sparkly-auth 1.0.2 → 1.1.0

data/lib/auth/behavior/remember_me/configuration.rb

@@ -1,20 +1,17 @@
-class Auth::Behavior::RememberMe::Configuration
+class Auth::Behavior::RememberMe::Configuration < Auth::Behavior::Base::Configuration
   # Message to be displayed in flash[:error] when a likely theft of the remember token has been detected.
+  #
+  # Default:
+  #  "Your account may have been hijacked recently! Verify that all settings are correct."
   attr_accessor :token_theft_message
   
   # How long can a user stay logged in?
+  #
+  # Default:
+  #  6.months
   attr_accessor :duration
   
-  # Provides a handle back to the root configuration object.
-  attr_reader :configuration
-  
-  # Returns true if the root configuration object's behaviors include :remember_me.
-  def enabled?
-    configuration.behaviors.include? :remember_me
-  end
-  
-  def initialize(configuration)
-    @configuration = configuration
+  def defaults!
     @token_theft_message = "Your account may have been hijacked recently! Verify that all settings are correct."
     @duration = 6.months
   end

data/lib/auth/behavior/remember_me/controller_extensions.rb

@@ -55,7 +55,7 @@ module Auth::Behavior::RememberMe::ControllerExtensions
                   :authenticate_current_user_with_remembrance, :authenticate_with_remembrance_token,
                   :set_remembrance_token_cookie, :handle_remembrance_token_theft, :logout_with_remembrance!,
                   :logout_without_remembrance!
-      
+
       unless method_defined?(:login_without_remembrance!)
         alias_method_chain :login!, :remembrance
         alias_method_chain :logout!, :remembrance

data/lib/auth/behavior_lookup.rb

@@ -1,10 +1,10 @@
 module Auth::BehaviorLookup
   def lookup_behavior(behavior)
-    name = behavior.to_s.underscore
-    if name[/^auth\/behavior\//]
-      behavior.to_s.camelize.constantize
+    name = behavior.to_s.camelize
+    if name[/^Auth::Behavior::/]
+      name.constantize
     else
-      "auth/behavior/#{name}".camelize.constantize
+      "Auth::Behavior::#{name}".constantize
     end
   end
 end

data/lib/auth/builtin_behaviors.rb

@@ -0,0 +1,3 @@
+# Registers built-in behaviors
+
+Auth::Configuration.register_behavior('remember_me', Auth::Behavior::RememberMe)

data/lib/auth/configuration.rb

@@ -1,35 +1,68 @@
 module Auth
   class Configuration
     include Auth::BehaviorLookup
+    delegate :configuration_keys, :to => 'self.class'
     
+    # The array of Auth::Model instances which represent the models which will be authenticated.
+    # See also #authenticate
+    attr_accessor :authenticated_models
+    
+    include Auth::Configuration::Keys
+
     class << self
       include Auth::BehaviorLookup
 
+      def add_option_delegator_for(key)
+        define_method :"#{key}_with_option_delegation=" do |value|
+          res = send("#{key}_without_option_delegation=", value)
+          authenticated_models.each { |model| model.set_default_option(key, value) }
+          res
+        end
+
+        alias_method_chain :"#{key}=", :option_delegation
+      end
+      
+      def add_configuration_key_with_delegation(*keys)
+        keys = keys.flatten
+        eig = class << Auth; self; end
+        eig.instance_eval { delegate *[keys, {:to => :configuration}].flatten }
+        add_configuration_key_without_delegation(*keys)
+      end
+      
+      def attr_accessor_with_delegator(*keys)
+        result = attr_accessor_without_delegator(*keys)
+        keys.flatten.each { |key| add_option_delegator_for(key) }
+        result
+      end
+
+      def attr_writer_with_delegator(*keys)
+        result = attr_writer_without_delegator(*keys)
+        keys.flatten.each { |key| add_option_delegator_for(key) }
+        result
+      end
+      
+      alias_method_chain :add_configuration_key, :delegation
+      alias_method_chain :attr_writer,   :delegator
+      alias_method_chain :attr_accessor, :delegator
+
       def behavior_configs
         @behavior_configs ||= []
+        @behavior_configs
       end
       
