authlogic 3.8.0 → 6.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/authlogic/acts_as_authentic/base.rb +33 -36
- data/lib/authlogic/acts_as_authentic/email.rb +8 -141
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +17 -10
- data/lib/authlogic/acts_as_authentic/login.rb +14 -165
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +13 -10
- data/lib/authlogic/acts_as_authentic/password.rb +186 -254
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +30 -22
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +19 -18
- data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +83 -0
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +94 -62
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +28 -14
- data/lib/authlogic/config.rb +29 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +43 -13
- data/lib/authlogic/controller_adapters/rack_adapter.rb +11 -5
- data/lib/authlogic/controller_adapters/rails_adapter.rb +11 -29
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +8 -2
- data/lib/authlogic/cookie_credentials.rb +63 -0
- data/lib/authlogic/crypto_providers/bcrypt.rb +24 -18
- data/lib/authlogic/crypto_providers/md5/v2.rb +35 -0
- data/lib/authlogic/crypto_providers/md5.rb +8 -6
- data/lib/authlogic/crypto_providers/scrypt.rb +24 -17
- data/lib/authlogic/crypto_providers/sha1/v2.rb +41 -0
- data/lib/authlogic/crypto_providers/sha1.rb +12 -5
- data/lib/authlogic/crypto_providers/sha256/v2.rb +58 -0
- data/lib/authlogic/crypto_providers/sha256.rb +18 -9
- data/lib/authlogic/crypto_providers/sha512/v2.rb +39 -0
- data/lib/authlogic/crypto_providers/sha512.rb +9 -26
- data/lib/authlogic/crypto_providers.rb +77 -1
- data/lib/authlogic/errors.rb +35 -0
- data/lib/authlogic/i18n/translator.rb +4 -1
- data/lib/authlogic/i18n.rb +29 -20
- data/lib/authlogic/random.rb +12 -28
- data/lib/authlogic/session/base.rb +2087 -33
- data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
- data/lib/authlogic/test_case/mock_controller.rb +7 -4
- data/lib/authlogic/test_case/mock_cookie_jar.rb +19 -3
- data/lib/authlogic/test_case/mock_logger.rb +2 -0
- data/lib/authlogic/test_case/mock_request.rb +8 -3
- data/lib/authlogic/test_case/rails_request_adapter.rb +5 -2
- data/lib/authlogic/test_case.rb +74 -2
- data/lib/authlogic/version.rb +22 -0
- data/lib/authlogic.rb +33 -54
- metadata +208 -234
- data/.github/ISSUE_TEMPLATE.md +0 -13
- data/.gitignore +0 -14
- data/.rubocop.yml +0 -33
- data/.rubocop_todo.yml +0 -391
- data/.travis.yml +0 -48
- data/CHANGELOG.md +0 -5
- data/CONTRIBUTING.md +0 -60
- data/Gemfile +0 -5
- data/LICENSE +0 -20
- data/README.md +0 -294
- data/Rakefile +0 -21
- data/authlogic.gemspec +0 -27
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -70
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -32
- data/lib/authlogic/authenticates_many/association.rb +0 -50
- data/lib/authlogic/authenticates_many/base.rb +0 -65
- data/lib/authlogic/crypto_providers/aes256.rb +0 -66
- data/lib/authlogic/crypto_providers/wordpress.rb +0 -43
- data/lib/authlogic/regex.rb +0 -48
- data/lib/authlogic/session/activation.rb +0 -70
- data/lib/authlogic/session/active_record_trickery.rb +0 -61
- data/lib/authlogic/session/brute_force_protection.rb +0 -120
- data/lib/authlogic/session/callbacks.rb +0 -105
- data/lib/authlogic/session/cookies.rb +0 -244
- data/lib/authlogic/session/existence.rb +0 -93
- data/lib/authlogic/session/foundation.rb +0 -55
- data/lib/authlogic/session/http_auth.rb +0 -100
- data/lib/authlogic/session/id.rb +0 -48
- data/lib/authlogic/session/klass.rb +0 -70
- data/lib/authlogic/session/magic_columns.rb +0 -116
- data/lib/authlogic/session/magic_states.rb +0 -76
- data/lib/authlogic/session/params.rb +0 -116
