sorcery 0.8.5 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -1
- data/.travis.yml +122 -5
- data/CHANGELOG.md +37 -1
- data/Gemfile +10 -18
- data/README.md +159 -88
- data/gemfiles/active_record-rails40.gemfile +7 -0
- data/gemfiles/active_record-rails41.gemfile +7 -0
- data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
- data/gemfiles/mongoid-rails40.gemfile +9 -0
- data/gemfiles/mongoid-rails41.gemfile +9 -0
- data/gemfiles/mongoid3-rails32.gemfile +9 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/install_generator.rb +19 -5
- data/lib/generators/sorcery/templates/initializer.rb +34 -9
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -1
- data/lib/generators/sorcery/templates/migration/core.rb +2 -2
- data/lib/generators/sorcery/templates/migration/external.rb +3 -1
- data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
- data/lib/sorcery/adapters/base_adapter.rb +30 -0
- data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
- data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
- data/lib/sorcery/controller/config.rb +65 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
- data/lib/sorcery/controller/submodules/external.rb +35 -40
- data/lib/sorcery/controller/submodules/remember_me.rb +4 -4
- data/lib/sorcery/controller/submodules/session_timeout.rb +10 -6
- data/lib/sorcery/controller.rb +10 -74
- data/lib/sorcery/model/config.rb +96 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
- data/lib/sorcery/model/submodules/brute_force_protection.rb +21 -21
- data/lib/sorcery/model/submodules/external.rb +53 -9
- data/lib/sorcery/model/submodules/remember_me.rb +15 -19
- data/lib/sorcery/model/submodules/reset_password.rb +33 -34
- data/lib/sorcery/model/submodules/user_activation.rb +36 -47
- data/lib/sorcery/model/temporary_token.rb +4 -4
- data/lib/sorcery/model.rb +73 -173
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +38 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/heroku.rb +57 -0
- data/lib/sorcery/providers/jira.rb +77 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/salesforce.rb +50 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +63 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
- data/lib/sorcery/test_helpers/internal.rb +7 -3
- data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/lib/sorcery/version.rb +3 -0
- data/lib/sorcery.rb +82 -58
- data/sorcery.gemspec +19 -19
- data/spec/active_record/user_activation_spec.rb +1 -1
- data/spec/active_record/user_activity_logging_spec.rb +10 -1
- data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
- data/spec/active_record/user_oauth_spec.rb +1 -1
- data/spec/active_record/user_remember_me_spec.rb +1 -1
- data/spec/active_record/user_reset_password_spec.rb +1 -1
- data/spec/active_record/user_spec.rb +7 -8
- data/spec/controllers/controller_activity_logging_spec.rb +124 -0
- data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
- data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
- data/spec/controllers/controller_oauth2_spec.rb +414 -0
- data/spec/controllers/controller_oauth_spec.rb +240 -0
- data/spec/controllers/controller_remember_me_spec.rb +117 -0
- data/spec/controllers/controller_session_timeout_spec.rb +80 -0
- data/spec/controllers/controller_spec.rb +218 -0
- data/spec/data_mapper/user_activation_spec.rb +10 -0
- data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
- data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/data_mapper/user_oauth_spec.rb +9 -0
- data/spec/data_mapper/user_remember_me_spec.rb +8 -0
- data/spec/data_mapper/user_reset_password_spec.rb +8 -0
- data/spec/data_mapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/user_activation_spec.rb +1 -2
- data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
- data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
- data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
- data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
- data/spec/mongo_mapper/user_spec.rb +7 -8
- data/spec/mongoid/user_activation_spec.rb +1 -2
- data/spec/mongoid/user_activity_logging_spec.rb +1 -2
- data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
- data/spec/mongoid/user_oauth_spec.rb +1 -2
