authlogic 3.8.0 → 4.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +28 -0
- data/.github/ISSUE_TEMPLATE/feature_proposal.md +32 -0
- data/.github/triage.md +86 -0
- data/.gitignore +4 -3
- data/.rubocop.yml +109 -9
- data/.rubocop_todo.yml +38 -355
- data/.travis.yml +11 -35
- data/CHANGELOG.md +345 -2
- data/CONTRIBUTING.md +45 -14
- data/Gemfile +3 -2
- data/README.md +244 -90
- data/Rakefile +10 -10
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +34 -21
- data/doc/use_normal_rails_validation.md +82 -0
- data/gemfiles/Gemfile.rails-4.2.x +6 -0
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.1.x +2 -2
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.2.x +2 -2
- data/lib/authlogic/acts_as_authentic/base.rb +36 -24
- data/lib/authlogic/acts_as_authentic/email.rb +65 -31
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +14 -9
- data/lib/authlogic/acts_as_authentic/login.rb +61 -45
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +6 -6
- data/lib/authlogic/acts_as_authentic/password.rb +267 -146
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +24 -19
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -15
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +50 -14
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +88 -60
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +23 -11
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +9 -6
- data/lib/authlogic/authenticates_many/association.rb +7 -7
- data/lib/authlogic/authenticates_many/base.rb +37 -21
- data/lib/authlogic/config.rb +21 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +38 -11
- data/lib/authlogic/controller_adapters/rack_adapter.rb +9 -5
- data/lib/authlogic/controller_adapters/rails_adapter.rb +12 -7
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +2 -2
- data/lib/authlogic/crypto_providers/aes256.rb +37 -32
- data/lib/authlogic/crypto_providers/bcrypt.rb +21 -15
- data/lib/authlogic/crypto_providers/md5.rb +4 -2
- data/lib/authlogic/crypto_providers/scrypt.rb +22 -17
- data/lib/authlogic/crypto_providers/sha1.rb +11 -5
- data/lib/authlogic/crypto_providers/sha256.rb +13 -9
- data/lib/authlogic/crypto_providers/sha512.rb +0 -21
- data/lib/authlogic/crypto_providers/wordpress.rb +32 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/i18n.rb +26 -19
- data/lib/authlogic/random.rb +10 -28
- data/lib/authlogic/regex.rb +59 -28
- data/lib/authlogic/session/activation.rb +10 -7
- data/lib/authlogic/session/active_record_trickery.rb +13 -9
- data/lib/authlogic/session/base.rb +15 -4
- data/lib/authlogic/session/brute_force_protection.rb +40 -33
- data/lib/authlogic/session/callbacks.rb +94 -46
- data/lib/authlogic/session/cookies.rb +130 -45
- data/lib/authlogic/session/existence.rb +21 -11
- data/lib/authlogic/session/foundation.rb +64 -14
- data/lib/authlogic/session/http_auth.rb +35 -28
- data/lib/authlogic/session/id.rb +9 -4
- data/lib/authlogic/session/klass.rb +15 -12
- data/lib/authlogic/session/magic_columns.rb +58 -55
- data/lib/authlogic/session/magic_states.rb +25 -19
- data/lib/authlogic/session/params.rb +42 -28
- data/lib/authlogic/session/password.rb +130 -120
- data/lib/authlogic/session/perishable_token.rb +5 -4
- data/lib/authlogic/session/persistence.rb +18 -12
- data/lib/authlogic/session/priority_record.rb +15 -12
- data/lib/authlogic/session/scopes.rb +51 -32
- data/lib/authlogic/session/session.rb +38 -28
- data/lib/authlogic/session/timeout.rb +13 -13
- data/lib/authlogic/session/unauthorized_record.rb +18 -13
- data/lib/authlogic/session/validation.rb +9 -9
- data/lib/authlogic/test_case/mock_controller.rb +5 -4
- data/lib/authlogic/test_case/mock_cookie_jar.rb +47 -3
