Permalink
Browse files

Completed extraction of remember to password gem

  • Loading branch information...
1 parent 5ac6dc6 commit 3c73e76083c00b862bb4b1e1dfc667123587a76b @bcardarella bcardarella committed Dec 2, 2012
@@ -1,46 +1,3 @@
module EasyAuthHelper
- def self.included(base)
- base.class_eval do
- helper_method :current_account, :current_user, :account_signed_in?, :user_signed_in?, :account_not_signed_in?, :user_not_signed_in?
- end
- end
-
- # Access the current account the users is authenticated with
- #
- # @return [Account] instance
- def current_account
- if session[:session_token] && session[:account_class]
- begin
- @current_account ||= session[:account_class].constantize.find_by_session_token(session[:session_token])
- rescue
- @current_account = nil
- session.delete(:session_token)
- end
- elsif cookies[:remember_token]
- begin
- @current_account ||= EasyAuth.identity_model.find_by_remember_token(cookies[:remember_token]).account
- rescue
- @current_acount = nil
- cookies.delete(:remember_token)
- end
- else
- session.delete(:session_token)
- cookies.delete(:remember_token)
- end
-
- @current_account
- end
- alias :current_user :current_account
-
- # Should be used to test if user is authenticated
- def account_signed_in?
- current_account
- end
- alias :user_signed_in? :account_signed_in?
-
- # Should be used to test if user is not authenticated
- def account_not_signed_in?
- !account_signed_in?
- end
- alias :user_not_signed_in? :account_not_signed_in?
+ include EasyAuth::Helpers::EasyAuth
end
@@ -5,18 +5,10 @@ def change
t.string :token
t.string :account_type
t.integer :account_id
- t.string :reset_token
- t.string :remember_token
t.string :type
t.timestamps
end
- [:username, :reset_token, :remember_token].each do |column|
- add_index :identities, column
- end
-
- # modify this table name if you are using a model other than User
- # for the account
- add_column :users, :session_token, :string
+ add_index :identities, :username
end
end
View
@@ -7,6 +7,7 @@ module EasyAuth
extend ActiveSupport::Autoload
autoload :Controllers
+ autoload :Helpers
autoload :Mailers
autoload :Models
autoload :ReverseConcern
@@ -6,53 +6,47 @@ def new
end
def create
- if identity = EasyAuth.authenticate(self)
- identity.set_account_session(session)
- set_remember(identity)
- if identity.remember
- cookies[:remember_token] = { :value => identity.generate_remember_token!, :expires => identity.remember_time.from_now }
- end
- after_successful_sign_in(identity)
+ if @identity = EasyAuth.authenticate(self)
+ session[:identity_id] = @identity.id
+ after_successful_sign_in
else
@identity = EasyAuth.find_identity_model(params).new(params[params[:identity]])
- after_failed_sign_in(@identity)
+ after_failed_sign_in
end
end
def destroy
- session.delete(:session_token)
- session.delete(:account_class)
- cookies.delete(:remember_token)
+ session.delete(:identity_id)
after_sign_out
end
private
- def after_with_or_default(method_name, identity)
- send("#{method_name}_with_#{params[:identity]}", identity) || send("#{method_name}_default", identity)
+ def after_with_or_default(method_name)
+ send("#{method_name}_with_#{params[:identity]}") || send("#{method_name}_default")
end
- def after_successful_sign_in(identity)
- after_with_or_default(__method__, identity)
+ def after_successful_sign_in
+ after_with_or_default(__method__)
end
- def after_successful_sign_in_url(identity)
- after_with_or_default(__method__, identity)
+ def after_successful_sign_in_url
+ after_with_or_default(__method__)
end
- def after_failed_sign_in(identity)
- after_with_or_default(__method__, identity)
+ def after_failed_sign_in
+ after_with_or_default(__method__)
end
- def after_successful_sign_in_default(identity)
- redirect_to(session.delete(:requested_path) || after_successful_sign_in_url(identity), :notice => I18n.t('easy_auth.sessions.create.notice'))
+ def after_successful_sign_in_default
+ redirect_to(session.delete(:requested_path) || after_successful_sign_in_url, :notice => I18n.t('easy_auth.sessions.create.notice'))
end
- def after_successful_sign_in_url_default(identity)
- identity.account
+ def after_successful_sign_in_url_default
+ @identity.account
end
- def after_failed_sign_in_default(identity)
+ def after_failed_sign_in_default
flash.now[:error] = I18n.t('easy_auth.sessions.create.error')
render :new
end
@@ -77,10 +71,4 @@ def method_missing(method_name, *args)
super
end
end
-
- def set_remember(identity)
- if identity_attributes = params[ActiveModel::Naming.param_key(EasyAuth.find_identity_model(params).new)]
- identity.remember = identity_attributes[:remember]
- end
- end
end
@@ -0,0 +1,4 @@
+module EasyAuth::Helpers
+ extend ActiveSupport::Autoload
+ autoload :EasyAuth
+end
@@ -0,0 +1,48 @@
+module EasyAuth::Helpers::EasyAuth
+ extend EasyAuth::ReverseConcern
+
+ def self.included(base)
+ base.class_eval do
+ def self.included(base)
+ base.class_eval do
