sorcery 0.8.5 → 0.8.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sorcery might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +60 -4
- data/CHANGELOG.md +15 -1
- data/Gemfile +9 -18
- data/Gemfile.rails4 +8 -10
- data/README.md +31 -11
- data/VERSION +1 -1
- data/gemfiles/active_record-rails41.gemfile +6 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +8 -0
- data/gemfiles/mongoid-rails41.gemfile +11 -0
- data/lib/sorcery.rb +20 -28
- data/lib/sorcery/controller.rb +6 -11
- data/lib/sorcery/controller/submodules/external.rb +30 -15
- data/lib/sorcery/controller/submodules/session_timeout.rb +1 -1
- data/lib/sorcery/model.rb +102 -70
- data/lib/sorcery/model/adapters/active_record.rb +7 -2
- data/lib/sorcery/model/adapters/datamapper.rb +123 -0
- data/lib/sorcery/model/adapters/mongo_mapper.rb +8 -4
- data/lib/sorcery/model/adapters/mongoid.rb +6 -6
- data/lib/sorcery/model/submodules/activity_logging.rb +24 -0
- data/lib/sorcery/model/submodules/brute_force_protection.rb +16 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -4
- data/lib/sorcery/model/submodules/reset_password.rb +30 -13
- data/lib/sorcery/model/submodules/user_activation.rb +53 -22
- data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +27 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +61 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/test_helpers/internal.rb +3 -3
- data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
- data/lib/sorcery/test_helpers/rails.rb +1 -10
- data/lib/sorcery/test_helpers/rails/controller.rb +17 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/sorcery.gemspec +14 -18
- data/spec/active_record/controller_activity_logging_spec.rb +5 -116
- data/spec/active_record/controller_brute_force_protection_spec.rb +69 -47
- data/spec/active_record/controller_http_basic_auth_spec.rb +24 -18
- data/spec/active_record/controller_oauth2_spec.rb +112 -187
- data/spec/active_record/controller_oauth_spec.rb +41 -37
- data/spec/active_record/controller_remember_me_spec.rb +39 -38
- data/spec/active_record/controller_session_timeout_spec.rb +31 -16
- data/spec/active_record/controller_spec.rb +4 -178
- data/spec/active_record/integration_spec.rb +1 -1
- data/spec/active_record/user_activation_spec.rb +1 -1
- data/spec/active_record/user_activity_logging_spec.rb +1 -1
- data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
- data/spec/active_record/user_oauth_spec.rb +1 -1
- data/spec/active_record/user_remember_me_spec.rb +1 -1
- data/spec/active_record/user_reset_password_spec.rb +1 -1
- data/spec/active_record/user_spec.rb +7 -8
- data/spec/datamapper/controller_activity_logging_spec.rb +17 -0
- data/spec/datamapper/controller_spec.rb +8 -0
- data/spec/datamapper/user_activation_spec.rb +10 -0
- data/spec/datamapper/user_activity_logging_spec.rb +9 -0
- data/spec/datamapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/datamapper/user_oauth_spec.rb +9 -0
- data/spec/datamapper/user_remember_me_spec.rb +8 -0
- data/spec/datamapper/user_reset_password_spec.rb +8 -0
- data/spec/datamapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/controller_spec.rb +4 -171
- data/spec/mongo_mapper/user_activation_spec.rb +1 -2
- data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
- data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
- data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
- data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
- data/spec/mongo_mapper/user_spec.rb +7 -8
- data/spec/mongoid/controller_activity_logging_spec.rb +4 -99
- data/spec/mongoid/controller_spec.rb +4 -182
