tkh_authentication 0.9.6 → 0.9.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1be1e35ab59a3e0902cfefd22160a6352e167e01
-  data.tar.gz: ad0dc779113a26ce1411a2a3fbe9c35e8a92e380
+  metadata.gz: b51349fbe53b75922d615973d307d7b3542e1679
+  data.tar.gz: b1bcacda9bcd66ff228419359f504cdba7f27a3f
 SHA512:
-  metadata.gz: f515e1c29df16e2843f2d6efca7c398a720285f5198675093305171faf8e886ecf1ef25e7e230841cc9cc15c00bfeda3fbacbf9bc4a9f7e529ef13fd7fc73be0
-  data.tar.gz: f4504eaf664509c0f55f9e3f28df9a59ea83f7e6cedd92af0939c96bfc62ecdb3b4b48ab1a038afe9a8963bc3fa7a1939e8a19bb9050833e49df25cf179c16d1
+  metadata.gz: 90594fe0bd1279e009d2d81606ef32c678b2fab5e7dcc42572b6fd7580813ae8abc56b9f927b12fc296ef9d7b2af099e6ff58eb26ac7ccddd4b139cb40587ecd
+  data.tar.gz: 5274fdd8aa41e303d3c5549862cda66b22cc639e4b4e278de7ac2cc8d8e0b984f1812ef516ca3ac97a01a5da7e81e51bb3d9562f6db0cfd669c0ec6323f3b03a

data/CHANGELOG.md

@@ -2,6 +2,11 @@
 
 
 
+## 0.9.7
+
+* Created a whole new authentication pathway. Please run 'bundle update tkh_authentication' -> 'rake tkh_authentication:update' -> 'rake db:migrate'
+
+
 ## 0.9.6
 
 * Upgraded Rails and simple_form dependencies.

