sorcery 0.8.5 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (163) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -1
  3. data/.travis.yml +122 -5
  4. data/CHANGELOG.md +37 -1
  5. data/Gemfile +10 -18
  6. data/README.md +159 -88
  7. data/gemfiles/active_record-rails40.gemfile +7 -0
  8. data/gemfiles/active_record-rails41.gemfile +7 -0
  9. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  10. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  11. data/gemfiles/mongoid-rails40.gemfile +9 -0
  12. data/gemfiles/mongoid-rails41.gemfile +9 -0
  13. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  14. data/lib/generators/sorcery/USAGE +1 -1
  15. data/lib/generators/sorcery/install_generator.rb +19 -5
  16. data/lib/generators/sorcery/templates/initializer.rb +34 -9
  17. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -1
  18. data/lib/generators/sorcery/templates/migration/core.rb +2 -2
  19. data/lib/generators/sorcery/templates/migration/external.rb +3 -1
  20. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  21. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  22. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  23. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  24. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  25. data/lib/sorcery/controller/config.rb +65 -0
  26. data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
  27. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  28. data/lib/sorcery/controller/submodules/external.rb +35 -40
  29. data/lib/sorcery/controller/submodules/remember_me.rb +4 -4
  30. data/lib/sorcery/controller/submodules/session_timeout.rb +10 -6
  31. data/lib/sorcery/controller.rb +10 -74
  32. data/lib/sorcery/model/config.rb +96 -0
  33. data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
  34. data/lib/sorcery/model/submodules/brute_force_protection.rb +21 -21
  35. data/lib/sorcery/model/submodules/external.rb +53 -9
  36. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  37. data/lib/sorcery/model/submodules/reset_password.rb +33 -34
  38. data/lib/sorcery/model/submodules/user_activation.rb +36 -47
  39. data/lib/sorcery/model/temporary_token.rb +4 -4
  40. data/lib/sorcery/model.rb +73 -173
  41. data/lib/sorcery/protocols/oauth.rb +42 -0
  42. data/lib/sorcery/protocols/oauth2.rb +47 -0
  43. data/lib/sorcery/providers/base.rb +38 -0
  44. data/lib/sorcery/providers/facebook.rb +63 -0
  45. data/lib/sorcery/providers/github.rb +51 -0
  46. data/lib/sorcery/providers/google.rb +51 -0
  47. data/lib/sorcery/providers/heroku.rb +57 -0
  48. data/lib/sorcery/providers/jira.rb +77 -0
  49. data/lib/sorcery/providers/linkedin.rb +66 -0
  50. data/lib/sorcery/providers/liveid.rb +53 -0
  51. data/lib/sorcery/providers/salesforce.rb +50 -0
  52. data/lib/sorcery/providers/twitter.rb +59 -0
  53. data/lib/sorcery/providers/vk.rb +63 -0
  54. data/lib/sorcery/providers/xing.rb +64 -0
  55. data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
  56. data/lib/sorcery/test_helpers/internal.rb +7 -3
  57. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  58. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  59. data/lib/sorcery/version.rb +3 -0
  60. data/lib/sorcery.rb +82 -58
  61. data/sorcery.gemspec +19 -19
  62. data/spec/active_record/user_activation_spec.rb +1 -1
  63. data/spec/active_record/user_activity_logging_spec.rb +10 -1
  64. data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
  65. data/spec/active_record/user_oauth_spec.rb +1 -1
  66. data/spec/active_record/user_remember_me_spec.rb +1 -1
  67. data/spec/active_record/user_reset_password_spec.rb +1 -1
  68. data/spec/active_record/user_spec.rb +7 -8
  69. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  70. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  71. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  72. data/spec/controllers/controller_oauth2_spec.rb +414 -0
  73. data/spec/controllers/controller_oauth_spec.rb +240 -0
  74. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  75. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  76. data/spec/controllers/controller_spec.rb +218 -0
  77. data/spec/data_mapper/user_activation_spec.rb +10 -0
  78. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  79. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  80. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  81. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  82. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  83. data/spec/data_mapper/user_spec.rb +27 -0
  84. data/spec/mongo_mapper/user_activation_spec.rb +1 -2
  85. data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
  86. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
  87. data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
  88. data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
  89. data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
  90. data/spec/mongo_mapper/user_spec.rb +7 -8
  91. data/spec/mongoid/user_activation_spec.rb +1 -2
  92. data/spec/mongoid/user_activity_logging_spec.rb +1 -2
  93. data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
  94. data/spec/mongoid/user_oauth_spec.rb +1 -2
  95. data/spec/mongoid/user_remember_me_spec.rb +1 -2
  96. data/spec/mongoid/user_reset_password_spec.rb +1 -2
  97. data/spec/mongoid/user_spec.rb +21 -9
  98. data/spec/orm/active_record.rb +14 -0
  99. data/spec/orm/data_mapper.rb +48 -0
  100. data/spec/orm/mongo_mapper.rb +1 -1
  101. data/spec/orm/mongoid.rb +5 -0
  102. data/spec/rails_app/app/controllers/sorcery_controller.rb +125 -59
  103. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  104. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  105. data/spec/rails_app/app/mongo_mapper/user.rb +2 -0
