sorcery 0.6.1 → 0.7.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (205) hide show
  1. data/.travis.yml +2 -0
  2. data/Gemfile +2 -23
  3. data/Gemfile.lock +105 -77
  4. data/README.rdoc +32 -59
  5. data/Rakefile +29 -1
  6. data/VERSION +1 -1
  7. data/lib/generators/sorcery/USAGE +22 -0
  8. data/lib/generators/sorcery/install_generator.rb +77 -0
  9. data/lib/generators/sorcery/templates/initializer.rb +406 -0
  10. data/lib/generators/sorcery/templates/migration/activity_logging.rb +17 -0
  11. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +13 -0
  12. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/core.rb +3 -3
  13. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/external.rb +1 -1
  14. data/lib/generators/sorcery/templates/migration/remember_me.rb +15 -0
  15. data/lib/generators/sorcery/templates/migration/reset_password.rb +17 -0
  16. data/lib/generators/sorcery/templates/migration/user_activation.rb +17 -0
  17. data/lib/sorcery/controller/submodules/activity_logging.rb +24 -10
  18. data/lib/sorcery/controller/submodules/brute_force_protection.rb +3 -2
  19. data/lib/sorcery/controller/submodules/external/protocols/certs/ca-bundle.crt +5182 -0
  20. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +28 -9
  21. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +12 -4
  22. data/lib/sorcery/controller/submodules/external/providers/github.rb +89 -0
  23. data/lib/sorcery/controller/submodules/external/providers/google.rb +90 -0
  24. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +91 -0
  25. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +8 -2
  26. data/lib/sorcery/controller/submodules/external.rb +17 -4
  27. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  28. data/lib/sorcery/controller/submodules/remember_me.rb +26 -15
  29. data/lib/sorcery/controller/submodules/session_timeout.rb +4 -4
  30. data/lib/sorcery/controller.rb +61 -38
  31. data/lib/sorcery/crypto_providers/aes256.rb +7 -3
  32. data/lib/sorcery/engine.rb +1 -0
  33. data/lib/sorcery/model/adapters/active_record.rb +17 -1
  34. data/lib/sorcery/model/adapters/mongo_mapper.rb +54 -0
  35. data/lib/sorcery/model/adapters/mongoid.rb +22 -4
  36. data/lib/sorcery/model/submodules/activity_logging.rb +4 -4
  37. data/lib/sorcery/model/submodules/brute_force_protection.rb +53 -14
  38. data/lib/sorcery/model/submodules/remember_me.rb +10 -3
  39. data/lib/sorcery/model/submodules/reset_password.rb +26 -11
  40. data/lib/sorcery/model/submodules/user_activation.rb +28 -10
  41. data/lib/sorcery/model/temporary_token.rb +8 -1
  42. data/lib/sorcery/model.rb +51 -19
  43. data/lib/sorcery/test_helpers/internal/rails.rb +1 -1
  44. data/lib/sorcery/test_helpers/rails.rb +2 -2
  45. data/lib/sorcery.rb +8 -7
  46. data/sorcery.gemspec +110 -223
  47. data/spec/Gemfile +1 -1
  48. data/spec/Gemfile.lock +26 -26
  49. data/spec/README.md +31 -0
  50. data/spec/rails3/Gemfile +5 -3
  51. data/spec/rails3/Gemfile.lock +74 -48
  52. data/spec/rails3/app/controllers/application_controller.rb +70 -23
  53. data/spec/rails3/app/mailers/sorcery_mailer.rb +7 -0
  54. data/spec/rails3/app/views/application/index.html.erb +17 -0
  55. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  56. data/spec/rails3/config/environments/in_memory.rb +35 -0
  57. data/spec/rails3/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +2 -0
  58. data/spec/rails3/spec/controller_activity_logging_spec.rb +33 -3
  59. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +25 -3
  60. data/spec/rails3/spec/controller_oauth2_spec.rb +170 -25
  61. data/spec/rails3/spec/controller_remember_me_spec.rb +37 -6
  62. data/spec/rails3/spec/controller_session_timeout_spec.rb +4 -4
  63. data/spec/rails3/spec/controller_spec.rb +60 -2
  64. data/spec/rails3/spec/integration_spec.rb +23 -0
  65. data/spec/rails3/spec/spec_helper.rb +6 -5
  66. data/spec/rails3_mongo_mapper/.gitignore +4 -0
  67. data/spec/rails3_mongo_mapper/.rspec +1 -0
  68. data/spec/{sinatra_modular → rails3_mongo_mapper}/Gemfile +6 -5
  69. data/spec/rails3_mongo_mapper/Gemfile.lock +154 -0
  70. data/spec/{sinatra → rails3_mongo_mapper}/Rakefile +3 -3
  71. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +108 -0
  72. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +2 -0
  73. data/spec/rails3_mongo_mapper/app/models/authentication.rb +6 -0
