spree_auth 0.70.7 → 1.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of spree_auth might be problematic. Click here for more details.
- data/LICENSE +2 -2
- data/README.md +0 -4
- data/app/controllers/resource_controller_decorator.rb +13 -13
- data/app/controllers/spree/admin/admin_controller_decorator.rb +19 -0
- data/app/controllers/spree/admin/admin_orders_controller_decorator.rb +14 -0
- data/app/controllers/spree/admin/admin_resource_controller_decorator.rb +3 -0
- data/app/controllers/spree/base_controller_decorator.rb +33 -32
- data/app/controllers/spree/checkout_controller_decorator.rb +41 -0
- data/app/controllers/spree/orders_controller_decorator.rb +15 -0
- data/app/controllers/{user_passwords_controller.rb → spree/user_passwords_controller.rb} +13 -14
- data/app/controllers/{user_registrations_controller.rb → spree/user_registrations_controller.rb} +11 -13
- data/app/controllers/{user_sessions_controller.rb → spree/user_sessions_controller.rb} +15 -17
- data/app/controllers/{users_controller.rb → spree/users_controller.rb} +8 -12
- data/app/helpers/spree/users_helper.rb +15 -0
- data/app/mailers/spree/user_mailer.rb +10 -0
- data/app/models/spree/ability.rb +65 -0
- data/app/models/spree/auth_configuration.rb +6 -0
- data/app/models/{spree_current_order_decorator.rb → spree/current_order_decorator.rb} +1 -3
- data/app/models/{order_decorator.rb → spree/order_decorator.rb} +1 -1
- data/app/models/spree/tokenized_permission.rb +5 -0
- data/app/models/spree/user.rb +87 -0
- data/app/overrides/auth_admin_login_navigation_bar.rb +2 -2
- data/app/overrides/auth_shared_login_bar.rb +2 -2
- data/app/views/spree/checkout/registration.html.erb +20 -0
- data/app/views/spree/layouts/admin/_login_nav.html.erb +8 -0
- data/app/views/{shared → spree/shared}/_flashes.html.erb +0 -0
- data/app/views/{shared → spree/shared}/_login.html.erb +3 -3
- data/app/views/spree/shared/_login_bar.html.erb +6 -0
- data/app/views/{shared → spree/shared}/_user_form.html.erb +1 -1
- data/app/views/{shared → spree/shared}/unauthorized.html.erb +0 -0
- data/app/views/{user_mailer → spree/user_mailer}/reset_password_instructions.text.erb +0 -0
- data/app/views/spree/user_passwords/edit.html.erb +15 -0
- data/app/views/spree/user_passwords/new.html.erb +13 -0
- data/app/views/spree/user_registrations/new.html.erb +22 -0
- data/app/views/{user_sessions → spree/user_sessions}/authorization_failure.html.erb +0 -0
- data/app/views/{user_sessions → spree/user_sessions}/new.html.erb +2 -2
- data/app/views/spree/users/edit.html.erb +11 -0
- data/app/views/{users → spree/users}/show.html.erb +2 -2
- data/config/initializers/devise.rb +6 -6
- data/config/locales/en.yml +5 -5
- data/config/routes.rb +12 -9
- data/db/default/users.rb +22 -12
- data/db/migrate/20101026184950_rename_columns_for_devise.rb +33 -33
- data/db/migrate/20101214150824_convert_user_remember_field.rb +7 -7
- data/db/migrate/20101217012656_create_tokenized_permissions.rb +3 -8
