authlogic 3.8.0 → 6.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. checksums.yaml +7 -0
  2. data/lib/authlogic/acts_as_authentic/base.rb +33 -36
  3. data/lib/authlogic/acts_as_authentic/email.rb +8 -141
  4. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +17 -10
  5. data/lib/authlogic/acts_as_authentic/login.rb +14 -165
  6. data/lib/authlogic/acts_as_authentic/magic_columns.rb +13 -10
  7. data/lib/authlogic/acts_as_authentic/password.rb +186 -254
  8. data/lib/authlogic/acts_as_authentic/perishable_token.rb +30 -22
  9. data/lib/authlogic/acts_as_authentic/persistence_token.rb +19 -18
  10. data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
  11. data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +83 -0
  12. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +94 -62
  13. data/lib/authlogic/acts_as_authentic/single_access_token.rb +28 -14
  14. data/lib/authlogic/config.rb +29 -10
  15. data/lib/authlogic/controller_adapters/abstract_adapter.rb +43 -13
  16. data/lib/authlogic/controller_adapters/rack_adapter.rb +11 -5
  17. data/lib/authlogic/controller_adapters/rails_adapter.rb +11 -29
  18. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +8 -2
  19. data/lib/authlogic/cookie_credentials.rb +63 -0
  20. data/lib/authlogic/crypto_providers/bcrypt.rb +24 -18
  21. data/lib/authlogic/crypto_providers/md5/v2.rb +35 -0
  22. data/lib/authlogic/crypto_providers/md5.rb +8 -6
  23. data/lib/authlogic/crypto_providers/scrypt.rb +24 -17
  24. data/lib/authlogic/crypto_providers/sha1/v2.rb +41 -0
  25. data/lib/authlogic/crypto_providers/sha1.rb +12 -5
  26. data/lib/authlogic/crypto_providers/sha256/v2.rb +58 -0
  27. data/lib/authlogic/crypto_providers/sha256.rb +18 -9
  28. data/lib/authlogic/crypto_providers/sha512/v2.rb +39 -0
  29. data/lib/authlogic/crypto_providers/sha512.rb +9 -26
  30. data/lib/authlogic/crypto_providers.rb +77 -1
  31. data/lib/authlogic/errors.rb +35 -0
  32. data/lib/authlogic/i18n/translator.rb +4 -1
  33. data/lib/authlogic/i18n.rb +29 -20
  34. data/lib/authlogic/random.rb +12 -28
  35. data/lib/authlogic/session/base.rb +2087 -33
  36. data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
  37. data/lib/authlogic/test_case/mock_controller.rb +7 -4
  38. data/lib/authlogic/test_case/mock_cookie_jar.rb +19 -3
  39. data/lib/authlogic/test_case/mock_logger.rb +2 -0
  40. data/lib/authlogic/test_case/mock_request.rb +8 -3
  41. data/lib/authlogic/test_case/rails_request_adapter.rb +5 -2
  42. data/lib/authlogic/test_case.rb +74 -2
  43. data/lib/authlogic/version.rb +22 -0
  44. data/lib/authlogic.rb +33 -54
  45. metadata +208 -234
  46. data/.github/ISSUE_TEMPLATE.md +0 -13
  47. data/.gitignore +0 -14
  48. data/.rubocop.yml +0 -33
  49. data/.rubocop_todo.yml +0 -391
  50. data/.travis.yml +0 -48
  51. data/CHANGELOG.md +0 -5
  52. data/CONTRIBUTING.md +0 -60
  53. data/Gemfile +0 -5
  54. data/LICENSE +0 -20
  55. data/README.md +0 -294
  56. data/Rakefile +0 -21
  57. data/authlogic.gemspec +0 -27
  58. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -70
  59. data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -32
  60. data/lib/authlogic/authenticates_many/association.rb +0 -50
  61. data/lib/authlogic/authenticates_many/base.rb +0 -65
