solidus_auth_devise 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of solidus_auth_devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/.gitignore +9 -0
- data/.rspec +2 -0
- data/.travis.yml +11 -0
- data/Gemfile +9 -0
- data/LICENSE.md +26 -0
- data/README.md +88 -0
- data/Rakefile +21 -0
- data/app/controllers/metal_decorator.rb +6 -0
- data/app/mailers/spree/user_mailer.rb +15 -0
- data/app/models/spree/auth_configuration.rb +7 -0
- data/app/models/spree/user.rb +50 -0
- data/app/overrides/auth_shared_login_bar.rb +7 -0
- data/app/overrides/spree/admin/shared/_header/auth_admin_login_navigation_bar.html.erb.deface +4 -0
- data/bin/rails +7 -0
- data/config/initializers/devise.rb +137 -0
- data/config/initializers/warden.rb +14 -0
- data/config/locales/de.yml +49 -0
- data/config/locales/en.yml +55 -0
- data/config/locales/es.yml +49 -0
- data/config/locales/fr.yml +49 -0
- data/config/locales/it.yml +76 -0
- data/config/locales/nl.yml +49 -0
- data/config/locales/pt-BR.yml +51 -0
- data/config/locales/tr.yml +49 -0
- data/config/routes.rb +48 -0
- data/db/default/users.rb +83 -0
- data/db/migrate/20101026184949_create_users.rb +29 -0
- data/db/migrate/20101026184950_rename_columns_for_devise.rb +37 -0
- data/db/migrate/20101214150824_convert_user_remember_field.rb +11 -0
- data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb +8 -0
- data/db/migrate/20120605211305_make_users_email_index_unique.rb +9 -0
- data/db/migrate/20140904000425_add_deleted_at_to_users.rb +6 -0
- data/db/migrate/20141002154641_add_confirmable_to_users.rb +7 -0
- data/db/seeds.rb +5 -0
- data/lib/assets/javascripts/spree/backend/solidus_auth.js +1 -0
- data/lib/assets/javascripts/spree/frontend/solidus_auth.js +1 -0
- data/lib/assets/stylesheets/spree/backend/solidus_auth.css +3 -0
- data/lib/assets/stylesheets/spree/frontend/solidus_auth.css +3 -0
- data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb +26 -0
- data/lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb +20 -0
- data/lib/controllers/backend/spree/admin/admin_resource_controller_decorator.rb +3 -0
- data/lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb +15 -0
- data/lib/controllers/backend/spree/admin/user_passwords_controller.rb +45 -0
- data/lib/controllers/backend/spree/admin/user_sessions_controller.rb +47 -0
- data/lib/controllers/frontend/spree/checkout_controller_decorator.rb +47 -0
- data/lib/controllers/frontend/spree/user_confirmations_controller.rb +21 -0
- data/lib/controllers/frontend/spree/user_passwords_controller.rb +53 -0
- data/lib/controllers/frontend/spree/user_registrations_controller.rb +72 -0
- data/lib/controllers/frontend/spree/user_sessions_controller.rb +53 -0
- data/lib/controllers/frontend/spree/users_controller.rb +57 -0
- data/lib/generators/spree/auth/install/install_generator.rb +26 -0
- data/lib/generators/spree/auth/install/templates/config/initializers/devise.rb +1 -0
- data/lib/solidus/auth.rb +2 -0
- data/lib/solidus_auth_devise.rb +5 -0
- data/lib/spree/auth/devise.rb +20 -0
- data/lib/spree/auth/engine.rb +77 -0
- data/lib/spree/authentication_helpers.rb +26 -0
- data/lib/tasks/auth.rake +9 -0
- data/lib/views/backend/spree/admin/user_passwords/edit.html.erb +15 -0
- data/lib/views/backend/spree/admin/user_passwords/new.html.erb +17 -0
- data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb +4 -0
- data/lib/views/backend/spree/admin/user_sessions/new.html.erb +31 -0
- data/lib/views/backend/spree/layouts/admin/_login_nav.html.erb +13 -0