  106. data/spec/rails_app/config/routes.rb +27 -13
  107. data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +2 -2
  108. data/spec/shared_examples/user_activation_shared_examples.rb +108 -91
  109. data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
  110. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  111. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  112. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  113. data/spec/shared_examples/user_reset_password_shared_examples.rb +138 -117
  114. data/spec/shared_examples/user_shared_examples.rb +297 -150
  115. data/spec/sorcery_crypto_providers_spec.rb +28 -28
  116. data/spec/spec_helper.rb +12 -18
  117. metadata +99 -165
  118. data/Gemfile.rails4 +0 -24
  119. data/VERSION +0 -1
  120. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
  121. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
  122. data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
  123. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
  124. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
  125. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
  126. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
  127. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
  128. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
  129. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
  130. data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
  131. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  132. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  133. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  134. data/lib/sorcery/test_helpers/rails.rb +0 -16
  135. data/lib/sorcery/test_helpers.rb +0 -5
  136. data/spec/active_record/controller_activity_logging_spec.rb +0 -140
  137. data/spec/active_record/controller_brute_force_protection_spec.rb +0 -136
  138. data/spec/active_record/controller_http_basic_auth_spec.rb +0 -59
  139. data/spec/active_record/controller_oauth2_spec.rb +0 -417
  140. data/spec/active_record/controller_oauth_spec.rb +0 -212
  141. data/spec/active_record/controller_remember_me_spec.rb +0 -96
  142. data/spec/active_record/controller_session_timeout_spec.rb +0 -55
  143. data/spec/active_record/controller_spec.rb +0 -182
  144. data/spec/active_record/integration_spec.rb +0 -23
  145. data/spec/mongo_mapper/controller_spec.rb +0 -175
  146. data/spec/mongoid/controller_activity_logging_spec.rb +0 -111
  147. data/spec/mongoid/controller_spec.rb +0 -186
  148. data/spec/rails_app/public/404.html +0 -26
  149. data/spec/rails_app/public/422.html +0 -26
  150. data/spec/rails_app/public/500.html +0 -26
  151. data/spec/rails_app/public/favicon.ico +0 -0
  152. data/spec/rails_app/public/images/rails.png +0 -0
  153. data/spec/rails_app/public/javascripts/application.js +0 -2
  154. data/spec/rails_app/public/javascripts/controls.js +0 -965
  155. data/spec/rails_app/public/javascripts/dragdrop.js +0 -974
  156. data/spec/rails_app/public/javascripts/effects.js +0 -1123
  157. data/spec/rails_app/public/javascripts/prototype.js +0 -6001
  158. data/spec/rails_app/public/javascripts/rails.js +0 -175
  159. data/spec/rails_app/public/robots.txt +0 -5
  160. data/spec/rails_app/public/stylesheets/.gitkeep +0 -0
  161. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  162. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -69
  163. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
@@ -0,0 +1,97 @@
1
+ module Sorcery
2
+ module Adapters
3
+ class MongoidAdapter < BaseAdapter
4
+ def increment(attr)
5
+ mongoid_4? ? @model.inc(attr => 1) : @model.inc(attr, 1)
6
+ end
7
+
8
+ def update_attributes(attrs)
9
+ attrs.each do |name, value|
10
+ attrs[name] = value.utc if value.is_a?(ActiveSupport::TimeWithZone)
11
+ @model.send(:"#{name}=", value)
12
+ end
13
+ @model.class.where(:_id => @model.id).update_all(attrs)
14
+ end
15
+
16
+ def update_attribute(name, value)
17
+ update_attributes(name => value)
18
+ end
19
+
20
+ def save(options = {})
21
+ mthd = options.delete(:raise_on_failure) ? :save! : :save
22
+ @model.send(mthd, options)
23
+ end
24
+
25
+ def mongoid_4?
26
+ Gem::Version.new(::Mongoid::VERSION) >= Gem::Version.new("4.0.0.alpha")
27
+ end
28
+
29
+ class << self
30
+
31
+ def define_field(name, type, options={})
32
+ @klass.field name, options.slice(:default).merge(type: type)
33
+ end
34
+
35
+ def define_callback(time, event, method_name, options={})
36
+ @klass.send "#{time}_#{event}", method_name, options.slice(:if)
37
+ end
38
+
39
+ def credential_regex(credential)
40
+ return { :$regex => /^#{Regexp.escape(credential)}$/i } if (@klass.sorcery_config.downcase_username_before_authenticating)
41
+ credential
42
+ end
43
+
44
+ def find_by_credentials(credentials)
45
+ @klass.sorcery_config.username_attribute_names.each do |attribute|
46
+ @user = @klass.where(attribute => credential_regex(credentials[0])).first
47
+ break if @user
48
+ end
49
+ @user
50
+ end
51
+
52
+ def find_by_oauth_credentials(provider, uid)
53
+ @user_config ||= ::Sorcery::Controller::Config.user_class.to_s.constantize.sorcery_config
54
+ @klass.where(@user_config.provider_attribute_name => provider, @user_config.provider_uid_attribute_name => uid).first
55
+ end
56
+
57
+ def find_by_activation_token(token)
58
+ @klass.where(@klass.sorcery_config.activation_token_attribute_name => token).first
59
+ end
60
+
61
+ def find_by_remember_me_token(token)
62
+ @klass.where(@klass.sorcery_config.remember_me_token_attribute_name => token).first
63
+ end
64
+
65
+ def transaction(&blk)
66
+ tap(&blk)
67
+ end
68
+
69
+ def find_by_id(id)
70
+ @klass.find(id)
71
+ rescue ::Mongoid::Errors::DocumentNotFound
72
+ nil
73
+ end
74
+
75
+ def find_by_username(username)
