sorcery 0.8.2 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +56 -0
- data/.travis.yml +130 -1
- data/CHANGELOG.md +270 -0
- data/Gemfile +17 -22
- data/README.md +371 -0
- data/Rakefile +3 -79
- data/gemfiles/active_record-rails40.gemfile +7 -0
- data/gemfiles/active_record-rails41.gemfile +7 -0
- data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
- data/gemfiles/mongoid-rails40.gemfile +9 -0
- data/gemfiles/mongoid-rails41.gemfile +9 -0
- data/gemfiles/mongoid3-rails32.gemfile +9 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +40 -0
- data/lib/generators/sorcery/install_generator.rb +38 -20
- data/lib/generators/sorcery/templates/initializer.rb +35 -10
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +2 -11
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
- data/lib/generators/sorcery/templates/migration/core.rb +5 -8
- data/lib/generators/sorcery/templates/migration/external.rb +3 -5
- data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
- data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
- data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
- data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
- data/lib/sorcery/adapters/base_adapter.rb +30 -0
- data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
- data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
- data/lib/sorcery/controller/config.rb +65 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
- data/lib/sorcery/controller/submodules/external.rb +42 -43
- data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
- data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
- data/lib/sorcery/controller.rb +22 -74
- data/lib/sorcery/model/config.rb +96 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
- data/lib/sorcery/model/submodules/brute_force_protection.rb +25 -27
- data/lib/sorcery/model/submodules/external.rb +53 -9
- data/lib/sorcery/model/submodules/remember_me.rb +15 -19
- data/lib/sorcery/model/submodules/reset_password.rb +36 -33
- data/lib/sorcery/model/submodules/user_activation.rb +51 -48
- data/lib/sorcery/model/temporary_token.rb +4 -4
- data/lib/sorcery/model.rb +81 -175
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +38 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/heroku.rb +57 -0
- data/lib/sorcery/providers/jira.rb +77 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/salesforce.rb +50 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +63 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
- data/lib/sorcery/test_helpers/internal.rb +27 -6
- data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/lib/sorcery/version.rb +3 -0
- data/lib/sorcery.rb +82 -58
- data/sorcery.gemspec +24 -362
- data/spec/active_record/user_activation_spec.rb +18 -0
- data/spec/active_record/user_activity_logging_spec.rb +17 -0
- data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
- data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
- data/spec/active_record/user_spec.rb +37 -0
- data/spec/controllers/controller_activity_logging_spec.rb +124 -0
- data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
- data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
- data/spec/controllers/controller_oauth2_spec.rb +414 -0
- data/spec/controllers/controller_oauth_spec.rb +240 -0
- data/spec/controllers/controller_remember_me_spec.rb +117 -0
- data/spec/controllers/controller_session_timeout_spec.rb +80 -0
- data/spec/controllers/controller_spec.rb +218 -0
- data/spec/data_mapper/user_activation_spec.rb +10 -0
- data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
- data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/data_mapper/user_oauth_spec.rb +9 -0
- data/spec/data_mapper/user_remember_me_spec.rb +8 -0
- data/spec/data_mapper/user_reset_password_spec.rb +8 -0
- data/spec/data_mapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/user_activation_spec.rb +9 -0
- data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
- data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
- data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
- data/spec/mongo_mapper/user_spec.rb +37 -0
- data/spec/mongoid/user_activation_spec.rb +9 -0
- data/spec/mongoid/user_activity_logging_spec.rb +8 -0
- data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongoid/user_oauth_spec.rb +8 -0
- data/spec/mongoid/user_remember_me_spec.rb +8 -0
- data/spec/mongoid/user_reset_password_spec.rb +8 -0
- data/spec/mongoid/user_spec.rb +51 -0
- data/spec/orm/active_record.rb +21 -0
- data/spec/orm/data_mapper.rb +48 -0
- data/spec/orm/mongo_mapper.rb +10 -0
- data/spec/orm/mongoid.rb +22 -0
- data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
- data/spec/rails_app/app/active_record/user_provider.rb +3 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
- data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
- data/spec/rails_app/app/data_mapper/user.rb +7 -0
- data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
- data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
- data/spec/rails_app/config/boot.rb +4 -0
- data/spec/rails_app/config/database.yml +22 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
- data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
- data/spec/rails_app/config/routes.rb +51 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
- data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
- data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
- data/spec/rails_app/log/development.log +1791 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
- data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
- data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
- data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
- data/spec/shared_examples/user_shared_examples.rb +355 -193
- data/spec/sorcery_crypto_providers_spec.rb +74 -72
- data/spec/spec_helper.rb +32 -4
- metadata +262 -508
- data/Gemfile.lock +0 -175
- data/README.rdoc +0 -261
- data/VERSION +0 -1
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -49
- data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -98
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -91
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -102
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -100
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -97
- data/lib/sorcery/model/adapters/active_record.rb +0 -49
- data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
- data/lib/sorcery/model/adapters/mongoid.rb +0 -88
- data/lib/sorcery/test_helpers/rails.rb +0 -16
- data/lib/sorcery/test_helpers.rb +0 -5
- data/spec/Gemfile +0 -12
- data/spec/Gemfile.lock +0 -129
- data/spec/README.md +0 -31
- data/spec/Rakefile +0 -12
- data/spec/rails3/.gitignore +0 -4
- data/spec/rails3/.rspec +0 -1
- data/spec/rails3/Gemfile +0 -15
- data/spec/rails3/Gemfile.lock +0 -162
- data/spec/rails3/README +0 -256
- data/spec/rails3/Rakefile +0 -11
- data/spec/rails3/app/controllers/application_controller.rb +0 -208