- data/lib/views/frontend/spree/checkout/registration.html.erb +22 -0
- data/lib/views/frontend/spree/shared/_flashes.html.erb +9 -0
- data/lib/views/frontend/spree/shared/_login.html.erb +18 -0
- data/lib/views/frontend/spree/shared/_login_bar.html.erb +6 -0
- data/lib/views/frontend/spree/shared/_user_form.html.erb +17 -0
- data/lib/views/frontend/spree/user_mailer/confirmation_instructions.text.erb +5 -0
- data/lib/views/frontend/spree/user_mailer/reset_password_instructions.text.erb +10 -0
- data/lib/views/frontend/spree/user_passwords/edit.html.erb +17 -0
- data/lib/views/frontend/spree/user_passwords/new.html.erb +17 -0
- data/lib/views/frontend/spree/user_registrations/new.html.erb +21 -0
- data/lib/views/frontend/spree/user_sessions/authorization_failure.html.erb +4 -0
- data/lib/views/frontend/spree/user_sessions/new.html.erb +13 -0
- data/lib/views/frontend/spree/users/edit.html.erb +14 -0
- data/lib/views/frontend/spree/users/show.html.erb +43 -0
- data/solidus_auth_devise.gemspec +42 -0
- data/spec/controllers/spree/admin/orders_controller_spec.rb +14 -0
- data/spec/controllers/spree/checkout_controller_spec.rb +141 -0
- data/spec/controllers/spree/products_controller_spec.rb +21 -0
- data/spec/controllers/spree/user_passwords_controller_spec.rb +44 -0
- data/spec/controllers/spree/user_registrations_controller_spec.rb +13 -0
- data/spec/controllers/spree/user_sessions_controller_spec.rb +56 -0
- data/spec/controllers/spree/users_controller_spec.rb +38 -0
- data/spec/factories/confirmed_user.rb +7 -0
- data/spec/features/account_spec.rb +58 -0
- data/spec/features/admin/orders_spec.rb +29 -0
- data/spec/features/admin/password_reset_spec.rb +24 -0
- data/spec/features/admin/payment_methods_spec.rb +16 -0
- data/spec/features/admin/products_spec.rb +9 -0
- data/spec/features/admin/sign_in_spec.rb +44 -0
- data/spec/features/admin/sign_out_spec.rb +22 -0
- data/spec/features/admin_permissions_spec.rb +46 -0
- data/spec/features/change_email_spec.rb +24 -0
- data/spec/features/checkout_spec.rb +165 -0
- data/spec/features/confirmation_spec.rb +28 -0
- data/spec/features/order_spec.rb +62 -0
- data/spec/features/password_reset_spec.rb +24 -0
- data/spec/features/sign_in_spec.rb +52 -0
- data/spec/features/sign_out_spec.rb +25 -0
- data/spec/features/sign_up_spec.rb +30 -0
- data/spec/mailers/user_mailer_spec.rb +46 -0
- data/spec/models/order_spec.rb +26 -0
- data/spec/models/user_spec.rb +58 -0
- data/spec/spec_helper.rb +25 -0
- data/spec/support/ability.rb +15 -0
- data/spec/support/authentication_helpers.rb +14 -0
- data/spec/support/capybara.rb +7 -0
- data/spec/support/confirm_helpers.rb +11 -0
- data/spec/support/database_cleaner.rb +18 -0
- data/spec/support/email.rb +5 -0
- data/spec/support/factory_girl.rb +5 -0
- data/spec/support/spree.rb +26 -0
- metadata +452 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: fdc058e59afb482f83388e1873d1a431adb0c82e
|
4
|
+
data.tar.gz: c1b6defab1f7469a5eabf71e906b4afdb097fb87
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 342e347a661b1bb4237db893e2affc82b576f4ae0c93d5cdc2a03d4c80b3ee92be071a9ffea555f52b5b8dd7f54a6f4627e8b3e6600e0594795ed7cacc704364
|
7
|
+
data.tar.gz: d35c102bbf92ffe67ba025c7f063c3aecd61e78ea41dc6d24190b5705c75b93508ca05e7f465dc1320a82083c8915cb3c82bed6124f14be8ed075204c86e5b80
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.md
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
Copyright (c) 2014, Spree Commerce, Inc. and other contributors
|
2
|
+
All rights reserved.
