userify 0.2.0

data/CHANGELOG.textile

@@ -0,0 +1,3 @@
+h2. 0.1.0 (5/8/2009)
+
+* First cut of userify

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2009 Kenn Ejima
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.markdown

@@ -0,0 +1,123 @@
+Userify
+=======
+
+Super simple authentication system for Rails, using username, email and password.
+
+Userify focuses on the following 6 conventional actions, and that's all.
+
+( signup / signin / signout / activate / forgot / reset )
+
+Userify is inspired by **Clearance** <http://github.com/thoughtbot/clearance>.
+
+Limitations
+-----------
+
+Currently, Userify is available only when you create a new project. Don't expect it to work in existing projects.
+
+Requirements
+------------
+
+Userify requires Haml. However, when you override the default template, you don't have to use Haml.
+
+How to use it?
+--------------
+
+Here's the setup method.
+
+Install Userify gem, as well as Haml.
+
+    sudo gem sources -a http://gems.github.com # if you haven't do it already
+    sudo gem install haml
+    sudo gem install userify
+
+In config/environment.rb:
+
+    config.gem "haml"
+    config.gem "userify"
+    DO_NOT_REPLY = "donotreply@example.com"
+
+Run the generator:
+
+    script/generate userify
+
+In config/environments/development.rb and test.rb:
+
+    HOST = "localhost:3000"
+
+Define root_url to *something* in your config/routes.rb. Assuming home controller for root:
+
+    map.root :controller => 'home'
+
+Create user_controller.rb and home_controller.rb:
+
+    script/generate controller user
+    script/generate controller home
+
+Rewrite user_controller.rb as follows:
+
+    class UserController < Userify::UserController
+    end
+
+Edit home_controller.rb:
+
+    class HomeController < ApplicationController
+      def index
+      end
+    end
+
+Create app/views/home/index.html.haml:
+
+    - if signed_in?
+      %p= "Hello #{current_user.name}!"
+    %h1 Home
+    %p My app home
+    - if signed_in?
+      %p= link_to 'sign out', signout_url
+    - else
+      %p= link_to 'sign up', signup_url
+      %p= link_to 'sign in', signin_url
+
+Rename public/index.html:
+
+    mv public/index.html public/_index.html
+
+Run migration and start server:
+
+    rake db:migrate
+    script/server
+
+Now, go to <http://localhost:3000/> and check how everything works.
+
+Customize
+=========
+
+There are a couple of ways to customize Userify:
+
+### 1. Override methods in the user_controller subclass.
+
+You might want to override the following methods in your user_controller subclass.
+
+UserController methods:
+
+    url_after_signup
+    url_after_signin
+    url_after_signout
+    url_after_activate
+    url_after_forgot
+    url_after_reset
+
+View templates:
+
+    app/views/layouts/application.html.haml
+    app/views/layouts/_error_messages.html.haml
+    app/views/user/forgot.html.haml
+    app/views/user/reset.html.haml
+    app/views/user/signin.html.haml
+    app/views/user/signup.html.haml
+    app/views/userify_mailer/confirmation.html.erb
+    app/views/userify_mailer/reset_password.html.erb
+
+
+### 2. Unpack Userify gem into vendor/gems and directly edit source.
+
+    rake gems:unpack GEM=userify