  74. data/spec/rails3_mongo_mapper/app/models/user.rb +5 -0
  75. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +14 -0
  76. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +17 -0
  77. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +9 -0
  78. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
  79. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
  80. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
  81. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
  82. data/spec/rails3_mongo_mapper/config/application.rb +51 -0
  83. data/spec/rails3_mongo_mapper/config/boot.rb +13 -0
  84. data/spec/rails3_mongo_mapper/config/environment.rb +5 -0
  85. data/spec/rails3_mongo_mapper/config/environments/development.rb +30 -0
  86. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  87. data/spec/rails3_mongo_mapper/config/environments/production.rb +49 -0
  88. data/spec/rails3_mongo_mapper/config/environments/test.rb +35 -0
  89. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +7 -0
  90. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +10 -0
  91. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +5 -0
  92. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +2 -0
  93. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +7 -0
  94. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +8 -0
  95. data/spec/rails3_mongo_mapper/config/locales/en.yml +5 -0
  96. data/spec/rails3_mongo_mapper/config/routes.rb +59 -0
  97. data/spec/rails3_mongo_mapper/config.ru +4 -0
  98. data/spec/rails3_mongo_mapper/db/schema.rb +23 -0
  99. data/spec/rails3_mongo_mapper/db/seeds.rb +7 -0
  100. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  101. data/spec/rails3_mongo_mapper/public/404.html +26 -0
  102. data/spec/rails3_mongo_mapper/public/422.html +26 -0
  103. data/spec/rails3_mongo_mapper/public/500.html +26 -0
  104. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  105. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  106. data/spec/rails3_mongo_mapper/public/javascripts/application.js +2 -0
  107. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +965 -0
  108. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +974 -0
  109. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +1123 -0
  110. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +6001 -0
  111. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +175 -0
  112. data/spec/rails3_mongo_mapper/public/robots.txt +5 -0
  113. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  114. data/spec/rails3_mongo_mapper/script/rails +6 -0
  115. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +163 -0
  116. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +27 -0
  117. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +55 -0
  118. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +9 -0
  119. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +8 -0
  120. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +8 -0
  121. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +8 -0
  122. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +8 -0
  123. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +8 -0
  124. data/spec/rails3_mongo_mapper/spec/user_spec.rb +37 -0
  125. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  126. data/spec/rails3_mongoid/Gemfile +2 -1
  127. data/spec/rails3_mongoid/Gemfile.lock +46 -45
  128. data/spec/rails3_mongoid/app/controllers/application_controller.rb +5 -0
  129. data/spec/rails3_mongoid/config/mongoid.yml +1 -1
  130. data/spec/rails3_mongoid/script/rails +0 -0
  131. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +105 -0
  132. data/spec/rails3_mongoid/spec/controller_spec.rb +174 -0
  133. data/spec/rails3_mongoid/spec/user_spec.rb +1 -0
  134. data/spec/shared_examples/user_activation_shared_examples.rb +72 -42
  135. data/spec/shared_examples/user_remember_me_shared_examples.rb +2 -1
  136. data/spec/shared_examples/user_reset_password_shared_examples.rb +81 -28
  137. data/spec/shared_examples/user_shared_examples.rb +36 -8
  138. data/spec/sorcery_crypto_providers_spec.rb +5 -1
  139. metadata +239 -346
  140. data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +0 -24
  141. data/lib/generators/sorcery_migration/templates/activity_logging.rb +0 -17
  142. data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +0 -11
  143. data/lib/generators/sorcery_migration/templates/remember_me.rb +0 -15