- data/lib/authlogic/test_case/mock_request.rb +6 -3
- data/lib/authlogic/test_case/rails_request_adapter.rb +3 -2
- data/lib/authlogic/test_case.rb +70 -2
- data/lib/authlogic/version.rb +21 -0
- data/lib/authlogic.rb +51 -49
- data/test/acts_as_authentic_test/base_test.rb +3 -1
- data/test/acts_as_authentic_test/email_test.rb +43 -42
- data/test/acts_as_authentic_test/logged_in_status_test.rb +6 -4
- data/test/acts_as_authentic_test/login_test.rb +77 -80
- data/test/acts_as_authentic_test/magic_columns_test.rb +3 -1
- data/test/acts_as_authentic_test/password_test.rb +51 -37
- data/test/acts_as_authentic_test/perishable_token_test.rb +13 -5
- data/test/acts_as_authentic_test/persistence_token_test.rb +7 -1
- data/test/acts_as_authentic_test/restful_authentication_test.rb +14 -3
- data/test/acts_as_authentic_test/session_maintenance_test.rb +69 -15
- data/test/acts_as_authentic_test/single_access_test.rb +3 -1
- data/test/adapter_test.rb +23 -0
- data/test/authenticates_many_test.rb +3 -1
- data/test/config_test.rb +11 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -1
- data/test/crypto_provider_test/bcrypt_test.rb +3 -1
- data/test/crypto_provider_test/scrypt_test.rb +3 -1
- data/test/crypto_provider_test/sha1_test.rb +3 -1
- data/test/crypto_provider_test/sha256_test.rb +3 -1
- data/test/crypto_provider_test/sha512_test.rb +3 -1
- data/test/crypto_provider_test/wordpress_test.rb +26 -0
- data/test/fixtures/companies.yml +2 -2
- data/test/fixtures/employees.yml +1 -1
- data/test/i18n_test.rb +6 -4
- data/test/libs/affiliate.rb +2 -0
- data/test/libs/company.rb +4 -2
- data/test/libs/employee.rb +2 -0
- data/test/libs/employee_session.rb +2 -0
- data/test/libs/ldaper.rb +2 -0
- data/test/libs/project.rb +2 -0
- data/test/libs/user.rb +2 -0
- data/test/libs/user_session.rb +4 -2
- data/test/random_test.rb +10 -38
- data/test/session_test/activation_test.rb +3 -1
- data/test/session_test/active_record_trickery_test.rb +7 -4
- data/test/session_test/brute_force_protection_test.rb +11 -9
- data/test/session_test/callbacks_test.rb +12 -4
- data/test/session_test/cookies_test.rb +48 -5
- data/test/session_test/existence_test.rb +18 -5
- data/test/session_test/foundation_test.rb +19 -1
- data/test/session_test/http_auth_test.rb +11 -7
- data/test/session_test/id_test.rb +3 -1
- data/test/session_test/klass_test.rb +3 -1
- data/test/session_test/magic_columns_test.rb +13 -13
- data/test/session_test/magic_states_test.rb +3 -1
- data/test/session_test/params_test.rb +13 -5
- data/test/session_test/password_test.rb +10 -8
- data/test/session_test/perishability_test.rb +3 -1
- data/test/session_test/persistence_test.rb +4 -1
- data/test/session_test/scopes_test.rb +16 -8
- data/test/session_test/session_test.rb +6 -4
- data/test/session_test/timeout_test.rb +4 -2
- data/test/session_test/unauthorized_record_test.rb +4 -2
- data/test/session_test/validation_test.rb +3 -1
- data/test/test_helper.rb +84 -45
- metadata +87 -73
- data/.github/ISSUE_TEMPLATE.md +0 -13
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-5.0.x +0 -6
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
#
|
|
2
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "test_helper"
|
|
3
4
|
|
|
4
5
|
module ActsAsAuthenticTest
|
|
5
6
|
class EmailTest < ActiveSupport::TestCase
|
|
@@ -10,7 +11,7 @@ module ActsAsAuthenticTest
|
|
|
10
11
|
"dakota.d'ux@gmail.com",
|
|
11
12
|
"a&b@c.com",
|
|
12
13
|
"someuser@somedomain.travelersinsurance"
|
|
13
|
-
]
|
|
14
|
+
].freeze
|
|
14
15
|
|
|
15
16
|
BAD_ASCII_EMAILS = [
|
|
16
17
|
"",
|
|
@@ -19,13 +20,13 @@ module ActsAsAuthenticTest
|
|
|
19
20
|
"backslash@g\\mail.com",
|
|
20
21
|