  62. data/lib/authlogic/crypto_providers/aes256.rb +0 -66
  63. data/lib/authlogic/crypto_providers/wordpress.rb +0 -43
  64. data/lib/authlogic/regex.rb +0 -48
  65. data/lib/authlogic/session/activation.rb +0 -70
  66. data/lib/authlogic/session/active_record_trickery.rb +0 -61
  67. data/lib/authlogic/session/brute_force_protection.rb +0 -120
  68. data/lib/authlogic/session/callbacks.rb +0 -105
  69. data/lib/authlogic/session/cookies.rb +0 -244
  70. data/lib/authlogic/session/existence.rb +0 -93
  71. data/lib/authlogic/session/foundation.rb +0 -55
  72. data/lib/authlogic/session/http_auth.rb +0 -100
  73. data/lib/authlogic/session/id.rb +0 -48
  74. data/lib/authlogic/session/klass.rb +0 -70
  75. data/lib/authlogic/session/magic_columns.rb +0 -116
  76. data/lib/authlogic/session/magic_states.rb +0 -76
  77. data/lib/authlogic/session/params.rb +0 -116
  78. data/lib/authlogic/session/password.rb +0 -308
  79. data/lib/authlogic/session/perishable_token.rb +0 -23
  80. data/lib/authlogic/session/persistence.rb +0 -71
  81. data/lib/authlogic/session/priority_record.rb +0 -35
  82. data/lib/authlogic/session/scopes.rb +0 -119
  83. data/lib/authlogic/session/session.rb +0 -67
  84. data/lib/authlogic/session/timeout.rb +0 -103
  85. data/lib/authlogic/session/unauthorized_record.rb +0 -51
  86. data/lib/authlogic/session/validation.rb +0 -93
  87. data/test/acts_as_authentic_test/base_test.rb +0 -25
  88. data/test/acts_as_authentic_test/email_test.rb +0 -240
  89. data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -62
  90. data/test/acts_as_authentic_test/login_test.rb +0 -156
  91. data/test/acts_as_authentic_test/magic_columns_test.rb +0 -27
  92. data/test/acts_as_authentic_test/password_test.rb +0 -249
  93. data/test/acts_as_authentic_test/perishable_token_test.rb +0 -90
  94. data/test/acts_as_authentic_test/persistence_token_test.rb +0 -56
  95. data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -37
  96. data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -96
  97. data/test/acts_as_authentic_test/single_access_test.rb +0 -44
  98. data/test/authenticates_many_test.rb +0 -31
  99. data/test/config_test.rb +0 -36
  100. data/test/crypto_provider_test/aes256_test.rb +0 -14
  101. data/test/crypto_provider_test/bcrypt_test.rb +0 -14
  102. data/test/crypto_provider_test/scrypt_test.rb +0 -14
  103. data/test/crypto_provider_test/sha1_test.rb +0 -23
  104. data/test/crypto_provider_test/sha256_test.rb +0 -14
  105. data/test/crypto_provider_test/sha512_test.rb +0 -14
  106. data/test/fixtures/companies.yml +0 -5
  107. data/test/fixtures/employees.yml +0 -17
  108. data/test/fixtures/projects.yml +0 -3
  109. data/test/fixtures/users.yml +0 -41
  110. data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
  111. data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
  112. data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
  113. data/test/gemfiles/Gemfile.rails-4.2.x +0 -7
  114. data/test/gemfiles/Gemfile.rails-5.0.x +0 -6
  115. data/test/gemfiles/Gemfile.rails-5.1.x +0 -6
  116. data/test/gemfiles/Gemfile.rails-5.2.x +0 -6
  117. data/test/i18n/lol.yml +0 -4
  118. data/test/i18n_test.rb +0 -33
