warden 0.7.0 → 0.8.0

data/History.rdoc

@@ -1,3 +1,14 @@
+== Version 0.8.0 / 2010-01-06
+
+* enhancements
+  * Add conditionals to callbacks (josevalim)
+  * Extract Warden::Config from Warden::Manager (josevalim)
+
+== Version 0.7.0 / 2010-01-04
+
+* enhancements
+  * Expose config in warden proxy (hassox)
+
 == Version 0.6.0 / 2009-11-16
 
 * enhancements
@@ -6,9 +17,9 @@
 * deprecation
   * serializer_into_session and serializer_from_session are deprecated, overwrite serialize and deserializer in Warden::Serializers::Session instead (josevalim)
 
-== Version 0.5.3 / 2009-11-20
+== Version 0.5.3 / 2009-11-10
 * bug fixes
-  * authenticated? and unauthenticated? should return true or false, not the user or false.
+  * authenticated? and unauthenticated? should return true or false, not the user or false. (hassox)
 
 == Version 0.5.2 / 2009-11-09
 * enhancements

data/lib/warden/config.rb

@@ -0,0 +1,95 @@
+module Warden
+  # This is a class which is yielded on use Warden::Manager. If you have a plugin
+  # and wants to add more configuration to warden, you just need to extend this
+  # class.
+  class Config < Hash
+    # Creates an accessor that simply sets and reads a key in the hash:
+    #
+    #   class Config < Hash
+    #     hash_accessor :failure_app
+    #   end
+    #
+    #   config = Config.new
+    #   config.failure_app = Foo
+    #   config[:failure_app] #=> Foo
+    #
+    #   config[:failure_app] = Bar
+    #   config.failure_app #=> Bar
+    #  
+    def self.hash_accessor(*names) #:nodoc:
+      names.each do |name|
+        class_eval <<-METHOD, __FILE__, __LINE__ + 1
+          def #{name}
+            self[:#{name}]
+          end
+
+          def #{name}=(value)
+            self[:#{name}] = value
+          end
+        METHOD
+      end
+    end
+
+    hash_accessor :failure_app, :default_scope
+
+    def initialize(other={})
+      merge!(other)
+
+      self[:default_scope]       ||= :default
+      self[:default_strategies]  ||= []
+      self[:default_serializers] ||= [ :session ]
+    end
+
+    # Do not raise an error if a missing strategy is given by default.
+    # :api: plugin
+    def silence_missing_strategies!
+      self[:silence_missing_strategies] = true
+    end
+
+    def silence_missing_strategies? #:nodoc:
+      !!self[:silence_missing_strategies]
+    end
+
+    # Do not raise an error if a missing serializer is given by default.
+    # :api: plugin
+    def silence_missing_serializers!
+      self[:silence_missing_serializers] = true
+    end
+
+    def silence_missing_serializers? #:nodoc:
+      !!self[:silence_missing_serializers]
+    end
+
+    # Set the default strategies to use.
+    # :api: public
+    def default_strategies(*strategies)
+      if strategies.empty?
+        self[:default_strategies]
+      else
+        self[:default_strategies] = strategies.flatten
+      end
+    end
+
+    # Set the default serializers to use. By default, only session is enabled.
+    # :api: public
+    def default_serializers(*serializers)
+      if serializers.empty?
+        self[:default_serializers]
+      else
+        self[:default_serializers] = serializers.flatten
+      end
+    end
+
+    # Quick accessor to strategies from manager
+    # :api: public
+    def serializers
+      Warden::Serializers
+    end
+
+    # Quick accessor to strategies from manager
+    # :api: public
+    def strategies
+      Warden::Strategies
+    end
+  end
+end

data/lib/warden/hooks.rb

@@ -2,11 +2,32 @@
 module Warden
   module Hooks
 
+    # Hook to _run_callbacks asserting for conditions.
+    def _run_callbacks(kind, *args) #:nodoc:
+      options = args.last # Last callback args MUST be a Hash
+
+      send("_#{kind}").each do |callback, conditions|
+        invalid = conditions.find do |key, value|
+          value.is_a?(Array) ? !value.include?(options[key]) : (value != options[key])
+        end
+
+        callback.call(*args) unless invalid
+      end
+    end
+
     # A callback hook set to run every time after a user is set.
-    # This will happen the first time the user is either authenticated, accessed or manually set
-    # during a request.  You can supply as many hooks as you like, and they will be run in order of decleration
+    # This callback is triggered the first time one of those three events happens during a request:
+    # :authentication, :fetch (from one of the serializers, like session) and :set_user (when manually set).
+    # You can supply as many hooks as you like, and they will be run in order of decleration.
+    #
+    # If you want to run the callbacks for a given scope and/or event, you can specify them as options.
+    # See parameters and example below.
     #
     # Parameters:
+    # <options> Some options which specify when the callback should be executed
+    #   scope  - Executes the callback only if it maches the scope(s) given
+    #   only   - Executes the callback only if it matches the event(s) given
+    #   except - Executes the callback except if it matches the event(s) given
     # <block> A block where you can set arbitrary logic to run every time a user is set
     #   Block Parameters: |user, auth, opts|
     #     user - The user object that is being set
@@ -23,10 +44,21 @@ module Warden
     #     auth.session["#{scope}.last_access"] = Time.now
     #   end
     #
+    #   Warden::Manager.after_set_user :except => :fetch do |user,auth,opts|
+    #     user.login_count += 1
+    #   end
+    #
     # :api: public
-    def after_set_user(&block)
+    def after_set_user(options={}, &block)
       raise BlockNotGiven unless block_given?
-      _after_set_user << block
+
+      if options.key?(:only)
+        options[:event] = options.delete(:only)
+      elsif options.key?(:except)
+        options[:event] = [:set_user, :authentication, :fetch] - Array(options.delete(:except))
+      end
+
+      _after_set_user << [block, options]
     end
 
