authlogic 1.4.3 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of authlogic might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +19 -0
- data/Manifest.txt +111 -0
- data/README.rdoc +116 -389
- data/Rakefile +14 -7
- data/lib/authlogic.rb +33 -35
- data/lib/authlogic/acts_as_authentic/base.rb +91 -0
- data/lib/authlogic/acts_as_authentic/email.rb +77 -0
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +54 -0
- data/lib/authlogic/acts_as_authentic/login.rb +65 -0
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
- data/lib/authlogic/acts_as_authentic/password.rb +215 -0
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +100 -0
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +66 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +60 -0
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +127 -0
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +58 -0
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
- data/lib/authlogic/{session/authenticates_many_association.rb → authenticates_many/association.rb} +10 -6
- data/lib/authlogic/authenticates_many/base.rb +55 -0
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +2 -3
- data/lib/authlogic/controller_adapters/merb_adapter.rb +0 -4
- data/lib/authlogic/controller_adapters/rails_adapter.rb +0 -4
- data/lib/authlogic/crypto_providers/aes256.rb +0 -2
- data/lib/authlogic/crypto_providers/bcrypt.rb +0 -2
- data/lib/authlogic/crypto_providers/md5.rb +34 -0
- data/lib/authlogic/crypto_providers/sha1.rb +0 -2
- data/lib/authlogic/crypto_providers/sha512.rb +1 -3
- data/lib/authlogic/i18n.rb +1 -4
- data/lib/authlogic/random.rb +33 -0
- data/lib/authlogic/session/activation.rb +56 -0
- data/lib/authlogic/session/active_record_trickery.rb +15 -7
- data/lib/authlogic/session/base.rb +31 -456
- data/lib/authlogic/session/brute_force_protection.rb +50 -27
- data/lib/authlogic/session/callbacks.rb +24 -15
- data/lib/authlogic/session/cookies.rb +108 -22
- data/lib/authlogic/session/existence.rb +89 -0
- data/lib/authlogic/session/foundation.rb +63 -0
- data/lib/authlogic/session/http_auth.rb +23 -0
- data/lib/authlogic/session/id.rb +41 -0
- data/lib/authlogic/session/klass.rb +75 -0
- data/lib/authlogic/session/magic_columns.rb +75 -0
- data/lib/authlogic/session/magic_states.rb +58 -0
- data/lib/authlogic/session/params.rb +82 -19
- data/lib/authlogic/session/password.rb +156 -0
- data/lib/authlogic/session/{perishability.rb → perishable_token.rb} +4 -4
- data/lib/authlogic/session/persistence.rb +70 -0
- data/lib/authlogic/session/priority_record.rb +34 -0
- data/lib/authlogic/session/scopes.rb +57 -53
- data/lib/authlogic/session/session.rb +46 -31
- data/lib/authlogic/session/timeout.rb +65 -31
- data/lib/authlogic/session/unauthorized_record.rb +50 -0
- data/lib/authlogic/session/validation.rb +76 -0
- data/lib/authlogic/testing/test_unit_helpers.rb +3 -3
- data/lib/authlogic/version.rb +3 -3
- data/test/acts_as_authentic_test/base_test.rb +12 -0
- data/test/acts_as_authentic_test/email_test.rb +79 -0
- data/test/acts_as_authentic_test/logged_in_status_test.rb +36 -0
- data/test/acts_as_authentic_test/login_test.rb +79 -0
- data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
- data/test/acts_as_authentic_test/password_test.rb +212 -0
- data/test/acts_as_authentic_test/perishable_token_test.rb +56 -0
- data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
- data/test/acts_as_authentic_test/session_maintenance_test.rb +68 -0
- data/test/acts_as_authentic_test/single_access_test.rb +39 -0
- data/test/authenticates_many_test.rb +16 -0
- data/test/{crypto_provider_tests → crypto_provider_test}/aes256_test.rb +1 -1
