authlogic 3.4.6 → 3.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (115) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +2 -0
  3. data/.rubocop.yml +33 -0
  4. data/.rubocop_todo.yml +427 -0
  5. data/.travis.yml +24 -3
  6. data/CHANGELOG.md +9 -2
  7. data/CONTRIBUTING.md +40 -1
  8. data/Gemfile +1 -1
  9. data/README.md +295 -0
  10. data/Rakefile +10 -2
  11. data/authlogic.gemspec +6 -5
  12. data/lib/authlogic.rb +2 -2
  13. data/lib/authlogic/acts_as_authentic/base.rb +2 -2
  14. data/lib/authlogic/acts_as_authentic/email.rb +59 -14
  15. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +4 -3
  16. data/lib/authlogic/acts_as_authentic/login.rb +62 -12
  17. data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
  18. data/lib/authlogic/acts_as_authentic/password.rb +107 -53
  19. data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -9
  20. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +2 -0
  21. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +48 -35
  22. data/lib/authlogic/acts_as_authentic/single_access_token.rb +19 -15
  23. data/lib/authlogic/acts_as_authentic/validations_scope.rb +2 -2
  24. data/lib/authlogic/authenticates_many/association.rb +6 -5
  25. data/lib/authlogic/authenticates_many/base.rb +22 -12
  26. data/lib/authlogic/config.rb +2 -1
  27. data/lib/authlogic/controller_adapters/abstract_adapter.rb +2 -1
  28. data/lib/authlogic/controller_adapters/rack_adapter.rb +3 -4
  29. data/lib/authlogic/controller_adapters/rails_adapter.rb +26 -14
  30. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +1 -1
  31. data/lib/authlogic/crypto_providers/aes256.rb +16 -12
  32. data/lib/authlogic/crypto_providers/bcrypt.rb +10 -4
  33. data/lib/authlogic/crypto_providers/md5.rb +7 -7
  34. data/lib/authlogic/crypto_providers/scrypt.rb +10 -2
  35. data/lib/authlogic/crypto_providers/sha1.rb +3 -3
  36. data/lib/authlogic/crypto_providers/sha256.rb +3 -3
  37. data/lib/authlogic/crypto_providers/sha512.rb +4 -4
  38. data/lib/authlogic/crypto_providers/wordpress.rb +13 -13
  39. data/lib/authlogic/i18n.rb +22 -16
  40. data/lib/authlogic/i18n/translator.rb +1 -1
  41. data/lib/authlogic/random.rb +13 -12
  42. data/lib/authlogic/regex.rb +3 -3
  43. data/lib/authlogic/session/activation.rb +7 -6
  44. data/lib/authlogic/session/active_record_trickery.rb +1 -2
  45. data/lib/authlogic/session/base.rb +7 -6
  46. data/lib/authlogic/session/brute_force_protection.rb +58 -34
  47. data/lib/authlogic/session/callbacks.rb +16 -12
  48. data/lib/authlogic/session/cookies.rb +29 -14
  49. data/lib/authlogic/session/existence.rb +10 -10
  50. data/lib/authlogic/session/foundation.rb +11 -7
  51. data/lib/authlogic/session/http_auth.rb +6 -5
  52. data/lib/authlogic/session/id.rb +5 -4
  53. data/lib/authlogic/session/klass.rb +2 -1
  54. data/lib/authlogic/session/magic_columns.rb +21 -14
  55. data/lib/authlogic/session/magic_states.rb +25 -14
  56. data/lib/authlogic/session/params.rb +41 -26
  57. data/lib/authlogic/session/password.rb +62 -40
  58. data/lib/authlogic/session/perishable_token.rb +3 -2
  59. data/lib/authlogic/session/persistence.rb +3 -3
  60. data/lib/authlogic/session/priority_record.rb +5 -4
  61. data/lib/authlogic/session/scopes.rb +20 -9
  62. data/lib/authlogic/session/session.rb +9 -4
  63. data/lib/authlogic/session/timeout.rb +40 -23
  64. data/lib/authlogic/session/unauthorized_record.rb +6 -5
  65. data/lib/authlogic/session/validation.rb +18 -9
  66. data/lib/authlogic/test_case.rb +2 -2
  67. data/lib/authlogic/test_case/mock_controller.rb +9 -9
  68. data/lib/authlogic/test_case/mock_cookie_jar.rb +2 -2
  69. data/lib/authlogic/test_case/mock_logger.rb +1 -1
  70. data/lib/authlogic/test_case/mock_request.rb +2 -1
  71. data/lib/authlogic/test_case/rails_request_adapter.rb +5 -5
  72. data/test/acts_as_authentic_test/email_test.rb +29 -17
  73. data/test/acts_as_authentic_test/logged_in_status_test.rb +9 -3
  74. data/test/acts_as_authentic_test/login_test.rb +47 -13
  75. data/test/acts_as_authentic_test/magic_columns_test.rb +4 -4
  76. data/test/acts_as_authentic_test/password_test.rb +31 -21
  77. data/test/acts_as_authentic_test/perishable_token_test.rb +15 -15
  78. data/test/acts_as_authentic_test/session_maintenance_test.rb +20 -13
  79. data/test/acts_as_authentic_test/single_access_test.rb +8 -8
  80. data/test/authenticates_many_test.rb +4 -4
  81. data/test/crypto_provider_test/aes256_test.rb +2 -2
  82. data/test/crypto_provider_test/scrypt_test.rb +1 -1
  83. data/test/crypto_provider_test/sha1_test.rb +3 -3
  84. data/test/crypto_provider_test/sha256_test.rb +1 -1
  85. data/test/crypto_provider_test/sha512_test.rb +2 -2
  86. data/test/gemfiles/Gemfile.rails-3.2.x +2 -2
  87. data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
  88. data/test/i18n_test.rb +5 -5
  89. data/test/libs/affiliate.rb +2 -2
  90. data/test/libs/company.rb +1 -1
  91. data/test/libs/employee.rb +2 -2
  92. data/test/libs/employee_session.rb +1 -1
  93. data/test/libs/ldaper.rb +1 -1
  94. data/test/libs/project.rb +1 -1
  95. data/test/random_test.rb +5 -4
  96. data/test/session_test/activation_test.rb +5 -5
  97. data/test/session_test/active_record_trickery_test.rb +7 -5
  98. data/test/session_test/cookies_test.rb +8 -6
  99. data/test/session_test/existence_test.rb +19 -13
  100. data/test/session_test/http_auth_test.rb +0 -3
  101. data/test/session_test/id_test.rb +2 -2
  102. data/test/session_test/klass_test.rb +1 -1
  103. data/test/session_test/magic_columns_test.rb +0 -3
  104. data/test/session_test/magic_states_test.rb +11 -11
  105. data/test/session_test/params_test.rb +10 -10
  106. data/test/session_test/password_test.rb +4 -5
  107. data/test/session_test/perishability_test.rb +3 -3
  108. data/test/session_test/scopes_test.rb +8 -8
  109. data/test/session_test/session_test.rb +5 -4
  110. data/test/session_test/timeout_test.rb +8 -8
  111. data/test/session_test/unauthorized_record_test.rb +2 -2
  112. data/test/session_test/validation_test.rb +3 -3
  113. data/test/test_helper.rb +9 -5
  114. metadata +54 -24
  115. data/README.rdoc +0 -232
@@ -1,7 +1,7 @@
1
1
  source "https://rubygems.org"
2
2
  gemspec :path => "./../.."
3
3
 
