stupid_auth 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/stupid_auth/controller.rb +75 -0
- data/lib/stupid_auth/model.rb +85 -0
- data/lib/stupid_auth/webrat_helpers.rb +10 -0
- data/lib/stupid_auth.rb +7 -0
- metadata +70 -0
@@ -0,0 +1,75 @@
|
|
1
|
+
module StupidAuth
|
2
|
+
|
3
|
+
module Controller
|
4
|
+
|
5
|
+
def self.included base
|
6
|
+
base.send :helper_method, :current_user, :logged_in?
|
7
|
+
base.send :include, InstanceMethods
|
8
|
+
# base.send :layout, lambda { |controller| controller.ajax? ? nil : 'application' }
|
9
|
+
# base.send :before_filter, :set_thread_user
|
10
|
+
end
|
11
|
+
|
12
|
+
module InstanceMethods
|
13
|
+
|
14
|
+
def ajax?
|
15
|
+
request.xhr?
|
16
|
+
end
|
17
|
+
|
18
|
+
private
|
19
|
+
|
20
|
+
def current_user
|
21
|
+
@current_user ||= User.find_by_id session[:user_id]
|
22
|
+
end
|
23
|
+
|
24
|
+
def logged_in?
|
25
|
+
!!current_user
|
26
|
+
end
|
27
|
+
|
28
|
+
def store_location
|
29
|
+
session[:return_to] = request.fullpath
|
30
|
+
end
|
31
|
+
|
32
|
+
def redirect_back_or_default default = nil
|
33
|
+
default ||= root_path
|
34
|
+
redirect_to session[:return_to] || default
|
35
|
+
session[:return_to] = nil
|
36
|
+
end
|
37
|
+
|
38
|
+
def access_denied
|
39
|
+
store_location
|
40
|
+
flash[:error] = 'You do not have permission to access that page!'
|
41
|
+
redirect_to login_path
|
42
|
+
end
|
43
|
+
|
44
|
+
def login_required
|
45
|
+
access_denied unless logged_in?
|
46
|
+
end
|
47
|
+
|
48
|
+
# Uncomment for basic role support
|
49
|
+
# add support for dynamic role filtering
|
50
|
+
# eg accountant_required or receiving_staff_or_accountant_required
|
51
|
+
# def method_missing name, *args
|
52
|
+
# if name.to_s =~ /^(.+)_required$/
|
53
|
+
# system_admin_or_role_required $1.split('_or_')
|
54
|
+
# else
|
55
|
+
# super
|
56
|
+
# end
|
57
|
+
# end
|
58
|
+
|
59
|
+
# Uncomment for basic role support
|
60
|
+
# def system_admin_or_role_required role
|
61
|
+
# raise "Role must be specified" if role.blank?
|
62
|
+
# return if logged_in? and current_user.is_a?('System Admin')
|
63
|
+
# roles = role.is_a?(Array) ? role : [role].flatten
|
64
|
+
# access_denied unless logged_in? and roles.map { |r| current_user.is_a?(r.to_s.titleize) }.include? true
|
65
|
+
# end
|
66
|
+
|
67
|
+
def set_thread_user
|
68
|
+
Thread.current[:user] = current_user
|
69
|
+
end
|
70
|
+
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
module StupidAuth
|
2
|
+
|
3
|
+
module Model
|
4
|
+
|
5
|
+
def self.included base
|
6
|
+
class << base
|
7
|
+
attr_reader :login_field
|
8
|
+
end
|
9
|
+
|
10
|
+
base.extend ClassMethods
|
11
|
+
|
12
|
+
base.send :include, InstanceMethods
|
13
|
+
base.send :validate, :validate_password
|
14
|
+
base.send :before_validation, :encrypt_password
|
15
|
+
base.send :login_with, :email
|
16
|
+
end
|
17
|
+
|
18
|
+
module ClassMethods
|
19
|
+
|
20
|
+
# Set the field name to use for authentication
|
21
|
+
# Accepts a string or a symbol of a property name
|
22
|
+
def login_with field
|
23
|
+
field = field.is_a?(Symbol) ? field : field.fieldify.to_sym
|
24
|
+
new.respond_to?(field) ? @login_field = field : raise("#{ name } does not respond to #{ field.inspect }")
|
25
|
+
end
|
26
|
+
|
27
|
+
# Search the login_field for the given value and
|
28
|
+
# attempt to authenticate a found user with the given password
|
29
|
+
def authenticate login, provided_password = nil
|
30
|
+
finder = "find_by_#{ login_field }"
|
31
|
+
user = self.send finder, login
|
32
|
+
(user.present? and user.authenticated_by?provided_password) ? user : nil
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
|
37
|
+
module InstanceMethods
|
38
|
+
|
39
|
+
# Compare provided password with the one stored in the database
|
40
|
+
def authenticated_by? provided_password
|
41
|
+
encrypted_password == Digest::SHA1.hexdigest(provided_password + password_salt)
|
42
|
+
end
|
43
|
+
|
44
|
+
# def login_field
|
45
|
+
# self.class.login_field
|
46
|
+
# end
|
47
|
+
#
|
48
|
+
# def login_value
|
49
|
+
# self.send login_field
|
50
|
+
# end
|
51
|
+
|
52
|
+
private
|
53
|
+
|
54
|
+
# Hash the provided password and persist it, along with a salt
|
55
|
+
def encrypt_password
|
56
|
+
return true if password.blank?
