authgasm 0.9.1 → 0.10.0

data/lib/authgasm/session/callbacks.rb

@@ -4,23 +4,16 @@ module Authgasm
     #
     # Just like in ActiveRecord you have before_save, before_validation, etc. You have similar callbacks with Authgasm, see all callbacks below.
     module Callbacks
-      CALLBACKS = %w(before_create after_create before_destroy after_destroy before_update after_update before_validation after_validation)
+      CALLBACKS = %w(before_create after_create before_destroy after_destroy before_save after_save before_update after_update before_validation after_validation)
 
       def self.included(base) #:nodoc:
-        [:create, :destroy, :update, :valid?].each do |method|
+        [:destroy, :save, :valid?].each do |method|
           base.send :alias_method_chain, method, :callbacks
         end
 
         base.send :include, ActiveSupport::Callbacks
         base.define_callbacks *CALLBACKS
       end
-            
-      def create_with_callbacks(updating = false) # :nodoc:
-        run_callbacks(:before_create)
-        result = create_without_callbacks(updating)
-        run_callbacks(:after_create) if result
-        result
-      end
       
       def destroy_with_callbacks # :nodoc:
         run_callbacks(:before_destroy)
@@ -29,17 +22,32 @@ module Authgasm
         result
       end
       
-      def update_with_callbacks # :nodoc:
-        run_callbacks(:before_update)
-        result = update_without_callbacks
-        run_callbacks(:after_update) if result
+      def save_with_callbacks # :nodoc:
+        if new_session?
+          run_callbacks(:before_create)
+        else
+          run_callbacks(:before_update)
+        end
+        run_callbacks(:before_save)
+        result = save_without_callbacks
+        if result
+          if new_session?
+            run_callbacks(:after_create)
+          else
+            run_callbacks(:after_update)
+          end
+          run_callbacks(:after_save)
+        end
         result
       end
       
-      def valid_with_callbacks?(set_session = false) # :nodoc:
+      def valid_with_callbacks? # :nodoc:
         run_callbacks(:before_validation)
-        result = valid_without_callbacks?(set_session)
-        run_callbacks(:after_validation) if result
+        result = valid_without_callbacks?
+        if result
+          run_callbacks(:after_validation)
+          result = errors.empty?
+        end
         result
       end
     end

data/lib/authgasm/session/config.rb

@@ -22,15 +22,6 @@ module Authgasm
       #     # ... more configuration
       #   end
       #
-      # or...
-      #
-      #   class UserSession < Authgasm::Session::Base
-      #     configure do |config|
-      #       config.authenticate_with = User
-      #       # ... more configuration
-      #     end
-      #   end
-      #
       # See the methods belows for all configuration options.
       module ClassMethods
         # Lets you change which model to use for authentication.
@@ -181,6 +172,7 @@ module Authgasm
         end
         
         def remember_me_for
+          return unless remember_me?
           self.class.remember_me_for
         end
         

data/lib/authgasm/session/errors.rb

@@ -3,6 +3,12 @@ module Authgasm
     class Errors < ::ActiveRecord::Errors # :nodoc:
     end
     
+    class NotActivated < ::StandardError # :nodoc:
+      def initialize(session)
+        super("You must activate the Authgasm::Session::Base.controller with a controller object before creating objects")
+      end
+    end
+    
     class SessionInvalid < ::StandardError # :nodoc:
       def initialize(session)
         super("Authentication failed: #{session.errors.full_messages.to_sentence}")

data/lib/authgasm/version.rb

@@ -43,8 +43,8 @@ module Authgasm # :nodoc:
     end
 
     MAJOR = 0
-    MINOR = 9
-    TINY  = 1
+    MINOR = 10
+    TINY  = 0
 
     # The current version as a Version instance
     CURRENT = new(MAJOR, MINOR, TINY)

data/test_app/app/controllers/user_sessions_controller.rb

@@ -9,7 +9,7 @@ class UserSessionsController < ApplicationController
   
   def create
     @user_session = UserSession.new(params[:user_session])
-    if @user_session.create
+    if @user_session.save
       flash[:notice] = "Login successful!"
       redirect_back_or_default(account_url)
     else

data/test_app/test/fixtures/users.yml

@@ -1,6 +1,8 @@
 ben:
   id: 1
   login: bjohnson
-  crypted_password: <%= Authgasm::Sha256CryptoProvider.encrypt("benrocks") %>
+  password_salt: <%= salt = User.unique_token %>
+  crypted_password: <%= Authgasm::Sha256CryptoProvider.encrypt("benrocks" + salt) %>
+  remember_token: 23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14
   first_name: Ben
   last_name: Johnson

