0
@@ -90,8 +90,9 @@ class User < ActiveRecord::Base
0
     crypted_password.nil? or not password.blank?
0
   end
0
 
0
+  public
0
   # If you're going to use activation, uncomment this too
0
-  #def make_activation_code
0
-  #  self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split('//').sort_by {rand}.join )
0
-  #end
0
+  def make_activation_code
0
+    self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split('//').sort_by {rand}.join )
0
+  end
0
 end

0
@@ -14,6 +14,7 @@ module AuthenticatedSystem
0
   # 
0
   def current_user
0
     @current_user ||= session[:user] ? User.find_by_id(session[:user]) : nil
0
+    @current_user ||= cookies[:user] ? User.find(:first, :conditions => ['activation_code = ? and activated_at is null', cookies[:user]]) : nil
0
   end
0
 
0
   # store the given user in the session.  overwrite this to set how
0
@@ -25,6 +26,10 @@ module AuthenticatedSystem
0
   # 
0
   def current_user=(new_user)
0
     session[:user] = new_user.nil? ? nil : new_user.id
0
+    cookies[:user] = { 
0
+        :value   => new_user ? new_user.make_activation_code : '', 
0
+        :expires => new_user ? 2.weeks.from_now              : 2.weeks.ago
0
+    }
0
     @current_user = new_user
0
   end
0
 

0
@@ -1,7 +1,17 @@
0
 module AuthenticatedTestHelper
0
   # Sets the current user in the session from the user fixtures.
0
   def login_as(user)
0
-    @request.session[:user] = users(user).id
0
+    @request.session[:user] = user ? users(user).id : nil
0
+  end
0
+
0
+  def login_with_cookie_as(user)
0
+    @request.cookies['user'] = user ? CGI::Cookie.new( 
0
+      'name'   => 'user',
0
+      'value'   => users(user).activation_code,
0
+      'expires' => 2.weeks.from_now,
0
+      'path'    => '/',
0
+      'domain'  => 'example.com'
0
+    ) : nil
0
   end
0
 
0
   # Assert the block redirects to the login

0
@@ -4,7 +4,7 @@ quentin:
0
   email: quentin@example.com
0
   salt: 62a636a58d0648eadf7410aa2e4444866174c96e
0
   crypted_password: be61f3ff72492591afe5081857a8ff17a85b21f9 # quentin
0
-  #crypted_password: "ce2/iFrNtQ8=\n" # quentin, use only if you're using 2-way encryption
0
+  activation_code: quentinscode # only if you're activating new signups
0
   created_at: <%= 5.days.ago.to_s :db %>
0
   # activated_at: <%= 5.days.ago.to_s :db %> # only if you're activating new signups
0
 arthur:
0
@@ -13,5 +13,5 @@ arthur:
0
   email: arthur@example.com
0
   salt: 55bc51360864c82dcd7ff4bcfec56a8d8e79e751
0
   crypted_password: 37ba966058c6f39162e5b537adb516af91cd1fe6 # arthur
0
-  # activation_code: arthurscode # only if you're activating new signups
0
+  activation_code: arthurscode # only if you're activating new signups
0
   created_at: <%= 1.days.ago.to_s :db %>
0
\ No newline at end of file

0
@@ -20,12 +20,14 @@ class AccountControllerTest < Test::Unit::TestCase
0
   def test_should_login_and_redirect
0
     post :login, :login => 'quentin', :password => 'quentin'
0
     assert session[:user]
0
+    assert cookies['user']
0
     assert_response :redirect
0
   end
0
 
0
   def test_should_fail_login_and_not_redirect
0
     post :login, :login => 'quentin', :password => 'bad password'
0
     assert_nil session[:user]
0
+    assert_equal [], cookies['user']
0
     assert_response :success
0
   end
0
 

0
@@ -14,6 +14,18 @@ class Admin::ArticlesControllerTest < Test::Unit::TestCase
0
     login_as :quentin
0
   end
0
 
0
+  def test_should_require_login
0
+    login_as nil
0
+    get :index
0
+    assert_redirected_to :controller => 'account', :action => 'login'
0
+  end
0
+
0
+  def test_should_accept_cookie_login
0
+    login_with_cookie_as :quentin
0
+    get :index
0
+    assert_response :success
0
+  end
0
+
0
   def test_should_show_articles
0
     get :index
0
     assert_equal 6, assigns(:articles).length