- data/test/{crypto_provider_tests → crypto_provider_test}/bcrypt_test.rb +1 -1
- data/test/{crypto_provider_tests → crypto_provider_test}/sha1_test.rb +1 -1
- data/test/{crypto_provider_tests → crypto_provider_test}/sha512_test.rb +1 -1
- data/test/fixtures/employees.yml +4 -4
- data/test/fixtures/users.yml +6 -6
- data/test/libs/company.rb +6 -0
- data/test/libs/employee.rb +7 -0
- data/test/libs/employee_session.rb +2 -0
- data/test/libs/project.rb +3 -0
- data/test/libs/user_session.rb +2 -0
- data/test/random_test.rb +49 -0
- data/test/session_test/activation_test.rb +43 -0
- data/test/session_test/active_record_trickery_test.rb +26 -0
- data/test/session_test/brute_force_protection_test.rb +76 -0
- data/test/session_test/callbacks_test.rb +6 -0
- data/test/session_test/cookies_test.rb +107 -0
- data/test/session_test/credentials_test.rb +0 -0
- data/test/session_test/existence_test.rb +64 -0
- data/test/session_test/http_auth_test.rb +16 -0
- data/test/session_test/id_test.rb +17 -0
- data/test/session_test/klass_test.rb +35 -0
- data/test/session_test/magic_columns_test.rb +59 -0
- data/test/session_test/magic_states_test.rb +60 -0
- data/test/session_test/params_test.rb +53 -0
- data/test/session_test/password_test.rb +84 -0
- data/test/{session_tests → session_test}/perishability_test.rb +1 -1
- data/test/session_test/persistence_test.rb +21 -0
- data/test/{session_tests → session_test}/scopes_test.rb +2 -3
- data/test/session_test/session_test.rb +59 -0
- data/test/session_test/timeout_test.rb +43 -0
- data/test/session_test/unauthorized_record_test.rb +13 -0
- data/test/session_test/validation_test.rb +23 -0
- data/test/test_helper.rb +14 -29
- metadata +120 -112
- data/Manifest +0 -76
- data/authlogic.gemspec +0 -38
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/base.rb +0 -22
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/config.rb +0 -238
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/credentials.rb +0 -155
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/logged_in.rb +0 -51
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/perishability.rb +0 -71
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/persistence.rb +0 -94
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/session_maintenance.rb +0 -87
- data/lib/authlogic/orm_adapters/active_record_adapter/acts_as_authentic/single_access.rb +0 -61
- data/lib/authlogic/orm_adapters/active_record_adapter/authenticates_many.rb +0 -58
- data/lib/authlogic/session/config.rb +0 -421
- data/lib/authlogic/session/errors.rb +0 -18
- data/lib/authlogic/session/record_info.rb +0 -24
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/config_test.rb +0 -154
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/credentials_test.rb +0 -157
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/logged_in_test.rb +0 -24
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/perishability_test.rb +0 -41
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/persistence_test.rb +0 -54
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/session_maintenance_test.rb +0 -62
- data/test/orm_adapters_tests/active_record_adapter_tests/acts_as_authentic_tests/single_access_test.rb +0 -41
- data/test/orm_adapters_tests/active_record_adapter_tests/authenticates_many_test.rb +0 -32
- data/test/session_tests/active_record_trickery_test.rb +0 -14
- data/test/session_tests/authenticates_many_association_test.rb +0 -28
- data/test/session_tests/base_test.rb +0 -307
- data/test/session_tests/brute_force_protection_test.rb +0 -53
- data/test/session_tests/config_test.rb +0 -184
