authlogic 3.5.0 → 3.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.rubocop_todo.yml +1 -37
- data/.travis.yml +11 -6
- data/CHANGELOG.md +19 -0
- data/CONTRIBUTING.md +13 -2
- data/README.md +2 -3
- data/authlogic.gemspec +5 -5
- data/lib/authlogic/acts_as_authentic/base.rb +4 -2
- data/lib/authlogic/acts_as_authentic/email.rb +8 -3
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +21 -3
- data/lib/authlogic/acts_as_authentic/login.rb +44 -25
- data/lib/authlogic/acts_as_authentic/password.rb +28 -12
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +21 -12
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +16 -9
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +5 -3
- data/lib/authlogic/authenticates_many/association.rb +7 -4
- data/lib/authlogic/controller_adapters/rack_adapter.rb +6 -2
- data/lib/authlogic/controller_adapters/rails_adapter.rb +11 -8
- data/lib/authlogic/crypto_providers/bcrypt.rb +4 -1
- data/lib/authlogic/crypto_providers/sha512.rb +15 -10
- data/lib/authlogic/session/activation.rb +19 -10
- data/lib/authlogic/session/cookies.rb +3 -1
- data/lib/authlogic/session/id.rb +13 -7
- data/lib/authlogic/session/magic_columns.rb +19 -10
- data/lib/authlogic/session/magic_states.rb +7 -1
- data/lib/authlogic/session/password.rb +48 -34
- data/lib/authlogic/session/perishable_token.rb +7 -3
- data/lib/authlogic/session/validation.rb +13 -11
- data/lib/authlogic/test_case.rb +52 -32
- data/test/acts_as_authentic_test/email_test.rb +33 -29
- data/test/acts_as_authentic_test/logged_in_status_test.rb +2 -2
- data/test/acts_as_authentic_test/login_test.rb +50 -37
- data/test/acts_as_authentic_test/magic_columns_test.rb +8 -8
- data/test/acts_as_authentic_test/password_test.rb +14 -14
- data/test/acts_as_authentic_test/perishable_token_test.rb +5 -5
- data/test/acts_as_authentic_test/persistence_token_test.rb +4 -4
- data/test/acts_as_authentic_test/restful_authentication_test.rb +6 -6
- data/test/acts_as_authentic_test/session_maintenance_test.rb +15 -10
- data/test/acts_as_authentic_test/single_access_test.rb +6 -6
- data/test/authenticates_many_test.rb +1 -1
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/session_test/activation_test.rb +1 -1
- data/test/session_test/active_record_trickery_test.rb +3 -3
- data/test/session_test/brute_force_protection_test.rb +19 -14
- data/test/session_test/cookies_test.rb +21 -12
- data/test/session_test/existence_test.rb +15 -10
- data/test/session_test/http_auth_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +7 -4
- data/test/session_test/magic_states_test.rb +7 -9
- data/test/session_test/params_test.rb +6 -6
- data/test/session_test/password_test.rb +2 -2
- data/test/session_test/perishability_test.rb +1 -1
- data/test/session_test/persistence_test.rb +2 -2
- data/test/session_test/timeout_test.rb +7 -5
- data/test/session_test/validation_test.rb +1 -1
- data/test/test_helper.rb +10 -2
- metadata +10 -7
@@ -5,23 +5,23 @@ module ActsAsAuthenticTest
|
|
5
5
|
def test_validates_numericality_of_login_count
|
6
6
|
u = User.new
|
7
7
|
u.login_count = -1
|
8
|
-
|
9
|
-
|
8
|
+
refute u.valid?
|
9
|
+
refute u.errors[:login_count].empty?
|
10
10
|
|
11
11
|
u.login_count = 0
|
12
|
-
|
13
|
-
assert u.errors[:login_count].
|
12
|
+
refute u.valid?
|
13
|
+
assert u.errors[:login_count].empty?
|
14
14
|
end
|
15
15
|
|
16
16
|
def test_validates_numericality_of_failed_login_count
|
17
17
|
u = User.new
|
18
18
|
u.failed_login_count = -1
|
19
|
-
|
20
|
-
|
19
|
+
refute u.valid?
|
20
|
+
refute u.errors[:failed_login_count].empty?