data/app/controllers/reception_controller.rb

@@ -0,0 +1,231 @@
+class ReceptionController < ApplicationController
+
+  # TODO change email address - may be a profile feature in tkh_mailing_list
+  # TODO change password -              ""
+  # TODO localize the whole process
+
+  before_action :set_target_page, only: [ :email_input, :parse_email, :email_validation, :create_your_password, :enter_your_password, :disconnect ]
+
+  def email_input
+  end
+
+  def parse_email
+    @user = User.find_by(email: params[:user][:email])
+    if @user.blank? # first take care of the easy case with a completely new user
+      # create new record
+      @user = User.new(user_params)
+      if @user.save
+        send_validation_email
+        flash[:notice] = "Your record has been successfully created."
+        # show screen to user with notice about email validation
+        @status = 'email_validation_email_sent'
+      else # problem saving new user record for some reason
+        redirect_to email_input_path, alert: "We had problems creating your record. Please try again. Make sure the email address is valid."
+      end
+    else # the email address was already in the database
+      # Returning user pathway goes here
+      if @user.email_validated? && @user.has_a_password?
+        respond_to do |format|
+          format.html { redirect_to enter_your_password_path(auth_token: @user.auth_token) }
+          format.js {}
+        end
+      elsif @user.email_validated? && !@user.has_a_password? # doesn't have a password
+        # User needs to securily create a password
+        send_password_creation_security_email
+        flash[:notice] = "There is 1 last step!"
+        # show screen to user with notice about password confirmation email
+        @status = 'password_confirmation_email_sent'
+      elsif !@user.email_validated?
+        send_validation_email
+        flash[:notice] = "For your security, we need to verify your email address."
+        # show screen to user with notice about email validation
+        @status = 'email_validation_email_sent'
+      end
+    end
+  end
+
+  def email_validation
+    @user = User.where(email_validation_token: params[:token]).first
+    if @user && @user.email_validation_token_sent_at >= Time.zone.now - 1.hour # still valid token
+      @user.email_validated = true
+      @user.save
+      unless @user.has_a_password?
+        set_password_creation_token
+        flash[:notice] = "Your email has been validated. There is 1 last step!"
+        redirect_to create_your_password_path(password_creation_token: @user.password_creation_token)
+      else # the user has a password
+        redirect_to enter_your_password_path(auth_token: @user.auth_token)
+      end
+    elsif @user && @user.email_validation_token_sent_at <= Time.zone.now - 1.hour # expiredd token
+      redirect_to email_input_url, alert: "Your verification token was created over an hour ago. Please restart the process."
+    else
+      redirect_to email_input_url, alert: "We were unable to validate your email. Please try again and make sure you are using a valid email address."
+    end
+  end
+
+  def create_your_password
+    @user = User.find_by(password_creation_token: params[:password_creation_token])
+    if @user.blank?
+      redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address."
+    end
+  end
+
+  def password_creation
+    @user = User.find(params[:id])
+    unless @user.blank?
+      if !params[:user][:password].blank? && (params[:user][:password] == params[:user][:password_confirmation])
+        if @user.password_creation_token_sent_at >= Time.zone.now - 1.hour # still valid token
+          if @user.update(user_params)
+            login_the_user
+            flash[:notice] = "Your new password was created and you have been logged in."
+            redirect_to session[:target_page] || root_path
+            destroy_target_page
+          else # did not update ?!?
+            flash[:alert] = "Some problems occurred while trying to create your password"
+            render create_your_password
+          end
+        else # the token has expired
+          redirect_to email_input_path, alert: 'Sorry, your password_creation_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!'
+        end
+      else # password is blank or password and password_confirmation don't match
+        redirect_to :back, alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.'
+      end
+    else # @user is blank
+      redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.'
+    end
+  end
+
+  def enter_your_password
+    @user = User.find_by(auth_token: params[:auth_token])
+  end
+
+  def password_checking
+    @user = User.find(params[:id])
+    if @user
+      if @user.email_validated?
+        if @user.authenticate(params[:user][:password])
+          login_the_user
+          redirect_to (session[:target_page] || root_url), notice: t('authentication.login_confirmation')
+          destroy_target_page
+        else # most likely wrong password
+          flash.now.alert = t('authentication.warning.email_or_password_invalid')
+          render "enter_your_password"
+        end
+      else # email not validated
+        send_validation_email
+        redirect_to root_path, alert: 'Our records show that your email address has not been validated. We need you to do so before letting your log in. Please check your email inbox or spam folder for an validation email.'
+      end
+    else # we can't find the user in the database
+      flash[:alert] = "We were unable to find your email in the database. Please try again and make sure you are using a valid email address."
+      redirect_to email_input_url
+    end
+  end
+
+  def i_forgot_my_password
+  end
+
+  def request_new_password
+    @user = User.find_by(email: params[:user][:email])
+    if @user
+      send_new_password_request_email
+      # show confirmation screen
+    else
+      redirect_to i_forgot_my_password_path, alert: "We could not find a user with this email address: #{params[:user][:email]}. Please try again."
+    end
+  end
+
+  def change_your_password
+    @user = User.find_by(password_reset_token: params[:password_reset_token])
+    if @user.blank?
+      redirect_to email_input_url, alert: "We were unable to find the record in the database. Please restart the process and make sure you are using a valid email address."
+    end
+  end
+
+  def password_reset
+    @user = User.find(params[:id])
+    if @user.present?
+      if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation])
+        if @user.password_reset_sent_at >= Time.zone.now - 1.hour # still valid token
+          if @user.update(user_params)
+            login_the_user
+            flash[:notice] = "Your password was changed and you have been logged in."
+            redirect_to session[:target_page] || root_path
+            destroy_target_page
+          else # did not update ?!?
+            flash[:alert] = "Some problems occurred while trying to change your password. Please try again."
+            render change_your_password
+          end
+        else # the token has expired
+          redirect_to email_input_path, alert: 'Sorry, your password_reset_token has expired. To protect your privacy and ensure your security, we need to ask you to start the process over again. The token, when created, expires after 1 hour!'
+        end
+      else # password is blank or password and password_confirmation don't match
+        redirect_to :back, alert: 'Your password cannot be blank and the password should be identical to the password confirmation. Please try again.'
+      end
+    else # @user is blank
+      redirect_to email_input_path, alert: 'We could not find this user record in our database. Please start the process over.'
+    end
+  end
+
+  def disconnect
+    cookies.delete(:auth_token)
+    redirect_to session[:target_page] || root_url, notice: t('authentication.logout_confirmation')
+    destroy_target_page
+  end
+
+  private
+
+  # Never trust parameters from the scary internet, only allow the white list through.
+  def user_params
+    params.require(:user).permit :email, :password, :password_confirmation, :first_name, :last_name, :other_name
+  end
+
+  def set_target_page
+    session[:target_page] = request.referer unless session[:target_page]
+  end
+
+  def destroy_target_page
+    session[:target_page] = nil
+  end
+
+  def send_validation_email
+    set_email_validation_token
+    ReceptionMailer.verification_email(@user).deliver
+  end
+
+  def set_email_validation_token
+    @user.generate_token(:email_validation_token)
+    @user.email_validation_token_sent_at = Time.zone.now
+    @user.save
+  end
+
+  def send_password_creation_security_email
+    set_password_creation_token
+    ReceptionMailer.password_creation_verification_email(@user).deliver
+  end
+
+  def set_password_creation_token
+    @user.generate_token(:password_creation_token)
+    @user.password_creation_token_sent_at = Time.zone.now
+    @user.save
+  end
+
+  def send_new_password_request_email
+    set_password_reset_token
+    ReceptionMailer.new_password_request_email(@user).deliver
+  end
+
+  def set_password_reset_token
+    @user.generate_token(:password_reset_token)
+    @user.password_reset_sent_at = Time.zone.now
+    @user.save
+  end
+
+  def login_the_user
+    if params[:user][:remember_me].to_i == 1
+      cookies.permanent[:auth_token] = @user.auth_token
+    else
+      cookies[:auth_token] = @user.auth_token
+    end
+  end
+
+end

