binarylogic / authlogic

A simple model based ruby authentication solution.

authlogic / lib / authlogic / session / config.rb
raw normal view history
43e849c6 » binarylogic 2008-11-02 Released v0.10.4 1 module Authlogic
1b98335c » binarylogic 2008-10-24 Initial commit 2 module Session
3 module Config # :nodoc:
4 def self.included(klass)
5 klass.extend(ClassMethods)
6 klass.send(:include, InstanceMethods)
7 end
8
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 9 # = Session Config
1b98335c » binarylogic 2008-10-24 Initial commit 10 #
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 11 # This deals with configuration for your session. If you are wanting to configure your model please look at Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Config
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 12 #
13 # Configuration for your session is simple. The configuration options are just class methods. Just put this in your config/initializers directory
1b98335c » binarylogic 2008-10-24 Initial commit 14 #
15 # UserSession.configure do |config|
16 # config.authenticate_with = User
17 # # ... more configuration
18 # end
19 #
20 # or you can set your configuration in the session class directly:
21 #
43e849c6 » binarylogic 2008-11-02 Released v0.10.4 22 # class UserSession < Authlogic::Session::Base
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 23 # authenticate_with User
1b98335c » binarylogic 2008-10-24 Initial commit 24 # # ... more configuration
25 # end
26 #
791f700e » binarylogic 2008-11-05 Released v1.0.0 (see change... 27 # You can also access the values in the same fashion:
28 #
29 # UserSession.authenticate_with
30 #
1b98335c » binarylogic 2008-10-24 Initial commit 31 # See the methods belows for all configuration options.
32 module ClassMethods
33 # Lets you change which model to use for authentication.
34 #
35 # * <tt>Default:</tt> inferred from the class name. UserSession would automatically try User
36 # * <tt>Accepts:</tt> an ActiveRecord class
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 37 def authenticate_with(klass)
1b98335c » binarylogic 2008-10-24 Initial commit 38 @klass_name = klass.name
39 @klass = klass
40 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 41 alias_method :authenticate_with=, :authenticate_with
1b98335c » binarylogic 2008-10-24 Initial commit 42
43 # Convenience method that lets you easily set configuration, see examples above
44 def configure
45 yield self
46 end
47
48 # The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems.
c93bec2d » binarylogic 2008-10-24 Changed scope to id 49 # Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
1b98335c » binarylogic 2008-10-24 Initial commit 50 #
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 51 # session = UserSession.new
52 # session.cookie_key => "user_credentials"
53 #
1b98335c » binarylogic 2008-10-24 Initial commit 54 # session = UserSession.new(:super_high_secret)
55 # session.cookie_key => "super_high_secret_user_credentials"
56 #
57 # * <tt>Default:</tt> "#{klass_name.underscore}_credentials"
58 # * <tt>Accepts:</tt> String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 59 def cookie_key(value = nil)
60 if value.nil?
61 read_inheritable_attribute(:cookie_key) || cookie_key("#{klass_name.underscore}_credentials")
62 else
63 write_inheritable_attribute(:cookie_key, value)
64 end
1b98335c » binarylogic 2008-10-24 Initial commit 65 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 66 alias_method :cookie_key=, :cookie_key
1b98335c » binarylogic 2008-10-24 Initial commit 67
1f74ab91 » binarylogic 2008-12-24 Added disable_magic_states ... 68 # Set this to true if you want to disable the checking of active?, approved?, and confirmed? on your record. This is more or less of a
69 # convenience feature, since 99% of the time if those methods exist and return false you will not want the user logging in. You could
70 # easily accomplish this same thing with a before_validation method or other callbacks.
71 #
72 # * <tt>Default:</tt> false
73 # * <tt>Accepts:</tt> Boolean
74 def disable_magic_states(value = nil)
75 if value.nil?
76 read_inheritable_attribute(:disable_magic_states)
77 else
78 write_inheritable_attribute(:disable_magic_states, value)
79 end
80 end
81 alias_method :disable_magic_states=, :disable_magic_states
82
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 83 # Authlogic tries to validate the credentials passed to it. One part of validation is actually finding the user and making sure it exists. What method it uses the do this is up to you.
84 #
85 # Let's say you have a UserSession that is authenticating a User. By default UserSession will call User.find_by_login(login). You can change what method UserSession calls by specifying it here. Then
86 # in your User model you can make that method do anything you want, giving you complete control of how users are found by the UserSession.
