sorcery 0.8.5 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (163) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -1
  3. data/.travis.yml +122 -5
  4. data/CHANGELOG.md +37 -1
  5. data/Gemfile +10 -18
  6. data/README.md +159 -88
  7. data/gemfiles/active_record-rails40.gemfile +7 -0
  8. data/gemfiles/active_record-rails41.gemfile +7 -0
  9. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  10. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  11. data/gemfiles/mongoid-rails40.gemfile +9 -0
  12. data/gemfiles/mongoid-rails41.gemfile +9 -0
  13. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  14. data/lib/generators/sorcery/USAGE +1 -1
  15. data/lib/generators/sorcery/install_generator.rb +19 -5
  16. data/lib/generators/sorcery/templates/initializer.rb +34 -9
  17. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -1
  18. data/lib/generators/sorcery/templates/migration/core.rb +2 -2
  19. data/lib/generators/sorcery/templates/migration/external.rb +3 -1
  20. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  21. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  22. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  23. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  24. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  25. data/lib/sorcery/controller/config.rb +65 -0
  26. data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
  27. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  28. data/lib/sorcery/controller/submodules/external.rb +35 -40
  29. data/lib/sorcery/controller/submodules/remember_me.rb +4 -4
  30. data/lib/sorcery/controller/submodules/session_timeout.rb +10 -6
  31. data/lib/sorcery/controller.rb +10 -74
  32. data/lib/sorcery/model/config.rb +96 -0
  33. data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
  34. data/lib/sorcery/model/submodules/brute_force_protection.rb +21 -21
  35. data/lib/sorcery/model/submodules/external.rb +53 -9
  36. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  37. data/lib/sorcery/model/submodules/reset_password.rb +33 -34
  38. data/lib/sorcery/model/submodules/user_activation.rb +36 -47
  39. data/lib/sorcery/model/temporary_token.rb +4 -4
  40. data/lib/sorcery/model.rb +73 -173
  41. data/lib/sorcery/protocols/oauth.rb +42 -0
  42. data/lib/sorcery/protocols/oauth2.rb +47 -0
  43. data/lib/sorcery/providers/base.rb +38 -0
  44. data/lib/sorcery/providers/facebook.rb +63 -0
  45. data/lib/sorcery/providers/github.rb +51 -0
  46. data/lib/sorcery/providers/google.rb +51 -0
  47. data/lib/sorcery/providers/heroku.rb +57 -0
  48. data/lib/sorcery/providers/jira.rb +77 -0
  49. data/lib/sorcery/providers/linkedin.rb +66 -0
  50. data/lib/sorcery/providers/liveid.rb +53 -0
  51. data/lib/sorcery/providers/salesforce.rb +50 -0
  52. data/lib/sorcery/providers/twitter.rb +59 -0
  53. data/lib/sorcery/providers/vk.rb +63 -0
  54. data/lib/sorcery/providers/xing.rb +64 -0
  55. data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
  56. data/lib/sorcery/test_helpers/internal.rb +7 -3
  57. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  58. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  59. data/lib/sorcery/version.rb +3 -0
  60. data/lib/sorcery.rb +82 -58
  61. data/sorcery.gemspec +19 -19
  62. data/spec/active_record/user_activation_spec.rb +1 -1
  63. data/spec/active_record/user_activity_logging_spec.rb +10 -1
  64. data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
  65. data/spec/active_record/user_oauth_spec.rb +1 -1
  66. data/spec/active_record/user_remember_me_spec.rb +1 -1
  67. data/spec/active_record/user_reset_password_spec.rb +1 -1
  68. data/spec/active_record/user_spec.rb +7 -8
  69. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  70. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  71. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  72. data/spec/controllers/controller_oauth2_spec.rb +414 -0
  73. data/spec/controllers/controller_oauth_spec.rb +240 -0
  74. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  75. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  76. data/spec/controllers/controller_spec.rb +218 -0
  77. data/spec/data_mapper/user_activation_spec.rb +10 -0
  78. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  79. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  80. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  81. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  82. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  83. data/spec/data_mapper/user_spec.rb +27 -0
  84. data/spec/mongo_mapper/user_activation_spec.rb +1 -2
  85. data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
  86. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
  87. data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
  88. data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
  89. data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
  90. data/spec/mongo_mapper/user_spec.rb +7 -8
  91. data/spec/mongoid/user_activation_spec.rb +1 -2
  92. data/spec/mongoid/user_activity_logging_spec.rb +1 -2
  93. data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
