thoughtbot-clearance 0.4.5 → 0.4.6

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,4 +1,9 @@
1
- h2. 0.4.5 (unreleased)
1
+ h2. 0.4.6 (2/11/2009)
2
+
3
+ * making the modules behave like mixins again. (hat-tip Eloy Duran)
4
+ * created Actions and PrivateMethods modules on controllers for future RDoc reasons.
5
+
6
+ h2. 0.4.5 (2/9/2009)
2
7
 
3
8
  * [#43] Removed email downcasing. (local-part is case sensitive per RFC5321)
4
9
  * [#42] Removed dependency on Mocha.
@@ -0,0 +1,11 @@
1
+ h1. Known Issues
2
+
3
+ h2. Rails 2.3
4
+
5
+ * default_test failures - this is a "Rails 2.3 bug":http://is.gd/iZkY
6
+ * CGI::Cookie.new('token', 'value') returns nil "[#42]":http://is.gd/iZlO
7
+ * application.rb/application_controller.rb "[#44]":http://is.gd/iZl5
8
+
9
+ h2. i18n
10
+
11
+ * flash messages are in English-only "[#40]":http://is.gd/iZmq & "[#24]":http://is.gd/iZmz
@@ -15,7 +15,7 @@ In config/environment.rb:
15
15
  config.gem "thoughtbot-clearance",
16
16
  :lib => 'clearance',
17
17
  :source => 'http://gems.github.com',
18
- :version => '>= 0.4.3'
18
+ :version => '>= 0.4.5'
19
19
 
20
20
  In config/environments/test.rb:
21
21
 
data/Rakefile CHANGED
@@ -50,7 +50,7 @@ task :default => ['test:all', 'test:features']
50
50
 
51
51
  gem_spec = Gem::Specification.new do |gem_spec|
52
52
  gem_spec.name = "clearance"
53
- gem_spec.version = "0.4.5"
53
+ gem_spec.version = "0.4.6"
54
54
  gem_spec.summary = "Rails authentication for developers who write tests."
55
55
  gem_spec.email = "support@thoughtbot.com"
56
56
  gem_spec.homepage = "http://github.com/thoughtbot/clearance"
@@ -4,76 +4,77 @@ module Clearance
4
4
  module ApplicationController
5
5
 
6
6
  def self.included(controller)
7
+ controller.send(:include, InstanceMethods)
8
+
7
9
  controller.class_eval do
8
-
9
10
  helper_method :current_user
10
11
  helper_method :signed_in?
11
12
 
12
13
  hide_action :current_user, :signed_in?
14
+ end
15
+ end
13
16
 
14
- def current_user
15
- @_current_user ||= (user_from_session || user_from_cookie)
16
- end
17
+ module InstanceMethods
18
+ def current_user
19
+ @_current_user ||= (user_from_session || user_from_cookie)
20
+ end
17
21
 
18
- def signed_in?
19
- ! current_user.nil?
20
- end
21
-
22
- protected
23
-
24
- def authenticate
25
- deny_access unless signed_in?
26
- end
22
+ def signed_in?
23
+ ! current_user.nil?
24
+ end
25
+
26
+ protected
27
+
28
+ def authenticate
29
+ deny_access unless signed_in?
30
+ end
27
31
 
28
- def user_from_session
29
- if session[:user_id]
30
- user = User.find_by_id(session[:user_id])
31
- user && user.email_confirmed? ? user : nil
32
- end
32
+ def user_from_session
33
+ if session[:user_id]
34
+ user = User.find_by_id(session[:user_id])
35
+ user && user.email_confirmed? ? user : nil
33
36
  end
37
+ end
34
38
 
35
- def user_from_cookie
36
- if cookies[:remember_token]
37
- user = User.find_by_token(cookies[:remember_token])
38
- user && user.remember? ? user : nil
39
- end
39
+ def user_from_cookie
40
+ if cookies[:remember_token]
41
+ user = User.find_by_token(cookies[:remember_token])
42
+ user && user.remember? ? user : nil
40
43
  end
44
+ end
41
45
 