-      def register_behavior(name)
-        behavior_class = lookup_behavior(name)
+      def register_behavior(name, behavior_class = lookup_behavior(name))
         # If the behavior has a configuration, add it to self.
         accessor_name = name
         name = "#{behavior_class.name}::Configuration"
-        behavior_configs << [ accessor_name, name.constantize ]
+        # we do this so that we can raise NameError now, not later.
+        behavior_configs << [ accessor_name, name.constantize.name ]
         # eg Auth.remember_me.something = 5
         Auth.class.delegate accessor_name, :to => :configuration
       rescue NameError
         # Presumably, the behavior does not have a configuration.
       end
     end
-
-    # IS there a better way to do this?? I'm dying to find it...
-    Dir[File.join(File.dirname(__FILE__), "behavior/*.rb")].each do |fi|
-      unless fi[/\/base.rb$/]
-        const_name = fi.gsub(/^#{Regexp::escape File.dirname(__FILE__)}\/behavior\/(.*)\.rb$/, '\1')
-        register_behavior(const_name)
-      end
-    end
-
+    
     # The message to display when the user creates an account.
     #
     # Default:
@@ -60,10 +93,6 @@ module Auth
     #  "Account is locked due to too many invalid attempts."
     attr_accessor :account_locked_message
     
-    # The array of Auth::Model instances which represent the models which will be authenticated.
-    # See also #authenticate
-    attr_accessor :authenticated_models
-    
     # The NAME of the controller to use as a base controller. All Sparkly controllers will subclass
     # this, and methods such as current_user will be added to it. Defaults to 'application'.
     #
@@ -211,6 +240,10 @@ module Auth
     #  "You have been signed out due to inactivity. Please sign in again."
     attr_accessor :session_timeout_message
     
+    def behavior=(*args, &block) #:nodoc:
+      send(:behaviors=, *args, &block)
+    end
+    
     # Finds the controller with the same name as #base_controller_name and returns it.
     def base_controller
       "#{base_controller_name.to_s.camelize}Controller".constantize
@@ -218,6 +251,8 @@ module Auth
       begin
         base_controller_name.to_s.camelize.constantize
       rescue NameError
+        # reraise the original error because '_controller' should have been omitted by convention. Also,
+        # the backtrace will be more useful.
         raise err
       end
     end
@@ -239,8 +274,14 @@ module Auth
       @generate_routes
     end
     
+    # this was documented as an accessor, but is expected to always be an Array.
+    def behaviors_with_conversion_to_array=(*args) #:nodoc:
+      self.behaviors_without_conversion_to_array = args.flatten
+    end
+    alias_method_chain :behaviors=, :conversion_to_array
+    
     def initialize
-      @password_format = /(^(?=.*\d)(?=.*[a-zA-Z]).{7,}$)/
+      @password_format = /(?=[-_a-zA-Z0-9]*?[A-Z])(?=[-_a-zA-Z0-9]*?[a-z])(?=[-_a-zA-Z0-9]*?[0-9])[-_a-zA-Z0-9]{7,}/
       @password_format_message = "must contain at least 1 uppercase, 1 lowercase and 1 number"
       @minimum_password_length = 7
       @path = File.expand_path(File.join(File.dirname(__FILE__), '..'))
@@ -272,25 +313,30 @@ module Auth
       @login_after_signup = false
       
       self.class.behavior_configs.each do |accessor_name, config_klass|
-        instance_variable_set("@#{accessor_name}", config_klass.new(self))
+        instance_variable_set("@#{accessor_name}", config_klass.constantize.new(self))
         singleton = (class << self; self; end)
         singleton.send(:define_method, accessor_name) { instance_variable_get("@#{accessor_name}") }
       end
     end
     
     def apply!
-      # Apply behaviors to controllers
-      behaviors.each do |behavior_name|
-        behavior = lookup_behavior(behavior_name)
-        behavior.apply_to_controllers
-      end
-
+      # all configurations are now applied through Auth::Model. If no models are being authenticated,
+      # then no authentication should be possible -- so what is there to apply?
+      
       # Apply options to authenticated models
       authenticated_models.each do |model|
         model.apply_options!
       end
     end
     
