thoughtbot-clearance 0.5.6 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. data/CHANGELOG.textile +25 -1
  2. data/README.textile +18 -5
  3. data/Rakefile +9 -10
  4. data/TODO.textile +6 -0
  5. data/app/controllers/clearance/confirmations_controller.rb +47 -0
  6. data/app/controllers/clearance/passwords_controller.rb +65 -0
  7. data/app/controllers/clearance/sessions_controller.rb +62 -0
  8. data/app/controllers/clearance/users_controller.rb +30 -0
  9. data/app/models/clearance_mailer.rb +19 -0
  10. data/{generators/clearance/templates/app → app}/views/clearance_mailer/change_password.html.erb +0 -0
  11. data/{generators/clearance/templates/app → app}/views/clearance_mailer/confirmation.html.erb +0 -0
  12. data/{generators/clearance/templates/app → app}/views/passwords/edit.html.erb +0 -0
  13. data/{generators/clearance/templates/app → app}/views/passwords/new.html.erb +0 -0
  14. data/{generators/clearance/templates/app → app}/views/sessions/new.html.erb +0 -0
  15. data/{generators/clearance/templates/app → app}/views/users/_form.html.erb +0 -0
  16. data/{generators/clearance/templates/app → app}/views/users/new.html.erb +0 -0
  17. data/config/clearance_routes.rb +19 -0
  18. data/generators/clearance/clearance_generator.rb +16 -76
  19. data/generators/clearance/templates/README +6 -23
  20. data/generators/clearance/templates/{test/factories/clearance.rb → factories.rb} +2 -5
  21. data/generators/clearance/templates/{db/migrate/create_users_with_clearance_columns.rb → migrations/create_users.rb} +1 -1
  22. data/generators/clearance/templates/{db/migrate/update_users_with_clearance_columns.rb → migrations/update_users.rb} +7 -7
  23. data/generators/clearance/templates/user.rb +3 -0
  24. data/generators/clearance_features/templates/features/step_definitions/clearance_steps.rb +1 -1
  25. data/lib/clearance.rb +15 -15
  26. data/lib/clearance/authentication.rb +80 -0
  27. data/lib/clearance/{lib/extensions → extensions}/errors.rb +0 -0
  28. data/lib/clearance/{lib/extensions → extensions}/rescue.rb +0 -0
  29. data/lib/clearance/user.rb +114 -0
  30. data/shoulda_macros/clearance.rb +11 -4
  31. metadata +34 -63
  32. data/generators/clearance/templates/app/controllers/application.rb +0 -5
  33. data/generators/clearance/templates/app/controllers/confirmations_controller.rb +0 -3
  34. data/generators/clearance/templates/app/controllers/passwords_controller.rb +0 -3
  35. data/generators/clearance/templates/app/controllers/sessions_controller.rb +0 -3
  36. data/generators/clearance/templates/app/controllers/users_controller.rb +0 -3
  37. data/generators/clearance/templates/app/models/clearance_mailer.rb +0 -5
  38. data/generators/clearance/templates/app/models/user.rb +0 -3
  39. data/generators/clearance/templates/app/views/users/edit.html.erb +0 -6
  40. data/generators/clearance/templates/test/functional/confirmations_controller_test.rb +0 -5
  41. data/generators/clearance/templates/test/functional/passwords_controller_test.rb +0 -5
  42. data/generators/clearance/templates/test/functional/sessions_controller_test.rb +0 -5
  43. data/generators/clearance/templates/test/functional/users_controller_test.rb +0 -5
  44. data/generators/clearance/templates/test/unit/clearance_mailer_test.rb +0 -6
  45. data/generators/clearance/templates/test/unit/user_test.rb +0 -5
  46. data/lib/clearance/app/controllers/application_controller.rb +0 -84
  47. data/lib/clearance/app/controllers/confirmations_controller.rb +0 -63
  48. data/lib/clearance/app/controllers/passwords_controller.rb +0 -79
  49. data/lib/clearance/app/controllers/sessions_controller.rb +0 -74
  50. data/lib/clearance/app/controllers/users_controller.rb +0 -45
  51. data/lib/clearance/app/models/clearance_mailer.rb +0 -23
  52. data/lib/clearance/app/models/user.rb +0 -118
  53. data/lib/clearance/test/functional/confirmations_controller_test.rb +0 -72
  54. data/lib/clearance/test/functional/passwords_controller_test.rb +0 -180
  55. data/lib/clearance/test/functional/sessions_controller_test.rb +0 -187
  56. data/lib/clearance/test/functional/users_controller_test.rb +0 -60
  57. data/lib/clearance/test/unit/clearance_mailer_test.rb +0 -65
  58. data/lib/clearance/test/unit/user_test.rb +0 -236
@@ -1,118 +0,0 @@
1
- require 'digest/sha1'
2
-
3
- module Clearance
4
- module App
5
- module Models
6
- module User
7
-
8
- def self.included(model)
9
- model.extend ClassMethods
10
- model.send(:include, InstanceMethods)
11
-
12
- model.class_eval do
13
- attr_accessible :email, :password, :password_confirmation
14
- attr_accessor :password, :password_confirmation
15
-
16
- validates_presence_of :email
17
- validates_presence_of :password, :if => :password_required?