- data/db/migrate/20101219201531_tokens_for_legacy_orders.rb +7 -3
- data/db/migrate/20111007143030_namespace_tokenized_permission.rb +5 -0
- data/db/migrate/20111206075712_migrate_tokenized_permissions.rb +24 -0
- data/db/seeds.rb +1 -1
- data/lib/spree/auth/engine.rb +25 -0
- data/lib/spree/auth.rb +15 -0
- data/lib/spree/token_resource.rb +17 -17
- data/lib/spree_auth.rb +1 -24
- metadata +63 -55
- data/app/controllers/admin_controller_decorator.rb +0 -13
- data/app/controllers/admin_orders_controller_decorator.rb +0 -15
- data/app/controllers/admin_resource_controller_decorator.rb +0 -3
- data/app/controllers/checkout_controller_decorator.rb +0 -42
- data/app/controllers/orders_controller_decorator.rb +0 -17
- data/app/helpers/users_helper.rb +0 -13
- data/app/models/ability.rb +0 -64
- data/app/models/spree_auth_configuration.rb +0 -4
- data/app/models/tokenized_permission.rb +0 -3
- data/app/models/user.rb +0 -85
- data/app/models/user_mailer.rb +0 -13
- data/app/views/checkout/registration.html.erb +0 -20
- data/app/views/layouts/admin/_login_nav.html.erb +0 -8
- data/app/views/shared/_login_bar.html.erb +0 -6
- data/app/views/user_passwords/edit.html.erb +0 -15
- data/app/views/user_passwords/new.html.erb +0 -13
- data/app/views/user_registrations/new.html.erb +0 -22
- data/app/views/users/edit.html.erb +0 -11
- data/config/cucumber.yml +0 -10
- data/lib/spree/auth/config.rb +0 -22
@@ -0,0 +1,20 @@
|
|
1
|
+
<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
|
2
|
+
<h2><%= t(:registration) %></h2>
|
3
|
+
<div id="registration">
|
4
|
+
<div id="account">
|
5
|
+
<%= render :file => 'spree/user_sessions/new' %>
|
6
|
+
</div>
|
7
|
+
<% if Spree::Config[:allow_guest_checkout] %>
|
8
|
+
<div id="guest_checkout">
|
9
|
+
<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @order } %>
|
10
|
+
<h2><%= t(:guest_user_account) %></h2>
|
11
|
+
<%= form_for @order, :url => spree.update_checkout_registration_path, :html => { :method => :put, :id => 'checkout_form_registration'} do |f| %>
|
12
|
+
<p>
|
13
|
+
<%= f.label :email, t(:email) %><br />
|
14
|
+
<%= f.email_field :email, :class => 'title' %>
|
15
|
+
</p>
|
16
|
+
<p><%= f.submit t(:continue), :class => 'button primary' %></p>
|
17
|
+
<% end %>
|
18
|
+
</div>
|
19
|
+
<% end %>
|
20
|
+
</div>
|
@@ -0,0 +1,8 @@
|
|
1
|
+
<% if current_user %>
|
2
|
+
<ul id="login-nav">
|
3
|
+
<li><%= t(:logged_in_as) %>: <%= current_user.email %></li>
|
4
|
+
<li><%= link_to t(:account), spree.edit_user_path(current_user) %></li>
|
5
|
+
<li><%= link_to t(:logout), spree.destroy_user_session_path %></li>
|
6
|
+
<li><%= link_to t(:store), spree.products_path %></li>
|
7
|
+
</ul>
|
8
|
+
<% end %>
|
File without changes
|
@@ -1,8 +1,8 @@
|
|
1
|
-
<%= form_for :user, :url => user_session_path do |f| %>
|
1
|
+
<%= form_for :user, :url => spree.user_session_path do |f| %>
|
2
2
|
<div id="password-credentials">
|
3
3
|
<p>
|
4
4
|
<%= f.label :email, t(:email) %><br />
|
5
|
-
<%= f.
