authlogic 3.4.6 → 4.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.github/triage.md +87 -0
- data/.gitignore +4 -0
- data/.rubocop.yml +127 -0
- data/.rubocop_todo.yml +65 -0
- data/.travis.yml +18 -10
- data/CHANGELOG.md +156 -6
- data/CONTRIBUTING.md +71 -3
- data/Gemfile +2 -2
- data/README.md +386 -0
- data/Rakefile +13 -7
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +33 -22
- data/lib/authlogic.rb +60 -52
- data/lib/authlogic/acts_as_authentic/base.rb +40 -26
- data/lib/authlogic/acts_as_authentic/email.rb +96 -32
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
- data/lib/authlogic/acts_as_authentic/login.rb +114 -49
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +296 -139
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
- data/lib/authlogic/authenticates_many/association.rb +22 -14
- data/lib/authlogic/authenticates_many/base.rb +35 -16
- data/lib/authlogic/config.rb +10 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
- data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
- data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/crypto_providers/aes256.rb +42 -14
- data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
- data/lib/authlogic/crypto_providers/md5.rb +11 -9
- data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
- data/lib/authlogic/crypto_providers/sha1.rb +14 -8
- data/lib/authlogic/crypto_providers/sha256.rb +16 -12
- data/lib/authlogic/crypto_providers/sha512.rb +8 -24
- data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
- data/lib/authlogic/i18n.rb +33 -20
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +12 -29
- data/lib/authlogic/regex.rb +59 -27
- data/lib/authlogic/session/activation.rb +36 -23
- data/lib/authlogic/session/active_record_trickery.rb +13 -10
- data/lib/authlogic/session/base.rb +20 -8
- data/lib/authlogic/session/brute_force_protection.rb +87 -56
- data/lib/authlogic/session/callbacks.rb +99 -49
- data/lib/authlogic/session/cookies.rb +128 -59
- data/lib/authlogic/session/existence.rb +29 -19
- data/lib/authlogic/session/foundation.rb +70 -16
- data/lib/authlogic/session/http_auth.rb +39 -31
- data/lib/authlogic/session/id.rb +27 -15
- data/lib/authlogic/session/klass.rb +17 -13
- data/lib/authlogic/session/magic_columns.rb +78 -59
- data/lib/authlogic/session/magic_states.rb +50 -27
- data/lib/authlogic/session/params.rb +79 -50
- data/lib/authlogic/session/password.rb +197 -118
- data/lib/authlogic/session/perishable_token.rb +12 -6
- data/lib/authlogic/session/persistence.rb +20 -14
- data/lib/authlogic/session/priority_record.rb +20 -16
- data/lib/authlogic/session/scopes.rb +63 -33
- data/lib/authlogic/session/session.rb +40 -25
- data/lib/authlogic/session/timeout.rb +51 -34
- data/lib/authlogic/session/unauthorized_record.rb +24 -18
- data/lib/authlogic/session/validation.rb +32 -21
- data/lib/authlogic/test_case.rb +123 -35
- data/lib/authlogic/test_case/mock_controller.rb +14 -13
- data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +9 -4
- data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
- data/lib/authlogic/version.rb +21 -0
- data/test/acts_as_authentic_test/base_test.rb +1 -1
- data/test/acts_as_authentic_test/email_test.rb +80 -63
- data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
- data/test/acts_as_authentic_test/login_test.rb +91 -49
- data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
- data/test/acts_as_authentic_test/password_test.rb +82 -60
- data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
- data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
- data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
- data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
- data/test/acts_as_authentic_test/single_access_test.rb +15 -15
- data/test/adapter_test.rb +21 -0
- data/test/authenticates_many_test.rb +26 -11
