authlogic 3.4.6 → 4.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.github/triage.md +87 -0
- data/.gitignore +4 -0
- data/.rubocop.yml +127 -0
- data/.rubocop_todo.yml +65 -0
- data/.travis.yml +18 -10
- data/CHANGELOG.md +156 -6
- data/CONTRIBUTING.md +71 -3
- data/Gemfile +2 -2
- data/README.md +386 -0
- data/Rakefile +13 -7
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +33 -22
- data/lib/authlogic.rb +60 -52
- data/lib/authlogic/acts_as_authentic/base.rb +40 -26
- data/lib/authlogic/acts_as_authentic/email.rb +96 -32
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
- data/lib/authlogic/acts_as_authentic/login.rb +114 -49
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +296 -139
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
- data/lib/authlogic/authenticates_many/association.rb +22 -14
- data/lib/authlogic/authenticates_many/base.rb +35 -16
- data/lib/authlogic/config.rb +10 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
- data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
- data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/crypto_providers/aes256.rb +42 -14
- data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
- data/lib/authlogic/crypto_providers/md5.rb +11 -9
- data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
- data/lib/authlogic/crypto_providers/sha1.rb +14 -8
- data/lib/authlogic/crypto_providers/sha256.rb +16 -12
- data/lib/authlogic/crypto_providers/sha512.rb +8 -24
- data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
- data/lib/authlogic/i18n.rb +33 -20
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +12 -29
- data/lib/authlogic/regex.rb +59 -27
- data/lib/authlogic/session/activation.rb +36 -23
- data/lib/authlogic/session/active_record_trickery.rb +13 -10
- data/lib/authlogic/session/base.rb +20 -8
- data/lib/authlogic/session/brute_force_protection.rb +87 -56
- data/lib/authlogic/session/callbacks.rb +99 -49
- data/lib/authlogic/session/cookies.rb +128 -59
- data/lib/authlogic/session/existence.rb +29 -19
- data/lib/authlogic/session/foundation.rb +70 -16
- data/lib/authlogic/session/http_auth.rb +39 -31
- data/lib/authlogic/session/id.rb +27 -15
- data/lib/authlogic/session/klass.rb +17 -13
- data/lib/authlogic/session/magic_columns.rb +78 -59
- data/lib/authlogic/session/magic_states.rb +50 -27
- data/lib/authlogic/session/params.rb +79 -50
- data/lib/authlogic/session/password.rb +197 -118
- data/lib/authlogic/session/perishable_token.rb +12 -6
- data/lib/authlogic/session/persistence.rb +20 -14
- data/lib/authlogic/session/priority_record.rb +20 -16
- data/lib/authlogic/session/scopes.rb +63 -33
- data/lib/authlogic/session/session.rb +40 -25
- data/lib/authlogic/session/timeout.rb +51 -34
- data/lib/authlogic/session/unauthorized_record.rb +24 -18
- data/lib/authlogic/session/validation.rb +32 -21
- data/lib/authlogic/test_case.rb +123 -35
- data/lib/authlogic/test_case/mock_controller.rb +14 -13
- data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +9 -4
- data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
- data/lib/authlogic/version.rb +21 -0
- data/test/acts_as_authentic_test/base_test.rb +1 -1
- data/test/acts_as_authentic_test/email_test.rb +80 -63
- data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
- data/test/acts_as_authentic_test/login_test.rb +91 -49
- data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
- data/test/acts_as_authentic_test/password_test.rb +82 -60
- data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
- data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
- data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
- data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
- data/test/acts_as_authentic_test/single_access_test.rb +15 -15
- data/test/adapter_test.rb +21 -0
- data/test/authenticates_many_test.rb +26 -11
- data/test/config_test.rb +9 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -3
