authgasm 0.9.1 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.rdoc +8 -0
- data/Manifest +4 -2
- data/README.rdoc +25 -3
- data/authgasm.gemspec +9 -6
- data/init.rb +0 -1
- data/lib/authgasm.rb +4 -1
- data/lib/authgasm/acts_as_authentic.rb +32 -6
- data/lib/authgasm/controller_adapters/abstract_adapter.rb +25 -0
- data/lib/authgasm/controller_adapters/rails_adapter.rb +39 -0
- data/lib/authgasm/session/active_record_trickery.rb +1 -1
- data/lib/authgasm/session/base.rb +136 -103
- data/lib/authgasm/session/callbacks.rb +24 -16
- data/lib/authgasm/session/config.rb +1 -9
- data/lib/authgasm/session/errors.rb +6 -0
- data/lib/authgasm/version.rb +2 -2
- data/test_app/app/controllers/user_sessions_controller.rb +1 -1
- data/test_app/db/development.sqlite3 +0 -0
- data/test_app/db/test.sqlite3 +0 -0
- data/test_app/test/fixtures/users.yml +3 -1
- data/test_app/test/functional/user_sessions_controller_test.rb +24 -3
- data/test_app/test/integration/user_sesion_stories_test.rb +85 -0
- data/test_app/test/integration/user_session_test.rb +158 -0
- data/test_app/test/test_helper.rb +46 -1
- metadata +8 -5
- data/lib/authgasm/controller.rb +0 -16
- data/test_app/test/unit/ass_test.rb +0 -8
@@ -4,23 +4,16 @@ module Authgasm
|
|
4
4
|
#
|
5
5
|
# Just like in ActiveRecord you have before_save, before_validation, etc. You have similar callbacks with Authgasm, see all callbacks below.
|
6
6
|
module Callbacks
|
7
|
-
CALLBACKS = %w(before_create after_create before_destroy after_destroy before_update after_update before_validation after_validation)
|
7
|
+
CALLBACKS = %w(before_create after_create before_destroy after_destroy before_save after_save before_update after_update before_validation after_validation)
|
8
8
|
|
9
9
|
def self.included(base) #:nodoc:
|
10
|
-
[:
|
10
|
+
[:destroy, :save, :valid?].each do |method|
|
11
11
|
base.send :alias_method_chain, method, :callbacks
|
12
12
|
end
|
13
13
|
|
14
14
|
base.send :include, ActiveSupport::Callbacks
|
15
15
|
base.define_callbacks *CALLBACKS
|
16
16
|
end
|
17
|
-
|
18
|
-
def create_with_callbacks(updating = false) # :nodoc:
|
19
|
-
run_callbacks(:before_create)
|
20
|
-
result = create_without_callbacks(updating)
|
21
|
-
run_callbacks(:after_create) if result
|
22
|
-
result
|
23
|
-
end
|
24
17
|
|
25
18
|
def destroy_with_callbacks # :nodoc:
|
26
19
|
run_callbacks(:before_destroy)
|
@@ -29,17 +22,32 @@ module Authgasm
|
|
29
22
|
result
|
30
23
|
end
|
31
24
|
|
32
|
-
def
|
33
|
-
|
34
|
-
|
35
|
-
|
25
|
+
def save_with_callbacks # :nodoc:
|
26
|
+
if new_session?
|
27
|
+
run_callbacks(:before_create)
|
28
|
+
else
|
29
|
+
run_callbacks(:before_update)
|
30
|
+
end
|
31
|
+
run_callbacks(:before_save)
|
32
|
+
result = save_without_callbacks
|
33
|
+
if result
|
34
|
+
if new_session?
|
35
|
+
run_callbacks(:after_create)
|
36
|
+
else
|
37
|
+
run_callbacks(:after_update)
|
38
|
+
end
|
39
|
+
run_callbacks(:after_save)
|
40
|
+
end
|
36
41
|
result
|
37
42
|
end
|
38
43
|
|
39
|
-
def valid_with_callbacks?
|
44
|
+
def valid_with_callbacks? # :nodoc:
|
40
45
|
run_callbacks(:before_validation)
|
41
|
-
result = valid_without_callbacks?
|
42
|
-
|
46
|
+
result = valid_without_callbacks?
|
47
|
+
if result
|
48
|
+
run_callbacks(:after_validation)
|
49
|
+
result = errors.empty?
