test_app/app/models/account.rb test_app/db/migrate/20081101190907_create_accounts.rb test_app/test/fixtures/accounts.yml test_app/test/integration/user_session_config_test.rb test_app/test/unit/account_test.rb @@ -1,3 +1,8 @@ +== 0.10.4 released 2008-10-31 + +* Changed configuration to use inheritable attributes +* Cleaned up requires to be in their proper files + == 0.10.3 released 2008-10-31 * Instead of raising an error when extra fields are passed in credentials=, just ignore them. CHANGELOG.rdoc @@ -1,6 +1,6 @@ -require "digest/sha2" require File.dirname(__FILE__) + "/authgasm/version" +require File.dirname(__FILE__) + "/authgasm/controller_adapters/abstract_adapter" require File.dirname(__FILE__) + "/authgasm/controller_adapters/rails_adapter" if defined?(Rails) require File.dirname(__FILE__) + "/authgasm/sha512_crypto_provider" lib/authgasm.rb @@ -45,6 +45,7 @@ module Authgasm # * <tt>crypted_password_field:</tt> default: depends on which columns are present, checks: crypted_password, encrypted_password, password_hash, pw_hash, if none are present defaults to crypted_password. This is the name of column that your encrypted password is stored. # * <tt>password_salt_field:</tt> default: depends on which columns are present, checks: password_salt, pw_salt, salt, if none are present defaults to password_salt. This is the name of the field your salt is stored, only relevant for a hash crypto provider. # * <tt>remember_token_field:</tt> default: options[:session_class].remember_token_field, the name of the field your remember token is stored. What the cookie stores so the session can be "remembered" + # * <tt>scope:</tt> default: nil, if all of your users belong to an account you might want to scope everything to the account. Just pass :account_id # * <tt>logged_in_timeout:</tt> default: 10.minutes, this allows you to specify a time the determines if a user is logged in or out. Useful if you want to count how many users are currently logged in. # * <tt>session_ids:</tt> default: [nil], the sessions that we want to automatically reset when a user is created or updated so you don't have to worry about this. Set to [] to disable. Should be an array of ids. See Authgasm::Session::Base#initialize for information on ids. The order is important. The first id should be your main session, the session they need to log into first. This is generally nil, meaning so explicitly set id. def acts_as_authentic(options = {}) @@ -84,7 +85,7 @@ module Authgasm validates_format_of options[:login_field], :with => /\A\w[\w\.\-_@]+\z/, :message => "use only letters, numbers, and .-_@ please." end - validates_uniqueness_of options[:login_field] + validates_uniqueness_of options[:login_field], :scope => options[:scope] validates_uniqueness_of options[:remember_token_field] validate :validate_password validates_numericality_of :login_count, :only_integer => :true, :greater_than_or_equal_to => 0, :allow_nil => true if column_names.include?("login_count") lib/authgasm/acts_as_authentic.rb @@ -18,7 +18,7 @@ module Authgasm # or you can set your configuration in the session class directly: # # class UserSession < Authgasm::Session::Base - # self.authenticate_with = User + # authenticate_with User # # ... more configuration # end # @@ -28,25 +28,17 @@ module Authgasm # # * <tt>Default:</tt> inferred from the class name. UserSession would automatically try User # * <tt>Accepts:</tt> an ActiveRecord class - def authenticate_with=(klass) + def authenticate_with(klass) @klass_name = klass.name @klass = klass end + alias_method :authenticate_with=, :authenticate_with # Convenience method that lets you easily set configuration, see examples above def configure yield self end - # The authentication credentials are stored in a cookie as: user#{cookie_separator}crypted_password. - # - # * <tt>Default:</tt> ":::" - # * <tt>Accepts:</tt> String - def cookie_separator - @cookie_separator ||= ":::" - end - attr_writer :cookie_separator - # The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems. # Also, if a id is set it will be inserted into the beginning of the string. Exmaple: # @@ -55,10 +47,14 @@ module Authgasm # # * <tt>Default:</tt> "#{klass_name.underscore}_credentials" # * <tt>Accepts:</tt> String - def cookie_key - @cookie_key ||= "#{klass_name.underscore}_credentials" + def cookie_key(value = nil) + if value.nil? + read_inheritable_attribute(:cookie_key) || cookie_key("#{klass_name.underscore}_credentials") + else + write_inheritable_attribute(:cookie_key, value) + end end - attr_writer :cookie_key + alias_method :cookie_key=, :cookie_key # The name of the method used to find the record by the login. What's nifty about this is that you can do anything in your method, Authgasm will just pass you the login. # @@ -70,19 +66,28 @@ module Authgasm # # * <tt>Default:</tt> "find_by_#{login_field}" # * <tt>Accepts:</tt> Symbol or String - def find_by_login_method - @find_by_login_method ||= "find_by_#{login_field}" + def find_by_login_method(value = nil) + if value.nil? + read_inheritable_attribute(:find_by_login_method) || find_by_login_method("find_by_#{login_field}") + else + write_inheritable_attribute(:find_by_login_method, value) + end end - attr_writer :find_by_login_method + alias_method :find_by_login_method=, :find_by_login_method # Calling UserSession.find tries to find the user session by session, then cookie, then basic http auth. This option allows you to change the order or remove any of these. # # * <tt>Default:</tt> [:session, :cookie, :http_auth] # * <tt>Accepts:</tt> Array, and can only use any of the 3 options above - def find_with - @find_with ||= [:session, :cookie, :http_auth] + def find_with(*values) + if values.blank? + read_inheritable_attribute(:find_with) || find_with(:session, :cookie, :http_auth) + else + values.flatten! + write_inheritable_array(:find_with, values) + end end - attr_writer :find_with + alias_method :find_with=, :find_with # The name of the method you want Authgasm to create for storing the login / username. Keep in mind this is just for your Authgasm::Session, if you want it can be something completely different # than the field in your model. So if you wanted people to login with a field called "login" and then find users by email this is compeltely doable. See the find_by_login_method configuration option for @@ -90,42 +95,53 @@ module Authgasm # # * <tt>Default:</tt> Guesses based on the model columns, tries login, username, and email. If none are present it defaults to login # * <tt>Accepts:</tt> Symbol or String - def login_field - @login_field ||= (klass.column_names.include?("login") && :login) || (klass.column_names.include?("username") && :username) || (klass.column_names.include?("email") && :email) || :login + def login_field(value = nil) + if value.nil? + read_inheritable_attribute(:login_field) || login_field((klass.column_names.include?("login") && :login) || (klass.column_names.include?("username") && :username) || (klass.column_names.include?("email") && :email) || :login) + else + write_inheritable_attribute(:login_field, value) + end end - attr_writer :login_field + alias_method :login_field=, :login_field # Works exactly like login_field, but for the password instead. # # * <tt>Default:</tt> Guesses based on the model columns, tries password and pass. If none are present it defaults to password # * <tt>Accepts:</tt> Symbol or String - def password_field - @password_field ||= (klass.column_names.include?("password") && :password) || (klass.column_names.include?("pass") && :pass) || :password + def password_field(value = nil) + if value.nil? + read_inheritable_attribute(:password_field) || password_field((klass.column_names.include?("password") && :password) || (klass.column_names.include?("pass") && :pass) || :password) + else + write_inheritable_attribute(:password_field, value) + end end - attr_writer :password_field + alias_method :password_field=, :password_field # If sessions should be remembered by default or not. # # * <tt>Default:</tt> false # * <tt>Accepts:</tt> Boolean - def remember_me - @remember_me + def remember_me(value = nil) + if value.nil? + read_inheritable_attribute(:remember_me) + else + write_inheritable_attribute(:remember_me, value) + end end - attr_writer :remember_me + alias_method :remember_me=, :remember_me # The length of time until the cookie expires. # # * <tt>Default:</tt> 3.months # * <tt>Accepts:</tt> Integer, length of time in seconds, such as 60 or 3.months - def remember_me_for - return @remember_me_for if @set_remember_me_for - @remember_me_for ||= 3.months - end - - def remember_me_for=(value) # :nodoc: - @set_remember_me_for = true - @remember_me_for = value + def remember_me_for(value = :_read) + if value == :_read + read_inheritable_attribute(:remember_me_for) || remember_me_for(3.months) + else + write_inheritable_attribute(:remember_me_for, value) + end end + alias_method :remember_me_for=, :remember_me_for # The name of the field that the remember token is stored. This is for cookies. Let's say you set up your app and want all users to be remembered for 6 months. Then you realize that might be a little too # long. Well they already have a cookie set to expire in 6 months. Without a token you would have to reset their password, which obviously isn't feasible. So instead of messing with their password @@ -133,33 +149,47 @@ module Authgasm # # * <tt>Default:</tt> Guesses based on the model columns, tries remember_token, remember_key, cookie_token, and cookie_key. If none are present it defaults to remember_token # * <tt>Accepts:</tt> Symbol or String - def remember_token_field - @remember_token_field ||= - (klass.column_names.include?("remember_token") && :remember_token) || - (klass.column_names.include?("remember_key") && :remember_key) || - (klass.column_names.include?("cookie_token") && :cookie_token) || - (klass.column_names.include?("cookie_key") && :cookie_key) || - :remember_token - end - attr_writer :remember_token_field + def remember_token_field(value = nil) + if value.nil? + read_inheritable_attribute(:remember_token_field) || + remember_token_field( + (klass.column_names.include?("remember_token") && :remember_token) || + (klass.column_names.include?("remember_key") && :remember_key) || + (klass.column_names.include?("cookie_token") && :cookie_token) || + (klass.column_names.include?