- data/lib/authlogic/session/password.rb +0 -308
- data/lib/authlogic/session/perishable_token.rb +0 -23
- data/lib/authlogic/session/persistence.rb +0 -71
- data/lib/authlogic/session/priority_record.rb +0 -35
- data/lib/authlogic/session/scopes.rb +0 -119
- data/lib/authlogic/session/session.rb +0 -67
- data/lib/authlogic/session/timeout.rb +0 -103
- data/lib/authlogic/session/unauthorized_record.rb +0 -51
- data/lib/authlogic/session/validation.rb +0 -93
- data/test/acts_as_authentic_test/base_test.rb +0 -25
- data/test/acts_as_authentic_test/email_test.rb +0 -240
- data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -62
- data/test/acts_as_authentic_test/login_test.rb +0 -156
- data/test/acts_as_authentic_test/magic_columns_test.rb +0 -27
- data/test/acts_as_authentic_test/password_test.rb +0 -249
- data/test/acts_as_authentic_test/perishable_token_test.rb +0 -90
- data/test/acts_as_authentic_test/persistence_token_test.rb +0 -56
- data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -37
- data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -96
- data/test/acts_as_authentic_test/single_access_test.rb +0 -44
- data/test/authenticates_many_test.rb +0 -31
- data/test/config_test.rb +0 -36
- data/test/crypto_provider_test/aes256_test.rb +0 -14
- data/test/crypto_provider_test/bcrypt_test.rb +0 -14
- data/test/crypto_provider_test/scrypt_test.rb +0 -14
- data/test/crypto_provider_test/sha1_test.rb +0 -23
- data/test/crypto_provider_test/sha256_test.rb +0 -14
- data/test/crypto_provider_test/sha512_test.rb +0 -14
- data/test/fixtures/companies.yml +0 -5
- data/test/fixtures/employees.yml +0 -17
- data/test/fixtures/projects.yml +0 -3
- data/test/fixtures/users.yml +0 -41
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-5.0.x +0 -6
- data/test/gemfiles/Gemfile.rails-5.1.x +0 -6
- data/test/gemfiles/Gemfile.rails-5.2.x +0 -6
- data/test/i18n/lol.yml +0 -4
- data/test/i18n_test.rb +0 -33
- data/test/libs/affiliate.rb +0 -7
- data/test/libs/company.rb +0 -6
- data/test/libs/employee.rb +0 -7
- data/test/libs/employee_session.rb +0 -2
- data/test/libs/ldaper.rb +0 -3
- data/test/libs/project.rb +0 -3
- data/test/libs/user.rb +0 -7
- data/test/libs/user_session.rb +0 -25
- data/test/random_test.rb +0 -43
- data/test/session_test/activation_test.rb +0 -43
- data/test/session_test/active_record_trickery_test.rb +0 -75
- data/test/session_test/brute_force_protection_test.rb +0 -108
- data/test/session_test/callbacks_test.rb +0 -34
- data/test/session_test/cookies_test.rb +0 -201
- data/test/session_test/credentials_test.rb +0 -0
- data/test/session_test/existence_test.rb +0 -75
- data/test/session_test/foundation_test.rb +0 -6
- data/test/session_test/http_auth_test.rb +0 -56
- data/test/session_test/id_test.rb +0 -17
- data/test/session_test/klass_test.rb +0 -40
- data/test/session_test/magic_columns_test.rb +0 -62
- data/test/session_test/magic_states_test.rb +0 -58
- data/test/session_test/params_test.rb +0 -53
- data/test/session_test/password_test.rb +0 -105
- data/test/session_test/perishability_test.rb +0 -15
- data/test/session_test/persistence_test.rb +0 -32
- data/test/session_test/scopes_test.rb +0 -60
- data/test/session_test/session_test.rb +0 -78
- data/test/session_test/timeout_test.rb +0 -82
- data/test/session_test/unauthorized_record_test.rb +0 -13
- data/test/session_test/validation_test.rb +0 -23
- data/test/test_helper.rb +0 -233
@@ -1,75 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module ActiveRecordTrickeryTest
|
5
|
-
class ClassMethodsTest < ActiveSupport::TestCase
|
6
|
-
i_suck_and_my_tests_are_order_dependent! # If test_human_name is executed after test_i18n_of_human_name the test will fail.
