wristband 0.0.0

data/config/environments/test.rb

@@ -0,0 +1,35 @@
+Wristband::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb
+
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = true
+
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
+
+  # Show full error reports and disable caching
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Raise exceptions instead of rendering exception templates
+  config.action_dispatch.show_exceptions = false
+
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection    = false
+
+  # Tell Action Mailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
+
+  # Use SQL instead of Active Record's schema dumper when creating the test database.
+  # This is necessary if your schema can't be completely dumped by the schema dumper,
+  # like if you have constraints or database-specific column types
+  # config.active_record.schema_format = :sql
+
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end

data/config/initializers/wristband.rb

@@ -0,0 +1 @@
+require 'wristband'

data/config/locales/en.yml

@@ -0,0 +1,5 @@
+# Sample localization file for English. Add more files in this directory for other locales.
+# See http://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
+
+en:
+  hello: "Hello world"

data/config/routes.rb

@@ -0,0 +1,11 @@
+Rails::Application.routes.draw do
+
+  post '/login', :to => 'sessions#create'
+  get '/login', :to => 'sessions#new'
+  get '/logout', :to => 'sessions#destroy'
+  match '/forgot_password', :to => 'sessions#forgot_password'
+
+  resources :users
+  match '/register', :to => 'users#new'
+
+end

data/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Wristband::Application

data/db/migrate/01_create_users_table.rb

@@ -0,0 +1,26 @@
+class CreateUsersTable < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :email
+      t.string :email_validation_key
+      t.datetime :validated_at
+      t.string :password_crypt, :limit => 40
+      t.string :password_salt,  :limit => 40
+      t.string :remember_token
+      t.string :role
+      t.timestamps
+      # --- Other useful fields ---
+      # t.string :first_name
+      # t.string :last_name
+      # t.string :address
+      # t.string :city
+      # t.string :state
+      # t.string :zip
+      # t.string :ip
+    end
+  end
+  
+  def self.down
+    drop_table :users
+  end
+end

data/db/schema.rb

@@ -0,0 +1,27 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended to check this file into your version control system.
+
+ActiveRecord::Schema.define(:version => 1) do
+
+  create_table "users", :force => true do |t|
+    t.string   "email"
+    t.string   "email_validation_key"
+    t.datetime "validated_at"
+    t.string   "password_crypt",       :limit => 40
+    t.string   "password_salt",        :limit => 40
+    t.string   "remember_token"
+    t.string   "role"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/lib/generators/wristband/wristband_generator.rb

@@ -0,0 +1,56 @@
+class WristbandGenerator < Rails::Generators::Base
+  include Rails::Generators::Migration
+
+  source_root File.expand_path('../../../..', __FILE__) 
+  
+  def generate_models
+    copy_file 'app/models/user.rb', 'app/models/user.rb'
+    copy_file 'app/models/session_user.rb', 'app/models/session_user.rb'
+  end
+
+  def generate_controllers
+    copy_file 'app/controllers/users_controller.rb', 'app/controllers/users_controller.rb'
+    copy_file 'app/controllers/sessions_controller.rb', 'app/controllers/sessions_controller.rb'
+  end
+
+  def generate_views
+    copy_file 'app/views/users/show.html.haml', 'app/views/users/show.html.haml'
+    copy_file 'app/views/sessions/new.html.haml', 'app/views/sessions/new.html.haml'
+    
+  end
+  def generate_user_mailer
+    copy_file 'app/mailers/user_mailer.rb', 'app/mailers/user_mailer.rb'
+    copy_file 'app/views/user_mailer/forgot_password.text.html.rhtml', 'app/views/user_mailer/forgot_password.text.html.rhtml'
+    copy_file 'app/views/user_mailer/forgot_password.text.plain.rhtml', 'app/views/user_mailer/forgot_password.text.plain.rhtml'
+    copy_file 'app/views/user_mailer/email_verification.text.html.rhtml', 'app/views/user_mailer/email_verification.text.html.rhtml'
+    copy_file 'app/views/user_mailer/email_verification.text.plain.rhtml', 'app/views/user_mailer/email_verification.text.plain.rhtml'
+  end
+
+  def generate_migration
+    destination   = File.expand_path('db/migrate/01_create_users_table.rb', self.destination_root)
+    migration_dir = File.dirname(destination)
+    destination   = self.class.migration_exists?(migration_dir, 'create_users_table')
+  
+    if destination
+      puts "\e[0m\e[31mFound existing create_users_table.rb migration. Remove it if you want to regenerate.\e[0m"
+    else
+      migration_template 'db/migrate/01_create_users_table.rb', 'db/migrate/create_users_table.rb'
+    end
+  end
+  
+  def self.next_migration_number(dirname)
+    orm = Rails.configuration.generators.options[:rails][:orm]
+    require "rails/generators/#{orm}"
+    "#{orm.to_s.camelize}::Generators::Base".constantize.next_migration_number(dirname)
+  end
+  
+  # def generate_routes
+  #   route "get '/login', :to => 'sessions#new'"
+  #   route "post '/login', :to => 'sessions#create'"
+  #   route "get '/logout', :to => 'sessions#destroy'"
+  #   route "match '/forgot_password', :to => 'users#forgot_password'"
+  #   route "resources :users"
+  #   route "match '/register', :to => 'users#new'"
+  # end
+  
+end

