authlogic 3.4.6 → 4.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.github/triage.md +87 -0
- data/.gitignore +4 -0
- data/.rubocop.yml +127 -0
- data/.rubocop_todo.yml +65 -0
- data/.travis.yml +18 -10
- data/CHANGELOG.md +156 -6
- data/CONTRIBUTING.md +71 -3
- data/Gemfile +2 -2
- data/README.md +386 -0
- data/Rakefile +13 -7
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +33 -22
- data/lib/authlogic.rb +60 -52
- data/lib/authlogic/acts_as_authentic/base.rb +40 -26
- data/lib/authlogic/acts_as_authentic/email.rb +96 -32
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +36 -12
- data/lib/authlogic/acts_as_authentic/login.rb +114 -49
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +17 -6
- data/lib/authlogic/acts_as_authentic/password.rb +296 -139
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +34 -20
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +20 -24
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +68 -23
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +128 -85
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +41 -25
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +8 -8
- data/lib/authlogic/authenticates_many/association.rb +22 -14
- data/lib/authlogic/authenticates_many/base.rb +35 -16
- data/lib/authlogic/config.rb +10 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +40 -12
- data/lib/authlogic/controller_adapters/rack_adapter.rb +15 -8
- data/lib/authlogic/controller_adapters/rails_adapter.rb +42 -22
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +3 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/crypto_providers/aes256.rb +42 -14
- data/lib/authlogic/crypto_providers/bcrypt.rb +35 -20
- data/lib/authlogic/crypto_providers/md5.rb +11 -9
- data/lib/authlogic/crypto_providers/scrypt.rb +26 -13
- data/lib/authlogic/crypto_providers/sha1.rb +14 -8
- data/lib/authlogic/crypto_providers/sha256.rb +16 -12
- data/lib/authlogic/crypto_providers/sha512.rb +8 -24
- data/lib/authlogic/crypto_providers/wordpress.rb +44 -15
- data/lib/authlogic/i18n.rb +33 -20
- data/lib/authlogic/i18n/translator.rb +1 -1
- data/lib/authlogic/random.rb +12 -29
- data/lib/authlogic/regex.rb +59 -27
- data/lib/authlogic/session/activation.rb +36 -23
- data/lib/authlogic/session/active_record_trickery.rb +13 -10
- data/lib/authlogic/session/base.rb +20 -8
- data/lib/authlogic/session/brute_force_protection.rb +87 -56
- data/lib/authlogic/session/callbacks.rb +99 -49
- data/lib/authlogic/session/cookies.rb +128 -59
- data/lib/authlogic/session/existence.rb +29 -19
- data/lib/authlogic/session/foundation.rb +70 -16
- data/lib/authlogic/session/http_auth.rb +39 -31
- data/lib/authlogic/session/id.rb +27 -15
- data/lib/authlogic/session/klass.rb +17 -13
- data/lib/authlogic/session/magic_columns.rb +78 -59
- data/lib/authlogic/session/magic_states.rb +50 -27
- data/lib/authlogic/session/params.rb +79 -50
- data/lib/authlogic/session/password.rb +197 -118
- data/lib/authlogic/session/perishable_token.rb +12 -6
- data/lib/authlogic/session/persistence.rb +20 -14
- data/lib/authlogic/session/priority_record.rb +20 -16
- data/lib/authlogic/session/scopes.rb +63 -33
- data/lib/authlogic/session/session.rb +40 -25
- data/lib/authlogic/session/timeout.rb +51 -34
- data/lib/authlogic/session/unauthorized_record.rb +24 -18
- data/lib/authlogic/session/validation.rb +32 -21
- data/lib/authlogic/test_case.rb +123 -35
- data/lib/authlogic/test_case/mock_controller.rb +14 -13
- data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -5
- data/lib/authlogic/test_case/mock_logger.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +9 -4
- data/lib/authlogic/test_case/rails_request_adapter.rb +8 -7
- data/lib/authlogic/version.rb +21 -0
- data/test/acts_as_authentic_test/base_test.rb +1 -1
- data/test/acts_as_authentic_test/email_test.rb +80 -63
- data/test/acts_as_authentic_test/logged_in_status_test.rb +14 -8
- data/test/acts_as_authentic_test/login_test.rb +91 -49
- data/test/acts_as_authentic_test/magic_columns_test.rb +13 -13
- data/test/acts_as_authentic_test/password_test.rb +82 -60
- data/test/acts_as_authentic_test/perishable_token_test.rb +31 -25
