Permalink
Browse files

Removed authlogic in favor of Devise.

  • Loading branch information...
1 parent 8e0e441 commit 3e1b833b982058bf48763634c61814a55221de09 @schof schof committed Aug 11, 2010
Showing with 430 additions and 390 deletions.
  1. +12 −5 Gemfile.lock
  2. +13 −12 api/lib/spree_api.rb
  3. +3 −0 auth/README.md
  4. +0 −12 auth/app/controllers/spree/base_controller_decorator.rb
  5. +33 −0 auth/app/models/user.rb
  6. +21 −13 auth/app/models/user_decorator.rb
  7. +12 −0 auth/app/views/devise/confirmations/new.html.erb
  8. +5 −0 auth/app/views/devise/mailer/confirmation_instructions.html.erb
  9. +8 −0 auth/app/views/devise/mailer/reset_password_instructions.html.erb
  10. +7 −0 auth/app/views/devise/mailer/unlock_instructions.html.erb
  11. +16 −0 auth/app/views/devise/passwords/edit.html.erb
  12. +12 −0 auth/app/views/devise/passwords/new.html.erb
  13. +25 −0 auth/app/views/devise/registrations/edit.html.erb
  14. +22 −0 auth/app/views/devise/registrations/new.html.erb
  15. +20 −0 auth/app/views/devise/sessions/new.html.erb
  16. +19 −0 auth/app/views/devise/shared/_links.erb
  17. +12 −0 auth/app/views/devise/unlocks/new.html.erb
  18. +6 −0 auth/app/views/shared/_login_bar.html.erb
  19. +3 −0 auth/config/routes.rb
  20. +31 −0 auth/db/migrate/20100811003924_switch_to_devise.rb
  21. +146 −0 auth/lib/generators/templates/devise.rb
  22. +1 −0 auth/lib/spree_auth.rb
  23. +0 −1 auth/spec/models/ability_spec.rb
  24. +1 −13 auth/spec/models/user_spec.rb
  25. +1 −0 auth/spree_auth.gemspec
  26. +0 −106 core/app/controllers/user_sessions_controller.rb
  27. +0 −49 core/app/controllers/users_controller.rb
  28. +0 −82 core/app/models/user.rb
  29. +0 −11 core/app/models/user_mailer.rb
  30. +0 −2 core/app/models/user_session.rb
  31. +0 −6 core/app/views/shared/_login_bar.html.erb
  32. +0 −9 core/app/views/user_mailer/password_reset_instructions.erb
  33. +0 −4 core/app/views/user_sessions/authorization_failure.html.erb
  34. +0 −8 core/app/views/user_sessions/new.html.erb
  35. +0 −9 core/app/views/users/_openid_identifier.html.erb
  36. +0 −22 core/app/views/users/new.html.erb
  37. +1 −20 core/config/routes.rb
  38. +0 −1 core/lib/spree_core.rb
  39. +0 −4 core/spec/models/user_spec.rb
  40. +0 −1 core/spree-core.gemspec
View
@@ -3,20 +3,23 @@ PATH
specs:
spree (0.30.0.beta1)
spree_api (= 0.30.0.beta1)
+ spree_auth (= 0.30.0.beta1)
spree_core (= 0.30.0.beta1)
spree_dashboard (= 0.30.0.beta1)
spree_payment_gateway (= 0.30.0.beta1)
spree_promotions (= 0.30.0.beta1)
spree_sample (= 0.30.0.beta1)
spree_api (0.30.0.beta1)
spree_core (= 0.30.0.beta1)
+ spree_auth (0.30.0.beta1)
+ cancan (>= 1.3.0)
+ devise (>= 1.1.1)
+ spree_core (= 0.30.0.beta1)
spree_core (0.30.0.beta1)
activemerchant (>= 1.7.1)
activerecord-tableless (>= 0.1.0)
acts_as_list (>= 0.1.2)
- authlogic (>= 2.1.5)
bundler (>= 0.9.26)
- cancan (>= 1.3.0)
faker (>= 0.3.1)
highline (>= 1.5.1)
less (>= 1.2.20)
@@ -78,13 +81,15 @@ GEM
acts_as_list (0.1.2)
arel (0.4.0)
activesupport (>= 3.0.0.beta)
- authlogic (2.1.6)
- activesupport
+ bcrypt-ruby (2.1.2)
braintree (2.4.0)
builder
builder (2.1.2)
- cancan (1.3.0)
+ cancan (1.3.2)
columnize (0.3.1)
+ devise (1.1.1)
+ bcrypt-ruby (~> 2.1.2)
+ warden (~> 0.10.7)
erubis (2.6.6)
abstract (>= 1.0.0)
faker (0.3.1)
@@ -143,6 +148,8 @@ GEM
treetop (1.4.8)
polyglot (>= 0.3.1)
tzinfo (0.3.22)
+ warden (0.10.7)
+ rack (>= 1.0.0)
will_paginate (3.0.pre2)
PLATFORMS
View
