RubyGems - authlogic - Versions diffs - 4.4.2 → 5.0.3 - Mend

authlogic 4.4.2 → 5.0.3

Files changed (147) hide show

checksums.yaml +5 -5
data/lib/authlogic.rb +4 -28
data/lib/authlogic/acts_as_authentic/base.rb +3 -18
data/lib/authlogic/acts_as_authentic/email.rb +3 -170
data/lib/authlogic/acts_as_authentic/logged_in_status.rb +3 -1
data/lib/authlogic/acts_as_authentic/login.rb +7 -174
data/lib/authlogic/acts_as_authentic/magic_columns.rb +7 -4
data/lib/authlogic/acts_as_authentic/password.rb +54 -253
data/lib/authlogic/acts_as_authentic/perishable_token.rb +8 -5
data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -4
data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +36 -20
data/lib/authlogic/acts_as_authentic/session_maintenance.rb +8 -6
data/lib/authlogic/acts_as_authentic/single_access_token.rb +10 -8
data/lib/authlogic/config.rb +9 -1
data/lib/authlogic/controller_adapters/abstract_adapter.rb +7 -4
data/lib/authlogic/controller_adapters/rack_adapter.rb +2 -0
data/lib/authlogic/controller_adapters/rails_adapter.rb +19 -19
data/lib/authlogic/controller_adapters/sinatra_adapter.rb +6 -0
data/lib/authlogic/cookie_credentials.rb +63 -0
data/lib/authlogic/crypto_providers.rb +5 -20
data/lib/authlogic/crypto_providers/bcrypt.rb +3 -3
data/lib/authlogic/crypto_providers/md5.rb +3 -6
data/lib/authlogic/crypto_providers/scrypt.rb +2 -0
data/lib/authlogic/crypto_providers/sha1.rb +4 -6
data/lib/authlogic/crypto_providers/sha256.rb +2 -0
data/lib/authlogic/crypto_providers/sha512.rb +6 -5
data/lib/authlogic/i18n.rb +3 -1
data/lib/authlogic/i18n/translator.rb +3 -0
data/lib/authlogic/random.rb +2 -0
data/lib/authlogic/session/base.rb +2087 -39
data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
data/lib/authlogic/test_case.rb +4 -0
data/lib/authlogic/test_case/mock_controller.rb +2 -0
data/lib/authlogic/test_case/mock_cookie_jar.rb +7 -0
data/lib/authlogic/test_case/mock_logger.rb +2 -0
data/lib/authlogic/test_case/mock_request.rb +2 -0
data/lib/authlogic/test_case/rails_request_adapter.rb +2 -0
data/lib/authlogic/version.rb +2 -1
metadata +136 -182
data/.github/ISSUE_TEMPLATE/bug_report.md +0 -28
data/.github/ISSUE_TEMPLATE/feature_proposal.md +0 -32
data/.github/triage.md +0 -86
data/.gitignore +0 -15
data/.rubocop.yml +0 -133
data/.rubocop_todo.yml +0 -74
data/.travis.yml +0 -24
data/CHANGELOG.md +0 -326
data/CONTRIBUTING.md +0 -91
data/Gemfile +0 -6
data/LICENSE +0 -20
data/README.md +0 -439
data/Rakefile +0 -21
data/UPGRADING.md +0 -22
data/authlogic.gemspec +0 -40
data/doc/use_normal_rails_validation.md +0 -82
data/gemfiles/Gemfile.rails-4.2.x +0 -6
data/gemfiles/Gemfile.rails-5.1.x +0 -6
data/gemfiles/Gemfile.rails-5.2.x +0 -6
data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -106
data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -35
data/lib/authlogic/authenticates_many/association.rb +0 -50
data/lib/authlogic/authenticates_many/base.rb +0 -81
data/lib/authlogic/crypto_providers/aes256.rb +0 -71
data/lib/authlogic/crypto_providers/wordpress.rb +0 -72
data/lib/authlogic/regex.rb +0 -79
data/lib/authlogic/session/activation.rb +0 -73
data/lib/authlogic/session/active_record_trickery.rb +0 -65
data/lib/authlogic/session/brute_force_protection.rb +0 -127
data/lib/authlogic/session/callbacks.rb +0 -153
data/lib/authlogic/session/cookies.rb +0 -296
data/lib/authlogic/session/existence.rb +0 -103
data/lib/authlogic/session/foundation.rb +0 -105
data/lib/authlogic/session/http_auth.rb +0 -107