- data/test/session_tests/cookies_test.rb +0 -32
- data/test/session_tests/params_test.rb +0 -32
- data/test/session_tests/session_test.rb +0 -45
- data/test/session_tests/timeout_test.rb +0 -71
|
@@ -1,53 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class BruteForceProtectionTest < ActiveSupport::TestCase
|
|
5
|
-
def test_under_limit
|
|
6
|
-
ben = users(:ben)
|
|
7
|
-
ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
|
|
8
|
-
assert ben.save
|
|
9
|
-
assert UserSession.create(:login => ben.login, :password => "benrocks")
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
def test_exceeded_limit
|
|
13
|
-
ben = users(:ben)
|
|
14
|
-
ben.failed_login_count = UserSession.consecutive_failed_logins_limit
|
|
15
|
-
assert ben.save
|
|
16
|
-
assert !UserSession.create(:login => ben.login, :password => "benrocks")
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def test_exeeding_failed_logins_limit
|
|
20
|
-
UserSession.consecutive_failed_logins_limit = 2
|
|
21
|
-
ben = users(:ben)
|
|
22
|
-
|
|
23
|
-
2.times do |i|
|
|
24
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword")
|
|
25
|
-
assert !session.save
|
|
26
|
-
assert session.errors.on(:password)
|
|
27
|
-
assert_equal i + 1, ben.reload.failed_login_count
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword2")
|
|
31
|
-
assert !session.save
|
|
32
|
-
assert !session.errors.on(:password)
|
|
33
|
-
assert_equal 2, ben.reload.failed_login_count
|
|
34
|
-
|
|
35
|
-
UserSession.consecutive_failed_logins_limit = 50
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
def test_resetting_failed_logins_count
|
|
39
|
-
ben = users(:ben)
|
|
40
|
-
|
|
41
|
-
2.times do |i|
|
|
42
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword")
|
|
43
|
-
assert !session.save
|
|
44
|
-
assert session.errors.on(:password)
|
|
45
|
-
assert_equal i + 1, ben.reload.failed_login_count
|
|
46
|
-
end
|
|
47
|
-
|
|
48
|
-
session = UserSession.new(:login => ben.login, :password => "benrocks")
|
|
49
|
-
assert session.save
|
|
50
|
-
assert_equal 0, ben.reload.failed_login_count
|
|
51
|
-
end
|
|
52
|
-
end
|
|
53
|
-
end
|
|
@@ -1,184 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class ConfigTest < ActiveSupport::TestCase
|
|
5
|
-
def test_authenticate_with
|
|
6
|
-
UserSession.authenticate_with = Employee
|
|
7
|
-
assert_equal "Employee", UserSession.klass_name
|
|
8
|
-
assert_equal Employee, UserSession.klass
|
|
9
|
-
|
|
10
|
-
UserSession.authenticate_with User
|
|
11
|
-
assert_equal "User", UserSession.klass_name
|
|
12
|
-
assert_equal User, UserSession.klass
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
def test_cookie_key
|
|
16
|
-
UserSession.cookie_key = "my_cookie_key"
|
|
17
|
-
assert_equal "my_cookie_key", UserSession.cookie_key
|
|
18
|
-
session = UserSession.new
|
|
19
|
-
assert_equal "my_cookie_key", session.cookie_key
|
|
20
|
-
|
|
21
|
-
UserSession.cookie_key "user_credentials"
|
|
22
|
-
assert_equal "user_credentials", UserSession.cookie_key
|
|
23
|
-
session = UserSession.new
|
|
24
|
-
assert_equal "user_credentials", session.cookie_key
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def test_disable_magic_states
|
|
28
|
-
UserSession.disable_magic_states = true
|
|
29
|
-
assert_equal true, UserSession.disable_magic_states
|
|
30
|
-
session = UserSession.new
|
|
31
|
-
assert_equal true, session.disable_magic_states?
|
|
32
|
-
|
|
33
|
-
UserSession.disable_magic_states false
|
|
34
|
-
assert_equal false, UserSession.disable_magic_states
|
|
35
|
-
session = UserSession.new
|
|
36
|
-
assert_equal false, session.disable_magic_states?