|
57
|
+
self.password_salt = "stupid-auth-#{ Time.now.to_i }"
|
58
|
+
self.encrypted_password = Digest::SHA1.hexdigest(password + password_salt)
|
59
|
+
true
|
60
|
+
end
|
61
|
+
|
62
|
+
# Ensure that if a password has not been persisted one is provided
|
63
|
+
# Ensure that provided passwords are at least 4 characters long
|
64
|
+
def validate_password
|
65
|
+
if password.present?
|
66
|
+
errors.add :password, 'must be at least 4 characters!' unless password.length > 4
|
67
|
+
else
|
68
|
+
errors.add :password, "can't be blank" unless encrypted_password.present?
|
69
|
+
end
|
70
|
+
|
71
|
+
true
|
72
|
+
end
|
73
|
+
|
74
|
+
# create a :reset_password_token that can be used to authenticate
|
75
|
+
# a user so that they can reset their passwords. Assumes that there is a reset_password_token
|
76
|
+
# attribute on the model.
|
77
|
+
def create_reset_password_token!
|
78
|
+
update :reset_password_token => Digest::SHA1.hexdigest("password reset token #{ Time.zone.now } #{ rand }")
|
79
|
+
end
|
80
|
+
|
81
|
+
end
|
82
|
+
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
data/lib/stupid_auth.rb
ADDED
metadata
ADDED
@@ -0,0 +1,70 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: stupid_auth
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 27
|
5
|
+
prerelease: false
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 2
|
10
|
+
version: 0.0.2
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Dev Fu!
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2010-11-03 00:00:00 -07:00
|
19
|
+
default_executable:
|
20
|
+
dependencies: []
|
21
|
+
|
22
|
+
description: Authenticate users the stupid easy way.
|
23
|
+
email: info@devfu.com
|
24
|
+
executables: []
|
25
|
+
|
26
|
+
extensions: []
|
27
|
+
|
28
|
+
extra_rdoc_files: []
|
29
|
+
|
30
|
+
files:
|
31
|
+
- lib/stupid_auth/controller.rb
|
32
|
+
- lib/stupid_auth/model.rb
|
33
|
+
- lib/stupid_auth/webrat_helpers.rb
|
34
|
+
- lib/stupid_auth.rb
|
35
|
+
has_rdoc: true
|
36
|
+
homepage: http://github.com/devfu/stupid_auth
|
37
|
+
licenses: []
|
38
|
+
|
39
|
+
post_install_message:
|
40
|
+
rdoc_options: []
|
41
|
+
|
42
|
+
require_paths:
|
43
|
+
- lib
|
44
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
45
|
+
none: false
|
46
|
+
requirements:
|
47
|
+
- - ">="
|
48
|
+
- !ruby/object:Gem::Version
|
49
|
+
hash: 3
|
50
|
+
segments:
|
51
|
+
- 0
|
52
|
+
version: "0"
|
53
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
54
|
+
none: false
|
55
|
+
requirements:
|
56
|
+
- - ">="
|
57
|
+
- !ruby/object:Gem::Version
|
58
|
+
hash: 3
|
59
|
+
segments:
|
60
|
+
- 0
|
61
|
+
version: "0"
|
62
|
+
requirements: []
|
63
|
+
|
64
|
+
rubyforge_project:
|
65
|
+
rubygems_version: 1.3.7
|
66
|
+
signing_key:
|
67
|
+
specification_version: 3
|
68
|
+
summary: Really basic authentication library.
|
69
|
+
test_files: []
|
70
|
+
|