76
+ query = @klass.sorcery_config.username_attribute_names.map {|name| {name => username}}
77
+ @klass.any_of(*query).first
78
+ end
79
+
80
+ def find_by_token(token_attr_name, token)
81
+ @klass.where(token_attr_name => token).first
82
+ end
83
+
84
+ def find_by_email(email)
85
+ @klass.where(@klass.sorcery_config.email_attribute_name => email).first
86
+ end
87
+
88
+ def get_current_users
89
+ config = @klass.sorcery_config
90
+ @klass.where(config.last_activity_at_attribute_name.ne => nil) \
91
+ .where("this.#{config.last_logout_at_attribute_name} == null || this.#{config.last_activity_at_attribute_name} > this.#{config.last_logout_at_attribute_name}") \
92
+ .where(config.last_activity_at_attribute_name.gt => config.activity_timeout.seconds.ago.utc).order_by([:_id,:asc])
93
+ end
94
+ end
95
+ end
96
+ end
97
+ end
@@ -0,0 +1,65 @@
1
+ module Sorcery
2
+ module Controller
3
+ module Config
4
+ class << self
5
+ attr_accessor :submodules,
6
+ :user_class, # what class to use as the user class.
7
+ :not_authenticated_action, # what controller action to call for non-authenticated users.
8
+
9
+ :save_return_to_url, # when a non logged in user tries to enter a page that requires
10
+ # login, save the URL he wanted to reach,
11
+ # and send him there after login.
12
+
13
+ :cookie_domain, # set domain option for cookies
14
+
15
+ :login_sources,
16
+ :after_login,
17
+ :after_failed_login,
18
+ :before_logout,
19
+ :after_logout
20
+
21
+ def init!
22
+ @defaults = {
23
+ :@user_class => nil,
24
+ :@submodules => [],
25
+ :@not_authenticated_action => :not_authenticated,
26
+ :@login_sources => [],
27
+ :@after_login => [],
28
+ :@after_failed_login => [],
29
+ :@before_logout => [],
30
+ :@after_logout => [],
31
+ :@save_return_to_url => true,
32
+ :@cookie_domain => nil
33
+ }
34
+ end
35
+
36
+ # Resets all configuration options to their default values.
37
+ def reset!
38
+ @defaults.each do |k,v|
39
+ instance_variable_set(k,v)
40
+ end
41
+ end
42
+
43
+ def update!
44
+ @defaults.each do |k,v|
45
+ instance_variable_set(k,v) if !instance_variable_defined?(k)
46
+ end
47
+ end
48
+
49
+ def user_config(&blk)
50
+ block_given? ? @user_config = blk : @user_config
51
+ end
52
+
53
+ def configure(&blk)
54
+ @configure_blk = blk
55
+ end
56
+
57
+ def configure!
58
+ @configure_blk.call(self) if @configure_blk
59
+ end
60
+ end
61
+ init!
62
+ reset!
63
+ end
64
+ end
65
+ end
@@ -1,13 +1,13 @@
1
1
  module Sorcery
2
2
  module Controller
3
3
  module Submodules
4
- # This submodule keeps track of events such as login, logout,
4
+ # This submodule keeps track of events such as login, logout,
5
5
  # and last activity time, per user.
6
6
  # It helps in estimating which users are active now in the site.
7
- # This cannot be determined absolutely because a user might be
7
+ # This cannot be determined absolutely because a user might be
8
8
  # reading a page without clicking anything for a while.
9
- # This is the controller part of the submodule, which adds hooks
10
- # to register user events,
9
+ # This is the controller part of the submodule, which adds hooks
10
+ # to register user events,
11
11
  # and methods to collect active users data for use in the app.
12
12
  # see Socery::Model::Submodules::ActivityLogging for configuration
13
13
  # options.
@@ -20,7 +20,7 @@ module Sorcery
20
20
  attr_accessor :register_logout_time
21
21
  attr_accessor :register_last_activity_time
22
22
  attr_accessor :register_last_ip_address
23
-
23
+
24
24
  def merge_activity_logging_defaults!
25
25
  @defaults.merge!(:@register_login_time => true,
26
26
  :@register_logout_time => true,
@@ -36,49 +36,44 @@ module Sorcery
36
36
  Config.before_logout << :register_logout_time_to_db
37
37
  base.after_filter :register_last_activity_time_to_db
38
38
  end
39
-
39
+
40
40
  module InstanceMethods
41
41
  # Returns an array of the active users.
42
42
  def current_users
43
+ ActiveSupport::Deprecation.warn("Sorcery: `current_users` method is deprecated. Read more on Github: https://github.com/NoamB/sorcery/issues/602")
44
+
43
45
  user_class.current_users
44
- # A possible patch here:
45
- # we'll add the current_user to the users list if he's not in it
46
- # (can happen when he was inactive for more than activity timeout):
47
- #
48
- # users.unshift!(current_user) if logged_in? && users.find {|u| u.id == current_user.id}.nil?
49
- #
50
- # disadvantages: can hurt performance.
51
46
  end
52
-
47
+
53
48
  protected
54
-
49
+
55
50
  # registers last login time on every login.
56
51
  # This runs as a hook just after a successful login.
57
52
  def register_login_time_to_db(user, credentials)
58
53
  return unless Config.register_login_time
59
- user.update_single_attribute(user.sorcery_config.last_login_at_attribute_name, Time.now.in_time_zone)
54
+ user.set_last_login_at(Time.now.in_time_zone)
60
55
  end
61
-
56
+
62
57
  # registers last logout time on every logout.
63
58
  # This runs as a hook just before a logout.
64
59
  def register_logout_time_to_db(user)
65
60
  return unless Config.register_logout_time
66
- user.update_single_attribute(user.sorcery_config.last_logout_at_attribute_name, Time.now.in_time_zone)
61
+ user.set_last_logout_at(Time.now.in_time_zone)
67
62
  end
68
-
63
+
69
64
  # Updates last activity time on every request.
70
65
  # The only exception is logout - we do not update activity on logout
71
66
  def register_last_activity_time_to_db
72
67
  return unless Config.register_last_activity_time
73
68
  return unless logged_in?
74
- current_user.update_single_attribute(current_user.sorcery_config.last_activity_at_attribute_name, Time.now.in_time_zone)
69
+ current_user.set_last_activity_at(Time.now.in_time_zone)
75
70
  end
76
71
 
