RubyGems - authlogic - Versions diffs - 4.5.0 → 5.0.0 - Mend

authlogic 4.5.0 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (146) hide show

checksums.yaml +5 -5
data/lib/authlogic.rb +3 -28
data/lib/authlogic/acts_as_authentic/base.rb +3 -18
data/lib/authlogic/acts_as_authentic/email.rb +3 -170
data/lib/authlogic/acts_as_authentic/logged_in_status.rb +3 -1
data/lib/authlogic/acts_as_authentic/login.rb +7 -174
data/lib/authlogic/acts_as_authentic/magic_columns.rb +7 -4
data/lib/authlogic/acts_as_authentic/password.rb +54 -253
data/lib/authlogic/acts_as_authentic/perishable_token.rb +7 -5
data/lib/authlogic/acts_as_authentic/persistence_token.rb +9 -4
data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +17 -22
data/lib/authlogic/acts_as_authentic/session_maintenance.rb +8 -6
data/lib/authlogic/acts_as_authentic/single_access_token.rb +9 -8
data/lib/authlogic/config.rb +9 -1
data/lib/authlogic/controller_adapters/abstract_adapter.rb +7 -4
data/lib/authlogic/controller_adapters/rack_adapter.rb +2 -0
data/lib/authlogic/controller_adapters/rails_adapter.rb +17 -14
data/lib/authlogic/controller_adapters/sinatra_adapter.rb +6 -0
data/lib/authlogic/crypto_providers.rb +5 -20
data/lib/authlogic/crypto_providers/bcrypt.rb +3 -3
data/lib/authlogic/crypto_providers/md5.rb +3 -6
data/lib/authlogic/crypto_providers/scrypt.rb +2 -0
data/lib/authlogic/crypto_providers/sha1.rb +4 -6
data/lib/authlogic/crypto_providers/sha256.rb +2 -0
data/lib/authlogic/crypto_providers/sha512.rb +6 -5
data/lib/authlogic/i18n.rb +3 -1
data/lib/authlogic/i18n/translator.rb +3 -0
data/lib/authlogic/random.rb +2 -0
data/lib/authlogic/session/base.rb +2089 -39
data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
data/lib/authlogic/test_case.rb +4 -0
data/lib/authlogic/test_case/mock_controller.rb +2 -0
data/lib/authlogic/test_case/mock_cookie_jar.rb +7 -35
data/lib/authlogic/test_case/mock_logger.rb +2 -0
data/lib/authlogic/test_case/mock_request.rb +2 -0
data/lib/authlogic/test_case/rails_request_adapter.rb +2 -0
data/lib/authlogic/version.rb +2 -1
metadata +38 -181
data/.github/ISSUE_TEMPLATE/bug_report.md +0 -28
data/.github/ISSUE_TEMPLATE/feature_proposal.md +0 -32
data/.github/triage.md +0 -86
data/.gitignore +0 -15
data/.rubocop.yml +0 -133
data/.rubocop_todo.yml +0 -74
data/.travis.yml +0 -24
data/CHANGELOG.md +0 -348
data/CONTRIBUTING.md +0 -91
data/Gemfile +0 -6
data/LICENSE +0 -20
data/README.md +0 -448
data/Rakefile +0 -21
data/UPGRADING.md +0 -22
data/authlogic.gemspec +0 -40
data/doc/use_normal_rails_validation.md +0 -82
data/gemfiles/Gemfile.rails-4.2.x +0 -6
data/gemfiles/Gemfile.rails-5.1.x +0 -6
data/gemfiles/Gemfile.rails-5.2.x +0 -6
data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -106
data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -35
data/lib/authlogic/authenticates_many/association.rb +0 -50
data/lib/authlogic/authenticates_many/base.rb +0 -81
data/lib/authlogic/crypto_providers/aes256.rb +0 -71
data/lib/authlogic/crypto_providers/wordpress.rb +0 -72
data/lib/authlogic/regex.rb +0 -79
data/lib/authlogic/session/activation.rb +0 -73
data/lib/authlogic/session/active_record_trickery.rb +0 -65
data/lib/authlogic/session/brute_force_protection.rb +0 -127
data/lib/authlogic/session/callbacks.rb +0 -153
data/lib/authlogic/session/cookies.rb +0 -329
data/lib/authlogic/session/existence.rb +0 -103
data/lib/authlogic/session/foundation.rb +0 -105
data/lib/authlogic/session/http_auth.rb +0 -107