data/Rakefile

@@ -0,0 +1,52 @@
+require 'rake'
+require 'rake/testtask'
+
+generators = %w(userify)
+
+namespace :generator do
+  desc "Cleans up the test app before running the generator"
+  task :cleanup do
+    generators.each do |generator|
+      FileList["generators/#{generator}/templates/**/*.*"].each do |each|
+        file = "test/rails_root/#{each.gsub("generators/#{generator}/templates/",'')}"
+        File.delete(file) if File.exists?(file)
+      end
+    end
+
+    FileList["test/rails_root/db/**/*"].each do |each| 
+      FileUtils.rm_rf(each)
+    end
+    FileUtils.rm_rf("test/rails_root/vendor/plugins/userify")
+    FileUtils.mkdir_p("test/rails_root/vendor/plugins")
+    userify_root = File.expand_path(File.dirname(__FILE__))
+    system("ln -s #{userify_root} test/rails_root/vendor/plugins/userify")
+  end
+
+  desc "Run the generator on the tests"
+  task :generate do
+    generators.each do |generator|
+      system "cd test/rails_root && ./script/generate #{generator} && rake db:migrate db:test:prepare"
+    end
+  end
+end
+
+desc "Run the test suite"
+task :default => ['test:all', 'test:features']
+
+gem_spec = Gem::Specification.new do |gem_spec|
+  gem_spec.name        = "userify"
+  gem_spec.version     = "0.2.0"
+  gem_spec.summary     = "Super simple authentication system for Rails, using username, email and password."
+  gem_spec.email       = "kenn.ejima <at> gmail.com"
+  gem_spec.homepage    = "http://github.com/kenn/userify"
+  gem_spec.description = "Super simple authentication system for Rails, using username, email and password."
+  gem_spec.authors     = ["Kenn Ejima"]
+  gem_spec.files       = FileList["[A-Z]*", "{app,config,generators,lib,rails}/**/*"]
+end
+
+desc "Generate a gemspec file"
+task :gemspec do
+  File.open("#{gem_spec.name}.gemspec", 'w') do |f|
+    f.write gem_spec.to_yaml
+  end
+end

data/TODO.textile

@@ -0,0 +1,5 @@
+h1. To-do
+
+* Add tests
+* Clean up dependencies
+* Rework uid.rb

data/app/controllers/userify/user_controller.rb

@@ -0,0 +1,161 @@
+class Userify::UserController < ApplicationController
+  unloadable
+  
+  before_filter :redirect_to_root, :only => [ :signup, :signin, :activate, :forgot, :reset ], :if => :signed_in?
+  filter_parameter_logging :password
+  
+  before_filter :assign_user_from_token,    :only => [ :activate, :reset ]
+  before_filter :forbid_non_existent_token, :only => [ :activate, :reset ]
+  before_filter :forbid_confirmed_user,     :only => :activate
+  
+  def signup
+    case request.method
+      
+    when :get
+      @user = ::User.new(params[:signup])
+      render :template => 'user/signup'
+      
+    when :post
+      @user = ::User.new(params[:signup])
+      if @user.save
+        ::UserifyMailer.deliver_confirmation @user
+        flash[:notice] = "You will receive an email within the next few minutes. " <<
+                         "It contains instructions for confirming your account."
+        redirect_to url_after_signup
+      else
+        flash[:error] = generate_error_messages_for(@user)
+        redirect_to :back
+      end
+    end
+    
+  end
+  
+  def signin
+    case request.method
+      
+    when :get
+      store_location(true) if session[:return_to].blank?
+      render :template => 'user/signin'
+      
+    when :post
+      @user = ::User.authenticate(params[:signin][:email], params[:signin][:password])
+      if @user.nil?
+        flash[:error] = "Bad email or password."
+        redirect_to :back
+      else
+        if @user.email_confirmed?
+          if params[:signin] and params[:signin][:remember_me] == "1"
+            @user.remember_me!
+            cookies[:remember_token] = { :value   => @user.token, :expires => @user.token_expires_at }
+          end
+          sign_in(@user)
+          flash[:notice] = "Signed in successfully."
+          redirect_back_or url_after_signin
+        else
+          ::UserifyMailer.deliver_confirmation(@user)
+          deny_access("User has not confirmed email. Confirmation email will be resent.")
+        end
+      end
+    end
+    
+  end
+  
+  def signout
+    current_user.forget_me! if current_user
+    cookies.delete :remember_token
+    reset_session
+    flash[:notice] = "You have been signed out."
+    redirect_to url_after_signout
+  end
+  
+  def activate
+    @user.confirm_email!
+    
+    sign_in(@user)
+    flash[:notice] = "Confirmed email and signed in."
+    redirect_to url_after_activate
+  end
+  
+  def forgot
+    case request.method
+      
+    when :get
+      render :template => 'user/forgot'
+      
+    when :post
+      if user = ::User.find_by_email(params[:forgot][:email])
+        user.forgot_password!
+        ::UserifyMailer.deliver_reset_password user
+        flash[:notice] = "You will receive an email within the next few minutes. " <<
+                         "It contains instructions for changing your password."
+        redirect_to url_after_forgot
+      else
+        flash[:error] = "Unknown email"
+        redirect_to :back
+      end
+    end
+    
+  end
+  
+  def reset
+    case request.method
+      
+    when :get
+      render :template => 'user/reset'
+      
+    when :post
+      if @user.update_password(params[:user][:password])
+        @user.confirm_email! unless @user.email_confirmed?
+        sign_in(@user)
+        flash[:notice] = "You have successfully reset your password."
+        redirect_to url_after_reset
+      else
+        redirect_to :back
+      end
+    end
+    
+  end
+  
+protected
+  def url_after_signup
+    root_url
+  end
+  
+  def url_after_signin
+    root_url
+  end
+  
+  def url_after_signout
+    return :back
+  end
+  
+  def url_after_activate
+    root_url
+  end
+  
+  def url_after_forgot
+    root_url
+  end
+  
+  def url_after_reset
+    root_url
+  end
+  
+  def assign_user_from_token
+    raise ActionController::Forbidden, "missing token" if params[:token].blank?
+    
+    @user = ::User.find_by_token(params[:token])
+  end
+  
+  def forbid_non_existent_token
+    raise ActionController::Forbidden, "non-existent token" unless @user
+  end
+  
+  def forbid_confirmed_user
+    raise ActionController::Forbidden, "confirmed user" if @user and @user.email_confirmed?
+  end
+  
+  def generate_error_messages_for(obj)
+    render_to_string :partial => 'layouts/error_messages', :object => obj.errors.full_messages
+  end
+end

