authlogic 3.4.6 → 4.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.github/triage.md +87 -0
- data/.gitignore +4 -0
- data/.rubocop.yml +127 -0
- data/.rubocop_todo.yml +65 -0
- data/.travis.yml +18 -10
- data/CHANGELOG.md +156 -6
- data/CONTRIBUTING.md +71 -3
- data/Gemfile +2 -2
- data/README.md +386 -0
- data/Rakefile +13 -7
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +33 -22
- data/lib/authlogic.rb +60 -52
- data/lib/authlogic/acts_as_authentic/base.rb +40 -26
- data/lib/authlogic/acts_as_authentic/email.rb +96 -32
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
- data/lib/authlogic/acts_as_authentic/login.rb +114 -49
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +296 -139
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
- data/lib/authlogic/authenticates_many/association.rb +22 -14
- data/lib/authlogic/authenticates_many/base.rb +35 -16
- data/lib/authlogic/config.rb +10 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
- data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
- data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/crypto_providers/aes256.rb +42 -14
- data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
- data/lib/authlogic/crypto_providers/md5.rb +11 -9
- data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
- data/lib/authlogic/crypto_providers/sha1.rb +14 -8
- data/lib/authlogic/crypto_providers/sha256.rb +16 -12
- data/lib/authlogic/crypto_providers/sha512.rb +8 -24
- data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
- data/lib/authlogic/i18n.rb +33 -20
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +12 -29
- data/lib/authlogic/regex.rb +59 -27
- data/lib/authlogic/session/activation.rb +36 -23
- data/lib/authlogic/session/active_record_trickery.rb +13 -10
- data/lib/authlogic/session/base.rb +20 -8
- data/lib/authlogic/session/brute_force_protection.rb +87 -56
- data/lib/authlogic/session/callbacks.rb +99 -49
- data/lib/authlogic/session/cookies.rb +128 -59
- data/lib/authlogic/session/existence.rb +29 -19
- data/lib/authlogic/session/foundation.rb +70 -16
- data/lib/authlogic/session/http_auth.rb +39 -31
- data/lib/authlogic/session/id.rb +27 -15
- data/lib/authlogic/session/klass.rb +17 -13
- data/lib/authlogic/session/magic_columns.rb +78 -59
- data/lib/authlogic/session/magic_states.rb +50 -27
- data/lib/authlogic/session/params.rb +79 -50
- data/lib/authlogic/session/password.rb +197 -118
- data/lib/authlogic/session/perishable_token.rb +12 -6
- data/lib/authlogic/session/persistence.rb +20 -14
- data/lib/authlogic/session/priority_record.rb +20 -16
- data/lib/authlogic/session/scopes.rb +63 -33
- data/lib/authlogic/session/session.rb +40 -25
- data/lib/authlogic/session/timeout.rb +51 -34
- data/lib/authlogic/session/unauthorized_record.rb +24 -18
- data/lib/authlogic/session/validation.rb +32 -21
- data/lib/authlogic/test_case.rb +123 -35
- data/lib/authlogic/test_case/mock_controller.rb +14 -13
- data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +9 -4
- data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
- data/lib/authlogic/version.rb +21 -0
- data/test/acts_as_authentic_test/base_test.rb +1 -1
- data/test/acts_as_authentic_test/email_test.rb +80 -63
- data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
- data/test/acts_as_authentic_test/login_test.rb +91 -49
- data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
- data/test/acts_as_authentic_test/password_test.rb +82 -60
- data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
- data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
- data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
- data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
- data/test/acts_as_authentic_test/single_access_test.rb +15 -15
- data/test/adapter_test.rb +21 -0
- data/test/authenticates_many_test.rb +26 -11
- data/test/config_test.rb +9 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -3