- data/test/acts_as_authentic_test/persistence_token_test.rb +9 -5
- data/test/acts_as_authentic_test/restful_authentication_test.rb +18 -9
- data/test/acts_as_authentic_test/session_maintenance_test.rb +86 -22
- data/test/acts_as_authentic_test/single_access_test.rb +15 -15
- data/test/adapter_test.rb +21 -0
- data/test/authenticates_many_test.rb +26 -11
- data/test/config_test.rb +9 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -3
- data/test/crypto_provider_test/bcrypt_test.rb +1 -1
- data/test/crypto_provider_test/scrypt_test.rb +2 -2
- data/test/crypto_provider_test/sha1_test.rb +4 -4
- data/test/crypto_provider_test/sha256_test.rb +2 -2
- data/test/crypto_provider_test/sha512_test.rb +3 -3
- data/test/crypto_provider_test/wordpress_test.rb +24 -0
- data/test/gemfiles/Gemfile.rails-4.2.x +2 -2
- data/test/gemfiles/Gemfile.rails-5.0.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/gemfiles/Gemfile.rails-5.2.x +6 -0
- data/test/gemfiles/Gemfile.rails-master +6 -0
- data/test/i18n_test.rb +9 -9
- data/test/libs/affiliate.rb +2 -2
- data/test/libs/company.rb +4 -4
- data/test/libs/employee.rb +2 -2
- data/test/libs/employee_session.rb +1 -1
- data/test/libs/ldaper.rb +1 -1
- data/test/libs/project.rb +1 -1
- data/test/libs/user_session.rb +2 -2
- data/test/random_test.rb +9 -38
- data/test/session_test/activation_test.rb +7 -7
- data/test/session_test/active_record_trickery_test.rb +9 -6
- data/test/session_test/brute_force_protection_test.rb +26 -21
- data/test/session_test/callbacks_test.rb +10 -4
- data/test/session_test/cookies_test.rb +54 -20
- data/test/session_test/existence_test.rb +45 -23
- data/test/session_test/foundation_test.rb +17 -1
- data/test/session_test/http_auth_test.rb +11 -12
- data/test/session_test/id_test.rb +3 -3
- data/test/session_test/klass_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +15 -17
- data/test/session_test/magic_states_test.rb +17 -19
- data/test/session_test/params_test.rb +26 -20
- data/test/session_test/password_test.rb +11 -12
- data/test/session_test/perishability_test.rb +5 -5
- data/test/session_test/persistence_test.rb +4 -3
- data/test/session_test/scopes_test.rb +15 -9
- data/test/session_test/session_test.rb +7 -6
- data/test/session_test/timeout_test.rb +16 -14
- data/test/session_test/unauthorized_record_test.rb +3 -3
- data/test/session_test/validation_test.rb +5 -5
- data/test/test_helper.rb +115 -49
- metadata +107 -36
- data/README.rdoc +0 -232
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
@@ -1,8 +1,11 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module SessionTest
|
4
4
|
module ActiveRecordTrickeryTest
|
5
5
|
class ClassMethodsTest < ActiveSupport::TestCase
|
6
|
+
# If test_human_name is executed after test_i18n_of_human_name the test will fail.
|
7
|
+
i_suck_and_my_tests_are_order_dependent!
|
8
|
+
|
6
9
|
def test_human_attribute_name
|
7
10
|
assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
|
8
11
|
assert_equal "Some attribute", UserSession.human_attribute_name(:some_attribute)
|
@@ -13,12 +16,12 @@ module SessionTest
|
|
13
16
|
end
|
14
17
|
|
15
18
|
def test_i18n_of_human_name
|
16
|
-
I18n.backend.store_translations
|
19
|
+
I18n.backend.store_translations "en", authlogic: { models: { user_session: "MySession" } }
|
17
20
|
assert_equal "MySession", UserSession.human_name
|
18
21
|
end
|
19
22
|
|
20
23
|
def test_i18n_of_model_name_human
|
21
|
-
I18n.backend.store_translations
|
24
|
+
I18n.backend.store_translations "en", authlogic: { models: { user_session: "MySession" } }
|
22
25
|
assert_equal "MySession", UserSession.model_name.human
|
23
26
|
end
|
24
27
|
|
@@ -47,18 +50,18 @@ module SessionTest
|
|
47
50
|
|
48
51
|
def test_persisted
|
49
52
|
session = UserSession.new(users(:ben))
|
50
|
-
|
53
|
+
refute session.persisted?
|
51
54
|
|
52
55
|
session.save
|
53
56
|
assert session.persisted?
|
54
57
|
|
55
58
|
session.destroy
|
56
|
-
|
59
|
+
refute session.persisted?
|
57
60
|
end
|
58
61
|
|
59
62
|
def test_destroyed?
|
60
63
|
session = UserSession.create(users(:ben))
|
61
|
-
|
64
|
+
refute session.destroyed?
|
62
65
|
|
63
66
|
session.destroy
|
64
67
|
assert session.destroyed?