data/app/models/userify_mailer.rb

@@ -0,0 +1,19 @@
+class UserifyMailer < ActionMailer::Base
+  
+  default_url_options[:host] = HOST
+  
+  def reset_password(user)
+    from       DO_NOT_REPLY
+    recipients user.email
+    subject    "Reset your password"
+    body       :user => user
+  end
+  
+  def confirmation(user)
+    from       DO_NOT_REPLY
+    recipients user.email
+    subject   "Account confirmation"
+    body      :user => user
+  end
+  
+end

data/app/views/layouts/_error_messages.html.haml

@@ -0,0 +1,4 @@
+%div= "#{pluralize error_messages.size, 'error'} occurred."
+%ul
+  - error_messages.each do |error_message|
+    %li= error_message

data/app/views/layouts/application.html.haml

@@ -0,0 +1,9 @@
+!!!
+%html{:xmlns => 'http://www.w3.org/1999/xhtml'}
+  %head
+    %title [Layout generated by userify]
+  %body
+    #flash
+    - flash.each do |key, value|
+      %div{ :class => "flash_#{key}" }= value
+    = yield

data/app/views/user/forgot.html.haml

@@ -0,0 +1,10 @@
+%h2 Forgot your password?
+
+%p We will email you a link to change your password.
+
+- form_for :forgot, :url => forgot_path do |form|
+  .text_field
+    = form.label :email, "Email address"
+    = form.text_field :email
+  .submit_field
+    = form.submit "Reset password", :disable_with => "Please wait..."

data/app/views/user/reset.html.haml

@@ -0,0 +1,12 @@
+%h2 Reset your password
+
+%p Your password has been reset. Choose a new password below.
+
+= error_messages_for :user
+
+- form_for :user, :url => reset_path(:token => @user.token) do |form|
+  .password_field
+    = form.label :password, "Choose password"
+    = form.password_field :password
+  .submit_field
+    = form.submit "Save this password", :disable_with => "Please wait..."

data/app/views/user/signin.html.haml

@@ -0,0 +1,20 @@
+%h2 Sign in
+
+- form_for :signin, :url => signin_path do |form|
+  .text_field
+    = form.label :email, "Email or username"
+    = form.text_field :email
+  .text_field
+    = form.label :password
+    = form.password_field :password
+  .text_field
+    = form.check_box :remember_me
+    = form.label :remember_me
+  .submit_field
+    = form.submit "Sign in", :disable_with => "Please wait..."
+
+%ul
+  %li
+    = link_to "Sign up", signup_path
+  %li
+    = link_to "Forgot password?", forgot_path

data/app/views/user/signup.html.haml

@@ -0,0 +1,14 @@
+%h2 Sign up
+
+- form_for :signup, :url => signup_path do |form|
+  = form.error_messages
+  .text_field
+    = form.label :username
+    = form.text_field :username
+  .text_field
+    = form.label :email
+    = form.text_field :email
+  .password_field
+    = form.label :password
+    = form.password_field :password
+  = form.submit 'Sign up', :disable_with => 'Please wait...'

