)
           hash + salt
         end
-
-        # Gets the hash from a stored password
-        def get_hash(stored)
-          stored[0..127]
-        end
-
-        # Gets the salt from a stored password
-        def get_salt(stored)
-          stored[128..192]
+        
+        # Returns the original hash and salt generated from serialize.
+        def unserialize(serialized)
+          return serialized[0..127], serialized[128..-1]
         end
       end
     end

data/lib/sinatra/security/user.rb

@@ -1,5 +1,30 @@
 module Sinatra
   module Security
+    # Mixes in to any included class all of the following:
+    # 
+    # * Sinatra::Security::LoginField
+    # * Sinatra::Security::Password
+    # * Sinatra::Security::Validations
+    #
+    # It also extends the class with Sinatra::Security::Identification.
+    #
+    # @example
+    #   
+    #   class User < Ohm::Model
+    #     include Sinatra::Security::User
+    #   end
+    #
+    #   user = User.new
+    #   user.valid?
+    #   user.errors == [[:email, :not_present], [:password, :not_present]]
+    #   # => true
+    #
+    #   user = User.create(:email => "test@example.com", :password => "pass",
+    #                      :password_confirmation => "pass")
+    #
+    #   User.authenticate("test@example.com", "pass") == user
+    #   # => true
+    #
     module User
       def self.included(user)
         user.send :include, LoginField
@@ -10,4 +35,4 @@ module Sinatra
       end
     end
   end
-end
+end

data/lib/sinatra/security/validations.rb

@@ -4,11 +4,14 @@ module Sinatra
       EMAIL_FORMAT = /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
       
       def validate
-        # TODO : email requirement should only be done if
-        # LoginField.attr_name == :email maybe
-        # then just let users expilicity declare there own 
-        # validation rules
-        assert_login_using_email :email
+        login_field = Sinatra::Security::LoginField.attr_name
+
+        if login_field == :email
+          assert_login_using_email :email
+        else
+          assert_present(login_field) and assert_unique(login_field)
+        end
+
         assert_password :password
         
         super

data/sinatra-security.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{sinatra-security}
-  s.version = "0.1.6"
+  s.version = "0.2.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Cyril David"]
-  s.date = %q{2010-05-18}
+  s.date = %q{2010-05-26}
   s.description = %q{For use with Sinatra + Monk + OHM}
   s.email = %q{cyx.ucron@gmail.com}
   s.extra_rdoc_files = [
@@ -35,6 +35,7 @@ Gem::Specification.new do |s|
      "lib/sinatra/security/validations.rb",
      "sinatra-security.gemspec",
      "test/helper.rb",
+     "test/test_login_field_flexibility.rb",
      "test/test_password.rb",
      "test/test_sinatra-security.rb",
      "test/test_sinatra_security_helpers.rb",
@@ -44,10 +45,11 @@ Gem::Specification.new do |s|
   s.homepage = %q{http://github.com/sinefunc/sinatra-security}
   s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.5}
+  s.rubygems_version = %q{1.3.6}
   s.summary = %q{Sinatra authentication extension}
   s.test_files = [
     "test/helper.rb",
+     "test/test_login_field_flexibility.rb",
      "test/test_password.rb",
      "test/test_sinatra-security.rb",
      "test/test_sinatra_security_helpers.rb",

data/test/test_login_field_flexibility.rb

@@ -0,0 +1,37 @@
+require "helper"
+
+class LoginFieldFlexbilityTest < Test::Unit::TestCase
+  def setup
+    Sinatra::Security::LoginField.attr_name :login
+  end
+
+  def teardown
+    Sinatra::Security::LoginField.attr_name :email 
+  end
+  
+  class DiffUser
+    def self.attribute(att)
+    end
+    
+    def self.index(att)
+    end
+
+    include Sinatra::Security::User
+  end
+  
+  test "find_by_login uses :login" do
+    @set = stub("Set", :first => :user)
+    DiffUser.expects(:find).with(:login => 'foobar').returns(@set)
+
+    assert_equal :user, DiffUser.find_by_login('foobar')
+  end
+
+  test "authenticate method uses :login" do
+    @user = stub("User", :id => 1001, :crypted_password => '_crypted_')
+    @set = stub("Set", :first => @user)
+    DiffUser.expects(:find).with(:login => 'foobar').returns(@set)
+
+
+    DiffUser.authenticate('foobar', 'pass')
+  end
+end

data/test/test_password.rb

@@ -21,8 +21,13 @@ class TestPassword < Test::Unit::TestCase
   include Sinatra::Security
 
   describe "#update" do
-    should "return a 192 character string" do
-      assert_equal 192, Password::Hashing.update('123456').length
+    should "return a 192 character string by default" do
+      assert_equal 192, Password::Hashing.encrypt('123456').length
+    end
+
+    should "return a different length if you pass a custom salt" do
+      assert_equal 140, 
+        Password::Hashing.encrypt('123456', '123456789012').length
     end
   end
 
@@ -30,7 +35,14 @@ class TestPassword < Test::Unit::TestCase
     should "be able to match the original password given" do
       @password = 'password100'
 