data/test_app/test/functional/user_sessions_controller_test.rb

@@ -6,10 +6,31 @@ class UserSessionsControllerTest < ActionController::TestCase
     @request = ActionController::TestRequest.new
     @response = ActionController::TestResponse.new
   end
-
-  def test_truth
+  
+  def test_new
+    get :new
+    assert @controller.instance_variable_get(:@user_session).is_a?(UserSession)
+  end
+  
+  def test_successful_create
     get :create, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
     assert_equal 1, session[:user_id]
-    assert_equal ["YmpvaG5zb24=\n:::2e8884187c71ff39af9ac05ebcaa0f40ab2432de51035aff8b0f491f890314d0"], cookies["user_credentials"]
+    assert_equal ["23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14"], cookies["user_credentials"]
+    assert_redirected_to account_url
+  end
+  
+  def test_unsuccessful_create
+    get :create, {:user_session => {:login => "bjohnson", :password => "badpassword"}}
+    assert_equal nil, session[:user_id]
+    assert_equal nil, cookies["user_credentials"]
+    assert_template "new"
+  end
+  
+  def test_destroy
+    get :destroy
+    assert_equal nil, session[:user_id]
+    assert_equal nil, cookies["user_credentials"]
+    assert_redirected_to new_user_session_url
+    assert flash.key?(:notice)
   end
 end

data/test_app/test/integration/user_sesion_stories_test.rb

@@ -0,0 +1,85 @@
+require 'test_helper'
+
+class UserSessionStoriesTest < ActionController::IntegrationTest
+  def test_registration    
+    # Try to access the account area without being logged in
+    get account_url
+    assert_redirected_to new_user_session_url
+    follow_redirect!
+    assert flash.key?(:notice)
+    assert_template "user_sessions/new"
+    
+    # Try to register with no info
+    post users_url
+    assert_template "users/new"
+    
+    # Register successfully
+    post users_url, {:user => {:login => "binarylogic", :password => "pass", :confirm_password => "pass", :first_name => "Ben", :last_name => "Johnson"}}
+    assert_redirected_to account_url
+    assert flash.key?(:notice)
+    
+    access_account(User.find(2))
+  end
+  
+  def test_login_process
+    # Try to access the account area without being logged in
+    get account_url
+    assert_redirected_to new_user_session_url
+    follow_redirect!
+    assert flash.key?(:notice)
+    assert_template "user_sessions/new"
+    
+    login_unsuccessfully
+    login_unsuccessfully("bjohnson", "badpassword")
+    login_successfully("bjohnson", "benrocks")
+    
+    # Try to log in again after a successful login
+    get new_user_session_url
+    assert_redirected_to account_url
+    follow_redirect!
+    assert flash.key?(:notice)
+    assert_template "users/show"
+    
+    # Try to register after a successful login
+    get new_user_url
+    assert_redirected_to account_url
+    follow_redirect!
+    assert flash.key?(:notice)
+    assert_template "users/show"
+    
+    access_account
+    logout(new_user_url) # before I tried to register, it stored my location
+    
+    # Try to access my account again
+    get account_url
+    assert_redirected_to new_user_session_url
+    assert flash.key?(:notice)
+  end
+  
+  def test_changing_password
+    # Try logging in with correct credentials
+    login_successfully("bjohnson", "benrocks")
+    
+    # Go to edit form
+    get edit_account_path
+    assert_template "users/edit"
+    
+    # Edit password
+    put account_path, :user => {:login => "bjohnson", :password => "sillywilly", :confirm_password => "sillywilly", :first_name => "Ben", :last_name => "Johnson"}
+    assert_redirected_to account_url
+    follow_redirect!
+    assert flash.key?(:notice)
+    assert_template "users/show"
+    
+    access_account
+    logout
+    
+    # Try to access my account again
+    get account_url
+    assert_redirected_to new_user_session_url
+    assert flash.key?(:notice)
+    
+    login_successfully("bjohnson", "sillywilly")
+    access_account
+  end
+end

