sorcery 0.6.1 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +1 -0
- data/Gemfile.lock +52 -45
- data/README.rdoc +26 -54
- data/Rakefile +26 -0
- data/VERSION +1 -1
- data/lib/generators/sorcery/USAGE +22 -0
- data/lib/generators/sorcery/install_generator.rb +71 -0
- data/lib/{sorcery/initializers → generators/sorcery/templates}/initializer.rb +82 -61
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +17 -0
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +11 -0
- data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/core.rb +3 -3
- data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/external.rb +1 -1
- data/lib/generators/sorcery/templates/migration/remember_me.rb +15 -0
- data/lib/generators/sorcery/templates/migration/reset_password.rb +17 -0
- data/lib/generators/sorcery/templates/migration/user_activation.rb +17 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +23 -9
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +2 -1
- data/lib/sorcery/controller/submodules/external/protocols/certs/ca-bundle.crt +5182 -0
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +27 -8
- data/lib/sorcery/controller/submodules/external/providers/github.rb +80 -0
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +5 -0
- data/lib/sorcery/controller/submodules/external.rb +10 -3
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
- data/lib/sorcery/controller/submodules/remember_me.rb +15 -5
- data/lib/sorcery/controller/submodules/session_timeout.rb +1 -1
- data/lib/sorcery/controller.rb +59 -38
- data/lib/sorcery/crypto_providers/aes256.rb +7 -3
- data/lib/sorcery/engine.rb +1 -0
- data/lib/sorcery/model/adapters/active_record.rb +2 -1
- data/lib/sorcery/model/adapters/mongo_mapper.rb +49 -0
- data/lib/sorcery/model/adapters/mongoid.rb +7 -2
- data/lib/sorcery/model/submodules/brute_force_protection.rb +13 -3
- data/lib/sorcery/model/submodules/remember_me.rb +9 -2
- data/lib/sorcery/model/submodules/reset_password.rb +11 -2
- data/lib/sorcery/model/submodules/user_activation.rb +13 -2
- data/lib/sorcery/model/temporary_token.rb +5 -0
- data/lib/sorcery/model.rb +34 -15
- data/lib/sorcery/test_helpers/internal/rails.rb +1 -1
- data/lib/sorcery/test_helpers/rails.rb +2 -2
- data/lib/sorcery.rb +6 -7
- data/sorcery.gemspec +86 -203
- data/spec/Gemfile.lock +23 -12
- data/spec/README.md +31 -0
- data/spec/rails3/Gemfile +3 -1
- data/spec/rails3/Gemfile.lock +45 -28
- data/spec/rails3/app/controllers/application_controller.rb +40 -22
- data/spec/rails3/app/views/application/index.html.erb +17 -0
- data/spec/rails3/spec/controller_activity_logging_spec.rb +23 -0
- data/spec/rails3/spec/controller_oauth2_spec.rb +59 -16
- data/spec/rails3/spec/controller_remember_me_spec.rb +37 -6
- data/spec/rails3/spec/controller_spec.rb +30 -0
- data/spec/rails3/spec/integration_spec.rb +23 -0
- data/spec/rails3/spec/spec_helper.rb +6 -5
- data/spec/rails3_mongo_mapper/.gitignore +4 -0
- data/spec/rails3_mongo_mapper/.rspec +1 -0
- data/spec/{sinatra_modular → rails3_mongo_mapper}/Gemfile +5 -5
- data/spec/rails3_mongo_mapper/Gemfile.lock +159 -0
- data/spec/{sinatra → rails3_mongo_mapper}/Rakefile +3 -3
- data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +108 -0
- data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +2 -0
- data/spec/rails3_mongo_mapper/app/models/authentication.rb +6 -0
- data/spec/rails3_mongo_mapper/app/models/user.rb +5 -0