"<script>alert(123);</script>\nnobody@example.com",
|
|
21
22
|
"someuser@somedomain.isreallytoolongandimeanreallytoolong"
|
|
22
|
-
]
|
|
23
|
+
].freeze
|
|
23
24
|
|
|
24
25
|
# http://en.wikipedia.org/wiki/ISO/IEC_8859-1#Codepage_layout
|
|
25
26
|
GOOD_ISO88591_EMAILS = [
|
|
26
27
|
"töm.öm@dömain.fi", # https://github.com/binarylogic/authlogic/issues/176
|
|
27
28
|
"Pelé@examplé.com", # http://en.wikipedia.org/wiki/Email_address#Internationalization_examples
|
|
28
|
-
]
|
|
29
|
+
].freeze
|
|
29
30
|
|
|
30
31
|
BAD_ISO88591_EMAILS = [
|
|
31
32
|
"",
|
|
@@ -34,34 +35,34 @@ module ActsAsAuthenticTest
|
|
|
34
35
|
"é[@example.com", # L bracket
|
|
35
36
|
"question?mark@gmail.com", # question mark
|
|
36
37
|
"back\\slash@gmail.com", # backslash
|
|
37
|
-
]
|
|
38
|
+
].freeze
|
|
38
39
|
|
|
39
40
|
GOOD_UTF8_EMAILS = [
|
|
40
|
-
"δκιμή@παράδεγμα.δοκμή",
|
|
41
|
+
"δκιμή@παράδεγμα.δοκμή", # http://en.wikipedia.org/wiki/Email_address#Internationalization_examples
|
|
41
42
|
"我本@屋企.香港", # http://en.wikipedia.org/wiki/Email_address#Internationalization_examples
|
|
42
43
|
"甲斐@黒川.日買", # http://en.wikipedia.org/wiki/Email_address#Internationalization_examples
|
|
43
|
-
"чебурша@ящик-с-пельнами.рф",
|
|
44
|
-
"企斐@黒川.みんな",
|
|
45
|
-
]
|
|
44
|
+
"чебурша@ящик-с-пельнами.рф", # Contains dashes in domain head
|
|
45
|
+
"企斐@黒川.みんな", # https://github.com/binarylogic/authlogic/issues/176#issuecomment-55829320
|
|
46
|
+
].freeze
|
|
46
47
|
|
|
47
48
|
BAD_UTF8_EMAILS = [
|
|
48
49
|
"",
|
|
49
|
-
|
|
50
|
-
|
|
50
|
+
".みんな", # https://github.com/binarylogic/authlogic/issues/176#issuecomment-55829320
|
|
51
|
+
"δκιμή@παράδεγμα.δ", # short TLD
|
|
51
52
|
"öm(@ava.fi", # L paren
|
|
52
53
|
"é)@domain.com", # R paren
|
|
53
54
|
"é[@example.com", # L bracket
|
|
54
55
|
"δ]@πράιγμα.δοκμή", # R bracket
|
|
55
56
|
"我\.香港", # slash
|
|
56
57
|
"甲;.日本", # semicolon
|
|
57
|
-
"ч:@ящик-с-пельнами.рф",
|
|
58
|
-
"斐,.みんな",
|
|
58
|
+
"ч:@ящик-с-пельнами.рф", # colon
|
|
59
|
+
"斐,.みんな", # comma
|
|
59
60
|
"香<.香港", # less than
|
|
60
61
|
"我>.香港", # greater than
|
|
61
|
-
"我?本@屋企.香港",
|
|
62
|
-
"чебурша@ьн\\ами.рф",
|
|
62
|
+
"我?本@屋企.香港", # question mark
|
|
63
|
+
"чебурша@ьн\\ами.рф", # backslash
|
|
63
64
|
"user@domain.com%0A<script>alert('hello')</script>"
|
|
64
|
-
]
|
|
65
|
+
].freeze
|
|
65
66
|
|
|
66
67
|
def test_email_field_config
|
|
67
68
|
assert_equal :email, User.email_field
|
|
@@ -84,22 +85,22 @@ module ActsAsAuthenticTest
|
|
|
84
85
|
end
|
|
85
86
|
|
|
86
87
|
def test_validates_length_of_email_field_options_config
|
|
87
|
-
assert_equal({ :
|
|
88
|
-
assert_equal({ :
|
|
88
|
+
assert_equal({ maximum: 100 }, User.validates_length_of_email_field_options)
|
|
89
|
+
assert_equal({ maximum: 100 }, Employee.validates_length_of_email_field_options)
|
|
89
90
|
|
|
90
|
-
User.validates_length_of_email_field_options = { :
|
|
91
|
-
assert_equal({ :
|
|
92
|
-
User.validates_length_of_email_field_options(
|
|
93
|
-
assert_equal({ :
|
|
91
|
+
User.validates_length_of_email_field_options = { yes: "no" }
|
|
92
|
+
assert_equal({ yes: "no" }, User.validates_length_of_email_field_options)
|
|
93
|
+
User.validates_length_of_email_field_options(within: 6..100)
|
|
94
|
+
assert_equal({ within: 6..100 }, User.validates_length_of_email_field_options)
|
|
94
95
|
end
|
|
95
96
|
|
|
96
97
|
def test_validates_format_of_email_field_options_config
|
|
97
98
|
default = {
|
|
98
|
-
:
|
|
99
|
-
:
|
|
99
|
+
with: Authlogic::Regex::EMAIL,
|
|
100
|
+
message: proc do
|
|
100
101
|
I18n.t(
|
|
101
|
-
|
|
102
|
-
:
|
|
102
|
+
"error_messages.email_invalid",
|
|
103
|
+
default: "should look like an email address."
