sorcery 0.1.3 → 0.1.4
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sorcery might be problematic. Click here for more details.
- data/Gemfile +1 -2
- data/LICENSE.txt +1 -1
- data/README.rdoc +27 -11
- data/Rakefile +2 -13
- data/VERSION +1 -1
- data/lib/sorcery.rb +4 -1
- data/lib/sorcery/controller.rb +13 -7
- data/lib/sorcery/controller/submodules/activity_logging.rb +45 -0
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +8 -69
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +7 -4
- data/lib/sorcery/controller/submodules/session_timeout.rb +4 -1
- data/lib/sorcery/crypto_providers/bcrypt.rb +1 -5
- data/lib/sorcery/model/submodules/activity_logging.rb +35 -0
- data/lib/sorcery/model/submodules/brute_force_protection.rb +72 -0
- data/lib/sorcery/model/submodules/remember_me.rb +3 -1
- data/lib/sorcery/model/submodules/reset_password.rb +93 -0
- data/lib/sorcery/model/submodules/user_activation.rb +2 -0
- data/sorcery.gemspec +26 -14
- data/spec/rails3/app_root/app/controllers/application_controller.rb +2 -2
- data/spec/rails3/app_root/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
- data/spec/rails3/app_root/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
- data/spec/rails3/app_root/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
- data/spec/rails3/controller_activity_logging_spec.rb +84 -0
- data/spec/rails3/controller_brute_force_protection_spec.rb +24 -41
- data/spec/rails3/controller_http_basic_auth_spec.rb +10 -0
- data/spec/rails3/controller_session_timeout_spec.rb +1 -0
- data/spec/rails3/controller_spec.rb +3 -3
- data/spec/rails3/spec_helper.rb +39 -19
- data/spec/rails3/user_activity_logging_spec.rb +36 -0
- data/spec/rails3/user_brute_force_protection_spec.rb +76 -0
- data/spec/rails3/user_reset_password_spec.rb +198 -0
- metadata +34 -22
- data/features/support/env.rb +0 -13
- data/lib/sorcery/model/submodules/password_reset.rb +0 -64
- data/spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb +0 -9
- data/spec/rails3/user_password_reset_spec.rb +0 -76
metadata
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
name: sorcery
|
3
3
|
version: !ruby/object:Gem::Version
|
4
4
|
prerelease:
|
5
|
-
version: 0.1.
|
5
|
+
version: 0.1.4
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
8
8
|
- Noam Ben Ari
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2011-02-
|
13
|
+
date: 2011-02-19 00:00:00 +02:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -18,9 +18,9 @@ dependencies:
|
|
18
18
|
requirement: &id001 !ruby/object:Gem::Requirement
|
19
19
|
none: false
|
20
20
|
requirements:
|
21
|
-
- - "
|
21
|
+
- - ">="
|
22
22
|
- !ruby/object:Gem::Version
|
23
|
-
version: 3.0.
|
23
|
+
version: 3.0.0
|
24
24
|
type: :development
|
25
25
|
prerelease: false
|
26
26
|
version_requirements: *id001
|
@@ -80,47 +80,47 @@ dependencies:
|
|
80
80
|
prerelease: false
|
81
81
|
version_requirements: *id006
|
82
82
|
- !ruby/object:Gem::Dependency
|
83
|
-
name:
|
83
|
+
name: bundler
|
84
84
|
requirement: &id007 !ruby/object:Gem::Requirement
|
85
85
|
none: false
|
86
86
|
requirements:
|
87
|
-
- -
|
87
|
+
- - ~>
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
89
|
+
version: 1.0.0
|
90
90
|
type: :development
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: *id007
|
93
93
|
- !ruby/object:Gem::Dependency
|
94
|
-
name:
|
94
|
+
name: jeweler
|
95
95
|
requirement: &id008 !ruby/object:Gem::Requirement
|
96
96
|
none: false
|
97
97
|
requirements:
|
98
98
|
- - ~>
|
99
99
|
- !ruby/object:Gem::Version
|
100
|
-
version: 1.