  144. data/lib/generators/sorcery_migration/templates/reset_password.rb +0 -13
  145. data/lib/generators/sorcery_migration/templates/user_activation.rb +0 -17
  146. data/lib/sorcery/controller/adapters/sinatra.rb +0 -104
  147. data/lib/sorcery/initializers/initializer.rb +0 -178
  148. data/lib/sorcery/sinatra.rb +0 -4
  149. data/lib/sorcery/test_helpers/internal/sinatra.rb +0 -74
  150. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +0 -74
  151. data/lib/sorcery/test_helpers/sinatra.rb +0 -88
  152. data/spec/rails3/Rakefile.unused +0 -7
  153. data/spec/rails3/public/index.html +0 -239
  154. data/spec/sinatra/Gemfile +0 -15
  155. data/spec/sinatra/Gemfile.lock +0 -117
  156. data/spec/sinatra/authentication.rb +0 -3
  157. data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  158. data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  159. data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  160. data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +0 -16
  161. data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  162. data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  163. data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  164. data/spec/sinatra/filters.rb +0 -27
  165. data/spec/sinatra/modular.rb +0 -157
  166. data/spec/sinatra/myapp.rb +0 -133
  167. data/spec/sinatra/spec/controller_activity_logging_spec.rb +0 -85
  168. data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +0 -70
  169. data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +0 -53
  170. data/spec/sinatra/spec/controller_oauth2_spec.rb +0 -99
  171. data/spec/sinatra/spec/controller_oauth_spec.rb +0 -100
  172. data/spec/sinatra/spec/controller_remember_me_spec.rb +0 -64
  173. data/spec/sinatra/spec/controller_session_timeout_spec.rb +0 -57
  174. data/spec/sinatra/spec/controller_spec.rb +0 -120
  175. data/spec/sinatra/spec/spec_helper.rb +0 -45
  176. data/spec/sinatra/user.rb +0 -6
  177. data/spec/sinatra/views/test_login.erb +0 -4
  178. data/spec/sinatra_modular/Gemfile.lock +0 -117
  179. data/spec/sinatra_modular/Rakefile +0 -11
  180. data/spec/sinatra_modular/authentication.rb +0 -3
  181. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  182. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  183. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  184. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +0 -16
  185. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  186. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  187. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  188. data/spec/sinatra_modular/filters.rb +0 -27
  189. data/spec/sinatra_modular/modular.rb +0 -157
  190. data/spec/sinatra_modular/myapp.rb +0 -133
  191. data/spec/sinatra_modular/sorcery_mailer.rb +0 -25
  192. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +0 -85
  193. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +0 -70
  194. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +0 -53
  195. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +0 -99
  196. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +0 -100
  197. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +0 -64
  198. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +0 -57
  199. data/spec/sinatra_modular/spec_modular/controller_spec.rb +0 -116
  200. data/spec/sinatra_modular/spec_modular/spec.opts +0 -2
  201. data/spec/sinatra_modular/spec_modular/spec_helper.rb +0 -51
  202. data/spec/sinatra_modular/user.rb +0 -6
  203. data/spec/sinatra_modular/views/test_login.erb +0 -4
  204. /data/spec/{sinatra → rails3_mongo_mapper/app/mailers}/sorcery_mailer.rb +0 -0
  205. /data/spec/{sinatra → rails3_mongo_mapper}/spec/spec.opts +0 -0
@@ -0,0 +1,406 @@
1
+ # The first thing you need to configure is which modules you need in your app.
2
+ # The default is nothing which will include only core features (password encryption, login/logout).
3
+ # Available submodules are: :user_activation, :http_basic_auth, :remember_me,
4
+ # :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
5
+ Rails.application.config.sorcery.submodules = []
6
+
7
+ # Here you can configure each submodule's features.
8
+ Rails.application.config.sorcery.configure do |config|
9
+ # -- core --
10
+ # What controller action to call for non-authenticated users. You can also
11
+ # override the 'not_authenticated' method of course.
