RubyGems - authlogic - Versions diffs - 1.4.3 → 2.0.0 - Mend

authlogic 1.4.3 → 2.0.0

Potentially problematic release.

This version of authlogic might be problematic. Click here for more details.

Files changed (131) hide show

data/CHANGELOG.rdoc +19 -0
data/Manifest.txt +111 -0
data/README.rdoc +116 -389
data/Rakefile +14 -7
data/lib/authlogic.rb +33 -35
data/lib/authlogic/acts_as_authentic/base.rb +91 -0
data/lib/authlogic/acts_as_authentic/email.rb +77 -0
data/lib/authlogic/acts_as_authentic/logged_in_status.rb +54 -0
data/lib/authlogic/acts_as_authentic/login.rb +65 -0
data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
data/lib/authlogic/acts_as_authentic/password.rb +215 -0
data/lib/authlogic/acts_as_authentic/perishable_token.rb +100 -0
data/lib/authlogic/acts_as_authentic/persistence_token.rb +66 -0
data/lib/authlogic/acts_as_authentic/restful_authentication.rb +60 -0
data/lib/authlogic/acts_as_authentic/session_maintenance.rb +127 -0
data/lib/authlogic/acts_as_authentic/single_access_token.rb +58 -0
data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
data/lib/authlogic/{session/authenticates_many_association.rb → authenticates_many/association.rb} +10 -6
data/lib/authlogic/authenticates_many/base.rb +55 -0
data/lib/authlogic/controller_adapters/abstract_adapter.rb +2 -3
data/lib/authlogic/controller_adapters/merb_adapter.rb +0 -4
data/lib/authlogic/controller_adapters/rails_adapter.rb +0 -4
data/lib/authlogic/crypto_providers/aes256.rb +0 -2
data/lib/authlogic/crypto_providers/bcrypt.rb +0 -2
data/lib/authlogic/crypto_providers/md5.rb +34 -0
data/lib/authlogic/crypto_providers/sha1.rb +0 -2
data/lib/authlogic/crypto_providers/sha512.rb +1 -3
data/lib/authlogic/i18n.rb +1 -4
data/lib/authlogic/random.rb +33 -0
data/lib/authlogic/session/activation.rb +56 -0
data/lib/authlogic/session/active_record_trickery.rb +15 -7
data/lib/authlogic/session/base.rb +31 -456
data/lib/authlogic/session/brute_force_protection.rb +50 -27
data/lib/authlogic/session/callbacks.rb +24 -15
data/lib/authlogic/session/cookies.rb +108 -22
data/lib/authlogic/session/existence.rb +89 -0
data/lib/authlogic/session/foundation.rb +63 -0
data/lib/authlogic/session/http_auth.rb +23 -0
data/lib/authlogic/session/id.rb +41 -0
data/lib/authlogic/session/klass.rb +75 -0
data/lib/authlogic/session/magic_columns.rb +75 -0
data/lib/authlogic/session/magic_states.rb +58 -0
data/lib/authlogic/session/params.rb +82 -19
data/lib/authlogic/session/password.rb +156 -0
data/lib/authlogic/session/{perishability.rb → perishable_token.rb} +4 -4
data/lib/authlogic/session/persistence.rb +70 -0
data/lib/authlogic/session/priority_record.rb +34 -0
data/lib/authlogic/session/scopes.rb +57 -53
data/lib/authlogic/session/session.rb +46 -31
data/lib/authlogic/session/timeout.rb +65 -31
data/lib/authlogic/session/unauthorized_record.rb +50 -0
data/lib/authlogic/session/validation.rb +76 -0
data/lib/authlogic/testing/test_unit_helpers.rb +3 -3
data/lib/authlogic/version.rb +3 -3
data/test/acts_as_authentic_test/base_test.rb +12 -0
data/test/acts_as_authentic_test/email_test.rb +79 -0
data/test/acts_as_authentic_test/logged_in_status_test.rb +36 -0
data/test/acts_as_authentic_test/login_test.rb +79 -0
data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
data/test/acts_as_authentic_test/password_test.rb +212 -0
data/test/acts_as_authentic_test/perishable_token_test.rb +56 -0
data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
data/test/acts_as_authentic_test/session_maintenance_test.rb +68 -0
