Changeset 446
- Timestamp:
- 08/24/06 02:43:25 (2 years ago)
- Files:
-
- login_engine/trunk/CHANGELOG (modified) (1 diff)
- login_engine/trunk/README (modified) (4 diffs)
- login_engine/trunk/app/controllers/user_controller.rb (modified) (3 diffs)
- login_engine/trunk/app/views/user/_edit.rhtml (modified) (1 diff)
- login_engine/trunk/app/views/user/edit.rhtml (modified) (1 diff)
- login_engine/trunk/app/views/user/forgot_password.rhtml (modified) (1 diff)
- login_engine/trunk/app/views/user/login.rhtml (modified) (2 diffs)
- login_engine/trunk/init_engine.rb (modified) (1 diff)
- login_engine/trunk/lib/login_engine.rb (modified) (1 diff)
- login_engine/trunk/lib/login_engine/authenticated_system.rb (modified) (1 diff)
- login_engine/trunk/lib/login_engine/authenticated_user.rb (modified) (3 diffs)
- login_engine/trunk/tasks (deleted)
- login_engine/trunk/test/fixtures/users.yml (modified) (1 diff)
- login_engine/trunk/test/functional/user_controller_test.rb (modified) (1 diff)
- login_engine/trunk/test/unit/user_test.rb (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
login_engine/trunk/CHANGELOG
r362 r446 1 = v1. 1.02 * Added 'full_name' method to user object 3 * Added 'for' attributes to form_helper labels (Ticket #82) 4 * Default table names now respect any set prefix/suffix from ActiveRecord (Ticket #67) 5 * Removed errant closing DIV tag in views/user/edit.rhtml (Ticket #68) 6 * do_delete_user() should delete the user given as a parameter, not @user (Ticket #65) 1 = v1.0.3 (2006-08-22) 2 * Ticket #173 (kevin.olbrich@gmail.com) The login_required method now returns false if the user cannot be authenticated 3 * Ticket #192 (Carl Johnson) Added a 'full_name' method to the User object, and updated README to reflect this 4 * Ticket #200 (segabor@gmail.com) Session is reset after logout 5 * Ticket #201 (snowblink@gmail.com) Tidied up views to generate valid HTML 4.0.1 Transitional 6 * Ticket #207 (snowblink@gmail.com) LoginEngine.config(:password_minimum) can be set and used as other config options. See README 7 7 8 = v1.0.1 9 * Added CHANGELOG 10 * Changed wording for when password forgotten to 'reset', rather than 'retrieve'. (snowblink@gmail.com) 11 * Fixed new location of engines testing extensions. (lazyatom@gmail.com) 12 * Removed schema.db from Login Engine; migrations should be used instead. (snowblink@gmail.com) 13 * Updated User Controller tests to parse the user_id and email out of the URL in the email body. (snowblink@gmail.com) 14 * Ticket #89 (lazyatom@gmail.com) User creation halts the after_save callback chain. 15 * Ticket #97 (dcorbin@machturtle.com) The forgotten_password view generates invalid HTML 16 * Ticket #112 (segabor@gmail.com) Authentication system will break even on successful login 17 * Added simple email validation to the User model. (snowblink@gmail.com) 18 This should also take care of the unit test failures detailed in Ticket #114 (morris@wolfman.com) 19 * Ticket #118 (augustz@augustz.com) SVN source for login_engine not found 20 * Ticket #119 (Goynang) Unit tests for engines fail after default install 21 * Ticket #126 (lazyatom@gmail.com) Add install.rb to login engine 8 = v1.0.2 (2006-06-03) 9 * Added version 10 * Removed errant requires no longer needed (murray.steele@gmail.com, Ticket #156, Ticket #157, Ticket #158) 11 * Removed documentation/rake tasks that refer the schema.rb (Ticket #155) 12 * Verified cannot be assigned via URL parameters. If more security is required, users should override the signup action itself (Ticket #169) 13 * Minor view/flash message cleanup 14 * Authentication by token now respects primary key prefixes (Ticket #140) 15 16 = v1.0.1 (2006-04-10) 17 * Added CHANGELOG 18 * Changed wording for when password forgotten to 'reset', rather than 'retrieve'. (snowblink@gmail.com) 19 * Fixed new location of engines testing extensions. (lazyatom@gmail.com) 20 * Removed schema.db from Login Engine; migrations should be used instead. (snowblink@gmail.com) 21 * Updated User Controller tests to parse the user_id and email out of the URL in the email body. (snowblink@gmail.com) 22 * Ticket #89 (lazyatom@gmail.com) User creation halts the after_save callback chain. 