authlogic 3.4.6 → 4.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (140) hide show
  1. checksums.yaml +5 -5
  2. data/.github/ISSUE_TEMPLATE.md +13 -0
  3. data/.github/triage.md +87 -0
  4. data/.gitignore +4 -0
  5. data/.rubocop.yml +127 -0
  6. data/.rubocop_todo.yml +65 -0
  7. data/.travis.yml +18 -10
  8. data/CHANGELOG.md +156 -6
  9. data/CONTRIBUTING.md +71 -3
  10. data/Gemfile +2 -2
  11. data/README.md +386 -0
  12. data/Rakefile +13 -7
  13. data/UPGRADING.md +22 -0
  14. data/authlogic.gemspec +33 -22
  15. data/lib/authlogic.rb +60 -52
  16. data/lib/authlogic/acts_as_authentic/base.rb +40 -26
  17. data/lib/authlogic/acts_as_authentic/email.rb +96 -32
  18. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
  19. data/lib/authlogic/acts_as_authentic/login.rb +114 -49
  20. data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
  21. data/lib/authlogic/acts_as_authentic/password.rb +296 -139
  22. data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
  23. data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
  24. data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
  25. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
  26. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
  27. data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
  28. data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
  29. data/lib/authlogic/authenticates_many/association.rb +22 -14
  30. data/lib/authlogic/authenticates_many/base.rb +35 -16
  31. data/lib/authlogic/config.rb +10 -10
  32. data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
  33. data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
  34. data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
  35. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
  36. data/lib/authlogic/crypto_providers.rb +91 -0
  37. data/lib/authlogic/crypto_providers/aes256.rb +42 -14
  38. data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
  39. data/lib/authlogic/crypto_providers/md5.rb +11 -9
  40. data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
  41. data/lib/authlogic/crypto_providers/sha1.rb +14 -8
  42. data/lib/authlogic/crypto_providers/sha256.rb +16 -12
  43. data/lib/authlogic/crypto_providers/sha512.rb +8 -24
  44. data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
  45. data/lib/authlogic/i18n.rb +33 -20
  46. data/lib/authlogic/i18n/translator.rb +1 -1
  47. data/lib/authlogic/random.rb +12 -29
  48. data/lib/authlogic/regex.rb +59 -27
  49. data/lib/authlogic/session/activation.rb +36 -23
  50. data/lib/authlogic/session/active_record_trickery.rb +13 -10
  51. data/lib/authlogic/session/base.rb +20 -8
  52. data/lib/authlogic/session/brute_force_protection.rb +87 -56
  53. data/lib/authlogic/session/callbacks.rb +99 -49
  54. data/lib/authlogic/session/cookies.rb +128 -59
  55. data/lib/authlogic/session/existence.rb +29 -19
  56. data/lib/authlogic/session/foundation.rb +70 -16
  57. data/lib/authlogic/session/http_auth.rb +39 -31
  58. data/lib/authlogic/session/id.rb +27 -15
  59. data/lib/authlogic/session/klass.rb +17 -13
  60. data/lib/authlogic/session/magic_columns.rb +78 -59
  61. data/lib/authlogic/session/magic_states.rb +50 -27
  62. data/lib/authlogic/session/params.rb +79 -50
  63. data/lib/authlogic/session/password.rb +197 -118
  64. data/lib/authlogic/session/perishable_token.rb +12 -6
  65. data/lib/authlogic/session/persistence.rb +20 -14
  66. data/lib/authlogic/session/priority_record.rb +20 -16
  67. data/lib/authlogic/session/scopes.rb +63 -33
  68. data/lib/authlogic/session/session.rb +40 -25
  69. data/lib/authlogic/session/timeout.rb +51 -34
  70. data/lib/authlogic/session/unauthorized_record.rb +24 -18
  71. data/lib/authlogic/session/validation.rb +32 -21
  72. data/lib/authlogic/test_case.rb +123 -35
  73. data/lib/authlogic/test_case/mock_controller.rb +14 -13
  74. data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
  75. data/lib/authlogic/test_case/mock_logger.rb +1 -1
  76. data/lib/authlogic/test_case/mock_request.rb +9 -4