- data/test/crypto_provider_test/bcrypt_test.rb +1 -1
- data/test/crypto_provider_test/scrypt_test.rb +2 -2
- data/test/crypto_provider_test/sha1_test.rb +4 -4
- data/test/crypto_provider_test/sha256_test.rb +2 -2
- data/test/crypto_provider_test/sha512_test.rb +3 -3
- data/test/crypto_provider_test/wordpress_test.rb +24 -0
- data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
- data/test/gemfiles/Gemfile.rails-master +6 -0
- data/test/i18n_test.rb +9 -9
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +4 -4
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/libs/user_session.rb +2 -2
- data/test/random_test.rb +9 -38
- data/test/session_test/activation_test.rb +7 -7
- data/test/session_test/active_record_trickery_test.rb +9 -6
- data/test/session_test/brute_force_protection_test.rb +26 -21
- data/test/session_test/callbacks_test.rb +10 -4
- data/test/session_test/cookies_test.rb +54 -20
- data/test/session_test/existence_test.rb +45 -23
- data/test/session_test/foundation_test.rb +17 -1
- data/test/session_test/http_auth_test.rb +11 -12
- data/test/session_test/id_test.rb +3 -3
- data/test/session_test/klass_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +15 -17
- data/test/session_test/magic_states_test.rb +17 -19
- data/test/session_test/params_test.rb +26 -20
- data/test/session_test/password_test.rb +11 -12
- data/test/session_test/perishability_test.rb +5 -5
- data/test/session_test/persistence_test.rb +4 -3
- data/test/session_test/scopes_test.rb +15 -9
- data/test/session_test/session_test.rb +7 -6
- data/test/session_test/timeout_test.rb +16 -14
- data/test/session_test/unauthorized_record_test.rb +3 -3
- data/test/session_test/validation_test.rb +5 -5
- data/test/test_helper.rb +115 -49
- metadata +107 -36
- data/README.rdoc +0 -232
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -1,81 +1,87 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class PerishableTokenTest < ActiveSupport::TestCase
|
5
5
|
def test_perishable_token_valid_for_config
|
6
6
|
assert_equal 10.minutes.to_i, User.perishable_token_valid_for
|
7
7
|
assert_equal 10.minutes.to_i, Employee.perishable_token_valid_for
|
8
|
-
|
8
|
+
|
9
9
|
User.perishable_token_valid_for = 1.hour
|
10
10
|
assert_equal 1.hour.to_i, User.perishable_token_valid_for
|
11
11
|
User.perishable_token_valid_for 10.minutes
|
12
12
|
assert_equal 10.minutes.to_i, User.perishable_token_valid_for
|
13
13
|
end
|
14
|
-
|
14
|
+
|
15
15
|
def test_disable_perishable_token_maintenance_config
|
16
|
-
|
17
|
-
|
18
|
-
|
16
|
+
refute User.disable_perishable_token_maintenance
|
17
|
+
refute Employee.disable_perishable_token_maintenance
|
18
|
+
|
19
19
|
User.disable_perishable_token_maintenance = true
|
20
20
|
assert User.disable_perishable_token_maintenance
|
21
21
|
User.disable_perishable_token_maintenance false
|
22
|
-
|
22
|
+
refute User.disable_perishable_token_maintenance
|
23
23
|
end
|
24
|
-
|
24
|
+
|
25
25
|
def test_validates_uniqueness_of_perishable_token
|
26
26
|
u = User.new
|
27
27
|
u.perishable_token = users(:ben).perishable_token
|
28
|
-
|
29
|
-
|
28
|
+
refute u.valid?
|
29
|
+
refute u.errors[:perishable_token].empty?
|
30
30
|
end
|
31
|
-
|
31
|
+
|
32
32
|
def test_before_save_reset_perishable_token
|
33
33
|
ben = users(:ben)
|
34
34
|
old_perishable_token = ben.perishable_token
|
35
35
|
assert ben.save
|
36
36
|
assert_not_equal old_perishable_token, ben.perishable_token
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
def test_reset_perishable_token
|
40
40
|
ben = users(:ben)
|
41
41
|
old_perishable_token = ben.perishable_token
|
42
|
-
|
42
|
+
|
43
43
|
assert ben.reset_perishable_token
|
44
44
|
assert_not_equal old_perishable_token, ben.perishable_token
|
45
|
-
|
45
|
+
|
46
46
|
ben.reload
|
47
47
|
assert_equal old_perishable_token, ben.perishable_token
|
48
|
-
|
48
|
+
|
49
49
|
assert ben.reset_perishable_token!
