authkit 0.4.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +0 -3
- data/Rakefile +3 -2
- data/lib/authkit/version.rb +1 -1
- data/lib/generators/authkit/install_generator.rb +181 -35
- data/lib/generators/authkit/templates/app/controllers/application_controller.rb +6 -0
- data/lib/generators/authkit/templates/app/controllers/auths_controller.rb +144 -0
- data/lib/generators/authkit/templates/app/controllers/email_confirmation_controller.rb +1 -1
- data/lib/generators/authkit/templates/app/controllers/password_reset_controller.rb +7 -1
- data/lib/generators/authkit/templates/app/controllers/sessions_controller.rb +11 -2
- data/lib/generators/authkit/templates/app/controllers/signup_controller.rb +4 -2
- data/lib/generators/authkit/templates/app/controllers/upload_controller.rb +78 -0
- data/lib/generators/authkit/templates/app/controllers/users_controller.rb +2 -2
- data/lib/generators/authkit/templates/app/forms/signup.rb +57 -7
- data/lib/generators/authkit/templates/app/helpers/auths_helper.rb +26 -0
- data/lib/generators/authkit/templates/app/helpers/upload_helper.rb +118 -0
- data/lib/generators/authkit/templates/app/models/auth.rb +81 -0
- data/lib/generators/authkit/templates/app/models/avatar.rb +45 -0
- data/lib/generators/authkit/templates/app/models/user.rb +53 -26
- data/lib/generators/authkit/templates/app/views/auths/connect.html.erb +34 -0
- data/lib/generators/authkit/templates/app/views/password_change/show.html.erb +9 -9
- data/lib/generators/authkit/templates/app/views/password_reset/show.html.erb +6 -6
- data/lib/generators/authkit/templates/app/views/sessions/new.html.erb +25 -7
- data/lib/generators/authkit/templates/app/views/signup/new.html.erb +44 -32
- data/lib/generators/authkit/templates/app/views/users/complete.html.erb +39 -0
- data/lib/generators/authkit/templates/app/views/users/edit.html.erb +31 -31
- data/lib/generators/authkit/templates/app/workers/avatar_import_worker.rb +12 -0
- data/lib/generators/authkit/templates/config/initializers/filter_parameter_logging.rb +2 -2
- data/lib/generators/authkit/templates/config/initializers/omniauth.rb +59 -0
- data/lib/generators/authkit/templates/config/initializers/paperclip.rb +68 -0
- data/lib/generators/authkit/templates/db/migrate/add_authkit_fields_to_users.rb +8 -6
- data/lib/generators/authkit/templates/db/migrate/create_auths.rb +24 -0
- data/lib/generators/authkit/templates/db/migrate/create_avatars.rb +27 -0
- data/lib/generators/authkit/templates/lib/full_name_splitter.rb +111 -0
- data/lib/generators/authkit/templates/lib/username_format_validator.rb +11 -0
- data/lib/generators/authkit/templates/spec/controllers/application_controller_spec.rb +31 -38
- data/lib/generators/authkit/templates/spec/controllers/auths_controller_spec.rb +72 -0
- data/lib/generators/authkit/templates/spec/controllers/email_confirmation_controller_spec.rb +25 -27
- data/lib/generators/authkit/templates/spec/controllers/password_change_controller_spec.rb +30 -30
- data/lib/generators/authkit/templates/spec/controllers/password_reset_controller_spec.rb +20 -20
- data/lib/generators/authkit/templates/spec/controllers/sessions_controller_spec.rb +33 -33
- data/lib/generators/authkit/templates/spec/controllers/signup_controller_spec.rb +19 -19
- data/lib/generators/authkit/templates/spec/controllers/users_controller_spec.rb +21 -21
- data/lib/generators/authkit/templates/spec/factories/user.rb +3 -3
- data/lib/generators/authkit/templates/spec/forms/signup_spec.rb +32 -31
- data/lib/generators/authkit/templates/spec/models/auth_spec.rb +18 -0