|
100
|
+
version: 1.5.2
|
101
101
|
type: :development
|
102
102
|
prerelease: false
|
103
103
|
version_requirements: *id008
|
104
104
|
- !ruby/object:Gem::Dependency
|
105
|
-
name:
|
105
|
+
name: simplecov
|
106
106
|
requirement: &id009 !ruby/object:Gem::Requirement
|
107
107
|
none: false
|
108
108
|
requirements:
|
109
|
-
- -
|
109
|
+
- - ">="
|
110
110
|
- !ruby/object:Gem::Version
|
111
|
-
version:
|
111
|
+
version: 0.3.8
|
112
112
|
type: :development
|
113
113
|
prerelease: false
|
114
114
|
version_requirements: *id009
|
115
115
|
- !ruby/object:Gem::Dependency
|
116
|
-
name:
|
116
|
+
name: bcrypt-ruby
|
117
117
|
requirement: &id010 !ruby/object:Gem::Requirement
|
118
118
|
none: false
|
119
119
|
requirements:
|
120
|
-
- -
|
120
|
+
- - ~>
|
121
121
|
- !ruby/object:Gem::Version
|
122
|
-
version:
|
123
|
-
type: :
|
122
|
+
version: 2.1.4
|
123
|
+
type: :runtime
|
124
124
|
prerelease: false
|
125
125
|
version_requirements: *id010
|
126
126
|
description: Provides common authentication needs such as signing in/out, activating by email and resetting password.
|
@@ -141,9 +141,9 @@ files:
|
|
141
141
|
- README.rdoc
|
142
142
|
- Rakefile
|
143
143
|
- VERSION
|
144
|
-
- features/support/env.rb
|
145
144
|
- lib/sorcery.rb
|
146
145
|
- lib/sorcery/controller.rb
|
146
|
+
- lib/sorcery/controller/submodules/activity_logging.rb
|
147
147
|
- lib/sorcery/controller/submodules/brute_force_protection.rb
|
148
148
|
- lib/sorcery/controller/submodules/http_basic_auth.rb
|
149
149
|
- lib/sorcery/controller/submodules/remember_me.rb
|
@@ -156,8 +156,10 @@ files:
|
|
156
156
|
- lib/sorcery/crypto_providers/sha512.rb
|
157
157
|
- lib/sorcery/engine.rb
|
158
158
|
- lib/sorcery/model.rb
|
159
|
-
- lib/sorcery/model/submodules/
|
159
|
+
- lib/sorcery/model/submodules/activity_logging.rb
|
160
|
+
- lib/sorcery/model/submodules/brute_force_protection.rb
|
160
161
|
- lib/sorcery/model/submodules/remember_me.rb
|
162
|
+
- lib/sorcery/model/submodules/reset_password.rb
|
161
163
|
- lib/sorcery/model/submodules/user_activation.rb
|
162
164
|
- sorcery.gemspec
|
163
165
|
- spec/Gemfile
|
@@ -198,9 +200,11 @@ files:
|
|
198
200
|
- spec/rails3/app_root/config/locales/en.yml
|
199
201
|
- spec/rails3/app_root/config/routes.rb
|
200
202
|
- spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb
|
203
|
+
- spec/rails3/app_root/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb
|
204
|
+
- spec/rails3/app_root/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb
|
201
205
|
- spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb
|
202
|
-
- spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb
|
203
206
|
- spec/rails3/app_root/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb
|
207
|
+
- spec/rails3/app_root/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb
|
204
208
|
- spec/rails3/app_root/db/schema.rb
|
205
209
|
- spec/rails3/app_root/db/seeds.rb
|
206
210
|
- spec/rails3/app_root/lib/tasks/.gitkeep
|
@@ -224,6 +228,7 @@ files:
|
|
224
228
|
- spec/rails3/app_root/test/test_helper.rb
|
225
229
|
- spec/rails3/app_root/test/unit/user_test.rb
|
226
230
|
- spec/rails3/app_root/vendor/plugins/.gitkeep
|
231
|
+
- spec/rails3/controller_activity_logging_spec.rb
|
227
232
|
- spec/rails3/controller_brute_force_protection_spec.rb
|
228
233
|
- spec/rails3/controller_http_basic_auth_spec.rb
|
229
234
|
- spec/rails3/controller_remember_me_spec.rb
|
@@ -231,8 +236,10 @@ files:
|
|
231
236
|
- spec/rails3/controller_spec.rb
|
232
237
|
- spec/rails3/spec_helper.rb
|
233
238
|
- spec/rails3/user_activation_spec.rb
|
234
|
-
- spec/rails3/
|
239
|
+
- spec/rails3/user_activity_logging_spec.rb
|
240
|
+
- spec/rails3/user_brute_force_protection_spec.rb
|
235
241
|
- spec/rails3/user_remember_me_spec.rb
|
242
|
+
- spec/rails3/user_reset_password_spec.rb
|
236
243
|
- spec/rails3/user_spec.rb
