sorcery 0.8.6 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 73519a45c58c078688dd72b3ef7dc52b2b05ba92
-  data.tar.gz: a715fe10e2de64c09d76ec93e658849dd3b9112b
+  metadata.gz: f79fec92f71b24d1507e3848c0c943e3b8e7a6ed
+  data.tar.gz: bf2cfc0eb30778fbb3eb85f896a9b73811a179c4
 SHA512:
-  metadata.gz: 08d0df3e5b8970ec81233d6dbb373cdabb4ff0e219dce27c7c790756507a36d683557ca11d19b70ea8e85217646ef20259892b6e0ee55f8d35c7d25cfb8df636
-  data.tar.gz: 66cb33e9e89b23036e1470bf0b937da42e68828ecdb821bc736b471cf938c23fa9eb53911ac35050704748ebdfd1790caa27af12ee97fdd26b58c7fae4cf30f9
+  metadata.gz: d48170391dc1db75bb8bc88ce444ecc8d957796e0aaf96c29cafc4a01493689bc52e47ecaa5c0968c3aced147d623d2623f9dbe56e3dfdf46bf5309b005345f6
+  data.tar.gz: 4101544b567f3cb86c02bda20721a864b9c32fb688d62e64e7eee7fc0672614d06e0d8c004c8fa494113a9c834c1a09df1be91454ee00ee58865fcd31d01d7e0

data/.gitignore

@@ -52,4 +52,5 @@ spec/rails_app/log/*
 *.sqlite3
 Gemfile*.lock
 gemfiles/*.lock
-.ruby-version
+.ruby-version
+tags

data/.travis.yml

@@ -8,30 +8,19 @@ services: mongodb
 
 gemfile:
   - Gemfile
-  - Gemfile.rails4
 
 env:
   - "SORCERY_ORM=active_record"
   - "SORCERY_ORM=mongoid"
   - "SORCERY_ORM=mongo_mapper"
-  - "SORCERY_ORM=datamapper"
+  - "SORCERY_ORM=data_mapper"
 
 before_script:
   - mysql -e 'create database sorcery_test;'
 
 matrix:
-  exclude:
-    - rvm: 1.9.3
-      gemfile: Gemfile.rails4
-      env: "SORCERY_ORM=datamapper"
-
-    - rvm: 2.0.0
-      gemfile: Gemfile.rails4
-      env: "SORCERY_ORM=datamapper"
-
-    - rvm: 2.1
-      gemfile: Gemfile.rails4
-      env: "SORCERY_ORM=datamapper"
+  allow_failures:
+    - rvm: :jruby
 
   include:
     - rvm: 1.9.3
@@ -46,6 +35,10 @@ matrix:
       gemfile: gemfiles/mongoid-rails41.gemfile
       env: "SORCERY_ORM=mongoid"
 
+    - rvm: jruby
+      gemfile: gemfiles/mongoid-rails41.gemfile
+      env: "SORCERY_ORM=mongoid"
+
     - rvm: 1.9.3
       gemfile: gemfiles/mongo_mapper-rails41.gemfile
       env: "SORCERY_ORM=mongo_mapper"
@@ -58,6 +51,10 @@ matrix:
       gemfile: gemfiles/mongo_mapper-rails41.gemfile
       env: "SORCERY_ORM=mongo_mapper"
 