- data/lib/generators/authkit/templates/spec/models/user_spec.rb +72 -78
- data/spec/rails_helper.rb +50 -0
- data/spec/spec_helper.rb +70 -13
- metadata +35 -17
- data/lib/generators/authkit/templates/spec/spec_helper.rb +0 -4
@@ -0,0 +1,72 @@
|
|
1
|
+
require 'rails_helper'
|
2
|
+
|
3
|
+
describe AuthsController do
|
4
|
+
render_views
|
5
|
+
|
6
|
+
describe "GET 'connect'" do
|
7
|
+
it "returns http success" do
|
8
|
+
get :connect
|
9
|
+
expect(response).to be_success
|
10
|
+
end
|
11
|
+
|
12
|
+
it "requires login"
|
13
|
+
end
|
14
|
+
|
15
|
+
describe "POST 'callback'" do
|
16
|
+
it "returns http success" do
|
17
|
+
get :connect
|
18
|
+
expect(response).to be_success
|
19
|
+
end
|
20
|
+
|
21
|
+
it "validates the authenticity of the omniauth hash"
|
22
|
+
it "requires login when connecting"
|
23
|
+
it "does not require login when signing up or signing in"
|
24
|
+
it "requires an auth hash"
|
25
|
+
it "finds an existing auth"
|
26
|
+
|
27
|
+
describe "when connecting" do
|
28
|
+
it "does not log out the user"
|
29
|
+
it "redirects to the settings path if the user has already connected the auth"
|
30
|
+
it "does not connect the auth if it is already connected to another user"
|
31
|
+
it "creates a new auth and connects it to the user"
|
32
|
+
it "redirects to the account path"
|
33
|
+
it "adds a flash message if there is an error"
|
34
|
+
end
|
35
|
+
|
36
|
+
describe "when signing in or singning up" do
|
37
|
+
it "logs out any currently logged in user"
|
38
|
+
it "logs in the auth user if found"
|
39
|
+
|
40
|
+
# This is a pessimistic protection. We assume that if another user already has the
|
41
|
+
# same email address then it is likely that the user is about to create two accounts
|
42
|
+
# and force them to sign in to the original account to connect the accounts.
|
43
|
+
# You could automatically merge the two together, but if you do not require
|
44
|
+
# email confirmation this presents a case where a malicious user could sign up using
|
45
|
+
# an email address they do not control, then when the actual user connects their account
|
46
|
+
# the malicious user would have access via the email and password they setup.
|
47
|
+
it "fails if the email address associated with the account is already attached to another user"
|
48
|
+
it "creates a new user using the auth"
|
49
|
+
it "logs the user in when signing up"
|
50
|
+
it "redirects to the accounts path"
|
51
|
+
it "redirects to the signup path with errors"
|
52
|
+
end
|
53
|
+
|
54
|
+
describe "DELETE 'callback'" do
|
55
|
+
# If you do not require a completed login, it is possible for a user to disconnect
|
56
|
+
# their only means of authentication
|
57
|
+
it "requires a completed login"
|
58
|
+
it "finds the auth"
|
59
|
+
it "destroys the auth"
|
60
|
+
it "redirects to the account path"
|
61
|
+
end
|
62
|
+
|
63
|
+
describe "POST 'failure'" do
|
64
|
+
it "redirects to settings path if connecting"
|
65
|
+
it "redirects to signup path if signing up"
|
66
|
+
it "redirects to login path if logging in"
|
67
|
+
it "sets the flash error"
|
68
|
+
end
|
69
|
+
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
data/lib/generators/authkit/templates/spec/controllers/email_confirmation_controller_spec.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'rails_helper'
|
2
2
|
|
3
3
|
describe EmailConfirmationController do
|
4
4
|
render_views
|
@@ -8,27 +8,27 @@ describe EmailConfirmationController do
|
|
8
8
|
|
9
9
|
describe "GET 'show'" do
|
10
10
|
it "requires a login" do
|
11
|
-
controller.