data/app/mailers/reception_mailer.rb

@@ -0,0 +1,19 @@
+class ReceptionMailer < ActionMailer::Base
+  default from: "#{Setting.first.try(:site_name)} <#{Setting.first.contact_email}>"
+
+  def verification_email(user)
+    @user = user
+    mail(to: @user.email, subject: "Email validation for #{Setting.first.try(:site_name)}")
+  end
+
+  def password_creation_verification_email(user)
+    @user = user
+    mail(to: @user.email, subject: "Password creation confirmation for #{Setting.first.try(:site_name)}")
+  end
+
+  def new_password_request_email(user)
+    @user = user
+    mail(to: @user.email, subject: "New Password Request for #{Setting.first.try(:site_name)}")
+  end
+
+end

data/app/models/user.rb

@@ -1,21 +1,15 @@
 class User < ActiveRecord::Base
 
-  has_secure_password
+  has_secure_password(validations: false)
 
   # associations connected to tkh_content gem. Any page or comment model will do
   has_many :pages
   has_many :comments, :dependent => :destroy, foreign_key: 'author_id'
 
-  # not allowed are :admin:boolean, :auth_token:string, password_reset_token:string, password_reset_sent_at:datetime
-  # attr_accessible :email, :password, :password_confirmation, :first_name, :last_name, :other_name
-
   validates_presence_of :email
   validates_uniqueness_of :email, :case_sensitive => false
-  # validates_presence_of :password, on: :create
 
-  # TODO - this needs to be somehow integrated in the click flow
-  # validates_presence_of :first_name
-  # validates_presence_of :last_name
+  attr_accessor :remember_me
 
   scope :alphabetically, -> { order('last_name, first_name') }
   scope :administrators, -> { where('admin = ?', true) }
@@ -28,7 +22,6 @@ class User < ActiveRecord::Base
     "#{id}-#{name.to_url}"
   end
 
-
   def name
     "#{first_name} #{last_name}".strip
   end
@@ -37,20 +30,32 @@ class User < ActiveRecord::Base
     "#{last_name}, #{first_name}".strip
   end
 
+  def friendly_name
+    other_name || first_name
+  end
+
   def spiritual_name
-    @spiritual_name = other_name || first_name
+    other_name || name
   end
 
-  def send_password_reset
-    generate_token(:password_reset_token)
-    self.password_reset_sent_at = Time.zone.now
-    save!
-    UserMailer.password_reset(self).deliver
+  def visible_name_present? # used in tkh_authentication to determin whether to show name fields in login form
+    name.present? || other_name.present?
+  end
+
+  # def send_password_reset
+  #   generate_token(:password_reset_token)
+  #   self.password_reset_sent_at = Time.zone.now
+  #   save!
+  #   UserMailer.password_reset(self).deliver
+  # end
+
+  def has_a_password?
+    password_digest
   end
 
   def generate_token(column)
     begin
-      self[column] = SecureRandom.urlsafe_base64
+      self[column] = SecureRandom.urlsafe_base64(40)
     end while User.exists?(column => self[column])
   end
 

data/app/views/reception/_enter_your_password_form.html.erb

@@ -0,0 +1,19 @@
+<%= simple_form_for @user, :url => password_checking_path(@user.id), id: 'enter-you-password-form', method: :post do |f| %>
+  <%= f.error_notification %>
+
+  <p>Email: <strong><%= @user.email %></strong>. (<small><%= link_to "want to use a different email?", email_input_path %></small>)</p>
+  <%= f.input :password, autofocus: true, hint: link_to("forgot your password?", i_forgot_my_password_path) %>
+  <br />
+  <%= f.input_field :remember_me, as: :boolean, boolean_style: :inline, checked: 'checked' %> &nbsp;remember me
+  <br /><br />
+
+  <% unless @user.visible_name_present? %>
+    <p>Please take a few seconds to enter your name.</p>
+    <%= f.input :first_name %>
+    <%= f.input :last_name %>
+    <% # i want certain sites to use a different label for this. They can add a partial in host app. %>
+    <%= f.input :other_name, label: render('shared/other_name_label') %><br />
+  <% end %>
+
+  <%= f.submit 'log in!', class: 'btn btn-primary' %>
+<% end %>

