22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
# File 'lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb', line 22
def acts_as_authentic_with_persistence(options = {})
acts_as_authentic_without_persistence(options)
validates_presence_of options[:persistence_token_field]
validates_uniqueness_of options[:persistence_token_field], :if => "#{options[:persistence_token_field]}_changed?".to_sym
before_validation "reset_#{options[:persistence_token_field]}".to_sym, :if => "reset_#{options[:persistence_token_field]}?".to_sym
def forget_all!
records = nil
i = 0
begin
records = find(:all, :limit => 50, :offset => i)
records.each { |record| record.forget! }
i += 50
end while !records.blank?
end
class_eval <<-"end_eval", __FILE__, __LINE__
def self.unique_token
Authlogic::CryptoProviders::Sha512.encrypt(Time.now.to_s + (1..10).collect{ rand.to_s }.join)
end
def forget!
self.#{options[:persistence_token_field]} = self.class.unique_token
save_without_session_maintenance(false)
end
def #{options[:password_field]}_with_persistence=(value)
reset_#{options[:persistence_token_field]} unless value.blank?
self.#{options[:password_field]}_without_persistence = value
end
alias_method_chain :#{options[:password_field]}=, :persistence
def reset_#{options[:persistence_token_field]}
self.#{options[:persistence_token_field]} = self.class.unique_token
end
def reset_#{options[:persistence_token_field]}!
reset_#{options[:persistence_token_field]}
save_without_session_maintenance(false)
end
def reset_#{options[:persistence_token_field]}?
#{options[:persistence_token_field]}.blank?
end
# When a user logs in we need to ensure they have a persistence token. Think about apps that are transitioning and
# never have a persistence token to begin with. When their users log in their persistence token needs to be set.
# The only other time persistence tokens are reset is in a before_validation on the user, and when a user is saved
# from the session we skip validation for performance reasons. We do save_without_session_maintenance(false), the false
# indicates to skip validation.
def valid_#{options[:password_field]}_with_persistence?(attempted_password)
result = valid_password_without_persistence?(attempted_password)
reset_#{options[:persistence_token_field]}! if result && #{options[:persistence_token_field]}.blank?
result
end
alias_method_chain :valid_#{options[:password_field]}?, :persistence
end_eval
end
|