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
def test_find_by_login_method
|
|
40
|
-
UserSession.find_by_login_method = "my_login_method"
|
|
41
|
-
assert_equal "my_login_method", UserSession.find_by_login_method
|
|
42
|
-
session = UserSession.new
|
|
43
|
-
assert_equal "my_login_method", session.find_by_login_method
|
|
44
|
-
|
|
45
|
-
UserSession.find_by_login_method "find_by_login"
|
|
46
|
-
assert_equal "find_by_login", UserSession.find_by_login_method
|
|
47
|
-
session = UserSession.new
|
|
48
|
-
assert_equal "find_by_login", session.find_by_login_method
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def test_find_with
|
|
52
|
-
UserSession.find_with = [:session]
|
|
53
|
-
assert_equal [:session], UserSession.find_with
|
|
54
|
-
session = UserSession.new
|
|
55
|
-
assert_equal [:session], session.find_with
|
|
56
|
-
|
|
57
|
-
set_cookie_for(users(:ben))
|
|
58
|
-
assert !UserSession.find
|
|
59
|
-
|
|
60
|
-
UserSession.find_with :session, :cookie, :http_auth
|
|
61
|
-
assert_equal [:session, :cookie, :http_auth], UserSession.find_with
|
|
62
|
-
session = UserSession.new
|
|
63
|
-
assert_equal [:session, :cookie, :http_auth], session.find_with
|
|
64
|
-
|
|
65
|
-
assert UserSession.find
|
|
66
|
-
end
|
|
67
|
-
|
|
68
|
-
def test_last_request_at_threshold
|
|
69
|
-
UserSession.last_request_at_threshold = 2.minutes
|
|
70
|
-
assert_equal 2.minutes, UserSession.last_request_at_threshold
|
|
71
|
-
session = UserSession.new
|
|
72
|
-
assert_equal 2.minutes, session.last_request_at_threshold
|
|
73
|
-
|
|
74
|
-
UserSession.last_request_at_threshold 0
|
|
75
|
-
assert_equal 0, UserSession.last_request_at_threshold
|
|
76
|
-
session = UserSession.new
|
|
77
|
-
assert_equal 0, session.last_request_at_threshold
|
|
78
|
-
end
|
|
79
|
-
|
|
80
|
-
def test_login_field
|
|
81
|
-
UserSession.methods_configured = false
|
|
82
|
-
UserSession.login_field = :saweet
|
|
83
|
-
assert_equal :saweet, UserSession.login_field
|
|
84
|
-
session = UserSession.new
|
|
85
|
-
assert_equal :saweet, session.login_field
|
|
86
|
-
assert session.respond_to?(:saweet)
|
|
87
|
-
|
|
88
|
-
UserSession.login_field :login
|
|
89
|
-
assert_equal :login, UserSession.login_field
|
|
90
|
-
session = UserSession.new
|
|
91
|
-
assert_equal :login, session.login_field
|
|
92
|
-
assert session.respond_to?(:login)
|
|
93
|
-
end
|
|
94
|
-
|
|
95
|
-
def test_params_key
|
|
96
|
-
UserSession.params_key = "my_params_key"
|
|
97
|
-
assert_equal "my_params_key", UserSession.params_key
|
|
98
|
-
session = UserSession.new
|
|
99
|
-
assert_equal "my_params_key", session.params_key
|
|
100
|
-
|
|
101
|
-
UserSession.params_key "user_credentials"
|
|
102
|
-
assert_equal "user_credentials", UserSession.params_key
|
|
103
|
-
session = UserSession.new
|
|
104
|
-
assert_equal "user_credentials", session.params_key
|
|
105
|
-
end
|
|
106
|
-
|
|
107
|
-
def test_password_field
|
|
108
|
-
UserSession.methods_configured = false
|
|
109
|
-
UserSession.password_field = :saweet
|
|
110
|
-
assert_equal :saweet, UserSession.password_field
|
|
111
|
-