     # Provides access to the array of after_set_user blocks to run
@@ -35,32 +67,22 @@ module Warden
       @_after_set_user ||= []
     end
 
-    # A callback hook set to run after the first authentiation of a session.
-    # This will only happenwhen the session is first authenticated
-    #
-    # Parameters:
-    # <block> A block to contain logic for the callback
-    #   Block Parameters: |user, auth, opts|
-    #     user - The user object that is being set
-    #     auth - The raw authentication proxy object.
-    #     opts - any options passed into the authenticate call includeing :scope
-    #
-    # Example:
-    #
-    #   Warden::Manager.after_authentication do |user, auth, opts|
-    #     throw(:warden, opts) unless user.active?
-    #   end
+    # after_authentication is just a wrapper to after_set_user, which is only invoked
+    # when the user is set through the authentication path. The options and yielded arguments
+    # are the same as in after_set_user.
     #
     # :api: public
-    def after_authentication(&block)
-      raise BlockNotGiven unless block_given?
-      _after_authentication << block
+    def after_authentication(options={}, &block)
+      after_set_user(options.merge(:event => :authentication), &block)
     end
 
-    # Provides access to the array of after_authentication blocks
-    # :api: private
-    def _after_authentication
-      @_after_authentication ||= []
+    # after_fetch is just a wrapper to after_set_user, which is only invoked
+    # when the user is fetched from sesion. The options and yielded arguments
+    # are the same as in after_set_user.
+    #
+    # :api: public
+    def after_fetch(options={}, &block)
+      after_set_user(options.merge(:event => :fetch), &block)
     end
 
     # A callback that runs just prior to the failur application being called.
@@ -69,8 +91,10 @@ module Warden
     # If a Rails controller were used for the failure_app for example, you would need to set request[:params][:action] = :unauthenticated
     #
     # Parameters:
+    # <options> Some options which specify when the callback should be executed
+    #   scope  - Executes the callback only if it maches the scope(s) given
     # <block> A block to contain logic for the callback
-    #   Block Parameters: |user, auth, opts|
+    #   Block Parameters: |env, opts|
     #     env - The rack env hash
     #     opts - any options passed into the authenticate call includeing :scope
     #
@@ -82,8 +106,9 @@ module Warden
     #   end
     #
     # :api: public
-    def before_failure(&block)
-      _before_failure << block
+    def before_failure(options={}, &block)
+      raise BlockNotGiven unless block_given?
+      _before_failure << [block, options]
     end
 
     # Provides access to the callback array for before_failure
@@ -95,20 +120,23 @@ module Warden
     # A callback that runs just prior to the logout of each scope.
     #
     # Parameters:
+    # <options> Some options which specify when the callback should be executed
+    #   scope  - Executes the callback only if it maches the scope(s) given
     # <block> A block to contain logic for the callback
     #   Block Parameters: |user, auth, scope|
     #     user - The authenticated user for the current scope
     #     auth - The warden proxy object
-    #     scope - current logout scope
+    #     opts - any options passed into the authenticate call including :scope
     #
     # Example:
-    #   Warden::Manager.before_logout do |user, auth, scope|
+    #   Warden::Manager.before_logout do |user, auth, opts|
     #     user.forget_me!
     #   end
     #
     # :api: public
-    def before_logout(&block)
-      _before_logout << block
+    def before_logout(options={}, &block)
+      raise BlockNotGiven unless block_given?
+      _before_logout << [block, options]
     end
 
     # Provides access to the callback array for before_logout

data/lib/warden/manager.rb

@@ -1,5 +1,7 @@
 # encoding: utf-8
 require 'warden/hooks'
+require 'warden/config'
+require 'warden/manager_deprecation'
 
 module Warden
   # The middleware for Rack Authentication
@@ -8,90 +10,26 @@ module Warden
   # the rack environment hash
   class Manager
     extend Warden::Hooks
+    extend Warden::ManagerDeprecation
 