- data/test/config_test.rb +9 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -3
- data/test/crypto_provider_test/bcrypt_test.rb +1 -1
- data/test/crypto_provider_test/scrypt_test.rb +2 -2
- data/test/crypto_provider_test/sha1_test.rb +4 -4
- data/test/crypto_provider_test/sha256_test.rb +2 -2
- data/test/crypto_provider_test/sha512_test.rb +3 -3
- data/test/crypto_provider_test/wordpress_test.rb +24 -0
- data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
- data/test/gemfiles/Gemfile.rails-master +6 -0
- data/test/i18n_test.rb +9 -9
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +4 -4
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/libs/user_session.rb +2 -2
- data/test/random_test.rb +9 -38
- data/test/session_test/activation_test.rb +7 -7
- data/test/session_test/active_record_trickery_test.rb +9 -6
- data/test/session_test/brute_force_protection_test.rb +26 -21
- data/test/session_test/callbacks_test.rb +10 -4
- data/test/session_test/cookies_test.rb +54 -20
- data/test/session_test/existence_test.rb +45 -23
- data/test/session_test/foundation_test.rb +17 -1
- data/test/session_test/http_auth_test.rb +11 -12
- data/test/session_test/id_test.rb +3 -3
- data/test/session_test/klass_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +15 -17
- data/test/session_test/magic_states_test.rb +17 -19
- data/test/session_test/params_test.rb +26 -20
- data/test/session_test/password_test.rb +11 -12
- data/test/session_test/perishability_test.rb +5 -5
- data/test/session_test/persistence_test.rb +4 -3
- data/test/session_test/scopes_test.rb +15 -9
- data/test/session_test/session_test.rb +7 -6
- data/test/session_test/timeout_test.rb +16 -14
- data/test/session_test/unauthorized_record_test.rb +3 -3
- data/test/session_test/validation_test.rb +5 -5
- data/test/test_helper.rb +115 -49
- metadata +107 -36
- data/README.rdoc +0 -232
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -1,7 +1,71 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
|
-
|
4
|
+
# Tests for configuration option: `validates_format_of_login_field_options`
|
5
|
+
class ValidatesFormatOfLoginTest < ActiveSupport::TestCase
|
6
|
+
def test_invalid_format
|
7
|
+
[
|
8
|
+
"fdsf@^&*",
|
9
|
+
" space",
|
10
|
+
".dot",
|
11
|
+
"-hyphen",
|
12
|
+
"@atmark",
|
13
|
+
"+plus"
|
14
|
+
].each do |login|
|
15
|
+
u = User.new(login: login)
|
16
|
+
refute u.valid?
|
17
|
+
refute u.errors[:login].empty?
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_valid_format
|
22
|
+
[
|
23
|
+
"fdsfdsfdsfdsfs",
|
24
|
+
"dakota.dux+1@gmail.com",
|
25
|
+
"marks .-_@+",
|
26
|
+
"_underscore"
|
27
|
+
].each do |login|
|
28
|
+
u = User.new(login: login)
|
29
|
+
refute u.valid?
|
30
|
+
assert u.errors[:login].empty?
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def test_validates_format_of_login_field_options_config
|
35
|
+
default = {
|
36
|
+
with: /\A[a-zA-Z0-9_][a-zA-Z0-9\.+\-_@ ]+\z/,
|
37
|
+
message: proc do
|
38
|
+
I18n.t(
|
39
|
+
"error_messages.login_invalid",
|
40
|
+
default: "should use only letters, numbers, spaces, and .-_@+ please."
|
41
|
+
)
|
42
|
+
end
|
43
|
+
}
|
44
|
+
default_message = default.delete(:message).call
|
45
|
+
|
46
|
+
options = User.validates_format_of_login_field_options
|
47
|
+
message = options.delete(:message)
|
48
|
+
assert message.is_a?(Proc)
|
49
|
+
assert_equal default_message, message.call
|
50
|
+
assert_equal default, options
|
51
|
+
|
52
|
+
options = Employee.validates_format_of_login_field_options
|
53
|
+
message = options.delete(:message)
|
54
|
+
assert message.is_a?(Proc)
|
55
|
+
assert_equal default_message, message.call
|
56
|
+
assert_equal default, options
|
57
|
+
|
58
|
+
User.validates_format_of_login_field_options = { yes: "no" }
|
59
|
+
assert_equal({ yes: "no" }, User.validates_format_of_login_field_options)
