solidus_auth_devise 1.0.0

data/lib/controllers/frontend/spree/user_confirmations_controller.rb

@@ -0,0 +1,21 @@
+class Spree::UserConfirmationsController < Devise::ConfirmationsController
+  helper 'spree/base', 'spree/store'
+
+  if Spree::Auth::Engine.dash_available?
+    helper 'spree/analytics'
+  end
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::Order
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  ssl_required
+
+  protected
+
+  def after_confirmation_path_for(resource_name, resource)
+    signed_in?(resource_name) ? spree.signed_in_root_path(resource) : spree.login_path
+  end
+end

data/lib/controllers/frontend/spree/user_passwords_controller.rb

@@ -0,0 +1,53 @@
+class Spree::UserPasswordsController < Devise::PasswordsController
+  helper 'spree/base', 'spree/store'
+
+  if Spree::Auth::Engine.dash_available?
+    helper 'spree/analytics'
+  end
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::Order
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  ssl_required
+
+  # Overridden due to bug in Devise.
+  #   respond_with resource, :location => new_session_path(resource_name)
+  # is generating bad url /session/new.user
+  #
+  # overridden to:
+  #   respond_with resource, :location => spree.login_path
+  #
+  def create
+    self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+
+    if resource.errors.empty?
+      set_flash_message(:notice, :send_instructions) if is_navigational_format?
+      respond_with resource, :location => spree.login_path
+    else
+      respond_with_navigational(resource) { render :new }
+    end
+  end
+
+  # Devise::PasswordsController allows for blank passwords.
+  # Silly Devise::PasswordsController!
+  # Fixes spree/spree#2190.
+  def update
+    if params[:spree_user][:password].blank?
+      self.resource = resource_class.new
+      resource.reset_password_token = params[:spree_user][:reset_password_token]
+      set_flash_message(:error, :cannot_be_blank)
+      render :edit
+    else
+      super
+    end
+  end
+
+  protected
+
+  def new_session_path(resource_name)
+    spree.send("new_#{resource_name}_session_path")
+  end
+end

data/lib/controllers/frontend/spree/user_registrations_controller.rb

@@ -0,0 +1,72 @@
+class Spree::UserRegistrationsController < Devise::RegistrationsController
+  helper 'spree/base', 'spree/store'
+
+  if Spree::Auth::Engine.dash_available?
+    helper 'spree/analytics'
+  end
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::Order
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  ssl_required
+  before_filter :check_permissions, :only => [:edit, :update]
+  skip_before_filter :require_no_authentication
+
+  # GET /resource/sign_up
+  def new
+    super
+    @user = resource
+  end
+
+  # POST /resource/sign_up
+  def create
+    @user = build_resource(spree_user_params)
+    if resource.save
+      set_flash_message(:notice, :signed_up)
+      sign_in(:spree_user, @user)
+      session[:spree_user_signup] = true
+      associate_user
+      respond_with resource, location: after_sign_up_path_for(resource)
+    else
+      clean_up_passwords(resource)
+      render :new
+    end
+  end
+
+  # GET /resource/edit
+  def edit
+    super
+  end
+
+  # PUT /resource
+  def update
+    super
+  end
+
+  # DELETE /resource
+  def destroy
+    super
+  end
+
+  # GET /resource/cancel
+  # Forces the session data which is usually expired after sign
+  # in to be expired now. This is useful if the user wants to
+  # cancel oauth signing in/up in the middle of the process,
+  # removing all OAuth session data.
+  def cancel
+    super
+  end
+
+  protected
+    def check_permissions
+      authorize!(:create, resource)
+    end
+
+  private
+    def spree_user_params
+      params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes)
+    end
+end

data/lib/controllers/frontend/spree/user_sessions_controller.rb

@@ -0,0 +1,53 @@
+class Spree::UserSessionsController < Devise::SessionsController
+  helper 'spree/base', 'spree/store'
+  if Spree::Auth::Engine.dash_available?
+    helper 'spree/analytics'
+  end
+
+  include Spree::Core::ControllerHelpers::Auth
+  include Spree::Core::ControllerHelpers::Common
+  include Spree::Core::ControllerHelpers::Order
+  include Spree::Core::ControllerHelpers::SSL
+  include Spree::Core::ControllerHelpers::Store
+
+  ssl_required :new, :create, :destroy, :update
+  ssl_allowed :login_bar
+
+  def create
+    authenticate_spree_user!
+
+    if spree_user_signed_in?
+      respond_to do |format|
+        format.html {
+          flash[:success] = Spree.t(:logged_in_succesfully)
+          redirect_back_or_default(after_sign_in_path_for(spree_current_user))
+        }
+        format.js {
+          render :json => {:user => spree_current_user,
+                           :ship_address => spree_current_user.ship_address,
+                           :bill_address => spree_current_user.bill_address}.to_json
+        }
+      end
+    else
+      respond_to do |format|
+        format.html {
+          flash.now[:error] = t('devise.failure.invalid')
+          render :new
+        }
+        format.js {
+          render :json => { error: t('devise.failure.invalid') }, status: :unprocessable_entity
+        }
+      end
+    end
+  end
+
+  private
+    def accurate_title
+      Spree.t(:login)
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session["spree_user_return_to"] || default)
+      session["spree_user_return_to"] = nil
+    end
+end