23 * Ticket #97 (dcorbin@machturtle.com) The forgotten_password view generates invalid HTML 24 * Ticket #112 (segabor@gmail.com) Authentication system will break even on successful login 25 * Added simple email validation to the User model. (snowblink@gmail.com) 26 This should also take care of the unit test failures detailed in Ticket #114 (morris@wolfman.com) 27 * Ticket #118 (augustz@augustz.com) SVN source for login_engine not found 28 * Ticket #119 (Goynang) Unit tests for engines fail after default install 29 * Ticket #126 (lazyatom@gmail.com) Add install.rb to login engine login_engine/trunk/README
r362 r446 102 102 === Create the DB schema 103 103 104 After you have done the modifications the the ApplicationController and its helper, you can import the user model into the database. An ActiveRecord schema.rb file is provided in login_engine/db/schema.rb, along with migration information in login_engine/db/migrate/.104 After you have done the modifications the the ApplicationController and its helper, you can import the user model into the database. Migration information in login_engine/db/migrate/. 105 105 106 106 You *MUST* check that these files aren't going to interfere with anything in your application. … … 117 117 ...to the LoginEngine configuration in <tt>environment.rb</tt>. Then run from the root of your project: 118 118 119 rake engine_migrateENGINE=login119 rake db:migrate:engines ENGINE=login 120 120 121 121 to import the schema into your database. … … 238 238 +default_home+:: Determines the target of the login redirection when back is not possible, or there are no 239 239 stored values. This must be a Hash of options or String, as used in +url_for+. 240 +password_minimum+:: Set your minimum password length. 241 Defaults to 5. 242 240 243 == Overriding controllers and views 241 244 … … 251 254 A: You can get the user object from the session using session[:user] 252 255 Example: 253 Welcome <%= session[:user]. name %>256 Welcome <%= session[:user].full_name %> 254 257 255 258 You can also use the 'current_user' method provided by UserHelper: 256 259 Example: 257 Welcome <%= current_user. name %>260 Welcome <%= current_user.full_name %> 258 261 259 262 login_engine/trunk/app/controllers/user_controller.rb
r298 r446 57 57 return if generate_blank 58 58 params[:user].delete('form') 59 params[:user].delete('verified') # you CANNOT pass this as part of the request 59 60 @user = User.new(params[:user]) 60 61 begin … … 67 68 key = @user.generate_security_token 68 69 url = url_for(:action => 'home', :user_id => @user.id, :key => key) 69 flash[:notice] = 'Signup successful! Please log in.'70 flash[:notice] = 'Signup successful!' 70 71 if LoginEngine.config(:use_email_notification) and LoginEngine.config(:confirm_account) 71 72 UserNotify.deliver_signup(@user, params[:user][:password], url) 72 73 flash[:notice] << ' Please check your registered email account to verify your account registration and continue with the login.' 74 else 75 flash[:notice] << ' Please log in.' 73 76 end 74 77 redirect_to :action => 'login' … … 85 88 def logout 86 89 session[:user] = nil 90 reset_session 87 91 redirect_to :action => 'login' 88 92 end login_engine/trunk/app/views/user/_edit.rhtml
r50 r446 3 3 <%= form_input changeable(user, "firstname"), "First Name", "firstname" %> 4 4 <%= form_input changeable(user, "lastname"), "Last Name","lastname" %> 5 <%= form_input changeable(user, "login"), "Login ID", "login" , :size => 30 %><br/>5 <%= form_input changeable(user, "login"), "Login ID", "login" %> 6 6 <%= form_input changeable(user, "email"), "Email", "email" %> 7 7 <% if submit %> login_engine/trunk/app/views/user/edit.rhtml
r281 r446 16 16 <div class="user_delete"> 17 17 <%= hidden_field 'user', 'form', :value => 'delete' %> 18 19 <%= form_input :submit_button, 'Delete Account' %> 18 <%= submit_tag "Delete Account", :name => 'submit' %> 20 19 </div> 21 20 <%= end_form_tag %> login_engine/trunk/app/views/user/forgot_password.rhtml