12
+ # Default: `:not_authenticated`
13
+ #
14
+ # config.not_authenticated_action =
15
+
16
+
17
+ # When a non logged in user tries to enter a page that requires login, save
18
+ # the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.
19
+ # Default: `true`
20
+ #
21
+ # config.save_return_to_url =
22
+
23
+
24
+ # Set domain option for cookies; Useful for remember_me submodule.
25
+ # Default: `nil`
26
+ #
27
+ # config.cookie_domain =
28
+
29
+
30
+ # -- session timeout --
31
+ # How long in seconds to keep the session alive.
32
+ # Default: `3600`
33
+ #
34
+ # config.session_timeout =
35
+
36
+
37
+ # Use the last action as the beginning of session timeout.
38
+ # Default: `false`
39
+ #
40
+ # config.session_timeout_from_last_action =
41
+
42
+
43
+ # -- http_basic_auth --
44
+ # What realm to display for which controller name. For example {"My App" => "Application"}
45
+ # Default: `{"application" => "Application"}`
46
+ #
47
+ # config.controller_to_realm_map =
48
+
49
+
50
+ # -- activity logging --
51
+ # will register the time of last user login, every login.
52
+ # Default: `true`
53
+ #
54
+ # config.register_login_time =
55
+
56
+
57
+ # will register the time of last user logout, every logout.
58
+ # Default: `true`
59
+ #
60
+ # config.register_logout_time =
61
+
62
+
63
+ # will register the time of last user action, every action.
64
+ # Default: `true`
65
+ #
66
+ # config.register_last_activity_time =
67
+
68
+
69
+ # -- external --
70
+ # What providers are supported by this app, i.e. [:twitter, :facebook, :github, :google, :liveid] .
71
+ # Default: `[]`
72
+ #
73
+ # config.external_providers =
74
+
75
+
76
+ # You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'
77
+ # Path to ca_file. By default use a internal ca-bundle.crt.
78
+ # Default: `'path/to/ca_file'`
79
+ #
80
+ # config.ca_file =
81
+
82
+
83
+ # Twitter wil not accept any requests nor redirect uri containing localhost,
84
+ # make sure you use 0.0.0.0:3000 to access your app in development
85
+ #
86
+ # config.twitter.key = ""
87
+ # config.twitter.secret = ""
88
+ # config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"
89
+ # config.twitter.user_info_mapping = {:email => "screen_name"}
90
+ #
91
+ # config.facebook.key = ""
92
+ # config.facebook.secret = ""
93
+ # config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
94
+ # config.facebook.user_info_mapping = {:email => "name"}
95
+ #
96
+ # config.github.key = ""
97
+ # config.github.secret = ""
98
+ # config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
99
+ # config.github.user_info_mapping = {:email => "name"}
100
+ #
101
+ # config.google.key = ""
102
+ # config.google.secret = ""
103
+ # config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
104
+ # config.google.user_info_mapping = {:email => "email", :username => "name"}
105
+ #
106
+ # To use liveid in development mode you have to replace mydomain.com with
107
+ # a valid domain even in development. To use a valid domain in development
108
+ # simply add your domain in your /etc/hosts file in front of 127.0.0.1
109
+ #
110
+ # config.liveid.key = ""
111
+ # config.liveid.secret = ""
112
+ # config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"
113
+ # config.liveid.user_info_mapping = {:username => "name"}
114
+
115
+
116
+ # --- user config ---
117
+ config.user_config do |user|
118
+ # -- core --
119
+ # specify username attributes, for example: [:username, :email].
120
+ # Default: `[:username]`
121
+ #
122
+ # user.username_attribute_names =
123
+
124
+
125
+ # change *virtual* password attribute, the one which is used until an encrypted one is generated.
126
+ # Default: `:password`
127
+ #
128
+ # user.password_attribute_name =
129
+
130
+
131
+ # downcase the username before trying to authenticate, default is false
132
+ # Default: `false`
133
+ #
134
+ # user.downcase_username_before_authenticating =
135
+
136
+
137
+ # change default email attribute.
138
+ # Default: `:email`
139
+ #
140
+ # user.email_attribute_name =
141
+
142
+
143
+ # change default crypted_password attribute.