|
5
|
+
<%= f.email_field :email, :class => 'title' %>
|
6
6
|
</p>
|
7
7
|
<p>
|
8
8
|
<%= f.label :password, t(:password) %><br />
|
@@ -16,5 +16,5 @@
|
|
16
16
|
</label>
|
17
17
|
</p>
|
18
18
|
|
19
|
-
<p><%= f.submit t(:log_in), :class => 'button primary'%></p>
|
19
|
+
<p><%= f.submit t(:log_in), :class => 'button primary' %></p>
|
20
20
|
<% end %>
|
File without changes
|
File without changes
|
@@ -0,0 +1,15 @@
|
|
1
|
+
<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
|
2
|
+
<h2><%= t(:change_my_password) %></h2>
|
3
|
+
|
4
|
+
<%= form_for @user, :url => spree.user_password_path, :html => {:method => :put} do |f| %>
|
5
|
+
<p>
|
6
|
+
<%= f.label :password %><br />
|
7
|
+
<%= f.password_field :password %><br />
|
8
|
+
</p>
|
9
|
+
<p>
|
10
|
+
<%= f.label :password_confirmation %><br />
|
11
|
+
<%= f.password_field :password_confirmation %><br />
|
12
|
+
</p>
|
13
|
+
<%= f.hidden_field :reset_password_token %>
|
14
|
+
<%= f.submit t(:update_password), :class => 'button primary' %>
|
15
|
+
<% end %>
|
@@ -0,0 +1,13 @@
|
|
1
|
+
<h2><%= t(:forgot_password) %></h2>
|
2
|
+
|
3
|
+
<p><%= t(:instructions_to_reset_password) %></p>
|
4
|
+
|
5
|
+
<%= form_for Spree::User.new, :as => :user, :url => spree.user_password_path do |f| %>
|
6
|
+
<p>
|
7
|
+
<%= f.label :email, t(:email) %>:<br />
|
8
|
+
<%= f.email_field :email %>
|
9
|
+
</p>
|
10
|
+
<p>
|
11
|
+
<%= f.submit t(:reset_password), :class => 'button primary' %>
|
12
|
+
</p>
|
13
|
+
<% end %>
|
@@ -0,0 +1,22 @@
|
|
1
|
+
<% @body_id = 'signup' %>
|
2
|
+
|
3
|
+
<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
|
4
|
+
|
5
|
+
<div id="new-customer">
|
6
|
+
<h2><%= t(:new_customer) %></h2>
|
7
|
+
|
8
|
+
<div data-hook="signup">
|
9
|
+
|
10
|
+
<%= form_for :user, :url => spree.user_registration_path(@user) do |f| %>
|
11
|
+
<div data-hook="signup_inside_form"%>
|
12
|
+
<%= render :partial => 'spree/shared/user_form', :locals => { :f => f } %>
|
13
|
+
<p><%= f.submit t(:create), :class => 'button primary' %></p>
|
14
|
+
</div>
|
15
|
+
<% end %>
|
16
|
+
<%= t(:or) %> <%= link_to t(:login_as_existing), spree.login_path %>
|
17
|
+
|
18
|
+
</div>
|
19
|
+
|
20
|
+
</div>
|
21
|
+
|
22
|
+
<div data-hook="login_extras"></div>
|
File without changes
|
@@ -6,8 +6,8 @@
|
|
6
6
|
<div id="existing-customer">
|
7
7
|
<h2><%= t(:login_as_existing) %></h2>
|
8
8
|
<div data-hook="login">
|
9
|
-
<%= render :partial => 'shared/login' %>
|
10
|
-
<%= t(:or) %> <%= link_to t(:create_a_new_account), signup_path %> | <%= link_to t(:forgot_password), new_user_password_path %>
|
9
|
+
<%= render :partial => 'spree/shared/login' %>
|
10
|
+
<%= t(:or) %> <%= link_to t(:create_a_new_account), spree.signup_path %> | <%= link_to t(:forgot_password), spree.new_user_password_path %>
|
11
11
|
</div>
|
12
12
|
</div>
|
13
13
|
<div data-hook="login_extras"></div>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
|
2
|
+
|
3
|
+
<h2><%= t(:editing_user) %></h2>
|
4
|
+
|
5
|
+
<%= form_for @user, :url => spree.user_path(@user), :html => { :method => :put } do |f| %>