data/test/acts_as_authentic_test/single_access_test.rb +39 -0
data/test/authenticates_many_test.rb +16 -0
data/test/{crypto_provider_tests → crypto_provider_test}/aes256_test.rb +1 -1
data/test/{crypto_provider_tests → crypto_provider_test}/bcrypt_test.rb +1 -1
data/test/{crypto_provider_tests → crypto_provider_test}/sha1_test.rb +1 -1
data/test/{crypto_provider_tests → crypto_provider_test}/sha512_test.rb +1 -1
data/test/fixtures/employees.yml +4 -4
data/test/fixtures/users.yml +6 -6
data/test/libs/company.rb +6 -0
data/test/libs/employee.rb +7 -0
data/test/libs/employee_session.rb +2 -0
data/test/libs/project.rb +3 -0
data/test/libs/user_session.rb +2 -0
data/test/random_test.rb +49 -0
data/test/session_test/activation_test.rb +43 -0
data/test/session_test/active_record_trickery_test.rb +26 -0
data/test/session_test/brute_force_protection_test.rb +76 -0
data/test/session_test/callbacks_test.rb +6 -0
data/test/session_test/cookies_test.rb +107 -0
data/test/session_test/credentials_test.rb +0 -0
data/test/session_test/existence_test.rb +64 -0
data/test/session_test/http_auth_test.rb +16 -0
data/test/session_test/id_test.rb +17 -0
data/test/session_test/klass_test.rb +35 -0
data/test/session_test/magic_columns_test.rb +59 -0
data/test/session_test/magic_states_test.rb +60 -0
data/test/session_test/params_test.rb +53 -0
data/test/session_test/password_test.rb +84 -0
data/test/{session_tests → session_test}/perishability_test.rb +1 -1
data/test/session_test/persistence_test.rb +21 -0
data/test/{session_tests → session_test}/scopes_test.rb +2 -3
data/test/session_test/session_test.rb +59 -0
data/test/session_test/timeout_test.rb +43 -0
data/test/session_test/unauthorized_record_test.rb +13 -0
data/test/session_test/validation_test.rb +23 -0
data/test/test_helper.rb +14 -29
metadata +120 -112
data/Manifest +0 -76
data/authlogic.gemspec +0 -38
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb +0 -22
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb +0 -238
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb +0 -155
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb +0 -51
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb +0 -71
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb +0 -94
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb +0 -87
data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb +0 -61
data/lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb +0 -58
data/lib/authlogic/session/config.rb +0 -421
data/lib/authlogic/session/errors.rb +0 -18
data/lib/authlogic/session/record_info.rb +0 -24
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb +0 -154
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb +0 -157
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb +0 -24
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb +0 -41
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb +0 -54
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb +0 -62
data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb +0 -41
data/test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb +0 -32
data/test/session_tests/active_record_trickery_test.rb +0 -14
data/test/session_tests/authenticates_many_association_test.rb +0 -28
data/test/session_tests/base_test.rb +0 -307
data/test/session_tests/brute_force_protection_test.rb +0 -53
data/test/session_tests/config_test.rb +0 -184
data/test/session_tests/cookies_test.rb +0 -32
data/test/session_tests/params_test.rb +0 -32
data/test/session_tests/session_test.rb +0 -45
data/test/session_tests/timeout_test.rb +0 -71