18
- validates_confirmation_of :password, :if => :password_required?
19
- validates_uniqueness_of :email, :case_sensitive => false
20
- validates_format_of :email, :with => %r{.+@.+\..+}
21
-
22
- before_save :initialize_salt, :encrypt_password, :initialize_token
23
- end
24
- end
25
-
26
- module InstanceMethods
27
- def authenticated?(password)
28
- encrypted_password == encrypt(password)
29
- end
30
-
31
- def encrypt(string)
32
- generate_hash("--#{salt}--#{string}--")
33
- end
34
-
35
- def remember?
36
- token_expires_at && Time.now.utc < token_expires_at
37
- end
38
-
39
- def remember_me!
40
- remember_me_until! 2.weeks.from_now.utc
41
- end
42
-
43
- def forget_me!
44
- clear_token
45
- save(false)
46
- end
47
-
48
- def confirm_email!
49
- self.email_confirmed = true
50
- self.token = nil
51
- save(false)
52
- end
53
-
54
- def forgot_password!
55
- generate_token
56
- save(false)
57
- end
58
-
59
- def update_password(new_password, new_password_confirmation)
60
- self.password = new_password
61
- self.password_confirmation = new_password_confirmation
62
- clear_token if valid?
63
- save
64
- end
65
-
66
- protected
67
-
68
- def generate_hash(string)
69
- Digest::SHA1.hexdigest(string)
70
- end
71
-
72
- def initialize_salt
73
- if new_record?
74
- self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
75
- end
76
- end
77
-
78
- def encrypt_password
79
- return if password.blank?
80
- self.encrypted_password = encrypt(password)
81
- end
82
-
83
- def generate_token
84
- self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
85
- self.token_expires_at = nil
86
- end
87
-
88
- def clear_token
89
- self.token = nil
90
- self.token_expires_at = nil
91
- end
92
-
93
- def initialize_token
94
- generate_token if new_record?
95
- end
96
-
97
- def password_required?
98
- encrypted_password.blank? || !password.blank?