144
+ # Default: `:crypted_password`
145
+ #
146
+ # user.crypted_password_attribute_name =
147
+
148
+
149
+ # what pattern to use to join the password with the salt
150
+ # Default: `""`
151
+ #
152
+ # user.salt_join_token =
153
+
154
+
155
+ # change default salt attribute.
156
+ # Default: `:salt`
157
+ #
158
+ # user.salt_attribute_name =
159
+
160
+
161
+ # how many times to apply encryption to the password.
162
+ # Default: `nil`
163
+ #
164
+ # user.stretches =
165
+
166
+
167
+ # encryption key used to encrypt reversible encryptions such as AES256.
168
+ # WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!
169
+ # Default: `nil`
170
+ #
171
+ # user.encryption_key =
172
+
173
+
174
+ # use an external encryption class.
175
+ # Default: `nil`
176
+ #
177
+ # user.custom_encryption_provider =
178
+
179
+
180
+ # encryption algorithm name. See 'encryption_algorithm=' for available options.
181
+ # Default: `:bcrypt`
182
+ #
183
+ # user.encryption_algorithm =
184
+
185
+
186
+ # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
187
+ # Default: `false`
188
+ #
189
+ # user.subclasses_inherit_config =
190
+
191
+
192
+ # -- user_activation --
193
+ # the attribute name to hold activation state (active/pending).
194
+ # Default: `:activation_state`
195
+ #
196
+ # user.activation_state_attribute_name =
197
+
198
+
199
+ # the attribute name to hold activation code (sent by email).
200
+ # Default: `:activation_token`
201
+ #
202
+ # user.activation_token_attribute_name =
203
+
204
+
205
+ # the attribute name to hold activation code expiration date.
206
+ # Default: `:activation_token_expires_at`
207
+ #
208
+ # user.activation_token_expires_at_attribute_name =
209
+
210
+
211
+ # how many seconds before the activation code expires. nil for never expires.
212
+ # Default: `nil`
213
+ #
214
+ # user.activation_token_expiration_period =
215
+
216
+
217
+ # your mailer class. Required.
218
+ # Default: `nil`
219
+ #
220
+ # user.user_activation_mailer =
221
+
222
+
223
+ # when true sorcery will not automatically
224
+ # email activation details and allow you to
225
+ # manually handle how and when email is sent.
226
+ # Default: `false`
227
+ #
228
+ # user.activation_mailer_disabled =
229
+
230
+
231
+ # activation needed email method on your mailer class.
232
+ # Default: `:activation_needed_email`
233
+ #
234
+ # user.activation_needed_email_method_name =
235
+
236
+
237
+ # activation success email method on your mailer class.
238
+ # Default: `:activation_success_email`
239
+ #
240
+ # user.activation_success_email_method_name =
241
+
242
+
243
+ # do you want to prevent or allow users that did not activate by email to login?
244
+ # Default: `true`
245
+ #
246
+ # user.prevent_non_active_users_to_login =
247
+
248
+
249
+ # -- reset_password --
250
+ # reset password code attribute name.
251
+ # Default: `:reset_password_token`
252
+ #
253
+ # user.reset_password_token_attribute_name =
254
+
255
+
256
+ # expires at attribute name.
257
+ # Default: `:reset_password_token_expires_at`
258
+ #
259
+ # user.reset_password_token_expires_at_attribute_name =
260
+
261
+
262
+ # when was email sent, used for hammering protection.
263
+ # Default: `:reset_password_email_sent_at`
264
+ #
265
+ # user.reset_password_email_sent_at_attribute_name =
266
+
267
+
268
+ # mailer class. Needed.
269
+ # Default: `nil`
270
+ #
271
+ # user.reset_password_mailer =
272
+
273
+
274
+ # reset password email method on your mailer class.
275
+ # Default: `:reset_password_email`
276
+ #
277
+ # user.reset_password_email_method_name =
278
+
279
+
280
+ # when true sorcery will not automatically
281
+ # email password reset details and allow you to
282
+ # manually handle how and when email is sent
283
+ # Default: `false`
284
+ #
285
+ # user.reset_password_mailer_disabled =
286
+
287
+
288
+ # reset password email
289
+ # method on your mailer
290
+ # class.
