lib/merbful_authentication/controller/sessions_base.rb lib/merbful_authentication/controller/users_base.rb lib/merbful_authentication/slicetasks.rb spec/controllers/plugins/test_plugin.rb stubs/app/controllers/application.rb stubs/app/controllers/main.rb @@ -2,29 +2,6 @@ class MerbfulAuthentication::Sessions < MerbfulAuthentication::Application skip_before :login_required - def new - render - end - def create - self.current_ma_user = MA[:user].authenticate(params[:email], params[:password]) - if logged_in? - if params[:remember_me] == "1" - self.current_ma_user.remember_me - expires = Time.parse(self.current_ma_user.remember_token_expires_at.to_s) - cookies[:auth_token] = { :value => self.current_ma_user.remember_token , :expires => expires } - end - redirect_back_or_default('/') - else - render :new - end - end - - def destroy - self.current_ma_user.forget_me if logged_in? - cookies.delete :auth_token - session.delete - redirect_back_or_default('/') - end end \ No newline at end of file app/controllers/sessions.rb @@ -1,39 +1,2 @@ class MerbfulAuthentication::Users < MerbfulAuthentication::Application - provides :xml - - skip_before :login_required - - def new - only_provides :html - @ivar = MA[:user].new(params[:user] || {}) - set_ivar - display @ivar - end - - def create - cookies.delete :auth_token - - @ivar = MA[:user].new(params[:user]) - set_ivar - if @ivar.save - redirect_back_or_default('/') - else - render :new - end - end - - def activate - self.current_ma_user = MA[:user].find_with_conditions(:activation_code => params[:activation_code]) - if logged_in? && !current_ma_user.activated? - Merb.logger.info "Activated #{current_ma_user}" - current_ma_user.activate - end - redirect_back_or_default('/') - end - - private - def set_ivar - instance_variable_set("@#{MA[:single_user_name]}", @ivar) - end - end \ No newline at end of file app/controllers/users.rb @@ -4,4 +4,4 @@ Your account has been created. Visit this url to activate your account: - <%= url(MA[:routes][:activate], :activation_code => @ivar.activation_code) %> \ No newline at end of file + <%= url(MA[:routes][:user][:activate], :activation_code => @ivar.activation_code) %> \ No newline at end of file app/mailers/views/user_mailer/signup.text.erb @@ -4,19 +4,18 @@ if defined?(Merb::Plugins) require 'merb-mailer' require 'merb_helpers' - require File.join(File.dirname(__FILE__), "merbful_authentication", "initializer") + load File.join(File.dirname(__FILE__), "merbful_authentication", "initializer.rb") Dir[File.dirname(__FILE__) / "merbful_authentication" / "controller" / "**" / "*.rb"].each do |f| - require f + load f end adapter_path = File.join( File.dirname(__FILE__), "merbful_authentication", "adapters") + load File.join(adapter_path, "common.rb") MA = MerbfulAuthentication MA.register_adapter :datamapper, "#{adapter_path}/datamapper" MA.register_adapter :activerecord, "#{adapter_path}/activerecord" - - require File.join(adapter_path, "common") Merb::Plugins.add_rakefiles "merbful_authentication/merbtasks" @@ -35,6 +34,11 @@ if defined?(Merb::Plugins) # All Slice code is expected to be namespaced inside a module module MerbfulAuthentication + + + def self.plugins + @@plugins ||= {} + end # Slice metadata self.description = "MerbfulAuthentication is a Merb slice that provides authentication" @@ -47,12 +51,19 @@ if defined?(Merb::Plugins) # Loads the model class into MerbfulAuthentication[:user] for use elsewhere. def self.loaded MA.load_adapter! - Merb::Controller.send(:include, MA::ControllerMixin) + + Merb::Controller.send(:include, MA::Controller::Helpers) + # sends the methoods to the controllers as an include so that other mixins can + # overwrite them + MA::Users.send( :include, MA::Controller::UsersBase) + MA::Sessions.send( :include, MA::Controller::SessionsBase) + Merb::Controller.class_eval do alias_method :"current_#{MA[:single_user_name]}", :current_ma_user alias_method :"current_#{MA[:single_user_name]}=", :"current_ma_user=" - end + end + MA.load_plugins! end # Initialization hook - runs before AfterAppLoads BootLoader @@ -85,13 +96,13 @@ if defined?(Merb::Plugins) activation_name = (MA[:single_resource].to_s << "_activation").to_sym - MA[:routes] = {} - MA[:routes][:new] = :"new_#{single_model_name}" - MA[:routes][:show] = :"#{single_model_name}" - MA[:routes][:edit] = :"edit_#{single_model_name}" - MA[:routes][:delete] = :"delete_#{single_model_name}" - MA[:routes][:index] = :"#{plural_model_path}" - MA[:routes][:activate] = :"#{single_model_name}_activation" + MA[:routes] = {:user => {}} + MA[:routes][:user][:new] = :"new_#{single_model_name}" + MA[:routes][:user][:show] = :"#{single_model_name}" + MA[:routes][:user][:edit] = :"edit_#{single_model_name}" + MA[:routes][:user][:delete] = :"delete_#{single_model_name}" + MA[:routes][:user][:index] = :"#{plural_model_path}" + MA[:routes][:user][:activate] = :"#{single_model_name}_activation" # Setup the model path scope.to(:controller => "Users") do |c| lib/merbful_authentication.rb @@ -1,111 +1,113 @@ module MerbfulAuthentication - module ControllerMixin - protected - # Returns true or false