Module: Authlogic::Session::Config::ClassMethods
- Defined in:
- lib/authlogic/session/config.rb
Overview
Session Config
This deals with configuration for your session. If you are wanting to configure your model please look at Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Config
Configuration for your session is simple. The configuration options are just class methods. Just put this in your config/initializers directory
UserSession.configure do |config|
config.authenticate_with = User
# ... more configuration
end
or you can set your configuration in the session class directly:
class UserSession < Authlogic::Session::Base
authenticate_with User
# ... more configuration
end
You can also access the values in the same fashion:
UserSession.authenticate_with
See the methods belows for all configuration options.
Instance Method Summary collapse
-
#attr_accessible(*values) ⇒ Object
(also: #attr_accessible=)
This works just like ActiveRecord’s attr_accessible, except by default this ONLY allows the login, password, and remember me option.
-
#authenticate_with(klass) ⇒ Object
(also: #authenticate_with=)
Lets you change which model to use for authentication.
-
#configure {|_self| ... } ⇒ Object
Convenience method that lets you easily set configuration, see examples above.
-
#cookie_key(value = nil) ⇒ Object
(also: #cookie_key=)
The name of the cookie or the key in the cookies hash.
-
#find_by_login_method(value = nil) ⇒ Object
(also: #find_by_login_method=)
Authlogic tries to validate the credentials passed to it.
-
#find_with(*values) ⇒ Object
(also: #find_with=)
Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth.
-
#last_request_at_threshold(value = nil) ⇒ Object
(also: #last_request_at_threshold=)
Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists.
-
#login_blank_message(value = nil) ⇒ Object
(also: #login_blank_message=)
The error message used when the login is left blank.
-
#login_field(value = nil) ⇒ Object
(also: #login_field=)
The name of the method you want Authlogic to create for storing the login / username.
-
#login_not_found_message(value = nil) ⇒ Object
(also: #login_not_found_message=)
The error message used when the login could not be found in the database.
-
#not_active_message(value = nil) ⇒ Object
(also: #not_active_message=)
The error message used when the record returns false to active?.
-
#not_approved_message(value = nil) ⇒ Object
(also: #not_approved_message=)
The error message used when the record returns false to approved?.
-
#not_confirmed_message(value = nil) ⇒ Object
(also: #not_confirmed_message=)
The error message used when the record returns false to confirmed?.
-
#params_key(value = nil) ⇒ Object
(also: #params_key=)
Works exactly like cookie_key, but for params.
-
#password_blank_message(value = nil) ⇒ Object
(also: #password_blank_message=)
The error message used when the password is left blank.
-
#password_field(value = nil) ⇒ Object
(also: #password_field=)
Works exactly like login_field, but for the password instead.
-
#password_invalid_message(value = nil) ⇒ Object
(also: #password_invalid_message=)
The error message used when the password is invalid.
-
#remember_me(value = nil) ⇒ Object
(also: #remember_me=)
If sessions should be remembered by default or not.
-
#remember_me_for(value = :_read) ⇒ Object
(also: #remember_me_for=)
The length of time until the cookie expires.
-
#session_key(value = nil) ⇒ Object
(also: #session_key=)
Works exactly like cookie_key, but for sessions.
-
#single_access_allowed_request_types(*values) ⇒ Object
(also: #single_access_allowed_request_types=)
Authentication is allowed via a single access token, but maybe this is something you don’t want for your application as a whole.
-
#verify_password_method(value = nil) ⇒ Object
(also: #verify_password_method=)
The name of the method in your model used to verify the password.
Instance Method Details
#attr_accessible(*values) ⇒ Object Also known as: attr_accessible=
This works just like ActiveRecord’s attr_accessible, except by default this ONLY allows the login, password, and remember me option.
-
Default:
:login_field, :password_field, :remember_me, set to nil to disable -
Accepts:
String
52 53 54 55 56 57 58 |
# File 'lib/authlogic/session/config.rb', line 52 def attr_accessible(*values) if values.blank? read_inheritable_attribute(:attr_accessible) || attr_accessible(login_field, password_field, :remember_me) else write_inheritable_attribute(:attr_accessible, value) end end |
#authenticate_with(klass) ⇒ Object Also known as: authenticate_with=
Lets you change which model to use for authentication.