|
|
103
104
|
)
|
|
104
105
|
end
|
|
105
106
|
}
|
|
@@ -117,17 +118,17 @@ module ActsAsAuthenticTest
|
|
|
117
118
|
assert_equal default_message, message.call
|
|
118
119
|
assert_equal default, options
|
|
119
120
|
|
|
120
|
-
User.validates_format_of_email_field_options = { :
|
|
121
|
-
assert_equal({ :
|
|
121
|
+
User.validates_format_of_email_field_options = { yes: "no" }
|
|
122
|
+
assert_equal({ yes: "no" }, User.validates_format_of_email_field_options)
|
|
122
123
|
User.validates_format_of_email_field_options default
|
|
123
124
|
assert_equal default, User.validates_format_of_email_field_options
|
|
124
125
|
|
|
125
126
|
with_email_nonascii = {
|
|
126
|
-
:
|
|
127
|
-
:
|
|
127
|
+
with: Authlogic::Regex::EMAIL_NONASCII,
|
|
128
|
+
message: proc do
|
|
128
129
|
I18n.t(
|
|
129
|
-
|
|
130
|
-
:
|
|
130
|
+
"error_messages.email_invalid_international",
|
|
131
|
+
default: "should look like an international email address."
|
|
131
132
|
)
|
|
132
133
|
end
|
|
133
134
|
}
|
|
@@ -141,11 +142,11 @@ module ActsAsAuthenticTest
|
|
|
141
142
|
# ensure we successfully loaded the test locale
|
|
142
143
|
assert I18n.available_locales.include?(:lol), "Test locale failed to load"
|
|
143
144
|
|
|
144
|
-
I18n.with_locale(
|
|
145
|
+
I18n.with_locale("lol") do
|
|
145
146
|
message = I18n.t("authlogic.error_messages.email_invalid")
|
|
146
147
|
|
|
147
148
|
cat = User.new
|
|
148
|
-
cat.email =
|
|
149
|
+
cat.email = "meow"
|
|
149
150
|
cat.valid?
|
|
150
151
|
|
|
151
152
|
# filter duplicate error messages
|
|
@@ -158,14 +159,14 @@ module ActsAsAuthenticTest
|
|
|
158
159
|
|
|
159
160
|
def test_validates_uniqueness_of_email_field_options_config
|
|
160
161
|
default = {
|
|
161
|
-
:
|
|
162
|
-
:
|
|
163
|
-
:
|
|
162
|
+
case_sensitive: false,
|
|
163
|
+
scope: Employee.validations_scope,
|
|
164
|
+
if: "#{Employee.email_field}_changed?".to_sym
|
|
164
165
|
}
|
|
165
166
|
assert_equal default, Employee.validates_uniqueness_of_email_field_options
|
|
166
167
|
|
|
167
|
-
Employee.validates_uniqueness_of_email_field_options = { :
|
|
168
|
-
assert_equal({ :
|
|
168
|
+
Employee.validates_uniqueness_of_email_field_options = { yes: "no" }
|
|
169
|
+
assert_equal({ yes: "no" }, Employee.validates_uniqueness_of_email_field_options)
|
|
169
170
|
Employee.validates_uniqueness_of_email_field_options default
|
|
170
171
|
assert_equal default, Employee.validates_uniqueness_of_email_field_options
|
|
171
172
|
end
|
|
@@ -214,11 +215,11 @@ module ActsAsAuthenticTest
|
|
|
214
215
|
|
|
215
216
|
def test_validates_format_of_nonascii_email_field
|
|
216
217
|
(GOOD_ASCII_EMAILS + GOOD_ISO88591_EMAILS + GOOD_UTF8_EMAILS).each do |e|
|
|
217
|
-
assert e =~
|
|
218
|
+
assert e =~ Authlogic::Regex::EMAIL_NONASCII, "Good email should validate: #{e}"
|
|
218
219
|
end
|
|
219
220
|
|
|
220
221
|
(BAD_ASCII_EMAILS + BAD_ISO88591_EMAILS + BAD_UTF8_EMAILS).each do |e|
|
|
221
|
-
assert e !~
|
|
222
|
+
assert e !~ Authlogic::Regex::EMAIL_NONASCII, "Bad email should not validate: #{e}"
|
|
222
223
|
end
|
|
223
224
|
end
|
|
224
225
|
|
|
@@ -1,8 +1,10 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "test_helper"
|
|
2
4
|
|
|
3
5
|
module ActsAsAuthenticTest
|
|
4
6
|
class LoggedInStatusTest < ActiveSupport::TestCase
|
|
5
|
-
ERROR_MSG =