|
21
21
|
|
22
22
|
u.failed_login_count = 0
|
23
|
-
|
24
|
-
assert u.errors[:failed_login_count].
|
23
|
+
refute u.valid?
|
24
|
+
assert u.errors[:failed_login_count].empty?
|
25
25
|
end
|
26
26
|
end
|
27
27
|
end
|
@@ -28,7 +28,7 @@ module ActsAsAuthenticTest
|
|
28
28
|
assert Employee.ignore_blank_passwords
|
29
29
|
|
30
30
|
User.ignore_blank_passwords = false
|
31
|
-
|
31
|
+
refute User.ignore_blank_passwords
|
32
32
|
User.ignore_blank_passwords true
|
33
33
|
assert User.ignore_blank_passwords
|
34
34
|
end
|
@@ -36,7 +36,7 @@ module ActsAsAuthenticTest
|
|
36
36
|
def test_check_passwords_against_database
|
37
37
|
assert User.check_passwords_against_database
|
38
38
|
User.check_passwords_against_database = false
|
39
|
-
|
39
|
+
refute User.check_passwords_against_database
|
40
40
|
User.check_passwords_against_database true
|
41
41
|
assert User.check_passwords_against_database
|
42
42
|
end
|
@@ -46,7 +46,7 @@ module ActsAsAuthenticTest
|
|
46
46
|
assert Employee.validate_password_field
|
47
47
|
|
48
48
|
User.validate_password_field = false
|
49
|
-
|
49
|
+
refute User.validate_password_field
|
50
50
|
User.validate_password_field true
|
51
51
|
assert User.validate_password_field
|
52
52
|
end
|
@@ -109,7 +109,7 @@ module ActsAsAuthenticTest
|
|
109
109
|
assert u.valid?
|
110
110
|
|
111
111
|
u.password = u.password_confirmation = "abcdef"
|
112
|
-
|
112
|
+
refute u.valid?
|
113
113
|
|
114
114
|
assert u.errors[:password].include?("is too short (minimum is 8 characters)")
|
115
115
|
assert u.errors[:password_confirmation].include?("is too short (minimum is 8 characters)")
|
@@ -120,7 +120,7 @@ module ActsAsAuthenticTest
|
|
120
120
|
assert u.valid?
|
121
121
|
|
122
122
|
u.password_confirmation = "abcdefghij"
|
123
|
-
|
123
|
+
refute u.valid?
|
124
124
|
|
125
125
|
if ActiveModel.respond_to?(:version) and ActiveModel.version.segments.first >= 4
|
126
126
|
assert u.errors[:password_confirmation].include?("doesn't match Password")
|
@@ -134,19 +134,19 @@ module ActsAsAuthenticTest
|
|
134
134
|
|
135
135
|
u.password = "testpass"
|
136
136
|
u.password_confirmation = ""
|
137
|
-
|
138
|
-
|
137
|
+
refute u.valid?
|
138
|
+
refute u.errors[:password_confirmation].empty?
|
139
139
|
|
140
140
|
u.password_confirmation = "testpass"
|
141
|
-
|
142
|
-
assert u.errors[:password_confirmation].
|
141
|
+
refute u.valid?
|
142
|
+
assert u.errors[:password_confirmation].empty?
|
143
143
|
|
144
144
|
ben = users(:ben)
|
145
145
|
assert ben.valid?
|
146
146
|
|
147
147
|
ben.password = "newpasswd"
|
148
|
-
|
149
|
-
|
148
|
+
refute ben.valid?
|
149
|
+
refute ben.errors[:password_confirmation].empty?
|
150
150
|
|
151
151
|
ben.password_confirmation = "newpasswd"
|
152
152
|
assert ben.valid?