4
- gem "activerecord", "3.2.17"
5
- gem "activesupport", "3.2.17"
4
+ gem "activerecord", "3.2.22"
5
+ gem "activesupport", "3.2.22"
6
6
  gem 'activerecord-jdbcsqlite3-adapter', :platforms => :jruby
7
7
  gem 'sqlite3', :platforms => :ruby
@@ -0,0 +1,6 @@
1
+ source "https://rubygems.org"
2
+ gemspec :path => "./../.."
3
+
4
+ gem "activerecord", "~> 5.0.0"
5
+ gem "activesupport", "~> 5.0.0"
6
+ gem 'sqlite3', :platforms => :ruby
@@ -4,20 +4,20 @@ class I18nTest < ActiveSupport::TestCase
4
4
  def test_uses_authlogic_as_scope_by_default
5
5
  assert_equal :authlogic, Authlogic::I18n.scope
6
6
  end
7
-
7
+
8
8
  def test_can_set_scope
9
9
  assert_nothing_raised { Authlogic::I18n.scope = [:a, :b] }
10
10
  assert_equal [:a, :b], Authlogic::I18n.scope
11
11
  Authlogic::I18n.scope = :authlogic
12
12
  end
13
-
13
+
14
14
  def test_uses_built_in_translator_by_default
15
15
  assert_equal Authlogic::I18n::Translator, Authlogic::I18n.translator.class
16
16
  end
17
-
17
+
18
18
  def test_can_set_custom_translator
19
19
  old_translator = Authlogic::I18n.translator
20
-
20
+
21
21
  assert_nothing_raised do
22
22
  Authlogic::I18n.translator = Class.new do
23
23
  def translate(key, options = {})
@@ -27,7 +27,7 @@ class I18nTest < ActiveSupport::TestCase
27
27
  end
28
28
 
