Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Released v1.3.0 (see changelog for compatibility issues)

  • Loading branch information...
commit 4c310edda848801f0fb257f5a406418025d45935 1 parent a15093e
@binarylogic binarylogic authored
View
7 CHANGELOG.rdoc
@@ -1,3 +1,10 @@
+== 1.3.0 released 2008-11-20
+
+* BREAKS BACKWARDS COMPATIBILITY: changed the confirm_password field to password_confirmation for acts_as_authentic, since the rails validates_confirmation_of handles creating this attribute.
+* BREAKS BACKWARDS COMPATIBILITY: Cleaned up all of the validation configuration for acts_as_authentic, as well as the documentation that goes with it, you can accomplish the same things as before, but this is much more flexible and much more organized.
+* Got rid of simple delegator for the abstract controller, apparently this has performance issues.
+* Cleaned up validations to assume ActiveRecord dirty attributes are present, I think this is a safe assumption.
+
== 1.2.2 released 2008-11-20
* Added allow_blank_login_and_password_field and allow_blank_email_field options to acts_as_authentic, which allows you to have alternative logins, such as OpenID
View
1  Manifest
@@ -21,7 +21,6 @@ lib/authlogic/session/callbacks.rb
lib/authlogic/session/config.rb
lib/authlogic/session/cookies.rb
lib/authlogic/session/errors.rb
-lib/authlogic/session/openid.rb
lib/authlogic/session/params.rb
lib/authlogic/session/perishability.rb
lib/authlogic/session/scopes.rb
View
2  README.rdoc
@@ -74,7 +74,7 @@ Authlogic makes this a reality. This is just the tip of the ice berg. Keep readi
* <b>Tutorial: Authlogic basic setup:</b> http://www.binarylogic.com/2008/11/3/tutorial-authlogic-basic-setup
* <b>Tutorial: Reset passwords with Authlogic the RESTful way:</b> http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic
* <b>Tutorial: Using OpenID with Authlogic:</b> http://www.binarylogic.com/2008/11/21/tutorial-using-openid-with-authlogic
-* <b>Live example of the setup tutorial above (with source):</b> http://authlogic_example.binarylogic.com
+* <b>Live example of the setup tutorial above (with source):</b> http://authlogicexample.binarylogic.com
* <b>Bugs / feature suggestions:</b> http://binarylogic.lighthouseapp.com/projects/18752-authlogic
== Install and use
View
32 lib/authlogic/controller_adapters/abstract_adapter.rb
@@ -1,10 +1,17 @@
module Authlogic
module ControllerAdapters # :nodoc:
# = Abstract Adapter
+ #
# Allows you to use Authlogic in any framework you want, not just rails. See tha RailsAdapter for an example of how to adapter Authlogic to work with your framework.
- class AbstractAdapter < SimpleDelegator
+ class AbstractAdapter
+ attr_accessor :controller
+
+ def initialize(controller)
+ self.controller = controller
+ end
+
def authenticate_with_http_basic(&block)
- @auth = Rack::Auth::Basic::Request.new(__getobj__.request.env)
+ @auth = Rack::Auth::Basic::Request.new(controller.request.env)
if @auth.provided? and @auth.basic?
block.call(*@auth.credentials)
else
@@ -12,9 +19,30 @@ def authenticate_with_http_basic(&block)
end
end
+ def cookies
+ controller.cookies
+ end
+
+ def params
+ controller.params
+ end
+
+ def request
+ controller.request
+ end
+
def request_content_type
request.content_type
end
+
+ def session
+ controller.session
+ end
+
+ private
+ def method_missing(id, *args, &block)
+ controller.send(id, *args, &block)
+ end
end
end
end
View
4 lib/authlogic/controller_adapters/rails_adapter.rb
@@ -5,11 +5,11 @@ module ControllerAdapters
# provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
class RailsAdapter < AbstractAdapter
def authenticate_with_http_basic(&block)
- __getobj__.authenticate_with_http_basic(&block)
+ controller.authenticate_with_http_basic(&block)
end
def cookies
- __getobj__.send(:cookies)
+ controller.send(:cookies)
end
def request_content_type
View
166 lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb
@@ -14,7 +14,7 @@ module ActsAsAuthentic
#
# * <tt>acts_as_authentic_config</tt> - returns a hash of the acts_as_authentic configuration, including the defaults
#
- # === Options
+ # === General Options
#
# * <tt>session_class</tt> - default: "#{name}Session",
# This is the related session class. A lot of the configuration will be based off of the configuration values of this class.