|
50
|
+
end
|
43
51
|
result
|
44
52
|
end
|
45
53
|
end
|
@@ -22,15 +22,6 @@ module Authgasm
|
|
22
22
|
# # ... more configuration
|
23
23
|
# end
|
24
24
|
#
|
25
|
-
# or...
|
26
|
-
#
|
27
|
-
# class UserSession < Authgasm::Session::Base
|
28
|
-
# configure do |config|
|
29
|
-
# config.authenticate_with = User
|
30
|
-
# # ... more configuration
|
31
|
-
# end
|
32
|
-
# end
|
33
|
-
#
|
34
25
|
# See the methods belows for all configuration options.
|
35
26
|
module ClassMethods
|
36
27
|
# Lets you change which model to use for authentication.
|
@@ -181,6 +172,7 @@ module Authgasm
|
|
181
172
|
end
|
182
173
|
|
183
174
|
def remember_me_for
|
175
|
+
return unless remember_me?
|
184
176
|
self.class.remember_me_for
|
185
177
|
end
|
186
178
|
|
@@ -3,6 +3,12 @@ module Authgasm
|
|
3
3
|
class Errors < ::ActiveRecord::Errors # :nodoc:
|
4
4
|
end
|
5
5
|
|
6
|
+
class NotActivated < ::StandardError # :nodoc:
|
7
|
+
def initialize(session)
|
8
|
+
super("You must activate the Authgasm::Session::Base.controller with a controller object before creating objects")
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
6
12
|
class SessionInvalid < ::StandardError # :nodoc:
|
7
13
|
def initialize(session)
|
8
14
|
super("Authentication failed: #{session.errors.full_messages.to_sentence}")
|
data/lib/authgasm/version.rb
CHANGED
@@ -9,7 +9,7 @@ class UserSessionsController < ApplicationController
|
|
9
9
|
|
10
10
|
def create
|
11
11
|
@user_session = UserSession.new(params[:user_session])
|
12
|
-
if @user_session.
|
12
|
+
if @user_session.save
|
13
13
|
flash[:notice] = "Login successful!"
|
14
14
|
redirect_back_or_default(account_url)
|
15
15
|
else
|
Binary file
|
data/test_app/db/test.sqlite3
CHANGED
Binary file
|
@@ -1,6 +1,8 @@
|
|
1
1
|
ben:
|
2
2
|
id: 1
|
3
3
|
login: bjohnson
|
4
|
-
|
4
|
+
password_salt: <%= salt = User.unique_token %>
|
5
|
+
crypted_password: <%= Authgasm::Sha256CryptoProvider.encrypt("benrocks" + salt) %>
|
6
|
+
remember_token: 23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14
|
5
7
|
first_name: Ben
|
6
8
|
last_name: Johnson
|
@@ -6,10 +6,31 @@ class UserSessionsControllerTest < ActionController::TestCase
|
|
6
6
|
@request = ActionController::TestRequest.new
|
7
7
|
@response = ActionController::TestResponse.new
|
8
8
|
end
|
9
|
-
|
10
|
-
def
|
9
|
+
|
10
|
+
def test_new
|
11
|
+
get :new
|
12
|
+
assert @controller.instance_variable_get(:@user_session).is_a?(UserSession)
|
13
|
+
end
|
14
|
+
|
15
|
+
def test_successful_create
|
11
16
|
get :create, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
|
12
17
|
assert_equal 1, session[:user_id]
|
13
|
-
assert_equal ["
|
18
|
+
assert_equal ["23a1d7c66f456b14b45211aa656ce8ba7052fd220cd2d07a5c323792938f2a14"], cookies["user_credentials"]
|
19
|
+
assert_redirected_to account_url
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_unsuccessful_create
|
23
|
+
get :create, {:user_session => {:login => "bjohnson", :password => "badpassword"}}
|
24
|
+
assert_equal nil, session[:user_id]
|
25
|
+
assert_equal nil, cookies["user_credentials"]
|
26
|
+
assert_template "new"
|
27
|
+
end
|
28
|
+
|
29
|
+
def test_destroy
|
30
|
+
get :destroy
|
31
|
+
assert_equal nil, session[:user_id]
|
32
|
+
assert_equal nil, cookies["user_credentials"]
|
33
|
+
assert_redirected_to new_user_session_url
|
34
|
+
assert flash.key?(:notice)
|
14
35
|
end
|
15
36
|
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class UserSessionStoriesTest < ActionController::IntegrationTest
|
4
|
+
def test_registration
|
5
|
+
# Try to access the account area without being logged in
|
6
|
+
get account_url
|
7
|
+
assert_redirected_to new_user_session_url
|
8
|
+
follow_redirect!
