spree_auth 0.30.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of spree_auth might be problematic. Click here for more details.

Files changed (34) hide show
  1. data/LICENSE +26 -0
  2. data/README.md +35 -0
  3. data/app/controllers/admin_controller_decorator.rb +7 -0
  4. data/app/controllers/checkout_controller_decorator.rb +30 -0
  5. data/app/controllers/devise/sessions_controller_decorator.rb +12 -0
  6. data/app/controllers/orders_controller_decorator.rb +18 -0
  7. data/app/controllers/resource_controller_decorator.rb +15 -0
  8. data/app/controllers/spree/base_controller_decorator.rb +38 -0
  9. data/app/models/ability.rb +41 -0
  10. data/app/models/order_decorator.rb +12 -0
  11. data/app/models/spree_auth_configuration.rb +3 -0
  12. data/app/models/user.rb +43 -0
  13. data/app/views/checkout/registration.html.erb +19 -0
  14. data/app/views/devise/confirmations/new.html.erb +12 -0
  15. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  16. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  17. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  18. data/app/views/devise/passwords/edit.html.erb +16 -0
  19. data/app/views/devise/passwords/new.html.erb +12 -0
  20. data/app/views/devise/registrations/edit.html.erb +25 -0
  21. data/app/views/devise/registrations/new.html.erb +22 -0
  22. data/app/views/devise/sessions/new.html.erb +20 -0
  23. data/app/views/devise/shared/_links.erb +19 -0
  24. data/app/views/devise/unlocks/new.html.erb +12 -0
  25. data/app/views/shared/_login_bar.html.erb +6 -0
  26. data/app/views/shared/unauthorized.html.erb +0 -0
  27. data/config/routes.rb +4 -0
  28. data/lib/generators/spree_auth/install_generator.rb +25 -0
  29. data/lib/generators/templates/db/migrate/20100811003924_switch_to_devise.rb +31 -0
  30. data/lib/generators/templates/devise.rb +146 -0
  31. data/lib/spree/auth/config.rb +22 -0
  32. data/lib/spree/auth_user.rb +20 -0
  33. data/lib/spree_auth.rb +19 -0
  34. metadata +141 -0
data/LICENSE ADDED
@@ -0,0 +1,26 @@
1
+ Copyright (c) 2007-2010, Rails Dog LLC and other contributors
2
+ All rights reserved.
3
+
4
+ Redistribution and use in source and binary forms, with or without modification,
5
+ are permitted provided that the following conditions are met:
6
+
7
+ * Redistributions of source code must retain the above copyright notice,
8
+ this list of conditions and the following disclaimer.
9
+ * Redistributions in binary form must reproduce the above copyright notice,
10
+ this list of conditions and the following disclaimer in the documentation
11
+ and/or other materials provided with the distribution.
12
+ * Neither the name Spree nor the names of its contributors may be used to
13
+ endorse or promote products derived from this software without specific
14
+ prior written permission.
15
+
16
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
20
+ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
21
+ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
22
+ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
23
+ PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
24
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
25
+ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26
+ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
data/README.md ADDED
@@ -0,0 +1,35 @@
1
+ Overview
2
+ --------
3
+
4
+ This gem provides the so-called "core" functionality of Spree and is a requirement for any Spree application or
5
+ store. The basic data models as well as product catalog and admin functionality are all provided by this gem.
6
+
7
+
8
+ Security Warning
9
+ ----------------
10
+
11
+ *This gem provides absolutely no authentication and authorization. You are strongly encouraged to install
12
+ and use the spree-auth gem in addition to spree-core in order to restrict access to orders and other admin
13
+ functionality.*
14
+
15
+
16
+ Running Tests
17
+ -------------
18
+
19
+ You need to do a quick one-time creation of a test application and then you can use it to run the tests.
20
+
21
+ rails new testapp -m spec/test_template.rb -T -J
22
+ cd testapp
23
+ rails g spree_core:install
24
+ rake db:migrate db:seed db:test:prepare
25
+
26
+ Then run the tests
27
+
28
+ rspec spec
29
+
30
+ Misc
31
+ ----
32
+
33
+ authentication by token example
34
+
35
+ http://localhost:3000/?auth_token=oWBSN16k6dWx46TtSGcp
@@ -0,0 +1,7 @@
1
+ Admin::BaseController.class_eval do
2
+ before_filter :authorize_admin
3
+
4
+ def authorize_admin
5
+ authorize! :admin, Object
6
+ end
7
+ end
@@ -0,0 +1,30 @@
1
+ CheckoutController.class_eval do
2
+ before_filter :check_authorization
3
+ before_filter :check_registration, :except => [:registration, :update_registration]
4
+
5
+ def registration
6
+ @user = User.new
7
+ end
8
+
9
+ def update_registration
10
+ @user = current_order.user
11
+ @user.email = params[:user][:email]
12
+ if @user.save
13
+ redirect_to checkout_path and return
14
+ else
15
+ render :registration and return
16
+ end
17
+ end
18
+
19
+ private
20
+ def check_authorization
21
+ authorize!(:edit, current_order)
22
+ end
23
+
24
+ # Introduces a registration step whenever the +registration_step+ preference is true.
