solidus_auth_devise 1.0.0

data/db/default/users.rb

@@ -0,0 +1,83 @@
+require 'highline/import'
+
+# see last line where we create an admin if there is none, asking for email and password
+def prompt_for_admin_password
+  if ENV['ADMIN_PASSWORD']
+    password = ENV['ADMIN_PASSWORD'].dup
+    say "Admin Password #{password}"
+  else
+    password = ask('Password [spree123]: ') do |q|
+      q.echo = false
+      q.validate = /^(|.{5,40})$/
+      q.responses[:not_valid] = 'Invalid password. Must be at least 5 characters long.'
+      q.whitespace = :strip
+    end
+    password = 'spree123' if password.blank?
+  end
+
+  password
+end
+
+def prompt_for_admin_email
+  if ENV['ADMIN_EMAIL']
+    email = ENV['ADMIN_EMAIL'].dup
+    say "Admin User #{email}"
+  else
+    email = ask('Email [spree@example.com]: ') do |q|
+      q.echo = true
+      q.whitespace = :strip
+    end
+    email = 'spree@example.com' if email.blank?
+  end
+
+  email
+end
+
+def create_admin_user
+  if ENV['AUTO_ACCEPT']
+    password = 'spree123'
+    email = 'spree@example.com'
+  else
+    puts 'Create the admin user (press enter for defaults).'
+    #name = prompt_for_admin_name unless name
+    email = prompt_for_admin_email
+    password = prompt_for_admin_password
+  end
+  attributes = {
+    :password => password,
+    :password_confirmation => password,
+    :email => email,
+    :login => email
+  }
+
+  load 'spree/user.rb'
+
+  if Spree::User.find_by_email(email)
+    say "\nWARNING: There is already a user with the email: #{email}, so no account changes were made.  If you wish to create an additional admin user, please run rake spree_auth:admin:create again with a different email.\n\n"
+  else
+    admin = Spree::User.new(attributes)
+    if admin.save
+      role = Spree::Role.find_or_create_by(name: 'admin')
+      admin.spree_roles << role
+      admin.save
+      admin.generate_spree_api_key!
+      say "Done!"
+    else
+      say "There was some problems with persisting new admin user:"
+      admin.errors.full_messages.each do |error|
+        say error
+      end
+    end
+  end
+end
+
+if Spree::User.admin.empty?
+  create_admin_user
+else
+  puts 'Admin user has already been previously created.'
+  if agree('Would you like to create a new admin user? (yes/no)')
+    create_admin_user
+  else
+    puts 'No admin user created.'
+  end
+end

data/db/migrate/20101026184949_create_users.rb

@@ -0,0 +1,29 @@
+class CreateUsers < ActiveRecord::Migration
+  def up
+    unless table_exists?("spree_users")
+      create_table "spree_users", :force => true do |t|
+        t.string   "crypted_password",          :limit => 128
+        t.string   "salt",                      :limit => 128
+        t.string   "email"
+        t.string   "remember_token"
+        t.string   "remember_token_expires_at"
+        t.string   "persistence_token"
+        t.string   "single_access_token"
+        t.string   "perishable_token"
+        t.integer  "login_count",                              :default => 0, :null => false
+        t.integer  "failed_login_count",                       :default => 0, :null => false
+        t.datetime "last_request_at"
+        t.datetime "current_login_at"
+        t.datetime "last_login_at"
+        t.string   "current_login_ip"
+        t.string   "last_login_ip"
+        t.string   "login"
+        t.integer  "ship_address_id"
+        t.integer  "bill_address_id"
+        t.datetime "created_at",                                              :null => false
+        t.datetime "updated_at",                                              :null => false
+        t.string   "openid_identifier"
+      end
+    end
+  end
+end

data/db/migrate/20101026184950_rename_columns_for_devise.rb

@@ -0,0 +1,37 @@
+class RenameColumnsForDevise < ActiveRecord::Migration
+  def up
+    return if column_exists?(:spree_users, :password_salt)
+    rename_column :spree_users, :crypted_password, :encrypted_password
+    rename_column :spree_users, :salt, :password_salt
+    rename_column :spree_users, :remember_token_expires_at, :remember_created_at
+    rename_column :spree_users, :login_count, :sign_in_count
+    rename_column :spree_users, :failed_login_count, :failed_attempts
+    rename_column :spree_users, :single_access_token, :reset_password_token
+    rename_column :spree_users, :current_login_at, :current_sign_in_at
+    rename_column :spree_users, :last_login_at, :last_sign_in_at
+    rename_column :spree_users, :current_login_ip, :current_sign_in_ip
+    rename_column :spree_users, :last_login_ip, :last_sign_in_ip
+    add_column :spree_users, :authentication_token, :string
+    add_column :spree_users, :unlock_token, :string
+    add_column :spree_users, :locked_at, :datetime
+    remove_column :spree_users, :openid_identifier
+  end
+
+  def down
+    remove_column :spree_users, :authentication_token
+    remove_column :spree_users, :locked_at
+    remove_column :spree_users, :unlock_token
+    rename_column :spree_users, :last_sign_in_ip, :last_login_ip
+    rename_column :spree_users, :current_sign_in_ip, :current_login_ip
+    rename_column :spree_users, :last_sign_in_at, :last_login_at
+    rename_column :spree_users, :current_sign_in_at, :current_login_at
+    rename_column :spree_users, :reset_password_token, :single_access_token
+    rename_column :spree_users, :failed_attempts, :failed_login_count
+    rename_column :spree_users, :sign_in_count, :login_count
+    rename_column :spree_users, :remember_created_at, :remember_token_expires_at
+    rename_column :spree_users, :password_salt, :salt
+    rename_column :spree_users, :encrypted_password, :crypted_password
+    add_column :spree_users, :unlock_token, :string
+    add_column :spree_users, :openid_identifier, :string
+  end
+end