- data/spec/mongoid/user_activation_spec.rb +1 -2
- data/spec/mongoid/user_activity_logging_spec.rb +1 -2
- data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
- data/spec/mongoid/user_oauth_spec.rb +1 -2
- data/spec/mongoid/user_remember_me_spec.rb +1 -2
- data/spec/mongoid/user_reset_password_spec.rb +1 -2
- data/spec/mongoid/user_spec.rb +8 -9
- data/spec/orm/active_record.rb +2 -0
- data/spec/orm/datamapper.rb +34 -0
- data/spec/orm/mongo_mapper.rb +1 -0
- data/spec/orm/mongoid.rb +1 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +64 -59
- data/spec/rails_app/app/datamapper/authentication.rb +8 -0
- data/spec/rails_app/app/datamapper/user.rb +7 -0
- data/spec/rails_app/config/routes.rb +18 -13
- data/spec/shared_examples/controller_activity_logging_shared_examples.rb +125 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +32 -36
- data/spec/shared_examples/controller_oauth_shared_examples.rb +19 -26
- data/spec/shared_examples/controller_shared_examples.rb +203 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +107 -90
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +10 -10
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +14 -13
- data/spec/shared_examples/user_oauth_shared_examples.rb +23 -15
- data/spec/shared_examples/user_remember_me_shared_examples.rb +32 -23
- data/spec/shared_examples/user_reset_password_shared_examples.rb +136 -115
- data/spec/shared_examples/user_shared_examples.rb +206 -146
- data/spec/sorcery_crypto_providers_spec.rb +28 -28
- data/spec/spec_helper.rb +15 -6
- metadata +83 -127
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
- data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
- data/lib/sorcery/test_helpers.rb +0 -5
|
@@ -39,6 +39,9 @@ module Sorcery
|
|
|
39
39
|
if defined?(MongoMapper) and base.ancestors.include?(MongoMapper::Document)
|
|
40
40
|
base.sorcery_config.after_config << :define_brute_force_protection_mongo_mapper_fields
|
|
41
41
|
end
|
|
42
|
+
if defined?(DataMapper) and base.ancestors.include?(DataMapper::Resource)
|
|
43
|
+
base.sorcery_config.after_config << :define_brute_force_protection_datamapper_fields
|
|
44
|
+
end
|
|
42
45
|
base.extend(ClassMethods)
|
|
43
46
|
base.send(:include, InstanceMethods)
|
|
44
47
|
end
|
|
@@ -63,6 +66,19 @@ module Sorcery
|
|
|
63
66
|
key sorcery_config.lock_expires_at_attribute_name, Time
|
|
64
67
|
key sorcery_config.unlock_token_attribute_name, String
|
|
65
68
|
end
|
|
69
|
+
|
|
70
|
+
def define_brute_force_protection_datamapper_fields
|
|
71
|
+
property sorcery_config.failed_logins_count_attribute_name, Integer, :default => 0
|
|
72
|
+
property sorcery_config.lock_expires_at_attribute_name, Time
|
|
73
|
+
property sorcery_config.unlock_token_attribute_name, String
|
|
74
|
+
[sorcery_config.lock_expires_at_attribute_name].each do |sym|
|
|
75
|
+
alias_method "orig_#{sym}", sym
|
|
76
|
+
define_method(sym) do
|
|
77
|
+
t = send("orig_#{sym}")
|
|
78
|
+
t && Time.new(t.year, t.month, t.day, t.hour, t.min, t.sec, 0)
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
end
|
|
66
82
|
end
|
|
67
83
|
|
|
68
84
|
module InstanceMethods
|
|
@@ -12,7 +12,7 @@ module Sorcery
|
|
|
12
12
|
:remember_me_for # how long in seconds to remember.
|
|
13
13
|
|
|
14
14
|
end
|
|
15
|
-
|
|
15
|
+
|
|
16
16
|
base.sorcery_config.instance_eval do
|
|
17
17
|
@defaults.merge!(:@remember_me_token_attribute_name => :remember_me_token,
|
|
18
18
|
:@remember_me_token_expires_at_attribute_name => :remember_me_token_expires_at,
|
|
@@ -20,14 +20,17 @@ module Sorcery
|
|
|
20
20
|
|
|
21
21
|
reset!
