thoughtbot-clearance 0.5.6 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.textile +25 -1
- data/README.textile +18 -5
- data/Rakefile +9 -10
- data/TODO.textile +6 -0
- data/app/controllers/clearance/confirmations_controller.rb +47 -0
- data/app/controllers/clearance/passwords_controller.rb +65 -0
- data/app/controllers/clearance/sessions_controller.rb +62 -0
- data/app/controllers/clearance/users_controller.rb +30 -0
- data/app/models/clearance_mailer.rb +19 -0
- data/{generators/clearance/templates/app → app}/views/clearance_mailer/change_password.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/clearance_mailer/confirmation.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/passwords/edit.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/passwords/new.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/sessions/new.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/users/_form.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/users/new.html.erb +0 -0
- data/config/clearance_routes.rb +19 -0
- data/generators/clearance/clearance_generator.rb +16 -76
- data/generators/clearance/templates/README +6 -23
- data/generators/clearance/templates/{test/factories/clearance.rb → factories.rb} +2 -5
- data/generators/clearance/templates/{db/migrate/create_users_with_clearance_columns.rb → migrations/create_users.rb} +1 -1
- data/generators/clearance/templates/{db/migrate/update_users_with_clearance_columns.rb → migrations/update_users.rb} +7 -7
- data/generators/clearance/templates/user.rb +3 -0
- data/generators/clearance_features/templates/features/step_definitions/clearance_steps.rb +1 -1
- data/lib/clearance.rb +15 -15
- data/lib/clearance/authentication.rb +80 -0
- data/lib/clearance/{lib/extensions → extensions}/errors.rb +0 -0
- data/lib/clearance/{lib/extensions → extensions}/rescue.rb +0 -0
- data/lib/clearance/user.rb +114 -0
- data/shoulda_macros/clearance.rb +11 -4
- metadata +34 -63
- data/generators/clearance/templates/app/controllers/application.rb +0 -5
- data/generators/clearance/templates/app/controllers/confirmations_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/passwords_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/sessions_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/users_controller.rb +0 -3
- data/generators/clearance/templates/app/models/clearance_mailer.rb +0 -5
- data/generators/clearance/templates/app/models/user.rb +0 -3
- data/generators/clearance/templates/app/views/users/edit.html.erb +0 -6
- data/generators/clearance/templates/test/functional/confirmations_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/passwords_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/sessions_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/users_controller_test.rb +0 -5
- data/generators/clearance/templates/test/unit/clearance_mailer_test.rb +0 -6
- data/generators/clearance/templates/test/unit/user_test.rb +0 -5
- data/lib/clearance/app/controllers/application_controller.rb +0 -84
- data/lib/clearance/app/controllers/confirmations_controller.rb +0 -63
- data/lib/clearance/app/controllers/passwords_controller.rb +0 -79
- data/lib/clearance/app/controllers/sessions_controller.rb +0 -74
- data/lib/clearance/app/controllers/users_controller.rb +0 -45
- data/lib/clearance/app/models/clearance_mailer.rb +0 -23
- data/lib/clearance/app/models/user.rb +0 -118
- data/lib/clearance/test/functional/confirmations_controller_test.rb +0 -72
- data/lib/clearance/test/functional/passwords_controller_test.rb +0 -180
- data/lib/clearance/test/functional/sessions_controller_test.rb +0 -187
- data/lib/clearance/test/functional/users_controller_test.rb +0 -60
- data/lib/clearance/test/unit/clearance_mailer_test.rb +0 -65
- data/lib/clearance/test/unit/user_test.rb +0 -236
|
@@ -1,84 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Controllers
|
|
4
|
-
module ApplicationController
|
|
5
|
-
|
|
6
|
-
def self.included(controller)
|
|
7
|
-
controller.send(:include, InstanceMethods)
|
|
8
|
-
|
|
9
|
-
controller.class_eval do
|
|
10
|
-
helper_method :current_user
|
|
11
|
-
helper_method :signed_in?
|
|
12
|
-
|
|
13
|
-
hide_action :current_user, :signed_in?
