sorcery 0.8.6 → 0.9.0

data/gemfiles/active_record-rails40.gemfile

@@ -0,0 +1,7 @@
+source 'https://rubygems.org'
+
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
+gem 'rails', '~> 4.0.1'
+
+gemspec path: '..'

data/gemfiles/active_record-rails41.gemfile

@@ -1,6 +1,7 @@
 source 'https://rubygems.org'
 
-gem 'sqlite3'
-gem 'rails', '~> 4.1'
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
+gem 'rails', '~> 4.1.0'
 
 gemspec path: '..'

data/gemfiles/mongo_mapper-rails40.gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+
+gem 'rails', '~> 4.0.0'
+
+gem 'mongo_mapper', github: 'mongomapper/mongomapper'
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
+
+gemspec path: '..'

data/gemfiles/mongo_mapper-rails41.gemfile

@@ -3,6 +3,7 @@ source 'https://rubygems.org'
 gem 'rails', '~> 4.1.0'
 
 gem 'mongo_mapper', github: 'mongomapper/mongomapper'
-gem 'sqlite3'
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
 
 gemspec path: '..'

data/gemfiles/mongoid-rails40.gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+
+gem 'rails', '~> 4.0.0'
+
+gem 'mongoid', '~> 4.0.0'
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
+
+gemspec path: '..'

data/gemfiles/mongoid-rails41.gemfile

@@ -2,10 +2,8 @@ source 'https://rubygems.org'
 
 gem 'rails', '~> 4.1.0'
 
-gem 'pry'
-
-gem 'mongoid', github: 'mongoid/mongoid'
-gem 'bson_ext'
-gem 'sqlite3'
+gem 'mongoid', '~> 4.0.0'
+gem 'sqlite3', platform: :mri
+gem 'activerecord-jdbcsqlite3-adapter', platform: :jruby
 
 gemspec path: '..'

data/gemfiles/mongoid3-rails32.gemfile

@@ -0,0 +1,9 @@
+source 'https://rubygems.org'
+
+gem 'rails', '~> 3.2.0'
+
+gem 'mongoid', '~> 3.0'
+gem 'bson_ext'
+gem 'sqlite3'
+
+gemspec path: '..'

data/lib/generators/sorcery/USAGE

@@ -16,7 +16,7 @@ Examples:
     This will generate the core migration file, the initializer and change the model class
     (in the initializer and migration files) to the class 'Person' (and it's pluralized version, 'people')
 
-  rails generate sorcery:install http_basic_auth external remember_me --migrations
+  rails generate sorcery:install http_basic_auth external remember_me --only-submodules
 
     This will generate only the migration files for the specified submodules and will
     add them to the initializer file.

data/lib/generators/sorcery/install_generator.rb

@@ -15,12 +15,21 @@ module Sorcery
                    :desc => "Specify the model class name if you will use anything other than 'User'"
 
       class_option :migrations, :optional => true, :type => :boolean, :banner => "migrations",
+                   :desc => "[DEPRECATED] Please use --only-submodules option instead"
+
+      class_option :only_submodules, :optional => true, :type => :boolean, :banner => "only-submodules",
                    :desc => "Specify if you want to add submodules to an existing model\n\t\t\t     # (will generate migrations files, and add submodules to config file)"
 
 
+      def check_deprecated_options
+        if options[:migrations]
+          warn("[DEPRECATED] `--migrations` option is deprecated, please use `--only-submodules` instead")
+        end
+      end
+
       # Copy the initializer file to config/initializers folder.
       def copy_initializer_file
-        template "initializer.rb", sorcery_config_path unless options[:migrations]
+        template "initializer.rb", sorcery_config_path unless only_submodules?
       end
 
       def configure_initializer_file
@@ -36,8 +45,8 @@ module Sorcery
       end
 
       def configure_model
-        # Generate the model and add 'authenticates_with_sorcery!' unless you passed --migrations
-        unless options[:migrations]
+        # Generate the model and add 'authenticates_with_sorcery!' unless you passed --only-submodules
+        unless only_submodules?
           generate "model #{model_class_name} --skip-migration"
 
           inject_sorcery_to_model
@@ -52,9 +61,9 @@ module Sorcery
 
       # Copy the migrations files to db/migrate folder
       def copy_migration_files
-        # Copy core migration file in all cases except when you pass --migrations.
+        # Copy core migration file in all cases except when you pass --only-submodules.
         return unless defined?(Sorcery::Generators::InstallGenerator::ActiveRecord)
-        migration_template "migration/core.rb", "db/migrate/sorcery_core.rb" unless options[:migrations]
+        migration_template "migration/core.rb", "db/migrate/sorcery_core.rb" unless only_submodules?
 