  94. data/spec/mongoid/user_oauth_spec.rb +1 -2
  95. data/spec/mongoid/user_remember_me_spec.rb +1 -2
  96. data/spec/mongoid/user_reset_password_spec.rb +1 -2
  97. data/spec/mongoid/user_spec.rb +21 -9
  98. data/spec/orm/active_record.rb +14 -0
  99. data/spec/orm/data_mapper.rb +48 -0
  100. data/spec/orm/mongo_mapper.rb +1 -1
  101. data/spec/orm/mongoid.rb +5 -0
  102. data/spec/rails_app/app/controllers/sorcery_controller.rb +125 -59
  103. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  104. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  105. data/spec/rails_app/app/mongo_mapper/user.rb +2 -0
  106. data/spec/rails_app/config/routes.rb +27 -13
  107. data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +2 -2
  108. data/spec/shared_examples/user_activation_shared_examples.rb +108 -91
  109. data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
  110. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  111. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  112. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  113. data/spec/shared_examples/user_reset_password_shared_examples.rb +138 -117
  114. data/spec/shared_examples/user_shared_examples.rb +297 -150
  115. data/spec/sorcery_crypto_providers_spec.rb +28 -28
  116. data/spec/spec_helper.rb +12 -18
  117. metadata +99 -165
  118. data/Gemfile.rails4 +0 -24
  119. data/VERSION +0 -1
  120. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
  121. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
  122. data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
  123. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
  124. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
  125. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
  126. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
  127. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
  128. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
  129. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
  130. data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
  131. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  132. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  133. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  134. data/lib/sorcery/test_helpers/rails.rb +0 -16
  135. data/lib/sorcery/test_helpers.rb +0 -5
  136. data/spec/active_record/controller_activity_logging_spec.rb +0 -140
  137. data/spec/active_record/controller_brute_force_protection_spec.rb +0 -136
  138. data/spec/active_record/controller_http_basic_auth_spec.rb +0 -59
  139. data/spec/active_record/controller_oauth2_spec.rb +0 -417
  140. data/spec/active_record/controller_oauth_spec.rb +0 -212
  141. data/spec/active_record/controller_remember_me_spec.rb +0 -96
  142. data/spec/active_record/controller_session_timeout_spec.rb +0 -55
  143. data/spec/active_record/controller_spec.rb +0 -182
  144. data/spec/active_record/integration_spec.rb +0 -23
  145. data/spec/mongo_mapper/controller_spec.rb +0 -175
  146. data/spec/mongoid/controller_activity_logging_spec.rb +0 -111
  147. data/spec/mongoid/controller_spec.rb +0 -186
  148. data/spec/rails_app/public/404.html +0 -26
  149. data/spec/rails_app/public/422.html +0 -26
  150. data/spec/rails_app/public/500.html +0 -26
  151. data/spec/rails_app/public/favicon.ico +0 -0
  152. data/spec/rails_app/public/images/rails.png +0 -0
  153. data/spec/rails_app/public/javascripts/application.js +0 -2
  154. data/spec/rails_app/public/javascripts/controls.js +0 -965
  155. data/spec/rails_app/public/javascripts/dragdrop.js +0 -974
  156. data/spec/rails_app/public/javascripts/effects.js +0 -1123
  157. data/spec/rails_app/public/javascripts/prototype.js +0 -6001
  158. data/spec/rails_app/public/javascripts/rails.js +0 -175
  159. data/spec/rails_app/public/robots.txt +0 -5
  160. data/spec/rails_app/public/stylesheets/.gitkeep +0 -0
  161. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  162. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -69
  163. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ece0272de9fa2ea03bbc1be9b2f9aa3b80e0f870
4
- data.tar.gz: 5369015b55c79aab6aeeeae13328624a8e20b7c8
3
+ metadata.gz: f79fec92f71b24d1507e3848c0c943e3b8e7a6ed
4
+ data.tar.gz: bf2cfc0eb30778fbb3eb85f896a9b73811a179c4
5
5
  SHA512:
6
- metadata.gz: 1a45a1696ebbcf7e4e8e248918389a38ea4555c263f12e290b1fdfd92c4e413d9713c29bbe98aa909ab9cb8642ff3e872a15405e6db9398afdf4f940521f68d5
7
- data.tar.gz: aed312b559bbdecd335535df0814989b906d4768fe56382ae18a029f534fb0d9904e8540913e2c6dccc51de9d5e8d2096212a3dbf7f6b787df647987aa72076a
6
+ metadata.gz: d48170391dc1db75bb8bc88ce444ecc8d957796e0aaf96c29cafc4a01493689bc52e47ecaa5c0968c3aced147d623d2623f9dbe56e3dfdf46bf5309b005345f6
7
+ data.tar.gz: 4101544b567f3cb86c02bda20721a864b9c32fb688d62e64e7eee7fc0672614d06e0d8c004c8fa494113a9c834c1a09df1be91454ee00ee58865fcd31d01d7e0
data/.gitignore CHANGED
@@ -51,4 +51,6 @@ spec/rails_app/log/*
51
51
  *.log
52
52
  *.sqlite3
53
53
  Gemfile*.lock
54
- .ruby-version
54
+ gemfiles/*.lock
55
+ .ruby-version
56
+ tags
data/.travis.yml CHANGED
@@ -2,14 +2,131 @@ language: ruby
2
2
  rvm:
3
3
  - 1.9.3
4
4
  - 2.0.0
5
+ - 2.1
5
6
 
