authem 1.5.0 → 2.0.0

data/spec/session_spec.rb

@@ -0,0 +1,52 @@
+require "spec_helper"
+
+describe Authem::Session do
+  class User < ActiveRecord::Base
+    self.table_name = :users
+  end
+
+  let(:user){ User.create(email: "joe@example.com") }
+  let(:role){ :user }
+
+  it "generates secure token on creation" do
+    expect(Authem::Token).to receive(:generate).and_return("a secure token")
+    model = described_class.create(role: role, subject: user)
+    expect(model.token).to eq("a secure token")
+  end
+
+  it "set expires_at attribute according to ttl" do
+    model = described_class.create(role: role, subject: user, ttl: 30.minutes)
+    expect(model.expires_at).to be_within(1.second).of(30.minutes.from_now)
+  end
+
+  it "uses default ttl if value is not provided" do
+    model = described_class.create(role: role, subject: user)
+    expect(model.expires_at).to be_within(1.second).of(30.days.from_now)
+  end
+
+  context "scopes" do
+    def create_session_with_expiration(expires_at)
+      described_class.create(
+        role:       role,
+        subject:    user,
+        expires_at: expires_at
+      )
+    end
+
+    let!(:expired_session){ create_session_with_expiration(1.day.ago) }
+    let!(:active_session){ create_session_with_expiration(1.week.from_now) }
+    let(:active_scope){ described_class.active }
+    let(:expired_scope){ described_class.expired }
+
+    specify ".active filters out expired sessions" do
+      expect(active_scope).to include(active_session)
+      expect(active_scope).not_to include(expired_session)
+    end
+
+    specify ".expired filters out active sessions" do
+      expect(expired_scope).to include(expired_session)
+      expect(expired_scope).not_to include(active_session)
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+require "bundler/setup"
+require "authem"
+
+Dir[File.expand_path("../support/**/*.rb", __FILE__)].each(&method(:require))

data/spec/support/active_record.rb

@@ -0,0 +1,45 @@
+require "active_record"
+
+ActiveRecord::Migration.verbose = false
+
+ActiveRecord::Base.establish_connection(
+  adapter:  "sqlite3",
+  database: ":memory:"
+)
+
+class CreateUsersMigration < ActiveRecord::Migration
+  def up
+    create_table :users do |t|
+      t.string :email
+      t.string :password_digest
+      t.string :password_reset_token
+    end
+  end
+end
+
+class CreateSessionsMigration < ActiveRecord::Migration
+  def up
+    create_table :authem_sessions do |t|
+      t.string     :role,       null: false
+      t.references :subject,    null: false, polymorphic: true
+      t.string     :token,      null: false
+      t.datetime   :expires_at, null: false
+      t.integer    :ttl,        null: false
+      t.timestamps
+    end
+  end
+end
+
+RSpec.configure do |config|
+  config.before :suite do
+    CreateUsersMigration.new.up
+    CreateSessionsMigration.new.up
+  end
+
+  config.around do |example|
+    ActiveRecord::Base.transaction do
+      example.run
+      raise ActiveRecord::Rollback
+    end
+  end
+end

data/spec/support/i18n.rb

@@ -0,0 +1 @@
+I18n.enforce_available_locales = false

data/spec/support/time.rb

@@ -0,0 +1 @@
+Time.zone_default = ActiveSupport::TimeZone["UTC"]

data/spec/token_spec.rb

@@ -0,0 +1,10 @@
+require "spec_helper"
+
+describe Authem::Token do
+  context ".generate" do
+    subject{ described_class.generate }
+    it "generates a secure token 60 chars long" do
+      expect(subject.length).to eq(60)
+    end
+  end
+end