|
|
22
22
|
end
|
|
23
|
-
|
|
23
|
+
|
|
24
24
|
base.send(:include, InstanceMethods)
|
|
25
25
|
|
|
26
26
|
base.sorcery_config.after_config << :define_remember_me_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
|
|
27
27
|
if defined?(MongoMapper) and base.ancestors.include?(MongoMapper::Document)
|
|
28
28
|
base.sorcery_config.after_config << :define_remember_me_mongo_mapper_fields
|
|
29
29
|
end
|
|
30
|
-
|
|
30
|
+
if defined?(DataMapper) and base.ancestors.include?(DataMapper::Resource)
|
|
31
|
+
base.sorcery_config.after_config << :define_remember_me_datamapper_fields
|
|
32
|
+
end
|
|
33
|
+
|
|
31
34
|
base.extend(ClassMethods)
|
|
32
35
|
end
|
|
33
36
|
|
|
@@ -43,6 +46,18 @@ module Sorcery
|
|
|
43
46
|
key sorcery_config.remember_me_token_attribute_name, String
|
|
44
47
|
key sorcery_config.remember_me_token_expires_at_attribute_name, Time
|
|
45
48
|
end
|
|
49
|
+
|
|
50
|
+
def define_remember_me_datamapper_fields
|
|
51
|
+
property sorcery_config.remember_me_token_attribute_name, String
|
|
52
|
+
property sorcery_config.remember_me_token_expires_at_attribute_name, Time
|
|
53
|
+
[sorcery_config.remember_me_token_expires_at_attribute_name].each do |sym|
|
|
54
|
+
alias_method "orig_#{sym}", sym
|
|
55
|
+
define_method(sym) do
|
|
56
|
+
t = send("orig_#{sym}")
|
|
57
|
+
t && Time.new(t.year, t.month, t.day, t.hour, t.min, t.sec, 0)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
46
61
|
end
|
|
47
62
|
|
|
48
63
|
module InstanceMethods
|
|
@@ -63,4 +78,4 @@ module Sorcery
|
|
|
63
78
|
end
|
|
64
79
|
end
|
|
65
80
|
end
|
|
66
|
-
end
|
|
81
|
+
end
|
|
@@ -9,14 +9,14 @@ module Sorcery
|
|
|
9
9
|
# he will be able to reset his password via a form.
|
|
10
10
|
#
|
|
11
11
|
# When using this submodule, supplying a mailer is mandatory.
|
|
12
|
-
module ResetPassword
|
|
12
|
+
module ResetPassword
|
|
13
13
|
def self.included(base)
|
|
14
14
|
base.sorcery_config.class_eval do
|
|
15
15
|
attr_accessor :reset_password_token_attribute_name, # reset password code attribute name.
|
|
16
16
|
:reset_password_token_expires_at_attribute_name, # expires at attribute name.
|
|
17
17
|
:reset_password_email_sent_at_attribute_name, # when was email sent, used for hammering
|
|
18
18
|
# protection.
|
|
19
|
-
|
|
19
|
+
|
|
20
20
|
:reset_password_mailer, # mailer class. Needed.