@@ -22,9 +22,6 @@ module ActsAsAuthentic
# * <tt>crypto_provider</tt> - default: Authlogic::CryptoProviders::Sha512,
# This is the class that provides your encryption. By default Authlogic provides its own crypto provider that uses Sha512 encrypton.
#
- # * <tt>validate_fields</tt> - default: true,
- # Tells Authlogic if it should validate ANY of the fields: login_field, email_field, and password_field. If set to false, no validations will be set for any of these fields.
- #
# * <tt>login_field</tt> - default: :login, :username, or :email, depending on which column is present, if none are present defaults to :login
# The name of the field used for logging in. Only specify if you aren't using any of the defaults.
#
@@ -32,56 +29,24 @@ module ActsAsAuthentic
# Tells authlogic how to validation the field, what regex to use, etc. If the field name is email it will automatically use :email,
# otherwise it uses :login.
#
- # * <tt>validate_login_field</tt> - default: true,
- # Tells authlogic if it should validate the :login_field. If set to false, no validations will be set for this field at all.
- #
- # * <tt>login_field_regex</tt> - default: if :login_field_type is :email then typical email regex, otherwise typical login regex.
- # This is used in validates_format_of for the :login_field.
- #
- # * <tt>login_field_regex_failed_message</tt> - the message to use when the validates_format_of for the login field fails. This depends on if you are
- # performing :email or :login regex.
+ # * <tt>password_field</tt> - default: :password,
+ # This is the name of the field to set the password, *NOT* the field the encrypted password is stored. Defaults the what the configuration
+ #
+ # * <tt>crypted_password_field</tt> - default: :crypted_password, :encrypted_password, :password_hash, :pw_hash, depends on which columns are present, if none are present defaults to nil
+ # The name of the database field where your encrypted password is stored.
#
- # * <tt>allow_blank_login_and_password_fields</tt> - default: false,
- # Tells authlogic if it should allow blank values for the login and password. This is useful is you provide alternate authentication methods, such as OpenID.
+ # * <tt>password_salt_field</tt> - default: :password_salt, :pw_salt, or :salt, depending on which column is present, defaults to :password_salt if none are present,
+ # This is the name of the field in your database that stores your password salt.
#
# * <tt>email_field</tt> - default: :email, depending on if it is present, if :email is not present defaults to nil
# The name of the field used to store the email address. Only specify this if you arent using this as your :login_field.
- #
- # * <tt>validate_email_field</tt> - default: true,
- # Tells Authlogic if it should validate the email field. If set to false, no validations will be set for this field at all.
- #
- # * <tt>email_field_regex</tt> - default: type email regex
- # This is used in validates_format_of for the :email_field.
- #
- # * <tt>email_field_regex_failed_message</tt> - the message to use when the validates_format_of for the email field fails.
- #
- # * <tt>allow_blank_email_field</tt> - default: false,
- # Tells Authlogic if it should allow blank values for the email address.
- #
- # * <tt>change_single_access_token_with_password</tt> - default: false,
- # When a user changes their password do you want the single access token to change as well? That's what this configuration option is all about.
#
# * <tt>single_access_token_field</tt> - default: :single_access_token, :feed_token, or :feeds_token, depending on which column is present, if none are present defaults to nil
# This is the name of the field to login with single access, mainly used for private feed access. Only specify if the name of the field is different
# then the defaults. See the "Single Access" section in the README for more details on how single access works.
#
- # * <tt>password_field</tt> - default: :password,
- # This is the name of the field to set the password, *NOT* the field the encrypted password is stored. Defaults the what the configuration
- #
- # * <tt>validate_password_field</tt> - default: :password,
- # Tells authlogic if it should validate the :password_field. If set to false, no validations will be set for this field at all.