|
|
7
|
+
ERROR_MSG = "Multiple calls to %s should result in different relations"
|
|
6
8
|
|
|
7
9
|
def test_logged_in_timeout_config
|
|
8
10
|
assert_equal 10.minutes.to_i, User.logged_in_timeout
|
|
@@ -25,7 +27,7 @@ module ActsAsAuthenticTest
|
|
|
25
27
|
query1 = User.logged_in.to_sql
|
|
26
28
|
sleep 0.1
|
|
27
29
|
query2 = User.logged_in.to_sql
|
|
28
|
-
assert query1 != query2, ERROR_MSG %
|
|
30
|
+
assert query1 != query2, ERROR_MSG % "#logged_in"
|
|
29
31
|
|
|
30
32
|
assert_equal 0, User.logged_in.count
|
|
31
33
|
user = User.first
|
|
@@ -43,7 +45,7 @@ module ActsAsAuthenticTest
|
|
|
43
45
|
|
|
44
46
|
# for rails 5 I've changed the where_values to to_sql to compare
|
|
45
47
|
|
|
46
|
-
assert User.logged_in.to_sql != User.logged_out.to_sql, ERROR_MSG %
|
|
48
|
+
assert User.logged_in.to_sql != User.logged_out.to_sql, ERROR_MSG % "#logged_out"
|
|
47
49
|
|
|
48
50
|
assert_equal 3, User.logged_out.count
|
|
49
51
|
User.first.update_attribute(:last_request_at, Time.now)
|
|
@@ -1,44 +1,45 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
class LoginTest < ActiveSupport::TestCase
|
|
5
|
-
def test_login_field_config
|
|
6
|
-
assert_equal :login, User.login_field
|
|
7
|
-
assert_nil Employee.login_field
|
|
8
|
-
|
|
9
|
-
User.login_field = :nope
|
|
10
|
-
assert_equal :nope, User.login_field
|
|
11
|
-
User.login_field :login
|
|
12
|
-
assert_equal :login, User.login_field
|
|
13
|
-
end
|
|
3
|
+
require "test_helper"
|
|
14
4
|
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
5
|
+
module ActsAsAuthenticTest
|
|
6
|
+
# Tests for configuration option: `validates_format_of_login_field_options`
|
|
7
|
+
class ValidatesFormatOfLoginTest < ActiveSupport::TestCase
|
|
8
|
+
def test_invalid_format
|
|
9
|
+
[
|
|
10
|
+
"fdsf@^&*",
|
|
11
|
+
" space",
|
|
12
|
+
".dot",
|
|
13
|
+
"-hyphen",
|
|
14
|
+
"@atmark",
|
|
15
|
+
"+plus"
|
|
16
|
+
].each do |login|
|
|
17
|
+
u = User.new(login: login)
|
|
18
|
+
refute u.valid?
|
|
19
|
+
refute u.errors[:login].empty?
|
|
20
|
+
end
|
|
23
21
|
end
|
|
24
22
|
|
|
25
|
-
def
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
23
|
+
def test_valid_format
|
|
24
|
+
[
|
|
25
|
+
"fdsfdsfdsfdsfs",
|
|
26
|
+
"dakota.dux+1@gmail.com",
|
|
27
|
+
"marks .-_@+",
|
|
28
|
+
"_underscore"
|
|
29
|
+
].each do |login|
|
|
30
|
+
u = User.new(login: login)
|
|
31
|
+
refute u.valid?
|
|
32
|
+
assert u.errors[:login].empty?
|
|
33
|
+
end
|
|
33
34
|
end
|
|
34
35
|
|
|
35
36
|
def test_validates_format_of_login_field_options_config
|
|
36
37
|
default = {
|
|
37
|
-
:
|
|
38
|
-
:
|
|
38
|
+
with: /\A[a-zA-Z0-9_][a-zA-Z0-9\.+\-_@ ]+\z/,
|
|
39
|
+
message: proc do
|
|
39
40
|
I18n.t(
|
|
40
|
-
|
|
41
|
-
:
|
|
41
|
+
"error_messages.login_invalid",
|
|
42
|
+
default: "should use only letters, numbers, spaces, and .-_@+ please."
|
|
42
43
|
)
|
|
43
44
|
end
|
|
44
45
|
}
|
|
@@ -56,18 +57,57 @@ module ActsAsAuthenticTest
|
|
|
56
57
|
assert_equal default_message, message.call
|
|
57
58
|
assert_equal default, options
|
|
58
59
|
|
|
59
|
-
User.validates_format_of_login_field_options = { :
|
|
60
|
-
assert_equal({ :
|
|
60
|
+
User.validates_format_of_login_field_options = { yes: "no" }
|
|
61
|
+
assert_equal({ yes: "no" }, User.validates_format_of_login_field_options)