|
|
21
21
|
|
|
22
22
|
:reset_password_mailer_disabled, # when true sorcery will not automatically
|
|
@@ -25,15 +25,15 @@ module Sorcery
|
|
|
25
25
|
|
|
26
26
|
:reset_password_email_method_name, # reset password email method on your
|
|
27
27
|
# mailer class.
|
|
28
|
-
|
|
28
|
+
|
|
29
29
|
:reset_password_expiration_period, # how many seconds before the reset request
|
|
30
30
|
# expires. nil for never expires.
|
|
31
|
-
|
|
31
|
+
|
|
32
32
|
:reset_password_time_between_emails # hammering protection, how long to wait
|
|
33
33
|
# before allowing another email to be sent.
|
|
34
34
|
|
|
35
35
|
end
|
|
36
|
-
|
|
36
|
+
|
|
37
37
|
base.sorcery_config.instance_eval do
|
|
38
38
|
@defaults.merge!(:@reset_password_token_attribute_name => :reset_password_token,
|
|
39
39
|
:@reset_password_token_expires_at_attribute_name => :reset_password_token_expires_at,
|
|
@@ -54,11 +54,14 @@ module Sorcery
|
|
|
54
54
|
if defined?(MongoMapper) and base.ancestors.include?(MongoMapper::Document)
|
|
55
55
|
base.sorcery_config.after_config << :define_reset_password_mongo_mapper_fields
|
|
56
56
|
end
|
|
57
|
+
if defined?(DataMapper) and base.ancestors.include?(DataMapper::Resource)
|
|
58
|
+
base.sorcery_config.after_config << :define_reset_password_datamapper_fields
|
|
59
|
+
end
|
|
57
60
|
|
|
58
61
|
base.send(:include, InstanceMethods)
|
|
59
62
|
|
|
60
63
|
end
|
|
61
|
-
|
|
64
|
+
|
|
62
65
|
module ClassMethods
|
|
63
66
|
# Find user by token, also checks for expiration.
|
|
64
67
|
# Returns the user if token found and is valid.
|
|
@@ -67,9 +70,9 @@ module Sorcery
|
|
|
67
70
|
token_expiration_date_attr = @sorcery_config.reset_password_token_expires_at_attribute_name
|
|
68
71
|
load_from_token(token, token_attr_name, token_expiration_date_attr)
|
|
69
72
|
end
|
|
70
|
-
|
|
73
|
+
|
|
71
74
|
protected
|
|
72
|
-
|
|
75
|
+
|
|
73
76
|
# This submodule requires the developer to define his own mailer class to be used by it
|
|
74
77
|
# when reset_password_mailer_disabled is false
|
|
75
78
|
def validate_mailer_defined
|
|
@@ -82,14 +85,28 @@ module Sorcery
|
|
|
82
85
|
field sorcery_config.reset_password_token_expires_at_attribute_name, :type => Time
|
|
83
86
|
field sorcery_config.reset_password_email_sent_at_attribute_name, :type => Time
|
|
84
87
|
end
|
|
85
|
-
|
|
88
|
+
|
|
86
89
|
def define_reset_password_mongo_mapper_fields
|
|
87
90
|
key sorcery_config.reset_password_token_attribute_name, String
|
|
88
91
|
key sorcery_config.reset_password_token_expires_at_attribute_name, Time
|
|
89
92
|
key sorcery_config.reset_password_email_sent_at_attribute_name, Time
|
|
90
93
|
end
|
|
94
|
+
|
|
95
|
+
def define_reset_password_datamapper_fields
|
|
96
|
+
property sorcery_config.reset_password_token_attribute_name, String
|
|
97
|
+
property sorcery_config.reset_password_token_expires_at_attribute_name, Time
|
|
98
|
+
property sorcery_config.reset_password_email_sent_at_attribute_name, Time
|
|
99
|
+
[sorcery_config.reset_password_token_expires_at_attribute_name,
|
|
100
|
+
sorcery_config.reset_password_email_sent_at_attribute_name].each do |sym|
|
|
101
|
+
alias_method "orig_#{sym}", sym
|
|
102
|
+
define_method(sym) do
|
|
103
|
+
t = send("orig_#{sym}")
|
|
104
|
+
t && Time.new(t.year, t.month, t.day, t.hour, t.min, t.sec, 0)
|
|
105
|
+
end
|
|
106
|
+
end
|
|
107
|
+
end
|
|
91
108
|
end
|
|
92
|
-
|
|
109
|
+
|
|
93
110
|
module InstanceMethods
|
|
94
111
|
# generates a reset code with expiration and sends an email to the user.
|
|
95
112
|
def deliver_reset_password_instructions!