- #
- # * <tt>password_blank_message</tt> - default: "can not be blank",
- # The error message used when the password is left blank.
- #
- # * <tt>confirm_password_did_not_match_message</tt> - default: "did not match",
- # The error message used when the confirm password does not match the password
- #
- # * <tt>crypted_password_field</tt> - default: :crypted_password, :encrypted_password, :password_hash, :pw_hash, depends on which columns are present, if none are present defaults to nil
- # The name of the database field where your encrypted password is stored.
- #
- # * <tt>password_salt_field</tt> - default: :password_salt, :pw_salt, or :salt, depending on which column is present, defaults to :password_salt if none are present,
- # This is the name of the field in your database that stores your password salt.
+ # * <tt>change_single_access_token_with_password</tt> - default: false,
+ # When a user changes their password do you want the single access token to change as well? That's what this configuration option is all about.
#
# * <tt>perishable_token_field</tt> - default: :perishable_token, :password_reset_token, :pw_reset_token, :reset_password_token, or :reset_pw_token, depending on which column is present, if none are present defaults to nil
# This is the name of the field in your database that stores your perishable token. The token you should use to confirm your users or allow a password reset. Authlogic takes care
@@ -98,9 +63,6 @@ module ActsAsAuthentic
# session. This way you have complete control of when sessions expire and you don't have to change passwords to expire sessions. This also
# ensures that stale sessions can not be persisted. By stale, I mean sessions that are logged in using an outdated password.
#
- # * <tt>scope</tt> - default: nil,
- # This scopes validations. If all of your users belong to an account you might want to scope everything to the account. Just pass :account_id
- #
# * <tt>logged_in_timeout</tt> - default: 10.minutes,
# This is a nifty feature to tell if a user is logged in or not. It's based on activity. So if the user in inactive longer than
# the value passed here they are assumed "logged out". This uses the last_request_at field, this field must be present for this option to take effect.
@@ -110,6 +72,60 @@ module ActsAsAuthentic
# Should be an array of ids. See the Authlogic::Session documentation for information on ids. The order is important.
# The first id should be your main session, the session they need to log into first. This is generally nil. When you don't specify an id
# in your session you are really just inexplicitly saying you want to use the id of nil.
+ #
+ # === Validation Options
+ #
+ # * <tt>validate_fields</tt> - default: true,
+ # Tells Authlogic if it should validate ANY of the fields: login_field, email_field, and password_field. If set to false, no validations will be set for any of these fields.
+ #
+ # * <tt>validate_login_field</tt> - default: true,
+ # Tells authlogic if it should validate the :login_field. If set to false, no validations will be set for this field at all.
+ #
+ # * <tt>validate_email_field</tt> - default: true,
+ # Tells Authlogic if it should validate the email field. If set to false, no validations will be set for this field at all.
+ #
+ # * <tt>validate_password_field</tt> - default: :password,
+ # Tells authlogic if it should validate the :password_field. If set to false, no validations will be set for this field at all.
+ #
+ # * <tt>scope</tt> - default: nil,
+ # This scopes validations. If all of your users belong to an account you might want to scope everything to the account. Just pass :account_id
+ #
+ # * <tt>validation_options</tt> - default: {},
+ # Options to pass to ALL validations. These are the options ActiveRecord supplies with their validation methods, see the ActiveRecord documentation for more details.
+ #
+ # * <tt>login_field_validation_options</tt> - default: {},
+ # The same as :validation_options but these are only applied to validations that pertain to the :login_field
+ #
+ # * <tt>login_field_validates_length_of_options</tt> - default: :login_field_type == :email ? {:within => 6..100} : {:within => 2..100},
+ # These options are applied to the validates_length_of call for the :login_field
+ #
+ # * <tt>login_field_validates_format_of_options</tt> - default: :login_field_type == :email ? {:with => standard_email_regex, :message => "should look like an email address."} : {:with => standard_login_regex, :message => "should use only letters, numbers, spaces, and .-_@ please."},
+ # These options are applied to the validates_format_of call for the :login_field
+ #
+ # * <tt>login_field_validates_uniqueness_of_options</tt> - default: {:allow_blank => true},
+ # These options are applied to the validates_uniqueness_of call for the :login_field, the :allow_blank => true just prevents the error message when you have options login fields
+ # such as an OpenID field. The other validations will make sure the field is not actaully blank.