6
7
  services: mongodb
7
8
 
8
9
  gemfile:
9
10
  - Gemfile
10
- - Gemfile.rails4
11
11
 
12
- script:
13
- - "SORCERY_ORM=active_record bundle exec rake spec SPEC=spec/active_record"
14
- - "SORCERY_ORM=mongoid bundle exec rake spec SPEC=spec/mongoid"
15
- - "SORCERY_ORM=mongo_mapper bundle exec rake spec SPEC=spec/mongo_mapper"
12
+ env:
13
+ - "SORCERY_ORM=active_record"
14
+ - "SORCERY_ORM=mongoid"
15
+ - "SORCERY_ORM=mongo_mapper"
16
+ - "SORCERY_ORM=data_mapper"
17
+
18
+ before_script:
19
+ - mysql -e 'create database sorcery_test;'
20
+
21
+ matrix:
22
+ allow_failures:
23
+ - rvm: :jruby
24
+
25
+ include:
26
+ - rvm: 1.9.3
27
+ gemfile: gemfiles/mongoid-rails41.gemfile
28
+ env: "SORCERY_ORM=mongoid"
29
+
30
+ - rvm: 2.0.0
31
+ gemfile: gemfiles/mongoid-rails41.gemfile
32
+ env: "SORCERY_ORM=mongoid"
33
+
34
+ - rvm: 2.1
35
+ gemfile: gemfiles/mongoid-rails41.gemfile
36
+ env: "SORCERY_ORM=mongoid"
37
+
38
+ - rvm: jruby
39
+ gemfile: gemfiles/mongoid-rails41.gemfile
40
+ env: "SORCERY_ORM=mongoid"
41
+
42
+ - rvm: 1.9.3
43
+ gemfile: gemfiles/mongo_mapper-rails41.gemfile
44
+ env: "SORCERY_ORM=mongo_mapper"
45
+
46
+ - rvm: 2.0.0
47
+ gemfile: gemfiles/mongo_mapper-rails41.gemfile
48
+ env: "SORCERY_ORM=mongo_mapper"
49
+
50
+ - rvm: 2.1
51
+ gemfile: gemfiles/mongo_mapper-rails41.gemfile
52
+ env: "SORCERY_ORM=mongo_mapper"
53
+
54
+ - rvm: jruby
55
+ gemfile: gemfiles/mongo_mapper-rails41.gemfile
56
+ env: "SORCERY_ORM=mongo_mapper"
57
+
58
+ - rvm: 1.9.3
59
+ gemfile: gemfiles/active_record-rails41.gemfile
60
+ env: "SORCERY_ORM=active_record"
61
+
62
+ - rvm: 2.0.0
63
+ gemfile: gemfiles/active_record-rails41.gemfile
64
+ env: "SORCERY_ORM=active_record"
65
+
66
+ - rvm: 2.1
67
+ gemfile: gemfiles/active_record-rails41.gemfile
68
+ env: "SORCERY_ORM=active_record"
69
+
70
+ - rvm: jruby
71
+ gemfile: gemfiles/active_record-rails41.gemfile
72
+ env: "SORCERY_ORM=active_record"
73
+
74
+ - rvm: 1.9.3
75
+ gemfile: gemfiles/mongoid-rails40.gemfile
76
+ env: "SORCERY_ORM=mongoid"
77
+
78
+ - rvm: 2.0.0
79
+ gemfile: gemfiles/mongoid-rails40.gemfile
80
+ env: "SORCERY_ORM=mongoid"
81
+
82
+ - rvm: 2.1
83
+ gemfile: gemfiles/mongoid-rails40.gemfile
84
+ env: "SORCERY_ORM=mongoid"
85
+
86
+ - rvm: jruby
87
+ gemfile: gemfiles/mongoid-rails40.gemfile
88
+ env: "SORCERY_ORM=mongoid"
89
+
90
+ - rvm: 1.9.3
91
+ gemfile: gemfiles/mongo_mapper-rails40.gemfile
92
+ env: "SORCERY_ORM=mongo_mapper"
93
+
94
+ - rvm: 2.0.0
95
+ gemfile: gemfiles/mongo_mapper-rails40.gemfile
96
+ env: "SORCERY_ORM=mongo_mapper"
97
+
98
+ - rvm: 2.1
99
+ gemfile: gemfiles/mongo_mapper-rails40.gemfile
100
+ env: "SORCERY_ORM=mongo_mapper"
101
+
102
+ - rvm: jruby
103
+ gemfile: gemfiles/mongo_mapper-rails40.gemfile
104
+ env: "SORCERY_ORM=mongo_mapper"
105
+
106
+ - rvm: 1.9.3
107
+ gemfile: gemfiles/active_record-rails40.gemfile
108
+ env: "SORCERY_ORM=active_record"
109
+
110
+ - rvm: 2.0.0
111
+ gemfile: gemfiles/active_record-rails40.gemfile
112
+ env: "SORCERY_ORM=active_record"
113
+
114
+ - rvm: 2.1
115
+ gemfile: gemfiles/active_record-rails40.gemfile
116
+ env: "SORCERY_ORM=active_record"
117
+
118
+ - rvm: jruby
119
+ gemfile: gemfiles/active_record-rails40.gemfile
120
+ env: "SORCERY_ORM=active_record"
121
+
122
+ - rvm: 1.9.3
123
+ gemfile: gemfiles/mongoid3-rails32.gemfile
124
+ env: "SORCERY_ORM=mongoid"
125
+
126
+ - rvm: 2.0.0
127
+ gemfile: gemfiles/mongoid3-rails32.gemfile
128
+ env: "SORCERY_ORM=mongoid"
129
+
130
+ - rvm: 2.1
131
+ gemfile: gemfiles/mongoid3-rails32.gemfile
132
+ env: "SORCERY_ORM=mongoid"
data/CHANGELOG.md CHANGED
@@ -1,6 +1,42 @@
1
1
  # Changelog
2
2
 