- data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +14 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +17 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +9 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
- data/spec/rails3_mongo_mapper/config/application.rb +51 -0
- data/spec/rails3_mongo_mapper/config/boot.rb +13 -0
- data/spec/rails3_mongo_mapper/config/environment.rb +5 -0
- data/spec/rails3_mongo_mapper/config/environments/development.rb +30 -0
- data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongo_mapper/config/environments/production.rb +49 -0
- data/spec/rails3_mongo_mapper/config/environments/test.rb +35 -0
- data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +10 -0
- data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +5 -0
- data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +2 -0
- data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +7 -0
- data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +8 -0
- data/spec/rails3_mongo_mapper/config/locales/en.yml +5 -0
- data/spec/rails3_mongo_mapper/config/routes.rb +59 -0
- data/spec/rails3_mongo_mapper/config.ru +4 -0
- data/spec/rails3_mongo_mapper/db/schema.rb +23 -0
- data/spec/rails3_mongo_mapper/db/seeds.rb +7 -0
- data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/public/404.html +26 -0
- data/spec/rails3_mongo_mapper/public/422.html +26 -0
- data/spec/rails3_mongo_mapper/public/500.html +26 -0
- data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
- data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
- data/spec/rails3_mongo_mapper/public/javascripts/application.js +2 -0
- data/spec/rails3_mongo_mapper/public/javascripts/controls.js +965 -0
- data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +974 -0
- data/spec/rails3_mongo_mapper/public/javascripts/effects.js +1123 -0
- data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +6001 -0
- data/spec/rails3_mongo_mapper/public/javascripts/rails.js +175 -0
- data/spec/rails3_mongo_mapper/public/robots.txt +5 -0
- data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/script/rails +6 -0
- data/spec/{sinatra → rails3_mongo_mapper}/spec/controller_spec.rb +51 -41
- data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +27 -0
- data/spec/rails3_mongo_mapper/spec/spec_helper.rb +55 -0
- data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +9 -0
- data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_spec.rb +37 -0
- data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongoid/Gemfile +1 -1
- data/spec/rails3_mongoid/Gemfile.lock +41 -34
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +98 -0
- data/spec/rails3_mongoid/spec/controller_spec.rb +130 -0
- data/spec/rails3_mongoid/spec/user_spec.rb +1 -0
- data/spec/shared_examples/user_remember_me_shared_examples.rb +1 -0
- data/spec/shared_examples/user_shared_examples.rb +36 -8
- metadata +128 -234
- data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +0 -24
- data/lib/generators/sorcery_migration/templates/activity_logging.rb +0 -17
- data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +0 -11
- data/lib/generators/sorcery_migration/templates/remember_me.rb +0 -15
- data/lib/generators/sorcery_migration/templates/reset_password.rb +0 -13
- data/lib/generators/sorcery_migration/templates/user_activation.rb +0 -17
- data/lib/sorcery/controller/adapters/sinatra.rb +0 -104
- data/lib/sorcery/sinatra.rb +0 -4
- data/lib/sorcery/test_helpers/internal/sinatra.rb +0 -74
- data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +0 -74
- data/lib/sorcery/test_helpers/sinatra.rb +0 -88
