Class: Auth::Configuration
- Inherits:
-
Object
- Object
- Auth::Configuration
- Extended by:
- BehaviorLookup
- Includes:
- BehaviorLookup
- Defined in:
- lib/auth/configuration.rb
Instance Attribute Summary collapse
-
#account_created_message ⇒ Object
The message to display when the user creates an account.
-
#account_deleted_message ⇒ Object
The message to display when the user deletes his or her account.
-
#account_lock_duration ⇒ Object
The length of time an account is locked for, if it is locked.
-
#account_locked_message ⇒ Object
The message to display if an account has been locked.
-
#account_updated_message ⇒ Object
The message to display when user profile has been updated or the password has been changed.
-
#authenticated_models ⇒ Object
The array of Auth::Model instances which represent the models which will be authenticated.
-
#base_controller_name ⇒ Object
The NAME of the controller to use as a base controller.
-
#behaviors ⇒ Object
The array of behaviors which will be applied by default to every authenticated model.
-
#default_accounts_controller_name ⇒ Object
The name of the controller to route to for creating users, editing them, etc.
-
#default_destination ⇒ Object
If an issue would prevent the user from viewing the current page, Auth will redirect the user to the value stored in session.
-
#default_login_path ⇒ Object
The method to call in order to determine which resource to use when implicitly logging in.
-
#default_sessions_controller_name ⇒ Object
The name of the controller to route to for logging in, logging out, etc.
-
#encryptor ⇒ Object
The class to use for encryption of passwords.
-
#invalid_credentials_message ⇒ Object
Message to display if username and/or password were incorrect.
-
#login_after_signup ⇒ Object
If true, the user will be automatically logged in after registering a new account.
-
#login_required_message ⇒ Object
The message to display when the user is not allowed to view a page because s/he must log in.
-
#login_successful_message ⇒ Object
Message to display if login was successful.
-
#logout_message ⇒ Object
Message to display when user logs out.
-
#logout_required_message ⇒ Object
The message to display when the user is not allowed to view a page because s/he must log out.
-
#max_login_failures ⇒ Object
The maximum login attempts permitted before an account is locked.
-
#minimum_password_length ⇒ Object
Minimum length for passwords.
-
#password_format ⇒ Object
Regular expression which passwords must match.
-
#password_format_message ⇒ Object
When the password to be created does not conform to the above format, this error message will be shown.
-
#password_history_length ⇒ Object
The number of passwords to keep in the password change history for each user.
-
#password_uniqueness_message ⇒ Object
The message to display when password change matches one of the previous passwords.
-
#password_update_frequency ⇒ Object
How frequently should passwords be forced to change? Nil for never.
-
#path ⇒ Object
readonly
The path to the Sparkly Auth libraries.
-
#session_duration ⇒ Object
The maximum session duration.
-
#session_timeout_message ⇒ Object
Message to display when the user’s session times out due to inactivity.
Class Method Summary collapse
Instance Method Summary collapse
- #apply! ⇒ Object
-
#authenticate(*model_names) ⇒ Object
Accepts a list of model names (or the models themselves) and an optional set of options which govern how the models will be authenticated.
-
#base_controller ⇒ Object
Finds the controller with the same name as #base_controller_name and returns it.
-
#behavior_classes ⇒ Object
Returns the classes which represent each behavior listed in #behaviors.
-
#disable_route_generation! ⇒ Object
Causes Sparkly Auth to not generate routes by default.
-
#for_model(name_or_class_or_instance) ⇒ Object
Returns the configuration for the given authenticated model.
-
#generate_routes? ⇒ Boolean
Returns true if Sparkly Auth is expected to generate routes for this application.
-
#initialize ⇒ Configuration
constructor
A new instance of Configuration.
Methods included from BehaviorLookup
Constructor Details
#initialize ⇒ Configuration
Returns a new instance of Configuration.