-    attr_accessor :config, :failure_app
+    attr_accessor :config
 
-    # initialize the middleware.
-    # Provide a :failure_app in the options to setup an application to run when there is a failure
-    # The manager is yielded when initialized with a block.  This is useful when declaring it in Rack::Builder
+    # Initialize the middleware. If a block is given, a Warden::Config is yielded so you can properly
+    # configure the Warden::Manager.
     # :api: public
-    def initialize(app, config = {})
-      @app = app
-      @config = config
-      yield self if block_given?
-
-      # Should ensure there is a failure application defined.
-      @failure_app = config[:failure_app] if config[:failure_app]
-
-      # Set default configuration values.
-      @config[:default_strategies]  ||= []
-      @config[:default_serializers] ||= [ :session ]
-
+    def initialize(app, options={})
+      @app, @config = app, Warden::Config.new(options)
+      yield @config if block_given?
       self
     end
-    
-    # Get the default scope for Warden.  By default this is :default
-    # @api public
-    def self.default_scope
-      @default_scope
-    end
-    
-    # Set the default scope for Warden.  
-    def self.default_scope=(scope)
-      @default_scope = scope
-    end
-    @default_scope = :default
-
-    # Do not raise an error if a missing strategy is given by default.
-    # :api: plugin
-    def silence_missing_strategies!
-      @config[:silence_missing_strategies] = true
-    end
-
-    # Do not raise an error if a missing serializer is given by default.
-    # :api: plugin
-    def silence_missing_serializers!
-      @config[:silence_missing_serializers] = true
-    end
-
-    # Set the default strategies to use.
-    # :api: public
-    def default_strategies(*strategies)
-      if strategies.empty?
-        @config[:default_strategies]
-      else
-        @config[:default_strategies] = strategies.flatten
-      end
-    end
-
-    # Set the default serializers to use. By default, only session is enabled.
-    # :api: public
-    def default_serializers(*serializers)
-      if serializers.empty?
-        @config[:default_serializers]
-      else
-        @config[:default_serializers] = serializers.flatten
-      end
-    end
-
-    # Quick accessor to strategies from manager
-    # :api: public
-    def serializers
-      Warden::Serializers
-    end
-
-    # Quick accessor to strategies from manager
-    # :api: public
-    def strategies
-      Warden::Strategies
-    end
 
+    # Invoke the application guarding for throw :warden.
+    # If this is downstream from another warden instance, don't do anything.
     # :api: private
     def call(env) # :nodoc:
-      # if this is downstream from another warden instance, don't do anything.
       return @app.call(env) unless env['warden'].nil?
 
-      env['warden'] = Proxy.new(env, @config)
+      env['warden'] = Proxy.new(env, self)
       result = catch(:warden) do
         @app.call(env)
       end
@@ -110,58 +48,13 @@ module Warden
       end
     end
 
-    class << self
-
-      # Prepares the user to serialize into the session.
-      # Any object that can be serialized into the session in some way can be used as a "user" object
-      # Generally however complex object should not be stored in the session.
-      # If possible store only a "key" of the user object that will allow you to reconstitute it.
-      #
-      # Example:
-      #   Warden::Manager.serialize_into_session{ |user| user.id }
-      #
-      # Deprecation:
-      #   This method was deprecated in favor of serializer in Session. You can set it while setting the middleware:
-      #
-      #   use Warden::Manager do |manager|
-      #     manager.serializers.update(:session) do
-      #       def serialize(user)
-      #         user.id
-      #       end
-      #     end
-      #   end
-      #
-      # :api: public
-      def serialize_into_session(&block)
-        warn "[DEPRECATION] serialize_into_session is deprecated. Please overwrite the serialize method in Warden::Serializers::Session."
-        Warden::Serializers::Session.send :define_method, :serialize, &block
-      end
-
-      # Reconstitues the user from the session.
-      # Use the results of user_session_key to reconstitue the user from the session on requests after the initial login
-      #
-      # Example:
-      #   Warden::Manager.serialize_from_session{ |id| User.get(id) }
-      #
-      # Deprecation:
-      #   This method was deprecated in favor of serializer in Session. You can set it while setting the middleware:
-      #
-      #   use Warden::Manager do |manager|
-      #     manager.serializers.update(:session) do
-      #       def deserialize(id)
-      #         User.get(id)
-      #       end
-      #     end
-      #   end
-      #
-      # :api: public
-      def serialize_from_session(&block)
-        warn "[DEPRECATION] serialize_from_session is deprecated. Please overwrite the deserialize method in Warden::Serializers::Session."
-        Warden::Serializers::Session.send :define_method, :deserialize, &block
-      end
+    # :api: private
+    def _run_callbacks(*args) #:nodoc:
+      self.class._run_callbacks(*args)
     end
 
-    private
+  private
+
     # When a request is unauthentiated, here's where the processing occurs.
     # It looks at the result of the proxy to see if it's been executed and what action to take.
     # :api: private
@@ -184,14 +77,14 @@ module Warden
     def call_failure_app(env, opts = {})
       if env['warden'].custom_failure?
         opts[:original_response]
-      else
+      elsif config.failure_app
         env["PATH_INFO"] = "/#{opts[:action]}"
         env["warden.options"] = opts
 