|
@@ -180,21 +180,21 @@ module ActsAsAuthenticTest
|
|
180
180
|
def test_checks_password_against_database
|
181
181
|
ben = users(:aaron)
|
182
182
|
ben.password = "new pass"
|
183
|
-
|
183
|
+
refute ben.valid_password?("new pass")
|
184
184
|
assert ben.valid_password?("aaronrocks")
|
185
185
|
end
|
186
186
|
|
187
187
|
def test_checks_password_against_database_and_always_fails_on_new_records
|
188
188
|
user = User.new
|
189
189
|
user.password = "new pass"
|
190
|
-
|
190
|
+
refute user.valid_password?("new pass")
|
191
191
|
end
|
192
192
|
|
193
193
|
def test_checks_password_against_object
|
194
194
|
ben = users(:ben)
|
195
195
|
ben.password = "new pass"
|
196
196
|
assert ben.valid_password?("new pass", false)
|
197
|
-
|
197
|
+
refute ben.valid_password?("benrocks", false)
|
198
198
|
end
|
199
199
|
|
200
200
|
def test_reset_password
|
@@ -13,20 +13,20 @@ module ActsAsAuthenticTest
|
|
13
13
|
end
|
14
14
|
|
15
15
|
def test_disable_perishable_token_maintenance_config
|
16
|
-
|
17
|
-
|
16
|
+
refute User.disable_perishable_token_maintenance
|
17
|
+
refute Employee.disable_perishable_token_maintenance
|
18
18
|
|
19
19
|
User.disable_perishable_token_maintenance = true
|
20
20
|
assert User.disable_perishable_token_maintenance
|
21
21
|
User.disable_perishable_token_maintenance false
|
22
|
-
|
22
|
+
refute User.disable_perishable_token_maintenance
|
23
23
|
end
|
24
24
|
|
25
25
|
def test_validates_uniqueness_of_perishable_token
|
26
26
|
u = User.new
|
27
27
|
u.perishable_token = users(:ben).perishable_token
|
28
|
-
|
29
|
-
|
28
|
+
refute u.valid?
|
29
|
+
refute u.errors[:perishable_token].empty?
|
30
30
|
end
|
31
31
|
|
32
32
|
def test_before_save_reset_perishable_token
|
@@ -24,7 +24,7 @@ module ActsAsAuthenticTest
|
|
24
24
|
|
25
25
|
def test_before_validate_reset_persistence_token
|
26
26
|
u = User.new
|
27
|
-
|
27
|
+
refute u.valid?
|
28
28
|
assert_not_nil u.persistence_token
|
29
29
|
end
|
30
30
|
|
@@ -34,8 +34,8 @@ module ActsAsAuthenticTest
|
|
34
34
|
assert UserSession.find
|
35
35
|
assert UserSession.find(:ziggity_zack)
|
36
36
|
User.forget_all
|
37
|
-
|
38
|
-
|
37
|
+
refute UserSession.find
|
38
|
+
refute UserSession.find(:ziggity_zack)
|
39
39
|
end
|
40
40
|
|
41
41
|
def test_forget
|
@@ -49,7 +49,7 @@ module ActsAsAuthenticTest
|
|
49
49
|
|
50
50
|
ben.forget!
|
51
51
|
|
52
|
-
|
52
|
+
refute UserSession.find
|
53
53
|
assert UserSession.find(:ziggity_zack)
|
54
54
|
end
|
55
55
|
end
|
@@ -3,8 +3,8 @@ require 'test_helper'
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class RestfulAuthenticationTest < ActiveSupport::TestCase
|
5
5
|
def test_act_like_restful_authentication_config
|
6
|
-
|
7
|
-
|
6
|
+
refute User.act_like_restful_authentication
|
7
|
+
refute Employee.act_like_restful_authentication
|
8
8
|
|
9
9
|
User.act_like_restful_authentication = true
|
10
10
|
assert User.act_like_restful_authentication
|
@@ -14,15 +14,15 @@ module ActsAsAuthenticTest
|
|
14
14
|
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
15
15
|
|
16
16
|
User.act_like_restful_authentication false
|
17
|
-
|
17
|
+
refute User.act_like_restful_authentication
|
18
18
|
|
19
19
|
User.crypto_provider = Authlogic::CryptoProviders::Sha512
|
20
20
|
User.transition_from_crypto_providers = []
|
21
21
|
end
|
22
22
|
|
23
23
|
def test_transition_from_restful_authentication_config
|
24
|
-
|
25
|
-
|
24
|
+
refute User.transition_from_restful_authentication