if the user is logged in. - # Preloads @current_user with the user model if they're logged in. - def logged_in? - !!current_ma_user - end + module Controller + module Helpers + protected + # Returns true or false if the user is logged in. + # Preloads @current_user with the user model if they're logged in. + def logged_in? + !!current_ma_user + end - # Accesses the current user from the session. Set it to :false if login fails - # so that future calls do not hit the database. - def current_ma_user - @current_ma_user ||= (login_from_session || login_from_basic_auth || login_from_cookie || false) - end + # Accesses the current user from the session. Set it to :false if login fails + # so that future calls do not hit the database. + def current_ma_user + @current_ma_user ||= (login_from_session || login_from_basic_auth || login_from_cookie || false) + end - # Store the given user in the session. - def current_ma_user=(new_user) - session[:user] = (!new_user || !new_user.kind_of?(User)) ? nil : new_user.id - @current_ma_user = new_user - end + # Store the given user in the session. + def current_ma_user=(new_user) + session[:user] = (!new_user || !new_user.kind_of?(User)) ? nil : new_user.id + @current_ma_user = new_user + end - # Check if the user is authorized - # - # Override this method in your controllers if you want to restrict access - # to only a few actions or if you want to check if the user - # has the correct rights. - # - # Example: - # - # # only allow nonbobs - # def authorized? - # current_user.login != "bob" - # end - def authorized? - logged_in? - end + # Check if the user is authorized + # + # Override this method in your controllers if you want to restrict access + # to only a few actions or if you want to check if the user + # has the correct rights. + # + # Example: + # + # # only allow nonbobs + # def authorized? + # current_user.login != "bob" + # end + def authorized? + logged_in? + end - # Filter method to enforce a login requirement. - # - # To require logins for all actions, use this in your controllers: - # - # before_filter :login_required - # - # To require logins for specific actions, use this in your controllers: - # - # before_filter :login_required, :only => [ :edit, :update ] - # - # To skip this in a subclassed controller: - # - # skip_before_filter :login_required - # - def login_required - authorized? || throw(:halt, :access_denied) - end + # Filter method to enforce a login requirement. + # + # To require logins for all actions, use this in your controllers: + # + # before_filter :login_required + # + # To require logins for specific actions, use this in your controllers: + # + # before_filter :login_required, :only => [ :edit, :update ] + # + # To skip this in a subclassed controller: + # + # skip_before_filter :login_required + # + def login_required + authorized? || throw(:halt, :access_denied) + end - # Redirect as appropriate when an access request fails. - # - # The default action is to redirect to the login screen. - # - # Override this method in your controllers if you want to have special - # behavior in case the user is not authorized - # to access the requested action. For example, a popup window might - # simply close itself. - def access_denied - case content_type - when :html - store_location - redirect url(:login) - when :xml - basic_authentication.request + # Redirect as appropriate when an access request fails. + # + # The default action is to redirect to the login screen. + # + # Override this method in your controllers if you want to have special + # behavior in case the user is not authorized + # to access the requested action. For example, a popup window might + # simply close itself. + def access_denied + case content_type + when :html + store_location + redirect url(:login) + when :xml + basic_authentication.request + end end - end - # Store the URI of the current request in the session. - # - # We can return to this location by calling #redirect_back_or_default. - def store_location - session[:return_to] = request.uri - end + # Store the URI of the current request in the session. + # + # We can return to this location by calling #redirect_back_or_default. + def store_location + session[:return_to] = request.uri + end - # Redirect to the URI stored by the most recent store_location call or - # to the passed default. - def redirect_back_or_default(default) - loc = session[:return_to] || default - session[:return_to] = nil - redirect loc - end + # Redirect to the URI stored by the most recent store_location call or + # to the passed default. + def redirect_back_or_default(default) + loc = session[:return_to] || default + session[:return_to] = nil + redirect loc + end - # Called from #current_user. First attempt to login by the user id stored in the session. - def login_from_session - self.current_user = MA[:user].find_with_conditions(:id => session[:user]) if session[:user] - end + # Called from #current_user. First attempt to login by the user id stored in the session. + def login_from_session + self.current_user = MA[:user].find_with_conditions(:id => session[:user]) if