wristband 0.0.0

data/Gemfile

@@ -0,0 +1,14 @@
+source 'http://rubygems.org'
+
+gem 'rails', '3.0.3'
+gem 'haml', '3.0.25'
+
+group :development, :test do
+  gem 'sqlite3-ruby', :require => 'sqlite3'
+  gem "jeweler"
+end
+
+group :test do
+  gem 'test_dummy'
+  gem 'faker'
+end

data/Gemfile.lock

@@ -0,0 +1,88 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    abstract (1.0.0)
+    actionmailer (3.0.3)
+      actionpack (= 3.0.3)
+      mail (~> 2.2.9)
+    actionpack (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.6)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.3)
+      activesupport (= 3.0.3)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.3)
+      activemodel (= 3.0.3)
+      activesupport (= 3.0.3)
+    activesupport (3.0.3)
+    arel (2.0.7)
+    builder (2.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    faker (0.9.4)
+      i18n (~> 0.4)
+    git (1.2.5)
+    haml (3.0.25)
+    i18n (0.5.0)
+    jeweler (1.5.2)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    mail (2.2.14)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    polyglot (0.3.1)
+    rack (1.2.1)
+    rack-mount (0.6.13)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.3)
+      actionmailer (= 3.0.3)
+      actionpack (= 3.0.3)
+      activerecord (= 3.0.3)
+      activeresource (= 3.0.3)
+      activesupport (= 3.0.3)
+      bundler (~> 1.0)
+      railties (= 3.0.3)
+    railties (3.0.3)
+      actionpack (= 3.0.3)
+      activesupport (= 3.0.3)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
+    rake (0.8.7)
+    sqlite3 (1.3.3)
+    sqlite3-ruby (1.3.3)
+      sqlite3 (>= 1.3.3)
+    test_dummy (0.2.6)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.24)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  faker
+  haml (= 3.0.25)
+  jeweler
+  rails (= 3.0.3)
+  sqlite3-ruby
+  test_dummy

data/README.md

@@ -0,0 +1,113 @@
+# Wristband
+Author: [The Working Group](http://www.theworkinggroup.ca)
+
+---
+
+## What is it?
+
+Wristband provides a starting point for user authentication.
+
+It handles:
+
+* Login and logout
+* Password storage with encryption
+* Remember me functionality
+* Authority definitions
+  
+  
+## Usage
+
+### 1. Add gem definition to your Gemfile:
+    
+    config.gem 'wristband'
+    
+### 2. From withing your Rails project run:
+    
+    bundle install
+
+### 3. (optional) Run the wristband generator:
+
+    rails g wristband
+
+This will output something like:
+
+    create  app/models/user.rb
+    create  app/models/session_user.rb
+    create  app/controllers/users_controller.rb
+    create  app/controllers/sessions_controller.rb
+    create  app/views/users/show.html.haml
+    create  app/views/sessions/new.html.haml
+    create  app/mailers/user_mailer.rb
+    create  app/views/user_mailer/forgot_password.text.html.rhtml
+    create  app/views/user_mailer/forgot_password.text.plain.rhtml
+    create  app/views/user_mailer/email_verification.text.html.rhtml
+    create  app/views/user_mailer/email_verification.text.plain.rhtml
+    create  db/migrate/20110123214541_create_users_table.rb
+
+### 4. (optional) Run migrations:
+
+    rake db:migrate
+
+
+## Configuration
+
+
+### In your User model
+
+    class User < ActiveRecord::Base
+      wristband [options]
+    end
+
+### Options:
+
+**:login_with** - Array of fields you want to authenticate the user with. Default: email 
+  
+    wristband :login_with => [:username, :email]
+
+
+**:before_authentication** - Array of functions run after the user authentication takes place. Default: [] 
+
+    wristband :before_authentication => :do_something
+
+
+**:after_authentication** - Array of functions run before the user authentication takes place. Default: [] 
+
+    wristband :after_authentication => :do_something
+
+
+**:has_authorities** - The different user authorities are defined in a separate class so as to reduce clutter in the User model itself. Default: false 
+
+    wristband :has_authorities => true
+
+**:roles** - Use this to define the different roles the user can assume. Make sure you have a role column on your users table. It will generate functions like `is_<role>?` for each one of the roles youdefine.
+  
+    wristband :roles => [:regular_user, :admin]
+  
+  will generate `user.is_regular_user?` and `user.is_admin?`
+
+
+
+## Notes
+
+1. **Remember me** - If you want to automatically login a user when he comes back to your site, add `before_filter :login_from_cookie` to your AplicationController.
+2. **Authority Definitions** - Checkout the documentation on wristband/authority_check_rb
+
+
+## Database configuration
+
+The generator gives you a head start.
+The basic columns are defined as such:
+
+    create_table :users do |t|
+      t.string :email
+      t.string :email_validation_key
+      t.datetime :validated_at
+      t.string :password_crypt, :limit => 40
+      t.string :password_salt,  :limit => 40
+      t.string :remember_token
+      t.string :role
+      t.timestamps
+    end
+
+
+Have fun!!