-        # Call the before failure callbacks
-        Warden::Manager._before_failure.each{|hook| hook.call(env,opts)}
-        raise "No Failure App provided" unless @failure_app
-        @failure_app.call(env).to_a
+        _run_callbacks(:before_failure, env, opts)
+        config.failure_app.call(env).to_a
+      else
+        raise "No Failure App provided"
       end
     end # call_failure_app
   end

data/lib/warden/manager_deprecation.rb

@@ -0,0 +1,62 @@
+module Warden
+  module ManagerDeprecation
+    # Read the default scope from Warden
+    def default_scope
+      warn "[DEPRECATION] Warden::Manager.default_scope is deprecated. It's now accessible in the Warden::Manager instance."
+    end
+
+    # Set the default scope for Warden.
+    def default_scope=(scope)
+      warn "[DEPRECATION] Warden::Manager.default_scope= is deprecated. Please set it in the Warden::Manager instance."
+    end
+
+    # Prepares the user to serialize into the session.
+    # Any object that can be serialized into the session in some way can be used as a "user" object
+    # Generally however complex object should not be stored in the session.
+    # If possible store only a "key" of the user object that will allow you to reconstitute it.
+    #
+    # Example:
+    #   Warden::Manager.serialize_into_session{ |user| user.id }
+    #
+    # Deprecation:
+    #   This method was deprecated in favor of serializer in Session. You can set it while setting the middleware:
+    #
+    #   use Warden::Manager do |manager|
+    #     manager.serializers.update(:session) do
+    #       def serialize(user)
+    #         user.id
+    #       end
+    #     end
+    #   end
+    #
+    # :api: public
+    def serialize_into_session(&block)
+      warn "[DEPRECATION] serialize_into_session is deprecated. Please overwrite the serialize method in Warden::Serializers::Session."
+      Warden::Serializers::Session.send :define_method, :serialize, &block
+    end
+
+    # Reconstitues the user from the session.
+    # Use the results of user_session_key to reconstitue the user from the session on requests after the initial login
+    #
+    # Example:
+    #   Warden::Manager.serialize_from_session{ |id| User.get(id) }
+    #
+    # Deprecation:
+    #   This method was deprecated in favor of serializer in Session. You can set it while setting the middleware:
+    #
+    #   use Warden::Manager do |manager|
+    #     manager.serializers.update(:session) do
+    #       def deserialize(id)
+    #         User.get(id)
+    #       end
+    #     end
+    #   end
+    #
+    # :api: public
+    def serialize_from_session(&block)
+      warn "[DEPRECATION] serialize_from_session is deprecated. Please overwrite the deserialize method in Warden::Serializers::Session."
+      Warden::Serializers::Session.send :define_method, :deserialize, &block
+    end
+
+  end
+end

data/lib/warden/proxy.rb

@@ -7,13 +7,9 @@ module Warden
     # :api: private
     attr_accessor :winning_strategy
 
-    # An accessor to the rack env hash
+    # An accessor to the rack env hash, the proxy owner and its config
     # :api: public
-    attr_reader :env
-
-    # A reader for the config of warden that created this proxy.
-    # :api: public
-    attr_reader :config
+    attr_reader :env, :manager, :config
 
     extend ::Forwardable
     include ::Warden::Mixins::Common
@@ -21,11 +17,9 @@ module Warden
     # :api: private
     def_delegators :winning_strategy, :headers, :_status, :custom_response
 
-    def initialize(env, config = {}) #:nodoc:
-      @env = env
-      @config = config
-      @strategies = @config.fetch(:default_strategies, [])
-      @users = {}
+    def initialize(env, manager) #:nodoc:
+      @env, @users = env, {}
+      @manager, @config = manager, manager.config
       errors # setup the error object in the session
     end
 
@@ -41,7 +35,7 @@ module Warden
     #   env['warden'].authenticated?(:admin)
     #
     # :api: public
-    def authenticated?(scope = Warden::Manager.default_scope)
+    def authenticated?(scope = @config.default_scope)
       result = !!user(scope)
       yield if block_given? && result
       result
@@ -49,7 +43,7 @@ module Warden
 
     # Same API as authenticated, but returns false when authenticated.
     # :api: public
-    def unauthenticated?(scope = Warden::Manager.default_scope)
+    def unauthenticated?(scope = @config.default_scope)
       result = !authenticated?(scope)
       yield if block_given? && result
       result
@@ -82,7 +76,7 @@ module Warden
     # :api: public
     def authenticate!(*args)
       scope, opts = _perform_authentication(*args)
-      throw(:warden, opts.merge(:action => :unauthenticated)) if !user(scope)
+      throw(:warden, opts) if !user(scope)
       user(scope)
     end
 
@@ -97,9 +91,9 @@ module Warden
     #   env['warden'].stored?(:default, :cookie)  #=> false
     #
     # :api: public
-    def stored?(scope = Warden::Manager.default_scope, serializer = nil)
+    def stored?(scope = @config.default_scope, serializer = nil)
       if serializer
-        find_serializer(serializer).stored?(scope)
+        _find_serializer(serializer).stored?(scope)
       else
         serializers.any? { |s| s.stored?(scope) }
       end
@@ -113,12 +107,13 @@ module Warden
     #
     # :api: public
     def set_user(user, opts = {})
-      scope = (opts[:scope] ||= Warden::Manager.default_scope)
+      return unless user
+      scope = (opts[:scope] ||= @config.default_scope)
       _store_user(user, scope) unless opts[:store] == false
       @users[scope] = user
 
-      # Run the after hooks for setting the user
-      Warden::Manager._after_set_user.each{ |hook| hook.call(user, self, opts) }
+      opts[:event] ||= :set_user
+      manager._run_callbacks(:after_set_user, user, self, opts)
       user
     end
 
