upstream-devise 2.1.0.rc
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +10 -0
- data/.travis.yml +15 -0
- data/CHANGELOG.rdoc +846 -0
- data/Gemfile +35 -0
- data/Gemfile.lock +165 -0
- data/MIT-LICENSE +20 -0
- data/README.md +384 -0
- data/Rakefile +34 -0
- data/app/controllers/devise/confirmations_controller.rb +43 -0
- data/app/controllers/devise/omniauth_callbacks_controller.rb +24 -0
- data/app/controllers/devise/passwords_controller.rb +47 -0
- data/app/controllers/devise/registrations_controller.rb +107 -0
- data/app/controllers/devise/sessions_controller.rb +49 -0
- data/app/controllers/devise/unlocks_controller.rb +44 -0
- data/app/controllers/devise_controller.rb +177 -0
- data/app/helpers/devise_helper.rb +25 -0
- data/app/mailers/devise/mailer.rb +15 -0
- data/app/views/devise/_links.erb +3 -0
- data/app/views/devise/confirmations/new.html.erb +12 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise/passwords/edit.html.erb +16 -0
- data/app/views/devise/passwords/new.html.erb +12 -0
- data/app/views/devise/registrations/edit.html.erb +25 -0
- data/app/views/devise/registrations/new.html.erb +18 -0
- data/app/views/devise/sessions/new.html.erb +17 -0
- data/app/views/devise/shared/_links.erb +25 -0
- data/app/views/devise/unlocks/new.html.erb +12 -0
- data/config/locales/en.yml +57 -0
- data/devise.gemspec +25 -0
- data/gemfiles/Gemfile.rails-3.1.x +35 -0
- data/gemfiles/Gemfile.rails-3.1.x.lock +167 -0
- data/lib/devise.rb +455 -0
- data/lib/devise/controllers/helpers.rb +269 -0
- data/lib/devise/controllers/rememberable.rb +52 -0
- data/lib/devise/controllers/scoped_views.rb +17 -0
- data/lib/devise/controllers/url_helpers.rb +67 -0
- data/lib/devise/delegator.rb +17 -0
- data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
- data/lib/devise/encryptors/base.rb +24 -0
- data/lib/devise/encryptors/clearance_sha1.rb +17 -0
- data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
- data/lib/devise/encryptors/sha1.rb +25 -0
- data/lib/devise/encryptors/sha512.rb +25 -0
- data/lib/devise/failure_app.rb +185 -0
- data/lib/devise/hooks/activatable.rb +11 -0
- data/lib/devise/hooks/forgetable.rb +9 -0
- data/lib/devise/hooks/lockable.rb +7 -0
- data/lib/devise/hooks/rememberable.rb +6 -0
- data/lib/devise/hooks/timeoutable.rb +22 -0
- data/lib/devise/hooks/trackable.rb +9 -0
- data/lib/devise/mailers/helpers.rb +86 -0
- data/lib/devise/mapping.rb +172 -0
- data/lib/devise/models.rb +123 -0
- data/lib/devise/models/authenticatable.rb +231 -0
- data/lib/devise/models/confirmable.rb +242 -0
- data/lib/devise/models/database_authenticatable.rb +126 -0
- data/lib/devise/models/encryptable.rb +86 -0
- data/lib/devise/models/lockable.rb +185 -0
- data/lib/devise/models/omniauthable.rb +27 -0
- data/lib/devise/models/recoverable.rb +140 -0
- data/lib/devise/models/registerable.rb +25 -0
- data/lib/devise/models/rememberable.rb +125 -0
- data/lib/devise/models/timeoutable.rb +49 -0
- data/lib/devise/models/token_authenticatable.rb +77 -0
- data/lib/devise/models/trackable.rb +35 -0
- data/lib/devise/models/validatable.rb +66 -0
- data/lib/devise/modules.rb +30 -0
- data/lib/devise/omniauth.rb +28 -0
- data/lib/devise/omniauth/config.rb +45 -0
- data/lib/devise/omniauth/url_helpers.rb +33 -0
- data/lib/devise/orm/active_record.rb +3 -0
- data/lib/devise/orm/mongoid.rb +3 -0
- data/lib/devise/param_filter.rb +41 -0
- data/lib/devise/rails.rb +54 -0
- data/lib/devise/rails/routes.rb +412 -0
- data/lib/devise/rails/warden_compat.rb +43 -0
