Add user remember-me functions

jugglebird · Jun 26, 2008 · ac0a631 · ac0a631
1 parent bf6e2d9
commit ac0a631
Show file tree

Hide file tree

Showing 3 changed files with 71 additions and 1 deletion.
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -44,7 +44,23 @@ def after_initialize
   def confirm_password?
     @confirm_password
   end
-
+
+  def remember_me
+    self.session_expire = Radiant::Config['session_timeout'].to_i.from_now.utc
+    self.session_token  ||= sha1(session_expire)
+    save(false)
+  end
+
+  def forget_me
+    self.session_expire = nil
+    self.session_token  = nil
+    save(false)
+  end
+
+  def session_token?
+    session_expire && Time.now.utc < session_expire
+  end
+
   private
 
     def validate_length_of_password?

diff --git a/lib/radiant/setup.rb b/lib/radiant/setup.rb
@@ -50,6 +50,7 @@ def load_default_configuration
         step { Radiant::Config['defaults.page.parts' ] = 'body, extended' }
         step { Radiant::Config['defaults.page.status' ] = 'draft' }
         step { Radiant::Config['defaults.page.filter' ] = nil }
+        step { Radiant::Config['session_timeout'] = 2.weeks }
       end
     end
 

diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
@@ -121,6 +121,59 @@
     @user.salt.should_not be_nil
     @user.password.should == @user.sha1('password')
   end
+
+  describe ".remember_me" do
+    before do
+      Radiant::Config.stub!(:[]).with('session_timeout').and_return(2.weeks)
+      @user.save
+      @user.remember_me
+      @user.reload
+    end
+
+    it "should remember user" do
+      @user.session_token.should_not be_nil
+      @user.session_expire.should be_close(2.weeks.from_now.utc, 1.minute) # grace time to run spec
+    end
+
+    it "should advance session expiry" do
+      @user.session_expire = 1.day.from_now
+      @user.save
+      @user.remember_me
+      @user.session_expire.should be_close(2.weeks.from_now.utc, 1.minute)
+    end
+  end
+
+  describe ".forget_me" do
+
+    before do
+      Radiant::Config.stub!(:[]).with('session_timeout').and_return(2.weeks)
+      @user.save
+      @user.remember_me
+    end
+
+    it "should forget user" do
+      @user.forget_me
+      @user.session_token.should be_nil
+      @user.session_expire.should be_nil
+    end
+  end
+
+  describe ".session_token?" do
+    it "should be true if token is unexpired" do
+      @user.session_expire = 2.weeks.from_now.utc
+      @user.session_token?.should be(true)
+    end
+
+    it "should be false if token is expired" do
+      @user.session_expire = 1.day.ago.utc
+      @user.session_token?.should_not be(true)
+    end
+
+    it "should be false if token is nil" do
+      @user.session_expire = nil
+      @user.session_token?.should_not be(true)
+    end
+  end
 end
 
 describe User, "class methods" do