data/app/views/reception/_enter_your_password_form.js.erb

@@ -0,0 +1,19 @@
+<%= simple_form_for @user, :url => password_checking_path(@user.id), id: 'enter-you-password-form', method: :post do |f| %>
+  <%= f.error_notification %>
+
+  <p>Email: <strong><%= @user.email %></strong>. (<small><%= link_to "want to use a different email?", email_input_path %></small>)</p>
+  <%= f.input :password, autofocus: true, hint: link_to("forgot your password?", i_forgot_my_password_path) %>
+  <br />
+  <%= f.input_field :remember_me, as: :boolean, boolean_style: :inline, checked: 'checked' %> &nbsp;remember me
+  <br /><br />
+
+  <% unless @user.visible_name_present? %>
+    <p>Please take a few seconds to enter your name.</p>
+    <%= f.input :first_name %>
+    <%= f.input :last_name %>
+    <% # i want certain sites to use a different label for this. They can add a partial in host app. %>
+    <%= f.input :other_name, label: render('shared/other_name_label') %><br />
+  <% end %>
+
+  <%= f.submit 'log in!', class: 'btn btn-primary' %>
+<% end %>

data/app/views/reception/change_your_password.html.erb

@@ -0,0 +1,17 @@
+<% content_for :meta_title, 'Change your password' %>
+<% content_for :meta_description, "You need to create a new password so that we can log you in." %>
+
+<h1>Change Your Password</h1>
+
+<%= simple_form_for @user, :url => password_reset_path(@user.id), method: :post do |f| %>
+  <%= f.error_notification %>
+
+  <p>Email: <strong><%= @user.email %></strong>. (<small><%= link_to "want to use a different email?", email_input_path %></small>)</p>
+
+  <%= f.input :password, autofocus: true %>
+  <%= f.input :password_confirmation %>
+  <br />
+  <%= f.input_field :remember_me, as: :boolean, boolean_style: :inline %> &nbsp;yes, remember me
+  <br /><br />
+  <%= f.submit 'change your password and log in!', class: 'btn btn-primary' %>
+<% end %>

data/app/views/reception/create_your_password.html.erb

@@ -0,0 +1,17 @@
+<% content_for :meta_title, 'Create your password' %>
+<% content_for :meta_description, "You need to create a password so that we can log you in." %>
+
+<h1>Create Your Password & We'll Log You Right In</h1>
+
+<%= simple_form_for @user, :url => password_creation_path(@user.id), method: :post do |f| %>
+  <%= f.error_notification %>
+
+  <p>Email: <strong><%= @user.email %></strong>. (<small><%= link_to "want to use a different email?", email_input_path %></small>)</p>
+
+  <%= f.input :password, autofocus: true %>
+  <%= f.input :password_confirmation %>
+  <br />
+  <%= f.input_field :remember_me, as: :boolean, boolean_style: :inline, checked: 'checked' %> &nbsp;remember me
+  <br /><br />
+  <%= f.submit 'Create password and log in!', class: 'btn btn-primary' %>
+<% end %>

data/app/views/reception/email_input.html.erb

@@ -0,0 +1,23 @@
+<% content_for :meta_title, 'Login with your email' %>
+<% content_for :meta_description, "We need your email address to initiate the login or account creation procedure." %>
+
+<% unless current_user # most folks coming to this page should not be logged in %>
+
+  <h1>Login</h1>
+
+  <%= simple_form_for User.new, url: parse_email_path, html: { id: 'email-input-form' }, remote: true, method: 'post' do |f| %>
+    <%= f.error_notification %>
+
+    <%= f.input :email, autofocus: true, label: 'Please enter your email address' %>
+    <br />
+    <%= f.button :submit, 'proceed', :class => 'btn btn-primary' %>
+  <% end %>
+
+<% else # the user is already logged in %>
+
+  <h1>You are already logged in</h1>
+  <p>This is the login page but it appears that you are already logged in with this address: <strong><%= current_user.email %></strong></p>
+
+  <p><%= link_to 'go to home page', root_path, class: 'btn btn-primary' %><%= link_to 'logout', disconnect_path, class: 'btn btn-default' %></p>
+
+<% end %>

data/app/views/reception/enter_your_password.html.erb

@@ -0,0 +1,6 @@
+<% content_for :meta_title, 'Enter your password and log in!' %>
+<% content_for :meta_description, "Enter your password to log in." %>
+
+<h1>Enter Your Password & We'll Log You Right In</h1>
+
+<%= render 'enter_your_password_form' %>

data/app/views/reception/i_forgot_my_password.html.erb

@@ -0,0 +1,8 @@
+<h1>Forgot your password?</h1>
+
+<%= simple_form_for User.new, :url => request_new_password_path, method: :post do |f| %>
+  <%= f.error_notification %>
+
+  <%= f.input :email, autofocus: true, hint: "We'll send an email to this address." %>
+  <%= f.submit 'let me set a new password!', class: 'btn btn-primary' %>
+<% end %>