|
11
|
+
allow(controller).to receive(:current_user).and_return(nil)
|
12
12
|
get 'show', token: token
|
13
|
-
response.
|
14
|
-
flash[:error].
|
13
|
+
expect(response).to be_redirect
|
14
|
+
expect(flash[:error]).to_not be_empty
|
15
15
|
end
|
16
16
|
|
17
17
|
it "requires a valid token" do
|
18
18
|
user.confirmation_token = "OTHER TOKEN"
|
19
|
-
controller.
|
19
|
+
allow(controller).to receive(:current_user).and_return(user)
|
20
20
|
get 'show', token: token
|
21
|
-
response.
|
22
|
-
flash[:error].
|
21
|
+
expect(response).to be_redirect
|
22
|
+
expect(flash[:error]).to_not be_empty
|
23
23
|
end
|
24
24
|
|
25
25
|
it "requires an unexpired token" do
|
26
26
|
user.confirmation_token = token
|
27
27
|
user.confirmation_token_created_at = 4.days.ago
|
28
|
-
controller.
|
28
|
+
allow(controller).to receive(:current_user).and_return(user)
|
29
29
|
get 'show', token: token
|
30
|
-
response.
|
31
|
-
flash[:error].
|
30
|
+
expect(response).to be_redirect
|
31
|
+
expect(flash[:error]).to_not be_empty
|
32
32
|
end
|
33
33
|
|
34
34
|
describe "with a valid token" do
|
@@ -36,58 +36,56 @@ describe EmailConfirmationController do
|
|
36
36
|
user.confirmation_email = "new@example.com"
|
37
37
|
user.confirmation_token = token
|
38
38
|
user.confirmation_token_created_at = Time.now
|
39
|
+
allow(controller).to receive(:current_user).and_return(user)
|
39
40
|
end
|
40
41
|
|
41
42
|
describe "when the confirmation is successful" do
|
42
43
|
it "confirms the user email" do
|
43
|
-
|
44
|
-
user.should_receive(:email_confirmed).and_return(true)
|
44
|
+
expect(user).to receive(:email_confirmed).and_return(true)
|
45
45
|
get 'show', token: token
|
46
46
|
end
|
47
47
|
|
48
48
|
it "does not sign the user in" do
|
49
|
-
controller.
|
50
|
-
controller.should_not_receive(:login)
|
49
|
+
expect(controller).to_not receive(:login)
|
51
50
|
get 'show', token: token
|
52
51
|
end
|
53
52
|
|
54
53
|
it "sets the flash" do
|
55
|
-
controller.stub(:current_user).and_return(user)
|
56
54
|
get 'show', token: token
|
57
|
-
flash[:notice].
|
55
|
+
expect(flash[:notice]).to_not be_nil
|
58
56
|
end
|
59
57
|
|
60
58
|
it "redirects the user" do
|
61
|
-
controller.stub(:current_user).and_return(user)
|
62
59
|
get 'show', token: token
|
63
|
-
response.
|
60
|
+
expect(response).to be_redirect
|
64
61
|
end
|
65
62
|
|
66
63
|
describe "from json" do
|
67
64
|
it "returns http success" do
|
68
|
-
controller.stub(:current_user).and_return(user)
|
69
65
|
get 'show', token: token, format: 'json'
|
70
|
-
response.
|
66
|
+
expect(response).to be_success
|
71
67
|
end
|
72
68
|
end
|
73
69
|
|
74
70
|
end
|
75
71
|
|
76
72
|
describe "when the confirmation is not successful" do
|
73
|
+
before(:each) do
|
74
|
+
allow(controller).to receive(:current_user).and_return(user)
|
75
|
+
end
|
76
|
+
|
77
77
|
it "handles invalid confirmations" do
|
78
|
-
|
79
|
-
user.should_receive(:email_confirmed).and_return(false)
|
78
|
+
expect(user).to receive(:email_confirmed).and_return(false)
|
80
79
|
get 'show', token: token
|
81
|
-
flash[:error].
