sorcery 0.9.1 → 0.10.0

data/lib/generators/sorcery/templates/migration/activity_logging.rb

@@ -1,4 +1,4 @@
-class SorceryActivityLogging < ActiveRecord::Migration
+class SorceryActivityLogging < <%= migration_class_name %>
   def change
     add_column :<%= model_class_name.tableize %>, :last_login_at,     :datetime, :default => nil
     add_column :<%= model_class_name.tableize %>, :last_logout_at,    :datetime, :default => nil
@@ -7,4 +7,4 @@ class SorceryActivityLogging < ActiveRecord::Migration
 
     add_index :<%= model_class_name.tableize %>, [:last_logout_at, :last_activity_at]
   end
-end
+end

data/lib/generators/sorcery/templates/migration/brute_force_protection.rb

@@ -1,4 +1,4 @@
-class SorceryBruteForceProtection < ActiveRecord::Migration
+class SorceryBruteForceProtection < <%= migration_class_name %>
   def change
     add_column :<%= model_class_name.tableize %>, :failed_logins_count, :integer, :default => 0
     add_column :<%= model_class_name.tableize %>, :lock_expires_at, :datetime, :default => nil

data/lib/generators/sorcery/templates/migration/core.rb

@@ -1,13 +1,13 @@
-class SorceryCore < ActiveRecord::Migration
+class SorceryCore < <%= migration_class_name %>
   def change
     create_table :<%= model_class_name.tableize %> do |t|
       t.string :email,            :null => false
       t.string :crypted_password
       t.string :salt
 
-      t.timestamps
+      t.timestamps                :null => false
     end
 
     add_index :<%= model_class_name.tableize %>, :email, unique: true
   end
-end
+end

data/lib/generators/sorcery/templates/migration/external.rb

@@ -1,10 +1,10 @@
-class SorceryExternal < ActiveRecord::Migration
+class SorceryExternal < <%= migration_class_name %>
   def change
     create_table :authentications do |t|
       t.integer :<%= model_class_name.tableize.singularize %>_id, :null => false
       t.string :provider, :uid, :null => false
 
-      t.timestamps
+      t.timestamps              :null => false
     end
 
     add_index :authentications, [:provider, :uid]

data/lib/generators/sorcery/templates/migration/remember_me.rb

@@ -1,8 +1,8 @@
-class SorceryRememberMe < ActiveRecord::Migration
+class SorceryRememberMe < <%= migration_class_name %>
   def change
     add_column :<%= model_class_name.tableize %>, :remember_me_token, :string, :default => nil
     add_column :<%= model_class_name.tableize %>, :remember_me_token_expires_at, :datetime, :default => nil
 
     add_index :<%= model_class_name.tableize %>, :remember_me_token
   end
-end
+end

data/lib/generators/sorcery/templates/migration/reset_password.rb

@@ -1,4 +1,4 @@
-class SorceryResetPassword < ActiveRecord::Migration
+class SorceryResetPassword < <%= migration_class_name %>
   def change
     add_column :<%= model_class_name.tableize %>, :reset_password_token, :string, :default => nil
     add_column :<%= model_class_name.tableize %>, :reset_password_token_expires_at, :datetime, :default => nil
@@ -6,4 +6,4 @@ class SorceryResetPassword < ActiveRecord::Migration
 
     add_index :<%= model_class_name.tableize %>, :reset_password_token
   end
-end
+end

data/lib/generators/sorcery/templates/migration/user_activation.rb

@@ -1,4 +1,4 @@
-class SorceryUserActivation < ActiveRecord::Migration
+class SorceryUserActivation < <%= migration_class_name %>
   def change
     add_column :<%= model_class_name.tableize %>, :activation_state, :string, :default => nil
     add_column :<%= model_class_name.tableize %>, :activation_token, :string, :default => nil
@@ -6,4 +6,4 @@ class SorceryUserActivation < ActiveRecord::Migration
 
     add_index :<%= model_class_name.tableize %>, :activation_token
   end
-end
+end

data/lib/sorcery.rb

@@ -1,7 +1,6 @@
 require 'sorcery/version'
 
 module Sorcery
-
   require 'sorcery/model'
 
   module Adapters
@@ -12,7 +11,6 @@ module Sorcery
     require 'sorcery/model/temporary_token'
     require 'sorcery/model/config'
 
-
     module Submodules
       require 'sorcery/model/submodules/user_activation'
       require 'sorcery/model/submodules/reset_password'
@@ -63,7 +61,6 @@ module Sorcery
     module Internal
       require 'sorcery/test_helpers/internal/rails'
     end
-
   end
 
   require 'sorcery/adapters/base_adapter'
@@ -81,30 +78,5 @@ module Sorcery
     end
   end
 