- data/lib/devise/strategies/authenticatable.rb +165 -0
- data/lib/devise/strategies/base.rb +15 -0
- data/lib/devise/strategies/database_authenticatable.rb +21 -0
- data/lib/devise/strategies/rememberable.rb +53 -0
- data/lib/devise/strategies/token_authenticatable.rb +57 -0
- data/lib/devise/test_helpers.rb +130 -0
- data/lib/devise/version.rb +3 -0
- data/lib/generators/active_record/devise_generator.rb +78 -0
- data/lib/generators/active_record/templates/migration.rb +19 -0
- data/lib/generators/active_record/templates/migration_existing.rb +26 -0
- data/lib/generators/devise/devise_generator.rb +24 -0
- data/lib/generators/devise/install_generator.rb +24 -0
- data/lib/generators/devise/orm_helpers.rb +32 -0
- data/lib/generators/devise/views_generator.rb +110 -0
- data/lib/generators/mongoid/devise_generator.rb +60 -0
- data/lib/generators/templates/README +31 -0
- data/lib/generators/templates/devise.rb +216 -0
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +19 -0
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +22 -0
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +17 -0
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +15 -0
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +15 -0
- data/test/controllers/custom_strategy_test.rb +62 -0
- data/test/controllers/helpers_test.rb +254 -0
- data/test/controllers/internal_helpers_test.rb +97 -0
- data/test/controllers/sessions_controller_test.rb +36 -0
- data/test/controllers/url_helpers_test.rb +59 -0
- data/test/delegator_test.rb +19 -0
- data/test/devise_test.rb +72 -0
- data/test/encryptors_test.rb +30 -0
- data/test/failure_app_test.rb +211 -0
- data/test/generators/active_record_generator_test.rb +69 -0
- data/test/generators/devise_generator_test.rb +39 -0
- data/test/generators/install_generator_test.rb +13 -0
- data/test/generators/mongoid_generator_test.rb +23 -0
- data/test/generators/views_generator_test.rb +52 -0
- data/test/helpers/devise_helper_test.rb +51 -0
- data/test/indifferent_hash.rb +33 -0
- data/test/integration/authenticatable_test.rb +587 -0
- data/test/integration/confirmable_test.rb +255 -0
- data/test/integration/database_authenticatable_test.rb +82 -0
- data/test/integration/http_authenticatable_test.rb +97 -0
- data/test/integration/lockable_test.rb +224 -0
- data/test/integration/omniauthable_test.rb +133 -0
- data/test/integration/recoverable_test.rb +300 -0
- data/test/integration/registerable_test.rb +324 -0
- data/test/integration/rememberable_test.rb +158 -0
- data/test/integration/timeoutable_test.rb +114 -0
- data/test/integration/token_authenticatable_test.rb +161 -0
- data/test/integration/trackable_test.rb +92 -0
- data/test/mailers/confirmation_instructions_test.rb +95 -0
- data/test/mailers/reset_password_instructions_test.rb +83 -0
- data/test/mailers/unlock_instructions_test.rb +77 -0
- data/test/mapping_test.rb +127 -0
- data/test/models/authenticatable_test.rb +7 -0
- data/test/models/confirmable_test.rb +357 -0
- data/test/models/database_authenticatable_test.rb +189 -0
- data/test/models/encryptable_test.rb +73 -0
- data/test/models/lockable_test.rb +263 -0
- data/test/models/omniauthable_test.rb +7 -0
- data/test/models/recoverable_test.rb +205 -0
- data/test/models/registerable_test.rb +7 -0
- data/test/models/rememberable_test.rb +174 -0
- data/test/models/serializable_test.rb +48 -0
- data/test/models/timeoutable_test.rb +46 -0
- data/test/models/token_authenticatable_test.rb +55 -0
- data/test/models/trackable_test.rb +13 -0