99
- end
100
-
101
- def remember_me_until!(time)
102
- self.token_expires_at = time
103
- self.token = encrypt("--#{token_expires_at}--#{password}--")
104
- save(false)
105
- end
106
- end
107
-
108
- module ClassMethods
109
- def authenticate(email, password)
110
- return nil unless user = find_by_email(email)
111
- return user if user.authenticated?(password)
112
- end
113
- end
114
-
115
- end
116
- end
117
- end
118
- end
@@ -1,72 +0,0 @@
1
- module Clearance
2
- module Test
3
- module Functional
4
- module ConfirmationsControllerTest
5
-
6
- def self.included(controller_test)
7
- controller_test.class_eval do
8
-
9
- should_filter_params :token
10
-
11
- context "a user whose email has not been confirmed" do
12
- setup { @user = Factory(:user) }
13
-
14
- should "have a token" do
15
- assert_not_nil @user.token
16
- assert_not_equal "", @user.token
17
- end
18
-
19
- context "on GET to #new with correct id and token" do
20
- setup do
21
- get :new, :user_id => @user.to_param, :token => @user.token
22
- end
23
-
24
- should_set_the_flash_to /confirmed email/i
25
- should_set_the_flash_to /signed in/i
26
- should_be_signed_in_and_email_confirmed_as { @user }
27
- should_redirect_to_url_after_create
28
- end
29
-
30
- context "with an incorrect token" do
31
- setup do
32
- @bad_token = "bad token"
33
- assert_not_equal @bad_token, @user.token
34
- end
35
-
36
- should_forbid "on GET to #new with incorrect token" do
37
- get :new, :user_id => @user.to_param, :token => @bad_token
38
- end
39
- end
40
-
41
- should_forbid "on GET to #new with blank token" do
42
- get :new, :user_id => @user.to_param, :token => ""
43
- end
44
-
45
- should_forbid "on GET to #new with no token" do
46
- get :new, :user_id => @user.to_param
47
- end
48
- end
49
-
50
- context "a user with email confirmed" do
51
- setup { @user = Factory(:email_confirmed_user) }
52
-
53
- should_forbid "on GET to #new with correct id" do
54
- get :new, :user_id => @user.to_param
55
- end
56
- end
57
-
58
- context "no users" do
59
- setup { assert_equal 0, User.count }
60
-
61
- should_forbid "on GET to #new with nonexistent id and token" do
62
- get :new, :user_id => '123', :token => '123'
63
- end
64
- end
65
-
66
- end
67
- end
68
-
69
- end
70
- end
71
- end
72
- end
@@ -1,180 +0,0 @@
1
- module Clearance
2
- module Test
3
- module Functional
4
- module PasswordsControllerTest
5
-
6
- def self.included(controller_test)
7
- controller_test.class_eval do
8
-
9
- should_route :get, '/users/1/password/edit',
10
- :action => 'edit', :user_id => '1'
11
-
12
- context "a signed up user" do
13
- setup do
14
- @user = Factory(:user)
15
- end
16
-
17
- context "on GET to #new" do
18
- setup { get :new, :user_id => @user.to_param }
19
-
20
- should_respond_with :success
21
- should_render_template "new"
22
- end
23
-
24
- context "on POST to #create" do
25
- context "with correct email address" do
26
- setup do
27
- ActionMailer::Base.deliveries.clear
28
- post :create, :password => { :email => @user.email }
29
- end
30
-
31
- should "generate a token for the change your password email" do
32
- assert_not_nil @user.reload.token
33
- end
34
-
35
- should "send the change your password email" do
36
- assert_sent_email do |email|
37
- email.subject =~ /change your password/i
38
- end
39
- end
40
-
41
- should_set_the_flash_to /password/i
42
- should_redirect_to_url_after_create
43
- end
44
-
45
- context "with incorrect email address" do
46
- setup do
47
- email = "user1@example.com"
48
- assert ! User.exists?(['email = ?', email])
49
- ActionMailer::Base.deliveries.clear
50
- assert_equal @user.token, @user.reload.token
51
-
52
- post :create, :password => { :email => email }
53
- end
54
-
55
- should "not generate a token for the change your password email" do
56
- assert_equal @user.token, @user.reload.token
57
- end
58
-
59
- should "not send a password reminder email" do
60
- assert ActionMailer::Base.deliveries.empty?
61
- end
62
-
63
- should "set a :notice flash" do
64
- assert_not_nil flash.now[:notice]
65
- end
66
-
67
- should_render_template :new
68
- end
69
- end
70
- end
71
-
72
- context "a signed up user and forgotten password" do
73
- setup do
74
- @user = Factory(:user)
75
- @user.forgot_password!