25
+ def check_registration
26
+ return unless Spree::Auth::Config[:registration_step]
27
+ return if current_user or not current_order.user.anonymous?
28
+ redirect_to checkout_registration_path
29
+ end
30
+ end
@@ -0,0 +1,12 @@
1
+ Devise::SessionsController.class_eval do
2
+ after_filter :associate_user, :only => :create
3
+
4
+ include Spree::CurrentOrder
5
+ include Spree::AuthUser
6
+
7
+ def associate_user
8
+ return unless current_user and current_order
9
+ current_order.associate_user!(current_user) if can? :edit, current_order
10
+ session[:guest_token] = nil
11
+ end
12
+ end
@@ -0,0 +1,18 @@
1
+ OrdersController.class_eval do
2
+ after_filter :store_guest, :only => :populate
3
+ before_filter :check_authorization
4
+
5
+ private
6
+ def store_guest
7
+ return if current_user
8
+ session[:guest_token] ||= @order.user.authentication_token
9
+ end
10
+
11
+ def check_authorization
12
+ if current_order
13
+ authorize! :edit, current_order
14
+ else
15
+ authorize! :create, Order
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,15 @@
1
+ # This overrides the before method provided by resource_controller so that the current_user is authorized
2
+ # for each action before proceding.
3
+ module ResourceController
4
+ module Helpers
5
+ module Internal
6
+ protected
7
+ # Calls the before block for the action, if one is present.
8
+ #
9
+ def before(action)
10
+ authorize! action, object || model
11
+ invoke_callbacks *self.class.send(action).before
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,38 @@
1
+ Spree::BaseController.class_eval do
2
+
3
+ include Spree::AuthUser
4
+
5
+ # graceful error handling for cancan authorization exceptions
6
+ rescue_from CanCan::AccessDenied, :with => :unauthorized
7
+
8
+ private
9
+
10
+ # Redirect as appropriate when an access request fails. The default action is to redirect to the login screen.
11
+ # Override this method in your controllers if you want to have special behavior in case the user is not authorized
12
+ # to access the requested action. For example, a popup window might simply close itself.
13
+ def unauthorized
14
+ respond_to do |format|
15
+ format.html do
16
+ if current_user
17
+ flash.now[:error] = I18n.t(:authorization_failure)
18
+ render 'shared/unauthorized', :layout => 'spree_application'
19
+ else
20
+ store_location
21
+ redirect_to new_user_session_path and return
22
+ end
23
+ end
24
+ format.xml do
25
+ request_http_basic_authentication 'Web Password'
26
+ end
27
+ end
28
+ end
29
+
30
+ def store_location
31
+ # disallow return to login, logout, signup pages
32
+ disallowed_urls = [new_user_registration_path, new_user_session_path, destroy_user_session_path]
33
+ disallowed_urls.map!{|url| url[/\/\w+$/]}
34
+ unless disallowed_urls.include?(request.fullpath)
35
+ session[:return_to] = request.fullpath
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,41 @@
1
+ class Ability
2
+ include CanCan::Ability
3
+
4
+ def initialize(user)
5
+ self.clear_aliased_actions
6
+
7
+ # override cancan default aliasing (we don't want to differentiate between read and index)
8
+ alias_action :edit, :to => :update
9
+ alias_action :new, :to => :create
10
+ alias_action :show, :to => :read
11
+
12
+ user ||= User.new
13
+ if user.has_role? 'admin'
14
+ can :manage, :all
15
+ else
16
+ #############################
17
+ can :read, User do |resource|
18
+ resource == user
19
+ end
20
+ can :update, User do |resource|
21
+ resource == user
22
+ end
23
+ can :create, User
24
+ #############################
25
+ can :read, Order do |order|
26
+ order.user == user
27
+ end
28
+ can :update, Order do |order|
29
+ order.user == user
30
+ end
31
+ can :create, Order
32
+ #############################
33
+ can :read, Product
34
+ can :index, Product
35
+ #############################
36
+ can :read, Taxon
37
+ can :index, Taxon
38
+ #############################
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,12 @@
1
+ Order.class_eval do
2
+ # Associates the specified user with the order and destroys any previous association with guest user if
3
+ # necessary.