- data/spec/rails3/Rakefile.unused +0 -7
- data/spec/rails3/public/index.html +0 -239
- data/spec/sinatra/Gemfile +0 -15
- data/spec/sinatra/Gemfile.lock +0 -117
- data/spec/sinatra/authentication.rb +0 -3
- data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
- data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
- data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
- data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +0 -16
- data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
- data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
- data/spec/sinatra/filters.rb +0 -27
- data/spec/sinatra/modular.rb +0 -157
- data/spec/sinatra/myapp.rb +0 -133
- data/spec/sinatra/spec/controller_activity_logging_spec.rb +0 -85
- data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +0 -70
- data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +0 -53
- data/spec/sinatra/spec/controller_oauth2_spec.rb +0 -99
- data/spec/sinatra/spec/controller_oauth_spec.rb +0 -100
- data/spec/sinatra/spec/controller_remember_me_spec.rb +0 -64
- data/spec/sinatra/spec/controller_session_timeout_spec.rb +0 -57
- data/spec/sinatra/spec/spec_helper.rb +0 -45
- data/spec/sinatra/user.rb +0 -6
- data/spec/sinatra/views/test_login.erb +0 -4
- data/spec/sinatra_modular/Gemfile.lock +0 -117
- data/spec/sinatra_modular/Rakefile +0 -11
- data/spec/sinatra_modular/authentication.rb +0 -3
- data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
- data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
- data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
- data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +0 -16
- data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
- data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
- data/spec/sinatra_modular/filters.rb +0 -27
- data/spec/sinatra_modular/modular.rb +0 -157
- data/spec/sinatra_modular/myapp.rb +0 -133
- data/spec/sinatra_modular/sorcery_mailer.rb +0 -25
- data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +0 -85
- data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +0 -70
- data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +0 -53
- data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +0 -99
- data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +0 -100
- data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +0 -64
- data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +0 -57
- data/spec/sinatra_modular/spec_modular/controller_spec.rb +0 -116
- data/spec/sinatra_modular/spec_modular/spec.opts +0 -2
- data/spec/sinatra_modular/spec_modular/spec_helper.rb +0 -51
- data/spec/sinatra_modular/user.rb +0 -6
- data/spec/sinatra_modular/views/test_login.erb +0 -4
- /data/spec/{sinatra → rails3_mongo_mapper/app/mailers}/sorcery_mailer.rb +0 -0
- /data/spec/{sinatra → rails3_mongo_mapper}/spec/spec.opts +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# The first thing you need to configure is which modules you need in your app.
|
|
2
2
|
# The default is nothing which will include only core features (password encryption, login/logout).
|
|
3
|
-
# Available submodules are: :user_activation, :http_basic_auth, :remember_me,
|
|
3
|
+
# Available submodules are: :user_activation, :http_basic_auth, :remember_me,
|
|
4
4
|
# :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
|
|
5
5
|
Rails.application.config.sorcery.submodules = []
|
|
6
6
|
|
|
@@ -8,171 +8,192 @@ Rails.application.config.sorcery.submodules = []