76
- end
77
-
78
- context "on GET to #edit with correct id and token" do
79
- setup do
80
- get :edit, :user_id => @user.to_param, :token => @user.token
81
- end
82
-
83
- should "find the user" do
84
- assert_equal @user, assigns(:user)
85
- end
86
-
87
- should_respond_with :success
88
- should_render_template "edit"
89
- should_display_a_password_update_form
90
- end
91
-
92
- should_forbid "on GET to #edit with correct id but blank token" do
93
- get :edit, :user_id => @user.to_param, :token => ""
94
- end
95
-
96
- should_forbid "on GET to #edit with correct id but no token" do
97
- get :edit, :user_id => @user.to_param
98
- end
99
-
100
- context "on PUT to #update with matching password and password confirmation" do
101
- setup do
102
- new_password = "new_password"
103
- @encrypted_new_password = @user.encrypt(new_password)
104
- assert_not_equal @encrypted_new_password, @user.encrypted_password
105
-
106
- put(:update,
107
- :user_id => @user,
108
- :token => @user.token,
109
- :user => {
110
- :password => new_password,
111
- :password_confirmation => new_password
112
- })
113
- @user.reload
114
- end
115
-
116
- should "update password" do
117
- assert_equal @encrypted_new_password, @user.encrypted_password
118
- end
119
-
120
- should "clear token" do
121
- assert_nil @user.token
122
- end
123
-
124
- should_be_signed_in_as { @user }
125
- should_redirect_to_url_after_update
126
- end
127
-
128
- context "on PUT to #update with password but blank password confirmation" do
129
- setup do
130
- new_password = "new_password"
131
- @encrypted_new_password = @user.encrypt(new_password)
132
-
133
- put(:update,
134
- :user_id => @user.to_param,
135
- :token => @user.token,
136
- :user => {
137
- :password => new_password,
138
- :password_confirmation => ''
139
- })
140
- @user.reload
141
- end
142
-
143
- should "not update password" do
144
- assert_not_equal @encrypted_new_password, @user.encrypted_password
145
- end
146
-
147
- should "not clear token" do
148
- assert_not_nil @user.token
149
- end
150
-
151
- should_not_be_signed_in
152
- should_respond_with :success
153
- should_render_template :edit
154
-
155
- should_display_a_password_update_form
156
- end
157
-
158
- should_forbid "on PUT to #update with id but no token" do
159
- put :update, :user_id => @user.to_param, :token => ""
160
- end
161
- end
162
-
163
- context "given two users and user one signs in" do
164
- setup do
165
- @user_one = Factory(:user)
166
- @user_two = Factory(:user)
167
- sign_in_as @user_one
168
- end
169
-
170
- should_forbid "when user one tries to change user two's password on GET with no token" do
171
- get :edit, :user_id => @user_two.to_param
172
- end
173
- end
174
- end
175
- end
176
-
177
- end
178
- end
179
- end
180
- end
@@ -1,187 +0,0 @@
1
- module Clearance
2
- module Test
3
- module Functional
4
- module SessionsControllerTest
5
-
6
- def self.included(controller_test)
7
- controller_test.class_eval do
8
-
9
- should_filter_params :password
10
-
11
- context "on GET to /sessions/new" do
12
- setup { get :new }
13
-
14
- should_respond_with :success
15
- should_render_template :new
16
- should_not_set_the_flash
17
- should_display_a_sign_in_form
18
- end
19
-
20
- context "a POST to #create with unconfirmed credentials" do
21
- setup do
22
- @user = Factory(:user)
23
- ActionMailer::Base.deliveries.clear
24
- post :create, :session => {
25
- :email => @user.email,
26
- :password => @user.password }
27
- end
28
-
29
- should_deny_access(:flash => /User has not confirmed email. Confirmation email will be resent./i)
30
-
31
- should "send the confirmation email" do
32
- assert_not_nil email = ActionMailer::Base.deliveries[0]
33
- assert_match /account confirmation/i, email.subject
34
- end
35
- end
36
-
37
- context "a POST to #create with good credentials" do
38
- setup do
39
- @user = Factory(:email_confirmed_user)
40
- post :create, :session => {
41
- :email => @user.email,
42
- :password => @user.password }
43
- end
44
-
45
- should_set_the_flash_to /success/i
46
- should_redirect_to_url_after_create
47
- should_be_signed_in_as { @user }
48
- end
49
-
50
- context "a POST to #create with good credentials and remember me" do
51
- setup do
52
- @user = Factory(:email_confirmed_user)
53
- post :create, :session => {
54
- :email => @user.email,
55
- :password => @user.password,
56
- :remember_me => '1' }
57
- end
58
-
59
- should_set_the_flash_to /success/i
60
- should_redirect_to_url_after_create
61
- should_be_signed_in_as { @user }
62
-
63
- should 'set the cookie' do
64
- assert ! cookies['remember_token'].empty?