-
Default:
inferred from the class name. UserSession would automatically try User -
Accepts:
an ActiveRecord class
37 38 39 40 |
# File 'lib/authlogic/session/config.rb', line 37 def authenticate_with(klass) @klass_name = klass.name @klass = klass end |
#configure {|_self| ... } ⇒ Object
Convenience method that lets you easily set configuration, see examples above
44 45 46 |
# File 'lib/authlogic/session/config.rb', line 44 def configure yield self end |
#cookie_key(value = nil) ⇒ Object Also known as:
The name of the cookie or the key in the cookies hash. Be sure and use a unique name. If you have multiple sessions and they use the same cookie it will cause problems. Also, if a id is set it will be inserted into the beginning of the string. Exmaple:
session = UserSession.new
session. => "user_credentials"
session = UserSession.new(:super_high_secret)
session. => "super_high_secret_user_credentials"
-
Default:
“#Authlogic::Session::Config::ClassMethods.klass_nameklass_name.underscore_credentials” -
Accepts:
String
72 73 74 75 76 77 78 |
# File 'lib/authlogic/session/config.rb', line 72 def (value = nil) if value.nil? read_inheritable_attribute(:cookie_key) || ("#{klass_name.underscore}_credentials") else write_inheritable_attribute(:cookie_key, value) end end |
#find_by_login_method(value = nil) ⇒ Object Also known as: find_by_login_method=
Authlogic tries to validate the credentials passed to it. One part of validation is actually finding the user and making sure it exists. What method it uses the do this is up to you.
Let’s say you have a UserSession that is authenticating a User. By default UserSession will call User.find_by_login(login). You can change what method UserSession calls by specifying it here. Then in your User model you can make that method do anything you want, giving you complete control of how users are found by the UserSession.
Let’s take an example: You want to allow users to login by username or email. Set this to the name of the class method that does this in the User model. Let’s call it “find_by_username_or_email”
class User < ActiveRecord::Base
def self.find_by_username_or_email(login)
find_by_username(login) || find_by_email(login)
end
end
-
Default:
“find_by_##login_field” -
Accepts:
Symbol or String
96 97 98 99 100 101 102 |
# File 'lib/authlogic/session/config.rb', line 96 def find_by_login_method(value = nil) if value.nil? read_inheritable_attribute(:find_by_login_method) || find_by_login_method("find_by_#{login_field}") else write_inheritable_attribute(:find_by_login_method, value) end end |
#find_with(*values) ⇒ Object Also known as: find_with=
Calling UserSession.find tries to find the user session by session, then cookie, then params, and finally by basic http auth. This option allows you to change the order or remove any of these.
-
Default:
[:params, :session, :cookie, :http_auth] -
Accepts:
Array, and can only use any of the 3 options above
110 111 112 113 114 115 116 117 |
# File 'lib/authlogic/session/config.rb', line 110 def find_with(*values) if values.blank? read_inheritable_attribute(:find_with) || find_with(:params, :session, :cookie, :http_auth) else values.flatten! write_inheritable_attribute(:find_with, values) end end |
#last_request_at_threshold(value = nil) ⇒ Object Also known as: last_request_at_threshold=
Every time a session is found the last_request_at field for that record is updatd with the current time, if that field exists. If you want to limit how frequent that field is updated specify the threshold here. For example, if your user is making a request every 5 seconds, and you feel this is too frequent, and feel a minute is a good threashold. Set this to 1.minute. Once a minute has passed in between requests the field will be updated.
-
Default:
0 -
Accepts:
integer representing time in seconds
126 127 128 129 130 131 132 |
# File 'lib/authlogic/session/config.rb', line 126 def last_request_at_threshold(value = nil) if value.nil? read_inheritable_attribute(:last_request_at_threshold) || last_request_at_threshold(0) else write_inheritable_attribute(:last_request_at_threshold, value) end end |
#login_blank_message(value = nil) ⇒ Object Also known as: login_blank_message=
The error message used when the login is left blank.