("cookie_key") && :cookie_key) || + :remember_token + ) + else + write_inheritable_attribute(:remember_token_field, value) + end + end + alias_method :remember_token_field=, :remember_token_field # Works exactly like cookie_key, but for sessions. See cookie_key for more info. # # * <tt>Default:</tt> cookie_key # * <tt>Accepts:</tt> Symbol or String - def session_key - @session_key ||= cookie_key + def session_key(value = nil) + if value.nil? + read_inheritable_attribute(:session_key) || session_key(cookie_key) + else + write_inheritable_attribute(:session_key, value) + end end - attr_writer :session_key + alias_method :session_key=, :session_key # The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password. # # * <tt>Default:</tt> "valid_#{password_field}?" # * <tt>Accepts:</tt> Symbol or String - def verify_password_method - @verify_password_method ||= "valid_#{password_field}?" - end - attr_writer :verify_password_method + def verify_password_method(value = nil) + if value.nil? + read_inheritable_attribute(:verify_password_method) || verify_password_method("valid_#{password_field}?") + else + write_inheritable_attribute(:verify_password_method, value) + end + end + alias_method :verify_password_method=, :verify_password_method end module InstanceMethods # :nodoc: lib/authgasm/session/config.rb @@ -1,3 +1,5 @@ +require "digest/sha2" + module Authgasm # = Sha512 Crypto Provider # lib/authgasm/sha512_crypto_provider.rb @@ -1,3 +1,4 @@ class User < ActiveRecord::Base acts_as_authentic + belongs_to :account end test_app/app/models/user.rb @@ -1,3 +1,3 @@ class UserSession < Authgasm::Session::Base - self.remember_me = true + remember_me true end \ No newline at end of file test_app/app/models/user_session.rb @@ -2,6 +2,7 @@ class CreateUsers < ActiveRecord::Migration def self.up create_table :users do |t| t.timestamps + t.integer :account_id, :null => false t.string :login, :null => false t.string :crypted_password t.string :password_salt test_app/db/migrate/20081023040052_create_users.rb @@ -1,5 +1,6 @@ ben: id: 1 + account_id: 1 login: bjohnson password_salt: <%= salt = User.unique_token %> crypted_password: <%= Authgasm::Sha512CryptoProvider.encrypt("benrocks" + salt) %> @@ -9,6 +10,7 @@ ben: zack: id: 2 + account_id: 2 login: zham password_salt: <%= salt = User.unique_token %> crypted_password: <%= Authgasm::Sha512CryptoProvider.encrypt("zackrocks" + salt) %> test_app/test/fixtures/users.yml @@ -14,7 +14,7 @@ class UserSessionStoriesTest < ActionController::IntegrationTest assert_template "users/new" # Register successfully - post account_url, {:user => {:login => "binarylogic", :password => "pass", :confirm_password => "pass", :first_name => "Ben", :last_name => "Johnson"}} + post account_url, {:user => {:account_id => 1, :login => "binarylogic", :password => "pass", :confirm_password => "pass", :first_name => "Ben", :last_name => "Johnson"}} assert_redirected_to account_url assert flash.key?(:notice) test_app/test/integration/user_sesion_stories_test.rb @@ -156,6 +156,6 @@ class UserSessionTest < ActionController::IntegrationTest end def test_save - # tested thoroughly in stories + # tested thoroughly in stories and in create above end end \ No newline at end of file test_app/test/integration/user_session_test.rb @@ -3,40 +3,14 @@ require File.expand_path(File.dirname(__FILE__) + "/../config/environment") require 'test_help' class Test::Unit::TestCase - # Transactional fixtures accelerate your tests by wrapping each test method - # in a transaction that's rolled back on completion. This ensures that the - # test database remains unchanged so your fixtures don't have to be reloaded - # between every test method. Fewer database queries means faster tests. - # - # Read Mike Clark's excellent walkthrough at - # http://clarkware.com/cgi/blosxom/2005/10/24#Rails10FastTesting - # - # Every Active Record database supports transactions except MyISAM tables - # in MySQL. Turn off transactional fixtures in this case; however, if you - # don't care one way or the other, switching from MyISAM to InnoDB tables - # is recommended. - # - # The only drawback to using transactional fixtures is when you actually - # need to test transactions. Since your test is bracketed by a transaction, - # any transactions started in your code will be automatically rolled back. self.use_transactional_fixtures = true - - # Instantiated fixtures are slow, but give you @david where otherwise you - # would need people(:david). If you don't want to migrate your existing - # test cases which use the @david style and don't mind the speed hit (each - # instantiated fixtures translates to a database query per test method), - # then set this back to true. self.use_instantiated_fixtures = false - - # Setup all fixtures in test/fixtures/*.(yml|csv) for all tests in alphabetical order. - # - # Note: You'll currently still have to declare fixtures explicitly in integration tests - # -- they do not yet inherit this setting fixtures :all end class ActionController::IntegrationTest def setup + #UserSession.reset_inheritable_attributes get new_user_session_url # to active authgasm end test_app/test/test_helper.rb ec0eb78eeedc927b47fa04c112a4416c2e874a6f binarylogic bjohnson@binarylogic.com http://github.com/binarylogic/authlogic/commit/38b6e9b8697fbd052db7be4667cafd093d94aaa4 38b6e9b8697fbd052db7be4667cafd093d94aaa4 2008-11-02T10:54:07-08:00 2008-11-02T10:54:07-08:00 Require abstract_adapter.rb b119f7e4c4b5aed811fca9d852e2156af9bde2db binarylogic bjohnson@binarylogic.com