  77. data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
  78. data/lib/authlogic/version.rb +21 -0
  79. data/test/acts_as_authentic_test/base_test.rb +1 -1
  80. data/test/acts_as_authentic_test/email_test.rb +80 -63
  81. data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
  82. data/test/acts_as_authentic_test/login_test.rb +91 -49
  83. data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
  84. data/test/acts_as_authentic_test/password_test.rb +82 -60
  85. data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
  86. data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
  87. data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
  88. data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
  89. data/test/acts_as_authentic_test/single_access_test.rb +15 -15
  90. data/test/adapter_test.rb +21 -0
  91. data/test/authenticates_many_test.rb +26 -11
  92. data/test/config_test.rb +9 -9
  93. data/test/crypto_provider_test/aes256_test.rb +3 -3
  94. data/test/crypto_provider_test/bcrypt_test.rb +1 -1
  95. data/test/crypto_provider_test/scrypt_test.rb +2 -2
  96. data/test/crypto_provider_test/sha1_test.rb +4 -4
  97. data/test/crypto_provider_test/sha256_test.rb +2 -2
  98. data/test/crypto_provider_test/sha512_test.rb +3 -3
  99. data/test/crypto_provider_test/wordpress_test.rb +24 -0
  100. data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
  101. data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
  102. data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
  103. data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
  104. data/test/gemfiles/Gemfile.rails-master +6 -0
  105. data/test/i18n_test.rb +9 -9
  106. data/test/libs/affiliate.rb +2 -2
  107. data/test/libs/company.rb +4 -4
  108. data/test/libs/employee.rb +2 -2
  109. data/test/libs/employee_session.rb +1 -1
  110. data/test/libs/ldaper.rb +1 -1
  111. data/test/libs/project.rb +1 -1
  112. data/test/libs/user_session.rb +2 -2
  113. data/test/random_test.rb +9 -38
  114. data/test/session_test/activation_test.rb +7 -7
  115. data/test/session_test/active_record_trickery_test.rb +9 -6
  116. data/test/session_test/brute_force_protection_test.rb +26 -21
  117. data/test/session_test/callbacks_test.rb +10 -4
  118. data/test/session_test/cookies_test.rb +54 -20
  119. data/test/session_test/existence_test.rb +45 -23
  120. data/test/session_test/foundation_test.rb +17 -1
  121. data/test/session_test/http_auth_test.rb +11 -12
  122. data/test/session_test/id_test.rb +3 -3
  123. data/test/session_test/klass_test.rb +2 -2
  124. data/test/session_test/magic_columns_test.rb +15 -17
  125. data/test/session_test/magic_states_test.rb +17 -19
  126. data/test/session_test/params_test.rb +26 -20
  127. data/test/session_test/password_test.rb +11 -12
  128. data/test/session_test/perishability_test.rb +5 -5
  129. data/test/session_test/persistence_test.rb +4 -3
  130. data/test/session_test/scopes_test.rb +15 -9
  131. data/test/session_test/session_test.rb +7 -6
  132. data/test/session_test/timeout_test.rb +16 -14
  133. data/test/session_test/unauthorized_record_test.rb +3 -3
  134. data/test/session_test/validation_test.rb +5 -5
  135. data/test/test_helper.rb +115 -49
  136. metadata +107 -36
  137. data/README.rdoc +0 -232
  138. data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
  139. data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
  140. data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -1,8 +1,11 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  module SessionTest
4
4
  module ActiveRecordTrickeryTest
5
5
  class ClassMethodsTest < ActiveSupport::TestCase
6
+ # If test_human_name is executed after test_i18n_of_human_name the test will fail.
7
+ i_suck_and_my_tests_are_order_dependent!
8
+
6
9
  def test_human_attribute_name
7
10
  assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
8
11
  assert_equal "Some attribute", UserSession.human_attribute_name(:some_attribute)
@@ -13,12 +16,12 @@ module SessionTest
13
16
  end
14
17
 