291
+ # Default: `:reset_password_email`
292
+ #
293
+ # user.reset_password_email_method_name =
294
+
295
+
296
+ # how many seconds before the reset request expires. nil for never expires.
297
+ # Default: `nil`
298
+ #
299
+ # user.reset_password_expiration_period =
300
+
301
+
302
+ # hammering protection, how long to wait before allowing another email to be sent.
303
+ # Default: `5 * 60`
304
+ #
305
+ # user.reset_password_time_between_emails =
306
+
307
+
308
+ # -- brute_force_protection --
309
+ # Failed logins attribute name.
310
+ # Default: `:failed_logins_count`
311
+ #
312
+ # user.failed_logins_count_attribute_name =
313
+
314
+
315
+ # This field indicates whether user is banned and when it will be active again.
316
+ # Default: `:lock_expires_at`
317
+ #
318
+ # user.lock_expires_at_attribute_name =
319
+
320
+
321
+ # How many failed logins allowed.
322
+ # Default: `50`
323
+ #
324
+ # user.consecutive_login_retries_amount_limit =
325
+
326
+
327
+ # How long the user should be banned. in seconds. 0 for permanent.
328
+ # Default: `60 * 60`
329
+ #
330
+ # user.login_lock_time_period =
331
+
332
+ # Unlock token attribute name
333
+ # Default: `:unlock_token`
334
+ #
335
+ # user.unlock_token_attribute_name =
336
+
337
+ # Unlock token mailer method
338
+ # Default: `:send_unlock_token_email`
339
+ #
340
+ # user.unlock_token_email_method_name =
341
+
342
+ # when true sorcery will not automatically
343
+ # send email with unlock token
344
+ # Default: `false`
345
+ #
346
+ # user.unlock_token_mailer_disabled = true
347
+
348
+ # Unlock token mailer class
349
+ # Default: `nil`
350
+ #
351
+ # user.unlock_token_mailer = UserMailer
352
+
353
+ # -- activity logging --
354
+ # Last login attribute name.
355
+ # Default: `:last_login_at`
356
+ #
357
+ # user.last_login_at_attribute_name =
358
+
359
+
360
+ # Last logout attribute name.
361
+ # Default: `:last_logout_at`
362
+ #
363
+ # user.last_logout_at_attribute_name =
364
+
365
+
366
+ # Last activity attribute name.
367
+ # Default: `:last_activity_at`
368
+ #
369
+ # user.last_activity_at_attribute_name =
370
+
371
+
372
+ # How long since last activity is he user defined logged out?
373
+ # Default: `10 * 60`
374
+ #
375
+ # user.activity_timeout =
376
+
377
+
378
+ # -- external --
379
+ # Class which holds the various external provider data for this user.
380
+ # Default: `nil`
381
+ #
382
+ # user.authentications_class =
383
+
384
+
385
+ # User's identifier in authentications class.
386
+ # Default: `:user_id`
387
+ #
388
+ # user.authentications_user_id_attribute_name =
389
+
390
+
391
+ # Provider's identifier in authentications class.
392
+ # Default: `:provider`
393
+ #
394
+ # user.provider_attribute_name =
395
+
396
+
397
+ # User's external unique identifier in authentications class.
398
+ # Default: `:uid`
399
+ #
400
+ # user.provider_uid_attribute_name =
401
+ end
402
+
403
+ # This line must come after the 'user config' block.
404
+ # Define which model authenticates with sorcery.
