sparkly-auth 1.0.2 → 1.1.0

data/spec_env/rails3/config/environments/production.rb

@@ -0,0 +1,49 @@
+Rails3::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
+
+  # The production environment is meant for finished, "live" apps.
+  # Code is not reloaded between requests
+  config.cache_classes = true
+
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Specifies the header that your server uses for sending files
+  config.action_dispatch.x_sendfile_header = "X-Sendfile"
+
+  # For nginx:
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
+
+  # If you have no front-end server that supports something like X-Sendfile,
+  # just comment this out and Rails will serve the files
+
+  # See everything in the log (default is :info)
+  # config.log_level = :debug
+
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
+
+  # Use a different cache store in production
+  # config.cache_store = :mem_cache_store
+
+  # Disable Rails's static asset server
+  # In production, Apache or nginx will already do this
+  config.serve_static_assets = false
+
+  # Enable serving of images, stylesheets, and javascripts from an asset server
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable threaded mode
+  # config.threadsafe!
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found)
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners
+  config.active_support.deprecation = :notify
+end

data/spec_env/rails3/config/environments/spec.rb

@@ -0,0 +1,35 @@
+Rails3::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = false
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Use SQL instead of Active Record's schema dumper when creating the test database.
+  # This is necessary if your schema can't be completely dumped by the schema dumper,
+  # like if you have constraints or database-specific column types
+  # config.active_record.schema_format = :sql
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end

data/spec_env/rails3/config/environments/test.rb

@@ -0,0 +1,43 @@
+Rails3::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = true
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Use SQL instead of Active Record's schema dumper when creating the test database.
+  # This is necessary if your schema can't be completely dumped by the schema dumper,
+  # like if you have constraints or database-specific column types
+  # config.active_record.schema_format = :sql
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+
+  # Add all builtin behaviors. Since we can't reload in cucumber, we have to test other configs using rspec and only test
+  # overall function in Cuke. We use #to_prepare because Auth doesn't exist yet.
+  config.after_initialize do
+    Auth.configuration.behaviors = :core, :remember_me
+    # this is because Auth kicks itself before this block can fire. It is safe to kick twice thanks to behavior tracking.
+    Auth.kick!
+  end
+end

data/spec_env/rails3/config/initializers/backtrace_silencers.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!

data/spec_env/rails3/config/initializers/inflections.rb

@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end

data/spec_env/rails3/config/initializers/mime_types.rb

@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone

data/spec_env/rails3/config/initializers/secret_token.rb

@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Rails3::Application.config.secret_token = '0df7cff8ccf90d0d87953515ab242d797311300b8b3c5a7ac10b0d883d4055a37a35b65fa0a6bedb0aba4e840789fdd04a29566f31e93403e93b9ede8e88269d'

data/spec_env/rails3/config/initializers/session_store.rb

@@ -0,0 +1,8 @@
+# Be sure to restart your server when you modify this file.
+
+Rails3::Application.config.session_store :cookie_store, :key => '_rails3_session'
+
+# Use the database for sessions instead of the cookie-based default,
+# which shouldn't be used to store highly confidential information
+# (create the session table with "rake db:sessions:create")
+# Rails3::Application.config.session_store :active_record_store

data/spec_env/rails3/config/initializers/sparkly_authentication.rb

@@ -0,0 +1,30 @@
+# This file sets up Sparkly Auth to work properly with Rails. It was generated
+# by "script/generate sparkly config" and can be regenerated with that command, though 
+# you may not want to actually do that if you've made changes to this file.
+#
+# You are also HIGHLY encouraged to check out the Auth::Configuration class documentation
+# for a list of all the options you can set here. There are a LOT of them.
+#
+Auth.configure do |config|
+  config.authenticate :user
+    # Adds a model to be authenticated. See the Auth::Model class for information on
+    # what options you can pass. Here are some common examples:
+    #  
+    #   config.authenticate :user, :accounts_controller => "users", :sessions_controller => "user_sessions"
+    #   config.authenticate :user, :key => "login"
+    #
+    # By default, :key is "email" and the controllers are Sparkly's internal controllers.
+    # (Don't forget you can also script/generate controllers or script/generate views to
+    # remove the overhead of setting up your own.)
+    #
+  
+  # You can also configure the various behaviors (as long as they support configurations):
+  #  config.remember_me.token_theft_message =
+  #      "Your account may have been hijacked recently! Verify that all settings are correct."
+  #
+  #  config.remember_me.duration = 6.months
+  #
+  # See the class documentation for the behaviors' configurations themselves for details
+  # about these options. (For example, see Auth::Behaviors::RememberMe::Configuration for
+  # the Remember Me configuration options.)
+end

data/spec_env/rails3/config/locales/en.yml

@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+  hello: "Hello world"

