authgasm 0.9.1 → 0.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -4,23 +4,16 @@ module Authgasm
4
4
  #
5
5
  # Just like in ActiveRecord you have before_save, before_validation, etc. You have similar callbacks with Authgasm, see all callbacks below.
6
6
  module Callbacks
7
- CALLBACKS = %w(before_create after_create before_destroy after_destroy before_update after_update before_validation after_validation)
7
+ CALLBACKS = %w(before_create after_create before_destroy after_destroy before_save after_save before_update after_update before_validation after_validation)
8
8
 
9
9
  def self.included(base) #:nodoc:
10
- [:create, :destroy, :update, :valid?].each do |method|
10
+ [:destroy, :save, :valid?].each do |method|
11
11
  base.send :alias_method_chain, method, :callbacks
12
12
  end
13
13
 
14
14
  base.send :include, ActiveSupport::Callbacks
15
15
  base.define_callbacks *CALLBACKS
16
16
  end
17
-
18
- def create_with_callbacks(updating = false) # :nodoc:
19
- run_callbacks(:before_create)
20
- result = create_without_callbacks(updating)
21
- run_callbacks(:after_create) if result
22
- result
23
- end
24
17
 
25
18
  def destroy_with_callbacks # :nodoc:
26
19
  run_callbacks(:before_destroy)
@@ -29,17 +22,32 @@ module Authgasm
29
22
  result
30
23
  end
31
24
 
32
- def update_with_callbacks # :nodoc:
33
- run_callbacks(:before_update)
34
- result = update_without_callbacks
35
- run_callbacks(:after_update) if result
25
+ def save_with_callbacks # :nodoc:
26
+ if new_session?
27
+ run_callbacks(:before_create)
28
+ else
29
+ run_callbacks(:before_update)
30
+ end
31
+ run_callbacks(:before_save)
32
+ result = save_without_callbacks
33
+ if result
34
+ if new_session?
35
+ run_callbacks(:after_create)
36
+ else
37
+ run_callbacks(:after_update)
38
+ end
39
+ run_callbacks(:after_save)
40
+ end
36
41
  result
37
42
  end
38
43
 
39
- def valid_with_callbacks?(set_session = false) # :nodoc:
44
+ def valid_with_callbacks? # :nodoc:
40
45
  run_callbacks(:before_validation)
41
- result = valid_without_callbacks?(set_session)
42
- run_callbacks(:after_validation) if result
46
+ result = valid_without_callbacks?
47
+ if result
48
+ run_callbacks(:after_validation)
49
+ result = errors.empty?
50
+ end
43
51
  result
44
52
  end
45
53
  end
@@ -22,15 +22,6 @@ module Authgasm
22
22
  # # ... more configuration
23
23
  # end
24
24
  #
25
- # or...
26
- #
27
- # class UserSession < Authgasm::Session::Base
28
- # configure do |config|
29
- # config.authenticate_with = User
30
- # # ... more configuration
31
- # end
32
- # end
33
- #
34
25
  # See the methods belows for all configuration options.
35
26
  module ClassMethods
36
27
  # Lets you change which model to use for authentication.
@@ -181,6 +172,7 @@ module Authgasm
181
172
  end
182
173
 
183
174
  def remember_me_for
175
+ return unless remember_me?
184
176
  self.class.remember_me_for
185
177
  end
186
178
 
@@ -3,6 +3,12 @@ module Authgasm
3
3
  class Errors < ::ActiveRecord::Errors # :nodoc:
4
4
  end
5
5
 
6
+ class NotActivated < ::StandardError # :nodoc:
7
+ def initialize(session)
8
+ super("You must activate the Authgasm::Session::Base.controller with a controller object before creating objects")
9
+ end
10
+ end
11
+
6
12
  class SessionInvalid < ::StandardError # :nodoc:
7
13
  def initialize(session)
8
14
  super("Authentication failed: #{session.errors.full_messages.to_sentence}")
@@ -43,8 +43,8 @@ module Authgasm # :nodoc:
43
43
  end
44
44
 
45
45
  MAJOR = 0
46
- MINOR = 9
47
- TINY = 1
46
+ MINOR = 10
47
+ TINY = 0
48
48
 
49
49
  # The current version as a Version instance
50
50
  CURRENT = new(MAJOR, MINOR, TINY)
@@ -9,7 +9,7 @@ class UserSessionsController < ApplicationController
9
9
 