-  if defined?(Mongoid)
-    require 'sorcery/adapters/mongoid_adapter'
-    Mongoid::Document::ClassMethods.send :include, Sorcery::Model
-
-    Mongoid::Document.send :define_method, :sorcery_adapter do
-      @sorcery_adapter ||= Sorcery::Adapters::MongoidAdapter.new(self)
-    end
-
-    Mongoid::Document::ClassMethods.send :define_method, :sorcery_adapter do
-      Sorcery::Adapters::MongoidAdapter.from(self)
-    end
-  end
-
-  if defined?(MongoMapper)
-    require 'sorcery/adapters/mongo_mapper_adapter'
-    MongoMapper::Document.send(:plugin, Sorcery::Adapters::MongoMapperAdapter::Wrapper)
-  end
-
-  if defined?(DataMapper)
-    require 'sorcery/adapters/data_mapper_adapter'
-    DataMapper::Model.append_extensions(Sorcery::Model)
-
-    DataMapper::Model.append_inclusions(Sorcery::Adapters::DataMapperAdapter::Wrapper)
-  end
-
   require 'sorcery/engine' if defined?(Rails)
 end

data/lib/sorcery/adapters/active_record_adapter.rb

@@ -29,11 +29,11 @@ module Sorcery
       end
 
       class << self
-        def define_field(name, type, options={})
+        def define_field(name, type, options = {})
           # AR fields are defined through migrations, only validator here
         end
 
-        def define_callback(time, event, method_name, options={})
+        def define_callback(time, event, method_name, options = {})
           @klass.send "#{time}_#{event}", method_name, options.slice(:if)
         end
 
@@ -61,11 +61,11 @@ module Sorcery
               condition = @klass.arel_table[attribute].eq(credentials[0])
             end
 
-            if relation.nil?
-              relation = condition
-            else
-              relation = relation.or(condition)
-            end
+            relation = if relation.nil?
+                         condition
+                       else
+                         relation.or(condition)
+                       end
           end
 
           @klass.where(relation).first
@@ -100,21 +100,10 @@ module Sorcery
           @klass.where(@klass.sorcery_config.email_attribute_name => email).first
         end
 
-        def get_current_users
-          config = @klass.sorcery_config
-
-          @klass
-            .where("#{config.last_activity_at_attribute_name} IS NOT NULL") \
-            .where("#{config.last_logout_at_attribute_name} IS NULL OR #{config.last_activity_at_attribute_name} > #{config.last_logout_at_attribute_name}") \
-            .where("#{config.last_activity_at_attribute_name} > ? ", config.activity_timeout.seconds.ago.utc.to_s(:db))
-        end
-
         def transaction(&blk)
           @klass.tap(&blk)
         end
       end
     end
-
-
   end
 end

data/lib/sorcery/controller.rb

@@ -5,7 +5,7 @@ module Sorcery
         include InstanceMethods
         Config.submodules.each do |mod|
           begin
-            include Submodules.const_get(mod.to_s.split('_').map { |p| p.capitalize }.join)
+            include Submodules.const_get(mod.to_s.split('_').map(&:capitalize).join)
           rescue NameError
             # don't stop on a missing submodule.
           end
@@ -16,13 +16,13 @@ module Sorcery
     end
 
     module InstanceMethods
-      # To be used as before_filter.
+      # To be used as before_action.
       # Will trigger auto-login attempts via the call to logged_in?
       # If all attempts to auto-login fail, the failure callback will be called.
       def require_login
-        if !logged_in?
-          session[:return_to_url] = request.url if Config.save_return_to_url && request.get?
-          self.send(Config.not_authenticated_action)
+        unless logged_in?
+          session[:return_to_url] = request.url if Config.save_return_to_url && request.get? && !request.xhr?
+          send(Config.not_authenticated_action)
         end
       end
 
@@ -34,7 +34,7 @@ module Sorcery
         if user
           old_session = session.dup.to_hash
           reset_sorcery_session
-          old_session.each_pair do |k,v|
+          old_session.each_pair do |k, v|
             session[k.to_sym] = v
           end
           form_authenticity_token
@@ -59,11 +59,11 @@ module Sorcery
       # Resets the session and runs hooks before and after.
       def logout
         if logged_in?
-          @current_user = current_user if @current_user.nil?
-          before_logout!(@current_user)
-          reset_sorcery_session
-          after_logout!
+          user = current_user
+          before_logout!
           @current_user = nil
+          reset_sorcery_session
+          after_logout!(user)
         end
       end
 