@@ -133,8 +128,8 @@ module Warden
     #   env['warden'].user(:admin)
     #
     # :api: public
-    def user(scope = Warden::Manager.default_scope)
-      @users[scope] ||= set_user(_fetch_user(scope), :scope => scope)
+    def user(scope = @config.default_scope)
+      @users[scope] ||= set_user(_fetch_user(scope), :scope => scope, :event => :fetch)
     end
 
     # Provides a scoped session data for authenticated users.
@@ -148,7 +143,7 @@ module Warden
     #  env['warden'].session(:sudo)[:foo] = "bar"
     #
     # :api: public
-    def session(scope = Warden::Manager.default_scope)
+    def session(scope = @config.default_scope)
       raise NotAuthenticated, "#{scope.inspect} user is not logged in" unless authenticated?(scope)
       raw_session["warden.user.#{scope}.session"] ||= {}
     end
@@ -178,7 +173,7 @@ module Warden
 
       scopes.each do |scope|
         user = @users.delete(scope)
-        Warden::Manager._before_logout.each { |hook| hook.call(user, self, scope) }
+        manager._run_callbacks(:before_logout, user, self, :scope => scope)
 
         raw_session.delete("warden.user.#{scope}.session")
         _delete_user(user, scope)
@@ -216,15 +211,13 @@ module Warden
     # :api: private
     def serializers # :nodoc:
       @serializers ||= begin
-        array = []
-        @config[:default_serializers].each do |s|
-          unless Warden::Serializers[s]
-            raise "Invalid serializer #{s}" unless silence_missing_serializers?
+        @config.default_serializers.inject([]) do |array, s|
+          unless klass = Warden::Serializers[s]
+            raise "Invalid serializer #{s}" unless @config.silence_missing_serializers?
             next
           end
-          array << Warden::Serializers[s].new(@env)
+          array << klass.new(@env)
         end
-        array
       end
     end
 
@@ -233,34 +226,16 @@ module Warden
     # :api: private
     def _perform_authentication(*args)
       scope = scope_from_args(args)
-      opts = opts_from_args(args)
-
-      # Look for an existing user in the session for this scope
-      # If there was no user in the session.  See if we can get one from the request
-      return scope, opts if the_user = user(scope)
+      opts  = opts_from_args(args)
 
-      strategies = args.empty? ? @strategies : args
-      raise "No Strategies Found" if strategies.empty?
+      # Look for an existing user in the session for this scope.
+      # If there was no user in the session. See if we can get one from the request
+      return scope, opts if user(scope)
 
-      strategies.each do |s|
-        unless Warden::Strategies[s]
-          raise "Invalid strategy #{s}" unless args.empty? && silence_missing_strategies?
-          next
-        end
-
-        strategy = Warden::Strategies[s].new(@env, scope)
-        self.winning_strategy = strategy
-        next unless strategy.valid?
-
-        strategy._run!
-        break if strategy.halted?
-      end
+      _run_strategies_for(scope, args)
 
       if winning_strategy && winning_strategy.user
-        set_user(winning_strategy.user, opts)
-
-        # Run the after_authentication hooks
-        Warden::Manager._after_authentication.each{|hook| hook.call(winning_strategy.user, self, opts)}
+        set_user(winning_strategy.user, opts.merge!(:event => :authentication))
       end
 
       [scope, opts]
@@ -268,7 +243,7 @@ module Warden
 
     # :api: private
     def scope_from_args(args) # :nodoc:
-      Hash === args.last ? args.last.fetch(:scope, Warden::Manager.default_scope) : Warden::Manager.default_scope
+      Hash === args.last ? args.last.fetch(:scope, @config.default_scope) : @config.default_scope
     end
 
     # :api: private
@@ -277,25 +252,35 @@ module Warden
     end
 
     # :api: private
-    def silence_missing_strategies? # :nodoc:
-      @config[:silence_missing_strategies]
-    end
+    def _run_strategies_for(scope, args) #:nodoc:
+      strategies = args.empty? ? @config.default_strategies : args
+      raise "No Strategies Found" if strategies.empty?
 
-    # :api: private
-    def silence_missing_serializers? # :nodoc:
-      @config[:silence_missing_serializers]
+      strategies.each do |s|
+        unless klass = Warden::Strategies[s]
+          raise "Invalid strategy #{s}" unless args.empty? && @config.silence_missing_strategies?
+          next
+        end
+
+        strategy = klass.new(@env, scope)
+        self.winning_strategy = strategy
+        next unless strategy.valid?
+
+        strategy._run!
+        break if strategy.halted?
+      end
     end
 
     # Does the work of storing the user in stores.
     # :api: private
-    def _store_user(user, scope = Warden::Manager.default_scope) # :nodoc:
+    def _store_user(user, scope) # :nodoc:
       return unless user
       serializers.each { |s| s.store(user, scope) }
     end
 
     # Does the work of fetching the user from the first store.
     # :api: private
-    def _fetch_user(scope = Warden::Manager.default_scope) # :nodoc:
+    def _fetch_user(scope) # :nodoc:
       serializers.each do |s|
         user = s.fetch(scope)
         return user if user
@@ -305,12 +290,12 @@ module Warden
 
     # Does the work of deleteing the user in all stores.
     # :api: private
-    def _delete_user(user, scope = Warden::Manager.default_scope) # :nodoc:
+    def _delete_user(user, scope) # :nodoc:
       serializers.each { |s| s.delete(scope, user) }
     end
 