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module SessionTest
|
4
4
|
module BruteForceProtectionTest
|
@@ -25,19 +25,20 @@ module SessionTest
|
|
25
25
|
ben = users(:ben)
|
26
26
|
ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
|
27
27
|
assert ben.save
|
28
|
-
|
28
|
+
session = UserSession.create(login: ben.login, password: "benrocks")
|
29
|
+
refute session.new_session?
|
29
30
|
end
|
30
31
|
|
31
32
|
def test_exceeded_limit
|
32
33
|
ben = users(:ben)
|
33
34
|
ben.failed_login_count = UserSession.consecutive_failed_logins_limit
|
34
35
|
assert ben.save
|
35
|
-
|
36
|
+
session = UserSession.create(login: ben.login, password: "benrocks")
|
37
|
+
assert session.new_session?
|
36
38
|
assert UserSession.create(ben).new_session?
|
37
|
-
|
38
39
|
ben.reload
|
39
40
|
ben.updated_at = (UserSession.failed_login_ban_for + 2.hours.to_i).seconds.ago
|
40
|
-
|
41
|
+
refute UserSession.create(ben).new_session?
|
41
42
|
end
|
42
43
|
|
43
44
|
def test_exceeding_failed_logins_limit
|
@@ -45,15 +46,15 @@ module SessionTest
|
|
45
46
|
ben = users(:ben)
|
46
47
|
|
47
48
|
2.times do |i|
|
48
|
-
session = UserSession.new(:
|
49
|
-
|
50
|
-
|
49
|
+
session = UserSession.new(login: ben.login, password: "badpassword1")
|
50
|
+
refute session.save
|
51
|
+
refute session.errors[:password].empty?
|
51
52
|
assert_equal i + 1, ben.reload.failed_login_count
|
52
53
|
end
|
53
54
|
|
54
|
-
session = UserSession.new(:
|
55
|
-
|
56
|
-
assert session.errors[:password].
|
55
|
+
session = UserSession.new(login: ben.login, password: "badpassword2")
|
56
|
+
refute session.save
|
57
|
+
assert session.errors[:password].empty?
|
57
58
|
assert_equal 3, ben.reload.failed_login_count
|
58
59
|
|
59
60
|
UserSession.consecutive_failed_logins_limit = 50
|
@@ -65,14 +66,16 @@ module SessionTest
|
|
65
66
|
ben = users(:ben)
|
66
67
|
|
67
68
|
2.times do |i|
|
68
|
-
session = UserSession.new(:
|
69
|
-
|
69
|
+
session = UserSession.new(login: ben.login, password: "badpassword1")
|
70
|
+
refute session.save
|
70
71
|
assert session.invalid_password?
|
71
72
|
assert_equal i + 1, ben.reload.failed_login_count
|
72
73
|
end
|
73
74
|
|
74
|
-
ActiveRecord::Base.connection.execute(
|
75
|
-
|
75
|
+
ActiveRecord::Base.connection.execute(
|
76
|
+
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
77
|
+
)
|
78
|
+
session = UserSession.new(login: ben.login, password: "benrocks")
|
76
79
|
assert session.save
|
77
80
|
assert_equal 0, ben.reload.failed_login_count
|
78
81
|
|
@@ -85,15 +88,17 @@ module SessionTest
|
|
85
88
|
ben = users(:ben)
|
86
89
|
|
87
90
|
2.times do |i|
|
88
|
-
session = UserSession.new(:
|
89
|
-
|
90
|
-
|
91
|
+
session = UserSession.new(login: ben.login, password: "badpassword1")
|
92
|
+
refute session.save
|
93
|
+
refute session.errors[:password].empty?
