Class: Auth::Behavior::Core
Overview
Adds the most basic authentication behavior to registered models. Passwords have the following validations added:
- uniqueness of :secret, :scope => [ :authenticatable_type, :authenticatable_id ]
- presence of :secret
- format of :secret ("must be at least 7 characters with at least 1 uppercase, 1 lowercase and 1 number")
- confirmation of :secret, if secret has changed
- presence of :secret_confirmation, if secret has changed
Additionally, the following methods are added:
#expired?
The authenticated model(s) will have the following methods added to them:
#password_expired?
Defined Under Namespace
Modules: AuthenticatedModelMethods, ControllerExtensions, PasswordMethods
Instance Attribute Summary
Attributes inherited from Base
Instance Method Summary collapse
- #apply_to_controller(base_controller, user_model) ⇒ Object
- #apply_to_password(password_model, user_model) ⇒ Object
- #apply_to_user(model) ⇒ Object
Methods inherited from Base
Instance Method Details
#apply_to_controller(base_controller, user_model) ⇒ Object
20 21 22 |
# File 'lib/auth/behavior/core.rb', line 20 def apply_to_controller(base_controller, user_model) base_controller.send(:include, Auth::Behavior::Core::ControllerExtensions) end |
#apply_to_password(password_model, user_model) ⇒ Object
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/auth/behavior/core.rb', line 24 def apply_to_password(password_model, user_model) config = user_model.sparkly_config password_model.instance_eval do belongs_to :authenticatable, :polymorphic => true validates_length_of :unencrypted_secret, :minimum => config.minimum_password_length, :message => "must be at least #{config.minimum_password_length} characters", :if => :secret_changed? validates_format_of :unencrypted_secret, :with => config.password_format, :allow_blank => true, :message => config., :if => :secret_changed? validates_presence_of :secret validates_confirmation_of :secret, :if => :secret_changed? validates_presence_of :secret_confirmation, :if => :secret_changed? validates_presence_of :persistence_token validates_uniqueness_of :persistence_token, :if => :persistence_token_changed? attr_protected :secret, :secret_confirmation include Auth::Behavior::Core::PasswordMethods validate do |password| password.errors.rename_attribute("unencrypted_secret", "secret") end if Rails::VERSION::MAJOR == 3 # The hooks have changed. after_initialize :after_initialize end end end |
#apply_to_user(model) ⇒ Object
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# File 'lib/auth/behavior/core.rb', line 55 def apply_to_user(model) model_config = model.sparkly_config model_config.target.instance_eval do has_many :passwords, :dependent => :destroy, :as => :authenticatable, :autosave => true attr_protected :password, :password_confirmation validates_presence_of sparkly_config.key validates_uniqueness_of sparkly_config.key validates_presence_of :password include Auth::Behavior::Core::AuthenticatedModelMethods if Rails::VERSION::MAJOR == 3 # The hooks have changed. after_save :after_save end validate do |account| account.errors.rename_attribute("passwords.secret", "password") account.errors.rename_attribute("passwords.secret_confirmation", "password_confirmation") # the various salts make it impossible to do this: # validates_uniqueness_of :secret, :scope => [ :authenticatable_type, :authenticatable_id ], # :message => config.password_uniqueness_message # so we have to do it programmatically. if account.password_changed? secret = account.password_model.unencrypted_secret account.passwords.each do |password| unless password.new_record? # unless it's the one we're creating if password.matches?(secret) account.errors.add(:password, sparkly_config.) end end end end end end end |