|
|
61
62
|
User.validates_format_of_login_field_options default
|
|
62
63
|
assert_equal default, User.validates_format_of_login_field_options
|
|
63
64
|
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
# Miscellaneous tests for configuration options related to the `login_field`.
|
|
68
|
+
# Feel free to organize these into separate `TestCase`s as we have done above
|
|
69
|
+
# with `ValidatesFormatOfLoginTest`.
|
|
70
|
+
class MiscellaneousLoginTest < ActiveSupport::TestCase
|
|
71
|
+
def test_login_field_config
|
|
72
|
+
assert_equal :login, User.login_field
|
|
73
|
+
assert_nil Employee.login_field
|
|
74
|
+
|
|
75
|
+
User.login_field = :nope
|
|
76
|
+
assert_equal :nope, User.login_field
|
|
77
|
+
User.login_field :login
|
|
78
|
+
assert_equal :login, User.login_field
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def test_validate_login_field_config
|
|
82
|
+
assert User.validate_login_field
|
|
83
|
+
assert Employee.validate_login_field
|
|
84
|
+
|
|
85
|
+
User.validate_login_field = false
|
|
86
|
+
refute User.validate_login_field
|
|
87
|
+
User.validate_login_field true
|
|
88
|
+
assert User.validate_login_field
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def test_validates_length_of_login_field_options_config
|
|
92
|
+
assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
|
|
93
|
+
assert_equal({ within: 3..100 }, Employee.validates_length_of_login_field_options)
|
|
94
|
+
|
|
95
|
+
User.validates_length_of_login_field_options = { yes: "no" }
|
|
96
|
+
assert_equal({ yes: "no" }, User.validates_length_of_login_field_options)
|
|
97
|
+
User.validates_length_of_login_field_options(within: 3..100)
|
|
98
|
+
assert_equal({ within: 3..100 }, User.validates_length_of_login_field_options)
|
|
99
|
+
end
|
|
64
100
|
|
|
65
101
|
def test_validates_uniqueness_of_login_field_options_config
|
|
66
|
-
default = {
|
|
102
|
+
default = {
|
|
103
|
+
case_sensitive: false,
|
|
104
|
+
scope: User.validations_scope,
|
|
105
|
+
if: "#{User.login_field}_changed?".to_sym
|
|
106
|
+
}
|
|
67
107
|
assert_equal default, User.validates_uniqueness_of_login_field_options
|
|
68
108
|
|
|
69
|
-
User.validates_uniqueness_of_login_field_options = { :
|
|
70
|
-
assert_equal({ :
|
|
109
|
+
User.validates_uniqueness_of_login_field_options = { yes: "no" }
|
|
110
|
+
assert_equal({ yes: "no" }, User.validates_uniqueness_of_login_field_options)
|
|
71
111
|
User.validates_uniqueness_of_login_field_options default
|
|
72
112
|
assert_equal default, User.validates_uniqueness_of_login_field_options
|
|
73
113
|
end
|
|
@@ -83,49 +123,6 @@ module ActsAsAuthenticTest
|
|
|
83
123
|
assert u.errors[:login].empty?
|
|
84
124
|
end
|
|
85
125
|
|
|
86
|
-
def test_validates_format_of_login_field
|
|
87
|
-
u = User.new
|
|
88
|
-
u.login = "fdsf@^&*"
|
|
89
|
-
refute u.valid?
|
|
90
|
-
refute u.errors[:login].empty?
|
|
91
|
-
|
|
92
|
-
u.login = "fdsfdsfdsfdsfs"
|
|
93
|
-
refute u.valid?
|
|
94
|
-
assert u.errors[:login].empty?
|
|
95
|
-
|
|
96
|
-
u.login = "dakota.dux+1@gmail.com"
|
|
97
|
-
refute u.valid?
|
|
98
|
-
assert u.errors[:login].empty?
|
|
99
|
-
|
|
100
|
-
u.login = "marks .-_@+"
|
|
101
|
-
refute u.valid?
|
|
102
|
-
assert u.errors[:login].empty?
|
|
103
|
-
|
|
104
|
-
u.login = " space"
|
|
105
|
-
refute u.valid?
|
|
106
|
-
refute u.errors[:login].empty?
|
|
107
|
-
|
|
108
|
-
u.login = ".dot"
|
|
109
|
-
refute u.valid?
|
|
110
|
-
refute u.errors[:login].empty?
|
|
111
|
-
|
|
112
|
-
u.login = "-hyphen"
|
|
113
|
-
refute u.valid?
|
|
114
|
-
refute u.errors[:login].empty?
|
|
115
|
-
|
|
116
|
-
u.login = "_underscore"
|
|
117
|
-
refute u.valid?
|
|
118
|
-
assert u.errors[:login].empty?
|
|
119
|
-
|
|
120
|
-
u.login = "@atmark"
|
|
121
|
-
refute u.valid?
|
|
122
|
-
refute u.errors[:login].empty?
|
|
123
|
-
|
|
124
|
-
u.login = "+plus"
|
|
125
|
-
refute u.valid?
|
|
126
|
-
refute u.errors[:login].empty?
|
|
127
|
-
end
|
|
128
|
-
|
|
129
126
|
def test_validates_uniqueness_of_login_field
|
|
130
127
|
u = User.new
|
|
131
128
|
u.login = "bjohnson"
|
|
@@ -1,8 +1,12 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "test_helper"
|
|
2
4
|
|
|
3
5
|
module ActsAsAuthenticTest
|
|
4
6
|
class PasswordTest < ActiveSupport::TestCase
|
|
5
|
-
|
|
7
|
+
# If test_human_name is executed after test_i18n_of_human_name the test will fail.
|
|
8
|
+
i_suck_and_my_tests_are_order_dependent!