@@ -17,18 +17,19 @@ def generate_api_key
end
- Spree::BaseController.class_eval do
- private
- def current_user
- return @current_user if defined?(@current_user)
- if current_user_session && current_user_session.user
- return @current_user = current_user_session.user
- end
- if token = request.headers['X-SpreeAPIKey']
- @current_user = User.find_by_api_key(token)
- end
- end
- end
+ # RAILS3 TODO: Get the API stuff working with Devise
+ # Spree::BaseController.class_eval do
+ # private
+ # def current_user
+ # return @current_user if defined?(@current_user)
+ # if current_user_session && current_user_session.user
+ # return @current_user = current_user_session.user
+ # end
+ # if token = request.headers['X-SpreeAPIKey']
+ # @current_user = User.find_by_api_key(token)
+ # end
+ # end
+ # end
LineItem.class_eval do
def description
View
@@ -0,0 +1,3 @@
+authentication by token example
+
+ http://localhost:3000/?auth_token=oWBSN16k6dWx46TtSGcp
@@ -1,12 +0,0 @@
-Spree::BaseController.class_eval do
- private
- def current_user_session
- return @current_user_session if defined?(@current_user_session)
- @current_user_session = UserSession.find
- end
-
- def current_user
- return @current_user if defined?(@current_user)
- @current_user = current_user_session && current_user_session.user
- end
-end
View
@@ -0,0 +1,33 @@
+class User < ActiveRecord::Base
+
+ # Include default devise modules. Others available are:
+ # :confirmable, :lockable and :timeoutable
+ devise :database_authenticatable, :registerable, :token_authenticatable,
+ :recoverable, :rememberable, :trackable, :validatable
+
+ # Setup accessible (or protected) attributes for your model
+ attr_accessible :email, :password, :password_confirmation, :remember_me
+
+ has_many :orders
+ has_and_belongs_to_many :roles
+
+ belongs_to :ship_address, :foreign_key => "ship_address_id", :class_name => "Address"
+ belongs_to :bill_address, :foreign_key => "bill_address_id", :class_name => "Address"
+
+ after_save :ensure_authentication_token!
+
+ # has_role? simply needs to return true or false whether a user has a role or not.
+ def has_role?(role_in_question)
+ roles.any? { |role| role.name == role_in_question.to_s }
+ end
+
+ def self.guest!
+ token = User.generate_token(:authentication_token)
+ User.create(:email => "#{token}@spree.com", :password => token, :password_confirmation => token)
+ end
+
+ def guest?
+ self.email.blank?
+ end
+
+end
@@ -1,18 +1,26 @@
User.class_eval do
- alias_attribute :token, :api_key
- before_validation :generate_token
- validates_presence_of :token
+ #alias_attribute :token, :api_key
+ #before_validation :generate_token
+ #validates_presence_of :token
- def generate_token
- self.token ||= secure_digest(Time.now, (1..10).map{ rand.to_s })
- end
+ # Include default devise modules. Others available are:
+ # :confirmable, :lockable and :timeoutable
+ devise :database_authenticatable, :registerable, :token_authenticatable,
+ :recoverable, :rememberable, :trackable, :validatable
- def regenerate_token!
- self.update_attribute(:api_key, secure_digest(Time.now, (1..10).map{ rand.to_s }))
- end
+ # Setup accessible (or protected) attributes for your model
+ attr_accessible :email, :password, :password_confirmation, :remember_me
- private
- def secure_digest(*args)
- Digest::SHA1.hexdigest(args.flatten.join('--'))
- end
+ # def generate_token
+ # self.token ||= secure_digest(Time.now, (1..10).map{ rand.to_s })
+ # end
+ #
+ # def regenerate_token!