77
72
  # Updates IP address on every login.
78
73
  # This runs as a hook just after a successful login.
79
74
  def register_last_ip_address(user, credentials)
80
75
  return unless Config.register_last_ip_address
81
- current_user.update_single_attribute(current_user.sorcery_config.last_login_from_ip_address_name, request.remote_ip)
76
+ current_user.set_last_ip_addess(request.remote_ip)
82
77
  end
83
78
  end
84
79
  end
@@ -14,22 +14,22 @@ module Sorcery
14
14
  Config.after_login << :reset_failed_logins_count!
15
15
  Config.after_failed_login << :update_failed_logins_count!
16
16
  end
17
-
17
+
18
18
  module InstanceMethods
19
-
19
+
20
20
  protected
21
-
21
+
22
22
  # Increments the failed logins counter on every failed login.
23
23
  # Runs as a hook after a failed login.
24
24
  def update_failed_logins_count!(credentials)
25
- user = user_class.find_by_credentials(credentials)
25
+ user = user_class.sorcery_adapter.find_by_credentials(credentials)
26
26
  user.register_failed_login! if user
27
27
  end
28
-
28
+
29
29
  # Resets the failed logins counter.
30
30
  # Runs as a hook after a successful login.
31
31
  def reset_failed_logins_count!(user, credentials)
32
- user.update_many_attributes(user_class.sorcery_config.failed_logins_count_attribute_name => 0)
32
+ user.sorcery_adapter.update_attribute(user_class.sorcery_config.failed_logins_count_attribute_name, 0)
33
33
  end
34
34
  end
35
35
  end
@@ -6,21 +6,41 @@ module Sorcery
6
6
  module External
7
7
  def self.included(base)
8
8
  base.send(:include, InstanceMethods)
9
+
10
+ require 'sorcery/providers/base'
11
+ require 'sorcery/providers/facebook'
12
+ require 'sorcery/providers/twitter'
13
+ require 'sorcery/providers/vk'
14
+ require 'sorcery/providers/linkedin'
15
+ require 'sorcery/providers/liveid'
16
+ require 'sorcery/providers/xing'
17
+ require 'sorcery/providers/github'
18
+ require 'sorcery/providers/heroku'
19
+ require 'sorcery/providers/google'
20
+ require 'sorcery/providers/jira'
21
+ require 'sorcery/providers/salesforce'
22
+
9
23
  Config.module_eval do
10
24
  class << self
11
- attr_reader :external_providers # external providers like twitter.
12
- attr_accessor :ca_file # path to ca_file. By default use a internal ca-bundle.crt.
13
-
14
- def merge_external_defaults!
15
- @defaults.merge!(:@external_providers => [],
16
- :@ca_file => File.join(File.expand_path(File.dirname(__FILE__)), 'external/protocols/certs/ca-bundle.crt'))
17
- end
25
+ attr_reader :external_providers
26
+ attr_accessor :ca_file
18
27
 