|
60
|
+
User.validates_format_of_login_field_options default
|
61
|
+
assert_equal default, User.validates_format_of_login_field_options
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
# Miscellaneous tests for configuration options related to the `login_field`.
|
66
|
+
# Feel free to organize these into separate `TestCase`s as we have done above
|
67
|
+
# with `ValidatesFormatOfLoginTest`.
|
68
|
+
class MiscellaneousLoginTest < ActiveSupport::TestCase
|
5
69
|
def test_login_field_config
|
6
70
|
assert_equal :login, User.login_field
|
7
71
|
assert_nil Employee.login_field
|
@@ -17,38 +81,31 @@ module ActsAsAuthenticTest
|
|
17
81
|
assert Employee.validate_login_field
|
18
82
|
|
19
83
|
User.validate_login_field = false
|
20
|
-
|
84
|
+
refute User.validate_login_field
|
21
85
|
User.validate_login_field true
|
22
86
|
assert User.validate_login_field
|
23
87
|
end
|
24
88
|
|
25
89
|
def test_validates_length_of_login_field_options_config
|
26
|
-
assert_equal({:
|
27
|
-
assert_equal({:
|
28
|
-
|
29
|
-
User.validates_length_of_login_field_options = {:yes => "no"}
|
30
|
-
assert_equal({:yes => "no"}, User.validates_length_of_login_field_options)
|
31
|
-
User.validates_length_of_login_field_options({:within => 3..100})
|
32
|
-
assert_equal({:within => 3..100}, User.validates_length_of_login_field_options)
|
33
|
-
end
|
34
|
-
|
35
|
-
def test_validates_format_of_login_field_options_config
|
36
|
-
default = {:with => /\A\w[\w\.+\-_@ ]+\z/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
|
37
|
-
assert_equal default, User.validates_format_of_login_field_options
|
38
|
-
assert_equal default, Employee.validates_format_of_login_field_options
|
90
|
+
assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
|
91
|
+
assert_equal({ within: 3..100 }, Employee.validates_length_of_login_field_options)
|
39
92
|
|
40
|
-
User.
|
41
|
-
assert_equal({:
|
42
|
-
User.
|
43
|
-
assert_equal
|
93
|
+
User.validates_length_of_login_field_options = { yes: "no" }
|
94
|
+
assert_equal({ yes: "no" }, User.validates_length_of_login_field_options)
|
95
|
+
User.validates_length_of_login_field_options(within: 3..100)
|
96
|
+
assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
|
44
97
|
end
|
45
98
|
|
46
99
|
def test_validates_uniqueness_of_login_field_options_config
|
47
|
-
default = {
|
100
|
+
default = {
|
101
|
+
case_sensitive: false,
|
102
|
+
scope: User.validations_scope,
|
103
|
+
if: "#{User.login_field}_changed?".to_sym
|
104
|
+
}
|
48
105
|
assert_equal default, User.validates_uniqueness_of_login_field_options
|
49
106
|
|
50
|
-
User.validates_uniqueness_of_login_field_options = {:
|
51
|
-
assert_equal({:
|
107
|
+
User.validates_uniqueness_of_login_field_options = { yes: "no" }
|
108
|
+
assert_equal({ yes: "no" }, User.validates_uniqueness_of_login_field_options)
|
52
109
|
User.validates_uniqueness_of_login_field_options default
|
53
110
|
assert_equal default, User.validates_uniqueness_of_login_field_options
|
54
111
|
end
|
@@ -56,42 +113,27 @@ module ActsAsAuthenticTest
|
|
56
113
|
def test_validates_length_of_login_field
|
57
114
|
u = User.new
|
58
115
|
u.login = "a"
|
59
|
-
|
60
|
-
|
116
|
+
refute u.valid?
|
117
|
+
refute u.errors[:login].empty?
|
61
118
|
|
62
119
|
u.login = "aaaaaaaaaa"
|
63
|
-
|
64
|
-
assert u.errors[:login].
|
65
|
-
end
|
66
|
-
|
67
|
-
def test_validates_format_of_login_field
|
68
|
-
u = User.new
|
69
|
-
u.login = "fdsf@^&*"
|
70
|
-
assert !u.valid?
|
71
|
-
assert u.errors[:login].size > 0
|
72
|
-
|
73
|
-
u.login = "fdsfdsfdsfdsfs"
|
74
|
-
assert !u.valid?
|
75
|
-
assert u.errors[:login].size == 0
|
76
|
-
|
77
|
-
u.login = "dakota.dux+1@gmail.com"
|
78
|
-
assert !u.valid?
|
79
|
-
assert u.errors[:login].size == 0
|
120
|
+
refute u.valid?
|
121
|
+
assert u.errors[:login].empty?
|
80
122
|
end
|
81
123
|
|
82
124
|
def test_validates_uniqueness_of_login_field
|
83
125
|
u = User.new
|
84
126
|
u.login = "bjohnson"
|
85
|
-
|
86
|
-
|
127
|
+
refute u.valid?
|
128
|
+
refute u.errors[:login].empty?
