rails/init.rb @@ -1,6 +1,8 @@ -== 1.0.4 +== 1.0.4 released 2009-5-14 * Only authenticate with OpenID for models when a block is passed. +* Check for the existence of an openid_identifier field before including the model. Allowing this library to only be activated when present. +* Change required_field and optional_fields to openid_required_field and openid_optional_fields == 1.0.3 released 2009-4-3 CHANGELOG.rdoc @@ -74,7 +74,7 @@ That's it! The rest is taken care of for you. == Redirecting from the models? -If you are interested, I explain myself below. Regardless, you don't have to use this library. As you saw in the setup instructions, this library leverages the open_id_authentication rails plugin. You can EASILY use this in your controllers and do your traditional OpenID authentication yourself. After the user has been authenticated just do this: +If you are interested, I explain myself below. Regardless, if you don't feel comfortable with the organization of the logic,you can easily do this using the traditional method. As you saw in the setup instructions, this library leverages the open_id_authentication rails plugin. After the user has been authenticated just do this: UserSession.create(@user) @@ -82,11 +82,11 @@ It's that simple. For more information there is a great OpenID tutorial at: http Now, here are my thoughts on the subject: -You are probably thinking: "Ben, you can't handle controller responsibilities in models". I agree with you on that comment, but my personal opinion is that these are not controller responsibilities. The fact that OpenID authentication requires a redirect should not effect the location of the logic / code. It's all part of the authentication process, which is the entire purpose of this library. The logic that handles this process should be in it's own domain, which is the definition of the "M" in MVC. The "M" doesn't have to just be a data access layer, it's a place for domain logic. +You are probably thinking: "Ben, you can't handle controller responsibilities in models". I agree with you on that comment, but my personal opinion is that these are not controller responsibilities. The fact that OpenID authentication requires a redirect should not effect the location of the logic / code. It's all part of the authentication process, which is the entire purpose of this library. This library is not one big module of code, its a collection of modules that all deal with OpenID authentication. These modules get included wherever it makes sense. That's the whole idea behind modules. To group common logic. -What if you wanted to authenticate with OpenID in multiple controllers in your application? You would probably pull out the common code into a module and include it in the respective controllers. Even better, you might create a class that elegantly handles this process and then place it in your lib directory. That's exactly what this is. +Let's take a step back and look at the traditional method of OpenID authentication in rails. What if you wanted to authenticate with OpenID in multiple controllers in your application (Ex: registration and loggin in)? You would probably pull out the common code into a module and include it in the respective controllers. Even better, you might create a class that elegantly handles this process and then place it in your lib directory. Then, if you really wanted to be slick, you might take it another step further and have your models trigger this class during certain actions. Then what do we have? This exact library, that's exactly what this is. -The last thing I will leave you with, to get you thinking, is... where do sweepers lie in the MVC pattern? +The last thing I will leave you with, to get you thinking, is... where do sweepers lie in the MVC pattern? Without this, things like caching would be extremely difficult. There is a big difference between misplacing code / logic, and organizing logic into a separate module and hooking it in using the API provided by your models. Especially when the logic needs to be triggered by actions invoked on models. Regardless, if I still haven't convinced you, I hope this library is of some benefit to you. At the very least an example of how to extend Authlogic. README.rdoc @@ -1 +1 @@ -require "authlogic_openid" +require File.dirname(__FILE__) + "/rails/init.rb" \ No newline at end of file init.rb @@ -22,24 +22,26 @@ module AuthlogicOpenid # # * <tt>Default:</tt> [] # * <tt>Accepts:</tt> Array of symbols - def required_fields(value = nil) - config(:required_fields, value, []) + def openid_required_fields(value = nil) + rw_config(:openid_required_fields, value, []) end - alias_method :required_fields=, :required_fields + alias_method :openid_required_fields=, :openid_required_fields # Same as required_fields, but optional instead. # # * <tt>Default:</tt> [] # * <tt>Accepts:</tt> Array of symbols - def optional_fields(value = nil) - config(:optional_fields, value, []) + def openid_optional_fields(value = nil) + rw_config(:openid_optional_fields, value, []) end - alias_method :optional_fields=, :optional_fields + alias_method :openid_optional_fields=, :openid_optional_fields end module Methods # Set up some simple validations def self.included(klass) + return if !klass.column_names.include?