|
6
|
+
<%= render :partial => 'spree/shared/user_form', :locals => { :f => f } %>
|
7
|
+
<p>
|
8
|
+
<%= f.submit t(:update) %>
|
9
|
+
</p>
|
10
|
+
<% end %>
|
11
|
+
|
@@ -1,11 +1,11 @@
|
|
1
|
-
<h1><%=
|
1
|
+
<h1><%= accurate_title %></h1>
|
2
2
|
|
3
3
|
<div data-hook="account_summary">
|
4
4
|
<dl id="user-info">
|
5
5
|
<dt><%= t(:email) %></dt>
|
6
6
|
<dd><%= @user.email %></dd>
|
7
7
|
</dl>
|
8
|
-
<p><%= link_to t(:edit), edit_account_path %></p>
|
8
|
+
<p><%= link_to t(:edit), spree.edit_account_path %></p>
|
9
9
|
</div>
|
10
10
|
|
11
11
|
<div data-hook="account_my_orders">
|
@@ -3,10 +3,10 @@
|
|
3
3
|
Devise.setup do |config|
|
4
4
|
# ==> Mailer Configuration
|
5
5
|
# Configure the e-mail address which will be shown in DeviseMailer.
|
6
|
-
config.mailer_sender =
|
6
|
+
config.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
7
7
|
|
8
8
|
# Configure the class responsible to send e-mails.
|
9
|
-
config.mailer =
|
9
|
+
config.mailer = 'Spree::UserMailer'
|
10
10
|
|
11
11
|
# ==> ORM configuration
|
12
12
|
# Load and configure the ORM. Supports :active_record (default) and
|
@@ -32,7 +32,7 @@ Devise.setup do |config|
|
|
32
32
|
#config.http_authenticatable_on_xhr = false
|
33
33
|
|
34
34
|
# The realm used in Http Basic Authentication
|
35
|
-
config.http_authentication_realm =
|
35
|
+
config.http_authentication_realm = 'Spree Application'
|
36
36
|
|
37
37
|
# ==> Configuration for :database_authenticatable
|
38
38
|
# For bcrypt, this is the cost for hashing the password and defaults to 10. If
|
@@ -40,7 +40,7 @@ Devise.setup do |config|
|
|
40
40
|
config.stretches = 20
|
41
41
|
|
42
42
|
# Setup a pepper to generate the encrypted password.
|
43
|
-
config.pepper =
|
43
|
+
config.pepper = '0bfa9e2cb4a5efd0d976518a3d82e345060547913d2fd1dd2f32b0c8dbbbb5d3dc20b86d0fed31aca9513bccdf51643700ea277d9c64d9ce8ef886bf39293453'
|
44
44
|
|
45
45
|
# ==> Configuration for :confirmable
|
46
46
|
# The time you want to give your user to confirm his account. During this time
|
@@ -98,8 +98,8 @@ Devise.setup do |config|
|
|
98
98
|
config.token_authentication_key = :auth_token
|
99
99
|
|
100
100
|
# ==> Scopes configuration
|
101
|
-
# Turn scoped views on. Before rendering
|
102
|
-
#
|
101
|
+
# Turn scoped views on. Before rendering 'sessions/new', it will first check for
|
102
|
+
# 'users/sessions/new'. It's turned off by default because it's slower if you
|
103
103
|
# are using only default views.
|
104
104
|
# config.scoped_views = true
|
105
105
|
|
data/config/locales/en.yml
CHANGED
@@ -1,12 +1,12 @@
|
|
1
1
|
en:
|
2
2
|
errors:
|
3
3
|
messages:
|
4
|
-
not_found:
|
5
|
-
already_confirmed:
|
6
|
-
not_locked:
|
4
|
+
not_found: 'not found'
|
5
|
+
already_confirmed: 'was already confirmed'
|
6
|
+
not_locked: 'was not locked'
|
7
7
|
not_saved:
|
8
|
-
one:
|
9
|
-
other:
|
8
|
+
one: '1 error prohibited this %{resource} from being saved:'
|
9
|
+
other: '%{count} errors prohibited this %{resource} from being saved:'
|
10
10
|
devise:
|
11
11
|
failure:
|
12
12
|
unauthenticated: 'You need to sign in or sign up before continuing.'