- data/test/models/validatable_test.rb +117 -0
- data/test/models_test.rb +179 -0
- data/test/omniauth/config_test.rb +57 -0
- data/test/omniauth/url_helpers_test.rb +58 -0
- data/test/orm/active_record.rb +9 -0
- data/test/orm/mongoid.rb +14 -0
- data/test/rails_app/Rakefile +10 -0
- data/test/rails_app/app/active_record/admin.rb +6 -0
- data/test/rails_app/app/active_record/shim.rb +2 -0
- data/test/rails_app/app/active_record/user.rb +6 -0
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
- data/test/rails_app/app/controllers/admins_controller.rb +6 -0
- data/test/rails_app/app/controllers/application_controller.rb +8 -0
- data/test/rails_app/app/controllers/home_controller.rb +25 -0
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +14 -0
- data/test/rails_app/app/controllers/users_controller.rb +23 -0
- data/test/rails_app/app/helpers/application_helper.rb +3 -0
- data/test/rails_app/app/mailers/users/mailer.rb +3 -0
- data/test/rails_app/app/mongoid/admin.rb +30 -0
- data/test/rails_app/app/mongoid/shim.rb +24 -0
- data/test/rails_app/app/mongoid/user.rb +45 -0
- data/test/rails_app/app/views/admins/index.html.erb +1 -0
- data/test/rails_app/app/views/admins/sessions/new.html.erb +2 -0
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +1 -0
- data/test/rails_app/app/views/home/index.html.erb +1 -0
- data/test/rails_app/app/views/home/join.html.erb +1 -0
- data/test/rails_app/app/views/home/private.html.erb +1 -0
- data/test/rails_app/app/views/home/user_dashboard.html.erb +1 -0
- data/test/rails_app/app/views/layouts/application.html.erb +24 -0
- data/test/rails_app/app/views/users/index.html.erb +1 -0
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +1 -0
- data/test/rails_app/app/views/users/sessions/new.html.erb +1 -0
- data/test/rails_app/config.ru +4 -0
- data/test/rails_app/config/application.rb +41 -0
- data/test/rails_app/config/boot.rb +8 -0
- data/test/rails_app/config/database.yml +18 -0
- data/test/rails_app/config/environment.rb +5 -0
- data/test/rails_app/config/environments/development.rb +18 -0
- data/test/rails_app/config/environments/production.rb +33 -0
- data/test/rails_app/config/environments/test.rb +33 -0
- data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
- data/test/rails_app/config/initializers/devise.rb +186 -0
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/secret_token.rb +2 -0
- data/test/rails_app/config/routes.rb +90 -0
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +77 -0
- data/test/rails_app/db/schema.rb +52 -0
- data/test/rails_app/lib/shared_admin.rb +14 -0
- data/test/rails_app/lib/shared_user.rb +26 -0
- data/test/rails_app/public/404.html +26 -0
- data/test/rails_app/public/422.html +26 -0
- data/test/rails_app/public/500.html +26 -0
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/rails_app/script/rails +10 -0
- data/test/routes_test.rb +248 -0
- data/test/support/assertions.rb +42 -0
- data/test/support/helpers.rb +91 -0
- data/test/support/integration.rb +90 -0
- data/test/support/locale/en.yml +4 -0
- data/test/support/webrat/integrations/rails.rb +24 -0
- data/test/test_helper.rb +27 -0
- data/test/test_helpers_test.rb +134 -0
- metadata +451 -0
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module Models
|
|
3
|
+
# Registerable is responsible for everything related to registering a new
|
|
4
|
+
# resource (ie user sign up).
|
|
5
|
+
module Registerable
|
|
6
|
+
extend ActiveSupport::Concern
|
|
7
|
+
|
|
8
|
+
def self.required_fields(klass)
|
|
9
|
+
[]