3
- ## 0.8.5 (not released)
3
+ ## 1.0 (not released yet)
4
+
5
+ * Adapters (Mongoid, MongoMapper, DataMapper) are now separated from the core Sorcery repo and moved under `sorcery-rails` organization. Special thanks to @juike!
6
+
7
+ ## 0.9.0
8
+
9
+ * Sending emails works with Rails 4.2 (thanks to @wooly)
10
+ * Added `valid_password?` method
11
+ * Added support for JIRA OAuth (thanks to @camilasan)
12
+ * Added support for Heroku OAuth (thanks to @tyrauber)
13
+ * Added support for Salesforce OAuth (thanks to @supremebeing7)
14
+ * Added support for Mongoid 4
15
+ * Fixed issues with empty passwords (thanks to @Borzik)
16
+ * `find_by_provider_and_uid` method was replaced with `find_by_oauth_credentials`
17
+ * Sorcery::VERSION constant was added to allow easy version check
18
+ * `@user.setup_activation` method was made to be public (thanks @iTakeshi)
19
+ * `current_users` method is deprecated
20
+ * Fetching email from VK auth, thanks to @makaroni4
21
+ * Add logged_in? method to test_helpers (thanks to @oriolbcn)
22
+ * #locked? method is now public API (thanks @rogercampos)
23
+ * Introduces a new User instance method `generate_reset_password_token` to generate a new reset password token without sending an email (thanks to @tbuehl)
24
+
25
+ ## 0.8.6
26
+
27
+ * `current_user` returns `nil` instead of `false` if there's no user loggd in (#493)
28
+ * MongoMapper adapter does not override `save!` method anymore. However due to ORM's lack of support for `validate: false` in `save!`, the combination of `validate: false` and `raise_on_failure: true` is not possible in MongoMapper. The errors will not be raised in this situation. (#151)
29
+ * Fixed rename warnings for bcrypt-ruby
30
+ * The way Sorcery adapters are included has been changed due to problem with multiple `included` blocks error in `ActiveSupport::Concern` class (#527)
31
+ * Session timeout works with new cookie serializer introduced in Rails 4.1
32
+ * Rails 4.1 compatibility bugs were fixed, this version is fully supported (#538)
33
+ * VK providers now supports `scope` option
34
+ * Support for DataMapper added
35
+ * Helpers for integration tests were added
36
+ * Fixed problems with special characters in user login attributes (MongoMapper & Mongoid)
37
+ * Fixed remaining `password_confirmation` value - it is now cleared just like `password`
38
+
39
+ ## 0.8.5
4
40
  * Fixed add_provider_to_user with CamelCased authentications_class model (#382)
5
41
  * Fixed unlock_token_mailer_disabled to only disable automatic mailing (#467)
6
42
  * Make send_email_* methods easier to overwrite (#473)
data/Gemfile CHANGED
@@ -1,24 +1,8 @@
1
1
  source 'https://rubygems.org'
2
- # Add dependencies required to use your gem here.
3
- # Example:
4
- # gem "activesupport", ">= 2.3.5"
5
- gem 'oauth', "~> 0.4.4"
6
- gem 'oauth2', "~> 0.8.0"
7
- gem 'bcrypt-ruby', "~> 3.0.0"
8
2
 