|
data/config/routes.rb
CHANGED
@@ -1,18 +1,21 @@
|
|
1
|
-
|
1
|
+
Spree::Core::Engine.routes.draw do
|
2
2
|
devise_for :user,
|
3
|
-
:
|
4
|
-
|
5
|
-
:
|
3
|
+
:class_name => 'Spree::User',
|
4
|
+
:controllers => { :sessions => 'spree/user_sessions',
|
5
|
+
:registrations => 'spree/user_registrations',
|
6
|
+
:passwords => 'spree/user_passwords' },
|
6
7
|
:skip => [:unlocks, :omniauth_callbacks],
|
7
|
-
:path_names => { :sign_out => 'logout'}
|
8
|
+
:path_names => { :sign_out => 'logout' }
|
9
|
+
end
|
10
|
+
|
11
|
+
Spree::Core::Engine.routes.prepend do
|
8
12
|
resources :users, :only => [:edit, :update]
|
9
13
|
|
10
14
|
devise_scope :user do
|
11
|
-
get
|
12
|
-
get
|
15
|
+
get '/login' => 'user_sessions#new', :as => :login
|
16
|
+
get '/signup' => 'user_registrations#new', :as => :signup
|
13
17
|
end
|
14
18
|
|
15
|
-
|
16
19
|
match '/checkout/registration' => 'checkout#registration', :via => :get, :as => :checkout_registration
|
17
20
|
match '/checkout/registration' => 'checkout#update_registration', :via => :put, :as => :update_checkout_registration
|
18
21
|
|
@@ -23,6 +26,6 @@ Rails.application.routes.draw do
|
|
23
26
|
get :nav_bar
|
24
27
|
end
|
25
28
|
end
|
26
|
-
resource :account, :controller => "users"
|
27
29
|
|
30
|
+
resource :account, :controller => 'users'
|
28
31
|
end
|
data/db/default/users.rb
CHANGED
@@ -1,12 +1,14 @@
|
|
1
|
+
require 'highline/import'
|
2
|
+
|
1
3
|
# see last line where we create an admin if there is none, asking for email and password
|
2
4
|
def prompt_for_admin_password
|
3
5
|
password = ask('Password [spree123]: ', String) do |q|
|
4
6
|
q.echo = false
|
5
7
|
q.validate = /^(|.{5,40})$/
|
6
|
-
q.responses[:not_valid] =
|
8
|
+
q.responses[:not_valid] = 'Invalid password. Must be at least 5 characters long.'
|
7
9
|
q.whitespace = :strip
|
8
10
|
end
|
9
|
-
password =
|
11
|
+
password = 'spree123' if password.blank?
|
10
12
|
password
|
11
13
|
end
|
12
14
|
|
@@ -15,17 +17,16 @@ def prompt_for_admin_email
|
|
15
17
|
q.echo = true
|
16
18
|
q.whitespace = :strip
|
17
19
|
end
|
18
|
-
email =
|
20
|
+
email = 'spree@example.com' if email.blank?
|
19
21
|
email
|
20
22
|
end
|
21
23
|
|
22
24
|
def create_admin_user
|
23
25
|
if ENV['AUTO_ACCEPT']
|
24
|
-
password =
|
25
|
-
email =
|
26
|
+
password = 'spree123'
|
27
|
+
email = 'spree@example.com'
|
26
28
|
else
|
27
|
-
|
28
|
-
puts "Create the admin user (press enter for defaults)."
|
29
|
+
puts 'Create the admin user (press enter for defaults).'
|
29
30
|
#name = prompt_for_admin_name unless name
|
30
31
|
email = prompt_for_admin_email
|
31
32
|
password = prompt_for_admin_password
|
@@ -37,19 +38,28 @@ def create_admin_user
|
|
37
38
|
:login => email
|
38
39
|
}
|
39
40
|
|
40
|
-
load 'user.rb'
|
41
|
+
load 'spree/user.rb'
|
41
42
|
|
42
|
-
if User.find_by_email(email)
|
43
|
+
if Spree::User.find_by_email(email)
|
43
44
|
say "\nWARNING: There is already a user with the email: #{email}, so no account changes were made. If you wish to create an additional admin user, please run rake db:admin:create again with a different email.\n\n"
|
44
45
|
else
|
45
|
-
admin = User.create(attributes)
|
46
|
+
admin = Spree::User.create(attributes)
|
46
47
|
# create an admin role and and assign the admin user to that role
|
47
|
-
role = Role.find_or_create_by_name
|
48
|
+
role = Spree::Role.find_or_create_by_name 'admin'
|
48
49
|
admin.roles << role
|
49
50
|
admin.save
|
50
51
|
end
|
51
52
|
end
|
52
53
|
|
53
54
|
if Rails.env.development?