     # :api: private
-    def find_serializer(name) # :nodoc:
+    def _find_serializer(name) # :nodoc:
       serializers.find { |s| s.class == ::Warden::Serializers[name] }
     end
   end # Proxy

data/lib/warden/version.rb

@@ -1,3 +1,3 @@
 module Warden
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 end

data/spec/helpers/request_helper.rb

@@ -12,16 +12,14 @@ module Warden::Spec
 
     def setup_rack(app = nil, opts = {}, &block)
       app ||= block if block_given?
+
+      opts[:failure_app]         ||= failure_app
       opts[:default_strategies]  ||= [:password]
       opts[:default_serializers] ||= [:session]
-      opts[:failure_app] ||= Warden::Spec::Helpers::FAILURE_APP
+
       Rack::Builder.new do
         use Warden::Spec::Helpers::Session
-        use Warden::Manager, opts do |manager|
-          manager.failure_app = Warden::Spec::Helpers::FAILURE_APP
-          manager.default_strategies *opts[:default_strategies]
-          manager.default_serializers *opts[:default_serializers]
-        end
+        use Warden::Manager, opts
         run app
       end
     end

data/spec/warden/config_spec.rb

@@ -0,0 +1,55 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe Warden::Config do
+
+  before(:each) do
+    @config = Warden::Config.new
+  end
+
+  it "should behave like a hash" do
+    @config[:foo] = :bar
+    @config[:foo].should == :bar
+  end
+
+  it "should provide hash accessors" do
+    @config.failure_app = :foo
+    @config[:failure_app].should == :foo
+    @config[:failure_app] = :bar
+    @config.failure_app.should == :bar
+  end
+
+  it "should allow to read and set default strategies" do
+    @config.default_strategies :foo, :bar
+    @config.default_strategies.should == [:foo, :bar]
+  end
+
+  it "should allow to read and set default serializers" do
+    @config.default_serializers :foo, :bar
+    @config.default_serializers.should == [:foo, :bar]
+  end
+
+  it "should ship with default serializers and strategies" do
+    @config.default_strategies.should == []
+    @config.default_serializers.should == [:session]
+  end
+
+  it "should allow to silence missing strategies" do
+    @config.silence_missing_strategies!
+    @config.silence_missing_strategies?.should be_true
+  end
+
+  it "should allow to silence missing serializers" do
+    @config.silence_missing_serializers!
+    @config.silence_missing_serializers?.should be_true
+  end
+
+  it "should set the default_scope" do
+    @config.default_scope.should == :default
+    @config.default_scope = :foo
+    @config.default_scope.should == :foo
+  end
+
+  it "should merge given options on initialization" do
+    Warden::Config.new(:foo => :bar)[:foo].should == :bar
+  end
+end

data/spec/warden/hooks_spec.rb

@@ -43,38 +43,82 @@ describe "standard authentication hooks" do
       env['warden.spec.hook.foo'].should == "run foo"
       env['warden.spec.hook.bar'].should == "run bar"
     end
-  end
 
-  describe "after_authentication" do
-    before(:each) do
-      RAM = Warden::Manager unless defined?(RAM)
-      RAM._after_authentication.clear
+    it "should not run the event specified with except" do
+      RAM.after_set_user(:except => :set_user){|u,a,o| fail}
+      app = lambda do |e|
+        e['warden'].set_user("foo")
+        valid_response
+      end
+      env = env_with_params
+      setup_rack(app).call(env)
     end
 
-    after(:each) do
-      RAM._after_authentication.clear
+    it "should only run the event specified with only" do
+      RAM.after_set_user(:only => :set_user){|u,a,o| fail}
+      app = lambda do |e|
+        e['warden'].authenticate(:pass)
+        valid_response
+      end
+      env = env_with_params
+      setup_rack(app).call(env)
     end
 
-    it "should allow me to add an after_authentication hook" do
-      RAM.after_authentication{|user, auth, opts| "foo"}
-      RAM._after_authentication.should have(1).item
-    end
+    context "after_authentication" do
+      it "should be a wrapper to after_set_user behavior" do
+        RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.baz'] = "run baz"}
+        RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.paz'] = "run paz"}
+        RAM.after_authentication{|u,a,o| o[:event].should == :authentication }
+        app = lambda{|e| e['warden'].authenticate(:pass); valid_response}
+        env = env_with_params
+        setup_rack(app).call(env)
+        env['warden.spec.hook.baz'].should == 'run baz'
+        env['warden.spec.hook.paz'].should == 'run paz'
+      end
 
-    it "should allow me to add multiple after_authentication hooks" do
-      RAM.after_authentication{|u,a,o| "bar"}
-      RAM.after_authentication{|u,a,o| "baz"}
-      RAM._after_authentication.should have(2).items
+      it "should not be invoked on default after_set_user scenario" do
+        RAM.after_authentication{|u,a,o| fail}
+        app = lambda do |e|
+          e['warden'].set_user("foo")
+          valid_response
+        end
+        env = env_with_params
+        setup_rack(app).call(env)
+      end
     end
 