- data/test/crypto_provider_test/bcrypt_test.rb +1 -1
- data/test/crypto_provider_test/scrypt_test.rb +2 -2
- data/test/crypto_provider_test/sha1_test.rb +4 -4
- data/test/crypto_provider_test/sha256_test.rb +2 -2
- data/test/crypto_provider_test/sha512_test.rb +3 -3
- data/test/crypto_provider_test/wordpress_test.rb +24 -0
- data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
- data/test/gemfiles/Gemfile.rails-master +6 -0
- data/test/i18n_test.rb +9 -9
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +4 -4
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/libs/user_session.rb +2 -2
- data/test/random_test.rb +9 -38
- data/test/session_test/activation_test.rb +7 -7
- data/test/session_test/active_record_trickery_test.rb +9 -6
- data/test/session_test/brute_force_protection_test.rb +26 -21
- data/test/session_test/callbacks_test.rb +10 -4
- data/test/session_test/cookies_test.rb +54 -20
- data/test/session_test/existence_test.rb +45 -23
- data/test/session_test/foundation_test.rb +17 -1
- data/test/session_test/http_auth_test.rb +11 -12
- data/test/session_test/id_test.rb +3 -3
- data/test/session_test/klass_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +15 -17
- data/test/session_test/magic_states_test.rb +17 -19
- data/test/session_test/params_test.rb +26 -20
- data/test/session_test/password_test.rb +11 -12
- data/test/session_test/perishability_test.rb +5 -5
- data/test/session_test/persistence_test.rb +4 -3
- data/test/session_test/scopes_test.rb +15 -9
- data/test/session_test/session_test.rb +7 -6
- data/test/session_test/timeout_test.rb +16 -14
- data/test/session_test/unauthorized_record_test.rb +3 -3
- data/test/session_test/validation_test.rb +5 -5
- data/test/test_helper.rb +115 -49
- metadata +107 -36
- data/README.rdoc +0 -232
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -4,21 +4,26 @@ module Authlogic
|
|
4
4
|
#
|
5
5
|
# UserSession.create(my_user_object)
|
6
6
|
#
|
7
|
-
# Be careful with this, because Authlogic is assuming that you have already
|
8
|
-
# user is who he says he is.
|
7
|
+
# Be careful with this, because Authlogic is assuming that you have already
|
8
|
+
# confirmed that the user is who he says he is.
|
9
9
|
#
|
10
|
-
# For example, this is the method used to persist the session internally.
|
11
|
-
# the persistence token. At this point we know
|
12
|
-
#
|
13
|
-
#
|
10
|
+
# For example, this is the method used to persist the session internally.
|
11
|
+
# Authlogic finds the user with the persistence token. At this point we know
|
12
|
+
# the user is who he says he is, so Authlogic just creates a session with
|
13
|
+
# the record. This is particularly useful for 3rd party authentication
|
14
|
+
# methods, such as OpenID. Let that method verify the identity, once it's
|
15
|
+
# verified, pass the object and create a session.
|
14
16
|
module UnauthorizedRecord
|
15
17
|
def self.included(klass)
|
16
18
|
klass.class_eval do
|
17
19
|
attr_accessor :unauthorized_record
|
18
|
-
validate
|
20
|
+
validate(
|
21
|
+
:validate_by_unauthorized_record,
|
22
|
+
if: :authenticating_with_unauthorized_record?
|
23
|
+
)
|
19
24
|
end
|
20
25
|
end
|
21
|
-
|
26
|
+
|
22
27
|
# Returning meaningful credentials
|
23
28
|
def credentials
|
24
29
|
if authenticating_with_unauthorized_record?
|
@@ -29,22 +34,23 @@ module Authlogic
|
|
29
34
|
super
|
30
35
|
end
|
31
36
|
end
|
32
|
-
|
37
|
+
|
33
38
|
# Setting the unauthorized record if it exists in the credentials passed.
|
34
39
|
def credentials=(value)
|
35
40
|
super
|
36
41
|
values = value.is_a?(Array) ? value : [value]
|
37
42
|
self.unauthorized_record = values.first if values.first.class < ::ActiveRecord::Base
|
38
43
|
end
|
39
|
-
|
44
|
+
|
40
45
|
private
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
46
|
+
|
47
|
+
def authenticating_with_unauthorized_record?
|
48
|
+
!unauthorized_record.nil?
