remember me on login

app/controllers/sessions_controller.rb

@@ -18,6 +18,7 @@ class SessionsController < ApplicationController
   
   def destroy
     warden.logout
+    cookies.delete :remember_me
     redirect_to (params[:return_to] || root_path)
   end
   

config/initializers/.gitignore

@@ -0,0 +1 @@
+cookie_verification_secret.rb

config/initializers/cookie_verification_secret.rb

@@ -1,7 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-# Make sure the secret is at least 30 characters and all random, 
-# no regular words or you'll be exposed to dictionary attacks.
-Rails.application.config.secret_token = '03a62dcef9d831912de9f0c1815e6226981b880195184893803ae0d3c4e696c52102f2deb611ccbeb2c7b90bd9d30a78c7fad62fec908a20d048449e6d10b7f9'

config/initializers/warden.rb

@@ -1,5 +1,5 @@
 Rails.configuration.middleware.use RailsWarden::Manager do |manager|
-  manager.default_strategies :openneo_auth_token
+  manager.default_strategies :openneo_auth_remember, :openneo_auth_token
   manager.failure_app = SessionsController.action(:failure)
 end
 
@@ -11,7 +11,11 @@ Openneo::Auth.configure do |config|
     config.send("#{key}=", value)
   end
   
-  config.user_finder do |user_data|
+  config.remote_auth_user_finder do |user_data|
     User.find_or_create_from_remote_auth_data(user_data)
   end
+  
+  config.remember_user_finder do |id|
+    User.find_by_id(id)
+  end
 end

lib/openneo-auth.rb

@@ -1,20 +1,30 @@
 require 'openneo-auth/session'
 require 'openneo-auth/strategy'
 
-Warden::Strategies.add :openneo_auth_token, Openneo::Auth::Strategy
+Warden::Strategies.add :openneo_auth_token, Openneo::Auth::Strategies::Token
+Warden::Strategies.add :openneo_auth_remember, Openneo::Auth::Strategies::Remember
 
 module Openneo
   module Auth
     class Config
       attr_accessor :app, :auth_server, :secret
       
-      def find_user(data)
+      def find_user_with_remote_auth(data)
-        raise "Must set a user finder for Openneo Auth to find a user" unless @user_finder
+        raise "Must set a remote user finder for Openneo Auth to find a user" unless @remote_auth_user_finder
-        @user_finder.call(data)
+        @remote_auth_user_finder.call(data)
       end
       
-      def user_finder(&block)
+      def find_user_by_remembering(id)
-        @user_finder = block
+        raise "Must set a remember user finder for Openneo Auth to find a user" unless @remember_user_finder
+        @remember_user_finder.call(id)
+      end
+      
+      def remote_auth_user_finder(&block)
+        @remote_auth_user_finder = block
+      end
+      
+      def remember_user_finder(&block)
+        @remember_user_finder = block
       end
     end
       

lib/openneo-auth/session.rb

@@ -48,7 +48,7 @@ module Openneo
       end
       
       def user
-        Auth.config.find_user(@message['user'])
+        Auth.config.find_user_with_remote_auth(@message['user'])
       end
       
       def self.from_params(params)

lib/openneo-auth/strategy.rb

@@ -2,7 +2,8 @@ require 'warden'
 
 module Openneo
   module Auth
-    class Strategy < Warden::Strategies::Base
+    module Strategies
+      class Token < Warden::Strategies::Base
         def valid?
           session && session[:session_id]
         end
@@ -14,9 +15,26 @@ module Openneo
             fail! e.message
           else
             auth_session.destroy!
+            cookies.permanent.signed[:remember_me] = auth_session.user.id
             success! auth_session.user
           end
         end
       end
+      
+      class Remember < Warden::Strategies::Base
+        def valid?
+          cookies.signed[:remember_me]
+        end
+        
+        def authenticate!
+          user = Auth.config.find_user_by_remembering cookies.signed[:remember_me]
+          if user
+            success! user
+          else
+            fail!
+          end
+        end
+      end
+    end
   end
 end