tonkapark-clearance 0.6.9.3 → 0.7.0

data/config/clearance_routes.rb

@@ -1,7 +1,7 @@
 ActionController::Routing::Routes.draw do |map|
   map.resources :passwords,
     :controller => 'clearance/passwords',
-    :only       => [:create]
+    :only       => [:new, :create]
 
   map.resource  :session,
     :controller => 'clearance/sessions',
@@ -17,19 +17,17 @@ ActionController::Routing::Routes.draw do |map|
       :only       => [:new, :create]
   end
 
-  map.resources :invitations,
-    :controller => 'clearance/invitations',
-    :only       => [:index, :new, :create]
-
-  map.recover_password '/recover_password', :controller =>'clearance/passwords', :action => 'new'
+  map.recover_password  'recover_password',
+    :controller => 'clearance/passwords',
+    :action     => 'new'
 
-  map.signup  '/signup/:invitation_token',
+  map.sign_up  'sign_up',
     :controller => 'clearance/users',
     :action     => 'new'
-  map.signin  'login',
+  map.sign_in  'sign_in',
     :controller => 'clearance/sessions',
     :action     => 'new'
-  map.logout 'logout',
+  map.sign_out 'sign_out',
     :controller => 'clearance/sessions',
     :action     => 'destroy',
     :method     => :delete

data/generators/clearance/clearance_generator.rb

@@ -12,7 +12,6 @@ class ClearanceGenerator < Rails::Generator::Base
       user_model = "app/models/user.rb"
       if File.exists?(user_model)
         m.insert_into user_model, "include Clearance::User"
-        m.insert_into user_model, "belongs_to :invitation"
       else
         m.directory File.join("app", "models")
         m.file "user.rb", user_model
@@ -21,35 +20,17 @@ class ClearanceGenerator < Rails::Generator::Base
       m.directory File.join("test", "factories")
       m.file "factories.rb", "test/factories/clearance.rb"
 
-      m.migration_template "migrations/#{user_migration_name}.rb",
+      m.migration_template "migrations/#{migration_name}.rb",
                            'db/migrate',
-                           :migration_file_name => "clearance_#{user_migration_name}"
+                           :migration_file_name => "clearance_#{migration_name}"
 
-      m.directory File.join("config")
-      m.file "clearance.yml", 'config/clearance.yml'
-
-      invitation_model = "app/models/invitation.rb"
-      if File.exists?(invitation_model)
-        m.insert_into invitation_model, "include Clearance::Invitation"
-        m.insert_into invitation_model, "belongs_to :sender, :class_name => 'User', :foreign_key => :sender_id"
-      else
-        m.directory File.join("app", "models")
-        m.file "invitation.rb", invitation_model
-      end
-
-      m.migration_template "migrations/#{invitation_migration_name}.rb",
-                           'db/migrate',
-                           :migration_file_name => "clearance_#{invitation_migration_name}"
-                           
-
-                           
       m.readme "README"
     end
   end
 
   private
 
-  def user_migration_name
+  def migration_name
     if ActiveRecord::Base.connection.table_exists?(:users)
       'update_users'
     else
@@ -57,12 +38,4 @@ class ClearanceGenerator < Rails::Generator::Base
     end
   end
 
-  def invitation_migration_name
-    if ActiveRecord::Base.connection.table_exists?(:invitations)
-      'update_invitations'
-    else
-      'create_invitations'
-    end
-  end
-
 end

data/generators/clearance/templates/README

@@ -1,22 +1,22 @@
 
 *******************************************************************************
- 
+
 Ok, enough fancy automatic stuff. Time for some old school monkey copy-pasting.
- 
-1. A a clearance.yml config file has been created in your config/ directory.
- 
-Use it to configure the host name and sender of clearance generated emails.
-In production it must be the actual host your application is deployed to.
-The config is used by mailers to generate URLs in emails.
- 
-It can look like this:
- 
-production:
-  host: you_production_host.com
-  do_not_reply: do_not_reply@you_production_host.com
- 
-2. Define root_url to *something* in your config/routes.rb:
- 
+
+1. Define a HOST constant in your environments files.
+In config/environments/test.rb and config/environments/development.rb it can be:
+
+    HOST = "localhost"
+
+In production.rb it must be the actual host your application is deployed to.
+The constant is used by mailers to generate URLs in emails.
+
+2. In config/environment.rb:
+
+    DO_NOT_REPLY = "donotreply@example.com"
+
+3. Define root_url to *something* in your config/routes.rb:
+
     map.root :controller => 'home'
- 
+
 *******************************************************************************