405
+ config.user_class = "<%= model_class_name %>"
406
+ end
@@ -0,0 +1,17 @@
1
+ class SorceryActivityLogging < ActiveRecord::Migration
2
+ def self.up
3
+ add_column :<%= model_class_name.tableize %>, :last_login_at, :datetime, :default => nil
4
+ add_column :<%= model_class_name.tableize %>, :last_logout_at, :datetime, :default => nil
5
+ add_column :<%= model_class_name.tableize %>, :last_activity_at, :datetime, :default => nil
6
+
7
+ add_index :<%= model_class_name.tableize %>, [:last_logout_at, :last_activity_at]
8
+ end
9
+
10
+ def self.down
11
+ remove_index :<%= model_class_name.tableize %>, [:last_logout_at, :last_activity_at]
12
+
13
+ remove_column :<%= model_class_name.tableize %>, :last_activity_at
14
+ remove_column :<%= model_class_name.tableize %>, :last_logout_at
15
+ remove_column :<%= model_class_name.tableize %>, :last_login_at
16
+ end
17
+ end
@@ -0,0 +1,13 @@
1
+ class SorceryBruteForceProtection < ActiveRecord::Migration
2
+ def self.up
3
+ add_column :<%= model_class_name.tableize %>, :failed_logins_count, :integer, :default => 0
4
+ add_column :<%= model_class_name.tableize %>, :lock_expires_at, :datetime, :default => nil
5
+ add_column :<%= model_class_name.tableize %>, :unlock_token, :string, :default => nil
6
+ end
7
+
8
+ def self.down
9
+ remove_column :<%= model_class_name.tableize %>, :lock_expires_at
10
+ remove_column :<%= model_class_name.tableize %>, :failed_logins_count
11
+ remove_column :<%= model_class_name.tableize %>, :unlock_token
12
+ end
13
+ end
@@ -1,7 +1,7 @@
1
1
  class SorceryCore < ActiveRecord::Migration
2
2
  def self.up
3
- create_table :users do |t|
4
- t.string :username, :null => false # if you use another filed as a username, for example email, you can safely remove this field.
3
+ create_table :<%= model_class_name.tableize %> do |t|
4
+ t.string :username, :null => false # if you use another field as a username, for example email, you can safely remove this field.
5
5
  t.string :email, :default => nil # if you use this field as a username, you might want to make it :null => false.
6
6
  t.string :crypted_password, :default => nil
7
7
  t.string :salt, :default => nil
@@ -11,6 +11,6 @@ class SorceryCore < ActiveRecord::Migration
11
11
  end
12
12
 
13
13
  def self.down
14
- drop_table :users
14
+ drop_table :<%= model_class_name.tableize %>
15
15
  end
16
16
  end
@@ -1,7 +1,7 @@
1
1
  class SorceryExternal < ActiveRecord::Migration
2
2
  def self.up
3
3
  create_table :authentications do |t|
4
- t.integer :user_id, :null => false
4
+ t.integer :<%= model_class_name.tableize.singularize %>_id, :null => false
5
5
  t.string :provider, :uid, :null => false
6
6
 
7
7
  t.timestamps
@@ -0,0 +1,15 @@
1
+ class SorceryRememberMe < ActiveRecord::Migration
2
+ def self.up
3
+ add_column :<%= model_class_name.tableize %>, :remember_me_token, :string, :default => nil
4
+ add_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at, :datetime, :default => nil
5
+
6
+ add_index :<%= model_class_name.tableize %>, :remember_me_token
7
+ end
8
+
9
+ def self.down
10
+ remove_index :<%= model_class_name.tableize %>, :remember_me_token
11
+
12
+ remove_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at
13
+ remove_column :<%= model_class_name.tableize %>, :remember_me_token
14
+ end
15
+ end
@@ -0,0 +1,17 @@
1
+ class SorceryResetPassword < ActiveRecord::Migration
2
+ def self.up
3
+ add_column :<%= model_class_name.tableize %>, :reset_password_token, :string, :default => nil
4
+ add_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at, :datetime, :default => nil
5
+ add_column :<%= model_class_name.tableize %>, :reset_password_email_sent_at, :datetime, :default => nil
6
+
7
+ add_index :<%= model_class_name.tableize %>, :reset_password_token
8
+ end
9
+
10
+ def self.down
11
+ remove_index :<%= model_class_name.tableize %>, :reset_password_token
12
+
13
+ remove_column :<%= model_class_name.tableize %>, :reset_password_email_sent_at