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
module InstanceMethods
|
|
18
|
-
def current_user
|
|
19
|
-
@_current_user ||= (user_from_cookie || user_from_session)
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def signed_in?
|
|
23
|
-
! current_user.nil?
|
|
24
|
-
end
|
|
25
|
-
|
|
26
|
-
protected
|
|
27
|
-
|
|
28
|
-
def authenticate
|
|
29
|
-
deny_access unless signed_in?
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def user_from_session
|
|
33
|
-
if session[:user_id]
|
|
34
|
-
return nil unless user = User.find_by_id(session[:user_id])
|
|
35
|
-
return user if user.email_confirmed?
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
def user_from_cookie
|
|
40
|
-
if token = cookies[:remember_token]
|
|
41
|
-
return nil unless user = User.find_by_token(token)
|
|
42
|
-
return user if user.remember?
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
def sign_user_in(user)
|
|
47
|
-
sign_in(user)
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
def sign_in(user)
|
|
51
|
-
if user
|
|
52
|
-
session[:user_id] = user.id
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
def redirect_back_or(default)
|
|
57
|
-
session[:return_to] ||= params[:return_to]
|
|
58
|
-
if session[:return_to]
|
|
59
|
-
redirect_to(session[:return_to])
|
|
60
|
-
else
|
|
61
|
-
redirect_to(default)
|
|
62
|
-
end
|
|
63
|
-
session[:return_to] = nil
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def redirect_to_root
|
|
67
|
-
redirect_to root_url
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
def store_location
|
|
71
|
-
session[:return_to] = request.request_uri if request.get?
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
def deny_access(flash_message = nil, opts = {})
|
|
75
|
-
store_location
|
|
76
|
-
flash[:failure] = flash_message if flash_message
|
|
77
|
-
redirect_to new_session_url
|
|
78
|
-
end
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
end
|
|
82
|
-
end
|
|
83
|
-
end
|
|
84
|
-
end
|
|
@@ -1,63 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Controllers
|
|
4
|
-
module ConfirmationsController
|
|
5
|
-
|
|
6
|
-
def self.included(controller)
|
|
7
|
-
controller.send(:include, Actions)
|
|
8
|
-
controller.send(:include, PrivateMethods)
|
|
9
|
-
|
|
10
|
-
controller.class_eval do
|
|
11
|
-
before_filter :forbid_confirmed_user, :only => :new
|
|
12
|
-
before_filter :forbid_missing_token, :only => :new
|
|
13
|
-
before_filter :forbid_non_existant_user, :only => :new
|
|
14
|
-
filter_parameter_logging :token
|
|
15
|
-
end
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
module Actions
|
|
19
|
-
def new
|
|
20
|
-
create
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def create
|
|
24
|
-
@user = User.find_by_id_and_token(params[:user_id], params[:token])
|
|
25
|
-
@user.confirm_email!
|
|
26
|
-
|
|
27
|
-
sign_user_in(@user)
|
|
28
|
-
flash[:success] = "Confirmed email and signed in."
|
|
29
|
-
redirect_to url_after_create
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
module PrivateMethods
|
|
34
|
-
private
|
|
35
|
-
|
|
36
|
-
def forbid_confirmed_user
|
|
37
|
-
user = User.find_by_id(params[:user_id])
|
|
38
|
-
if user && user.email_confirmed?
|
|
39
|
-
raise ActionController::Forbidden, "confirmed user"
|
|
40
|
-
end
|
|
41
|
-
end
|
|
42
|
-
|
|
43
|
-
def forbid_missing_token
|
|
44
|
-
if params[:token].blank?