1b98335c » binarylogic 2008-10-24 Initial commit 87 #
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 88 # Let's take an example: You want to allow users to login by username or email. Set this to the name of the class method that does this in the User model. Let's call it "find_by_username_or_email"
1b98335c » binarylogic 2008-10-24 Initial commit 89 #
9bca67d7 » binarylogic 2008-11-09 Reorganized ORM code and tests 90 # class User < ActiveRecord::Base
91 # def self.find_by_username_or_email(login)
92 # find_by_username(login) || find_by_email(login)
93 # end
1b98335c » binarylogic 2008-10-24 Initial commit 94 # end
95 #
96 # * <tt>Default:</tt> "find_by_#{login_field}"
97 # * <tt>Accepts:</tt> Symbol or String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 98 def find_by_login_method(value = nil)
99 if value.nil?
100 read_inheritable_attribute(:find_by_login_method) || find_by_login_method("find_by_#{login_field}")
101 else
102 write_inheritable_attribute(:find_by_login_method, value)
103 end
1b98335c » binarylogic 2008-10-24 Initial commit 104 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 105 alias_method :find_by_login_method=, :find_by_login_method
1b98335c » binarylogic 2008-10-24 Initial commit 106
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 107 # Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth.
108 # This option allows you to change the order or remove any of these.
e77ca8a3 » binarylogic 2008-10-25 Updated readme 109 #
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 110 # * <tt>Default:</tt> [:params, :session, :cookie, :http_auth]
e77ca8a3 » binarylogic 2008-10-25 Updated readme 111 # * <tt>Accepts:</tt> Array, and can only use any of the 3 options above
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 112 def find_with(*values)
113 if values.blank?
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 114 read_inheritable_attribute(:find_with) || find_with(:params, :session, :cookie, :http_auth)
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 115 else
116 values.flatten!
791f700e » binarylogic 2008-11-05 Released v1.0.0 (see change... 117 write_inheritable_attribute(:find_with, values)
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 118 end
e77ca8a3 » binarylogic 2008-10-25 Updated readme 119 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 120 alias_method :find_with=, :find_with
e77ca8a3 » binarylogic 2008-10-25 Updated readme 121
1d38644c » binarylogic 2008-11-10 Added last_request_at_thres... 122 # Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists. If you want to limit how frequent that field is updated specify the threshold
123 # here. For example, if your user is making a request every 5 seconds, and you feel this is too frequent, and feel a minute is a good threashold. Set this to 1.minute. Once a minute has passed in between
124 # requests the field will be updated.
125 #
126 # * <tt>Default:</tt> 0
127 # * <tt>Accepts:</tt> integer representing time in seconds
128 def last_request_at_threshold(value = nil)
129 if value.nil?
130 read_inheritable_attribute(:last_request_at_threshold) || last_request_at_threshold(0)
131 else
132 write_inheritable_attribute(:last_request_at_threshold, value)
133 end
134 end
135 alias_method :last_request_at_threshold=, :last_request_at_threshold
136
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 137 def login_blank_message(value = nil) # :nodoc:
138 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 139 end
140 alias_method :login_blank_message=, :login_blank_message
141
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 142 def login_not_found_message(value = nil) # :nodoc:
143 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 144 end
145 alias_method :login_not_found_message=, :login_not_found_message
146
1d38644c » binarylogic 2008-11-10 Added last_request_at_thres... 147 # The name of the method you want Authlogic to create for storing the login / username. Keep in mind this is just for your
148 # Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to
149 # login with a field called "login" and then find users by email this is compeltely doable. See the find_by_login_method configuration
150 # option for more details.
1b98335c » binarylogic 2008-10-24 Initial commit 151 #
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 152 # * <tt>Default:</tt> Uses the configuration option in your model: User.acts_as_authentic_config[:login_field]
1b98335c » binarylogic 2008-10-24 Initial commit 153 # * <tt>Accepts:</tt> Symbol or String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 154 def login_field(value = nil)
155 if value.nil?