data/lib/authlogic/session/id.rb +0 -53
data/lib/authlogic/session/klass.rb +0 -73
data/lib/authlogic/session/magic_columns.rb +0 -119
data/lib/authlogic/session/magic_states.rb +0 -82
data/lib/authlogic/session/params.rb +0 -130
data/lib/authlogic/session/password.rb +0 -318
data/lib/authlogic/session/perishable_token.rb +0 -24
data/lib/authlogic/session/persistence.rb +0 -77
data/lib/authlogic/session/priority_record.rb +0 -38
data/lib/authlogic/session/scopes.rb +0 -138
data/lib/authlogic/session/session.rb +0 -77
data/lib/authlogic/session/timeout.rb +0 -103
data/lib/authlogic/session/unauthorized_record.rb +0 -56
data/lib/authlogic/session/validation.rb +0 -93
data/test/acts_as_authentic_test/base_test.rb +0 -27
data/test/acts_as_authentic_test/email_test.rb +0 -241
data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -64
data/test/acts_as_authentic_test/login_test.rb +0 -153
data/test/acts_as_authentic_test/magic_columns_test.rb +0 -29
data/test/acts_as_authentic_test/password_test.rb +0 -263
data/test/acts_as_authentic_test/perishable_token_test.rb +0 -98
data/test/acts_as_authentic_test/persistence_token_test.rb +0 -62
data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -48
data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -150
data/test/acts_as_authentic_test/single_access_test.rb +0 -46
data/test/adapter_test.rb +0 -23
data/test/authenticates_many_test.rb +0 -33
data/test/config_test.rb +0 -38
data/test/crypto_provider_test/aes256_test.rb +0 -16
data/test/crypto_provider_test/bcrypt_test.rb +0 -16
data/test/crypto_provider_test/scrypt_test.rb +0 -16
data/test/crypto_provider_test/sha1_test.rb +0 -25
data/test/crypto_provider_test/sha256_test.rb +0 -16
data/test/crypto_provider_test/sha512_test.rb +0 -16
data/test/crypto_provider_test/wordpress_test.rb +0 -26
data/test/fixtures/companies.yml +0 -5
data/test/fixtures/employees.yml +0 -17
data/test/fixtures/projects.yml +0 -3
data/test/fixtures/users.yml +0 -41
data/test/i18n/lol.yml +0 -4
data/test/i18n_test.rb +0 -35
data/test/libs/affiliate.rb +0 -9
data/test/libs/company.rb +0 -8
data/test/libs/employee.rb +0 -9
data/test/libs/employee_session.rb +0 -4
data/test/libs/ldaper.rb +0 -5
data/test/libs/project.rb +0 -5
data/test/libs/user.rb +0 -9
data/test/libs/user_session.rb +0 -27
data/test/random_test.rb +0 -15
data/test/session_test/activation_test.rb +0 -45
data/test/session_test/active_record_trickery_test.rb +0 -78
data/test/session_test/brute_force_protection_test.rb +0 -110
data/test/session_test/callbacks_test.rb +0 -42
data/test/session_test/cookies_test.rb +0 -244
data/test/session_test/credentials_test.rb +0 -0
data/test/session_test/existence_test.rb +0 -88
data/test/session_test/foundation_test.rb +0 -24
data/test/session_test/http_auth_test.rb +0 -60
data/test/session_test/id_test.rb +0 -19
data/test/session_test/klass_test.rb +0 -42
data/test/session_test/magic_columns_test.rb +0 -62
data/test/session_test/magic_states_test.rb +0 -60
data/test/session_test/params_test.rb +0 -61
data/test/session_test/password_test.rb +0 -107
data/test/session_test/perishability_test.rb +0 -17
data/test/session_test/persistence_test.rb +0 -35
data/test/session_test/scopes_test.rb +0 -68
data/test/session_test/session_test.rb +0 -80
data/test/session_test/timeout_test.rb +0 -84
data/test/session_test/unauthorized_record_test.rb +0 -15
data/test/session_test/validation_test.rb +0 -25
data/test/test_helper.rb +0 -272