+ #
+ # * <tt>password_field_validation_options</tt> - default: {},
+ # The same as :validation_options but these are only applied to validations that pertain to the :password_field
+ #
+ # * <tt>password_field_validates_presence_of_options</tt> - default: {:on => :create},
+ # These options are applied to the validates_presence_of call for the :password_field
+ #
+ # * <tt>login_field_validates_confirmation_of_options</tt> - default: {},
+ # These options are applied to the validates_confirmation_of call for the :password_field
+ #
+ # * <tt>email_field_validation_options</tt> - default: {},
+ # The same as :validation_options but these are only applied to validations that pertain to the :email_field
+ #
+ # * <tt>email_field_validates_length_of_options</tt> - default: same as :login_field if :login_field_type == :email,
+ # These options are applied to the validates_length_of call for the :email_field
+ #
+ # * <tt>email_field_validates_format_of_options</tt> - default: same as :login_field if :login_field_type == :email,
+ # These options are applied to the validates_format_of call for the :email_field
+ #
+ # * <tt>email_field_validates_uniqueness_of_options</tt> - default: same as :login_field if :login_field_type == :email,
+ # These options are applied to the validates_uniqueness_of call for the :email_field
module Config
def first_column_to_exist(*columns_to_check) # :nodoc:
columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }
@@ -124,39 +140,17 @@ def acts_as_authentic_with_config(options = {})
return
end
+ # Base configuration
options[:session_class] ||= "#{name}Session"
options[:crypto_provider] ||= CryptoProviders::Sha512
- options[:validate_fields] = true unless options.key?(:validate_fields)
options[:login_field] ||= first_column_to_exist(:login, :username, :email)
options[:login_field_type] ||= options[:login_field] == :email ? :email : :login
- options[:validate_login_field] = true unless options.key?(:validate_login_field)
- options[:email_field] = first_column_to_exist(nil, :email) unless options.key?(:email_field)
- options[:email_field] = nil if options[:email_field] == options[:login_field]
- options[:validate_email_field] = true unless options.key?(:validate_email_field)
- options[:allow_blank_login_and_password]
-
- email_name_regex = '[\w\.%\+\-]+'
- domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
- domain_tld_regex = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)'
- options[:email_field_regex] ||= /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
- options[:email_field_regex_failed_message] ||= "should look like an email address."
-
- case options[:login_field_type]
- when :email
- options[:login_field_regex] ||= options[:email_field_regex]
- options[:login_field_regex_failed_message] ||= options[:email_field_regex_failed_message]
- else
- options[:login_field_regex] ||= /\A\w[\w\.\-_@ ]+\z/
- options[:login_field_regex_failed_message] ||= "should use only letters, numbers, spaces, and .-_@ please."