data/lib/controllers/frontend/spree/users_controller.rb

@@ -0,0 +1,57 @@
+class Spree::UsersController < Spree::StoreController
+  ssl_required
+  skip_before_filter :set_current_order, :only => :show
+  prepend_before_filter :load_object, :only => [:show, :edit, :update]
+  prepend_before_filter :authorize_actions, :only => :new
+
+  include Spree::Core::ControllerHelpers
+
+  def show
+    @orders = @user.orders.complete.order('completed_at desc')
+  end
+
+  def create
+    @user = Spree::User.new(user_params)
+    if @user.save
+
+      if current_order
+        session[:guest_token] = nil
+      end
+
+      redirect_back_or_default(root_url)
+    else
+      render :new
+    end
+  end
+
+  def update
+    if @user.update_attributes(user_params)
+      if params[:user][:password].present?
+        # this logic needed b/c devise wants to log us out after password changes
+        user = Spree::User.reset_password_by_token(params[:user])
+        sign_in(@user, :event => :authentication, :bypass => !Spree::Auth::Config[:signout_after_password_change])
+      end
+      redirect_to spree.account_url, :notice => Spree.t(:account_updated)
+    else
+      render :edit
+    end
+  end
+
+  private
+    def user_params
+      params.require(:user).permit(Spree::PermittedAttributes.user_attributes)
+    end
+
+    def load_object
+      @user ||= spree_current_user
+      authorize! params[:action].to_sym, @user
+    end
+
+    def authorize_actions
+      authorize! params[:action].to_sym, Spree::User.new
+    end
+
+    def accurate_title
+      Spree.t(:my_account)
+    end
+end

data/lib/generators/spree/auth/install/install_generator.rb

@@ -0,0 +1,26 @@
+module Spree
+  module Auth
+    module Generators
+      class InstallGenerator < Rails::Generators::Base
+        def self.source_paths
+          paths = self.superclass.source_paths
+          paths << File.expand_path('../templates', __FILE__)
+          paths.flatten
+        end
+
+        def generate_devise_key
+          return if ENV['TRAVIS']
+          template 'config/initializers/devise.rb', 'config/initializers/devise.rb'
+        end
+
+        def add_migrations
+          run 'bundle exec rake railties:install:migrations FROM=solidus_auth_devise'
+        end
+
+        def run_migrations
+          run 'bundle exec rake db:migrate'
+        end
+      end
+    end
+  end
+end

data/lib/generators/spree/auth/install/templates/config/initializers/devise.rb

@@ -0,0 +1 @@
+Devise.secret_key = <%= SecureRandom.hex(50).inspect %>

data/lib/solidus/auth.rb

@@ -0,0 +1,2 @@
+# This file is required by the dummy app's config/environment
+require "solidus_auth_devise"

data/lib/solidus_auth_devise.rb

@@ -0,0 +1,5 @@
+require "spree_core"
+require "spree/auth/devise"
+require "spree/authentication_helpers"
+require "sass/rails"
+require "coffee_script"

data/lib/spree/auth/devise.rb

@@ -0,0 +1,20 @@
+require 'spree/core'
+require 'devise'
+require 'devise-encryptable'
+require 'cancan'
+
+Devise.secret_key = SecureRandom.hex(50)
+
+module Spree
+  module Auth
+    mattr_accessor :default_secret_key
+
+    def self.config(&block)
+      yield(Spree::Auth::Config)
+    end
+  end
+end
+
+Spree::Auth.default_secret_key = Devise.secret_key
+
+require 'spree/auth/engine'

