module Authlogic::Session::Password::InstanceMethods

Password related instance methods

Attributes

invalid_password[RW]

Public Class Methods

new(*args) click to toggle source
Calls superclass method
# File lib/authlogic/session/password.rb, line 132
def initialize(*args)
  unless self.class.configured_password_methods
    configure_password_methods
    self.class.configured_password_methods = true
  end
  super
end

Public Instance Methods

credentials() click to toggle source

Returns the #login_field / #password_field credentials combination in hash form.

Calls superclass method
# File lib/authlogic/session/password.rb, line 142
def credentials
  if authenticating_with_password?
    details = {}
    details[login_field.to_sym] = send(login_field)
    details[password_field.to_sym] = "<protected>"
    details
  else
    super
  end
end
credentials=(value) click to toggle source

Accepts the #login_field / #password_field credentials combination in hash form.

You must pass an actual Hash, `ActionController::Parameters` is specifically not allowed.

See `Authlogic::Session::Foundation#credentials=` for an overview of all method signatures.

Calls superclass method
# File lib/authlogic/session/password.rb, line 161
def credentials=(value)
  super
  values = Array.wrap(value)
  if values.first.is_a?(Hash)
    sliced = values
      .first
      .with_indifferent_access
      .slice(login_field, password_field)
    sliced.each do |field, val|
      next if val.blank?
      send("#{field}=", val)
    end
  end
end
invalid_password?() click to toggle source
# File lib/authlogic/session/password.rb, line 176
def invalid_password?
  invalid_password == true
end

Private Instance Methods

add_general_credentials_error() click to toggle source
# File lib/authlogic/session/password.rb, line 288
def add_general_credentials_error
  error_message =
    if self.class.generalize_credentials_error_messages.is_a? String
      self.class.generalize_credentials_error_messages
    else
      "#{login_field.to_s.humanize}/Password combination is not valid"
    end
  errors.add(
    :base,
    I18n.t("error_messages.general_credentials_error", default: error_message)
  )
end
add_invalid_password_error() click to toggle source
# File lib/authlogic/session/password.rb, line 182
def add_invalid_password_error
  if generalize_credentials_error_messages?
    add_general_credentials_error
  else
    errors.add(
      password_field,
      I18n.t("error_messages.password_invalid", default: "is not valid")
    )
  end
end
add_login_not_found_error() click to toggle source
# File lib/authlogic/session/password.rb, line 193
def add_login_not_found_error
  if generalize_credentials_error_messages?
    add_general_credentials_error
  else
    errors.add(
      login_field,
      I18n.t("error_messages.login_not_found", default: "is not valid")
    )
  end
end
authenticating_with_password?() click to toggle source
# File lib/authlogic/session/password.rb, line 204
def authenticating_with_password?
  login_field && (!send(login_field).nil? || !send("protected_#{password_field}").nil?)
end
configure_password_methods() click to toggle source
# File lib/authlogic/session/password.rb, line 208
def configure_password_methods
  define_login_field_methods
  define_password_field_methods
end
define_login_field_methods() click to toggle source
# File lib/authlogic/session/password.rb, line 213
def define_login_field_methods
  return unless login_field
  self.class.send(:attr_writer, login_field) unless respond_to?("#{login_field}=")
  self.class.send(:attr_reader, login_field) unless respond_to?(login_field)
end
define_password_field_methods() click to toggle source
# File lib/authlogic/session/password.rb, line 219
          def define_password_field_methods
            return unless password_field
            self.class.send(:attr_writer, password_field) unless respond_to?("#{password_field}=")
            self.class.send(:define_method, password_field) {} unless respond_to?(password_field)

            # The password should not be accessible publicly. This way forms
            # using form_for don't fill the password with the attempted
            # password. To prevent this we just create this method that is
            # private.
            self.class.class_eval <<-EOS, __FILE__, __LINE__ + 1
              private
                def protected_#{password_field}
                  @#{password_field}
                end
            EOS
          end
find_by_login_method() click to toggle source
# File lib/authlogic/session/password.rb, line 280
def find_by_login_method
  self.class.find_by_login_method
end
generalize_credentials_error_messages?() click to toggle source
# File lib/authlogic/session/password.rb, line 301
def generalize_credentials_error_messages?
  self.class.generalize_credentials_error_messages
end
login_field() click to toggle source
# File lib/authlogic/session/password.rb, line 284
def login_field
  self.class.login_field
end
password_field() click to toggle source
# File lib/authlogic/session/password.rb, line 305
def password_field
  self.class.password_field
end
validate_by_password() click to toggle source

In keeping with the metaphor of ActiveRecord, verification of the password is referred to as a “validation”.

# File lib/authlogic/session/password.rb, line 238
def validate_by_password
  self.invalid_password = false
  validate_by_password__blank_fields
  return if errors.count > 0
  self.attempted_record = search_for_record(find_by_login_method, send(login_field))
  if attempted_record.blank?
    add_login_not_found_error
    return
  end
  validate_by_password__invalid_password
end
validate_by_password__blank_fields() click to toggle source
# File lib/authlogic/session/password.rb, line 250
def validate_by_password__blank_fields
  if send(login_field).blank?
    errors.add(
      login_field,
      I18n.t("error_messages.login_blank", default: "cannot be blank")
    )
  end
  if send("protected_#{password_field}").blank?
    errors.add(
      password_field,
      I18n.t("error_messages.password_blank", default: "cannot be blank")
    )
  end
end
validate_by_password__invalid_password() click to toggle source

Verify the password, usually using `valid_password?` in `acts_as_authentic/password.rb`. If it cannot be verified, we refer to it as “invalid”.

# File lib/authlogic/session/password.rb, line 268
def validate_by_password__invalid_password
  unless attempted_record.send(
    verify_password_method,
    send("protected_#{password_field}")
  )
    self.invalid_password = true
    add_invalid_password_error
  end
end
verify_password_method() click to toggle source
# File lib/authlogic/session/password.rb, line 309
def verify_password_method
  self.class.verify_password_method
end