|
91
94
|
assert_equal i + 1, ben.reload.failed_login_count
|
92
95
|
end
|
93
96
|
|
94
|
-
ActiveRecord::Base.connection.execute(
|
95
|
-
|
96
|
-
|
97
|
+
ActiveRecord::Base.connection.execute(
|
98
|
+
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
99
|
+
)
|
100
|
+
session = UserSession.new(login: ben.login, password: "badpassword1")
|
101
|
+
refute session.save
|
97
102
|
assert_equal 1, ben.reload.failed_login_count
|
98
103
|
|
99
104
|
UserSession.consecutive_failed_logins_limit = 50
|
@@ -1,9 +1,9 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module SessionTest
|
4
4
|
class CallbacksTest < ActiveSupport::TestCase
|
5
5
|
def setup
|
6
|
-
|
6
|
+
WackyUserSession.reset_callbacks(:persist)
|
7
7
|
end
|
8
8
|
|
9
9
|
def test_no_callbacks
|
@@ -15,7 +15,10 @@ module SessionTest
|
|
15
15
|
|
16
16
|
def test_true_callback_cancelling_later_callbacks
|
17
17
|
WackyUserSession.persist :persist_by_true, :persist_by_false
|
18
|
-
assert_equal
|
18
|
+
assert_equal(
|
19
|
+
%i[persist_by_true persist_by_false],
|
20
|
+
WackyUserSession._persist_callbacks.map(&:filter)
|
21
|
+
)
|
19
22
|
|
20
23
|
session = WackyUserSession.new
|
21
24
|
session.send(:persist)
|
@@ -24,7 +27,10 @@ module SessionTest
|
|
24
27
|
|
25
28
|
def test_false_callback_continuing_to_later_callbacks
|
26
29
|
WackyUserSession.persist :persist_by_false, :persist_by_true
|
27
|
-
assert_equal
|
30
|
+
assert_equal(
|
31
|
+
%i[persist_by_false persist_by_true],
|
32
|
+
WackyUserSession._persist_callbacks.map(&:filter)
|
33
|
+
)
|
28
34
|
|
29
35
|
session = WackyUserSession.new
|
30
36
|
session.send(:persist)
|
@@ -1,8 +1,8 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module SessionTest
|
4
4
|
module CookiesTest
|
5
|
-
class
|
5
|
+
class ConfigTest < ActiveSupport::TestCase
|
6
6
|
def test_cookie_key
|
7
7
|
UserSession.cookie_key = "my_cookie_key"
|
8
8
|
assert_equal "my_cookie_key", UserSession.cookie_key
|
@@ -43,7 +43,6 @@ module SessionTest
|
|
43
43
|
end
|
44
44
|
|
45
45
|
def test_secure
|
46
|
-
UserSession.secure = true
|
47
46
|
assert_equal true, UserSession.secure
|
48
47
|
session = UserSession.new
|
49
48
|
assert_equal true, session.secure
|
@@ -55,7 +54,6 @@ module SessionTest
|
|
55
54
|
end
|
56
55
|
|
57
56
|
def test_httponly
|
58
|
-
UserSession.httponly = true
|
59
57
|
assert_equal true, UserSession.httponly
|
60
58
|
session = UserSession.new
|
61
59
|
assert_equal true, session.httponly
|
@@ -66,6 +64,21 @@ module SessionTest
|
|
66
64
|
assert_equal false, session.httponly
|
67
65
|
end
|
68
66
|
|
67
|
+
def test_same_site
|
68
|
+
assert_nil UserSession.same_site
|
69
|
+
assert_nil UserSession.new.same_site
|
70
|
+
|
71
|
+
UserSession.same_site "Strict"
|
72
|
+
assert_equal "Strict", UserSession.same_site
|
73
|
+
session = UserSession.new
|
74
|
+
assert_equal "Strict", session.same_site
|
75
|
+
session.same_site = "Lax"
|
76
|
+
assert_equal "Lax", session.same_site
|
77
|
+
|
78
|
+
assert_raise(ArgumentError) { UserSession.same_site "foo" }
|
79
|
+
assert_raise(ArgumentError) { UserSession.new.same_site "foo" }
|
80
|
+
end
|
81
|
+
|
69
82
|
def test_sign_cookie
|
70
83
|
UserSession.sign_cookie = true
|
71
84
|
assert_equal true, UserSession.sign_cookie
|
@@ -82,18 +95,18 @@ module SessionTest
|
|
82
95
|
class InstanceMethodsTest < ActiveSupport::TestCase
|
83
96
|
def test_credentials
|
84
97
|
session = UserSession.new
|
85
|
-
session.credentials = {:
|
98
|
+
session.credentials = { remember_me: true }
|
86
99
|
assert_equal true, session.remember_me
|
87
100
|
end
|
88
101
|
|
89
102
|
def test_remember_me
|
90
103
|
session = UserSession.new
|
91
104
|
assert_equal false, session.remember_me
|
92
|
-
|
105
|
+
refute session.remember_me?