|
|
@@ -104,12 +121,12 @@ module Sorcery
|
|
|
104
121
|
send_reset_password_email! unless sorcery_config.reset_password_mailer_disabled
|
|
105
122
|
end
|
|
106
123
|
end
|
|
107
|
-
|
|
124
|
+
|
|
108
125
|
# Clears token and tries to update the new password for the user.
|
|
109
126
|
def change_password!(new_password)
|
|
110
127
|
clear_reset_password_token
|
|
111
128
|
self.send(:"#{sorcery_config.password_attribute_name}=", new_password)
|
|
112
|
-
|
|
129
|
+
sorcery_save
|
|
113
130
|
end
|
|
114
131
|
|
|
115
132
|
protected
|
|
@@ -125,7 +142,7 @@ module Sorcery
|
|
|
125
142
|
self.send(:"#{config.reset_password_token_expires_at_attribute_name}=", nil) if config.reset_password_expiration_period
|
|
126
143
|
end
|
|
127
144
|
end
|
|
128
|
-
|
|
145
|
+
|
|
129
146
|
end
|
|
130
147
|
end
|
|
131
148
|
end
|
|
@@ -10,16 +10,16 @@ module Sorcery
|
|
|
10
10
|
base.sorcery_config.class_eval do
|
|
11
11
|
attr_accessor :activation_state_attribute_name, # the attribute name to hold activation state
|
|
12
12
|
# (active/pending).
|
|
13
|
-
|
|
13
|
+
|
|
14
14
|
:activation_token_attribute_name, # the attribute name to hold activation code
|
|
15
15
|
# (sent by email).
|
|
16
|
-
|
|
16
|
+
|
|
17
17
|
:activation_token_expires_at_attribute_name, # the attribute name to hold activation code
|
|
18
18
|
# expiration date.
|
|
19
|
-
|
|
19
|
+
|
|
20
20
|
:activation_token_expiration_period, # how many seconds before the activation code
|
|
21
21
|
# expires. nil for never expires.
|
|
22
|
-
|
|
22
|
+
|
|
23
23
|
:user_activation_mailer, # your mailer class. Required when
|
|
24
24
|
# activation_mailer_disabled == false.
|
|
25
25
|
|
|
@@ -29,14 +29,14 @@ module Sorcery
|
|
|
29
29
|
|
|
30
30
|
:activation_needed_email_method_name, # activation needed email method on your
|
|
31
31
|
# mailer class.
|
|
32
|
-
|
|
32
|
+
|
|
33
33
|
:activation_success_email_method_name, # activation success email method on your
|
|
34
34
|
# mailer class.
|
|
35
|
-
|
|
35
|
+
|
|
36
36
|
:prevent_non_active_users_to_login # do you want to prevent or allow users that
|
|
37
37
|
# did not activate by email to login?
|
|
38
38
|
end
|
|
39
|
-
|
|
39
|
+
|
|
40
40
|
base.sorcery_config.instance_eval do
|
|
41
41
|
@defaults.merge!(:@activation_state_attribute_name => :activation_state,
|
|
42
42
|
:@activation_token_attribute_name => :activation_token,
|
|
@@ -49,27 +49,43 @@ module Sorcery
|
|
|
49
49
|
:@prevent_non_active_users_to_login => true)
|
|
50
50
|
reset!
|
|
51
51
|
end
|
|
52
|
-
|
|
52
|
+
|
|
53
53
|
base.class_eval do
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
54
|
+
if defined?(DataMapper) && self.ancestors.include?(DataMapper::Resource)
|
|
55
|
+
before :valid? do
|
|
56
|
+
if self.send(sorcery_config.password_attribute_name).present?
|
|
57
|
+
setup_activation
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
after :create do
|
|
61
|
+
if send_activation_needed_email?
|
|
62
|
+
send_activation_needed_email!
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
else
|
|
66
|
+
# don't setup activation if no password supplied - this user is created automatically
|
|
67
|
+
before_create :setup_activation, :if => Proc.new { |user| user.send(sorcery_config.password_attribute_name).present? }
|
|
68
|
+
# don't send activation needed email if no crypted password created - this user is external (OAuth etc.)
|
|
69
|
+
after_create :send_activation_needed_email!, :if => :send_activation_needed_email?
