Module: Authlogic::ORMAdapters::ActiveRecordAdapter::ActsAsAuthentic::Credentials
- Defined in:
- lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb
Overview
Credentials
Handles any credential specific code, such as validating the login, encrpyting the password, etc.
Class Methods
-
friendly_unique_token
- returns a random string of 20 alphanumeric characters. Used when resetting the password. This is a more user friendly token then a long Sha512 hash.
Instance Methods
-
{options[:password_field]}=(value)
- encrypts a raw password and sets it to your crypted_password_field. Also sets the password_salt to a random token. -
valid_{options[:password_field]}?(password_to_check)
- checks is the password is valid. The password passed must be the raw password, not encrypted. -
reset_{options[:password_field]}
- resets the password using the friendly_unique_token class method -
reset_{options[:password_field]}!
- calls reset_password and then saves the record
Instance Method Summary collapse
Instance Method Details
#acts_as_authentic_with_credentials(options = {}) ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 |
# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb', line 20 def acts_as_authentic_with_credentials( = {}) acts_as_authentic_without_credentials() if [:validate_fields] email_name_regex = '[\w\.%\+\-]+' domain_head_regex = '(?:[A-Z0-9\-]+\.)+' domain_tld_regex = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)' email_field_regex ||= /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i if [:validate_login_field] case [:login_field_type] when :email validates_length_of [:login_field], {:within => 6..100}.merge([:login_field_validates_length_of_options]) validates_format_of [:login_field], {:with => email_field_regex, :message => "should look like an email address."}.merge([:login_field_validates_format_of_options]) else validates_length_of [:login_field], {:within => 2..100}.merge([:login_field_validates_length_of_options]) validates_format_of [:login_field], {:with => /\A\w[\w\.\-_@ ]+\z/, :message => "should use only letters, numbers, spaces, and .-_@ please."}.merge([:login_field_validates_format_of_options]) end validates_uniqueness_of [:login_field], {:allow_blank => true}.merge([:login_field_validates_uniqueness_of_options].merge(:if => "#{[:login_field]}_changed?".to_sym)) end if [:validate_password_field] validates_length_of [:password_field], {:minimum => 4}.merge([:password_field_validates_length_of_options].merge(:if => "validate_#{[:password_field]}?".to_sym)) validates_confirmation_of [:password_field], [:password_field_validates_confirmation_of_options].merge(:if => "#{[:password_salt_field]}_changed?".to_sym) validates_presence_of "#{[:password_field]}_confirmation", [:password_confirmation_field_validates_presence_of_options].merge(:if => "#{[:password_salt_field]}_changed?".to_sym) end if [:validate_email_field] && [:email_field] validates_length_of [:email_field], {:within => 6..100}.merge([:email_field_validates_length_of_options]) validates_format_of [:email_field], {:with => email_field_regex, :message => "should look like an email address."}.merge([:email_field_validates_format_of_options]) validates_uniqueness_of [:email_field], [:email_field_validates_uniqueness_of_options].merge(:if => "#{[:email_field]}_changed?".to_sym) end end attr_reader [:password_field] class_eval <<-"end_eval", __FILE__, __LINE__ def self.friendly_unique_token chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a newpass = "" 1.upto(20) { |i| newpass << chars[rand(chars.size-1)] } newpass end def #{[:password_field]}=(pass) return if pass.blank? @#{[:password_field]} = pass self.#{[:password_salt_field]} = self.class.unique_token self.#{[:crypted_password_field]} = #{[:crypto_provider]}.encrypt(*encrypt_arguments(@#{[:password_field]}, #{[:act_like_restful_authentication].inspect} ? :restful_authentication : nil)) end alias_method :update_#{[:password_field]}, :#{[:password_field]}= # this is to avoids the method chain, so we are ONLY changing the password def valid_#{[:password_field]}?(attempted_password) return false if attempted_password.blank? || #{[:crypted_password_field]}.blank? || #{[:password_salt_field]}.blank? ([#{[:crypto_provider]}] + #{[:transition_from_crypto_provider].inspect}).each_with_index do |encryptor, index| # The arguments_type of for the transitioning from restful_authentication arguments_type = (#{[:act_like_restful_authentication].inspect} && index == 0) || (#{[:transition_from_restful_authentication].inspect} && index > 0 && encryptor == Authlogic::CryptoProviders::Sha1) ? :restful_authentication : nil if encryptor.matches?(#{[:crypted_password_field]}, *encrypt_arguments(attempted_password, arguments_type)) # If we are transitioning from an older encryption algorithm and the password is still using the old algorithm # then let's reset the password using the new algorithm. If the algorithm has a cost (BCrypt) and the cost has changed, update the password with # the new cost. if index > 0 || (encryptor.respond_to?(:cost_matches?) && !encryptor.cost_matches?(#{[:crypted_password_field]})) update_#{[:password_field]}(attempted_password) save(false) end return true end end false end def reset_#{[:password_field]} friendly_token = self.class.friendly_unique_token self.#{[:password_field]} = friendly_token self.#{[:password_field]}_confirmation = friendly_token end alias_method :randomize_password, :reset_password def confirm_#{[:password_field]} raise "confirm_#{[:password_field]} has been removed, please use #{[:password_field]}_confirmation. " + "As this is the field that ActiveRecord automatically creates with validates_confirmation_of." end def reset_#{[:password_field]}! reset_#{[:password_field]} save_without_session_maintenance(false) end alias_method :randomize_password!, :reset_password! def validate_#{[:password_field]}? case #{[:][:if].inspect} when String return false if !eval('#{[:][:if]}') when Symbol return false if !send(#{[:][:if].inspect}) end new_record? || #{[:password_salt_field]}_changed? || #{[:crypted_password_field]}.blank? end private def encrypt_arguments(raw_password, arguments_type = nil) case arguments_type when :restful_authentication [REST_AUTH_SITE_KEY, #{[:password_salt_field]}, raw_password, REST_AUTH_SITE_KEY] else [raw_password, #{[:password_salt_field]}] end end end_eval end |