|
|
9
|
+
|
|
6
10
|
def test_crypted_password_field_config
|
|
7
11
|
assert_equal :crypted_password, User.crypted_password_field
|
|
8
12
|
assert_equal :crypted_password, Employee.crypted_password_field
|
|
@@ -52,34 +56,34 @@ module ActsAsAuthenticTest
|
|
|
52
56
|
end
|
|
53
57
|
|
|
54
58
|
def test_validates_length_of_password_field_options_config
|
|
55
|
-
default = { :
|
|
59
|
+
default = { minimum: 8, if: :require_password? }
|
|
56
60
|
assert_equal default, User.validates_length_of_password_field_options
|
|
57
61
|
assert_equal default, Employee.validates_length_of_password_field_options
|
|
58
62
|
|
|
59
|
-
User.validates_length_of_password_field_options = { :
|
|
60
|
-
assert_equal({ :
|
|
63
|
+
User.validates_length_of_password_field_options = { yes: "no" }
|
|
64
|
+
assert_equal({ yes: "no" }, User.validates_length_of_password_field_options)
|
|
61
65
|
User.validates_length_of_password_field_options default
|
|
62
66
|
assert_equal default, User.validates_length_of_password_field_options
|
|
63
67
|
end
|
|
64
68
|
|
|
65
69
|
def test_validates_confirmation_of_password_field_options_config
|
|
66
|
-
default = { :
|
|
70
|
+
default = { if: :require_password? }
|
|
67
71
|
assert_equal default, User.validates_confirmation_of_password_field_options
|
|
68
72
|
assert_equal default, Employee.validates_confirmation_of_password_field_options
|
|
69
73
|
|
|
70
|
-
User.validates_confirmation_of_password_field_options = { :
|
|
71
|
-
assert_equal({ :
|
|
74
|
+
User.validates_confirmation_of_password_field_options = { yes: "no" }
|
|
75
|
+
assert_equal({ yes: "no" }, User.validates_confirmation_of_password_field_options)
|
|
72
76
|
User.validates_confirmation_of_password_field_options default
|
|
73
77
|
assert_equal default, User.validates_confirmation_of_password_field_options
|
|
74
78
|
end
|
|
75
79
|
|
|
76
80
|
def test_validates_length_of_password_confirmation_field_options_config
|
|
77
|
-
default = { :
|
|
81
|
+
default = { minimum: 8, if: :require_password? }
|
|
78
82
|
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
|
79
83
|
assert_equal default, Employee.validates_length_of_password_confirmation_field_options
|
|
80
84
|
|
|
81
|
-
User.validates_length_of_password_confirmation_field_options = { :
|
|
82
|
-
assert_equal({ :
|
|
85
|
+
User.validates_length_of_password_confirmation_field_options = { yes: "no" }
|
|
86
|
+
assert_equal({ yes: "no" }, User.validates_length_of_password_confirmation_field_options)
|
|
83
87
|
User.validates_length_of_password_confirmation_field_options default
|
|
84
88
|
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
|
85
89
|
end
|
|
@@ -105,7 +109,12 @@ module ActsAsAuthenticTest
|
|
|
105
109
|
end
|
|
106
110
|
|
|
107
111
|
def test_validates_length_of_password
|
|
108
|
-
u = User.new(
|
|
112
|
+
u = User.new(
|
|
113
|
+
login: "abcde",
|
|
114
|
+
email: "abcde@test.com",
|
|
115
|
+
password: "abcdefgh",
|
|
116
|
+
password_confirmation: "abcdefgh"
|
|
117
|
+
)
|
|
109
118
|
assert u.valid?
|
|
110
119
|
|
|
111
120
|
u.password = u.password_confirmation = "abcdef"
|
|
@@ -116,17 +125,18 @@ module ActsAsAuthenticTest
|
|
|
116
125
|
end
|
|
117
126
|
|
|
118
127
|
def test_validates_confirmation_of_password
|
|
119
|
-
u = User.new(
|
|
128
|
+
u = User.new(
|
|
129
|
+
login: "abcde",
|
|
130
|
+
email: "abcde@test.com",
|
|
131
|
+
password: "abcdefgh",
|
|
132
|
+
password_confirmation: "abcdefgh"
|
|
133
|
+
)
|
|
120
134
|
assert u.valid?
|
|
121
135
|
|
|
122
136
|
u.password_confirmation = "abcdefghij"
|
|
123
137
|
refute u.valid?