data/generators/clearance/templates/migrations/create_users.rb

@@ -7,9 +7,6 @@ class ClearanceCreateUsers < ActiveRecord::Migration
       t.string   :token,              :limit => 128
       t.datetime :token_expires_at
       t.boolean  :email_confirmed, :default => false, :null => false
-      t.boolean  :admin, :default => false, :null => false
-      t.integer :invitation_id
-      t.integer :invitation_limit
       t.timestamps
     end
 

data/generators/clearance/templates/migrations/update_users.rb

@@ -8,10 +8,7 @@ class ClearanceUpdateUsers < ActiveRecord::Migration
         [:salt,               't.string :salt, :limit => 128'],
         [:token,              't.string :token, :limit => 128'],
         [:token_expires_at,   't.datetime :token_expires_at'],
-        [:email_confirmed,    't.boolean :email_confirmed, :default => false, :null => false'],
-        [:admin, 't.boolean  :admin, :default => false, :null => false'],
-        [:invitation_id,    't.integer :invitation_id'],
-        [:invitation_limit,    't.integer :invitation_limit']
+        [:email_confirmed,    't.boolean :email_confirmed, :default => false, :null => false']
       ].delete_if {|c| existing_columns.include?(c.first.to_s)} 
 -%>
     change_table(:users) do |t|

data/generators/clearance/templates/user.rb

@@ -1,4 +1,3 @@
 class User < ActiveRecord::Base
   include Clearance::User
-  belongs_to :invitation
 end

data/generators/clearance_features/clearance_features_generator.rb

@@ -1,20 +1,20 @@
 class ClearanceFeaturesGenerator < Rails::Generator::Base
-  
+
   def manifest
     record do |m|
       m.directory File.join("features", "step_definitions")
       m.directory File.join("features", "support")
-      
+
       ["features/step_definitions/clearance_steps.rb",
        "features/step_definitions/factory_girl_steps.rb",
        "features/support/paths.rb",
        "features/sign_in.feature",
-       "features/sign_out.feature",       
+       "features/sign_out.feature",
        "features/sign_up.feature",
        "features/password_reset.feature"].each do |file|
         m.file file, file
        end
     end
   end
-  
+
 end

data/generators/clearance_features/templates/features/sign_up.feature

@@ -26,3 +26,20 @@ Feature: Sign up
       Then I should see "Confirmed email and signed in"
       And I should be signed in
 
+    Scenario: Signed in user clicks confirmation link again
+      Given I signed up with "email@person.com/password"
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should be signed in
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should see "Confirmed email and signed in"
+      And I should be signed in
+
+    Scenario: Signed out user clicks confirmation link again
+      Given I signed up with "email@person.com/password"
+      When I follow the confirmation link sent to "email@person.com"
+      Then I should be signed in
+      When I sign out
+      And I follow the confirmation link sent to "email@person.com"
+      Then I should see "Already confirmed email. Please sign in."
+      And I should be signed out
+

data/generators/clearance_views/clearance_views_generator.rb

@@ -0,0 +1,27 @@
+class ClearanceViewsGenerator < Rails::Generator::Base
+
+  def manifest
+    record do |m|
+      strategy          = "formtastic"
+      template_strategy = "erb"
+
+      m.directory File.join("app", "views", "users")
+      m.file "#{strategy}/users/new.html.#{template_strategy}",
+        "app/views/users/new.html.#{template_strategy}"
+      m.file "#{strategy}/users/_inputs.html.#{template_strategy}",
+        "app/views/users/_inputs.html.#{template_strategy}"
+
+      m.directory File.join("app", "views", "sessions")
+      m.file "#{strategy}/sessions/new.html.#{template_strategy}",
+        "app/views/sessions/new.html.#{template_strategy}"
+
+      m.directory File.join("app", "views", "passwords")
+      m.file "#{strategy}/passwords/new.html.#{template_strategy}",
+        "app/views/passwords/new.html.#{template_strategy}"
+      m.file "#{strategy}/passwords/edit.html.#{template_strategy}",
+        "app/views/passwords/edit.html.#{template_strategy}"
+    end
+  end
+
+end
+

