Empact-authlogic 3.0.3 → 3.1.0

data/Empact-authlogic.gemspec

@@ -4,13 +4,13 @@
 # -*- encoding: utf-8 -*-
 
 Gem::Specification.new do |s|
-  s.name = %q{Empact-authlogic}
-  s.version = "3.0.3"
+  s.name = "Empact-authlogic"
+  s.version = "3.1.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = [%q{Ben Johnson of Binary Logic}, %q{Ben Woosley}]
-  s.date = %q{2011-08-14}
-  s.email = %q{bjohnson@binarylogic.com}
+  s.authors = ["Ben Johnson of Binary Logic", "Ben Woosley"]
+  s.date = "2012-04-18"
+  s.email = "bjohnson@binarylogic.com"
   s.extra_rdoc_files = [
     "LICENSE",
     "README.rdoc"
@@ -145,76 +145,21 @@ Gem::Specification.new do |s|
     "test/session_test/validation_test.rb",
     "test/test_helper.rb"
   ]
-  s.homepage = %q{http://github.com/binarylogic/authlogic}
-  s.require_paths = [%q{lib}]
-  s.rubygems_version = %q{1.8.5}
-  s.summary = %q{A clean, simple, and unobtrusive ruby authentication solution.}
-  s.test_files = [
-    "test/acts_as_authentic_test/base_test.rb",
-    "test/acts_as_authentic_test/email_test.rb",
-    "test/acts_as_authentic_test/logged_in_status_test.rb",
-    "test/acts_as_authentic_test/login_test.rb",
-    "test/acts_as_authentic_test/magic_columns_test.rb",
-    "test/acts_as_authentic_test/password_test.rb",
-    "test/acts_as_authentic_test/perishable_token_test.rb",
-    "test/acts_as_authentic_test/persistence_token_test.rb",
-    "test/acts_as_authentic_test/restful_authentication_test.rb",
-    "test/acts_as_authentic_test/session_maintenance_test.rb",
-    "test/acts_as_authentic_test/single_access_test.rb",
-    "test/authenticates_many_test.rb",
-    "test/crypto_provider_test/aes256_test.rb",
-    "test/crypto_provider_test/bcrypt_test.rb",
-    "test/crypto_provider_test/sha1_test.rb",
-    "test/crypto_provider_test/sha256_test.rb",
-    "test/crypto_provider_test/sha512_test.rb",
-    "test/i18n_test.rb",
-    "test/libs/affiliate.rb",
-    "test/libs/company.rb",
-    "test/libs/employee.rb",
-    "test/libs/employee_session.rb",
-    "test/libs/ldaper.rb",
-    "test/libs/ordered_hash.rb",
-    "test/libs/project.rb",
-    "test/libs/user.rb",
-    "test/libs/user_session.rb",
-    "test/random_test.rb",
-    "test/session_test/activation_test.rb",
-    "test/session_test/active_record_trickery_test.rb",
-    "test/session_test/brute_force_protection_test.rb",
-    "test/session_test/callbacks_test.rb",
-    "test/session_test/cookies_test.rb",
-    "test/session_test/credentials_test.rb",
-    "test/session_test/existence_test.rb",
-    "test/session_test/http_auth_test.rb",
-    "test/session_test/id_test.rb",
-    "test/session_test/klass_test.rb",
-    "test/session_test/magic_columns_test.rb",
-    "test/session_test/magic_states_test.rb",
-    "test/session_test/params_test.rb",
-    "test/session_test/password_test.rb",
-    "test/session_test/perishability_test.rb",
-    "test/session_test/persistence_test.rb",
-    "test/session_test/scopes_test.rb",
-    "test/session_test/session_test.rb",
-    "test/session_test/timeout_test.rb",
-    "test/session_test/unauthorized_record_test.rb",
-    "test/session_test/validation_test.rb",
-    "test/test_helper.rb"
-  ]
+  s.homepage = "http://github.com/binarylogic/authlogic"
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.11"
+  s.summary = "A clean, simple, and unobtrusive ruby authentication solution."
 