|
87
129
|
|
88
130
|
u.login = "BJOHNSON"
|
89
|
-
|
90
|
-
|
131
|
+
refute u.valid?
|
132
|
+
refute u.errors[:login].empty?
|
91
133
|
|
92
134
|
u.login = "fdsfdsf"
|
93
|
-
|
94
|
-
assert u.errors[:login].
|
135
|
+
refute u.valid?
|
136
|
+
assert u.errors[:login].empty?
|
95
137
|
end
|
96
138
|
|
97
139
|
def test_find_by_smart_case_login_field
|
@@ -106,4 +148,4 @@ module ActsAsAuthenticTest
|
|
106
148
|
assert_equal drew, Employee.find_by_smart_case_login_field("DGAINOR@BINARYLOGIC.COM")
|
107
149
|
end
|
108
150
|
end
|
109
|
-
end
|
151
|
+
end
|
@@ -1,27 +1,27 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class MagicColumnsTest < ActiveSupport::TestCase
|
5
5
|
def test_validates_numericality_of_login_count
|
6
6
|
u = User.new
|
7
7
|
u.login_count = -1
|
8
|
-
|
9
|
-
|
10
|
-
|
8
|
+
refute u.valid?
|
9
|
+
refute u.errors[:login_count].empty?
|
10
|
+
|
11
11
|
u.login_count = 0
|
12
|
-
|
13
|
-
assert u.errors[:login_count].
|
12
|
+
refute u.valid?
|
13
|
+
assert u.errors[:login_count].empty?
|
14
14
|
end
|
15
|
-
|
15
|
+
|
16
16
|
def test_validates_numericality_of_failed_login_count
|
17
17
|
u = User.new
|
18
18
|
u.failed_login_count = -1
|
19
|
-
|
20
|
-
|
21
|
-
|
19
|
+
refute u.valid?
|
20
|
+
refute u.errors[:failed_login_count].empty?
|
21
|
+
|
22
22
|
u.failed_login_count = 0
|
23
|
-
|
24
|
-
assert u.errors[:failed_login_count].
|
23
|
+
refute u.valid?
|
24
|
+
assert u.errors[:failed_login_count].empty?
|
25
25
|
end
|
26
26
|
end
|
27
|
-
end
|
27
|
+
end
|
@@ -1,7 +1,10 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class PasswordTest < ActiveSupport::TestCase
|
5
|
+
# If test_human_name is executed after test_i18n_of_human_name the test will fail.
|
6
|
+
i_suck_and_my_tests_are_order_dependent!
|
7
|
+
|
5
8
|
def test_crypted_password_field_config
|
6
9
|
assert_equal :crypted_password, User.crypted_password_field
|
7
10
|
assert_equal :crypted_password, Employee.crypted_password_field
|
@@ -27,7 +30,7 @@ module ActsAsAuthenticTest
|
|
27
30
|
assert Employee.ignore_blank_passwords
|
28
31
|
|
29
32
|
User.ignore_blank_passwords = false
|
30
|
-
|
33
|
+
refute User.ignore_blank_passwords
|
31
34
|
User.ignore_blank_passwords true
|
32
35
|
assert User.ignore_blank_passwords
|
33
36
|
end
|
@@ -35,7 +38,7 @@ module ActsAsAuthenticTest
|
|
35
38
|
def test_check_passwords_against_database
|
36
39
|
assert User.check_passwords_against_database
|
37
40
|
User.check_passwords_against_database = false
|
38
|
-
|
41
|
+
refute User.check_passwords_against_database
|
39
42
|
User.check_passwords_against_database true
|
40
43
|
assert User.check_passwords_against_database
|
41
44
|
end
|
@@ -45,40 +48,40 @@ module ActsAsAuthenticTest
|
|
45
48
|
assert Employee.validate_password_field
|
46
49
|
|
47
50
|
User.validate_password_field = false
|
48
|
-
|
51
|
+
refute User.validate_password_field
|
49
52
|
User.validate_password_field true
|
50
53
|
assert User.validate_password_field
|
51
54
|
end
|
52
55
|
|
53
56
|
def test_validates_length_of_password_field_options_config
|
54
|
-
default = {:
|
57
|
+
default = { minimum: 8, if: :require_password? }
|
55
58
|
assert_equal default, User.validates_length_of_password_field_options
|
56
59
|
assert_equal default, Employee.validates_length_of_password_field_options
|
57
60
|
|
58
|
-
User.validates_length_of_password_field_options = {:
|
59
|
-
assert_equal({:
|
61
|
+
User.validates_length_of_password_field_options = { yes: "no" }
|
62
|
+
assert_equal({ yes: "no" }, User.validates_length_of_password_field_options)
|
60
63
|