29
29
  assert_equal "Translated: x", Authlogic::I18n.translate(:x)
30
-
30
+
31
31
  Authlogic::I18n.translator = old_translator
32
32
  end
33
33
  end
@@ -2,6 +2,6 @@ class Affiliate < ActiveRecord::Base
2
2
  acts_as_authentic do |c|
3
3
  c.crypted_password_field = :pw_hash
4
4
  end
5
-
5
+
6
6
  belongs_to :company
7
- end
7
+ end
@@ -3,4 +3,4 @@ class Company < ActiveRecord::Base
3
3
  authenticates_many :user_sessions
4
4
  has_many :employees, :dependent => :destroy
5
5
  has_many :users, :dependent => :destroy
6
- end
6
+ end
@@ -2,6 +2,6 @@ class Employee < ActiveRecord::Base
2
2
  acts_as_authentic do |c|
3
3
  c.crypto_provider Authlogic::CryptoProviders::AES256
4
4
  end
5
-
5
+
6
6
  belongs_to :company
7
- end
7
+ end
@@ -1,2 +1,2 @@
1
1
  class EmployeeSession < Authlogic::Session::Base
2
- end
2
+ end
@@ -1,3 +1,3 @@
1
1
  class Ldaper < ActiveRecord::Base
2
2
  acts_as_authentic
3
- end
3
+ end
@@ -1,3 +1,3 @@
1
1
  class Project < ActiveRecord::Base
2
2
  has_and_belongs_to_many :users
3
- end
3
+ end
@@ -10,17 +10,18 @@ class RandomTest < ActiveSupport::TestCase
10
10
  end
11
11
 
12
12
  private
13
+
13
14
  def with_any_random(&block)
14
- [true, false].each {|val| with_secure_random_enabled(val, &block)}
15
+ [true, false].each { |val| with_secure_random_enabled(val, &block) }
15
16
  end
16
17
 
17
18
  def with_secure_random_enabled(enabled = true)
18
19
  # can't really test SecureRandom if we don't have an implementation
19
20
  return if enabled && !Authlogic::Random::SecureRandom
20
-
21
+
21
22
  current_sec_rand = Authlogic::Random::SecureRandom
22
23
  reload_authlogic_with_sec_random!(current_sec_rand, enabled)
23
-
24
+
24
25
  yield
25
26
  ensure
26
27
  reload_authlogic_with_sec_random!(current_sec_rand)
@@ -39,4 +40,4 @@ class RandomTest < ActiveSupport::TestCase
39
40
  ensure
40
41
  $VERBOSE = old_verbose
41
42
  end
42
- end
43
+ end
@@ -8,7 +8,7 @@ module SessionTest
8
8
  Authlogic::Session::Base.controller = nil
9
9
  assert !UserSession.activated?
10
10
  end
11
-
11
+
12
12
  def test_controller
13
13
  Authlogic::Session::Base.controller = nil
14
14
  assert_nil Authlogic::Session::Base.controller
@@ -20,18 +20,18 @@ module SessionTest
20
20
  thread1.join
21
21
 