|
7
|
-
|
8
|
-
def test_human_attribute_name
|
9
|
-
assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
|
10
|
-
assert_equal "Some attribute", UserSession.human_attribute_name(:some_attribute)
|
11
|
-
end
|
12
|
-
|
13
|
-
def test_human_name
|
14
|
-
assert_equal "Usersession", UserSession.human_name
|
15
|
-
end
|
16
|
-
|
17
|
-
def test_i18n_of_human_name
|
18
|
-
I18n.backend.store_translations 'en', :authlogic => { :models => { :user_session => "MySession" } }
|
19
|
-
assert_equal "MySession", UserSession.human_name
|
20
|
-
end
|
21
|
-
|
22
|
-
def test_i18n_of_model_name_human
|
23
|
-
I18n.backend.store_translations 'en', :authlogic => { :models => { :user_session => "MySession" } }
|
24
|
-
assert_equal "MySession", UserSession.model_name.human
|
25
|
-
end
|
26
|
-
|
27
|
-
def test_model_name
|
28
|
-
assert_equal "UserSession", UserSession.model_name.name
|
29
|
-
assert_equal "user_session", UserSession.model_name.singular
|
30
|
-
assert_equal "user_sessions", UserSession.model_name.plural
|
31
|
-
end
|
32
|
-
end
|
33
|
-
|
34
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
35
|
-
def test_new_record
|
36
|
-
session = UserSession.new
|
37
|
-
assert session.new_record?
|
38
|
-
end
|
39
|
-
|
40
|
-
def test_to_key
|
41
|
-
ben = users(:ben)
|
42
|
-
session = UserSession.new(ben)
|
43
|
-
assert_nil session.to_key
|
44
|
-
|
45
|
-
session.save
|
46
|
-
assert_not_nil session.to_key
|
47
|
-
assert_equal ben.to_key, session.to_key
|
48
|
-
end
|
49
|
-
|
50
|
-
def test_persisted
|
51
|
-
session = UserSession.new(users(:ben))
|
52
|
-
refute session.persisted?
|
53
|
-
|
54
|
-
session.save
|
55
|
-
assert session.persisted?
|
56
|
-
|
57
|
-
session.destroy
|
58
|
-
refute session.persisted?
|
59
|
-
end
|
60
|
-
|
61
|
-
def test_destroyed?
|
62
|
-
session = UserSession.create(users(:ben))
|
63
|
-
refute session.destroyed?
|
64
|
-
|
65
|
-
session.destroy
|
66
|
-
assert session.destroyed?
|
67
|
-
end
|
68
|
-
|
69
|
-
def test_to_model
|
70
|
-
session = UserSession.new
|
71
|
-
assert_equal session, session.to_model
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
@@ -1,108 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module BruteForceProtectionTest
|
5
|
-
class ConfigTest < ActiveSupport::TestCase
|
6
|
-
def test_consecutive_failed_logins_limit
|
7
|
-
UserSession.consecutive_failed_logins_limit = 10
|
8
|
-
assert_equal 10, UserSession.consecutive_failed_logins_limit
|
9
|
-
|
10
|
-
UserSession.consecutive_failed_logins_limit 50
|
11
|
-
assert_equal 50, UserSession.consecutive_failed_logins_limit
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_failed_login_ban_for
|
15
|
-
UserSession.failed_login_ban_for = 10
|
16
|
-
assert_equal 10, UserSession.failed_login_ban_for
|
17
|
-
|
18
|
-
UserSession.failed_login_ban_for 2.hours
|
19
|
-
assert_equal 2.hours.to_i, UserSession.failed_login_ban_for
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
24
|
-
def test_under_limit
|
25
|
-
ben = users(:ben)
|
26
|
-
ben.failed_login_count = UserSession.consecutive_failed_logins_limit - 1
|
27
|
-
assert ben.save
|
28
|
-
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
29
|
-
refute session.new_session?
|
30
|
-
end
|
31
|
-
|
32
|
-
def test_exceeded_limit
|
33
|
-
ben = users(:ben)
|
34
|
-
ben.failed_login_count = UserSession.consecutive_failed_logins_limit
|
35
|
-
assert ben.save
|
36
|
-
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
37
|
-
assert session.new_session?
|
38
|
-
assert UserSession.create(ben).new_session?
|
39
|
-
ben.reload
|
40
|
-
ben.updated_at = (UserSession.failed_login_ban_for + 2.hours.to_i).seconds.ago
|
41
|
-
refute UserSession.create(ben).new_session?
|
42
|
-
end
|
43
|
-
|
44
|
-
def test_exceeding_failed_logins_limit
|
45
|
-
UserSession.consecutive_failed_logins_limit = 2
|
46
|
-
ben = users(:ben)
|
47
|
-
|
48
|
-
2.times do |i|
|
49
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
50
|
-
refute session.save
|
51
|
-
refute session.errors[:password].empty?
|
52
|
-
assert_equal i + 1, ben.reload.failed_login_count
|
53
|
-
end
|
54
|
-
|
55
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword2")
|
56
|
-
refute session.save
|
57
|
-
assert session.errors[:password].empty?