- end
-
options[:password_field] ||= :password
- options[:validate_password_field] = true unless options.key?(:validate_password_field)
-
- options[:password_blank_message] ||= "can not be blank"
- options[:confirm_password_did_not_match_message] ||= "did not match"
options[:crypted_password_field] ||= first_column_to_exist(:crypted_password, :encrypted_password, :password_hash, :pw_hash)
options[:password_salt_field] ||= first_column_to_exist(:password_salt, :pw_salt, :salt)
+
+ options[:email_field] = first_column_to_exist(nil, :email) unless options.key?(:email_field)
+ options[:email_field] = nil if options[:email_field] == options[:login_field]
options[:persistence_token_field] ||= options[:remember_token_field] || first_column_to_exist(:persistence_token, :remember_token, :cookie_token)
options[:single_access_token_field] ||= first_column_to_exist(nil, :single_access_token, :feed_token, :feeds_token)
options[:perishable_token_field] ||= options[:password_reset_token_field] || first_column_to_exist(nil, :perishable_token, :password_reset_token, :pw_reset_token, :reset_password_token, :reset_pw_token, :activation_token)
@@ -165,6 +159,30 @@ def acts_as_authentic_with_config(options = {})
options[:logged_in_timeout] ||= 10.minutes
options[:logged_in_timeout] = options[:logged_in_timeout].to_i
options[:session_ids] ||= [nil]
+
+ # Validation configuration
+ options[:validate_fields] = true unless options.key?(:validate_fields)
+ options[:validate_login_field] = true unless options.key?(:validate_login_field)
+ options[:validate_password_field] = true unless options.key?(:validate_password_field)
+ options[:validate_email_field] = true unless options.key?(:validate_email_field)
+
+ options[:validation_options] ||= {}
+
+ [:login, :password, :email].each do |field_name|
+ field_key = "#{field_name}_field_validation_options".to_sym
+ options[field_key] = options[:validation_options].merge(options[field_key] || {})
+
+ validation_types = field_name == :password ? [:presence, :confirmation] : [:length, :format, :uniqueness]
+ validation_types.each do |validation_type|
+ validation_key = "#{field_name}_field_validates_#{validation_type}_of_options".to_sym
+ options[validation_key] = options[field_key].merge(options[validation_key] || {})
+ end
+ end
+
+ if options[:scope]
+ options[:login_field_validates_uniqueness_of_options][:scope] ||= options[:scope]
+ options[:email_field_validation_uniqueness_of_options][:scope] ||= options[:scope]
+ end
class_eval <<-"end_eval", __FILE__, __LINE__
def self.acts_as_authentic_config
View
57 lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
@@ -21,30 +21,40 @@ def acts_as_authentic_with_credentials(options = {})
acts_as_authentic_without_credentials(options)
if options[:validate_fields]
+ email_name_regex = '[\w\.%\+\-]+'
+ domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
+ domain_tld_regex = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)'
+ email_field_regex ||= /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+
if options[:validate_login_field]
case options[:login_field_type]
when :email
- validates_length_of options[:login_field], :within => 6..100, :allow_blank => options[:allow_blank_login_and_password_fields]
- validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message], :allow_blank => options[:allow_blank_login_and_password_fields]
+ validates_length_of options[:login_field], {:within => 6..100}.merge(options[:login_field_validates_length_of_options])
+ validates_format_of options[:login_field], {:with => email_field_regex, :message => "should look like an email address."}.merge(options[:login_field_validates_length_of_options])
else
- validates_length_of options[:login_field], :within => 2..100, :allow_blank => options[:allow_blank_login_and_password_fields]
- validates_format_of options[:login_field], :with => options[:login_field_regex], :message => options[:login_field_regex_failed_message], :allow_blank => options[:allow_blank_login_and_password_fields]
+ validates_length_of options[:login_field], {:within => 2..100}.merge(options[:login_field_validates_length_of_options])
+ validates_format_of options[:login_field], {:with => /\A\w[\w\.\-_@ ]+\z/, :message => "should use only letters, numbers, spaces, and .-_@ please."}.merge(options[:login_field_validates_format_of_options])
end
- validates_uniqueness_of options[:login_field], :scope => options[:scope], :allow_blank => options[:allow_blank_login_and_password_fields], :if => Proc.new { |record| (record.respond_to?("#{options[:login_field]}_changed?") && record.send("#{options[:login_field]}_changed?")) || !record.respond_to?("#{options[:login_field]}_changed?") }
+ validates_uniqueness_of options[:login_field], {:allow_blank => true}.merge(options[:login_field_validates_uniqueness_of_options].merge(:if => "#{options[:login_field]}_changed?".to_sym))
end
- if options[:validate_email_field] && options[:email_field]
- validates_length_of options[:email_field], :within => 6..100, :allow_blank => options[:allow_blank_email_field]
- validates_format_of options[:email_field], :with => options[:email_field_regex], :message => options[:email_field_regex_failed_message], :allow_blank => options[:allow_blank_email_field]
- validates_uniqueness_of options[:email_field], :scope => options[:scope], :allow_blank => options[:allow_blank_email_field], :if => Proc.new { |record| (record.respond_to?("#{options[:email_field]}_changed?") && record.send("#{options[:email_field]}_changed?")) || !record.respond_to?("#{options[:email_field]}_changed?") }
+ if options[:validate_password_field]
+ validates_presence_of options[:password_field], {:on => :create}.merge(options[:password_field_validates_presence_of_options])
+
+
+ validates_confirmation_of options[:password_field], options[:password_field_validates_confirmation_of_options].merge(:if => "#{options[:crypted_password_field]}_changed?".to_sym)
+ validates_presence_of "#{options[:password_field]}_confirmation", :if => "#{options[:crypted_password_field]}_changed?"