session = UserSession.new
|
|
112
|
-
assert_equal :saweet, session.password_field
|
|
113
|
-
assert session.respond_to?(:saweet)
|
|
114
|
-
|
|
115
|
-
UserSession.password_field :password
|
|
116
|
-
assert_equal :password, UserSession.password_field
|
|
117
|
-
session = UserSession.new
|
|
118
|
-
assert_equal :password, session.password_field
|
|
119
|
-
assert session.respond_to?(:password)
|
|
120
|
-
end
|
|
121
|
-
|
|
122
|
-
def test_remember_me
|
|
123
|
-
UserSession.remember_me = true
|
|
124
|
-
assert_equal true, UserSession.remember_me
|
|
125
|
-
session = UserSession.new
|
|
126
|
-
assert_equal true, session.remember_me
|
|
127
|
-
|
|
128
|
-
UserSession.remember_me false
|
|
129
|
-
assert_equal false, UserSession.remember_me
|
|
130
|
-
session = UserSession.new
|
|
131
|
-
assert_equal false, session.remember_me
|
|
132
|
-
end
|
|
133
|
-
|
|
134
|
-
def test_remember_me_for
|
|
135
|
-
UserSession.remember_me_for = 3.years
|
|
136
|
-
assert_equal 3.years, UserSession.remember_me_for
|
|
137
|
-
session = UserSession.new
|
|
138
|
-
session.remember_me = true
|
|
139
|
-
assert_equal 3.years, session.remember_me_for
|
|
140
|
-
|
|
141
|
-
UserSession.remember_me_for 3.months
|
|
142
|
-
assert_equal 3.months, UserSession.remember_me_for
|
|
143
|
-
session = UserSession.new
|
|
144
|
-
session.remember_me = true
|
|
145
|
-
assert_equal 3.months, session.remember_me_for
|
|
146
|
-
end
|
|
147
|
-
|
|
148
|
-
def test_session_key
|
|
149
|
-
UserSession.session_key = "my_session_key"
|
|
150
|
-
assert_equal "my_session_key", UserSession.session_key
|
|
151
|
-
session = UserSession.new
|
|
152
|
-
assert_equal "my_session_key", session.session_key
|
|
153
|
-
|
|
154
|
-
UserSession.session_key "user_credentials"
|
|
155
|
-
assert_equal "user_credentials", UserSession.session_key
|
|
156
|
-
session = UserSession.new
|
|
157
|
-
assert_equal "user_credentials", session.session_key
|
|
158
|
-
end
|
|
159
|
-
|
|
160
|
-
def test_single_access_allowed_request_types
|
|
161
|
-
UserSession.single_access_allowed_request_types = "my request type"
|
|
162
|
-
assert_equal ["my request type"], UserSession.single_access_allowed_request_types
|
|
163
|
-
session = UserSession.new
|
|
164
|
-
assert_equal ["my request type"], session.single_access_allowed_request_types
|
|
165
|
-
|
|
166
|
-
UserSession.single_access_allowed_request_types "application/rss+xml", "application/atom+xml"
|
|
167
|
-
assert_equal ["application/rss+xml", "application/atom+xml"], UserSession.single_access_allowed_request_types
|
|
168
|
-
session = UserSession.new
|
|
169
|
-
assert_equal ["application/rss+xml", "application/atom+xml"], session.single_access_allowed_request_types
|
|
170
|
-
end
|
|
171
|
-
|
|
172
|
-
def test_verify_password_method
|
|
173
|
-
UserSession.verify_password_method = "my_login_method"
|
|
174
|
-
assert_equal "my_login_method", UserSession.verify_password_method
|
|
175
|
-
session = UserSession.new
|
|
176
|
-
assert_equal "my_login_method", session.verify_password_method
|
|
177
|
-
|
|
178
|
-
UserSession.verify_password_method "valid_password?"