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
module ClassMethods
|
|
13
|
+
# A convenience method that receives both parameters and session to
|
|
14
|
+
# initialize a user. This can be used by OAuth, for example, to send
|
|
15
|
+
# in the user token and be stored on initialization.
|
|
16
|
+
#
|
|
17
|
+
# By default discards all information sent by the session by calling
|
|
18
|
+
# new with params.
|
|
19
|
+
def new_with_session(params, session)
|
|
20
|
+
new(params)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
require 'devise/strategies/rememberable'
|
|
2
|
+
require 'devise/hooks/rememberable'
|
|
3
|
+
require 'devise/hooks/forgetable'
|
|
4
|
+
|
|
5
|
+
module Devise
|
|
6
|
+
module Models
|
|
7
|
+
# Rememberable manages generating and clearing token for remember the user
|
|
8
|
+
# from a saved cookie. Rememberable also has utility methods for dealing
|
|
9
|
+
# with serializing the user into the cookie and back from the cookie, trying
|
|
10
|
+
# to lookup the record based on the saved information.
|
|
11
|
+
# You probably wouldn't use rememberable methods directly, they are used
|
|
12
|
+
# mostly internally for handling the remember token.
|
|
13
|
+
#
|
|
14
|
+
# == Options
|
|
15
|
+
#
|
|
16
|
+
# Rememberable adds the following options in devise_for:
|
|
17
|
+
#
|
|
18
|
+
# * +remember_for+: the time you want the user will be remembered without
|
|
19
|
+
# asking for credentials. After this time the user will be blocked and
|
|
20
|
+
# will have to enter his credentials again. This configuration is also
|
|
21
|
+
# used to calculate the expires time for the cookie created to remember
|
|
22
|
+
# the user. By default remember_for is 2.weeks.
|
|
23
|
+
#
|
|
24
|
+
# * +extend_remember_period+: if true, extends the user's remember period
|
|
25
|
+
# when remembered via cookie. False by default.
|
|
26
|
+
#
|
|
27
|
+
# * +rememberable_options+: configuration options passed to the created cookie.
|
|
28
|
+
#
|
|
29
|
+
# == Examples
|
|
30
|
+
#
|
|
31
|
+
# User.find(1).remember_me! # regenerating the token
|
|
32
|
+
# User.find(1).forget_me! # clearing the token
|
|
33
|
+
#
|
|
34
|
+
# # generating info to put into cookies
|
|
35
|
+
# User.serialize_into_cookie(user)
|
|
36
|
+
#
|
|
37
|
+
# # lookup the user based on the incoming cookie information
|
|
38
|
+
# User.serialize_from_cookie(cookie_string)
|
|
39
|
+
module Rememberable
|
|
40
|
+
extend ActiveSupport::Concern
|
|
41
|
+
|
|
42
|
+
attr_accessor :remember_me, :extend_remember_period
|
|
43
|
+
|
|
44
|
+
def self.required_fields(klass)
|
|
45
|
+
[:remember_created_at]
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
# Generate a new remember token and save the record without validations
|
|
49
|
+
# unless remember_across_browsers is true and the user already has a valid token.
|
|
50
|
+
def remember_me!(extend_period=false)
|
|
51
|
+
self.remember_token = self.class.remember_token if generate_remember_token?
|
|
52
|
+
self.remember_created_at = Time.now.utc if generate_remember_timestamp?(extend_period)
|
|
53
|
+
save(:validate => false)
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
# If the record is persisted, remove the remember token (but only if
|
|
57
|
+
# it exists), and save the record without validations.
|
|
58
|
+
def forget_me!
|
|
59
|
+
return unless persisted?
|
|
60
|
+
self.remember_token = nil if respond_to?(:remember_token=)
|
|
61
|
+
self.remember_created_at = nil
|
|
62
|
+
save(:validate => false)
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
# Remember token should be expired if expiration time not overpass now.
|
|
66
|
+
def remember_expired?
|
|
67
|
+
remember_created_at.nil? || (remember_expires_at <= Time.now.utc)
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
# Remember token expires at created time + remember_for configuration
|
|
71
|
+
def remember_expires_at
|
|
72
|
+
remember_created_at + self.class.remember_for
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def rememberable_value
|
|
76
|
+
if respond_to?(:remember_token)
|
|
77
|
+
remember_token
|
|
78
|
+
elsif respond_to?(:authenticatable_salt) && (salt = authenticatable_salt)
|
|
79
|
+
salt
|
|
80
|
+
else
|
|
81
|
+
raise "authenticable_salt returned nil for the #{self.class.name} model. " \
|
|
82
|
+
"In order to use rememberable, you must ensure a password is always set " \
|
|
83
|
+
"or have a remember_token column in your model or implement your own " \
|
|
84
|
+
"rememberable_value in the model with custom logic."