|
|
|
8
8
|
Rails.application.config.sorcery.configure do |config|
|
|
9
9
|
# -- core --
|
|
10
10
|
# config.not_authenticated_action = :not_authenticated # what controller action to call for
|
|
11
|
-
# non-authenticated users.
|
|
12
|
-
# You can also override 'not_authenticated'
|
|
11
|
+
# non-authenticated users.
|
|
12
|
+
# You can also override 'not_authenticated'
|
|
13
13
|
# instead.
|
|
14
|
-
|
|
15
|
-
# config.save_return_to_url = true # when a non logged in user tries to enter
|
|
16
|
-
# a page that requires login,
|
|
17
|
-
# save the URL he wanted to reach,
|
|
14
|
+
|
|
15
|
+
# config.save_return_to_url = true # when a non logged in user tries to enter
|
|
16
|
+
# a page that requires login,
|
|
17
|
+
# save the URL he wanted to reach,
|
|
18
18
|
# and send him there after login, using
|
|
19
19
|
# 'redirect_back_or_to'.
|
|
20
20
|
|
|
21
|
-
#
|
|
21
|
+
# config.cookie_domain = nil # set domain option for cookies
|
|
22
|
+
# Useful for remember_me submodule
|
|
23
|
+
|
|
24
|
+
# -- session timeout --
|
|
22
25
|
# config.session_timeout = 3600 # how long in seconds to keep the session alive.
|
|
23
|
-
# config.session_timeout_from_last_action = false # use the last action as the beginning of
|
|
26
|
+
# config.session_timeout_from_last_action = false # use the last action as the beginning of
|
|
24
27
|
# session timeout.
|
|
25
|
-
|
|
28
|
+
|
|
26
29
|
# -- http_basic_auth --
|
|
27
30
|
# config.controller_to_realm_map = {"application" => "Application"} # What realm to display for which controller name.
|
|
28
31
|
# For example {"My App" => "Application"}
|
|
29
32
|
|
|
33
|
+
# -- activity logging --
|
|
34
|
+
# config.register_login_time = true # will register the time of last user login, every login.
|
|
35
|
+
# config.register_logout_time = true # will register the time of last user logout, every logout.
|
|
36
|
+
# config.register_last_activity_time = true # will register the time of last user action, every action.
|
|
37
|
+
|
|
30
38
|
# -- external --
|
|
31
|
-
# config.external_providers = [] # What providers are supported by this app,
|
|
32
|
-
# i.e. [:twitter, :facebook] .
|
|
33
|
-
#
|
|
39
|
+
# config.external_providers = [] # What providers are supported by this app,
|
|
40
|
+
# i.e. [:twitter, :facebook, :github] .
|
|
41
|
+
# config.ca_file = 'path/to/ca_file' # Path to ca_file. By default use a internal ca-bundle.crt.
|
|
42
|
+
# You can change it by your local ca_file.
|
|
43
|
+
# i.e. '/etc/pki/tls/certs/ca-bundle.crt'
|
|
44
|
+
|
|
34
45
|
# config.twitter.key = "eYVNBjBDi33aa9GkA3w"
|
|
35
46
|
# config.twitter.secret = "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8"
|
|
36
47
|
# config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"
|
|
37
48
|
# config.twitter.user_info_mapping = {:email => "screen_name"}
|
|
38
|
-
#
|
|
49
|
+
#
|
|
39
50
|
# config.facebook.key = "34cebc81c08a521bc66e212f947d73ec"
|
|
40
51
|
# config.facebook.secret = "5b458d179f61d4f036ee66a497ffbcd0"
|
|
41
52
|
# config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
|
|
42
53
|
# config.facebook.user_info_mapping = {:email => "name"}
|
|
43
|
-
|
|
54
|
+
#
|
|
55
|
+
# config.github.key = ""
|
|
56
|
+
# config.github.secret = ""
|
|
57
|
+
# config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
|
|
58
|
+
# config.github.user_info_mapping = {:email => "name"}
|
|
59
|
+
|
|
44
60
|
# --- user config ---
|