|
82
|
-
response.
|
80
|
+
expect(flash[:error]).to_not be_empty
|
81
|
+
expect(response).to be_redirect
|
83
82
|
end
|
84
83
|
|
85
84
|
describe "from json" do
|
86
85
|
it "returns a 422" do
|
87
|
-
|
88
|
-
user.should_receive(:email_confirmed).and_return(false)
|
86
|
+
expect(user).to receive(:email_confirmed).and_return(false)
|
89
87
|
get 'show', token: token, format: 'json'
|
90
|
-
response.code.
|
88
|
+
expect(response.code).to eq('422')
|
91
89
|
end
|
92
90
|
end
|
93
91
|
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require '
|
1
|
+
require 'rails_helper'
|
2
2
|
|
3
3
|
describe PasswordChangeController do
|
4
4
|
render_views
|
@@ -10,15 +10,15 @@ describe PasswordChangeController do
|
|
10
10
|
|
11
11
|
describe "GET 'show'" do
|
12
12
|
it "requires no user" do
|
13
|
-
controller.
|
14
|
-
controller.
|
13
|
+
allow(controller).to receive(:email_user).and_return(user)
|
14
|
+
expect(controller).to receive(:logout)
|
15
15
|
get 'show', valid_params
|
16
16
|
end
|
17
17
|
|
18
18
|
it "requires an email user" do
|
19
19
|
user.save
|
20
20
|
get 'show', valid_params
|
21
|
-
assigns(:user).id.
|
21
|
+
expect(assigns(:user).id).to eq(user.id)
|
22
22
|
end
|
23
23
|
|
24
24
|
it "redirects if there is no email user" do
|
@@ -29,39 +29,39 @@ describe PasswordChangeController do
|
|
29
29
|
end
|
30
30
|
|
31
31
|
it "requires a valid token" do
|
32
|
-
controller.
|
32
|
+
allow(controller).to receive(:email_user).and_return(user)
|
33
33
|
user.reset_password_token = "OTHER TOKEN"
|
34
34
|
get 'show', valid_params
|
35
|
-
response.
|
36
|
-
flash[:error].
|
35
|
+
expect(response).to be_redirect
|
36
|
+
expect(flash[:error]).to_not be_empty
|
37
37
|
end
|
38
38
|
|
39
39
|
it "requires an unexpired token" do
|
40
|
-
controller.
|
40
|
+
allow(controller).to receive(:email_user).and_return(user)
|
41
41
|
user.reset_password_token_created_at = 1.year.ago
|
42
42
|
get 'show', valid_params
|
43
|
-
response.
|
44
|
-
flash[:error].
|
43
|
+
expect(response).to be_redirect
|
44
|
+
expect(flash[:error]).to_not be_empty
|
45
45
|
end
|
46
46
|
|
47
47
|
it "returns http success" do
|
48
|
-
controller.
|
48
|
+
allow(controller).to receive(:email_user).and_return(user)
|
49
49
|
get 'show', valid_params
|
50
|
-
response.
|
50
|
+
expect(response).to be_success
|
51
51
|
end
|
52
52
|
end
|
53
53
|
|
54
54
|
describe "POST 'create'" do
|
55
55
|
it "requires no user" do
|
56
|
-
controller.
|
57
|
-
controller.
|
56
|
+
allow(controller).to receive(:email_user).and_return(user)
|
57
|
+
expect(controller).to receive(:logout)
|
58
58
|
get 'show', valid_params
|
59
59
|
end
|
60
60
|
|
61
61
|
it "requires an email user" do
|
62
62
|
user.save
|
63
63
|
post 'create', password_params
|
64
|
-
assigns(:user).id.
|
64
|
+
expect(assigns(:user).id).to eq(user.id)
|
65
65
|
end
|
66
66
|
|
67
67
|
it "redirects if there is no email user" do
|
@@ -72,16 +72,16 @@ describe PasswordChangeController do
|
|
72
72
|
end
|
73
73
|
|
74
74
|
it "requires a valid token" do
|
75
|
-
controller.