-    it "should run each after_authentication hook after authentication is run" do
-      RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.baz'] = "run baz"}
-      RAM.after_authentication{|u,a,o| a.env['warden.spec.hook.paz'] = "run paz"}
-      app = lambda{|e| e['warden'].authenticate(:pass); valid_response}
-      env = env_with_params
-      setup_rack(app).call(env)
-      env['warden.spec.hook.baz'].should == 'run baz'
-      env['warden.spec.hook.paz'].should == 'run paz'
+    context "after_fetch" do
+      it "should be a wrapper to after_set_user behavior" do
+        RAM.after_fetch{|u,a,o| a.env['warden.spec.hook.baz'] = "run baz"}
+        RAM.after_fetch{|u,a,o| a.env['warden.spec.hook.paz'] = "run paz"}
+        RAM.after_fetch{|u,a,o| o[:event].should == :fetch }
+        env = env_with_params
+        setup_rack(lambda { valid_response }).call(env)
+        env['rack.session']['warden.user.default.key'] = "Foo"
+        env['warden'].user.should == "Foo"
+        env['warden.spec.hook.baz'].should == 'run baz'
+        env['warden.spec.hook.paz'].should == 'run paz'
+      end
+
+      it "should not be invoked on default after_set_user scenario" do
+        RAM.after_fetch{|u,a,o| fail}
+        app = lambda do |e|
+          e['warden'].set_user("foo")
+          valid_response
+        end
+        env = env_with_params
+        setup_rack(app).call(env)
+      end
+
+      it "should not be invoked if fetched user is nil" do
+        RAM.after_fetch{|u,a,o| fail}
+        env = env_with_params
+        setup_rack(lambda { valid_response }).call(env)
+        env['rack.session']['warden.user.default.key'] = nil
+        env['warden'].user.should be_nil
+      end
     end
+
   end
 
   describe "before_failure" do
@@ -125,14 +169,14 @@ describe "standard authentication hooks" do
     end
 
     it "should allow me to add multiple after_authetnication hooks" do
-      RAM.before_logout{|u,a,s| "bar"}
-      RAM.before_logout{|u,a,s| "baz"}
+      RAM.before_logout{|u,a,o| "bar"}
+      RAM.before_logout{|u,a,o| "baz"}
       RAM._before_logout.should have(2).items
     end
 
     it "should run each before_logout hook before logout is run" do
-      RAM.before_logout{|u,a,s| a.env['warden.spec.hook.lorem'] = "run lorem"}
-      RAM.before_logout{|u,a,s| a.env['warden.spec.hook.ipsum'] = "run ipsum"}
+      RAM.before_logout{|u,a,o| a.env['warden.spec.hook.lorem'] = "run lorem"}
+      RAM.before_logout{|u,a,o| a.env['warden.spec.hook.ipsum'] = "run ipsum"}
       app = lambda{|e| e['warden'].authenticate(:pass); valid_response}
       env = env_with_params
       setup_rack(app).call(env)
@@ -141,21 +185,27 @@ describe "standard authentication hooks" do
       env['warden.spec.hook.ipsum'].should == 'run ipsum'
     end
 
-    it "should run before_logout hook on different scopes" do
-      RAM.before_logout{|u,a,s| a.env["warden.spec.hook.scope1"] = "run scope1" if s == :scope1}
-      RAM.before_logout{|u,a,s| a.env["warden.spec.hook.scope2"] = "run scope2" if s == :scope2}
+    it "should run before_logout hook for a socufued scope" do
+      RAM.before_logout(:scope => :scope1){|u,a,o| a.env["warden.spec.hook.a"] << :scope1 }
+      RAM.before_logout(:scope => [:scope2]){|u,a,o| a.env["warden.spec.hook.b"] << :scope2 }
+
       app = lambda do |e|
         e['warden'].authenticate(:pass, :scope => :scope1)
         e['warden'].authenticate(:pass, :scope => :scope2)
         valid_response
       end
       env = env_with_params
+      env["warden.spec.hook.a"] ||= []
+      env["warden.spec.hook.b"] ||= []
       setup_rack(app).call(env)
+
       env['warden'].logout(:scope1)
-      env['warden.spec.hook.scope1'].should == 'run scope1'
-      env['warden.spec.hook.scope2'].should == nil
+      env['warden.spec.hook.a'].should == [:scope1]
+      env['warden.spec.hook.b'].should == []
+
       env['warden'].logout(:scope2)
-      env['warden.spec.hook.scope2'].should == 'run scope2'
+      env['warden.spec.hook.a'].should == [:scope1]
+      env['warden.spec.hook.b'].should == [:scope2]
     end
   end
 

data/spec/warden/manager_spec.rb

@@ -209,25 +209,28 @@ describe Warden::Manager do
   end # integrated strategies
   
   it "should allow me to set a different default scope for warden" do
-    Warden::Manager.default_scope.should == :default
-    Warden::Manager.default_scope = :other_scope
-    Warden::Manager.default_scope.should == :other_scope
-    Warden::Manager.default_scope = :default
+    Rack::Builder.new do
+      use Warden::Manager, :default_scope => :default do |manager|
+        manager.default_scope.should == :default
+        manager.default_scope = :other
+        manager.default_scope.should == :other
+      end
+    end
   end
 