- data/spec/rails3/config/application.rb +0 -46
- data/spec/rails3/config/boot.rb +0 -13
- data/spec/rails3/config/database.yml +0 -27
- data/spec/rails3/config/environments/development.rb +0 -26
- data/spec/rails3/config/environments/in_memory.rb +0 -35
- data/spec/rails3/config/environments/production.rb +0 -49
- data/spec/rails3/config/environments/test.rb +0 -35
- data/spec/rails3/config/initializers/session_store.rb +0 -8
- data/spec/rails3/config/routes.rb +0 -59
- data/spec/rails3/config.ru +0 -4
- data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/rails3/lib/tasks/.gitkeep +0 -0
- data/spec/rails3/public/404.html +0 -26
- data/spec/rails3/public/422.html +0 -26
- data/spec/rails3/public/500.html +0 -26
- data/spec/rails3/public/favicon.ico +0 -0
- data/spec/rails3/public/images/rails.png +0 -0
- data/spec/rails3/public/javascripts/application.js +0 -2
- data/spec/rails3/public/javascripts/controls.js +0 -965
- data/spec/rails3/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3/public/javascripts/effects.js +0 -1123
- data/spec/rails3/public/javascripts/prototype.js +0 -6001
- data/spec/rails3/public/javascripts/rails.js +0 -175
- data/spec/rails3/public/robots.txt +0 -5
- data/spec/rails3/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3/script/rails +0 -6
- data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -130
- data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -96
- data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
- data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
- data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
- data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
- data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
- data/spec/rails3/spec/controller_spec.rb +0 -182
- data/spec/rails3/spec/integration_spec.rb +0 -23
- data/spec/rails3/spec/spec.opts +0 -2
- data/spec/rails3/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3/spec/spec_helper.rb +0 -71
- data/spec/rails3/spec/user_activation_spec.rb +0 -16
- data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3/spec/user_spec.rb +0 -36
- data/spec/rails3/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/.gitignore +0 -4
- data/spec/rails3_mongo_mapper/.rspec +0 -1
- data/spec/rails3_mongo_mapper/Gemfile +0 -16
- data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
- data/spec/rails3_mongo_mapper/Rakefile +0 -11
- data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
- data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
- data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
- data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
- data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
- data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
- data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
- data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
- data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
- data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
- data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
- data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/public/404.html +0 -26
- data/spec/rails3_mongo_mapper/public/422.html +0 -26
- data/spec/rails3_mongo_mapper/public/500.html +0 -26
- data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
- data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
- data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
- data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
- data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/script/rails +0 -6
- data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -175
- data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
- data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
- data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongoid/.gitignore +0 -4
- data/spec/rails3_mongoid/.rspec +0 -1
- data/spec/rails3_mongoid/Gemfile +0 -15
- data/spec/rails3_mongoid/Gemfile.lock +0 -146
- data/spec/rails3_mongoid/Rakefile +0 -11
- data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
- data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongoid/config/application.rb +0 -51
- data/spec/rails3_mongoid/config/boot.rb +0 -13
- data/spec/rails3_mongoid/config/environment.rb +0 -5
- data/spec/rails3_mongoid/config/environments/development.rb +0 -26
- data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongoid/config/environments/production.rb +0 -49
- data/spec/rails3_mongoid/config/environments/test.rb +0 -35
- data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongoid/config/locales/en.yml +0 -5
- data/spec/rails3_mongoid/config/mongoid.yml +0 -7
- data/spec/rails3_mongoid/config/routes.rb +0 -59
- data/spec/rails3_mongoid/config.ru +0 -4
- data/spec/rails3_mongoid/db/schema.rb +0 -23
- data/spec/rails3_mongoid/db/seeds.rb +0 -7
- data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongoid/public/404.html +0 -26
- data/spec/rails3_mongoid/public/422.html +0 -26
- data/spec/rails3_mongoid/public/500.html +0 -26
- data/spec/rails3_mongoid/public/favicon.ico +0 -0
- data/spec/rails3_mongoid/public/images/rails.png +0 -0
- data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
- data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongoid/public/robots.txt +0 -5
- data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongoid/script/rails +0 -6
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -111
- data/spec/rails3_mongoid/spec/controller_spec.rb +0 -186
- data/spec/rails3_mongoid/spec/spec.opts +0 -2
- data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
- data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
- data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
- /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
- /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
- /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
- /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
- /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
- /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
module Sorcery
|
|
2
|
+
module Adapters
|
|
3
|
+
class MongoidAdapter < BaseAdapter
|
|
4
|
+
def increment(attr)
|
|
5
|
+
mongoid_4? ? @model.inc(attr => 1) : @model.inc(attr, 1)
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def update_attributes(attrs)
|
|
9
|
+
attrs.each do |name, value|
|
|
10
|
+
attrs[name] = value.utc if value.is_a?(ActiveSupport::TimeWithZone)
|
|
11
|
+
@model.send(:"#{name}=", value)
|
|
12
|
+
end
|
|
13
|
+
@model.class.where(:_id => @model.id).update_all(attrs)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def update_attribute(name, value)
|
|
17
|
+
update_attributes(name => value)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def save(options = {})
|
|
21
|
+
mthd = options.delete(:raise_on_failure) ? :save! : :save
|
|
22
|
+
@model.send(mthd, options)
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def mongoid_4?