         if submodules
           submodules.each do |submodule|
@@ -76,6 +85,11 @@ module Sorcery
         end
       end
 
+      private
+      def only_submodules?
+        options[:migrations] || options[:only_submodules]
+      end
+
     end
   end
 end

data/lib/generators/sorcery/templates/initializer.rb

@@ -27,6 +27,12 @@ Rails.application.config.sorcery.configure do |config|
   # config.cookie_domain =
 
 
+  # Allow the remember_me cookie to be set through AJAX
+  # Default: `true`
+  #
+  # config.remember_me_httponly =
+
+
   # -- session timeout --
   # How long in seconds to keep the session alive.
   # Default: `3600`
@@ -67,7 +73,7 @@ Rails.application.config.sorcery.configure do |config|
 
 
   # -- external --
-  # What providers are supported by this app, i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid] .
+  # What providers are supported by this app, i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid, :salesforce] .
   # Default: `[]`
   #
   # config.external_providers =
@@ -101,7 +107,7 @@ Rails.application.config.sorcery.configure do |config|
   # config.xing.user_info_mapping = {first_name: "first_name", last_name: "last_name"}
   #
   #
-  # Twitter wil not accept any requests nor redirect uri containing localhost,
+  # Twitter will not accept any requests nor redirect uri containing localhost,
   # make sure you use 0.0.0.0:3000 to access your app in development
   #
   # config.twitter.key = ""
@@ -114,6 +120,7 @@ Rails.application.config.sorcery.configure do |config|
   # config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
   # config.facebook.user_info_mapping = {:email => "name"}
   # config.facebook.access_permissions = ["email", "publish_stream"]
+  # config.facebook.display = "page"
   #
   # config.github.key = ""
   # config.github.secret = ""
@@ -139,6 +146,29 @@ Rails.application.config.sorcery.configure do |config|
   # config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"
   # config.liveid.user_info_mapping = {:username => "name"}
 
+  # For information about JIRA API:
+  # https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication
+  # to obtain the consumer key and the public key you can use the jira-ruby gem https://github.com/sumoheavy/jira-ruby
+  # or run openssl req -x509 -nodes -newkey rsa:1024 -sha1 -keyout rsakey.pem -out rsacert.pem to obtain the public key
+  # Make sure you have configured the application link properly
+
+  # config.jira.key = "1234567"
+  # config.jira.secret = "jiraTest"
+  # config.jira.site = "http://localhost:2990/jira/plugins/servlet/oauth"
+  # config.jira.signature_method =  "RSA-SHA1"
+  # config.jira.private_key_file = "rsakey.pem"
+
+  # For information about Salesforce API:
+  # https://developer.salesforce.com/signup &
+  # https://www.salesforce.com/us/developer/docs/api_rest/
+  # Salesforce callback_url must be https. You can run the following to generate self-signed ssl cert
+  # openssl req -new -newkey rsa:2048 -sha1 -days 365 -nodes -x509 -keyout server.key -out server.crt
+  # Make sure you have configured the application link properly
+  # config.salesforce.key = '123123'
+  # config.salesforce.secret = 'acb123'
+  # config.salesforce.callback_url = "https://127.0.0.1:9292/oauth/callback?provider=salesforce"
+  # config.salesforce.scope = "full"
+  # config.salesforce.user_info_mapping = {:email => "email"}
 
   # --- user config ---
   config.user_config do |user|
@@ -217,11 +247,6 @@ Rails.application.config.sorcery.configure do |config|
 
 
     # -- remember_me --
-    # allow the remember_me cookie to settable through AJAX
-    # Default: `true`
-    #
-    # user.remember_me_httponly =
-
     # How long in seconds the session length will be
     # Default: `604800`
     #
@@ -330,7 +355,7 @@ Rails.application.config.sorcery.configure do |config|
     # user.reset_password_expiration_period =
 