9
- # Add dependencies to develop your gem here.
10
- # Include everything needed to run rake, tests, features, etc.
11
-
12
- gem 'abstract', '>= 1.0.0'
13
- gem "rails", "~> 3.2.15"
14
- gem 'json', ">= 1.7.7"
15
- gem "rspec", "~> 2.14.0"
16
- gem 'rspec-rails', "~> 2.14.0"
3
+ gem 'rails', '~> 3.2'
17
4
  gem 'sqlite3'
18
- gem "yard", "~> 0.6.0"
19
- gem "bundler", ">= 1.1.0"
20
- gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
21
- gem 'timecop'
5
+ gem 'pry'
22
6
 
23
7
  group :mongomapper do
24
8
  gem 'mongo_mapper'
@@ -28,3 +12,11 @@ group :mongoid do
28
12
  gem 'mongoid', "~> 2.4.4"
29
13
  gem 'bson_ext'
30
14
  end
15
+
16
+ group :datamapper do
17
+ gem 'mysql2'
18
+ gem 'data_mapper'
19
+ gem 'dm-mysql-adapter'
20
+ end
21
+
22
+ gemspec
data/README.md CHANGED
@@ -1,19 +1,20 @@
1
- [<img src="https://secure.travis-ci.org/NoamB/sorcery.png"
2
- />](http://travis-ci.org/NoamB/sorcery) [<img
3
- src="https://codeclimate.com/github/NoamB/sorcery.png"
4
- />](https://codeclimate.com/github/NoamB/sorcery)
1
+ [![Build Status](https://travis-ci.org/NoamB/sorcery.svg?branch=master)](https://travis-ci.org/NoamB/sorcery)
2
+ [![Code Climate](https://codeclimate.com/github/NoamB/sorcery.png)](https://codeclimate.com/github/NoamB/sorcery)
3
+ [![Inline docs](http://inch-ci.org/github/NoamB/sorcery.png?branch=master)](http://inch-ci.org/github/NoamB/sorcery)
5
4
 
6
5
  # sorcery
7
- Magical Authentication for Rails 3 and 4. Supports ActiveRecord, Mongoid and
8
- MongoMapper.
6
+ Magical Authentication for Rails 3 and 4. Supports ActiveRecord,
7
+ DataMapper, Mongoid and MongoMapper.
9
8
 
10
9
  Inspired by restful_authentication, Authlogic and Devise. Crypto code taken
11
10
  almost unchanged from Authlogic. OAuth code inspired by OmniAuth and Ryan
12
11
  Bates's railscasts about it.
13
12
 
14
- **Rails 4 status:** basicly it works without issues, except
15
- [the issue with protect_from_forgery](https://github.com/NoamB/sorcery/issues/464).
16
- We will release new version soon, which will be updated for Rails 4.
13
+ **What's happening now?** We are working on 1.0 version, which will include some API-breaking changes. It should be released about April 2015.
14
+ Until then we'll continue releasing `0.9.x` version with bug fixed.
15
+
16
+ **Rails 4 status:** [Sorcery 0.9.0](http://rubygems.org/gems/sorcery/versions/0.9.0) is fully tested and ready for Rails 4.0, 4.1 and 4.2.
17
+ **Mongoid status:** Version 0.9.0 works with Mongoid 4.
17
18
 
18
19
  https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication
19
20
 
@@ -35,94 +36,116 @@ can write your own authentication flow. It was built with a few goals in mind:
35
36
 
36
37
  Hopefully, I've achieved this. If not, let me know.
37
38
 
38
- ## Useful Links:
39
-
40
- Railscast: http://railscasts.com/episodes/283-authentication-with-sorcery
41
-
42
- Example Rails 3 app using sorcery:
43
- https://github.com/NoamB/sorcery-example-app
39
+ ## Useful Links
44
40
 
45
- Documentation: http://rubydoc.info/gems/sorcery
41
+ [Documentation](http://rubydoc.info/gems/sorcery) |
42
+ [Railscast](http://railscasts.com/episodes/283-authentication-with-sorcery) | [Simple tutorial](https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication) | [Example Rails 3 app](https://github.com/NoamB/sorcery-example-app)
46
43
 
47
- Check out the tutorials in the github wiki!
44
+ Check out the tutorials in the [Wiki](https://github.com/NoamB/sorcery/wiki) for more!
48
45
 
49
46
  ## API Summary
50
47
 
51
48
  Below is a summary of the library methods. Most method names are self
52
49
  explaining and the rest are commented:
53
50
 