|
49
|
+
end
|
50
|
+
|
51
|
+
def validate_by_unauthorized_record
|
52
|
+
self.attempted_record = unauthorized_record
|
53
|
+
end
|
48
54
|
end
|
49
55
|
end
|
50
|
-
end
|
56
|
+
end
|
@@ -2,7 +2,8 @@ module Authlogic
|
|
2
2
|
module Session
|
3
3
|
# Responsible for session validation
|
4
4
|
module Validation
|
5
|
-
# The errors in Authlogic work JUST LIKE ActiveRecord. In fact, it uses
|
5
|
+
# The errors in Authlogic work JUST LIKE ActiveRecord. In fact, it uses
|
6
|
+
# the exact same ActiveRecord errors class. Use it the same way:
|
6
7
|
#
|
7
8
|
# class UserSession
|
8
9
|
# validate :check_if_awesome
|
@@ -21,21 +22,22 @@ module Authlogic
|
|
21
22
|
end
|
22
23
|
end
|
23
24
|
end
|
24
|
-
|
25
|
-
# You should use this as a place holder for any records that you find
|
26
|
-
#
|
27
|
-
# the
|
25
|
+
|
26
|
+
# You should use this as a place holder for any records that you find
|
27
|
+
# during validation. The main reason for this is to allow other modules to
|
28
|
+
# use it if needed. Take the failed_login_count feature, it needs this in
|
29
|
+
# order to increase the failed login count.
|
28
30
|
def attempted_record
|
29
31
|
@attempted_record
|
30
32
|
end
|
31
|
-
|
33
|
+
|
32
34
|
# See attempted_record
|
33
35
|
def attempted_record=(value)
|
34
36
|
@attempted_record = value
|
35
37
|
end
|
36
|
-
|
37
|
-
# The errors in Authlogic work JUST LIKE ActiveRecord. In fact, it uses
|
38
|
-
# Use it the same way:
|
38
|
+
|
39
|
+
# The errors in Authlogic work JUST LIKE ActiveRecord. In fact, it uses
|
40
|
+
# the exact same ActiveRecord errors class. Use it the same way:
|
39
41
|
#
|
40
42
|
# === Example
|
41
43
|
#
|
@@ -51,32 +53,41 @@ module Authlogic
|
|
51
53
|
def errors
|
52
54
|
@errors ||= Errors.new(self)
|
53
55
|
end
|
54
|
-
|
55
|
-
# Determines if the information you provided for authentication is valid
|
56
|
-
# a problem with the information provided errors will
|
57
|
-
# method will return false.
|
56
|
+
|
57
|
+
# Determines if the information you provided for authentication is valid
|
58
|
+
# or not. If there is a problem with the information provided errors will
|
59
|
+
# be added to the errors object and this method will return false.
|
58
60
|
def valid?
|
59
61
|
errors.clear
|
60
62
|
self.attempted_record = nil
|
61
|
-
|
63
|
+
|
62
64
|
before_validation
|
63
65
|
new_session? ? before_validation_on_create : before_validation_on_update
|
64
66
|
validate
|
65
67
|
ensure_authentication_attempted
|
66
|
-
|
67
|
-
if errors.
|
68
|
+
|
69
|
+
if errors.empty?
|
68
70
|
new_session? ? after_validation_on_create : after_validation_on_update
|
69
71
|
after_validation
|
70
72
|
end
|
71
|
-
|
73
|
+
|
72
74
|
save_record(attempted_record)
|
73
|
-
errors.
|
75
|
+
errors.empty?
|
74
76
|
end
|
75
|
-
|
77
|
+
|
76
78
|
private
|
77
|
-
|
78
|
-
|
79
|
+
|
80
|
+
def ensure_authentication_attempted
|
81
|
+
if errors.empty? && attempted_record.nil?
|
82
|
+
errors.add(
|
83
|
+
:base,
|
84
|
+
I18n.t(
|
85
|
+
"error_messages.no_authentication_details",
|
86
|
+
default: "You did not provide any details for authentication."
|
87
|
+
)
|
88
|
+
)
|
79
89
|
end
|
90
|
+
end
|
80
91
|
end
|
81
92
|
end
|
82
93
|
end
|
data/lib/authlogic/test_case.rb
CHANGED
@@ -5,8 +5,9 @@ require File.dirname(__FILE__) + "/test_case/mock_logger"
|
|
5
5
|
require File.dirname(__FILE__) + "/test_case/mock_request"