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
def rememberable_options
|
|
89
|
+
self.class.rememberable_options
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
protected
|
|
93
|
+
|
|
94
|
+
def generate_remember_token? #:nodoc:
|
|
95
|
+
respond_to?(:remember_token) && remember_expired?
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
# Generate a timestamp if extend_remember_period is true, if no remember_token
|
|
99
|
+
# exists, or if an existing remember token has expired.
|
|
100
|
+
def generate_remember_timestamp?(extend_period) #:nodoc:
|
|
101
|
+
extend_period || remember_created_at.nil? || remember_expired?
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
module ClassMethods
|
|
105
|
+
# Create the cookie key using the record id and remember_token
|
|
106
|
+
def serialize_into_cookie(record)
|
|
107
|
+
[record.to_key, record.rememberable_value]
|
|
108
|
+
end
|
|
109
|
+
|
|
110
|
+
# Recreate the user based on the stored cookie
|
|
111
|
+
def serialize_from_cookie(id, remember_token)
|
|
112
|
+
record = to_adapter.get(id)
|
|
113
|
+
record if record && record.rememberable_value == remember_token && !record.remember_expired?
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
# Generate a token checking if one does not already exist in the database.
|
|
117
|
+
def remember_token #:nodoc:
|
|
118
|
+
generate_token(:remember_token)
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
Devise::Models.config(self, :remember_for, :extend_remember_period, :rememberable_options)
|
|
122
|
+
end
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
require 'devise/hooks/timeoutable'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
# Timeoutable takes care of veryfing whether a user session has already
|
|
6
|
+
# expired or not. When a session expires after the configured time, the user
|
|
7
|
+
# will be asked for credentials again, it means, he/she will be redirected
|
|
8
|
+
# to the sign in page.
|
|
9
|
+
#
|
|
10
|
+
# == Options
|
|
11
|
+
#
|
|
12
|
+
# Timeoutable adds the following options to devise_for:
|
|
13
|
+
#
|
|
14
|
+
# * +timeout_in+: the interval to timeout the user session without activity.
|
|
15
|
+
#
|
|
16
|
+
# == Examples
|
|
17
|
+
#
|
|
18
|
+
# user.timedout?(30.minutes.ago)
|
|
19
|
+
#
|
|
20
|
+
module Timeoutable
|
|
21
|
+
extend ActiveSupport::Concern
|
|
22
|
+
|
|
23
|
+
def self.required_fields(klass)
|
|
24
|
+
[]
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
# Checks whether the user session has expired based on configured time.
|
|
28
|
+
def timedout?(last_access)
|
|
29
|
+
return false if remember_exists_and_not_expired?
|
|
30
|
+
!timeout_in.nil? && last_access && last_access <= timeout_in.ago
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def timeout_in
|
|
34
|
+
self.class.timeout_in
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
private
|
|
38
|
+
|
|
39
|
+
def remember_exists_and_not_expired?
|
|
40
|
+
return false unless respond_to?(:remember_created_at)
|
|
41
|
+
remember_created_at && !remember_expired?