|
3
|
+
|
4
|
+
Redistribution and use in source and binary forms, with or without modification,
|
5
|
+
are permitted provided that the following conditions are met:
|
6
|
+
|
7
|
+
* Redistributions of source code must retain the above copyright notice,
|
8
|
+
this list of conditions and the following disclaimer.
|
9
|
+
* Redistributions in binary form must reproduce the above copyright notice,
|
10
|
+
this list of conditions and the following disclaimer in the documentation
|
11
|
+
and/or other materials provided with the distribution.
|
12
|
+
* Neither the name Spree nor the names of its contributors may be used to
|
13
|
+
endorse or promote products derived from this software without specific
|
14
|
+
prior written permission.
|
15
|
+
|
16
|
+
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
17
|
+
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
18
|
+
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
19
|
+
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
|
20
|
+
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
21
|
+
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
22
|
+
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
23
|
+
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
24
|
+
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
25
|
+
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
26
|
+
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
data/README.md
ADDED
@@ -0,0 +1,88 @@
|
|
1
|
+
Solidus Auth (Devise)
|
2
|
+
=====================
|
3
|
+
|
4
|
+
Provides authentication services for Solidus, using the Devise gem.
|
5
|
+
|
6
|
+
Installation
|
7
|
+
------------
|
8
|
+
|
9
|
+
Just add this line to your `Gemfile`:
|
10
|
+
```ruby
|
11
|
+
gem "solidus_auth_devise"
|
12
|
+
```
|
13
|
+
|
14
|
+
Then run `bundle install`.
|
15
|
+
|
16
|
+
### Confirmable
|
17
|
+
|
18
|
+
To enable Devise's Confirmable module, which will send the user an email with a link to confirm their account, you must do the following:
|
19
|
+
|
20
|
+
* Add this line to an initializer in your Rails project (typically `config/initializers/spree.rb`):
|
21
|
+
```ruby
|
22
|
+
Spree::Auth::Config[:confirmable] = true
|
23
|
+
```
|
24
|
+
|
25
|
+
* Add a Devise initializer to your Rails project (typically `config/initializers/devise.rb`):
|
26
|
+
```ruby
|
27
|
+
Devise.setup do |config|
|
28
|
+
# Required so users don't lose their carts when they need to confirm.
|
29
|
+
config.allow_unconfirmed_access_for = 1.days
|
30
|
+
|
31
|
+
# Fixes the bug where Confirmation errors result in a broken page.
|
32
|
+
config.router_name = :spree
|
33
|
+
|
34
|
+
# Add any other devise configurations here, as they will override the defaults provided by solidus_auth_devise.
|
35
|
+
end
|
36
|
+
```
|
37
|
+
|
38
|
+
Using in an existing Rails application
|
39
|
+
--------------------------------------
|
40
|
+
|
41
|
+
If you are installing Solidus inside of a host application in which you want your own permission setup, you can do this using solidus_auth_devise's `register_ability` method.
|
42
|
+
|
43
|
+
First create your own CanCan Ability class following the CanCan documentation.
|
44
|
+
|
45
|
+
For example: app/models/super_abilities.rb
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
class SuperAbilities
|
49
|
+
include CanCan::Ability
|
50
|
+
|
51
|
+
def initialize user
|
52
|
+
if user.is? "Superman"
|
53
|
+
can :stop, Bullet
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
```
|
58
|
+
|
59
|
+
Then register your class in your spree initializer: config/initializers/spree.rb
|
60
|
+
```ruby
|
61
|
+
Spree::Ability.register_ability(SuperAbilities)
|
62
|
+
```
|
63
|
+
|
64
|
+
Inside of your host application you can then use CanCan like you normally would.
|
65
|
+
```erb
|
66
|
+
<% if can? :show SomeRailsObject %>
|
67
|
+
...
|
68
|
+
<% end %>
|
69
|
+
```
|
70
|
+
|
71
|
+
### Adding Permissions to Gems
|
72
|
+
|
73
|
+
This methodology can also be used by gems that extend spree and want/need to add permissions.