42
- # Hook
43
- def sign_user_in(user)
44
- sign_in(user)
45
- end
46
+ def sign_user_in(user)
47
+ sign_in(user)
48
+ end
46
49
 
47
- def sign_in(user)
48
- if user
49
- session[:user_id] = user.id
50
- end
50
+ def sign_in(user)
51
+ if user
52
+ session[:user_id] = user.id
51
53
  end
54
+ end
52
55
 
53
- def redirect_back_or(default)
54
- session[:return_to] ||= params[:return_to]
55
- if session[:return_to]
56
- redirect_to(session[:return_to])
57
- else
58
- redirect_to(default)
59
- end
60
- session[:return_to] = nil
56
+ def redirect_back_or(default)
57
+ session[:return_to] ||= params[:return_to]
58
+ if session[:return_to]
59
+ redirect_to(session[:return_to])
60
+ else
61
+ redirect_to(default)
61
62
  end
63
+ session[:return_to] = nil
64
+ end
62
65
 
63
- def redirect_to_root
64
- redirect_to root_url
65
- end
66
+ def redirect_to_root
67
+ redirect_to root_url
68
+ end
66
69
 
67
- def store_location
68
- session[:return_to] = request.request_uri if request.get?
69
- end
70
+ def store_location
71
+ session[:return_to] = request.request_uri if request.get?
72
+ end
70
73
 
71
- def deny_access(flash_message = nil, opts = {})
72
- store_location
73
- flash[:failure] = flash_message if flash_message
74
- render :template => "/sessions/new", :status => :unauthorized
75
- end
76
-
74
+ def deny_access(flash_message = nil, opts = {})
75
+ store_location
76
+ flash[:failure] = flash_message if flash_message
77
+ render :template => "/sessions/new", :status => :unauthorized
77
78
  end
78
79
  end
79
80
 
@@ -4,45 +4,50 @@ module Clearance
4
4
  module ConfirmationsController
5
5
 
6
6
  def self.included(controller)
7
+ controller.send(:include, Actions)
8
+ controller.send(:include, PrivateMethods)
9
+
7
10
  controller.class_eval do
8
-
9
11
  before_filter :email_confirmed_user?, :only => :new
10
12
  before_filter :existing_user?, :only => :new
11
- filter_parameter_logging :token
13
+ filter_parameter_logging :token
14
+ end
15
+ end
12
16
 
13
- def new
14
- create
15
- end
17
+ module Actions
18
+ def new
19
+ create
20
+ end
16
21
 
17
- def create
18
- @user.confirm_email!
19
- sign_user_in(@user)
20
- flash[:success] = "Confirmed email and signed in."
21
- redirect_to url_after_create
22
- end
22
+ def create
23
+ @user.confirm_email!
24
+ sign_user_in(@user)
25
+ flash[:success] = "Confirmed email and signed in."
26
+ redirect_to url_after_create
27
+ end
28
+ end
23
29
 
24
- private
25
-
26
- def email_confirmed_user?
27
- @user = User.find_by_id(params[:user_id])
28
- if @user.nil?
29
- render :nothing => true, :status => :not_found
30
- elsif @user.email_confirmed?
31
- redirect_to new_session_url
32
- end
30
+ module PrivateMethods
31
+ private
32
+
33
+ def email_confirmed_user?
34
+ @user = User.find_by_id(params[:user_id])
35
+ if @user.nil?
36
+ render :nothing => true, :status => :not_found
37
+ elsif @user.email_confirmed?
38
+ redirect_to new_session_url
33
39
  end
34
-
35
- def existing_user?
36
- @user = User.find_by_id_and_token(params[:user_id], params[:token])
37
- if @user.nil?
38
- render :nothing => true, :status => :not_found
39
- end
40
+ end
41
+
42
+ def existing_user?
43
+ @user = User.find_by_id_and_token(params[:user_id], params[:token])
44
+ if @user.nil?
45
+ render :nothing => true, :status => :not_found
40
46
  end
47
+ end
41
48
 