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 |
# File 'lib/auth/configuration.rb', line 242 def initialize @password_format = /(^(?=.*\d)(?=.*[a-zA-Z]).{7,}$)/ @password_format_message = "must contain at least 1 uppercase, 1 lowercase and 1 number" @minimum_password_length = 7 @path = File.(File.join(File.dirname(__FILE__), '..')) @authenticated_models = Auth::TargetList.new @behaviors = [ :core ] @password_update_frequency = 30.days @encryptor = Auth::Encryptors::Sha512 @password_uniqueness_message = "must not be the same as any of your recent passwords" @password_history_length = 4 @default_accounts_controller_name = "sparkly_accounts" @default_sessions_controller_name = "sparkly_sessions" @login_required_message = "You must be signed in to view this page." @logout_required_message = "You must be signed out to view this page." @invalid_credentials_message = "Credentials were not valid." @login_successful_message = "Signed in successfully." @default_destination = "/" @base_controller_name = 'application' @session_duration = 30.minutes @logout_message = "You have been signed out." @session_timeout_message = "You have been signed out due to inactivity. Please sign in again." @default_login_path = :new_user_session_path @account_deleted_message = "Your account has been deleted." @account_created_message = "Your account has been created." @account_updated_message = "Your changes have been saved." @account_locked_message = "Account is locked due to too many invalid attempts." @account_lock_duration = 30.minutes @max_login_failures = 5 @generate_routes = true @login_after_signup = false self.class.behavior_configs.each do |accessor_name, config_klass| instance_variable_set("@#{accessor_name}", config_klass.new(self)) singleton = (class << self; self; end) singleton.send(:define_method, accessor_name) { instance_variable_get("@#{accessor_name}") } end end |
Instance Attribute Details
#account_created_message ⇒ Object
The message to display when the user creates an account.
Default:
"Your account has been created."
37 38 39 |
# File 'lib/auth/configuration.rb', line 37 def @account_created_message end |
#account_deleted_message ⇒ Object
The message to display when the user deletes his or her account.
Default:
"Your account has been deleted."
43 44 45 |
# File 'lib/auth/configuration.rb', line 43 def @account_deleted_message end |
#account_lock_duration ⇒ Object
The length of time an account is locked for, if it is locked.
Default:
30.minutes
55 56 57 |
# File 'lib/auth/configuration.rb', line 55 def account_lock_duration @account_lock_duration end |
#account_locked_message ⇒ Object
The message to display if an account has been locked.
Default:
"Account is locked due to too many invalid attempts."
61 62 63 |
# File 'lib/auth/configuration.rb', line 61 def @account_locked_message end |
#account_updated_message ⇒ Object
The message to display when user profile has been updated or the password has been changed.
Default:
"Your changes have been saved."
49 50 51 |
# File 'lib/auth/configuration.rb', line 49 def @account_updated_message end |
#authenticated_models ⇒ Object
The array of Auth::Model instances which represent the models which will be authenticated. See also #authenticate
65 66 67 |
# File 'lib/auth/configuration.rb', line 65 def authenticated_models @authenticated_models end |
#base_controller_name ⇒ Object
The NAME of the controller to use as a base controller. All Sparkly controllers will subclass this, and methods such as current_user will be added to it. Defaults to ‘application’.
Default:
'application'
72 73 74 |
# File 'lib/auth/configuration.rb', line 72 def base_controller_name @base_controller_name end |
#behaviors ⇒ Object
The array of behaviors which will be applied by default to every authenticated model. If a behavior set is specified for a given model, it will be used instead of (not in addition to) this array.
Default:
[ :core ]
80 81 82 |
# File 'lib/auth/configuration.rb', line 80 def behaviors @behaviors end |
#default_accounts_controller_name ⇒ Object
The name of the controller to route to for creating users, editing them, etc.
"sparkly_accounts"
85 86 87 |
# File 'lib/auth/configuration.rb', line 85 def default_accounts_controller_name @default_accounts_controller_name end |
#default_destination ⇒ Object
If an issue would prevent the user from viewing the current page, Auth will redirect the user to the value stored in session. If this value is not set, then Auth will default to this path.
Default:
"/"
93 94 95 |
# File 'lib/auth/configuration.rb', line 93 def default_destination @default_destination end |
#default_login_path ⇒ Object
The method to call in order to determine which resource to use when implicitly logging in.
