* Modified login format validation to allow for the + character since…

… emails addresses allow that as a valid character.
Shadowfiend · Apr 21, 2009 · c2575c4 · c2575c4
1 parent 0f38680
commit c2575c4
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 3 deletions.
diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc
@@ -2,6 +2,7 @@
 
 * Mock request is now transparent to non existent methods. Since the methods calls really have no functional value when testing authlogic.
 * Allow password confirmation to be disabled.
+* Modified login format validation to allow for the + character since emails addresses allow that as a valid character.
 
 == 2.0.9 release 2009-4-9
 

diff --git a/README.rdoc b/README.rdoc
@@ -4,7 +4,7 @@ Authlogic is a clean, simple, and unobtrusive ruby authentication solution.
 
 What inspired me to create Authlogic was the messiness of the current authentication solutions. Put simply, they just didn't feel right, because the logic was not organized properly. As you may know, a common misconception with the MVC design pattern is that the model "M" is only for data access logic, which is wrong. A model is a place for domain logic. This is why the RESTful design pattern and the current authentication solutions don't play nice. Authlogic solves this by placing the session maintenance logic into its own domain (aka "model").Moving session maintenance into its own domain has its benefits:
 
-1. <b>It's easier to update and stay current with the latest security practices.<b> To make my point, take a look at the commits to any other authentication solution, then look at the {commits for authlogic}[http://github.com/binarylogic/authlogic/commits/master]. How many commits could you easily start using if you already had an app using an alternate solution? You can't just re-run the generator they provide. All of those cool new features and bug fixes are going to have be manually added or wait for your next application. With Authlogic you can start using the latest code with a simple update of a gem. So when Authlogics adds a cool new feature just update your gem and you can start using it.
+1. <b>It's easier to update and stay current with the latest security practices.</b> To make my point, take a look at the commits to any other authentication solution, then look at the {commits for authlogic}[http://github.com/binarylogic/authlogic/commits/master]. How many commits could you easily start using if you already had an app using an alternate solution? My guess is very few, if not none. You can't just re-run the generator they provide. All of those cool new features and bug fixes are going to have be manually added or wait for your next application. With Authlogic you can start using the latest code with a simple update of a gem. So when Authlogics adds a cool new feature just update your gem and you can start using it.
 2. <b>It ties everything together on the domain level.</b> Take a new user registration for example, no reason to manually log the user in, authlogic handles this for you via callbacks. The same applies to a user changing their password. Authlogic handles maintaining the session for you.
 3. <b>Your application can stay clean, focused, and free of redundant authentication code from app to app.</b> Meaning generators are *NOT* necessary. Not any more neccessary than any other control
 4. <b>A byproduct of #3 is that you don't have to test the same code over and over in each of your apps.</b> You don't test the internals of ActiveRecord in each of your apps, so why would you test the internals of Authlogic? It's already been thoroughly tested for you. Focus on your application, and get rid of the noise by testing your application specific code and not generated code that you didn't write.

diff --git a/lib/authlogic/acts_as_authentic/login.rb b/lib/authlogic/acts_as_authentic/login.rb
@@ -43,7 +43,7 @@ def validates_length_of_login_field_options(value = nil)
         # * <tt>Default:</tt> {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
         # * <tt>Accepts:</tt> Hash of options accepted by validates_format_of
         def validates_format_of_login_field_options(value = nil)
-          config(:validates_format_of_login_field_options, value, {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")})
+          config(:validates_format_of_login_field_options, value, {:with => /\A\w[\w\.+-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")})
         end
         alias_method :validates_format_of_login_field_options=, :validates_format_of_login_field_options
 

diff --git a/test/acts_as_authentic_test/login_test.rb b/test/acts_as_authentic_test/login_test.rb
@@ -33,7 +33,7 @@ def test_validates_length_of_login_field_options_config
     end
 
     def test_validates_format_of_login_field_options_config
-      default = {:with => /\A\w[\w\.\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
+      default = {:with => /\A\w[\w\.+-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
       assert_equal default, User.validates_format_of_login_field_options
       assert_equal default, Employee.validates_format_of_login_field_options
 
@@ -73,6 +73,10 @@ def test_validates_format_of_login_field
       u.login = "fdsfdsfdsfdsfs"
       assert !u.valid?
       assert !u.errors.on(:login)
+
+      u.login = "dakota.dux+1@gmail.com"
+      assert !u.valid?
+      assert !u.errors.on(:login)
     end
 
     def test_validates_uniqueness_of_login_field