|
75
|
+
allow(controller).to receive(:email_user).and_return(user)
|
76
76
|
user.reset_password_token = "OTHER TOKEN"
|
77
77
|
post 'create', password_params
|
78
|
-
response.
|
79
|
-
flash[:error].
|
78
|
+
expect(response).to be_redirect
|
79
|
+
expect(flash[:error]).to_not be_empty
|
80
80
|
end
|
81
81
|
|
82
82
|
describe "with valid params" do
|
83
83
|
before(:each) do
|
84
|
-
controller.
|
84
|
+
allow(controller).to receive(:email_user).and_return(user)
|
85
85
|
end
|
86
86
|
|
87
87
|
it "changes the password" do
|
@@ -89,57 +89,57 @@ describe PasswordChangeController do
|
|
89
89
|
post 'create', password_params
|
90
90
|
}.to change(user, :password_digest)
|
91
91
|
|
92
|
-
user.
|
92
|
+
expect(user).to be_valid
|
93
93
|
end
|
94
94
|
|
95
95
|
it "does not sign the user in" do
|
96
|
-
controller.
|
96
|
+
expect(controller).to_not receive(:login)
|
97
97
|
post 'create', password_params
|
98
98
|
end
|
99
99
|
|
100
100
|
it "redirects the user" do
|
101
101
|
post 'create', password_params
|
102
|
-
response.
|
102
|
+
expect(response).to be_redirect
|
103
103
|
end
|
104
104
|
|
105
105
|
it "sets the flash" do
|
106
106
|
post 'create', password_params
|
107
|
-
flash[:notice].
|
107
|
+
expect(flash[:notice]).to match(/successfully/i)
|
108
108
|
end
|
109
109
|
|
110
110
|
describe "from json" do
|
111
111
|
it "returns http success" do
|
112
112
|
post 'create', password_params.merge(format: 'json')
|
113
|
-
response.
|
113
|
+
expect(response).to be_success
|
114
114
|
end
|
115
115
|
end
|
116
116
|
end
|
117
117
|
|
118
118
|
describe "with invalid params" do
|
119
119
|
before(:each) do
|
120
|
-
controller.
|
120
|
+
allow(controller).to receive(:email_user).and_return(user)
|
121
121
|
end
|
122
122
|
|
123
123
|
it "doesn't sign the user in" do
|
124
|
-
controller.
|
124
|
+
expect(controller).to_not receive(:login)
|
125
125
|
post 'create', {token: token, email: user.email, password: 'newpassword', password_confirmation: 'invalid'}
|
126
126
|
end
|
127
127
|
|
128
128
|
it "renders the show template" do
|
129
129
|
post 'create', {token: token, email: user.email, password: 'newpassword', password_confirmation: 'invalid'}
|
130
|
-
response.
|
130
|
+
expect(response).to render_template(:show)
|
131
131
|
end
|
132
132
|
|
133
133
|
it "has errors" do
|
134
134
|
post 'create', {token: token, email: user.email, password: 'newpassword', password_confirmation: 'invalid'}
|
135
|
-
user.
|
135
|
+
expect(user.errors[:password_confirmation].size).to eq(1)
|
136
136
|
end
|
137
137
|
|
138
138
|
describe "from json" do
|
139
139
|
it "returns an error" do
|
140
140
|
post 'create', {token: token, email: user.email, password: 'newpassword', password_confirmation: 'invalid', format: 'json'}
|
141
|
-
response.code.
|
142
|
-
response.body.