  119. data/test/libs/affiliate.rb +0 -7
  120. data/test/libs/company.rb +0 -6
  121. data/test/libs/employee.rb +0 -7
  122. data/test/libs/employee_session.rb +0 -2
  123. data/test/libs/ldaper.rb +0 -3
  124. data/test/libs/project.rb +0 -3
  125. data/test/libs/user.rb +0 -7
  126. data/test/libs/user_session.rb +0 -25
  127. data/test/random_test.rb +0 -43
  128. data/test/session_test/activation_test.rb +0 -43
  129. data/test/session_test/active_record_trickery_test.rb +0 -75
  130. data/test/session_test/brute_force_protection_test.rb +0 -108
  131. data/test/session_test/callbacks_test.rb +0 -34
  132. data/test/session_test/cookies_test.rb +0 -201
  133. data/test/session_test/credentials_test.rb +0 -0
  134. data/test/session_test/existence_test.rb +0 -75
  135. data/test/session_test/foundation_test.rb +0 -6
  136. data/test/session_test/http_auth_test.rb +0 -56
  137. data/test/session_test/id_test.rb +0 -17
  138. data/test/session_test/klass_test.rb +0 -40
  139. data/test/session_test/magic_columns_test.rb +0 -62
  140. data/test/session_test/magic_states_test.rb +0 -58
  141. data/test/session_test/params_test.rb +0 -53
  142. data/test/session_test/password_test.rb +0 -105
  143. data/test/session_test/perishability_test.rb +0 -15
  144. data/test/session_test/persistence_test.rb +0 -32
  145. data/test/session_test/scopes_test.rb +0 -60
  146. data/test/session_test/session_test.rb +0 -78
  147. data/test/session_test/timeout_test.rb +0 -82
  148. data/test/session_test/unauthorized_record_test.rb +0 -13
  149. data/test/session_test/validation_test.rb +0 -23
  150. data/test/test_helper.rb +0 -233
@@ -1,58 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- module SessionTest
5
- class ConfigTest < ActiveSupport::TestCase
6
- def test_disable_magic_states_config
7
- UserSession.disable_magic_states = true
8
- assert_equal true, UserSession.disable_magic_states
9
-
10
- UserSession.disable_magic_states false
11
- assert_equal false, UserSession.disable_magic_states
12
- end
13
- end
14
-
15
- class InstanceMethodsTest < ActiveSupport::TestCase
16
- def test_disabling_magic_states
17
- UserSession.disable_magic_states = true
18
- ben = users(:ben)
19
- ben.update_attribute(:active, false)
20
- refute UserSession.create(ben).new_session?
21
- UserSession.disable_magic_states = false
22
- end
23
-
24
- def test_validate_validate_magic_states_active
25
- session = UserSession.new
26
- ben = users(:ben)
27
- session.unauthorized_record = ben
28
- assert session.valid?
29
-
30
- ben.update_attribute(:active, false)
31
- refute session.valid?
32
- refute session.errors[:base].empty?
33
- end
34
-
35
- def test_validate_validate_magic_states_approved
36
- session = UserSession.new
37
- ben = users(:ben)
38
- session.unauthorized_record = ben
39
- assert session.valid?
40
-
41
- ben.update_attribute(:approved, false)
42
- refute session.valid?
43
- refute session.errors[:base].empty?
44
- end
45
-
46
- def test_validate_validate_magic_states_confirmed
47
- session = UserSession.new
48
- ben = users(:ben)
49
- session.unauthorized_record = ben
50
- assert session.valid?
51
-
52
- ben.update_attribute(:confirmed, false)
53
- refute session.valid?
54
- refute session.errors[:base].empty?