19
28
  def external_providers=(providers)
20
- providers.each do |provider|
21
- include Providers.const_get(provider.to_s.split("_").map {|p| p.capitalize}.join(""))
29
+ @external_providers = providers
30
+
31
+ providers.each do |name|
32
+ class_eval <<-E
33
+ def self.#{name}
34
+ @#{name} ||= Sorcery::Providers.const_get('#{name}'.to_s.capitalize).new
35
+ end
36
+ E
22
37
  end
23
38
  end
39
+
40
+ def merge_external_defaults!
41
+ @defaults.merge!(:@external_providers => [],
42
+ :@ca_file => File.join(File.expand_path(File.dirname(__FILE__)), '../../protocols/certs/ca-bundle.crt'))
43
+ end
24
44
  end
25
45
  merge_external_defaults!
26
46
  end
@@ -31,9 +51,7 @@ module Sorcery
31
51
 
32
52
  # save the singleton ProviderClient instance into @provider
33
53
  def sorcery_get_provider(provider_name)
34
- allowed = %w(facebook github google linkedin liveid twitter vk xing)
35
- return unless allowed.include?(provider_name.to_s)
36
-
54
+ return unless Config.external_providers.include?(provider_name.to_sym)
37
55
  Config.send(provider_name.to_sym)
38
56
  end
39
57
 