data/Rakefile

@@ -0,0 +1,21 @@
+require File.expand_path('../config/application', __FILE__)
+require 'rake'
+
+Wristband::Application.load_tasks
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name        = 'wristband'
+    gem.summary     = 'An authentication engine'
+    gem.description = 'Provides a starting point for user authentication'
+    gem.email       = 'jack@theworkinggroup.ca'
+    gem.homepage    = 'http://github.com/twg/wristband'
+    gem.authors     = ['Jack Neto', 'The Working Group Inc']
+    gem.add_dependency('rails', '>=3.0.3')
+    gem.add_dependency('haml', '>=3.0.25')
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.0

data/app/controllers/application_controller.rb

@@ -0,0 +1,10 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+
+  before_filter :login_required
+
+protected
+  def login_required
+    redirect_to login_path unless logged_in?
+  end
+end

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,34 @@
+class SessionsController < ApplicationController
+  before_filter :login_required,  :only => :destroy
+  before_filter :redirect_if_logged_in, :only => [ :new, :create, :forgot_password ]
+  before_filter :build_user_session,  :only => [ :new, :create ]
+  
+  def create
+    if @session_user.save
+      login(@session_user)
+      flash[:notice] = "Welcome, you are now logged in."
+      redirect_to user_path(current_user)
+    else
+      flash[:error] = 'Login failed. Did you mistype?'
+      render :action => :new
+    end
+  end
+  
+  def destroy
+    logout
+    redirect_to root_path
+  end
+  
+private
+  def build_user_session
+    @session_user = SessionUser.new(params[:session_user])
+  end
+  
+  def redirect_if_logged_in
+    redirect_to root_path if logged_in?
+  end
+  
+  def login_required
+    redirect_to login_path unless logged_in?
+  end
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,34 @@
+class UsersController < ApplicationController
+  before_filter :login_required
+  
+  def verify_email
+    @user = User.verify_email!(params[:email_validation_key])
+    flash[:notice] = 'Your email address has been verified. You may now login to your account.'
+    redirect_to login_path
+  rescue UserVerificationError => error
+    flash[:error] = error.message
+    redirect_to login_path
+  end
+  
+  def forgot_password
+    if request.post?
+      if @user = User.find_by_email(params[:user][:email])
+        @user.password = Wristband::Support.random_string(6)
+        @user.save!
+        UserNotifier::deliver_forgot_password(@user)
+        flash[:notice] = 'A new password has been generated and emailed to the address you entered.'
+        redirect_to login_path and return
+      else
+        @user = User.new
+        @user.errors.add("email", "Cannot find that email address, did you mistype?")
+      end
+    end
+  end
+  
+  
+private
+  def login_required
+    redirect_to login_path unless logged_in?
+  end
+
+end

data/app/mailers/user_mailer.rb

@@ -0,0 +1,33 @@
+class UserMailer < ActionMailer::Base
+  default :from => "from@example.com"
+  
+  default_url_options[:host] = HOST_NAME
+  
+  def email_verification(user)
+    setup_email(user)
+    @subject         += "Your account has been created. Please verify your email address"
+  end  
+
+  def forgot_password(user)
+    setup_email(user)
+    @subject          += "You have requested a new password"
+  end
+  
+
+protected
+  # Change YourApp to whatever you application is called
+  def setup_email(user)
+    @recipients  = user.email
+    @body[:user] = user
+    @from        = FROM_EMAIL
+    @subject = case ENV['RAILS_ENV'] 
+      when 'development' 
+        "[YourApp Development] "
+      when 'staging' 
+        "[YourApp Staging] "
+      else "[YourApp] "
+    end
+    @sent_on     = Time.now
+    headers       "Reply-to" => FROM_EMAIL
+  end
+end

