From 84071ea20c6d62924c8220ea5be670a02fb62a36 Mon Sep 17 00:00:00 2001 From: scl Date: Fri, 30 Oct 2015 10:03:40 +0100 Subject: [PATCH] current_user replaced by sorcery_current_user (Fix compatibility with devise) + backward compatibility : always current_user (call sorcery_current_user) and current_user= (call sorcery_current_user=). --- lib/sorcery/controller.rb | 35 ++++++++++++------- .../controller/submodules/activity_logging.rb | 6 ++-- lib/sorcery/controller/submodules/external.rb | 2 +- .../controller/submodules/http_basic_auth.rb | 6 ++-- .../controller/submodules/remember_me.rb | 16 ++++----- .../controller/submodules/session_timeout.rb | 2 +- lib/sorcery/engine.rb | 1 + lib/sorcery/test_helpers/internal/rails.rb | 4 +-- .../controller_remember_me_spec.rb | 10 +++--- spec/controllers/controller_spec.rb | 16 ++++----- .../app/controllers/sorcery_controller.rb | 6 ++-- 11 files changed, 57 insertions(+), 47 deletions(-) diff --git a/lib/sorcery/controller.rb b/lib/sorcery/controller.rb index fecd9105..b37cfea5 100644 --- a/lib/sorcery/controller.rb +++ b/lib/sorcery/controller.rb @@ -29,7 +29,7 @@ def require_login # Takes credentials and returns a user on successful authentication. # Runs hooks after login or failed login. def login(*credentials) - @current_user = nil + @sorcery_current_user = nil user = user_class.authenticate(*credentials) if user old_session = session.dup.to_hash @@ -41,7 +41,7 @@ def login(*credentials) auto_login(user) after_login!(user, credentials) - current_user + sorcery_current_user else after_failed_login!(credentials) nil @@ -59,29 +59,38 @@ def reset_sorcery_session # Resets the session and runs hooks before and after. def logout if logged_in? - user = current_user + user = sorcery_current_user before_logout! - @current_user = nil + @sorcery_current_user = nil reset_sorcery_session after_logout!(user) end end def logged_in? - !!current_user + !!sorcery_current_user end # attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.) # returns the logged in user if found, nil if not - def current_user - unless defined?(@current_user) - @current_user = login_from_session || login_from_other_sources || nil + def sorcery_current_user + unless defined?(@sorcery_current_user) + @sorcery_current_user = login_from_session || login_from_other_sources || nil end - @current_user + @sorcery_current_user + end + + def sorcery_current_user=(user) + @sorcery_current_user = user + end + + # Backward compatibility + def current_user + sorcery_current_user end def current_user=(user) - @current_user = user + sorcery_current_user = user end # used when a user tries to access a page while logged out, is asked to login, @@ -104,13 +113,13 @@ def not_authenticated # @return - do not depend on the return value. def auto_login(user, should_remember = false) session[:user_id] = user.id.to_s - @current_user = user + @sorcery_current_user = user end # Overwrite Rails' handle unverified request def handle_unverified_request cookies[:remember_me_token] = nil - @current_user = nil + @sorcery_current_user = nil super # call the default behaviour which resets the session end @@ -126,7 +135,7 @@ def login_from_other_sources end def login_from_session - @current_user = if session[:user_id] + @sorcery_current_user = if session[:user_id] user_class.sorcery_adapter.find_by_id(session[:user_id]) end end diff --git a/lib/sorcery/controller/submodules/activity_logging.rb b/lib/sorcery/controller/submodules/activity_logging.rb index b439aad2..de8f3c76 100644 --- a/lib/sorcery/controller/submodules/activity_logging.rb +++ b/lib/sorcery/controller/submodules/activity_logging.rb @@ -51,7 +51,7 @@ def register_login_time_to_db(user, credentials) # This runs as a hook just before a logout. def register_logout_time_to_db return unless Config.register_logout_time - current_user.set_last_logout_at(Time.now.in_time_zone) + sorcery_current_user.set_last_logout_at(Time.now.in_time_zone) end # Updates last activity time on every request. @@ -59,14 +59,14 @@ def register_logout_time_to_db def register_last_activity_time_to_db return unless Config.register_last_activity_time return unless logged_in? - current_user.set_last_activity_at(Time.now.in_time_zone) + sorcery_current_user.set_last_activity_at(Time.now.in_time_zone) end # Updates IP address on every login. # This runs as a hook just after a successful login. def register_last_ip_address(user, credentials) return unless Config.register_last_ip_address - current_user.set_last_ip_addess(request.remote_ip) + sorcery_current_user.set_last_ip_addess(request.remote_ip) end end end diff --git