- data/spec/mongoid/user_remember_me_spec.rb +1 -2
- data/spec/mongoid/user_reset_password_spec.rb +1 -2
- data/spec/mongoid/user_spec.rb +21 -9
- data/spec/orm/active_record.rb +14 -0
- data/spec/orm/data_mapper.rb +48 -0
- data/spec/orm/mongo_mapper.rb +1 -1
- data/spec/orm/mongoid.rb +5 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +125 -59
- data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
- data/spec/rails_app/app/data_mapper/user.rb +7 -0
- data/spec/rails_app/app/mongo_mapper/user.rb +2 -0
- data/spec/rails_app/config/routes.rb +27 -13
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +2 -2
- data/spec/shared_examples/user_activation_shared_examples.rb +108 -91
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
- data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
- data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
- data/spec/shared_examples/user_reset_password_shared_examples.rb +138 -117
- data/spec/shared_examples/user_shared_examples.rb +297 -150
- data/spec/sorcery_crypto_providers_spec.rb +28 -28
- data/spec/spec_helper.rb +12 -18
- metadata +99 -165
- data/Gemfile.rails4 +0 -24
- data/VERSION +0 -1
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
- data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
- data/lib/sorcery/model/adapters/active_record.rb +0 -49
- data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
- data/lib/sorcery/model/adapters/mongoid.rb +0 -88
- data/lib/sorcery/test_helpers/rails.rb +0 -16
- data/lib/sorcery/test_helpers.rb +0 -5
- data/spec/active_record/controller_activity_logging_spec.rb +0 -140
- data/spec/active_record/controller_brute_force_protection_spec.rb +0 -136
- data/spec/active_record/controller_http_basic_auth_spec.rb +0 -59
- data/spec/active_record/controller_oauth2_spec.rb +0 -417
- data/spec/active_record/controller_oauth_spec.rb +0 -212
- data/spec/active_record/controller_remember_me_spec.rb +0 -96
- data/spec/active_record/controller_session_timeout_spec.rb +0 -55
- data/spec/active_record/controller_spec.rb +0 -182
- data/spec/active_record/integration_spec.rb +0 -23
- data/spec/mongo_mapper/controller_spec.rb +0 -175
- data/spec/mongoid/controller_activity_logging_spec.rb +0 -111
- data/spec/mongoid/controller_spec.rb +0 -186
- data/spec/rails_app/public/404.html +0 -26
- data/spec/rails_app/public/422.html +0 -26
- data/spec/rails_app/public/500.html +0 -26
- data/spec/rails_app/public/favicon.ico +0 -0
- data/spec/rails_app/public/images/rails.png +0 -0
- data/spec/rails_app/public/javascripts/application.js +0 -2
- data/spec/rails_app/public/javascripts/controls.js +0 -965
- data/spec/rails_app/public/javascripts/dragdrop.js +0 -974
- data/spec/rails_app/public/javascripts/effects.js +0 -1123
- data/spec/rails_app/public/javascripts/prototype.js +0 -6001
- data/spec/rails_app/public/javascripts/rails.js +0 -175
- data/spec/rails_app/public/robots.txt +0 -5
- data/spec/rails_app/public/stylesheets/.gitkeep +0 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
- data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -69
- /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f79fec92f71b24d1507e3848c0c943e3b8e7a6ed
|
|
4
|
+
data.tar.gz: bf2cfc0eb30778fbb3eb85f896a9b73811a179c4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d48170391dc1db75bb8bc88ce444ecc8d957796e0aaf96c29cafc4a01493689bc52e47ecaa5c0968c3aced147d623d2623f9dbe56e3dfdf46bf5309b005345f6
|
|
7
|
+
data.tar.gz: 4101544b567f3cb86c02bda20721a864b9c32fb688d62e64e7eee7fc0672614d06e0d8c004c8fa494113a9c834c1a09df1be91454ee00ee58865fcd31d01d7e0
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
|
@@ -2,14 +2,131 @@ language: ruby
|
|
|
2
2
|
rvm:
|
|
3
3
|
- 1.9.3
|
|
4
4
|
- 2.0.0
|
|
5
|
+
- 2.1
|
|
5
6
|
|
|
6
7
|
services: mongodb
|
|
7
8
|
|
|
8
9
|
gemfile:
|
|
9
10
|
- Gemfile
|
|
10
|
-
- Gemfile.rails4
|
|
11
11
|
|
|
12
|
-
|
|
13
|
-
- "SORCERY_ORM=active_record
|
|
14
|
-
- "SORCERY_ORM=mongoid
|
|
15
|
-
- "SORCERY_ORM=mongo_mapper
|
|
12
|
+
env:
|
|
13
|
+
- "SORCERY_ORM=active_record"
|
|
14
|
+
- "SORCERY_ORM=mongoid"
|
|
15
|
+
- "SORCERY_ORM=mongo_mapper"
|
|
16
|
+
- "SORCERY_ORM=data_mapper"
|
|
17
|
+
|
|
18
|
+