data/app/views/userify_mailer/confirmation.html.erb

@@ -0,0 +1,4 @@
+Welcome <%= @user.name %>!
+
+To activate your account, you must click the link below:
+<%= activate_url :token => @user.token %>

data/app/views/userify_mailer/reset_password.html.erb

@@ -0,0 +1,6 @@
+Someone, hopefully you, has requested that we send you a link to change your password.
+
+Here's the link:
+<%= reset_url :token => @user.token %>
+
+If you didn't request this, ignore this email. Don't worry. Your password hasn't been changed.

data/config/userify_routes.rb

@@ -0,0 +1,8 @@
+ActionController::Routing::Routes.draw do |map|
+  map.signup 'user/signup', :controller => 'userify/user', :action => 'signup'
+  map.signin 'user/signin', :controller => 'userify/user', :action => 'signin'
+  map.signout 'user/signout', :controller => 'userify/user', :action => 'signout'
+  map.activate 'user/activate/:token', :controller => 'userify/user', :action => 'activate'
+  map.forgot 'user/forgot', :controller => 'userify/user', :action => 'forgot'
+  map.reset 'user/reset/:token', :controller => 'userify/user', :action => 'reset'
+end

data/generators/userify/USAGE

@@ -0,0 +1 @@
+script/generate userify

data/generators/userify/lib/insert_commands.rb

@@ -0,0 +1,56 @@
+# Mostly pinched from http://github.com/ryanb/nifty-generators/tree/master
+
+Rails::Generator::Commands::Base.class_eval do
+  def file_contains?(relative_destination, line)
+    File.read(destination_path(relative_destination)).include?(line)
+  end
+end
+
+Rails::Generator::Commands::Create.class_eval do
+  def route_name(name, path, route_options = {})
+    sentinel = 'ActionController::Routing::Routes.draw do |map|'
+    
+    logger.route "map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    unless options[:pretend]
+      gsub_file_once 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+        "#{match}\n  map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+      end
+    end
+  end
+  
+  def insert_into(file, line)
+    logger.insert "#{line} into #{file}"
+    unless options[:pretend] || file_contains?(file, line)
+      gsub_file file, /^(class|module) .+$/ do |match|
+        "#{match}\n  #{line}"
+      end
+    end
+  end
+end
+
+Rails::Generator::Commands::Destroy.class_eval do
+  def route_name(name, path, route_options = {})
+    look_for =   "\n  map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    logger.route "map.#{name} '#{path}',     :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    unless options[:pretend]
+      gsub_file    'config/routes.rb', /(#{look_for})/mi, ''
+    end
+  end
+  
+  def insert_into(file, line)
+    logger.remove "#{line} from #{file}"
+    unless options[:pretend]
+      gsub_file file, "\n  #{line}", ''
+    end
+  end
+end
+
+Rails::Generator::Commands::List.class_eval do
+  def route_name(name, path, options = {})
+    logger.route "map.#{name} '#{path}', :controller => '#{options[:controller]}', :action => '#{options[:action]}'"
+  end
+  
+  def insert_into(file, line)
+    logger.insert "#{line} into #{file}"
+  end
+end

data/generators/userify/lib/rake_commands.rb

@@ -0,0 +1,22 @@
+Rails::Generator::Commands::Create.class_eval do
+  def rake_db_migrate
+    logger.rake "db:migrate"
+    unless system("rake db:migrate")
+      logger.rake "db:migrate failed. Rolling back"      
+      command(:destroy).invoke!
+    end
+  end
+end
+
+Rails::Generator::Commands::Destroy.class_eval do
+  def rake_db_migrate
+    logger.rake "db:rollback"  
+    system "rake db:rollback"  
+  end
+end
+
+Rails::Generator::Commands::List.class_eval do
+  def rake_db_migrate
+    logger.rake "db:migrate"    
+  end
+end