15
18
  def test_i18n_of_human_name
16
- I18n.backend.store_translations 'en', :authlogic => {:models => {:user_session => "MySession" } }
19
+ I18n.backend.store_translations "en", authlogic: { models: { user_session: "MySession" } }
17
20
  assert_equal "MySession", UserSession.human_name
18
21
  end
19
22
 
20
23
  def test_i18n_of_model_name_human
21
- I18n.backend.store_translations 'en', :authlogic => {:models => {:user_session => "MySession" } }
24
+ I18n.backend.store_translations "en", authlogic: { models: { user_session: "MySession" } }
22
25
  assert_equal "MySession", UserSession.model_name.human
23
26
  end
24
27
 
@@ -47,18 +50,18 @@ module SessionTest
47
50
 
48
51
  def test_persisted
49
52
  session = UserSession.new(users(:ben))
50
- assert ! session.persisted?
53
+ refute session.persisted?
51
54
 
52
55
  session.save
53
56
  assert session.persisted?
54
57
 
55
58
  session.destroy
56
- assert ! session.persisted?
59
+ refute session.persisted?
57
60
  end
58
61
 
59
62
  def test_destroyed?
60
63
  session = UserSession.create(users(:ben))
61
- assert ! session.destroyed?
64
+ refute session.destroyed?
62
65
 
63
66
  session.destroy
64
67
  assert session.destroyed?
@@ -1,4 +1,4 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  module SessionTest
4
4
  module BruteForceProtectionTest
@@ -25,19 +25,20 @@ module SessionTest
25
25
  ben = users(:ben)
26
26
  ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
27
27
  assert ben.save
28
- assert UserSession.create(:login => ben.login, :password => "benrocks")
28
+ session = UserSession.create(login: ben.login, password: "benrocks")
29
+ refute session.new_session?
29
30
  end
30
31
 
31
32
  def test_exceeded_limit
32
33
  ben = users(:ben)
33
34
  ben.failed_login_count = UserSession.consecutive_failed_logins_limit
34
35
  assert ben.save
35
- assert UserSession.create(:login => ben.login, :password => "benrocks").new_session?
36
+ session = UserSession.create(login: ben.login, password: "benrocks")
37
+ assert session.new_session?
36
38
  assert UserSession.create(ben).new_session?
37
-
38
39
  ben.reload
39
40
  ben.updated_at = (UserSession.failed_login_ban_for + 2.hours.to_i).seconds.ago
40
- assert !UserSession.create(ben).new_session?
41
+ refute UserSession.create(ben).new_session?
41
42
  end
42
43
 
43
44
  def test_exceeding_failed_logins_limit
@@ -45,15 +46,15 @@ module SessionTest
45
46
  ben = users(:ben)
46
47
 
47
48
  2.times do |i|
48
- session = UserSession.new(:login => ben.login, :password => "badpassword1")
49
- assert !session.save
50
- assert session.errors[:password].size > 0
49
+ session = UserSession.new(login: ben.login, password: "badpassword1")
50
+ refute session.save
51
+ refute session.errors[:password].empty?
51
52
  assert_equal i + 1, ben.reload.failed_login_count
52
53
  end
53
54
 
54
- session = UserSession.new(:login => ben.login, :password => "badpassword2")
55
- assert !session.save
56
- assert session.errors[:password].size == 0
55
+ session = UserSession.new(login: ben.login, password: "badpassword2")
56
+ refute session.save
57
+ assert session.errors[:password].empty?
57
58
  assert_equal 3, ben.reload.failed_login_count
58
59
 
59
60
  UserSession.consecutive_failed_logins_limit = 50
@@ -65,14 +66,16 @@ module SessionTest
65
66
  ben = users(:ben)
66
67
 
67
68
  2.times do |i|
68
- session = UserSession.new(:login => ben.login, :password => "badpassword1")
69
- assert !session.save
69
+ session = UserSession.new(login: ben.login, password: "badpassword1")
70
+ refute session.save
70
71
  assert session.invalid_password?
71
72
  assert_equal i + 1, ben.reload.failed_login_count
72
73
  end
73
74
 
74
- ActiveRecord::Base.connection.execute("update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'")
75
- session = UserSession.new(:login => ben.login, :password => "benrocks")
75
+ ActiveRecord::Base.connection.execute(
76
+ "update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
77
+ )
78
+ session = UserSession.new(login: ben.login, password: "benrocks")
76
79
  assert session.save
77
80
  assert_equal 0, ben.reload.failed_login_count
78
81
 