@@ -87,7 +87,7 @@ module Sorcery
       # used when a user tries to access a page while logged out, is asked to login,
       # and we want to return him back to the page he originally wanted.
       def redirect_back_or_to(url, flash_hash = {})
-        redirect_to(session[:return_to_url] || url, :flash => flash_hash)
+        redirect_to(session[:return_to_url] || url, flash: flash_hash)
         session[:return_to_url] = nil
       end
 
@@ -102,7 +102,7 @@ module Sorcery
       #
       # @param [<User-Model>] user the user instance.
       # @return - do not depend on the return value.
-      def auto_login(user, should_remember = false)
+      def auto_login(user, _should_remember = false)
         session[:user_id] = user.id.to_s
         @current_user = user
       end
@@ -132,26 +132,24 @@ module Sorcery
       end
 
       def after_login!(user, credentials = [])
-        Config.after_login.each {|c| self.send(c, user, credentials)}
+        Config.after_login.each { |c| send(c, user, credentials) }
       end
 
       def after_failed_login!(credentials)
-        Config.after_failed_login.each {|c| self.send(c, credentials)}
+        Config.after_failed_login.each { |c| send(c, credentials) }
       end
 
-      def before_logout!(user)
-        Config.before_logout.each {|c| self.send(c, user)}
+      def before_logout!
+        Config.before_logout.each { |c| send(c) }
       end
 
-      def after_logout!
-        Config.after_logout.each {|c| self.send(c)}
+      def after_logout!(user)
+        Config.after_logout.each { |c| send(c, user) }
       end
 
       def user_class
         @user_class ||= Config.user_class.to_s.constantize
       end
-
     end
-
-	end
+  end
 end

data/lib/sorcery/controller/config.rb

@@ -2,21 +2,22 @@ module Sorcery
   module Controller
     module Config
       class << self
-        attr_accessor :submodules,
-                      :user_class,                    # what class to use as the user class.
-                      :not_authenticated_action,      # what controller action to call for non-authenticated users.
+        attr_accessor :submodules
+        # what class to use as the user class.
+        attr_accessor :user_class
+        # what controller action to call for non-authenticated users.
+        attr_accessor :not_authenticated_action
+        # when a non logged in user tries to enter a page that requires login,
+        # save the URL he wanted to reach, and send him there after login.
+        attr_accessor :save_return_to_url
+        # set domain option for cookies
+        attr_accessor :cookie_domain
 
-                      :save_return_to_url,            # when a non logged in user tries to enter a page that requires
-                                                      # login, save the URL he wanted to reach,
-                                                      # and send him there after login.
-
-                      :cookie_domain,                 # set domain option for cookies
-
-                      :login_sources,
-                      :after_login,
-                      :after_failed_login,
-                      :before_logout,
-                      :after_logout
+        attr_accessor :login_sources
+        attr_accessor :after_login
+        attr_accessor :after_failed_login
+        attr_accessor :before_logout
+        attr_accessor :after_logout
 
         def init!
           @defaults = {
@@ -35,14 +36,14 @@ module Sorcery
 
         # Resets all configuration options to their default values.
         def reset!
-          @defaults.each do |k,v|
-            instance_variable_set(k,v)
+          @defaults.each do |k, v|
+            instance_variable_set(k, v)
           end
         end
 
         def update!
-          @defaults.each do |k,v|
-            instance_variable_set(k,v) if !instance_variable_defined?(k)
+          @defaults.each do |k, v|
+            instance_variable_set(k, v) unless instance_variable_defined?(k)
           end
         end
 
@@ -58,6 +59,7 @@ module Sorcery
           @configure_blk.call(self) if @configure_blk
         end
       end
+
       init!
       reset!
     end

data/lib/sorcery/controller/submodules/activity_logging.rb

@@ -25,8 +25,7 @@ module Sorcery
                 @defaults.merge!(:@register_login_time         => true,
                                  :@register_logout_time        => true,
                                  :@register_last_activity_time => true,
-                                 :@register_last_ip_address    => true
-                                 )
+                                 :@register_last_ip_address    => true)
               end
             end
             merge_activity_logging_defaults!
@@ -34,31 +33,24 @@ module Sorcery
           Config.after_login    << :register_login_time_to_db
           Config.after_login    << :register_last_ip_address
           Config.before_logout  << :register_logout_time_to_db
-          base.after_filter :register_last_activity_time_to_db
+          base.after_action :register_last_activity_time_to_db
         end
 
         module InstanceMethods
-          # Returns an array of the active users.
-          def current_users
-            ActiveSupport::Deprecation.warn("Sorcery: `current_users` method is deprecated. Read more on Github: https://github.com/NoamB/sorcery/issues/602")
-
-            user_class.current_users
-          end
-
           protected
 