data/app/views/reception/parse_email.html.erb

@@ -0,0 +1,15 @@
+<% if @status == 'email_validation_email_sent' %>
+
+  <% content_for :meta_title, 'Email Confirmation' %>
+  <% content_for :meta_description, "An email was just sent. Please check your inbox." %>
+  <h1>A Validation Email is Coming</h1>
+  <p>We've just sent an email to <strong><%= @user.email %></strong>. Please check your inbox or spam folder.</p>
+
+<% elsif @status == 'password_confirmation_email_sent' %>
+
+  <% content_for :meta_title, 'Password creation Email Confirmation' %>
+  <% content_for :meta_description, "An email was just sent. Please check your inbox." %>
+  <h1>A Password Creation Security Email is Coming</h1>
+  <p>For your security we need to check that you truly are the owner of this account. Please check your <strong><%= @user.email %></strong> inbox or spam folder.</p>
+
+<% end %>

data/app/views/reception/parse_email.js.erb

@@ -0,0 +1,4 @@
+// $('#email-input-form').slideUp(500);
+$('#email-input-form').replaceWith("<%= escape_javascript(render(:partial => 'reception/enter_your_password_form')) %>");
+$(".user_password").effect("highlight", { color: '#8D5530' }, 750);
+$('input#user_password').focus();

data/app/views/reception/request_new_password.html.erb

@@ -0,0 +1,6 @@
+<% content_for :meta_title, 'New Password Request Email Confirmation' %>
+<% content_for :meta_description, "An email was just sent to enable you to get your new password. Please check your inbox." %>
+
+<h1>Your New Password Request Email is Coming</h1>
+
+<p>To enable you to reset your password we've just sent an email to <strong><%= @user.email %></strong>. Please check your inbox or spam folder.</p>

data/app/views/reception_mailer/new_password_request_email.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type' />
+  </head>
+  <body>
+    <h1>Hello. You are in the process of creating a new password for your account.</h1>
+    <p>
+      To protect your privacy, we need you to confirm you are the owner of this specific account.
+    </p>
+    <p>
+      Please visit <%= link_to 'this security link', change_your_password_url(password_reset_token: @user.password_reset_token) %>.
+    </p>
+    <p>Thank you for visiting our site. We appreciate your presence.</p>
+    <p>If you did <strong>not</strong> initiate this procedure, please ignore this email.</p>
+  </body>
+</html>

data/app/views/reception_mailer/new_password_request_email.text.erb

@@ -0,0 +1,9 @@
+Hello. You are in the process of creating a new password for your account.
+
+To protect your privacy, we need you to confirm you are the owner of this specific account.
+
+Please visit this security link: <%= change_your_password_url(password_reset_token: @user.password_reset_token) %>
+
+Thank you for visiting our site. We appreciate your presence.
+
+P.S. If you did not initiate this procedure, please ignore this email.

data/app/views/reception_mailer/password_creation_verification_email.html.erb

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type' />
+  </head>
+  <body>
+    <h1>Hello. You are in the process of creating a password for your account.</h1>
+    <p>
+      To protect your privacy, we need you to confirm you are the owner of this specific account.
+    </p>
+    <p>
+      Please visit <%= link_to 'this security link', create_your_password_url(password_creation_token: @user.password_creation_token) %>.
+    </p>
+    <p>Thank you for visiting our site. We appreciate your presence.</p>
+    <p>If you did <strong>not</strong> initiate this procedure, please ignore this email.</p>
+  </body>
+</html>

data/app/views/reception_mailer/password_creation_verification_email.text.erb

@@ -0,0 +1,9 @@
+Hello. You are in the process of creating a password for your account.
+
+To protect your privacy, we need you to confirm you are the owner of this specific account.
+
+Please visit this security link: <%= create_your_password_url(password_creation_token: @user.password_creation_token) %>
+
+Thank you for visiting our site. We appreciate your presence.
+
+P.S. If you did not initiate this procedure, please ignore this email.

data/app/views/reception_mailer/verification_email.html.erb

@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content='text/html; charset=UTF-8' http-equiv='Content-Type' />
+  </head>
+  <body>
+    <h1>Hello. We need to verify your email address</h1>
+    <p>
+      To protect your privacy, we need you to confirm you are the owner of the <%= @user.email %> address.
+    </p>
+    <p>
+      Please visit <%= link_to 'this activation link', email_validation_url(token: @user.email_validation_token) %>.
+    </p>
+    <p>Thank you for visiting our site. We appreciate your presence.</p>
+  </body>
+</html>

data/app/views/reception_mailer/verification_email.text.erb

@@ -0,0 +1,7 @@
+Hello. We need to verify your email address.
+
+To protect your privacy, we need you to confirm you are the owner of the <%= @user.email %> address.
+
+Please visit this activation link: <%= email_validation_url(token: @user.email_validation_token) %>
+
+Thank you for visiting our site. We appreciate your presence.

