Permalink
Browse files

Released v1.0.0 (see changelog)

  • Loading branch information...
1 parent 791f700 commit 6862f609f3cf6a93bf7e654b0a01d1fadfcac49a @binarylogic binarylogic committed Nov 6, 2008
@@ -0,0 +1,55 @@
+module Authlogic
+ module ControllerAdapters
+ # = Merb Adapter
+ # Adapts authlogic to work with merb. The point is to close the gap between what authlogic expects and what the merb controller object
+ # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
+ class MerbAdapter < AbstractAdapter
+ attr_accessor :controller
+
+ def initialize(controller)
+ self.controller = controller
+ end
+
+ def authenticate_with_http_basic(&block)
+ @auth = Rack::Auth::Basic::Request.new(controller.request.env)
+ if @auth.provided? and @auth.basic?
+ black.call(*@auth.credentials)
+ else
+ false
+ end
+ end
+
+ def cookies
+ controller.cookies
+ end
+
+ def request
+ controller.request
+ end
+
+ def session
+ controller.session
+ end
+
+ # = Merb Implementation
+ # Lets Authlogic know about the controller object, AKA "activates" authlogic.
+ module MerbImplementation
+ def self.included(klass) # :nodoc:
+ klass.before :activate_authlogic
+ end
+
+ private
+ def activate_authlogic
+ Authlogic::Session::Base.controller = MerbAdapter.new(self)
+ end
+ end
+ end
+ end
+end
+
+# make sure we're running inside Merb
+if defined?(Merb::Plugins)
+ Merb::BootLoader.before_app_loads do
+ Merb::Controller.send(:include, Authlogic::ControllerAdapters::MerbAdapter::MerbImplementation)
+ end
+end
@@ -0,0 +1,101 @@
+module Authlogic
+ module Session
+ # = Scopes
+ #
+ # Authentication can be scoped, but scoping authentication can get a little tricky. Checkout the section "Scoping" in the readme for more details.
+ #
+ # What with_scopes focuses on is scoping the query when finding the object and the name of the cookie / session. It works very similar to
+ # ActiveRecord::Base#with_scopes. It accepts a hash with any of the following options:
+ #
+ # * <tt>find_options:</tt> any options you can pass into ActiveRecord::Base.find. This is used when trying to find the record.
+ # * <tt>id:</tt> The id of the session, this gets merged with the real id. For information ids see the id method.
+ #
+ # Here is how you use it:
+ #
+ # UserSession.with_scope(:find_options => {:conditions => "account_id = 2"}, :id => "account_2") do
+ # UserSession.find
+ # end
+ #
+ # Eseentially what the above does is scope the searching of the object with the sql you provided. So instead of:
+ #
+ # User.find(:first, :conditions => "login = 'ben'")
+ #
+ # it would be:
+ #
+ # User.find(:first, :conditions => "login = 'ben' and account_id = 2")
+ #
+ # You will also notice the :id option. This works just like the id method. It scopes your cookies. So the name of your cookie will be:
+ #
+ # account_2_user_credentials
+ #
+ # instead of:
+ #
+ # user_credentials
+ #
+ # What is also nifty about scoping with an :id is that it merges your id's. So if you do:
+ #
+ # UserSession.with_scope(:find_options => {:conditions => "account_id = 2"}, :id => "account_2") do
+ # session = UserSession.new
+ # session.id = :secure
+ # end
+ #
+ # The name of your cookies will be:
+ #
+ # secure_account_2_user_credentials
+ module Scopes # :nodoc:
+ def self.included(klass)
+ klass.extend(ClassMethods)
+ klass.send(:include, InstanceMethods)
+ klass.class_eval do
+ attr_writer :scope
+ alias_method_chain :initialize, :scopes
+ alias_method_chain :search_for_record, :scopes
+ end
+ end
+
+ # = Scopes
+ module ClassMethods
+ # The current scope set, should be used in the block passed to with_scope.
+ def scope
+ scopes[Thread.current]
+ end
+
+ # See the documentation for this class for more information on how to use this method.
+ def with_scope(options = {}, &block)
+ raise ArgumentError.new("You must provide a block") unless block_given?
+ self.scope = options
+ result = yield
+ self.scope = nil
+ result
+ end
+
+ private
+ def scope=(value)
+ scopes[Thread.current] = value
+ end
+
+ def scopes
+ @scopes ||= {}
+ end
+ end
+
+ module InstanceMethods
+ def initialize_with_scopes(*args) # :nodoc:
+ self.scope = self.class.scope
+ initialize_without_scopes(*args)
+ end
+
+ # See the documentation for this class for more information on how to use this method.
+ def scope
+ @scope ||= {}
+ end
+
+ def search_for_record_with_scopes(*args) # :nodoc:
+ klass.send(:with_scope, :find => (scope[:find_options] || {})) do
+ search_for_record_without_scopes(*args)
+ end
+ end
+ end
+ end
+ end
+end
View
@@ -42,9 +42,9 @@ def to_a
[@major, @minor, @tiny]
end
- MAJOR = 0
- MINOR = 10
- TINY = 4
+ MAJOR = 1
+ MINOR = 0
+ TINY = 0
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
@@ -0,0 +1,213 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class ActiveRecordActsAsAuthenticTest < ActiveSupport::TestCase
+ def test_user_validations
+ user = User.new
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "a"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "%ben*"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "bjohnson"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "my login"
