Skip to content
Browse files

preparing for first release

  • Loading branch information...
1 parent 235680c commit 09f89f477a8da71eb7855b3fb045bea1cd93af2f activefx committed
View
2 app/controllers/application.rb
@@ -7,7 +7,7 @@ class ApplicationController < ActionController::Base
include AuthenticatedSystem
# You can move this into a different controller, if you wish. This module gives you the require_role helpers, and others.
include RoleRequirementSystem
- #include ExceptionLoggable
+ include ExceptionLoggable
helper :all # include all helpers, all the time
View
2 app/controllers/sessions_controller.rb
@@ -1,7 +1,6 @@
# This controller handles the login/logout function of the site.
class SessionsController < ApplicationController
before_filter :login_prohibited, :only => [:new, :create]
- before_filter :login_required, :only => [:destroy]
protect_from_forgery :only => [ :new, :destroy ]
# render new.html.erb
@@ -74,7 +73,6 @@ def open_id_authentication(identity_url_params)
flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code."
else
flash[:error] = "We need some additional details before we can create your account."
- session[:identity_url] = identity_url
render :template => "user/openid_accounts/new"
end
end
View
6 app/controllers/user/openid_accounts_controller.rb
@@ -16,18 +16,18 @@ def create
redirect_back_or_default('/')
flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code."
else
- flash[:error] = "Sorry, we couldn't set up that account. Please try again, or %s."
+ flash[:error] = "Sorry, we couldn't set up that account. Please correct the errors and try again, or %s."
flash[:error_item] = ["sign up for a regular account", new_user_profile_path]
render :action => 'new'
end
end
def edit
- @user = OpenidUser.find(current_user.id)
+ @user = OpenidUser.find_by_login(current_user.login)
end
def update
- @user = OpenidUser.find(current_user.id)
+ @user = OpenidUser.find_by_login(current_user.login)
if @user.update_attributes(params[:user])
flash[:notice] = "Profile updated."
redirect_to user_profile_path
View
4 app/controllers/user/profiles_controller.rb
@@ -15,8 +15,8 @@ def new
def create
logout_keeping_session!
# WARNING
- # Because role ids are an accessible attribute, anytime you
- # use User.new you need to assign the params individually
+ # Because role ids are an accessible attribute, anytime you create
+ # or update a User you need to assign the params individually
@user = User.new(:login => params[:user][:login],
:email => params[:user][:email],
:name => params[:user][:name],
View
8 app/helpers/application_helper.rb
@@ -21,4 +21,12 @@ def message_for_item(message, item = nil)
end
end
+ def if_admin?
+ yield if logged_in? && current_user.has_role?('admin')
+ end
+
+ def if_logged_in?
+ yield if logged_in?
+ end
+
end
View
2 app/models/role.rb
@@ -4,8 +4,6 @@ class Role < ActiveRecord::Base
#validates_uniqueness_of :name, :case_sensitive => false
#validates_format_of :name, :with => /\w/, :message => "should be a word."
- ADMIN_ROLE = "admin"
-
attr_accessible nil
def to_xml(options = {})
View
10 app/models/user_mailer.rb
@@ -2,19 +2,19 @@ class UserMailer < ActionMailer::Base
def signup_notification(user)
setup_email(user)
@subject += 'Please activate your new account'
- @body[:url] = "http://YOURSITE/activate/#{user.activation_code}"
+ @body[:url] = "http://#{APP_CONFIG['settings']['domain']}/activate/#{user.activation_code}"
end
def activation(user)
setup_email(user)
@subject += 'Your account has been activated!'
