wristband 0.0.0 → 1.0.2

data/db/migrate/01_create_users_table.rb

@@ -2,10 +2,9 @@ class CreateUsersTable < ActiveRecord::Migration
   def self.up
     create_table :users do |t|
       t.string :email
-      t.string :email_validation_key
-      t.datetime :validated_at
-      t.string :password_crypt, :limit => 40
+      t.string :password_hash, :limit => 40
       t.string :password_salt,  :limit => 40
+      t.string :perishable_token
       t.string :remember_token
       t.string :role
       t.timestamps
@@ -18,6 +17,9 @@ class CreateUsersTable < ActiveRecord::Migration
       # t.string :zip
       # t.string :ip
     end
+    add_index :users, :email
+    add_index :users, :perishable_token
+    add_index :users, :remember_token
   end
   
   def self.down

data/db/schema.rb

@@ -14,14 +14,17 @@ ActiveRecord::Schema.define(:version => 1) do
 
   create_table "users", :force => true do |t|
     t.string   "email"
-    t.string   "email_validation_key"
-    t.datetime "validated_at"
-    t.string   "password_crypt",       :limit => 40
-    t.string   "password_salt",        :limit => 40
+    t.string   "password_hash",    :limit => 40
+    t.string   "password_salt",    :limit => 40
+    t.string   "perishable_token"
     t.string   "remember_token"
     t.string   "role"
     t.datetime "created_at"
     t.datetime "updated_at"
   end
 
+  add_index "users", ["email"], :name => "index_users_on_email"
+  add_index "users", ["perishable_token"], :name => "index_users_on_perishable_token"
+  add_index "users", ["remember_token"], :name => "index_users_on_remember_token"
+
 end

data/lib/generators/wristband/wristband_generator.rb

@@ -4,29 +4,50 @@ class WristbandGenerator < Rails::Generators::Base
   source_root File.expand_path('../../../..', __FILE__) 
   
   def generate_models
+    puts "\t== Models =="
     copy_file 'app/models/user.rb', 'app/models/user.rb'
     copy_file 'app/models/session_user.rb', 'app/models/session_user.rb'
   end
 
   def generate_controllers
+    puts "\t== Controllers =="
     copy_file 'app/controllers/users_controller.rb', 'app/controllers/users_controller.rb'
     copy_file 'app/controllers/sessions_controller.rb', 'app/controllers/sessions_controller.rb'
+    copy_file 'app/controllers/passwords_controller.rb', 'app/controllers/passwords_controller.rb'
   end
 
   def generate_views
+    puts "\t== Views =="
     copy_file 'app/views/users/show.html.haml', 'app/views/users/show.html.haml'
     copy_file 'app/views/sessions/new.html.haml', 'app/views/sessions/new.html.haml'
-    
+    copy_file 'app/views/passwords/new.html.haml', 'app/views/passwords/new.html.haml'
+    copy_file 'app/views/passwords/edit.html.haml', 'app/views/passwords/edit.html.haml'
   end
+  
   def generate_user_mailer
+    puts "\t== User Mailer =="
     copy_file 'app/mailers/user_mailer.rb', 'app/mailers/user_mailer.rb'
-    copy_file 'app/views/user_mailer/forgot_password.text.html.rhtml', 'app/views/user_mailer/forgot_password.text.html.rhtml'
-    copy_file 'app/views/user_mailer/forgot_password.text.plain.rhtml', 'app/views/user_mailer/forgot_password.text.plain.rhtml'
-    copy_file 'app/views/user_mailer/email_verification.text.html.rhtml', 'app/views/user_mailer/email_verification.text.html.rhtml'
-    copy_file 'app/views/user_mailer/email_verification.text.plain.rhtml', 'app/views/user_mailer/email_verification.text.plain.rhtml'
+    copy_file'app/views/user_mailer/password_reset.html.haml', 'app/views/user_mailer/password_reset.html.haml'
+    copy_file 'app/views/user_mailer/password_reset.text.haml', 'app/views/user_mailer/password_reset.text.haml'
   end
 