If set to nil, the #default_destination will be used instead.
Default:
:new_user_session_path
101 102 103 |
# File 'lib/auth/configuration.rb', line 101 def default_login_path @default_login_path end |
#default_sessions_controller_name ⇒ Object
The name of the controller to route to for logging in, logging out, etc.
Default:
"sparkly_sessions"
107 108 109 |
# File 'lib/auth/configuration.rb', line 107 def default_sessions_controller_name @default_sessions_controller_name end |
#encryptor ⇒ Object
The class to use for encryption of passwords. This can be any class, as long as it responds to #encrypt and #matches?
Default:
Auth::Encryptors::Sha512
114 115 116 |
# File 'lib/auth/configuration.rb', line 114 def encryptor @encryptor end |
#invalid_credentials_message ⇒ Object
Message to display if username and/or password were incorrect.
Default:
"Credentials were not valid."
120 121 122 |
# File 'lib/auth/configuration.rb', line 120 def @invalid_credentials_message end |
#login_after_signup ⇒ Object
If true, the user will be automatically logged in after registering a new account. Note that this can be modified by some behaviors.
Default:
true
127 128 129 |
# File 'lib/auth/configuration.rb', line 127 def login_after_signup @login_after_signup end |
#login_required_message ⇒ Object
The message to display when the user is not allowed to view a page because s/he must log in.
Default:
"You must be signed in to view this page."
133 134 135 |
# File 'lib/auth/configuration.rb', line 133 def @login_required_message end |
#login_successful_message ⇒ Object
Message to display if login was successful.
Default:
"Signed in successfully."
139 140 141 |
# File 'lib/auth/configuration.rb', line 139 def @login_successful_message end |
#logout_message ⇒ Object
Message to display when user logs out.
Default:
"You have been signed out."
145 146 147 |
# File 'lib/auth/configuration.rb', line 145 def @logout_message end |
#logout_required_message ⇒ Object
The message to display when the user is not allowed to view a page because s/he must log out.
"You must be signed out to view this page."
150 151 152 |
# File 'lib/auth/configuration.rb', line 150 def @logout_required_message end |
#max_login_failures ⇒ Object
The maximum login attempts permitted before an account is locked. Set to nil to disable locking.
Default:
5
156 157 158 |
# File 'lib/auth/configuration.rb', line 156 def max_login_failures @max_login_failures end |
#minimum_password_length ⇒ Object
Minimum length for passwords.
Default:
7
162 163 164 |
# File 'lib/auth/configuration.rb', line 162 def minimum_password_length @minimum_password_length end |
#password_format ⇒ Object
Regular expression which passwords must match. The default forces at least 1 uppercase, lowercase and numeric character.
Default:
/(^(?=.*\d)(?=.*[a-zA-Z]).{7,}$)/
169 170 171 |
# File 'lib/auth/configuration.rb', line 169 def password_format @password_format end |
#password_format_message ⇒ Object
When the password to be created does not conform to the above format, this error message will be shown.
Default:
"must contain at least 1 uppercase, 1 lowercase and 1 number"
176 177 178 |
# File 'lib/auth/configuration.rb', line 176 def @password_format_message end |
#password_history_length ⇒ Object
The number of passwords to keep in the password change history for each user. Any given user may not use the same password twice for at least this duration. For instance, if set to 4, then a user must change his password 4 times before s/he can reuse one of his/her previous passwords.
Default:
4
185 186 187 |
# File 'lib/auth/configuration.rb', line 185 def password_history_length @password_history_length end |
#password_uniqueness_message ⇒ Object
The message to display when password change matches one of the previous passwords
Default:
"must not be the same as any of your recent passwords"
191 192 193 |
# File 'lib/auth/configuration.rb', line 191 def @password_uniqueness_message end |
#password_update_frequency ⇒ Object
How frequently should passwords be forced to change? Nil for never.
Default:
30.days
197 198 199 |
# File 'lib/auth/configuration.rb', line 197 def password_update_frequency @password_update_frequency end |
#path ⇒ Object (readonly)
The path to the Sparkly Auth libraries.