|
|
26
|
+
Gem::Version.new(::Mongoid::VERSION) >= Gem::Version.new("4.0.0.alpha")
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
class << self
|
|
30
|
+
|
|
31
|
+
def define_field(name, type, options={})
|
|
32
|
+
@klass.field name, options.slice(:default).merge(type: type)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def define_callback(time, event, method_name, options={})
|
|
36
|
+
@klass.send "#{time}_#{event}", method_name, options.slice(:if)
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def credential_regex(credential)
|
|
40
|
+
return { :$regex => /^#{Regexp.escape(credential)}$/i } if (@klass.sorcery_config.downcase_username_before_authenticating)
|
|
41
|
+
credential
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def find_by_credentials(credentials)
|
|
45
|
+
@klass.sorcery_config.username_attribute_names.each do |attribute|
|
|
46
|
+
@user = @klass.where(attribute => credential_regex(credentials[0])).first
|
|
47
|
+
break if @user
|
|
48
|
+
end
|
|
49
|
+
@user
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def find_by_oauth_credentials(provider, uid)
|
|
53
|
+
@user_config ||= ::Sorcery::Controller::Config.user_class.to_s.constantize.sorcery_config
|
|
54
|
+
@klass.where(@user_config.provider_attribute_name => provider, @user_config.provider_uid_attribute_name => uid).first
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def find_by_activation_token(token)
|
|
58
|
+
@klass.where(@klass.sorcery_config.activation_token_attribute_name => token).first
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def find_by_remember_me_token(token)
|
|
62
|
+
@klass.where(@klass.sorcery_config.remember_me_token_attribute_name => token).first
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def transaction(&blk)
|
|
66
|
+
tap(&blk)
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def find_by_id(id)
|
|
70
|
+
@klass.find(id)
|
|
71
|
+
rescue ::Mongoid::Errors::DocumentNotFound
|
|
72
|
+
nil
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def find_by_username(username)
|
|
76
|
+
query = @klass.sorcery_config.username_attribute_names.map {|name| {name => username}}
|
|
77
|
+
@klass.any_of(*query).first
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def find_by_token(token_attr_name, token)
|
|
81
|
+
@klass.where(token_attr_name => token).first
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def find_by_email(email)
|
|
85
|
+
@klass.where(@klass.sorcery_config.email_attribute_name => email).first
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def get_current_users
|
|
89
|
+
config = @klass.sorcery_config
|
|
90
|
+
@klass.where(config.last_activity_at_attribute_name.ne => nil) \
|
|
91
|
+
.where("this.#{config.last_logout_at_attribute_name} == null || this.#{config.last_activity_at_attribute_name} > this.#{config.last_logout_at_attribute_name}") \
|
|
92
|
+
.where(config.last_activity_at_attribute_name.gt => config.activity_timeout.seconds.ago.utc).order_by([:_id,:asc])
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
end
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
module Sorcery
|
|
2
|
+
module Controller
|
|
3
|
+
module Config
|
|
4
|
+
class << self
|
|
5
|
+
attr_accessor :submodules,
|
|
6
|
+
:user_class, # what class to use as the user class.
|
|
7
|
+
:not_authenticated_action, # what controller action to call for non-authenticated users.
|
|
8
|
+
|
|
9
|
+
:save_return_to_url, # when a non logged in user tries to enter a page that requires
|
|
10
|
+
# login, save the URL he wanted to reach,
|
|
11
|
+
# and send him there after login.
|
|
12
|
+
|
|
13
|
+
:cookie_domain, # set domain option for cookies
|
|
14
|
+
|
|
15
|
+
:login_sources,
|
|
16
|
+
:after_login,
|
|
17
|
+
:after_failed_login,
|
|
18
|
+
:before_logout,
|
|
19
|
+
:after_logout
|
|
20
|
+
|
|
21
|
+
def init!
|
|
22
|
+
@defaults = {
|
|
23
|
+
:@user_class => nil,
|
|
24
|
+
:@submodules => [],
|
|
25
|
+
:@not_authenticated_action => :not_authenticated,
|
|
26
|
+
:@login_sources => [],
|
|
27
|
+
:@after_login => [],
|
|
28
|
+
:@after_failed_login => [],
|
|
29
|
+
:@before_logout => [],
|
|
30
|
+
:@after_logout => [],
|
|
31
|
+
:@save_return_to_url => true,
|
|
32
|
+
:@cookie_domain => nil
|
|
33
|
+
}
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
# Resets all configuration options to their default values.
|
|
37
|
+
def reset!
|
|
38
|
+
@defaults.each do |k,v|
|
|
39
|
+
instance_variable_set(k,v)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def update!
|
|
44
|
+
@defaults.each do |k,v|
|
|
45
|
+
instance_variable_set(k,v) if !instance_variable_defined?(k)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def user_config(&blk)
|
|
50
|
+
block_given? ? @user_config = blk : @user_config
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def configure(&blk)
|
|
54
|
+
@configure_blk = blk
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def configure!
|
|
58
|
+
@configure_blk.call(self) if @configure_blk
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
init!
|
|
62
|
+
reset!