data/lib/authlogic/session/id.rb +0 -53
data/lib/authlogic/session/klass.rb +0 -73
data/lib/authlogic/session/magic_columns.rb +0 -119
data/lib/authlogic/session/magic_states.rb +0 -82
data/lib/authlogic/session/params.rb +0 -130
data/lib/authlogic/session/password.rb +0 -318
data/lib/authlogic/session/perishable_token.rb +0 -24
data/lib/authlogic/session/persistence.rb +0 -77
data/lib/authlogic/session/priority_record.rb +0 -38
data/lib/authlogic/session/scopes.rb +0 -138
data/lib/authlogic/session/session.rb +0 -77
data/lib/authlogic/session/timeout.rb +0 -103
data/lib/authlogic/session/unauthorized_record.rb +0 -56
data/lib/authlogic/session/validation.rb +0 -93
data/test/acts_as_authentic_test/base_test.rb +0 -27
data/test/acts_as_authentic_test/email_test.rb +0 -241
data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -64
data/test/acts_as_authentic_test/login_test.rb +0 -153
data/test/acts_as_authentic_test/magic_columns_test.rb +0 -29
data/test/acts_as_authentic_test/password_test.rb +0 -263
data/test/acts_as_authentic_test/perishable_token_test.rb +0 -98
data/test/acts_as_authentic_test/persistence_token_test.rb +0 -62
data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -48
data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -150
data/test/acts_as_authentic_test/single_access_test.rb +0 -46
data/test/adapter_test.rb +0 -23
data/test/authenticates_many_test.rb +0 -33
data/test/config_test.rb +0 -38
data/test/crypto_provider_test/aes256_test.rb +0 -16
data/test/crypto_provider_test/bcrypt_test.rb +0 -16
data/test/crypto_provider_test/scrypt_test.rb +0 -16
data/test/crypto_provider_test/sha1_test.rb +0 -25
data/test/crypto_provider_test/sha256_test.rb +0 -16
data/test/crypto_provider_test/sha512_test.rb +0 -16
data/test/crypto_provider_test/wordpress_test.rb +0 -26
data/test/fixtures/companies.yml +0 -5
data/test/fixtures/employees.yml +0 -17
data/test/fixtures/projects.yml +0 -3
data/test/fixtures/users.yml +0 -41
data/test/i18n/lol.yml +0 -4
data/test/i18n_test.rb +0 -35
data/test/libs/affiliate.rb +0 -9
data/test/libs/company.rb +0 -8
data/test/libs/employee.rb +0 -9
data/test/libs/employee_session.rb +0 -4
data/test/libs/ldaper.rb +0 -5
data/test/libs/project.rb +0 -5
data/test/libs/user.rb +0 -9
data/test/libs/user_session.rb +0 -27
data/test/random_test.rb +0 -15
data/test/session_test/activation_test.rb +0 -45
data/test/session_test/active_record_trickery_test.rb +0 -78
data/test/session_test/brute_force_protection_test.rb +0 -110
data/test/session_test/callbacks_test.rb +0 -42
data/test/session_test/cookies_test.rb +0 -226
data/test/session_test/credentials_test.rb +0 -0
data/test/session_test/existence_test.rb +0 -88
data/test/session_test/foundation_test.rb +0 -24
data/test/session_test/http_auth_test.rb +0 -60
data/test/session_test/id_test.rb +0 -19
data/test/session_test/klass_test.rb +0 -42
data/test/session_test/magic_columns_test.rb +0 -62
data/test/session_test/magic_states_test.rb +0 -60
data/test/session_test/params_test.rb +0 -61
data/test/session_test/password_test.rb +0 -107
data/test/session_test/perishability_test.rb +0 -17
data/test/session_test/persistence_test.rb +0 -35
data/test/session_test/scopes_test.rb +0 -68
data/test/session_test/session_test.rb +0 -80
data/test/session_test/timeout_test.rb +0 -84
data/test/session_test/unauthorized_record_test.rb +0 -15
data/test/session_test/validation_test.rb +0 -25
data/test/test_helper.rb +0 -272