|
25
|
+
refute Employee.transition_from_restful_authentication
|
26
26
|
|
27
27
|
User.transition_from_restful_authentication = true
|
28
28
|
assert User.transition_from_restful_authentication
|
@@ -31,7 +31,7 @@ module ActsAsAuthenticTest
|
|
31
31
|
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
32
32
|
|
33
33
|
User.transition_from_restful_authentication false
|
34
|
-
|
34
|
+
refute User.transition_from_restful_authentication
|
35
35
|
end
|
36
36
|
end
|
37
37
|
end
|
@@ -5,20 +5,19 @@ module ActsAsAuthenticTest
|
|
5
5
|
def test_maintain_sessions_config
|
6
6
|
assert User.maintain_sessions
|
7
7
|
User.maintain_sessions = false
|
8
|
-
|
8
|
+
refute User.maintain_sessions
|
9
9
|
User.maintain_sessions true
|
10
10
|
assert User.maintain_sessions
|
11
11
|
end
|
12
12
|
|
13
13
|
def test_login_after_create
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
:email => "awesome@awesome.com"
|
20
|
-
)
|
14
|
+
user = User.create(
|
15
|
+
:login => "awesome",
|
16
|
+
:password => "saweeeet",
|
17
|
+
:password_confirmation => "saweeeet",
|
18
|
+
:email => "awesome@awesome.com"
|
21
19
|
)
|
20
|
+
assert user.persisted?
|
22
21
|
assert UserSession.find
|
23
22
|
end
|
24
23
|
|
@@ -60,7 +59,13 @@ module ActsAsAuthenticTest
|
|
60
59
|
UserSession.create(ben)
|
61
60
|
old_session_key = controller.session["user_credentials"]
|
62
61
|
old_cookie_key = controller.cookies["user_credentials"]
|
63
|
-
|
62
|
+
user = User.create(
|
63
|
+
:login => "awesome",
|
64
|
+
:password => "saweet", # Password is too short, user invalid
|
65
|
+
:password_confirmation => "saweet",
|
66
|
+
:email => "awesome@saweet.com"
|
67
|
+
)
|
68
|
+
refute user.persisted?
|
64
69
|
assert_equal controller.session["user_credentials"], old_session_key
|
65
70
|
assert_equal controller.cookies["user_credentials"], old_cookie_key
|
66
71
|
end
|
@@ -80,7 +85,7 @@ module ActsAsAuthenticTest
|
|
80
85
|
|
81
86
|
def test_resetting_password_when_logged_out
|
82
87
|
ben = users(:ben)
|
83
|
-
|
88
|
+
refute UserSession.find
|
84
89
|
ben.password = "newpasswd"
|
85
90
|
ben.password_confirmation = "newpasswd"
|
86
91
|
assert ben.save
|
@@ -3,25 +3,25 @@ require 'test_helper'
|
|
3
3
|
module ActsAsAuthenticTest
|
4
4
|
class SingleAccessTest < ActiveSupport::TestCase
|
5
5
|
def test_change_single_access_token_with_password_config
|
6
|
-
|
7
|
-
|
6
|
+
refute User.change_single_access_token_with_password
|
7
|
+
refute Employee.change_single_access_token_with_password
|
8
8
|
|
9
9
|
User.change_single_access_token_with_password = true
|
10
10
|
assert User.change_single_access_token_with_password
|
11
11
|
User.change_single_access_token_with_password false
|
12
|
-
|
12
|
+
refute User.change_single_access_token_with_password
|
13
13
|
end
|
14
14
|
|
15
15
|
def test_validates_uniqueness_of_single_access_token
|
16
16
|
u = User.new
|
17
17
|
u.single_access_token = users(:ben).single_access_token
|
18
|
-
|
19
|
-
|
18
|
+
refute u.valid?
|
19
|
+
refute u.errors[:single_access_token].empty?
|
20
20
|
end
|
21
21
|
|
22
22
|
def test_before_validation_reset_single_access_token
|
23
23
|
u = User.new
|
24
|
-
|
24
|
+
refute u.valid?
|
25
25
|
assert_not_nil u.single_access_token
|
26
26
|
end
|
27
27
|
|
@@ -49,18 +49,18 @@ module SessionTest
|
|
49
49
|
|
50
50
|
def test_persisted
|
51
51
|
session = UserSession.new(users(:ben))
|
52
|
-
|
52
|
+
refute session.persisted?