55
- end
56
- end
57
- end
58
- end
@@ -1,53 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- module ParamsTest
5
- class ConfigTest < ActiveSupport::TestCase
6
- def test_params_key
7
- UserSession.params_key = "my_params_key"
8
- assert_equal "my_params_key", UserSession.params_key
9
-
10
- UserSession.params_key "user_credentials"
11
- assert_equal "user_credentials", UserSession.params_key
12
- end
13
-
14
- def test_single_access_allowed_request_types
15
- UserSession.single_access_allowed_request_types = ["my request type"]
16
- assert_equal ["my request type"], UserSession.single_access_allowed_request_types
17
-
18
- UserSession.single_access_allowed_request_types ["application/rss+xml", "application/atom+xml"]
19
- assert_equal ["application/rss+xml", "application/atom+xml"], UserSession.single_access_allowed_request_types
20
- end
21
- end
22
-
23
- class InstanceMethodsTest < ActiveSupport::TestCase
24
- def test_persist_persist_by_params
25
- ben = users(:ben)
26
- session = UserSession.new
27
-
28
- refute session.persisting?
29
- set_params_for(ben)
30
-
31
- refute session.persisting?
32
- refute session.unauthorized_record
33
- refute session.record
34
- assert_nil controller.session["user_credentials"]
35
-
36
- set_request_content_type("text/plain")
37
- refute session.persisting?
38
- refute session.unauthorized_record
39
- assert_nil controller.session["user_credentials"]
40
-
41
- set_request_content_type("application/atom+xml")
42
- assert session.persisting?
43
- assert_equal ben, session.record
44
- assert_nil controller.session["user_credentials"] # should not persist since this is single access
45
-
46
- set_request_content_type("application/rss+xml")
47
- assert session.persisting?
48
- assert_equal ben, session.unauthorized_record
49
- assert_nil controller.session["user_credentials"]
50
- end
51
- end
52
- end
53
- end
@@ -1,105 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- module PasswordTest
5
- class ConfigTest < ActiveSupport::TestCase
6
- def test_find_by_login_method
7
- UserSession.find_by_login_method = "my_login_method"
8
- assert_equal "my_login_method", UserSession.find_by_login_method
9
-
10
- UserSession.find_by_login_method "find_by_login"
11
- assert_equal "find_by_login", UserSession.find_by_login_method
12
- end
13
-
14
- def test_verify_password_method
15
- UserSession.verify_password_method = "my_login_method"
16
- assert_equal "my_login_method", UserSession.verify_password_method
17
-
18
- UserSession.verify_password_method "valid_password?"
19
- assert_equal "valid_password?", UserSession.verify_password_method
20
- end
21
-
22
- def test_generalize_credentials_error_mesages_set_to_false
23
- UserSession.generalize_credentials_error_messages false
24
- refute UserSession.generalize_credentials_error_messages
25
- session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
26
- assert_equal ["Password is not valid"], session.errors.full_messages
27
- end
28
-
29
- def test_generalize_credentials_error_messages_set_to_true
30
- UserSession.generalize_credentials_error_messages true
31
- assert UserSession.generalize_credentials_error_messages
32
- session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
33
- assert_equal ["Login/Password combination is not valid"], session.errors.full_messages
34
- end
35
-
36
- def test_generalize_credentials_error_messages_set_to_string
37
- UserSession.generalize_credentials_error_messages = "Custom Error Message"
38
- assert UserSession.generalize_credentials_error_messages
39