data/lib/authlogic/session/errors.rb DELETED Viewed

@@ -1,18 +0,0 @@
-module Authlogic
-  module Session
-    class Errors < ::ActiveRecord::Errors # :nodoc:
-    end
-    class NotActivated < ::StandardError # :nodoc:
-      def initialize(session)
-        super("You must activate the Authlogic::Session::Base.controller with a controller object before creating objects")
-      end
-    end
-    class SessionInvalid < ::StandardError # :nodoc:
-      def initialize(session)
-        super("Authentication failed: #{session.errors.full_messages.to_sentence}")
-      end
-    end
-  end
-end

data/lib/authlogic/session/record_info.rb DELETED Viewed

@@ -1,24 +0,0 @@
-module Authlogic
-  module Session
-    module RecordInfo
-      def self.included(klass)
-        klass.before_create :update_info
-      end
-      private
-        def update_info
-          record.login_count = (record.login_count.blank? ? 1 : record.login_count + 1) if record.respond_to?(:login_count)
-          if record.respond_to?(:current_login_at)
-            record.last_login_at = record.current_login_at if record.respond_to?(:last_login_at)
-            record.current_login_at = klass.default_timezone == :utc ? Time.now.utc : Time.now
-          end
-          if record.respond_to?(:current_login_ip)
-            record.last_login_ip = record.current_login_ip if record.respond_to?(:last_login_ip)
-            record.current_login_ip = controller.request.remote_ip
-          end
-        end
-    end
-  end
-end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb DELETED Viewed