@@ -118,15 +136,7 @@ module Sorcery
118
136
  sorcery_fetch_user_hash provider_name
119
137
  config = user_class.sorcery_config
120
138
 
121
- # first check to see if user has a particular authentication already
122
- unless (current_user.send(config.authentications_class.name.underscore.pluralize).send("find_by_#{config.provider_attribute_name}_and_#{config.provider_uid_attribute_name}", provider_name, @user_hash[:uid].to_s))
123
- user = current_user.send(config.authentications_class.name.underscore.pluralize).build(config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name.to_s)
124
- user.save(:validate => false)
125
- else
126
- user = false
127
- end
128
-
129
- return user
139
+ current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s)
130
140
  end
131
141
 
132
142
  # Initialize new user from provider informations.
@@ -138,13 +148,12 @@ module Sorcery
138
148
 
139
149
  attrs = user_attrs(@provider.user_info_mapping, @user_hash)
140
150
 
141
- user = user_class.new(attrs)
142
- user.send(config.authentications_class.to_s.downcase.pluralize).build(config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name)
151
+ user, saved = user_class.create_and_validate_from_provider(provider_name, @user_hash[:uid], attrs)
143
152
 
144
153
  session[:incomplete_user] = {
145
154
  :provider => {config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name},
146
155
  :user_hash => attrs
147
- } unless user.save
156
+ } unless saved
148
157
 
149
158
  return user
150
159
  end
@@ -165,26 +174,12 @@ module Sorcery
165
174
  #
166
175
  # create_from(provider) {|user| user.some_check }
167
176
  #
168
- def create_from(provider_name)
177
+ def create_from(provider_name, &block)
169
178
  sorcery_fetch_user_hash provider_name
170
179
  config = user_class.sorcery_config
171
180
 