|
|
179
|
-
assert_equal "valid_password?", UserSession.verify_password_method
|
|
180
|
-
session = UserSession.new
|
|
181
|
-
assert_equal "valid_password?", session.verify_password_method
|
|
182
|
-
end
|
|
183
|
-
end
|
|
184
|
-
end
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class CookiesTest < ActiveSupport::TestCase
|
|
5
|
-
def test_valid_cookie
|
|
6
|
-
ben = users(:ben)
|
|
7
|
-
session = UserSession.new
|
|
8
|
-
|
|
9
|
-
assert !session.valid_cookie?
|
|
10
|
-
|
|
11
|
-
set_cookie_for(ben)
|
|
12
|
-
assert session.valid_cookie?
|
|
13
|
-
assert_equal ben, session.unauthorized_record
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def test_save
|
|
17
|
-
ben = users(:ben)
|
|
18
|
-
session = UserSession.new(ben)
|
|
19
|
-
assert session.save
|
|
20
|
-
assert_equal ben.persistence_token, @controller.cookies["user_credentials"]
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def test_destroy
|
|
24
|
-
ben = users(:ben)
|
|
25
|
-
set_cookie_for(ben)
|
|
26
|
-
session = UserSession.find
|
|
27
|
-
assert @controller.cookies["user_credentials"]
|
|
28
|
-
assert session.destroy
|
|
29
|
-
assert !@controller.cookies["user_credentials"]
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
end
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class ParamsTest < ActiveSupport::TestCase
|
|
5
|
-
def test_valid_params
|
|
6
|
-
ben = users(:ben)
|
|
7
|
-
session = UserSession.new
|
|
8
|
-
|
|
9
|
-
assert !session.valid_params?
|
|
10
|
-
set_params_for(ben)
|
|
11
|
-
|
|
12
|
-
assert !session.valid_params?
|
|
13
|
-
assert !session.unauthorized_record
|
|
14
|
-
assert !@controller.session["user_credentials"]
|
|
15
|
-
|
|
16
|
-
set_request_content_type("text/plain")
|
|
17
|
-
assert !session.valid_params?
|
|
18
|
-
assert !session.unauthorized_record
|
|
19
|
-
assert !@controller.session["user_credentials"]
|
|
20
|
-
|
|
21
|
-
set_request_content_type("application/atom+xml")
|
|
22
|
-
assert session.valid_params?
|
|
23
|
-
assert_equal ben, session.unauthorized_record
|
|
24
|
-
assert !@controller.session["user_credentials"]
|
|
25
|
-
|
|
26
|
-
set_request_content_type("application/rss+xml")
|
|
27
|
-
assert session.valid_params?
|
|
28
|
-
assert_equal ben, session.unauthorized_record
|
|
29
|
-
assert !@controller.session["user_credentials"]
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
end
|
|
@@ -1,45 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class SessionTest < ActiveSupport::TestCase
|
|
5
|
-
def test_valid_session
|
|
6
|
-
ben = users(:ben)
|
|
7
|
-
session = UserSession.new
|
|
8
|
-
|
|
9
|
-
assert !session.valid_session?
|
|
10
|
-
|
|
11
|
-
set_session_for(ben)
|
|
12
|
-
assert session.valid_session?
|
|
13
|
-
assert session.find_record
|
|
14
|
-
assert_equal ben, session.record
|
|
15
|
-
assert_equal ben.persistence_token, @controller.session["user_credentials"]
|
|
16
|
-
assert_equal ben, session.unauthorized_record
|
|
17
|
-
assert !session.new_session?
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
def test_save
|
|
21
|
-
ben = users(:ben)
|
|
22
|
-
session = UserSession.new(ben)
|
|
23
|
-
assert @controller.session["user_credentials"].blank?
|
|
24
|
-
assert session.save
|
|
25
|
-
assert_equal ben.persistence_token, @controller.session["user_credentials"]
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def test_destroy
|
|
29
|
-
ben = users(:ben)
|
|
30
|
-
set_session_for(ben)
|
|
31
|
-
assert_equal ben.persistence_token, @controller.session["user_credentials"]
|
|
32
|
-
session = UserSession.find
|
|
33
|
-
assert session.destroy
|
|
34
|
-
assert @controller.session["user_credentials"].blank?