   it "should allow me to access serializers through manager" do
     Rack::Builder.new do
-       use Warden::Manager do |manager|
-         manager.serializers.should == Warden::Serializers
-       end
-     end
+      use Warden::Manager do |manager|
+        manager.serializers.should == Warden::Serializers
+      end
+    end
   end
 
   it "should allow me to access serializers through manager" do
     Rack::Builder.new do
-       use Warden::Manager do |manager|
-         manager.strategies.should == Warden::Strategies
-       end
-     end
+      use Warden::Manager do |manager|
+        manager.strategies.should == Warden::Strategies
+      end
+    end
   end
 end

data/spec/warden/proxy_spec.rb

@@ -98,7 +98,7 @@ describe Warden::Proxy do
           valid_response
         end
         lambda {
-          setup_rack(app, :silence_missing_strategies => true, :default_strategies => :unknown).call(env)
+          setup_rack(app, :silence_missing_strategies => true, :default_strategies => [:unknown]).call(env)
         }.should_not raise_error
       end
 

data/warden.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{warden}
-  s.version = "0.7.0"
+  s.version = "0.8.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Daniel Neighman"]
-  s.date = %q{2010-01-04}
+  s.date = %q{2010-01-07}
   s.email = %q{has.sox@gmail.com}
   s.extra_rdoc_files = [
     "LICENSE",
@@ -23,10 +23,12 @@ Gem::Specification.new do |s|
      "Rakefile",
      "TODO.textile",
      "lib/warden.rb",
+     "lib/warden/config.rb",
      "lib/warden/declarable.rb",
      "lib/warden/errors.rb",
      "lib/warden/hooks.rb",
      "lib/warden/manager.rb",
+     "lib/warden/manager_deprecation.rb",
      "lib/warden/mixins/common.rb",
      "lib/warden/proxy.rb",
      "lib/warden/serializers.rb",
@@ -42,10 +44,10 @@ Gem::Specification.new do |s|
      "spec/helpers/strategies/failz.rb",
      "spec/helpers/strategies/invalid.rb",
      "spec/helpers/strategies/pass.rb",
-     "spec/helpers/strategies/pass_without_user.rb",
      "spec/helpers/strategies/password.rb",
      "spec/spec_helper.rb",
      "spec/warden/authenticated_data_store_spec.rb",
+     "spec/warden/config_spec.rb",
      "spec/warden/errors_spec.rb",
      "spec/warden/hooks_spec.rb",
      "spec/warden/manager_spec.rb",
@@ -69,10 +71,10 @@ Gem::Specification.new do |s|
      "spec/helpers/strategies/failz.rb",
      "spec/helpers/strategies/invalid.rb",
      "spec/helpers/strategies/pass.rb",
-     "spec/helpers/strategies/pass_without_user.rb",
      "spec/helpers/strategies/password.rb",
      "spec/spec_helper.rb",
      "spec/warden/authenticated_data_store_spec.rb",
+     "spec/warden/config_spec.rb",
      "spec/warden/errors_spec.rb",
      "spec/warden/hooks_spec.rb",
      "spec/warden/manager_spec.rb",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: warden
 version: !ruby/object:Gem::Version 
-  version: 0.7.0
+  version: 0.8.0
 platform: ruby
 authors: 
 - Daniel Neighman
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-01-04 00:00:00 +11:00
+date: 2010-01-07 00:00:00 +11:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -39,10 +39,12 @@ files:
 - Rakefile
 - TODO.textile
 - lib/warden.rb
+- lib/warden/config.rb
 - lib/warden/declarable.rb
 - lib/warden/errors.rb
 - lib/warden/hooks.rb
 - lib/warden/manager.rb
+- lib/warden/manager_deprecation.rb
 - lib/warden/mixins/common.rb
 - lib/warden/proxy.rb
 - lib/warden/serializers.rb
@@ -58,10 +60,10 @@ files:
 - spec/helpers/strategies/failz.rb
 - spec/helpers/strategies/invalid.rb
 - spec/helpers/strategies/pass.rb
-- spec/helpers/strategies/pass_without_user.rb
 - spec/helpers/strategies/password.rb
 - spec/spec_helper.rb
 - spec/warden/authenticated_data_store_spec.rb
+- spec/warden/config_spec.rb
 - spec/warden/errors_spec.rb
 - spec/warden/hooks_spec.rb
 - spec/warden/manager_spec.rb
@@ -106,10 +108,10 @@ test_files:
 - spec/helpers/strategies/failz.rb
 - spec/helpers/strategies/invalid.rb
 - spec/helpers/strategies/pass.rb
-- spec/helpers/strategies/pass_without_user.rb
 - spec/helpers/strategies/password.rb
 - spec/spec_helper.rb
 - spec/warden/authenticated_data_store_spec.rb
+- spec/warden/config_spec.rb
 - spec/warden/errors_spec.rb
 - spec/warden/hooks_spec.rb
 - spec/warden/manager_spec.rb

data/spec/helpers/strategies/pass_without_user.rb

@@ -1,7 +0,0 @@
-Warden::Strategies.add(:pass_without_user) do
-  def authenticate!
-    request.env['warden.spec.strategies'] ||= []
-    request.env['warden.spec.strategies'] << :pass_without_user
-    success!(nil)
-  end
-end