|
93
106
|
|
94
107
|
session.remember_me = false
|
95
108
|
assert_equal false, session.remember_me
|
96
|
-
|
109
|
+
refute session.remember_me?
|
97
110
|
|
98
111
|
session.remember_me = true
|
99
112
|
assert_equal true, session.remember_me
|
@@ -101,7 +114,7 @@ module SessionTest
|
|
101
114
|
|
102
115
|
session.remember_me = nil
|
103
116
|
assert_nil session.remember_me
|
104
|
-
|
117
|
+
refute session.remember_me?
|
105
118
|
|
106
119
|
session.remember_me = "1"
|
107
120
|
assert_equal "1", session.remember_me
|
@@ -122,7 +135,7 @@ module SessionTest
|
|
122
135
|
|
123
136
|
def test_persist_persist_by_cookie
|
124
137
|
ben = users(:ben)
|
125
|
-
|
138
|
+
refute UserSession.find
|
126
139
|
set_cookie_for(ben)
|
127
140
|
assert session = UserSession.find
|
128
141
|
assert_equal ben, session.record
|
@@ -131,9 +144,9 @@ module SessionTest
|
|
131
144
|
def test_persist_persist_by_cookie_with_blank_persistence_token
|
132
145
|
ben = users(:ben)
|
133
146
|
ben.update_column(:persistence_token, "")
|
134
|
-
|
147
|
+
refute UserSession.find
|
135
148
|
set_cookie_for(ben)
|
136
|
-
|
149
|
+
refute UserSession.find
|
137
150
|
end
|
138
151
|
|
139
152
|
def test_remember_me_expired
|
@@ -141,19 +154,22 @@ module SessionTest
|
|
141
154
|
session = UserSession.new(ben)
|
142
155
|
session.remember_me = true
|
143
156
|
assert session.save
|
144
|
-
|
157
|
+
refute session.remember_me_expired?
|
145
158
|
|
146
159
|
session = UserSession.new(ben)
|
147
160
|
session.remember_me = false
|
148
161
|
assert session.save
|
149
|
-
|
162
|
+
refute session.remember_me_expired?
|
150
163
|
end
|
151
164
|
|
152
165
|
def test_after_save_save_cookie
|
153
166
|
ben = users(:ben)
|
154
167
|
session = UserSession.new(ben)
|
155
168
|
assert session.save
|
156
|
-
assert_equal
|
169
|
+
assert_equal(
|
170
|
+
"#{ben.persistence_token}::#{ben.id}",
|
171
|
+
controller.cookies["user_credentials"]
|
172
|
+
)
|
157
173
|
end
|
158
174
|
|
159
175
|
def test_after_save_save_cookie_signed
|
@@ -166,15 +182,33 @@ module SessionTest
|
|
166
182
|
session.sign_cookie = true
|
167
183
|
assert session.save
|
168
184
|
assert_equal payload, controller.cookies.signed["user_credentials"]
|
169
|
-
assert_equal
|
185
|
+
assert_equal(
|
186
|
+
"#{payload}--#{Digest::SHA1.hexdigest payload}",
|
187
|
+
controller.cookies.signed.parent_jar["user_credentials"]
|
188
|
+
)
|
170
189
|
end
|
171
190
|
|
172
191
|
def test_after_save_save_cookie_with_remember_me
|
173
|
-
|
174
|
-
|
175
|
-
|
192
|
+
Timecop.freeze do
|
193
|
+
ben = users(:ben)
|
194
|
+
session = UserSession.new(ben)
|
195
|
+
session.remember_me = true
|
196
|
+
assert session.save
|
197
|
+
assert_equal(
|
198
|
+
"#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
|
199
|
+
controller.cookies["user_credentials"]
|
200
|
+
)
|
201
|
+
end
|
202
|
+
end
|
203
|
+
|
204
|
+
def test_after_save_save_cookie_with_same_site
|
205
|
+
session = UserSession.new(users(:ben))
|
206
|
+
session.same_site = "Strict"
|
176
207
|
assert session.save
|
177
|
-
assert_equal
|
208
|
+
assert_equal(
|
209
|
+
"Strict",
|
210
|
+
controller.cookies.set_cookies["user_credentials"][:same_site]
|
211
|
+
)
|
178
212
|
end
|
179
213
|
|
180
214
|
def test_after_destroy_destroy_cookie
|
@@ -183,7 +217,7 @@ module SessionTest
|
|
183
217
|
session = UserSession.find
|
184
218
|
assert controller.cookies["user_credentials"]
|
185
219
|
assert session.destroy
|
186
|
-
|
220
|
+
refute controller.cookies["user_credentials"]
|
187
221
|
end
|
188
222
|
end
|
189
223
|
end
|
@@ -1,64 +1,86 @@
|
|
1
|
-
require
|
1
|
+
require "test_helper"
|
2
2
|
|
3
3
|
module SessionTest
|
4
4
|
module ExistenceTest
|
5
5
|
class ClassMethodsTest < ActiveSupport::TestCase
|
6
|
-
def
|
6
|
+
def test_create_with_good_credentials
|
7
7
|
ben = users(:ben)
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
8
|
+
session = UserSession.create(login: ben.login, password: "benrocks")
|
9
|
+
refute session.new_session?
