warden_strategies 0.1.0

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,5 @@
+*.sw?
+.DS_Store
+coverage
+rdoc
+pkg

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Daniel Neighman
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,18 @@
+= warden_strategies
+
+A collection of warden strategies.
+
+== Note on Patches/Pull Requests
+
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but
+   bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2009 Daniel Neighman. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,48 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "warden_strategies"
+    gem.summary = %Q{A collection of strategies for Warden}
+    gem.description = %Q{A collection of basic warden strategies}
+    gem.email = "has.sox@gmail.com"
+    gem.homepage = "http://github.com/hassox/warden_strategies"
+    gem.authors = ["Daniel Neighman"]
+    gem.add_development_dependency "rspec"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: sudo gem install jeweler"
+end
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+Spec::Rake::SpecTask.new(:rcov) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
+end
+
+task :spec => :check_dependencies
+
+task :default => :spec
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  if File.exist?('VERSION')
+    version = File.read('VERSION')
+  else
+    version = ""
+  end
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "warden_strategies #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/lib/warden_strategies.rb

@@ -0,0 +1,15 @@
+require 'warden'
+$:.push(File.expand_path(File.dirname(__FILE__)))
+
+module WardenStrategies
+  autoload :Base,     "warden_strategies/base"
+  autoload :Simple,   "warden_strategies/simple"
+  autoload :Bcrypt,    "warden_strategies/bcrypt"
+
+  module Mixins
+    module Bcrypt
+       autoload :Base,          "warden_strategies/bcrypt/base"
+       autoload :ActiveRecord,  "warden_strategies/bcrypt/active_record"
+    end
+  end
+end

data/lib/warden_strategies/authlogic.rb

@@ -0,0 +1,35 @@
+Rails.configuration.middleware.use RailsWarden::Manager do |manager|
+  manager.default_strategies :bcrypt
+  manager.failure_app = SessionsController
+end
+
+# Setup Session Serialization
+Warden::Manager.serialize_into_session{ |user| [user.class, user.id] }
+Warden::Manager.serialize_from_session{ |klass, id| klass.find(id) }
+
+Warden::Strategies.add(:bcrypt) do
+  def valid?
+    params["username"] || params["password"]
+  end
+
+  def authenticate!
+    return fail! unless user = User.find_by_login(params["username"])
+
+    if user.crypted_password == "#{params["password"]}#{user.password_salt}"
+      success!(user)
+    else
+      errors.add(:login, "Username or Password incorrect")
+      fail!
+    end
+  end
+end
+
+Warden::Manager.after_authentication do |user, auth, opts|
+  old_current = user.current_login_at
+  old_current ||= user.current_login_at = DateTime.now
+  user.last_login_at = old_current
+  user.current_login_at = DateTime.now
+  user.login_count = 0 if user.login_count.nil?
+  user.login_count += 1
+  user.save(false)
+end

data/lib/warden_strategies/base.rb

@@ -0,0 +1,14 @@
+module WardenStrategies
+  class Base < Warden::Strategies::Base
+
+    # Provides access to a user class.
+    # this should be overwritten in sub-classes to provde access
+    # to particular user classes
+    #
+    # @return A class to use as the "User" class for the request to use
+    # @api overwritable
+    def user_class
+      User
+    end
+  end
+end

data/lib/warden_strategies/bcrypt.rb

@@ -0,0 +1,27 @@
+module WardenStrategies
+
+  # Create a migration for the following fields:
+  # _crypted_password  -  String
+  # _password_salt     -  String
+  #
+  # Then include WardenStrategies::Bcrypt::Mixins::ActiveRecord
+  #
+  # @example
+  # class MyClass < ActiveRecord::Base
+  #   include WardenStrategies::Bcrypt::Mixins::ActiveRecord
+  # end
+  class Bcrypt < WardenStrategies::Simple
+    module Mixins
+      autoload :Base,         "warden_strategies/bcrypt/base"
+      autoload :ActiveRecord, "warden_strategies/bcrypt/active_record"
+    end
+
+    config do |c|
+      c[:required_params]     = [:login, :password]
+      c[:authenticate_method] = :authenticate_with_bcrypt
+      c[:error_message]       = "Username or Password incorrect"
+    end
+  end
+end
+
+Warden::Strategies.add(:simple_bcypt, WardenStrategies::Bcrypt)