   if s.respond_to? :specification_version then
     s.specification_version = 3
 
     if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
       s.add_runtime_dependency(%q<activerecord>, [">= 3.0.7"])
-      s.add_runtime_dependency(%q<activerecord>, [">= 3.0.7"])
     else
       s.add_dependency(%q<activerecord>, [">= 3.0.7"])
-      s.add_dependency(%q<activerecord>, [">= 3.0.7"])
     end
   else
     s.add_dependency(%q<activerecord>, [">= 3.0.7"])
-    s.add_dependency(%q<activerecord>, [">= 3.0.7"])
   end
 end
 

data/Gemfile

@@ -5,6 +5,7 @@ gem 'activerecord', '>= 3.0.7'
 group :test do
   gem 'bcrypt-ruby'
   gem 'jeweler'
-  gem 'ruby-debug19'
+  gem 'rake'
+  gem 'debugger', require: false
   gem 'sqlite3'
 end

data/Gemfile.lock

@@ -1,42 +1,38 @@
 GEM
   remote: http://rubygems.org/
   specs:
-    activemodel (3.0.7)
-      activesupport (= 3.0.7)
-      builder (~> 2.1.2)
-      i18n (~> 0.5.0)
-    activerecord (3.0.7)
-      activemodel (= 3.0.7)
-      activesupport (= 3.0.7)
-      arel (~> 2.0.2)
-      tzinfo (~> 0.3.23)
-    activesupport (3.0.7)
-    archive-tar-minitar (0.5.2)
-    arel (2.0.9)
-    bcrypt-ruby (2.1.4)
-    builder (2.1.2)
-    columnize (0.3.2)
+    activemodel (3.1.1)
+      activesupport (= 3.1.1)
+      builder (~> 3.0.0)
+      i18n (~> 0.6)
+    activerecord (3.1.1)
+      activemodel (= 3.1.1)
+      activesupport (= 3.1.1)
+      arel (~> 2.2.1)
+      tzinfo (~> 0.3.29)
+    activesupport (3.1.1)
+      multi_json (~> 1.0)
+    arel (2.2.1)
+    bcrypt-ruby (3.0.1)
+    builder (3.0.0)
+    columnize (0.3.6)
+    debugger (1.1.1)
+      columnize (>= 0.3.1)
+      debugger-linecache (~> 1.1)
+      debugger-ruby_core_source (~> 1.1)
+    debugger-linecache (1.1.1)
+      debugger-ruby_core_source (>= 1.1.1)
+    debugger-ruby_core_source (1.1.1)
     git (1.2.5)
-    i18n (0.5.0)
-    jeweler (1.5.2)
-      bundler (~> 1.0.0)
+    i18n (0.6.0)
+    jeweler (1.6.4)
+      bundler (~> 1.0)
       git (>= 1.2.5)
       rake
-    linecache19 (0.5.12)
-      ruby_core_source (>= 0.1.4)
-    rake (0.8.7)
-    ruby-debug-base19 (0.11.25)
-      columnize (>= 0.3.1)
-      linecache19 (>= 0.5.11)
-      ruby_core_source (>= 0.1.4)
-    ruby-debug19 (0.11.6)
-      columnize (>= 0.3.1)
-      linecache19 (>= 0.5.11)
-      ruby-debug-base19 (>= 0.11.19)
-    ruby_core_source (0.1.5)
-      archive-tar-minitar (>= 0.5.2)
-    sqlite3 (1.3.3)
-    tzinfo (0.3.27)
+    multi_json (1.0.3)
+    rake (0.9.2)
+    sqlite3 (1.3.4)
+    tzinfo (0.3.30)
 
 PLATFORMS
   ruby
@@ -44,6 +40,7 @@ PLATFORMS
 DEPENDENCIES
   activerecord (>= 3.0.7)
   bcrypt-ruby
+  debugger
   jeweler
-  ruby-debug19
+  rake
   sqlite3

data/Rakefile

@@ -12,7 +12,6 @@ begin
     gem.email = "bjohnson@binarylogic.com"
     gem.homepage = "http://github.com/binarylogic/authlogic"
     gem.authors = ["Ben Johnson of Binary Logic", "Ben Woosley"]
-    gem.add_bundler_dependencies
   end
   Jeweler::GemcutterTasks.new
 rescue LoadError
@@ -22,7 +21,8 @@ end
 require 'rake/testtask'
 Rake::TestTask.new(:test) do |test|
   test.libs << 'test'
-  test.pattern = 'test/**/*_test.rb'
+  # Work around a Rake::TestTask bug: https://github.com/jimweirich/rake/issues/51
+  test.test_files = FileList['test/**/*_test.rb']
   test.verbose = true
 end
 