22
22
  assert_nil Authlogic::Session::Base.controller
23
-
23
+
24
24
  thread2 = Thread.new do
25
25
  controller = MockController.new
26
26
  Authlogic::Session::Base.controller = controller
27
27
  assert_equal controller, Authlogic::Session::Base.controller
28
28
  end
29
29
  thread2.join
30
-
30
+
31
31
  assert_nil Authlogic::Session::Base.controller
32
32
  end
33
33
  end
34
-
34
+
35
35
  class InstanceMethodsTest < ActiveSupport::TestCase
36
36
  def test_init
37
37
  UserSession.controller = nil
@@ -40,4 +40,4 @@ module SessionTest
40
40
  end
41
41
  end
42
42
  end
43
- end
43
+ end
@@ -3,6 +3,8 @@ require 'test_helper'
3
3
  module SessionTest
4
4
  module ActiveRecordTrickeryTest
5
5
  class ClassMethodsTest < ActiveSupport::TestCase
6
+ i_suck_and_my_tests_are_order_dependent! # If test_human_name is executed after test_i18n_of_human_name the test will fail.
7
+
6
8
  def test_human_attribute_name
7
9
  assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
8
10
  assert_equal "Some attribute", UserSession.human_attribute_name(:some_attribute)
@@ -13,12 +15,12 @@ module SessionTest
13
15
  end
14
16
 
15
17
  def test_i18n_of_human_name
16
- I18n.backend.store_translations 'en', :authlogic => {:models => {:user_session => "MySession" } }
18
+ I18n.backend.store_translations 'en', :authlogic => { :models => { :user_session => "MySession" } }
17
19
  assert_equal "MySession", UserSession.human_name
18
20
  end
19
21
 
20
22
  def test_i18n_of_model_name_human
21
- I18n.backend.store_translations 'en', :authlogic => {:models => {:user_session => "MySession" } }
23
+ I18n.backend.store_translations 'en', :authlogic => { :models => { :user_session => "MySession" } }
22
24
  assert_equal "MySession", UserSession.model_name.human
23
25
  end
24
26
 
@@ -47,18 +49,18 @@ module SessionTest
47
49
 
48
50
  def test_persisted
49
51
  session = UserSession.new(users(:ben))
50
- assert ! session.persisted?
52
+ assert !session.persisted?
51
53
 
52
54
  session.save
53
55
  assert session.persisted?
54
56
 
55
57
  session.destroy
56
- assert ! session.persisted?
58
+ assert !session.persisted?
57
59
  end
58
60
 
59
61
  def test_destroyed?
60
62
  session = UserSession.create(users(:ben))
61
- assert ! session.destroyed?
63
+ assert !session.destroyed?
62
64
 
63
65
  session.destroy
64
66
  assert session.destroyed?
@@ -82,7 +82,7 @@ module SessionTest
82
82
  class InstanceMethodsTest < ActiveSupport::TestCase
83
83
  def test_credentials
84
84
  session = UserSession.new
85
- session.credentials = {:remember_me => true}
85
+ session.credentials = { :remember_me => true }
86
86
  assert_equal true, session.remember_me
87
87
  end
88
88
 
@@ -170,11 +170,13 @@ module SessionTest
170
170
  end
171
171
 
172
172
  def test_after_save_save_cookie_with_remember_me
173
- ben = users(:ben)
174
- session = UserSession.new(ben)
175
- session.remember_me = true
176
- assert session.save
177
- assert_equal "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}", controller.cookies["user_credentials"]
173
+ Timecop.freeze do
174
+ ben = users(:ben)
175
+ session = UserSession.new(ben)
176
+ session.remember_me = true
177
+ assert session.save
178
+ assert_equal "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}", controller.cookies["user_credentials"]
179
+ end
178
180
  end
179
181
 