end
- validate :validate_password if options[:validate_password_field]
+ if options[:validate_email_field] && options[:email_field]
+ validates_length_of options[:email_field], {:within => 6..100}.merge(options[:email_field_validates_length_of_options])
+ validates_format_of options[:email_field], {:with => email_field_regex, :message => "should look like an email address."}.merge(options[:email_field_validates_format_of_options])
+ validates_uniqueness_of options[:email_field], options[:email_field_validates_uniqueness_of_options].merge(:if => "#{options[:email_field]}_changed?".to_sym)
+ end
end
- attr_writer "confirm_#{options[:password_field]}"
- attr_accessor "tried_to_set_#{options[:password_field]}"
+ attr_reader options[:password_field]
class_eval <<-"end_eval", __FILE__, __LINE__
def self.friendly_unique_token
@@ -56,7 +66,6 @@ def self.friendly_unique_token
def #{options[:password_field]}=(pass)
return if pass.blank?
- self.tried_to_set_#{options[:password_field]} = true
@#{options[:password_field]} = pass
self.#{options[:password_salt_field]} = self.class.unique_token
self.#{options[:crypted_password_field]} = #{options[:crypto_provider]}.encrypt(@#{options[:password_field]} + #{options[:password_salt_field]})
@@ -68,13 +77,10 @@ def valid_#{options[:password_field]}?(attempted_password)
(!#{options[:crypto_provider]}.respond_to?(:decrypt) && #{options[:crypto_provider]}.encrypt(attempted_password + #{options[:password_salt_field]}) == #{options[:crypted_password_field]})
end
- def #{options[:password_field]}; end
- def confirm_#{options[:password_field]}; end
-
def reset_#{options[:password_field]}
friendly_token = self.class.friendly_unique_token
self.#{options[:password_field]} = friendly_token
- self.confirm_#{options[:password_field]} = friendly_token
+ self.#{options[:password_field]}_confirmation = friendly_token
end
alias_method :randomize_password, :reset_password
@@ -83,23 +89,6 @@ def reset_#{options[:password_field]}!
save_without_session_maintenance(false)
end
alias_method :randomize_password!, :reset_password!
-
- protected
- def tried_to_set_password?
- tried_to_set_password == true
- end
-
- def validate_password
- return if #{options[:allow_blank_login_and_password_fields].inspect} && @#{options[:password_field]}.blank? && @confirm_#{options[:password_field]}.blank?
-
- if new_record? || tried_to_set_#{options[:password_field]}?
- if @#{options[:password_field]}.blank?
- errors.add(:#{options[:password_field]}, #{options[:password_blank_message].inspect})
- else
- errors.add(:confirm_#{options[:password_field]}, #{options[:confirm_password_did_not_match_message].inspect}) if @confirm_#{options[:password_field]} != @#{options[:password_field]}
- end
- end
- end
end_eval
end
end
View
2  lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb
@@ -24,7 +24,7 @@ def acts_as_authentic_with_perishability(options = {})
return if options[:perishable_token_field].blank?