+  def generate_tests
+    puts "\t== Test helper and Dummies =="
+    copy_file 'test/test_helper.rb', 'test/test_helper.rb'
+    copy_file 'test/dummy/user.rb', 'test/dummy/user.rb'
+    
+    puts "\t== Unit tests =="
+    copy_file 'test/unit/user_test.rb', 'test/unit/user_test.rb'
+    copy_file 'test/unit/session_user_test.rb', 'test/unit/session_user_test.rb'
+    copy_file 'test/unit/user_mailer_test.rb', 'test/unit/user_mailer_test.rb'
+    
+    puts "\t== Functional tests =="
+    copy_file 'test/functional/sessions_controller_test.rb', 'test/functional/sessions_controller_test.rb'
+    copy_file 'test/functional/passwords_controller_test.rb', 'test/functional/passwords_controller_test.rb'
+  end
+  
   def generate_migration
+    puts "\t== Migration =="
     destination   = File.expand_path('db/migrate/01_create_users_table.rb', self.destination_root)
     migration_dir = File.dirname(destination)
     destination   = self.class.migration_exists?(migration_dir, 'create_users_table')
@@ -43,14 +64,4 @@ class WristbandGenerator < Rails::Generators::Base
     require "rails/generators/#{orm}"
     "#{orm.to_s.camelize}::Generators::Base".constantize.next_migration_number(dirname)
   end
-  
-  # def generate_routes
-  #   route "get '/login', :to => 'sessions#new'"
-  #   route "post '/login', :to => 'sessions#create'"
-  #   route "get '/logout', :to => 'sessions#destroy'"
-  #   route "match '/forgot_password', :to => 'users#forgot_password'"
-  #   route "resources :users"
-  #   route "match '/register', :to => 'users#new'"
-  # end
-  
 end

data/lib/wristband/application_extensions.rb

@@ -27,6 +27,7 @@ module Wristband
       # Logs a user out and deletes the remember_token.
       def logout
         current_user.update_attribute(:remember_token, nil) if current_user
+        self.current_user = nil
         cookies.delete(:login_token)    
         reset_session
       end  

data/lib/wristband/user_extensions.rb

@@ -28,16 +28,7 @@ module Wristband
           end
         end
       end
-    
-      def verify_email!(email_validation_key)
-        if user = find_by_email_validation_key(email_validation_key)
-          user.update_attribute(:validated_at, Time.now.to_s(:db))
-          user
-        else
-          raise UserVerificationError, 'We were not able to verify your account or it may have been verified already. Please contact us for assistance.'.t
-        end
-      end
-    
+      
       def roles_for_select
         self.class.wristband[:roles].collect{ |k| [ k.to_s.titleize, k.to_s] }
       end
@@ -72,16 +63,15 @@ module Wristband
         self.send(self.class.wristband[:password_column]) == Wristband::Support.encrypt_with_salt(string, self.password_salt)
       end
     
-      def password_crypted?
-        self.password_salt and !self.password_salt.empty?
-      end
-    
-      def password_crypt=(value)
-        if (value != read_attribute(:password_crypt))
+      def password_hash=(value)
+        if (value != read_attribute(:password_hash))
           initialize_token
         end
+        write_attribute(:password_hash, value)
+      end
       
-        write_attribute(:password_crypt, value)
+      def reset_perishable_token!
+        update_attribute(:perishable_token, Wristband::Support.random_salt.gsub(/[^A-Za-z0-9]/,''))
       end
       
     end

data/lib/wristband.rb

@@ -26,7 +26,7 @@ module Wristband
       class_eval do
         include Wristband::UserExtensions
         
-        options[:password_column] ||= :password_crypt
+        options[:password_column] ||= :password_hash
         
         # These two are used on the login form
         attr_accessor :password
@@ -82,5 +82,3 @@ end
 
 ActiveRecord::Base.send(:extend, Wristband::ClassMethods)
 ActionController::Base.send(:include, Wristband::ApplicationExtensions)
-
-class UserVerificationError < StandardError; end