data/lib/wristband/application_extensions.rb

@@ -0,0 +1,67 @@
+module Wristband
+  module ApplicationExtensions
+    def self.included(base)
+      base.send(:extend, Wristband::ApplicationExtensions::ClassMethods)
+      base.send(:include, Wristband::ApplicationExtensions::InstanceMethods)
+      base.send(:helper_method, :logged_in?, :current_user) if base.respond_to?(:helper_method)
+    end
+
+    module ClassMethods
+      # ...
+    end
+
+    module InstanceMethods
+      def login(session_user)
+        login_as_user(session_user.user, session_user.remember_me)
+      end
+      
+      def login_as_user(user, remember_me=false)
+        self.current_user = user
+        if remember_me
+          token = Support.encrypt_with_salt(user.id.to_s, Time.now.to_f.to_s)
+          cookies[:login_token] = { :value => token, :expires => 2.weeks.from_now.utc }
+          user.update_attribute(:remember_token, token)
+        end
+      end
+  
+      # Logs a user out and deletes the remember_token.
+      def logout
+        current_user.update_attribute(:remember_token, nil) if current_user
+        cookies.delete(:login_token)    
+        reset_session
+      end  
+    
+      # Returns true if a user is logged in
+      def logged_in?
+        !!current_user
+      end
+    
+      # Returns the current user in session. Use this on your views and controllers.
+      def current_user
+        @current_user ||= (session[:user_id] and ::User.find_by_id(session[:user_id]))
+      end
+
+      # Sets the current user in session
+      def current_user=(user)
+        @current_user = user
+        session[:user_id] = (user and user.id)
+      end
+    
+      # Logs a user automatically from his cookie
+      #
+      # You can use this function as a before filter on your controllers.
+      def login_from_cookie
+        return if (logged_in? or !cookies[:login_token])
+        self.current_user = ::User.find_by_remember_token(cookies[:login_token])
+      end
+    
+      # You can use this function as a before filter on your controllers that require autentication.
+      #
+      # If the user is not logged in +respond_not_logged_in+ will be called.
+      def login_required
+        logged_in?
+      end
+    
+    end
+  end
+end