-
Default:
“can not be blank” -
Accepts:
String
139 140 141 142 143 144 145 |
# File 'lib/authlogic/session/config.rb', line 139 def (value = nil) if value.nil? read_inheritable_attribute(:login_blank_message) || ("can not be blank") else write_inheritable_attribute(:login_blank_message, value) end end |
#login_field(value = nil) ⇒ Object Also known as: login_field=
The name of the method you want Authlogic to create for storing the login / username. Keep in mind this is just for your Authlogic::Session, if you want it can be something completely different than the field in your model. So if you wanted people to login with a field called “login” and then find users by email this is compeltely doable. See the find_by_login_method configuration option for more details.
-
Default:
Uses the configuration option in your model: User.acts_as_authentic_config -
Accepts:
Symbol or String
168 169 170 171 172 173 174 |
# File 'lib/authlogic/session/config.rb', line 168 def login_field(value = nil) if value.nil? read_inheritable_attribute(:login_field) || login_field(klass.acts_as_authentic_config[:login_field]) else write_inheritable_attribute(:login_field, value) end end |
#login_not_found_message(value = nil) ⇒ Object Also known as: login_not_found_message=
The error message used when the login could not be found in the database.
-
Default:
“does not exist” -
Accepts:
String
152 153 154 155 156 157 158 |
# File 'lib/authlogic/session/config.rb', line 152 def (value = nil) if value.nil? read_inheritable_attribute(:login_not_found_message) || ("does not exist") else write_inheritable_attribute(:login_not_found_message, value) end end |
#not_active_message(value = nil) ⇒ Object Also known as: not_active_message=
The error message used when the record returns false to active?
-
Default:
“Your account is not active” -
Accepts:
String
181 182 183 184 185 186 187 |
# File 'lib/authlogic/session/config.rb', line 181 def (value = nil) if value.nil? read_inheritable_attribute(:not_active_message) || ("Your account is not active") else write_inheritable_attribute(:not_active_message, value) end end |
#not_approved_message(value = nil) ⇒ Object Also known as: not_approved_message=
The error message used when the record returns false to approved?
-
Default:
“Your account is not approved” -
Accepts:
String
194 195 196 197 198 199 200 |
# File 'lib/authlogic/session/config.rb', line 194 def (value = nil) if value.nil? read_inheritable_attribute(:not_approved_message) || ("Your account is not approved") else write_inheritable_attribute(:not_approved_message, value) end end |
#not_confirmed_message(value = nil) ⇒ Object Also known as: not_confirmed_message=
The error message used when the record returns false to confirmed?
-
Default:
“Your account is not confirmed” -
Accepts:
String
207 208 209 210 211 212 213 |
# File 'lib/authlogic/session/config.rb', line 207 def (value = nil) if value.nil? read_inheritable_attribute(:not_confirmed_message) || ("Your account is not confirmed") else write_inheritable_attribute(:not_confirmed_message, value) end end |
#params_key(value = nil) ⇒ Object Also known as: params_key=
Works exactly like cookie_key, but for params. So a user can login via params just like a cookie or a session. Your URL would look like:
http://www.domain.com?user_credentials=my_single_access_key
You can change the “user_credentials” key above with this configuration option. Keep in mind, just like cookie_key, if you supply an id the id will be appended to the front. Check out cookie_key for more details. Also checkout the “Single Access / Private Feeds Access” section in the README.
-
Default:
cookie_key -
Accepts:
String
225 226 227 228 229 230 231 |
# File 'lib/authlogic/session/config.rb', line 225 def params_key(value = nil) if value.nil? read_inheritable_attribute(:params_key) || params_key() else write_inheritable_attribute(:params_key, value) end end |
#password_blank_message(value = nil) ⇒ Object Also known as: password_blank_message=
The error message used when the password is left blank.