200 201 202 |
# File 'lib/auth/configuration.rb', line 200 def path @path end |
#session_duration ⇒ Object
The maximum session duration. Users will be logged out automatically after this period expires.
Default:
30.minutes
206 207 208 |
# File 'lib/auth/configuration.rb', line 206 def session_duration @session_duration end |
#session_timeout_message ⇒ Object
Message to display when the user’s session times out due to inactivity.
Default:
"You have been signed out due to inactivity. Please sign in again."
212 213 214 |
# File 'lib/auth/configuration.rb', line 212 def @session_timeout_message end |
Class Method Details
.behavior_configs ⇒ Object
8 9 10 |
# File 'lib/auth/configuration.rb', line 8 def behavior_configs @behavior_configs ||= [] end |
.register_behavior(name) ⇒ Object
12 13 14 15 16 17 18 19 20 21 22 |
# File 'lib/auth/configuration.rb', line 12 def register_behavior(name) behavior_class = lookup_behavior(name) # If the behavior has a configuration, add it to self. accessor_name = name name = "#{behavior_class.name}::Configuration" behavior_configs << [ accessor_name, name.constantize ] # eg Auth.remember_me.something = 5 Auth.class.delegate accessor_name, :to => :configuration rescue NameError # Presumably, the behavior does not have a configuration. end |
Instance Method Details
#apply! ⇒ Object
281 282 283 284 285 286 287 288 289 290 291 292 |
# File 'lib/auth/configuration.rb', line 281 def apply! # Apply behaviors to controllers behaviors.each do |behavior_name| behavior = lookup_behavior(behavior_name) behavior.apply_to_controllers end # Apply options to authenticated models authenticated_models.each do |model| model. end end |
#authenticate(*model_names) ⇒ Object
Accepts a list of model names (or the models themselves) and an optional set of options which govern how the models will be authenticated.
Examples:
Auth.configure do |config|
config.authenticate :user
config.authenticate :admin, :key => :login
config.authenticate :user, :admin, :with => /a password validating regexp/
end
Note that if an item is specified more than once, the options will be merged together for the entry. For instance, in the above example, the :user model will be authenticated with :password, while the :admin model will be authenticated with :password on key :login.
308 309 310 311 312 313 314 315 316 317 |
# File 'lib/auth/configuration.rb', line 308 def authenticate(*model_names) = model_names. model_names.flatten.each do |name| if model = authenticated_models.find(name) model. else authenticated_models << Auth::Model.new(name, ) end end end |
#base_controller ⇒ Object
Finds the controller with the same name as #base_controller_name and returns it.
215 216 217 218 219 220 221 222 223 |
# File 'lib/auth/configuration.rb', line 215 def base_controller "#{base_controller_name.to_s.camelize}Controller".constantize rescue NameError => err begin base_controller_name.to_s.camelize.constantize rescue NameError raise err end end |
#behavior_classes ⇒ Object
Returns the classes which represent each behavior listed in #behaviors
226 227 228 |
# File 'lib/auth/configuration.rb', line 226 def behavior_classes behaviors.collect { |behavior| lookup_behavior(behavior) } end |
#disable_route_generation! ⇒ Object
Causes Sparkly Auth to not generate routes by default. You’ll have to map them yourself if you disable route generation.
232 233 234 |
# File 'lib/auth/configuration.rb', line 232 def disable_route_generation! @generate_routes = false end |
#for_model(name_or_class_or_instance) ⇒ Object
Returns the configuration for the given authenticated model.
320 321 322 323 324 |
# File 'lib/auth/configuration.rb', line 320 def for_model(name_or_class_or_instance) name_or_class = name_or_class_or_instance name_or_class = name_or_class.class if name_or_class.kind_of?(ActiveRecord::Base) authenticated_models.find(name_or_class) end |
#generate_routes? ⇒ Boolean
Returns true if Sparkly Auth is expected to generate routes for this application. This is true by default, and can be disabled with #disable_route_generation!
238 239 240 |
# File 'lib/auth/configuration.rb', line 238 def generate_routes? @generate_routes end |