data/generators/userify/templates/README

@@ -0,0 +1,22 @@
+
+*******************************************************************************
+
+Ok, enough fancy automatic stuff. Time for some old school monkey copy-pasting.
+
+1. Define a HOST constant in your environments files.
+In config/environments/test.rb and config/environments/development.rb it can be:
+
+    HOST = "localhost:3000"
+
+In production.rb it must be the actual host your application is deployed to.
+The constant is used by mailers to generate URLs in emails.
+
+2. In config/environment.rb:
+
+    DO_NOT_REPLY = "donotreply@example.com"
+
+3. Define root_url to *something* in your config/routes.rb:
+
+    map.root :controller => 'home'
+
+*******************************************************************************

data/generators/userify/templates/migrations/create_users.rb

@@ -0,0 +1,36 @@
+class UserifyCreateUsers < ActiveRecord::Migration
+  def self.up
+    
+    case connection.adapter_name
+    when 'MySQL'
+      execute "ALTER DATABASE #{connection.current_database} CHARACTER SET utf8 COLLATE utf8_bin"
+      no_case_collation = 'utf8_general_ci'
+      mysql = true
+    when 'SQLite'
+      # COLLATE BINARY by default
+      no_case_collation = 'NOCASE'
+      mysql = false
+    end
+    
+    create_table :users do |t|
+      t.string   :email,              :limit => 60, :null => false
+      t.string   :fullname,           :limit => 60
+      t.string   :encrypted_password, :limit => 40, :null => false
+      t.string   :salt,               :limit => 27, :null => false
+      t.string   :token,              :limit => 27
+      t.datetime :token_expires_at
+      t.boolean  :email_confirmed, :default => false, :null => false
+      t.timestamps
+    end
+    
+    execute "ALTER TABLE users ADD username VARCHAR(30) #{mysql ? 'CHARACTER SET utf8' : ''} COLLATE #{no_case_collation}"
+    
+    add_index :users, :username, :unique => true
+    add_index :users, :email, :unique => true
+    add_index :users, :token, :unique => true
+  end
+  
+  def self.down
+    drop_table :users  
+  end
+end

data/generators/userify/templates/uid.rb

@@ -0,0 +1,67 @@
+require 'securerandom'
+
+# Usage:
+# 
+# UID.new.to_s => "aWgEPTl1tmebfsQzFP4bxwgy80V"
+# UID.new(5).to_s => "8FsD5"
+# UID.new.to_i => 838068072552051698674007079806269848286804777409
+# 1000000000.base62 => "15ftgG"
+# "123abcABC".base62 => 225587272106046
+# 
+# By default, UIDs generates random BASE62 string of 27 characters, which is safer than 160bit SHA-1.
+# 
+# >> ('f'*40).hex
+# => 1461501637330902918203684832716283019655932542975
+# >> ('z'*27).base62
+# => 2480707824361381849652170924082266893544595652607
+
+class UID
+  def initialize(n=27)
+    max = ("Z"*n).base62
+    @value = SecureRandom.random_number(max)
+  end
+  
+  def to_s
+    @value.base62
+  end
+  
+  def to_i
+    @value
+  end
+  
+  def to_hex
+    @value.to_s(16)
+  end
+end
+
+class String
+  BASE62_PRIMITIVES = {}.tap do |h|
+    (('0'..'9').to_a + ('A'..'Z').to_a + ('a'..'z').to_a).each_with_index {|e, i| h[e] = i }
+  end
+  
+  def base62
+    i = 0
+    i_out = 0
+    self.split(//).reverse.each do |c|
+      place = BASE62_PRIMITIVES.size ** i
+      i_out += BASE62_PRIMITIVES[c] * place
+      i += 1
+    end
+    i_out
+  end
+end
+
+
+class Integer
+  BASE62_PRIMITIVES = ('0'..'9').to_a + ('A'..'Z').to_a + ('a'..'z').to_a
+  
+  def base62
+     number = self
+     result = ''
+     while(number != 0)
+        result = BASE62_PRIMITIVES[number % BASE62_PRIMITIVES.size ].to_s + result
+        number /= BASE62_PRIMITIVES.size
+     end
+    result
+  end
+end

data/generators/userify/templates/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include Userify::User
+end