+    - rvm: jruby
+      gemfile: gemfiles/mongo_mapper-rails41.gemfile
+      env: "SORCERY_ORM=mongo_mapper"
+
     - rvm: 1.9.3
       gemfile: gemfiles/active_record-rails41.gemfile
       env: "SORCERY_ORM=active_record"
@@ -69,3 +66,67 @@ matrix:
     - rvm: 2.1
       gemfile: gemfiles/active_record-rails41.gemfile
       env: "SORCERY_ORM=active_record"
+
+    - rvm: jruby
+      gemfile: gemfiles/active_record-rails41.gemfile
+      env: "SORCERY_ORM=active_record"
+
+    - rvm: 1.9.3
+      gemfile: gemfiles/mongoid-rails40.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: 2.0.0
+      gemfile: gemfiles/mongoid-rails40.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: 2.1
+      gemfile: gemfiles/mongoid-rails40.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: jruby
+      gemfile: gemfiles/mongoid-rails40.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: 1.9.3
+      gemfile: gemfiles/mongo_mapper-rails40.gemfile
+      env: "SORCERY_ORM=mongo_mapper"
+
+    - rvm: 2.0.0
+      gemfile: gemfiles/mongo_mapper-rails40.gemfile
+      env: "SORCERY_ORM=mongo_mapper"
+
+    - rvm: 2.1
+      gemfile: gemfiles/mongo_mapper-rails40.gemfile
+      env: "SORCERY_ORM=mongo_mapper"
+
+    - rvm: jruby
+      gemfile: gemfiles/mongo_mapper-rails40.gemfile
+      env: "SORCERY_ORM=mongo_mapper"
+
+    - rvm: 1.9.3
+      gemfile: gemfiles/active_record-rails40.gemfile
+      env: "SORCERY_ORM=active_record"
+
+    - rvm: 2.0.0
+      gemfile: gemfiles/active_record-rails40.gemfile
+      env: "SORCERY_ORM=active_record"
+
+    - rvm: 2.1
+      gemfile: gemfiles/active_record-rails40.gemfile
+      env: "SORCERY_ORM=active_record"
+
+    - rvm: jruby
+      gemfile: gemfiles/active_record-rails40.gemfile
+      env: "SORCERY_ORM=active_record"
+
+    - rvm: 1.9.3
+      gemfile: gemfiles/mongoid3-rails32.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: 2.0.0
+      gemfile: gemfiles/mongoid3-rails32.gemfile
+      env: "SORCERY_ORM=mongoid"
+
+    - rvm: 2.1
+      gemfile: gemfiles/mongoid3-rails32.gemfile
+      env: "SORCERY_ORM=mongoid"

data/CHANGELOG.md

@@ -1,6 +1,28 @@
 # Changelog
 
-## 0.8.6 (not released)
+## 1.0 (not released yet)
+
+* Adapters (Mongoid, MongoMapper, DataMapper) are now separated from the core Sorcery repo and moved under `sorcery-rails` organization. Special thanks to @juike!
+
+## 0.9.0
+
+* Sending emails works with Rails 4.2 (thanks to @wooly)
+* Added `valid_password?` method
+* Added support for JIRA OAuth (thanks to @camilasan)
+* Added support for Heroku OAuth (thanks to @tyrauber)
+* Added support for Salesforce OAuth (thanks to @supremebeing7)
+* Added support for Mongoid 4
+* Fixed issues with empty passwords (thanks to @Borzik)
+* `find_by_provider_and_uid` method was replaced with `find_by_oauth_credentials`
+* Sorcery::VERSION constant was added to allow easy version check
+* `@user.setup_activation` method was made to be public (thanks @iTakeshi)
+* `current_users` method is deprecated
+* Fetching email from VK auth, thanks to @makaroni4
+* Add logged_in? method to test_helpers (thanks to @oriolbcn)
+* #locked? method is now public API (thanks @rogercampos)
+* Introduces a new User instance method `generate_reset_password_token` to generate a new reset password token without sending an email (thanks to @tbuehl)
+
+## 0.8.6
 
 * `current_user` returns `nil` instead of `false` if there's no user loggd in (#493)
 * MongoMapper adapter does not override `save!` method anymore. However due to ORM's lack of support for `validate: false` in `save!`, the combination of `validate: false` and `raise_on_failure: true` is not possible in MongoMapper. The errors will not be raised in this situation. (#151)

data/Gemfile

@@ -2,6 +2,7 @@ source 'https://rubygems.org'
 
 gem 'rails', '~> 3.2'
 gem 'sqlite3'
+gem 'pry'
 
 group :mongomapper do
   gem 'mongo_mapper'

data/README.md

@@ -1,5 +1,6 @@
 [![Build Status](https://travis-ci.org/NoamB/sorcery.svg?branch=master)](https://travis-ci.org/NoamB/sorcery)
 [![Code Climate](https://codeclimate.com/github/NoamB/sorcery.png)](https://codeclimate.com/github/NoamB/sorcery)
+[![Inline docs](http://inch-ci.org/github/NoamB/sorcery.png?branch=master)](http://inch-ci.org/github/NoamB/sorcery)
 
 # sorcery
 Magical Authentication for Rails 3 and 4. Supports ActiveRecord,
@@ -9,9 +10,11 @@ Inspired by restful_authentication, Authlogic and Devise. Crypto code taken
 almost unchanged from Authlogic. OAuth code inspired by OmniAuth and Ryan
 Bates's railscasts about it.
 