+ # self.update_attribute(:api_key, secure_digest(Time.now, (1..10).map{ rand.to_s }))
+ # end
+ #
+ # private
+ # def secure_digest(*args)
+ # Digest::SHA1.hexdigest(args.flatten.join('--'))
+ # end
end
@@ -0,0 +1,12 @@
+<h2>Resend confirmation instructions</h2>
+
+<%= form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f| %>
+ <%= devise_error_messages! %>
+
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.submit "Resend confirmation instructions" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,5 @@
+<p>Welcome <%= @resource.email %>!</p>
+
+<p>You can confirm your account through the link below:</p>
+
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, :confirmation_token => @resource.confirmation_token) %></p>
@@ -0,0 +1,8 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Someone has requested a link to change your password, and you can do this through the link below.</p>
+
+<p><%= link_to 'Change my password', edit_password_url(@resource, :reset_password_token => @resource.reset_password_token) %></p>
+
+<p>If you didn't request this, please ignore this email.</p>
+<p>Your password won't change until you access the link above and create a new one.</p>
@@ -0,0 +1,7 @@
+<p>Hello <%= @resource.email %>!</p>
+
+<p>Your account has been locked due to an excessive amount of unsuccessful sign in attempts.</p>
+
+<p>Click the link below to unlock your account:</p>
+
+<p><%= link_to 'Unlock my account', unlock_url(@resource, :unlock_token => @resource.unlock_token) %></p>
@@ -0,0 +1,16 @@
+<h2>Change your password</h2>
+
+<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f| %>
+ <%= devise_error_messages! %>
+ <%= f.hidden_field :reset_password_token %>
+
+ <p><%= f.label :password %><br />
+ <%= f.password_field :password %></p>
+
+ <p><%= f.label :password_confirmation %><br />
+ <%= f.password_field :password_confirmation %></p>
+
+ <p><%= f.submit "Change my password" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,12 @@
+<h2>Forgot your password?</h2>
+
+<%= form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f| %>
+ <%= devise_error_messages! %>
+
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.submit "Send me reset password instructions" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,25 @@
+<h2>Edit <%= resource_name.to_s.humanize %></h2>
+
+<%= form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
+ <%= devise_error_messages! %>
+
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
+ <%= f.password_field :password %></p>
+
+ <p><%= f.label :password_confirmation %><br />
+ <%= f.password_field :password_confirmation %></p>
+
+ <p><%= f.label :current_password %> <i>(we need your current password to confirm your changes)</i><br />
+ <%= f.password_field :current_password %></p>
+
+ <p><%= f.submit "Update" %></p>
+<% end %>
+
+<h3>Cancel my account</h3>
+
+<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :confirm => "Are you sure?", :method => :delete %>.</p>
+
+<%= link_to "Back", :back %>
@@ -0,0 +1,22 @@
+<% @body_id = 'signup' %>
+
+<div id="new-customer">
+ <h2><%= t("new_customer") %></h2>
+
+ <%= form_for(resource, :as => resource_name, :url => registration_path(resource_name)) do |f| %>
+ <%= devise_error_messages! %>
+
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.label :password %><br />
+ <%= f.password_field :password %></p>
+
+ <p><%= f.label :password_confirmation %><br />
+ <%= f.password_field :password_confirmation %></p>
+
+ <p><%= f.submit "Sign up" %></p>
+ <% end %>
+
+ <%= render :partial => "devise/shared/links" %>
+</div>
@@ -0,0 +1,20 @@
+<% @body_id = 'login' %>
+<div id="existing-customer">
+ <h2><%= t("login_as_existing") %></h2>
+
+ <%= form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.label :password %><br />
+ <%= f.password_field :password %></p>
+
+ <% if devise_mapping.rememberable? -%>
+ <p><%= f.check_box :remember_me %> <%= f.label :remember_me %></p>
+ <% end -%>
+
+ <p><%= f.submit "Sign in" %></p>
+ <% end %>
+
+ <%= render :partial => "devise/shared/links" %>
+</div>
@@ -0,0 +1,19 @@
+<%- if controller_name != 'sessions' %>
+ <%= link_to "Sign in", new_session_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
+ <%= link_to "Sign up", new_registration_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.recoverable? && controller_name != 'passwords' %>
+ <%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
+ <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
+<% end -%>
+
+<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
+ <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
+<% end -%>
@@ -0,0 +1,12 @@
+<h2>Resend unlock instructions</h2>
+
+<%= form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f| %>
+ <%= devise_error_messages! %>
+
+ <p><%= f.label :email %><br />
+ <%= f.text_field :email %></p>
+
+ <p><%= f.submit "Resend unlock instructions" %></p>
+<% end %>
+
+<%= render :partial => "devise/shared/links" %>
@@ -0,0 +1,6 @@
+<% if current_user %>
+ <li><%= link_to t('my_account'), edit_user_registration_path(current_user) %></li>
+ <li><%= link_to t('logout'), destroy_user_session_path %></li>
+<% else %>
+ <li><%= link_to t('log_in'), new_user_session_path %></li>
+<% end %>
View
@@ -0,0 +1,3 @@
+Rails.application.routes.draw do
+ devise_for :users
+end
@@ -0,0 +1,31 @@
+class SwitchToDevise < ActiveRecord::Migration
+ def self.up
+ change_table(:users) do |t|
+ t.rename :crypted_password, :encrypted_password
+ t.rename :salt, :password_salt
+ t.rename :remember_token_expires_at, :remember_created_at
+ t.rename :persistence_token, :authentication_token
+ t.rename :single_access_token, :reset_password_token
+ t.remove :perishable_token
+ t.rename :login_count, :sign_in_count
+ t.remove :failed_login_count
+ t.remove :last_request_at
+ t.rename :current_login_at, :current_sign_in_at
+ t.rename :last_login_at, :last_sign_in_at
+ t.rename :current_login_ip, :current_sign_in_ip
+ t.rename :last_login_ip, :last_sign_in_ip
+ t.remove :login
+ t.remove :openid_identifier
+ t.remove :api_key
+ end
+ drop_table :open_id_authentication_associations
+ drop_table :open_id_authentication_nonces
+
+ add_index :devise_users, :email, :unique => true
+ add_index :devise_users, :reset_password_token, :unique => true
+ end
+
+ def self.down
+ drop_table :devise_users
+ end
+end
Oops, something went wrong.

0 comments on commit 3e1b833

Please sign in to comment.