data/lib/wristband/authority_check.rb

@@ -0,0 +1,160 @@
+# = AuthorityCheck
+# The different user authorities are defined in a separate class so as to reduce
+# clutter in the User model itself. 
+# 
+#   class User < ActiveRecord::Base
+#     wristband :has_authorities => true
+#   end
+#   
+# This will refer to the class UserAuthorityCheck for all authority tests, but the
+# name of this module can be defined as required:
+# 
+#   class User < ActiveRecord::Base
+#     has_authorities => :permissions
+#   end
+# 
+# That would reference the class UserPermissions instead for all tests.
+# 
+# A sample authority checking class is defined as:
+# 
+#   class UserAuthorityCheck < AuthorityCheck
+#     def wear_shoes?
+#       unless (@user.name.match(/^a/i))
+#         fail!("Only people with names that start with 'A' can wear shoes.")
+#       end
+#     end
+#   end
+# 
+# <b>Note the syntax: </b>All authority checks are defined as ending with a trailing question mark
+# character.
+# 
+# A check is considered to have passed if
+# * a call to <tt>allow!</tt> has been made, or
+# * no calls to <tt>fail!</tt> have been made.
+# 
+# Once defined, the user authorities are checked via a call to a User instance:
+# 
+#   user.has_authority_to?(:wear_shoes)
+# 
+# While the <tt>has_authority_to?</tt> method returns only true or false, a call to
+# <tt>has_objections_to?</tt> will return nil on success or any error messages if there
+# is a failure.
+# 
+# 
+# ==== Passing parameters to the authority methods
+# 
+# Any call to these tests may include options in the form of a Hash:
+# 
+#   user.has_authority_to?(:send_message, :text => "Foo bar")
+#   
+# These options can be acted upon within the authority check:
+# 
+#   def send_message?
+#     if (options[:text].match(/foo/i))
+#       fail!("Messages may not contain forbidden words.")
+#     end
+#   end
+# 
+# ==== Before chains
+# 
+# In addition to defining straight tests, a chain can be defined to run before
+# any of the tests themselves. This allows certain calls to be over-ruled. For
+# example:
+# 
+#   before_check :allow_if_admin!
+#   
+#   def allow_if_admin!
+#     if (@user.is_admin?)
+#       allow!
+#     end
+#   end
+#   
+# In this case, the <tt>allow_if_admin!</tt> method will be called before any checks are performed. If
+# the <tt>allow!</tt> method is executed, all subsequent tests are halted and the check
+# is considered to have passed.
+
+class AuthorityCheck
+  attr_accessor :user
+  attr_accessor :options
+  
+  def initialize(user, test_method, options = { })
+    self.user = user
+    self.options = options
+    
+    @test_method = "#{test_method}?".to_sym
+
+    @result = nil
+  end
+  
+  # Checkes if the user is allowed to do something.
+  # Returns <tt>true</tt> or <tt>false</tt>
+  def allowed_to?
+    execute_tests!
+
+    # Either explicitly allowed (true) or not given any reasons as to why
+    # not (nil, empty)
+    (@result === true or (@result === nil and @reasons.blank?)) ? true : false
+  end
+  
+  def denied_for_reasons
+    @reasons = [ ]
+    
+    allowed_to? ? nil : @reasons
+  end
+  
+  
+  class << self
+    def check_chain
+      @check_chain ||= [ ]
+    end
+
+    def check_chain=(value)
+      @check_chain = value
+    end
+  
+    def before_check(method, options = { })
+      self.check_chain += remap_chain_methods([ method ])
+    end
+  
+    def check_alias_as(original, *aliases)
+      aliases.flatten.each do |alias_name|
+        alias_method alias_name, original
+      end
+    end
+  end
+
+
+  
+protected
+  def allow!
+    @result = true
+  end
+  
+  def fail!(message)
+    if (@reasons and message)
+      @reasons << message
+    end
+    
+    @result = false
+  end
+
+  def execute_tests!
+    self.class.check_chain.each do |method|
+      case (method)
+      when Symbol, String
+        send(method)
+      else
+        method.call
+      end
+
+      # Stop evaluating if this test called allow!
+      return if (@result === true)
+    end
+    
+    self.send(@test_method)
+  end
+
+  def self.remap_chain_methods(methods)
+    methods
+  end
+end

data/lib/wristband/support.rb

@@ -0,0 +1,28 @@
+module Wristband
+  module Support
+    CONSONANTS = %w( b c d f g h j k l m n p qu r s t v w x z ch cr fr nd ng nk nt ph pr rd sh sl sp st th tr )
+    VOWELS = %w( a e i o u y )
+  
+    def random_string(length = 8)
+      (1 .. length).collect { |n|
+        (n % 2 != 0) ? CONSONANTS[rand(CONSONANTS.size)] : VOWELS[rand(VOWELS.size)]
+      }.to_s[0, length]
+    end
+    module_function :random_string
+  
+    def encrypt_with_salt(password, salt)
+      return password unless (salt and !salt.empty?)
+    
+      Digest::SHA1.hexdigest([ password, salt ].to_s)
+    end
+    module_function :encrypt_with_salt
+  
+    def random_salt(length = nil)
+      salt = Digest::SHA1.hexdigest([ rand, rand, random_string(64), rand, rand ].to_s)
+    
+      length ? salt[0, length] : salt
+    end
+    module_function :random_salt
+  
+  end
+end