|
53
53
|
|
54
54
|
session.save
|
55
55
|
assert session.persisted?
|
56
56
|
|
57
57
|
session.destroy
|
58
|
-
|
58
|
+
refute session.persisted?
|
59
59
|
end
|
60
60
|
|
61
61
|
def test_destroyed?
|
62
62
|
session = UserSession.create(users(:ben))
|
63
|
-
|
63
|
+
refute session.destroyed?
|
64
64
|
|
65
65
|
session.destroy
|
66
66
|
assert session.destroyed?
|
@@ -25,19 +25,20 @@ module SessionTest
|
|
25
25
|
ben = users(:ben)
|
26
26
|
ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
|
27
27
|
assert ben.save
|
28
|
-
|
28
|
+
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
29
|
+
refute session.new_session?
|
29
30
|
end
|
30
31
|
|
31
32
|
def test_exceeded_limit
|
32
33
|
ben = users(:ben)
|
33
34
|
ben.failed_login_count = UserSession.consecutive_failed_logins_limit
|
34
35
|
assert ben.save
|
35
|
-
|
36
|
+
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
37
|
+
assert session.new_session?
|
36
38
|
assert UserSession.create(ben).new_session?
|
37
|
-
|
38
39
|
ben.reload
|
39
40
|
ben.updated_at = (UserSession.failed_login_ban_for + 2.hours.to_i).seconds.ago
|
40
|
-
|
41
|
+
refute UserSession.create(ben).new_session?
|
41
42
|
end
|
42
43
|
|
43
44
|
def test_exceeding_failed_logins_limit
|
@@ -46,14 +47,14 @@ module SessionTest
|
|
46
47
|
|
47
48
|
2.times do |i|
|
48
49
|
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
49
|
-
|
50
|
-
|
50
|
+
refute session.save
|
51
|
+
refute session.errors[:password].empty?
|
51
52
|
assert_equal i + 1, ben.reload.failed_login_count
|
52
53
|
end
|
53
54
|
|
54
55
|
session = UserSession.new(:login => ben.login, :password => "badpassword2")
|
55
|
-
|
56
|
-
assert session.errors[:password].
|
56
|
+
refute session.save
|
57
|
+
assert session.errors[:password].empty?
|
57
58
|
assert_equal 3, ben.reload.failed_login_count
|
58
59
|
|
59
60
|
UserSession.consecutive_failed_logins_limit = 50
|
@@ -66,12 +67,14 @@ module SessionTest
|
|
66
67
|
|
67
68
|
2.times do |i|
|
68
69
|
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
69
|
-
|
70
|
+
refute session.save
|
70
71
|
assert session.invalid_password?
|
71
72
|
assert_equal i + 1, ben.reload.failed_login_count
|
72
73
|
end
|
73
74
|
|
74
|
-
ActiveRecord::Base.connection.execute(
|
75
|
+
ActiveRecord::Base.connection.execute(
|
76
|
+
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
77
|
+
)
|
75
78
|
session = UserSession.new(:login => ben.login, :password => "benrocks")
|
76
79
|
assert session.save
|
77
80
|
assert_equal 0, ben.reload.failed_login_count
|
@@ -86,14 +89,16 @@ module SessionTest
|
|
86
89
|
|
87
90
|
2.times do |i|
|
88
91
|
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
89
|
-
|
90
|
-
|
92
|
+
refute session.save
|
93
|
+
refute session.errors[:password].empty?
|
91
94
|
assert_equal i + 1, ben.reload.failed_login_count
|
92
95
|
end
|
93
96
|
|
94
|
-
ActiveRecord::Base.connection.execute(
|
97
|
+
ActiveRecord::Base.connection.execute(
|
98
|
+
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
99
|
+
)
|
95
100
|
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
96
|
-
|
101
|
+
refute session.save
|
97
102
|
assert_equal 1, ben.reload.failed_login_count
|
98
103
|
|
99
104
|
UserSession.consecutive_failed_logins_limit = 50
|
@@ -89,11 +89,11 @@ module SessionTest
|
|
89
89
|
def test_remember_me
|
90
90
|
session = UserSession.new
|
91
91
|
assert_equal false, session.remember_me
|
92
|
-
|
92
|
+
refute session.remember_me?
