sorcery 0.8.5 → 0.8.6

data/lib/sorcery/controller/submodules/session_timeout.rb

@@ -37,7 +37,7 @@ module Sorcery
           # To be used as a before_filter, before require_login
           def validate_session
             session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time]
-            if session_to_use && (Time.now.in_time_zone - session_to_use > Config.session_timeout)
+            if session_to_use && (Time.now.in_time_zone - session_to_use.to_time > Config.session_timeout)
               reset_sorcery_session
               @current_user = nil
             else

data/lib/sorcery/model.rb

@@ -7,86 +7,114 @@ module Sorcery
   # which when called adds the other capabilities to the class.
   # This method is also the place to configure the plugin in the Model layer.
   module Model
-    def self.included(klass)
-      klass.class_eval do
-        class << self
-          def authenticates_with_sorcery!
-            @sorcery_config = Config.new
-            self.class_eval do
-              extend ClassMethods # included here, before submodules, so they can be overriden by them.
-              include InstanceMethods
-              include TemporaryToken
-            end
+    def authenticates_with_sorcery!
+      @sorcery_config = Config.new
 
-            include_required_submodules!
+      extend ClassMethods # included here, before submodules, so they can be overriden by them.
+      include InstanceMethods
+      include TemporaryToken
 
-            # This runs the options block set in the initializer on the model class.
-            ::Sorcery::Controller::Config.user_config.tap{|blk| blk.call(@sorcery_config) if blk}
+      include_required_submodules!
 
-            init_mongoid_support! if defined?(Mongoid) and self.ancestors.include?(Mongoid::Document)
-            init_mongo_mapper_support! if defined?(MongoMapper) and self.ancestors.include?(MongoMapper::Document)
+      # This runs the options block set in the initializer on the model class.
+      ::Sorcery::Controller::Config.user_config.tap{|blk| blk.call(@sorcery_config) if blk}
 
-            init_orm_hooks!
+      init_mongoid_support! if defined?(Mongoid) and self.ancestors.include?(Mongoid::Document)
+      init_mongo_mapper_support! if defined?(MongoMapper) and self.ancestors.include?(MongoMapper::Document)
+      init_datamapper_support! if defined?(DataMapper) and self.ancestors.include?(DataMapper::Resource)
 
-            @sorcery_config.after_config << :add_config_inheritance if @sorcery_config.subclasses_inherit_config
-            @sorcery_config.after_config.each { |c| send(c) }
-          end
+      init_orm_hooks!
 
-          protected
-
-          # includes required submodules into the model class,
-          # which usually is called User.
-          def include_required_submodules!
-            self.class_eval do
-              @sorcery_config.submodules = ::Sorcery::Controller::Config.submodules
-              @sorcery_config.submodules.each do |mod|
-                begin
-                  include Submodules.const_get(mod.to_s.split("_").map {|p| p.capitalize}.join(""))
-                rescue NameError
-                  # don't stop on a missing submodule. Needed because some submodules are only defined
-                  # in the controller side.
-                end
-              end
-            end
-          end
+      @sorcery_config.after_config << :add_config_inheritance if @sorcery_config.subclasses_inherit_config
+      @sorcery_config.after_config.each { |c| send(c) }
+    end
 
-          # defines mongoid fields on the model class,
-          # using 1.8.x hash syntax to perserve compatibility.
-          def init_mongoid_support!
-            self.class_eval do
-              sorcery_config.username_attribute_names.each do |username|
-                field username,         :type => String
-              end
-              field sorcery_config.email_attribute_name,            :type => String unless sorcery_config.username_attribute_names.include?(sorcery_config.email_attribute_name)
-              field sorcery_config.crypted_password_attribute_name, :type => String
-              field sorcery_config.salt_attribute_name,             :type => String
-            end
+    protected
+
+    # includes required submodules into the model class,
+    # which usually is called User.
+    def include_required_submodules!
+      self.class_eval do
+        @sorcery_config.submodules = ::Sorcery::Controller::Config.submodules
+        @sorcery_config.submodules.each do |mod|
+          begin
+            include Submodules.const_get(mod.to_s.split('_').map {|p| p.capitalize}.join)
+          rescue NameError
+            # don't stop on a missing submodule. Needed because some submodules are only defined
+            # in the controller side.
           end
+        end
+      end
+    end
 