data/spec_env/rails3/config/routes.rb

@@ -0,0 +1,61 @@
+Rails3::Application.routes.draw do
+  root :to => "application#not_found"
+  #match ':controller(/:action(/:id(.:format)))'
+
+  # The priority is based upon order of creation:
+  # first created -> highest priority.
+
+  # Sample of regular route:
+  #   match 'products/:id' => 'catalog#view'
+  # Keep in mind you can assign values other than :controller and :action
+
+  # Sample of named route:
+  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
+  # This route can be invoked with purchase_url(:id => product.id)
+
+  # Sample resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Sample resource route with options:
+  #   resources :products do
+  #     member do
+  #       get :short
+  #       post :toggle
+  #     end
+  #
+  #     collection do
+  #       get :sold
+  #     end
+  #   end
+
+  # Sample resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Sample resource route with more complex sub-resources
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get :recent, :on => :collection
+  #     end
+  #   end
+
+  # Sample resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+
+  # You can have the root of your site routed with "root"
+  # just remember to delete public/index.html.
+  # root :to => "welcome#index"
+
+  # See how all your routes lay out with "rake routes"
+
+  # This is a legacy wild controller route that's not recommended for RESTful applications.
+  # Note: This route will make all actions in every controller accessible via GET requests.
+  # match ':controller(/:action(/:id(.:format)))'
+end

data/spec_env/rails3/db/migrate/001_create_sparkly_passwords.rb

@@ -0,0 +1,19 @@
+class CreateSparklyPasswords < ActiveRecord::Migration
+  def self.up
+    create_table :passwords do |t|
+      t.string :secret
+      t.string :salt
+      
+      t.string :persistence_token   # the token stored in cookies to persist the user's session
+      t.string :single_access_token # used to authenticate a user for a single request. This is not persisted.
+      t.string :perishable_token    # used in confirming an account, usually via email
+      
+      t.references :authenticatable, :polymorphic => true
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :passwords
+  end
+end

data/spec_env/rails3/db/migrate/002_create_sparkly_remembered_tokens.rb

@@ -0,0 +1,15 @@
+class CreateSparklyRememberedTokens < ActiveRecord::Migration
+  def self.up
+    create_table :remembrance_tokens do |t|
+      t.string :series_token
+      t.string :remembrance_token
+      
+      t.references :authenticatable, :polymorphic => true
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :remembrance_tokens
+  end
+end

data/spec_env/rails3/db/migrate/20100810132843_create_users.rb

@@ -0,0 +1,13 @@
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :email
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/spec_env/rails3/db/schema.rb

@@ -0,0 +1,42 @@
+# This file is auto-generated from the current state of the database. Instead 
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your 
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 20100810132843) do
+
+  create_table "passwords", :force => true do |t|
+    t.string   "secret"
+    t.string   "salt"
+    t.string   "persistence_token"
+    t.string   "single_access_token"
+    t.string   "perishable_token"
+    t.integer  "authenticatable_id"
+    t.string   "authenticatable_type"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  create_table "remembrance_tokens", :force => true do |t|
+    t.string   "series_token"
+    t.string   "remembrance_token"
+    t.integer  "authenticatable_id"
+    t.string   "authenticatable_type"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+  create_table "users", :force => true do |t|
+    t.string   "email"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/spec_env/rails3/db/seeds.rb

@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
+#   Mayor.create(:name => 'Daley', :city => cities.first)

data/spec_env/rails3/doc/README_FOR_APP

@@ -0,0 +1,2 @@
+Use this README file to introduce your application and point to useful places in the API for learning more.
+Run "rake doc:app" to generate API documentation for your models, controllers, helpers, and libraries.

data/spec_env/rails3/doc/sparkly_authentication.txt

@@ -0,0 +1,56 @@
+I'll assume you know what Sparkly Authentication is since it seems
+to be installed. If that assumption is incorrect, you should check
+out the Sparkly Authentication readme instead.
+
+So let's get right into usage. This text was generated by the Sparkly
+command-line generator, invoked via:
+
+  script/generate sparkly help
+
+Depending on what arguments are attached, this generator is capable
+of producing various different results. So let's go through them one
+at a time, in the most common order...
+
+0. Usually the first thing you'll want to do is generate the models
+   which will actually be authenticated, such as a User model. See
+   the Rails Guides for more details on that. You don't need to
+   actually run the migrations yet, however.
+
+1. After you know which models will be authenticated, you're ready
+   to invoke the Sparkly Config generator:
+
+   script/generate sparkly config
+   
+   This will generate a Rails Initializer in config/initializers that
+   will be used to set up Sparkly during runtime. This tells it what
+   encryption type to use, which models to authenticate, and so on.
+   You should take a look at this file to make sure the configuration
+   is what you are expecting. Do that. Now.
+   
+2. You also need to generate the database table which stores the 
+   password information -- I'm talking about migrations!
+   
+   script/generate sparkly migrations
+   
+4. Run the server and try it out. See how things feel. If you want
+   more control over the views (and you should), you can generate
+   them like so:
+   
+     script/generate sparkly views
+     
+   Their final resting place basically depends on what your Sparkly
+   config from Step 1 looks like. So I hope you double checked it.
+
+5. Finally, if you need control over the, er, controllers, you can go
+   ahead and generate them like so:
+   
+   script/generate sparkly controllers
+   
+   Note that exactly which controllers and how many of them will be
+   generated depends, once again, on your Sparkly config. Note also
+   that this will generate the corresponding views for you, so you
+   can skip step 4 if you already know you need to customize the
+   controllers.
+
+This file has been saved to doc/sparkly_authentication.txt for your
+reference.