14
+ remove_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at
15
+ remove_column :<%= model_class_name.tableize %>, :reset_password_token
16
+ end
17
+ end
@@ -0,0 +1,17 @@
1
+ class SorceryUserActivation < ActiveRecord::Migration
2
+ def self.up
3
+ add_column :<%= model_class_name.tableize %>, :activation_state, :string, :default => nil
4
+ add_column :<%= model_class_name.tableize %>, :activation_token, :string, :default => nil
5
+ add_column :<%= model_class_name.tableize %>, :activation_token_expires_at, :datetime, :default => nil
6
+
7
+ add_index :<%= model_class_name.tableize %>, :activation_token
8
+ end
9
+
10
+ def self.down
11
+ remove_index :<%= model_class_name.tableize %>, :activation_token
12
+
13
+ remove_column :<%= model_class_name.tableize %>, :activation_token_expires_at
14
+ remove_column :<%= model_class_name.tableize %>, :activation_token
15
+ remove_column :<%= model_class_name.tableize %>, :activation_state
16
+ end
17
+ end
@@ -14,8 +14,22 @@ module Sorcery
14
14
  module ActivityLogging
15
15
  def self.included(base)
16
16
  base.send(:include, InstanceMethods)
17
- Config.after_login << :register_login_time_to_db
18
- Config.before_logout << :register_logout_time_to_db
17
+ Config.module_eval do
18
+ class << self
19
+ attr_accessor :register_login_time
20
+ attr_accessor :register_logout_time
21
+ attr_accessor :register_last_activity_time
22
+
23
+ def merge_activity_logging_defaults!
24
+ @defaults.merge!(:@register_login_time => true,
25
+ :@register_logout_time => true,
26
+ :@register_last_activity_time => true)
27
+ end
28
+ end
29
+ merge_activity_logging_defaults!
30
+ end
31
+ Config.after_login << :register_login_time_to_db
32
+ Config.before_logout << :register_logout_time_to_db
19
33
  base.after_filter :register_last_activity_time_to_db
20
34
  end
21
35
 
@@ -37,26 +51,26 @@ module Sorcery
37
51
  # registers last login time on every login.
38
52
  # This runs as a hook just after a successful login.
39
53
  def register_login_time_to_db(user, credentials)
40
- user.send(:"#{user.sorcery_config.last_login_at_attribute_name}=", Time.now.utc.to_s(:db))
41
- user.save!(:validate => false)
54
+ return unless Config.register_login_time
55
+ user.update_single_attribute(user.sorcery_config.last_login_at_attribute_name, Time.now.in_time_zone)
42
56
  end
43
57
 
44
58
  # registers last logout time on every logout.
45
59
  # This runs as a hook just before a logout.
46
60
  def register_logout_time_to_db(user)
47
- user.send(:"#{user.sorcery_config.last_logout_at_attribute_name}=", Time.now.utc.to_s(:db))
48
- user.save!(:validate => false)
61
+ return unless Config.register_logout_time
62
+ user.update_single_attribute(user.sorcery_config.last_logout_at_attribute_name, Time.now.in_time_zone)
49
63
  end
50
64
 
51
65
  # Updates last activity time on every request.
52
66
  # The only exception is logout - we do not update activity on logout
53
67
  def register_last_activity_time_to_db
54
- return if !logged_in?
55
- current_user.send(:"#{current_user.sorcery_config.last_activity_at_attribute_name}=", Time.now.utc.to_s(:db))
56
- current_user.save!(:validate => false)
68
+ return unless Config.register_last_activity_time
69
+ return unless logged_in?
70
+ current_user.update_single_attribute(current_user.sorcery_config.last_activity_at_attribute_name, Time.now.in_time_zone)
57
71
  end
58
72
  end
59
73
  end
60
74
  end
61
75
  end
62
- end
76
+ end
@@ -29,10 +29,11 @@ module Sorcery
29
29
  # Resets the failed logins counter.
30
30
  # Runs as a hook after a successful login.
31
31
  def reset_failed_logins_count!(user, credentials)
32
- user.update_attributes!(user_class.sorcery_config.failed_logins_count_attribute_name => 0)
32
+ user.send(:"#{user_class.sorcery_config.failed_logins_count_attribute_name}=", 0)
33
+ user.save!(:validate => false)
33
34
  end
34
35
  end
35
36
  end
36
37
  end
37
38
  end
38
- end
39
+ end