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
end
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
module Sorcery
|
|
2
2
|
module Controller
|
|
3
3
|
module Submodules
|
|
4
|
-
# This submodule keeps track of events such as login, logout,
|
|
4
|
+
# This submodule keeps track of events such as login, logout,
|
|
5
5
|
# and last activity time, per user.
|
|
6
6
|
# It helps in estimating which users are active now in the site.
|
|
7
|
-
# This cannot be determined absolutely because a user might be
|
|
7
|
+
# This cannot be determined absolutely because a user might be
|
|
8
8
|
# reading a page without clicking anything for a while.
|
|
9
|
-
# This is the controller part of the submodule, which adds hooks
|
|
10
|
-
# to register user events,
|
|
9
|
+
# This is the controller part of the submodule, which adds hooks
|
|
10
|
+
# to register user events,
|
|
11
11
|
# and methods to collect active users data for use in the app.
|
|
12
12
|
# see Socery::Model::Submodules::ActivityLogging for configuration
|
|
13
13
|
# options.
|
|
@@ -20,7 +20,7 @@ module Sorcery
|
|
|
20
20
|
attr_accessor :register_logout_time
|
|
21
21
|
attr_accessor :register_last_activity_time
|
|
22
22
|
attr_accessor :register_last_ip_address
|
|
23
|
-
|
|
23
|
+
|
|
24
24
|
def merge_activity_logging_defaults!
|
|
25
25
|
@defaults.merge!(:@register_login_time => true,
|
|
26
26
|
:@register_logout_time => true,
|
|
@@ -36,49 +36,44 @@ module Sorcery
|
|
|
36
36
|
Config.before_logout << :register_logout_time_to_db
|
|
37
37
|
base.after_filter :register_last_activity_time_to_db
|
|
38
38
|
end
|
|
39
|
-
|
|
39
|
+
|
|
40
40
|
module InstanceMethods
|
|
41
41
|
# Returns an array of the active users.
|
|
42
42
|
def current_users
|
|
43
|
+
ActiveSupport::Deprecation.warn("Sorcery: `current_users` method is deprecated. Read more on Github: https://github.com/NoamB/sorcery/issues/602")
|
|
44
|
+
|
|
43
45
|
user_class.current_users
|
|
44
|
-
# A possible patch here:
|
|
45
|
-
# we'll add the current_user to the users list if he's not in it
|
|
46
|
-
# (can happen when he was inactive for more than activity timeout):
|
|
47
|
-
#
|
|
48
|
-
# users.unshift!(current_user) if logged_in? && users.find {|u| u.id == current_user.id}.nil?
|
|
49
|
-
#
|
|
50
|
-
# disadvantages: can hurt performance.
|
|
51
46
|
end
|
|
52
|
-
|
|
47
|
+
|
|
53
48
|
protected
|
|
54
|
-
|
|
49
|
+
|
|
55
50
|
# registers last login time on every login.
|
|
56
51
|
# This runs as a hook just after a successful login.
|
|
57
52
|
def register_login_time_to_db(user, credentials)
|
|
58
53
|
return unless Config.register_login_time
|
|
59
|
-
user.
|
|
54
|
+
user.set_last_login_at(Time.now.in_time_zone)
|
|
60
55
|
end
|
|
61
|
-
|
|
56
|
+
|
|
62
57
|
# registers last logout time on every logout.
|
|
63
58
|
# This runs as a hook just before a logout.
|
|
64
59
|
def register_logout_time_to_db(user)
|
|
65
60
|
return unless Config.register_logout_time
|
|
66
|
-
user.
|
|
61
|
+
user.set_last_logout_at(Time.now.in_time_zone)
|
|
67
62
|
end
|
|
68
|
-
|
|
63
|
+
|
|
69
64
|
# Updates last activity time on every request.
|
|
70
65
|
# The only exception is logout - we do not update activity on logout
|
|
71
66
|
def register_last_activity_time_to_db
|
|
72
67
|
return unless Config.register_last_activity_time
|
|
73
68
|
return unless logged_in?
|
|
74
|
-
current_user.
|
|
69
|
+
current_user.set_last_activity_at(Time.now.in_time_zone)
|
|
75
70
|
end
|
|
76
71
|
|
|
77
72
|
# Updates IP address on every login.
|
|
78
73
|
# This runs as a hook just after a successful login.
|
|
79
74
|
def register_last_ip_address(user, credentials)
|
|
80
75
|
return unless Config.register_last_ip_address
|
|
81
|
-
current_user.
|
|
76
|
+
current_user.set_last_ip_addess(request.remote_ip)
|
|
82
77
|
end
|
|
83
78
|
end
|
|
84
79
|
end
|
|
@@ -14,22 +14,22 @@ module Sorcery
|
|
|
14
14
|
Config.after_login << :reset_failed_logins_count!
|
|
15
15
|
Config.after_failed_login << :update_failed_logins_count!