10
10
  def create
11
11
  @user_session = UserSession.new(params[:user_session])
12
- if @user_session.create
12
+ if @user_session.save
13
13
  flash[:notice] = "Login successful!"
14
14
  redirect_back_or_default(account_url)
15
15
  else
Binary file
Binary file
@@ -1,6 +1,8 @@
1
1
  ben:
2
2
  id: 1
3
3
  login: bjohnson
4
- crypted_password: <%= Authgasm::Sha256CryptoProvider.encrypt("benrocks") %>
4
+ password_salt: <%= salt = User.unique_token %>
5
+ crypted_password: <%= Authgasm::Sha256CryptoProvider.encrypt("benrocks" + salt) %>
6
+ remember_token: 23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14
5
7
  first_name: Ben
6
8
  last_name: Johnson
@@ -6,10 +6,31 @@ class UserSessionsControllerTest < ActionController::TestCase
6
6
  @request = ActionController::TestRequest.new
7
7
  @response = ActionController::TestResponse.new
8
8
  end
9
-
10
- def test_truth
9
+
10
+ def test_new
11
+ get :new
12
+ assert @controller.instance_variable_get(:@user_session).is_a?(UserSession)
13
+ end
14
+
15
+ def test_successful_create
11
16
  get :create, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
12
17
  assert_equal 1, session[:user_id]
13
- assert_equal ["YmpvaG5zb24=\n:::2e8884187c71ff39af9ac05ebcaa0f40ab2432de51035aff8b0f491f890314d0"], cookies["user_credentials"]
18
+ assert_equal ["23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14"], cookies["user_credentials"]
19
+ assert_redirected_to account_url
20
+ end
21
+
22
+ def test_unsuccessful_create
23
+ get :create, {:user_session => {:login => "bjohnson", :password => "badpassword"}}
24
+ assert_equal nil, session[:user_id]
25
+ assert_equal nil, cookies["user_credentials"]
26
+ assert_template "new"
27
+ end
28
+
29
+ def test_destroy
30
+ get :destroy
31
+ assert_equal nil, session[:user_id]
32
+ assert_equal nil, cookies["user_credentials"]
33
+ assert_redirected_to new_user_session_url
34
+ assert flash.key?(:notice)
14
35
  end
15
36
  end
@@ -0,0 +1,85 @@
1
+ require 'test_helper'
2
+
3
+ class UserSessionStoriesTest < ActionController::IntegrationTest
4
+ def test_registration
5
+ # Try to access the account area without being logged in
6
+ get account_url
7
+ assert_redirected_to new_user_session_url
8
+ follow_redirect!
9
+ assert flash.key?(:notice)
10
+ assert_template "user_sessions/new"
11
+
12
+ # Try to register with no info
13
+ post users_url
14
+ assert_template "users/new"
15
+
16
+ # Register successfully
17
+ post users_url, {:user => {:login => "binarylogic", :password => "pass", :confirm_password => "pass", :first_name => "Ben", :last_name => "Johnson"}}
18
+ assert_redirected_to account_url
19
+ assert flash.key?(:notice)
20
+
21
+ access_account(User.find(2))
22
+ end
23
+
24
+ def test_login_process
25
+ # Try to access the account area without being logged in
26
+ get account_url
27
+ assert_redirected_to new_user_session_url
28
+ follow_redirect!
29
+ assert flash.key?(:notice)
30
+ assert_template "user_sessions/new"
31
+
32
+ login_unsuccessfully
33
+ login_unsuccessfully("bjohnson", "badpassword")
34
+ login_successfully("bjohnson", "benrocks")
35
+
36
+ # Try to log in again after a successful login
37
+ get new_user_session_url
38
+ assert_redirected_to account_url
39
+ follow_redirect!
40
+ assert flash.key?(:notice)
41
+ assert_template "users/show"
42
+
43
+ # Try to register after a successful login
44
+ get new_user_url
45
+ assert_redirected_to account_url
46
+ follow_redirect!
47
+ assert flash.key?(:notice)
48
+ assert_template "users/show"
49
+
50
+ access_account
51
+ logout(new_user_url) # before I tried to register, it stored my location
52
+
53
+ # Try to access my account again
54
+ get account_url
55
+ assert_redirected_to new_user_session_url
56
+ assert flash.key?(:notice)
57
+ end
58
+
59
+ def test_changing_password
60
+ # Try logging in with correct credentials
61
+ login_successfully("bjohnson", "benrocks")
62
+
63
+ # Go to edit form
64
+ get edit_account_path
65
+ assert_template "users/edit"
66
+
67
+ # Edit password
68
+ put account_path, :user => {:login => "bjohnson", :password => "sillywilly", :confirm_password => "sillywilly", :first_name => "Ben", :last_name => "Johnson"}
69
+ assert_redirected_to account_url
70
+ follow_redirect!
71
+ assert flash.key?(:notice)
72
+ assert_template "users/show"
73
+
74
+ access_account
75
+ logout
76
+
77
+ # Try to access my account again
78
+ get account_url
79
+ assert_redirected_to new_user_session_url
80
+ assert flash.key?(:notice)
81
+
82
+ login_successfully("bjohnson", "sillywilly")
83
+ access_account
84
+ end
85
+ end
@@ -0,0 +1,158 @@
1
+ require 'test_helper'
2
+
3
+ # I know these tests are not really integration tests, but since UserSessions deals with cookies, models, etc. It was easiest and best to test it via an integration.
4
+ class UserSessionTest < ActionController::IntegrationTest
5
+ def test_activated
6
+ UserSession.controller = nil
7
+ assert !UserSession.activated?
8
+ get new_user_session_url # reactive
9
+ assert UserSession.activated?
10
+ end
11
+
12
+ def test_create
13