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
module ClassMethods
|
|
45
|
+
Devise::Models.config(self, :timeout_in)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
49
|
+
end
|
|
@@ -0,0 +1,77 @@
|
|
|
1
|
+
require 'devise/strategies/token_authenticatable'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
# The TokenAuthenticatable module is responsible for generating an authentication token and
|
|
6
|
+
# validating the authenticity of the same while signing in.
|
|
7
|
+
#
|
|
8
|
+
# This module only provides a few helpers to help you manage the token, but it is up to you
|
|
9
|
+
# to choose how to use it. For example, if you want to have a new token every time the user
|
|
10
|
+
# saves his account, you can do the following:
|
|
11
|
+
#
|
|
12
|
+
# before_save :reset_authentication_token
|
|
13
|
+
#
|
|
14
|
+
# On the other hand, if you want to generate token unless one exists, you should use instead:
|
|
15
|
+
#
|
|
16
|
+
# before_save :ensure_authentication_token
|
|
17
|
+
#
|
|
18
|
+
# If you want to delete the token after it is used, you can do so in the
|
|
19
|
+
# after_token_authentication callback.
|
|
20
|
+
#
|
|
21
|
+
# == Options
|
|
22
|
+
#
|
|
23
|
+
# TokenAuthenticatable adds the following options to devise_for:
|
|
24
|
+
#
|
|
25
|
+
# * +token_authentication_key+: Defines name of the authentication token params key. E.g. /users/sign_in?some_key=...
|
|
26
|
+
#
|
|
27
|
+
module TokenAuthenticatable
|
|
28
|
+
extend ActiveSupport::Concern
|
|
29
|
+
|
|
30
|
+
def self.required_fields(klass)
|
|
31
|
+
[:authentication_token]
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# Generate new authentication token (a.k.a. "single access token").
|
|
35
|
+
def reset_authentication_token
|
|
36
|
+
self.authentication_token = self.class.authentication_token
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
# Generate new authentication token and save the record.
|
|
40
|
+
def reset_authentication_token!
|
|
41
|
+
reset_authentication_token
|
|
42
|
+
save(:validate => false)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
# Generate authentication token unless already exists.
|
|
46
|
+
def ensure_authentication_token
|
|
47
|
+
reset_authentication_token if authentication_token.blank?
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
# Generate authentication token unless already exists and save the record.
|
|
51
|
+
def ensure_authentication_token!
|
|
52
|
+
reset_authentication_token! if authentication_token.blank?
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
# Hook called after token authentication.
|
|
56
|
+
def after_token_authentication
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
def expire_auth_token_on_timeout
|
|
60
|
+
self.class.expire_auth_token_on_timeout
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
module ClassMethods
|
|
64
|
+
def find_for_token_authentication(conditions)
|
|
65
|
+
find_for_authentication(:authentication_token => conditions[token_authentication_key])
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
# Generate a token checking if one does not already exist in the database.
|
|
69
|
+
def authentication_token
|
|
70
|
+
generate_token(:authentication_token)
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
Devise::Models.config(self, :token_authentication_key, :expire_auth_token_on_timeout)
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
require 'devise/hooks/trackable'
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
# Track information about your user sign in. It tracks the following columns:
|
|
6
|
+
#
|
|
7
|
+
# * sign_in_count - Increased every time a sign in is made (by form, openid, oauth)
|
|
8
|
+
# * current_sign_in_at - A timestamp updated when the user signs in
|
|
9
|
+
# * last_sign_in_at - Holds the timestamp of the previous sign in
|
|
10
|
+
# * current_sign_in_ip - The remote ip updated when the user sign in
|
|
11
|
+
# * last_sign_in_ip - Holds the remote ip of the previous sign in
|
|
12
|
+
#
|
|
13
|
+
module Trackable
|
|
14
|
+
def self.required_fields(klass)
|
|
15
|
+
[:current_sign_in_at, :current_sign_in_ip, :last_sign_in_at, :last_sign_in_ip, :sign_in_count]
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def update_tracked_fields!(request)
|
|
19
|
+
old_current, new_current = self.current_sign_in_at, Time.now.utc
|
|
20
|
+
self.last_sign_in_at = old_current || new_current
|
|
21
|
+
self.current_sign_in_at = new_current
|
|
22
|
+
|
|
23
|
+
old_current, new_current = self.current_sign_in_ip, request.ip
|
|
24
|
+
self.last_sign_in_ip = old_current || new_current
|
|
25
|
+
self.current_sign_in_ip = new_current
|
|
26
|
+
|
|
27
|
+
self.sign_in_count ||= 0
|
|
28
|
+
self.sign_in_count += 1
|
|
29
|
+
|
|
30
|
+
save(:validate => false) or raise "Devise trackable could not save #{inspect}." \
|
|
31
|
+
"Please make sure a model using trackable can be saved at sign in."