data/test/session_test/callbacks_test.rb DELETED Viewed

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  class CallbacksTest < ActiveSupport::TestCase
-    def setup
-      WackyUserSession.reset_callbacks(:persist)
-    end
-    def test_no_callbacks
-      assert_equal [], WackyUserSession._persist_callbacks.map(&:filter)
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 0, session.counter
-    end
-    def test_true_callback_cancelling_later_callbacks
-      WackyUserSession.persist :persist_by_true, :persist_by_false
-      assert_equal(
-        %i[persist_by_true persist_by_false],
-        WackyUserSession._persist_callbacks.map(&:filter)
-      )
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 1, session.counter
-    end
-    def test_false_callback_continuing_to_later_callbacks
-      WackyUserSession.persist :persist_by_false, :persist_by_true
-      assert_equal(
-        %i[persist_by_false persist_by_true],
-        WackyUserSession._persist_callbacks.map(&:filter)
-      )
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 2, session.counter
-    end
-  end
-end

data/test/session_test/cookies_test.rb DELETED Viewed

@@ -1,226 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  module CookiesTest
-    class ConfigTest < ActiveSupport::TestCase
-      def test_cookie_key
-        UserSession.cookie_key = "my_cookie_key"
-        assert_equal "my_cookie_key", UserSession.cookie_key
-        UserSession.cookie_key "user_credentials"
-        assert_equal "user_credentials", UserSession.cookie_key
-      end
-      def test_default_cookie_key
-        assert_equal "user_credentials", UserSession.cookie_key
-        assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
-      end
-      def test_remember_me
-        UserSession.remember_me = true
-        assert_equal true, UserSession.remember_me
-        session = UserSession.new
-        assert_equal true, session.remember_me
-        UserSession.remember_me false
-        assert_equal false, UserSession.remember_me
-        session = UserSession.new
-        assert_equal false, session.remember_me
-      end
-      def test_remember_me_for
-        UserSession.remember_me_for = 3.years
-        assert_equal 3.years, UserSession.remember_me_for
-        session = UserSession.new
-        session.remember_me = true
-        assert_equal 3.years, session.remember_me_for
-        UserSession.remember_me_for 3.months
-        assert_equal 3.months, UserSession.remember_me_for
-        session = UserSession.new
-        session.remember_me = true
-        assert_equal 3.months, session.remember_me_for
-      end
-      def test_secure
-        assert_equal true, UserSession.secure
-        session = UserSession.new
-        assert_equal true, session.secure
-        UserSession.secure false
-        assert_equal false, UserSession.secure
-        session = UserSession.new
-        assert_equal false, session.secure
-      end
-      def test_httponly
-        assert_equal true, UserSession.httponly
-        session = UserSession.new
-        assert_equal true, session.httponly
-        UserSession.httponly false
-        assert_equal false, UserSession.httponly
-        session = UserSession.new
-        assert_equal false, session.httponly
-      end
-      def test_same_site
-        assert_nil UserSession.same_site
-        assert_nil UserSession.new.same_site
-        UserSession.same_site "Strict"
-        assert_equal "Strict", UserSession.same_site
-        session = UserSession.new
-        assert_equal "Strict", session.same_site
-        session.same_site = "Lax"
-        assert_equal "Lax", session.same_site
-        assert_raise(ArgumentError) { UserSession.same_site "foo" }
-        assert_raise(ArgumentError) { UserSession.new.same_site "foo" }
-      end
-      def test_sign_cookie
-        UserSession.sign_cookie = true
-        assert_equal true, UserSession.sign_cookie
-        session = UserSession.new
-        assert_equal true, session.sign_cookie
-        UserSession.sign_cookie false