+ assert !user.valid?
+ assert !user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.password = "my pass"
+ assert !user.valid?
+ assert !user.errors.on(:password)
+ assert user.errors.on(:confirm_password)
+
+ user.confirm_password = "my pizass"
+ assert !user.valid?
+ assert !user.errors.on(:password)
+ assert user.errors.on(:confirm_password)
+
+ user.confirm_password = "my pass"
+ assert user.valid?
+ end
+
+ def test_employee_validations
+ employee = Employee.new
+ employee.password = "pass"
+ employee.confirm_password = "pass"
+
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "fdsf"
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "fake@email.fake"
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "notfake@email.com"
+ assert employee.valid?
+ end
+
+ def test_named_scopes
+ assert_equal 0, User.logged_in.count
+ assert_equal User.count, User.logged_out.count
+ http_basic_auth_for(users(:ben)) { UserSession.find }
+ assert_equal 1, User.logged_in.count
+ assert_equal User.count - 1, User.logged_out.count
+ end
+
+ def test_unique_token
+ assert_equal 128, User.unique_token.length
+ assert_equal 128, Employee.unique_token.length # make sure encryptions use hashes also
+
+ unique_tokens = []
+ 1000.times { unique_tokens << User.unique_token }
+ unique_tokens.uniq!
+
+ assert_equal 1000, unique_tokens.size
+ end
+
+ def test_crypto_provider
+ assert_equal Authlogic::Sha512CryptoProvider, User.crypto_provider
+ assert_equal AES128CryptoProvider, Employee.crypto_provider
+ end
+
+ def test_forget_all
+ http_basic_auth_for(users(:ben)) { UserSession.find }
+ http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
+ assert UserSession.find
+ assert UserSession.find(:ziggity_zack)
+ User.forget_all!
+ assert !UserSession.find
+ assert !UserSession.find(:ziggity_zack)
+ end
+
+ def test_logged_in
+ ben = users(:ben)
+ assert !ben.logged_in?
+ http_basic_auth_for(ben) { UserSession.find }
+ assert ben.reload.logged_in?
+ end
+
+ def test_password
+ user = User.new
+ user.password = "sillywilly"
+ assert user.crypted_password
+ assert user.password_salt
+ assert user.remember_token
+ assert_equal true, user.tried_to_set_password
+ assert_equal nil, user.password
+
+ employee = Employee.new
+ employee.password = "awesome"
+ assert employee.crypted_password
+ assert employee.remember_token
+ assert_equal true, employee.tried_to_set_password
+ assert_equal nil, employee.password
+ end
+
+ def test_valid_password
+ ben = users(:ben)
+ assert ben.valid_password?("benrocks")
+ assert ben.valid_password?(ben.crypted_password)
+
+ drew = employees(:drew)
+ assert drew.valid_password?("drewrocks")
+ assert drew.valid_password?(drew.crypted_password)
+ end
+
+ def test_forget
+ ben = users(:ben)
+ zack = users(:zack)
+ http_basic_auth_for(ben) { UserSession.find }
+ http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
+
+ assert ben.reload.logged_in?
+ assert zack.reload.logged_in?
+
+ ben.forget!
+
+ assert !UserSession.find
+ assert UserSession.find(:ziggity_zack)
+ end
+
+ def test_reset_password
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_password = ben.crypted_password
+ old_salt = ben.password_salt
+ old_remember_token = ben.remember_token
+ ben.reset_password!
+ ben.reload
+ assert_not_equal old_password, ben.crypted_password
+ assert_not_equal old_salt, ben.password_salt
+ assert_not_equal old_remember_token, ben.remember_token
+ assert !UserSession.find
+ end
+
+ def test_login_after_create
+ assert User.create(:login => "awesome", :password => "saweet", :confirm_password => "saweet")
+ assert UserSession.find
+ end
+
+ def test_update_session_after_password_modify
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ ben.password = "newpass"
+ ben.confirm_password = "newpass"
+ ben.save
+ assert @controller.session["user_credentials"]
+ assert @controller.cookies["user_credentials"]
+ assert_not_equal @controller.session["user_credentials"], old_session_key
+ assert_not_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_no_session_update_after_modify
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ ben.first_name = "Ben"
+ ben.save
+ assert_equal @controller.session["user_credentials"], old_session_key
+ assert_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_updating_other_user
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ zack = users(:zack)
+ zack.password = "newpass"
+ zack.confirm_password = "newpass"
+ zack.save
+ assert_equal @controller.session["user_credentials"], old_session_key
+ assert_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_resetting_password_when_logged_out
+ ben = users(:ben)
+ assert !UserSession.find
+ ben.password = "newpass"
+ ben.confirm_password = "newpass"
+ ben.save
+ assert UserSession.find
+ assert_equal ben, UserSession.find.record
+ end
+end
Oops, something went wrong.

0 comments on commit 6862f60

Please sign in to comment.