data/VERSION.yml

@@ -1,5 +1,5 @@
---- 
+---
 :major: 3
-:minor: 0
-:patch: 3
-:build: 
+:minor: 1
+:patch: 0
+:build: !!null 

data/lib/authlogic/acts_as_authentic/base.rb

@@ -28,7 +28,7 @@ module Authlogic
         # See the various sub modules for the configuration they provide.
         def acts_as_authentic(unsupported_options = nil, &block)
           # Stop all configuration if the DB is not set up
-          return if !db_setup?
+          raise StandardError.new("You must establish a database connection before using acts_as_authentic") if !db_setup?
           
           raise ArgumentError.new("You are using the old v1.X.X configuration method for Authlogic. Instead of " +
             "passing a hash of configuration options to acts_as_authentic, pass a block: acts_as_authentic { |c| c.my_option = my_value }") if !unsupported_options.nil?

data/lib/authlogic/acts_as_authentic/logged_in_status.rb

@@ -31,8 +31,8 @@ module Authlogic
 
           klass.class_eval do
             include InstanceMethods
-            scope :logged_in, where("last_request_at > ?", logged_in_timeout.seconds.ago)
-            scope :logged_out, where("last_request_at is NULL or last_request_at <= ?", logged_in_timeout.seconds.ago)
+            scope :logged_in, lambda{ where("last_request_at > ?", logged_in_timeout.seconds.ago) }
+            scope :logged_out, lambda{ where("last_request_at is NULL or last_request_at <= ?", logged_in_timeout.seconds.ago) }
           end
         end
 

data/lib/authlogic/acts_as_authentic/login.rb

@@ -94,7 +94,7 @@ module Authlogic
         # manner that they handle that. If you are using the login field and set false for the :case_sensitive option in
         # validates_uniqueness_of_login_field_options this method will modify the query to look something like:
         #
-        #   where("LOWER(#{quoted_table_name}.#{login_field}) = ?", login.downcase).first
+        #   where("#{quoted_table_name}.#{field} LIKE ?", login).first
         #
         # If you don't specify this it calls the good old find_by_* method:
         #
@@ -139,4 +139,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/acts_as_authentic/password.rb

@@ -58,7 +58,7 @@ module Authlogic
         alias_method :ignore_blank_passwords=, :ignore_blank_passwords
         
         # When calling valid_password?("some pass") do you want to check that password against what's in that object or whats in
-        # the datbase. Take this example:
+        # the database. Take this example:
         #
         #   u = User.first
         #   u.password = "new pass"
@@ -243,7 +243,7 @@ module Authlogic
           end
         
           # Accepts a raw password to determine if it is the correct password or not. Notice the second argument. That defaults to the value of
-          # check_passwords_against_database. See that method for mor information, but basically it just tells Authlogic to check the password
+          # check_passwords_against_database. See that method for more information, but basically it just tells Authlogic to check the password
           # against the value in the database or the value in the object.
           def valid_password?(attempted_password, check_against_database = check_passwords_against_database?)
             crypted = check_against_database && send("#{crypted_password_field}_changed?") ? send("#{crypted_password_field}_was") : send(crypted_password_field)
@@ -352,4 +352,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/acts_as_authentic/persistence_token.rb

@@ -1,7 +1,7 @@
 module Authlogic
   module ActsAsAuthentic
     # Maintains the persistence token, the token responsible for persisting sessions. This token
-    # gets stores in the session and the cookie.
+    # gets stored in the session and the cookie.
     module PersistenceToken
       def self.included(klass)
         klass.class_eval do

data/lib/authlogic/controller_adapters/rails_adapter.rb

@@ -1,3 +1,5 @@
+require 'action_controller'
+
 module Authlogic
   module ControllerAdapters
     # Adapts authlogic to work with rails. The point is to close the gap between what authlogic expects and what the rails controller object

data/lib/authlogic/controller_adapters/sinatra_adapter.rb

@@ -58,4 +58,4 @@ module Authlogic
   end
 end
 
-Sinatra::Request.send(:include, Authlogic::ControllerAdapters::SinatraAdapter::Adapter::Implementation)
+Sinatra::Base.send(:include, Authlogic::ControllerAdapters::SinatraAdapter::Adapter::Implementation)

data/lib/authlogic/crypto_providers/sha512.rb

@@ -27,7 +27,7 @@ module Authlogic
       class << self
         attr_accessor :join_token
         