180
182
  def test_after_destroy_destroy_cookie
@@ -6,30 +6,36 @@ module SessionTest
6
6
  def test_create
7
7
  ben = users(:ben)
8
8
  assert UserSession.create(:login => "somelogin", :password => "badpw2").new_session?
9
- assert !UserSession.create(:login => ben.login, :password => "benrocks").new_session?
10
- assert_raise(Authlogic::Session::Existence::SessionInvalidError) { UserSession.create!(:login => ben.login, :password => "badpw") }
11
- assert !UserSession.create!(:login => ben.login, :password => "benrocks").new_session?
9
+ refute UserSession.create(:login => ben.login, :password => "benrocks").new_session?
10
+ end
11
+
12
+ def test_create_bang
13
+ ben = users(:ben)
14
+ err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
15
+ UserSession.create!(:login => ben.login, :password => "badpw")
16
+ end
17
+ assert_includes err.message, "Password is not valid"
18
+ refute UserSession.create!(:login => ben.login, :password => "benrocks").new_session?
12
19
  end
13
20
  end
14
-
15
- class IsntaceMethodsTest < ActiveSupport::TestCase
21
+
22
+ class InstanceMethodsTest < ActiveSupport::TestCase
16
23
  def test_new_session
17
24
  session = UserSession.new
18
25
  assert session.new_session?
19
-
26
+
20
27
  set_session_for(users(:ben))
21
28
  session = UserSession.find
22
29
  assert !session.new_session?
23
30
  end
24
-
31
+
25
32
  def test_save_with_nothing
26
33
  session = UserSession.new
27
34
  assert !session.save
28
35
  assert session.new_session?
29
36
  end
30
-
37
+
31
38
  def test_save_with_block
32
- ben = users(:ben)
33
39
  session = UserSession.new
34
40
  block_result = session.save do |result|
35
41
  assert !result
@@ -37,15 +43,15 @@ module SessionTest
37
43
  assert !block_result
38
44
  assert session.new_session?
39
45
  end
40
-
46
+
41
47
  def test_save_with_bang
42
48
  session = UserSession.new
43
49
  assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
44
-
50
+
45
51
  session.unauthorized_record = users(:ben)
46
52
  assert_nothing_raised { session.save! }
47
53
  end
48
-
54
+
49
55
  def test_destroy
50
56
  ben = users(:ben)
51
57
  session = UserSession.new
@@ -61,4 +67,4 @@ module SessionTest
61
67
  end
62
68
  end
63
69
  end
64
- end
70
+ end
@@ -20,10 +20,7 @@ module SessionTest
20
20
  end
21
21
 
22
22
  def test_http_basic_auth_realm
23
- original_http_basic_auth_realm = UserSession.http_basic_auth_realm
24
-
25
23
  assert_equal 'Application', UserSession.http_basic_auth_realm
26
-
27
24
  UserSession.http_basic_auth_realm = 'TestRealm'
28
25
  assert_equal 'TestRealm', UserSession.http_basic_auth_realm
29
26
  end
@@ -7,11 +7,11 @@ module SessionTest
7
7
  session.credentials = [:my_id]
8
8
  assert_equal :my_id, session.id
9
9
  end
10
-
10
+
11
11
  def test_id
12
12
  session = UserSession.new
13
13
  session.id = :my_id
14
14
  assert_equal :my_id, session.id
15
15
  end
16
16
  end
17
- end
17
+ end
@@ -37,4 +37,4 @@ module SessionTest
37
37
  end
38
38
  end
39
39
  end
40
- end
40
+ end
@@ -41,10 +41,7 @@ module SessionTest
41
41
 
42
42
  # grab old values
43
43
  old_login_count = aaron.login_count
44
- old_failed_login_count = aaron.failed_login_count
45
- old_last_login_at = aaron.last_login_at
46
44
  old_current_login_at = aaron.current_login_at
47
- old_last_login_ip = aaron.last_login_ip
48
45
  old_current_login_ip = aaron.current_login_ip
49
46
 