data/test/dummy/user.rb

@@ -4,7 +4,7 @@ TestDummy.declare(User) do
   end
 
   dummy :password do
-    'passpass'
+    'password'
   end
 
   dummy :role do

data/test/functional/passwords_controller_test.rb

@@ -0,0 +1,62 @@
+require 'test_helper'
+
+class PasswordsControllerTest < ActionController::TestCase
+  def test_new
+    get :new
+    assert_response :success
+    assert_template 'new'
+  end
+  
+  def test_create
+    user = a User
+    assert_created user
+    assert_difference 'ActionMailer::Base.deliveries.size', 1 do
+      post :create, :email => user.email
+      assert_equal 'Email to reset password successfully sent.', flash[:notice]
+      assert_redirected_to login_path
+      user.reload
+      assert_not_nil user.perishable_token
+    end
+    response = ActionMailer::Base.deliveries.last
+    assert_equal 2, response.parts.length
+    response.parts.each do |part|
+      assert_match /#{user.perishable_token}/, part.body.to_s
+    end
+    assert_equal user.email, response.to[0]
+  end
+  
+  def test_edit
+    user = a User
+    user.reset_perishable_token!
+    get :edit, :id => user.perishable_token
+    assert_response :success
+    assert_template 'edit'
+  end
+  
+  def test_edit_redirects_on_invalid_perishable_token
+    user = a User
+    user.reset_perishable_token!
+    get :edit, :id => user.perishable_token + 'bogus'
+    assert_redirected_to login_path
+  end
+
+  def test_update
+    user = a User
+    user.reset_perishable_token!
+    assert !user.password_match?('newpassword')
+    put :update, :id => user.perishable_token, :user => {:password => 'newpassword', :password_confirmation => 'newpassword'}
+    assert_redirected_to user_path(user)
+    user.reload
+    assert_nil user.perishable_token
+    assert user.password_match?('newpassword')
+  end
+  
+  def test_update_redirects_on_invalid_perishable_token
+    user = a User
+    user.reset_perishable_token!
+    put :update, :id => user.perishable_token + 'bogus', :user => {:password => 'newpassword', :password_confirmation => 'newpassword'}
+    assert_redirected_to login_path
+    user.reload
+    assert_not_nil user.perishable_token
+  end
+end

data/test/functional/sessions_controller_test.rb

@@ -0,0 +1,93 @@
+require 'test_helper'
+
+class SessionsControllerTest < ActionController::TestCase
+  def setup
+    @regular_user = a User
+    @regular_user.update_attribute(:role, 'regular_user')
+    assert_created @regular_user
+    
+    assert !@regular_user.is_admin?
+  end
+
+  # >> Login -----------------------------------------------------------
+
+  def test_get_new
+    get :new
+    assert_response :success
+    assert_template 'new'
+    assert !@controller.logged_in?
+    assert_nil @controller.current_user
+  end
+  
+  def test_should_login_with_email_and_redirect
+    post :create, :session_user => { :email => @regular_user.email, :password => @regular_user.password }
+    assert_equal "Welcome, you are now logged in.", flash[:notice]
+    assert_equal session[:user_id], @regular_user.id
+    assert_redirected_to user_path(@regular_user)
+    assert @controller.logged_in?
+    assert_equal @controller.current_user, @regular_user
+  end
+  
+  def test_login_errors
+    post :create, :session_user => { :email => 'a', :password => 'b' }
+    assert_equal "Login failed. Did you mistype?", flash[:alert]
+    assert_nil session[:user]
+    assert_response :success
+    assert_template 'new'
+    assert !@controller.logged_in?
+    assert_nil @controller.current_user
+    
+    assert !assigns(:session_user).valid?
+    assert_errors_on assigns(:session_user), :email, :password
+    assert assigns(:session_user).errors[:email].include?("The email address you entered is not valid")
+    assert assigns(:session_user).errors[:email].include?("The email address you entered is to short")
+    assert assigns(:session_user).errors[:password].include?("The password you entered is too short (minimum is 4 characters)")
+  end
+  
+  def test_new_redirects_if_logged_in
+    login_as(@regular_user)
+    assert_equal session[:user_id], @regular_user.id
+    assert @controller.logged_in?
+    assert_equal @controller.current_user, @regular_user
+
+    get :new
+    assert_redirected_to user_path(@regular_user)
+  end
+  
+  def test_create_redirects_if_logged_in
+    login_as(@regular_user)
+    assert_equal session[:user_id], @regular_user.id
+    assert @controller.logged_in?
+    assert_equal @controller.current_user, @regular_user
+    
+    post :create, :session_user => { :email => @regular_user.email, :password => @regular_user.password }
+    assert_redirected_to user_path(@regular_user)
+  end
+  
+  # >> Logout -----------------------------------------------------------
+
+  def test_should_logout
+    login_as(@regular_user)
+    assert_equal session[:user_id], @regular_user.id
+    assert @controller.logged_in?
+    assert_equal @controller.current_user, @regular_user
+    
+    get :destroy
+    assert_redirected_to login_path
+    assert_nil cookies[:login_token]
+    assert_nil session[:user_id]
+    @regular_user.reload
+    assert_nil @regular_user.remember_token
+    assert !@controller.logged_in?
+    assert_nil @controller.current_user
+  end
+  
+  # >> Remember me -----------------------------------------------------------
+
+  def test_remember_me
+    post :create, :session_user => { :email => @regular_user.email, :password => @regular_user.password , :remember_me => '1' }
+    assert_equal request.session[:user_id], @regular_user.id
+    assert_not_nil assigns(:session_user).user.remember_token
+    assert_equal assigns(:session_user).user.remember_token, cookies['login_token']
+  end
+end