|
9
|
+
assert flash.key?(:notice)
|
10
|
+
assert_template "user_sessions/new"
|
11
|
+
|
12
|
+
# Try to register with no info
|
13
|
+
post users_url
|
14
|
+
assert_template "users/new"
|
15
|
+
|
16
|
+
# Register successfully
|
17
|
+
post users_url, {:user => {:login => "binarylogic", :password => "pass", :confirm_password => "pass", :first_name => "Ben", :last_name => "Johnson"}}
|
18
|
+
assert_redirected_to account_url
|
19
|
+
assert flash.key?(:notice)
|
20
|
+
|
21
|
+
access_account(User.find(2))
|
22
|
+
end
|
23
|
+
|
24
|
+
def test_login_process
|
25
|
+
# Try to access the account area without being logged in
|
26
|
+
get account_url
|
27
|
+
assert_redirected_to new_user_session_url
|
28
|
+
follow_redirect!
|
29
|
+
assert flash.key?(:notice)
|
30
|
+
assert_template "user_sessions/new"
|
31
|
+
|
32
|
+
login_unsuccessfully
|
33
|
+
login_unsuccessfully("bjohnson", "badpassword")
|
34
|
+
login_successfully("bjohnson", "benrocks")
|
35
|
+
|
36
|
+
# Try to log in again after a successful login
|
37
|
+
get new_user_session_url
|
38
|
+
assert_redirected_to account_url
|
39
|
+
follow_redirect!
|
40
|
+
assert flash.key?(:notice)
|
41
|
+
assert_template "users/show"
|
42
|
+
|
43
|
+
# Try to register after a successful login
|
44
|
+
get new_user_url
|
45
|
+
assert_redirected_to account_url
|
46
|
+
follow_redirect!
|
47
|
+
assert flash.key?(:notice)
|
48
|
+
assert_template "users/show"
|
49
|
+
|
50
|
+
access_account
|
51
|
+
logout(new_user_url) # before I tried to register, it stored my location
|
52
|
+
|
53
|
+
# Try to access my account again
|
54
|
+
get account_url
|
55
|
+
assert_redirected_to new_user_session_url
|
56
|
+
assert flash.key?(:notice)
|
57
|
+
end
|
58
|
+
|
59
|
+
def test_changing_password
|
60
|
+
# Try logging in with correct credentials
|
61
|
+
login_successfully("bjohnson", "benrocks")
|
62
|
+
|
63
|
+
# Go to edit form
|
64
|
+
get edit_account_path
|
65
|
+
assert_template "users/edit"
|
66
|
+
|
67
|
+
# Edit password
|
68
|
+
put account_path, :user => {:login => "bjohnson", :password => "sillywilly", :confirm_password => "sillywilly", :first_name => "Ben", :last_name => "Johnson"}
|
69
|
+
assert_redirected_to account_url
|
70
|
+
follow_redirect!
|
71
|
+
assert flash.key?(:notice)
|
72
|
+
assert_template "users/show"
|
73
|
+
|
74
|
+
access_account
|
75
|
+
logout
|
76
|
+
|
77
|
+
# Try to access my account again
|
78
|
+
get account_url
|
79
|
+
assert_redirected_to new_user_session_url
|
80
|
+
assert flash.key?(:notice)
|
81
|
+
|
82
|
+
login_successfully("bjohnson", "sillywilly")
|
83
|
+
access_account
|
84
|
+
end
|
85
|
+
end
|
@@ -0,0 +1,158 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
# I know these tests are not really integration tests, but since UserSessions deals with cookies, models, etc. It was easiest and best to test it via an integration.
|
4
|
+
class UserSessionTest < ActionController::IntegrationTest
|
5
|
+
def test_activated
|
6
|
+
UserSession.controller = nil
|
7
|
+
assert !UserSession.activated?
|
8
|
+
get new_user_session_url # reactive
|
9
|
+
assert UserSession.activated?