data/generators/clearance_views/templates/formtastic/passwords/edit.html.erb

@@ -0,0 +1,21 @@
+<h2>Change your password</h2>
+
+<p>
+  Your password has been reset. Choose a new password below.
+</p>
+
+<% semantic_form_for(:user,
+            :url  => user_password_path(@user, :token => @user.token),
+            :html => { :method => :put }) do |form| %>
+  <%= form.error_messages %>
+  <% form.inputs do -%>
+    <%= form.input :password, :as => :password,
+                   :label => "Choose password" %>
+    <%= form.input :password_confirmation, :as => :password,
+                   :label => "Confirm password" %>
+  <% end -%>
+  <% form.buttons do -%>
+    <%= form.commit_button "Save this password" %>
+  <% end -%>
+<% end %>
+

data/generators/clearance_views/templates/formtastic/passwords/new.html.erb

@@ -0,0 +1,15 @@
+<h2>Reset your password</h2>
+
+<p>
+  We will email you a link to reset your password.
+</p>
+
+<% semantic_form_for :password, :url => passwords_path do |form| -%>
+  <% form.inputs do -%>
+    <%= form.input :email, :label => "Email address" %>
+  <% end -%>
+  <% form.buttons do -%>
+    <%= form.commit_button "Reset password" %>
+  <% end -%>
+<% end -%>
+

data/generators/clearance_views/templates/formtastic/sessions/new.html.erb

@@ -0,0 +1,22 @@
+<h2>Sign in</h2>
+
+<% semantic_form_for :session, :url => session_path do |form| %>
+  <% form.inputs do %>
+    <%= form.input :email %>
+    <%= form.input :password, :as => :password %>
+    <%= form.input :remember_me, :as => :boolean, :required => false %>
+  <% end %>
+  <% form.buttons do %>
+    <%= form.commit_button "Sign in" %>
+  <% end %>
+<% end %>
+
+<ul>
+  <li>
+    <%= link_to "Sign up", new_user_path %>
+  </li>
+  <li>
+    <%= link_to "Forgot password?", new_password_path %>
+  </li>
+</ul>
+

data/generators/clearance_views/templates/formtastic/users/_inputs.html.erb

@@ -0,0 +1,6 @@
+<% form.inputs do %>
+  <%= form.input :email %>
+  <%= form.input :password %>
+  <%= form.input :password_confirmation, :label => "Confirm password" %>
+<% end %>
+

data/generators/clearance_views/templates/formtastic/users/new.html.erb

@@ -0,0 +1,10 @@
+<h2>Sign up</h2>
+
+<% semantic_form_for @user do |form| %>
+  <%= form.error_messages %>
+  <%= render :partial => "/users/inputs", :locals => { :form => form } %>
+  <% form.buttons do %>
+    <%= form.commit_button "Sign up" %>
+  <% end %>
+<% end %>
+

data/lib/clearance/authentication.rb

@@ -1,32 +1,94 @@
 module Clearance
   module Authentication
 
-    def self.included(controller)
+    def self.included(controller) # :nodoc:
       controller.send(:include, InstanceMethods)
 
       controller.class_eval do
-        helper_method :current_user
-        helper_method :signed_in?
-
-        hide_action :current_user, :signed_in?
+        helper_method :current_user, :signed_in?, :signed_out?
+        hide_action   :current_user, :signed_in?, :signed_out?
       end
     end
 
     module InstanceMethods
+      # User in the current session or remember me cookie
+      #
+      # @return [User, nil]
       def current_user
         @_current_user ||= (user_from_cookie || user_from_session)
       end
 