|
|
124
138
|
|
|
125
|
-
|
|
126
|
-
assert u.errors[:password_confirmation].include?("doesn't match Password")
|
|
127
|
-
else
|
|
128
|
-
assert u.errors[:password].include?("doesn't match confirmation")
|
|
129
|
-
end
|
|
139
|
+
assert u.errors[:password_confirmation].include?("doesn't match Password")
|
|
130
140
|
end
|
|
131
141
|
|
|
132
142
|
def test_validates_length_of_password_confirmation
|
|
@@ -225,25 +235,29 @@ module ActsAsAuthenticTest
|
|
|
225
235
|
|
|
226
236
|
private
|
|
227
237
|
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
238
|
+
def transition_password_to(
|
|
239
|
+
crypto_provider,
|
|
240
|
+
records,
|
|
241
|
+
from_crypto_providers = Authlogic::CryptoProviders::Sha512
|
|
242
|
+
)
|
|
243
|
+
records = [records] unless records.is_a?(Array)
|
|
244
|
+
User.acts_as_authentic do |c|
|
|
245
|
+
c.crypto_provider = crypto_provider
|
|
246
|
+
c.transition_from_crypto_providers = from_crypto_providers
|
|
247
|
+
end
|
|
248
|
+
records.each do |record|
|
|
249
|
+
old_hash = record.crypted_password
|
|
250
|
+
old_persistence_token = record.persistence_token
|
|
251
|
+
assert record.valid_password?(password_for(record))
|
|
252
|
+
assert_not_equal old_hash.to_s, record.crypted_password.to_s
|
|
253
|
+
assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
|
|
254
|
+
|
|
255
|
+
old_hash = record.crypted_password
|
|
256
|
+
old_persistence_token = record.persistence_token
|
|
257
|
+
assert record.valid_password?(password_for(record))
|
|
258
|
+
assert_equal old_hash.to_s, record.crypted_password.to_s
|
|
259
|
+
assert_equal old_persistence_token.to_s, record.persistence_token.to_s
|
|
247
260
|
end
|
|
261
|
+
end
|
|
248
262
|
end
|
|
249
263
|
end
|
|
@@ -1,4 +1,6 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "test_helper"
|
|
2
4
|
|
|
3
5
|
module ActsAsAuthenticTest
|
|
4
6
|
class PerishableTokenTest < ActiveSupport::TestCase
|
|
@@ -60,14 +62,18 @@ module ActsAsAuthenticTest
|
|
|
60
62
|
|
|
61
63
|
def test_find_using_perishable_token_when_perished
|
|
62
64
|
ben = users(:ben)
|
|
63
|
-
ActiveRecord::Base.connection.execute(
|
|
65
|
+
ActiveRecord::Base.connection.execute(
|
|
66
|
+
"UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}"
|
|
67
|
+
)
|
|
64
68
|
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
|
65
69
|
end
|
|
66
70
|
|
|
67
71
|
def test_find_using_perishable_token_when_perished_2
|
|
68
72
|
User.perishable_token_valid_for = 1.minute
|
|
69
73
|
ben = users(:ben)
|
|
70
|
-
ActiveRecord::Base.connection.execute(
|
|
74
|
+
ActiveRecord::Base.connection.execute(
|
|
75
|
+
"UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}"
|
|
76
|
+
)
|
|
71
77
|
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
|
72
78
|
User.perishable_token_valid_for = 10.minutes
|
|
73
79
|
end
|
|
@@ -75,7 +81,9 @@ module ActsAsAuthenticTest
|
|
|
75
81
|
def test_find_using_perishable_token_when_passing_threshold
|
|
76
82
|
User.perishable_token_valid_for = 1.minute
|
|
77
83
|
ben = users(:ben)
|
|
78
|
-
ActiveRecord::Base.connection.execute(
|
|
84
|
+
ActiveRecord::Base.connection.execute(
|
|
85
|
+
"UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}"
|
|
86
|
+
)
|
|
79
87
|
assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
|
|
80
88
|
assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
|
|
81
89
|
User.perishable_token_valid_for = 10.minutes
|
|
@@ -83,7 +91,7 @@ module ActsAsAuthenticTest
|
|
|
83
91
|
|
|
84
92
|
def test_find_perishable_token_with_bang
|
|
85
93
|
assert_raises ActiveRecord::RecordNotFound do
|
|
86
|
-
User.find_using_perishable_token!(
|
|
94
|
+
User.find_using_perishable_token!("some_bad_value")
|
|
87
95
|
end
|
|
88
96
|
end
|
|
89
97
|
end
|
|
@@ -1,4 +1,6 @@
|
|
|
1
|
-
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "test_helper"
|
|
2
4
|
|
|
3
5
|
module ActsAsAuthenticTest
|
|
4
6
|
class PersistenceTokenTest < ActiveSupport::TestCase
|
|
@@ -29,6 +31,8 @@ module ActsAsAuthenticTest
|
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def test_forget_all
|
|
34
|
+
UserSession.allow_http_basic_auth = true
|
|
35
|
+
|
|
32
36
|
http_basic_auth_for(users(:ben)) { UserSession.find }
|
|
33
37
|
http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
|
|
34
38
|
assert UserSession.find
|
|
@@ -39,6 +43,8 @@ module ActsAsAuthenticTest
|
|
|
39
43
|
end
|
|
40
44
|
|
|
41
45
|
def test_forget
|
|
46
|
+
UserSession.allow_http_basic_auth = true
|
|
47
|
+
|
|
42
48
|
ben = users(:ben)
|
|
43
49
|
zack = users(:zack)
|
|
44
50
|
http_basic_auth_for(ben) { UserSession.find }
|