|
|
16
16
|
end
|
|
17
|
-
|
|
17
|
+
|
|
18
18
|
module InstanceMethods
|
|
19
|
-
|
|
19
|
+
|
|
20
20
|
protected
|
|
21
|
-
|
|
21
|
+
|
|
22
22
|
# Increments the failed logins counter on every failed login.
|
|
23
23
|
# Runs as a hook after a failed login.
|
|
24
24
|
def update_failed_logins_count!(credentials)
|
|
25
|
-
user = user_class.find_by_credentials(credentials)
|
|
25
|
+
user = user_class.sorcery_adapter.find_by_credentials(credentials)
|
|
26
26
|
user.register_failed_login! if user
|
|
27
27
|
end
|
|
28
|
-
|
|
28
|
+
|
|
29
29
|
# Resets the failed logins counter.
|
|
30
30
|
# Runs as a hook after a successful login.
|
|
31
31
|
def reset_failed_logins_count!(user, credentials)
|
|
32
|
-
user.
|
|
32
|
+
user.sorcery_adapter.update_attribute(user_class.sorcery_config.failed_logins_count_attribute_name, 0)
|
|
33
33
|
end
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -6,21 +6,41 @@ module Sorcery
|
|
|
6
6
|
module External
|
|
7
7
|
def self.included(base)
|
|
8
8
|
base.send(:include, InstanceMethods)
|
|
9
|
+
|
|
10
|
+
require 'sorcery/providers/base'
|
|
11
|
+
require 'sorcery/providers/facebook'
|
|
12
|
+
require 'sorcery/providers/twitter'
|
|
13
|
+
require 'sorcery/providers/vk'
|
|
14
|
+
require 'sorcery/providers/linkedin'
|
|
15
|
+
require 'sorcery/providers/liveid'
|
|
16
|
+
require 'sorcery/providers/xing'
|
|
17
|
+
require 'sorcery/providers/github'
|
|
18
|
+
require 'sorcery/providers/heroku'
|
|
19
|
+
require 'sorcery/providers/google'
|
|
20
|
+
require 'sorcery/providers/jira'
|
|
21
|
+
require 'sorcery/providers/salesforce'
|
|
22
|
+
|
|
9
23
|
Config.module_eval do
|
|
10
24
|
class << self
|
|
11
|
-
attr_reader :external_providers
|
|
12
|
-
attr_accessor :ca_file
|
|
13
|
-
|
|
14
|
-
def merge_external_defaults!
|
|
15
|
-
@defaults.merge!(:@external_providers => [],
|
|
16
|
-
:@ca_file => File.join(File.expand_path(File.dirname(__FILE__)), 'external/protocols/certs/ca-bundle.crt'))
|
|
17
|
-
end
|
|
25
|
+
attr_reader :external_providers
|
|
26
|
+
attr_accessor :ca_file
|
|
18
27
|
|
|
19
28
|
def external_providers=(providers)
|
|
20
|
-
|
|
21
|
-
|
|
29
|
+
@external_providers = providers
|
|
30
|
+
|
|
31
|
+
providers.each do |name|
|
|
32
|
+
class_eval <<-E
|
|
33
|
+
def self.#{name}
|
|
34
|
+
@#{name} ||= Sorcery::Providers.const_get('#{name}'.to_s.capitalize).new
|
|
35
|
+
end
|
|
36
|
+
E
|
|
22
37
|
end
|
|
23
38
|
end
|
|
39
|
+
|
|
40
|
+
def merge_external_defaults!
|
|
41
|
+
@defaults.merge!(:@external_providers => [],
|
|
42
|
+
:@ca_file => File.join(File.expand_path(File.dirname(__FILE__)), '../../protocols/certs/ca-bundle.crt'))
|
|
43
|
+
end
|
|
24
44
|
end
|
|
25
45
|
merge_external_defaults!
|
|
26
46
|
end
|
|
@@ -31,15 +51,17 @@ module Sorcery
|
|
|
31
51
|
|
|
32
52
|
# save the singleton ProviderClient instance into @provider
|
|
33
53
|
def sorcery_get_provider(provider_name)
|
|
54
|
+
return unless Config.external_providers.include?(provider_name.to_sym)
|
|
34
55
|
Config.send(provider_name.to_sym)
|
|
35
56
|
end
|
|
36
57
|
|
|
37
58
|
# get the login URL from the provider, if applicable. Returns nil if the provider
|
|
38
59
|
# does not provide a login URL. (as of v0.8.1 all providers provide a login URL)
|
|
39
|
-
def sorcery_login_url(provider_name)
|
|
60
|
+
def sorcery_login_url(provider_name, args = {})
|
|
40
61
|
@provider = sorcery_get_provider provider_name
|
|
41
62
|
sorcery_fixup_callback_url @provider
|
|
42
63
|
if @provider.respond_to?(:login_url) && @provider.has_callback?