4
+ def associate_user!(user)
5
+ self.user = user
6
+ save!
7
+ end
8
+
9
+ def token
10
+ user.token if user.anonymous?
11
+ end
12
+ end
@@ -0,0 +1,3 @@
1
+ class SpreeAuthConfiguration < Configuration
2
+ preference :registration_step, :boolean, :default => true
3
+ end
@@ -0,0 +1,43 @@
1
+ class User < ActiveRecord::Base
2
+
3
+ has_many :orders
4
+ has_and_belongs_to_many :roles
5
+ belongs_to :ship_address, :foreign_key => "ship_address_id", :class_name => "Address"
6
+ belongs_to :bill_address, :foreign_key => "bill_address_id", :class_name => "Address"
7
+
8
+ before_save :check_admin
9
+
10
+ # Include default devise modules. Others available are:
11
+ # :confirmable, :lockable and :timeoutable
12
+ devise :database_authenticatable, :registerable, :token_authenticatable,
13
+ :recoverable, :rememberable, :trackable, :validatable
14
+
15
+ # Setup accessible (or protected) attributes for your model
16
+ attr_accessible :email, :password, :password_confirmation, :remember_me, :anonymous
17
+ after_save :ensure_authentication_token!
18
+
19
+ alias_attribute :token, :authentication_token
20
+
21
+ # has_role? simply needs to return true or false whether a user has a role or not.
22
+ def has_role?(role_in_question)
23
+ roles.any? { |role| role.name == role_in_question.to_s }
24
+ end
25
+
26
+ def self.anonymous!
27
+ token = User.generate_token(:authentication_token)
28
+ User.create(:email => "#{token}@example.com", :password => token, :password_confirmation => token, :anonymous => true)
29
+ end
30
+
31
+ def email=(email)
32
+ self.anonymous = false unless email.include?("example.com")
33
+ write_attribute :email, email
34
+ end
35
+
36
+ private
37
+ def check_admin
38
+ if User.where("roles.name" => "admin").includes(:roles).empty?
39
+ self.roles << Role.find_by_name("admin")
40
+ end
41
+ true
42
+ end
43
+ end
@@ -0,0 +1,19 @@
1
+ <%= render "shared/error_messages", :target => @user %>
2
+ <h2><%= t("registration")%></h2>
3
+ <div id="registration">
4
+ <div id="account">
5
+ <!-- TODO: add partial with devise registration form -->
6
+ </div>
7
+ <% if Spree::Config[:allow_guest_checkout] %>
8
+ <div id="guest_checkout">
9
+ <h2><%= t(:guest_user_account) %></h2>
10
+ <%= form_for :user, :url => update_checkout_registration_path, :html => { :method => :put, :id => "checkout_form_registration"} do |f| %>
11
+ <p>
12
+ <%= f.label :email, t("email") %><br />
13
+ <%= f.text_field :email, :class => 'title' %>
14
+ </p>
15
+ <p><%= submit_tag t("continue"), :class => 'button primary' %></p>
16
+ <% end %>
17
+ </div>
18
+ <% end %>
19
+ </div>
@@ -0,0 +1,12 @@
1
+ <h2><%= t(:resend_confirmation_instructions) %></h2>
2
+
3
+ <%= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f| %>
4
+ <%= devise_error_messages! %>
5
+
6
+ <p><%= f.label :email %><br />
7
+ <%= f.text_field :email %></p>
8
+
9
+ <p><%= f.submit t(:resend_confirmation_instructions) %></p>
10
+ <% end %>
11
+
12
+ <%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,5 @@
1
+ <p>Welcome <%= @resource.email %>!</p>
2
+
3
+ <p>You can confirm your account through the link below:</p>
4
+
5
+ <p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %></p>
@@ -0,0 +1,8 @@
1
+ <p>Hello <%= @resource.email %>!</p>
2
+
3
+ <p>Someone has requested a link to change your password, and you can do this through the link below.</p>
4
+
5
+ <p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %></p>
6
+
7
+ <p>If you didn't request this, please ignore this email.</p>
8
+ <p>Your password won't change until you access the link above and create a new one.</p>
@@ -0,0 +1,7 @@
1
+ <p>Hello <%= @resource.email %>!</p>
2
+
3
+ <p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p>
4
+
5
+ <p>Click the link below to unlock your account:</p>
6
+
7
+ <p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %></p>
@@ -0,0 +1,16 @@
1
+ <h2><%= t(:change_my_password) %></h2>