           # registers last login time on every login.
           # This runs as a hook just after a successful login.
-          def register_login_time_to_db(user, credentials)
+          def register_login_time_to_db(user, _credentials)
             return unless Config.register_login_time
             user.set_last_login_at(Time.now.in_time_zone)
           end
 
           # registers last logout time on every logout.
           # This runs as a hook just before a logout.
-          def register_logout_time_to_db(user)
+          def register_logout_time_to_db
             return unless Config.register_logout_time
-            user.set_last_logout_at(Time.now.in_time_zone)
+            current_user.set_last_logout_at(Time.now.in_time_zone)
           end
 
           # Updates last activity time on every request.
@@ -71,9 +63,9 @@ module Sorcery
 
           # Updates IP address on every login.
           # This runs as a hook just after a successful login.
-          def register_last_ip_address(user, credentials)
+          def register_last_ip_address(_user, _credentials)
             return unless Config.register_last_ip_address
-            current_user.set_last_ip_addess(request.remote_ip)
+            current_user.set_last_ip_address(request.remote_ip)
           end
         end
       end

data/lib/sorcery/controller/submodules/brute_force_protection.rb

@@ -16,7 +16,6 @@ module Sorcery
         end
 
         module InstanceMethods
-
           protected
 
           # Increments the failed logins counter on every failed login.
@@ -28,7 +27,7 @@ module Sorcery
 
           # Resets the failed logins counter.
           # Runs as a hook after a successful login.
-          def reset_failed_logins_count!(user, credentials)
+          def reset_failed_logins_count!(user, _credentials)
             user.sorcery_adapter.update_attribute(user_class.sorcery_config.failed_logins_count_attribute_name, 0)
           end
         end

data/lib/sorcery/controller/submodules/external.rb

@@ -19,6 +19,9 @@ module Sorcery
           require 'sorcery/providers/google'
           require 'sorcery/providers/jira'
           require 'sorcery/providers/salesforce'
+          require 'sorcery/providers/paypal'
+          require 'sorcery/providers/slack'
+          require 'sorcery/providers/wechat'
 
           Config.module_eval do
             class << self
@@ -87,19 +90,18 @@ module Sorcery
           end
 
           # for backwards compatibility
-          def access_token(*args)
+          def access_token(*_args)
             @access_token
           end
 
-
           # this method should be somewhere else.  It only does something once per application per provider.
           def sorcery_fixup_callback_url(provider)
             provider.original_callback_url ||= provider.callback_url
             if provider.original_callback_url.present? && provider.original_callback_url[0] == '/'
-              uri = URI.parse(request.url.gsub(/\?.*$/,''))
+              uri = URI.parse(request.url.gsub(/\?.*$/, ''))
               uri.path = ''
               uri.query = nil
-              uri.scheme = 'https' if(request.env['HTTP_X_FORWARDED_PROTO'] == 'https')
+              uri.scheme = 'https' if request.env['HTTP_X_FORWARDED_PROTO'] == 'https'
               host = uri.to_s
               provider.callback_url = "#{host}#{@provider.original_callback_url}"
             end
@@ -139,7 +141,7 @@ module Sorcery
             current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s)
           end
 
-          # Initialize new user from provider informations.
+          # Initialize new user from provider informations.
           # If a provider doesn't give required informations or username/email is already taken,
           # we store provider/user infos into a session and can be rendered into registration form
           def create_and_validate_from(provider_name)
@@ -150,12 +152,14 @@ module Sorcery
 
             user, saved = user_class.create_and_validate_from_provider(provider_name, @user_hash[:uid], attrs)
 
-            session[:incomplete_user] = {
-              :provider => {config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name},
-              :user_hash => attrs
-            } unless saved
+            unless saved
+              session[:incomplete_user] = {
+                provider: { config.provider_uid_attribute_name => @user_hash[:uid], config.provider_attribute_name => provider_name },
+                user_hash: attrs
+              }
+            end
 
-            return user
+            user
           end
 
           # this method automatically creates a new user from the data in the external user hash.
@@ -184,15 +188,19 @@ module Sorcery
 
           def user_attrs(user_info_mapping, user_hash)
             attrs = {}
-            user_info_mapping.each do |k,v|
-              if (varr = v.split("/")).size > 1
-                attribute_value = varr.inject(user_hash[:user_info]) {|hash, value| hash[value]} rescue nil
+            user_info_mapping.each do |k, v|
+              if (varr = v.split('/')).size > 1
+                attribute_value = begin
+                                    varr.inject(user_hash[:user_info]) { |hash, value| hash[value] }
+                                  rescue
+                                    nil
+                                  end
                 attribute_value.nil? ? attrs : attrs.merge!(k => attribute_value)
               else
                 attrs.merge!(k => user_hash[:user_info][v])
               end
             end
-            return attrs
+            attrs
           end
         end
       end