 
-    # hammering protection, how long to wait before allowing another email to be sent.
+    # hammering protection, how long in seconds to wait before allowing another email to be sent.
     # Default: `5 * 60`
     #
     # user.reset_password_time_between_emails =
@@ -400,7 +425,7 @@ Rails.application.config.sorcery.configure do |config|
     # user.last_activity_at_attribute_name =
 
 
-    # How long since last activity is he user defined logged out?
+    # How long since last activity is the user defined logged out?
     # Default: `10 * 60`
     #
     # user.activity_timeout =

data/lib/generators/sorcery/templates/migration/brute_force_protection.rb

@@ -3,5 +3,7 @@ class SorceryBruteForceProtection < ActiveRecord::Migration
     add_column :<%= model_class_name.tableize %>, :failed_logins_count, :integer, :default => 0
     add_column :<%= model_class_name.tableize %>, :lock_expires_at, :datetime, :default => nil
     add_column :<%= model_class_name.tableize %>, :unlock_token, :string, :default => nil
+
+    add_index :<%= model_class_name.tableize %>, :unlock_token
   end
-end
+end

data/lib/generators/sorcery/templates/migration/core.rb

@@ -2,8 +2,8 @@ class SorceryCore < ActiveRecord::Migration
   def change
     create_table :<%= model_class_name.tableize %> do |t|
       t.string :email,            :null => false
-      t.string :crypted_password, :null => false
-      t.string :salt,             :null => false
+      t.string :crypted_password
+      t.string :salt
 
       t.timestamps
     end

data/lib/generators/sorcery/templates/migration/external.rb

@@ -6,5 +6,7 @@ class SorceryExternal < ActiveRecord::Migration
 
       t.timestamps
     end
+
+    add_index :<%= model_class_name.tableize %>, [:provider, :uid]
   end
-end
+end