|
54
|
-
|
55
|
+
if Spree::User.admin.empty?
|
56
|
+
create_admin_user
|
57
|
+
else
|
58
|
+
puts 'Admin user has already been previously created.'
|
59
|
+
if agree('Would you like to create a new admin user? (yes/no)')
|
60
|
+
create_admin_user
|
61
|
+
else
|
62
|
+
puts 'No admin user created.'
|
63
|
+
end
|
64
|
+
end
|
55
65
|
end
|
@@ -1,39 +1,39 @@
|
|
1
1
|
class RenameColumnsForDevise < ActiveRecord::Migration
|
2
|
-
def
|
3
|
-
return if column_exists?(:
|
4
|
-
rename_column :
|
5
|
-
rename_column :
|
6
|
-
rename_column :
|
7
|
-
rename_column :
|
8
|
-
rename_column :
|
9
|
-
rename_column :
|
10
|
-
rename_column :
|
11
|
-
rename_column :
|
12
|
-
rename_column :
|
13
|
-
rename_column :
|
14
|
-
add_column :
|
15
|
-
add_column :
|
16
|
-
add_column :
|
17
|
-
remove_column :
|
18
|
-
remove_column :
|
2
|
+
def up
|
3
|
+
return if column_exists?(:spree_users, :password_salt)
|
4
|
+
rename_column :spree_users, :crypted_password, :encrypted_password
|
5
|
+
rename_column :spree_users, :salt, :password_salt
|
6
|
+
rename_column :spree_users, :remember_token_expires_at, :remember_created_at
|
7
|
+
rename_column :spree_users, :login_count, :sign_in_count
|
8
|
+
rename_column :spree_users, :failed_login_count, :failed_attempts
|
9
|
+
rename_column :spree_users, :single_access_token, :reset_password_token
|
10
|
+
rename_column :spree_users, :current_login_at, :current_sign_in_at
|
11
|
+
rename_column :spree_users, :last_login_at, :last_sign_in_at
|
12
|
+
rename_column :spree_users, :current_login_ip, :current_sign_in_ip
|
13
|
+
rename_column :spree_users, :last_login_ip, :last_sign_in_ip
|
14
|
+
add_column :spree_users, :authentication_token, :string
|
15
|
+
add_column :spree_users, :unlock_token, :string
|
16
|
+
add_column :spree_users, :locked_at, :datetime
|
17
|
+
remove_column :spree_users, :api_key if column_exists?(:spree_users, :api_key)
|
18
|
+
remove_column :spree_users, :openid_identifier
|
19
19
|
end
|
20
20
|
|
21
|
-
def
|
22
|
-
remove_column :
|
23
|
-
remove_column :
|
24
|
-
remove_column :
|
21
|
+
def down
|
22
|
+
remove_column :spree_users, :authentication_token
|
23
|
+
remove_column :spree_users, :locked_at
|
24
|
+
remove_column :spree_users, :unlock_token
|
25
25
|
rename_column :table_name, :new_column_name, :column_name
|
26
|
-
rename_column :
|
27
|
-
rename_column :
|
28
|
-
rename_column :
|
29
|
-
rename_column :
|
30
|
-
rename_column :
|
31
|
-
rename_column :
|
32
|
-
rename_column :
|
33
|
-
rename_column :
|
34
|
-
rename_column :
|
35
|
-
rename_column :
|
36
|
-
add_column :
|
37
|
-
add_column :
|
26
|
+
rename_column :spree_users, :last_sign_in_ip, :last_login_ip
|
27
|
+
rename_column :spree_users, :current_sign_in_ip, :current_login_ip
|
28
|
+
rename_column :spree_users, :last_sign_in_at, :last_login_at
|
29
|
+
rename_column :spree_users, :current_sign_in_at, :current_login_at
|
30
|
+
rename_column :spree_users, :reset_password_token, :single_access_token
|
31
|
+