|
74
|
+
|
75
|
+
Testing
|
76
|
+
-------
|
77
|
+
|
78
|
+
Until Solidus is publicly available, the easiest way to satisfy the Solidus dependancy is with a local Bundler override:
|
79
|
+
|
80
|
+
```shell
|
81
|
+
bundle config local.spree /path/to/local/solidus/repository
|
82
|
+
```
|
83
|
+
|
84
|
+
Then just run the following to automatically build a dummy app if necessary and run the tests:
|
85
|
+
|
86
|
+
```shell
|
87
|
+
bundle exec rake
|
88
|
+
```
|
data/Rakefile
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'bundler'
|
2
|
+
Bundler::GemHelper.install_tasks
|
3
|
+
|
4
|
+
require 'rspec/core/rake_task'
|
5
|
+
require 'spree/testing_support/common_rake'
|
6
|
+
|
7
|
+
RSpec::Core::RakeTask.new
|
8
|
+
|
9
|
+
task :default do
|
10
|
+
if Dir["spec/dummy"].empty?
|
11
|
+
Rake::Task[:test_app].invoke
|
12
|
+
Dir.chdir("../../")
|
13
|
+
end
|
14
|
+
Rake::Task[:spec].invoke
|
15
|
+
end
|
16
|
+
|
17
|
+
desc 'Generates a dummy app for testing'
|
18
|
+
task :test_app do
|
19
|
+
ENV['LIB_NAME'] = 'solidus/auth'
|
20
|
+
Rake::Task['common:test_app'].invoke("Spree::User")
|
21
|
+
end
|
@@ -0,0 +1,15 @@
|
|
1
|
+
module Spree
|
2
|
+
class UserMailer < BaseMailer
|
3
|
+
def reset_password_instructions(user, token, *args)
|
4
|
+
@edit_password_reset_url = spree.edit_spree_user_password_url(:reset_password_token => token, :host => Spree::Store.current.url)
|
5
|
+
|
6
|
+
mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, :scope => [:devise, :mailer, :reset_password_instructions])
|
7
|
+
end
|
8
|
+
|
9
|
+
def confirmation_instructions(user, token, opts={})
|
10
|
+
@confirmation_url = spree.spree_user_confirmation_url(:confirmation_token => token, :host => Spree::Store.current.url)
|
11
|
+
|
12
|
+
mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, :scope => [:devise, :mailer, :confirmation_instructions])
|
13
|
+
end
|
14
|
+
end
|
15
|
+
end
|
@@ -0,0 +1,50 @@
|
|
1
|
+
module Spree
|
2
|
+
class User < ActiveRecord::Base
|
3
|
+
include UserAddress
|
4
|
+
include UserPaymentSource
|
5
|
+
|
6
|
+
devise :database_authenticatable, :registerable, :recoverable,
|
7
|
+
:rememberable, :trackable, :validatable, :encryptable, :encryptor => 'authlogic_sha512'
|
8
|
+
devise :confirmable if Spree::Auth::Config[:confirmable]
|
9
|
+
|
10
|
+
acts_as_paranoid
|
11
|
+
after_destroy :scramble_email_and_password
|
12
|
+
|
13
|
+
has_many :orders
|
14
|
+
|
15
|
+
before_validation :set_login
|
16
|
+
|
17
|
+
users_table_name = User.table_name
|
18
|
+
roles_table_name = Role.table_name
|
19
|
+
|
20
|
+
scope :admin, -> { includes(:spree_roles).where("#{roles_table_name}.name" => "admin") }
|
21
|
+
|
22
|
+
def self.admin_created?
|
23
|
+
User.admin.count > 0
|
24
|
+
end
|
25
|
+
|
26
|
+
def admin?
|
27
|
+
has_spree_role?('admin')
|
28
|
+
end
|
29
|
+
|
30
|
+
protected
|
31
|
+
def password_required?
|
32
|
+
!persisted? || password.present? || password_confirmation.present?