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def test_find
|
|
38
|
-
ben = users(:ben)
|
|
39
|
-
set_cookie_for(ben)
|
|
40
|
-
assert @controller.session["user_credentials"].blank?
|
|
41
|
-
assert UserSession.find
|
|
42
|
-
assert_equal ben.persistence_token, @controller.session["user_credentials"]
|
|
43
|
-
end
|
|
44
|
-
end
|
|
45
|
-
end
|
|
@@ -1,71 +0,0 @@
|
|
|
1
|
-
require File.dirname(__FILE__) + '/../test_helper.rb'
|
|
2
|
-
|
|
3
|
-
module SessionTests
|
|
4
|
-
class TimeoutTest < ActiveSupport::TestCase
|
|
5
|
-
def test_after_find
|
|
6
|
-
ben = users(:ben)
|
|
7
|
-
set_session_for(ben)
|
|
8
|
-
session = UserSession.find
|
|
9
|
-
assert session
|
|
10
|
-
assert !session.record.last_request_at.nil?
|
|
11
|
-
|
|
12
|
-
UserSession.last_request_at_threshold = 2.seconds
|
|
13
|
-
assert_equal 2.seconds, UserSession.last_request_at_threshold
|
|
14
|
-
|
|
15
|
-
assert UserSession.find
|
|
16
|
-
last_request_at = ben.reload.last_request_at
|
|
17
|
-
sleep(0.5)
|
|
18
|
-
assert UserSession.find
|
|
19
|
-
assert_equal last_request_at, ben.reload.last_request_at
|
|
20
|
-
sleep(2)
|
|
21
|
-
assert UserSession.find
|
|
22
|
-
assert_not_equal last_request_at, ben.reload.last_request_at
|
|
23
|
-
|
|
24
|
-
UserSession.last_request_at_threshold 0
|
|
25
|
-
assert_equal 0, UserSession.last_request_at_threshold
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def test_after_save
|
|
29
|
-
ben = users(:ben)
|
|
30
|
-
session = UserSession.new(ben)
|
|
31
|
-
assert session.save
|
|
32
|
-
assert !session.record.last_request_at.nil?
|
|
33
|
-
assert !session.stale?
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
def test_not_stale
|
|
37
|
-
UserSession.logout_on_timeout = true
|
|
38
|
-
ben = users(:ben)
|
|
39
|
-
ben.update_attribute(:last_request_at, Time.now)
|
|
40
|
-
set_session_for(ben)
|
|
41
|
-
session = UserSession.find
|
|
42
|
-
assert !session.stale?
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
def test_stale
|
|
46
|
-
ben = users(:ben)
|
|
47
|
-
set_session_for(ben)
|
|
48
|
-
ben.update_attribute(:last_request_at, 3.years.ago)
|
|
49
|
-
session = UserSession.find
|
|
50
|
-
assert session.stale?
|
|
51
|
-
assert_nil @controller.session["user_credentials"]
|
|
52
|
-
assert_nil @controller.session["user_credentials_id"]
|
|
53
|
-
UserSession.logout_on_timeout = false
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
def test_stale_find
|
|
57
|
-
UserSession.logout_on_timeout = true
|
|
58
|
-
ben = users(:ben)
|
|
59
|
-
|
|
60
|
-
ben.update_attribute(:last_request_at, 3.years.ago)
|
|
61
|
-
set_session_for(ben)
|
|
62
|
-
session = UserSession.find
|
|
63
|
-
assert session.stale?
|
|
64
|
-
|
|
65
|
-
ben.update_attribute(:last_request_at, Time.now)
|
|
66
|
-
set_session_for(ben)
|
|
67
|
-
session = UserSession.find
|
|
68
|
-
assert !session.stale?
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
end
|