|
|
70
|
+
end
|
|
58
71
|
end
|
|
59
|
-
|
|
72
|
+
|
|
60
73
|
base.sorcery_config.after_config << :validate_mailer_defined
|
|
61
74
|
base.sorcery_config.after_config << :define_user_activation_mongoid_fields if defined?(Mongoid) and base.ancestors.include?(Mongoid::Document)
|
|
62
75
|
if defined?(MongoMapper) and base.ancestors.include?(MongoMapper::Document)
|
|
63
76
|
base.sorcery_config.after_config << :define_user_activation_mongo_mapper_fields
|
|
64
77
|
end
|
|
78
|
+
if defined?(DataMapper) and base.ancestors.include?(DataMapper::Resource)
|
|
79
|
+
base.sorcery_config.after_config << :define_user_activation_datamapper_fields
|
|
80
|
+
end
|
|
65
81
|
base.sorcery_config.before_authenticate << :prevent_non_active_login
|
|
66
|
-
|
|
82
|
+
|
|
67
83
|
base.extend(ClassMethods)
|
|
68
84
|
base.send(:include, InstanceMethods)
|
|
69
85
|
|
|
70
86
|
|
|
71
87
|
end
|
|
72
|
-
|
|
88
|
+
|
|
73
89
|
module ClassMethods
|
|
74
90
|
# Find user by token, also checks for expiration.
|
|
75
91
|
# Returns the user if token found and is valid.
|
|
@@ -78,9 +94,9 @@ module Sorcery
|
|
|
78
94
|
token_expiration_date_attr = @sorcery_config.activation_token_expires_at_attribute_name
|
|
79
95
|
load_from_token(token, token_attr_name, token_expiration_date_attr)
|
|
80
96
|
end
|
|
81
|
-
|
|
97
|
+
|
|
82
98
|
protected
|
|
83
|
-
|
|
99
|
+
|
|
84
100
|
# This submodule requires the developer to define his own mailer class to be used by it
|
|
85
101
|
# when activation_mailer_disabled is false
|
|
86
102
|
def validate_mailer_defined
|
|
@@ -103,8 +119,23 @@ module Sorcery
|
|
|
103
119
|
key sorcery_config.activation_token_expires_at_attribute_name, Time
|
|
104
120
|
end
|
|
105
121
|
end
|
|
122
|
+
|
|
123
|
+
def define_user_activation_datamapper_fields
|
|
124
|
+
self.class_eval do
|
|
125
|
+
property sorcery_config.activation_state_attribute_name, String
|
|
126
|
+
property sorcery_config.activation_token_attribute_name, String
|
|
127
|
+
property sorcery_config.activation_token_expires_at_attribute_name, Time
|
|
128
|
+
[sorcery_config.activation_token_expires_at_attribute_name].each do |sym|
|
|
129
|
+
alias_method "orig_#{sym}", sym
|
|
130
|
+
define_method(sym) do
|
|
131
|
+
t = send("orig_#{sym}")
|
|
132
|
+
t && Time.new(t.year, t.month, t.day, t.hour, t.min, t.sec, 0)
|
|
133
|
+
end
|
|
134
|
+
end
|
|
135
|
+
end
|
|
136
|
+
end
|
|
106
137
|
end
|
|
107
|
-
|
|
138
|
+
|
|
108
139
|
module InstanceMethods
|
|
109
140
|
# clears activation code, sets the user as 'active' and optionaly sends a success email.
|
|
110
141
|
def activate!
|
|
@@ -112,9 +143,9 @@ module Sorcery
|
|
|
112
143
|
self.send(:"#{config.activation_token_attribute_name}=", nil)
|
|
113
144
|
self.send(:"#{config.activation_state_attribute_name}=", "active")
|
|
114
145
|
send_activation_success_email! if send_activation_success_email?