data/test/test_helper.rb

@@ -3,7 +3,7 @@ require File.expand_path('../../config/environment', __FILE__)
 require 'rails/test_help'
 
 class ActiveSupport::TestCase
-  self.use_transactional_fixtures = false
+  self.use_transactional_fixtures = true
   self.use_instantiated_fixtures = false
   
   def data_path(name)
@@ -42,10 +42,8 @@ class ActiveSupport::TestCase
       if (v != map[k])
         a << k
       end
-
       a
     end
-    
     assert_equal map, result_map, "Difference: #{map.slice(*differences).inspect} vs #{result_map.slice(*differences).inspect}"
   end
   
@@ -64,9 +62,7 @@ class ActiveSupport::TestCase
     end
 
     session[:user_id] = user.id
-    
     token = Wristband::Support.encrypt_with_salt(user.id.to_s, Time.now.to_f.to_s)
-      
     cookies[:login_token] = {
       :value => token,
       :expires => 2.weeks.from_now.utc

data/test/unit/has_authorities_test.rb

@@ -33,16 +33,9 @@ class NewUser < ActiveRecord::Base
     columns << ActiveRecord::ConnectionAdapters::Column.new(name.to_s, default, sql_type.to_s, null)
   end
 
-  column :email, :string
-  column :to_email, :string
-  column :article_id, :integer
-  column :message, :text
   column :email
-  column :email_validation_key
-  column :validated_at
-  column :password_crypt
+  column :password_hash
   column :password_salt
-  column :remember_token
   column :role
 
   wristband :has_authorities => true

data/test/unit/session_user_test.rb

@@ -1,8 +1,50 @@
 require 'test_helper'
 
 class SessionUserTest < ActiveSupport::TestCase
-  # Replace this with your real tests.
-  test "the truth" do
-    assert true
+  
+  def test_create_defaults
+    session_user = SessionUser.new(
+      :email => 'test@test.com',
+      :password => 'password'
+    )
+    assert session_user.valid?
+    assert_equal session_user.email, 'test@test.com'
+    assert_equal session_user.password, 'password'
+    assert_nil session_user.user
   end
-end
+  
+  def test_create_requirements
+    session_user = SessionUser.new
+    assert !session_user.valid?
+    assert_errors_on session_user, :email, :password
+    assert session_user.errors[:email].include?("Please enter your email address")
+    assert session_user.errors[:email].include?("The email address you entered is not valid")
+    assert session_user.errors[:email].include?("The email address you entered is to short")
+    assert session_user.errors[:password].include?("Please choose a password")
+    assert session_user.errors[:password].include?("The password you entered is too short (minimum is 4 characters)")
+  end
+  
+  def test_successful_authentication
+    user = a User
+    session_user = SessionUser.create(
+      :email => user.email,
+      :password => user.password
+    )
+    assert session_user.valid?
+    assert_equal session_user.email, user.email
+    assert_equal session_user.password, user.password
+    assert_equal session_user.user, user
+  end
+  
+  def test_failed_authentication
+    user = a User
+    session_user = SessionUser.create(
+      :email => user.email,
+      :password => '-bugus-'
+    )
+    assert session_user.valid?
+    assert_equal session_user.email, user.email
+    assert_equal session_user.password, '-bugus-'
+    assert_nil session_user.user
+  end
+end

data/test/unit/user_mailer_test.rb

@@ -0,0 +1,18 @@
+require 'test_helper'
+
+class UserMailerTest < ActionMailer::TestCase
+  
+  def test_password_reset
+    user = a User
+    user.reset_perishable_token!
+    assert_emails 1 do
+      response = UserMailer.password_reset(user).deliver
+      assert_equal "You have requested a new password", response.subject
+      assert_equal 2, response.parts.length
+      response.parts.each do |part|
+        assert_match /#{user.perishable_token}/, part.body.to_s
+      end
+      assert_equal user.email, response.to[0]
+    end
+  end
+end

data/test/unit/user_test.rb

@@ -8,7 +8,7 @@ class UserTest < ActiveSupport::TestCase
       :password => 'tester',
       :password_confirmation => 'tester'
     )
-    user.role = :admin
+    user.role = 'admin'
     user.save
     assert_created user
   end
@@ -31,75 +31,4 @@ class UserTest < ActiveSupport::TestCase
     assert_created user
   end
   