rename_column :spree_users, :failed_attempts, :failed_login_count
|
32
|
+
rename_column :spree_users, :sign_in_count, :login_count
|
33
|
+
rename_column :spree_users, :remember_created_at, :remember_token_expires_at
|
34
|
+
rename_column :spree_users, :password_salt, :salt
|
35
|
+
rename_column :spree_users, :encrypted_password, :crypted_password
|
36
|
+
add_column :spree_users, :unlock_token, :string
|
37
|
+
add_column :spree_users, :openid_identifier, :string
|
38
38
|
end
|
39
39
|
end
|
@@ -1,11 +1,11 @@
|
|
1
1
|
class ConvertUserRememberField < ActiveRecord::Migration
|
2
|
-
def
|
3
|
-
remove_column :
|
4
|
-
add_column :
|
2
|
+
def up
|
3
|
+
remove_column :spree_users, :remember_created_at
|
4
|
+
add_column :spree_users, :remember_created_at, :datetime
|
5
5
|
end
|
6
6
|
|
7
|
-
def
|
8
|
-
remove_column :
|
9
|
-
add_column :
|
7
|
+
def down
|
8
|
+
remove_column :spree_users, :remember_created_at
|
9
|
+
add_column :spree_users, :remember_created_at, :string
|
10
10
|
end
|
11
|
-
end
|
11
|
+
end
|
@@ -1,18 +1,13 @@
|
|
1
1
|
class CreateTokenizedPermissions < ActiveRecord::Migration
|
2
|
-
|
3
|
-
def self.up
|
4
|
-
|
2
|
+
def change
|
5
3
|
create_table :tokenized_permissions do |t|
|
6
4
|
t.integer :permissable_id
|
7
5
|
t.string :permissable_type
|
8
6
|
t.string :token
|
7
|
+
|
9
8
|
t.timestamps
|
10
9
|
end
|
11
10
|
|
12
|
-
add_index
|
13
|
-
end
|
14
|
-
|
15
|
-
def self.down
|
16
|
-
drop_table :tokenized_permissions
|
11
|
+
add_index :tokenized_permissions, [:permissable_id, :permissable_type], :name => 'index_tokenized_name_and_type'
|
17
12
|
end
|
18
13
|
end
|
@@ -1,12 +1,16 @@
|
|
1
1
|
class TokensForLegacyOrders < ActiveRecord::Migration
|
2
|
-
def
|
2
|
+
def up
|
3
|
+
Spree::TokenizedPermission.table_name = 'tokenized_permissions'
|
4
|
+
|
3
5
|
# add token permissions for legacy orders (stop relying on user persistence token)
|
4
|
-
Order.all.each do |order|
|
6
|
+
Spree::Order.all.each do |order|
|
5
7
|
next unless order.user
|
6
8
|
order.create_tokenized_permission(:token => order.user.persistence_token)
|
7
9
|
end
|
10
|
+
|
11
|
+
Spree::TokenizedPermission.table_name = 'spree_tokenized_permissions'
|
8
12
|
end
|
9
13
|
|
10
|
-
def
|
14
|
+
def down
|
11
15
|
end
|
12
16
|
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
class MigrateTokenizedPermissions < ActiveRecord::Migration
|
2
|
+
def concat(str1, str2)
|
3
|
+
dbtype = Rails.configuration.database_configuration[Rails.env]['adapter'].to_sym
|
4
|
+
|
5
|
+
case dbtype
|
6
|
+
when :mysql, :mysql2
|
7
|
+
"CONCAT(#{str1}, #{str2})"
|
8
|
+
when :sqlserver
|
9
|
+
"(#{str1} + #{str2})"
|
10
|
+
else
|
11
|
+
"(#{str1} || #{str2})"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def up
|
16
|
+
execute "UPDATE spree_tokenized_permissions SET permissable_type = #{concat("'Spree::'", "permissable_type")}" +
|
17
|
+
" WHERE permissable_type NOT LIKE 'Spree::%' AND permissable_type IS NOT NULL"
|
18
|
+
end
|
19
|
+
|