|
|
64
|
+
@provider.state = args[:state] if args[:state]
|
|
43
65
|
return @provider.login_url(params, session)
|
|
44
66
|
else
|
|
45
67
|
return nil
|
|
@@ -86,22 +108,22 @@ module Sorcery
|
|
|
86
108
|
# sends user to authenticate at the provider's website.
|
|
87
109
|
# after authentication the user is redirected to the callback defined in the provider config
|
|
88
110
|
def login_at(provider_name, args = {})
|
|
89
|
-
redirect_to sorcery_login_url(provider_name)
|
|
111
|
+
redirect_to sorcery_login_url(provider_name, args)
|
|
90
112
|
end
|
|
91
113
|
|
|
92
114
|
# tries to login the user from provider's callback
|
|
93
|
-
def login_from(provider_name)
|
|
115
|
+
def login_from(provider_name, should_remember = false)
|
|
94
116
|
sorcery_fetch_user_hash provider_name
|
|
95
|
-
|
|
117
|
+
|
|
96
118
|
if user = user_class.load_from_provider(provider_name, @user_hash[:uid].to_s)
|
|
97
119
|
# we found the user.
|
|
98
120
|
# clear the session
|
|
99
121
|
return_to_url = session[:return_to_url]
|
|
100
|
-
|
|
122
|
+
reset_sorcery_session
|
|
101
123
|
session[:return_to_url] = return_to_url
|
|
102
124
|
|
|
103
125
|
# sign in the user
|
|
104
|
-
auto_login(user)
|
|
126
|
+
auto_login(user, should_remember)
|
|
105
127
|
after_login!(user)
|
|
106
128
|
|
|
107
129
|
# return the user
|
|
@@ -114,15 +136,7 @@ module Sorcery
|
|
|
114
136
|
sorcery_fetch_user_hash provider_name
|
|
115
137
|
config = user_class.sorcery_config
|
|
116
138
|
|
|
117
|
-
|
|
118
|
-
unless (current_user.send(config.authentications_class.to_s.downcase.pluralize).send("find_by_#{config.provider_attribute_name}_and_#{config.provider_uid_attribute_name}", provider_name, @user_hash[:uid].to_s))
|
|
119
|
-
user = current_user.send(config.authentications_class.to_s.downcase.pluralize).build(config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name.to_s)
|
|
120
|
-
user.save(:validate => false)
|
|
121
|
-
else
|
|
122
|
-
user = false
|
|
123
|
-
end
|
|
124
|
-
|
|
125
|
-
return user
|
|
139
|
+
current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s)
|
|
126
140
|
end
|
|
127
141
|
|
|
128
142
|
# Initialize new user from provider informations.
|
|
@@ -134,13 +148,12 @@ module Sorcery
|
|
|
134
148
|
|
|
135
149
|
attrs = user_attrs(@provider.user_info_mapping, @user_hash)
|
|
136
150
|
|
|
137
|
-
user = user_class.
|
|
138
|
-
user.send(config.authentications_class.to_s.downcase.pluralize).build(config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name)
|
|
151
|
+
user, saved = user_class.create_and_validate_from_provider(provider_name, @user_hash[:uid], attrs)
|
|
139
152
|
|
|
140
153
|
session[:incomplete_user] = {
|
|
141
154
|
:provider => {config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name},
|
|
142
155
|
:user_hash => attrs
|
|
143
|
-
} unless
|
|
156
|
+
} unless saved
|
|
144
157
|
|
|
145
158
|
return user
|
|
146
159
|
end
|
|
@@ -161,26 +174,12 @@ module Sorcery
|
|
|
161
174
|
#
|
|
162
175
|
# create_from(provider) {|user| user.some_check }
|
|
163
176
|
#
|
|
164
|
-
def create_from(provider_name)
|
|
177
|
+
def create_from(provider_name, &block)
|
|
165
178
|
sorcery_fetch_user_hash provider_name
|
|
166
179
|
config = user_class.sorcery_config
|
|
167
180
|
|
|
168
181
|
attrs = user_attrs(@provider.user_info_mapping, @user_hash)
|
|
169
|
-
|
|
170
|
-
user_class.transaction do
|
|
171
|
-
@user = user_class.new()
|
|
172
|
-
attrs.each do |k,v|
|
|
173
|
-
@user.send(:"#{k}=", v)
|
|
174
|
-
end
|
|
175
|
-
|
|
176
|
-
if block_given?
|
|
177
|
-
return false unless yield @user
|
|
178
|
-
end
|
|
179
|
-
|
|
180
|
-
@user.save(:validate => false)
|
|
181
|
-
user_class.sorcery_config.authentications_class.create!({config.authentications_user_id_attribute_name => @user.id, config.provider_attribute_name => provider_name, config.provider_uid_attribute_name => @user_hash[:uid]})
|
|
182
|
-
end
|
|
183
|
-
@user
|
|
182
|
+
@user = user_class.create_from_provider(provider_name, @user_hash[:uid], attrs, &block)
|
|
184
183
|
end
|
|
185
184
|
|
|
186
185
|
def user_attrs(user_info_mapping, user_hash)
|
|
@@ -31,14 +31,14 @@ module Sorcery
|
|
|
31
31
|
|
|
32
32
|
# Clears the cookie and clears the token from the db.
|
|
33
33
|
def forget_me!
|
|
34
|
-
|
|
34
|
+
current_user.forget_me!