@@ -85,15 +88,17 @@ module SessionTest
85
88
  ben = users(:ben)
86
89
 
87
90
  2.times do |i|
88
- session = UserSession.new(:login => ben.login, :password => "badpassword1")
89
- assert !session.save
90
- assert session.errors[:password].size > 0
91
+ session = UserSession.new(login: ben.login, password: "badpassword1")
92
+ refute session.save
93
+ refute session.errors[:password].empty?
91
94
  assert_equal i + 1, ben.reload.failed_login_count
92
95
  end
93
96
 
94
- ActiveRecord::Base.connection.execute("update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'")
95
- session = UserSession.new(:login => ben.login, :password => "badpassword1")
96
- assert !session.save
97
+ ActiveRecord::Base.connection.execute(
98
+ "update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
99
+ )
100
+ session = UserSession.new(login: ben.login, password: "badpassword1")
101
+ refute session.save
97
102
  assert_equal 1, ben.reload.failed_login_count
98
103
 
99
104
  UserSession.consecutive_failed_logins_limit = 50
@@ -1,9 +1,9 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  module SessionTest
4
4
  class CallbacksTest < ActiveSupport::TestCase
5
5
  def setup
6
- WackyUserSession.reset_callbacks(:persist)
6
+ WackyUserSession.reset_callbacks(:persist)
7
7
  end
8
8
 
9
9
  def test_no_callbacks
@@ -15,7 +15,10 @@ module SessionTest
15
15
 
16
16
  def test_true_callback_cancelling_later_callbacks
17
17
  WackyUserSession.persist :persist_by_true, :persist_by_false
18
- assert_equal [:persist_by_true, :persist_by_false], WackyUserSession._persist_callbacks.map(&:filter)
18
+ assert_equal(
19
+ %i[persist_by_true persist_by_false],
20
+ WackyUserSession._persist_callbacks.map(&:filter)
21
+ )
19
22
 
20
23
  session = WackyUserSession.new
21
24
  session.send(:persist)
@@ -24,7 +27,10 @@ module SessionTest
24
27
 
25
28
  def test_false_callback_continuing_to_later_callbacks
26
29
  WackyUserSession.persist :persist_by_false, :persist_by_true
27
- assert_equal [:persist_by_false, :persist_by_true], WackyUserSession._persist_callbacks.map(&:filter)
30
+ assert_equal(
31
+ %i[persist_by_false persist_by_true],
32
+ WackyUserSession._persist_callbacks.map(&:filter)
33
+ )
28
34
 
29
35
  session = WackyUserSession.new
30
36
  session.send(:persist)
@@ -1,8 +1,8 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  module SessionTest
4
4
  module CookiesTest
5
- class ConfiTest < ActiveSupport::TestCase
5
+ class ConfigTest < ActiveSupport::TestCase
6
6
  def test_cookie_key
7
7
  UserSession.cookie_key = "my_cookie_key"
8
8
  assert_equal "my_cookie_key", UserSession.cookie_key
@@ -43,7 +43,6 @@ module SessionTest
43
43
  end
44
44
 
45
45
  def test_secure
46
- UserSession.secure = true
47
46
  assert_equal true, UserSession.secure
48
47
  session = UserSession.new
49
48
  assert_equal true, session.secure
@@ -55,7 +54,6 @@ module SessionTest
55
54
  end
56
55
 
57
56
  def test_httponly
58
- UserSession.httponly = true
59
57
  assert_equal true, UserSession.httponly
60
58
  session = UserSession.new
61
59
  assert_equal true, session.httponly
@@ -66,6 +64,21 @@ module SessionTest
66
64
  assert_equal false, session.httponly
67
65
  end
68
66
 
67
+ def test_same_site
68
+ assert_nil UserSession.same_site
69
+ assert_nil UserSession.new.same_site
70
+
71
+ UserSession.same_site "Strict"
72
+ assert_equal "Strict", UserSession.same_site
73
+ session = UserSession.new
74
+ assert_equal "Strict", session.same_site
75
+ session.same_site = "Lax"
76
+ assert_equal "Lax", session.same_site
77
+
78
+ assert_raise(ArgumentError) { UserSession.same_site "foo" }
79
+ assert_raise(ArgumentError) { UserSession.new.same_site "foo" }
80
+ end
81
+
69
82
  def test_sign_cookie
70
83
  UserSession.sign_cookie = true
71
84
  assert_equal true, UserSession.sign_cookie
@@ -82,18 +95,18 @@ module SessionTest
82
95
  class InstanceMethodsTest < ActiveSupport::TestCase
83
96
  def test_credentials
84
97
  session = UserSession.new
85
- session.credentials = {:remember_me => true}
98
+ session.credentials = { remember_me: true }
86
99
  assert_equal true, session.remember_me
87
100
  end
88
101
 