20
|
+
def down
|
21
|
+
execute "UPDATE spree_tokenized_permissions SET permissable_type = REPLACE(permissable_type, 'Spree::', '')" +
|
22
|
+
" WHERE permissable_type LIKE 'Spree::%'"
|
23
|
+
end
|
24
|
+
end
|
data/db/seeds.rb
CHANGED
@@ -0,0 +1,25 @@
|
|
1
|
+
module Spree
|
2
|
+
module Auth
|
3
|
+
class Engine < Rails::Engine
|
4
|
+
isolate_namespace Spree
|
5
|
+
engine_name 'spree_auth'
|
6
|
+
|
7
|
+
initializer "spree.auth.environment", :before => :load_config_initializers do |app|
|
8
|
+
Spree::Auth::Config = Spree::AuthConfiguration.new
|
9
|
+
end
|
10
|
+
|
11
|
+
def self.activate
|
12
|
+
Dir.glob(File.join(File.dirname(__FILE__), "../../../app/**/*_decorator*.rb")) do |c|
|
13
|
+
Rails.configuration.cache_classes ? require(c) : load(c)
|
14
|
+
end
|
15
|
+
|
16
|
+
Dir.glob(File.join(File.dirname(__FILE__), "../../../app/overrides/*.rb")) do |c|
|
17
|
+
Rails.configuration.cache_classes ? require(c) : load(c)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
config.to_prepare &method(:activate).to_proc
|
22
|
+
ActiveRecord::Base.class_eval { include Spree::TokenResource }
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
data/lib/spree/auth.rb
ADDED
data/lib/spree/token_resource.rb
CHANGED
@@ -1,23 +1,23 @@
|
|
1
|
-
module Spree
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
1
|
+
module Spree
|
2
|
+
module TokenResource
|
3
|
+
module ClassMethods
|
4
|
+
def token_resource
|
5
|
+
has_one :tokenized_permission, :as => :permissable
|
6
|
+
delegate :token, :to => :tokenized_permission, :allow_nil => true
|
7
|
+
after_create :create_token
|
8
|
+
end
|
8
9
|
end
|
9
|
-
end
|
10
10
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
11
|
+
module InstanceMethods
|
12
|
+
def create_token
|
13
|
+
create_tokenized_permission(:token => ::SecureRandom::hex(8))
|
14
|
+
token
|
15
|
+
end
|
15
16
|
end
|
16
|
-
end
|
17
17
|
|
18
|
-
|
19
|
-
|
20
|
-
|
18
|
+
def self.included(receiver)
|
19
|
+
receiver.extend ClassMethods
|
20
|
+
receiver.send :include, InstanceMethods
|
21
|
+
end
|
21
22
|
end
|
22
|
-
|
23
23
|
end
|
data/lib/spree_auth.rb
CHANGED
@@ -1,24 +1 @@
|
|
1
|
-
require '
|
2
|
-
require 'devise'
|
3
|
-
require 'cancan'
|
4
|
-
|
5
|
-
require 'spree/auth/config'
|
6
|
-
require 'spree/token_resource'
|
7
|
-
|
8
|
-
module SpreeAuth
|
9
|
-
class Engine < Rails::Engine
|
10
|
-
engine_name 'spree_auth'
|
11
|
-
|
12
|
-
def self.activate
|
13
|
-
Dir.glob(File.join(File.dirname(__FILE__), "../app/**/*_decorator*.rb")) do |c|
|
14
|
-
Rails.application.config.cache_classes ? require(c) : load(c)
|
15
|
-
end
|
16
|
-
Dir.glob(File.join(File.dirname(__FILE__), "../app/overrides/*.rb")) do |c|
|
17
|
-
Rails.application.config.cache_classes ? require(c) : load(c)
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
config.to_prepare &method(:activate).to_proc
|
22
|
-
ActiveRecord::Base.class_eval { include Spree::TokenResource }
|
23
|
-
end
|
24
|
-
end
|
1
|
+
require 'spree/auth'
|