data/lib/warden_strategies/bcrypt/active_record.rb

@@ -0,0 +1,28 @@
+module WardenStrategies
+  class Bcrypt
+
+    module Mixins
+      module ActiveRecord
+        def self.included(base)
+          base.class_eval do
+            extend  WardenStrategies::Bcrypt::Mixins::ActiveRecord::ClassMethods
+            include WardenStrategies::Bcrypt::Mixins::Base
+
+            attr_accessor :password, :password_confirmation
+
+            validates_presence_of     :crypted_password, :on => :update,  :if => :has_no_credentials?
+            validates_confirmation_of :password, :if => :password
+          end
+        end
+
+        module ClassMethods
+          def authenticate_with_bcrypt(login, password)
+            user = self.find_by_login(login)
+            return nil unless user
+            user.crypted_password == "#{password}#{user.password_salt}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/warden_strategies/bcrypt/base.rb

@@ -0,0 +1,37 @@
+module WardenStrategies
+  class Bcypt
+    module Mixins
+      module Base
+        def password=(pass)
+          @password = pass
+          unless pass.blank?
+            self._crypted_password =  pass.nil? ? nil : ::BCrypt::Password.create("#{pass}#{password_salt}", :cost => 10)
+          end
+          @password
+        end
+
+        def crypted_password
+          @crypted_password ||= begin
+            ep = _crypted_password
+            ep.nil? ? nil : ::BCrypt::Password.new(ep)
+          end
+        end
+
+        def password_salt
+          @password_salt ||= begin
+            pws = _password_salt
+            pws.nil? ? (self._password_salt = Digest::SHA512.hexdigest(unique_token)) : pws
+          end
+        end
+
+        def has_no_credentials?
+          self._crypted_password.blank?
+        end
+
+        def unique_token
+          Time.now.to_s + (1..10).collect{ rand.to_s }.join
+        end
+      end
+    end
+  end
+end

