user_plane 0.0.15

data/app/controllers/user_plane/application_controller.rb

@@ -0,0 +1,5 @@
+module UserPlane
+  class ApplicationController < UserPlane.parent_controller.constantize
+    include UserPlane::SessionManagerConcern
+  end
+end

data/app/helpers/user_plane/application_helper.rb

@@ -0,0 +1,4 @@
+module UserPlane
+  module ApplicationHelper
+  end
+end

data/app/mailers/user_plane/application_mailer.rb

@@ -0,0 +1,8 @@
+module UserPlane
+  class ApplicationMailer < ActionMailer::Base
+    include Rails.application.routes.url_helpers
+    
+    default from: UserPlane.send_emails_from
+
+  end  
+end

data/app/mailers/user_plane/invite_mailer.rb

@@ -0,0 +1,14 @@
+module UserPlane
+  class InviteMailer < UserPlane.parent_mailer.constantize
+    # Subject can be set in your I18n file at config/locales/en.yml
+    # with the following lookup:
+    #
+    #   en.invite_mailer.invite.subject
+    #
+    def invite invite
+      @sign_up_with_invite = User::SignUpWithInvite.new(invite: invite)
+
+      mail to: @sign_up_with_invite.invite.recipient
+    end
+  end
+end

data/app/mailers/user_plane/verification_mailer.rb

@@ -0,0 +1,25 @@
+module UserPlane
+  class VerificationMailer < UserPlane.parent_mailer.constantize
+    # Subject can be set in your I18n file at config/locales/en.yml
+    # with the following lookup:
+    #
+    #   en.verification_mailer.address_verification.subject
+    #
+    def address_verification confirm_email_address
+      @confirm_email_address = confirm_email_address
+
+      mail to: confirm_email_address.verification.recipient
+    end
+
+    # Subject can be set in your I18n file at config/locales/en.yml
+    # with the following lookup:
+    #
+    #   en.verification_mailer.password_reset.subject
+    #
+    def password_reset reset_password
+      @reset_password = reset_password
+
+      mail to: reset_password.verification.recipient
+    end
+  end
+end

data/app/models/session_manager.rb

@@ -0,0 +1,100 @@
+class SessionManager
+
+  class << self
+    attr_accessor :identity_lifetime
+  end
+
+  # What else can go in the session
+  # Analytics stuff
+  # Location information
+  # some form of robot detection
+
+  @identity_lifetime = 1.hour  
+
+  def initialize(request_session)
+    @session = request_session
+    refresh!
+    @session[:created_at] ||= Time.now    
+    @session[:previous_page] = @session[:last_page]
+  end
+  
+  def created_at
+    @session[:created_at]
+  end
+  
+  # Stores the url in the user session to provide a redirect after the login.
+  def remember_page(url)
+    @session[:last_page] = url
+  end
+
+  # Provides the url to redirect to for a login.
+  def previous_page
+    @session[:previous_page]
+  end
+  
+  def last_announcements_seen_on
+    @session[:last_announcements_seen_on] ||= 1
+  end
+  
+  def last_announcements_seen!
+    @session[:last_announcements_seen_on] = Time.now
+  end
+  
+  # Sets into the session the identity with which the user has logged in.
+  def identity=(identity)
+    unless identity.nil?
+      @session[:identity] = {'id_token' => identity.serialize,
+                             'expires_at' => SessionManager.identity_lifetime.from_now}
+    else
+      @session[:identity] = nil
+    end
+    @identity = identity
+  end
+  
+  # Deletes the user login information for the session.
+  def sign_out
+    self.identity = nil
+  end
+
+  # Retrieves the identity from using the identity id and creation time stored in the session
+  def identity
+    serialized_identity = @session[:identity]
+
+    if serialized_identity &&  serialized_identity['expires_at'] > Time.now
+      begin
+        @identity ||= User::Identity.deserialize!(serialized_identity['id_token'])
+      rescue
+        nil
+      end
+    else
+      nil
+    end
+  end
+
+  # Retrieves the user account from the database through an identity.
+  def account
+    identity ? identity.account : User::Guest.find_or_create_from_session(@session)
+  end
+
+  # Returns _true_ if the user is logged in, otherwise returns _false_.
+  def signed_in?
+    identity ? true : false
+  end
+      
+  # Sets the login expiration to one year from now.
+  def remember_me!
+    @session[:identity]['expires_at'] = 1.year.from_now
+  end
+  
+private
+  
+  # Renews session expiration for the next 45 minutes if the session is still fresh
+  def refresh!
+    identity = @session[:identity]
+    if signed_in? && identity['expires_at'] < SessionManager.identity_lifetime.from_now 
+      identity['expires_at'] = SessionManager.identity_lifetime.from_now
+    end
+  end
+
+end
+