data/test/session_test/callbacks_test.rb DELETED

@@ -1,42 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  class CallbacksTest < ActiveSupport::TestCase
-    def setup
-      WackyUserSession.reset_callbacks(:persist)
-    end
-    def test_no_callbacks
-      assert_equal [], WackyUserSession._persist_callbacks.map(&:filter)
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 0, session.counter
-    end
-    def test_true_callback_cancelling_later_callbacks
-      WackyUserSession.persist :persist_by_true, :persist_by_false
-      assert_equal(
-        %i[persist_by_true persist_by_false],
-        WackyUserSession._persist_callbacks.map(&:filter)
-      )
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 1, session.counter
-    end
-    def test_false_callback_continuing_to_later_callbacks
-      WackyUserSession.persist :persist_by_false, :persist_by_true
-      assert_equal(
-        %i[persist_by_false persist_by_true],
-        WackyUserSession._persist_callbacks.map(&:filter)
-      )
-      session = WackyUserSession.new
-      session.send(:persist)
-      assert_equal 2, session.counter
-    end
-  end
-end

data/test/session_test/cookies_test.rb DELETED

@@ -1,244 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  module CookiesTest
-    class ConfigTest < ActiveSupport::TestCase
-      def test_cookie_key
-        UserSession.cookie_key = "my_cookie_key"
-        assert_equal "my_cookie_key", UserSession.cookie_key
-        UserSession.cookie_key "user_credentials"
-        assert_equal "user_credentials", UserSession.cookie_key
-      end
-      def test_default_cookie_key
-        assert_equal "user_credentials", UserSession.cookie_key
-        assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
-      end
-      def test_remember_me
-        UserSession.remember_me = true
-        assert_equal true, UserSession.remember_me
-        session = UserSession.new
-        assert_equal true, session.remember_me
-        UserSession.remember_me false
-        assert_equal false, UserSession.remember_me
-        session = UserSession.new
-        assert_equal false, session.remember_me
-      end
-      def test_remember_me_for
-        UserSession.remember_me_for = 3.years
-        assert_equal 3.years, UserSession.remember_me_for
-        session = UserSession.new
-        session.remember_me = true
-        assert_equal 3.years, session.remember_me_for
-        UserSession.remember_me_for 3.months
-        assert_equal 3.months, UserSession.remember_me_for
-        session = UserSession.new
-        session.remember_me = true
-        assert_equal 3.months, session.remember_me_for
-      end
-      def test_secure
-        assert_equal true, UserSession.secure
-        session = UserSession.new
-        assert_equal true, session.secure
-        UserSession.secure false
-        assert_equal false, UserSession.secure
-        session = UserSession.new
-        assert_equal false, session.secure
-      end
-      def test_httponly
-        assert_equal true, UserSession.httponly
-        session = UserSession.new
-        assert_equal true, session.httponly
-        UserSession.httponly false
-        assert_equal false, UserSession.httponly
-        session = UserSession.new
-        assert_equal false, session.httponly
-      end
-      def test_same_site
-        assert_nil UserSession.same_site
-        assert_nil UserSession.new.same_site
-        UserSession.same_site "Strict"
-        assert_equal "Strict", UserSession.same_site
-        session = UserSession.new
-        assert_equal "Strict", session.same_site
-        session.same_site = "Lax"
-        assert_equal "Lax", session.same_site
-        session.same_site = "None"
-        assert_equal "None", session.same_site
-        assert_raise(ArgumentError) { UserSession.same_site "foo" }
-        assert_raise(ArgumentError) { UserSession.new.same_site "foo" }
-      end
-      def test_sign_cookie
-        UserSession.sign_cookie = true
-        assert_equal true, UserSession.sign_cookie
-        session = UserSession.new
-        assert_equal true, session.sign_cookie
-        UserSession.sign_cookie false
-        assert_equal false, UserSession.sign_cookie
-        session = UserSession.new
-        assert_equal false, session.sign_cookie
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_credentials
-        session = UserSession.new
-        session.credentials = { remember_me: true }