|
6
6
|
|
7
7
|
module Authlogic
|
8
|
-
# This module is a collection of methods and classes that help you easily test
|
9
|
-
# I use these same tools to test the internals of
|
8
|
+
# This module is a collection of methods and classes that help you easily test
|
9
|
+
# Authlogic. In fact, I use these same tools to test the internals of
|
10
|
+
# Authlogic.
|
10
11
|
#
|
11
12
|
# === The quick and dirty
|
12
13
|
#
|
@@ -18,72 +19,88 @@ module Authlogic
|
|
18
19
|
#
|
19
20
|
# === Setting up
|
20
21
|
#
|
21
|
-
# Authlogic comes with some simple testing tools. To get these, you need to
|
22
|
-
# you are doing this in a rails app,
|
22
|
+
# Authlogic comes with some simple testing tools. To get these, you need to
|
23
|
+
# first require Authlogic's TestCase. If you are doing this in a rails app,
|
24
|
+
# you would require this file at the top of your test_helper.rb file:
|
23
25
|
#
|
24
26
|
# require "authlogic/test_case"
|
25
27
|
#
|
26
|
-
# If you are using Test::Unit::TestCase, the standard testing library that
|
27
|
-
#
|
28
|
+
# If you are using Test::Unit::TestCase, the standard testing library that
|
29
|
+
# comes with ruby, then you can skip this next part. If you are not, you need
|
30
|
+
# to include the Authlogic::TestCase into your testing suite as follows:
|
28
31
|
#
|
29
32
|
# include Authlogic::TestCase
|
30
33
|
#
|
31
|
-
# Now that everything is ready to go, let's move onto actually testing. Here
|
34
|
+
# Now that everything is ready to go, let's move onto actually testing. Here
|
35
|
+
# is the basic idea behind testing:
|
32
36
|
#
|
33
|
-
# Authlogic requires a "connection" to your controller to activate it. In the
|
34
|
-
#
|
35
|
-
#
|
36
|
-
#
|
37
|
+
# Authlogic requires a "connection" to your controller to activate it. In the
|
38
|
+
# same manner that ActiveRecord requires a connection to your database. It
|
39
|
+
# can't do anything until it gets connected. That being said, Authlogic will
|
40
|
+
# raise an Authlogic::Session::Activation::NotActivatedError any time you try
|
41
|
+
# to instantiate an object without a "connection". So before you do anything
|
42
|
+
# with Authlogic, you need to activate / connect Authlogic. Let's walk through
|
43
|
+
# how to do this in tests:
|
37
44
|
#
|
38
45
|
# === Fixtures / Factories
|
39
46
|
#
|
40
|
-
# Creating users via fixtures / factories is easy. Here's an example of a
|
47
|
+
# Creating users via fixtures / factories is easy. Here's an example of a
|
48
|
+
# fixture:
|
41
49
|
#
|
42
50
|
# ben:
|
43
51
|
# email: whatever@whatever.com
|
44
52
|
# password_salt: <%= salt = Authlogic::Random.hex_token %>
|
45
|
-
# crypted_password: <%= Authlogic::CryptoProviders::
|
53
|
+
# crypted_password: <%= Authlogic::CryptoProviders::SCrypt.encrypt("benrocks" + salt) %>
|
46
54
|
# persistence_token: <%= Authlogic::Random.hex_token %>
|
47
55
|
# single_access_token: <%= Authlogic::Random.friendly_token %>
|
48
56
|
# perishable_token: <%= Authlogic::Random.friendly_token %>
|
49
57
|
#
|
50
|
-
# Notice the crypted_password value. Just supplement that with whatever crypto
|
58
|
+
# Notice the crypted_password value. Just supplement that with whatever crypto
|
59
|
+
# provider you are using, if you are not using the default.
|
51
60
|
#
|
52
61
|
# === Functional tests
|
53
62
|
#
|
54
|
-
# Activating Authlogic isn't a problem here, because making a request will
|
55
|
-
#
|
63
|
+
# Activating Authlogic isn't a problem here, because making a request will
|
64
|
+
# activate Authlogic for you. The problem is logging users in so they can
|
65
|
+
# access restricted areas. Solving this is simple, just do this:
|
56
66
|
#
|
57
67
|
# setup :activate_authlogic
|
58
68
|
#
|
59
|
-
# For those of you unfamiliar with TestUnit, the setup method basically just
|
60
|
-
# It is essentially "setting up"
|
69
|
+
# For those of you unfamiliar with TestUnit, the setup method basically just
|
70
|
+
# executes a method before any test is ran. It is essentially "setting up"
|
71
|
+
# your tests.
|
61
72
|