42
- def url_after_create
43
- root_url
44
- end
45
-
49
+ def url_after_create
50
+ root_url
46
51
  end
47
52
  end
48
53
 
@@ -4,57 +4,62 @@ module Clearance
4
4
  module PasswordsController
5
5
 
6
6
  def self.included(controller)
7
- controller.class_eval do
8
-
7
+ controller.send(:include, Actions)
8
+ controller.send(:include, PrivateMethods)
9
+
10
+ controller.class_eval do
9
11
  before_filter :existing_user?, :only => [:edit, :update]
10
12
  filter_parameter_logging :password, :password_confirmation
11
-
12
- def new
13
- end
13
+ end
14
+ end
15
+
16
+ module Actions
17
+ def new
18
+ end
14
19
 
15
- def create
16
- user = User.find_by_email(params[:password][:email])
17
- if user.nil?
18
- flash.now[:notice] = "Unknown email"
19
- render :action => :new
20
- else
21
- user.forgot_password!
22
- ClearanceMailer.deliver_change_password user
23
- flash[:notice] = "Details for changing your password " <<
24
- "have been sent to #{user.email}"
25
- redirect_to url_after_create
26
- end
20
+ def create
21
+ user = User.find_by_email(params[:password][:email])
22
+ if user.nil?
23
+ flash.now[:notice] = "Unknown email"
24
+ render :action => :new
25
+ else
26
+ user.forgot_password!
27
+ ClearanceMailer.deliver_change_password user
28
+ flash[:notice] = "Details for changing your password " <<
29
+ "have been sent to #{user.email}"
30
+ redirect_to url_after_create
27
31
  end
32
+ end
28
33
 
29
- def edit
30
- end
34
+ def edit
35
+ end
31
36
 
32
- def update
33
- if @user.update_password(params[:user])
34
- sign_user_in(@user)
35
- redirect_to url_after_update
36
- else
37
- render :action => :edit
38
- end
37
+ def update
38
+ if @user.update_password(params[:user])
39
+ sign_user_in(@user)
40
+ redirect_to url_after_update
41
+ else
42
+ render :action => :edit
39
43
  end
40
-
41
- private
42
-
43
- def existing_user?
44
- @user = User.find_by_id_and_token(params[:user_id], params[:token])
45
- if @user.nil?
46
- render :nothing => true, :status => :not_found
47
- end
44
+ end
45
+ end
46
+
47
+ module PrivateMethods
48
+ private
49
+
50
+ def existing_user?
51
+ @user = User.find_by_id_and_token(params[:user_id], params[:token])
52
+ if @user.nil?
53
+ render :nothing => true, :status => :not_found
48
54
  end
55
+ end
49
56
 
50
- def url_after_create
51
- new_session_url
52
- end
53
-
54
- def url_after_update
55
- root_url
56
- end
57
-
57
+ def url_after_create
58
+ new_session_url
59
+ end
60
+
61
+ def url_after_update
62
+ root_url
58
63
  end
59
64
  end
60
65
 
@@ -4,62 +4,67 @@ module Clearance
4
4
  module SessionsController
5
5
 
6
6
  def self.included(controller)
7
+ controller.send(:include, Actions)
8
+ controller.send(:include, PrivateMethods)
9
+
7
10
  controller.class_eval do
8
-
9
11
  protect_from_forgery :except => :create
10
- filter_parameter_logging :password
12
+ filter_parameter_logging :password
13
+ end
14
+ end
11
15
 