r362 r446 11 11 12 12 <div class="button-bar"> 13 <%= submit_tag ' Submit request' %>13 <%= submit_tag 'Reset Password' %> 14 14 <%= link_to 'Cancel', :action => 'login' %> 15 15 </div> login_engine/trunk/app/views/user/login.rhtml
r50 r446 5 5 <%= start_form_tag :action => 'login' %> 6 6 <table> 7 <%= form_input :text_field, "Login ID", "login", :size => 30 %> <br/>8 <%= form_input :password_field, "Password", "password", :size => 30 %> <br/>7 <%= form_input :text_field, "Login ID", "login", :size => 30 %> 8 <%= form_input :password_field, "Password", "password", :size => 30 %> 9 9 </table> 10 10 … … 12 12 <%= submit_tag 'Login' %> 13 13 <%= link_to 'Register for an account', :action => 'signup' %> | 14 <%= link_to 'Forgot my password', :action => 'forgot_password' %> </div> 14 <%= link_to 'Forgot my password', :action => 'forgot_password' %> 15 </div> 15 16 <%= end_form_tag %> 16 17 </div> login_engine/trunk/init_engine.rb
r281 r446 6 6 Major = 1 # change implies compatibility breaking with previous versions 7 7 Minor = 0 # change implies backwards-compatible change to API 8 Release = 1# incremented with bug-fixes, updates, etc.8 Release = 3 # incremented with bug-fixes, updates, etc. 9 9 end 10 10 11 11 Engines.current.version = LoginEngine::Version 12 13 # send the helpers and modules automatically....?14 #ApplicationController.send(:include, LoginEngine)15 #ApplicationHelper.send(:include, LoginEngine)login_engine/trunk/lib/login_engine.rb
r281 r446 45 45 # Default is one week 46 46 config :delayed_delete_days, 7 47 48 # Default minimum password length 49 config :password_minimum, 5 47 50 48 51 # the table to store user information in login_engine/trunk/lib/login_engine/authenticated_system.rb
r362 r446 55 55 # call overwriteable reaction to unauthorized access 56 56 access_denied 57 58 # Return false to halt the filter chain 59 return false 57 60 end 58 61 login_engine/trunk/lib/login_engine/authenticated_user.rb
r362 r446 24 24 25 25 validates_confirmation_of :password, :if => :validate_password? 26 validates_length_of :password, { :minimum => 5, :if => :validate_password? }26 validates_length_of :password, { :minimum => LoginEngine.config(:password_minimum), :if => :validate_password? } 27 27 validates_length_of :password, { :maximum => 40, :if => :validate_password? } 28 28 … … 49 49 # Allow logins for deleted accounts, but only via this method (and 50 50 # not the regular authenticate call) 51 u = find(:first, :conditions => [" id= ? AND security_token = ?", id, token])51 u = find(:first, :conditions => ["#{User.primary_key} = ? AND security_token = ?", id, token]) 52 52 return nil if u.nil? or u.token_expired? 53 53 return nil if false == u.update_expiry … … 123 123 end 124 124 125 def full_name 126 "#{self.firstname} #{self.lastname}" 127 end 128 125 129 protected 126 130 login_engine/trunk/test/fixtures/users.yml
r108 r446 4 4 id: 1000001 5 5 login: bob 6 firstname: bob 7 lastname: roberts 6 8 salted_password: b1de1d1d2aec05df2be6f02995537c1783f08490 # atest 7 9 salt: bf3c47e71c0bfeb6288c9b6b5e24e15256a0e407 login_engine/trunk/test/functional/user_controller_test.rb
r362 r446 62 62 get :logout 63 63 assert_session_has_no :user 64 assert_equal Hash.new, session 64 65 65 66 end login_engine/trunk/test/unit/user_test.rb
r362 r446 113 113 assert u.save 114 114 end 115 116 def test_should_respond_to_full_name 117 assert_equal 'bob roberts', users(:bob).full_name 118 end 119 120 def test_password_too_short 121 assert LoginEngine::config(:password_minimum), "Password minimum not defined" 122 u = User.new 123 u.login = 'password_test' 124 u.email = 'bobs@email.com' 125 u.change_password('a'*(LoginEngine::config(:password_minimum)-1)) 126 assert !u.save 127 end 128 129 def test_password_minimum_length 130 u = User.new 131 u.login = 'password_test' 132 u.email = 'bobs@email.com' 133 u.change_password('a'*(LoginEngine::config(:password_minimum))) 134 assert u.save 135 end 115 136 116 137 end
