From ac0a631cdf90f29e813447ba8ba63b11e8e7bfc7 Mon Sep 17 00:00:00 2001
From: Josh French <josh@digitalpulp.com>
Date: Wed, 25 Jun 2008 15:39:32 -0400
Subject: [PATCH] Add user remember-me functions

---
 app/models/user.rb       | 18 +++++++++++++-
 lib/radiant/setup.rb     |  1 +
 spec/models/user_spec.rb | 53 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index e58609897..a16dfb09f 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -44,7 +44,23 @@ def after_initialize
   def confirm_password?
     @confirm_password
   end
-  
+
+  def remember_me
+    self.session_expire = Radiant::Config['session_timeout'].to_i.from_now.utc
+    self.session_token  ||= sha1(session_expire)
+    save(false)
+  end
+
+  def forget_me
+    self.session_expire = nil
+    self.session_token  = nil
+    save(false)
+  end
+
+  def session_token?
+    session_expire && Time.now.utc < session_expire
+  end
+
   private
   
     def validate_length_of_password?
diff --git a/lib/radiant/setup.rb b/lib/radiant/setup.rb
index 7fc1a0c93..6967ba944 100644
--- a/lib/radiant/setup.rb
+++ b/lib/radiant/setup.rb
@@ -50,6 +50,7 @@ def load_default_configuration
         step { Radiant::Config['defaults.page.parts' ] = 'body, extended' }
         step { Radiant::Config['defaults.page.status' ] = 'draft' }
         step { Radiant::Config['defaults.page.filter' ] = nil }
+        step { Radiant::Config['session_timeout'] = 2.weeks }
       end
     end
     
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index e42e28008..a55c7e9b2 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -121,6 +121,59 @@
     @user.salt.should_not be_nil
     @user.password.should == @user.sha1('password')
   end
+
+  describe ".remember_me" do
+    before do
+      Radiant::Config.stub!(:[]).with('session_timeout').and_return(2.weeks)
+      @user.save
+      @user.remember_me
+      @user.reload
+    end
+
+    it "should remember user" do
+      @user.session_token.should_not be_nil
+      @user.session_expire.should be_close(2.weeks.from_now.utc, 1.minute) # grace time to run spec
+    end
+
+    it "should advance session expiry" do
+      @user.session_expire = 1.day.from_now
+      @user.save
+      @user.remember_me
+      @user.session_expire.should be_close(2.weeks.from_now.utc, 1.minute)
+    end
+  end
+
+  describe ".forget_me" do
+
+    before do
+      Radiant::Config.stub!(:[]).with('session_timeout').and_return(2.weeks)
+      @user.save
+      @user.remember_me
+    end
+
+    it "should forget user" do
+      @user.forget_me
+      @user.session_token.should be_nil
+      @user.session_expire.should be_nil
+    end
+  end
+
+  describe ".session_token?" do
+    it "should be true if token is unexpired" do
+      @user.session_expire = 2.weeks.from_now.utc
+      @user.session_token?.should be(true)
+    end
+
+    it "should be false if token is expired" do
+      @user.session_expire = 1.day.ago.utc
+      @user.session_token?.should_not be(true)
+    end
+
+    it "should be false if token is nil" do
+      @user.session_expire = nil
+      @user.session_token?.should_not be(true)
+    end
+  end
 end
 
 describe User, "class methods" do