data/generators/userify/userify_generator.rb

@@ -0,0 +1,30 @@
+require File.expand_path(File.dirname(__FILE__) + "/lib/insert_commands.rb")
+require File.expand_path(File.dirname(__FILE__) + "/lib/rake_commands.rb")
+
+class UserifyGenerator < Rails::Generator::Base
+  
+  def manifest
+    record do |m|
+      m.insert_into "app/controllers/application_controller.rb",
+                    "include Userify::Authentication"
+                    
+      user_model = "app/models/user.rb"
+      if File.exists?(user_model)
+        m.insert_into user_model, "include Userify::User"
+      else
+        m.directory File.join("app", "models")
+        m.file "user.rb", user_model
+      end
+      
+      m.directory File.join("lib", "userify")
+      m.file "uid.rb", "lib/userify/uid.rb", :collision => :ask
+      
+      m.migration_template "migrations/create_users.rb",
+        'db/migrate',
+        :migration_file_name => "userify_create_users"
+      
+      m.readme "README"
+    end
+  end
+  
+end

data/lib/userify.rb

@@ -0,0 +1,14 @@
+require 'userify/extensions/errors'
+require 'userify/extensions/rescue'
+require 'userify/authentication'
+require 'userify/user'
+
+class ActionController::Routing::RouteSet
+  def load_routes_with_userify!
+    userify_routes = File.join(File.dirname(__FILE__), *%w[.. config userify_routes.rb])
+    add_configuration_file(userify_routes) unless configuration_files.include? userify_routes
+    load_routes_without_userify!
+  end
+  
+  alias_method_chain :load_routes!, :userify
+end

data/lib/userify/authentication.rb

@@ -0,0 +1,76 @@
+module Userify
+  module Authentication
+    
+    def self.included(controller)
+      controller.send(:include, InstanceMethods)
+      
+      controller.class_eval do
+        helper_method :current_user
+        helper_method :signed_in?
+        
+        hide_action :current_user, :signed_in?
+      end
+    end
+    
+    module InstanceMethods
+      def current_user
+        @_current_user ||= (user_from_cookie or user_from_session)
+      end
+      
+      def signed_in?
+        ! current_user.nil?
+      end
+      
+    protected
+    
+      def authenticate
+        deny_access unless signed_in?
+      end
+      
+      def user_from_session
+        if session[:user_id]
+          return nil  unless user = ::User.find_by_id(session[:user_id])
+          return user if user.email_confirmed?
+        end
+      end
+      
+      def user_from_cookie
+        if token = cookies[:remember_token]
+          return nil  unless user = ::User.find_by_token(token)
+          return user if user.remember?
+        end
+      end
+      
+      def sign_in(user)
+        if user
+          session[:user_id] = user.id
+        end
+      end
+      
+      def redirect_back_or(default)
+        session[:return_to] ||= params[:return_to]
+        if session[:return_to]
+          redirect_to(session[:return_to])
+        else
+          redirect_to(default)
+        end
+        session[:return_to] = nil
+      end
+      
+      def redirect_to_root
+        redirect_to root_url
+      end
+      
+      def store_location(referer=false)
+        session[:return_to] = referer ? request.env["HTTP_REFERER"] : request.request_uri if request.get?
+      end
+      
+      def deny_access(flash_message = nil, opts = {})
+        store_location
+        flash[:error] = flash_message if flash_message
+        redirect_to signin_url
+      end
+    end
+    
+  end
+end

data/lib/userify/extensions/errors.rb

@@ -0,0 +1,4 @@
+module ActionController
+  class Forbidden < StandardError
+  end
+end

data/lib/userify/extensions/rescue.rb

@@ -0,0 +1 @@
+ActionController::Base.rescue_responses.update('ActionController::Forbidden' => :forbidden)