data/app/models/session_user.rb

@@ -0,0 +1,59 @@
+class SessionUser
+  include ActiveModel::Validations
+  
+  # == Attribute ==========================================================
+
+  attr_accessor :email
+  attr_accessor :password
+  attr_accessor :remember_me
+  attr_accessor :user
+  
+  # == Validations ==========================================================
+
+  validates :email,
+    :presence => {:message => 'Please enter your email address'},
+    :length => {
+      :within => 6..100,
+      :too_short => "The email address you entered is to short"
+    },
+    :format => {
+      :with => /^([\w.%-+]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, 
+      :message => 'The email address you entered is not valid'
+    }
+    
+  validates :password,
+    :length => {
+      :within => 4..40,
+      :too_short => "The password you entered is too short (minimum is 4 characters)"
+    },
+    :presence => { 
+      :message => 'Please choose a password'
+    },
+    :confirmation => {:message => "The password you entered does not match with the confirmation"}
+    
+  # == Class Methods ========================================================
+  
+  def self.create(params={})
+    session_user = self.new(params)
+    session_user.save
+    session_user
+  end
+  
+  # == Instance Methods =====================================================
+  
+  def initialize(params = {})
+    if params
+      @email = params[:email]
+      @password = params[:password]
+      @remember_me = params[:remember_me]
+    end
+  end
+  
+  def save
+    @user = User.authenticate(self.email, self.password) if self.valid?
+  end
+  
+  def to_key
+    nil
+  end
+end

data/app/models/user.rb

@@ -0,0 +1,52 @@
+class User < ActiveRecord::Base
+  
+  # == Constants ============================================================
+  
+  ROLES = [:admin, :regular_user]
+  
+  # == Extensions ===========================================================
+
+  wristband :roles => ROLES
+
+  # == Validations ==========================================================
+
+  validates :email,
+    :presence => {:message => 'Please enter your email address'},
+    :length => {
+      :within => 6..100,
+      :too_short => "The email address you entered is to short"
+    },
+    :format => {
+      :with => /^([\w.%-+]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, 
+      :message => 'The email address you entered is not valid'
+    },
+    :uniqueness => true
+    
+  validates :password,
+    :length => {
+      :within => 4..40,
+      :too_short => "The password you entered is too short (minimum is 4 characters)"
+    },
+    :presence => { 
+      :message => 'Please choose a password',
+      :if => :password_required? 
+    },
+    :confirmation => {:message => "The password you entered does not match with the confirmation"}
+    
+  validates :role, 
+    :inclusion => { :in => ROLES },
+    :presence => true
+
+  # == Scopes ===============================================================
+
+  # == Callbacks ============================================================
+
+  # == Class Methods ========================================================
+
+  # == Instance Methods =====================================================
+
+  def password_required?
+    self.new_record?
+  end
+
+end

data/app/views/layouts/application.html.erb

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Wristband</title>
+  <%= stylesheet_link_tag :all %>
+  <%= javascript_include_tag :defaults %>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+
+<%= yield %>
+
+</body>
+</html>

data/app/views/sessions/new.html.haml

@@ -0,0 +1,15 @@
+%h1 Login
+
+= formatted_form_for @session_user, :url => login_path do |f|
+  = f.text_field :email, :label => 'Email address'
+  = f.password_field :password
+  = f.check_box :remember_me, :label => 'Remember me when I come back'
+  = f.submit 'Log In'
+
+%p
+  Did you forget your password?
+  = link_to 'Recover it here.', forgot_password_path
+%p 
+  If you don't have a login yet, click
+  = link_to 'here', register_path
+  to register.