User.validates_length_of_password_field_options default
|
61
64
|
assert_equal default, User.validates_length_of_password_field_options
|
62
65
|
end
|
63
66
|
|
64
67
|
def test_validates_confirmation_of_password_field_options_config
|
65
|
-
default = {:
|
68
|
+
default = { if: :require_password? }
|
66
69
|
assert_equal default, User.validates_confirmation_of_password_field_options
|
67
70
|
assert_equal default, Employee.validates_confirmation_of_password_field_options
|
68
71
|
|
69
|
-
User.validates_confirmation_of_password_field_options = {:
|
70
|
-
assert_equal({:
|
72
|
+
User.validates_confirmation_of_password_field_options = { yes: "no" }
|
73
|
+
assert_equal({ yes: "no" }, User.validates_confirmation_of_password_field_options)
|
71
74
|
User.validates_confirmation_of_password_field_options default
|
72
75
|
assert_equal default, User.validates_confirmation_of_password_field_options
|
73
76
|
end
|
74
77
|
|
75
78
|
def test_validates_length_of_password_confirmation_field_options_config
|
76
|
-
default = {:
|
79
|
+
default = { minimum: 8, if: :require_password? }
|
77
80
|
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
78
81
|
assert_equal default, Employee.validates_length_of_password_confirmation_field_options
|
79
82
|
|
80
|
-
User.validates_length_of_password_confirmation_field_options = {:
|
81
|
-
assert_equal({:
|
83
|
+
User.validates_length_of_password_confirmation_field_options = { yes: "no" }
|
84
|
+
assert_equal({ yes: "no" }, User.validates_length_of_password_confirmation_field_options)
|
82
85
|
User.validates_length_of_password_confirmation_field_options default
|
83
86
|
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
84
87
|
end
|
@@ -104,50 +107,56 @@ module ActsAsAuthenticTest
|
|
104
107
|
end
|
105
108
|
|
106
109
|
def test_validates_length_of_password
|
107
|
-
u = User.new(
|
110
|
+
u = User.new(
|
111
|
+
login: "abcde",
|
112
|
+
email: "abcde@test.com",
|
113
|
+
password: "abcdefgh",
|
114
|
+
password_confirmation: "abcdefgh"
|
115
|
+
)
|
108
116
|
assert u.valid?
|
109
117
|
|
110
|
-
u.password = u.password_confirmation = "
|
111
|
-
|
118
|
+
u.password = u.password_confirmation = "abcdef"
|
119
|
+
refute u.valid?
|
112
120
|
|
113
|
-
assert u.errors[:password].include?("is too short (minimum is
|
114
|
-
assert u.errors[:password_confirmation].include?("is too short (minimum is
|
121
|
+
assert u.errors[:password].include?("is too short (minimum is 8 characters)")
|
122
|
+
assert u.errors[:password_confirmation].include?("is too short (minimum is 8 characters)")
|
115
123
|
end
|
116
124
|
|
117
125
|
def test_validates_confirmation_of_password
|
118
|
-
u = User.new(
|
126
|
+
u = User.new(
|
127
|
+
login: "abcde",
|
128
|
+
email: "abcde@test.com",
|
129
|
+
password: "abcdefgh",
|
130
|
+
password_confirmation: "abcdefgh"
|
131
|
+
)
|
119
132
|
assert u.valid?
|
120
133
|
|
121
|
-
u.password_confirmation = "
|
122
|
-
|
134
|
+
u.password_confirmation = "abcdefghij"
|
135
|
+
refute u.valid?
|
123
136
|
|
124
|
-
|
125
|
-
assert u.errors[:password_confirmation].include?("doesn't match Password")
|
126
|
-
else
|
127
|
-
assert u.errors[:password].include?("doesn't match confirmation")
|
128
|
-
end
|
137
|
+
assert u.errors[:password_confirmation].include?("doesn't match Password")
|
129
138
|
end
|
130
139
|
|
131
140
|
def test_validates_length_of_password_confirmation
|
132
141
|
u = User.new
|
133
142
|
|
134
|
-
u.password = "
|
143
|
+
u.password = "testpass"
|
135
144
|
u.password_confirmation = ""
|
136
|
-
|
137
|
-
|
145
|
+
refute u.valid?