data/lib/spree/auth/engine.rb

@@ -0,0 +1,77 @@
+require 'devise'
+require 'devise-encryptable'
+
+module Spree
+  module Auth
+    class Engine < Rails::Engine
+      isolate_namespace Spree
+      engine_name 'solidus_auth'
+
+      initializer "spree.auth.environment", :before => :load_config_initializers do |app|
+        Spree::Auth::Config = Spree::AuthConfiguration.new
+      end
+
+      initializer "solidus_auth_devise.set_user_class", :after => :load_config_initializers do
+        Spree.user_class = "Spree::User"
+      end
+
+      initializer "solidus_auth_devise.check_secret_token" do
+        if Spree::Auth.default_secret_key == Devise.secret_key
+          puts "[WARNING] You are not setting Devise.secret_key within your application!"
+          puts "You must set this in config/initializers/devise.rb. Here's an example:"
+          puts " "
+          puts %Q{Devise.secret_key = "#{SecureRandom.hex(50)}"}
+        end
+      end
+
+      def self.activate
+        Dir.glob(File.join(File.dirname(__FILE__), '../../app/**/*_decorator*.rb')) do |c|
+          Rails.configuration.cache_classes ? require(c) : load(c)
+        end
+        if Spree::Auth::Engine.backend_available?
+          Rails.application.config.assets.precompile += [
+            'lib/assets/javascripts/spree/backend/solidus_auth.js',
+            'lib/assets/javascripts/spree/backend/solidus_auth.css'
+          ]
+          Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/backend/*/*/*_decorator*.rb")) do |c|
+            Rails.configuration.cache_classes ? require(c) : load(c)
+          end
+        end
+        if Spree::Auth::Engine.frontend_available?
+          Rails.application.config.assets.precompile += [
+            'lib/assets/javascripts/spree/frontend/solidus_auth.js',
+            'lib/assets/javascripts/spree/frontend/solidus_auth.css'
+          ]
+          Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
+            Rails.configuration.cache_classes ? require(c) : load(c)
+          end
+        end
+        ApplicationController.send :include, Spree::AuthenticationHelpers
+      end
+
+      def self.backend_available?
+        @@backend_available ||= ::Rails::Engine.subclasses.map(&:instance).map{ |e| e.class.to_s }.include?('Spree::Backend::Engine')
+      end
+
+      def self.dash_available?
+        @@dash_available ||= ::Rails::Engine.subclasses.map(&:instance).map{ |e| e.class.to_s }.include?('Spree::Dash::Engine')
+      end
+
+      def self.frontend_available?
+        @@frontend_available ||= ::Rails::Engine.subclasses.map(&:instance).map{ |e| e.class.to_s }.include?('Spree::Frontend::Engine')
+      end
+
+      if self.backend_available?
+        paths["app/controllers"] << "lib/controllers/backend"
+        paths["app/views"] << "lib/views/backend"
+      end
+
+      if self.frontend_available?
+        paths["app/controllers"] << "lib/controllers/frontend"
+        paths["app/views"] << "lib/views/frontend"
+      end
+
+      config.to_prepare &method(:activate).to_proc
+    end
+  end
+end

data/lib/spree/authentication_helpers.rb

@@ -0,0 +1,26 @@
+module Spree
+  module AuthenticationHelpers
+    def self.included(receiver)
+      receiver.send :helper_method, :spree_current_user
+      receiver.send :helper_method, :spree_login_path
+      receiver.send :helper_method, :spree_signup_path
+      receiver.send :helper_method, :spree_logout_path
+    end
+
+    def spree_current_user
+      current_spree_user
+    end
+
+    def spree_login_path
+      spree.login_path
+    end
+
+    def spree_signup_path
+      spree.signup_path
+    end
+
+    def spree_logout_path
+      spree.logout_path
+    end
+  end
+end

data/lib/tasks/auth.rake

@@ -0,0 +1,9 @@
+namespace :spree_auth do
+  namespace :admin do
+    desc "Create admin username and password"
+    task :create => :environment do
+      require File.join(File.dirname(__FILE__), '..', '..', 'db', 'default', 'users.rb')
+      puts "Done!"
+    end
+  end
+end

data/lib/views/backend/spree/admin/user_passwords/edit.html.erb

@@ -0,0 +1,15 @@
+<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @spree_user } %>
+<h2><%= Spree.t(:change_my_password) %></h2>
+
+<%= form_for @spree_user, :as => :spree_user, :url => spree.update_password_path, :method => :put do |f| %>
+  <p>
+    <%= f.label :password, Spree.t(:password) %><br />
+    <%= f.password_field :password %><br />
+  </p>
+  <p>
+    <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+    <%= f.password_field :password_confirmation %><br />
+  </p>
+  <%= f.hidden_field :reset_password_token %>
+  <%= f.submit Spree.t(:update), :class => 'button primary' %>
+<% end %>