data/app/views/shared/_login_info_for_navbar.html.erb

@@ -1,5 +1,5 @@
 <% if current_user %>
-  <ul class="nav navbar-nav navbar-right">
+  <ul class="nav navbar-nav navbar-right navbar-login-info">
     <li class='dropdown'>
     	<a href="#" class="dropdown-toggle" data-toggle="dropdown"><%= current_user.email %> <b class="caret"></b></a>
     	<ul class="dropdown-menu">
@@ -9,6 +9,6 @@
   </ul>
 <% else %>
   <ul class="nav navbar-nav navbar-right">
-    <%= content_tag :li, link_to(t('authentication.login_now'), login_path) %>
+    <%= content_tag :li, link_to(t('authentication.login_now'), email_input_path) %>
   </ul>
 <% end %>

data/app/views/shared/_other_name_label.html.erb

@@ -0,0 +1 @@
+nickname or other name

data/app/views/users/_form.html.erb

@@ -1,16 +1,12 @@
 <%= simple_form_for user, :html => { class: 'form-horizontal' } do |f| %>
   <%= f.error_notification %>
 
-  <div class="form-inputs">
     <%= f.input :email %>
 		<%= f.input :first_name %>
 		<%= f.input :last_name %>
     <%= f.input :other_name %>
     <%= f.input :password %>
 		<%= f.input :password_confirmation, required: true %>
-  </div>
 
-  <div class="form-actions">
     <%= f.button :submit, t('authentication.create_account'), :class => 'btn btn-primary' %>
-  </div>
 <% end %>

data/config/routes.rb

@@ -1,8 +1,6 @@
 Rails.application.routes.draw do
+
   scope "(:locale)", locale: /#{I18n.available_locales.join("|")}/ do
-    get 'signup', to: 'users#new', as: 'signup'
-    get 'login', to: 'sessions#new', as: 'login'
-    get 'logout', to: 'sessions#destroy', as: 'logout'
 
     resources :users do
       member do
@@ -11,7 +9,26 @@ Rails.application.routes.draw do
       end
       collection { post :detect_existence }
     end
-    resources :sessions
-    resources :password_resets
+
+    ##### ACCESS CONTROL
+    # legacy routes. Pointing to new pathway.
+    get 'signup', to: 'reception#email_input', as: 'signup'
+    get 'login', to: 'reception#email_input', as: 'login'
+    get 'logout', to: 'reception#disconnect', as: 'logout'
+    # New access control pathway
+    get '/reception', to: 'reception#email_input', as: 'email_input'
+    post '/parse_email', to: 'reception#parse_email'
+    get '/email_validation', to: 'reception#email_validation'
+    get '/create_your_password', to: 'reception#create_your_password'
+    post '/password_creation/:id', to: 'reception#password_creation', as: 'password_creation'
+    get '/enter_your_password', to: 'reception#enter_your_password'
+    post '/password_checking/:id', to: 'reception#password_checking', as: 'password_checking'
+    get '/i_forgot_my_password', to: 'reception#i_forgot_my_password'
+    post '/request_new_password', to: 'reception#request_new_password'
+    get '/change_your_password', to: 'reception#change_your_password'
+    post '/password_reset/:id', to: 'reception#password_reset', as: 'password_reset'
+    get '/disconnect', to: 'reception#disconnect'
+
   end
+
 end

data/lib/generators/tkh_authentication/create_or_update_migrations/create_or_update_migrations_generator.rb

@@ -20,6 +20,7 @@ module TkhAuthentication
         migration_template "create_users.rb", "db/migrate/create_users.rb"
         migration_template "add_other_name_to_users.rb", "db/migrate/add_other_name_to_users.rb"
         migration_template "add_email_validation_to_users.rb", "db/migrate/add_email_validation_to_users.rb"
+        migration_template "add_password_creation_token.rb", "db/migrate/add_password_creation_token.rb"
       end
 
     end

data/lib/generators/tkh_authentication/create_or_update_migrations/templates/add_password_creation_token.rb

@@ -0,0 +1,6 @@
+class AddPasswordCreationToken < ActiveRecord::Migration
+  def change
+    add_column :users, :password_creation_token, :string
+    add_column :users, :password_creation_token_sent_at, :datetime
+  end
+end