|
50
50
|
assert_not_equal old_perishable_token, ben.perishable_token
|
51
|
-
|
51
|
+
|
52
52
|
ben.reload
|
53
53
|
assert_not_equal old_perishable_token, ben.perishable_token
|
54
54
|
end
|
55
|
-
|
55
|
+
|
56
56
|
def test_find_using_perishable_token
|
57
57
|
ben = users(:ben)
|
58
58
|
assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
|
59
59
|
end
|
60
|
-
|
60
|
+
|
61
61
|
def test_find_using_perishable_token_when_perished
|
62
62
|
ben = users(:ben)
|
63
|
-
ActiveRecord::Base.connection.execute(
|
63
|
+
ActiveRecord::Base.connection.execute(
|
64
|
+
"UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}"
|
65
|
+
)
|
64
66
|
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
65
67
|
end
|
66
|
-
|
67
|
-
def
|
68
|
+
|
69
|
+
def test_find_using_perishable_token_when_perished_2
|
68
70
|
User.perishable_token_valid_for = 1.minute
|
69
71
|
ben = users(:ben)
|
70
|
-
ActiveRecord::Base.connection.execute(
|
72
|
+
ActiveRecord::Base.connection.execute(
|
73
|
+
"UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}"
|
74
|
+
)
|
71
75
|
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
72
76
|
User.perishable_token_valid_for = 10.minutes
|
73
77
|
end
|
74
|
-
|
78
|
+
|
75
79
|
def test_find_using_perishable_token_when_passing_threshold
|
76
80
|
User.perishable_token_valid_for = 1.minute
|
77
81
|
ben = users(:ben)
|
78
|
-
ActiveRecord::Base.connection.execute(
|
82
|
+
ActiveRecord::Base.connection.execute(
|
83
|
+
"UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}"
|
84
|
+
)
|
79
85
|
assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
|
80
86
|
assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
|
81
87
|
User.perishable_token_valid_for = 10.minutes
|
@@ -83,7 +89,7 @@ module ActsAsAuthenticTest
|
|
83
89
|
|
84
90
|
def test_find_perishable_token_with_bang
|
85
91
|
assert_raises ActiveRecord::RecordNotFound do
|
86
|
-
User.find_using_perishable_token!(
|
92
|
+
User.find_using_perishable_token!("some_bad_value")
|
87
93
|
end
|
88
94
|
end
|
89
95
|
end
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class PersistenceTokenTest < ActiveSupport::TestCase
|
@@ -24,21 +24,25 @@ module ActsAsAuthenticTest
|
|
24
24
|
|
25
25
|
def test_before_validate_reset_persistence_token
|
26
26
|
u = User.new
|
27
|
-
|
27
|
+
refute u.valid?
|
28
28
|
assert_not_nil u.persistence_token
|
29
29
|
end
|
30
30
|
|
31
31
|
def test_forget_all
|
32
|
+
UserSession.allow_http_basic_auth = true
|
33
|
+
|
32
34
|
http_basic_auth_for(users(:ben)) { UserSession.find }
|
33
35
|
http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
|
34
36
|
assert UserSession.find
|
35
37
|
assert UserSession.find(:ziggity_zack)
|
36
38
|
User.forget_all
|
37
|
-
|
38
|
-
|
39
|
+
refute UserSession.find
|
40
|
+
refute UserSession.find(:ziggity_zack)
|
39
41
|
end
|
40
42
|
|
41
43
|
def test_forget
|
44
|
+
UserSession.allow_http_basic_auth = true
|
45
|
+
|
42
46
|
ben = users(:ben)
|
43
47
|
zack = users(:zack)
|
44
48
|
http_basic_auth_for(ben) { UserSession.find }
|
@@ -49,7 +53,7 @@ module ActsAsAuthenticTest
|
|
49
53
|
|
50
54
|
ben.forget!
