thoughtbot-clearance 0.3.9 → 0.4.0

data/README.textile

@@ -24,7 +24,7 @@ In config/environment.rb:
     config.gem "thoughtbot-clearance", 
       :lib     => 'clearance', 
       :source  => 'http://gems.github.com', 
-      :version => '>= 0.3.8'
+      :version => '>= 0.3.9'
 
 Then:
 
@@ -33,32 +33,11 @@ Then:
 
 h2. The generator
 
-In a greenfield application, make sure the development database exists and just run the generator:
+Make sure the development database exists and run the generator:
 
     script/generate clearance
 
-This will create:
-
-    app/controllers/confirmations_controller.rb
-    app/controllers/passwords_controller.rb
-    app/controllers/sessions_controller.rb
-    app/controllers/users_controller.rb
-    app/models/user.rb
-    app/models/user_mailer.rb
-    app/views/passwords/edit.html.erb
-    app/views/passwords/new.html.erb
-    app/views/sessions/new.html.erb
-    app/views/user_mailer/change_password.html.erb
-    app/views/user_mailer/confirmation.html.erb
-    app/views/users/_form.html.erb
-    app/views/users/edit.html.erb
-    app/views/users/new.html.erb
-    test/functional/confirmations_controller_test.rb
-    test/functional/passwords_controller_test.rb
-    test/functional/sessions_controller_test.rb
-    test/functional/users_controller_test.rb
-    test/unit/clearance_mailer_test.rb
-    test/unit/user_test.rb
+A number of files will be created and instructions will be printed.
 
 You may already have some of these files. Don't worry. You'll be asked if you want to overwrite them.
 
@@ -93,7 +72,7 @@ h2. Routes
 Clearance will add these routes to your routes.rb:
 
     map.resources :users, :has_one => [:password, :confirmation]
-    map.resource :session
+    map.resource  :session
     map.resources :passwords
     
 Please note that Clearance depends on root_url, so please make sure that it is defined to *something* in your config/routes.rb:
@@ -114,7 +93,7 @@ In config/environment.rb:
 
 h2. Tests
 
-The tests use "Shoulda":http://thoughtbot.com/projects/shoulda >= 2.0.6 and "Factory Girl":http://thoughtbot.com/projects/factory_girl >= 1.1.5. You need to add the Clearance module to your test/test_helper.rb:
+The tests use "Shoulda":http://thoughtbot.com/projects/shoulda >= 2.0.6 and "Factory Girl":http://thoughtbot.com/projects/factory_girl >= 1.1.5. There needs to be a Clearance module in your test/test_helper.rb:
 
     class Test::Unit::TestCase
       self.use_transactional_fixtures = true
@@ -129,9 +108,9 @@ h2. Usage: basic workflow
 
 Rails authentication with Clearance uses the standard approach thoughtbot and our clients have agreed upon. 
 
-Users register (UsersController) using an email address and a password (User model). They get an email with a confirmation link (ClearanceMailer) to confirm their registration (ConfirmationController).
+Users register (UsersController) using an email address and a password (User model). They get an email (ClearanceMailer) with a confirmation link to confirm their registration (ConfirmationController).
 
-Registered users can sign in and out (SessionsController). If they forget their password, they request an email containing a link to change it (PasswordsController). 
+Registered users can sign in and out (SessionsController). If they forget their password, they request an email (ClearanceMailer) containing a link to change it (PasswordsController). 
 
 h2. Usage: actions which require an authenticated user
 
@@ -143,7 +122,7 @@ To protect your controllers with authentication add:
 The filter will ensure that only authenticated users can access the controller. If someone who's not signed in tries to access a protected action: 
 
 * the URL is stored in the session, 
-* the user is redirected to log in page, and
+* the user is redirected to sign in page, and
 * after successful authentication will be be redirected back to that URL.
 
 h2. Usage: signed_in?, current_user
@@ -152,13 +131,11 @@ Clearance provides two methods that can be used in controllers, helpers, and vie
 
