authlogic 3.5.0 → 3.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/ISSUE_TEMPLATE.md +13 -0
- data/.rubocop_todo.yml +1 -37
- data/.travis.yml +11 -6
- data/CHANGELOG.md +19 -0
- data/CONTRIBUTING.md +13 -2
- data/README.md +2 -3
- data/authlogic.gemspec +5 -5
- data/lib/authlogic/acts_as_authentic/base.rb +4 -2
- data/lib/authlogic/acts_as_authentic/email.rb +8 -3
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +21 -3
- data/lib/authlogic/acts_as_authentic/login.rb +44 -25
- data/lib/authlogic/acts_as_authentic/password.rb +28 -12
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +21 -12
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +16 -9
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +5 -3
- data/lib/authlogic/authenticates_many/association.rb +7 -4
- data/lib/authlogic/controller_adapters/rack_adapter.rb +6 -2
- data/lib/authlogic/controller_adapters/rails_adapter.rb +11 -8
- data/lib/authlogic/crypto_providers/bcrypt.rb +4 -1
- data/lib/authlogic/crypto_providers/sha512.rb +15 -10
- data/lib/authlogic/session/activation.rb +19 -10
- data/lib/authlogic/session/cookies.rb +3 -1
- data/lib/authlogic/session/id.rb +13 -7
- data/lib/authlogic/session/magic_columns.rb +19 -10
- data/lib/authlogic/session/magic_states.rb +7 -1
- data/lib/authlogic/session/password.rb +48 -34
- data/lib/authlogic/session/perishable_token.rb +7 -3
- data/lib/authlogic/session/validation.rb +13 -11
- data/lib/authlogic/test_case.rb +52 -32
- data/test/acts_as_authentic_test/email_test.rb +33 -29
- data/test/acts_as_authentic_test/logged_in_status_test.rb +2 -2
- data/test/acts_as_authentic_test/login_test.rb +50 -37
- data/test/acts_as_authentic_test/magic_columns_test.rb +8 -8
- data/test/acts_as_authentic_test/password_test.rb +14 -14
- data/test/acts_as_authentic_test/perishable_token_test.rb +5 -5
- data/test/acts_as_authentic_test/persistence_token_test.rb +4 -4
- data/test/acts_as_authentic_test/restful_authentication_test.rb +6 -6
- data/test/acts_as_authentic_test/session_maintenance_test.rb +15 -10
- data/test/acts_as_authentic_test/single_access_test.rb +6 -6
- data/test/authenticates_many_test.rb +1 -1
- data/test/gemfiles/Gemfile.rails-5.1.x +6 -0
- data/test/session_test/activation_test.rb +1 -1
- data/test/session_test/active_record_trickery_test.rb +3 -3
- data/test/session_test/brute_force_protection_test.rb +19 -14
- data/test/session_test/cookies_test.rb +21 -12
- data/test/session_test/existence_test.rb +15 -10
- data/test/session_test/http_auth_test.rb +2 -2
- data/test/session_test/magic_columns_test.rb +7 -4
- data/test/session_test/magic_states_test.rb +7 -9
- data/test/session_test/params_test.rb +6 -6
- data/test/session_test/password_test.rb +2 -2
- data/test/session_test/perishability_test.rb +1 -1
- data/test/session_test/persistence_test.rb +2 -2
- data/test/session_test/timeout_test.rb +7 -5
- data/test/session_test/validation_test.rb +1 -1
- data/test/test_helper.rb +10 -2
- metadata +10 -7
|
@@ -3,10 +3,15 @@ require 'test_helper'
|
|
|
3
3
|
module SessionTest
|
|
4
4
|
module ExistenceTest
|
|
5
5
|
class ClassMethodsTest < ActiveSupport::TestCase
|
|
6
|
-
def
|
|
6
|
+
def test_create_with_good_credentials
|
|
7
7
|
ben = users(:ben)
|
|
8
|
-
|
|
9
|
-
refute
|
|
8
|
+
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
|
9
|
+
refute session.new_session?