session[:user] + end - # Called from #current_user. Now, attempt to login by basic authentication information. - def login_from_basic_auth - basic_authentication.authenticate do |email, password| - self.current_ma_user = MA[:user].authenticate(email, password) + # Called from #current_user. Now, attempt to login by basic authentication information. + def login_from_basic_auth + basic_authentication.authenticate do |email, password| + self.current_ma_user = MA[:user].authenticate(email, password) + end end - end - # Called from #current_user. Finaly, attempt to login by an expiring token in the cookie. - def login_from_cookie - user = cookies[:auth_token] && MA[:user].find_with_conditions(:remember_token => cookies[:auth_token]) - if user && user.remember_token? - user.remember_me - cookies[:auth_token] = { :value => user.remember_token, :expires => Time.parse(user.remember_token_expires_at.to_s) } - self.current_ma_user = user + # Called from #current_user. Finaly, attempt to login by an expiring token in the cookie. + def login_from_cookie + user = cookies[:auth_token] && MA[:user].find_with_conditions(:remember_token => cookies[:auth_token]) + if user && user.remember_token? + user.remember_me + cookies[:auth_token] = { :value => user.remember_token, :expires => Time.parse(user.remember_token_expires_at.to_s) } + self.current_ma_user = user + end end - end - end # Controller + end # Helpers + end# Controllers end # MerbfulAuthentication \ No newline at end of file lib/merbful_authentication/controller/controller.rb @@ -38,4 +38,11 @@ module MerbfulAuthentication end end + def self.load_plugins! + self.plugins.each do |label, file| + Merb.logger.info "Loading MerbfulAuthentication Plugin - #{label}" + load file + end + end + end \ No newline at end of file lib/merbful_authentication/initializer.rb @@ -7,9 +7,7 @@ namespace :slices do task :install => [:preflight, :setup_directories, :copy_assets, :migrate] desc "Test for any dependencies" - task :preflight do - # implement this to test for structural/code dependencies - # like certain directories or availability of other files + task :preflight do # see slicetasks.rb end desc "Setup directories" @@ -25,6 +23,18 @@ namespace :slices do end end end + + desc "Copy stub files to host application" + task :stubs do + puts "Copying stubs for MerbfulAuthentication - resolves any collisions" + copied, preserved = MerbfulAuthentication.mirror_stubs! + puts "- no files to copy" if copied.empty? && preserved.empty? + copied.each { |f| puts "- copied #{f}" } + preserved.each { |f| puts "! preserved override as #{f}" } + end + + desc "Copy stub files and views to host application" + task :patch => [ "stubs", "freeze:views" ] desc "Copy public assets to host application" task :copy_assets do @@ -36,8 +46,7 @@ namespace :slices do end desc "Migrate the database" - task :migrate do - # implement this to perform any database related setup steps + task :migrate do # see slicetasks.rb end desc "Freeze MerbfulAuthentication into your app (only merbful_authentication/app)" lib/merbful_authentication/merbtasks.rb @@ -107,6 +107,37 @@ describe MerbfulAuthentication do end + describe "controller Plugin loading" do + + def add_test_plugin! + MA.plugins["Tester"] = File.join(File.dirname(__FILE__), "controllers", "plugins", "test_plugin.rb") + end + + before(:each) do + reload_ma! + end + + after(:all) do + reload_ma! + end + + it "should allow for registration" do + defined?(MA::Controller::Tester).should be_nil + reload_ma!("User"){ add_test_plugin!} + defined?(MA::Controller::Tester).should_not be_nil + MA::Users.should include(MA::Controller::Tester) + end + + it "should overwrite the new method" do + Object.class_eval("class User; include MerbfulAuthentication::Adapter::DataMapper; end") + controller = dispatch_to(MA::Users, :new) + controller.body.should_not == "NEW TEST" + reload_ma!("User"){ add_test_plugin!} + controller = dispatch_to(MA::Users, :new) + controller.body.should == "NEW TEST" + end + end + end describe "MerbfulAuthentication (module)" do spec/merbful_authentication_spec.rb @@ -76,4 +76,22 @@ Spec::Runner.configure do |config| end +# GLobal helpers for merbful_authentication +def reload_ma!(create_class = nil) + Object.class_eval do + remove_const("User") if defined?(User) + remove_const("MA") if defined?(MA) + remove_const("MerbfulAuthentication") + end + load File.join(File.dirname(__FILE__), "..", "lib", "merbful_authentication.rb") + register_datamapper! + stub_orm_scope + yield if block_given? + MA.load_slice + MA[:user] = nil + MA.loaded + Object.class_eval("class #{create_class}; include MerbfulAuthentication::Adapter::DataMapper; end") unless create_class.nil? +end + + spec/spec_helper.rb c0568444db81320e2dba08395a0477501c0c8c81 Daniel Neighman has.sox@gmail.com http://github.com/hassox/merbful_authentication/commit/d0f8c6d881ca762486c3daabdd65fa824197082d d0f8c6d881ca762486c3daabdd65fa824197082d 2008-06-02T06:53:55-07:00 2008-06-02T06:53:55-07:00 Adds specs and methods to support controller plugins f69302b359e0c3b36f64eedd48b4af621c1c0f26 Daniel Neighman has.sox@gmail.com