|
51
55
|
|
52
|
-
|
56
|
+
refute UserSession.find
|
53
57
|
assert UserSession.find(:ziggity_zack)
|
54
58
|
end
|
55
59
|
end
|
@@ -1,37 +1,46 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class RestfulAuthenticationTest < ActiveSupport::TestCase
|
5
|
+
def setup
|
6
|
+
@old_deprecation_behavior = ::ActiveSupport::Deprecation.behavior
|
7
|
+
::ActiveSupport::Deprecation.behavior = :silence
|
8
|
+
end
|
9
|
+
|
10
|
+
def teardown
|
11
|
+
::ActiveSupport::Deprecation.behavior = @old_deprecation_behavior
|
12
|
+
end
|
13
|
+
|
5
14
|
def test_act_like_restful_authentication_config
|
6
|
-
|
7
|
-
|
15
|
+
refute User.act_like_restful_authentication
|
16
|
+
refute Employee.act_like_restful_authentication
|
8
17
|
|
9
18
|
User.act_like_restful_authentication = true
|
10
19
|
assert User.act_like_restful_authentication
|
11
20
|
assert_equal Authlogic::CryptoProviders::Sha1, User.crypto_provider
|
12
21
|
assert defined?(::REST_AUTH_SITE_KEY)
|
13
|
-
assert_equal
|
22
|
+
assert_equal "", ::REST_AUTH_SITE_KEY
|
14
23
|
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
15
24
|
|
16
25
|
User.act_like_restful_authentication false
|
17
|
-
|
26
|
+
refute User.act_like_restful_authentication
|
18
27
|
|
19
28
|
User.crypto_provider = Authlogic::CryptoProviders::Sha512
|
20
29
|
User.transition_from_crypto_providers = []
|
21
30
|
end
|
22
31
|
|
23
32
|
def test_transition_from_restful_authentication_config
|
24
|
-
|
25
|
-
|
33
|
+
refute User.transition_from_restful_authentication
|
34
|
+
refute Employee.transition_from_restful_authentication
|
26
35
|
|
27
36
|
User.transition_from_restful_authentication = true
|
28
37
|
assert User.transition_from_restful_authentication
|
29
38
|
assert defined?(::REST_AUTH_SITE_KEY)
|
30
|
-
assert_equal
|
39
|
+
assert_equal "", ::REST_AUTH_SITE_KEY
|
31
40
|
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
32
41
|
|
33
42
|
User.transition_from_restful_authentication false
|
34
|
-
|
43
|
+
refute User.transition_from_restful_authentication
|
35
44
|
end
|
36
45
|
end
|
37
46
|
end
|
@@ -1,35 +1,78 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class SessionMaintenanceTest < ActiveSupport::TestCase
|
5
|
-
def
|
6
|
-
|
7
|
-
User.
|
8
|
-
assert !User.maintain_sessions
|
9
|
-
User.maintain_sessions true
|
10
|
-
assert User.maintain_sessions
|
5
|
+
def setup
|
6
|
+
User.log_in_after_create = true
|
7
|
+
User.log_in_after_password_change = true
|
11
8
|
end
|
12
|
-
|
9
|
+
|
10
|
+
def test_log_in_after_create_config
|
11
|
+
assert User.log_in_after_create
|
12
|
+
User.log_in_after_create = false
|
13
|
+
refute User.log_in_after_create
|
14
|
+
User.log_in_after_create = true
|
15
|
+
assert User.log_in_after_create
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_log_in_after_password_change_config
|
19
|
+
assert User.log_in_after_password_change
|
20
|
+
User.log_in_after_password_change = false
|
21
|
+
refute User.log_in_after_password_change
|
22
|
+
User.log_in_after_password_change = true
|
23
|
+
assert User.log_in_after_password_change
|
24
|
+
end
|
25
|
+
|
13
26
|
def test_login_after_create
|
14
|
-
|
27
|
+
User.log_in_after_create = true
|
28
|
+
user = User.create(
|
29
|
+
login: "awesome",
|
30
|
+
password: "saweeeet",
|
31
|
+
password_confirmation: "saweeeet",
|
32
|
+
email: "awesome@awesome.com"
|
33
|
+
)
|
34
|
+
assert user.persisted?
|
15
35
|
assert UserSession.find
|
36
|
+
logged_in_user = UserSession.find.user
|
37
|
+
assert_equal logged_in_user, user
|
16
38
|
end
|
17
|
-
|
39
|
+
|
40
|
+
def test_no_login_after_create
|
41
|
+
old_user = User.create(
|
42
|
+
login: "awesome",
|
43
|
+
password: "saweeeet",
|
44
|
+
password_confirmation: "saweeeet",
|
45
|
+
email: "awesome@awesome.com"
|
46
|
+
)
|
47
|
+
User.log_in_after_create = false
|
48
|
+
user2 = User.create(
|
49
|
+
login: "awesome2",
|
50
|
+
password: "saweeeet2",
|
51
|
+
password_confirmation: "saweeeet2",
|
52
|
+
email: "awesome2@awesome.com"
|
53
|
+
)
|
54
|
+
assert user2.persisted?