|
141
|
+
expect(response.code).to eq('422')
|
142
|
+
expect(response.body).to match(/doesn't match/i)
|
143
143
|
end
|
144
144
|
end
|
145
145
|
end
|
@@ -1,14 +1,14 @@
|
|
1
|
-
require '
|
1
|
+
require 'rails_helper'
|
2
2
|
|
3
3
|
describe PasswordResetController do
|
4
4
|
render_views
|
5
5
|
|
6
|
-
let(:user) { create(:user
|
6
|
+
let(:user) { create(:user) }
|
7
7
|
|
8
8
|
describe "GET 'show'" do
|
9
9
|
it "returns http success" do
|
10
10
|
get 'show'
|
11
|
-
response.
|
11
|
+
expect(response).to be_success
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
@@ -18,39 +18,39 @@ describe PasswordResetController do
|
|
18
18
|
end
|
19
19
|
|
20
20
|
it "redirects the user" do
|
21
|
-
post :create, {email:
|
22
|
-
response.
|
21
|
+
post :create, {email: user.email}
|
22
|
+
expect(response).to be_redirect
|
23
23
|
end
|
24
24
|
|
25
25
|
it "finds the user by the email or user name" do
|
26
|
-
post :create, {email:
|
27
|
-
controller.send(:user).
|
26
|
+
post :create, {email: user.email}
|
27
|
+
expect(controller.send(:user)).to eq(user)
|
28
28
|
end
|
29
29
|
|
30
30
|
it "logs any current user out if it finds the user" do
|
31
|
-
controller.
|
32
|
-
post :create, {email:
|
31
|
+
expect(controller).to receive(:logout)
|
32
|
+
post :create, {email: user.email}
|
33
33
|
end
|
34
34
|
|
35
35
|
it "resets the password if it finds the user" do
|
36
|
-
User.
|
37
|
-
post :create, {email:
|
36
|
+
expect_any_instance_of(User).to receive(:send_reset_password).and_return(true)
|
37
|
+
post :create, {email: user.email}
|
38
38
|
end
|
39
39
|
|
40
40
|
it "does not reset the password if it does not find a user" do
|
41
|
-
User.
|
41
|
+
expect_any_instance_of(User).to_not receive(:send_reset_password)
|
42
42
|
post :create, {email: "unknown@example.com"}
|
43
43
|
end
|
44
44
|
|
45
45
|
it "downcases the email or user name" do
|
46
|
-
User.
|
47
|
-
post :create, {email:
|
46
|
+
expect_any_instance_of(User).to receive(:send_reset_password).and_return(true)
|
47
|
+
post :create, {email: user.email.upcase}
|
48
48
|
end
|
49
49
|
|
50
50
|
describe "from json" do
|
51
51
|
it "returns http success" do
|
52
|
-
post :create, {email:
|
53
|
-
response.
|
52
|
+
post :create, {email: user.email, format: "json"}
|
53
|
+
expect(response).to be_success
|
54
54
|
end
|
55
55
|
end
|
56
56
|
|
@@ -58,24 +58,24 @@ describe PasswordResetController do
|
|
58
58
|
describe "from html" do
|
59
59
|
it "sets the flash message" do
|
60
60
|
post :create, {email: "unknown@example.com"}
|
61
|
-
flash.now[:error].
|
61
|
+
expect(flash.now[:error]).to_not be_empty
|
62
62
|
end
|
63
63
|
|
64
64
|
it "renders the show page" do
|
65
65
|
post :create, {email: "unknown@example.com"}
|
66
|
-
response.
|
66
|
+
expect(response).to render_template(:show)
|
67
67
|
end
|
68
68
|
end
|
69
69
|
|
70
70
|
describe "from json" do
|
71
71
|
it "returns an error" do
|
72
72
|
post :create, {email: "unknown@example.com", format: "json"}
|
73
|
-
response.body.
|
73
|
+
expect(response.body).to match(/invalid user name or email/i)
|
74
74
|
end
|
75
75
|
|
76
76
|
it "returns forbidden status" do
|
77
77
|
post :create, {email: "unknown@example.com", format: "json"}
|
78
|
-
response.code.
|
78
|
+
expect(response.code).to eq('422')
|
79
79
|
end
|
80
80
|
end
|
81
81
|
end
|