-          # defines mongo_mapper fields on the model class,
-          def init_mongo_mapper_support!
-            self.class_eval do
-              sorcery_config.username_attribute_names.each do |username|
-                key username, String
-              end
-              key sorcery_config.email_attribute_name, String unless sorcery_config.username_attribute_names.include?(sorcery_config.email_attribute_name)
-              key sorcery_config.crypted_password_attribute_name, String
-              key sorcery_config.salt_attribute_name, String
-            end
-          end
+    # defines mongoid fields on the model class,
+    # using 1.8.x hash syntax to perserve compatibility.
+    def init_mongoid_support!
+      self.class_eval do
+        sorcery_config.username_attribute_names.each do |username|
+          field username,         :type => String
+        end
+        field sorcery_config.email_attribute_name,            :type => String unless sorcery_config.username_attribute_names.include?(sorcery_config.email_attribute_name)
+        field sorcery_config.crypted_password_attribute_name, :type => String
+        field sorcery_config.salt_attribute_name,             :type => String
+      end
+    end
 
-          # add virtual password accessor and ORM callbacks.
-          def init_orm_hooks!
-            self.class_eval do
-              attr_accessor @sorcery_config.password_attribute_name
-              #attr_protected @sorcery_config.crypted_password_attribute_name, @sorcery_config.salt_attribute_name
-              before_save :encrypt_password, :if => Proc.new { |record|
-                record.send(sorcery_config.password_attribute_name).present?
-              }
-              after_save :clear_virtual_password, :if => Proc.new { |record|
-                record.send(sorcery_config.password_attribute_name).present?
-              }
-            end
+    # defines mongo_mapper fields on the model class,
+    def init_mongo_mapper_support!
+      self.class_eval do
+        sorcery_config.username_attribute_names.each do |username|
+          key username, String
+        end
+        key sorcery_config.email_attribute_name, String unless sorcery_config.username_attribute_names.include?(sorcery_config.email_attribute_name)
+        key sorcery_config.crypted_password_attribute_name, String
+        key sorcery_config.salt_attribute_name, String
+      end
+    end
+
+    # defines datamapper fields on the model class
+    def init_datamapper_support!
+      self.class_eval do
+        sorcery_config.username_attribute_names.each do |username|
+          property username, String, :length => 255
+        end
+        unless sorcery_config.username_attribute_names.include?(sorcery_config.email_attribute_name)
+          property sorcery_config.email_attribute_name, String, :length => 255
+        end
+        property sorcery_config.crypted_password_attribute_name, String, :length => 255
+        property sorcery_config.salt_attribute_name, String, :length => 255
+      end
+    end
+
+    # add virtual password accessor and ORM callbacks.
+    def init_orm_hooks!
+      if defined?(DataMapper) and self.ancestors.include?(DataMapper::Resource)
+        init_datamapper_hooks!
+        return
+      end
+      self.class_eval do
+        attr_accessor @sorcery_config.password_attribute_name
+        #attr_protected @sorcery_config.crypted_password_attribute_name, @sorcery_config.salt_attribute_name
+        before_save :encrypt_password, :if => Proc.new { |record|
+          record.send(sorcery_config.password_attribute_name).present?
+        }
+        after_save :clear_virtual_password, :if => Proc.new { |record|
+          record.send(sorcery_config.password_attribute_name).present?
+        }
+      end
+    end
+
+    def init_datamapper_hooks!
+      self.class_eval do
+        attr_accessor @sorcery_config.password_attribute_name
+        before :valid? do
+          if self.send(sorcery_config.password_attribute_name).present?
+            encrypt_password
+          end
+        end
+        after :save do
+          if self.send(sorcery_config.password_attribute_name).present?
+            clear_virtual_password
           end
         end
       end
@@ -183,6 +211,10 @@ module Sorcery
       def clear_virtual_password
         config = sorcery_config
         self.send(:"#{config.password_attribute_name}=", nil)
+
+        if respond_to?(:"#{config.password_attribute_name}_confirmation=")
+          self.send(:"#{config.password_attribute_name}_confirmation=", nil)
+        end
       end
 