-  def test_user_instance_methods
-    @user = a User
-    %w{
-      has_authority_to?
-      has_objections_to?
-      initialize_salt
-      initialize_token
-      encrypt_password
-      password_match?
-      password_crypted?
-      password_crypt=
-      is_admin?
-      is_regular_user?
-    }.each do |method|
-      assert @user.respond_to?(method), "On '#{method}' method"
-    end
-  end
-
-  def test_user_class_methods
-    @user = a User
-    %w{
-      authenticate
-      execute_authentication_chain
-      verify_email!
-      wristband
-    }.each do |method|
-      assert User.respond_to?(method), "On '#{method}' method"
-    end
-  end
-
-  def test_user_class_private_methods
-    %w{
-      random_string
-      encrypt_with_salt
-      random_salt
-    }.each do |method|
-      assert User.private_methods.include?(method), "On '#{method}' method"
-    end
-  end
-
-  def test_assigned_options
-    assert_equal User.wristband[:login_with_fields], [:email]
-    assert_equal User.wristband[:before_authentication_chain], []
-    assert_equal User.wristband[:after_authentication_chain], []
-    assert_equal User.wristband[:password_column], :password_crypt
-    assert_equal User.wristband[:roles], [:admin, :regular_user]
-  end
-  
-  def test_authentication_by_email
-    @user = a User
-    assert_equal @user, User.authenticate(@user.email, 'passpass')
-  end
-
-  def test_authentication_fails
-    @user = a User
-    assert_nil User.authenticate('-bugus-', 'passpass')
-    assert_nil User.authenticate(@user.email, '-bugus-')
-  end
-  
-  def test_password_match
-    @user = a User
-    assert @user.password_match?('passpass')
-  end
-  
-  def test_user_roles
-    @user = a User
-    @user.update_attribute(:role, :regular_user)
-    assert @user.is_regular_user?
-    @user.update_attribute(:role, :admin)
-    assert @user.is_admin?
-  end
 end

data/test/unit/wristband_test.rb

@@ -0,0 +1,74 @@
+require 'test_helper'
+
+class WristbandTest < ActiveSupport::TestCase
+  
+  def test_user_instance_methods
+    @user = a User
+    %w{
+      has_authority_to?
+      has_objections_to?
+      initialize_salt
+      initialize_token
+      encrypt_password
+      password_match?
+      password_hash=
+      is_admin?
+      is_regular_user?
+    }.each do |method|
+      assert @user.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_methods
+    @user = a User
+    %w{
+      authenticate
+      execute_authentication_chain
+      wristband
+    }.each do |method|
+      assert User.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_private_methods
+    %w{
+      random_string
+      encrypt_with_salt
+      random_salt
+    }.each do |method|
+      assert User.private_methods.include?(method.to_sym), "On '#{method}' method"
+    end
+  end
+
+  def test_assigned_options
+    assert_equal User.wristband[:login_with_fields], [:email]
+    assert_equal User.wristband[:before_authentication_chain], []
+    assert_equal User.wristband[:after_authentication_chain], []
+    assert_equal User.wristband[:password_column], :password_hash
+    assert_equal User.wristband[:roles], ['admin', 'regular_user']
+  end
+  
+  def test_authentication_by_email
+    @user = a User
+    assert_equal @user, User.authenticate(@user.email, @user.password)
+  end
+
+  def test_authentication_fails
+    @user = a User
+    assert_nil User.authenticate('-bugus-', @user.password)
+    assert_nil User.authenticate(@user.email, '-bugus-')
+  end
+  
+  def test_password_match
+    @user = a User
+    assert @user.password_match?('password')
+  end
+  
+  def test_user_roles
+    @user = a User
+    @user.update_attribute(:role, 'regular_user')
+    assert @user.is_regular_user?
+    @user.update_attribute(:role, 'admin')
+    assert @user.is_admin?
+  end
+end