|
45
61
|
config.user_config do |user|
|
|
46
62
|
# -- core --
|
|
47
|
-
# user.
|
|
48
|
-
#
|
|
49
|
-
#
|
|
50
|
-
|
|
63
|
+
# user.username_attribute_names = [:username] # specify username
|
|
64
|
+
# attributes, for example:
|
|
65
|
+
# [:username, :email].
|
|
66
|
+
|
|
51
67
|
# user.password_attribute_name = :password # change *virtual* password
|
|
52
68
|
# attribute, the one which is used
|
|
53
69
|
# until an encrypted one is
|
|
54
70
|
# generated.
|
|
55
|
-
|
|
71
|
+
|
|
56
72
|
# user.email_attribute_name = :email # change default email attribute.
|
|
57
|
-
|
|
73
|
+
|
|
58
74
|
# user.crypted_password_attribute_name = :crypted_password # change default crypted_password
|
|
59
75
|
# attribute.
|
|
60
|
-
|
|
76
|
+
|
|
61
77
|
# user.salt_join_token = "" # what pattern to use to join the
|
|
62
78
|
# password with the salt
|
|
63
|
-
|
|
79
|
+
|
|
64
80
|
# user.salt_attribute_name = :salt # change default salt attribute.
|
|
65
|
-
|
|
81
|
+
|
|
66
82
|
# user.stretches = nil # how many times to apply
|
|
67
83
|
# encryption to the password.
|
|
68
|
-
|
|
84
|
+
|
|
69
85
|
# user.encryption_key = nil # encryption key used to encrypt
|
|
70
86
|
# reversible encryptions such as
|
|
71
87
|
# AES256.
|
|
72
|
-
|
|
73
|
-
|
|
88
|
+
#
|
|
89
|
+
# WARNING:
|
|
90
|
+
#
|
|
91
|
+
# If used for users' passwords, changing this key
|
|
92
|
+
# will leave passwords undecryptable!
|
|
93
|
+
|
|
94
|
+
# user.custom_encryption_provider = nil # use an external encryption
|
|
74
95
|
# class.
|
|
75
|
-
|
|
96
|
+
|
|
76
97
|
# user.encryption_algorithm = :bcrypt # encryption algorithm name. See
|
|
77
98
|
# 'encryption_algorithm=' for
|
|
78
99
|
# available options.
|
|
79
|
-
|
|
100
|
+
|
|
80
101
|
# user.subclasses_inherit_config = false # make this configuration
|
|
81
102
|
# inheritable for subclasses.
|
|
82
103
|
# Useful for ActiveRecord's STI.
|
|
83
|
-
|
|
84
|
-
# -- user_activation --
|
|
104
|
+
|
|
105
|
+
# -- user_activation --
|
|
85
106
|
# user.activation_state_attribute_name = :activation_state # the attribute name to hold
|
|
86
107
|
# activation state
|
|
87
108
|
# (active/pending).
|
|
88
|
-
|
|
109
|
+
|
|
89
110
|
# user.activation_token_attribute_name = :activation_token # the attribute name to hold
|
|
90
111
|
# activation code (sent by email).
|
|
91
|
-
|
|
112
|
+
|
|
92
113
|
# user.activation_token_expires_at_attribute_name = :activation_token_expires_at # the attribute name to hold
|
|
93
|
-
# activation code expiration date.
|
|
94
|
-
|
|
114
|
+
# activation code expiration date.
|
|
115
|
+
|
|
95
116
|
# user.activation_token_expiration_period = nil # how many seconds before the
|
|
96
117
|
# activation code expires. nil for
|
|
97
118
|
# never expires.
|
|
98
|
-
|
|
119
|
+
|
|
99
120
|
# user.user_activation_mailer = nil # your mailer class. Required.
|
|
100
|
-
|
|
121
|
+
|
|
101
122
|
# user.activation_needed_email_method_name = :activation_needed_email # activation needed email method
|
|
102
123
|
# on your mailer class.
|
|
103
|
-
|
|
124
|
+
|
|
104
125
|
# user.activation_success_email_method_name = :activation_success_email # activation success email method
|
|
105
126
|
# on your mailer class.
|
|
106
|
-
|
|
127
|
+
|
|
107
128
|
# user.prevent_non_active_users_to_login = true # do you want to prevent or allow
|
|
108
129
|
# users that did not activate by
|
|
109
|
-
# email to login?
|
|
110
|
