Thanks, @gylaz. Applied your feedback in 9b1cba9.

I like the information the old names provided. I think the main issue was that Clearance::Authentication maybe misrepresented what it provided to controllers, but I think the new names go too far in the other direction.

Clearance itself has multiple controllers, and they don't descend from Clearance::Controller, which I find a little suprising. The Controller name tells you what it's meant to be mixed into, but not what it provides. Maybe AuthenticatedController or something like that? The module provides helpers related to authentication (with just a sprinkle of authorization) and is meant to be mixed into ApplicationController.

I think Clearance::User was fine as a name. Was there a specific issue that renaming was designed to fix? The new name doesn't tell you what kind of role the model plays. "Model" basically means "Thing" and has some vague connotations when it's in a Rails application, whereas "User" means something pretty specific in a Rails application.

If we do rename classes from the public API, do we want to include deprecated fallbacks under the old names? I know clearance is technically not 1.0 yet, but there are a lot of applications out there that will break if we rename these.

I think the main issue was that Clearance::Authentication maybe misrepresented what it provided to controllers, but I think the new names go too far in the other direction.

Right, this was the issue I was trying to address. Also, it's not the entire contents of the Clearance::Authentication that are potentially misrepresented, just authorize in the public API (the private API of store_location, return_to, and clear_return_to might be a worthwhile different conversation).

I don't feel strongly about this change. I wanted to make the change to see what it looked and felt like and am seeking feedback like yours about whether this causes more trouble than it's worth. I also wanted to do it pre-1.0, which we're only one issue or two away from reaching: #243

My general feelings about the authorize vs authenticate debate:

• The authorize method performs authorization - it denies access to unauthenticated users. The sessions controller performs authentication, as does Clearance::Session.
• I've generally assumed that controllers would override authorize for controllers that require specific authentication.
• It's sort of strange that Clearance::Authentication contains a bunch of authorization logic.

How about this?

• Revert Clearance::Model back to Clearance::User.
• Split Clearance::Controller into Clearance::Authentication and Clearance::Authorization, both of which get mixed into Clearance::Controller.
• Mix Clearance::Controller into ApplicationController in the install generator.

In order to clarify the authorize vs authenticate debate, we can define the method as authorize_authenticated_users and then just call that from authorize. Not sure if that actually helps, though.

@jferris Done. Ready for re-review.

To add a use case to the authorize vs authenticate method debate:

rescue_from CanCan::AccessDenied do |exception|
  if signed_in?
    raise
  else
    # get the user to sign in, since they haven't already done so
    authorize
  end
end

To me, the call to authorize makes a lot more sense as authenticate because all you're asking the user to do is verify they are who they say they are by providing an email/password. It isn't authorizing them for anything--even if they complete the authorize successfully (i.e. successfully log in), they can still be denied access.

But in the end, it's just one line of code in one base controller, and a comment right next to it suffices to resolve any confusion down the road.

@jonathanhefner In that use case, would redirect_to sign_in work better in your else branch?

authorize calls unless signed_in?, which you already cover. It then calls deny_access, which stores the current location then calls redirect_to url_after_denied_access_when_signed_out.

Alternatively, could you use deny_access or redirect_to url_after_denied_access_when_signed_out in the constraint?

@croaky Looking at the implementation of authorize and deny_access, I could simply call deny_access directly (because I don't need the extra signed_in? check, as you pointed out). The effect would be the same though: I'd still add a comment to that method call to note that I'm only getting to the user to sign in, not denying (or authorizing) them for access. (Semantics, I know. :)

@jferris Could I get you to re-review this one when you have a moment?

This looks good to me.

Thanks, @jferris. Merged as 91a984c.