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def test_create_with_bad_credentials
|
|
13
|
+
session = UserSession.create(:login => "somelogin", :password => "badpw2")
|
|
14
|
+
assert session.new_session?
|
|
10
15
|
end
|
|
11
16
|
|
|
12
17
|
def test_create_bang
|
|
@@ -26,21 +31,21 @@ module SessionTest
|
|
|
26
31
|
|
|
27
32
|
set_session_for(users(:ben))
|
|
28
33
|
session = UserSession.find
|
|
29
|
-
|
|
34
|
+
refute session.new_session?
|
|
30
35
|
end
|
|
31
36
|
|
|
32
37
|
def test_save_with_nothing
|
|
33
38
|
session = UserSession.new
|
|
34
|
-
|
|
39
|
+
refute session.save
|
|
35
40
|
assert session.new_session?
|
|
36
41
|
end
|
|
37
42
|
|
|
38
43
|
def test_save_with_block
|
|
39
44
|
session = UserSession.new
|
|
40
45
|
block_result = session.save do |result|
|
|
41
|
-
|
|
46
|
+
refute result
|
|
42
47
|
end
|
|
43
|
-
|
|
48
|
+
refute block_result
|
|
44
49
|
assert session.new_session?
|
|
45
50
|
end
|
|
46
51
|
|
|
@@ -55,15 +60,15 @@ module SessionTest
|
|
|
55
60
|
def test_destroy
|
|
56
61
|
ben = users(:ben)
|
|
57
62
|
session = UserSession.new
|
|
58
|
-
|
|
59
|
-
|
|
63
|
+
refute session.valid?
|
|
64
|
+
refute session.errors.empty?
|
|
60
65
|
assert session.destroy
|
|
61
66
|
assert session.errors.empty?
|
|
62
67
|
session.unauthorized_record = ben
|
|
63
68
|
assert session.save
|
|
64
69
|
assert session.record
|
|
65
70
|
assert session.destroy
|
|
66
|
-
|
|
71
|
+
refute session.record
|
|
67
72
|
end
|
|
68
73
|
end
|
|
69
74
|
end
|
|
@@ -30,14 +30,14 @@ module SessionTest
|
|
|
30
30
|
def test_persist_persist_by_http_auth
|
|
31
31
|
aaron = users(:aaron)
|
|
32
32
|
http_basic_auth_for do
|
|
33
|
-
|
|
33
|
+
refute UserSession.find
|
|
34
34
|
end
|
|
35
35
|
http_basic_auth_for(aaron) do
|
|
36
36
|
assert session = UserSession.find
|
|
37
37
|
assert_equal aaron, session.record
|
|
38
38
|
assert_equal aaron.login, session.login
|
|
39
39
|
assert_equal "aaronrocks", session.send(:protected_password)
|
|
40
|
-
|
|
40
|
+
refute controller.http_auth_requested?
|
|
41
41
|
end
|
|
42
42
|
unset_session
|
|
43
43
|
UserSession.request_http_basic_auth = true
|
|
@@ -15,7 +15,7 @@ module SessionTest
|
|
|
15
15
|
class InstanceMethodsTest < ActiveSupport::TestCase
|
|
16
16
|
def test_after_persisting_set_last_request_at
|
|
17
17
|
ben = users(:ben)
|
|
18
|
-
|
|
18
|
+
refute UserSession.create(ben).new_session?
|
|
19
19
|
|
|
20
20
|
set_cookie_for(ben)
|
|
21
21
|
old_last_request_at = ben.last_request_at
|
|
@@ -27,7 +27,8 @@ module SessionTest
|
|
|
27
27
|
def test_valid_increase_failed_login_count
|
|
28
28
|
ben = users(:ben)
|
|
29
29
|
old_failed_login_count = ben.failed_login_count
|
|
30
|
-
|
|
30
|
+
session = UserSession.create(:login => ben.login, :password => "wrong")
|
|
31
|
+
assert session.new_session?