|
58
|
-
assert_equal 3, ben.reload.failed_login_count
|
59
|
-
|
60
|
-
UserSession.consecutive_failed_logins_limit = 50
|
61
|
-
end
|
62
|
-
|
63
|
-
def test_exceeded_ban_for
|
64
|
-
UserSession.consecutive_failed_logins_limit = 2
|
65
|
-
UserSession.generalize_credentials_error_messages true
|
66
|
-
ben = users(:ben)
|
67
|
-
|
68
|
-
2.times do |i|
|
69
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
70
|
-
refute session.save
|
71
|
-
assert session.invalid_password?
|
72
|
-
assert_equal i + 1, ben.reload.failed_login_count
|
73
|
-
end
|
74
|
-
|
75
|
-
ActiveRecord::Base.connection.execute(
|
76
|
-
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
77
|
-
)
|
78
|
-
session = UserSession.new(:login => ben.login, :password => "benrocks")
|
79
|
-
assert session.save
|
80
|
-
assert_equal 0, ben.reload.failed_login_count
|
81
|
-
|
82
|
-
UserSession.consecutive_failed_logins_limit = 50
|
83
|
-
UserSession.generalize_credentials_error_messages false
|
84
|
-
end
|
85
|
-
|
86
|
-
def test_exceeded_ban_and_failed_doesnt_ban_again
|
87
|
-
UserSession.consecutive_failed_logins_limit = 2
|
88
|
-
ben = users(:ben)
|
89
|
-
|
90
|
-
2.times do |i|
|
91
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
92
|
-
refute session.save
|
93
|
-
refute session.errors[:password].empty?
|
94
|
-
assert_equal i + 1, ben.reload.failed_login_count
|
95
|
-
end
|
96
|
-
|
97
|
-
ActiveRecord::Base.connection.execute(
|
98
|
-
"update users set updated_at = '#{1.day.ago.to_s(:db)}' where login = '#{ben.login}'"
|
99
|
-
)
|
100
|
-
session = UserSession.new(:login => ben.login, :password => "badpassword1")
|
101
|
-
refute session.save
|
102
|
-
assert_equal 1, ben.reload.failed_login_count
|
103
|
-
|
104
|
-
UserSession.consecutive_failed_logins_limit = 50
|
105
|
-
end
|
106
|
-
end
|
107
|
-
end
|
108
|
-
end
|
@@ -1,34 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
class CallbacksTest < ActiveSupport::TestCase
|
5
|
-
def setup
|
6
|
-
WackyUserSession.reset_callbacks(:persist)
|
7
|
-
end
|
8
|
-
|
9
|
-
def test_no_callbacks
|
10
|
-
assert_equal [], WackyUserSession._persist_callbacks.map(&:filter)
|
11
|
-
session = WackyUserSession.new
|
12
|
-
session.send(:persist)
|
13
|
-
assert_equal 0, session.counter
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_true_callback_cancelling_later_callbacks
|
17
|
-
WackyUserSession.persist :persist_by_true, :persist_by_false
|
18
|
-
assert_equal [:persist_by_true, :persist_by_false], WackyUserSession._persist_callbacks.map(&:filter)
|
19
|
-
|
20
|
-
session = WackyUserSession.new
|
21
|
-
session.send(:persist)
|
22
|
-
assert_equal 1, session.counter
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_false_callback_continuing_to_later_callbacks
|
26
|
-
WackyUserSession.persist :persist_by_false, :persist_by_true
|
27
|
-
assert_equal [:persist_by_false, :persist_by_true], WackyUserSession._persist_callbacks.map(&:filter)
|
28
|
-
|
29
|
-
session = WackyUserSession.new
|
30
|
-
session.send(:persist)
|
31
|
-
assert_equal 2, session.counter
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
@@ -1,201 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module CookiesTest
|
5
|
-
class ConfiTest < ActiveSupport::TestCase
|
6
|
-
def test_cookie_key
|
7
|
-
UserSession.cookie_key = "my_cookie_key"
|
8
|
-
assert_equal "my_cookie_key", UserSession.cookie_key
|
9
|
-
|
10
|
-
UserSession.cookie_key "user_credentials"
|
11
|
-