@@ -1,154 +0,0 @@
-require File.dirname(__FILE__) + '/../../../test_helper.rb'
-module ORMAdaptersTests
-  module ActiveRecordAdapterTests
-    module ActsAsAuthenticTests
-      class ConfigTest < ActiveSupport::TestCase
-        setup :get_default_configuration
-        teardown :restore_default_configuration
-        def test_first_column_to_exist
-          assert_equal :login, User.first_column_to_exist(:login, :crypted_password)
-          assert_equal nil, User.first_column_to_exist(nil, :unknown)
-          assert_equal :login, User.first_column_to_exist(:unknown, :login)
-        end
-        def test_acts_as_authentic_config
-          default_config = {
-            :session_ids => [nil],
-            :email_field_validates_length_of_options => {},
-            :logged_in_timeout => 600,
-            :validate_password_field => true,
-            :login_field_validates_length_of_options => {},
-            :password_field_validation_options => {},
-            :login_field_type => :login,
-            :email_field_validates_format_of_options => {},
-            :crypted_password_field => :crypted_password,
-            :password_salt_field => :password_salt,
-            :login_field_validates_format_of_options => {},
-            :email_field_validation_options => {},
-            :crypto_provider => Authlogic::CryptoProviders::Sha512,
-            :persistence_token_field => :persistence_token,
-            :email_field_validates_uniqueness_of_options => {},
-            :session_class => "UserSession",
-            :single_access_token_field => :single_access_token,
-            :login_field_validates_uniqueness_of_options => {},
-            :validate_fields => true,
-            :login_field => :login,
-            :perishable_token_valid_for => 600,
-            :password_field_validates_length_of_options => {},
-            :password_field => :password,
-            :validate_login_field => true,
-            :email_field => :email,
-            :perishable_token_field => :perishable_token,
-            :password_field_validates_confirmation_of_options => {},
-            :validate_email_field => true,
-            :validation_options => {},
-            :login_field_validation_options => {},
-            :transition_from_crypto_provider => [],
-            :password_confirmation_field_validates_presence_of_options => {}
-           }
-          assert_equal default_config, User.acts_as_authentic_config
-        end
-        def test_session_class
-          EmployeeSession.authenticate_with User
-          User.acts_as_authentic(:session_class => EmployeeSession)
-          assert_equal EmployeeSession, User.acts_as_authentic_config[:session_class]
-          ben = users(:ben)
-          assert !EmployeeSession.find
-          ben.password = "benrocks"
-          ben.password_confirmation = "benrocks"
-          assert ben.save
-          assert EmployeeSession.find
-          EmployeeSession.authenticate_with Employee
-        end
-        def test_crypto_provider
-          User.acts_as_authentic(:crypto_provider => Authlogic::CryptoProviders::BCrypt)
-          ben = users(:ben)
-          assert !ben.valid_password?("benrocks")
-          ben.password = "benrocks"
-          ben.password_confirmation = "benrocks"
-          assert ben.save
-          assert ben.valid_password?("benrocks")
-        end
-        def test_transition_from_crypto_provider
-          ben = users(:ben)
-          convert_password_to(Authlogic::CryptoProviders::BCrypt, ben)
-          convert_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
-          convert_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
-        end
-        def test_act_like_restful_authentication
-          ben = users(:ben)
-          convert_password_to(Authlogic::CryptoProviders::Sha1, ben)
-          User.acts_as_authentic(:act_like_restful_authentication => true)
-          set_session_for(ben)
-          assert UserSession.find
-          # Let's try a brute force approach
-          salt = "7e3041ebc2fc05a40c60028e2c4901a81035d3cd"
-          digest = "00742970dc9e6319f8019fd54864d3ea740f04b1"
-          assert ben.class.connection.execute("update users set crypted_password = '#{digest}', password_salt = '#{salt}' where id = '#{ben.id}';")
-          ben.reload
-          assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
-          assert ben.valid_password?("test")
-        end
-        def test_transition_from_restful_authentication
-          User.acts_as_authentic(:transition_from_restful_authentication => true)
-          assert_equal Authlogic::CryptoProviders::Sha512, User.acts_as_authentic_config[:crypto_provider]
-          assert_equal [Authlogic::CryptoProviders::Sha1], User.acts_as_authentic_config[:transition_from_crypto_provider]
-        end
-        # Need to finish this when I can figure out the best way to implement "transactions" for ruby constants inbetween tests
-        def test_password_field_validation_options
-          #User.acts_as_authentic(:password_field_validates_length_of_options => {:if => Proc.new { |user| false }})
-          #user = User.new
-          #assert !user.save!
-          #assert !user.errors.on(:password)
-        end
-        def test_disable_perishable_token_maintenance
-          ben = users(:ben)
-          assert !ben.disable_perishable_token_maintenance?
-          User.acts_as_authentic(:disable_perishable_token_maintenance => true)
-          assert ben.disable_perishable_token_maintenance?
-          old_perishable_token = ben.perishable_token
-          assert ben.valid?
-          assert_equal old_perishable_token, ben.perishable_token
-        end
-        private
-          def get_default_configuration
-            @default_configuration = User.acts_as_authentic_config
-          end
-          def restore_default_configuration
-            User.acts_as_authentic @default_configuration
-          end
-          def convert_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
-            records = [records] unless records.is_a?(Array)
-            User.acts_as_authentic(:crypto_provider => crypto_provider, :transition_from_crypto_provider => from_crypto_providers)
-            records.each do |record|
-              old_hash = record.crypted_password
-              old_persistence_token = record.persistence_token
-              assert record.valid_password?(password_for(record))
-              assert_not_equal old_hash.to_s, record.crypted_password.to_s
-              assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s # we need to make sure the persistence token gets reset, what if it is nil and has never been used before?
-              old_hash = record.crypted_password
-              old_persistence_token = record.persistence_token
-              assert record.valid_password?(password_for(record))
-              assert_equal old_hash.to_s, record.crypted_password.to_s
-              assert_equal old_persistence_token.to_s, record.persistence_token.to_s
-            end
-          end
-      end
-    end
-  end
-end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb DELETED Viewed