|
33
|
+
end
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
def set_login
|
38
|
+
# for now force login to be same as email, eventually we will make this configurable, etc.
|
39
|
+
self.login ||= self.email if self.email
|
40
|
+
end
|
41
|
+
|
42
|
+
def scramble_email_and_password
|
43
|
+
self.email = SecureRandom.uuid + "@example.net"
|
44
|
+
self.login = self.email
|
45
|
+
self.password = SecureRandom.hex(8)
|
46
|
+
self.password_confirmation = self.password
|
47
|
+
self.save
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
data/bin/rails
ADDED
@@ -0,0 +1,137 @@
|
|
1
|
+
# Use this hook to configure devise mailer, warden hooks and so forth. The first
|
2
|
+
# four configuration values can also be set straight in your models.
|
3
|
+
Devise.setup do |config|
|
4
|
+
# ==> Mailer Configuration
|
5
|
+
# Configure the e-mail address which will be shown in DeviseMailer.
|
6
|
+
config.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
7
|
+
|
8
|
+
# Configure the class responsible to send e-mails.
|
9
|
+
config.mailer = 'Spree::UserMailer'
|
10
|
+
|
11
|
+
# ==> ORM configuration
|
12
|
+
# Load and configure the ORM. Supports :active_record (default) and
|
13
|
+
# :mongoid (bson_ext recommended) by default. Other ORMs may be
|
14
|
+
# available as additional gems.
|
15
|
+
require 'devise/orm/active_record'
|
16
|
+
|
17
|
+
# ==> Configuration for any authentication mechanism
|
18
|
+
# Configure which keys are used when authenticating an user. By default is
|
19
|
+
# just :email. You can configure it to use [:username, :subdomain], so for
|
20
|
+
# authenticating an user, both parameters are required. Remember that those
|
21
|
+
# parameters are used only when authenticating and not when retrieving from
|
22
|
+
# session. If you need permissions, you should implement that in a before filter.
|
23
|
+
# config.authentication_keys = [ :email ]
|
24
|
+
|
25
|
+
# Tell if authentication through request.params is enabled. True by default.
|
26
|
+
# config.params_authenticatable = true
|
27
|
+
|
28
|
+
# Tell if authentication through HTTP Basic Auth is enabled. False by default.
|
29
|
+
config.http_authenticatable = true
|
30
|
+
|
31
|
+
# Set this to true to use Basic Auth for AJAX requests. True by default.
|
32
|
+
#config.http_authenticatable_on_xhr = false
|
33
|
+
|
34
|
+
# The realm used in Http Basic Authentication
|
35
|
+
config.http_authentication_realm = 'Spree Application'