-        # The number of times to loop through the encryption. This is ten because that is what restful_authentication defaults to.
+        # The number of times to loop through the encryption. This is twenty because that is what restful_authentication defaults to.
         def stretches
           @stretches ||= 20
         end

data/lib/authlogic/i18n.rb

@@ -40,6 +40,7 @@ module Authlogic
   #       not_confirmed: Your account is not confirmed
   #       not_approved: Your account is not approved
   #       no_authentication_details: You did not provide any details for authentication.
+  #       general_credentials_error: Login/Password combination is not valid
   #     models:
   #       user_session: UserSession (or whatever name you are using)
   #     attributes:

data/lib/authlogic/random.rb

@@ -3,31 +3,16 @@ module Authlogic
   # So if you are using this in a rails app you should have this library.
   module Random
     extend self
-    
-    SecureRandom = (defined?(::SecureRandom) && ::SecureRandom) || (defined?(::ActiveSupport::SecureRandom) && ::ActiveSupport::SecureRandom)
-    
-    if SecureRandom
-      def hex_token
-        SecureRandom.hex(64)
-      end
-      
-      def friendly_token
-        # use base64url as defined by RFC4648
-        SecureRandom.base64(15).tr('+/=', '').strip.delete("\n")
-      end
-    else
-      def hex_token
-        Authlogic::CryptoProviders::Sha512.encrypt(Time.now.to_s + (1..10).collect{ rand.to_s }.join)
-      end
-      
-      FRIENDLY_CHARS = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a
-      
-      def friendly_token
-        newpass = ""
-        1.upto(20) { |i| newpass << FRIENDLY_CHARS[rand(FRIENDLY_CHARS.size-1)] }
-        newpass
-      end
+
+    SecureRandom = (defined?(::SecureRandom) ? ::SecureRandom : ActiveSupport::SecureRandom)
+
+    def hex_token
+      SecureRandom.hex(64)
     end
     
+    def friendly_token
+      # use base64url as defined by RFC4648
+      SecureRandom.base64(15).tr('+/=', '').strip.delete("\n")
+    end
   end
 end

data/lib/authlogic/regex.rb

@@ -13,7 +13,7 @@ module Authlogic
       email_name_regex  = %{[A-Z0-9!#$\%&'*+/=?^_`{|}~\\-.]+}
       domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
       domain_tld_regex  = '(?:[A-Z]{2,4}|museum|travel)'
-      @email_regex = /^#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}$/i
+      @email_regex = /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
     end
     
     # A simple regular expression that only allows for letters, numbers, spaces, and .-_@. Just a standard login / username

data/lib/authlogic/session/callbacks.rb

@@ -63,10 +63,11 @@ module Authlogic
       
       def self.included(base) #:nodoc:
         base.send :include, ActiveSupport::Callbacks
-        base.define_callbacks *METHODS
-        
+        base.define_callbacks *METHODS + [{:terminator => 'result == false'}]
+        base.define_callbacks *['persist', {:terminator => 'result == true'}]
+
         # If Rails 3, support the new callback syntax
-        if base.send(base.respond_to?(:singleton_class) ? :singleton_class : :metaclass).method_defined?(:set_callback)
+        if base.singleton_class.method_defined?(:set_callback)
           METHODS.each do |method|
             base.class_eval <<-"end_eval", __FILE__, __LINE__
               def self.#{method}(*methods, &block)
@@ -81,14 +82,10 @@ module Authlogic
         METHODS.each do |method|
           class_eval <<-"end_eval", __FILE__, __LINE__
             def #{method}
-              run_callbacks(:#{method}) { |result, object| result == false }
+              run_callbacks(:#{method})
             end
           end_eval
         end
-      
-        def persist
-          run_callbacks(:persist) { |result, object| result == true }
-        end
         
         def save_record(alternate_record = nil)
           r = alternate_record || record