data/db/migrate/20101214150824_convert_user_remember_field.rb

@@ -0,0 +1,11 @@
+class ConvertUserRememberField < ActiveRecord::Migration
+  def up
+    remove_column :spree_users, :remember_created_at
+    add_column :spree_users, :remember_created_at, :datetime
+  end
+
+  def down
+    remove_column :spree_users, :remember_created_at
+    add_column :spree_users, :remember_created_at, :string
+  end
+end

data/db/migrate/20120203010234_add_reset_password_sent_at_to_spree_users.rb

@@ -0,0 +1,8 @@
+class AddResetPasswordSentAtToSpreeUsers < ActiveRecord::Migration
+  def change
+    Spree::User.reset_column_information
+    unless Spree::User.column_names.include?("reset_password_sent_at")
+      add_column :spree_users, :reset_password_sent_at, :datetime
+    end
+  end
+end

data/db/migrate/20120605211305_make_users_email_index_unique.rb

@@ -0,0 +1,9 @@
+class MakeUsersEmailIndexUnique < ActiveRecord::Migration
+  def up
+    add_index "spree_users", ["email"], :name => "email_idx_unique", :unique => true
+  end
+
+  def down
+    remove_index "spree_users", :name => "email_idx_unique"
+  end
+end

data/db/migrate/20140904000425_add_deleted_at_to_users.rb

@@ -0,0 +1,6 @@
+class AddDeletedAtToUsers < ActiveRecord::Migration
+  def change
+    add_column :spree_users, :deleted_at, :datetime
+    add_index :spree_users, :deleted_at
+  end
+end

data/db/migrate/20141002154641_add_confirmable_to_users.rb

@@ -0,0 +1,7 @@
+class AddConfirmableToUsers < ActiveRecord::Migration
+  def change
+    add_column :spree_users, :confirmation_token, :string
+    add_column :spree_users, :confirmed_at, :datetime
+    add_column :spree_users, :confirmation_sent_at, :datetime
+  end
+end

data/db/seeds.rb

@@ -0,0 +1,5 @@
+# Loads seed data out of default dir
+default_path = File.join(File.dirname(__FILE__), 'default')
+
+Rake::Task['db:load_dir'].reenable
+Rake::Task['db:load_dir'].invoke(default_path)

data/lib/assets/javascripts/spree/backend/solidus_auth.js

@@ -0,0 +1 @@
+//= require spree/backend

data/lib/assets/javascripts/spree/frontend/solidus_auth.js

@@ -0,0 +1 @@
+//= require spree/frontend

data/lib/assets/stylesheets/spree/backend/solidus_auth.css

@@ -0,0 +1,3 @@
+/*
+ *= require spree/backend
+*/

data/lib/assets/stylesheets/spree/frontend/solidus_auth.css

@@ -0,0 +1,3 @@
+/*
+ *= require spree/frontend
+*/

data/lib/controllers/backend/spree/admin/admin_controller_decorator.rb

@@ -0,0 +1,26 @@
+Spree::Admin::BaseController.class_eval do
+
+  # Redirect as appropriate when an access request fails.  The default action is to redirect to the login screen.
+  # Override this method in your controllers if you want to have special behavior in case the user is not authorized
+  # to access the requested action.  For example, a popup window might simply close itself.
+  def unauthorized
+    if try_spree_current_user
+      flash[:error] = Spree.t(:authorization_failure)
+      redirect_to spree.admin_unauthorized_path
+    else
+      store_location
+      redirect_to spree.admin_login_path
+    end
+  end
+
+  protected
+
+    def model_class
+      const_name = controller_name.classify
+      if Spree.const_defined?(const_name, false)
+        return "Spree::#{const_name}".constantize
+      end
+      nil
+    end
+
+end

data/lib/controllers/backend/spree/admin/admin_orders_controller_decorator.rb

@@ -0,0 +1,20 @@
+Spree::Admin::OrdersController.class_eval do
+  before_filter :check_authorization
+
+  private
+    def load_order_action
+      [:edit, :update, :cancel, :resume, :approve, :resend, :open_adjustments, :close_adjustments, :cart]
+    end
+  
+    def check_authorization
+      action = params[:action].to_sym
+      if load_order_action.include?(action)
+        load_order
+        session[:access_token] ||= params[:token]
+        resource = @order || Spree::Order.new
+        authorize! action, resource, session[:access_token]
+      else
+        authorize! :index, Spree::Order
+      end
+    end
+end

data/lib/controllers/backend/spree/admin/admin_resource_controller_decorator.rb

@@ -0,0 +1,3 @@
+Spree::Admin::ResourceController.class_eval do
+  rescue_from CanCan::AccessDenied, :with => :unauthorized
+end

data/lib/controllers/backend/spree/admin/orders/customer_details_controller_decorator.rb