data/lib/wristband/user_extensions.rb

@@ -0,0 +1,89 @@
+module Wristband
+  module UserExtensions
+    def self.included(base)
+      base.send(:extend, Wristband::UserExtensions::ClassMethods)
+      base.send(:include, Wristband::UserExtensions::InstanceMethods)
+      base.send(:extend, Wristband::Support)
+    end
+
+    module ClassMethods
+      def authenticate(email, password)
+        self.execute_authentication_chain(self, self.wristband[:before_authentication_chain]) == false and return
+        user = nil
+        wristband[:login_with_fields].find do |field|
+          user = send("find_by_#{field}", email) 
+        end
+        (user and user.password_match?(password)) || return
+        self.execute_authentication_chain(user, self.wristband[:after_authentication_chain]) == false  and return
+        user
+      end
+    
+      def execute_authentication_chain(object, list)
+        list.each do |func|
+          case func
+          when Symbol,String
+            object.send(func) == false and return false
+          when Proc
+            func.call(object) == false and return false
+          end
+        end
+      end
+    
+      def verify_email!(email_validation_key)
+        if user = find_by_email_validation_key(email_validation_key)
+          user.update_attribute(:validated_at, Time.now.to_s(:db))
+          user
+        else
+          raise UserVerificationError, 'We were not able to verify your account or it may have been verified already. Please contact us for assistance.'.t
+        end
+      end
+    
+      def roles_for_select
+        self.class.wristband[:roles].collect{ |k| [ k.to_s.titleize, k.to_s] }
+      end
+      
+    end
+
+    module InstanceMethods
+
+      def has_authority_to?(action, options = { })
+        self.class.wristband[:authority_class].new(self, action, options).allowed_to?
+      end
+
+      def has_objections_to?(action, options = { })
+        self.class.wristband[:authority_class].new(self, action, options).denied_for_reasons
+      end
+
+      def initialize_salt
+        self.password_salt = Wristband::Support.random_salt
+      end
+
+      def initialize_token
+        self.remember_token = Wristband::Support.random_salt(16)
+      end
+    
+      def encrypt_password
+        initialize_salt if new_record?
+        return if self.password.blank?
+        self.send("#{self.class.wristband[:password_column]}=", Wristband::Support.encrypt_with_salt(self.password, self.password_salt))
+      end
+    
+      def password_match?(string)
+        self.send(self.class.wristband[:password_column]) == Wristband::Support.encrypt_with_salt(string, self.password_salt)
+      end
+    
+      def password_crypted?
+        self.password_salt and !self.password_salt.empty?
+      end
+    
+      def password_crypt=(value)
+        if (value != read_attribute(:password_crypt))
+          initialize_token
+        end
+      
+        write_attribute(:password_crypt, value)
+      end
+      
+    end
+  end
+end

data/lib/wristband.rb

@@ -0,0 +1,86 @@
+require 'wristband/user_extensions'
+require 'wristband/support'
+require 'wristband/application_extensions'
+require 'wristband/authority_check'
+
+module Wristband
+
+  VERSION = "1.0.0"
+
+  class Engine < ::Rails::Engine; end
+
+  class << self
+    def included base #:nodoc:
+      base.extend ClassMethods
+    end
+  end
+
+  module ClassMethods
+    def wristband(options={})
+      options[:login_with]            ||= [:email]
+      options[:before_authentication] ||= []
+      options[:after_authentication]  ||= []
+      options[:has_authorities]       ||= false
+      options[:roles]                 ||= []
+
+      class_eval do
+        include Wristband::UserExtensions
+        
+        options[:password_column] ||= :password_crypt
+        
+        # These two are used on the login form
+        attr_accessor :password
+        attr_accessor :password_confirmation
+        
+        before_save :encrypt_password
+          
+        # Add roles
+        unless options[:roles].blank?
+          options[:roles].each do |role|
+            define_method "is_#{role}?" do
+              self.role.to_s == role.to_s
+            end
+          end
+        end
+        
+        class << self
+          attr_accessor :wristband
+        end
+      end
+      
+      self.wristband = {
+        :login_with_fields            => [options[:login_with]].flatten,
+        :before_authentication_chain  => [options[:before_authentication]].flatten,
+        :after_authentication_chain   => [options[:after_authentication]].flatten,
+        :password_column              => options[:password_column],
+        :roles                        => options[:roles]
+      }
+      
+      if options[:has_authorities]
+        self.wristband[:authority_class] = UtilityMethods.interpret_class_specification(self, options[:has_authorities])
+      end
+    end    
+  end
+  
+  module UtilityMethods
+    def self.interpret_class_specification(model_class, with_class)
+      case (with_class)
+      when Symbol
+        "#{model_class.class_name}#{with_class.to_s.camelcase}".constantize
+      when String
+        with_class.constantize
+      when true
+        "#{model_class.name}AuthorityCheck".constantize
+      else
+        with_class
+      end
+    end
+  end
+  
+end
+
+
+ActiveRecord::Base.send(:extend, Wristband::ClassMethods)
+ActionController::Base.send(:include, Wristband::ApplicationExtensions)
+
+class UserVerificationError < StandardError; end

data/public/robots.txt

@@ -0,0 +1,5 @@
+# See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
+#
+# To ban all spiders from the entire site uncomment the next two lines:
+# User-Agent: *
+# Disallow: /

data/script/rails

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require File.expand_path('../../config/boot',  __FILE__)
+require 'rails/commands'

data/test/dummy/user.rb

@@ -0,0 +1,13 @@
+TestDummy.declare(User) do
+  dummy :email do
+    Faker::Internet.email
+  end
+
+  dummy :password do
+    'passpass'
+  end
+
+  dummy :role do
+    User::ROLES[0]
+  end
+end