-**Rails 4 status:** [Sorcery 0.8.5](http://rubygems.org/gems/sorcery/versions/0.8.5) is fully tested and ready for Rails 4.0.
+**What's happening now?** We are working on 1.0 version, which will include some API-breaking changes. It should be released about April 2015.
+Until then we'll continue releasing `0.9.x` version with bug fixed.
 
-**Rails 4.1 status:** Sorcery 0.8.6 (to be released, currently in master branch) works with Rails 4.1
+**Rails 4 status:** [Sorcery 0.9.0](http://rubygems.org/gems/sorcery/versions/0.9.0) is fully tested and ready for Rails 4.0, 4.1 and 4.2.
+**Mongoid status:** Version 0.9.0 works with Mongoid 4.
 
 https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication
 
@@ -33,94 +36,116 @@ can write your own authentication flow. It was built with a few goals in mind:
 
 Hopefully, I've achieved this. If not, let me know.
 
-## Useful Links:
+## Useful Links
 
-Railscast: http://railscasts.com/episodes/283-authentication-with-sorcery
+[Documentation](http://rubydoc.info/gems/sorcery) |
+[Railscast](http://railscasts.com/episodes/283-authentication-with-sorcery) | [Simple tutorial](https://github.com/NoamB/sorcery/wiki/Simple-Password-Authentication) | [Example Rails 3 app](https://github.com/NoamB/sorcery-example-app)
 
-Example Rails 3 app using sorcery:
-https://github.com/NoamB/sorcery-example-app
-
-Documentation: http://rubydoc.info/gems/sorcery
-
-Check out the tutorials in the github wiki!
+Check out the tutorials in the [Wiki](https://github.com/NoamB/sorcery/wiki) for more!
 
 ## API Summary
 
 Below is a summary of the library methods. Most method names are self
 explaining and the rest are commented:
 
-    # core
-    require_login # this is a before filter
-    login(email, password, remember_me = false)
-    auto_login(user)# login without credentials
-    logout
-    logged_in?      # available to view
-    current_user    # available to view
-    redirect_back_or_to # used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
-    @user.external? # external users, such as facebook/twitter etc.
-    User.authenticates_with_sorcery!
-
-    # activity logging
-    current_users
-
-    # http basic auth
-    require_login_from_http_basic # this is a before filter
-
-    # external
-    login_at(provider) # sends the user to an external service (twitter etc.) to authenticate.
-    login_from(provider) # tries to login from the external provider's callback.
-    create_from(provider) # create the user in the local app db.
-
-    # remember me
-    auto_login(user, should_remember=false)  # login without credentials, optional remember_me
-    remember_me!
-    forget_me!
-
-    # reset password
-    User.load_from_reset_password_token(token)
-    @user.deliver_reset_password_instructions!
-    @user.change_password!(new_password)
-
-    # user activation
-    User.load_from_activation_token(token)
-    @user.activate!
+
+### core
+```ruby
+require_login # this is a before filter
+login(email, password, remember_me = false)
+auto_login(user)# login without credentials
+logout
+logged_in?      # available to view
+current_user    # available to view
+redirect_back_or_to # used when a user tries to access a page while logged out, is asked to login, and we want to return him back to the page he originally wanted.
+@user.external? # external users, such as facebook/twitter etc.
+User.authenticates_with_sorcery!
+```
+
+### http basic auth
+```ruby
+require_login_from_http_basic # this is a before filter
+```
+
+### external
+```ruby
+login_at(provider) # sends the user to an external service (twitter etc.) to authenticate.
+login_from(provider) # tries to login from the external provider's callback.
+create_from(provider) # create the user in the local app db.
+```
+
+### remember me
+```ruby
+auto_login(user, should_remember=false)  # login without credentials, optional remember_me
+remember_me!
+forget_me!
+```
+
+### reset password
+```ruby
+User.load_from_reset_password_token(token)
+@user.generate_reset_password_token! # if you want to send the email by youself
+@user.deliver_reset_password_instructions! # generates the token and sends the email
+@user.change_password!(new_password)
+```
+
+### user activation
+```ruby
+User.load_from_activation_token(token)
+@user.setup_activation
+@user.activate!
+```
 
 Please see the tutorials in the github wiki for detailed usage information.
 