data/app/models/user.rb

@@ -0,0 +1,5 @@
+module User
+  def self.table_name_prefix
+    'user_'
+  end
+end

data/app/models/user/account.rb

@@ -0,0 +1,26 @@
+module User
+
+  class Account < ActiveRecord::Base
+
+    has_many   :oauth_identities, class_name: 'User::Identities::OAuth',
+                                  autosave: true
+    has_one    :email,            class_name: 'User::Identities::Email',
+                                  autosave: true
+    has_many   :suspensions,      class_name: 'User::Suspension'
+
+    validates :identities, presence: true
+
+    # TODO: turn this into a configuration option?
+    # in the event scenario the invites are shared across a party.    
+    has_one    :invites_stack, class_name: 'User::SignUpInvites::Stack',
+                               as: :owner
+    has_one    :invite,        class_name: 'User::SignUpInvites::Invite'
+
+    before_create :build_invites_stack
+
+    def identities
+      Array(email).concat(oauth_identities)
+    end
+  end
+
+end

data/app/models/user/confirm_email_address.rb

@@ -0,0 +1,55 @@
+module User
+  class ConfirmEmailAddress < UserPlane::Command
+    include ActiveModel::Validations::Callbacks
+
+    attr_accessor :verification
+    attr_accessor :identity
+    attr_accessor :code
+
+    validates :verification, presence: true
+    # TODO: the next two validations and #code= are duplicated with the
+    validates :verification, presence: true,
+                             receiver: {map_attributes: {created_at: :code,
+                                                         base:       :code,
+                                                         spent_at:   :code}}
+    validate {|r| r.errors.add(:code, 'Is not valid') unless r.verification}
+    validates :identity, receiver: {map_attributes: {address: :email}}
+
+    def to_param
+      self.code
+    end
+
+    def persisted?
+      verification && verification.persisted?
+    end
+
+    # FIXME: a lot of duplication with reset_password
+    def code= token
+      @code = token
+
+      address_verification_query = User::Identities::EmailVerification.address_verification.where(token: code)
+      if @identity = User::Identities::Email.joins(:verifications).merge(address_verification_query).first
+        @verification = identity.verifications.detect {|v| v.token == code}
+      end
+    end
+
+    def verification= verification
+      @code = verification.token
+      @verification = verification
+      @identity = verification.email
+    end
+
+
+    before_validation do
+      if verification
+        identity.address = verification.recipient
+        verification.spend
+      end
+    end
+
+    action do
+      identity.save
+    end
+
+  end
+end

data/app/models/user/guest.rb

@@ -0,0 +1,18 @@
+class User::Guest
+  
+  def self.find_or_create_from_session session
+    self.new(session)
+  end
+
+  def initialize session
+    @session = session
+  end
+
+  def name
+    'guest user'
+  end
+
+  def uid
+    ''
+  end
+end

data/app/models/user/identities.rb

@@ -0,0 +1,5 @@
+module User::Identities  
+  def self.table_name_prefix
+    'user_identities_'
+  end
+end

