@@ -2,13 +2,10 @@ class <%= migration_name %> < ActiveRecord::Migration def self.up create_table "<%= table_name %>", :force => true do |t| # Identity - t.string :login, :limit => 40 + t.string :identifier, :limit => 40 t.string :name, :limit => 100, :default => '', :null => true t.string :email, :limit => 100 t.timestamps - # for Authentication::ByPassword - t.string :crypted_password, :limit => 40 - t.string :salt, :limit => 40 # for Authentication::ByCookieToken t.string :remember_token, :limit => 40 t.datetime :remember_token_expires_at generators/authenticated/templates/migration.rb @@ -15,13 +15,14 @@ class SessionsController < ApplicationController def create logout_keeping_session! begin - login_by_password! params[:login], params[:password] + #this might be a hack to get an exception thrown but it works for now + become_logged_in_as current_user rescue Exception => error handle_login_error error else # success! remember_me_flag = (params[:remember_me] == "1") handle_remember_cookie! remember_me_flag - flash[:notice] = "Welcome, #{current_user.login}" + flash[:notice] = "Welcome, #{current_user.identifier}" redirect_back_or_default('/') end end generators/authenticated/templates/sessions_controller.rb @@ -1,13 +1,14 @@ class <%= class_name %> < ActiveRecord::Base - security_components :security_policy, - :trustification => [:email_verification], - :identity => [:password, :cookie_token, :simple_roles,] + # This is not enabled you must add :password to identity to use password authentication + # security_components :security_policy, + # :trustification => [], + # :identity => [:password, :cookie_token, :simple_roles] # Validation constants are in config/initializers/rest_auth_config.rb - validates_presence_of :login - validates_length_of :login, :within => 3..40 - validates_uniqueness_of :login, :case_sensitive => false - validates_format_of :login, :with => RE_LOGIN_OK, :message => MSG_LOGIN_BAD + validates_presence_of :identifier + validates_length_of :identifier, :within => 3..40 + validates_uniqueness_of :identifier, :case_sensitive => false + validates_format_of :identifier, :with => RE_LOGIN_OK, :message => MSG_LOGIN_BAD validates_length_of :name, :maximum => 100 validates_format_of :name, :with => RE_NAME_OK, :message => MSG_NAME_BAD, :allow_nil => true @@ -19,6 +20,6 @@ class <%= class_name %> < ActiveRecord::Base # prevents a visitor from submitting a crafted form that bypasses activation # anything else you want your visitor to change should be added here. - attr_accessible :login, :email, :name + attr_accessible :identifier, :email, :name end generators/authenticated/templates/user.rb @@ -3,8 +3,8 @@ <%%= error_messages_for :<%= model_name %> %> <%% form_for :<%= model_name %>, :url => <%= model_controller_routing_name %>_path do |f| -%> -<p><label for="login">Login</label><br/> -<%%= f.text_field :login %></p> +<p><label for="identifier">Identifier</label><br/> +<%%= f.text_field :identifier %></p> <p><label for="email">Email</label><br/> <%%= f.text_field :email %></p> generators/authenticated/templates/views/signup.html.erb @@ -8,3 +8,7 @@ end # FIXME -- this is crap require 'pathname' $REST_AUTH_DIR = Pathname.new(File.dirname(__FILE__)).realpath + +p "awesome sauce" + +#require "vendor/plugins/youser_authentication/generators/authenticated/authenticated_generator" \ No newline at end of file init.rb @@ -12,6 +12,12 @@ protected user = User.authenticate_by_password login, password become_logged_in_as! user end + + #Log in using params + #this was created to abstract the login_by_password! call because not all logins are password based + def login_from_params + login_by_password!(params[:login], params[:password]) if params[:login] && params[:password] + end # # Called from #current_user, attempts to login by basic authentication. @@ -22,8 +28,9 @@ protected end end # hooks into login chain at lower priority - def try_login_chain_with_basic_auth - try_login_chain_without_basic_auth || login_from_basic_auth + def try_login_chain_with_password + p "hi there again" + try_login_chain_without_password || login_from_params || login_from_basic_auth end # @@ -32,7 +39,7 @@ protected def self.included recipient # Filters :password and :password_confirmation recipient.filter_parameter_logging :password if recipient.respond_to? :filter_parameter_logging - recipient.alias_method_chain :try_login_chain, :basic_auth unless recipient.instance_methods.include? 'try_login_chain_without_basic_auth' + recipient.alias_method_chain :try_login_chain, :password unless recipient.instance_methods.include? 'try_login_chain_without_password' end end @@ -44,17 +51,29 @@ module Identity::Password # puts "#{recipient}: including Authentication::ByPassword" recipient.extend( ClassMethods ) recipient.class_eval do - attr_accessible :password, :password_confirmation + attr_accessible :password, :password_confirmation, :login # Virtual attribute for the unencrypted password - attr_accessor :password - validates_presence_of :password, :if => :password_validation_required? - validates_presence_of :password_confirmation, :if => :password_validation_required? - validates_confirmation_of :password, :if => :password_validation_required? - validates_length_of :password, :within => 6..40, :if => :password_validation_required? + attr_accessor :password, :password_confirmation + before_validation :set_login + #validates_presence_of :login, :if => :password_validation_required? + #validates_presence_of :password, :if => :password_validation_required? + #validates_presence_of :password_confirmation, :if => :password_validation_required? + #validates_confirmation_of :password, :if => :password_validation_required? + #validates_length_of :password, :within => 6..40, :if => :password_validation_required? before_save :encrypt_password end end - + + #ensures that the login field is set to what it should be + def set_login + self.login = login_field + end + + #override this in your model if you want to use something other than identity (i.e email) + def login_field + identifier + end + # Does this password match the user's? def password_valid?(plaintext) crypted_password == encrypt(plaintext) lib/authentication/by_password.rb ebad734f7fa6f9882335c4c0a49279314c77da7d Steve Martocci smartocci@gmail.com http://github.com/smartocci/modulr-authentication/commit/0fd56099b06b0d32ee1746e8b5becbde3ba371ab 0fd56099b06b0d32ee1746e8b5becbde3ba371ab 2008-08-12T16:40:37-07:00 2008-08-12T16:40:37-07:00 updated temploates for password generation split a4b2adf2a806246c3431f1f6db839f8868efb14b Steve Martocci smartocci@gmail.com