authenticate 0.1.0

data/spec/dummy/config/locales/en.yml

@@ -0,0 +1,23 @@
+# Files in the config/locales directory are used for internationalization
+# and are automatically loaded by Rails. If you want to use locales other
+# than English, add the necessary files in this directory.
+#
+# To use the locales, use `I18n.t`:
+#
+#     I18n.t 'hello'
+#
+# In views, this is aliased to just `t`:
+#
+#     <%= t('hello') %>
+#
+# To use a different locale, set it with `I18n.locale`:
+#
+#     I18n.locale = :es
+#
+# This would use the information in config/locales/es.yml.
+#
+# To learn more, please read the Rails Internationalization guide
+# available at http://guides.rubyonrails.org/i18n.html.
+
+en:
+  hello: "Hello world"

data/spec/dummy/config/routes.rb

@@ -0,0 +1,56 @@
+Rails.application.routes.draw do
+  # The priority is based upon order of creation: first created -> highest priority.
+  # See how all your routes lay out with "rake routes".
+
+  # You can have the root of your site routed with "root"
+  # root 'welcome#index'
+
+  # Example of regular route:
+  #   get 'products/:id' => 'catalog#view'
+
+  # Example of named route that can be invoked with purchase_url(id: product.id)
+  #   get 'products/:id/purchase' => 'catalog#purchase', as: :purchase
+
+  # Example resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Example resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Example resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Example resource route with more complex sub-resources:
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', on: :collection
+  #     end
+  #   end
+
+  # Example resource route with concerns:
+  #   concern :toggleable do
+  #     post 'toggle'
+  #   end
+  #   resources :posts, concerns: :toggleable
+  #   resources :photos, concerns: :toggleable
+
+  # Example resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+end

data/spec/dummy/config/secrets.yml

@@ -0,0 +1,22 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key is used for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure the secrets in this file are kept private
+# if you're sharing your code publicly.
+
+development:
+  secret_key_base: 8b743fc5fc1621f167b724fc5743a8bc2879babd89d3d378be441e688a3ae4ed3833db2d1d7236a155648b04973ab9513b42ce2bcf7b6107417fc269f7f2a93c
+
+test:
+  secret_key_base: cba9ecd3512c1e69ab918b88a57a5ebaaaea6c35ad3347f43cba5c965733138c20b4ef9a33d59747eef26da8f95615ec418b5a12c2c433abd3bbdf4af7e5906c
+
+# Do not keep production secrets in the repository,
+# instead read values from the environment.
+production:
+  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

data/spec/dummy/db/migrate/20160120003910_create_users.rb

@@ -0,0 +1,18 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :email
+      t.string :encrypted_password
+      t.string :session_token
+      t.datetime :session_expiration
+      t.integer :sign_in_count
+      t.datetime :last_sign_in_at
+      t.string :last_sign_in_ip
+      t.datetime :last_access_at
+      t.datetime :current_sign_in_at
+      t.string :current_sign_in_ip
+
+      t.timestamps null: false
+    end
+  end
+end

data/spec/dummy/db/schema.rb

@@ -0,0 +1,31 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema.define(version: 20160120003910) do
+
+  create_table "users", force: :cascade do |t|
+    t.string   "email"
+    t.string   "encrypted_password"
+    t.string   "session_token"
+    t.datetime "session_expiration"
+    t.integer  "sign_in_count"
+    t.datetime "last_sign_in_at"
+    t.string   "last_sign_in_ip"
+    t.datetime "last_access_at"
+    t.datetime "current_sign_in_at"
+    t.string   "current_sign_in_ip"
+    t.datetime "created_at",         null: false
+    t.datetime "updated_at",         null: false
+  end
+
+end

data/spec/dummy/public/404.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <div>
+      <h1>The page you were looking for doesn't exist.</h1>
+      <p>You may have mistyped the address or the page may have moved.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/422.html

@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <div>
+      <h1>The change you wanted was rejected.</h1>
+      <p>Maybe you tried to change something you didn't have access to.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/dummy/public/500.html

@@ -0,0 +1,66 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <div>
+      <h1>We're sorry, but something went wrong.</h1>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>

data/spec/factories/users.rb

@@ -0,0 +1,23 @@
+FactoryGirl.define do
+  sequence :email do |n|
+    "user#{n}@example.com"
+  end
+
+  factory :user do
+    email
+    encrypted_password 'password'
+
+    trait :with_session_token do
+      session_token 'this_is_a_big_fake_long_token'
+    end
+
+    # trait :with_forgotten_password do
+    #   confirmation_token Clearance::Token.new
+    # end
+
+    # factory :user_with_optional_password, class: 'UserWithOptionalPassword' do
+    #   password nil
+    #   encrypted_password ''
+    # end
+  end
+end

data/spec/model/session_spec.rb

@@ -0,0 +1,86 @@
+require 'spec_helper'
+
+
+describe Authenticate::Session do
+
+  describe 'session token' do
+    it 'finds a user from session token' do
+      user = create(:user, :with_session_token)
+      request = {}
+      cookies = {authenticate_session_token: user.session_token}
+      session = Authenticate::Session.new(request, cookies)
+      expect(session.current_user).to eq user
+    end
+    it 'returns nil without a session token' do
+      request = {}
+      cookies = {session_token: nil}
+      session = Authenticate::Session.new(request, cookies)
+      expect(session.current_user).to be_nil
+    end
+    it 'returns nil with a bogus session token' do
+      request = {}
+      cookies = {session_token: 'some made up value'}
+      session = Authenticate::Session.new(request, cookies)
+      expect(session.current_user).to be_nil
+    end
+  end
+
+  describe '#login' do
+    it 'sets current_user' do
+      user = build(:user, :with_session_token)
+      session = Authenticate::Session.new(mock_request, {})
+      session.login(user)
+      expect(session.current_user).to eq user
+    end
+    context 'with a block' do
+      it 'passes the success status to the block when login succeeds' do
+        user = build(:user, :with_session_token)
+        session = Authenticate::Session.new(mock_request, {})
+        session.login user do |status|
+          expect(status.success?).to eq true
+        end
+      end
+      it 'passes the failure status to the block when login fails' do
+        session = Authenticate::Session.new(mock_request, {})
+        session.login nil do |status|
+          expect(status.success?).to eq false
+        end
+      end
+    end
+    context 'with nil argument' do
+      it 'assigned current_user to nil' do
+        session = Authenticate::Session.new(mock_request, {})
+        session.login nil
+        expect(session.current_user).to be_nil
+      end
+    end
+    context 'modules' do
+      it 'runs the callbacks' do
+        user = create(:user, :with_session_token, sign_in_count: 0)
+        cookies = {authenticate_session_token: user.session_token}
+        session = Authenticate::Session.new(mock_request, cookies)
+        expect{session.login(user)}.to change{user.sign_in_count}.by(1)
+      end
+      it 'fails login if a callback fails' do
+        failure_message = 'THIS IS A FORCED FAIL'
+        Authenticate.lifecycle.after_authentication do |user, session, opts|
+          throw(:failure, failure_message)
+        end
+        user = create(:user, :with_session_token, last_access_at: 10.minutes.ago)
+        cookies = {authenticate_session_token: user.session_token}
+        session = Authenticate::Session.new(mock_request, cookies)
+        session.login user do |status|
+          expect(status.success?).to eq false
+          expect(status.message).to eq failure_message
+        end
+      end
+    end
+  end
+
+
+  def mock_request
+    req = double("request")
+    allow(req).to receive(:remote_ip).and_return('111.111.111.111')
+    return req
+  end
+end