data/spec/user_spec.rb

@@ -0,0 +1,115 @@
+require "spec_helper"
+
+describe Authem::User do
+
+  class TestUser < ActiveRecord::Base
+    self.table_name = :users
+    include Authem::User
+
+
+    def self.create(email: "joe@example.com", password: "password")
+      super(
+        email:                 email,
+        password:              password,
+        password_confirmation: password
+      )
+    end
+  end
+
+  it "downcases email" do
+    record = TestUser.new
+    record.email = "JOE@EXAMPLE.COM"
+    expect(record.email).to eq("joe@example.com")
+  end
+
+  subject(:user){ TestUser.create }
+
+  context "#authenticate" do
+    it "returns record if password is correct" do
+      expect(user.authenticate("password")).to eq(user)
+    end
+
+    it "returns false if password is incorrect" do
+      expect(user.authenticate("notright")).to be_falsy
+    end
+
+    it "returns false if password is nil" do
+      expect(user.authenticate(nil)).to be_falsy
+    end
+  end
+
+  context "#password_reset_token" do
+    it "generates token on record creation" do
+      expect(user.password_reset_token).to be_present
+    end
+  end
+
+  context "#reset_password" do
+    it "changes the password if on successful update" do
+      expect{ user.reset_password "123", "123" }.to change{ user.reload.password_digest }
+    end
+
+    it "regenerates password reset token on successful update" do
+      expect{ user.reset_password "123", "123" }.to change{ user.reload.password_reset_token }
+    end
+
+    it "does not change password on error" do
+      expect{ user.reset_password "123", "321" }.not_to change{ user.reload.password_digest }
+      expect{ user.reset_password "123", "" }.not_to change{ user.reload.password_digest }
+      expect{ user.reset_password nil, "321" }.not_to change{ user.reload.password_digest }
+      expect{ user.reset_password nil, nil }.not_to change{ user.reload.password_digest }
+    end
+
+    it "does not change password reset token on error" do
+      expect{ user.reset_password "123", "321" }.not_to change{ user.reload.password_reset_token }
+      expect{ user.reset_password "123", "" }.not_to change{ user.reload.password_reset_token }
+      expect{ user.reset_password nil, "321" }.not_to change{ user.reload.password_reset_token }
+      expect{ user.reset_password nil, nil }.not_to change{ user.reload.password_reset_token }
+    end
+
+    it "returns true if when password change is successful" do
+      expect(user.reset_password("123", "123")).to be_truthy
+    end
+
+    it "returns false when confirmation does not match" do
+      expect(user.reset_password("123", "321")).to be_falsy
+    end
+
+    it "adds an error when confirmation does not match" do
+      user.reset_password("123", "321")
+      expect(user.errors).to include(:password_confirmation)
+    end
+
+    it "adds and error when password is blank" do
+      user.reset_password(nil, "")
+      expect(user.errors).to include(:password)
+    end
+
+    it "returns false when password is blank" do
+      expect(user.reset_password("", "")).to be_falsy
+    end
+  end
+
+  context "validations" do
+    it "allows properly formatted emails" do
+      record = TestUser.create(email: "joe@example.com")
+      expect(record.errors).not_to include(:email)
+    end
+
+    it "validates email presence" do
+      record = TestUser.create(email: nil)
+      expect(record.errors).to include(:email)
+    end
+
+    it "validates email format" do
+      record = TestUser.create(email: "joe-at-example-com")
+      expect(record.errors).to include(:email)
+    end
+
+    it "validates email uniqueness" do
+      TestUser.create email: "joe@example.com"
+      record = TestUser.create(email: "JOE@EXAMPLE.COM")
+      expect(record.errors).to include(:email)
+    end
+  end
+end

metadata

@@ -1,14 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: authem
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Paul Elliott
+- Pavel Pravosud
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-29 00:00:00.000000000 Z
+date: 2014-06-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -28,147 +29,76 @@ dependencies:
   name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '4.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '4.0'
 - !ruby/object:Gem::Dependency
   name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
   type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '3.1'
-- !ruby/object:Gem::Dependency
-  name: actionpack
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
-  type: :development
-  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
-- !ruby/object:Gem::Dependency
-  name: activerecord
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '4.0'
-- !ruby/object:Gem::Dependency
-  name: database_cleaner
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: sqlite3
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-description: Authem provides a simple solution for email-based authentication.
+        version: '3.1'
+description: Authem provides a simple solution for email-based authentication
 email:
-- paul@hashrocket.com
+- paul@codingfrontier.com
+- pavel@pravosud.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".gitignore"
+- ".rspec"
+- ".ruby-gemset"
+- ".ruby-version"
+- ".travis.yml"
+- Appraisals
+- CHANGELOG.md
+- Gemfile
 - LICENSE
 - README.markdown
 - Rakefile
+- authem.gemspec
+- gemfiles/rails_4.0.gemfile
+- gemfiles/rails_4.1.gemfile
 - lib/authem.rb
-- lib/authem/base_user.rb
-- lib/authem/config.rb
-- lib/authem/controller_support.rb
-- lib/authem/sorcery_user.rb
+- lib/authem/controller.rb
+- lib/authem/errors/ambigous_role.rb
+- lib/authem/errors/unknown_role.rb
+- lib/authem/railtie.rb
+- lib/authem/role.rb
+- lib/authem/session.rb
+- lib/authem/support.rb
 - lib/authem/token.rb
 - lib/authem/user.rb
 - lib/authem/version.rb
-- lib/generators/authem/model/model_generator.rb
+- lib/generators/authem/session/session_generator.rb
+- lib/generators/authem/session/templates/create_sessions.rb
+- lib/generators/authem/user/templates/create_table_migration.rb
+- lib/generators/authem/user/templates/model.rb
+- lib/generators/authem/user/user_generator.rb
+- spec/controller_spec.rb
+- spec/session_spec.rb
+- spec/spec_helper.rb
+- spec/support/active_record.rb
+- spec/support/i18n.rb
+- spec/support/time.rb
+- spec/token_spec.rb
+- spec/user_spec.rb
 homepage: https://github.com/paulelliott/authem
 licenses:
 - MIT
@@ -181,7 +111,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.3
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="