data/lib/authlogic/session/cookies.rb

@@ -23,10 +23,10 @@ module Authlogic
         #   session = UserSession.new(:super_high_secret)
         #   session.cookie_key => "super_high_secret_user_credentials"
         #
-        # * <tt>Default:</tt> "#{guessed_klass_name.underscore}_credentials"
+        # * <tt>Default:</tt> "#{klass_name.underscore}_credentials"
         # * <tt>Accepts:</tt> String
         def cookie_key(value = nil)
-          rw_config(:cookie_key, value, "#{guessed_klass_name.underscore}_credentials")
+          rw_config(:cookie_key, value, "#{klass_name.underscore}_credentials")
         end
         alias_method :cookie_key=, :cookie_key
         

data/lib/authlogic/session/foundation.rb

@@ -19,7 +19,7 @@ module Authlogic
           def rw_config(key, value, default_value = nil, read_value = nil)
             if value == read_value
               return acts_as_authentic_config[key] if acts_as_authentic_config.include?(key)
-              rw_config(key, default_value)
+              rw_config(key, default_value) unless default_value.nil?
             else
               config = acts_as_authentic_config.clone
               config[key] = value
@@ -74,4 +74,4 @@ module Authlogic
       end
     end
   end
-end
+end

data/lib/authlogic/session/http_auth.rb

@@ -77,7 +77,7 @@ module Authlogic
               if !login.blank? && !password.blank?
                 send("#{login_field}=", login)
                 send("#{password_field}=", password)
-                return valid?
+                valid?
               end
             end
 

data/lib/authlogic/session/klass.rb

@@ -6,13 +6,13 @@ module Authlogic
         klass.class_eval do
           extend Config
           include InstanceMethods
-          
+
           class << self
             attr_accessor :configured_klass_methods
           end
         end
       end
-      
+
       module Config
         # Lets you change which model to use for authentication.
         #
@@ -23,31 +23,22 @@ module Authlogic
           @klass = klass
         end
         alias_method :authenticate_with=, :authenticate_with
-        
+
         # The name of the class that this session is authenticating with. For example, the UserSession class will
         # authenticate with the User class unless you specify otherwise in your configuration. See authenticate_with
         # for information on how to change this value.
         def klass
-          @klass ||=
-            if klass_name
-              klass_name.constantize
-            else
-              nil
-            end
-        end
-        
-        # Same as klass, just returns a string instead of the actual constant.
-        def klass_name
-          @klass_name ||= guessed_klass_name
+          @klass ||= klass_name ? klass_name.constantize : nil
         end
-        
+
         # The string of the model name class guessed from the actual session class name.
-        def guessed_klass_name
-          guessed_name = name.scan(/(.*)Session/)[0]
-          guessed_name[0] if guessed_name
+        def klass_name
+          return @klass_name if defined?(@klass_name)
+          @klass_name = name.scan(/(.*)Session/)[0]
+          @klass_name = klass_name ? klass_name[0] : nil
         end
       end
-      
+
       module InstanceMethods
         # Creating an alias method for the "record" method based on the klass name, so that we can do:
         #
@@ -63,7 +54,7 @@ module Authlogic
           end
           super
         end
-        
+
         private
           def klass
             self.class.klass

data/lib/authlogic/session/persistence.rb

@@ -46,7 +46,7 @@ module Authlogic
       
       module InstanceMethods
         # Let's you know if the session is being persisted or not, meaning the user does not have to explicitly log in
-        # in order to be logged in. If the session has no associated record, it will try to find a record and persis
+        # in order to be logged in. If the session has no associated record, it will try to find a record and persist
         # the session. This is the method that the class level method find uses to ultimately persist the session.
         def persisting?
           return true if !record.nil?

data/test/acts_as_authentic_test/email_test.rb

@@ -93,6 +93,10 @@ module ActsAsAuthenticTest
       u.email = "dakota.d'ux@gmail.com"
       u.valid?
       assert u.errors[:email].size == 0
+      
+      u.email = "<script>alert(123);</script>\nnobody@example.com"
+      assert !u.valid?
+      assert u.errors[:email].size > 0
     end
 
     def test_validates_uniqueness_of_email_field

data/test/acts_as_authentic_test/logged_in_status_test.rb

@@ -2,6 +2,8 @@ require 'test_helper'
 