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module Models
|
|
3
|
+
# Validatable creates all needed validations for a user email and password.
|
|
4
|
+
# It's optional, given you may want to create the validations by yourself.
|
|
5
|
+
# Automatically validate if the email is present, unique and its format is
|
|
6
|
+
# valid. Also tests presence of password, confirmation and length.
|
|
7
|
+
#
|
|
8
|
+
# == Options
|
|
9
|
+
#
|
|
10
|
+
# Validatable adds the following options to devise_for:
|
|
11
|
+
#
|
|
12
|
+
# * +email_regexp+: the regular expression used to validate e-mails;
|
|
13
|
+
# * +password_length+: a range expressing password length. Defaults to 6..128.
|
|
14
|
+
#
|
|
15
|
+
module Validatable
|
|
16
|
+
# All validations used by this module.
|
|
17
|
+
VALIDATIONS = [ :validates_presence_of, :validates_uniqueness_of, :validates_format_of,
|
|
18
|
+
:validates_confirmation_of, :validates_length_of ].freeze
|
|
19
|
+
|
|
20
|
+
def self.required_fields(klass)
|
|
21
|
+
[]
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def self.included(base)
|
|
25
|
+
base.extend ClassMethods
|
|
26
|
+
assert_validations_api!(base)
|
|
27
|
+
|
|
28
|
+
base.class_eval do
|
|
29
|
+
validates_presence_of :email, :if => :email_required?
|
|
30
|
+
validates_uniqueness_of :email, :allow_blank => true, :if => :email_changed?
|
|
31
|
+
validates_format_of :email, :with => email_regexp, :allow_blank => true, :if => :email_changed?
|
|
32
|
+
|
|
33
|
+
validates_presence_of :password, :if => :password_required?
|
|
34
|
+
validates_confirmation_of :password, :if => :password_required?
|
|
35
|
+
validates_length_of :password, :within => password_length, :allow_blank => true
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def self.assert_validations_api!(base) #:nodoc:
|
|
40
|
+
unavailable_validations = VALIDATIONS.select { |v| !base.respond_to?(v) }
|
|
41
|
+
|
|
42
|
+
unless unavailable_validations.empty?
|
|
43
|
+
raise "Could not use :validatable module since #{base} does not respond " <<
|
|
44
|
+
"to the following methods: #{unavailable_validations.to_sentence}."
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
protected
|
|
49
|
+
|
|
50
|
+
# Checks whether a password is needed or not. For validations only.
|
|
51
|
+
# Passwords are always required if it's a new record, or if the password
|
|
52
|
+
# or confirmation are being set somewhere.
|
|
53
|
+
def password_required?
|
|
54
|
+
!persisted? || !password.nil? || !password_confirmation.nil?
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def email_required?