+      # Is the current user signed in?
+      #
+      # @return [true, false]
       def signed_in?
         ! current_user.nil?
       end
 
-      protected
+      # Is the current user signed out?
+      #
+      # @return [true, false]
+      def signed_out?
+        current_user.nil?
+      end
 
+      # Deny the user access if they are signed out.
+      #
+      # @example
+      #   before_filter :authenticate
       def authenticate
         deny_access unless signed_in?
       end
 
+      # Sign user in to session.
+      #
+      # @param [User]
+      #
+      # @example
+      #   sign_in(@user)
+      def sign_in(user)
+        if user
+          session[:user_id] = user.id
+        end
+      end
+
+      # Remember user with cookie.
+      #
+      # @param [User]
+      #
+      # @example
+      #   remember(@user)
+      def remember(user)
+        user.remember_me!
+        cookies[:remember_token] = { :value   => user.token,
+                                     :expires => user.token_expires_at }
+      end
+
+      # Forget user. Should only be used if developer overrides sign out.
+      #
+      # @param [User]
+      #
+      # @example
+      #   forget(@user)
+      def forget(user)
+        user.forget_me! if user
+        cookies.delete(:remember_token)
+        reset_session
+      end
+
+      # Store the current location.
+      # Display a flash message if included.
+      # Redirect to sign in.
+      #
+      # @param [String] optional flash message to display to denied user
+      def deny_access(flash_message = nil)
+        store_location
+        flash[:failure] = flash_message if flash_message
+        redirect_to(sign_in_url)
+      end
+
+      protected
+
       def user_from_session
         if session[:user_id]
           return nil  unless user = ::User.find_by_id(session[:user_id])
@@ -46,26 +108,12 @@ module Clearance
         sign_in(user)
       end
 
-      def sign_in(user)
-        if user
-          session[:user_id] = user.id
-        end
-      end
-
       def remember?
         params[:session] && params[:session][:remember_me] == "1"
       end
 
-      def remember(user)
-        user.remember_me!
-        cookies[:remember_token] = { :value   => user.token,
-                                     :expires => user.token_expires_at }
-      end
-
-      def forget(user)
-        user.forget_me! if user
-        cookies.delete(:remember_token)
-        reset_session
+      def store_location
+        session[:return_to] = request.request_uri if request.get?
       end
 
       def redirect_back_or(default)
@@ -84,16 +132,6 @@ module Clearance
       def redirect_to_root
         redirect_to(root_url)
       end
-
-      def store_location
-        session[:return_to] = request.request_uri if request.get?
-      end
-
-      def deny_access(flash_message = nil, opts = {})
-        store_location
-        flash[:failure] = flash_message if flash_message
-        redirect_to(signin_url)
-      end
     end
 
   end

data/lib/clearance/user.rb

@@ -3,6 +3,23 @@ require 'digest/sha1'
 module Clearance
   module User
 
+    # Hook for all Clearance::User modules.
+    #
+    # If you need to override parts of Clearance::User,
+    # extend and include à la carte.
+    #
+    # @example
+    #   extend ClassMethods
+    #   include InstanceMethods
+    #   include AttrAccessor
+    #   include Callbacks
+    #
+    # @see ClassMethods
+    # @see InstanceMethods
+    # @see AttrAccessible
+    # @see AttrAccessor
+    # @see Validations
+    # @see Callbacks
     def self.included(model)
       model.extend(ClassMethods)
 
@@ -14,14 +31,26 @@ module Clearance
     end
 
     module AttrAccessible
+      # Hook for attr_accessible white list.
+      #
+      # :email, :password, :password_confirmation
+      #
+      # Append other attributes that must be mass-assigned in your model.
+      #
+      # @example
+      #   include Clearance::User
+      #   attr_accessible :location, :gender
       def self.included(model)
         model.class_eval do
-          attr_accessible :email, :password, :password_confirmation, :invitation_token
+          attr_accessible :email, :password, :password_confirmation
         end
       end
     end
 
     module AttrAccessor
+      # Hook for attr_accessor virtual attributes.
+      #
+      # :password, :password_confirmation
       def self.included(model)
         model.class_eval do
           attr_accessor :password, :password_confirmation
@@ -30,6 +59,12 @@ module Clearance
     end
 