|
146
|
+
refute u.errors[:password_confirmation].empty?
|
138
147
|
|
139
|
-
u.password_confirmation = "
|
140
|
-
|
141
|
-
assert u.errors[:password_confirmation].
|
148
|
+
u.password_confirmation = "testpass"
|
149
|
+
refute u.valid?
|
150
|
+
assert u.errors[:password_confirmation].empty?
|
142
151
|
|
143
152
|
ben = users(:ben)
|
144
153
|
assert ben.valid?
|
145
154
|
|
146
|
-
ben.password = "
|
147
|
-
|
148
|
-
|
155
|
+
ben.password = "newpasswd"
|
156
|
+
refute ben.valid?
|
157
|
+
refute ben.errors[:password_confirmation].empty?
|
149
158
|
|
150
|
-
ben.password_confirmation = "
|
159
|
+
ben.password_confirmation = "newpasswd"
|
151
160
|
assert ben.valid?
|
152
161
|
end
|
153
162
|
|
@@ -164,28 +173,36 @@ module ActsAsAuthenticTest
|
|
164
173
|
ben = users(:ben)
|
165
174
|
|
166
175
|
transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
|
167
|
-
transition_password_to(
|
168
|
-
|
176
|
+
transition_password_to(
|
177
|
+
Authlogic::CryptoProviders::Sha1,
|
178
|
+
ben,
|
179
|
+
[Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt]
|
180
|
+
)
|
181
|
+
transition_password_to(
|
182
|
+
Authlogic::CryptoProviders::Sha512,
|
183
|
+
ben,
|
184
|
+
[Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt]
|
185
|
+
)
|
169
186
|
end
|
170
187
|
|
171
188
|
def test_checks_password_against_database
|
172
189
|
ben = users(:aaron)
|
173
190
|
ben.password = "new pass"
|
174
|
-
|
191
|
+
refute ben.valid_password?("new pass")
|
175
192
|
assert ben.valid_password?("aaronrocks")
|
176
193
|
end
|
177
194
|
|
178
195
|
def test_checks_password_against_database_and_always_fails_on_new_records
|
179
196
|
user = User.new
|
180
197
|
user.password = "new pass"
|
181
|
-
|
198
|
+
refute user.valid_password?("new pass")
|
182
199
|
end
|
183
200
|
|
184
201
|
def test_checks_password_against_object
|
185
202
|
ben = users(:ben)
|
186
203
|
ben.password = "new pass"
|
187
204
|
assert ben.valid_password?("new pass", false)
|
188
|
-
|
205
|
+
refute ben.valid_password?("benrocks", false)
|
189
206
|
end
|
190
207
|
|
191
208
|
def test_reset_password
|
@@ -215,25 +232,30 @@ module ActsAsAuthenticTest
|
|
215
232
|
end
|
216
233
|
|
217
234
|
private
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
235
|
+
|
236
|
+
def transition_password_to(
|
237
|
+
crypto_provider,
|
238
|
+
records,
|
239
|
+
from_crypto_providers = Authlogic::CryptoProviders::Sha512
|
240
|
+
)
|
241
|
+
records = [records] unless records.is_a?(Array)
|
242
|
+
User.acts_as_authentic do |c|
|
243
|
+
c.crypto_provider = crypto_provider
|
244
|
+
c.transition_from_crypto_providers = from_crypto_providers
|
245
|
+
end
|
246
|
+
records.each do |record|
|
247
|
+
old_hash = record.crypted_password
|
248
|
+
old_persistence_token = record.persistence_token
|
249
|
+
assert record.valid_password?(password_for(record))
|
250
|
+
assert_not_equal old_hash.to_s, record.crypted_password.to_s
|
251
|
+
assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
|
252
|
+
|
253
|
+
old_hash = record.crypted_password
|
254
|
+
old_persistence_token = record.persistence_token
|
255
|
+
assert record.valid_password?(password_for(record))
|
256
|
+
assert_equal old_hash.to_s, record.crypted_password.to_s
|
257
|
+
assert_equal old_persistence_token.to_s, record.persistence_token.to_s
|
237
258
|
end
|
259
|
+
end
|
238
260
|
end
|
239
261
|
end
|