 * signed_in?
 * current_user
-
-This may be familiar to you if you've used "restful_authentication":http://github.com/technoweenie/restful-authentication.
-    
+   
     <% if signed_in? -%>
       Hello, <%= current_user.name %>!
     <% else -%>
-      Please <%= link_to 'Log in', new_session_path %>
+      Please <%= link_to 'Sign in', new_session_path %>
     <% end -%>
     
 h2. Usage: mass assignment
@@ -168,14 +145,13 @@ Please note that all User attributes except email, password and password_confirm
     class User < ActiveRecord::Base
       include Clearance::App::Models::User
       attr_accessible :first_name, :last_name
-    ...
+    end
 
 h2. Hooks: return_to parameter
 
-If you want to specify where to redirect a user (say you want to have a sign in box on every page and redirect the user to the same page) after he/she signs in, you can add a "return_to" parameter to the request (thanks to "Phillippe":http://www.sivarg.com/2009/01/clearance-coming-from-where-your-were.html for the tip):
+To specify where to redirect a user (say you want to have a sign in form on every page and redirect the user to the same page) after he/she signs in, you can add a "return_to" parameter to the request (thanks to "Phillippe":http://www.sivarg.com/2009/01/clearance-coming-from-where-your-were.html for the tip):
 
-    <% form_for :session, :url => session_path(:return_to => request.request_uri) do |form| %> 
-    ...
+    <% form_for :session, :url => session_path(:return_to => request.request_uri) do |form| %>
 
 h2. Hooks: url_after_create, url_after_destroy
     
@@ -193,24 +169,24 @@ Actions that redirect (create and destroy) in Clearance controllers are customiz
 
 There are similar methods in other controllers as well:
 
-    UsersController#url_after_create (sign up)
+    UsersController#url_after_create (register)
     SessionsController#url_after_create (sign in)
     SessionsController#url_after_destroy (sign out)
-    PasswordsController#url_after_create (password reset request)
+    PasswordsController#url_after_create (password request)
     ConfirmationsController#url_after_create (confirmation)
 
-h2. Hooks: log_user_in
+h2. Hooks: sign_user_in
 
-Say you want to add a last_signed_in_at attribute to your User model. You would want to update it when the User logs in.
+Say you want to add a last_signed_in_at attribute to your User model. You would want to update it when the User signs in.
 
-Clearance has a method named log_user_in that you can overwrite with that logic. Be sure to call sign_in(user) at the end (and write tests!).
+Clearance has a method named sign_user_in that you can overwrite with that logic. Be sure to call sign_in(user) at the end (and write tests!).
 
     class ApplicationController < ActionController::Base
       include Clearance::App::Controllers::ApplicationController
       
       private
         
-        def log_user_in(user)
+        def sign_user_in(user)
           # store current time to display "last signed in at" message
           user.update_attribute(:last_signed_in_at, Time.now)
           sign_in(user)

data/Rakefile

@@ -36,7 +36,7 @@ task :default => 'test:all'
 
 gem_spec = Gem::Specification.new do |gem_spec|
   gem_spec.name        = "clearance"
-  gem_spec.version     = "0.3.9"
+  gem_spec.version     = "0.4.0"
   gem_spec.summary     = "Simple, complete Rails authentication."
   gem_spec.email       = "support@thoughtbot.com"
   gem_spec.homepage    = "http://github.com/thoughtbot/clearance"

data/generators/clearance/templates/README

@@ -1,30 +1,46 @@
+
 *******************************************************************************
+
 Ok, enough fancy automatic stuff. Time for some old school monkey copy-pasting.
 
 1. For any other file(s) that you already had and didn't want to overwrite, add 
 the corresponding Clearance module. They are namespaced exactly like the 
-directory structure of a Rails app, e.g:
+directory structure of a Rails app.
+
+Application controller example:
+
+    class ApplicationController < ActionController::Base
+      include Clearance::App::Controllers::ApplicationController
+    end
 
-if app/models/user.rb already exists, add:
+User model example:
 
-class User < ActiveRecord::Base
-  include Clearance::App::Models::User
-...
+    class User < ActiveRecord::Base
+      include Clearance::App::Models::User
+    end
+
+User test example:
 
-2. You need to define HOST constant in your environments files. In config/environments/test.rb and config/environments/development.rb it can be:
+    class UserTest < Test::Unit::TestCase
+      include Clearance::Test::Unit::UserTest
+    end
+
+2. You need to define HOST constant in your environments files. 
+In config/environments/test.rb and config/environments/development.rb it can be:
 
     HOST = "localhost"
 
-While in config/environments/production.rb it must be the actual host your application is deployed to because the constant is used by mailers to generate URLs in emails.
+In production.rb it must be the actual host your application is deployed to. 
+The constant is used by mailers to generate URLs in emails.
 