class_eval <<-"end_eval", __FILE__, __LINE__
- validates_uniqueness_of :#{options[:perishable_token_field]}, :if => Proc.new { |record| (record.respond_to?("#{options[:perishable_token_field]}_changed?") && record.send("#{options[:perishable_token_field]}_changed?")) || !record.respond_to?("#{options[:perishable_token_field]}_changed?") }
+ validates_uniqueness_of :#{options[:perishable_token_field]}, :if => :#{options[:perishable_token_field]}_changed?
before_validation :reset_#{options[:perishable_token_field]}
View
2  lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb
@@ -22,7 +22,7 @@ module Persistence
def acts_as_authentic_with_persistence(options = {})
acts_as_authentic_without_persistence(options)
- validates_uniqueness_of options[:persistence_token_field], :if => Proc.new { |record| (record.respond_to?("#{options[:persistence_token_field]}_changed?") && record.send("#{options[:persistence_token_field]}_changed?")) || !record.respond_to?("#{options[:persistence_token_field]}_changed?") }
+ validates_uniqueness_of options[:persistence_token_field], :if => "#{options[:persistence_token_field]}_changed?".to_sym
def forget_all!
# Paginate these to save on memory
View
2  lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb
@@ -22,7 +22,7 @@ def acts_as_authentic_with_single_access(options = {})
return if options[:single_access_token_field].blank?
class_eval <<-"end_eval", __FILE__, __LINE__
- validates_uniqueness_of :#{options[:single_access_token_field]}, :if => Proc.new { |record| (record.respond_to?("#{options[:single_access_token_field]}_changed?") && record.send("#{options[:single_access_token_field]}_changed?")) || !record.respond_to?("#{options[:single_access_token_field]}_changed?") }
+ validates_uniqueness_of :#{options[:single_access_token_field]}, :if => :#{options[:single_access_token_field]}_changed?
before_validation :set_#{options[:single_access_token_field]}_field
View
17 lib/authlogic/session/openid.rb
@@ -1,17 +0,0 @@
-module Authlogic
- module Session
- # = Session
- #
- # Handles all parts of authentication that deal with sessions. Such as persisting a session and saving / destroy a session.
- module OpenID
- def self.included(klass)
- klass.class_eval do
- attr_accessor :
- alias_method_chain :credentials=, :openid
- end
- end
-
- # Tries to validate the session from information in the session
- def credentials_with_openid=(value)
- self.credentials_without_openid
- end
View
4 lib/authlogic/version.rb
@@ -43,8 +43,8 @@ def to_a
end
MAJOR = 1
- MINOR = 2
- TINY = 2
+ MINOR = 3
+ TINY = 0
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
View
54 test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb
@@ -12,31 +12,37 @@ def test_first_column_to_exist
def test_acts_as_authentic_config
default_config = {
- :confirm_password_did_not_match_message => "did not match",
- :single_access_token_field => :single_access_token,
- :login_field_regex => /\A\w[\w\.\-_@ ]+\z/,
:session_ids => [nil],
- :login_field_regex_failed_message => "should use only letters, numbers, spaces, and .-_@ please.",
- :persistence_token_field => :persistence_token,
- :password_field => :password,
- :logged_in_timeout => 600,
- :password_salt_field => :password_salt,
- :perishable_token_valid_for => 600,
- :perishable_token_field => :perishable_token,
- :login_field_type => :login,
- :crypto_provider => Authlogic::CryptoProviders::Sha512,
- :password_blank_message => "can not be blank",
- :crypted_password_field => :crypted_password,
- :session_class => "UserSession",
- :login_field => :login,
- :email_field => :email,
- :email_field_regex => /\A[\w\.%\+\-]+@(?:[A-Z0-9\-]+\.)+(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)\z/i,
- :email_field_regex_failed_message=>"should look like an email address.",
- :validate_fields => true,
- :validate_login_field => true,
- :validate_email_field => true,
- :validate_password_field => true
- }
+ :email_field_validates_length_of_options => {},
+ :logged_in_timeout => 600,
+ :validate_password_field => true,
+ :login_field_validates_length_of_options => {},
+ :password_field_validation_options => {},
+ :login_field_type => :login,
+ :email_field_validates_format_of_options => {},
+ :crypted_password_field => :crypted_password,
+ :password_salt_field => :password_salt,
+ :login_field_validates_format_of_options => {},
+ :email_field_validation_options => {},
+ :crypto_provider => Authlogic::CryptoProviders::Sha512,
+ :persistence_token_field => :persistence_token,
+ :email_field_validates_uniqueness_of_options => {},
+ :session_class => "UserSession",
+ :single_access_token_field => :single_access_token,
+ :login_field_validates_uniqueness_of_options => {},
+ :validate_fields => true,
+ :login_field => :login,
+ :perishable_token_valid_for => 600,
+ :password_field_validates_presence_of_options => {},
+ :password_field => :password,
+ :validate_login_field => true,
+ :email_field => :email,
+ :perishable_token_field => :perishable_token,
+ :password_field_validates_confirmation_of_options => {},
+ :validate_email_field => true,
+ :validation_options => {},
+ :login_field_validation_options => {}
+ }
assert_equal default_config, User.acts_as_authentic_config
end
end
View
17 ...rm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb
@@ -38,15 +38,14 @@ def test_user_validations
user.password = "my pass"
assert !user.valid?