|
|
35
35
|
cookies.delete(:remember_me_token, :domain => Config.cookie_domain)
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
# Override.
|
|
39
39
|
# logins a user instance, and optionally remembers him.
|
|
40
40
|
def auto_login(user, should_remember = false)
|
|
41
|
-
session[:user_id] = user.id
|
|
41
|
+
session[:user_id] = user.id.to_s
|
|
42
42
|
@current_user = user
|
|
43
43
|
remember_me! if should_remember
|
|
44
44
|
end
|
|
@@ -55,10 +55,10 @@ module Sorcery
|
|
|
55
55
|
# and logs the user in if found.
|
|
56
56
|
# Runs as a login source. See 'current_user' method for how it is used.
|
|
57
57
|
def login_from_cookie
|
|
58
|
-
user = cookies.signed[:remember_me_token] && user_class.find_by_remember_me_token(cookies.signed[:remember_me_token])
|
|
59
|
-
if user && user.
|
|
58
|
+
user = cookies.signed[:remember_me_token] && user_class.sorcery_adapter.find_by_remember_me_token(cookies.signed[:remember_me_token])
|
|
59
|
+
if user && user.has_remember_me_token?
|
|
60
60
|
set_remember_me_cookie!(user)
|
|
61
|
-
session[:user_id] = user.id
|
|
61
|
+
session[:user_id] = user.id.to_s
|
|
62
62
|
@current_user = user
|
|
63
63
|
else
|
|
64
64
|
@current_user = false
|
|
@@ -9,10 +9,10 @@ module Sorcery
|
|
|
9
9
|
Config.module_eval do
|
|
10
10
|
class << self
|
|
11
11
|
attr_accessor :session_timeout, # how long in seconds to keep the session alive.
|
|
12
|
-
|
|
12
|
+
|
|
13
13
|
:session_timeout_from_last_action # use the last action as the beginning of session
|
|
14
14
|
# timeout.
|
|
15
|
-
|
|
15
|
+
|
|
16
16
|
def merge_session_timeout_defaults!
|
|
17
17
|
@defaults.merge!(:@session_timeout => 3600, # 1.hour
|
|
18
18
|
:@session_timeout_from_last_action => false)
|
|
@@ -23,28 +23,32 @@ module Sorcery
|
|
|
23
23
|
Config.after_login << :register_login_time
|
|
24
24
|
base.prepend_before_filter :validate_session
|
|
25
25
|
end
|
|
26
|
-
|
|
26
|
+
|
|
27
27
|
module InstanceMethods
|
|
28
28
|
protected
|
|
29
|
-
|
|
29
|
+
|
|
30
30
|
# Registers last login to be used as the timeout starting point.
|
|
31
31
|
# Runs as a hook after a successful login.
|
|
32
32
|
def register_login_time(user, credentials)
|
|
33
33
|
session[:login_time] = session[:last_action_time] = Time.now.in_time_zone
|
|
34
34
|
end
|
|
35
|
-
|
|
35
|
+
|
|
36
36
|
# Checks if session timeout was reached and expires the current session if so.
|
|
37
37
|
# To be used as a before_filter, before require_login
|
|
38
38
|
def validate_session
|
|
39
39
|
session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time]
|
|
40
|
-
if session_to_use && (
|
|
41
|
-
|
|
40
|
+
if session_to_use && sorcery_session_expired?(session_to_use.to_time)
|
|
41
|
+
reset_sorcery_session
|
|
42
42
|
@current_user = nil
|
|
43
43
|
else
|
|
44
44
|
session[:last_action_time] = Time.now.in_time_zone
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
|
|
48
|
+
def sorcery_session_expired?(time)
|
|
49
|
+
Time.now.in_time_zone - time > Config.session_timeout
|
|
50
|
+
end
|
|
51
|
+
|
|
48
52
|
end
|
|
49
53
|
end
|
|
50
54
|
end
|
data/lib/sorcery/controller.rb
CHANGED
|
@@ -5,7 +5,7 @@ module Sorcery
|
|
|
5
5
|
include InstanceMethods
|
|
6
6
|
Config.submodules.each do |mod|
|
|
7
7
|
begin
|
|
8
|
-
include Submodules.const_get(mod.to_s.split(
|
|
8
|
+
include Submodules.const_get(mod.to_s.split('_').map { |p| p.capitalize }.join)
|
|
9
9
|
rescue NameError
|
|
10
10
|
# don't stop on a missing submodule.
|
|
11
11
|
end
|
|
@@ -33,7 +33,7 @@ module Sorcery
|
|
|
33
33
|
user = user_class.authenticate(*credentials)
|
|
34
34
|
if user
|
|
35
35
|
old_session = session.dup.to_hash
|
|
36
|
-
|
|
36
|
+
reset_sorcery_session
|
|
37
37
|
old_session.each_pair do |k,v|
|
|
38
38
|
session[k.to_sym] = v
|
|
39
39
|
end
|
|
@@ -48,12 +48,20 @@ module Sorcery
|
|
|
48
48
|
end
|
|
49
49
|
end
|
|
50
50
|
|
|
51
|
+
# put this into the catch block to rescue undefined method `destroy_session'
|
|
52
|
+
# hotfix for https://github.com/NoamB/sorcery/issues/464
|
|
53
|
+
# can be removed when Rails 4.1 is out
|
|
54
|
+
def reset_sorcery_session
|
|
55
|
+
reset_session # protect from session fixation attacks
|
|
56
|
+
rescue NoMethodError
|
|
57
|
+
end
|
|
58
|
+
|
|
51
59
|
# Resets the session and runs hooks before and after.
|
|
52
60
|
def logout
|
|
53
61
|
if logged_in?