 module ActsAsAuthenticTest
   class LoggedInStatusTest < ActiveSupport::TestCase
+    ERROR_MSG = 'Multiple calls to %s should result in different relations'
+    
     def test_logged_in_timeout_config
       assert_equal 10.minutes.to_i, User.logged_in_timeout
       assert_equal 10.minutes.to_i, Employee.logged_in_timeout
@@ -13,12 +15,24 @@ module ActsAsAuthenticTest
     end
     
     def test_named_scope_logged_in
+      # Testing that the scope returned differs, because the time it was called should be 
+      # slightly different. This is an attempt to make sure the scope is lambda wrapped 
+      # so that it is re-evaluated every time its called. My biggest concern is that the
+      # test happens so fast that the test fails... I just don't know a better way to test it!
+      assert User.logged_in.where_values != User.logged_in.where_values, ERROR_MSG % '#logged_in'
+      
       assert_equal 0, User.logged_in.count
       User.first.update_attribute(:last_request_at, Time.now)
       assert_equal 1, User.logged_in.count
     end
     
     def test_named_scope_logged_out
+      # Testing that the scope returned differs, because the time it was called should be 
+      # slightly different. This is an attempt to make sure the scope is lambda wrapped 
+      # so that it is re-evaluated every time its called. My biggest concern is that the
+      # test happens so fast that the test fails... I just don't know a better way to test it!
+      assert User.logged_in.where_values != User.logged_out.where_values, ERROR_MSG % '#logged_out'
+      
       assert_equal 2, User.logged_out.count
       User.first.update_attribute(:last_request_at, Time.now)
       assert_equal 1, User.logged_out.count

data/test/libs/user_session.rb

@@ -2,5 +2,4 @@ class UserSession < Authlogic::Session::Base
 end
 
 class BackOfficeUserSession < Authlogic::Session::Base
-  authenticate_with User
 end

data/test/random_test.rb

@@ -3,40 +3,7 @@ require 'test_helper'
 class RandomTest < ActiveSupport::TestCase
   def test_random_tokens_are_indeed_random
     # this might fail if you are *really* unlucky :)
-    with_any_random do
-      assert_not_equal Authlogic::Random.hex_token,       Authlogic::Random.hex_token
-      assert_not_equal Authlogic::Random.friendly_token,  Authlogic::Random.friendly_token
-    end
+    assert_not_equal Authlogic::Random.hex_token,       Authlogic::Random.hex_token
+    assert_not_equal Authlogic::Random.friendly_token,  Authlogic::Random.friendly_token
   end
-
-  private
-    def with_any_random(&block)
-      [true, false].each {|val| with_secure_random_enabled(val, &block)}
-    end
-
-    def with_secure_random_enabled(enabled = true)
-      # can't really test SecureRandom if we don't have an implementation
-      return if enabled && !Authlogic::Random::SecureRandom
-    
-      current_sec_rand = Authlogic::Random::SecureRandom
-      reload_authlogic_with_sec_random!(current_sec_rand, enabled)
-  
-      yield
-    ensure
-      reload_authlogic_with_sec_random!(current_sec_rand)
-    end
-
-    def reload_authlogic_with_sec_random!(secure_random, enabled = true)
-      silence_warnings do
-        secure_random.parent.const_set(secure_random.name.sub("#{secure_random.parent}::", ''), enabled ? secure_random : nil)
-        load(File.dirname(__FILE__) + '/../lib/authlogic/random.rb')
-      end
-    end
-
-    def silence_warnings
-      old_verbose, $VERBOSE = $VERBOSE, nil
-      yield
-    ensure
-      $VERBOSE = old_verbose
-    end
 end

data/test/session_test/callbacks_test.rb

@@ -1,6 +1,54 @@
 require 'test_helper'
 