before_script:
|
|
19
|
+
- mysql -e 'create database sorcery_test;'
|
|
20
|
+
|
|
21
|
+
matrix:
|
|
22
|
+
allow_failures:
|
|
23
|
+
- rvm: :jruby
|
|
24
|
+
|
|
25
|
+
include:
|
|
26
|
+
- rvm: 1.9.3
|
|
27
|
+
gemfile: gemfiles/mongoid-rails41.gemfile
|
|
28
|
+
env: "SORCERY_ORM=mongoid"
|
|
29
|
+
|
|
30
|
+
- rvm: 2.0.0
|
|
31
|
+
gemfile: gemfiles/mongoid-rails41.gemfile
|
|
32
|
+
env: "SORCERY_ORM=mongoid"
|
|
33
|
+
|
|
34
|
+
- rvm: 2.1
|
|
35
|
+
gemfile: gemfiles/mongoid-rails41.gemfile
|
|
36
|
+
env: "SORCERY_ORM=mongoid"
|
|
37
|
+
|
|
38
|
+
- rvm: jruby
|
|
39
|
+
gemfile: gemfiles/mongoid-rails41.gemfile
|
|
40
|
+
env: "SORCERY_ORM=mongoid"
|
|
41
|
+
|
|
42
|
+
- rvm: 1.9.3
|
|
43
|
+
gemfile: gemfiles/mongo_mapper-rails41.gemfile
|
|
44
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
45
|
+
|
|
46
|
+
- rvm: 2.0.0
|
|
47
|
+
gemfile: gemfiles/mongo_mapper-rails41.gemfile
|
|
48
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
49
|
+
|
|
50
|
+
- rvm: 2.1
|
|
51
|
+
gemfile: gemfiles/mongo_mapper-rails41.gemfile
|
|
52
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
53
|
+
|
|
54
|
+
- rvm: jruby
|
|
55
|
+
gemfile: gemfiles/mongo_mapper-rails41.gemfile
|
|
56
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
57
|
+
|
|
58
|
+
- rvm: 1.9.3
|
|
59
|
+
gemfile: gemfiles/active_record-rails41.gemfile
|
|
60
|
+
env: "SORCERY_ORM=active_record"
|
|
61
|
+
|
|
62
|
+
- rvm: 2.0.0
|
|
63
|
+
gemfile: gemfiles/active_record-rails41.gemfile
|
|
64
|
+
env: "SORCERY_ORM=active_record"
|
|
65
|
+
|
|
66
|
+
- rvm: 2.1
|
|
67
|
+
gemfile: gemfiles/active_record-rails41.gemfile
|
|
68
|
+
env: "SORCERY_ORM=active_record"
|
|
69
|
+
|
|
70
|
+
- rvm: jruby
|
|
71
|
+
gemfile: gemfiles/active_record-rails41.gemfile
|
|
72
|
+
env: "SORCERY_ORM=active_record"
|
|
73
|
+
|
|
74
|
+
- rvm: 1.9.3
|
|
75
|
+
gemfile: gemfiles/mongoid-rails40.gemfile
|
|
76
|
+
env: "SORCERY_ORM=mongoid"
|
|
77
|
+
|
|
78
|
+
- rvm: 2.0.0
|
|
79
|
+
gemfile: gemfiles/mongoid-rails40.gemfile
|
|
80
|
+
env: "SORCERY_ORM=mongoid"
|
|
81
|
+
|
|
82
|
+
- rvm: 2.1
|
|
83
|
+
gemfile: gemfiles/mongoid-rails40.gemfile
|
|
84
|
+
env: "SORCERY_ORM=mongoid"
|
|
85
|
+
|
|
86
|
+
- rvm: jruby
|
|
87
|
+
gemfile: gemfiles/mongoid-rails40.gemfile
|
|
88
|
+
env: "SORCERY_ORM=mongoid"
|
|
89
|
+
|
|
90
|
+
- rvm: 1.9.3
|
|
91
|
+
gemfile: gemfiles/mongo_mapper-rails40.gemfile
|
|
92
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
93
|
+
|
|
94
|
+
- rvm: 2.0.0
|
|
95
|
+
gemfile: gemfiles/mongo_mapper-rails40.gemfile
|
|
96
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
97
|
+
|
|
98
|
+
- rvm: 2.1
|
|
99
|
+
gemfile: gemfiles/mongo_mapper-rails40.gemfile
|
|
100
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
101
|
+
|
|
102
|
+
- rvm: jruby
|
|
103
|
+
gemfile: gemfiles/mongo_mapper-rails40.gemfile
|
|
104
|
+
env: "SORCERY_ORM=mongo_mapper"
|
|
105
|
+
|
|
106
|
+
- rvm: 1.9.3
|
|
107
|
+
gemfile: gemfiles/active_record-rails40.gemfile
|
|
108
|
+
env: "SORCERY_ORM=active_record"
|
|
109
|
+
|
|
110
|
+
- rvm: 2.0.0
|
|
111
|
+
gemfile: gemfiles/active_record-rails40.gemfile
|
|
112
|
+
env: "SORCERY_ORM=active_record"
|
|
113
|
+
|
|
114
|
+
- rvm: 2.1
|
|
115
|
+
gemfile: gemfiles/active_record-rails40.gemfile
|
|
116
|
+
env: "SORCERY_ORM=active_record"
|
|
117
|
+
|
|
118
|
+
- rvm: jruby
|
|
119
|
+
gemfile: gemfiles/active_record-rails40.gemfile
|
|
120
|
+
env: "SORCERY_ORM=active_record"
|
|
121
|
+
|
|
122
|
+
- rvm: 1.9.3
|
|
123
|
+
gemfile: gemfiles/mongoid3-rails32.gemfile
|
|
124
|
+
env: "SORCERY_ORM=mongoid"
|
|
125
|
+
|
|
126
|
+
- rvm: 2.0.0
|
|
127
|
+
gemfile: gemfiles/mongoid3-rails32.gemfile
|
|
128
|
+
env: "SORCERY_ORM=mongoid"
|
|
129
|
+
|
|
130
|
+
- rvm: 2.1
|
|
131
|
+
gemfile: gemfiles/mongoid3-rails32.gemfile
|
|
132
|
+
env: "SORCERY_ORM=mongoid"
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,42 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
-
## 0
|
|
3
|
+
## 1.0 (not released yet)
|
|
4
|
+
|
|
5
|
+
* Adapters (Mongoid, MongoMapper, DataMapper) are now separated from the core Sorcery repo and moved under `sorcery-rails` organization. Special thanks to @juike!