data/lib/warden_strategies/simple.rb

@@ -0,0 +1,141 @@
+module WardenStrategies
+
+  # The Simple strategy is a strategy that will accept a simple list of requried parameters, a user class
+  # an authenticate_method and an error message and use those to authenticate a "user"
+  #
+  # The following example will create a strategy that will check an account for a user login
+  # with the Account class using the authenitcate_account_holder method.
+  #
+  # for the given params "login" => "fred", "password => "sekrit", "account" => "main"
+  # The following would be called if all parameters are present
+  # Account.authenticate_account_holder("fred", "sekrit", "main")
+  #
+  # @example
+  #   class AccountStrategy < WardenStrategies::Base
+  #     config.merge!(
+  #       :user_class           => Account,
+  #       :authenticate_method  => :authenticate_account_holder,
+  #       :required_params      => [:login, :password, :account]
+  #     )
+  #   end
+  #
+  #   Warden::Strategies.add(:account, AccountStrategy)
+  #
+  #   # calls Account.authenticate_account_holder("login_param", "password_param", "account_param")
+  #
+  # @see WardenStrategies::Simple.config
+  class Simple < WardenStrategies::Base
+
+    # Sets the configuration for this strategy.
+    #
+    # The config will return and yeild a hash (if a block is given) with the configuration for this strategy.
+    # The following options are available
+    #
+    # :user_class
+    # :required_params
+    # :authenticate_method
+    # :error_message
+    #
+    # :user_class option will set the class for this strategy.  If no user class is defined the super classes user_class method is called instead. Default - User
+    #
+    # :required_params is an array of required params that must be present for this strategy to run.  Once the strategy is run, then these parameters are passed to the :authenticate_method in the order specified.
+    # The params can be specified as a symbol, a string, or a nested param.  To specify a nested param seperate the string with a :
+    # Default []
+    #
+    # :authenticate_method specifies the method to call on the user_class when all the parameters are present
+    # Default :authenticate
+    #
+    # :error_message specifies the error message to call when the strategy fails (providing it's valid)
+    # Default "Could not login"
+    #
+    # @example
+    # class MyStrategy < WardenStrategies::Simple
+    # config do |c|
+    #   c[:required_params]     = [:login, :password]
+    #   c[:authenticate_method] = :authenticate_with_password
+    # end
+    #
+    # @api public
+    def self.config
+      @config ||= {
+        :authenticate_method  => :authenticate,
+        :error_message        =>  "Could not login"
+      }
+      yield @config if block_given?
+      @config
+    end
+
+    # Returns the configured required_params for this class
+    # @api public
+    # @see  WardenStrategies::Simple.config
+    def self.required_params
+      config[:required_params] ||= []
+    end
+
+    # Provides access to the required param for this class
+    # @see WardenStrategies::Simple.required_params
+    # @api public
+    def required_params
+      self.class.required_params
+    end
+
+    # Provides access to the User class for this strategy
+    # @see WardenStrategies::Simple.config
+    # @api public
+    def user_class
+      config[:user_class] || super
+    end
+
+    # Sets used in strategy selection.  Returns true if all required_params are available in the request
+    # @return true if all valid params are returned false otherwise
+    # @see Warden::Strategy::Base#valid?
+    # @api private
+    def valid?
+      required_param_values.nil? ? false : !required_param_values.include?(nil)
+    end
+
+    # The workhorse.  Will pass all requred_param_values to the configured authenticate_method
+    # @see WardenStrategies::Simple.config
+    # @see Warden::Strategy::Base#authenticate!
+    # @api private
+    def authenticate!
+      if u = user_class.send(config[:authenticate_method], *required_param_values)
+        success!(u)
+      else
+        fail!(config[:error_message])
+      end
+    end
+
+    # @return the values of the required params for the required_params, or nil if one of the params is not found
+    # @api public
+    def required_param_values
+      result = required_params.map do |val|
+        r = extract_value_from_params(val)
+        break if r.nil?
+        r
+      end
+      result
+    end
+
+    # Provides access to the config hash for this strategy
+    def config
+      self.class.config
+    end
+
+    private
+    def extract_value_from_params(key)
+      case key
+      when String, Symbol
+        keys = key.to_s.split(":")
+        if keys.size == 1
+          params[keys.first]
+        else
+          keys.inject(params){|p,k| p[k]}
+        end
+      when Proc
+        instance_eval(&key)
+      end
+    end
+
+  end
+end

data/spec/helpers/request_helper.rb

@@ -0,0 +1,10 @@
+module WardenStrategies
+  module Spec
+    def env_with_params(path = "/", params = {})
+      method = params.fetch(:method, "GET")
+      Rack::MockRequest.env_for(path, :input => Rack::Utils.build_query(params),
+                                     'HTTP_VERSION' => '1.1',
+                                     'REQUEST_METHOD' => "#{method}")
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,14 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'rack'
+require 'warden_strategies'
+require 'spec'
+require 'spec/autorun'
+
+Dir[File.join(File.dirname(__FILE__), "helpers", "**/*.rb")].each do |f|
+  require f
+end
+
+Spec::Runner.configure do |config|
+  config.include(WardenStrategies::Spec)
+end