@@ -1,157 +0,0 @@
-require File.dirname(__FILE__) + '/../../../test_helper.rb'
-module ORMAdaptersTests
-  module ActiveRecordAdapterTests
-    module ActsAsAuthenticTests
-      class CredentialsTest < ActiveSupport::TestCase
-        def test_user_validations
-          user = User.new
-          assert !user.valid?
-          assert user.errors.on(:login)
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.login = "a"
-          assert !user.valid?
-          assert user.errors.on(:login)
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.login = "%ben*"
-          assert !user.valid?
-          assert user.errors.on(:login)
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.login = "bjohnson"
-          assert !user.valid?
-          assert user.errors.on(:login)
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.login = "my login"
-          assert !user.valid?
-          assert !user.errors.on(:login)
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.password = "my pass"
-          assert !user.valid?
-          assert !user.errors.on(:password)
-          assert user.errors.on(:password_confirmation)
-          user.password_confirmation = "my pizass"
-          assert !user.valid?
-          assert user.errors.on(:password)
-          assert user.errors.on(:email)
-          user.password_confirmation = "my pass"
-          assert !user.valid?
-          assert user.errors.on(:email)
-          user.email = "some email"
-          assert !user.valid?
-          assert user.errors.on(:email)
-          user.email = "a@a.com"
-          assert user.valid?
-        end
-        # Make sure the default :within option is ignored, since AR will raise an error if :within and :minimum are passed.
-        def test_multiple_length_options
-          User.acts_as_authentic(:login_field_validates_length_of_options => {:minimum => 6})
-          user = User.new
-          assert_nothing_raised { user.valid? }
-        end
-        def test_employee_validations
-          employee = Employee.new
-          employee.password = "pass"
-          employee.password_confirmation = "pass"
-          assert !employee.valid?
-          assert employee.errors.on(:email)
-          employee.email = "fdsf"
-          assert !employee.valid?
-          assert employee.errors.on(:email)
-          employee.email = "fake@email.fake"
-          assert !employee.valid?
-          assert employee.errors.on(:email)
-          employee.email = "notfake@email.com"
-          assert employee.valid?
-        end
-        def test_friendly_unique_token
-          assert_equal 20, User.friendly_unique_token.length
-          assert_equal 20, Employee.friendly_unique_token.length # make sure encryptions use hashes also
-          unique_tokens = []
-          1000.times { unique_tokens << User.friendly_unique_token }
-          unique_tokens.uniq!
-          assert_equal 1000, unique_tokens.size
-        end
-        def test_password
-          user = User.new
-          user.password = "sillywilly"
-          assert user.crypted_password
-          assert user.password_salt
-          assert user.persistence_token
-          assert_equal "sillywilly", user.password
-          employee = Employee.new
-          employee.password = "awesome"
-          assert employee.crypted_password
-          assert employee.persistence_token
-          assert_equal "awesome", employee.password
-        end
-        def test_valid_password
-          ben = users(:ben)
-          assert ben.valid_password?("benrocks")
-          assert !ben.valid_password?(ben.crypted_password)
-          drew = employees(:drew)
-          assert drew.valid_password?("drewrocks")
-          assert !drew.valid_password?(drew.crypted_password)
-        end
-        def test_reset_password
-          ben = users(:ben)
-          UserSession.create(ben)
-          assert UserSession.find
-          old_password = ben.crypted_password
-          old_salt = ben.password_salt
-          old_persistence_token = ben.persistence_token
-          ben.reset_password
-          assert_not_equal old_password, ben.crypted_password
-          assert_not_equal old_salt, ben.password_salt
-          assert_not_equal old_persistence_token, ben.persistence_token
-          assert UserSession.find
-        end
-        def test_reset_password!
-          UserSession.create(users(:ben))
-          session = UserSession.find
-          assert session
-          ben = session.record
-          old_password = ben.crypted_password
-          old_salt = ben.password_salt
-          old_persistence_token = ben.persistence_token
-          ben.reset_password!
-          ben.reload
-          assert_not_equal old_password, ben.crypted_password
-          assert_not_equal old_salt, ben.password_salt
-          assert_not_equal old_persistence_token, ben.persistence_token
-          assert !UserSession.find
-        end
-      end
-    end
-  end
-end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb DELETED Viewed