 In config/environment.rb:
 
     DO_NOT_REPLY = "donotreply@example.com"
     
-3. Clearance depends on root_url, so please make sure that it is defined in 
-your config/routes.rb:
+3. Clearance depends on root_url, so please make sure that it is defined to
+*something* your config/routes.rb:
 
-    map.root :controller => 'my_home_controller'
+    map.root :controller => 'home'
     
 4. To run tests you need to add the Clearance module to your 
 test/test_helper.rb:
@@ -34,4 +50,5 @@ test/test_helper.rb:
       self.use_instantiated_fixtures  = false
       include Clearance::Test::TestHelper
     end
+
 *******************************************************************************    

data/generators/clearance/templates/app/views/clearance_mailer/change_password.html.erb

@@ -1,8 +1,10 @@
 Someone, hopefully you, has requested that we send you a link to change your password.
 
 Here's the link:
+
 <%= edit_user_password_url(@user, 
       :email    => @user.email, 
-      :password => @user.encrypted_password) %>
+      :password => @user.encrypted_password,
+      :escape   => false) %>
 
-If you didn't request this, no need to freak out, your password hasn't been changed.  You can just ignore this email.
+If you didn't request this, don't worry: your password hasn't been changed. You can just ignore this email.

data/generators/clearance/templates/app/views/clearance_mailer/confirmation.html.erb

@@ -1 +1 @@
-<%= new_user_confirmation_url :user_id => @user, :salt => @user.salt %>
+<%= new_user_confirmation_url :user_id => @user, :salt => @user.salt %>

data/generators/clearance/templates/app/views/passwords/edit.html.erb

@@ -1,3 +1,5 @@
+<h2>Change your password</h2>
+
 <p>
   Your password has been reset. Choose a new password below.
 </p>
@@ -10,14 +12,14 @@
                       :password => @user.encrypted_password),
             :html => { :method => :put }) do |form| %>
   <div class="password_field">
-    <%= form.label :password, 'Choose password' %>
+    <%= form.label :password, "Choose password" %>
     <%= form.password_field :password %>
   </div>
   <div class="password_field">
-    <%= form.label :password_confirmation, 'Verify password' %>
+    <%= form.label :password_confirmation, "Verify password" %>
     <%= form.password_field :password_confirmation %>
   </div>
   <div class="submit_field">
-    <%= form.submit 'Save this password' %>
+    <%= form.submit "Save this password", :disable_with => "Please wait..." %>
   </div>
 <% end %>

data/generators/clearance/templates/app/views/passwords/new.html.erb

@@ -6,10 +6,10 @@
 
 <% form_for :password, :url => passwords_path do |form| %>
   <div class="text_field">
-    <%= form.label :email, 'Email address' %>
+    <%= form.label :email, "Email address" %>
     <%= form.text_field :email %>
   </div>
   <div class="submit_field">
-    <%= form.submit 'Reset password' %>
+    <%= form.submit "Reset password", :disable_with => "Please wait..." %>
   </div>
 <% end %>

data/generators/clearance/templates/app/views/sessions/new.html.erb

@@ -1,3 +1,5 @@
+<h2>Sign in</h2>
+
 <% form_for :session, :url => session_path do |form| %>
   <div class="text_field">
     <%= form.label :email %>
@@ -12,7 +14,7 @@
     <%= form.label :remember_me %>
   </div>
   <div class="submit_field">
-    <%= form.submit 'Sign in', :disable_with => 'Please wait...' %>
+    <%= form.submit "Sign in", :disable_with => "Please wait..." %>
   </div>
 <% end %>
 
@@ -21,6 +23,6 @@
     <%= link_to "Register", new_user_path %>
   </li>
   <li>
-    <%= link_to "Forgot My Password", new_password_path %>
+    <%= link_to "Forgot password?", new_password_path %>
   </li>
 </ul>

data/generators/clearance/templates/app/views/users/_form.html.erb

@@ -8,6 +8,6 @@
   <%= form.password_field :password %>
 </div>
 <div class="password_field">
-  <%= form.label :password_confirmation %>
+  <%= form.label :password_confirmation, "Verify password" %>
   <%= form.password_field :password_confirmation %>
 </div>

data/generators/clearance/templates/app/views/users/edit.html.erb

@@ -1,3 +1,5 @@
+<h2>Edit user information</h2>
+
 <% form_for @user do |form| %>
   <%= render :partial => '/users/form', :object => form %>
   <%= form.submit 'Update', :disable_with => 'Please wait...' %>