2
+
3
+ <%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
4
+ <%= devise_error_messages! %>
5
+ <%= f.hidden_field :reset_password_token %>
6
+
7
+ <p><%= f.label :password %><br />
8
+ <%= f.password_field :password %></p>
9
+
10
+ <p><%= f.label :password_confirmation %><br />
11
+ <%= f.password_field :password_confirmation %></p>
12
+
13
+ <p><%= f.submit t(:change_my_password) %></p>
14
+ <% end %>
15
+
16
+ <%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,12 @@
1
+ <h2><%= t(:forgot_password) %></h2>
2
+
3
+ <%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
4
+ <%= devise_error_messages! %>
5
+
6
+ <p><%= f.label :email %><br />
7
+ <%= f.text_field :email %></p>
8
+
9
+ <p><%= f.submit t(:send_me_reset_password_instructions) %></p>
10
+ <% end %>
11
+
12
+ <%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,25 @@
1
+ <h2><%= t(:my_account) %></h2>
2
+
3
+ <%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
4
+ <%= devise_error_messages! %>
5
+
6
+ <p><%= f.label :email %><br />
7
+ <%= f.text_field :email %></p>
8
+
9
+ <p><%= f.label :password %> <i><%= t(:leave_blank_to_not_change) %></i><br />
10
+ <%= f.password_field :password %></p>
11
+
12
+ <p><%= f.label :password_confirmation %><br />
13
+ <%= f.password_field :password_confirmation %></p>
14
+
15
+ <p><%= f.label :current_password %> <i><%= t(:enter_password_to_confirm) %></i><br />
16
+ <%= f.password_field :current_password %></p>
17
+
18
+ <p><%= f.submit t(:update) %></p>
19
+ <% end %>
20
+
21
+ <h3><%= t(:cancel_my_account) %></h3>
22
+
23
+ <p><%= t(:cancel_my_account_description) %> <%= link_to t(:cancel_my_account), registration_path(resource_name), :confirm => t(:are_you_sure), :method => :delete %>.</p>
24
+
25
+ <%= link_to t(:back), :back %>
@@ -0,0 +1,22 @@
1
+ <% @body_id = 'signup' %>
2
+
3
+ <div id="new-customer">
4
+ <h2><%= t("new_customer") %></h2>
5
+
6
+ <%= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
7
+ <%= devise_error_messages! %>
8
+
9
+ <p><%= f.label :email %><br />
10
+ <%= f.text_field :email %></p>
11
+
12
+ <p><%= f.label :password %><br />
13
+ <%= f.password_field :password %></p>
14
+
15
+ <p><%= f.label :password_confirmation %><br />
16
+ <%= f.password_field :password_confirmation %></p>
17
+
18
+ <p><%= f.submit t(:sign_up) %></p>
19
+ <% end %>
20
+
21
+ <%= render :partial => "devise/shared/links" %>
22
+ </div>
@@ -0,0 +1,20 @@
1
+ <% @body_id = 'login' %>
2
+ <div id="existing-customer">
3
+ <h2><%= t("login_as_existing") %></h2>
4
+
5
+ <%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
6
+ <p><%= f.label :email %><br />
7
+ <%= f.text_field :email %></p>
8
+
9
+ <p><%= f.label :password %><br />
10
+ <%= f.password_field :password %></p>
11
+
12
+ <% if devise_mapping.rememberable? -%>
13
+ <p><%= f.check_box :remember_me %> <%= f.label :remember_me %></p>
14
+ <% end -%>
15
+
16
+ <p><%= f.submit t(:log_in) %></p>
17
+ <% end %>
18
+
19
+ <%= render :partial => "devise/shared/links" %>
20
+ </div>
@@ -0,0 +1,19 @@
1
+ <%- if controller_name != 'sessions' %>
2
+ <%= link_to t(:log_in), new_session_path(resource_name) %><br />
3
+ <% end -%>
4
+
5
+ <%- if devise_mapping.registerable? && controller_name != 'registrations' %>
6
+ <%= link_to t(:sign_up), new_registration_path(resource_name) %><br />
7
+ <% end -%>
8
+
9
+ <%- if devise_mapping.recoverable? && controller_name != 'passwords' %>
10
+ <%= link_to t(:forgot_password), new_password_path(resource_name) %><br />
11
+ <% end -%>
12
+
13
+ <%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
14
+ <%= link_to t(:didnt_receive_confirmation_instructions), new_confirmation_path(resource_name) %><br />
15
+ <% end -%>
16
+
17
+ <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
18
+ <%= link_to t(:didnt_receive_unlock_instructions), new_unlock_path(resource_name) %><br />
19
+ <% end -%>
@@ -0,0 +1,12 @@