89
102
  def test_remember_me
90
103
  session = UserSession.new
91
104
  assert_equal false, session.remember_me
92
- assert !session.remember_me?
105
+ refute session.remember_me?
93
106
 
94
107
  session.remember_me = false
95
108
  assert_equal false, session.remember_me
96
- assert !session.remember_me?
109
+ refute session.remember_me?
97
110
 
98
111
  session.remember_me = true
99
112
  assert_equal true, session.remember_me
@@ -101,7 +114,7 @@ module SessionTest
101
114
 
102
115
  session.remember_me = nil
103
116
  assert_nil session.remember_me
104
- assert !session.remember_me?
117
+ refute session.remember_me?
105
118
 
106
119
  session.remember_me = "1"
107
120
  assert_equal "1", session.remember_me
@@ -122,7 +135,7 @@ module SessionTest
122
135
 
123
136
  def test_persist_persist_by_cookie
124
137
  ben = users(:ben)
125
- assert !UserSession.find
138
+ refute UserSession.find
126
139
  set_cookie_for(ben)
127
140
  assert session = UserSession.find
128
141
  assert_equal ben, session.record
@@ -131,9 +144,9 @@ module SessionTest
131
144
  def test_persist_persist_by_cookie_with_blank_persistence_token
132
145
  ben = users(:ben)
133
146
  ben.update_column(:persistence_token, "")
134
- assert !UserSession.find
147
+ refute UserSession.find
135
148
  set_cookie_for(ben)
136
- assert !UserSession.find
149
+ refute UserSession.find
137
150
  end
138
151
 
139
152
  def test_remember_me_expired
@@ -141,19 +154,22 @@ module SessionTest
141
154
  session = UserSession.new(ben)
142
155
  session.remember_me = true
143
156
  assert session.save
144
- assert !session.remember_me_expired?
157
+ refute session.remember_me_expired?
145
158
 
146
159
  session = UserSession.new(ben)
147
160
  session.remember_me = false
148
161
  assert session.save
149
- assert !session.remember_me_expired?
162
+ refute session.remember_me_expired?
150
163
  end
151
164
 
152
165
  def test_after_save_save_cookie
153
166
  ben = users(:ben)
154
167
  session = UserSession.new(ben)
155
168
  assert session.save
156
- assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
169
+ assert_equal(
170
+ "#{ben.persistence_token}::#{ben.id}",
171
+ controller.cookies["user_credentials"]
172
+ )
157
173
  end
158
174
 
159
175
  def test_after_save_save_cookie_signed
@@ -166,15 +182,33 @@ module SessionTest
166
182
  session.sign_cookie = true
167
183
  assert session.save
168
184
  assert_equal payload, controller.cookies.signed["user_credentials"]
169
- assert_equal "#{payload}--#{Digest::SHA1.hexdigest payload}", controller.cookies.signed.parent_jar["user_credentials"]
185
+ assert_equal(
186
+ "#{payload}--#{Digest::SHA1.hexdigest payload}",
187
+ controller.cookies.signed.parent_jar["user_credentials"]
188
+ )
170
189
  end
171
190
 
172
191
  def test_after_save_save_cookie_with_remember_me
173
- ben = users(:ben)
174
- session = UserSession.new(ben)
175
- session.remember_me = true
192
+ Timecop.freeze do
193
+ ben = users(:ben)
194
+ session = UserSession.new(ben)
195
+ session.remember_me = true
196
+ assert session.save
197
+ assert_equal(
198
+ "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
199
+ controller.cookies["user_credentials"]
200
+ )
201
+ end
202
+ end
203
+
204
+ def test_after_save_save_cookie_with_same_site
205
+ session = UserSession.new(users(:ben))
206
+ session.same_site = "Strict"
176
207
  assert session.save
177
- assert_equal "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}", controller.cookies["user_credentials"]
208
+ assert_equal(
209
+ "Strict",
210
+ controller.cookies.set_cookies["user_credentials"][:same_site]
211
+ )
178
212
  end
179
213
 