|
93
93
|
|
94
94
|
session.remember_me = false
|
95
95
|
assert_equal false, session.remember_me
|
96
|
-
|
96
|
+
refute session.remember_me?
|
97
97
|
|
98
98
|
session.remember_me = true
|
99
99
|
assert_equal true, session.remember_me
|
@@ -101,7 +101,7 @@ module SessionTest
|
|
101
101
|
|
102
102
|
session.remember_me = nil
|
103
103
|
assert_nil session.remember_me
|
104
|
-
|
104
|
+
refute session.remember_me?
|
105
105
|
|
106
106
|
session.remember_me = "1"
|
107
107
|
assert_equal "1", session.remember_me
|
@@ -122,7 +122,7 @@ module SessionTest
|
|
122
122
|
|
123
123
|
def test_persist_persist_by_cookie
|
124
124
|
ben = users(:ben)
|
125
|
-
|
125
|
+
refute UserSession.find
|
126
126
|
set_cookie_for(ben)
|
127
127
|
assert session = UserSession.find
|
128
128
|
assert_equal ben, session.record
|
@@ -131,9 +131,9 @@ module SessionTest
|
|
131
131
|
def test_persist_persist_by_cookie_with_blank_persistence_token
|
132
132
|
ben = users(:ben)
|
133
133
|
ben.update_column(:persistence_token, "")
|
134
|
-
|
134
|
+
refute UserSession.find
|
135
135
|
set_cookie_for(ben)
|
136
|
-
|
136
|
+
refute UserSession.find
|
137
137
|
end
|
138
138
|
|
139
139
|
def test_remember_me_expired
|
@@ -141,19 +141,22 @@ module SessionTest
|
|
141
141
|
session = UserSession.new(ben)
|
142
142
|
session.remember_me = true
|
143
143
|
assert session.save
|
144
|
-
|
144
|
+
refute session.remember_me_expired?
|
145
145
|
|
146
146
|
session = UserSession.new(ben)
|
147
147
|
session.remember_me = false
|
148
148
|
assert session.save
|
149
|
-
|
149
|
+
refute session.remember_me_expired?
|
150
150
|
end
|
151
151
|
|
152
152
|
def test_after_save_save_cookie
|
153
153
|
ben = users(:ben)
|
154
154
|
session = UserSession.new(ben)
|
155
155
|
assert session.save
|
156
|
-
assert_equal
|
156
|
+
assert_equal(
|
157
|
+
"#{ben.persistence_token}::#{ben.id}",
|
158
|
+
controller.cookies["user_credentials"]
|
159
|
+
)
|
157
160
|
end
|
158
161
|
|
159
162
|
def test_after_save_save_cookie_signed
|
@@ -166,7 +169,10 @@ module SessionTest
|
|
166
169
|
session.sign_cookie = true
|
167
170
|
assert session.save
|
168
171
|
assert_equal payload, controller.cookies.signed["user_credentials"]
|
169
|
-
assert_equal
|
172
|
+
assert_equal(
|
173
|
+
"#{payload}--#{Digest::SHA1.hexdigest payload}",
|
174
|
+
controller.cookies.signed.parent_jar["user_credentials"]
|
175
|
+
)
|
170
176
|
end
|
171
177
|
|
172
178
|
def test_after_save_save_cookie_with_remember_me
|
@@ -175,7 +181,10 @@ module SessionTest
|
|
175
181
|
session = UserSession.new(ben)
|
176
182
|
session.remember_me = true
|
177
183
|
assert session.save
|
178
|
-
assert_equal
|
184
|
+
assert_equal(
|
185
|
+
"#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
|
186
|
+
controller.cookies["user_credentials"]
|
187
|
+
)
|
179
188
|
end
|
180
189
|
end
|
181
190
|
|
@@ -185,7 +194,7 @@ module SessionTest
|
|
185
194
|
session = UserSession.find
|
186
195
|
assert controller.cookies["user_credentials"]
|
187
196
|
assert session.destroy
|
188
|
-
|
197
|
+
refute controller.cookies["user_credentials"]
|
189
198
|
end
|
190
199
|
end
|
191
200
|
end
|