1
+ <h2><%= t(:resend_unlock_instructions) %></h2>
2
+
3
+ <%= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f| %>
4
+ <%= devise_error_messages! %>
5
+
6
+ <p><%= f.label :email %><br />
7
+ <%= f.text_field :email %></p>
8
+
9
+ <p><%= f.submit t(:resend_unlock_instructions) %></p>
10
+ <% end %>
11
+
12
+ <%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,6 @@
1
+ <% if current_user %>
2
+ <li><%= link_to t('my_account'), edit_user_registration_path(current_user) %></li>
3
+ <li><%= link_to t('logout'), destroy_user_session_path %></li>
4
+ <% else %>
5
+ <li><%= link_to t('log_in'), new_user_session_path %></li>
6
+ <% end %>
File without changes
data/config/routes.rb ADDED
@@ -0,0 +1,4 @@
1
+ Rails.application.routes.draw do
2
+ match '/checkout/registration' => 'checkout#registration', :via => :get, :as => :checkout_registration
3
+ match '/checkout/registration' => 'checkout#update_registration', :via => :put, :as => :update_checkout_registration
4
+ end
@@ -0,0 +1,25 @@
1
+ module SpreeAuth
2
+ module Generators
3
+ class InstallGenerator < Rails::Generators::Base
4
+ source_root File.expand_path("../../templates", __FILE__)
5
+
6
+ desc "Configures your Rails application for use with spree_auth."
7
+
8
+ def setup_routes
9
+ route 'devise_for :users'
10
+ end
11
+
12
+ def copy_initializer
13
+ template "devise.rb", "config/initializers/devise.rb"
14
+ end
15
+
16
+ def copy_migrations
17
+ directory "db"
18
+ end
19
+
20
+ # def show_readme
21
+ # readme "README" if behavior == :invoke
22
+ # end
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,31 @@
1
+ class SwitchToDevise < ActiveRecord::Migration
2
+ def self.up
3
+ change_table(:users) do |t|
4
+ t.rename :crypted_password, :encrypted_password
5
+ t.rename :salt, :password_salt
6
+ t.rename :remember_token_expires_at, :remember_created_at
7
+ t.rename :persistence_token, :authentication_token
8
+ t.rename :single_access_token, :reset_password_token
9
+ t.remove :perishable_token
10
+ t.rename :login_count, :sign_in_count
11
+ t.remove :failed_login_count
12
+ t.remove :last_request_at
13
+ t.rename :current_login_at, :current_sign_in_at
14
+ t.rename :last_login_at, :last_sign_in_at
15
+ t.rename :current_login_ip, :current_sign_in_ip
16
+ t.rename :last_login_ip, :last_sign_in_ip
17
+ t.remove :login
18
+ t.remove :openid_identifier
19
+ t.remove :api_key
20
+ end
21
+ drop_table :open_id_authentication_associations
22
+ drop_table :open_id_authentication_nonces
23
+
24
+ add_index :users, :email, :unique => true
25
+ add_index :users, :reset_password_token, :unique => true
26
+ end
27
+
28
+ def self.down
29
+ # no going back!
30
+ end
31
+ end
@@ -0,0 +1,146 @@
1
+ # Use this hook to configure devise mailer, warden hooks and so forth. The first
2
+ # four configuration values can also be set straight in your models.
3
+ Devise.setup do |config|
4
+ # ==> Mailer Configuration
5
+ # Configure the e-mail address which will be shown in DeviseMailer.
6
+ config.mailer_sender = "please-change-me@config-initializers-devise.com"
7
+
8
+ # Configure the class responsible to send e-mails.
9
+ # config.mailer = "Devise::Mailer"
10
+
11
+ # ==> ORM configuration
12
+ # Load and configure the ORM. Supports :active_record (default) and
13
+ # :mongoid (bson_ext recommended) by default. Other ORMs may be
14
+ # available as additional gems.
15
+ require 'devise/orm/active_record'
16
+
17
+ # ==> Configuration for any authentication mechanism
18
+ # Configure which keys are used when authenticating an user. By default is
19
+ # just :email. You can configure it to use [:username, :subdomain], so for
20
+ # authenticating an user, both parameters are required. Remember that those
21
+ # parameters are used only when authenticating and not when retrieving from
22
+ # session. If you need permissions, you should implement that in a before filter.