|
36
|
+
|
37
|
+
# ==> Configuration for :database_authenticatable
|
38
|
+
# For bcrypt, this is the cost for hashing the password and defaults to 10. If
|
39
|
+
# using other encryptors, it sets how many times you want the password re-encrypted.
|
40
|
+
config.stretches = 20
|
41
|
+
|
42
|
+
# Setup a pepper to generate the encrypted password.
|
43
|
+
config.pepper = Rails.configuration.secret_token
|
44
|
+
|
45
|
+
# ==> Configuration for :confirmable
|
46
|
+
# The time you want to give your user to confirm his account. During this time
|
47
|
+
# he will be able to access your application without confirming. Default is nil.
|
48
|
+
# When confirm_within is zero, the user won't be able to sign in without confirming.
|
49
|
+
# You can use this to let your user access some features of your application
|
50
|
+
# without confirming the account, but blocking it after a certain period
|
51
|
+
# (ie 2 days).
|
52
|
+
# config.confirm_within = 2.days
|
53
|
+
|
54
|
+
# ==> Configuration for :rememberable
|
55
|
+
# The time the user will be remembered without asking for credentials again.
|
56
|
+
# config.remember_for = 2.weeks
|
57
|
+
|
58
|
+
# If true, a valid remember token can be re-used between multiple browsers.
|
59
|
+
# config.remember_across_browsers = true
|
60
|
+
|
61
|
+
# If true, extends the user's remember period when remembered via cookie.
|
62
|
+
# config.extend_remember_period = false
|
63
|
+
|
64
|
+
# ==> Configuration for :validatable
|
65
|
+
# Range for password length
|
66
|
+
# config.password_length = 6..20
|
67
|
+
|
68
|
+
# ==> Configuration for :timeoutable
|
69
|
+
# The time you want to timeout the user session without activity. After this
|
70
|
+
# time the user will be asked for credentials again.
|
71
|
+
# config.timeout_in = 10.minutes
|
72
|
+
|
73
|
+
# ==> Configuration for :lockable
|
74
|
+
# Defines which strategy will be used to lock an account.
|
75
|
+
# :failed_attempts = Locks an account after a number of failed attempts to sign in.
|
76
|
+
# :none = No lock strategy. You should handle locking by yourself.
|
77
|
+
# config.lock_strategy = :failed_attempts
|
78
|
+
|
79
|
+
# Defines which strategy will be used to unlock an account.
|
80
|
+
# :email = Sends an unlock link to the user email
|
81
|
+
# :time = Re-enables login after a certain amount of time (see :unlock_in below)
|
82
|
+
# :both = Enables both strategies
|
83
|
+
# :none = No unlock strategy. You should handle unlocking by yourself.
|
84
|
+
# config.unlock_strategy = :both
|
85
|
+
|
86
|
+
# Number of authentication tries before locking an account if lock_strategy
|
87
|
+
# is failed attempts.
|
88
|
+
# config.maximum_attempts = 20
|
89
|
+
|
90
|
+
# Time interval to unlock the account if :time is enabled as unlock_strategy.
|
91
|
+
# config.unlock_in = 1.hour
|
92
|
+
|
93
|
+
# ==> Scopes configuration
|
94
|
+
# Turn scoped views on. Before rendering 'sessions/new', it will first check for
|
95
|
+
# 'users/sessions/new'. It's turned off by default because it's slower if you
|
96
|
+
# are using only default views.
|
97
|
+
# config.scoped_views = true
|
98
|
+
|
99
|
+
# Configure the default scope given to Warden. By default it's the first
|
100
|
+
# devise role declared in your routes.
|
101
|
+
# config.default_scope = :user
|
102
|
+
|
103
|
+
# Configure sign_out behavior.
|
104
|
+
# By default sign_out is scoped (i.e. /users/sign_out affects only :user scope).
|
105
|
+
# In case of sign_out_all_scopes set to true any logout action will sign out all active scopes.
|
106
|
+
# config.sign_out_all_scopes = false
|
107
|
+
|
108
|
+
# ==> Navigation configuration
|
109
|
+
# Lists the formats that should be treated as navigational. Formats like
|
110
|
+
# :html, should redirect to the sign in page when the user does not have
|
111
|
+
# access, but formats like :xml or :json, should return 401.
|
112
|
+
# If you have any extra navigational formats, like :iphone or :mobile, you
|
113
|
+
# should add them to the navigational formats lists. Default is [:html]
|
114
|
+
config.navigational_formats = [:html, :json, :xml]
|
115
|
+
|
116
|
+
# ==> Warden configuration
|
117
|
+
# If you want to use other strategies, that are not (yet) supported by Devise,
|
118
|
+
# you can configure them inside the config.warden block. The example below
|
119
|
+
# allows you to setup OAuth, using http://github.com/roman/warden_oauth
|
120
|
+
#
|
121
|
+
# config.warden do |manager|
|
122
|
+
# manager.oauth(:twitter) do |twitter|
|
123
|
+
# twitter.consumer_secret = <YOUR CONSUMER SECRET>
|
124
|
+
# twitter.consumer_key = <YOUR CONSUMER KEY>
|
125
|
+
# twitter.options :site => 'http://twitter.com'
|
126
|
+
# end
|
127
|
+
# manager.default_strategies(:scope => :user).unshift :twitter_oauth
|
128
|
+
# end
|
129
|
+
#
|
130
|
+
# Time interval you can reset your password with a reset password key.
|
131
|
+
# Don't put a too small interval or your users won't have the time to
|
132
|
+
# change their passwords.
|
133
|
+
config.reset_password_within = 6.hours
|
134
|
+
config.sign_out_via = :get
|
135
|
+
|
136
|
+
config.case_insensitive_keys = [:email]
|
137
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
# Merges users orders to their account after sign in and sign up.
|
2
|
+
Warden::Manager.after_set_user except: :fetch do |user, auth, opts|
|
3
|
+
if auth.cookies.signed[:guest_token].present?
|
4
|
+
if user.is_a?(Spree::User)
|
5
|
+
Spree::Order.where(guest_token: auth.cookies.signed[:guest_token], user_id: nil).each do |order|
|
6
|
+
order.associate_user!(user)
|
7
|
+
end
|
8
|
+
end
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
Warden::Manager.before_logout do |user, auth, opts|
|
13
|
+
auth.cookies.delete :guest_token
|
14
|
+
end
|