|
|
6
|
+
|
|
7
|
+
## 0.9.0
|
|
8
|
+
|
|
9
|
+
* Sending emails works with Rails 4.2 (thanks to @wooly)
|
|
10
|
+
* Added `valid_password?` method
|
|
11
|
+
* Added support for JIRA OAuth (thanks to @camilasan)
|
|
12
|
+
* Added support for Heroku OAuth (thanks to @tyrauber)
|
|
13
|
+
* Added support for Salesforce OAuth (thanks to @supremebeing7)
|
|
14
|
+
* Added support for Mongoid 4
|
|
15
|
+
* Fixed issues with empty passwords (thanks to @Borzik)
|
|
16
|
+
* `find_by_provider_and_uid` method was replaced with `find_by_oauth_credentials`
|
|
17
|
+
* Sorcery::VERSION constant was added to allow easy version check
|
|
18
|
+
* `@user.setup_activation` method was made to be public (thanks @iTakeshi)
|
|
19
|
+
* `current_users` method is deprecated
|
|
20
|
+
* Fetching email from VK auth, thanks to @makaroni4
|
|
21
|
+
* Add logged_in? method to test_helpers (thanks to @oriolbcn)
|
|
22
|
+
* #locked? method is now public API (thanks @rogercampos)
|
|
23
|
+
* Introduces a new User instance method `generate_reset_password_token` to generate a new reset password token without sending an email (thanks to @tbuehl)
|
|
24
|
+
|
|
25
|
+
## 0.8.6
|
|
26
|
+
|
|
27
|
+
* `current_user` returns `nil` instead of `false` if there's no user loggd in (#493)
|
|
28
|
+
* MongoMapper adapter does not override `save!` method anymore. However due to ORM's lack of support for `validate: false` in `save!`, the combination of `validate: false` and `raise_on_failure: true` is not possible in MongoMapper. The errors will not be raised in this situation. (#151)
|
|
29
|
+
* Fixed rename warnings for bcrypt-ruby
|
|
30
|
+
* The way Sorcery adapters are included has been changed due to problem with multiple `included` blocks error in `ActiveSupport::Concern` class (#527)
|
|
31
|
+
* Session timeout works with new cookie serializer introduced in Rails 4.1
|
|
32
|
+
* Rails 4.1 compatibility bugs were fixed, this version is fully supported (#538)
|
|
33
|
+
* VK providers now supports `scope` option
|
|
34
|
+
* Support for DataMapper added
|
|
35
|
+
* Helpers for integration tests were added
|
|
36
|
+
* Fixed problems with special characters in user login attributes (MongoMapper & Mongoid)
|
|
37
|
+
* Fixed remaining `password_confirmation` value - it is now cleared just like `password`
|
|
38
|
+
|
|
39
|
+
## 0.8.5
|
|
4
40
|
* Fixed add_provider_to_user with CamelCased authentications_class model (#382)
|
|
5
41
|
* Fixed unlock_token_mailer_disabled to only disable automatic mailing (#467)
|
|
6
42
|
* Make send_email_* methods easier to overwrite (#473)
|
data/Gemfile
CHANGED
|
@@ -1,24 +1,8 @@
|
|
|
1
1
|
source 'https://rubygems.org'
|
|
2
|
-
# Add dependencies required to use your gem here.
|
|
3
|
-
# Example:
|
|
4
|
-
# gem "activesupport", ">= 2.3.5"
|
|
5
|
-
gem 'oauth', "~> 0.4.4"
|
|
6
|
-
gem 'oauth2', "~> 0.8.0"
|
|
7
|
-
gem 'bcrypt-ruby', "~> 3.0.0"