23
+ # config.authentication_keys = [ :email ]
24
+
25
+ # Tell if authentication through request.params is enabled. True by default.
26
+ # config.params_authenticatable = true
27
+
28
+ # Tell if authentication through HTTP Basic Auth is enabled. True by default.
29
+ # config.http_authenticatable = true
30
+
31
+ # Set this to true to use Basic Auth for AJAX requests. True by default.
32
+ # config.http_authenticatable_on_xhr = true
33
+
34
+ # The realm used in Http Basic Authentication
35
+ # config.http_authentication_realm = "Application"
36
+
37
+ # ==> Configuration for :database_authenticatable
38
+ # Define which will be the encryption algorithm. Devise also supports encryptors
39
+ # from others authentication tools as :clearance_sha1, :authlogic_sha512 (then
40
+ # you should set stretches above to 20 for default behavior) and :restful_authentication_sha1
41
+ # (then you should set stretches to 10, and copy REST_AUTH_SITE_KEY to pepper)
42
+ config.encryptor = :bcrypt
43
+
44
+ # For bcrypt, this is the cost for hashing the password and defaults to 10. If
45
+ # using other encryptors, it sets how many times you want the password re-encrypted.
46
+ config.stretches = 10
47
+
48
+ # Setup a pepper to generate the encrypted password.
49
+ config.pepper = <%= ActiveSupport::SecureRandom.hex(64).inspect %>
50
+
51
+ # ==> Configuration for :confirmable
52
+ # The time you want to give your user to confirm his account. During this time
53
+ # he will be able to access your application without confirming. Default is nil.
54
+ # When confirm_within is zero, the user won't be able to sign in without confirming.
55
+ # You can use this to let your user access some features of your application
56
+ # without confirming the account, but blocking it after a certain period
57
+ # (ie 2 days).
58
+ # config.confirm_within = 2.days
59
+
60
+ # ==> Configuration for :rememberable
61
+ # The time the user will be remembered without asking for credentials again.
62
+ # config.remember_for = 2.weeks
63
+
64
+ # If true, a valid remember token can be re-used between multiple browsers.
65
+ # config.remember_across_browsers = true
66
+
67
+ # If true, extends the user's remember period when remembered via cookie.
68
+ # config.extend_remember_period = false
69
+
70
+ # ==> Configuration for :validatable
71
+ # Range for password length
72
+ # config.password_length = 6..20
73
+
74
+ # Regex to use to validate the email address
75
+ # config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
76
+
77
+ # ==> Configuration for :timeoutable
78
+ # The time you want to timeout the user session without activity. After this
79
+ # time the user will be asked for credentials again.
80
+ # config.timeout_in = 10.minutes
81
+
82
+ # ==> Configuration for :lockable
83
+ # Defines which strategy will be used to lock an account.
84
+ # :failed_attempts = Locks an account after a number of failed attempts to sign in.
85
+ # :none = No lock strategy. You should handle locking by yourself.
86
+ # config.lock_strategy = :failed_attempts
87
+
88
+ # Defines which strategy will be used to unlock an account.
89
+ # :email = Sends an unlock link to the user email
90
+ # :time = Re-enables login after a certain amount of time (see :unlock_in below)
91
+ # :both = Enables both strategies
92
+ # :none = No unlock strategy. You should handle unlocking by yourself.
93
+ # config.unlock_strategy = :both
94
+
95
+ # Number of authentication tries before locking an account if lock_strategy
96
+ # is failed attempts.
97
+ # config.maximum_attempts = 20
98
+
99
+ # Time interval to unlock the account if :time is enabled as unlock_strategy.
100
+ # config.unlock_in = 1.hour
101
+
102
+ # ==> Configuration for :token_authenticatable
103
+ # Defines name of the authentication token params key
104
+ # config.token_authentication_key = :auth_token
105
+
106
+ # ==> Scopes configuration
107
+ # Turn scoped views on. Before rendering "sessions/new", it will first check for
108
+ # "users/sessions/new". It's turned off by default because it's slower if you
109
+ # are using only default views.
110
+ # config.scoped_views = true
111
+
112
+ # Configure the default scope given to Warden. By default it's the first
113
+ # devise role declared in your routes.
114
+ # config.default_scope = :user
115
+
116
+ # Configure sign_out behavior.
117
+ # By default sign_out is scoped (i.e. /users/sign_out affects only :user scope).
118
+ # In case of sign_out_all_scopes set to true any logout action will sign out all active scopes.