172
181
  attrs = user_attrs(@provider.user_info_mapping, @user_hash)
173
-
174
- user_class.transaction do
175
- @user = user_class.new()
176
- attrs.each do |k,v|
177
- @user.send(:"#{k}=", v)
178
- end
179
-
180
- if block_given?
181
- return false unless yield @user
182
- end
183
-
184
- @user.save(:validate => false)
185
- user_class.sorcery_config.authentications_class.create!({config.authentications_user_id_attribute_name => @user.id, config.provider_attribute_name => provider_name, config.provider_uid_attribute_name => @user_hash[:uid]})
186
- end
187
- @user
182
+ @user = user_class.create_from_provider(provider_name, @user_hash[:uid], attrs, &block)
188
183
  end
189
184
 
190
185
  def user_attrs(user_info_mapping, user_hash)
@@ -38,7 +38,7 @@ module Sorcery
38
38
  # Override.
39
39
  # logins a user instance, and optionally remembers him.
40
40
  def auto_login(user, should_remember = false)
41
- session[:user_id] = user.id
41
+ session[:user_id] = user.id.to_s
42
42
  @current_user = user
43
43
  remember_me! if should_remember
44
44
  end
@@ -55,10 +55,10 @@ module Sorcery
55
55
  # and logs the user in if found.
56
56
  # Runs as a login source. See 'current_user' method for how it is used.
57
57
  def login_from_cookie
58
- user = cookies.signed[:remember_me_token] && user_class.find_by_remember_me_token(cookies.signed[:remember_me_token])
59
- if user && user.remember_me_token?
58
+ user = cookies.signed[:remember_me_token] && user_class.sorcery_adapter.find_by_remember_me_token(cookies.signed[:remember_me_token])
59
+ if user && user.has_remember_me_token?
60
60
  set_remember_me_cookie!(user)
61
- session[:user_id] = user.id
61
+ session[:user_id] = user.id.to_s
62
62
  @current_user = user
63
63
  else
64
64
  @current_user = false
@@ -9,10 +9,10 @@ module Sorcery
9
9
  Config.module_eval do
10
10
  class << self
11
11
  attr_accessor :session_timeout, # how long in seconds to keep the session alive.
12
-
12
+
13
13
  :session_timeout_from_last_action # use the last action as the beginning of session
14
14
  # timeout.
15
-
15
+
16
16
  def merge_session_timeout_defaults!
17
17
  @defaults.merge!(:@session_timeout => 3600, # 1.hour
18
18
  :@session_timeout_from_last_action => false)
@@ -23,21 +23,21 @@ module Sorcery
23
23
  Config.after_login << :register_login_time
24
24
  base.prepend_before_filter :validate_session
25
25
  end
26
-
26
+
27
27
  module InstanceMethods
28
28
  protected
29
-
29
+
30
30
  # Registers last login to be used as the timeout starting point.
31
31
  # Runs as a hook after a successful login.
32
32
  def register_login_time(user, credentials)
33
33
  session[:login_time] = session[:last_action_time] = Time.now.in_time_zone
34
34
  end
35
-
35
+
36
36
  # Checks if session timeout was reached and expires the current session if so.
37
37
  # To be used as a before_filter, before require_login
38
38
  def validate_session
39
39
  session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time]
40
- if session_to_use && (Time.now.in_time_zone - session_to_use > Config.session_timeout)
40
+ if session_to_use && sorcery_session_expired?(session_to_use.to_time)
41
41
  reset_sorcery_session
42
42
  @current_user = nil
43
43
  else
@@ -45,6 +45,10 @@ module Sorcery
45
45
  end
46
46
  end
47
47
 