       # calls the requested email method on the configured mailer

data/lib/sorcery/model/adapters/active_record.rb

@@ -19,12 +19,17 @@ module Sorcery
           def update_single_attribute(name, value)
             update_many_attributes(name => value)
           end
+
+          def sorcery_save(options = {})
+            mthd = options.delete(:raise_on_failure) ? :save! : :save
+            self.send(mthd, options)
+          end
         end
         
         module ClassMethods
           def column_name(attribute)
             return "LOWER(#{attribute})" if (@sorcery_config.downcase_username_before_authenticating)
-            return "#{attribute}"
+            attribute.to_s
           end
 
           def find_by_credentials(credentials)
@@ -37,7 +42,7 @@ module Sorcery
           end
 
           def get_current_users
-            config = sorcery_config
+            config = @sorcery_config
             where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
             .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
             .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))

data/lib/sorcery/model/adapters/datamapper.rb

@@ -0,0 +1,123 @@
+module Sorcery
+  module Model
+    module Adapters
+      module DataMapper
+        def self.included(klass)
+          klass.extend ClassMethods
+          klass.send(:include, InstanceMethods)
+        end
+
+        module InstanceMethods
+          def increment(attr)
+            self[attr] ||= 0
+            self[attr] += 1
+            self
+          end
+
+          def update_many_attributes(attrs)
+            attrs.each do |name, value|
+              value = value.utc if value.is_a?(ActiveSupport::TimeWithZone)
+              self.send(:"#{name}=", value)
+            end
+            self.class.get(self.id).update(attrs)
+          end
+
+          def update_single_attribute(name, value)
+            update_many_attributes(name => value)
+          end
+
+          def sorcery_save(options = {})
+            if options.key?(:validate) && ! options[:validate]
+              save!
+            else
+              save
+            end
+          end
+        end
+
+        module ClassMethods
+          def find(id)
+            get(id)
+          end
+
+          def delete_all
+            destroy
+          end
+
+          # NOTE
+          # DM Adapter dependent
+          # DM creates MySQL tables case insensitive by default
+          # http://datamapper.lighthouseapp.com/projects/20609-datamapper/tickets/1105
+          def find_by_credentials(credentials)
+            credential = credentials[0].dup
+            credential.downcase! if @sorcery_config.downcase_username_before_authenticating
+            @sorcery_config.username_attribute_names.each do |name|
+              @user = first(name => credential)
+              break if @user
+            end
+            !!@user ? get(@user.id) : nil
+          end
+
+          def find_by_provider_and_uid(provider, uid)
+            @user_klass ||= ::Sorcery::Controller::Config.user_class.to_s.constantize
+            user = first(@user_klass.sorcery_config.provider_attribute_name => provider, @user_klass.sorcery_config.provider_uid_attribute_name => uid)
+            !!user ? get(user.id) : nil
+          end
+
+          def find_by_id(id)
+            find(id)
+          rescue ::DataMapper::ObjectNotFoundError
+            nil
+          end
+
+          def find_by_activation_token(token)
+            user = first(sorcery_config.activation_token_attribute_name => token)
+            !!user ? get(user.id) : nil
+          end
+
+          def find_by_remember_me_token(token)
+            user = first(sorcery_config.remember_me_token_attribute_name => token)
+            !!user ? get(user.id) : nil
+          end
+
+          def find_by_username(username)
+            user = nil
+            sorcery_config.username_attribute_names.each do |name|
+              user = first(name => username)
+              break if user
+            end
+            !!user ? get(user.id) : nil
+          end
+
+          def transaction(&blk)
+            tap(&blk)
+          end
+
+          def find_by_sorcery_token(token_attr_name, token)
+            user = first(token_attr_name => token)
+            !!user ? get(user.id) : nil
+          end
+
+          def find_by_email(email)
+            user = first(sorcery_config.email_attribute_name => email)
+            !!user ? get(user.id) : nil
+          end
+
+          # NOTE
+          # DM Adapter dependent
+          def get_current_users
+            unless self.repository.adapter.is_a?(::DataMapper::Adapters::MysqlAdapter)
+              raise 'Unsupported DataMapper Adapter'
+            end
+            config = sorcery_config
+            ret = all(config.last_logout_at_attribute_name => nil) |
+                  all(config.last_activity_at_attribute_name.gt => config.last_logout_at_attribute_name)
+            ret = ret.all(config.last_activity_at_attribute_name.not => nil)
+            ret = ret.all(config.last_activity_at_attribute_name.gt => config.activity_timeout.seconds.ago.utc)
+            ret
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sorcery/model/adapters/mongo_mapper.rb