|
|
58
|
+
true
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
module ClassMethods
|
|
62
|
+
Devise::Models.config(self, :email_regexp, :password_length)
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
require 'active_support/core_ext/object/with_options'
|
|
2
|
+
|
|
3
|
+
Devise.with_options :model => true do |d|
|
|
4
|
+
# Strategies first
|
|
5
|
+
d.with_options :strategy => true do |s|
|
|
6
|
+
routes = [nil, :new, :destroy]
|
|
7
|
+
s.add_module :database_authenticatable, :controller => :sessions, :route => { :session => routes }
|
|
8
|
+
s.add_module :token_authenticatable, :controller => :sessions, :route => { :session => routes }, :no_input => true
|
|
9
|
+
s.add_module :rememberable, :no_input => true
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
# Other authentications
|
|
13
|
+
d.add_module :encryptable
|
|
14
|
+
d.add_module :omniauthable, :controller => :omniauth_callbacks, :route => :omniauth_callback
|
|
15
|
+
|
|
16
|
+
# Misc after
|
|
17
|
+
routes = [nil, :new, :edit]
|
|
18
|
+
d.add_module :recoverable, :controller => :passwords, :route => { :password => routes }
|
|
19
|
+
d.add_module :registerable, :controller => :registrations, :route => { :registration => (routes << :cancel) }
|
|
20
|
+
d.add_module :validatable
|
|
21
|
+
|
|
22
|
+
# The ones which can sign out after
|
|
23
|
+
routes = [nil, :new]
|
|
24
|
+
d.add_module :confirmable, :controller => :confirmations, :route => { :confirmation => routes }
|
|
25
|
+
d.add_module :lockable, :controller => :unlocks, :route => { :unlock => routes }
|
|
26
|
+
d.add_module :timeoutable
|
|
27
|
+
|
|
28
|
+
# Stats for last, so we make sure the user is really signed in
|
|
29
|
+
d.add_module :trackable
|
|
30
|
+
end
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
begin
|
|
2
|
+
require "omniauth"
|
|
3
|
+
require "omniauth/version"
|
|
4
|
+
rescue LoadError => e
|
|
5
|
+
warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
|
|
6
|
+
raise
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
unless OmniAuth::VERSION =~ /^1\./
|
|
10
|
+
raise "You are using an old OmniAuth version, please ensure you have 1.0.0.pr2 version or later installed."
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
# Clean up the default path_prefix. It will be automatically set by Devise.
|
|
14
|
+
OmniAuth.config.path_prefix = nil
|
|
15
|
+
|
|
16
|
+
OmniAuth.config.on_failure = Proc.new do |env|
|
|
17
|
+
env['devise.mapping'] = Devise::Mapping.find_by_path!(env['PATH_INFO'], :path)
|
|
18
|
+
controller_name = ActiveSupport::Inflector.camelize(env['devise.mapping'].controllers[:omniauth_callbacks])
|
|
19
|
+
controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
|
|
20
|
+
controller_klass.action(:failure).call(env)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
module Devise
|
|
24
|
+
module OmniAuth
|
|
25
|
+
autoload :Config, "devise/omniauth/config"
|
|
26
|
+
autoload :UrlHelpers, "devise/omniauth/url_helpers"
|
|
27
|
+
end
|
|
28
|
+
end
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
module Devise
|
|
2
|
+
module OmniAuth
|
|
3
|
+
class StrategyNotFound < NameError
|
|
4
|
+
def initialize(strategy)
|
|
5
|
+
@strategy = strategy
|
|
6
|
+
super("Could not find a strategy with name `#{strategy}'. " \
|
|
7
|
+
"Please ensure it is required or explicitly set it using the :strategy_class option.")
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
class Config
|
|
12
|
+
attr_accessor :strategy
|
|
13
|
+
attr_reader :args, :options, :provider, :strategy_name
|
|
14
|
+
|
|
15
|
+
def initialize(provider, args)
|
|
16
|
+
@provider = provider
|
|
17
|
+
@args = args
|
|
18
|
+
@options = @args.last.is_a?(Hash) ? @args.last : {}
|
|
19
|
+
@strategy = nil
|
|
20
|
+
@strategy_name = options[:name] || @provider
|
|
21
|
+
@strategy_class = options.delete(:strategy_class)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def strategy_class
|
|
25
|
+
@strategy_class ||= find_strategy || autoload_strategy
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def find_strategy
|
|
29
|
+
::OmniAuth.strategies.find do |strategy_class|
|
|
30
|
+
strategy_class.to_s =~ /#{::OmniAuth::Utils.camelize(strategy_name)}$/ ||
|
|
31
|
+
strategy_class.default_options[:name] == strategy_name
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def autoload_strategy
|
|
36
|
+
name = ::OmniAuth::Utils.camelize(provider.to_s)
|
|
37
|
+
if ::OmniAuth::Strategies.const_defined?(name)
|
|
38
|
+
::OmniAuth::Strategies.const_get(name)
|
|
39
|
+
else
|
|
40
|
+
raise StrategyNotFound, name
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|