- @body[:url] = "http://YOURSITE/"
+ @body[:url] = "http://#{APP_CONFIG['settings']['domain']}/"
end
def forgot_password(user)
setup_email(user)
@subject += 'You have requested to change your password'
- @body[:url] = "http://localhost:3000/reset_password/#{user.password_reset_code}"
+ @body[:url] = "http://#{APP_CONFIG['settings']['domain']}/reset_password/#{user.password_reset_code}"
end
def reset_password(user)
@@ -25,8 +25,8 @@ def reset_password(user)
protected
def setup_email(user)
@recipients = "#{user.email}"
- @from = "ADMINEMAIL"
- @subject = "[YOURSITE] "
+ @from = APP_CONFIG['mail']['sender']
+ @subject = "[#{APP_CONFIG['settings']['name']}] "
@sent_on = Time.now
@body[:user] = user
end
View
9 app/views/layouts/application.html.erb
@@ -4,7 +4,7 @@
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html;charset=UTF-8" />
- <title>PROJECTNAME: <%= controller.action_name %></title>
+ <title><%= APP_CONFIG['settings']['name'] %>: <%= controller.action_name %></title>
<%= stylesheet_link_tag 'main' %>
<%= javascript_include_tag :defaults %>
</head>
@@ -17,10 +17,10 @@
<ul>
<li><%= link_to 'Homepage', root_path %></li>
- <% if logged_in? %>
+ <% if_logged_in? do %>
<li><%= link_to 'Members', members_path %></li>
<% end %>
- <% if logged_in? && current_user.has_role?('admin') %>
+ <% if_admin? do %>
<li><%= link_to 'Administer Users', admin_users_path %></li>
<li><%= link_to 'Logged Exceptions', logged_exceptions_path %></li>
<% end %>
@@ -28,8 +28,7 @@
<%= yield %>
- <% if ENV["RAILS_ENV"] == "development" %>
- <%# if Rails.env.development? %>
+ <% if Rails.env.development? %>
<div id="footnotes_holder">
</div>
View
2 app/views/sessions/new.html.erb
@@ -10,7 +10,7 @@
<p>Or use OpenID:</p>
-<p><%= label_tag 'openid_indentifier', 'OpenID' %><br/>
+<p><%= label_tag 'openid_indentifier', 'OpenID Url' %><br/>
<%= text_field_tag "openid_identifier", @openid_identifier %></p>
<p>Stay logged in on this computer:<br/>
View
1 app/views/user_mailer/signup_notification.erb
@@ -1,7 +1,6 @@
Your account has been created.
Username: <%=h @user.login %>
- Password: <%=h @user.password %>
Visit this url to activate your account:
View
21 config/config.yml.sample
@@ -0,0 +1,21 @@
+development:
+ settings:
+ name: Your Application
+ domain: localhost:3000
+ session_key: _your_application_session
+ secret: 1138371c71fe2f4f6769090e9fa0d7314b4febcc1c1966f9c83e16a3c880e0ca396cbb37e9ce53bbefc2417cb7363d7127200d51f16b9aeda033dbc3600c63fc
+ forgery: b8029fa60066bb90d7fb4e68265a112b
+ rest_auth:
+ site_key: e587f9d09baa59c920b9ee97ac70f58b3c51356c
+ stretches: 10
+ mail:
+ address: mail.yourapplication.com
+ port: 25
+ domain: yourapplication.com
+ authentication: :login
+ user_name: emailaccount@yourapplication.com
+ password: emailaccountpassword
+ sender: donotreply@yourapplication.com
+ recaptcha:
+ publickey:
+ privatekey:
View
42 config/database.yml.sample
@@ -0,0 +1,42 @@
+# MySQL. Versions 4.1 and 5.0 are recommended.
+#
+# Install the MySQL driver:
+# gem install mysql
+# On Mac OS X:
+# sudo gem install mysql -- --with-mysql-dir=/usr/local/mysql
+# On Mac OS X Leopard:
+# sudo env ARCHFLAGS="-arch i386" gem install mysql -- --with-mysql-config=/usr/local/mysql/bin/mysql_config
+# This sets the ARCHFLAGS environment variable to your native architecture
+# On Windows:
+# gem install mysql
+# Choose the win32 build.
+# Install MySQL and put its /bin directory on your path.
+#
+# And be sure to use new-style password hashing:
+# http://dev.mysql.com/doc/refman/5.0/en/old-client.html
+development:
+ adapter: mysql
+ encoding: utf8
+ database: restful_authentication_tutorial_development
+ username: root
+ password:
+ socket: /var/run/mysqld/mysqld.sock
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+ adapter: mysql
+ encoding: utf8
+ database: restful_authentication_tutorial_test
+ username: root
+ password:
+ socket: /var/run/mysqld/mysqld.sock
+
+production:
+ adapter: mysql
+ encoding: utf8
+ database: restful_authentication_tutorial_production
+ username: root
+ password:
+ socket: /var/run/mysqld/mysqld.sock
View
2 config/environment.rb
@@ -2,7 +2,7 @@
require 'yaml'
# Uncomment below to force Rails into production mode when
# you don't control web/app server and can't set it the proper way
-# ENV['RAILS_ENV'] ||= 'production'
+ ENV['RAILS_ENV'] ||= 'production'
# Specifies gem version of Rails to use when vendor/rails is not present
RAILS_GEM_VERSION = '2.1.0' unless defined? RAILS_GEM_VERSION
View
30 config/environments/production.rb
@@ -25,38 +25,18 @@
require 'application' unless Object.const_defined?(:ApplicationController)
LoggedExceptionsController.class_eval do
# set the same session key as the app
- session :session_key => '_restful_authentication_tutorial_session'
+ session :session_key => APP_CONFIG['settings']['session_key']
# include any custom auth modules you need
- include AuthenticationSystem
+ include AuthenticatedSystem
+ include RoleRequirementSystem
before_filter :login_required
+ require_role :admin
# optional, sets the application name for the rss feeds
- self.application_name = "Restful Authentication Tutorial"
+ self.application_name = APP_CONFIG['settings']['name']
- protected
- # only allow admins
- # this obviously depends on how your auth system works
- def authorized?