180
214
  def test_after_destroy_destroy_cookie
@@ -183,7 +217,7 @@ module SessionTest
183
217
  session = UserSession.find
184
218
  assert controller.cookies["user_credentials"]
185
219
  assert session.destroy
186
- assert !controller.cookies["user_credentials"]
220
+ refute controller.cookies["user_credentials"]
187
221
  end
188
222
  end
189
223
  end
@@ -1,64 +1,86 @@
1
- require 'test_helper'
1
+ require "test_helper"
2
2
 
3
3
  module SessionTest
4
4
  module ExistenceTest
5
5
  class ClassMethodsTest < ActiveSupport::TestCase
6
- def test_create
6
+ def test_create_with_good_credentials
7
7
  ben = users(:ben)
8
- assert UserSession.create(:login => "somelogin", :password => "badpw2").new_session?
9
- assert !UserSession.create(:login => ben.login, :password => "benrocks").new_session?
10
- assert_raise(Authlogic::Session::Existence::SessionInvalidError) { UserSession.create!(:login => ben.login, :password => "badpw") }
11
- assert !UserSession.create!(:login => ben.login, :password => "benrocks").new_session?
8
+ session = UserSession.create(login: ben.login, password: "benrocks")
9
+ refute session.new_session?
10
+ end
11
+
12
+ def test_create_with_bad_credentials
13
+ session = UserSession.create(login: "somelogin", password: "badpw2")
14
+ assert session.new_session?
15
+ end
16
+
17
+ def test_create_bang
18
+ ben = users(:ben)
19
+ err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
20
+ UserSession.create!(login: ben.login, password: "badpw")
21
+ end
22
+ assert_includes err.message, "Password is not valid"
23
+ refute UserSession.create!(login: ben.login, password: "benrocks").new_session?
12
24
  end
13
25
  end
14
-
15
- class IsntaceMethodsTest < ActiveSupport::TestCase
26
+
27
+ class InstanceMethodsTest < ActiveSupport::TestCase
16
28
  def test_new_session
17
29
  session = UserSession.new
18
30
  assert session.new_session?
19
-
31
+
20
32
  set_session_for(users(:ben))
21
33
  session = UserSession.find
22
- assert !session.new_session?
34
+ refute session.new_session?
23
35
  end
24
-
36
+
25
37
  def test_save_with_nothing
26
38
  session = UserSession.new
27
- assert !session.save
39
+ refute session.save
28
40
  assert session.new_session?
29
41
  end
30
-
42
+
31
43
  def test_save_with_block
32
- ben = users(:ben)
33
44
  session = UserSession.new
34
45
  block_result = session.save do |result|
35
- assert !result
46
+ refute result
36
47
  end
37
- assert !block_result
48
+ refute block_result
38
49
  assert session.new_session?
39
50
  end
40
-
51
+
41
52
  def test_save_with_bang
42
53
  session = UserSession.new
43
54
  assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
44
-
55
+
45
56
  session.unauthorized_record = users(:ben)
46
57
  assert_nothing_raised { session.save! }
47
58
  end
48
-
59
+
49
60
  def test_destroy
50
61
  ben = users(:ben)
51
62
  session = UserSession.new
52
- assert !session.valid?
53
- assert !session.errors.empty?
63
+ refute session.valid?
64
+ refute session.errors.empty?
54
65
  assert session.destroy
55
66
  assert session.errors.empty?
56
67
  session.unauthorized_record = ben
57
68
  assert session.save
58
69
  assert session.record
59
70
  assert session.destroy
60
- assert !session.record
71
+ refute session.record
72
+ end
73
+ end
74
+
75
+ class SessionInvalidErrorTest < ActiveSupport::TestCase
76
+ def test_message
77
+ session = UserSession.new
78
+ assert !session.valid?
79
+ error = Authlogic::Session::Existence::SessionInvalidError.new(session)
80
+ message = "Your session is invalid and has the following errors: " +
81
+ session.errors.full_messages.to_sentence
82
+ assert_equal message, error.message
61
83
  end
62
84
  end
63
85
  end
64
- end
86
+ end