+ assert !UserSession.create("unknown", "bad")
14
+ assert UserSession.create("bjohnson", "benrocks")
15
+ assert_raise(Authgasm::Session::SessionInvalid) { assert !UserSession.create!("unknown", "bad") }
16
+ assert_nothing_raised { UserSession.create!("bjohnson", "benrocks") }
17
+ end
18
+
19
+ def test_klass
20
+ assert_equal User, UserSession.klass
21
+ end
22
+
23
+ def test_klass_name
24
+ assert_equal "User", UserSession.klass_name
25
+ end
26
+
27
+ def test_find
28
+ assert_equal nil, UserSession.find
29
+ post user_sessions_url, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
30
+ assert UserSession.find
31
+ end
32
+
33
+ def test_initialize
34
+ session = UserSession.new
35
+ assert !session.valid?
36
+ assert_equal nil, session.login
37
+ assert_equal nil, session.unauthorized_record
38
+
39
+ session = UserSession.new(:secure)
40
+ assert_equal :secure, session.id
41
+ assert !session.valid?
42
+ assert_equal nil, session.login
43
+ assert_equal nil, session.unauthorized_record
44
+
45
+ session = UserSession.new("user", "pass")
46
+ assert_equal nil, session.id
47
+ assert !session.valid?
48
+ assert_equal "user", session.login
49
+ assert_equal nil, session.unauthorized_record
50
+
51
+ session = UserSession.new("user", "pass", :secure)
52
+ assert_equal :secure, session.id
53
+ assert !session.valid?
54
+ assert_equal "user", session.login
55
+ assert_equal nil, session.unauthorized_record
56
+
57
+ session = UserSession.new(:login => "user", :password => "pass")
58
+ assert_equal nil, session.id
59
+ assert !session.valid?
60
+ assert_equal "user", session.login
61
+ assert_equal nil, session.unauthorized_record
62
+
63
+ session = UserSession.new({:login => "user", :password => "pass"}, :secure)
64
+ assert_equal :secure, session.id
65
+ assert !session.valid?
66
+ assert_equal "user", session.login
67
+ assert_equal nil, session.unauthorized_record
68
+
69
+ session = UserSession.new(users(:ben))
70
+ assert_equal nil, session.id
71
+ assert session.valid?
72
+ assert_equal nil, session.login
73
+ assert_equal users(:ben), session.unauthorized_record
74
+
75
+ session = UserSession.new(users(:ben), :secure)
76
+ assert_equal :secure, session.id
77
+ assert session.valid?
78
+ assert_equal nil, session.login
79
+ assert_equal users(:ben), session.unauthorized_record
80
+ end
81
+
82
+ def test_credentials
83
+ session = UserSession.new
84
+ session.credentials = nil
85
+ assert_equal({:login => nil, :password => "<Protected>"}, session.credentials)
86
+
87
+ session = UserSession.new
88
+ session.credentials = {:login => "ben"}
89
+ assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
90
+
91
+ session = UserSession.new
92
+ assert_raise(ArgumentError) { session.credentials = {:login => "ben", :random_field => "test"} }
93
+
94
+ session = UserSession.new
95
+ session.credentials = {:login => "ben", :password => "awesome"}
96
+ assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
97
+ assert_equal "awesome", session.send(:protected_password)
98
+ end
99
+
100
+ def test_destroy
101
+ # tested thoroughly in stories
102
+ end
103
+
104
+ def test_errors
105
+ # don't need to go crazy here since we are using ActiveRecord's error class, which has been thorough tested there
106
+ session = UserSession.new
107
+ assert !session.valid?
108
+ assert session.errors.on(:login)
109
+ assert session.errors.on(:password)
110
+ end
111
+
112
+ def test_id
113
+ session = UserSession.new
114
+ assert_equal nil, session.id
115
+ session.id = :secure
116
+ assert_equal :secure, session.id
117
+ end
118
+
119
+ def test_inspect
120
+ session = UserSession.new
121
+ assert_equal "#<UserSession {:login=>nil, :password=>\"<protected>\"}>", session.inspect
122
+
123
+ session = UserSession.new("user", "pass")
124
+ assert_equal "#<UserSession {:login=>\"user\", :password=>\"<protected>\"}>", session.inspect
125
+
126
+ session = UserSession.new(users(:ben))
127
+ assert_equal "#<UserSession {:unauthorized_record=>\"<protected>\"}>", session.inspect
128
+ end
129
+
130
+ def test_new_session
131
+ session = UserSession.new
132
+ assert session.new_session?
133
+
134
+ session.login = "bjohnson"
135
+ session.password = "benrocks"
136
+ session.save
137
+ assert !session.new_session?
138
+
139
+ login_successfully("bjohnson", "benrocks")
140
+ session = UserSession.find
141
+ assert !session.new_session?
142
+ end
143
+
144
+ def test_remember_me
145
+ session = UserSession.new
146
+ session.remember_me = true
147
+ assert_equal 3.months, session.remember_me_for
148
+ assert session.remember_me_until > Time.now
149
+
150
+ session.remember_me = false
151
+ assert_equal nil, session.remember_me_for
152
+ assert_equal nil, session.remember_me_until
153
+ end
154
+
155
+ def test_save
156
+ # tested thoroughly in stories
157
+ end
158
+ end
@@ -33,6 +33,51 @@ class Test::Unit::TestCase
33
33
  # Note: You'll currently still have to declare fixtures explicitly in integration tests
34
34
  # -- they do not yet inherit this setting
35
35
  fixtures :all
36
+ end
36
37
 