|
10
|
+
end
|
11
|
+
|
12
|
+
def test_create
|
13
|
+
assert !UserSession.create("unknown", "bad")
|
14
|
+
assert UserSession.create("bjohnson", "benrocks")
|
15
|
+
assert_raise(Authgasm::Session::SessionInvalid) { assert !UserSession.create!("unknown", "bad") }
|
16
|
+
assert_nothing_raised { UserSession.create!("bjohnson", "benrocks") }
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_klass
|
20
|
+
assert_equal User, UserSession.klass
|
21
|
+
end
|
22
|
+
|
23
|
+
def test_klass_name
|
24
|
+
assert_equal "User", UserSession.klass_name
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_find
|
28
|
+
assert_equal nil, UserSession.find
|
29
|
+
post user_sessions_url, {:user_session => {:login => "bjohnson", :password => "benrocks"}}
|
30
|
+
assert UserSession.find
|
31
|
+
end
|
32
|
+
|
33
|
+
def test_initialize
|
34
|
+
session = UserSession.new
|
35
|
+
assert !session.valid?
|
36
|
+
assert_equal nil, session.login
|
37
|
+
assert_equal nil, session.unauthorized_record
|
38
|
+
|
39
|
+
session = UserSession.new(:secure)
|
40
|
+
assert_equal :secure, session.id
|
41
|
+
assert !session.valid?
|
42
|
+
assert_equal nil, session.login
|
43
|
+
assert_equal nil, session.unauthorized_record
|
44
|
+
|
45
|
+
session = UserSession.new("user", "pass")
|
46
|
+
assert_equal nil, session.id
|
47
|
+
assert !session.valid?
|
48
|
+
assert_equal "user", session.login
|
49
|
+
assert_equal nil, session.unauthorized_record
|
50
|
+
|
51
|
+
session = UserSession.new("user", "pass", :secure)
|
52
|
+
assert_equal :secure, session.id
|
53
|
+
assert !session.valid?
|
54
|
+
assert_equal "user", session.login
|
55
|
+
assert_equal nil, session.unauthorized_record
|
56
|
+
|
57
|
+
session = UserSession.new(:login => "user", :password => "pass")
|
58
|
+
assert_equal nil, session.id
|
59
|
+
assert !session.valid?
|
60
|
+
assert_equal "user", session.login
|
61
|
+
assert_equal nil, session.unauthorized_record
|
62
|
+
|
63
|
+
session = UserSession.new({:login => "user", :password => "pass"}, :secure)
|
64
|
+
assert_equal :secure, session.id
|
65
|
+
assert !session.valid?
|
66
|
+
assert_equal "user", session.login
|
67
|
+
assert_equal nil, session.unauthorized_record
|
68
|
+
|
69
|
+
session = UserSession.new(users(:ben))
|
70
|
+
assert_equal nil, session.id
|
71
|
+
assert session.valid?
|
72
|
+
assert_equal nil, session.login
|
73
|
+
assert_equal users(:ben), session.unauthorized_record
|
74
|
+
|
75
|
+
session = UserSession.new(users(:ben), :secure)
|
76
|
+
assert_equal :secure, session.id
|
77
|
+
assert session.valid?
|
78
|
+
assert_equal nil, session.login
|
79
|
+
assert_equal users(:ben), session.unauthorized_record
|
80
|
+
end
|
81
|
+
|
82
|
+
def test_credentials
|
83
|
+
session = UserSession.new
|
84
|
+
session.credentials = nil
|
85
|
+
assert_equal({:login => nil, :password => "<Protected>"}, session.credentials)
|
86
|
+
|
87
|
+
session = UserSession.new
|
88
|
+
session.credentials = {:login => "ben"}
|
89
|
+
assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
|
90
|
+
|
91
|
+
session = UserSession.new
|
92
|
+
assert_raise(ArgumentError) { session.credentials = {:login => "ben", :random_field => "test"} }
|
93
|
+
|
94
|
+
session = UserSession.new
|
95
|
+
session.credentials = {:login => "ben", :password => "awesome"}
|
96
|
+
assert_equal({:login => "ben", :password => "<Protected>"}, session.credentials)
|
97
|
+
assert_equal "awesome", session.send(:protected_password)
|
98
|
+
end
|
99
|
+
|
100
|
+
def test_destroy
|
101
|
+
# tested thoroughly in stories
|
102
|
+
end
|
103
|
+
|
104
|
+
def test_errors
|
105
|
+
# don't need to go crazy here since we are using ActiveRecord's error class, which has been thorough tested there
|
106
|
+
session = UserSession.new
|
107
|
+
assert !session.valid?