@@ -5,15 +5,19 @@ module Sorcery
         extend ActiveSupport::Concern
 
         included do
-          include Sorcery::Model
+          extend Sorcery::Model
         end
 
         def increment(attr)
           self.class.increment(id, attr => 1)
         end
 
-        def save!(options = {})
-          save(options)
+        def sorcery_save(options = {})
+          if options.delete(:raise_on_failure) && options[:validate] != false
+            save! options
+          else
+            save options
+          end
         end
 
         def update_many_attributes(attrs)
@@ -22,7 +26,7 @@ module Sorcery
 
         module ClassMethods
           def credential_regex(credential)
-            return { :$regex =>  /^#{credential}$/i  }  if (@sorcery_config.downcase_username_before_authenticating)
+            return { :$regex =>  /^#{Regexp.escape(credential)}$/i  }  if (@sorcery_config.downcase_username_before_authenticating)
             return credential
           end
 

data/lib/sorcery/model/adapters/mongoid.rb

@@ -2,11 +2,6 @@ module Sorcery
   module Model
     module Adapters
       module Mongoid
-        def self.included(klass)
-          klass.extend ClassMethods
-          klass.send(:include, InstanceMethods)
-        end
-
         module InstanceMethods
           def increment(attr)
             self.inc(attr, 1)
@@ -23,11 +18,16 @@ module Sorcery
           def update_single_attribute(name, value)
             update_many_attributes(name => value)
           end
+
+          def sorcery_save(options = {})
+            mthd = options.delete(:raise_on_failure) ? :save! : :save
+            self.send(mthd, options)
+          end
         end
 
         module ClassMethods
           def credential_regex(credential)
-            return { :$regex =>  /^#{credential}$/i  } if (@sorcery_config.downcase_username_before_authenticating)
+            return { :$regex =>  /^#{Regexp.escape(credential)}$/i  } if (@sorcery_config.downcase_username_before_authenticating)
             credential
           end
 

data/lib/sorcery/model/submodules/activity_logging.rb

@@ -29,6 +29,13 @@ module Sorcery
           end
 
           base.sorcery_config.after_config << :define_activity_logging_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
+          if defined?(DataMapper) and base.ancestors.include?(DataMapper::Resource)
+            # NOTE raise exception if data-store is not supported
+            unless base.repository.adapter.is_a?(DataMapper::Adapters::MysqlAdapter)
+              raise 'Unsupported DataMapper Adapter'
+            end
+            base.sorcery_config.after_config << :define_activity_logging_datamapper_fields
+          end
         end
         
         module ClassMethods
@@ -46,6 +53,23 @@ module Sorcery
             field sorcery_config.last_activity_at_attribute_name, :type => Time
             field sorcery_config.last_login_from_ip_address_name, :type => String
           end
+
+          def define_activity_logging_datamapper_fields
+            property sorcery_config.last_login_at_attribute_name,    Time
+            property sorcery_config.last_logout_at_attribute_name,   Time
+            property sorcery_config.last_activity_at_attribute_name, Time
+            property sorcery_config.last_login_from_ip_address_name, String
+            # Workaround local timezone retrieval problem NOTE dm-core issue #193
+            [sorcery_config.last_login_at_attribute_name,
+             sorcery_config.last_logout_at_attribute_name,
+             sorcery_config.last_activity_at_attribute_name].each do |sym|
+               alias_method "orig_#{sym}", sym
+               define_method(sym) do
+                 t = send("orig_#{sym}")
+                 t && Time.new(t.year, t.month, t.day, t.hour, t.min, t.sec, 0)
+               end
+             end
+          end
         end
       end
     end