48
+ def sorcery_session_expired?(time)
49
+ Time.now.in_time_zone - time > Config.session_timeout
50
+ end
51
+
48
52
  end
49
53
  end
50
54
  end
@@ -5,7 +5,7 @@ module Sorcery
5
5
  include InstanceMethods
6
6
  Config.submodules.each do |mod|
7
7
  begin
8
- include Submodules.const_get(mod.to_s.split("_").map {|p| p.capitalize}.join(""))
8
+ include Submodules.const_get(mod.to_s.split('_').map { |p| p.capitalize }.join)
9
9
  rescue NameError
10
10
  # don't stop on a missing submodule.
11
11
  end
@@ -72,13 +72,12 @@ module Sorcery
72
72
  end
73
73
 
74
74
  # attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.)
75
- # returns the logged in user if found, false if not (using old restful-authentication trick, nil != false).
75
+ # returns the logged in user if found, nil if not
76
76
  def current_user
77
- if @current_user == false
78
- false
79
- else
80
- @current_user ||= login_from_session || login_from_other_sources
77
+ unless defined?(@current_user)
78
+ @current_user = login_from_session || login_from_other_sources || nil
81
79
  end
80
+ @current_user
82
81
  end
83
82
 
84
83
  def current_user=(user)
@@ -104,7 +103,7 @@ module Sorcery
104
103
  # @param [<User-Model>] user the user instance.
105
104
  # @return - do not depend on the return value.
106
105
  def auto_login(user, should_remember = false)
107
- session[:user_id] = user.id
106
+ session[:user_id] = user.id.to_s
108
107
  @current_user = user
109
108
  end
110
109
 
@@ -127,11 +126,9 @@ module Sorcery
127
126
  end
128
127
 
129
128
  def login_from_session
130
- @current_user = (user_class.find(session[:user_id]) if session[:user_id]) || false
131
- rescue => exception
132
- return false if defined?(Mongoid) and exception.is_a?(Mongoid::Errors::DocumentNotFound)
133
- return false if defined?(ActiveRecord) and exception.is_a?(ActiveRecord::RecordNotFound)
134
- raise exception
129
+ @current_user = if session[:user_id]
130
+ user_class.sorcery_adapter.find_by_id(session[:user_id])
131
+ end
135
132
  end
136
133
 
137
134
  def after_login!(user, credentials = [])
@@ -156,66 +153,5 @@ module Sorcery
156
153
 
157
154
  end
158
155
 
159
- module Config
160
- class << self
161
- attr_accessor :submodules,
162
- :user_class, # what class to use as the user class.
163
- :not_authenticated_action, # what controller action to call for non-authenticated users.
164
-
165
- :save_return_to_url, # when a non logged in user tries to enter a page that requires
166
- # login, save the URL he wanted to reach,
167
- # and send him there after login.
168
-
169
- :cookie_domain, # set domain option for cookies
170
-
171
- :login_sources,
172
- :after_login,
173
- :after_failed_login,
174
- :before_logout,
175
- :after_logout
176
-
177
- def init!
178
- @defaults = {
179
- :@user_class => nil,
180
- :@submodules => [],
181
- :@not_authenticated_action => :not_authenticated,
182
- :@login_sources => [],
183
- :@after_login => [],
184
- :@after_failed_login => [],
185
- :@before_logout => [],
186
- :@after_logout => [],
187
- :@save_return_to_url => true,
188
- :@cookie_domain => nil
189
- }
190
- end
191
-
192
- # Resets all configuration options to their default values.
193
- def reset!
194
- @defaults.each do |k,v|
195
- instance_variable_set(k,v)
196
- end
197
- end
198
-
199
- def update!
200
- @defaults.each do |k,v|
201
- instance_variable_set(k,v) if !instance_variable_defined?(k)
202
- end
203
- end
204
-
205
- def user_config(&blk)
206
- block_given? ? @user_config = blk : @user_config
207
- end
208
-
209
- def configure(&blk)
210
- @configure_blk = blk
211
- end
212
-
213
- def configure!
214
- @configure_blk.call(self) if @configure_blk
215
- end
216
- end
217
- init!
218
- reset!
219
- end
220
- end
156
+ end
221
157
  end