assert_equal "user_credentials", UserSession.cookie_key
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_default_cookie_key
|
15
|
-
assert_equal "user_credentials", UserSession.cookie_key
|
16
|
-
assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
|
17
|
-
end
|
18
|
-
|
19
|
-
def test_remember_me
|
20
|
-
UserSession.remember_me = true
|
21
|
-
assert_equal true, UserSession.remember_me
|
22
|
-
session = UserSession.new
|
23
|
-
assert_equal true, session.remember_me
|
24
|
-
|
25
|
-
UserSession.remember_me false
|
26
|
-
assert_equal false, UserSession.remember_me
|
27
|
-
session = UserSession.new
|
28
|
-
assert_equal false, session.remember_me
|
29
|
-
end
|
30
|
-
|
31
|
-
def test_remember_me_for
|
32
|
-
UserSession.remember_me_for = 3.years
|
33
|
-
assert_equal 3.years, UserSession.remember_me_for
|
34
|
-
session = UserSession.new
|
35
|
-
session.remember_me = true
|
36
|
-
assert_equal 3.years, session.remember_me_for
|
37
|
-
|
38
|
-
UserSession.remember_me_for 3.months
|
39
|
-
assert_equal 3.months, UserSession.remember_me_for
|
40
|
-
session = UserSession.new
|
41
|
-
session.remember_me = true
|
42
|
-
assert_equal 3.months, session.remember_me_for
|
43
|
-
end
|
44
|
-
|
45
|
-
def test_secure
|
46
|
-
UserSession.secure = true
|
47
|
-
assert_equal true, UserSession.secure
|
48
|
-
session = UserSession.new
|
49
|
-
assert_equal true, session.secure
|
50
|
-
|
51
|
-
UserSession.secure false
|
52
|
-
assert_equal false, UserSession.secure
|
53
|
-
session = UserSession.new
|
54
|
-
assert_equal false, session.secure
|
55
|
-
end
|
56
|
-
|
57
|
-
def test_httponly
|
58
|
-
UserSession.httponly = true
|
59
|
-
assert_equal true, UserSession.httponly
|
60
|
-
session = UserSession.new
|
61
|
-
assert_equal true, session.httponly
|
62
|
-
|
63
|
-
UserSession.httponly false
|
64
|
-
assert_equal false, UserSession.httponly
|
65
|
-
session = UserSession.new
|
66
|
-
assert_equal false, session.httponly
|
67
|
-
end
|
68
|
-
|
69
|
-
def test_sign_cookie
|
70
|
-
UserSession.sign_cookie = true
|
71
|
-
assert_equal true, UserSession.sign_cookie
|
72
|
-
session = UserSession.new
|
73
|
-
assert_equal true, session.sign_cookie
|
74
|
-
|
75
|
-
UserSession.sign_cookie false
|
76
|
-
assert_equal false, UserSession.sign_cookie
|
77
|
-
session = UserSession.new
|
78
|
-
assert_equal false, session.sign_cookie
|
79
|
-
end
|
80
|
-
end
|
81
|
-
|
82
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
83
|
-
def test_credentials
|
84
|
-
session = UserSession.new
|
85
|
-
session.credentials = { :remember_me => true }
|
86
|
-
assert_equal true, session.remember_me
|
87
|
-
end
|
88
|
-
|
89
|
-
def test_remember_me
|
90
|
-
session = UserSession.new
|
91
|
-
assert_equal false, session.remember_me
|
92
|
-
refute session.remember_me?
|
93
|
-
|
94
|
-
session.remember_me = false
|
95
|
-
assert_equal false, session.remember_me
|
96
|
-
refute session.remember_me?
|
97
|
-
|
98
|
-
session.remember_me = true
|
99
|
-
assert_equal true, session.remember_me
|
100
|
-
assert session.remember_me?
|
101
|
-
|
102
|
-
session.remember_me = nil
|
103
|
-
assert_nil session.remember_me
|
104
|
-
refute session.remember_me?
|
105
|
-
|
106
|
-
session.remember_me = "1"
|
107
|
-
assert_equal "1", session.remember_me
|
108
|
-
assert session.remember_me?
|
109
|
-
|
110
|
-
session.remember_me = "true"
|
111
|
-
assert_equal "true", session.remember_me
|
112
|
-
assert session.remember_me?