- session = UserSession.create(:login => users(:ben).login, :password => "invalud-password")
40
- assert_equal ["Custom Error Message"], session.errors.full_messages
41
- end
42
-
43
- def test_login_field
44
- UserSession.configured_password_methods = false
45
- UserSession.login_field = :saweet
46
- assert_equal :saweet, UserSession.login_field
47
- session = UserSession.new
48
- assert session.respond_to?(:saweet)
49
-
50
- UserSession.login_field :login
51
- assert_equal :login, UserSession.login_field
52
- session = UserSession.new
53
- assert session.respond_to?(:login)
54
- end
55
-
56
- def test_password_field
57
- UserSession.configured_password_methods = false
58
- UserSession.password_field = :saweet
59
- assert_equal :saweet, UserSession.password_field
60
- session = UserSession.new
61
- assert session.respond_to?(:saweet)
62
-
63
- UserSession.password_field :password
64
- assert_equal :password, UserSession.password_field
65
- session = UserSession.new
66
- assert session.respond_to?(:password)
67
- end
68
- end
69
-
70
- class InstanceMethodsTest < ActiveSupport::TestCase
71
- def test_init
72
- session = UserSession.new
73
- assert session.respond_to?(:login)
74
- assert session.respond_to?(:login=)
75
- assert session.respond_to?(:password)
76
- assert session.respond_to?(:password=)
77
- assert session.respond_to?(:protected_password, true)
78
- end
79
-
80
- def test_credentials
81
- session = UserSession.new
82
- session.credentials = { :login => "login", :password => "pass" }
83
- assert_equal "login", session.login
84
- assert_nil session.password
85
- assert_equal "pass", session.send(:protected_password)
86
- assert_equal({ :password => "<protected>", :login => "login" }, session.credentials)
87
- end
88
-
89
- def test_credentials_are_params_safe
90
- session = UserSession.new
91
- assert_nothing_raised { session.credentials = { :hacker_method => "error!" } }
92
- end
93
-
94
- def test_save_with_credentials
95
- aaron = users(:aaron)
96
- session = UserSession.new(:login => aaron.login, :password => "aaronrocks")
97
- assert session.save
98
- refute session.new_session?
99
- assert_equal 1, session.record.login_count
100
- assert Time.now >= session.record.current_login_at
101
- assert_equal "1.1.1.1", session.record.current_login_ip
102
- end
103
- end
104
- end
105
- end
@@ -1,15 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- class PerishabilityTest < ActiveSupport::TestCase
5
- def test_after_save
6
- ben = users(:ben)
7
- old_perishable_token = ben.perishable_token
8
- UserSession.create(ben)
9
- assert_not_equal old_perishable_token, ben.perishable_token
10
-
11
- drew = employees(:drew)
12
- refute UserSession.create(drew).new_session?
13
- end
14
- end
15
- end
@@ -1,32 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- class PersistenceTest < ActiveSupport::TestCase
5
- def test_find
6
- aaron = users(:aaron)
7
- refute UserSession.find
8
- http_basic_auth_for(aaron) { assert UserSession.find }
9
- set_cookie_for(aaron)
10
- assert UserSession.find
11
- unset_cookie
12
- set_session_for(aaron)
13
- session = UserSession.find
14
- assert session
15
- end
16
-
17
- def test_persisting
18
- # tested thoroughly in test_find
19
- end
20
-
21
- def test_should_set_remember_me_on_the_next_request
22
- aaron = users(:aaron)
23
- session = UserSession.new(aaron)
24
- session.remember_me = true
25
- refute UserSession.remember_me
26
- assert session.save
27
- assert session.remember_me?
28
- session = UserSession.find(aaron)
29
- assert session.remember_me?