data/generators/clearance/templates/app/views/users/new.html.erb

@@ -1,3 +1,5 @@
+<h2>Register</h2>
+
 <% form_for @user do |form| %>
   <%= render :partial => '/users/form', :object => form %>
   <%= form.submit 'Sign up', :disable_with => 'Please wait...' %>

data/lib/clearance/app/controllers/application_controller.rb

@@ -38,7 +38,7 @@ module Clearance
             end
 
             # Hook
-            def log_user_in(user)
+            def sign_user_in(user)
               sign_in(user)
             end
 

data/lib/clearance/app/controllers/confirmations_controller.rb

@@ -15,7 +15,8 @@ module Clearance
 
             def create
               @user.confirm_email!
-              log_user_in(@user)
+              sign_user_in(@user)
+              flash[:success] = "Confirmed email and signed in."
               redirect_to url_after_create
             end
         

data/lib/clearance/app/controllers/passwords_controller.rb

@@ -15,7 +15,7 @@ module Clearance
             def create
               user = User.find_by_email(params[:password][:email])
               if user.nil?
-                flash.now[:notice] = 'Unknown email'
+                flash.now[:notice] = "Unknown email"
                 render :action => :new
               else
                 ClearanceMailer.deliver_change_password user
@@ -34,7 +34,7 @@ module Clearance
               @user = User.find_by_email_and_encrypted_password(params[:email],
                                                                 params[:password])
               if @user.update_attributes params[:user]
-                log_user_in(@user)
+                sign_user_in(@user)
                 redirect_to url_after_update
               else
                 render :action => :edit

data/lib/clearance/app/controllers/sessions_controller.rb

@@ -13,12 +13,14 @@ module Clearance
               @user = User.authenticate(params[:session][:email], 
                                         params[:session][:password])
               if @user.nil?
-                sign_in_failure
+                flash.now[:notice] = "Bad email or password."
+                render :action => :new
               else
                 if @user.email_confirmed?
                   remember(@user) if remember?
-                  log_user_in(@user)
-                  sign_in_successful
+                  sign_user_in(@user)
+                  flash[:notice] = "Signed in successfully"
+                  redirect_back_or url_after_create
                 else
                   deny_access("User has not confirmed email.")
                 end
@@ -34,16 +36,6 @@ module Clearance
         
             private
             
-            def sign_in_successful(message = "Signed in successfully")
-              flash[:notice] = message
-              redirect_back_or url_after_create
-            end
-
-            def sign_in_failure(message = "Bad email or password.")
-              flash.now[:notice] = message
-              render :action => :new
-            end
-
             def remember?
               params[:session] && params[:session][:remember_me] == "1"
             end

data/lib/clearance/test/functional/confirmations_controller_test.rb

@@ -16,6 +16,8 @@ module Clearance
                   get :new, :user_id => @user.to_param, :salt => @user.salt
                 end
 
+                should_set_the_flash_to /confirmed email/i
+                should_set_the_flash_to /signed in/i
                 should_be_signed_in_and_email_confirmed_as { @user }
                 should_redirect_to_url_after_create
               end

data/lib/clearance/test/functional/passwords_controller_test.rb

@@ -16,43 +16,44 @@ module Clearance
                 setup { get :new, :user_id => @user.to_param }
 
                 should_respond_with :success
-                should_render_template 'new'
+                should_render_template "new"
               end
 
-              context 'A POST to #create' do
+              context "A POST to #create" do
                 context "with an existing user's email address" do
                   setup do
                     ActionMailer::Base.deliveries.clear
 
                     post :create, :password => { :email => @user.email }
-                    @email = ActionMailer::Base.deliveries[0]
                   end
-
-                  should 'send an email to the user to edit their password' do
-                    assert @email.subject =~ /change your password/i
+                  
+                  should "send the change your password email" do
+                    assert_sent_email do |email|
+                      email.subject =~ /change your password/i
+                    end
                   end
                   