data/lib/userify/user.rb

@@ -0,0 +1,128 @@
+require 'digest/sha1'
+
+module Userify
+  module User
+    
+    def self.included(model)
+      require 'userify/uid'
+      
+      model.extend ClassMethods
+      model.send(:include, InstanceMethods)
+      
+      model.class_eval do
+        attr_accessible :username, :email, :password, :fullname
+        attr_accessor :password
+        
+        before_validation :normalize_email
+        
+        validates_presence_of     :username
+        validates_length_of       :username, :maximum => columns_hash['username'].limit
+        validates_uniqueness_of   :username
+        validates_presence_of     :email
+        validates_length_of       :email, :maximum => columns_hash['email'].limit
+        validates_uniqueness_of   :email, :case_sensitive => false
+        validates_format_of       :email, :with => /.+@.+\..+/
+        validates_presence_of     :password, :if => :password_required?
+        validates_length_of       :fullname, :maximum => columns_hash['fullname'].limit, :allow_nil => true
+        
+        before_save :initialize_salt, :encrypt_password, :initialize_token
+      end
+    end
+    
+    module InstanceMethods
+      def name
+        self.fullname or self.username
+      end
+      
+      def authenticated?(password)
+        encrypted_password == encrypt(password)
+      end
+      
+      def encrypt(string)
+        Digest::SHA1.hexdigest("--#{salt}--#{string}--")
+      end
+      
+      def remember?
+        token_expires_at and Time.now.utc < token_expires_at
+      end
+      
+      def remember_me!(duration=183)
+        remember_me_until! duration.days.from_now.utc
+      end
+      
+      def forget_me!
+        clear_token
+        save(false)
+      end
+      
+      def confirm_email!
+        self.email_confirmed  = true
+        clear_token
+        save(false)
+      end
+      
+      def forgot_password!
+        generate_token 24.hours.from_now.utc
+        save(false)
+      end
+      
+      def update_password(new_password)
+        self.password = new_password
+        clear_token if valid?
+        save
+      end
+      
+    protected
+      
+      def generate_random_base62(n=27)
+        UID.new(n).to_s
+      end
+      
+      def normalize_email
+        self.email.downcase! unless self.email.nil?
+        return true
+      end
+      
+      def initialize_salt
+        self.salt = generate_random_base62 if new_record?
+      end
+      
+      def encrypt_password
+        return if password.blank?
+        self.encrypted_password = encrypt(password)
+      end
+      
+      def generate_token(time=nil)
+        self.token            = generate_random_base62
+        self.token_expires_at = time
+      end
+      
+      def clear_token
+        self.token            = nil
+        self.token_expires_at = nil
+      end
+      
+      def initialize_token
+        generate_token 24.hours.from_now.utc if new_record?
+      end
+      
+      def password_required?
+        encrypted_password.blank? or !password.blank?
+      end
+      
+      def remember_me_until!(time)
+        self.token            = generate_random_base62
+        self.token_expires_at = time
+        save(false)
+      end
+    end
+    
+    module ClassMethods
+      def authenticate(email_or_username, password)
+        user = find(:first, :conditions => ['username = ? OR email = ?', email_or_username, email_or_username])
+        user && user.authenticated?(password) ? user : nil
+      end
+    end
+    
+  end
+end

data/rails/init.rb

@@ -0,0 +1 @@
+require 'userify'

metadata

@@ -0,0 +1,84 @@
+--- !ruby/object:Gem::Specification 
+name: userify
+version: !ruby/object:Gem::Version 
+  version: 0.2.0
+platform: ruby
+authors: 
+- Kenn Ejima
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-01-23 00:00:00 -08:00
+default_executable: 
+dependencies: []
+
+description: Super simple authentication system for Rails, using username, email and password.
+email: kenn.ejima <at> gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- CHANGELOG.textile
+- LICENSE
+- Rakefile
+- README.markdown
+- TODO.textile
+- app/controllers/userify/user_controller.rb
+- app/models/userify_mailer.rb
+- app/views/layouts/_error_messages.html.haml
+- app/views/layouts/application.html.haml
+- app/views/user/forgot.html.haml
+- app/views/user/reset.html.haml
+- app/views/user/signin.html.haml
+- app/views/user/signup.html.haml
+- app/views/userify_mailer/confirmation.html.erb
+- app/views/userify_mailer/reset_password.html.erb
+- config/userify_routes.rb
+- generators/userify/lib/insert_commands.rb
+- generators/userify/lib/rake_commands.rb
+- generators/userify/templates/migrations/create_users.rb
+- generators/userify/templates/README
+- generators/userify/templates/uid.rb
+- generators/userify/templates/user.rb
+- generators/userify/USAGE
+- generators/userify/userify_generator.rb
+- lib/userify/authentication.rb
+- lib/userify/extensions/errors.rb
+- lib/userify/extensions/rescue.rb
+- lib/userify/user.rb
+- lib/userify.rb
+- rails/init.rb
+has_rdoc: true
+homepage: http://github.com/kenn/userify
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: Super simple authentication system for Rails, using username, email and password.
+test_files: []
+