-
|
|
111
|
-
# -- reset_password --
|
|
130
|
+
# email to login?
|
|
131
|
+
|
|
132
|
+
# -- reset_password --
|
|
112
133
|
# user.reset_password_token_attribute_name = :reset_password_token # reset password code
|
|
113
134
|
# attribute name.
|
|
114
|
-
|
|
135
|
+
|
|
115
136
|
# user.reset_password_token_expires_at_attribute_name = :reset_password_token_expires_at # expires at attribute
|
|
116
137
|
# name.
|
|
117
|
-
|
|
138
|
+
|
|
118
139
|
# user.reset_password_email_sent_at_attribute_name = :reset_password_email_sent_at # when was email sent,
|
|
119
140
|
# used for hammering
|
|
120
141
|
# protection.
|
|
121
|
-
|
|
142
|
+
|
|
122
143
|
# user.reset_password_mailer = nil # mailer class. Needed.
|
|
123
|
-
|
|
144
|
+
|
|
124
145
|
# user.reset_password_email_method_name = :reset_password_email # reset password email
|
|
125
146
|
# method on your mailer
|
|
126
147
|
# class.
|
|
127
|
-
|
|
148
|
+
|
|
128
149
|
# user.reset_password_expiration_period = nil # how many seconds
|
|
129
150
|
# before the reset
|
|
130
151
|
# request expires. nil
|
|
131
152
|
# for never expires.
|
|
132
|
-
|
|
153
|
+
|
|
133
154
|
# user.reset_password_time_between_emails = 5 * 60 # hammering protection,
|
|
134
155
|
# how long to wait
|
|
135
156
|
# before allowing
|
|
136
157
|
# another email to be
|
|
137
158
|
# sent.
|
|
138
|
-
|
|
139
|
-
# -- brute_force_protection --
|
|
159
|
+
|
|
160
|
+
# -- brute_force_protection --
|
|
140
161
|
# user.failed_logins_count_attribute_name = :failed_logins_count # failed logins attribute name.
|
|
141
|
-
|
|
162
|
+
|
|
142
163
|
# user.lock_expires_at_attribute_name = :lock_expires_at # this field indicates whether
|
|
143
164
|
# user is banned and when it will
|
|
144
165
|
# be active again.
|
|
145
|
-
|
|
166
|
+
|
|
146
167
|
# user.consecutive_login_retries_amount_limit = 50 # how many failed logins allowed.
|
|
147
|
-
|
|
168
|
+
|
|
148
169
|
# user.login_lock_time_period = 60 * 60 # how long the user should be
|
|
149
170
|
# banned. in seconds. 0 for
|
|
150
171
|
# permanent.
|
|
151
|
-
|
|
152
|
-
# -- activity logging --
|
|
172
|
+
|
|
173
|
+
# -- activity logging --
|
|
153
174
|
# user.last_login_at_attribute_name = :last_login_at # last login attribute name.
|
|
154
175
|
# user.last_logout_at_attribute_name = :last_logout_at # last logout attribute name.
|
|
155
176
|
# user.last_activity_at_attribute_name = :last_activity_at # last activity attribute name.
|
|
156
177
|
# user.activity_timeout = 10 * 60 # how long since last activity is
|
|
157
178
|
# the user defined logged out?
|
|
158
|
-
|
|
159
|
-
# -- external --
|
|
179
|
+
|
|
180
|
+
# -- external --
|
|
160
181
|
# user.authentications_class = nil # class which holds the various
|
|
161
182
|
# external provider data for this
|
|
162
183
|
# user.
|
|
163
|
-
|
|
184
|
+
|
|
164
185
|
# user.authentications_user_id_attribute_name = :user_id # user's identifier in
|
|
165
186
|
# authentications class.
|
|
166
|
-
|
|
187
|
+
|
|
167
188
|
# user.provider_attribute_name = :provider # provider's identifier in
|
|
168
189
|
# authentications class.
|
|
169
|
-
|
|
190
|
+
|
|
170
191
|
# user.provider_uid_attribute_name = :uid # user's external unique
|
|
171
192
|
# identifier in authentications
|
|
172
193
|
# class.
|
|
173
194
|
end
|
|
174
195
|
|
|
175
196
|
# This line must come after the 'user config' block.
|
|
176
|
-
config.user_class = "