data/app/views/user_mailer/email_verification.text.html.rhtml

@@ -0,0 +1,7 @@
+<p>Hi,</p>
+
+<p>Your account has been set up.</p>
+
+<p>To verify your email address so that you may login, please click <%= link_to 'here', verify_email_url(@user.email_validation_key) %>.</p>
+
+<p>Thanks</p>

data/app/views/user_mailer/email_verification.text.plain.rhtml

@@ -0,0 +1,9 @@
+Hi,
+
+Your account has been set up.
+
+To verify your email address so that you may login, please visit the following link:
+  
+<%= verify_email_url(@user.email_validation_key) %>
+
+Thanks

data/app/views/user_mailer/forgot_password.text.html.rhtml

@@ -0,0 +1,10 @@
+<p>Hi,</p>
+
+<p>A new password was requested for this email address.</p>
+
+<p>Your new password is: <b><%= @user.password %></b> </p>
+
+<p><%= link_to 'Click here to login', login_url %>.</p>
+<p>Once you have logged in, you can edit your profile and change your password to something you can easily remember.</p>
+
+<p>Thanks</p>

data/app/views/user_mailer/forgot_password.text.plain.rhtml

@@ -0,0 +1,10 @@
+Hi,
+
+A new password was requested for this email address.
+
+Your new password is: <b><%= @user.password %></b> 
+
+To login go to: <%= login_url %>.
+Once you have logged in, you can edit your profile and change your password to something you can easily remember.
+
+Thanks

data/app/views/users/show.html.haml

@@ -0,0 +1,6 @@
+%h1= "Hi #{current_user.email}"
+
+- if logged_in?
+  = link_to 'Logout', logout_path
+- else
+  = link_to 'Login', login_path

data/config/application.rb

@@ -0,0 +1,15 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+# If you have a Gemfile, require the gems listed there, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(:default, Rails.env) if defined?(Bundler)
+
+module Wristband
+  class Application < Rails::Application
+    config.encoding = "utf-8"
+
+    config.filter_parameters += [:password]
+  end
+end

data/config/boot.rb

@@ -0,0 +1,13 @@
+require 'rubygems'
+
+# Set up gems listed in the Gemfile.
+gemfile = File.expand_path('../../Gemfile', __FILE__)
+begin
+  ENV['BUNDLE_GEMFILE'] = gemfile
+  require 'bundler'
+  Bundler.setup
+rescue Bundler::GemNotFound => e
+  STDERR.puts e.message
+  STDERR.puts "Try running `bundle install`."
+  exit!
+end if File.exist?(gemfile)

data/config/database.yml

@@ -0,0 +1,16 @@
+# SQLite version 3.x
+#   gem install sqlite3-ruby (not necessary on OS X Leopard)
+development:
+  adapter: sqlite3
+  database: db/development.sqlite3
+  pool: 5
+  timeout: 5000
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  adapter: sqlite3
+  database: db/test.sqlite3
+  pool: 5
+  timeout: 5000

data/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application
+Wristband::Application.initialize!

data/config/environments/development.rb

@@ -0,0 +1,26 @@
+Wristband::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # In the development environment your application's code is reloaded on
+  # every request.  This slows down response time but is perfect for development
+  # since you don't have to restart the webserver when you make code changes.
+  config.cache_classes = false
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_view.debug_rjs             = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+end
+

data/config/environments/production.rb

@@ -0,0 +1,49 @@
+Wristband::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # The production environment is meant for finished, "live" apps.
+  # Code is not reloaded between requests
+  config.cache_classes = true
+
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Specifies the header that your server uses for sending files
+  config.action_dispatch.x_sendfile_header = "X-Sendfile"
+
+  # For nginx:
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
+
+  # If you have no front-end server that supports something like X-Sendfile,
+  # just comment this out and Rails will serve the files
+
+  # See everything in the log (default is :info)
+  # config.log_level = :debug
+
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
+
+  # Use a different cache store in production
+  # config.cache_store = :mem_cache_store
+
+  # Disable Rails's static asset server
+  # In production, Apache or nginx will already do this
+  config.serve_static_assets = false
+
+  # Enable serving of images, stylesheets, and javascripts from an asset server
+  # config.action_controller.asset_host = "http://assets.example.com"
+
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+
+  # Enable threaded mode
+  # config.threadsafe!
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation can not be found)
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners
+  config.active_support.deprecation = :notify
+end