+ helper_method :current_account, :current_user, :account_signed_in?, :user_signed_in?, :account_not_signed_in?, :user_not_signed_in?
+ end
+ end
+ end
+ end
+
+ # Access the current account the users is authenticated with
+ #
+ # @return [Account] instance
+ def current_account
+ if session[:identity_id]
+ begin
+ @current_account ||= EasyAuth.identity_model.find(session[:identity_id]).account
+ rescue ActiveRecord::RecordNotFound
+ @current_account = nil
+ delete_session_data
+ end
+ end
+
+ @current_account
+ end
+ alias :current_user :current_account
+
+ # Should be used to test if user is authenticated
+ def account_signed_in?
+ current_account
+ end
+ alias :user_signed_in? :account_signed_in?
+
+ # Should be used to test if user is not authenticated
+ def account_not_signed_in?
+ !account_signed_in?
+ end
+ alias :user_not_signed_in? :account_not_signed_in?
+
+ private
+
+ def delete_session_data
+ session.delete(:identity_id)
+ end
+end
@@ -33,20 +33,4 @@ def identity_username_attribute
end
end
end
-
- # Generates a new session token and updates the record
- #
- # @return [String]
- def generate_session_token!
- self.update_column(:session_token, _generate_token(:session))
- self.session_token
- end
-
- # Used to set the session for the authenticated account
- #
- # @param [Rack::Session::Abstract::SessionHash] session controller session
- def set_session(session)
- session[:session_token] = generate_session_token!
- session[:account_class] = self.class.to_s
- end
end
@@ -1,5 +1,4 @@
module EasyAuth::Models::Identity
- include EasyAuth::TokenGenerator
include EasyAuth::ReverseConcern
def self.included(base)
@@ -24,40 +23,4 @@ def new_session(controller)
controller.instance_variable_set(:@identity, self.new)
end
end
-
- # Sets the session for the association account
- #
- # @param [Rack::Session::Abstract::SessionHash] session controller session
- def set_account_session(session)
- account.set_session(session)
- end
-
- # Getter for the remember flag
- def remember
- @remember
- end
-
- # Setter for the remember flag
- #
- # @param [Boolean] value
- def remember=(value)
- @remember = ::ActiveRecord::ConnectionAdapters::Column.value_to_boolean(value)
- end
-
- # Generates a new remember token and updates it on the identity record
- #
- # @return [String]
- def generate_remember_token!
- update_column(:remember_token, _generate_token(:remember))
- remember_token
- end
-
- # The time used for remembering how long to stay signed in
- #
- # Defaults to 1 year, override in the model to set your own custom remember time
- #
- # @return [DateTime]
- def remember_time
- 1.year
- end
end
@@ -2,6 +2,6 @@ module EasyAuth::TokenGenerator
private
def _generate_token(type)
- token = BCrypt::Password.create("#{id}-#{type}_token-#{DateTime.current}")
+ token = Digest::SHA2.hexdigest("#{id}-#{type}_token-#{DateTime.current}")
end
end
@@ -1,9 +0,0 @@
-module CookieJar
- def cookies
- Capybara.current_session.driver.browser.current_session.instance_variable_get(:@rack_mock_session).cookie_jar
- end
-end
-
-RSpec.configure do |config|
- config.include CookieJar, :type => :request
-end
@@ -3,7 +3,7 @@ class SessionsController < ApplicationController
private
- def after_successful_sign_in_url(identity)
+ def after_successful_sign_in_url
main_app.dashboard_url
end
end
@@ -1,7 +1,3 @@
<%= form_for @identity, :url => sign_in_path do |f| %>
- <p>
- <%= f.label :remember, "Remember for #{@identity.remember_time.inspect}" %>
- <%= f.check_box :remember %>
- </p>
<%= f.submit 'Sign in' %>
<% end %>
@@ -2,8 +2,6 @@ class CreateUsers < ActiveRecord::Migration
def change
create_table :users do |t|
t.string :email
- t.string :session_token
-
t.timestamps
end
end
@@ -18,22 +18,17 @@
t.string "token"
t.string "account_type"
t.integer "account_id"
- t.string "reset_token"
- t.string "remember_token"
t.string "type"
- t.datetime "created_at", :null => false
- t.datetime "updated_at", :null => false
+ t.datetime "created_at", :null => false
+ t.datetime "updated_at", :null => false
end
- add_index "identities", ["remember_token"], :name => "index_identities_on_remember_token"
- add_index "identities", ["reset_token"], :name => "index_identities_on_reset_token"
add_index "identities", ["username"], :name => "index_identities_on_username"
create_table "users", :force => true do |t|
t.string "email"
- t.string "session_token"
- t.datetime "created_at", :null => false
- t.datetime "updated_at", :null => false
+ t.datetime "created_at", :null => false
+ t.datetime "updated_at", :null => false
end
end
@@ -72,14 +72,4 @@ class TestUser; end
end
end
end
-
- describe '#generate_session_token!' do
- it 'sets a unique session token' do
- user = create(:user)
- user.session_token.should be_nil
- user.generate_session_token!
- user = User.last
- user.session_token.should_not be_nil
- end
- end
end
Oops, something went wrong.

0 comments on commit 3c73e76

Please sign in to comment.