data/lib/sorcery.rb

@@ -1,78 +1,110 @@
+require 'sorcery/version'
+
 module Sorcery
-  autoload :Model, 'sorcery/model'
+
+  require 'sorcery/model'
+
+  module Adapters
+    require 'sorcery/adapters/base_adapter'
+  end
+
   module Model
-    autoload :TemporaryToken, 'sorcery/model/temporary_token'
-    module Adapters
-      autoload :ActiveRecord, 'sorcery/model/adapters/active_record'
-      autoload :Mongoid, 'sorcery/model/adapters/mongoid'
-      autoload :MongoMapper, 'sorcery/model/adapters/mongo_mapper'
-      autoload :DataMapper, 'sorcery/model/adapters/datamapper'
-    end
+    require 'sorcery/model/temporary_token'
+    require 'sorcery/model/config'
+
+
     module Submodules
-      autoload :UserActivation, 'sorcery/model/submodules/user_activation'
-      autoload :ResetPassword, 'sorcery/model/submodules/reset_password'
-      autoload :RememberMe, 'sorcery/model/submodules/remember_me'
-      autoload :ActivityLogging, 'sorcery/model/submodules/activity_logging'
-      autoload :BruteForceProtection, 'sorcery/model/submodules/brute_force_protection'
-      autoload :External, 'sorcery/model/submodules/external'
+      require 'sorcery/model/submodules/user_activation'
+      require 'sorcery/model/submodules/reset_password'
+      require 'sorcery/model/submodules/remember_me'
+      require 'sorcery/model/submodules/activity_logging'
+      require 'sorcery/model/submodules/brute_force_protection'
+      require 'sorcery/model/submodules/external'
     end
   end
-  autoload :Controller, 'sorcery/controller'
+
+  require 'sorcery/controller'
+
   module Controller
+    autoload :Config, 'sorcery/controller/config'
     module Submodules
-      autoload :RememberMe, 'sorcery/controller/submodules/remember_me'
-      autoload :SessionTimeout, 'sorcery/controller/submodules/session_timeout'
-      autoload :BruteForceProtection, 'sorcery/controller/submodules/brute_force_protection'
-      autoload :HttpBasicAuth, 'sorcery/controller/submodules/http_basic_auth'
-      autoload :ActivityLogging, 'sorcery/controller/submodules/activity_logging'
-      autoload :External, 'sorcery/controller/submodules/external'
+      require 'sorcery/controller/submodules/remember_me'
+      require 'sorcery/controller/submodules/session_timeout'
+      require 'sorcery/controller/submodules/brute_force_protection'
+      require 'sorcery/controller/submodules/http_basic_auth'
+      require 'sorcery/controller/submodules/activity_logging'
+      require 'sorcery/controller/submodules/external'
     end
   end
+
   module Protocols
-    autoload :Oauth, 'sorcery/protocols/oauth'
-    autoload :Oauth2, 'sorcery/protocols/oauth2'
+    require 'sorcery/protocols/oauth'
+    require 'sorcery/protocols/oauth2'
   end
+
   module CryptoProviders
-    autoload :Common, 'sorcery/crypto_providers/common'
-    autoload :AES256, 'sorcery/crypto_providers/aes256'
-    autoload :BCrypt, 'sorcery/crypto_providers/bcrypt'
-    autoload :MD5,    'sorcery/crypto_providers/md5'
-    autoload :SHA1,   'sorcery/crypto_providers/sha1'
-    autoload :SHA256, 'sorcery/crypto_providers/sha256'
-    autoload :SHA512, 'sorcery/crypto_providers/sha512'
+    require 'sorcery/crypto_providers/common'
+    require 'sorcery/crypto_providers/aes256'
+    require 'sorcery/crypto_providers/bcrypt'
+    require 'sorcery/crypto_providers/md5'
+    require 'sorcery/crypto_providers/sha1'
+    require 'sorcery/crypto_providers/sha256'
+    require 'sorcery/crypto_providers/sha512'
   end
+
   module TestHelpers
-    autoload :Internal, 'sorcery/test_helpers/internal'
-    module Internal
-      autoload :Rails, 'sorcery/test_helpers/internal/rails'
-    end
-    autoload :Rails, 'sorcery/test_helpers/rails'
+    require 'sorcery/test_helpers/internal'
+
     module Rails
-      autoload :Controller, 'sorcery/test_helpers/rails/controller'
-      autoload :Integration, 'sorcery/test_helpers/rails/integration'
+      require 'sorcery/test_helpers/rails/controller'
+      require 'sorcery/test_helpers/rails/integration'
+    end
+
+    module Internal
+      require 'sorcery/test_helpers/internal/rails'
     end
 
   end
 
+  require 'sorcery/adapters/base_adapter'
+
   if defined?(ActiveRecord)
+    require 'sorcery/adapters/active_record_adapter'
     ActiveRecord::Base.extend Sorcery::Model
-    ActiveRecord::Base.send :include, Sorcery::Model::Adapters::ActiveRecord
+
+    ActiveRecord::Base.send :define_method, :sorcery_adapter do
+      @sorcery_adapter ||= Sorcery::Adapters::ActiveRecordAdapter.new(self)
+    end
+
+    ActiveRecord::Base.send :define_singleton_method, :sorcery_adapter do
+      Sorcery::Adapters::ActiveRecordAdapter.from(self)
+    end
   end
 
   if defined?(Mongoid)
+    require 'sorcery/adapters/mongoid_adapter'
     Mongoid::Document::ClassMethods.send :include, Sorcery::Model
-    Mongoid::Document::ClassMethods.send :include, Sorcery::Model::Adapters::Mongoid::ClassMethods
-    Mongoid::Document.send :include, Sorcery::Model::Adapters::Mongoid::InstanceMethods
+
+    Mongoid::Document.send :define_method, :sorcery_adapter do
+      @sorcery_adapter ||= Sorcery::Adapters::MongoidAdapter.new(self)
+    end
+
+    Mongoid::Document::ClassMethods.send :define_method, :sorcery_adapter do
+      Sorcery::Adapters::MongoidAdapter.from(self)
+    end
   end
 
   if defined?(MongoMapper)
-    MongoMapper::Document.send(:plugin, Sorcery::Model::Adapters::MongoMapper)
+    require 'sorcery/adapters/mongo_mapper_adapter'
+    MongoMapper::Document.send(:plugin, Sorcery::Adapters::MongoMapperAdapter::Wrapper)
   end
 
   if defined?(DataMapper)
+    require 'sorcery/adapters/data_mapper_adapter'
     DataMapper::Model.append_extensions(Sorcery::Model)
-    DataMapper::Model.append_inclusions(Sorcery::Model::Adapters::DataMapper)
+
+    DataMapper::Model.append_inclusions(Sorcery::Adapters::DataMapperAdapter::Wrapper)
   end
 