|
237
244
|
- spec/sorcery_crypto_providers_spec.rb
|
238
245
|
- spec/spec_helper.rb
|
@@ -283,14 +290,17 @@ test_files:
|
|
283
290
|
- spec/rails3/app_root/config/initializers/session_store.rb
|
284
291
|
- spec/rails3/app_root/config/routes.rb
|
285
292
|
- spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb
|
293
|
+
- spec/rails3/app_root/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb
|
294
|
+
- spec/rails3/app_root/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb
|
286
295
|
- spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb
|
287
|
-
- spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb
|
288
296
|
- spec/rails3/app_root/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb
|
297
|
+
- spec/rails3/app_root/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb
|
289
298
|
- spec/rails3/app_root/db/schema.rb
|
290
299
|
- spec/rails3/app_root/db/seeds.rb
|
291
300
|
- spec/rails3/app_root/test/performance/browsing_test.rb
|
292
301
|
- spec/rails3/app_root/test/test_helper.rb
|
293
302
|
- spec/rails3/app_root/test/unit/user_test.rb
|
303
|
+
- spec/rails3/controller_activity_logging_spec.rb
|
294
304
|
- spec/rails3/controller_brute_force_protection_spec.rb
|
295
305
|
- spec/rails3/controller_http_basic_auth_spec.rb
|
296
306
|
- spec/rails3/controller_remember_me_spec.rb
|
@@ -298,8 +308,10 @@ test_files:
|
|
298
308
|
- spec/rails3/controller_spec.rb
|
299
309
|
- spec/rails3/spec_helper.rb
|
300
310
|
- spec/rails3/user_activation_spec.rb
|
301
|
-
- spec/rails3/
|
311
|
+
- spec/rails3/user_activity_logging_spec.rb
|
312
|
+
- spec/rails3/user_brute_force_protection_spec.rb
|
302
313
|
- spec/rails3/user_remember_me_spec.rb
|
314
|
+
- spec/rails3/user_reset_password_spec.rb
|
303
315
|
- spec/rails3/user_spec.rb
|
304
316
|
- spec/sorcery_crypto_providers_spec.rb
|
305
317
|
- spec/spec_helper.rb
|
data/features/support/env.rb
DELETED
@@ -1,13 +0,0 @@
|
|
1
|
-
require 'bundler'
|
2
|
-
begin
|
3
|
-
Bundler.setup(:default, :development)
|
4
|
-
rescue Bundler::BundlerError => e
|
5
|
-
$stderr.puts e.message
|
6
|
-
$stderr.puts "Run `bundle install` to install missing gems"
|
7
|
-
exit e.status_code
|
8
|
-
end
|
9
|
-
|
10
|
-
$LOAD_PATH.unshift(File.dirname(__FILE__) + '/../../lib')
|
11
|
-
require 'sorcery'
|
12
|
-
|
13
|
-
require 'rspec/expectations'
|
@@ -1,64 +0,0 @@
|
|
1
|
-
module Sorcery
|
2
|
-
module Model
|
3
|
-
module Submodules
|
4
|
-
# This submodule adds the ability to reset password via email confirmation.
|
5
|
-
module PasswordReset
|
6
|
-
def self.included(base)
|
7
|
-
base.sorcery_config.class_eval do
|
8
|
-
attr_accessor :reset_password_code_attribute_name, # reset password code attribute name.
|
9
|
-
:reset_password_mailer, # mailer class. Needed.
|
10
|
-
:reset_password_email_method_name # reset password email method on your mailer class.
|
11
|
-
|
12
|
-
end
|
13
|
-
|
14
|
-
base.sorcery_config.instance_eval do
|
15
|
-
@defaults.merge!(:@reset_password_code_attribute_name => :reset_password_code,
|
16
|
-
:@reset_password_mailer => nil,
|
17
|
-
:@reset_password_email_method_name => :reset_password_email)
|
18
|
-
|
19
|
-
reset!
|
20
|
-
end
|
21
|
-
|
22
|
-
base.class_eval do
|
23
|
-
clear_reset_password_code_proc = Proc.new do |record|
|
24
|
-
record.valid? && record.send(sorcery_config.password_attribute_name)
|
25
|
-
end
|
26
|
-
|
27
|
-
before_save :clear_reset_password_code, :if =>clear_reset_password_code_proc
|
28
|
-
end
|
29
|
-
|
30
|
-
base.sorcery_config.after_config << :validate_mailer_defined
|
31
|
-
|
32
|
-
base.extend(ClassMethods)
|
33
|
-
base.send(:include, InstanceMethods)
|
34
|
-
end
|
35
|
-
|
36
|
-
module ClassMethods
|
37
|
-
def validate_mailer_defined
|
38
|
-
msg = "To use password_reset submodule, you must define a mailer (config.reset_password_mailer = YourMailerClass)."