data/lib/tkh_authentication/version.rb

@@ -1,3 +1,3 @@
 module TkhAuthentication
-  VERSION = "0.9.6"
+  VERSION = "0.9.7"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tkh_authentication
 version: !ruby/object:Gem::Version
-  version: 0.9.6
+  version: 0.9.7
 platform: ruby
 authors:
 - Swami Atma
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-21 00:00:00.000000000 Z
+date: 2014-08-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.0.rc1
+        version: 3.1.0.rc2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.0.rc1
+        version: 3.1.0.rc2
 - !ruby/object:Gem::Dependency
   name: stringex
   requirement: !ruby/object:Gem::Requirement
@@ -92,23 +92,32 @@ files:
 - MIT-LICENSE
 - README.md
 - Rakefile
-- app/controllers/password_resets_controller.rb
-- app/controllers/sessions_controller.rb
+- app/controllers/reception_controller.rb
 - app/controllers/users_controller.rb
-- app/mailers/user_mailer.rb
-- app/models/newbie.rb
+- app/mailers/reception_mailer.rb
 - app/models/user.rb
-- app/views/password_resets/edit.html.erb
-- app/views/password_resets/new.html.erb
-- app/views/sessions/_form.html.erb
-- app/views/sessions/new.html.erb
+- app/views/reception/_enter_your_password_form.html.erb
+- app/views/reception/_enter_your_password_form.js.erb
+- app/views/reception/change_your_password.html.erb
+- app/views/reception/create_your_password.html.erb
+- app/views/reception/email_input.html.erb
+- app/views/reception/enter_your_password.html.erb
+- app/views/reception/i_forgot_my_password.html.erb
+- app/views/reception/parse_email.html.erb
+- app/views/reception/parse_email.js.erb
+- app/views/reception/request_new_password.html.erb
+- app/views/reception_mailer/new_password_request_email.html.erb
+- app/views/reception_mailer/new_password_request_email.text.erb
+- app/views/reception_mailer/password_creation_verification_email.html.erb
+- app/views/reception_mailer/password_creation_verification_email.text.erb
+- app/views/reception_mailer/verification_email.html.erb
+- app/views/reception_mailer/verification_email.text.erb
 - app/views/shared/_embedded_access_control.html.erb
 - app/views/shared/_embedded_login_module.html.erb
 - app/views/shared/_login_info.html.erb
 - app/views/shared/_login_info_for_navbar.html.erb
 - app/views/shared/_login_info_for_sidebar.html.erb
-- app/views/user_mailer/password_reset.text.erb
-- app/views/user_mailer/password_set.text.erb
+- app/views/shared/_other_name_label.html.erb
 - app/views/users/_detect_user_existence_form.html.erb
 - app/views/users/_form.html.erb
 - app/views/users/index.html.erb
@@ -123,6 +132,7 @@ files:
 - lib/generators/tkh_authentication/create_or_update_migrations/create_or_update_migrations_generator.rb
 - lib/generators/tkh_authentication/create_or_update_migrations/templates/add_email_validation_to_users.rb
 - lib/generators/tkh_authentication/create_or_update_migrations/templates/add_other_name_to_users.rb
+- lib/generators/tkh_authentication/create_or_update_migrations/templates/add_password_creation_token.rb
 - lib/generators/tkh_authentication/create_or_update_migrations/templates/create_users.rb
 - lib/tasks/tkh_authentication_tasks.rake
 - lib/tkh_authentication.rb

data/app/controllers/password_resets_controller.rb

@@ -1,36 +0,0 @@
-class PasswordResetsController < ApplicationController
-
-  def create
-    user = User.find_by_email(params[:email])
-    if user
-      user.send_password_reset
-      redirect_to root_url, :notice => t('authentication.reset_password_email_sent_confirmation')
-    else
-      redirect_to root_url, :alert => t('authentication.warning.no_such_email')
-    end
-  end
-
-  def edit
-    @user = User.find_by_password_reset_token!(params[:id])
-  end
-
-  def update
-    @user = User.find_by_password_reset_token!(params[:id])
-    if @user.password_reset_sent_at < 2.hours.ago
-      redirect_to new_password_reset_path, :alert => t('authentication.warning.password_reset_expired')
-    elsif @user.update_attributes(params[:user])
-      cookies[:auth_token] = @user.auth_token # logging in the user
-      redirect_to session[:target_page] || safe_root_url, notice: t('authentication.password_reset_confirmation')
-      destroy_target_page
-    else
-      render :edit
-    end
-  end
-
-  private
-
-  def destroy_target_page
-    session[:target_page] = nil
-  end
-
-end

data/app/controllers/sessions_controller.rb

@@ -1,41 +0,0 @@
-class SessionsController < ApplicationController
-
-  def new
-    set_target_page
-    redirect_to root_path if current_user
-  end
-
-  def create
-    set_target_page
-    user = User.find_by_email(params[:email])
-    if user && user.authenticate(params[:password])
-      if params[:remember_me]
-        cookies.permanent[:auth_token] = user.auth_token
-      else
-        cookies[:auth_token] = user.auth_token
-      end
-      redirect_to (session[:target_page] || safe_root_url), notice: t('authentication.login_confirmation')
-      destroy_target_page
-    else
-      flash.now.alert = t('authentication.warning.email_or_password_invalid')
-      render "new"
-    end
-  end
-
-  def destroy
-    cookies.delete(:auth_token)
-    destroy_target_page
-    redirect_to safe_root_url, notice: t('authentication.logout_confirmation')
-  end
-
-  private
-
-  def set_target_page
-    session[:target_page] = request.referer unless session[:target_page] # && !request.referer.nil?
-  end
-
-  def destroy_target_page
-    session[:target_page] = nil
-  end
-
-end