-  require 'sorcery/engine' if defined?(Rails) && Rails::VERSION::MAJOR >= 3
+  require 'sorcery/engine' if defined?(Rails)
 end

data/lib/sorcery/adapters/active_record_adapter.rb

@@ -0,0 +1,120 @@
+module Sorcery
+  module Adapters
+    class ActiveRecordAdapter < BaseAdapter
+      def update_attributes(attrs)
+        attrs.each do |name, value|
+          @model.send(:"#{name}=", value)
+        end
+        primary_key = @model.class.primary_key
+        @model.class.where(:"#{primary_key}" => @model.send(:"#{primary_key}")).update_all(attrs)
+      end
+
+      def save(options = {})
+        mthd = options.delete(:raise_on_failure) ? :save! : :save
+        @model.send(mthd, options)
+      end
+
+      def increment(field)
+        @model.increment!(field)
+      end
+
+      def find_authentication_by_oauth_credentials(relation_name, provider, uid)
+        @user_config ||= ::Sorcery::Controller::Config.user_class.to_s.constantize.sorcery_config
+        conditions = {
+          @user_config.provider_uid_attribute_name => uid,
+          @user_config.provider_attribute_name     => provider
+        }
+
+        @model.public_send(relation_name).where(conditions).first
+      end
+
+      class << self
+        def define_field(name, type, options={})
+          # AR fields are defined through migrations, only validator here
+        end
+
+        def define_callback(time, event, method_name, options={})
+          @klass.send "#{time}_#{event}", method_name, options.slice(:if)
+        end
+
+        def find_by_oauth_credentials(provider, uid)
+          @user_config ||= ::Sorcery::Controller::Config.user_class.to_s.constantize.sorcery_config
+          conditions = {
+            @user_config.provider_uid_attribute_name => uid,
+            @user_config.provider_attribute_name     => provider
+          }
+
+          @klass.where(conditions).first
+        end
+
+        def find_by_remember_me_token(token)
+          @klass.where(@klass.sorcery_config.remember_me_token_attribute_name => token).first
+        end
+
+        def find_by_credentials(credentials)
+          relation = nil
+
+          @klass.sorcery_config.username_attribute_names.each do |attribute|
+            if @klass.sorcery_config.downcase_username_before_authenticating
+              condition = @klass.arel_table[attribute].lower.eq(@klass.arel_table.lower(credentials[0]))
+            else
+              condition = @klass.arel_table[attribute].eq(credentials[0])
+            end
+
+            if relation.nil?
+              relation = condition
+            else
+              relation = relation.or(condition)
+            end
+          end
+
+          @klass.where(relation).first
+        end
+
+        def find_by_token(token_attr_name, token)
+          condition = @klass.arel_table[token_attr_name].eq(token)
+
+          @klass.where(condition).first
+        end
+
+        def find_by_activation_token(token)
+          @klass.where(@klass.sorcery_config.activation_token_attribute_name => token).first
+        end
+
+        def find_by_id(id)
+          @klass.find_by_id(id)
+        end
+
+        def find_by_username(username)
+          @klass.sorcery_config.username_attribute_names.each do |attribute|
+            if @klass.sorcery_config.downcase_username_before_authenticating
+              username = username.downcase
+            end
+
+            result = @klass.where(attribute => username).first
+            return result if result
+          end
+        end
+
+        def find_by_email(email)
+          @klass.where(@klass.sorcery_config.email_attribute_name => email).first
+        end
+
+        def get_current_users
+          config = @klass.sorcery_config
+
+          @klass
+            .where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
+            .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
+            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))
+        end
+
+        def transaction(&blk)
+          @klass.tap(&blk)
+        end
+      end
+    end
+
+
+  end
+end