-
Default:
“can not be blank” -
Accepts:
String
238 239 240 241 242 243 244 |
# File 'lib/authlogic/session/config.rb', line 238 def (value = nil) if value.nil? read_inheritable_attribute(:password_blank_message) || ("can not be blank") else write_inheritable_attribute(:password_blank_message, value) end end |
#password_field(value = nil) ⇒ Object Also known as: password_field=
Works exactly like login_field, but for the password instead.
-
Default:
:password -
Accepts:
Symbol or String
251 252 253 254 255 256 257 |
# File 'lib/authlogic/session/config.rb', line 251 def password_field(value = nil) if value.nil? read_inheritable_attribute(:password_field) || password_field(:password) else write_inheritable_attribute(:password_field, value) end end |
#password_invalid_message(value = nil) ⇒ Object Also known as: password_invalid_message=
The error message used when the password is invalid.
-
Default:
“is invalid” -
Accepts:
String
264 265 266 267 268 269 270 |
# File 'lib/authlogic/session/config.rb', line 264 def (value = nil) if value.nil? read_inheritable_attribute(:password_invalid_message) || ("is invalid") else write_inheritable_attribute(:password_invalid_message, value) end end |
#remember_me(value = nil) ⇒ Object Also known as: remember_me=
If sessions should be remembered by default or not.
-
Default:
false -
Accepts:
Boolean
277 278 279 280 281 282 283 |
# File 'lib/authlogic/session/config.rb', line 277 def remember_me(value = nil) if value.nil? read_inheritable_attribute(:remember_me) else write_inheritable_attribute(:remember_me, value) end end |
#remember_me_for(value = :_read) ⇒ Object Also known as: remember_me_for=
The length of time until the cookie expires.
-
Default:
3.months -
Accepts:
Integer, length of time in seconds, such as 60 or 3.months
290 291 292 293 294 295 296 |
# File 'lib/authlogic/session/config.rb', line 290 def remember_me_for(value = :_read) if value == :_read read_inheritable_attribute(:remember_me_for) || remember_me_for(3.months) else write_inheritable_attribute(:remember_me_for, value) end end |
#session_key(value = nil) ⇒ Object Also known as: session_key=
Works exactly like cookie_key, but for sessions. See cookie_key for more info.
-
Default:
cookie_key -
Accepts:
Symbol or String
303 304 305 306 307 308 309 |
# File 'lib/authlogic/session/config.rb', line 303 def session_key(value = nil) if value.nil? read_inheritable_attribute(:session_key) || session_key() else write_inheritable_attribute(:session_key, value) end end |
#single_access_allowed_request_types(*values) ⇒ Object Also known as: single_access_allowed_request_types=
Authentication is allowed via a single access token, but maybe this is something you don’t want for your application as a whole. Maybe this is something you only want for specific request types. Specify a list of allowed request types and single access authentication will only be allowed for the ones you specify. Checkout the “Single Access / Private Feeds Access” section in the README.
-
Default:
“application/rss+xml”, “application/atom+xml” -
Accepts:
String, or :all to allow single access authentication for any and all request types
317 318 319 320 321 322 323 |
# File 'lib/authlogic/session/config.rb', line 317 def single_access_allowed_request_types(*values) if values.blank? read_inheritable_attribute(:single_access_allowed_request_types) || single_access_allowed_request_types("application/rss+xml", "application/atom+xml") else write_inheritable_attribute(:single_access_allowed_request_types, values) end end |
#verify_password_method(value = nil) ⇒ Object Also known as: verify_password_method=
The name of the method in your model used to verify the password. This should be an instance method. It should also be prepared to accept a raw password and a crytped password.
-
Default:
“valid_##password_field?” -
Accepts:
Symbol or String
330 331 332 333 334 335 336 |
# File 'lib/authlogic/session/config.rb', line 330 def verify_password_method(value = nil) if value.nil? read_inheritable_attribute(:verify_password_method) || verify_password_method("valid_#{password_field}?") else write_inheritable_attribute(:verify_password_method, value) end end |