|
|
8
2
|
|
|
9
|
-
|
|
10
|
-
# Include everything needed to run rake, tests, features, etc.
|
|
11
|
-
|
|
12
|
-
gem 'abstract', '>= 1.0.0'
|
|
13
|
-
gem "rails", "~> 3.2.15"
|
|
14
|
-
gem 'json', ">= 1.7.7"
|
|
15
|
-
gem "rspec", "~> 2.14.0"
|
|
16
|
-
gem 'rspec-rails', "~> 2.14.0"
|
|
3
|
+
gem 'rails', '~> 3.2'
|
|
17
4
|
gem 'sqlite3'
|
|
18
|
-
gem
|
|
19
|
-
gem "bundler", ">= 1.1.0"
|
|
20
|
-
gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
|
|
21
|
-
gem 'timecop'
|
|
5
|
+
gem 'pry'
|
|
22
6
|
|
|
23
7
|
group :mongomapper do
|
|
24
8
|
gem 'mongo_mapper'
|
|
@@ -28,3 +12,11 @@ group :mongoid do
|
|
|
28
12
|
gem 'mongoid', "~> 2.4.4"
|
|
29
13
|
gem 'bson_ext'
|
|
30
14
|
end
|
|
15
|
+
|
|
16
|
+
group :datamapper do
|
|
17
|
+
gem 'mysql2'
|
|
18
|
+
gem 'data_mapper'
|
|
19
|
+
gem 'dm-mysql-adapter'
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
gemspec
|
data/README.md
CHANGED
|
@@ -1,19 +1,20 @@
|
|
|
1
|
-
[
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
/>](https://codeclimate.com/github/NoamB/sorcery)
|
|
1
|
+
[](https://travis-ci.org/NoamB/sorcery)
|
|
2
|
+
[](https://codeclimate.com/github/NoamB/sorcery)
|
|
3
|
+
[](http://inch-ci.org/github/NoamB/sorcery)
|
|
5
4
|
|
|
6
5
|
# sorcery
|
|
7
|
-
Magical Authentication for Rails 3 and 4. Supports ActiveRecord,
|
|
8
|
-
MongoMapper.
|
|
6
|
+
Magical Authentication for Rails 3 and 4. Supports ActiveRecord,
|
|
7
|
+
DataMapper, Mongoid and MongoMapper.
|
|
9
8
|
|
|
10
9
|
Inspired by restful_authentication, Authlogic and Devise. Crypto code taken
|
|
11
10
|
almost unchanged from Authlogic. OAuth code inspired by OmniAuth and Ryan
|
|
12
11
|
Bates's railscasts about it.
|
|
13
12
|
|
|
14
|
-
**
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
**What's happening now?** We are working on 1.0 version, which will include some API-breaking changes. It should be released about April 2015.
|
|
14
|
+
Until then we'll continue releasing `0.9.x` version with bug fixed.
|
|
15
|
+
|
|
16
|
+
**Rails 4 status:** [Sorcery 0.9.0](http://rubygems.org/gems/sorcery/versions/0.9.0) is fully tested and ready for Rails 4.0, 4.1 and 4.2.
|
|
17
|
+
**Mongoid status:** Version 0.9.0 works with Mongoid 4.
|
|
17
18
|
|
|
18
19
|
https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication
|
|
19
20
|
|
|
@@ -35,94 +36,116 @@ can write your own authentication flow. It was built with a few goals in mind:
|
|
|
35
36
|
|
|
36
37
|
Hopefully, I've achieved this. If not, let me know.
|
|
37
38
|
|
|
38
|
-
## Useful Links
|
|
39
|
-
|
|
40
|
-
Railscast: http://railscasts.com/episodes/283-authentication-with-sorcery
|
|
41
|
-
|
|
42
|
-
Example Rails 3 app using sorcery:
|
|
43
|
-
https://github.com/NoamB/sorcery-example-app
|
|
39
|
+
## Useful Links
|
|
44
40
|
|
|
45
|
-
Documentation
|
|
41
|
+
[Documentation](http://rubydoc.info/gems/sorcery) |
|
|
42
|
+
[Railscast](http://railscasts.com/episodes/283-authentication-with-sorcery) | [Simple tutorial](https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication) | [Example Rails 3 app](https://github.com/NoamB/sorcery-example-app)
|
|
46
43
|
|
|
47
|
-
Check out the tutorials in the github
|
|
44
|
+
Check out the tutorials in the [Wiki](https://github.com/NoamB/sorcery/wiki) for more!
|
|
48
45
|
|
|
49
46
|
## API Summary
|
|
50
47
|
|
|
51
48
|
Below is a summary of the library methods. Most method names are self
|
|
52
49
|
explaining and the rest are commented:
|
|
53
50
|
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
51
|
+
|
|
52
|
+
### core
|
|
53
|
+
```ruby
|
|
54
|
+
require_login # this is a before filter
|
|
55
|
+
login(email, password, remember_me = false)
|
|
56
|
+
auto_login(user)# login without credentials
|
|
57
|
+
logout
|
|
58
|
+
logged_in? # available to view
|
|
59
|
+
current_user # available to view
|
|
60
|
+
redirect_back_or_to # used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
|
|
61
|
+
@user.external? # external users, such as facebook/twitter etc.
|
|
62
|
+
User.authenticates_with_sorcery!