50
47
  assert UserSession.create(:login => aaron.login, :password => "aaronrocks").valid?
@@ -6,55 +6,55 @@ module SessionTest
6
6
  def test_disable_magic_states_config
7
7
  UserSession.disable_magic_states = true
8
8
  assert_equal true, UserSession.disable_magic_states
9
-
9
+
10
10
  UserSession.disable_magic_states false
11
11
  assert_equal false, UserSession.disable_magic_states
12
12
  end
13
13
  end
14
-
14
+
15
15
  class InstanceMethodsTest < ActiveSupport::TestCase
16
16
  def test_disabling_magic_states
17
17
  UserSession.disable_magic_states = true
18
-
18
+
19
19
  ben = users(:ben)
20
20
  ben.update_attribute(:active, false)
21
21
  assert UserSession.create(ben)
22
-
22
+
23
23
  UserSession.disable_magic_states = false
24
24
  end
25
-
25
+
26
26
  def test_validate_validate_magic_states_active
27
27
  session = UserSession.new
28
28
  ben = users(:ben)
29
29
  session.unauthorized_record = ben
30
30
  assert session.valid?
31
-
31
+
32
32
  ben.update_attribute(:active, false)
33
33
  assert !session.valid?
34
34
  assert session.errors[:base].size > 0
35
35
  end
36
-
36
+
37
37
  def test_validate_validate_magic_states_approved
38
38
  session = UserSession.new
39
39
  ben = users(:ben)
40
40
  session.unauthorized_record = ben
41
41
  assert session.valid?
42
-
42
+
43
43
  ben.update_attribute(:approved, false)
44
44
  assert !session.valid?
45
45
  assert session.errors[:base].size > 0
46
46
  end
47
-
47
+
48
48
  def test_validate_validate_magic_states_confirmed
49
49
  session = UserSession.new
50
50
  ben = users(:ben)
51
51
  session.unauthorized_record = ben
52
52
  assert session.valid?
53
-
53
+
54
54
  ben.update_attribute(:confirmed, false)
55
55
  assert !session.valid?
56
56
  assert session.errors[:base].size > 0
57
57
  end
58
58
  end
59
59
  end
60
- end
60
+ end
@@ -6,43 +6,43 @@ module SessionTest
6
6
  def test_params_key
7
7
  UserSession.params_key = "my_params_key"
8
8
  assert_equal "my_params_key", UserSession.params_key
9
-
9
+
10
10
  UserSession.params_key "user_credentials"
11
11
  assert_equal "user_credentials", UserSession.params_key
12
12
  end
13
-
13
+
14
14
  def test_single_access_allowed_request_types
15
15
  UserSession.single_access_allowed_request_types = ["my request type"]
16
16
  assert_equal ["my request type"], UserSession.single_access_allowed_request_types
17
-
17
+
18
18
  UserSession.single_access_allowed_request_types ["application/rss+xml", "application/atom+xml"]
19
19
  assert_equal ["application/rss+xml", "application/atom+xml"], UserSession.single_access_allowed_request_types
20
20
  end
21
21
  end
22
-
22
+
23
23
  class InstanceMethodsTest < ActiveSupport::TestCase
24
24
  def test_persist_persist_by_params
25
25
  ben = users(:ben)
26
26
  session = UserSession.new
27
-
27
+
28
28
  assert !session.persisting?
29
29
  set_params_for(ben)
30
-
30
+
31
31
  assert !session.persisting?
32
32
  assert !session.unauthorized_record
33
33
  assert !session.record
34
34
  assert_nil controller.session["user_credentials"]
35
-
35
+
36
36
  set_request_content_type("text/plain")
37
37
  assert !session.persisting?
38
38
  assert !session.unauthorized_record
39
39
  assert_nil controller.session["user_credentials"]
40
-
40
+
41
41
  set_request_content_type("application/atom+xml")
42
42
  assert session.persisting?
43
43
  assert_equal ben, session.record
44
44
  assert_nil controller.session["user_credentials"] # should not persist since this is single access
45
-
45
+
46
46
  set_request_content_type("application/rss+xml")
47
47
  assert session.persisting?
48
48
  assert_equal ben, session.unauthorized_record
@@ -50,4 +50,4 @@ module SessionTest
50
50
  end
51
51
  end
52
52
  end
53
- end
53
+ end