@@ -0,0 +1,15 @@
+Spree::Admin::Orders::CustomerDetailsController.class_eval do
+  before_filter :check_authorization
+
+  private
+    def check_authorization
+      load_order
+      session[:access_token] ||= params[:token]
+
+      resource = @order
+      action = params[:action].to_sym
+      action = :edit if action == :show # show route renders :edit for this controller
+
+      authorize! action, resource, session[:access_token]
+    end
+end

data/lib/controllers/backend/spree/admin/user_passwords_controller.rb

@@ -0,0 +1,45 @@
+class Spree::Admin::UserPasswordsController < Devise::PasswordsController
+  helper 'spree/base'
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  helper 'spree/admin/navigation'
+  helper 'spree/admin/tables'
+  layout 'spree/layouts/admin'
+
+  ssl_required
+
+  # Overridden due to bug in Devise.
+  #   respond_with resource, :location => new_session_path(resource_name)
+  # is generating bad url /session/new.user
+  #
+  # overridden to:
+  #   respond_with resource, :location => spree.login_path
+  #
+  def create
+    self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+
+    if resource.errors.empty?
+      set_flash_message(:notice, :send_instructions) if is_navigational_format?
+      respond_with resource, :location => spree.admin_login_path
+    else
+      respond_with_navigational(resource) { render :new }
+    end
+  end
+
+  # Devise::PasswordsController allows for blank passwords.
+  # Silly Devise::PasswordsController!
+  # Fixes spree/spree#2190.
+  def update
+    if params[:spree_user][:password].blank?
+      set_flash_message(:error, :cannot_be_blank)
+      render :edit
+    else
+      super
+    end
+  end
+
+end

data/lib/controllers/backend/spree/admin/user_sessions_controller.rb

@@ -0,0 +1,47 @@
+class Spree::Admin::UserSessionsController < Devise::SessionsController
+  helper 'spree/base'
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  helper 'spree/admin/navigation'
+  helper 'spree/admin/tables'
+  layout 'spree/layouts/admin'
+
+  ssl_required :new, :create, :destroy, :update
+
+  def create
+    authenticate_spree_user!
+
+    if spree_user_signed_in?
+      respond_to do |format|
+        format.html {
+          flash[:success] = Spree.t(:logged_in_succesfully)
+          redirect_back_or_default(after_sign_in_path_for(spree_current_user))
+        }
+        format.js {
+          user = resource.record
+          render :json => {:ship_address => user.ship_address, :bill_address => user.bill_address}.to_json
+        }
+      end
+    else
+      flash.now[:error] = t('devise.failure.invalid')
+      render :new
+    end
+  end
+
+  def authorization_failure
+  end
+
+  private
+    def accurate_title
+      Spree.t(:login)
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session["spree_user_return_to"] || default)
+      session["spree_user_return_to"] = nil
+    end
+end

data/lib/controllers/frontend/spree/checkout_controller_decorator.rb

@@ -0,0 +1,47 @@
+require 'spree/core/validators/email'
+Spree::CheckoutController.class_eval do
+  before_filter :check_authorization
+  before_filter :check_registration, :except => [:registration, :update_registration]
+
+  def registration
+    @user = Spree::User.new
+  end
+
+  def update_registration
+    if params[:order][:email] =~ Devise.email_regexp && current_order.update_attribute(:email, params[:order][:email])
+      redirect_to spree.checkout_path
+    else
+      flash[:registration_error] = t(:email_is_invalid, :scope => [:errors, :messages])
+      @user = Spree::User.new
+      render 'registration'
+    end
+  end
+
+  private
+    def order_params
+      params[:order] ? params.require(:order).permit(:email) : {}
+    end
+
+    def skip_state_validation?
+      %w(registration update_registration).include?(params[:action])
+    end
+
+    def check_authorization
+      authorize!(:edit, current_order, cookies.signed[:guest_token])
+    end
+
+    # Introduces a registration step whenever the +registration_step+ preference is true.
+    def check_registration
+      return unless Spree::Auth::Config[:registration_step]
+      return if spree_current_user or current_order.email
+      store_location
+      redirect_to spree.checkout_registration_path
+    end
+
+    # Overrides the equivalent method defined in Spree::Core.  This variation of the method will ensure that users
+    # are redirected to the tokenized order url unless authenticated as a registered user.
+    def completion_route
+      return spree.order_path(@order) if spree_current_user
+      spree.token_order_path(@order, @order.guest_token)
+    end
+end