|
108
|
+
assert session.errors.on(:login)
|
109
|
+
assert session.errors.on(:password)
|
110
|
+
end
|
111
|
+
|
112
|
+
def test_id
|
113
|
+
session = UserSession.new
|
114
|
+
assert_equal nil, session.id
|
115
|
+
session.id = :secure
|
116
|
+
assert_equal :secure, session.id
|
117
|
+
end
|
118
|
+
|
119
|
+
def test_inspect
|
120
|
+
session = UserSession.new
|
121
|
+
assert_equal "#<UserSession {:login=>nil, :password=>\"<protected>\"}>", session.inspect
|
122
|
+
|
123
|
+
session = UserSession.new("user", "pass")
|
124
|
+
assert_equal "#<UserSession {:login=>\"user\", :password=>\"<protected>\"}>", session.inspect
|
125
|
+
|
126
|
+
session = UserSession.new(users(:ben))
|
127
|
+
assert_equal "#<UserSession {:unauthorized_record=>\"<protected>\"}>", session.inspect
|
128
|
+
end
|
129
|
+
|
130
|
+
def test_new_session
|
131
|
+
session = UserSession.new
|
132
|
+
assert session.new_session?
|
133
|
+
|
134
|
+
session.login = "bjohnson"
|
135
|
+
session.password = "benrocks"
|
136
|
+
session.save
|
137
|
+
assert !session.new_session?
|
138
|
+
|
139
|
+
login_successfully("bjohnson", "benrocks")
|
140
|
+
session = UserSession.find
|
141
|
+
assert !session.new_session?
|
142
|
+
end
|
143
|
+
|
144
|
+
def test_remember_me
|
145
|
+
session = UserSession.new
|
146
|
+
session.remember_me = true
|
147
|
+
assert_equal 3.months, session.remember_me_for
|
148
|
+
assert session.remember_me_until > Time.now
|
149
|
+
|
150
|
+
session.remember_me = false
|
151
|
+
assert_equal nil, session.remember_me_for
|
152
|
+
assert_equal nil, session.remember_me_until
|
153
|
+
end
|
154
|
+
|
155
|
+
def test_save
|
156
|
+
# tested thoroughly in stories
|
157
|
+
end
|
158
|
+
end
|
@@ -33,6 +33,51 @@ class Test::Unit::TestCase
|
|
33
33
|
# Note: You'll currently still have to declare fixtures explicitly in integration tests
|
34
34
|
# -- they do not yet inherit this setting
|
35
35
|
fixtures :all
|
36
|
+
end
|
36
37
|
|
37
|
-
|
38
|
+
class ActionController::IntegrationTest
|
39
|
+
def setup
|
40
|
+
get new_user_session_url # to active authgasm
|
41
|
+
end
|
42
|
+
|
43
|
+
def teardown
|
44
|
+
Authgasm::Session::Base.controller = nil
|
45
|
+
end
|
46
|
+
|
47
|
+
private
|
48
|
+
def login_successfully(login, password)
|
49
|
+
post user_sessions_url, :user_session => {:login => login, :password => password}
|
50
|
+
assert_redirected_to account_url
|
51
|
+
follow_redirect!
|
52
|
+
assert_template "users/show"
|
53
|
+
end
|
54
|
+
|
55
|
+
def login_unsuccessfully(login = nil, password = nil)
|
56
|
+
params = (login || password) ? {:user_session => {:login => login, :password => password}} : nil
|
57
|
+
post user_sessions_url, params
|
58
|
+
assert_template "user_sessions/new"
|
59
|
+
end
|
60
|
+
|
61
|
+
def access_account(user = nil)
|
62
|
+
user ||= users(:ben)
|
63
|
+
# Perform multiple requests to make sure the session is persisting properly, just being anal here
|
64
|
+
3.times do
|
65
|
+
get account_url
|
66
|
+
assert_equal user.id, session["user_id"]
|
67
|
+
assert_equal user.remember_token, cookies["user_credentials"]
|
68
|
+
assert_response :success
|
69
|
+
assert_template "users/show"
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
def logout(alt_redirect = nil)
|
74
|
+
redirecting_to = alt_redirect || new_user_session_url
|
75
|
+
get logout_url
|
76
|
+
assert_redirected_to redirecting_to # because I tried to access registration above, and it stored it
|
77
|
+
follow_redirect!
|
78
|
+
assert flash.key?(:notice)
|
79
|
+
assert_equal nil, session["user_id"]
|
80
|
+
assert_equal "", cookies["user_credentials"]
|
81
|
+
assert_template redirecting_to.gsub("http://www.example.com/", "")
|
82
|
+
end
|
38
83
|
end
|