|
|
31
32
|
ben.reload
|
|
32
33
|
assert_equal old_failed_login_count + 1, ben.failed_login_count
|
|
33
34
|
end
|
|
@@ -36,7 +37,8 @@ module SessionTest
|
|
|
36
37
|
aaron = users(:aaron)
|
|
37
38
|
|
|
38
39
|
# increase failed login count
|
|
39
|
-
|
|
40
|
+
session = UserSession.create(:login => aaron.login, :password => "wrong")
|
|
41
|
+
assert session.new_session?
|
|
40
42
|
aaron.reload
|
|
41
43
|
|
|
42
44
|
# grab old values
|
|
@@ -44,7 +46,8 @@ module SessionTest
|
|
|
44
46
|
old_current_login_at = aaron.current_login_at
|
|
45
47
|
old_current_login_ip = aaron.current_login_ip
|
|
46
48
|
|
|
47
|
-
|
|
49
|
+
session = UserSession.create(:login => aaron.login, :password => "aaronrocks")
|
|
50
|
+
assert session.valid?
|
|
48
51
|
|
|
49
52
|
aaron.reload
|
|
50
53
|
assert_equal old_login_count + 1, aaron.login_count
|
|
@@ -15,11 +15,9 @@ module SessionTest
|
|
|
15
15
|
class InstanceMethodsTest < ActiveSupport::TestCase
|
|
16
16
|
def test_disabling_magic_states
|
|
17
17
|
UserSession.disable_magic_states = true
|
|
18
|
-
|
|
19
18
|
ben = users(:ben)
|
|
20
19
|
ben.update_attribute(:active, false)
|
|
21
|
-
|
|
22
|
-
|
|
20
|
+
refute UserSession.create(ben).new_session?
|
|
23
21
|
UserSession.disable_magic_states = false
|
|
24
22
|
end
|
|
25
23
|
|
|
@@ -30,8 +28,8 @@ module SessionTest
|
|
|
30
28
|
assert session.valid?
|
|
31
29
|
|
|
32
30
|
ben.update_attribute(:active, false)
|
|
33
|
-
|
|
34
|
-
|
|
31
|
+
refute session.valid?
|
|
32
|
+
refute session.errors[:base].empty?
|
|
35
33
|
end
|
|
36
34
|
|
|
37
35
|
def test_validate_validate_magic_states_approved
|
|
@@ -41,8 +39,8 @@ module SessionTest
|
|
|
41
39
|
assert session.valid?
|
|
42
40
|
|
|
43
41
|
ben.update_attribute(:approved, false)
|
|
44
|
-
|
|
45
|
-
|
|
42
|
+
refute session.valid?
|
|
43
|
+
refute session.errors[:base].empty?
|
|
46
44
|
end
|
|
47
45
|
|
|
48
46
|
def test_validate_validate_magic_states_confirmed
|
|
@@ -52,8 +50,8 @@ module SessionTest
|
|
|
52
50
|
assert session.valid?
|
|
53
51
|
|
|
54
52
|
ben.update_attribute(:confirmed, false)
|
|
55
|
-
|
|
56
|
-
|
|
53
|
+
refute session.valid?
|
|
54
|
+
refute session.errors[:base].empty?
|
|
57
55
|
end
|
|
58
56
|
end
|
|
59
57
|
end
|
|
@@ -25,17 +25,17 @@ module SessionTest
|
|
|
25
25
|
ben = users(:ben)
|
|
26
26
|
session = UserSession.new
|
|
27
27
|
|
|
28
|
-
|
|
28
|
+
refute session.persisting?
|
|
29
29
|
set_params_for(ben)
|
|
30
30
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
31
|
+
refute session.persisting?
|
|
32
|
+
refute session.unauthorized_record
|
|
33
|
+
refute session.record
|
|
34
34
|
assert_nil controller.session["user_credentials"]
|
|
35
35
|
|
|
36
36
|
set_request_content_type("text/plain")
|
|
37
|
-
|
|
38
|
-
|
|
37
|
+
refute session.persisting?