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
### http basic auth
|
|
66
|
+
```ruby
|
|
67
|
+
require_login_from_http_basic # this is a before filter
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
### external
|
|
71
|
+
```ruby
|
|
72
|
+
login_at(provider) # sends the user to an external service (twitter etc.) to authenticate.
|
|
73
|
+
login_from(provider) # tries to login from the external provider's callback.
|
|
74
|
+
create_from(provider) # create the user in the local app db.
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
### remember me
|
|
78
|
+
```ruby
|
|
79
|
+
auto_login(user, should_remember=false) # login without credentials, optional remember_me
|
|
80
|
+
remember_me!
|
|
81
|
+
forget_me!
|
|
82
|
+
```
|
|
83
|
+
|
|
84
|
+
### reset password
|
|
85
|
+
```ruby
|
|
86
|
+
User.load_from_reset_password_token(token)
|
|
87
|
+
@user.generate_reset_password_token! # if you want to send the email by youself
|
|
88
|
+
@user.deliver_reset_password_instructions! # generates the token and sends the email
|
|
89
|
+
@user.change_password!(new_password)
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
### user activation
|
|
93
|
+
```ruby
|
|
94
|
+
User.load_from_activation_token(token)
|
|
95
|
+
@user.setup_activation
|
|
96
|
+
@user.activate!
|
|
97
|
+
```
|
|
89
98
|
|
|
90
99
|
Please see the tutorials in the github wiki for detailed usage information.
|
|
91
100
|
|
|
92
|
-
## Installation
|
|
101
|
+
## Installation
|
|
93
102
|
|
|
94
103
|
If using bundler, first add 'sorcery' to your Gemfile:
|
|
95
104
|
|
|
96
|
-
|
|
105
|
+
```ruby
|
|
106
|
+
gem "sorcery"
|
|
107
|
+
```
|
|
97
108
|
|
|
98
109
|
And run
|
|
99
110
|
|
|
100
|
-
|
|
111
|
+
```ruby
|
|
112
|
+
bundle install
|
|
113
|
+
```
|
|
101
114
|
|
|
102
115
|
Otherwise simply
|
|
103
116
|
|
|
104
|
-
|
|
117
|
+
```ruby
|
|
118
|
+
gem install sorcery
|
|
119
|
+
```
|
|
105
120
|
|
|
106
|
-
## Rails configuration
|
|
121
|
+
## Rails configuration
|
|
107
122
|
|
|
108
|
-
|
|
123
|
+
```bash
|
|
124
|
+
rails generate sorcery:install
|
|
125
|
+
```
|
|
109
126
|
|
|
110
127
|
This will generate the core migration file, the initializer file and the
|
|
111
128
|
'User' model class.
|
|
112
129
|
|
|
113
|
-
|
|
130
|
+
```bash
|
|
131
|
+
rails generate sorcery:install remember_me reset_password
|
|
132
|
+
```
|
|
114
133
|
|
|
115
134
|
This will generate the migrations files for remember_me and reset_password
|
|
116
135
|
submodules and will create the initializer file (and add submodules to it),
|
|
117
136
|
and create the 'User' model class.
|
|
118
137
|
|
|
119
|
-
|
|
138
|
+
```bash
|
|
139
|
+
rails generate sorcery:install --model Person
|
|
140
|
+
```
|
|
120
141
|
|
|
121
142
|
This will generate the core migration file, the initializer and change the
|
|
122
143
|
model class (in the initializer and migration files) to the class 'Person'
|
|
123
144
|
(and its pluralized version, 'people')
|
|
124
145
|
|
|
125
|
-
|
|
146
|
+
```bash
|
|
147
|
+
rails generate sorcery:install http_basic_auth external remember_me --only-submodules
|
|
148
|
+
```
|
|
126
149
|
|
|
127
150
|
This will generate only the migration files for the specified submodules and
|
|
128
151
|
will add them to the initializer file.
|
|
@@ -138,25 +161,29 @@ After implementing the `delayed_job` into your project add the code below at
|
|
|
138
161
|
the end of the `config/initializers/sorcery.rb` file. After that all emails
|
|
139
162
|
will be sent asynchronously.
|
|
140
163
|
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
end
|
|
164
|
+
```ruby
|
|
165
|
+
module Sorcery
|
|
166
|
+
module Model
|
|
167
|
+
module InstanceMethods
|
|
168
|
+
def generic_send_email(method, mailer)
|
|
169
|
+
config = sorcery_config
|
|
170
|
+
mail = config.send(mailer).delay.send(config.send(method), self)
|
|
149
171
|
end
|
|
150
172
|
end
|
|
173
|
+
end
|
|
174
|
+
end
|
|
175
|
+
```
|
|
151
176
|
|
|
152
177
|
Sidekiq and Resque integrations are coming soon.