|
113
|
-
end
|
114
|
-
|
115
|
-
def test_remember_me_until
|
116
|
-
session = UserSession.new
|
117
|
-
assert_nil session.remember_me_until
|
118
|
-
|
119
|
-
session.remember_me = true
|
120
|
-
assert 3.months.from_now <= session.remember_me_until
|
121
|
-
end
|
122
|
-
|
123
|
-
def test_persist_persist_by_cookie
|
124
|
-
ben = users(:ben)
|
125
|
-
refute UserSession.find
|
126
|
-
set_cookie_for(ben)
|
127
|
-
assert session = UserSession.find
|
128
|
-
assert_equal ben, session.record
|
129
|
-
end
|
130
|
-
|
131
|
-
def test_persist_persist_by_cookie_with_blank_persistence_token
|
132
|
-
ben = users(:ben)
|
133
|
-
ben.update_column(:persistence_token, "")
|
134
|
-
refute UserSession.find
|
135
|
-
set_cookie_for(ben)
|
136
|
-
refute UserSession.find
|
137
|
-
end
|
138
|
-
|
139
|
-
def test_remember_me_expired
|
140
|
-
ben = users(:ben)
|
141
|
-
session = UserSession.new(ben)
|
142
|
-
session.remember_me = true
|
143
|
-
assert session.save
|
144
|
-
refute session.remember_me_expired?
|
145
|
-
|
146
|
-
session = UserSession.new(ben)
|
147
|
-
session.remember_me = false
|
148
|
-
assert session.save
|
149
|
-
refute session.remember_me_expired?
|
150
|
-
end
|
151
|
-
|
152
|
-
def test_after_save_save_cookie
|
153
|
-
ben = users(:ben)
|
154
|
-
session = UserSession.new(ben)
|
155
|
-
assert session.save
|
156
|
-
assert_equal(
|
157
|
-
"#{ben.persistence_token}::#{ben.id}",
|
158
|
-
controller.cookies["user_credentials"]
|
159
|
-
)
|
160
|
-
end
|
161
|
-
|
162
|
-
def test_after_save_save_cookie_signed
|
163
|
-
ben = users(:ben)
|
164
|
-
|
165
|
-
assert_nil controller.cookies["user_credentials"]
|
166
|
-
payload = "#{ben.persistence_token}::#{ben.id}"
|
167
|
-
|
168
|
-
session = UserSession.new(ben)
|
169
|
-
session.sign_cookie = true
|
170
|
-
assert session.save
|
171
|
-
assert_equal payload, controller.cookies.signed["user_credentials"]
|
172
|
-
assert_equal(
|
173
|
-
"#{payload}--#{Digest::SHA1.hexdigest payload}",
|
174
|
-
controller.cookies.signed.parent_jar["user_credentials"]
|
175
|
-
)
|
176
|
-
end
|
177
|
-
|
178
|
-
def test_after_save_save_cookie_with_remember_me
|
179
|
-
Timecop.freeze do
|
180
|
-
ben = users(:ben)
|
181
|
-
session = UserSession.new(ben)
|
182
|
-
session.remember_me = true
|
183
|
-
assert session.save
|
184
|
-
assert_equal(
|
185
|
-
"#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
|
186
|
-
controller.cookies["user_credentials"]
|
187
|
-
)
|
188
|
-
end
|
189
|
-
end
|
190
|
-
|
191
|
-
def test_after_destroy_destroy_cookie
|
192
|
-
ben = users(:ben)
|
193
|
-
set_cookie_for(ben)
|
194
|
-
session = UserSession.find
|
195
|
-
assert controller.cookies["user_credentials"]
|
196
|
-
assert session.destroy
|
197
|
-
refute controller.cookies["user_credentials"]
|
198
|
-
end
|
199
|
-
end
|
200
|
-
end
|
201
|
-
end
|
File without changes
|
@@ -1,75 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module ExistenceTest
|
5
|
-
class ClassMethodsTest < ActiveSupport::TestCase
|
6
|
-
def test_create_with_good_credentials
|
7
|
-
ben = users(:ben)
|
8
|
-
session = UserSession.create(:login => ben.login, :password => "benrocks")
|
9
|
-
refute session.new_session?
|
10
|
-
end
|
11
|
-
|
12
|
-
def test_create_with_bad_credentials
|
13
|
-
session = UserSession.create(:login => "somelogin", :password => "badpw2")
|
14
|
-
assert session.new_session?
|
15
|
-
end
|
16
|
-
|
17
|
-
def test_create_bang
|
18
|
-
ben = users(:ben)
|
19
|
-
err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
|
20
|
-
UserSession.create!(:login => ben.login, :password => "badpw")
|
21
|
-
end
|
22
|
-
assert_includes err.message, "Password is not valid"
|
23
|
-
refute UserSession.create!(:login => ben.login, :password => "benrocks").new_session?