+class WackyUserSession < Authlogic::Session::Base
+  attr_accessor :counter
+  authenticate_with User
+
+  def initialize
+    @counter = 0
+    super
+  end
+
+  def persist_by_false
+    self.counter += 1
+    return false
+  end
+
+  def persist_by_true
+    self.counter += 1
+    return true
+  end
+end
+
 module SessionTest
   class CallbacksTest < ActiveSupport::TestCase
+    def setup
+     WackyUserSession.reset_callbacks(:persist)
+    end
+    
+    def test_no_callbacks
+      assert_equal [], WackyUserSession._persist_callbacks.map(&:filter)
+      session = WackyUserSession.new
+      session.send(:persist)
+      assert_equal 0, session.counter
+    end
+
+    def test_true_callback_cancelling_later_callbacks
+      WackyUserSession.persist :persist_by_true, :persist_by_false
+      assert_equal [:persist_by_true, :persist_by_false], WackyUserSession._persist_callbacks.map(&:filter)
+  
+      session = WackyUserSession.new
+      session.send(:persist)
+      assert_equal 1, session.counter
+    end
+  
+    def test_false_callback_continuing_to_later_callbacks
+      WackyUserSession.persist :persist_by_false, :persist_by_true
+      assert_equal [:persist_by_false, :persist_by_true], WackyUserSession._persist_callbacks.map(&:filter)
+  
+      session = WackyUserSession.new
+      session.send(:persist)
+      assert_equal 2, session.counter
+    end
   end
 end

data/test/session_test/cookies_test.rb

@@ -6,35 +6,35 @@ module SessionTest
       def test_cookie_key
         UserSession.cookie_key = "my_cookie_key"
         assert_equal "my_cookie_key", UserSession.cookie_key
-    
+
         UserSession.cookie_key "user_credentials"
         assert_equal "user_credentials", UserSession.cookie_key
       end
-    
+
       def test_default_cookie_key
         assert_equal "user_credentials", UserSession.cookie_key
         assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
       end
-    
+
       def test_remember_me
         UserSession.remember_me = true
         assert_equal true, UserSession.remember_me
         session = UserSession.new
         assert_equal true, session.remember_me
-    
+
         UserSession.remember_me false
         assert_equal false, UserSession.remember_me
         session = UserSession.new
         assert_equal false, session.remember_me
       end
-  
+
       def test_remember_me_for
         UserSession.remember_me_for = 3.years
         assert_equal 3.years, UserSession.remember_me_for
         session = UserSession.new
         session.remember_me = true
         assert_equal 3.years, session.remember_me_for
-    
+
         UserSession.remember_me_for 3.months
         assert_equal 3.months, UserSession.remember_me_for
         session = UserSession.new
@@ -66,48 +66,48 @@ module SessionTest
         assert_equal false, session.httponly
       end
     end
-    
+
     class InstanceMethodsTest < ActiveSupport::TestCase
       def test_credentials
         session = UserSession.new
         session.credentials = {:remember_me => true}
         assert_equal true, session.remember_me
       end
-    
+
       def test_remember_me
         session = UserSession.new
         assert_equal false, session.remember_me
         assert !session.remember_me?
-      
+
         session.remember_me = false
         assert_equal false, session.remember_me
         assert !session.remember_me?
-      
+
         session.remember_me = true
         assert_equal true, session.remember_me
         assert session.remember_me?
-      
+
         session.remember_me = nil
         assert_nil session.remember_me
         assert !session.remember_me?
-      
+
         session.remember_me = "1"
         assert_equal "1", session.remember_me
         assert session.remember_me?
-      
+
         session.remember_me = "true"
         assert_equal "true", session.remember_me
         assert session.remember_me?
       end
-    
+
       def test_remember_me_until
         session = UserSession.new
         assert_nil session.remember_me_until
-      
+
         session.remember_me = true
         assert 3.months.from_now <= session.remember_me_until
       end
-    
+
       def test_persist_persist_by_cookie
         ben = users(:ben)
         assert !UserSession.find
@@ -115,14 +115,14 @@ module SessionTest
         assert session = UserSession.find
         assert_equal ben, session.record
       end
-    
+
       def test_after_save_save_cookie
         ben = users(:ben)
         session = UserSession.new(ben)
         assert session.save
         assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
       end
-    
+
       def test_after_destroy_destroy_cookie
         ben = users(:ben)
         set_cookie_for(ben)

data/test/session_test/http_auth_test.rb

@@ -40,6 +40,7 @@ module SessionTest
           assert_equal "benrocks", session.send(:protected_password)
           assert !controller.http_auth_requested?
         end
+        unset_session
         UserSession.request_http_basic_auth = true
         UserSession.http_basic_auth_realm = 'PersistTestRealm'
         http_basic_auth_for(ben) do