|
|
38
|
+
refute session.unauthorized_record
|
|
39
39
|
assert_nil controller.session["user_credentials"]
|
|
40
40
|
|
|
41
41
|
set_request_content_type("application/atom+xml")
|
|
@@ -21,7 +21,7 @@ module SessionTest
|
|
|
21
21
|
|
|
22
22
|
def test_generalize_credentials_error_mesages_set_to_false
|
|
23
23
|
UserSession.generalize_credentials_error_messages false
|
|
24
|
-
|
|
24
|
+
refute UserSession.generalize_credentials_error_messages
|
|
25
25
|
session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
|
|
26
26
|
assert_equal ["Password is not valid"], session.errors.full_messages
|
|
27
27
|
end
|
|
@@ -95,7 +95,7 @@ module SessionTest
|
|
|
95
95
|
aaron = users(:aaron)
|
|
96
96
|
session = UserSession.new(:login => aaron.login, :password => "aaronrocks")
|
|
97
97
|
assert session.save
|
|
98
|
-
|
|
98
|
+
refute session.new_session?
|
|
99
99
|
assert_equal 1, session.record.login_count
|
|
100
100
|
assert Time.now >= session.record.current_login_at
|
|
101
101
|
assert_equal "1.1.1.1", session.record.current_login_ip
|
|
@@ -4,7 +4,7 @@ module SessionTest
|
|
|
4
4
|
class PersistenceTest < ActiveSupport::TestCase
|
|
5
5
|
def test_find
|
|
6
6
|
aaron = users(:aaron)
|
|
7
|
-
|
|
7
|
+
refute UserSession.find
|
|
8
8
|
http_basic_auth_for(aaron) { assert UserSession.find }
|
|
9
9
|
set_cookie_for(aaron)
|
|
10
10
|
assert UserSession.find
|
|
@@ -22,7 +22,7 @@ module SessionTest
|
|
|
22
22
|
aaron = users(:aaron)
|
|
23
23
|
session = UserSession.new(aaron)
|
|
24
24
|
session.remember_me = true
|
|
25
|
-
|
|
25
|
+
refute UserSession.remember_me
|
|
26
26
|
assert session.save
|
|
27
27
|
assert session.remember_me?
|
|
28
28
|
session = UserSession.find(aaron)
|
|
@@ -8,7 +8,7 @@ module SessionTest
|
|
|
8
8
|
assert UserSession.logout_on_timeout
|
|
9
9
|
|
|
10
10
|
UserSession.logout_on_timeout false
|
|
11
|
-
|
|
11
|
+
refute UserSession.logout_on_timeout
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -33,7 +33,7 @@ module SessionTest
|
|
|
33
33
|
ben.save
|
|
34
34
|
|
|
35
35
|
assert session.persisting?
|
|
36
|
-
|
|
36
|
+
refute session.stale?
|
|
37
37
|
assert_nil session.stale_record
|
|
38
38
|
|
|
39
39
|
UserSession.logout_on_timeout = false
|
|
@@ -63,15 +63,17 @@ module SessionTest
|
|
|
63
63
|
assert session.save
|
|
64
64
|
Timecop.freeze(Time.now + 2.months)
|
|
65
65
|
assert session.persisting?
|
|
66
|
-
|
|
66
|
+
refute session.stale?
|
|
67
67
|
UserSession.remember_me = false
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
def test_successful_login
|
|
71
71
|
UserSession.logout_on_timeout = true
|
|
72
72
|
ben = users(:ben)
|
|
73
|
-
|
|
74
|
-
|
|
73
|
+
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
|
74
|
+
refute session.new_session?