- current_user.has_role?('admin')
- end
-
- # assume app's login required doesn't use http basic
- def login_required_with_basic
- respond_to do |accepts|
- # alias_method_chain will alias the app's login_required to login_required_without_basic
- accepts.html { login_required_without_basic }
-
- # access_denied_with_basic_auth is defined in LoggedExceptionsController
- # get_auth_data returns back the user/password pair
- accepts.rss do
- access_denied_with_basic_auth unless self.current_user = User.authenticate(*get_auth_data)
- end
- end
- end
-
- alias_method_chain :login_required, :basic
end
end
View
6 db/migrate/20080806025753_set_up_first_admin_user.rb
@@ -3,17 +3,17 @@ def self.up
#Be sure to change these settings for your initial admin user
user = User.new
user.login = "admin"
- user.email = "admin@example.com"
+ user.email = APP_CONFIG['settings']['admin_email']
user.password = "password"
user.password_confirmation = "password"
user.save
role = Role.new
- #Admin role name should be "admin"
+ #Admin role name should be "admin" for convenience
role.name = "admin"
role.save
admin_user = User.find_by_login("admin")
admin_role = Role.find_by_name("admin")
- admin_user.activate!
+ admin_user.activated_at = Time.now.utc
admin_user.roles << admin_role
admin_user.save
end
View
17 lib/authentication/user_abstraction.rb
@@ -52,7 +52,7 @@ module ModelClassMethods
# This will also let us return a human error message.
#
def authenticate(login, password)
- return nil if login.blank? || password.blank?
+ return nil if (login.blank? || password.blank?)
u = find :first, :conditions => ['login = ?', login], :include => :roles # need to get the salt
return nil unless (u && u.authenticated?(password))
raise NotActivated unless u.active?
@@ -62,7 +62,7 @@ def authenticate(login, password)
def find_with_identity_url(identity_url)
u = find :first, :conditions => ['identity_url = ?', identity_url]
- return nil unless u
+ return nil if (identity_url.blank? || u.nil?)
raise NotActivated unless u.active?
raise NotEnabled unless u.enabled?
u
@@ -70,7 +70,7 @@ def find_with_identity_url(identity_url)
def send_new_activation_code(email)
u = find :first, :conditions => ['email = ?', email]
- raise EmailNotFound if (u.nil? || email.blank?)
+ raise EmailNotFound if (email.blank? || u.nil?)
return nil unless (u.send(:make_activation_code) && u.save(false))
@lost_activation = true
end
@@ -82,16 +82,9 @@ def find_with_activation_code(activation_code)
u.active? ? (raise AlreadyActivated) : u
end
- #def find_and_activate!(activation_code)
- # u = find_with_activation_code(activation_code)
- # raise StandardError if u.nil?
- # u.activate!
- #end
-
def find_with_password_reset_code(reset_code)
- raise StandardError if reset_code.blank?
u = find :first, :conditions => ['password_reset_code = ?', reset_code]
- raise StandardError if u.nil?
+ raise StandardError if (reset_code.blank? || u.nil?)
u
end
@@ -129,7 +122,7 @@ def has_role?(role_in_question)
end
def change_password!(old_password, new_password, new_confirmation)
- raise OpenidUser if (!self.identity_url.blank? && self.password.blank?)
+ raise OpenidUser if (!self.identity_url.blank? && self.crypted_password.blank?)
raise PasswordMismatch if (new_password != new_confirmation)
return nil unless (!new_password.blank? && User.authenticate(self.login, old_password))
self.password, self.password_confirmation = new_password, new_confirmation

0 comments on commit 09f89f4

Please sign in to comment.
Something went wrong with that request. Please try again.