54
- # core
55
- require_login # this is a before filter
56
- login(email, password, remember_me = false)
57
- auto_login(user)# login without credentials
58
- logout
59
- logged_in? # available to view
60
- current_user # available to view
61
- redirect_back_or_to # used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
62
- @user.external? # external users, such as facebook/twitter etc.
63
- User.authenticates_with_sorcery!
64
-
65
- # activity logging
66
- current_users
67
-
68
- # http basic auth
69
- require_login_from_http_basic # this is a before filter
70
-
71
- # external
72
- login_at(provider) # sends the user to an external service (twitter etc.) to authenticate.
73
- login_from(provider) # tries to login from the external provider's callback.
74
- create_from(provider) # create the user in the local app db.
75
-
76
- # remember me
77
- auto_login(user, should_remember=false) # login without credentials, optional remember_me
78
- remember_me!
79
- forget_me!
80
-
81
- # reset password
82
- User.load_from_reset_password_token(token)
83
- @user.deliver_reset_password_instructions!
84
- @user.change_password!(new_password)
85
-
86
- # user activation
87
- User.load_from_activation_token(token)
88
- @user.activate!
51
+
52
+ ### core
53
+ ```ruby
54
+ require_login # this is a before filter
55
+ login(email, password, remember_me = false)
56
+ auto_login(user)# login without credentials
57
+ logout
58
+ logged_in? # available to view
59
+ current_user # available to view
60
+ redirect_back_or_to # used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
61
+ @user.external? # external users, such as facebook/twitter etc.
62
+ User.authenticates_with_sorcery!
63
+ ```
64
+
65
+ ### http basic auth
66
+ ```ruby
67
+ require_login_from_http_basic # this is a before filter
68
+ ```
69
+
70
+ ### external
71
+ ```ruby
72
+ login_at(provider) # sends the user to an external service (twitter etc.) to authenticate.
73
+ login_from(provider) # tries to login from the external provider's callback.
74
+ create_from(provider) # create the user in the local app db.
75
+ ```
76
+
77
+ ### remember me
78
+ ```ruby
79
+ auto_login(user, should_remember=false) # login without credentials, optional remember_me
80
+ remember_me!
81
+ forget_me!
82
+ ```
83
+
84
+ ### reset password
85
+ ```ruby
86
+ User.load_from_reset_password_token(token)
87
+ @user.generate_reset_password_token! # if you want to send the email by youself
88
+ @user.deliver_reset_password_instructions! # generates the token and sends the email
89
+ @user.change_password!(new_password)
90
+ ```
91
+
92
+ ### user activation
93
+ ```ruby
94
+ User.load_from_activation_token(token)
95
+ @user.setup_activation
96
+ @user.activate!
97
+ ```
89
98
 
90
99
  Please see the tutorials in the github wiki for detailed usage information.
91
100
 
92
- ## Installation:
101
+ ## Installation
93
102
 
94
103
  If using bundler, first add 'sorcery' to your Gemfile:
95
104
 
96
- gem "sorcery"
105
+ ```ruby
106
+ gem "sorcery"
107
+ ```
97
108
 
98
109
  And run
99
110
 
100
- bundle install
111
+ ```ruby
112
+ bundle install
113
+ ```
101
114
 
102
115
  Otherwise simply
103
116
 
104
- gem install sorcery
117
+ ```ruby
118
+ gem install sorcery
119
+ ```
105
120
 
106
- ## Rails configuration:
121
+ ## Rails configuration
107
122
 
108
- rails generate sorcery:install
123
+ ```bash
124
+ rails generate sorcery:install
125
+ ```
109
126
 
110
127
  This will generate the core migration file, the initializer file and the
111
128
  'User' model class.
112
129
 
113
- rails generate sorcery:install remember_me reset_password
130
+ ```bash
131
+ rails generate sorcery:install remember_me reset_password
132
+ ```
114
133
 
115
134
  This will generate the migrations files for remember_me and reset_password
116
135
  submodules and will create the initializer file (and add submodules to it),
117
136
  and create the 'User' model class.
118
137
 
119
- rails generate sorcery:install --model Person
138
+ ```bash
139
+ rails generate sorcery:install --model Person
140
+ ```
120
141
 
121
142
  This will generate the core migration file, the initializer and change the
122
143
  model class (in the initializer and migration files) to the class 'Person'
123
144
  (and its pluralized version, 'people')
124
145
 
125
- rails generate sorcery:install http_basic_auth external remember_me --migrations
146
+ ```bash
147
+ rails generate sorcery:install http_basic_auth external remember_me --only-submodules
148
+ ```
126
149
 
127
150
  This will generate only the migration files for the specified submodules and
128
151
  will add them to the initializer file.
@@ -138,25 +161,29 @@ After implementing the `delayed_job` into your project add the code below at
138
161
  the end of the `config/initializers/sorcery.rb` file. After that all emails
139
162
  will be sent asynchronously.
140
163
 