12
- def create
13
- @user = User.authenticate(params[:session][:email],
14
- params[:session][:password])
15
- if @user.nil?
16
- flash.now[:notice] = "Bad email or password."
17
- render :action => :new
16
+ module Actions
17
+ def create
18
+ @user = User.authenticate(params[:session][:email],
19
+ params[:session][:password])
20
+ if @user.nil?
21
+ flash.now[:notice] = "Bad email or password."
22
+ render :action => :new
23
+ else
24
+ if @user.email_confirmed?
25
+ remember(@user) if remember?
26
+ sign_user_in(@user)
27
+ flash[:notice] = "Signed in successfully"
28
+ redirect_back_or url_after_create
18
29
  else
19
- if @user.email_confirmed?
20
- remember(@user) if remember?
21
- sign_user_in(@user)
22
- flash[:notice] = "Signed in successfully"
23
- redirect_back_or url_after_create
24
- else
25
- ClearanceMailer.deliver_confirmation(@user)
26
- deny_access("User has not confirmed email. Confirmation email will be resent.")
27
- end
30
+ ClearanceMailer.deliver_confirmation(@user)
31
+ deny_access("User has not confirmed email. Confirmation email will be resent.")
28
32
  end
29
33
  end
34
+ end
30
35
 
31
- def destroy
32
- forget(current_user)
33
- reset_session
34
- flash[:notice] = "You have been signed out."
35
- redirect_to url_after_destroy
36
- end
36
+ def destroy
37
+ forget(current_user)
38
+ reset_session
39
+ flash[:notice] = "You have been signed out."
40
+ redirect_to url_after_destroy
41
+ end
42
+ end
37
43
 
38
- private
39
-
40
- def remember?
41
- params[:session] && params[:session][:remember_me] == "1"
42
- end
43
-
44
- def remember(user)
45
- user.remember_me!
46
- cookies[:remember_token] = { :value => user.token,
47
- :expires => user.token_expires_at }
48
- end
44
+ module PrivateMethods
45
+ private
46
+
47
+ def remember?
48
+ params[:session] && params[:session][:remember_me] == "1"
49
+ end
50
+
51
+ def remember(user)
52
+ user.remember_me!
53
+ cookies[:remember_token] = { :value => user.token,
54
+ :expires => user.token_expires_at }
55
+ end
49
56
 
50
- def forget(user)
51
- user.forget_me! if user
52
- cookies.delete :remember_token
53
- end
57
+ def forget(user)
58
+ user.forget_me! if user
59
+ cookies.delete :remember_token
60
+ end
54
61
 
55
- def url_after_create
56
- root_url
57
- end
62
+ def url_after_create
63
+ root_url
64
+ end
58
65
 
59
- def url_after_destroy
60
- new_session_url
61
- end
62
-
66
+ def url_after_destroy
67
+ new_session_url
63
68
  end
64
69
  end
65
70
 
@@ -4,33 +4,38 @@ module Clearance
4
4
  module UsersController
5
5
 
6
6
  def self.included(controller)
7
+ controller.send(:include, Actions)
8
+ controller.send(:include, PrivateMethods)
9
+
7
10
  controller.class_eval do
8
-
9
11
  before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in?
10
- filter_parameter_logging :password
12
+ filter_parameter_logging :password
13
+ end
14
+ end
11
15
 
12
- def new
13
- @user = User.new(params[:user])
14
- end
16
+ module Actions
17
+ def new
18
+ @user = User.new(params[:user])
19
+ end
15
20
 
16
- def create
17
- @user = User.new params[:user]
18
- if @user.save
19
- ClearanceMailer.deliver_confirmation @user
20
- flash[:notice] = "You will receive an email within the next few minutes. " <<
21
- "It contains instructions for you to confirm your account."
22
- redirect_to url_after_create
23
- else
24
- render :action => "new"
25
- end
21
+ def create
22
+ @user = User.new params[:user]
23
+ if @user.save
24
+ ClearanceMailer.deliver_confirmation @user
25
+ flash[:notice] = "You will receive an email within the next few minutes. " <<
26
+ "It contains instructions for you to confirm your account."
27
+ redirect_to url_after_create
28
+ else
29
+ render :action => "new"
26
30
  end
31
+ end
32
+ end
27
33
 