|
|
197
|
+
config.user_class = "<%= model_class_name %>" # define which model authenticates
|
|
177
198
|
# with sorcery.
|
|
178
199
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
class SorceryActivityLogging < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
add_column :<%= model_class_name.tableize %>, :last_login_at, :datetime, :default => nil
|
|
4
|
+
add_column :<%= model_class_name.tableize %>, :last_logout_at, :datetime, :default => nil
|
|
5
|
+
add_column :<%= model_class_name.tableize %>, :last_activity_at, :datetime, :default => nil
|
|
6
|
+
|
|
7
|
+
add_index :<%= model_class_name.tableize %>, [:last_logout_at, :last_activity_at]
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.down
|
|
11
|
+
remove_index :<%= model_class_name.tableize %>, [:last_logout_at, :last_activity_at]
|
|
12
|
+
|
|
13
|
+
remove_column :<%= model_class_name.tableize %>, :last_activity_at
|
|
14
|
+
remove_column :<%= model_class_name.tableize %>, :last_logout_at
|
|
15
|
+
remove_column :<%= model_class_name.tableize %>, :last_login_at
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
class SorceryBruteForceProtection < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
add_column :<%= model_class_name.tableize %>, :failed_logins_count, :integer, :default => 0
|
|
4
|
+
add_column :<%= model_class_name.tableize %>, :lock_expires_at, :datetime, :default => nil
|
|
5
|
+
end
|
|
6
|
+
|
|
7
|
+
def self.down
|
|
8
|
+
remove_column :<%= model_class_name.tableize %>, :lock_expires_at
|
|
9
|
+
remove_column :<%= model_class_name.tableize %>, :failed_logins_count
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class SorceryCore < ActiveRecord::Migration
|
|
2
2
|
def self.up
|
|
3
|
-
create_table
|
|
4
|
-
t.string :username, :null => false # if you use another
|
|
3
|
+
create_table :<%= model_class_name.tableize %> do |t|
|
|
4
|
+
t.string :username, :null => false # if you use another field as a username, for example email, you can safely remove this field.
|
|
5
5
|
t.string :email, :default => nil # if you use this field as a username, you might want to make it :null => false.
|
|
6
6
|
t.string :crypted_password, :default => nil
|
|
7
7
|
t.string :salt, :default => nil
|
|
@@ -11,6 +11,6 @@ class SorceryCore < ActiveRecord::Migration
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
def self.down
|
|
14
|
-
drop_table
|
|
14
|
+
drop_table :<%= model_class_name.tableize %>
|
|
15
15
|
end
|
|
16
16
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class SorceryExternal < ActiveRecord::Migration
|
|
2
2
|
def self.up
|
|
3
3
|
create_table :authentications do |t|
|
|
4
|
-
t.integer
|
|
4
|
+
t.integer :<%= model_class_name.tableize.singularize %>_id, :null => false
|
|
5
5
|
t.string :provider, :uid, :null => false
|
|
6
6
|
|
|
7
7
|
t.timestamps
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
class SorceryRememberMe < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
add_column :<%= model_class_name.tableize %>, :remember_me_token, :string, :default => nil
|
|
4
|
+
add_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at, :datetime, :default => nil
|
|
5
|
+
|
|
6
|
+
add_index :<%= model_class_name.tableize %>, :remember_me_token
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def self.down
|
|
10
|
+
remove_index :<%= model_class_name.tableize %>, :remember_me_token
|
|
11
|
+
|
|
12
|
+
remove_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at
|
|
13
|
+
remove_column :<%= model_class_name.tableize %>, :remember_me_token
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
class SorceryResetPassword < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
add_column :<%= model_class_name.tableize %>, :reset_password_token, :string, :default => nil
|
|
4
|
+
add_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at, :datetime, :default => nil
|
|
5
|
+
add_column :<%= model_class_name.tableize %>, :reset_password_email_sent_at, :datetime, :default => nil
|
|
6
|
+
|
|
7
|
+
add_index :<%= model_class_name.tableize %>, :reset_password_token
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.down
|
|
11
|
+
remove_index :users, :reset_password_token
|
|
12
|
+
|
|
13
|
+
remove_column :<%= model_class_name.tableize %>, :reset_password_email_sent_at
|
|
14
|
+
remove_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at
|
|
15
|
+
remove_column :<%= model_class_name.tableize %>, :reset_password_token
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
class SorceryUserActivation < ActiveRecord::Migration
|
|
2
|
+
def self.up
|
|
3
|
+
add_column :<%= model_class_name.tableize %>, :activation_state, :string, :default => nil
|
|
4
|
+
add_column :<%= model_class_name.tableize %>, :activation_token, :string, :default => nil
|
|
5
|
+
add_column :<%= model_class_name.tableize %>, :activation_token_expires_at, :datetime, :default => nil
|
|
6
|
+
|
|
7
|
+
add_index :<%= model_class_name.tableize %>, :activation_token
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.down
|
|
11
|
+
remove_index :<%= model_class_name.tableize %>, :activation_token
|
|
12
|
+
|
|
13
|
+
remove_column :<%= model_class_name.tableize %>, :activation_token_expires_at
|
|
14
|
+
remove_column :<%= model_class_name.tableize %>, :activation_token
|
|
15
|
+
remove_column :<%= model_class_name.tableize %>, :activation_state
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -14,8 +14,22 @@ module Sorcery
|
|
|
14
14
|
module ActivityLogging
|
|
15
15
|
def self.included(base)
|
|
16
16
|
base.send(:include, InstanceMethods)
|
|
17
|
-
Config.