|
10
|
+
end
|
11
|
+
|
12
|
+
def test_create_with_bad_credentials
|
13
|
+
session = UserSession.create(login: "somelogin", password: "badpw2")
|
14
|
+
assert session.new_session?
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_create_bang
|
18
|
+
ben = users(:ben)
|
19
|
+
err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
|
20
|
+
UserSession.create!(login: ben.login, password: "badpw")
|
21
|
+
end
|
22
|
+
assert_includes err.message, "Password is not valid"
|
23
|
+
refute UserSession.create!(login: ben.login, password: "benrocks").new_session?
|
12
24
|
end
|
13
25
|
end
|
14
|
-
|
15
|
-
class
|
26
|
+
|
27
|
+
class InstanceMethodsTest < ActiveSupport::TestCase
|
16
28
|
def test_new_session
|
17
29
|
session = UserSession.new
|
18
30
|
assert session.new_session?
|
19
|
-
|
31
|
+
|
20
32
|
set_session_for(users(:ben))
|
21
33
|
session = UserSession.find
|
22
|
-
|
34
|
+
refute session.new_session?
|
23
35
|
end
|
24
|
-
|
36
|
+
|
25
37
|
def test_save_with_nothing
|
26
38
|
session = UserSession.new
|
27
|
-
|
39
|
+
refute session.save
|
28
40
|
assert session.new_session?
|
29
41
|
end
|
30
|
-
|
42
|
+
|
31
43
|
def test_save_with_block
|
32
|
-
ben = users(:ben)
|
33
44
|
session = UserSession.new
|
34
45
|
block_result = session.save do |result|
|
35
|
-
|
46
|
+
refute result
|
36
47
|
end
|
37
|
-
|
48
|
+
refute block_result
|
38
49
|
assert session.new_session?
|
39
50
|
end
|
40
|
-
|
51
|
+
|
41
52
|
def test_save_with_bang
|
42
53
|
session = UserSession.new
|
43
54
|
assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
|
44
|
-
|
55
|
+
|
45
56
|
session.unauthorized_record = users(:ben)
|
46
57
|
assert_nothing_raised { session.save! }
|
47
58
|
end
|
48
|
-
|
59
|
+
|
49
60
|
def test_destroy
|
50
61
|
ben = users(:ben)
|
51
62
|
session = UserSession.new
|
52
|
-
|
53
|
-
|
63
|
+
refute session.valid?
|
64
|
+
refute session.errors.empty?
|
54
65
|
assert session.destroy
|
55
66
|
assert session.errors.empty?
|
56
67
|
session.unauthorized_record = ben
|
57
68
|
assert session.save
|
58
69
|
assert session.record
|
59
70
|
assert session.destroy
|
60
|
-
|
71
|
+
refute session.record
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
class SessionInvalidErrorTest < ActiveSupport::TestCase
|
76
|
+
def test_message
|
77
|
+
session = UserSession.new
|
78
|
+
assert !session.valid?
|
79
|
+
error = Authlogic::Session::Existence::SessionInvalidError.new(session)
|
80
|
+
message = "Your session is invalid and has the following errors: " +
|
81
|
+
session.errors.full_messages.to_sentence
|
82
|
+
assert_equal message, error.message
|
61
83
|
end
|
62
84
|
end
|
63
85
|
end
|
64
|
-
end
|
86
|
+
end
|