("openid_identifier") + klass.class_eval do validates_uniqueness_of :openid_identifier, :scope => validations_scope, :if => :using_openid? validate :validate_openid @@ -86,8 +88,8 @@ module AuthlogicOpenid end options = {} - options[:required] = self.class.required_fields - options[:optional] = self.class.optional_fields + options[:required] = self.class.openid_required_fields + options[:optional] = self.class.openid_optional_fields options[:return_to] = session_class.controller.url_for(:for_model => "1") session_class.controller.send(:authenticate_with_open_id, openid_identifier, options) do |result, openid_identifier, registration| @@ -124,7 +126,7 @@ module AuthlogicOpenid # more just override this method and do whatever you want. def attributes_to_save # :doc: attrs_to_save = attributes.clone.delete_if do |k, v| - [:password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count, + [:id, :password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count, :failed_login_count, :last_request_at, :current_login_at, :last_login_at, :current_login_ip, :last_login_ip, :created_at, :updated_at, :lock_version].include?(k.to_sym) end @@ -148,7 +150,7 @@ module AuthlogicOpenid end def using_openid? - !openid_identifier.blank? + respond_to?(:openid_identifier) && !openid_identifier.blank? end def openid_complete? lib/authlogic_openid/acts_as_authentic.rb @@ -25,7 +25,7 @@ module AuthlogicOpenid # * <tt>Default:</tt> :find_by_openid_identifier # * <tt>Accepts:</tt> Symbol def find_by_openid_identifier_method(value = nil) - config(:find_by_openid_identifier_method, value, :find_by_openid_identifier) + rw_config(:find_by_openid_identifier_method, value, :find_by_openid_identifier) end alias_method :find_by_openid_identifier_method=, :find_by_openid_identifier_method end @@ -72,12 +72,15 @@ module AuthlogicOpenid end def validate_by_openid - controller.send(:authenticate_with_open_id, openid_identifier, :return_to => controller.url_for(:for_session => "1")) do |result, openid_identifier| + self.remember_me = controller.params[:remember_me] == "true" if controller.params.key?(:remember_me) + controller.send(:authenticate_with_open_id, openid_identifier, :return_to => controller.url_for(:for_session => "1", :remember_me => remember_me?)) do |result, openid_identifier| if result.unsuccessful? errors.add_to_base(result.message) return end + raise "#{openid_identifier.inspect} ::: #{controller.params["openid.claimed_id"]}" + self.attempted_record = klass.send(find_by_openid_identifier_method, openid_identifier) if !attempted_record lib/authlogic_openid/session.rb @@ -41,7 +41,7 @@ module AuthlogicOpenid MAJOR = 1 MINOR = 0 - TINY = 3 + TINY = 4 # The current version as a Version instance CURRENT = new(MAJOR, MINOR, TINY) lib/authlogic_openid/version.rb @@ -45,11 +45,11 @@ end require "active_record/fixtures" require "openid" +Rails = true # to trick authlogic into loading the rails adapter require File.dirname(__FILE__) + "/../../authlogic/lib/authlogic" require File.dirname(__FILE__) + "/../../authlogic/lib/authlogic/test_case" -require File.dirname(__FILE__) + "/libs/rails_trickery" +#require File.dirname(__FILE__) + "/libs/rails_trickery" require File.dirname(__FILE__) + '/libs/open_id_authentication/lib/open_id_authentication' -ActionController.send(:include, OpenIdAuthentication) require File.dirname(__FILE__) + '/../lib/authlogic_openid' unless defined?(AuthlogicOpenid) require File.dirname(__FILE__) + '/libs/user' require File.dirname(__FILE__) + '/libs/user_session' @@ -69,7 +69,7 @@ class ActiveSupport::TestCase end def controller - @controller ||= Authlogic::TestCase::ControllerAdapter.new(ActionController.new) + @controller ||= Authlogic::ControllerAdapters::RailsAdapter.new(ActionController.new) end def redirecting_to_yahoo? test/test_helper.rb 77def850a71128d049b1e06ec29e2509ac764c31 binarylogic bjohnson@binarylogic.com http://github.com/binarylogic/authlogic_openid/commit/8a8c7729cf5590636892535167a86fffd40650b4 8a8c7729cf5590636892535167a86fffd40650b4 2009-05-21T11:39:51-07:00 2009-05-21T11:39:51-07:00 Change from using config to the new rw_config. Requires the latest version of authlogic. config was too general of a name and was causing conflicts for people in their own projects. 742f3bb75ff5a92cfa5f17359b011d30569f86c5 binarylogic bjohnson@binarylogic.com