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 156 read_inheritable_attribute(:login_field) || login_field(klass.acts_as_authentic_config[:login_field])
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 157 else
158 write_inheritable_attribute(:login_field, value)
159 end
1b98335c » binarylogic 2008-10-24 Initial commit 160 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 161 alias_method :login_field=, :login_field
1b98335c » binarylogic 2008-10-24 Initial commit 162
69f2c2b6 » binarylogic 2009-01-08 Add a logout_on_timeout con... Comment 163 # With acts_as_authentic you get a :logged_in_timeout configuration option. If this is set, after this amount of time has passed the user
164 # will be marked as logged out. Obviously, since web based apps are on a per request basis, we have to define a time limit threshold that
165 # determines when we consider a user to be "logged out". Meaning, if they login and then leave the website, when do mark them as logged out?
166 # I recommend just using this as a fun feature on your website or reports, giving you a ballpark number of users logged in and active. This is
167 # not meant to be a dead accurate representation of a users logged in state, since there is really no real way to do this with web based apps.
21d52f71 » binarylogic 2009-02-08 The class level find method... 168 # Think about a user that logs in and doesn't log out. There is no action that tells you that the user isn't technically still logged in and
169 # active.
69f2c2b6 » binarylogic 2009-01-08 Add a logout_on_timeout con... Comment 170 #
21d52f71 » binarylogic 2009-02-08 The class level find method... 171 # That being said, you can use that feature to require a new login if their session timesout. Similar to how financial sites work. Just set this option to
172 # true and if your record returns true for stale? then they will be required to log back in.
173 #
174 # Lastly, UserSession.find will still return a object is the session is stale, but you will not get a record. This allows you to determine if the
175 # user needs to log back in because their session went stale, or because they just aren't logged in. Just call current_user_session.stale? as your flag.
69f2c2b6 » binarylogic 2009-01-08 Add a logout_on_timeout con... Comment 176 #
177 # * <tt>Default:</tt> false
178 # * <tt>Accepts:</tt> Boolean
179 def logout_on_timeout(value = nil)
180 if value.nil?
181 read_inheritable_attribute(:logout_on_timeout) || logout_on_timeout(false)
182 else
183 write_inheritable_attribute(:logout_on_timeout, value)
184 end
185 end
186 alias_method :logout_on_timeout=, :logout_on_timeout
187
40c611c1 » binarylogic 2009-02-10 Added brute force protectio... 188 # To help protect from brute force attacks you can set a limit on the allowed number of consecutive failed logins. By default this is 50, this is a very liberal
189 # number, and if someone fails to login after 50 tries it should be pretty obvious that it's a machine trying to login in and very likely a brute force attack.
190 #
191 # In order to enable this field your model MUST have a failed_login_count (integer) field.
192 #
193 # If you don't know what a brute force attack is, it's when a machine tries to login into a system using every combination of character possible. Thus resulting
194 # in possibly millions of attempts to log into an account.
195 #
196 # * <tt>Default:</tt> 50
197 # * <tt>Accepts:</tt> Integer, set to 0 to disable
198 def consecutive_failed_logins_limit(value = nil)
199 if value.nil?
200 read_inheritable_attribute(:consecutive_failed_logins_limit) || consecutive_failed_logins_limit(50)
201 else
202 write_inheritable_attribute(:consecutive_failed_logins_limit, value)
203 end
204 end
205 alias_method :logout_on_timeout=, :logout_on_timeout
206
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 207 def not_active_message(value = nil) # :nodoc:
208 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 209 end
210 alias_method :not_active_message=, :not_active_message
211
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 212 def not_approved_message(value = nil) # :nodoc:
213 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 214 end
215 alias_method :not_approved_message=, :not_approved_message
216
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 217 def not_confirmed_message(value = nil) # :nodoc:
218 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 219 end
220 alias_method :not_confirmed_message=, :not_confirmed_message
221
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 222 # Works exactly like cookie_key, but for params. So a user can login via params just like a cookie or a session. Your URL would look like:
1d38644c » binarylogic 2008-11-10 Added last_request_at_thres... 223 #
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 224 # http://www.domain.com?user_credentials=my_single_access_key
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 225 #
226 # You can change the "user_credentials" key above with this configuration option. Keep in mind, just like cookie_key, if you supply an id
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 227 # the id will be appended to the front. Check out cookie_key for more details. Also checkout the "Single Access / Private Feeds Access" section in the README.
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 228 #
229 # * <tt>Default:</tt> cookie_key
230 # * <tt>Accepts:</tt> String
231 def params_key(value = nil)
232 if value.nil?