141
- module Sorcery
142
- module Model
143
- module InstanceMethods
144
- def generic_send_email(method, mailer)
145
- config = sorcery_config
146
- mail = config.send(mailer).delay.send(config.send(method), self)
147
- end
148
- end
164
+ ```ruby
165
+ module Sorcery
166
+ module Model
167
+ module InstanceMethods
168
+ def generic_send_email(method, mailer)
169
+ config = sorcery_config
170
+ mail = config.send(mailer).delay.send(config.send(method), self)
149
171
  end
150
172
  end
173
+ end
174
+ end
175
+ ```
151
176
 
152
177
  Sidekiq and Resque integrations are coming soon.
153
178
 
154
179
  ## Single Table Inheritance (STI) Support
155
180
  STI is supported via a single setting in config/initializers/sorcery.rb.
156
181
 
157
- ## Full Features List by module:
182
+ ## Full Features List by module
183
+
184
+ **Core** (see [lib/sorcery/model.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model.rb) and
185
+ [lib/sorcery/controller.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller.rb)):
158
186
 
159
- Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
160
187
  * login/logout, optional return user to requested url on login, configurable
161
188
  redirect for non-logged-in users.
162
189
  * password encryption, algorithms: bcrypt(default), md5, sha1, sha256,
@@ -165,7 +192,8 @@ Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
165
192
  * allow multiple fields to serve as username.
166
193
 
167
194
 
168
- User Activation (see lib/sorcery/model/submodules/user_activation.rb):
195
+ **User Activation** (see [lib/sorcery/model/submodules/user_activation.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/user_activation.rb)):
196
+
169
197
  * User activation by email with optional success email.
170
198
  * configurable attribute names.
171
199
  * configurable mailer, method name, and attribute name.
@@ -173,37 +201,41 @@ User Activation (see lib/sorcery/model/submodules/user_activation.rb):
173
201
  * Optionally prevent non-active users to login.
174
202
 
175
203
 
176
- Reset Password (see lib/sorcery/model/submodules/reset_password.rb):
204
+ **Reset Password** (see [lib/sorcery/model/submodules/reset_password.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/reset_password.rb)):
205
+
177
206
  * Reset password with email verification.
178
207
  * configurable mailer, method name, and attribute name.
179
208
  * configurable temporary token expiration.
180
209
  * configurable time between emails (hammering protection).
181
210
 
182
211
 
183
- Remember Me (see lib/sorcery/model/submodules/remember_me.rb):
212
+ **Remember Me** (see [lib/sorcery/model/submodules/remember_me.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/remember_me.rb)):
213
+
184
214
  * Remember me with configurable expiration.
185
215
  * configurable attribute names.
186
216
 
187
217
 
188
- Session Timeout (see lib/sorcery/controller/submodules/session_timeout.rb):
218
+ **Session Timeout** (see [lib/sorcery/controller/submodules/session_timeout.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/session_timeout.rb)):
219
+
189
220
  * Configurable session timeout.
190
221
  * Optionally session timeout will be calculated from last user action.
191
222
 
192
223
 
193
- Brute Force Protection (see
194
- lib/sorcery/model/submodules/brute_force_protection.rb):
224
+ **Brute Force Protection** (see [lib/sorcery/model/submodules/brute_force_protection.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/brute_force_protection.rb)):
225
+
195
226
  * Brute force login hammering protection.
196
227
  * configurable logins before lock and lock duration.
197
228
 
198
229
 
199
- Basic HTTP Authentication (see
200
- lib/sorcery/controller/submodules/http_basic_auth.rb):
230
+ **Basic HTTP Authentication** (see [lib/sorcery/controller/submodules/http_basic_auth.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/http_basic_auth.rb)):
231
+
201
232
  * A before filter for requesting authentication with HTTP Basic.
202
233
  * automatic login from HTTP Basic.
203
234
  * automatic login is disabled if session key changed.
204
235
 
205
236
 
206
- Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
237
+ **Activity Logging** (see [lib/sorcery/model/submodules/activity_logging.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/activity_logging.rb)):
238
+
207
239
  * automatic logging of last login, last logout, last activity time and IP
208
240
  address for last login.
209
241
  * an easy method of collecting the list of currently logged in users.
@@ -211,14 +243,17 @@ Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
211
243
  list of logged in users.
212
244
 
213
245
 
214
- External (see lib/sorcery/controller/submodules/external.rb):
215
- * OAuth1 and OAuth2 support (currently twitter & facebook)
246
+ **External** (see [lib/sorcery/controller/submodules/external.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/external.rb)):
247
+
248
+ * OAuth1 and OAuth2 support (currently: Twitter, Facebook, Github, Google, Heroku,
249
+ LinkedIn, VK, LiveID, Xing, and Salesforce)
216
250
  * configurable db field names and authentications table.
217
251
 
