bjjb · September 18, 2010 21:24 · h0jeZvgoxFepBQ2C · Sep 20, 2010 · bjjb · Sep 20, 2010
diff --git a/authentication.rb b/authentication.rb
 module Authlogic
  module Session
    # Lets you log in using a HTTP token, using the single_access_token.
    # Behaves similarly to Params, but with HTTP, so it's nice for APIs.
    module HttpToken
      def self.included(klass)
        klass.class_eval do
          extend Config
          include InstanceMethods
          persist :persist_by_http_token
        end
      end
      
      module Config
        def http_token_access_allowed_request_types(value = nil)
          rw_config(:http_token_access_allowed_request_types, value, ["application/xml", "application/json"])
        end
        alias_method :http_token_access_allowed_request_types=, :http_token_access_allowed_request_types
      end
      
      module InstanceMethods
      private
        def persist_by_http_token
          return false if !http_token_enabled?
          self.unauthorized_record = search_for_record("find_by_single_access_token", http_token)
          self.single_access = valid?
        end
        
        def http_token_enabled?
          return false if !http_token || !klass.column_names.include?("single_access_token")
          return controller.token_access_allowed? if controller.responds_to_token_access_allowed?
          
          case http_token_access_allowed_request_types
          when Array
            http_token_access_allowed_request_types.include?(controller.request_content_type) ||
              token_access_allowed_request_types.include?(:all)
          else
            [:all, :any].include?(http_token_access_allowed_request_types)
          end
        end

        def http_token
          authenticate_with_http_token { |token, options| token }
        end
        
        def params_key
          build_key(self.class.params_key)
        end
        
        def single_access?
          single_access == true
        end
        
        def single_access_allowed_request_types
          self.class.single_access_allowed_request_types
        end
      end
    end
  end

  # Fixes some deprecation warnings on Rails3
  module ActsAsAuthentic
    module SessionMaintenance
      module Methods
        def save_without_session_maintenance_with_rails3(*args)
          args = { :validate => args.first } if [[false], [true]].include?(args)
          save_without_session_maintenance_without_rails3(args)
        end
        alias_method_chain :save_without_session_maintenance, :rails3
      end
    end
    module Password
      module Methods
        module InstanceMethods 
        private
          def transition_password(attempted_password)
            self.password = attempted_password
            save(:validate => false)
          end
        end
      end
    end
  end
 end
	module Authlogic
	module Session
	# Lets you log in using a HTTP token, using the single_access_token.
	# Behaves similarly to Params, but with HTTP, so it's nice for APIs.
	module HttpToken
	def self.included(klass)
	klass.class_eval do
	extend Config
	include InstanceMethods
	persist :persist_by_http_token
	end
	end

	module Config
	def http_token_access_allowed_request_types(value = nil)
	rw_config(:http_token_access_allowed_request_types, value, ["application/xml", "application/json"])
	end
	alias_method :http_token_access_allowed_request_types=, :http_token_access_allowed_request_types
	end

	module InstanceMethods
	private
	def persist_by_http_token
	return false if !http_token_enabled?
	self.unauthorized_record = search_for_record("find_by_single_access_token", http_token)
	self.single_access = valid?
	end

	def http_token_enabled?
	return false if !http_token \|\| !klass.column_names.include?("single_access_token")
	return controller.token_access_allowed? if controller.responds_to_token_access_allowed?

	case http_token_access_allowed_request_types
	when Array
	http_token_access_allowed_request_types.include?(controller.request_content_type) \|\|
	token_access_allowed_request_types.include?(:all)
	else
	[:all, :any].include?(http_token_access_allowed_request_types)
	end
	end

	def http_token
	authenticate_with_http_token { \|token, options\| token }
	end

	def params_key
	build_key(self.class.params_key)
	end

	def single_access?
	single_access == true
	end

	def single_access_allowed_request_types
	self.class.single_access_allowed_request_types
	end
	end
	end
	end

	# Fixes some deprecation warnings on Rails3
	module ActsAsAuthentic
	module SessionMaintenance
	module Methods
	def save_without_session_maintenance_with_rails3(*args)
	args = { :validate => args.first } if [[false], [true]].include?(args)
	save_without_session_maintenance_without_rails3(args)
	end
	alias_method_chain :save_without_session_maintenance, :rails3
	end
	end
	module Password
	module Methods
	module InstanceMethods
	private
	def transition_password(attempted_password)
	self.password = attempted_password
	save(:validate => false)
	end
	end
	end
	end
	end
	end