|
|
75
|
+
session = UserSession.find
|
|
76
|
+
assert session
|
|
75
77
|
assert_equal ben, session.record
|
|
76
78
|
UserSession.logout_on_timeout = false
|
|
77
79
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -119,8 +119,16 @@ Authlogic::CryptoProviders::AES256.key = "myafdsfddddddddddddddddddddddddddddddd
|
|
|
119
119
|
class ActiveSupport::TestCase
|
|
120
120
|
include ActiveRecord::TestFixtures
|
|
121
121
|
self.fixture_path = File.dirname(__FILE__) + "/fixtures"
|
|
122
|
-
|
|
123
|
-
|
|
122
|
+
|
|
123
|
+
# use_transactional_fixtures= is deprecated and will be removed from Rails 5.1
|
|
124
|
+
# (use use_transactional_tests= instead)
|
|
125
|
+
if respond_to?(:use_transactional_tests=)
|
|
126
|
+
self.use_transactional_tests = false
|
|
127
|
+
else
|
|
128
|
+
self.use_transactional_fixtures = false
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
self.use_instantiated_fixtures = false
|
|
124
132
|
self.pre_loaded_fixtures = false
|
|
125
133
|
fixtures :all
|
|
126
134
|
setup :activate_authlogic
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Johnson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-04-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activerecord
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: '3.2'
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '5.
|
|
22
|
+
version: '5.2'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: '3.2'
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '5.
|
|
32
|
+
version: '5.2'
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: activesupport
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -39,7 +39,7 @@ dependencies:
|
|
|
39
39
|
version: '3.2'
|
|
40
40
|
- - "<"
|
|
41
41
|
- !ruby/object:Gem::Version
|
|
42
|
-
version: '5.
|
|
42
|
+
version: '5.2'
|
|
43
43
|
type: :runtime
|
|
44
44
|
prerelease: false
|
|
45
45
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -49,7 +49,7 @@ dependencies:
|
|
|
49
49
|
version: '3.2'
|
|
50
50
|
- - "<"
|
|
51
51
|
- !ruby/object:Gem::Version
|
|
52
|
-
version: '5.
|
|
52
|
+
version: '5.2'
|
|
53
53
|
- !ruby/object:Gem::Dependency
|
|
54
54
|
name: request_store
|
|
55
55
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -133,6 +133,7 @@ executables: []
|
|
|
133
133
|
extensions: []
|
|
134
134
|
extra_rdoc_files: []
|
|
135
135
|
files:
|
|
136
|
+
- ".github/ISSUE_TEMPLATE.md"
|
|
136
137
|
- ".gitignore"
|
|
137
138
|
- ".rubocop.yml"
|
|
138
139
|
- ".rubocop_todo.yml"
|
|
@@ -234,6 +235,7 @@ files:
|
|
|
234
235
|
- test/gemfiles/Gemfile.rails-4.1.x
|
|
235
236
|
- test/gemfiles/Gemfile.rails-4.2.x
|
|
236
237
|
- test/gemfiles/Gemfile.rails-5.0.x
|
|
238
|
+
- test/gemfiles/Gemfile.rails-5.1.x
|
|
237
239
|
- test/i18n/lol.yml
|
|
238
240
|
- test/i18n_test.rb
|
|
239
241
|
- test/libs/affiliate.rb
|
|
@@ -288,7 +290,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
288
290
|
version: '0'
|
|
289
291
|
requirements: []
|
|
290
292
|
rubyforge_project:
|
|
291
|
-
rubygems_version: 2.
|
|
293
|
+
rubygems_version: 2.6.11
|
|
292
294
|
signing_key:
|
|
293
295
|
specification_version: 4
|
|
294
296
|
summary: A clean, simple, and unobtrusive ruby authentication solution.
|
|
@@ -321,6 +323,7 @@ test_files:
|
|
|
321
323
|
- test/gemfiles/Gemfile.rails-4.1.x
|
|
322
324
|
- test/gemfiles/Gemfile.rails-4.2.x
|
|
323
325
|
- test/gemfiles/Gemfile.rails-5.0.x
|
|
326
|
+
- test/gemfiles/Gemfile.rails-5.1.x
|
|
324
327
|
- test/i18n/lol.yml
|
|
325
328
|
- test/i18n_test.rb
|
|
326
329
|
- test/libs/affiliate.rb
|