@@ -1,24 +0,0 @@
-require File.dirname(__FILE__) + '/../../../test_helper.rb'
-module ORMAdaptersTests
-  module ActiveRecordAdapterTests
-    module ActsAsAuthenticTests
-      class LoggedInTest < ActiveSupport::TestCase
-        def test_named_scopes
-          assert_equal 0, User.logged_in.count
-          assert_equal User.count, User.logged_out.count
-          http_basic_auth_for(users(:ben)) { UserSession.find }
-          assert_equal 1, User.logged_in.count
-          assert_equal User.count - 1, User.logged_out.count
-        end
-        def test_logged_in
-          ben = users(:ben)
-          assert !ben.logged_in?
-          assert ben.update_attribute(:last_request_at, Time.now)
-          assert ben.logged_in?
-        end
-      end
-    end
-  end
-end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb DELETED Viewed

@@ -1,41 +0,0 @@
-require File.dirname(__FILE__) + '/../../../test_helper.rb'
-module ORMAdaptersTests
-  module ActiveRecordAdapterTests
-    module ActsAsAuthenticTests
-      class PerishabilityTest < ActiveSupport::TestCase
-        def test_before_validation
-          ben = users(:ben)
-          old_perishable_token = ben.perishable_token
-          assert ben.valid?
-          assert_not_equal old_perishable_token, ben.perishable_token
-          ben.reload
-          assert_equal old_perishable_token, ben.perishable_token
-          assert ben.save
-          assert_not_equal old_perishable_token, ben.perishable_token
-        end
-        def test_find_using_perishable_token
-          ben = users(:ben)
-          assert_nil User.find_using_perishable_token("")
-          assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
-          assert ben.class.connection.execute("update users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = '#{ben.id}';")
-          assert_nil User.find_using_perishable_token(ben.perishable_token)
-          assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
-        end
-        def test_reset_perishable_token
-          ben = users(:ben)
-          old_perishable_token = ben.perishable_token
-          ben.reset_perishable_token
-          assert_not_equal old_perishable_token, ben.perishable_token
-          ben.reload
-          assert_equal old_perishable_token, ben.perishable_token
-          ben.reset_perishable_token!
-          ben.reload
-          assert_not_equal old_perishable_token, ben.perishable_token
-        end
-      end
-    end
-  end
-end

data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb DELETED Viewed

@@ -1,54 +0,0 @@
-require File.dirname(__FILE__) + '/../../../test_helper.rb'
-module ORMAdaptersTests
-  module ActiveRecordAdapterTests
-    module ActsAsAuthenticTests
-      class PersistenceTest < ActiveSupport::TestCase
-        def test_unique_token
-          assert_equal 128, User.unique_token.length
-          assert_equal 128, Employee.unique_token.length # make sure encryptions use hashes also
-          unique_tokens = []
-          1000.times { unique_tokens << User.unique_token }
-          unique_tokens.uniq!
-          assert_equal 1000, unique_tokens.size
-        end
-        def test_forget_all
-          http_basic_auth_for(users(:ben)) { UserSession.find }
-          http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
-          assert UserSession.find
-          assert UserSession.find(:ziggity_zack)
-          User.forget_all!
-          assert !UserSession.find
-          assert !UserSession.find(:ziggity_zack)
-        end
-        def test_forget
-          ben = users(:ben)
-          zack = users(:zack)
-          http_basic_auth_for(ben) { UserSession.find }
-          http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
-          assert ben.reload.logged_in?
-          assert zack.reload.logged_in?
-          ben.forget!
-          assert !UserSession.find
-          assert UserSession.find(:ziggity_zack)
-        end
-        def test_password
-          ben = users(:ben)
-          old_persistence_token = ben.persistence_token
-          ben.password = ""
-          assert_equal old_persistence_token, ben.persistence_token
-          ben.password = "newpass"
-          assert_not_equal old_persistence_token, ben.persistence_token
-        end
-      end
-    end
-  end
-end