data/test/session_test/klass_test.rb

@@ -7,12 +7,12 @@ module SessionTest
         UserSession.authenticate_with = Employee
         assert_equal "Employee", UserSession.klass_name
         assert_equal Employee, UserSession.klass
-    
+
         UserSession.authenticate_with User
         assert_equal "User", UserSession.klass_name
         assert_equal User, UserSession.klass
       end
-    
+
       def test_klass
         assert_equal User, UserSession.klass
       end
@@ -20,13 +20,13 @@ module SessionTest
       def test_klass_name
         assert_equal "User", UserSession.klass_name
       end
-      
-      def test_guessed_klass_name
-        assert_equal "User", UserSession.guessed_klass_name
-        assert_equal "BackOfficeUser", BackOfficeUserSession.guessed_klass_name
+
+      def test_klass_name_uses_custom_name
+        assert_equal "User", UserSession.klass_name
+        assert_equal "BackOfficeUser", BackOfficeUserSession.klass_name
       end
     end
-    
+
     class InstanceMethodsTest < ActiveSupport::TestCase
       def test_record_method
         ben = users(:ben)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: Empact-authlogic
 version: !ruby/object:Gem::Version
-  version: 3.0.3
+  version: 3.1.0
   prerelease: 
 platform: ruby
 authors:
@@ -10,11 +10,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-08-14 00:00:00.000000000Z
+date: 2012-04-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
-  requirement: &2164354060 !ruby/object:Gem::Requirement
+  requirement: &70148993109920 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -22,18 +22,7 @@ dependencies:
         version: 3.0.7
   type: :runtime
   prerelease: false
-  version_requirements: *2164354060
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: &2164350480 !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: 3.0.7
-  type: :runtime
-  prerelease: false
-  version_requirements: *2164350480
+  version_requirements: *70148993109920
 description: 
 email: bjohnson@binarylogic.com
 executables: []
@@ -184,7 +173,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2975867320564342286
+      hash: 1446451024535166867
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -193,58 +182,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.5
+rubygems_version: 1.8.11
 signing_key: 
 specification_version: 3
 summary: A clean, simple, and unobtrusive ruby authentication solution.
-test_files:
-- test/acts_as_authentic_test/base_test.rb
-- test/acts_as_authentic_test/email_test.rb
-- test/acts_as_authentic_test/logged_in_status_test.rb
-- test/acts_as_authentic_test/login_test.rb
-- test/acts_as_authentic_test/magic_columns_test.rb
-- test/acts_as_authentic_test/password_test.rb
-- test/acts_as_authentic_test/perishable_token_test.rb
-- test/acts_as_authentic_test/persistence_token_test.rb
-- test/acts_as_authentic_test/restful_authentication_test.rb
-- test/acts_as_authentic_test/session_maintenance_test.rb
-- test/acts_as_authentic_test/single_access_test.rb
-- test/authenticates_many_test.rb
-- test/crypto_provider_test/aes256_test.rb
-- test/crypto_provider_test/bcrypt_test.rb
-- test/crypto_provider_test/sha1_test.rb
-- test/crypto_provider_test/sha256_test.rb
-- test/crypto_provider_test/sha512_test.rb
-- test/i18n_test.rb
-- test/libs/affiliate.rb
-- test/libs/company.rb
-- test/libs/employee.rb
-- test/libs/employee_session.rb
-- test/libs/ldaper.rb
-- test/libs/ordered_hash.rb
-- test/libs/project.rb
-- test/libs/user.rb
-- test/libs/user_session.rb
-- test/random_test.rb
-- test/session_test/activation_test.rb
-- test/session_test/active_record_trickery_test.rb
-- test/session_test/brute_force_protection_test.rb
-- test/session_test/callbacks_test.rb
-- test/session_test/cookies_test.rb
-- test/session_test/credentials_test.rb
-- test/session_test/existence_test.rb
-- test/session_test/http_auth_test.rb
-- test/session_test/id_test.rb
-- test/session_test/klass_test.rb
-- test/session_test/magic_columns_test.rb
-- test/session_test/magic_states_test.rb
-- test/session_test/params_test.rb
-- test/session_test/password_test.rb
-- test/session_test/perishability_test.rb
-- test/session_test/persistence_test.rb
-- test/session_test/scopes_test.rb
-- test/session_test/session_test.rb
-- test/session_test/timeout_test.rb
-- test/session_test/unauthorized_record_test.rb
-- test/session_test/validation_test.rb
-- test/test_helper.rb
+test_files: []