-                  should 'set a :notice flash with the user email address' do
+                  should "set a :notice flash with the user email address" do
                     assert_match /#{@user.email}/, flash[:notice]
                   end
 
                   should_redirect_to_url_after_create
                 end
 
-                context 'with a non-existent email address' do
+                context "with a non-existent email address" do
                   setup do
-                    email = 'user1@example.com'
+                    email = "user1@example.com"
                     assert ! User.exists?(['email = ?', email])
                     ActionMailer::Base.deliveries.clear
 
                     post :create, :password => { :email => email }
                   end
 
-                  should 'not send a password reminder email' do
+                  should "not send a password reminder email" do
                     assert ActionMailer::Base.deliveries.empty?
                   end
 
-                  should 'set a :notice flash' do
+                  should "set a :notice flash" do
                     assert_not_nil flash.now[:notice]
                   end
 
@@ -60,7 +61,7 @@ module Clearance
                 end
               end
 
-              context 'A GET to #edit' do
+              context "A GET to #edit" do
                 context "with an existing user's id and password" do
                   setup do
                     get :edit, 
@@ -69,7 +70,7 @@ module Clearance
                       :email    => @user.email
                   end
 
-                  should 'find the user with the given id and password' do
+                  should "find the user with the given id and password" do
                     assert_equal @user, assigns(:user)
                   end
 
@@ -91,7 +92,7 @@ module Clearance
 
                 context "with an existing user's id but not password" do
                   setup do
-                    get :edit, :user_id => @user.to_param, :password => ''
+                    get :edit, :user_id => @user.to_param, :password => ""
                   end
 
                   should_respond_with :not_found
@@ -99,10 +100,10 @@ module Clearance
                 end
               end
 
-              context 'A PUT to #update' do
+              context "A PUT to #update" do
                 context "with an existing user's id but not password" do
                   setup do
-                    put :update, :user_id => @user.to_param, :password => ''
+                    put :update, :user_id => @user.to_param, :password => ""
                   end
 
                   should "not update the user's password" do
@@ -114,9 +115,9 @@ module Clearance
                   should_render_nothing
                 end
 
-                context 'with a matching password and password confirmation' do
+                context "with a matching password and password confirmation" do
                   setup do
-                    new_password = 'new_password'
+                    new_password = "new_password"
                     @encrypted_new_password = @user.encrypt(new_password)
                     assert_not_equal @encrypted_new_password, @user.encrypted_password
 
@@ -139,9 +140,9 @@ module Clearance
                   should_redirect_to_url_after_update
                 end
 
-                context 'with password but blank password confirmation' do
+                context "with password but blank password confirmation" do
                   setup do
-                    new_password = 'new_password'
+                    new_password = "new_password"
                     @encrypted_new_password = @user.encrypt(new_password)
 
                     put(:update,

data/lib/clearance/test/test_helper.rb

@@ -15,7 +15,7 @@ module Clearance
             return user
           end
 
-          def logout 
+          def sign_out 
             @request.session[:user_id] = nil
             @request.session[:salt]    = nil
           end

data/lib/clearance/test/unit/clearance_mailer_test.rb

@@ -18,7 +18,7 @@ module Clearance
 
               should "contain a link to edit the user's password" do
                 host = ActionMailer::Base.default_url_options[:host]
-                regexp = %r{http://#{host}/users/#{@user.id}/password/edit\?email=#{@user.email.gsub("@", "%40")}&password=#{@user.encrypted_password}}
+                regexp = %r{http://#{host}/users/#{@user.id}/password/edit\?email=#{@user.email.gsub("@", "%40")}&password=#{@user.encrypted_password}}
                 assert_match regexp, @email.body
               end
 
@@ -37,15 +37,15 @@ module Clearance
                 @email = ClearanceMailer.create_confirmation @user
               end
 
-              should 'set its recipient to the given user' do
+              should "set its recipient to the given user" do
                 assert_equal @user.email, @email.to[0]
               end
 
-              should 'set its subject' do
+              should "set its subject" do
                 assert_match /Account confirmation/, @email.subject
               end
 
-              should 'set its from address to DO_NOT_REPLY' do
+              should "set its from address to DO_NOT_REPLY" do
                 assert_equal DO_NOT_REPLY, @email.from[0]
               end
 

data/shoulda_macros/clearance.rb

@@ -71,7 +71,7 @@ module Clearance
 
     def public_context(&blk)
       context "The public" do
-        setup { logout }
+        setup { sign_out }
         merge_block(&blk)
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: thoughtbot-clearance
 version: !ruby/object:Gem::Version 
-  version: 0.3.9
+  version: 0.4.0
 platform: ruby
 authors: 
 - thoughtbot, inc.