class CookieLoginStrategy < ::Authentication::Strategy def run! u =

1. class CookieLoginStrategy < ::Authentication::Strategy
2. def run!
3. u = cookies[:auth_token] && User.first(:remember_token => cookies[:auth_token])
4. if u && u.remember_token?
5. cookies[:auth_token] = { :value => u.remember_token, :expires => Time.parse(u.remember_token_expires_at.to_s) }
6. u
7. end
8. end
9. end
10.  
11. class PasswordStrategy < ::Authentication::Strategy
12. def run!
13. if params[:login] && params[:password]
14. u = User.authenticate(params[:login], params[:password])
15. if u && params[:remember_me] == "1"
16. u.remember_me
17. expires = Time.parse(u.remember_token_expires_at.to_s)
18. cookies[:auth_token] = { :value => u.remember_token, :expires => expires }
19. else
20. controller.session.authentication.errors.clear!
21. controller.session.authentication.errors.add(:login, 'Username or password were incorrect')
22. end
23. u
24. end
25. end
26. end
27.  
28. class OpenIDStrategy < ::Authentication::Strategy
29. def run!
30. if params[:'openid.mode']
31. response = consumer.complete(controller.request.send(:query_params), "#{controller.request.protocol}#{controller.request.host}" + controller.request.path)
32. if response.status.to_s == 'success'
33. if user = User.first(:identity_url => response.identity_url)
34. if params[:remember_me]
35. user.remember_me
36. expires = Time.parse(user.remember_token_expires_at.to_s)
37. cookies[:auth_token] = { :value => user.remember_token, :expires => expires }
38. end
39. user
40. else
41. sreg_response = OpenID::SReg::Response.from_success_response(response)
42. controller.session[:'openid.email'] = sreg_response.data['email'] unless sreg_response.data['email'].nil?
43. controller.session[:'openid.nickname'] = sreg_response.data['nickname'] unless sreg_response.data['nickname'].nil?
44. controller.session[:'openid.url'] = response.identity_url
45. throw(:halt, controller.redirect(controller.url(:signup)))
46. end
47. elsif response.status.to_s == 'failure'
48. controller.session.authentication.errors.clear!
49. controller.session.authentication.errors.add(:openid, 'OpenID verification failed, maybe the provider is down? Or the session timed out')
50. nil
51. elsif response.status.to_s == 'setup_needed'
52. controller.session.authentication.errors.clear!
53. controller.session.authentication.errors.add(:openid, 'OpenID does not seem to be configured correctly')
54. nil
55. elsif response.status.to_s == 'cancel'
56. controller.session.authentication.errors.clear!
57. controller.session.authentication.errors.add(:openid, 'OpenID rejected our request')
58. nil
59. end
60. elsif identity_url = params[:openid_url]
61. begin
62. openid_request = consumer.begin(identity_url)
63. openid_reg = OpenID::SReg::Request.new
64. openid_reg.request_fields(['nickname', 'email'])
65. openid_request.add_extension(openid_reg)
66. openid_request.return_to_args['remember_me'] = '1' if params[:remember_me] == '1'
67. throw(:halt, controller.redirect(openid_request.redirect_url("#{controller.request.protocol}#{controller.request.host}", controller.absolute_url(:openid))))
68. rescue OpenID::OpenIDError => e
69. controller.session.authentication.errors.clear!
70. controller.session.authentication.errors.add(:openid, 'The OpenID verification failed')
71. nil
72. end
73. end
74. end
75.  
76. protected
77. def consumer
78. @consumer ||= OpenID::Consumer.new(controller.session, OpenID::Store::Filesystem.new("#{Merb.root}/tmp/openid"))
79. end
80. end
81.  
82. class Authentication
83. def store_user(user)
84. return nil unless user
85. user.id
86. end
87.  
88. def fetch_user(session_info)
89. User.get(session_info)
90. end
91. end