|
|
18
|
-
|
|
17
|
+
Config.module_eval do
|
|
18
|
+
class << self
|
|
19
|
+
attr_accessor :register_login_time
|
|
20
|
+
attr_accessor :register_logout_time
|
|
21
|
+
attr_accessor :register_last_activity_time
|
|
22
|
+
|
|
23
|
+
def merge_activity_logging_defaults!
|
|
24
|
+
@defaults.merge!(:@register_login_time => true,
|
|
25
|
+
:@register_logout_time => true,
|
|
26
|
+
:@register_last_activity_time => true)
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
merge_activity_logging_defaults!
|
|
30
|
+
end
|
|
31
|
+
Config.after_login << :register_login_time_to_db
|
|
32
|
+
Config.before_logout << :register_logout_time_to_db
|
|
19
33
|
base.after_filter :register_last_activity_time_to_db
|
|
20
34
|
end
|
|
21
35
|
|
|
@@ -37,23 +51,23 @@ module Sorcery
|
|
|
37
51
|
# registers last login time on every login.
|
|
38
52
|
# This runs as a hook just after a successful login.
|
|
39
53
|
def register_login_time_to_db(user, credentials)
|
|
40
|
-
|
|
41
|
-
user.
|
|
54
|
+
return unless Config.register_login_time
|
|
55
|
+
user.update_attributes!(user.sorcery_config.last_login_at_attribute_name => Time.now.utc)
|
|
42
56
|
end
|
|
43
57
|
|
|
44
58
|
# registers last logout time on every logout.
|
|
45
59
|
# This runs as a hook just before a logout.
|
|
46
60
|
def register_logout_time_to_db(user)
|
|
47
|
-
|
|
48
|
-
user.
|
|
61
|
+
return unless Config.register_logout_time
|
|
62
|
+
user.update_attributes!(user.sorcery_config.last_logout_at_attribute_name => Time.now.utc)
|
|
49
63
|
end
|
|
50
64
|
|
|
51
65
|
# Updates last activity time on every request.
|
|
52
66
|
# The only exception is logout - we do not update activity on logout
|
|
53
67
|
def register_last_activity_time_to_db
|
|
54
|
-
return
|
|
55
|
-
|
|
56
|
-
current_user.
|
|
68
|
+
return unless Config.register_last_activity_time
|
|
69
|
+
return unless logged_in?
|
|
70
|
+
current_user.update_attributes!(current_user.sorcery_config.last_activity_at_attribute_name => Time.now.utc)
|
|
57
71
|
end
|
|
58
72
|
end
|
|
59
73
|
end
|
|
@@ -29,7 +29,8 @@ module Sorcery
|
|
|
29
29
|
# Resets the failed logins counter.
|
|
30
30
|
# Runs as a hook after a successful login.
|
|
31
31
|
def reset_failed_logins_count!(user, credentials)
|
|
32
|
-
user.
|
|
32
|
+
user.send(:"#{user_class.sorcery_config.failed_logins_count_attribute_name}=", 0)
|
|
33
|
+
user.save!
|
|
33
34
|
end
|
|
34
35
|
end
|
|
35
36
|
end
|