a/lib/sorcery/controller/submodules/external.rb b/lib/sorcery/controller/submodules/external.rb index ac57eea4..43b600ce 100644 --- a/lib/sorcery/controller/submodules/external.rb +++ b/lib/sorcery/controller/submodules/external.rb @@ -136,7 +136,7 @@ def add_provider_to_user(provider_name) sorcery_fetch_user_hash provider_name config = user_class.sorcery_config - current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s) + sorcery_current_user.add_provider_to_user(provider_name.to_s, @user_hash[:uid].to_s) end # Initialize new user from provider informations. diff --git a/lib/sorcery/controller/submodules/http_basic_auth.rb b/lib/sorcery/controller/submodules/http_basic_auth.rb index d300a2a1..ad8d1af3 100644 --- a/lib/sorcery/controller/submodules/http_basic_auth.rb +++ b/lib/sorcery/controller/submodules/http_basic_auth.rb @@ -45,9 +45,9 @@ def require_login_from_http_basic # given to main controller module as a login source callback def login_from_basic_auth authenticate_with_http_basic do |username, password| - @current_user = (user_class.authenticate(username, password) if session[:http_authentication_used]) || false - auto_login(@current_user) if @current_user - @current_user + @sorcery_current_user = (user_class.authenticate(username, password) if session[:http_authentication_used]) || false + auto_login(@sorcery_current_user) if @sorcery_current_user + @sorcery_current_user end end diff --git a/lib/sorcery/controller/submodules/remember_me.rb b/lib/sorcery/controller/submodules/remember_me.rb index 5bbe7866..29a93ecb 100644 --- a/lib/sorcery/controller/submodules/remember_me.rb +++ b/lib/sorcery/controller/submodules/remember_me.rb @@ -25,19 +25,19 @@ def merge_remember_me_defaults! module InstanceMethods # This method sets the cookie and calls the user to save the token and the expiration to db. def remember_me! - current_user.remember_me! - set_remember_me_cookie!(current_user) + sorcery_current_user.remember_me! + set_remember_me_cookie!(sorcery_current_user) end # Clears the cookie, and depending on the value of remember_me_token_persist_globally, may clear the token value. def forget_me! - current_user.forget_me! + sorcery_current_user.forget_me! cookies.delete(:remember_me_token, :domain => Config.cookie_domain) end # Clears the cookie, and clears the token value. def force_forget_me! - current_user.force_forget_me! + sorcery_current_user.force_forget_me! cookies.delete(:remember_me_token, :domain => Config.cookie_domain) end @@ -45,7 +45,7 @@ def force_forget_me! # logins a user instance, and optionally remembers him. def auto_login(user, should_remember = false) session[:user_id] = user.id.to_s - @current_user = user + @sorcery_current_user = user remember_me! if should_remember end @@ -59,15 +59,15 @@ def remember_me_if_asked_to(user, credentials) # Checks the cookie for a remember me token, tried to find a user with that token # and logs the user in if found. - # Runs as a login source. See 'current_user' method for how it is used. + # Runs as a login source. See 'sorcery_current_user' method for how it is used. def login_from_cookie user = cookies.signed[:remember_me_token] && user_class.sorcery_adapter.find_by_remember_me_token(cookies.signed[:remember_me_token]) if user && user.has_remember_me_token? set_remember_me_cookie!(user) session[:user_id] = user.id.to_s - @current_user = user + @sorcery_current_user = user else - @current_user = false + @sorcery_current_user = false end end diff --git a/lib/sorcery/controller/submodules/session_timeout.rb b/lib/sorcery/controller/submodules/session_timeout.rb index 19470842..0acf6aa1 100644 --- a/lib/sorcery/controller/submodules/session_timeout.rb +++ b/lib/sorcery/controller/submodules/session_timeout.rb @@ -39,7 +39,7 @@ def validate_session session_to_use = Config.session_timeout_from_last_action ? session[:last_action_time] : session[:login_time] if session_to_use && sorcery_session_expired?