|
|
54
62
|
@current_user = current_user if @current_user.nil?
|
|
55
63
|
before_logout!(@current_user)
|
|
56
|
-
|
|
64
|
+
reset_sorcery_session
|
|
57
65
|
after_logout!
|
|
58
66
|
@current_user = nil
|
|
59
67
|
end
|
|
@@ -64,9 +72,12 @@ module Sorcery
|
|
|
64
72
|
end
|
|
65
73
|
|
|
66
74
|
# attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.)
|
|
67
|
-
# returns the logged in user if found,
|
|
75
|
+
# returns the logged in user if found, nil if not
|
|
68
76
|
def current_user
|
|
69
|
-
|
|
77
|
+
unless defined?(@current_user)
|
|
78
|
+
@current_user = login_from_session || login_from_other_sources || nil
|
|
79
|
+
end
|
|
80
|
+
@current_user
|
|
70
81
|
end
|
|
71
82
|
|
|
72
83
|
def current_user=(user)
|
|
@@ -91,8 +102,8 @@ module Sorcery
|
|
|
91
102
|
#
|
|
92
103
|
# @param [<User-Model>] user the user instance.
|
|
93
104
|
# @return - do not depend on the return value.
|
|
94
|
-
def auto_login(user)
|
|
95
|
-
session[:user_id] = user.id
|
|
105
|
+
def auto_login(user, should_remember = false)
|
|
106
|
+
session[:user_id] = user.id.to_s
|
|
96
107
|
@current_user = user
|
|
97
108
|
end
|
|
98
109
|
|
|
@@ -115,11 +126,9 @@ module Sorcery
|
|
|
115
126
|
end
|
|
116
127
|
|
|
117
128
|
def login_from_session
|
|
118
|
-
@current_user =
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
return false if defined?(ActiveRecord) and exception.is_a?(ActiveRecord::RecordNotFound)
|
|
122
|
-
raise exception
|
|
129
|
+
@current_user = if session[:user_id]
|
|
130
|
+
user_class.sorcery_adapter.find_by_id(session[:user_id])
|
|
131
|
+
end
|
|
123
132
|
end
|
|
124
133
|
|
|
125
134
|
def after_login!(user, credentials = [])
|
|
@@ -144,66 +153,5 @@ module Sorcery
|
|
|
144
153
|
|
|
145
154
|
end
|
|
146
155
|
|
|
147
|
-
|
|
148
|
-
class << self
|
|
149
|
-
attr_accessor :submodules,
|
|
150
|
-
:user_class, # what class to use as the user class.
|
|
151
|
-
:not_authenticated_action, # what controller action to call for non-authenticated users.
|
|
152
|
-
|
|
153
|
-
:save_return_to_url, # when a non logged in user tries to enter a page that requires
|
|
154
|
-
# login, save the URL he wanted to reach,
|
|
155
|
-
# and send him there after login.
|
|
156
|
-
|
|
157
|
-
:cookie_domain, # set domain option for cookies
|
|
158
|
-
|
|
159
|
-
:login_sources,
|
|
160
|
-
:after_login,
|
|
161
|
-
:after_failed_login,
|
|
162
|
-
:before_logout,
|
|
163
|
-
:after_logout
|
|
164
|
-
|
|
165
|
-
def init!
|
|
166
|
-
@defaults = {
|
|
167
|
-
:@user_class => nil,
|
|
168
|
-
:@submodules => [],
|
|
169
|
-
:@not_authenticated_action => :not_authenticated,
|
|
170
|
-
:@login_sources => [],
|
|
171
|
-
:@after_login => [],
|
|
172
|
-
:@after_failed_login => [],
|
|
173
|
-
:@before_logout => [],
|
|
174
|
-
:@after_logout => [],
|
|
175
|
-
:@save_return_to_url => true,
|
|
176
|
-
:@cookie_domain => nil
|
|
177
|
-
}
|
|
178
|
-
end
|
|
179
|
-
|
|
180
|
-
# Resets all configuration options to their default values.
|
|
181
|
-
def reset!
|
|
182
|
-
@defaults.each do |k,v|
|
|
183
|
-
instance_variable_set(k,v)
|
|
184
|
-
end
|
|
185
|
-
end
|
|
186
|
-
|
|
187
|
-
def update!
|
|
188
|
-
@defaults.each do |k,v|
|
|
189
|
-
instance_variable_set(k,v) if !instance_variable_defined?(k)
|
|
190
|
-
end
|
|
191
|
-
end
|
|
192
|
-
|
|
193
|
-
def user_config(&blk)
|
|
194
|
-
block_given? ? @user_config = blk : @user_config
|
|
195
|
-
end
|
|
196
|
-
|
|
197
|
-
def configure(&blk)
|
|
198
|
-
@configure_blk = blk
|
|
199
|
-
end
|
|
200
|
-
|
|
201
|
-
def configure!
|
|
202
|
-
@configure_blk.call(self) if @configure_blk
|
|
203
|
-
end
|
|
204
|
-
end
|
|
205
|
-
init!
|
|
206
|
-
reset!
|
|
207
|
-
end
|
|
208
|
-
end
|
|
156
|
+
end
|
|
209
157
|
end
|