-        assert_equal false, UserSession.sign_cookie
-        session = UserSession.new
-        assert_equal false, session.sign_cookie
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_credentials
-        session = UserSession.new
-        session.credentials = { remember_me: true }
-        assert_equal true, session.remember_me
-      end
-      def test_remember_me
-        session = UserSession.new
-        assert_equal false, session.remember_me
-        refute session.remember_me?
-        session.remember_me = false
-        assert_equal false, session.remember_me
-        refute session.remember_me?
-        session.remember_me = true
-        assert_equal true, session.remember_me
-        assert session.remember_me?
-        session.remember_me = nil
-        assert_nil session.remember_me
-        refute session.remember_me?
-        session.remember_me = "1"
-        assert_equal "1", session.remember_me
-        assert session.remember_me?
-        session.remember_me = "true"
-        assert_equal "true", session.remember_me
-        assert session.remember_me?
-      end
-      def test_remember_me_until
-        session = UserSession.new
-        assert_nil session.remember_me_until
-        session.remember_me = true
-        assert 3.months.from_now <= session.remember_me_until
-      end
-      def test_persist_persist_by_cookie
-        ben = users(:ben)
-        refute UserSession.find
-        set_cookie_for(ben)
-        assert session = UserSession.find
-        assert_equal ben, session.record
-      end
-      def test_persist_persist_by_cookie_with_blank_persistence_token
-        ben = users(:ben)
-        ben.update_column(:persistence_token, "")
-        refute UserSession.find
-        set_cookie_for(ben)
-        refute UserSession.find
-      end
-      def test_remember_me_expired
-        ben = users(:ben)
-        session = UserSession.new(ben)
-        session.remember_me = true
-        assert session.save
-        refute session.remember_me_expired?
-        session = UserSession.new(ben)
-        session.remember_me = false
-        assert session.save
-        refute session.remember_me_expired?
-      end
-      def test_after_save_save_cookie
-        ben = users(:ben)
-        session = UserSession.new(ben)
-        assert session.save
-        assert_equal(
-          "#{ben.persistence_token}::#{ben.id}",
-          controller.cookies["user_credentials"]
-        )
-      end
-      def test_after_save_save_cookie_signed
-        ben = users(:ben)
-        assert_nil controller.cookies["user_credentials"]
-        payload = "#{ben.persistence_token}::#{ben.id}"
-        session = UserSession.new(ben)
-        session.sign_cookie = true
-        assert session.save
-        assert_equal payload, controller.cookies.signed["user_credentials"]
-        assert_equal(
-          "#{payload}--#{Digest::SHA1.hexdigest payload}",
-          controller.cookies.signed.parent_jar["user_credentials"]
-        )
-      end
-      def test_after_save_save_cookie_with_remember_me
-        Timecop.freeze do
-          ben = users(:ben)
-          session = UserSession.new(ben)
-          session.remember_me = true
-          assert session.save
-          assert_equal(
-            "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
-            controller.cookies["user_credentials"]
-          )
-        end
-      end
-      def test_after_save_save_cookie_with_same_site
-        session = UserSession.new(users(:ben))
-        session.same_site = "Strict"
-        assert session.save
-        assert_equal(
-          "Strict",
-          controller.cookies.set_cookies["user_credentials"][:same_site]
-        )
-      end
-      def test_after_destroy_destroy_cookie
-        ben = users(:ben)
-        set_cookie_for(ben)
-        session = UserSession.find
-        assert controller.cookies["user_credentials"]
-        assert session.destroy
-        refute controller.cookies["user_credentials"]
-      end
-    end
-  end
-end