|
|
45
|
-
raise ActionController::Forbidden, "missing token"
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
|
|
49
|
-
def forbid_non_existant_user
|
|
50
|
-
unless User.find_by_id_and_token(params[:user_id], params[:token])
|
|
51
|
-
raise ActionController::Forbidden, "non-existant user"
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
|
|
55
|
-
def url_after_create
|
|
56
|
-
root_url
|
|
57
|
-
end
|
|
58
|
-
end
|
|
59
|
-
|
|
60
|
-
end
|
|
61
|
-
end
|
|
62
|
-
end
|
|
63
|
-
end
|
|
@@ -1,79 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Controllers
|
|
4
|
-
module PasswordsController
|
|
5
|
-
|
|
6
|
-
def self.included(controller)
|
|
7
|
-
controller.send(:include, Actions)
|
|
8
|
-
controller.send(:include, PrivateMethods)
|
|
9
|
-
|
|
10
|
-
controller.class_eval do
|
|
11
|
-
before_filter :forbid_missing_token, :only => [:edit, :update]
|
|
12
|
-
before_filter :forbid_non_existant_user, :only => [:edit, :update]
|
|
13
|
-
filter_parameter_logging :password, :password_confirmation
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
module Actions
|
|
18
|
-
def new
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def create
|
|
22
|
-
if user = User.find_by_email(params[:password][:email])
|
|
23
|
-
user.forgot_password!
|
|
24
|
-
ClearanceMailer.deliver_change_password user
|
|
25
|
-
flash[:notice] = "You will receive an email within the next few minutes. " <<
|
|
26
|
-
"It contains instructions for changing your password."
|
|
27
|
-
redirect_to url_after_create
|
|
28
|
-
else
|
|
29
|
-
flash.now[:notice] = "Unknown email"
|
|
30
|
-
render :action => :new
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
def edit
|
|
35
|
-
@user = User.find_by_id_and_token(params[:user_id], params[:token])
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
def update
|
|
39
|
-
@user = User.find_by_id_and_token(params[:user_id], params[:token])
|
|
40
|
-
|
|
41
|
-
if @user.update_password(params[:user][:password],
|
|
42
|
-
params[:user][:password_confirmation])
|
|
43
|
-
@user.confirm_email! unless @user.email_confirmed?
|
|
44
|
-
sign_user_in(@user)
|
|
45
|
-
redirect_to url_after_update
|
|
46
|
-
else
|
|
47
|
-
render :action => :edit
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
module PrivateMethods
|
|
53
|
-
private
|
|
54
|
-
|
|
55
|
-
def forbid_missing_token
|
|
56
|
-
if params[:token].blank?
|
|
57
|
-
raise ActionController::Forbidden, "missing token"
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
def forbid_non_existant_user
|
|
62
|
-
unless User.find_by_id_and_token(params[:user_id], params[:token])
|
|
63
|
-
raise ActionController::Forbidden, "non-existant user"
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
def url_after_create
|
|
68
|
-
new_session_url
|
|
69
|
-
end
|
|
70
|
-
|
|
71
|
-
def url_after_update
|
|
72
|
-
root_url
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
end
|
|
77
|
-
end
|
|
78
|
-
end
|
|
79
|
-
end
|
|
@@ -1,74 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Controllers
|
|
4
|
-
module SessionsController
|
|
5
|
-
|
|
6
|
-
def self.included(controller)
|
|
7
|
-
controller.send(:include, Actions)
|
|
8
|
-
controller.send(:include, PrivateMethods)
|
|
9
|
-
|
|
10
|
-
controller.class_eval do
|
|
11
|
-
protect_from_forgery :except => :create
|
|
12
|
-
filter_parameter_logging :password
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
module Actions
|
|
17
|
-
def create
|
|
18
|
-
@user = User.authenticate(params[:session][:email],
|
|
19
|
-
params[:session][:password])
|
|
20
|
-
if @user.nil?
|
|
21
|
-
flash.now[:notice] = "Bad email or password."
|
|
22
|
-
render :action => :new, :status => :unauthorized
|
|
23
|
-
else
|
|
24
|
-
if @user.email_confirmed?
|
|
25
|
-
remember(@user) if remember?
|
|
26
|
-
sign_user_in(@user)
|
|
27
|
-
flash[:notice] = "Signed in successfully."
|
|
28
|
-
redirect_back_or url_after_create
|
|
29
|
-
else
|
|
30
|
-
ClearanceMailer.deliver_confirmation(@user)
|
|
31
|
-
deny_access("User has not confirmed email. Confirmation email will be resent.")