233 read_inheritable_attribute(:params_key) || params_key(cookie_key)
234 else
235 write_inheritable_attribute(:params_key, value)
236 end
237 end
238 alias_method :params_key=, :params_key
239
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 240 def password_blank_message(value = nil) # :nodoc:
241 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 242 end
243 alias_method :password_blank_message=, :password_blank_message
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 244
1b98335c » binarylogic 2008-10-24 Initial commit 245 # Works exactly like login_field, but for the password instead.
246 #
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 247 # * <tt>Default:</tt> :password
1b98335c » binarylogic 2008-10-24 Initial commit 248 # * <tt>Accepts:</tt> Symbol or String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 249 def password_field(value = nil)
250 if value.nil?
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 251 read_inheritable_attribute(:password_field) || password_field(:password)
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 252 else
253 write_inheritable_attribute(:password_field, value)
254 end
1b98335c » binarylogic 2008-10-24 Initial commit 255 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 256 alias_method :password_field=, :password_field
1b98335c » binarylogic 2008-10-24 Initial commit 257
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 258 def password_invalid_message(value = nil) # :nodoc:
259 new_i18n_error
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 260 end
261 alias_method :password_invalid_message=, :password_invalid_message
262
30986081 » binarylogic 2008-10-30 Added remember_me oncfig op... 263 # If sessions should be remembered by default or not.
264 #
265 # * <tt>Default:</tt> false
266 # * <tt>Accepts:</tt> Boolean
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 267 def remember_me(value = nil)
268 if value.nil?
269 read_inheritable_attribute(:remember_me)
270 else
271 write_inheritable_attribute(:remember_me, value)
272 end
30986081 » binarylogic 2008-10-30 Added remember_me oncfig op... 273 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 274 alias_method :remember_me=, :remember_me
30986081 » binarylogic 2008-10-30 Added remember_me oncfig op... 275
1b98335c » binarylogic 2008-10-24 Initial commit 276 # The length of time until the cookie expires.
277 #
278 # * <tt>Default:</tt> 3.months
279 # * <tt>Accepts:</tt> Integer, length of time in seconds, such as 60 or 3.months
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 280 def remember_me_for(value = :_read)
281 if value == :_read
282 read_inheritable_attribute(:remember_me_for) || remember_me_for(3.months)
283 else
284 write_inheritable_attribute(:remember_me_for, value)
285 end
1b98335c » binarylogic 2008-10-24 Initial commit 286 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 287 alias_method :remember_me_for=, :remember_me_for
1b98335c » binarylogic 2008-10-24 Initial commit 288
289 # Works exactly like cookie_key, but for sessions. See cookie_key for more info.
290 #
f97f8908 » binarylogic 2008-10-27 Sessions now store the reme... 291 # * <tt>Default:</tt> cookie_key
1b98335c » binarylogic 2008-10-24 Initial commit 292 # * <tt>Accepts:</tt> Symbol or String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 293 def session_key(value = nil)
294 if value.nil?
295 read_inheritable_attribute(:session_key) || session_key(cookie_key)
296 else
297 write_inheritable_attribute(:session_key, value)
298 end
1b98335c » binarylogic 2008-10-24 Initial commit 299 end
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 300 alias_method :session_key=, :session_key
1b98335c » binarylogic 2008-10-24 Initial commit 301
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 302 # Authentication is allowed via a single access token, but maybe this is something you don't want for your application as a whole. Maybe this is something you only want for specific request types.
303 # Specify a list of allowed request types and single access authentication will only be allowed for the ones you specify. Checkout the "Single Access / Private Feeds Access" section in the README.
304 #
305 # * <tt>Default:</tt> "application/rss+xml", "application/atom+xml"
b47ab480 » binarylogic 2009-01-03 Fixed bug when passing :all... 306 # * <tt>Accepts:</tt> String of request type, or :all to allow single access authentication for any and all request types
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 307 def single_access_allowed_request_types(*values)
308 if values.blank?
309 read_inheritable_attribute(:single_access_allowed_request_types) || single_access_allowed_request_types("application/rss+xml", "application/atom+xml")
310 else
311 write_inheritable_attribute(:single_access_allowed_request_types, values)
312 end
313 end
314 alias_method :single_access_allowed_request_types=, :single_access_allowed_request_types
315
1b98335c » binarylogic 2008-10-24 Initial commit 316 # The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password.
317 #
318 # * <tt>Default:</tt> "valid_#{password_field}?"