28
- private
29
-
30
- def url_after_create
31
- new_session_url
32
- end
33
-
34
+ module PrivateMethods
35
+ private
36
+
37
+ def url_after_create
38
+ new_session_url
34
39
  end
35
40
  end
36
41
 
@@ -2,25 +2,19 @@ module Clearance
2
2
  module App
3
3
  module Models
4
4
  module ClearanceMailer
5
-
6
- def self.included(mailer)
7
- mailer.class_eval do
8
5
 
9
- def change_password(user)
10
- from DO_NOT_REPLY
11
- recipients user.email
12
- subject "Change your password"
13
- body :user => user
14
- end
6
+ def change_password(user)
7
+ from DO_NOT_REPLY
8
+ recipients user.email
9
+ subject "Change your password"
10
+ body :user => user
11
+ end
15
12
 
16
- def confirmation(user)
17
- from DO_NOT_REPLY
18
- recipients user.email
19
- subject "Account confirmation"
20
- body :user => user
21
- end
22
-
23
- end
13
+ def confirmation(user)
14
+ from DO_NOT_REPLY
15
+ recipients user.email
16
+ subject "Account confirmation"
17
+ body :user => user
24
18
  end
25
19
 
26
20
  end
@@ -6,8 +6,10 @@ module Clearance
6
6
  module User
7
7
 
8
8
  def self.included(model)
9
+ model.extend ClassMethods
10
+ model.send(:include, InstanceMethods)
11
+
9
12
  model.class_eval do
10
-
11
13
  attr_accessible :email, :password, :password_confirmation
12
14
  attr_accessor :password, :password_confirmation
13
15
 
@@ -18,95 +20,98 @@ module Clearance
18
20
  validates_format_of :email, :with => %r{.+@.+\..+}
19
21
 
20
22
  before_save :initialize_salt, :encrypt_password, :initialize_token
23
+ end
24
+ end
21
25
 
22
- def self.authenticate(email, password)
23
- user = find(:first, :conditions => ['email = ?', email.to_s])
24
- user && user.authenticated?(password) ? user : nil
25
- end
26
+ module InstanceMethods
27
+ def authenticated?(password)
28
+ encrypted_password == encrypt(password)
29
+ end
26
30
 
27
- def authenticated?(password)
28
- encrypted_password == encrypt(password)
29
- end
31
+ def encrypt(string)
32
+ generate_hash("--#{salt}--#{string}--")
33
+ end
30
34
 
31
- def encrypt(string)
32
- generate_hash("--#{salt}--#{string}--")
33
- end
35
+ def remember?
36
+ token_expires_at && Time.now.utc < token_expires_at
37
+ end
34
38
 
35
- def remember?
36
- token_expires_at && Time.now.utc < token_expires_at
37
- end
39
+ def remember_me!
40
+ remember_me_until 2.weeks.from_now.utc
41
+ end
38
42
 
39
- def remember_me!
40
- remember_me_until 2.weeks.from_now.utc
41
- end
43
+ def remember_me_until(time)
44
+ self.token_expires_at = time
45
+ self.token = encrypt("--#{token_expires_at}--#{password}--")
46
+ save(false)
47
+ end
42
48
 
43
- def remember_me_until(time)
44
- self.token_expires_at = time
45
- self.token = encrypt("--#{token_expires_at}--#{password}--")
46
- save(false)
47
- end
49
+ def forget_me!
50
+ clear_token
51
+ save(false)
52
+ end
48
53
 
49
- def forget_me!
50
- clear_token
51
- save(false)
52
- end
54
+ def confirm_email!
55
+ self.email_confirmed = true
56
+ self.token = nil
57
+ save(false)
58
+ end
53
59
 