|
55
|
+
logged_in_user = UserSession.find.user
|
56
|
+
assert_not_equal logged_in_user, user2
|
57
|
+
assert_equal logged_in_user, old_user
|
58
|
+
end
|
59
|
+
|
18
60
|
def test_updating_session_with_failed_magic_state
|
19
61
|
ben = users(:ben)
|
20
62
|
ben.confirmed = false
|
21
|
-
ben.password = "
|
22
|
-
ben.password_confirmation = "
|
63
|
+
ben.password = "newpasswd"
|
64
|
+
ben.password_confirmation = "newpasswd"
|
23
65
|
assert ben.save
|
24
66
|
end
|
25
67
|
|
26
68
|
def test_update_session_after_password_modify
|
69
|
+
User.log_in_after_password_change = true
|
27
70
|
ben = users(:ben)
|
28
71
|
UserSession.create(ben)
|
29
72
|
old_session_key = controller.session["user_credentials"]
|
30
73
|
old_cookie_key = controller.cookies["user_credentials"]
|
31
|
-
ben.password = "
|
32
|
-
ben.password_confirmation = "
|
74
|
+
ben.password = "newpasswd"
|
75
|
+
ben.password_confirmation = "newpasswd"
|
33
76
|
assert ben.save
|
34
77
|
assert controller.session["user_credentials"]
|
35
78
|
assert controller.cookies["user_credentials"]
|
@@ -37,6 +80,21 @@ module ActsAsAuthenticTest
|
|
37
80
|
assert_not_equal controller.cookies["user_credentials"], old_cookie_key
|
38
81
|
end
|
39
82
|
|
83
|
+
def test_no_update_session_after_password_modify
|
84
|
+
User.log_in_after_password_change = false
|
85
|
+
ben = users(:ben)
|
86
|
+
UserSession.create(ben)
|
87
|
+
old_session_key = controller.session["user_credentials"]
|
88
|
+
old_cookie_key = controller.cookies["user_credentials"]
|
89
|
+
ben.password = "newpasswd"
|
90
|
+
ben.password_confirmation = "newpasswd"
|
91
|
+
assert ben.save
|
92
|
+
assert controller.session["user_credentials"]
|
93
|
+
assert controller.cookies["user_credentials"]
|
94
|
+
assert_equal controller.session["user_credentials"], old_session_key
|
95
|
+
assert_equal controller.cookies["user_credentials"], old_cookie_key
|
96
|
+
end
|
97
|
+
|
40
98
|
def test_no_session_update_after_modify
|
41
99
|
ben = users(:ben)
|
42
100
|
UserSession.create(ben)
|
@@ -47,13 +105,19 @@ module ActsAsAuthenticTest
|
|
47
105
|
assert_equal controller.session["user_credentials"], old_session_key
|
48
106
|
assert_equal controller.cookies["user_credentials"], old_cookie_key
|
49
107
|
end
|
50
|
-
|
108
|
+
|
51
109
|
def test_creating_other_user
|
52
110
|
ben = users(:ben)
|
53
111
|
UserSession.create(ben)
|
54
112
|
old_session_key = controller.session["user_credentials"]
|
55
113
|
old_cookie_key = controller.cookies["user_credentials"]
|
56
|
-
|
114
|
+
user = User.create(
|
115
|
+
login: "awesome",
|
116
|
+
password: "saweet", # Password is too short, user invalid
|
117
|
+
password_confirmation: "saweet",
|
118
|
+
email: "awesome@saweet.com"
|
119
|
+
)
|
120
|
+
refute user.persisted?