37
- # Add more helper methods to be used by all tests here...
38
+ class ActionController::IntegrationTest
39
+ def setup
40
+ get new_user_session_url # to active authgasm
41
+ end
42
+
43
+ def teardown
44
+ Authgasm::Session::Base.controller = nil
45
+ end
46
+
47
+ private
48
+ def login_successfully(login, password)
49
+ post user_sessions_url, :user_session => {:login => login, :password => password}
50
+ assert_redirected_to account_url
51
+ follow_redirect!
52
+ assert_template "users/show"
53
+ end
54
+
55
+ def login_unsuccessfully(login = nil, password = nil)
56
+ params = (login || password) ? {:user_session => {:login => login, :password => password}} : nil
57
+ post user_sessions_url, params
58
+ assert_template "user_sessions/new"
59
+ end
60
+
61
+ def access_account(user = nil)
62
+ user ||= users(:ben)
63
+ # Perform multiple requests to make sure the session is persisting properly, just being anal here
64
+ 3.times do
65
+ get account_url
66
+ assert_equal user.id, session["user_id"]
67
+ assert_equal user.remember_token, cookies["user_credentials"]
68
+ assert_response :success
69
+ assert_template "users/show"
70
+ end
71
+ end
72
+
73
+ def logout(alt_redirect = nil)
74
+ redirecting_to = alt_redirect || new_user_session_url
75
+ get logout_url
76
+ assert_redirected_to redirecting_to # because I tried to access registration above, and it stored it
77
+ follow_redirect!
78
+ assert flash.key?(:notice)
79
+ assert_equal nil, session["user_id"]
80
+ assert_equal "", cookies["user_credentials"]
81
+ assert_template redirecting_to.gsub("http://www.example.com/", "")
82
+ end
38
83
  end