|
39
|
-
raise ArgumentError, msg if @sorcery_config.reset_password_mailer == nil
|
40
|
-
end
|
41
|
-
end
|
42
|
-
|
43
|
-
module InstanceMethods
|
44
|
-
def reset_password!
|
45
|
-
config = sorcery_config
|
46
|
-
self.send(:"#{config.reset_password_code_attribute_name}=", generate_random_code)
|
47
|
-
self.class.transaction do
|
48
|
-
self.save!(:validate => false)
|
49
|
-
generic_send_email(:reset_password_email_method_name, :reset_password_mailer)
|
50
|
-
end
|
51
|
-
end
|
52
|
-
|
53
|
-
protected
|
54
|
-
|
55
|
-
def clear_reset_password_code
|
56
|
-
config = sorcery_config
|
57
|
-
self.send(:"#{config.reset_password_code_attribute_name}=", nil)
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
|
-
end
|
62
|
-
end
|
63
|
-
end
|
64
|
-
end
|
@@ -1,76 +0,0 @@
|
|
1
|
-
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
2
|
-
|
3
|
-
describe "User with password_reset submodule" do
|
4
|
-
before(:all) do
|
5
|
-
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/password_reset")
|
6
|
-
end
|
7
|
-
|
8
|
-
after(:all) do
|
9
|
-
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/password_reset")
|
10
|
-
end
|
11
|
-
|
12
|
-
# ----------------- PLUGIN CONFIGURATION -----------------------
|
13
|
-
describe User, "loaded plugin configuration" do
|
14
|
-
|
15
|
-
before(:all) do
|
16
|
-
plugin_model_configure([:password_reset], :reset_password_mailer => ::SorceryMailer)
|
17
|
-
end
|
18
|
-
|
19
|
-
after(:each) do
|
20
|
-
User.sorcery_config.reset!
|
21
|
-
end
|
22
|
-
|
23
|
-
it "should respond to 'reset_password!'" do
|
24
|
-
create_new_user
|
25
|
-
@user.should respond_to(:reset_password!)
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
# ----------------- PLUGIN ACTIVATED -----------------------
|
30
|
-
describe User, "when activated with sorcery" do
|
31
|
-
|
32
|
-
before(:all) do
|
33
|
-
plugin_model_configure([:password_reset], :reset_password_mailer => ::SorceryMailer)
|
34
|
-
end
|
35
|
-
|
36
|
-
before(:each) do
|
37
|
-
User.delete_all
|
38
|
-
end
|
39
|
-
|
40
|
-
it "'reset_password!' should generate a reset_password_code" do
|
41
|
-
create_new_user
|
42
|
-
@user.reset_password_code.should be_nil
|
43
|
-
@user.reset_password!
|
44
|
-
@user.reset_password_code.should_not be_nil
|
45
|
-
end
|
46
|
-
|
47
|
-
it "the reset_password_code should be random" do
|
48
|
-
create_new_user
|
49
|
-
@user.reset_password!
|
50
|
-
old_password_code = @user.reset_password_code
|
51
|
-
@user.reset_password!
|
52
|
-
@user.reset_password_code.should_not == old_password_code
|
53
|
-
end
|
54
|
-
|
55
|
-
it "should send an email on reset" do
|
56
|
-
create_new_user
|
57
|
-
old_size = ActionMailer::Base.deliveries.size
|
58
|
-
@user.reset_password!
|
59
|
-
ActionMailer::Base.deliveries.size.should == old_size + 1
|
60
|
-
end
|
61
|
-
|
62
|
-
it "when a new password is set, should delete reset_password_code" do
|
63
|
-
create_new_user
|
64
|
-
@user.reset_password!
|
65
|
-
@user.reset_password_code.should_not be_nil
|
66
|
-
@user.password = "blabulsdf"
|
67
|
-
@user.save!
|
68
|
-
@user.reset_password_code.should be_nil
|
69
|
-
end
|
70
|
-
|
71
|
-
it "if mailer is nil on activation, throw exception!" do
|
72
|
-
expect{plugin_model_configure([:password_reset])}.to raise_error(ArgumentError)
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
end
|