data/test/session_test/credentials_test.rb DELETED Viewed

File without changes

data/test/session_test/existence_test.rb DELETED Viewed

@@ -1,88 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  module ExistenceTest
-    class ClassMethodsTest < ActiveSupport::TestCase
-      def test_create_with_good_credentials
-        ben = users(:ben)
-        session = UserSession.create(login: ben.login, password: "benrocks")
-        refute session.new_session?
-      end
-      def test_create_with_bad_credentials
-        session = UserSession.create(login: "somelogin", password: "badpw2")
-        assert session.new_session?
-      end
-      def test_create_bang
-        ben = users(:ben)
-        err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
-          UserSession.create!(login: ben.login, password: "badpw")
-        end
-        assert_includes err.message, "Password is not valid"
-        refute UserSession.create!(login: ben.login, password: "benrocks").new_session?
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_new_session
-        session = UserSession.new
-        assert session.new_session?
-        set_session_for(users(:ben))
-        session = UserSession.find
-        refute session.new_session?
-      end
-      def test_save_with_nothing
-        session = UserSession.new
-        refute session.save
-        assert session.new_session?
-      end
-      def test_save_with_block
-        session = UserSession.new
-        block_result = session.save do |result|
-          refute result
-        end
-        refute block_result
-        assert session.new_session?
-      end
-      def test_save_with_bang
-        session = UserSession.new
-        assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
-        session.unauthorized_record = users(:ben)
-        assert_nothing_raised { session.save! }
-      end
-      def test_destroy
-        ben = users(:ben)
-        session = UserSession.new
-        refute session.valid?
-        refute session.errors.empty?
-        assert session.destroy
-        assert session.errors.empty?
-        session.unauthorized_record = ben
-        assert session.save
-        assert session.record
-        assert session.destroy
-        refute session.record
-      end
-    end
-    class SessionInvalidErrorTest < ActiveSupport::TestCase
-      def test_message
-        session = UserSession.new
-        assert !session.valid?
-        error = Authlogic::Session::Existence::SessionInvalidError.new(session)
-        message = "Your session is invalid and has the following errors: " +
-          session.errors.full_messages.to_sentence
-        assert_equal message, error.message
-      end
-    end
-  end
-end

data/test/session_test/foundation_test.rb DELETED Viewed

@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-# We forbid the use of AC::Parameters, and we have a test to that effect, but we
-# do not want a development dependency on `actionpack`, so we define it here.
-module ActionController
-  class Parameters; end
-end
-module SessionTest
-  class FoundationTest < ActiveSupport::TestCase
-    def test_credentials_raise_if_not_a_hash
-      session = UserSession.new
-      e = assert_raises(TypeError) {
-        session.credentials = ActionController::Parameters.new
-      }
-      assert_equal(
-        ::Authlogic::Session::Foundation::InstanceMethods::E_AC_PARAMETERS,
-        e.message
-      )
-    end
-  end
-end

data/test/session_test/http_auth_test.rb DELETED Viewed

@@ -1,60 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  class HttpAuthTest < ActiveSupport::TestCase
-    class ConfigTest < ActiveSupport::TestCase
-      def test_allow_http_basic_auth
-        UserSession.allow_http_basic_auth = false
-        assert_equal false, UserSession.allow_http_basic_auth
-        UserSession.allow_http_basic_auth true
-        assert_equal true, UserSession.allow_http_basic_auth
-      end
-      def test_request_http_basic_auth
-        UserSession.request_http_basic_auth = true
-        assert_equal true, UserSession.request_http_basic_auth
-        UserSession.request_http_basic_auth = false
-        assert_equal false, UserSession.request_http_basic_auth
-      end
-      def test_http_basic_auth_realm
-        assert_equal "Application", UserSession.http_basic_auth_realm
-        UserSession.http_basic_auth_realm = "TestRealm"
-        assert_equal "TestRealm", UserSession.http_basic_auth_realm
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_persist_persist_by_http_auth
-        UserSession.allow_http_basic_auth = true
-        aaron = users(:aaron)
-        http_basic_auth_for do
-          refute UserSession.find
-        end
-        http_basic_auth_for(aaron) do
-          assert session = UserSession.find
-          assert_equal aaron, session.record
-          assert_equal aaron.login, session.login
-          assert_equal "aaronrocks", session.send(:protected_password)
-          refute controller.http_auth_requested?
-        end
-        unset_session
-        UserSession.request_http_basic_auth = true
-        UserSession.http_basic_auth_realm = "PersistTestRealm"
-        http_basic_auth_for(aaron) do
-          assert session = UserSession.find
-          assert_equal aaron, session.record
-          assert_equal aaron.login, session.login
-          assert_equal "aaronrocks", session.send(:protected_password)
-          assert_equal "PersistTestRealm", controller.realm
-          assert controller.http_auth_requested?
-        end
-      end
-    end
-  end
-end