+    def to_hash_with_subconfigs #:nodoc:
+      self.class.behavior_configs.inject(to_hash_without_subconfigs) do |hash, (accessor_name, constant_name)|
+        hash[accessor_name.to_sym] = send(accessor_name)
+        hash
+      end
+    end
+    alias_method_chain :to_hash, :subconfigs
+    
     # Accepts a list of model names (or the models themselves) and an optional set of options which
     # govern how the models will be authenticated.
     #
@@ -311,7 +357,7 @@ module Auth
         if model = authenticated_models.find(name)
           model.merge_options! options
         else
-          authenticated_models << Auth::Model.new(name, options)
+          authenticated_models << Auth::Model.new(name, options, to_hash)
         end
       end
     end

data/lib/auth/configuration/keys.rb

@@ -0,0 +1,50 @@
+module Auth
+  class Configuration
+    # When included by a configuration object, the Keys module will override #attr_reader, #attr_writer and
+    # #attr_accessor to add configuration keys for each. A #to_hash instance method is generated which will
+    # this object into a Hash containing only the registered keys.
+    #
+    module Keys
+      # Returns this configuration as a Hash
+      def to_hash
+        configuration_keys.inject({}) do |hash, key|
+          hash[key] = send(key)
+          hash
+        end
+      end
+      
+      def configuration_keys
+        self.class.configuration_keys
+      end
+
+      def self.included(base)
+        base.class_eval do
+          class << self
+            def configuration_keys
+              @configuration_keys ||= []
+            end
+      
+            def add_configuration_key(*keys)
+              configuration_keys.concat keys.flatten
+            end
+      
+            def attr_reader(*args) #:nodoc:
+              add_configuration_key(*args)
+              super
+            end
+      
+            def attr_writer(*args) #:nodoc:
+              add_configuration_key(*args)
+              super
+            end
+      
+            def attr_accessor(*args) #:nodoc:
+              add_configuration_key(*args)
+              super
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/auth/engine.rb

@@ -0,0 +1,33 @@
+require 'rails'
+require 'sc-core-ext'
+require File.expand_path(File.join(File.dirname(__FILE__), '../auth'))
+
+module Auth
+  class Engine < Rails::Engine
+    paths.lib             << File.join(Auth.path)
+    paths.app.controllers << File.join(Auth.path, "../app/controllers")
+    paths.app.helpers     << File.join(Auth.path, '../app/helpers')
+    paths.app.models      << File.join(Auth.path, "../app/models")
+    paths.app.views       << File.join(Auth.path, "../app/views")
+    paths.config.routes   << File.join(Auth.path, "../rails/routes_rails3.rb")
+    
+    config.autoload_paths << Auth.path
+    config.autoload_once_paths << Auth.path
+    
+    generators do
+      require File.join(File.dirname(__FILE__), '../../generators/sparkly/sparkly_generator')
+    end
+    
+    rake_tasks do
+      load File.join(File.dirname(__FILE__), 'tasks/migrations.rb')
+    end
+
+    config.before_initialize do
+      require_dependency File.join(File.dirname(__FILE__), "builtin_behaviors")
+    end
+    
+    config.to_prepare do
+      Auth.kick! unless Auth.defer_kickstart?
+    end
+  end
+end

data/lib/auth/generators/views_generator.rb

@@ -12,11 +12,20 @@ class Auth::Generators::ViewsGenerator < Rails::Generator::NamedBase
       m.directory resource_directory = File.join("app/views", model.accounts_controller.underscore)
       m.directory sessions_directory = File.join("app/views", model.sessions_controller.underscore)
       
-      %w(edit new show).each do |f|
-        m.file "views/sparkly_accounts/#{f}.html.erb", File.join(resource_directory, "#{f}.html.erb")
-      end
+      resource_directory = File.join("app/views", model.accounts_controller.underscore)
+      sessions_directory = File.join("app/views", model.sessions_controller.underscore)
       