319 # * <tt>Accepts:</tt> Symbol or String
38b6e9b8 » binarylogic 2008-11-02 Require abstract_adapter.rb 320 def verify_password_method(value = nil)
321 if value.nil?
322 read_inheritable_attribute(:verify_password_method) || verify_password_method("valid_#{password_field}?")
323 else
324 write_inheritable_attribute(:verify_password_method, value)
325 end
326 end
327 alias_method :verify_password_method=, :verify_password_method
7717a1b8 » binarylogic 2009-01-28 Released v1.4.0. A new I18n... 328
329 private
330 def new_i18n_error
331 raise NotImplementedError.new("As of v 1.4.0 Authlogic implements a new I18n solution that is much cleaner and easier. Please see Authlogic::I18n for more information on how to provide internationalization in Authlogic.")
332 end
1b98335c » binarylogic 2008-10-24 Initial commit 333 end
334
335 module InstanceMethods # :nodoc:
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 336 def change_single_access_token_with_password?
337 self.class.change_single_access_token_with_password == true
338 end
339
40c611c1 » binarylogic 2009-02-10 Added brute force protectio... 340 def consecutive_failed_logins_limit
341 self.class.consecutive_failed_logins_limit
342 end
343
1b98335c » binarylogic 2008-10-24 Initial commit 344 def cookie_key
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 345 build_key(self.class.cookie_key)
1b98335c » binarylogic 2008-10-24 Initial commit 346 end
347
1f74ab91 » binarylogic 2008-12-24 Added disable_magic_states ... 348 def disable_magic_states?
349 self.class.disable_magic_states == true
350 end
351
1b98335c » binarylogic 2008-10-24 Initial commit 352 def find_by_login_method
353 self.class.find_by_login_method
354 end
43e849c6 » binarylogic 2008-11-02 Released v0.10.4 355
356 def find_with
357 self.class.find_with
358 end
1d38644c » binarylogic 2008-11-10 Added last_request_at_thres... 359
360 def last_request_at_threshold
361 self.class.last_request_at_threshold
362 end
1b98335c » binarylogic 2008-10-24 Initial commit 363
364 def login_field
365 self.class.login_field
366 end
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 367
69f2c2b6 » binarylogic 2009-01-08 Add a logout_on_timeout con... Comment 368 def logout_on_timeout?
369 self.class.logout_on_timeout == true
370 end
371
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 372 def params_allowed_request_types
373 build_key(self.class.params_allowed_request_types)
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 374 end
375
376 def params_key
377 build_key(self.class.params_key)
378 end
1b98335c » binarylogic 2008-10-24 Initial commit 379
380 def password_field
381 self.class.password_field
382 end
383
4caccd0b » binarylogic 2008-11-19 Released 1.2.1 384 def perishable_token_field
385 klass.acts_as_authentic_config[:perishable_token_field]
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 386 end
387
1b98335c » binarylogic 2008-10-24 Initial commit 388 def remember_me_for
35f14baf » binarylogic 2008-10-27 Released v0.10.0 389 return unless remember_me?
1b98335c » binarylogic 2008-10-24 Initial commit 390 self.class.remember_me_for
391 end
392
4caccd0b » binarylogic 2008-11-19 Released 1.2.1 393 def persistence_token_field
394 klass.acts_as_authentic_config[:persistence_token_field]
1b98335c » binarylogic 2008-10-24 Initial commit 395 end
396
397 def session_key
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 398 build_key(self.class.session_key)
1b98335c » binarylogic 2008-10-24 Initial commit 399 end
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 400
401 def single_access_token_field
dbd8b8f5 » binarylogic 2008-11-16 Release v1.2.0 Comment 402 klass.acts_as_authentic_config[:single_access_token_field]
ebdebfa9 » binarylogic 2008-11-13 Released v1.1.1 403 end
404
405 def single_access_allowed_request_types
406 self.class.single_access_allowed_request_types
407 end
1b98335c » binarylogic 2008-10-24 Initial commit 408
409 def verify_password_method
410 self.class.verify_password_method
411 end
b83abcac » binarylogic 2008-11-12 Added in authentication by ... 412
413 private
414 def build_key(last_part)
415 key_parts = [id, scope[:id], last_part].compact
416 key_parts.join("_")
417 end
1b98335c » binarylogic 2008-10-24 Initial commit 418 end
419 end
420 end
421 end