(session_to_use.to_time) reset_sorcery_session - @current_user = nil + @sorcery_current_user = nil else session[:last_action_time] = Time.now.in_time_zone end diff --git a/lib/sorcery/engine.rb b/lib/sorcery/engine.rb index 1aa7591c..9fe40a02 100644 --- a/lib/sorcery/engine.rb +++ b/lib/sorcery/engine.rb @@ -9,6 +9,7 @@ class Engine < Rails::Engine initializer "extend Controller with sorcery" do |app| ActionController::Base.send(:include, Sorcery::Controller) + ActionController::Base.helper_method :sorcery_current_user ActionController::Base.helper_method :current_user ActionController::Base.helper_method :logged_in? end diff --git a/lib/sorcery/test_helpers/internal/rails.rb b/lib/sorcery/test_helpers/internal/rails.rb index 3ea57646..3c30f5c3 100644 --- a/lib/sorcery/test_helpers/internal/rails.rb +++ b/lib/sorcery/test_helpers/internal/rails.rb @@ -56,11 +56,11 @@ def sorcery_controller_external_property_set(provider, property, value) end # This helper is used to fake multiple users signing in in tests. - # It does so by clearing @current_user, thus allowing a new user to login, + # It does so by clearing @sorcery_current_user, thus allowing a new user to login, # all this without calling the :logout action explicitly. # A dirty dirty hack. def clear_user_without_logout - subject.instance_variable_set(:@current_user,nil) + subject.instance_variable_set(:@sorcery_current_user,nil) end end end diff --git a/spec/controllers/controller_remember_me_spec.rb b/spec/controllers/controller_remember_me_spec.rb index ba262328..40233ea5 100644 --- a/spec/controllers/controller_remember_me_spec.rb +++ b/spec/controllers/controller_remember_me_spec.rb @@ -29,7 +29,7 @@ post :test_login_with_remember, :email => 'bla@bla.com', :password => 'secret' - expect(cookies.signed["remember_me_token"]).to eq assigns[:current_user].remember_me_token + expect(cookies.signed["remember_me_token"]).to eq assigns[:sorcery_current_user].remember_me_token end it "clears cookie on forget_me!" do @@ -76,7 +76,7 @@ subject.remember_me! subject.instance_eval do - remove_instance_variable :@current_user + remove_instance_variable :@sorcery_current_user end session[:user_id] = nil @@ -84,7 +84,7 @@ get :test_login_from_cookie - expect(assigns[:current_user]).to eq user + expect(assigns[:sorcery_current_user]).to eq user end it "doest not remember_me! when not asked to, even if third parameter is used" do @@ -106,7 +106,7 @@ subject.auto_login(user) get :test_login_from_cookie - expect(assigns[:current_user]).to eq user + expect(assigns[:sorcery_current_user]).to eq user expect(cookies["remember_me_token"]).to be_nil end @@ -117,7 +117,7 @@ get :test_login_from_cookie - expect(assigns[:current_user]).to eq user + expect(assigns[:sorcery_current_user]).to eq user expect(cookies["remember_me_token"]).not_to be_nil end end diff --git a/spec/controllers/controller_spec.rb b/spec/controllers/controller_spec.rb index a71e89a4..1a4e7816 100644 --- a/spec/controllers/controller_spec.rb +++ b/spec/controllers/controller_spec.rb @@ -46,7 +46,7 @@ specify { should respond_to(:logged_in?) } - specify { should respond_to(:current_user) } + specify { should respond_to(:sorcery_current_user) } specify { should respond_to(:require_login) } @@ -114,19 +114,19 @@ end end - describe "#current_user" do - it "current_user returns the user instance if logged in" do + describe "#sorcery_current_user" do + it "sorcery_current_user returns the user instance if logged in" do session[:user_id] = user.id.to_s expect(User.sorcery_adapter).to receive(:find_by_id).once.with("42") { user } - 2.times { expect(subject.current_user).to eq user } # memoized! + 2.times { expect(subject.sorcery_current_user).to eq user } # memoized! end - it "current_user returns false if not logged in" do + it "sorcery_current_user returns false if not logged in" do session[:user_id] = nil expect(User.sorcery_adapter).to_not receive(:find_by_id) - 2.times { expect(subject.current_user).to be_nil } # memoized! + 2.times { expect(subject.sorcery_current_user).to be_nil } # memoized! end end @@ -173,11 +173,11 @@ expect(subject.logged_in?).to be true end - it "auto_login(user) works even if current_user was already set to false" do + it "auto_login(user) works even if sorcery_current_user was already set to false" do get :test_logout expect(session[:user_id]).to be_nil - expect(subject.current_user).to be_nil + expect(subject.sorcery_current_user).to be_nil expect(User).to receive(:first) { user } diff --git a/spec/rails_app/app/controllers/sorcery_controller.rb b/spec/rails_app/app/controllers/sorcery_controller.rb index 166c70c6..430fd15a 100644 --- a/spec/rails_app/app/controllers/sorcery_controller.rb +++ b/spec/rails_app/app/controllers/sorcery_controller.rb @@ -14,7 +14,7 @@ def some_action end def some_action_making_a_non_persisted_change_to_the_user - current_user.email = 'to_be_ignored' + sorcery_current_user.email = 'to_be_ignored' render nothing: true end @@ -26,7 +26,7 @@ def test_login def test_auto_login @user = User.first auto_login(@user) - @result = current_user + @result = sorcery_current_user render nothing: true end @@ -67,7 +67,7 @@ def test_login_with_remember_in_login end def test_login_from_cookie - @user = current_user + @user = sorcery_current_user render nothing: true end