119
+ # config.sign_out_all_scopes = false
120
+
121
+ # ==> Navigation configuration
122
+ # Lists the formats that should be treated as navigational. Formats like
123
+ # :html, should redirect to the sign in page when the user does not have
124
+ # access, but formats like :xml or :json, should return 401.
125
+ # If you have any extra navigational formats, like :iphone or :mobile, you
126
+ # should add them to the navigational formats lists. Default is [:html]
127
+ # config.navigational_formats = [:html, :iphone]
128
+
129
+ # ==> OAuth2
130
+ # Add a new OAuth2 provider. Check the README for more information on setting
131
+ # up on your models and hooks.
132
+ # config.oauth :github, 'APP_ID', 'APP_SECRET',
133
+ # :site => 'https://github.com/',
134
+ # :authorize_path => '/login/oauth/authorize',
135
+ # :access_token_path => '/login/oauth/access_token',
136
+ # :scope => %w(user public_repo)
137
+
138
+ # ==> Warden configuration
139
+ # If you want to use other strategies, that are not supported by Devise, or
140
+ # change the failure app, you can configure them inside the config.warden block.
141
+ #
142
+ # config.warden do |manager|
143
+ # manager.failure_app = AnotherApp
144
+ # manager.default_strategies(:scope => :user).unshift :some_external_strategy
145
+ # end
146
+ end
@@ -0,0 +1,22 @@
1
+ module Spree
2
+ module Auth
3
+ # Singleton class to access the shipping configuration object (ActiveShippingConfiguration.first by default) and it's preferences.
4
+ #
5
+ # Usage:
6
+ # Spree::Auth::Config[:foo] # Returns the foo preference
7
+ # Spree::Auth::Config[] # Returns a Hash with all the tax preferences
8
+ # Spree::Auth::Config.instance # Returns the configuration object (AuthConfiguration.first)
9
+ # Spree::Auth::Config.set(preferences_hash) # Set the spree auth preferences as especified in +preference_hash+
10
+ class Config
11
+ include Singleton
12
+ include Spree::PreferenceAccess
13
+
14
+ class << self
15
+ def instance
16
+ return nil unless ActiveRecord::Base.connection.tables.include?('configurations')
17
+ SpreeAuthConfiguration.find_or_create_by_name("Default spree_auth configuration")
18
+ end
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,20 @@
1
+ module Spree
2
+ module AuthUser
3
+
4
+ # Gives controllers the ability to learn the +auth_user+ as opposed to limiting them to just the standard
5
+ # +current_user.+ The +auth_user+ method will return the user corresponding to the +guest_token+ if present,
6
+ # otherwise it will return the +current_user.+ This allows us to check authorization against a guest user
7
+ # without requiring that user to be signed in via warden/devise. This means the guest can later sign up for
8
+ # an acccount (or log in to an existing account.)
9
+ def auth_user
10
+ return current_user unless session[:guest_token]
11
+ User.find_by_authentication_token(session[:guest_token])
12
+ end
13
+
14
+ # Overrides the default method used by Cancan so that we can use the guest_token in addition to current_user.
15
+ def current_ability
16
+ @current_ability ||= ::Ability.new(auth_user)
17
+ end
18
+
19
+ end
20
+ end
data/lib/spree_auth.rb ADDED
@@ -0,0 +1,19 @@
1
+ require 'spree_core'
2
+
3
+ require 'devise'
4
+ require 'devise/orm/active_record'
5
+ require 'cancan'
6
+
7
+ require 'spree/auth_user'
8
+ require 'spree/auth/config'
9
+
10
+ module SpreeAuth
11
+ class Engine < Rails::Engine
12
+ def self.activate
13
+ Dir.glob(File.join(File.dirname(__FILE__), "../app/**/*_decorator*.rb")) do |c|
14
+ Rails.env == "production" ? require(c) : load(c)
15
+ end
16
+ end
17
+ config.to_prepare &method(:activate).to_proc
18
+ end
19
+ end
metadata ADDED
@@ -0,0 +1,141 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: spree_auth
3
+ version: !ruby/object:Gem::Version