218
252
 
219
- ## Next Planned Features:
253
+ ## Next Planned Features
220
254
 
221
255
  I've got some thoughts which include (unordered):
256
+
222
257
  * Passing a block to encrypt, allowing the developer to define his own mix
223
258
  of salting and encrypting
224
259
  * Forgot username, maybe as part of the reset_password module
@@ -243,23 +278,53 @@ In short, an app that works with x.3.1 should be able to upgrade to x.3.2 with
243
278
  no code changes. The same cannot be said about upgrading to x.4.0 and above,
244
279
  however.
245
280
 
281
+ ## DataMapper Support
282
+
283
+ Important notes:
284
+
285
+ * Expected to work with DM adapters: dm-mysql-adapter,
286
+ dm-redis-adapter.
287
+ * Submodules DM adapter dependent: activity_logging (dm-mysql-adapter)
288
+ * Usage: include DataMapper::Resource in user model, follow sorcery
289
+ instructions (remember to add property id, validators and accessor
290
+ attributes such as password and password_confirmation)
291
+ * Option downcase__username_before_authenticating and dm-mysql,
292
+ http://datamapper.lighthouseapp.com/projects/20609/tickets/1105-add-support-for-definingchanging-default-collation
293
+
246
294
  ## Upgrading
247
295
 
248
296
  Important notes while upgrading:
249
297
 
298
+ * If you are upgrading from <= **0.8.6** and you use Sorcery model methods in your app,
299
+ you might need to change them from `user.method` to `user.sorcery_adapter.method` and from
300
+ `User.method` to `User.sorcery_adapter_method`
301
+
302
+ * If you are upgrading from <= **0.8.5** and you're using Sorcery test helpers,
303
+ you need to change the way you include them to following code:
304
+
305
+ ```ruby
306
+ RSpec.configure do |config|
307
+ config.include Sorcery::TestHelpers::Rails::Controller, type: :controller
308
+ config.include Sorcery::TestHelpers::Rails::Integration, type: :feature
309
+ end
310
+ ```
311
+
250
312
  * If are upgrading to **0.8.2** and use activity_logging feature with
251
313
  ActiveRecord, you will have to add a new column
252
314
  `last_login_from_ip_address`
253
315
  [#465](https://github.com/NoamB/sorcery/issues/465)
254
316
  * Sinatra support existed until **v0.7.0** (including), but was dropped
255
317
  later due to being a maintenance nightmare.
256
- * If upgrading from <= **0.6.1 to >= <b>0.7.0** you need to change
257
- 'username_attribute_name' to 'username_attribute_names' in initializer.
318
+ * If upgrading from <= **0.6.1 to >= **0.7.0** you need to change
319
+ 'username
320
+ _attribute_name' to 'username_attribute_names' in initializer.
258
321
  * If upgrading from <= **v0.5.1** to >= **v0.5.2** you need to explicitly
259
322
  set your user_class model in the initializer file.
260
323
 
261
- # This line must come after the 'user config' block.
262
- config.user_class = User
324
+ ```ruby
325
+ # This line must come after the 'user config' block.
326
+ config.user_class = User
327
+ ```
263
328
 
264
329
 
265
330
  ## Contributing to sorcery
@@ -294,7 +359,13 @@ email: shatrov@me.com
294
359
 
295
360
  twitter: @Kiiiir
296
361
 
362
+ #### Grzegorz Witek
363
+
364
+ email: arnvald.to@gmail.com
365
+
366
+ twitter: @arnvald
367
+
297
368
  ## Copyright
298
369
 
299
- Copyright (c) 2010 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
370
+ Copyright (c) 2010-2014 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
300
371
  further details.
@@ -0,0 +1,7 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem 'sqlite3', platform: :mri
4
+ gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
5
+ gem 'rails', '~> 4.0.1'
6
+
7
+ gemspec path: '..'
@@ -0,0 +1,7 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem 'sqlite3', platform: :mri
4
+ gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
5
+ gem 'rails', '~> 4.1.0'
6
+
7
+ gemspec path: '..'
@@ -0,0 +1,9 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem 'rails', '~> 4.0.0'
4
+
5
+ gem 'mongo_mapper', github: 'mongomapper/mongomapper'
6
+ gem 'sqlite3', platform: :mri
7
+ gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
8
+
9
+ gemspec path: '..'
@@ -0,0 +1,9 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gem 'rails', '~> 4.1.0'
4
+
5
+ gem 'mongo_mapper', github: 'mongomapper/mongomapper'
6
+ gem 'sqlite3', platform: :mri
7
+ gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
8
+
9
+ gemspec path: '..'