assert !user.errors.on(:password)
- assert user.errors.on(:confirm_password)
+ assert user.errors.on(:password_confirmation)
- user.confirm_password = "my pizass"
+ user.password_confirmation = "my pizass"
assert !user.valid?
- assert !user.errors.on(:password)
- assert user.errors.on(:confirm_password)
+ assert user.errors.on(:password)
assert user.errors.on(:email)
- user.confirm_password = "my pass"
+ user.password_confirmation = "my pass"
assert !user.valid?
assert user.errors.on(:email)
@@ -61,7 +60,7 @@ def test_user_validations
def test_employee_validations
employee = Employee.new
employee.password = "pass"
- employee.confirm_password = "pass"
+ employee.password_confirmation = "pass"
assert !employee.valid?
assert employee.errors.on(:email)
@@ -95,15 +94,13 @@ def test_password
assert user.crypted_password
assert user.password_salt
assert user.persistence_token
- assert_equal true, user.tried_to_set_password
- assert_nil user.password
+ assert_equal "sillywilly", user.password
employee = Employee.new
employee.password = "awesome"
assert employee.crypted_password
assert employee.persistence_token
- assert_equal true, employee.tried_to_set_password
- assert_nil employee.password
+ assert_equal "awesome", employee.password
end
def test_valid_password
View
8 ...ers_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb
@@ -5,7 +5,7 @@ module ActiveRecordAdapterTests
module ActsAsAuthenticTests
class SessionMaintenanceTest < ActiveSupport::TestCase
def test_login_after_create
- assert User.create(:login => "awesome", :password => "saweet", :confirm_password => "saweet", :email => "awesome@awesome.com")
+ assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@awesome.com")
assert UserSession.find
end
@@ -15,7 +15,7 @@ def test_update_session_after_password_modify
old_session_key = @controller.session["user_credentials"]
old_cookie_key = @controller.cookies["user_credentials"]
ben.password = "newpass"
- ben.confirm_password = "newpass"
+ ben.password_confirmation = "newpass"
ben.save
assert @controller.session["user_credentials"]
assert @controller.cookies["user_credentials"]
@@ -41,7 +41,7 @@ def test_updating_other_user
old_cookie_key = @controller.cookies["user_credentials"]
zack = users(:zack)
zack.password = "newpass"
- zack.confirm_password = "newpass"
+ zack.password_confirmation = "newpass"
zack.save
assert_equal @controller.session["user_credentials"], old_session_key
assert_equal @controller.cookies["user_credentials"], old_cookie_key
@@ -51,7 +51,7 @@ def test_resetting_password_when_logged_out
ben = users(:ben)
assert !UserSession.find
ben.password = "newpass"
- ben.confirm_password = "newpass"
+ ben.password_confirmation = "newpass"
ben.save
assert UserSession.find
assert_equal ben, UserSession.find.record
Please sign in to comment.
Something went wrong with that request. Please try again.