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
28
|
-
def test_new_session
|
29
|
-
session = UserSession.new
|
30
|
-
assert session.new_session?
|
31
|
-
|
32
|
-
set_session_for(users(:ben))
|
33
|
-
session = UserSession.find
|
34
|
-
refute session.new_session?
|
35
|
-
end
|
36
|
-
|
37
|
-
def test_save_with_nothing
|
38
|
-
session = UserSession.new
|
39
|
-
refute session.save
|
40
|
-
assert session.new_session?
|
41
|
-
end
|
42
|
-
|
43
|
-
def test_save_with_block
|
44
|
-
session = UserSession.new
|
45
|
-
block_result = session.save do |result|
|
46
|
-
refute result
|
47
|
-
end
|
48
|
-
refute block_result
|
49
|
-
assert session.new_session?
|
50
|
-
end
|
51
|
-
|
52
|
-
def test_save_with_bang
|
53
|
-
session = UserSession.new
|
54
|
-
assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
|
55
|
-
|
56
|
-
session.unauthorized_record = users(:ben)
|
57
|
-
assert_nothing_raised { session.save! }
|
58
|
-
end
|
59
|
-
|
60
|
-
def test_destroy
|
61
|
-
ben = users(:ben)
|
62
|
-
session = UserSession.new
|
63
|
-
refute session.valid?
|
64
|
-
refute session.errors.empty?
|
65
|
-
assert session.destroy
|
66
|
-
assert session.errors.empty?
|
67
|
-
session.unauthorized_record = ben
|
68
|
-
assert session.save
|
69
|
-
assert session.record
|
70
|
-
assert session.destroy
|
71
|
-
refute session.record
|
72
|
-
end
|
73
|
-
end
|
74
|
-
end
|
75
|
-
end
|
@@ -1,56 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
class HttpAuthTest < ActiveSupport::TestCase
|
5
|
-
class ConfiTest < ActiveSupport::TestCase
|
6
|
-
def test_allow_http_basic_auth
|
7
|
-
UserSession.allow_http_basic_auth = false
|
8
|
-
assert_equal false, UserSession.allow_http_basic_auth
|
9
|
-
|
10
|
-
UserSession.allow_http_basic_auth true
|
11
|
-
assert_equal true, UserSession.allow_http_basic_auth
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_request_http_basic_auth
|
15
|
-
UserSession.request_http_basic_auth = true
|
16
|
-
assert_equal true, UserSession.request_http_basic_auth
|
17
|
-
|
18
|
-
UserSession.request_http_basic_auth = false
|
19
|
-
assert_equal false, UserSession.request_http_basic_auth
|
20
|
-
end
|
21
|
-
|
22
|
-
def test_http_basic_auth_realm
|
23
|
-
assert_equal 'Application', UserSession.http_basic_auth_realm
|
24
|
-
UserSession.http_basic_auth_realm = 'TestRealm'
|
25
|
-
assert_equal 'TestRealm', UserSession.http_basic_auth_realm
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
30
|
-
def test_persist_persist_by_http_auth
|
31
|
-
aaron = users(:aaron)
|
32
|
-
http_basic_auth_for do
|
33
|
-
refute UserSession.find
|
34
|
-
end
|
35
|
-
http_basic_auth_for(aaron) do
|
36
|
-
assert session = UserSession.find
|
37
|
-
assert_equal aaron, session.record
|
38
|
-
assert_equal aaron.login, session.login
|
39
|
-
assert_equal "aaronrocks", session.send(:protected_password)
|
40
|
-
refute controller.http_auth_requested?
|
41
|
-
end
|
42
|
-
unset_session
|
43
|
-
UserSession.request_http_basic_auth = true
|
44
|
-
UserSession.http_basic_auth_realm = 'PersistTestRealm'
|
45
|
-
http_basic_auth_for(aaron) do
|
46
|
-
assert session = UserSession.find
|
47
|
-
assert_equal aaron, session.record
|
48
|
-
assert_equal aaron.login, session.login
|
49
|
-
assert_equal "aaronrocks", session.send(:protected_password)
|
50
|
-
assert_equal 'PersistTestRealm', controller.realm
|
51
|
-
assert controller.http_auth_requested?