-      m.file "views/sparkly_sessions/new.html.erb", File.join(sessions_directory, "new.html.erb")
+      base = File.join(source_root, "views/sparkly_accounts")
+      Dir[File.join(base, "**/*")].each do |fi|
+        fi.gsub!(/^#{Regexp::escape base}/, '')
+        m.file(File.join("views/sparkly_accounts", fi), File.join(resource_directory, fi))
+      end
+
+      base = File.join(source_root, "views/sparkly_sessions")
+      Dir[File.join(base, "**/*")].each do |fi|
+        fi.gsub!(/^#{Regexp::escape base}/, '')
+        m.file(File.join("views/sparkly_sessions", fi), File.join(sessions_directory, fi))
+      end
     end
   end
   

data/lib/auth/model.rb

@@ -1,25 +1,46 @@
 class Auth::Model
   module Authenticated
     def self.included(base)
-      base.send(:cattr_accessor, :sparkly_config)
+      base.instance_eval do
+        cattr_accessor :sparkly_config
+        alias auth_config sparkly_config
+      end
     end
   end
   
-  
   def self.option(name, default = name)
     define_method(name) do
-      self.options[name] ||= Auth.configuration.send(default)
+      self.options[name] ||= send(default)
+    end
+  end
+  
+  # check missing methods to see if they're looking for configuration options
+  def method_missing(name, *args, &block) #:nodoc:
+    option_name, assignment = (name.to_s.gsub(/\=$/, '')), $~ # lose the equals sign, and remember if it existed
+
+    if (_options = options).keys.select { |key| key.to_s == option_name }.empty?
+      super
+    else
+      if assignment
+        _options[option_name.to_sym] = args.flatten
+      else
+        _options[option_name.to_sym]
+      end
     end
   end
   
   include Auth::BehaviorLookup
-  attr_reader :options
-  option :behaviors
-  option :password_update_frequency
+#  attr_reader :options
+#  option :behaviors
+#  option :password_update_frequency
   option :accounts_controller, :default_accounts_controller_name
   option :sessions_controller, :default_sessions_controller_name
   delegate :name, :table_name, :to => :target
   
+  def options
+    @options.reverse_merge(default_options)
+  end
+  
   # Options include:
   #   :behaviors                 => an array of behaviors to override Auth.configuration.behaviors
   #   :password_update_frequency => a time (ie 30.days) to override Auth.configuration.password_update_frequency
@@ -29,7 +50,10 @@ class Auth::Model
   #   :accounts_controller       => the name of the controller to route to for creating accounts, deleting them, etc.
   #   :sessions_controller       => the name of the controller to route to for logging in, logging out, etc.
   #
-  def initialize(name_or_constant, options = {})
+  def initialize(name_or_constant, options = {}, default_options = {})
+    @options = (options || {}).dup
+    send(:default_options).merge! default_options
+
     begin
       @target = resolve(name_or_constant).name
     rescue NameError
@@ -37,17 +61,15 @@ class Auth::Model
       # to do it now.
       @target = name_or_constant.to_s.camelize
     end
-    
-    @options = options.reverse_merge(default_options)
   end
   
   def target
-    returning @target.constantize do |klass|
-      unless klass.include?(Auth::Model::Authenticated)
-        klass.send(:include, Auth::Model::Authenticated)
-        klass.sparkly_config = self
-      end
+    klass = @target.constantize
+    unless klass.include?(Auth::Model::Authenticated)
+      klass.send(:include, Auth::Model::Authenticated)
+      klass.sparkly_config = self
     end
+    klass
   end
   
   # Returns true if the specified String, Symbol or constant resolves to the same constant affected by this Model.
@@ -62,13 +84,28 @@ class Auth::Model
   
   # Merges the specified hash of options with this Model's hash of options. Same as model.options.merge!(options)
   def merge_options!(options)
-    self.options.merge! options
+    @options.merge! options
   end
   
   def apply_options!
     apply_behaviors!
   end
   
+  def default_options
+    @default_options ||= {
+      :key => :email,
+      :with => :password
+    }.merge(Auth.configuration.to_hash)
+  end
+  
+  def default_options=(hash)
+    default_options.merge!(hash)
+  end
+  
+  def set_default_option(key, value)
+    default_options[key] = value
+  end
+
   private
   def apply_behaviors!
     behaviors.each do |behavior|
@@ -84,11 +121,4 @@ class Auth::Model
       else name_or_constant
     end
   end
-  
-  def default_options
-  {
-    :key => :email,
-    :with => :password
-  }
-  end
 end