30
- end
31
- end
32
- end
@@ -1,60 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- class ScopesTest < ActiveSupport::TestCase
5
- def test_scope_method
6
- assert_nil Authlogic::Session::Base.scope
7
-
8
- thread1 = Thread.new do
9
- scope = { :id => :scope1 }
10
- Authlogic::Session::Base.send(:scope=, scope)
11
- assert_equal scope, Authlogic::Session::Base.scope
12
- end
13
- thread1.join
14
-
15
- assert_nil Authlogic::Session::Base.scope
16
-
17
- thread2 = Thread.new do
18
- scope = { :id => :scope2 }
19
- Authlogic::Session::Base.send(:scope=, scope)
20
- assert_equal scope, Authlogic::Session::Base.scope
21
- end
22
- thread2.join
23
-
24
- assert_nil Authlogic::Session::Base.scope
25
- end
26
-
27
- def test_with_scope_method
28
- assert_raise(ArgumentError) { UserSession.with_scope }
29
-
30
- UserSession.with_scope(:find_options => { :conditions => "awesome = 1" }, :id => "some_id") do
31
- assert_equal({ :find_options => { :conditions => "awesome = 1" }, :id => "some_id" }, UserSession.scope)
32
- end
33
-
34
- assert_nil UserSession.scope
35
- end
36
-
37
- def test_initialize
38
- UserSession.with_scope(:find_options => { :conditions => "awesome = 1" }, :id => "some_id") do
39
- session = UserSession.new
40
- assert_equal({ :find_options => { :conditions => "awesome = 1" }, :id => "some_id" }, session.scope)
41
- session.id = :another_id
42
- assert_equal "another_id_some_id_test", session.send(:build_key, "test")
43
- end
44
- end
45
-
46
- def test_search_for_record_with_scopes
47
- binary_logic = companies(:binary_logic)
48
- ben = users(:ben)
49
- zack = users(:zack)
50
-
51
- session = UserSession.new
52
- assert_equal zack, session.send(:search_for_record, "find_by_login", zack.login)
53
-
54
- session.scope = { :find_options => { :conditions => ["company_id = ?", binary_logic.id] } }
55
- assert_nil session.send(:search_for_record, "find_by_login", zack.login)
56
-
57
- assert_equal ben, session.send(:search_for_record, "find_by_login", ben.login)
58
- end
59
- end
60
- end
@@ -1,78 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- module SessionTest
5
- class ConfigTest < ActiveSupport::TestCase
6
- def test_session_key
7
- UserSession.session_key = "my_session_key"
8
- assert_equal "my_session_key", UserSession.session_key
9
-
10
- UserSession.session_key "user_credentials"
11
- assert_equal "user_credentials", UserSession.session_key
12
- end
13
- end
14
-
15
- class InstanceMethodsTest < ActiveSupport::TestCase
16
- def test_persist_persist_by_session
17
- ben = users(:ben)
18
- set_session_for(ben)
19
- assert session = UserSession.find
20
- assert_equal ben, session.record
21
- assert_equal ben.persistence_token, controller.session["user_credentials"]
22
- end
23
-
24
- def test_persist_persist_by_session_with_session_fixation_attack
25
- ben = users(:ben)
26
- controller.session["user_credentials"] = 'neo'
27
- controller.session["user_credentials_id"] = {
28
- :select => " *,'neo' AS persistence_token FROM users WHERE id = #{ben.id} limit 1 -- "
29
- }
30
- @user_session = UserSession.find
31
- assert @user_session.blank?
32
- end
33
-
34
- def test_persist_persist_by_session_with_sql_injection_attack
35
- controller.session["user_credentials"] = { :select => "ABRA CADABRA" }
36
- controller.session["user_credentials_id"] = nil
37
- assert_nothing_raised do
38
- @user_session = UserSession.find
39
- end
40
- assert @user_session.blank?
41
- end
42
-
43
- def test_persist_persist_by_session_with_token_only
44
- ben = users(:ben)
45
- set_session_for(ben)
46
- controller.session["user_credentials_id"] = nil
47
- session = UserSession.find
48
- assert_equal ben, session.record
49
- assert_equal ben.persistence_token, controller.session["user_credentials"]
50
- end
51
-
52
- def test_after_save_update_session
53
- ben = users(:ben)
54
- session = UserSession.new(ben)
55
- assert controller.session["user_credentials"].blank?
56
- assert session.save
57
- assert_equal ben.persistence_token, controller.session["user_credentials"]
58
- end
59
-
60
- def test_after_destroy_update_session
61
- ben = users(:ben)
62
- set_session_for(ben)
63
- assert_equal ben.persistence_token, controller.session["user_credentials"]
64
- assert session = UserSession.find
65
- assert session.destroy
66
- assert controller.session["user_credentials"].blank?
67
- end
68
-
69
- def test_after_persisting_update_session
70
- ben = users(:ben)
71
- set_cookie_for(ben)
72
- assert controller.session["user_credentials"].blank?