data/test_app/test/integration/user_session_test.rb

@@ -0,0 +1,158 @@
+require 'test_helper'
+
+# I know these tests are not really integration tests, but since UserSessions deals with cookies, models, etc. It was easiest and best to test it via an integration.
+class UserSessionTest < ActionController::IntegrationTest
+  def test_activated
+    UserSession.controller = nil
+    assert !UserSession.activated?
+    get new_user_session_url # reactive
+    assert UserSession.activated?
+  end
+  
+  def test_create
+    assert !UserSession.create("unknown", "bad")
+    assert UserSession.create("bjohnson", "benrocks")
+    assert_raise(Authgasm::Session::SessionInvalid) { assert !UserSession.create!("unknown", "bad") }
+    assert_nothing_raised { UserSession.create!("bjohnson", "benrocks") }
+  end
+  
+  def test_klass
+    assert_equal User, UserSession.klass
+  end
+  
+  def test_klass_name
+    assert_equal "User", UserSession.klass_name
+  end
+  
+  def test_find
+    assert_equal nil, UserSession.find
+    post user_sessions_url, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
+    assert UserSession.find
+  end
+  
+  def test_initialize
+    session = UserSession.new
+    assert !session.valid?
+    assert_equal nil, session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new(:secure)
+    assert_equal :secure, session.id
+    assert !session.valid?
+    assert_equal nil, session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new("user", "pass")
+    assert_equal nil, session.id
+    assert !session.valid?
+    assert_equal "user", session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new("user", "pass", :secure)
+    assert_equal :secure, session.id
+    assert !session.valid?
+    assert_equal "user", session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new(:login => "user", :password => "pass")
+    assert_equal nil, session.id
+    assert !session.valid?
+    assert_equal "user", session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new({:login => "user", :password => "pass"}, :secure)
+    assert_equal :secure, session.id
+    assert !session.valid?
+    assert_equal "user", session.login
+    assert_equal nil, session.unauthorized_record
+    
+    session = UserSession.new(users(:ben))
+    assert_equal nil, session.id
+    assert session.valid?
+    assert_equal nil, session.login
+    assert_equal users(:ben), session.unauthorized_record
+    
+    session = UserSession.new(users(:ben), :secure)
+    assert_equal :secure, session.id
+    assert session.valid?
+    assert_equal nil, session.login
+    assert_equal users(:ben), session.unauthorized_record
+  end
+  
+  def test_credentials
+    session = UserSession.new
+    session.credentials = nil
+    assert_equal({:login => nil, :password => "<Protected>"}, session.credentials)
+    
+    session = UserSession.new
+    session.credentials = {:login => "ben"}
+    assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
+    
+    session = UserSession.new
+    assert_raise(ArgumentError) { session.credentials = {:login => "ben", :random_field => "test"} }
+    
+    session = UserSession.new
+    session.credentials = {:login => "ben", :password => "awesome"}
+    assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
+    assert_equal "awesome", session.send(:protected_password)
+  end
+  
+  def test_destroy
+    # tested thoroughly in stories
+  end
+  
+  def test_errors
+    # don't need to go crazy here since we are using ActiveRecord's error class, which has been thorough tested there
+    session = UserSession.new
+    assert !session.valid?
+    assert session.errors.on(:login)
+    assert session.errors.on(:password)
+  end
+  
+  def test_id
+    session = UserSession.new
+    assert_equal nil, session.id
+    session.id = :secure
+    assert_equal :secure, session.id
+  end
+  
+  def test_inspect
+    session = UserSession.new
+    assert_equal "#<UserSession {:login=>nil, :password=>\"<protected>\"}>", session.inspect
+    
+    session = UserSession.new("user", "pass")
+    assert_equal "#<UserSession {:login=>\"user\", :password=>\"<protected>\"}>", session.inspect
+    
+    session = UserSession.new(users(:ben))
+    assert_equal "#<UserSession {:unauthorized_record=>\"<protected>\"}>", session.inspect
+  end
+  
+  def test_new_session
+    session = UserSession.new
+    assert session.new_session?
+    
+    session.login = "bjohnson"
+    session.password = "benrocks"
+    session.save
+    assert !session.new_session?
+    
+    login_successfully("bjohnson", "benrocks")
+    session = UserSession.find
+    assert !session.new_session?
+  end
+  
+  def test_remember_me
+    session = UserSession.new
+    session.remember_me = true
+    assert_equal 3.months, session.remember_me_for
+    assert session.remember_me_until > Time.now
+    
+    session.remember_me = false
+    assert_equal nil, session.remember_me_for
+    assert_equal nil, session.remember_me_until
+  end
+  
+  def test_save
+    # tested thoroughly in stories
+  end
+end

data/test_app/test/test_helper.rb

@@ -33,6 +33,51 @@ class Test::Unit::TestCase
   # Note: You'll currently still have to declare fixtures explicitly in integration tests
   # -- they do not yet inherit this setting
   fixtures :all
+end
 
-  # Add more helper methods to be used by all tests here...
+class ActionController::IntegrationTest
+  def setup
+    get new_user_session_url # to active authgasm
+  end
+  
+  def teardown
+    Authgasm::Session::Base.controller = nil
+  end
+  
+  private
+    def login_successfully(login, password)
+      post user_sessions_url, :user_session => {:login => login, :password => password}
+      assert_redirected_to account_url
+      follow_redirect!
+      assert_template "users/show"
+    end
+  
+    def login_unsuccessfully(login = nil, password = nil)
+      params = (login || password) ? {:user_session => {:login => login, :password => password}} : nil
+      post user_sessions_url, params
+      assert_template "user_sessions/new"
+    end
+  
+    def access_account(user = nil)
+      user ||= users(:ben)
+      # Perform multiple requests to make sure the session is persisting properly, just being anal here
+      3.times do
+        get account_url
+        assert_equal user.id, session["user_id"]
+        assert_equal user.remember_token, cookies["user_credentials"]
+        assert_response :success
+        assert_template "users/show"
+      end
+    end
+  
+    def logout(alt_redirect = nil)
+      redirecting_to = alt_redirect || new_user_session_url
+      get logout_url
+      assert_redirected_to redirecting_to # because I tried to access registration above, and it stored it
+      follow_redirect!
+      assert flash.key?(:notice)
+      assert_equal nil, session["user_id"]
+      assert_equal "", cookies["user_credentials"]
+      assert_template redirecting_to.gsub("http://www.example.com/", "")
+    end
 end