54
- def confirm_email!
55
- self.email_confirmed = true
56
- self.token = nil
57
- save(false)
58
- end
59
-
60
- def forgot_password!
61
- generate_token
62
- save(false)
63
- end
64
-
65
- def update_password(attrs)
66
- clear_token
67
- returning update_attributes(attrs) do |r|
68
- reload unless r
69
- end
70
- end
71
-
72
- protected
73
-
74
- def generate_hash(string)
75
- Digest::SHA1.hexdigest(string)
76
- end
60
+ def forgot_password!
61
+ generate_token
62
+ save(false)
63
+ end
77
64
 
78
- def initialize_salt
79
- if new_record?
80
- self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
81
- end
82
- end
65
+ def update_password(attrs)
66
+ clear_token
67
+ returning update_attributes(attrs) do |r|
68
+ reload unless r
69
+ end
70
+ end
71
+
72
+ protected
73
+
74
+ def generate_hash(string)
75
+ Digest::SHA1.hexdigest(string)
76
+ end
83
77
 
84
- def encrypt_password
85
- return if password.blank?
86
- self.encrypted_password = encrypt(password)
87
- end
88
-
89
- def generate_token
90
- self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
91
- self.token_expires_at = nil
92
- end
93
-
94
- def clear_token
95
- self.token = nil
96
- self.token_expires_at = nil
97
- end
98
-
99
- def initialize_token
100
- generate_token if new_record?
78
+ def initialize_salt
79
+ if new_record?
80
+ self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
101
81
  end
82
+ end
102
83
 
103
- def password_required?
104
- encrypted_password.blank? || !password.blank?
105
- end
106
-
84
+ def encrypt_password
85
+ return if password.blank?
86
+ self.encrypted_password = encrypt(password)
87
+ end
88
+
89
+ def generate_token
90
+ self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
91
+ self.token_expires_at = nil
92
+ end
93
+
94
+ def clear_token
95
+ self.token = nil
96
+ self.token_expires_at = nil
97
+ end
98
+
99
+ def initialize_token
100
+ generate_token if new_record?
101
+ end
102
+
103
+ def password_required?
104
+ encrypted_password.blank? || !password.blank?
107
105
  end
108
106
  end
109
-
107
+
108
+ module ClassMethods
109
+ def authenticate(email, password)
110
+ user = find(:first, :conditions => ['email = ?', email.to_s])
111
+ user && user.authenticated?(password) ? user : nil
112
+ end
113
+ end
114
+
110
115
  end
111
116
  end
112
117
  end
@@ -2,23 +2,17 @@ module Clearance
2
2
  module Test
3
3
  module TestHelper
4
4
 
5
- def self.included(test_helper)
6
- test_helper.class_eval do
7
-
8
- def sign_in_as(user = nil)
9
- unless user
10
- user = Factory(:user)
11
- user.confirm_email!
12
- end
13
- @request.session[:user_id] = user.id
14
- return user
15
- end
16
-
17
- def sign_out
18
- @request.session[:user_id] = nil
19
- end
20
-
5
+ def sign_in_as(user = nil)
6
+ unless user
7
+ user = Factory(:user)
8
+ user.confirm_email!
21
9
  end
10
+ @request.session[:user_id] = user.id
11
+ return user
12
+ end
13
+
14
+ def sign_out
15
+ @request.session[:user_id] = nil
22
16
  end
23
17
 
24
18
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: thoughtbot-clearance
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.5
4
+ version: 0.4.6
5
5
  platform: ruby
6
6
  authors:
7
7
  - thoughtbot, inc.
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2009-02-08 21:00:00 -08:00
18
+ date: 2009-02-10 21:00:00 -08:00
19
19
  default_executable:
20
20
  dependencies: []
21
21
 
@@ -29,6 +29,7 @@ extra_rdoc_files: []
29
29
 
30
30
  files:
31
31
  - CHANGELOG.textile
32
+ - KNOWN_ISSUES.textile
32
33
  - LICENSE
33
34
  - Rakefile
34
35
  - README.textile