-## Installation:
+## Installation
 
 If using bundler, first add 'sorcery' to your Gemfile:
 
-    gem "sorcery"
+```ruby
+gem "sorcery"
+```
 
 And run
 
-    bundle install
+```ruby
+bundle install
+```
 
 Otherwise simply
 
-    gem install sorcery
+```ruby
+gem install sorcery
+```
 
-## Rails configuration:
+## Rails configuration
 
-    rails generate sorcery:install
+```bash
+rails generate sorcery:install
+```
 
 This will generate the core migration file, the initializer file and the
 'User' model class.
 
-    rails generate sorcery:install remember_me reset_password
+```bash
+rails generate sorcery:install remember_me reset_password
+```
 
 This will generate the migrations files for remember_me and reset_password
 submodules and will create the initializer file (and add submodules to it),
 and create the 'User' model class.
 
-    rails generate sorcery:install --model Person
+```bash
+rails generate sorcery:install --model Person
+```
 
 This will generate the core migration file, the initializer and change the
 model class (in the initializer and migration files) to the class 'Person'
 (and its pluralized version, 'people')
 
-    rails generate sorcery:install http_basic_auth external remember_me --migrations
+```bash
+rails generate sorcery:install http_basic_auth external remember_me --only-submodules
+```
 
 This will generate only the migration files for the specified submodules and
 will add them to the initializer file.
@@ -136,25 +161,29 @@ After implementing the `delayed_job` into your project add the code below at
 the end of the `config/initializers/sorcery.rb` file. After that all emails
 will be sent asynchronously.
 
-    module Sorcery
-      module Model
-        module InstanceMethods
-          def generic_send_email(method, mailer)
-            config = sorcery_config
-            mail = config.send(mailer).delay.send(config.send(method), self)
-          end
-        end
+```ruby
+module Sorcery
+  module Model
+    module InstanceMethods
+      def generic_send_email(method, mailer)
+        config = sorcery_config
+        mail = config.send(mailer).delay.send(config.send(method), self)
       end
     end
+  end
+end
+```
 
 Sidekiq and Resque integrations are coming soon.
 
 ## Single Table Inheritance (STI) Support
 STI is supported via a single setting in config/initializers/sorcery.rb.
 
-## Full Features List by module:
+## Full Features List by module
+
+**Core** (see [lib/sorcery/model.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model.rb) and
+[lib/sorcery/controller.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller.rb)):
 
-Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
 *   login/logout, optional return user to requested url on login, configurable
     redirect for non-logged-in users.
 *   password encryption, algorithms: bcrypt(default), md5, sha1, sha256,
@@ -163,7 +192,8 @@ Core (see lib/sorcery/model.rb and lib/sorcery/controller.rb):
 *   allow multiple fields to serve as username.
 
 
-User Activation (see lib/sorcery/model/submodules/user_activation.rb):
+**User Activation** (see [lib/sorcery/model/submodules/user_activation.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/user_activation.rb)):
+
 *   User activation by email with optional success email.
 *   configurable attribute names.
 *   configurable mailer, method name, and attribute name.
@@ -171,37 +201,41 @@ User Activation (see lib/sorcery/model/submodules/user_activation.rb):
 *   Optionally prevent non-active users to login.
 
 
-Reset Password (see lib/sorcery/model/submodules/reset_password.rb):
+**Reset Password** (see [lib/sorcery/model/submodules/reset_password.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/reset_password.rb)):
+
 *   Reset password with email verification.
 *   configurable mailer, method name, and attribute name.
 *   configurable temporary token expiration.
 *   configurable time between emails (hammering protection).
 
 
-Remember Me (see lib/sorcery/model/submodules/remember_me.rb):
+**Remember Me** (see [lib/sorcery/model/submodules/remember_me.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/remember_me.rb)):
+
 *   Remember me with configurable expiration.
 *   configurable attribute names.
 
 
-Session Timeout (see lib/sorcery/controller/submodules/session_timeout.rb):
+**Session Timeout** (see [lib/sorcery/controller/submodules/session_timeout.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/session_timeout.rb)):
+
 *   Configurable session timeout.
 *   Optionally session timeout will be calculated from last user action.
 
 
-Brute Force Protection (see
-lib/sorcery/model/submodules/brute_force_protection.rb):
+**Brute Force Protection** (see [lib/sorcery/model/submodules/brute_force_protection.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/brute_force_protection.rb)):
+
 *   Brute force login hammering protection.
 *   configurable logins before lock and lock duration.
 