     module Validations
+      # Hook for validations.
+      #
+      # :email must be present, unique, formatted
+      #
+      # If password is required,
+      # :password must be present, confirmed
       def self.included(model)
         model.class_eval do
           validates_presence_of     :email
@@ -38,69 +73,91 @@ module Clearance
 
           validates_presence_of     :password, :if => :password_required?
           validates_confirmation_of :password, :if => :password_required?
-          
-          validates_presence_of :invitation_id, :message => 'is required', :if => Proc.new { |u| u.new_record?}
-          validates_uniqueness_of :invitation_id, :if => Proc.new { |u| u.new_record?}
         end
       end
     end
 
     module Callbacks
+      # Hook for callbacks.
+      #
+      # salt, token, password encryption are handled before_save.
       def self.included(model)
         model.class_eval do
-          before_save :initialize_salt, :encrypt_password, :initialize_token, :downcase_email
-          before_create :set_invitation_limit, :redeemed
+          before_save :initialize_salt, :encrypt_password, :initialize_token
         end
       end
     end
 
     module InstanceMethods
+      # Am I authenticated with given password?
+      #
+      # @param [String] plain-text password
+      # @return [true, false]
+      # @example
+      #   user.authenticated?('password')
       def authenticated?(password)
         encrypted_password == encrypt(password)
       end
 
-      def encrypt(string)
-        generate_hash("--#{salt}--#{string}--")
-      end
-
+      # Am I remembered?
+      #
+      # @return [true, false]
+      # @example
+      #   user.remember?
       def remember?
         token_expires_at && Time.now.utc < token_expires_at
       end
 
+      # Remember me for two weeks.
+      #
+      # @example
+      #   user.remember_me!
+      #   cookies[:remember_token] = { :value   => user.token,
+      #                                :expires => user.token_expires_at }
       def remember_me!
         remember_me_until! 2.weeks.from_now.utc
       end
 
+      # Forget me.
+      #
+      # @example
+      #   user.forget_me!
       def forget_me!
         clear_token
         save(false)
       end
 
+      # Confirm my email.
+      #
+      # @example
+      #   user.confirm_email!
       def confirm_email!
-        self.email_confirmed  = true
-        self.token            = nil
+        self.email_confirmed = true
+        self.token           = nil
         save(false)
       end
 
+      # Mark my account as forgotten password.
+      #
+      # @example
+      #   user.forgot_password!
       def forgot_password!
         generate_token
         save(false)
       end
 
+      # Update my password.
+      #
+      # @param [String, String] password and password confirmation
+      # @return [true, false] password was updated or not
+      # @example
+      #   user.update_password('new-password', 'new-password')
       def update_password(new_password, new_password_confirmation)
         self.password              = new_password
         self.password_confirmation = new_password_confirmation
         clear_token if valid?
         save
       end
-      
-      def invitation_token
-        invitation.token if invitation
-      end
-
-      def invitation_token=(token)
-        self.invitation = ::Invitation.find_by_token(token)
-      end
 
       protected
 
@@ -119,6 +176,10 @@ module Clearance
         self.encrypted_password = encrypt(password)
       end
 
+      def encrypt(string)
+        generate_hash("--#{salt}--#{string}--")
+      end
+
       def generate_token
         self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
         self.token_expires_at = nil
@@ -142,21 +203,15 @@ module Clearance
         self.token = encrypt("--#{token_expires_at}--#{password}--")
         save(false)
       end
-      
-      def downcase_email
-        self.email = email.to_s.downcase
-      end
-      
-      def set_invitation_limit
-          self.invitation_limit = 5
-      end
-      
-      def redeemed
-        invitation.redeemed! if invitation
-      end
     end
 
     module ClassMethods
+      # Authenticate with email and password.
+      #
+      # @param [String, String] email and password
+      # @return [User, nil] authenticated user or nil
+      # @example
+      #   User.authenticate("email@example.com", "password")
       def authenticate(email, password)
         return nil  unless user = find_by_email(email)
         return user if     user.authenticated?(password)