data/spec/warden_strategies/base_spec.rb

@@ -0,0 +1,24 @@
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'spec_helper'))
+
+describe WardenStrategies::Base do
+  before do
+    @env = Rack::MockRequest.env_for("/")
+    class ::User; end
+  end
+
+  it "should allow me to get the User class by default" do
+    s = WardenStrategies::Base.new(@env, scope = :default)
+    s.user_class.should == User
+  end
+
+  it "should allow me to get this in a subclass" do
+    class ::AStrategy < WardenStrategies::Base
+    end
+
+    s = AStrategy.new(@env)
+    s.user_class.should == User
+  end
+
+
+
+end

data/spec/warden_strategies/simple_spec.rb

@@ -0,0 +1,169 @@
+require File.expand_path(File.join(File.dirname(__FILE__), '..', 'spec_helper'))
+
+describe WardenStrategies::Simple do
+  before do
+    @env = Rack::MockRequest.env_for("/", :input => Rack::Utils.build_query(
+      :name => "Homer", "foo[bar]" => "baz"
+    ))
+    class ::User; end
+  end
+
+  it "should setup the spec correctly" do
+    req = Rack::Request.new(@env)
+    req.params["name"].should == "Homer"
+    req.params["foo"]["bar"].should == "baz"
+  end
+
+  it "should provide me with a configuration hash" do
+    WardenStrategies::Simple.config.should be_a_kind_of(Hash)
+  end
+
+  it "should allow me to specify the configuration via a block" do
+    WardenStrategies::Simple.config do |c|
+      c[:stuff] = :stuff
+    end
+    WardenStrategies::Simple.config[:stuff].should == :stuff
+  end
+
+  describe "required params" do
+    before do
+      class SimpleFoo < WardenStrategies::Simple
+        config[:required_params] = [:login, :password]
+      end
+    end
+
+    it "should set simple symbol or string required params" do
+      SimpleFoo.config[:required_params] = [:login, "password"]
+      SimpleFoo.required_params.should == [:login, "password"]
+    end
+
+    it "should provide me with access to the required params at an instance level" do
+      SimpleFoo.config[:required_params] = [:login, "password"]
+      SimpleFoo.new(@env).required_params.should == [:login, "password"]
+    end
+
+    it "should provide the required param values from the required params" do
+      env = env_with_params("/", :login => "foo", :password => "bar")
+      SimpleFoo.config[:required_params] = [:login, "password"]
+      s = SimpleFoo.new(env).required_param_values.should == ["foo", "bar"]
+    end
+
+    it "should set nested_params with a single value" do
+      env = env_with_params("/", :login => "foo", "foo[bar]" => "baz")
+      SimpleFoo.config[:required_params] = [:login, "foo:bar"]
+      s = SimpleFoo.new(env).required_param_values.should == ["foo", "baz"]
+    end
+
+    it "should set deeply nested params" do
+      env = env_with_params("/", :login => "foo", "foo[bar][baz]" => "paz")
+      SimpleFoo.config[:required_params] = [:login, "foo:bar:baz"]
+      s = SimpleFoo.new(env).required_param_values.should == ["foo", "paz"]
+    end
+
+    it "should set rediculously deeply nested params" do
+      env = env_with_params("/", :login => "foo", "foo[bar][baz][paz][soz][kaz]" => "homer")
+      SimpleFoo.config[:required_params] = [:login, "foo:bar:baz:paz:soz:kaz"]
+      s = SimpleFoo.new(env).required_param_values.should == ["foo", "homer"]
+    end
+
+    it "should set a nested param as a proc" do
+      env = env_with_params("/", :login => "foo", "sammy" => "barry")
+      SimpleFoo.config[:required_params] = [:login, Proc.new{ params["sammy"] }]
+      s = SimpleFoo.new(env).required_param_values.should == ["foo", "barry"]
+    end
+
+    it "should be valid if all required params are found" do
+      env = env_with_params("/", :login => "foo", "sammy" => "barry")
+      SimpleFoo.config[:required_params] = [:login, :sammy]
+      s = SimpleFoo.new(env).should be_valid
+    end
+
+    it "should be invalid if all required params are not found" do
+      env = env_with_params("/", :login => "foo")