|
|
153
178
|
|
|
154
179
|
## Single Table Inheritance (STI) Support
|
|
155
180
|
STI is supported via a single setting in config/initializers/sorcery.rb.
|
|
156
181
|
|
|
157
|
-
## Full Features List by module
|
|
182
|
+
## Full Features List by module
|
|
183
|
+
|
|
184
|
+
**Core** (see [lib/sorcery/model.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model.rb) and
|
|
185
|
+
[lib/sorcery/controller.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller.rb)):
|
|
158
186
|
|
|
159
|
-
Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
|
|
160
187
|
* login/logout, optional return user to requested url on login, configurable
|
|
161
188
|
redirect for non-logged-in users.
|
|
162
189
|
* password encryption, algorithms: bcrypt(default), md5, sha1, sha256,
|
|
@@ -165,7 +192,8 @@ Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
|
|
|
165
192
|
* allow multiple fields to serve as username.
|
|
166
193
|
|
|
167
194
|
|
|
168
|
-
User Activation (see lib/sorcery/model/submodules/user_activation.rb):
|
|
195
|
+
**User Activation** (see [lib/sorcery/model/submodules/user_activation.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/user_activation.rb)):
|
|
196
|
+
|
|
169
197
|
* User activation by email with optional success email.
|
|
170
198
|
* configurable attribute names.
|
|
171
199
|
* configurable mailer, method name, and attribute name.
|
|
@@ -173,37 +201,41 @@ User Activation (see lib/sorcery/model/submodules/user_activation.rb):
|
|
|
173
201
|
* Optionally prevent non-active users to login.
|
|
174
202
|
|
|
175
203
|
|
|
176
|
-
Reset Password (see lib/sorcery/model/submodules/reset_password.rb):
|
|
204
|
+
**Reset Password** (see [lib/sorcery/model/submodules/reset_password.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/reset_password.rb)):
|
|
205
|
+
|
|
177
206
|
* Reset password with email verification.
|
|
178
207
|
* configurable mailer, method name, and attribute name.
|
|
179
208
|
* configurable temporary token expiration.
|
|
180
209
|
* configurable time between emails (hammering protection).
|
|
181
210
|
|
|
182
211
|
|
|
183
|
-
Remember Me (see lib/sorcery/model/submodules/remember_me.rb):
|
|
212
|
+
**Remember Me** (see [lib/sorcery/model/submodules/remember_me.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/remember_me.rb)):
|
|
213
|
+
|
|
184
214
|
* Remember me with configurable expiration.
|
|
185
215
|
* configurable attribute names.
|
|
186
216
|
|
|
187
217
|
|
|
188
|
-
Session Timeout (see lib/sorcery/controller/submodules/session_timeout.rb):
|
|
218
|
+
**Session Timeout** (see [lib/sorcery/controller/submodules/session_timeout.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/session_timeout.rb)):
|
|
219
|
+
|
|
189
220
|
* Configurable session timeout.
|
|
190
221
|
* Optionally session timeout will be calculated from last user action.
|
|
191
222
|
|
|
192
223
|
|
|
193
|
-
Brute Force Protection (see
|
|
194
|
-
|
|
224
|
+
**Brute Force Protection** (see [lib/sorcery/model/submodules/brute_force_protection.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/brute_force_protection.rb)):
|
|
225
|
+
|
|
195
226
|
* Brute force login hammering protection.
|
|
196
227
|
* configurable logins before lock and lock duration.
|
|
197
228
|
|
|
198
229
|
|
|
199
|
-
Basic HTTP Authentication (see
|
|
200
|
-
|
|
230
|
+
**Basic HTTP Authentication** (see [lib/sorcery/controller/submodules/http_basic_auth.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/http_basic_auth.rb)):
|
|
231
|
+
|
|
201
232
|
* A before filter for requesting authentication with HTTP Basic.
|
|
202
233
|
* automatic login from HTTP Basic.
|
|
203
234
|
* automatic login is disabled if session key changed.
|
|
204
235
|
|
|
205
236
|
|
|
206
|
-
Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
|
|
237
|
+
**Activity Logging** (see [lib/sorcery/model/submodules/activity_logging.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/activity_logging.rb)):
|
|
238
|
+
|
|
207
239
|
* automatic logging of last login, last logout, last activity time and IP
|
|
208
240
|
address for last login.
|
|
209
241
|
* an easy method of collecting the list of currently logged in users.
|
|
@@ -211,14 +243,17 @@ Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
|
|
|
211
243
|
list of logged in users.
|
|
212
244
|
|
|
213
245
|
|
|
214
|
-
External (see lib/sorcery/controller/submodules/external.rb):
|
|
215
|
-
|
|
246
|
+
**External** (see [lib/sorcery/controller/submodules/external.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/external.rb)):
|
|
247
|
+
|
|
248
|
+
* OAuth1 and OAuth2 support (currently: Twitter, Facebook, Github, Google, Heroku,
|
|
249
|
+
LinkedIn, VK, LiveID, Xing, and Salesforce)
|
|
216
250
|
* configurable db field names and authentications table.