4
+ prerelease: true
5
+ segments:
6
+ - 0
7
+ - 30
8
+ - 0
9
+ - beta1
10
+ version: 0.30.0.beta1
11
+ platform: ruby
12
+ authors:
13
+ - Sean Schofield
14
+ autorequire:
15
+ bindir: bin
16
+ cert_chain: []
17
+
18
+ date: 2010-09-03 00:00:00 -04:00
19
+ default_executable:
20
+ dependencies:
21
+ - !ruby/object:Gem::Dependency
22
+ name: spree_core
23
+ prerelease: false
24
+ requirement: &id001 !ruby/object:Gem::Requirement
25
+ requirements:
26
+ - - "="
27
+ - !ruby/object:Gem::Version
28
+ segments:
29
+ - 0
30
+ - 30
31
+ - 0
32
+ - beta1
33
+ version: 0.30.0.beta1
34
+ type: :runtime
35
+ version_requirements: *id001
36
+ - !ruby/object:Gem::Dependency
37
+ name: devise
38
+ prerelease: false
39
+ requirement: &id002 !ruby/object:Gem::Requirement
40
+ requirements:
41
+ - - ">="
42
+ - !ruby/object:Gem::Version
43
+ segments:
44
+ - 1
45
+ - 1
46
+ - 2
47
+ version: 1.1.2
48
+ type: :runtime
49
+ version_requirements: *id002
50
+ - !ruby/object:Gem::Dependency
51
+ name: cancan
52
+ prerelease: false
53
+ requirement: &id003 !ruby/object:Gem::Requirement
54
+ requirements:
55
+ - - ">="
56
+ - !ruby/object:Gem::Version
57
+ segments:
58
+ - 1
59
+ - 3
60
+ - 3
61
+ version: 1.3.3
62
+ type: :runtime
63
+ version_requirements: *id003
64
+ description: Required dependancy for Spree
65
+ email: sean@railsdog.com
66
+ executables: []
67
+
68
+ extensions: []
69
+
70
+ extra_rdoc_files: []
71
+
72
+ files:
73
+ - LICENSE
74
+ - README.md
75
+ - app/controllers/admin_controller_decorator.rb
76
+ - app/controllers/checkout_controller_decorator.rb
77
+ - app/controllers/devise/sessions_controller_decorator.rb
78
+ - app/controllers/orders_controller_decorator.rb
79
+ - app/controllers/resource_controller_decorator.rb
80
+ - app/controllers/spree/base_controller_decorator.rb
81
+ - app/models/ability.rb
82
+ - app/models/order_decorator.rb
83
+ - app/models/spree_auth_configuration.rb
84
+ - app/models/user.rb
85
+ - app/views/checkout/registration.html.erb
86
+ - app/views/devise/confirmations/new.html.erb
87
+ - app/views/devise/mailer/confirmation_instructions.html.erb
88
+ - app/views/devise/mailer/reset_password_instructions.html.erb
89
+ - app/views/devise/mailer/unlock_instructions.html.erb
90
+ - app/views/devise/passwords/edit.html.erb
91
+ - app/views/devise/passwords/new.html.erb
92
+ - app/views/devise/registrations/edit.html.erb
93
+ - app/views/devise/registrations/new.html.erb
94
+ - app/views/devise/sessions/new.html.erb
95
+ - app/views/devise/shared/_links.erb
96
+ - app/views/devise/unlocks/new.html.erb
97
+ - app/views/shared/_login_bar.html.erb
98
+ - app/views/shared/unauthorized.html.erb
99
+ - config/routes.rb
100
+ - lib/generators/spree_auth/install_generator.rb
101
+ - lib/generators/templates/db/migrate/20100811003924_switch_to_devise.rb
102
+ - lib/generators/templates/devise.rb
103
+ - lib/spree/auth/config.rb
104
+ - lib/spree/auth_user.rb
105
+ - lib/spree_auth.rb
106
+ has_rdoc: true
107
+ homepage: http://spreecommerce.com
108
+ licenses: []
109
+
110
+ post_install_message:
111
+ rdoc_options: []
112
+
113
+ require_paths:
114
+ - lib
115
+ required_ruby_version: !ruby/object:Gem::Requirement
116
+ requirements:
117
+ - - ">="
118
+ - !ruby/object:Gem::Version
119
+ segments:
120
+ - 1
121
+ - 8
122
+ - 7
123
+ version: 1.8.7
124
+ required_rubygems_version: !ruby/object:Gem::Requirement
125
+ requirements:
126
+ - - ">"
127
+ - !ruby/object:Gem::Version
128
+ segments:
129
+ - 1
130
+ - 3
131
+ - 1
132
+ version: 1.3.1
133
+ requirements:
134
+ - none
135
+ rubyforge_project: spree_auth
136
+ rubygems_version: 1.3.6
137
+ signing_key:
138
+ specification_version: 3
139
+ summary: Provides authentication and authorization services for use with Spree.
140
+ test_files: []
141
+