data/app/models/user/identities/email.rb

@@ -0,0 +1,98 @@
+module User
+  module Identities
+    class Email < Identity
+      has_many        :verifications, class_name: 'User::Identities::EmailVerification',
+                                      autosave: true
+      belongs_to      :account,  class_name: 'User::Account'
+      has_one         :id_token, as: :identity
+      attr_accessor   :address_change_verification
+
+      has_secure_password
+
+      before_validation do
+        self.build_id_token if (address_changed? || password_digest_changed?)
+      end
+
+      validates :password,  length: {within: 8..56},
+                            if: :password_digest_changed?
+
+      validates :address, presence:   true,
+                          uniqueness: true,
+                          email:      true
+
+      # TODO: move these in the relation scope?
+      current_address = arel_table[:address].eq(Identities::EmailVerification.arel_table[:recipient])
+      verified_address = Identities::EmailVerification.address_verification.spent.where(current_address)
+
+      def self.find_identity sign_in
+        identity = identity = find_by_address(sign_in[:email])
+        identity.authenticate(sign_in[:password]) if identity
+      end
+
+      def self.find_by_address address
+        where("lower(address) =?", address.downcase).first
+      end
+
+      def self.build_identity sign_up
+        identity = new(address: sign_up[:email],
+                       password: sign_up[:password],
+                       password_confirmation: sign_up[:password_confirmation])
+        sign_up.account.email = identity
+
+        identity
+      end
+      
+      # Scope for all the email addresses that have been verified via email verifications
+      # or, implicitly, via password resets.
+      def self.verified
+        joins(:verifications).where(verified_address)
+      end
+
+      def self.unverified
+        joins(:verifications).where.not(verified_address)
+      end
+
+      def verified?
+        verifications.spent.where(recipient: address) ? true : false
+      end
+
+      # Starts the address change process by creating a new email verification token
+      def change_address(new_address)
+        @address_change_verification ||= verifications.create(type: 'AddressChangeVerification')
+        address_change_verification.recipient = new_address
+      end
+      alias_method :unverified_address=, :change_address
+
+      def unverified_address
+        @address_change_verification && @address_change_verification.recipient 
+      end
+
+      def unverified_address_changed?
+        @address_change_verification ? true : false
+      end
+
+      # Returns a newly-created password reset token
+      def reset_password!
+        verifications.password_reset.create(recipient: address)
+      end
+
+      # Forces validation of the email address
+      def self.verify_address! token
+        verification = Identities::EmailVerification.address_verification.find_by(token: token)
+        raise ActiveRecord::RecordNotFound unless verification
+        verification.email.address = verification.recipient
+        verification.email.save!
+      end
+
+    end
+
+    # A Null email is an email identity-like object created when the address is not
+    # valid. 
+    NullEmail = Struct.new(:address) do
+      def authenticate password
+        return nil
+      end
+    end
+
+  end
+end

data/app/models/user/identities/email_verification.rb

@@ -0,0 +1,70 @@
+module User::Identities
+
+  # An EmailVerification is a token that is sent to a specific recipient and
+  # it is used to perform a task while confirming email validation.
+  # 
+  # Once used the token should be marked as spent, that will ensure that the
+  # token is fresh and hasn't been used before via validation.
+  #
+  # It is used by Identities::Email to verify an email address at signup,
+  # validate email address changes and reset the password.
+  class EmailVerification < ActiveRecord::Base
+    include TokenSegment
+    self.inheritance_column = nil
+
+    belongs_to      :email
+
+    has_token :token, expires_in: 2.weeks, regenerate_on: :create do
+      "#{Time.now}-#{rand}-#{recipient}"
+    end
+
+    validates :recipient, presence: true,
+                          email: true
+
+    validates_with UserPlane::FreshValidator, if: :spent_at_changed?
+    validates_each :spent_at, if: :spent_at_changed? do |record, attr, value|
+      record.errors.add(:spent_at, 'has already been spent') unless record.spent_at_was.nil?
+    end
+
+    def self.unspent
+      where(spent_at: nil)
+    end
+
+    def self.spent
+      where.not(spent_at: nil)
+    end
+
+    def self.address_verification
+      where(type: ['SignUpAddressVerification', 'AddressChangeVerification'])
+    end
+
+    def self.address_signup_verification
+      where(type: 'SignUpAddressVerification')
+    end
+    def self.address_change_verification
+      where(type: 'AddressChangeVerification')
+    end
+
+    def self.password_reset
+      where(type: 'PasswordReset')
+    end
+
+    def spend
+      self.spent_at = Time.now
+    end
+
+    def spend!
+      spend
+      save!
+    end
+
+    def unspent?
+      spent_at.nil? ? true : false
+    end
+
+    def spent?
+      !unspent?
+    end
+
+  end
+end