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def destroy
|
|
37
|
-
forget(current_user)
|
|
38
|
-
reset_session
|
|
39
|
-
flash[:notice] = "You have been signed out."
|
|
40
|
-
redirect_to url_after_destroy
|
|
41
|
-
end
|
|
42
|
-
end
|
|
43
|
-
|
|
44
|
-
module PrivateMethods
|
|
45
|
-
private
|
|
46
|
-
|
|
47
|
-
def remember?
|
|
48
|
-
params[:session] && params[:session][:remember_me] == "1"
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def remember(user)
|
|
52
|
-
user.remember_me!
|
|
53
|
-
cookies[:remember_token] = { :value => user.token,
|
|
54
|
-
:expires => user.token_expires_at }
|
|
55
|
-
end
|
|
56
|
-
|
|
57
|
-
def forget(user)
|
|
58
|
-
user.forget_me! if user
|
|
59
|
-
cookies.delete :remember_token
|
|
60
|
-
end
|
|
61
|
-
|
|
62
|
-
def url_after_create
|
|
63
|
-
root_url
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def url_after_destroy
|
|
67
|
-
new_session_url
|
|
68
|
-
end
|
|
69
|
-
end
|
|
70
|
-
|
|
71
|
-
end
|
|
72
|
-
end
|
|
73
|
-
end
|
|
74
|
-
end
|
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Controllers
|
|
4
|
-
module UsersController
|
|
5
|
-
|
|
6
|
-
def self.included(controller)
|
|
7
|
-
controller.send(:include, Actions)
|
|
8
|
-
controller.send(:include, PrivateMethods)
|
|
9
|
-
|
|
10
|
-
controller.class_eval do
|
|
11
|
-
before_filter :redirect_to_root, :only => [:new, :create], :if => :signed_in?
|
|
12
|
-
filter_parameter_logging :password
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
module Actions
|
|
17
|
-
def new
|
|
18
|
-
@user = User.new(params[:user])
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def create
|
|
22
|
-
@user = User.new params[:user]
|
|
23
|
-
if @user.save
|
|
24
|
-
ClearanceMailer.deliver_confirmation @user
|
|
25
|
-
flash[:notice] = "You will receive an email within the next few minutes. " <<
|
|
26
|
-
"It contains instructions for confirming your account."
|
|
27
|
-
redirect_to url_after_create
|
|
28
|
-
else
|
|
29
|
-
render :action => "new"
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
module PrivateMethods
|
|
35
|
-
private
|
|
36
|
-
|
|
37
|
-
def url_after_create
|
|
38
|
-
new_session_url
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
end
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
module Clearance
|
|
2
|
-
module App
|
|
3
|
-
module Models
|
|
4
|
-
module ClearanceMailer
|
|
5
|
-
|
|
6
|
-
def change_password(user)
|
|
7
|
-
from DO_NOT_REPLY
|
|
8
|
-
recipients user.email
|
|
9
|
-
subject "Change your password"
|
|
10
|
-
body :user => user
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def confirmation(user)
|
|
14
|
-
from DO_NOT_REPLY
|
|
15
|
-
recipients user.email
|
|
16
|
-
subject "Account confirmation"
|
|
17
|
-
body :user => user
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
end
|
|
21
|
-
end
|
|
22
|
-
end
|
|
23
|
-
end
|