65
- end
66
-
67
- should 'set the token in users table' do
68
- assert_not_nil @user.reload.token
69
- assert_not_nil @user.reload.token_expires_at
70
- end
71
- end
72
-
73
- context "a POST to #create with good credentials and a session return url" do
74
- setup do
75
- @user = Factory(:email_confirmed_user)
76
- @return_url = '/url_in_the_session'
77
- @request.session[:return_to] = @return_url
78
- post :create, :session => {
79
- :email => @user.email,
80
- :password => @user.password }
81
- end
82
-
83
- should_redirect_to("the return URL") { @return_url }
84
- end
85
-
86
- context "a POST to #create with good credentials and a request return url" do
87
- setup do
88
- @user = Factory(:email_confirmed_user)
89
- @return_url = '/url_in_the_request'
90
- post :create, :session => {
91
- :email => @user.email,
92
- :password => @user.password },
93
- :return_to => @return_url
94
- end
95
-
96
- should_redirect_to("the return URL") { @return_url }
97
- end
98
-
99
- context "a POST to #create with good credentials and a session return url and request return url" do
100
- setup do
101
- @user = Factory(:email_confirmed_user)
102
- @return_url = '/url_in_the_session'
103
- @request.session[:return_to] = @return_url
104
- post :create, :session => {
105
- :email => @user.email,
106
- :password => @user.password },
107
- :return_to => '/url_in_the_request'
108
- end
109
-
110
- should_redirect_to("the return URL") { @return_url }
111
- end
112
-
113
- context "a POST to #create with bad credentials" do
114
- setup do
115
- post :create, :session => {
116
- :email => 'bad.email@example.com',
117
- :password => "bad value" }
118
- end
119
-
120
- should_set_the_flash_to /bad/i
121
- should_respond_with :unauthorized
122
- should_render_template :new
123
- should_not_be_signed_in
124
- end
125
-
126
- context "a POST to #create with bad credentials and remember me" do
127
- setup do
128
- post :create, :session => {
129
- :email => 'bad.email@example.com',
130
- :password => "bad value",
131
- :remember_me => '1' }
132
- end
133
-
134
- should_set_the_flash_to /bad/i
135
- should_respond_with :unauthorized
136
- should_render_template :new
137
- should_not_be_signed_in
138
-
139
- should 'not create the cookie' do
140
- assert_nil cookies['remember_token']
141
- end
142
- end
143
-
144
- context "signing out given a signed out user" do
145
- setup do
146
- sign_out
147
- delete :destroy
148
- end
149
- should_redirect_to_url_after_destroy
150
- end
151
-
152
- context "a DELETE to #destroy without a cookie" do
153
- setup do
154
- sign_in_as
155
- delete :destroy
156
- end
157
-
158
- should_set_the_flash_to(/signed out/i)
159
- should_redirect_to_url_after_destroy
160
- end
161
-
162
- context 'a DELETE to #destroy with a cookie' do
163
- setup do
164
- @user = Factory(:email_confirmed_user)
165
- cookies['remember_token'] = CGI::Cookie.new('token', 'value')
166
- sign_in_as @user
167
- delete :destroy
168
- end
169
-
170
- should 'delete the cookie' do
171
- assert cookies['remember_token'].nil? || # Rails >= 2.3
172
- cookies['remember_token'].empty? # Rails < 2.3
173
- end
174
-
175
- should 'delete the remember me token in users table' do
176
- assert_nil @user.reload.token
177
- assert_nil @user.reload.token_expires_at
178
- end
179
- end
180
-
181
- end
182
- end
183
-
184
- end
185
- end
186
- end
187
- end