 
-Basic HTTP Authentication (see
-lib/sorcery/controller/submodules/http_basic_auth.rb):
+**Basic HTTP Authentication** (see [lib/sorcery/controller/submodules/http_basic_auth.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/http_basic_auth.rb)):
+
 *   A before filter for requesting authentication with HTTP Basic.
 *   automatic login from HTTP Basic.
 *   automatic login is disabled if session key changed.
 
 
-Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
+**Activity Logging** (see [lib/sorcery/model/submodules/activity_logging.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/model/submodules/activity_logging.rb)):
+
 *   automatic logging of last login, last logout, last activity time and IP
     address for last login.
 *   an easy method of collecting the list of currently logged in users.
@@ -209,15 +243,17 @@ Activity Logging (see lib/sorcery/model/submodules/activity_logging.rb):
     list of logged in users.
 
 
-External (see lib/sorcery/controller/submodules/external.rb):
-*   OAuth1 and OAuth2 support (currently: Twitter, Facebook, Github, Google,
-    LinkedIn, VK, LiveID and Xing)
+**External** (see [lib/sorcery/controller/submodules/external.rb](https://github.com/NoamB/sorcery/blob/master/lib/sorcery/controller/submodules/external.rb)):
+
+*   OAuth1 and OAuth2 support (currently: Twitter, Facebook, Github, Google, Heroku,
+    LinkedIn, VK, LiveID, Xing, and Salesforce)
 *   configurable db field names and authentications table.
 
 
-## Next Planned Features:
+## Next Planned Features
 
 I've got some thoughts which include (unordered):
+
 *   Passing a block to encrypt, allowing the developer to define his own mix
     of salting and encrypting
 *   Forgot username, maybe as part of the reset_password module
@@ -252,20 +288,26 @@ Important notes:
 *   Usage: include DataMapper::Resource in user model, follow sorcery
     instructions (remember to add property id, validators and accessor
 attributes such as password and password_confirmation)
-*   Option downcase__username_before_authenticating and dm-mysql, 
+*   Option downcase__username_before_authenticating and dm-mysql,
     http://datamapper.lighthouseapp.com/projects/20609/tickets/1105-add-support-for-definingchanging-default-collation
 
 ## Upgrading
 
 Important notes while upgrading:
 
+*   If you are upgrading from <= **0.8.6** and you use Sorcery model methods in your app,
+    you might need to change them from `user.method` to `user.sorcery_adapter.method` and from
+    `User.method` to `User.sorcery_adapter_method`
+
 *   If you are upgrading from <= **0.8.5** and you're using Sorcery test helpers,
     you need to change the way you include them to following code:
 
-        RSpec.configure do |config|
-          config.include Sorcery::TestHelpers::Rails::Controler, type: [:controller]
-          config.include Sorcery::TestHelpers::Rails::Integration, type: [:feature]
-        end
+    ```ruby
+    RSpec.configure do |config|
+      config.include Sorcery::TestHelpers::Rails::Controller, type: :controller
+      config.include Sorcery::TestHelpers::Rails::Integration, type: :feature
+    end
+    ```
 
 *   If are upgrading to **0.8.2** and use activity_logging feature with
     ActiveRecord, you will have to add a new column
@@ -274,12 +316,15 @@ Important notes while upgrading:
 *   Sinatra support existed until **v0.7.0** (including), but was dropped
     later due to being a maintenance nightmare.
 *   If upgrading from <= **0.6.1 to >= **0.7.0** you need to change
-    'username_attribute_name' to 'username_attribute_names' in initializer.
+    'username
+    _attribute_name' to 'username_attribute_names' in initializer.
 *   If upgrading from <= **v0.5.1** to >= **v0.5.2** you need to explicitly
     set your user_class model in the initializer file.
 
-        # This line must come after the 'user config' block.
-        config.user_class = User
+    ```ruby
+    # This line must come after the 'user config' block.
+    config.user_class = User
+    ```
 
 
 ## Contributing to sorcery
@@ -314,7 +359,13 @@ email: shatrov@me.com
 
 twitter: @Kiiiir
 
+#### Grzegorz Witek
+
+email: arnvald.to@gmail.com
+
+twitter: @arnvald
+
 ## Copyright
 
-Copyright (c) 2010 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
+Copyright (c) 2010-2014 Noam Ben Ari (nbenari@gmail.com). See LICENSE.txt for
 further details.