#
|
62
73
|
# Once you have done this, just log users in like usual:
|
63
74
|
#
|
64
75
|
# UserSession.create(users(:whomever))
|
65
76
|
# # access my restricted area here
|
66
77
|
#
|
67
|
-
# Do this before you make your request and it will act as if that user is
|
78
|
+
# Do this before you make your request and it will act as if that user is
|
79
|
+
# logged in.
|
68
80
|
#
|
69
81
|
# === Integration tests
|
70
82
|
#
|
71
|
-
# Again, just like functional tests, you don't have to do anything. As soon as
|
72
|
-
#
|
83
|
+
# Again, just like functional tests, you don't have to do anything. As soon as
|
84
|
+
# you make a request, Authlogic will be connected. If you want to activate
|
85
|
+
# Authlogic before making a request follow the same steps described in the
|
73
86
|
# "functional tests" section above. It works in the same manner.
|
74
87
|
#
|
75
88
|
# === Unit tests
|
76
89
|
#
|
77
|
-
# The only time you need to do any trickiness here is if you want to test
|
78
|
-
#
|
90
|
+
# The only time you need to do any trickiness here is if you want to test
|
91
|
+
# Authlogic models. Maybe you added some custom code or methods in your
|
92
|
+
# Authlogic models. Maybe you are writing a plugin or a library that extends
|
93
|
+
# Authlogic.
|
79
94
|
#
|
80
|
-
# That being said, in this environment there is no controller. So you need to
|
81
|
-
# that looks like a controller, acts like a
|
82
|
-
#
|
83
|
-
#
|
95
|
+
# That being said, in this environment there is no controller. So you need to
|
96
|
+
# use a "mock" controller. Something that looks like a controller, acts like a
|
97
|
+
# controller, but isn't a "real" controller. You are essentially connecting
|
98
|
+
# Authlogic to your "mock" controller, then you can test off of the mock
|
99
|
+
# controller to make sure everything is functioning properly.
|
84
100
|
#
|
85
|
-
# I use a mock controller to test Authlogic myself. It's part of the Authlogic
|
86
|
-
#
|
101
|
+
# I use a mock controller to test Authlogic myself. It's part of the Authlogic
|
102
|
+
# library that you can easily use. It's as simple as functional and
|
103
|
+
# integration tests. Just do the following:
|
87
104
|
#
|
88
105
|
# setup :activate_authlogic
|
89
106
|
#
|
@@ -94,23 +111,94 @@ module Authlogic
|
|
94
111
|
# assert UserSession.create(ben)
|
95
112
|
# assert_equal controller.session["user_credentials"], ben.persistence_token
|
96
113
|
#
|
97
|
-
# See how I am checking that Authlogic is interacting with the controller
|
114
|
+
# See how I am checking that Authlogic is interacting with the controller
|
115
|
+
# properly? That's the idea here.
|
116
|
+
#
|
117
|
+
# === Testing with Rails 5
|
118
|
+
#
|
119
|
+
# Rails 5 has [deprecated classic controller tests](https://goo.gl/4zmt6y).
|
120
|
+
# Controller tests now inherit from `ActionDispatch::IntegrationTest` making
|
121
|
+
# them plain old integration tests now. You have two options for testing
|
122
|
+
# AuthLogic in Rails 5:
|
123
|
+
#
|
124
|
+
# * Add the `rails-controller-testing` gem to bring back the original
|
125
|
+
# controller testing usage
|
126
|
+
# * Go full steam ahead with integration testing and actually log a user in
|
127
|
+
# by submitting a form in the integration test.
|
128
|
+
#
|
129
|
+
# Naturally DHH recommends the second method and this is
|
130
|
+
# [what he does in his own tests](https://goo.gl/Ar6p0u). This is useful
|
131
|
+
# for testing not only AuthLogic itself (submitting login credentials to a
|
132
|
+
# UserSessionsController, for example) but any controller action that is
|
133
|
+
# behind a login wall. Add a helper method and use that before testing your
|
134
|
+
# actual controller action:
|
135
|
+
#
|
136
|
+
# # test/test_helper.rb
|
137
|
+
# def login(user)
|
138
|
+
# post user_sessions_url, :params => { :email => user.email, :password => 'password' }
|
139
|
+
# end
|
140
|
+
#
|
141
|
+
# # test/controllers/posts_controller_test.rb
|
142
|
+
# test "#create requires a user to be logged in
|
143
|
+