-      assert Password::Hashing.check(@password, Password::Hashing.update(@password))
+      assert Password::Hashing.check(@password, Password::Hashing.encrypt(@password))
+    end
+
+    should "be able to match original pass given custom salt" do
+      password = 'password100'
+      crypted  = Password::Hashing.encrypt(password, 'customsalt')
+
+      assert Password::Hashing.check(password, crypted)
     end
   end
 

data/test/test_sinatra-security.rb

@@ -5,6 +5,8 @@ class BasicApp < Sinatra::Base
 
   register Sinatra::Security
   
+  require_login '/mass'
+
   get '/login' do
     "<h1>Login Page</h1>"
   end
@@ -16,6 +18,14 @@ class BasicApp < Sinatra::Base
   get '/private' do
     require_login
   end
+  
+  get '/mass/private1' do
+    "Private 1"
+  end
+
+  get '/mass/private2' do
+    "Private 2"
+  end
 
   get '/css/main.css' do
     require_login
@@ -136,4 +146,23 @@ class TestSinatraSecurity < Test::Unit::TestCase
       assert_equal '/login', last_response.headers['Location']
     end
   end
+
+  describe "going to /mass/private1" do
+    should "redirect to /login" do
+      get '/mass/private1'
+
+      assert_equal 302, last_response.status
+      assert_equal '/login', last_response.headers['Location']
+    end
+  end
+
+  describe "going to /mass/private2" do
+    should "redirect to /login" do
+      get '/mass/private2'
+
+      assert_equal 302, last_response.status
+      assert_equal '/login', last_response.headers['Location']
+    end
+  end
+
 end

data/test/test_sinatra_security_helpers.rb

@@ -27,6 +27,9 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
 
   describe "when session[:user] is set to 1" do
     setup do
+      @settings = stub("Settings", :login_user_class => :User)
+
+      @context.stubs(:settings).returns(@settings)
       @context.session[:user] = 1
     end
 
@@ -83,15 +86,27 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
   
   describe "#require_login" do
     context "when logged_in?" do
-      should "return true" do
+      should "not redirect" do
+        @settings = stub("Settings", :ignored_by_return_to => /foobared$/,
+                                     :login_url => '/new-login-url')
+        @context.stubs(:settings).returns(@settings)
+
+
+        @context.expects(:redirect).never
         @context.expects(:logged_in?).returns(true)
-        assert @context.require_login 
+
+        @context.require_login 
       end
     end
 
     context "when not logged_in?" do
       setup do
         @context.stubs(:logged_in?).returns(false)
+        @settings = stub("Settings", :ignored_by_return_to => /foobared$/,
+                                     :login_url => '/new-login-url')
+
+        @context.stubs(:settings).returns(@settings)
+
         @context.request = stub("Request", :fullpath => "/some/fullpath/here")
       end
 
@@ -102,7 +117,7 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
       end
 
       should "redirect to /login" do
-        @context.expects(:redirect).with('/login')
+        @context.expects(:redirect).with('/new-login-url')
 
         @context.require_login
       end
@@ -110,6 +125,15 @@ class TestSinatraSecurityHelpers < Test::Unit::TestCase
       should "return false" do
         assert ! @context.require_login
       end
+
+      context "when the request matches ignored" do
+        should "not store the fullpath in return_to" do
+          @context.request = stub("Request", :fullpath => "/some/fullpath/foobared")
+          @context.require_login
+
+          assert_nil @context.session[:return_to]
+        end
+      end
     end
   end
 

data/test/test_validations.rb

@@ -46,6 +46,64 @@ class UserDefaultValidation < TestFixtures::User
 end
 
 class TestValidations < Test::Unit::TestCase
+  context "with a different login field" do
+    class User < TestFixtures::User
+      include Sinatra::Security::Validations
+      
+      attr_accessor :login
+
+      def errors
+        @errors ||= []
+      end
+    end
+
+    setup do
+      Sinatra::Security::LoginField.attr_name :login 
+    end
+
+    teardown do
+      Sinatra::Security::LoginField.attr_name :email
+    end
+  
+    context "when a new record" do
+      should "assert login present" do
+        user = User.new
+        user.expects(:new?).returns(true)
+        user.validate
+
+        assert_equal [[:login, :not_present], [:password, :not_present]],
+          user.errors
+      end
+
+      should "assert login unique" do
+        user = User.new
+        user.login = 'login'
+        user.expects(:new?).returns(true)
+        user.expects(:assert_unique).with(:login)
+        user.validate
+      end
+    end
+
+    context "when an existing record" do
+      should "still assert login present" do
+        user = User.new
+        user.expects(:new?).returns(false)
+        user.validate
+
+        assert_equal [[:login, :not_present]], user.errors
+      end
+
+      should "assert login unique" do
+        user = User.new
+        user.login = 'login'
+        user.expects(:new?).returns(false)
+        user.expects(:assert_unique).with(:login)
+        user.validate
+      end
+    end
+
+  end
+
   context "without an email" do
     should "require the email to be present" do
       user = UserWithEmailValidation.new

metadata

@@ -1,7 +1,12 @@
 --- !ruby/object:Gem::Specification 
 name: sinatra-security
 version: !ruby/object:Gem::Version 
-  version: 0.1.6
+  prerelease: false
+  segments: 
+  - 0
+  - 2
+  - 0
+  version: 0.2.0
 platform: ruby
 authors: 
 - Cyril David
@@ -9,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-05-18 00:00:00 +08:00
+date: 2010-05-26 00:00:00 +08:00
 default_executable: 
 dependencies: []
 
@@ -41,6 +46,7 @@ files:
 - lib/sinatra/security/validations.rb
 - sinatra-security.gemspec
 - test/helper.rb
+- test/test_login_field_flexibility.rb
 - test/test_password.rb
 - test/test_sinatra-security.rb
 - test/test_sinatra_security_helpers.rb
@@ -59,23 +65,26 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      segments: 
+      - 0
       version: "0"
-  version: 
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.5
+rubygems_version: 1.3.6
 signing_key: 
 specification_version: 3
 summary: Sinatra authentication extension
 test_files: 
 - test/helper.rb
+- test/test_login_field_flexibility.rb
 - test/test_password.rb
 - test/test_sinatra-security.rb
 - test/test_sinatra_security_helpers.rb