73
- assert UserSession.find
74
- assert_equal ben.persistence_token, controller.session["user_credentials"]
75
- end
76
- end
77
- end
78
- end
@@ -1,82 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- module TimeoutTest
5
- class ConfigTest < ActiveSupport::TestCase
6
- def test_logout_on_timeout
7
- UserSession.logout_on_timeout = true
8
- assert UserSession.logout_on_timeout
9
-
10
- UserSession.logout_on_timeout false
11
- refute UserSession.logout_on_timeout
12
- end
13
- end
14
-
15
- class InstanceMethods < ActiveSupport::TestCase
16
- def test_stale_state
17
- UserSession.logout_on_timeout = true
18
- ben = users(:ben)
19
- ben.last_request_at = 3.years.ago
20
- ben.save
21
- set_session_for(ben)
22
-
23
- session = UserSession.new
24
- assert session.persisting?
25
- assert session.stale?
26
- assert_equal ben, session.stale_record
27
- assert_nil session.record
28
- assert_nil controller.session["user_credentials_id"]
29
-
30
- set_session_for(ben)
31
-
32
- ben.last_request_at = Time.now
33
- ben.save
34
-
35
- assert session.persisting?
36
- refute session.stale?
37
- assert_nil session.stale_record
38
-
39
- UserSession.logout_on_timeout = false
40
- end
41
-
42
- def test_should_be_stale_with_expired_remember_date
43
- UserSession.logout_on_timeout = true
44
- UserSession.remember_me = true
45
- UserSession.remember_me_for = 3.months
46
- ben = users(:ben)
47
- assert ben.save
48
- session = UserSession.new(ben)
49
- assert session.save
50
- Timecop.freeze(Time.now + 4.month)
51
- assert session.persisting?
52
- assert session.stale?
53
- UserSession.remember_me = false
54
- end
55
-
56
- def test_should_not_be_stale_with_valid_remember_date
57
- UserSession.logout_on_timeout = true # Default is 10.minutes
58
- UserSession.remember_me = true
59
- UserSession.remember_me_for = 3.months
60
- ben = users(:ben)
61
- assert ben.save
62
- session = UserSession.new(ben)
63
- assert session.save
64
- Timecop.freeze(Time.now + 2.months)
65
- assert session.persisting?
66
- refute session.stale?
67
- UserSession.remember_me = false
68
- end
69
-
70
- def test_successful_login
71
- UserSession.logout_on_timeout = true
72
- ben = users(:ben)
73
- session = UserSession.create(:login => ben.login, :password => "benrocks")
74
- refute session.new_session?
75
- session = UserSession.find
76
- assert session
77
- assert_equal ben, session.record
78
- UserSession.logout_on_timeout = false
79
- end
80
- end
81
- end
82
- end
@@ -1,13 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- class UnauthorizedRecordTest < ActiveSupport::TestCase
5
- def test_credentials
6
- ben = users(:ben)
7
- session = UserSession.new
8
- session.credentials = [ben]
9
- assert_equal ben, session.unauthorized_record
10
- assert_equal({ :unauthorized_record => "<protected>" }, session.credentials)
11
- end
12
- end
13
- end
@@ -1,23 +0,0 @@
1
- require 'test_helper'
2
-
3
- module SessionTest
4
- class ValidationTest < ActiveSupport::TestCase
5
- def test_errors
6
- session = UserSession.new
7
- assert session.errors.is_a?(Authlogic::Session::Validation::Errors)
8
- end
9
-
10
- def test_valid
11
- session = UserSession.new
12
- refute session.valid?
13
- assert_nil session.record
14
- assert session.errors.count > 0
15
-
16
- ben = users(:ben)
17
- session.unauthorized_record = ben
18
- assert session.valid?
19
- assert_equal ben, session.attempted_record
20
- assert session.errors.empty?
21
- end
22
- end
23
- end