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
end
|
@@ -1,17 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
class IdTest < ActiveSupport::TestCase
|
5
|
-
def test_credentials
|
6
|
-
session = UserSession.new
|
7
|
-
session.credentials = [:my_id]
|
8
|
-
assert_equal :my_id, session.id
|
9
|
-
end
|
10
|
-
|
11
|
-
def test_id
|
12
|
-
session = UserSession.new
|
13
|
-
session.id = :my_id
|
14
|
-
assert_equal :my_id, session.id
|
15
|
-
end
|
16
|
-
end
|
17
|
-
end
|
@@ -1,40 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module KlassTest
|
5
|
-
class ConfigTest < ActiveSupport::TestCase
|
6
|
-
def test_authenticate_with
|
7
|
-
UserSession.authenticate_with = Employee
|
8
|
-
assert_equal "Employee", UserSession.klass_name
|
9
|
-
assert_equal Employee, UserSession.klass
|
10
|
-
|
11
|
-
UserSession.authenticate_with User
|
12
|
-
assert_equal "User", UserSession.klass_name
|
13
|
-
assert_equal User, UserSession.klass
|
14
|
-
end
|
15
|
-
|
16
|
-
def test_klass
|
17
|
-
assert_equal User, UserSession.klass
|
18
|
-
end
|
19
|
-
|
20
|
-
def test_klass_name
|
21
|
-
assert_equal "User", UserSession.klass_name
|
22
|
-
end
|
23
|
-
|
24
|
-
def test_klass_name_uses_custom_name
|
25
|
-
assert_equal "User", UserSession.klass_name
|
26
|
-
assert_equal "BackOfficeUser", BackOfficeUserSession.klass_name
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
31
|
-
def test_record_method
|
32
|
-
ben = users(:ben)
|
33
|
-
set_session_for(ben)
|
34
|
-
session = UserSession.find
|
35
|
-
assert_equal ben, session.record
|
36
|
-
assert_equal ben, session.user
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
40
|
-
end
|
@@ -1,62 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
module SessionTest
|
4
|
-
module MagicColumnsTest
|
5
|
-
class ConfigTest < ActiveSupport::TestCase
|
6
|
-
def test_last_request_at_threshold_config
|
7
|
-
UserSession.last_request_at_threshold = 2.minutes
|
8
|
-
assert_equal 2.minutes, UserSession.last_request_at_threshold
|
9
|
-
|
10
|
-
UserSession.last_request_at_threshold 0
|
11
|
-
assert_equal 0, UserSession.last_request_at_threshold
|
12
|
-
end
|
13
|
-
end
|
14
|
-
|
15
|
-
class InstanceMethodsTest < ActiveSupport::TestCase
|
16
|
-
def test_after_persisting_set_last_request_at
|
17
|
-
ben = users(:ben)
|
18
|
-
refute UserSession.create(ben).new_session?
|
19
|
-
|
20
|
-
set_cookie_for(ben)
|
21
|
-
old_last_request_at = ben.last_request_at
|
22
|
-
assert UserSession.find
|
23
|
-
ben.reload
|
24
|
-
assert ben.last_request_at != old_last_request_at
|
25
|
-
end
|
26
|
-
|
27
|
-
def test_valid_increase_failed_login_count
|
28
|
-
ben = users(:ben)
|
29
|
-
old_failed_login_count = ben.failed_login_count
|
30
|
-
session = UserSession.create(:login => ben.login, :password => "wrong")
|
31
|
-
assert session.new_session?
|
32
|
-
ben.reload
|
33
|
-
assert_equal old_failed_login_count + 1, ben.failed_login_count
|
34
|
-
end
|
35
|
-
|
36
|
-
def test_before_save_update_info
|
37
|
-
aaron = users(:aaron)
|
38
|
-
|
39
|
-
# increase failed login count
|
40
|
-
session = UserSession.create(:login => aaron.login, :password => "wrong")
|
41
|
-
assert session.new_session?
|
42
|
-
aaron.reload
|
43
|
-
|
44
|
-
# grab old values
|
45
|
-
old_login_count = aaron.login_count
|
46
|
-
old_current_login_at = aaron.current_login_at
|
47
|
-
old_current_login_ip = aaron.current_login_ip
|
48
|
-
|
49
|
-
session = UserSession.create(:login => aaron.login, :password => "aaronrocks")
|
50
|
-
assert session.valid?
|
51
|
-
|
52
|
-
aaron.reload
|
53
|
-
assert_equal old_login_count + 1, aaron.login_count
|
54
|
-
assert_equal 0, aaron.failed_login_count
|
55
|
-
assert_equal old_current_login_at, aaron.last_login_at
|
56
|
-
assert aaron.current_login_at != old_current_login_at
|
57
|
-
assert_equal old_current_login_ip, aaron.last_login_ip
|
58
|
-
assert_equal "1.1.1.1", aaron.current_login_ip
|
59
|
-
end
|
60
|
-
end
|
61
|
-
end
|
62
|
-
end
|