|
|
115
|
-
|
|
146
|
+
sorcery_save(:validate => false, :raise_on_failure => true)
|
|
116
147
|
end
|
|
117
|
-
|
|
148
|
+
|
|
118
149
|
protected
|
|
119
150
|
|
|
120
151
|
def setup_activation
|
|
@@ -147,7 +178,7 @@ module Sorcery
|
|
|
147
178
|
sorcery_config.activation_mailer_disabled == true)
|
|
148
179
|
)
|
|
149
180
|
end
|
|
150
|
-
|
|
181
|
+
|
|
151
182
|
def prevent_non_active_login
|
|
152
183
|
config = sorcery_config
|
|
153
184
|
config.prevent_non_active_users_to_login ? self.send(config.activation_state_attribute_name) == "active" : true
|
|
@@ -157,4 +188,4 @@ module Sorcery
|
|
|
157
188
|
end
|
|
158
189
|
end
|
|
159
190
|
end
|
|
160
|
-
end
|
|
191
|
+
end
|
|
File without changes
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
require 'oauth'
|
|
2
|
+
|
|
3
|
+
module Sorcery
|
|
4
|
+
module Protocols
|
|
5
|
+
module Oauth
|
|
6
|
+
|
|
7
|
+
def oauth_version
|
|
8
|
+
'1.0'
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def get_request_token(token=nil,secret=nil)
|
|
12
|
+
return ::OAuth::RequestToken.new(get_consumer, token, secret) if token && secret
|
|
13
|
+
get_consumer.get_request_token(oauth_callback: @callback_url)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def authorize_url(args)
|
|
17
|
+
get_request_token(
|
|
18
|
+
args[:request_token],
|
|
19
|
+
args[:request_token_secret]
|
|
20
|
+
).authorize_url({
|
|
21
|
+
oauth_callback: @callback_url
|
|
22
|
+
})
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def get_access_token(args)
|
|
26
|
+
get_request_token(
|
|
27
|
+
args[:request_token],
|
|
28
|
+
args[:request_token_secret]
|
|
29
|
+
).get_access_token({
|
|
30
|
+
oauth_verifier: args[:oauth_verifier]
|
|
31
|
+
})
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
protected
|
|
35
|
+
|
|
36
|
+
def get_consumer
|
|
37
|
+
::OAuth::Consumer.new(@key, @secret, site: @site)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
require 'oauth2'
|
|
2
|
+
|
|
3
|
+
module Sorcery
|
|
4
|
+
module Protocols
|
|
5
|
+
module Oauth2
|
|
6
|
+
|
|
7
|
+
def oauth_version
|
|
8
|
+
'2.0'
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def authorize_url(options = {})
|
|
12
|
+
client = build_client(options)
|
|
13
|
+
client.auth_code.authorize_url(
|
|
14
|
+
redirect_uri: @callback_url,
|
|
15
|
+
scope: @scope,
|
|
16
|
+
display: @display,
|
|
17
|
+
state: @state
|
|
18
|
+
)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def get_access_token(args, options = {})
|
|
22
|
+
client = build_client(options)
|
|
23
|
+
client.auth_code.get_token(
|
|
24
|
+
args[:code],
|
|
25
|
+
{
|
|
26
|
+
redirect_uri: @callback_url,
|
|
27
|
+
parse: options.delete(:parse)
|
|
28
|
+
},
|
|
29
|
+
options
|
|
30
|
+
)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def build_client(options = {})
|
|
34
|
+
defaults = {
|
|
35
|
+
site: @site,
|
|
36
|
+
ssl: { ca_file: Sorcery::Controller::Config.ca_file }
|
|
37
|
+
}
|
|
38
|
+
::OAuth2::Client.new(
|
|
39
|
+
@key,
|
|
40
|
+
@secret,
|
|
41
|
+
defaults.merge!(options)
|
|
42
|
+
)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
module Sorcery
|
|
2
|
+
module Providers
|
|
3
|
+
class Base
|
|
4
|
+
|
|
5
|
+
attr_reader :access_token
|
|
6
|
+
|
|
7
|
+
attr_accessor :callback_url, :key, :original_callback_url, :secret,
|
|
8
|
+
:site, :state, :user_info_mapping
|
|
9
|
+
|
|
10
|
+
def has_callback?; true; end
|
|
11
|
+
|
|
12
|
+
def initialize
|
|
13
|
+
@user_info_mapping = {}
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def self.name
|
|
17
|
+
super.gsub(/Sorcery::Providers::/, '').downcase
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
# Ensure that all descendant classes are loaded before run this
|
|
21
|
+
def self.descendants
|
|
22
|
+
ObjectSpace.each_object(Class).select { |klass| klass < self }
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|