|
57
121
|
assert_equal controller.session["user_credentials"], old_session_key
|
58
122
|
assert_equal controller.cookies["user_credentials"], old_cookie_key
|
59
123
|
end
|
@@ -64,8 +128,8 @@ module ActsAsAuthenticTest
|
|
64
128
|
old_session_key = controller.session["user_credentials"]
|
65
129
|
old_cookie_key = controller.cookies["user_credentials"]
|
66
130
|
zack = users(:zack)
|
67
|
-
zack.password = "
|
68
|
-
zack.password_confirmation = "
|
131
|
+
zack.password = "newpasswd"
|
132
|
+
zack.password_confirmation = "newpasswd"
|
69
133
|
assert zack.save
|
70
134
|
assert_equal controller.session["user_credentials"], old_session_key
|
71
135
|
assert_equal controller.cookies["user_credentials"], old_cookie_key
|
@@ -73,12 +137,12 @@ module ActsAsAuthenticTest
|
|
73
137
|
|
74
138
|
def test_resetting_password_when_logged_out
|
75
139
|
ben = users(:ben)
|
76
|
-
|
77
|
-
ben.password = "
|
78
|
-
ben.password_confirmation = "
|
140
|
+
refute UserSession.find
|
141
|
+
ben.password = "newpasswd"
|
142
|
+
ben.password_confirmation = "newpasswd"
|
79
143
|
assert ben.save
|
80
144
|
assert UserSession.find
|
81
145
|
assert_equal ben, UserSession.find.record
|
82
146
|
end
|
83
147
|
end
|
84
|
-
end
|
148
|
+
end
|
@@ -1,44 +1,44 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class SingleAccessTest < ActiveSupport::TestCase
|
5
5
|
def test_change_single_access_token_with_password_config
|
6
|
-
|
7
|
-
|
8
|
-
|
6
|
+
refute User.change_single_access_token_with_password
|
7
|
+
refute Employee.change_single_access_token_with_password
|
8
|
+
|
9
9
|
User.change_single_access_token_with_password = true
|
10
10
|
assert User.change_single_access_token_with_password
|
11
11
|
User.change_single_access_token_with_password false
|
12
|
-
|
12
|
+
refute User.change_single_access_token_with_password
|
13
13
|
end
|
14
|
-
|
14
|
+
|
15
15
|
def test_validates_uniqueness_of_single_access_token
|
16
16
|
u = User.new
|
17
17
|
u.single_access_token = users(:ben).single_access_token
|
18
|
-
|
19
|
-
|
18
|
+
refute u.valid?
|
19
|
+
refute u.errors[:single_access_token].empty?
|
20
20
|
end
|
21
|
-
|
21
|
+
|
22
22
|
def test_before_validation_reset_single_access_token
|
23
23
|
u = User.new
|
24
|
-
|
24
|
+
refute u.valid?
|
25
25
|
assert_not_nil u.single_access_token
|
26
26
|
end
|
27
|
-
|
27
|
+
|
28
28
|
def test_after_password_set_reset_single_access_token
|
29
29
|
User.change_single_access_token_with_password = true
|
30
|
-
|
30
|
+
|
31
31
|
ben = users(:ben)
|
32
32
|
old_single_access_token = ben.single_access_token
|
33
33
|
ben.password = "new_pass"
|
34
34
|
assert_not_equal old_single_access_token, ben.single_access_token
|
35
|
-
|
35
|
+
|
36
36
|
User.change_single_access_token_with_password = false
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
def test_after_password_set_is_not_called
|
40
40
|
ldaper = Ldaper.new
|
41
41
|
assert ldaper.save
|
42
42
|
end
|
43
43
|
end
|
44
|
-
end
|
44
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require "test_helper"
|
2
|
+
|
3
|
+
module Authlogic
|
4
|
+
module ControllerAdapters
|
5
|
+
class AbstractAdapterTest < ActiveSupport::TestCase
|
6
|
+
def test_controller
|
7
|
+
controller = Class.new(MockController) do
|
8
|
+
def controller.an_arbitrary_method
|
9
|
+
"bar"
|
10
|
+
end
|
11
|
+
end.new
|
12
|
+
adapter = Authlogic::ControllerAdapters::AbstractAdapter.new(controller)
|
13
|
+
|
14
|
+
assert_equal controller, adapter.controller
|
15
|
+
assert controller.params.equal?(adapter.params)
|
16
|
+
assert adapter.respond_to?(:an_arbitrary_method)
|
17
|
+
assert_equal "bar", adapter.an_arbitrary_method
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|