data/app/mailers/user_mailer.rb

@@ -1,20 +0,0 @@
-class UserMailer < ActionMailer::Base
-
-  default :from => Setting.first.try(:contact_email) ? Setting.first.try(:contact_email) : 'info@tenthousandhours.eu'
-
-  # Subject can be set in your I18n file at config/locales/en.yml
-  # with the following lookup:
-  #
-  #   en.user_mailer.password_reset.subject
-  #
-  def password_reset(user)
-    @user = user
-    mail :to => user.email, :subject => t('authentication.password_reset_email_subject') + ' | ' + Setting.first.try(:site_name)
-  end
-
-  def password_set(user)
-    @user = user
-    mail :to => user.email, :subject => t('authentication.email_validation_subject') + ' | ' + Setting.first.try(:site_name)
-  end
-
-end

data/app/models/newbie.rb

@@ -1,12 +0,0 @@
-class Newbie < User
-
-  def send_password_set
-    generate_token(:password_reset_token)
-    self.password_reset_sent_at = Time.zone.now
-    # necessary to pass has_secure_password validations
-    self.password, self.password_confirmation = 'temporary', 'temporary'
-    save!
-    UserMailer.password_set(self).deliver
-  end
-
-end

data/app/views/password_resets/edit.html.erb

@@ -1,14 +0,0 @@
-<h1>Create a new Password</h1>
-
-<%= simple_form_for @user, :url => password_reset_path(params[:id]) do |f| %>
-<%= f.error_notification %>
-
-  <div class="field">
-    <%= f.input :password %>
-    <%= f.input :password_confirmation %>
-  </div>
-  <div class="actions"><%= f.submit t('authentication.update_password') %></div>
-<% end %>
-
-<%# partial in tkh_menus gem or has to be added in host app %>
-<%= render './shared/menus' %>

data/app/views/password_resets/new.html.erb

@@ -1,14 +0,0 @@
-<h1><%= t('authentication.password.request.a_new_one') %></h1>
-
-<p><%= t('authentication.password.request.explanation') %></p>
-
-<%= form_tag password_resets_path, :method => :post do %>
-  <div class="field">
-    <%= label_tag :email %>
-    <%= text_field_tag :email, params[:email] %>
-  </div>
-  <div class="actions"><%= submit_tag t('authentication.reset_your_password'), class: 'btn btn-primary' %></div>
-<% end %>
-
-<%# partial in tkh_menus gem or has to be added in host app %>
-<%= render './shared/menus' %>

data/app/views/sessions/_form.html.erb

@@ -1,32 +0,0 @@
-<%= form_tag sessions_path, class: 'simple_form form-horizontal' do %>
-
-	<div class="form-inputs">
-	  <div class="control-group email required">
-	    <%= label_tag :email, t('activerecord.attributes.user.email'), class: "email required control-label" %>
-			<div class="controls">
-		    <%= text_field_tag :email, params[:email], :html => { class: 'string email required' } %>
-				<p class="help-block"><%= link_to t('authentication.not_registered'), signup_path %></p>
-			</div>
-	  </div>
-
-		<div class="control-group password required">
-	    <%= label_tag :password, t('activerecord.attributes.user.password'), class: "password required control-label" %>
-			<div class="controls">
-		    <%= password_field_tag :password %>
-				<p class="help-block"><%= link_to t('authentication.forgot_password'), new_password_reset_path %></p>
-			</div>
-	  </div>
-
-		<div class="control-group boolean optional">
-			<div class="controls">
-				<label class="checkbox"><input class="boolean optional" id="remember_me" name="remember_me" type="checkbox" value="1" /><%= t('authentication.remember_me') %></label>
-			</div>
-		</div>
-
-	</div>
-
-	<div class="form-actions">
-    <%= submit_tag t('authentication.login_now'), class: 'btn btn-primary' %>
-  </div>
-
-<% end %>

data/app/views/sessions/new.html.erb

@@ -1,6 +0,0 @@
-<h1><%= t('authentication.login_now') %></h1>
-
-<%= render 'form' %>
-
-<%# partial in tkh_menus gem or has to be added in host app %>
-<%= render './shared/menus' %>

data/app/views/user_mailer/password_reset.text.erb

@@ -1 +0,0 @@
-<%= t 'authentication.reset_instructions', reset_url:  edit_password_reset_url(@user.password_reset_token, locale: I18n.locale) %>

data/app/views/user_mailer/password_set.text.erb

@@ -1 +0,0 @@
-<%= t 'authentication.email_validation_instructions', reset_url:  edit_password_reset_url(@user.password_reset_token, locale: I18n.locale) %>