# post posts_url, :params => { :body => 'Lorem ipsum' }
|
144
|
+
#
|
145
|
+
# assert_redirected_to new_user_session_url
|
146
|
+
# end
|
147
|
+
#
|
148
|
+
# test "#create lets a logged in user create a new post" do
|
149
|
+
# login(users(:admin))
|
150
|
+
#
|
151
|
+
# assert_difference 'Posts.count' do
|
152
|
+
# post posts_url, :params => { :body => 'Lorem ipsum' }
|
153
|
+
# end
|
154
|
+
#
|
155
|
+
# assert_redirected_to posts_url
|
156
|
+
# end
|
157
|
+
#
|
158
|
+
# You still have access to the `session` helper in an integration test and so
|
159
|
+
# you can still test to see if a user is logged in. A couple of helper methods
|
160
|
+
# might look like:
|
161
|
+
#
|
162
|
+
# # test/test_helper.rb
|
163
|
+
# def assert_logged_in
|
164
|
+
# assert session[:user_credentials].present?
|
165
|
+
# end
|
166
|
+
#
|
167
|
+
# def assert_not_logged_in
|
168
|
+
# assert session[:user_credentials].blank?
|
169
|
+
# end
|
170
|
+
#
|
171
|
+
# # test/user_sessions_controller_test.rb
|
172
|
+
# test "#create logs in a user" do
|
173
|
+
# login(users(:admin))
|
174
|
+
#
|
175
|
+
# assert_logged_in
|
176
|
+
# end
|
98
177
|
module TestCase
|
99
|
-
|
178
|
+
def initialize(*args)
|
179
|
+
@request = nil
|
180
|
+
super
|
181
|
+
end
|
182
|
+
|
183
|
+
# Activates authlogic so that you can use it in your tests. You should call
|
184
|
+
# this method in your test's setup. Ex:
|
100
185
|
#
|
101
186
|
# setup :activate_authlogic
|
102
187
|
def activate_authlogic
|
103
|
-
if @request &&
|
188
|
+
if @request && !@request.respond_to?(:params)
|
104
189
|
class <<@request
|
105
190
|
alias_method :params, :parameters
|
106
191
|
end
|
107
192
|
end
|
108
193
|
|
109
|
-
Authlogic::Session::Base.controller =
|
194
|
+
Authlogic::Session::Base.controller = @request &&
|
195
|
+
Authlogic::TestCase::RailsRequestAdapter.new(@request) ||
|
196
|
+
controller
|
110
197
|
end
|
111
198
|
|
112
|
-
# The Authlogic::TestCase::MockController object passed to Authlogic to
|
113
|
-
# See the module description
|
199
|
+
# The Authlogic::TestCase::MockController object passed to Authlogic to
|
200
|
+
# activate it. You can access this in your test. See the module description
|
201
|
+
# for an example.
|
114
202
|
def controller
|
115
203
|
@controller ||= Authlogic::TestCase::MockController.new
|
116
204
|
end
|
@@ -1,19 +1,20 @@
|
|
1
1
|
module Authlogic
|
2
2
|
module TestCase
|
3
|
-
# Basically acts like a controller but doesn't do anything. Authlogic can interact
|
4
|
-
# can look at the controller object to see if
|
3
|
+
# Basically acts like a controller but doesn't do anything. Authlogic can interact
|
4
|
+
# with this, do it's thing and then you can look at the controller object to see if
|
5
|
+
# anything changed.
|
5
6
|
class MockController < ControllerAdapters::AbstractAdapter
|
6
7
|
attr_accessor :http_user, :http_password, :realm
|
7
8
|
attr_writer :request_content_type
|
8
|
-
|
9
|
+
|
9
10
|
def initialize
|
10
11
|
end
|
11
|
-
|
12
|
-
def authenticate_with_http_basic
|
12
|
+
|
13
|
+
def authenticate_with_http_basic
|
13
14
|
yield http_user, http_password
|
14
15
|
end
|
15
|
-
|
16
|
-
def authenticate_or_request_with_http_basic(realm =
|
16
|
+
|
17
|
+
def authenticate_or_request_with_http_basic(realm = "DefaultRealm")
|
17
18
|
self.realm = realm
|
18
19
|
@http_auth_requested = true
|
19
20
|
yield http_user, http_password
|
@@ -22,27 +23,27 @@ module Authlogic
|
|
22
23
|
def cookies
|
23
24
|
@cookies ||= MockCookieJar.new
|
24
25
|
end
|
25
|
-
|
26
|
+
|
26
27
|
def cookie_domain
|
27
28
|
nil
|
28
29
|
end
|
29
|
-
|
30
|
+
|
30
31
|
def logger
|
31
32
|
@logger ||= MockLogger.new
|
32
33
|
end
|
33
|
-
|
34
|
+
|
34
35
|
def params
|
35
36
|
@params ||= {}
|
36
37
|
end
|
37
|
-
|
38
|
+
|
38
39
|
def request
|
39
40
|
@request ||= MockRequest.new(controller)
|
40
41
|
end
|
41
|
-
|
42
|
+
|
42
43
|
def request_content_type
|
43
44
|
@request_content_type ||= "text/html"
|
44
45
|
end
|
45
|
-
|
46
|
+
|
46
47
|
def session
|
47
48
|
@session ||= {}
|
48
49
|
end
|