|
|
217
251
|
|
|
218
252
|
|
|
219
|
-
## Next Planned Features
|
|
253
|
+
## Next Planned Features
|
|
220
254
|
|
|
221
255
|
I've got some thoughts which include (unordered):
|
|
256
|
+
|
|
222
257
|
* Passing a block to encrypt, allowing the developer to define his own mix
|
|
223
258
|
of salting and encrypting
|
|
224
259
|
* Forgot username, maybe as part of the reset_password module
|
|
@@ -243,23 +278,53 @@ In short, an app that works with x.3.1 should be able to upgrade to x.3.2 with
|
|
|
243
278
|
no code changes. The same cannot be said about upgrading to x.4.0 and above,
|
|
244
279
|
however.
|
|
245
280
|
|
|
281
|
+
## DataMapper Support
|
|
282
|
+
|
|
283
|
+
Important notes:
|
|
284
|
+
|
|
285
|
+
* Expected to work with DM adapters: dm-mysql-adapter,
|
|
286
|
+
dm-redis-adapter.
|
|
287
|
+
* Submodules DM adapter dependent: activity_logging (dm-mysql-adapter)
|
|
288
|
+
* Usage: include DataMapper::Resource in user model, follow sorcery
|
|
289
|
+
instructions (remember to add property id, validators and accessor
|
|
290
|
+
attributes such as password and password_confirmation)
|
|
291
|
+
* Option downcase__username_before_authenticating and dm-mysql,
|
|
292
|
+
http://datamapper.lighthouseapp.com/projects/20609/tickets/1105-add-support-for-definingchanging-default-collation
|
|
293
|
+
|
|
246
294
|
## Upgrading
|
|
247
295
|
|
|
248
296
|
Important notes while upgrading:
|
|
249
297
|
|
|
298
|
+
* If you are upgrading from <= **0.8.6** and you use Sorcery model methods in your app,
|
|
299
|
+
you might need to change them from `user.method` to `user.sorcery_adapter.method` and from
|
|
300
|
+
`User.method` to `User.sorcery_adapter_method`
|
|
301
|
+
|
|
302
|
+
* If you are upgrading from <= **0.8.5** and you're using Sorcery test helpers,
|
|
303
|
+
you need to change the way you include them to following code:
|
|
304
|
+
|
|
305
|
+
```ruby
|
|
306
|
+
RSpec.configure do |config|
|
|
307
|
+
config.include Sorcery::TestHelpers::Rails::Controller, type: :controller
|
|
308
|
+
config.include Sorcery::TestHelpers::Rails::Integration, type: :feature
|
|
309
|
+
end
|
|
310
|
+
```
|
|
311
|
+
|
|
250
312
|
* If are upgrading to **0.8.2** and use activity_logging feature with
|
|
251
313
|
ActiveRecord, you will have to add a new column
|
|
252
314
|
`last_login_from_ip_address`
|
|
253
315
|
[#465](https://github.com/NoamB/sorcery/issues/465)
|
|
254
316
|
* Sinatra support existed until **v0.7.0** (including), but was dropped
|
|
255
317
|
later due to being a maintenance nightmare.
|
|
256
|
-
* If upgrading from <= **0.6.1 to >=
|
|
257
|
-
'
|
|
318
|
+
* If upgrading from <= **0.6.1 to >= **0.7.0** you need to change
|
|
319
|
+
'username
|
|
320
|
+
_attribute_name' to 'username_attribute_names' in initializer.
|
|
258
321
|
* If upgrading from <= **v0.5.1** to >= **v0.5.2** you need to explicitly
|
|
259
322
|
set your user_class model in the initializer file.
|
|
260
323
|
|
|
261
|
-
|
|
262
|
-
|
|
324
|
+
```ruby
|
|
325
|
+
# This line must come after the 'user config' block.
|
|
326
|
+
config.user_class = User
|
|
327
|
+
```
|
|
263
328
|
|
|
264
329
|
|
|
265
330
|
## Contributing to sorcery
|
|
@@ -294,7 +359,13 @@ email: shatrov@me.com
|
|
|
294
359
|
|
|
295
360
|
twitter: @Kiiiir
|
|
296
361
|
|
|
362
|
+
#### Grzegorz Witek
|
|
363
|
+
|
|
364
|
+
email: arnvald.to@gmail.com
|
|
365
|
+
|
|
366
|
+
twitter: @arnvald
|
|
367
|
+
|
|
297
368
|
## Copyright
|
|
298
369
|
|
|
299
|
-
Copyright (c) 2010 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
|
|
370
|
+
Copyright (c) 2010-2014 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
|
|
300
371
|
further details.
|