+      SimpleFoo.config[:required_params] = [:login, :bar]
+      s = SimpleFoo.new(env).should_not be_valid
+    end
+
+    it "should be valid with no required_params set" do
+      env = env_with_params("/")
+      SimpleFoo.config[:required_params] = nil
+      s = SimpleFoo.new(env).should be_valid
+    end
+
+    it "should be valid with an emtpy array for a required_params" do
+      env = env_with_params("/")
+      SimpleFoo.config[:required_params] = []
+      s = SimpleFoo.new(env).should be_valid
+    end
+
+    it "should be invalid with a nested param missing" do
+      env = env_with_params("/")
+      SimpleFoo.config[:required_params] = [:login, "foo:bar:baz"]
+      s = SimpleFoo.new(env).should_not be_valid
+    end
+  end
+
+  describe "validating a strategy" do
+    before do
+      class SimpleFoo < WardenStrategies::Simple; end
+      class ::User
+        def self.authenticate(login)
+          login == "fred"
+        end
+      end
+
+      app = lambda do |env|
+        env['warden'].authenticate!
+        Rack::Response.new("OK").finish
+      end
+
+      fail_app = lambda do |env|
+        Rack::Response.new("FAIL").finish
+      end
+
+      Warden::Strategies.add(:simple, SimpleFoo)
+
+      @app = Rack::Builder.new do
+        use Rack::Session::Cookie
+        use Warden::Manager do |manager|
+          manager.default_strategies :simple
+          manager.failure_app = fail_app
+        end
+        run app
+      end
+    end
+
+    after do
+      Warden::Strategies.clear!
+    end
+
+    it "should validate a class by supplying the required params to the authenticate method" do
+      env = env_with_params("/", :login => "fred")
+      SimpleFoo.config[:required_params] = [:login]
+      s = SimpleFoo.new(env)
+      User.should_receive(:authenticate).with("fred").and_return("fred")
+      s.authenticate!
+      s.result.should == :success
+    end
+
+    it "should fail the validation if the param is nil or false" do
+      env = env_with_params("/")
+      SimpleFoo.config[:required_params] = [:login]
+      s = SimpleFoo.new(env)
+      s.should_not be_valid
+      User.should_not_receive(:authenticate)
+      @app.call(env)
+    end
+
+    it "should validate with a different return method" do
+      env = env_with_params("/", :login => "fred")
+      SimpleFoo.config[:required_params] = [:login]
+      SimpleFoo.config[:authenticate_method] = :authenticate_for_fred
+      User.should_receive(:authenticate_for_fred).and_return("fred")
+      s = SimpleFoo.new(env)
+      s.should be_valid
+      result = @app.call(env)
+      result[2].body.should include("OK")
+    end
+  end
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification 
+name: warden_strategies
+version: !ruby/object:Gem::Version 
+  version: 0.1.0
+platform: ruby
+authors: 
+- Daniel Neighman
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-10-25 00:00:00 +11:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  type: :development
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
+description: A collection of basic warden strategies
+email: has.sox@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .document
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- lib/warden_strategies.rb
+- lib/warden_strategies/authlogic.rb
+- lib/warden_strategies/base.rb
+- lib/warden_strategies/bcrypt.rb
+- lib/warden_strategies/bcrypt/active_record.rb
+- lib/warden_strategies/bcrypt/base.rb
+- lib/warden_strategies/simple.rb
+- spec/helpers/request_helper.rb
+- spec/spec_helper.rb
+- spec/warden_strategies/base_spec.rb
+- spec/warden_strategies/simple_spec.rb
+has_rdoc: true
+homepage: http://github.com/hassox/warden_strategies
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.5
+signing_key: 
+specification_version: 3
+summary: A collection of strategies for Warden
+test_files: 
+- spec/helpers/request_helper.rb
+- spec/spec_helper.rb
+- spec/warden_strategies/base_spec.rb
+- spec/warden_strategies/simple_spec.rb