-        assert_equal true, session.remember_me
-      end
-      def test_remember_me
-        session = UserSession.new
-        assert_equal false, session.remember_me
-        refute session.remember_me?
-        session.remember_me = false
-        assert_equal false, session.remember_me
-        refute session.remember_me?
-        session.remember_me = true
-        assert_equal true, session.remember_me
-        assert session.remember_me?
-        session.remember_me = nil
-        assert_nil session.remember_me
-        refute session.remember_me?
-        session.remember_me = "1"
-        assert_equal "1", session.remember_me
-        assert session.remember_me?
-        session.remember_me = "true"
-        assert_equal "true", session.remember_me
-        assert session.remember_me?
-      end
-      def test_remember_me_until
-        session = UserSession.new
-        assert_nil session.remember_me_until
-        session.remember_me = true
-        assert 3.months.from_now <= session.remember_me_until
-      end
-      def test_persist_persist_by_cookie
-        ben = users(:ben)
-        refute UserSession.find
-        set_cookie_for(ben)
-        assert session = UserSession.find
-        assert_equal ben, session.record
-      end
-      def test_persist_persist_by_cookie_with_blank_persistence_token
-        ben = users(:ben)
-        ben.update_column(:persistence_token, "")
-        refute UserSession.find
-        set_cookie_for(ben)
-        refute UserSession.find
-      end
-      def test_remember_me_expired
-        ben = users(:ben)
-        session = UserSession.new(ben)
-        session.remember_me = true
-        assert session.save
-        refute session.remember_me_expired?
-        session = UserSession.new(ben)
-        session.remember_me = false
-        assert session.save
-        refute session.remember_me_expired?
-      end
-      def test_after_save_save_cookie
-        ben = users(:ben)
-        session = UserSession.new(ben)
-        assert session.save
-        assert_equal(
-          "#{ben.persistence_token}::#{ben.id}",
-          controller.cookies["user_credentials"]
-        )
-      end
-      def test_after_save_save_cookie_encrypted
-        ben = users(:ben)
-        assert_nil controller.cookies["user_credentials"]
-        payload = "#{ben.persistence_token}::#{ben.id}"
-        session = UserSession.new(ben)
-        session.encrypt_cookie = true
-        assert session.save
-        assert_equal payload, controller.cookies.encrypted["user_credentials"]
-        assert_equal(
-          Authlogic::TestCase::MockEncryptedCookieJar.encrypt(payload),
-          controller.cookies.encrypted.parent_jar["user_credentials"]
-        )
-      end
-      def test_after_save_save_cookie_signed
-        ben = users(:ben)
-        assert_nil controller.cookies["user_credentials"]
-        payload = "#{ben.persistence_token}::#{ben.id}"
-        session = UserSession.new(ben)
-        session.sign_cookie = true
-        assert session.save
-        assert_equal payload, controller.cookies.signed["user_credentials"]
-        assert_equal(
-          "#{payload}--#{Digest::SHA1.hexdigest payload}",
-          controller.cookies.signed.parent_jar["user_credentials"]
-        )
-      end
-      def test_after_save_save_cookie_with_remember_me
-        Timecop.freeze do
-          ben = users(:ben)
-          session = UserSession.new(ben)
-          session.remember_me = true
-          assert session.save
-          assert_equal(
-            "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until.iso8601}",
-            controller.cookies["user_credentials"]
-          )
-        end
-      end
-      def test_after_save_save_cookie_with_same_site
-        session = UserSession.new(users(:ben))
-        session.same_site = "Strict"
-        assert session.save
-        assert_equal(
-          "Strict",
-          controller.cookies.set_cookies["user_credentials"][:same_site]
-        )
-      end
-      def test_after_destroy_destroy_cookie
-        ben = users(:ben)
-        set_cookie_for(ben)
-        session = UserSession.find
-        assert controller.cookies["user_credentials"]
-        assert session.destroy
-        refute controller.cookies["user_credentials"]
-      end
-    end
-  end
-end

data/test/session_test/credentials_test.rb DELETED

File without changes

data/test/session_test/existence_test.rb DELETED

@@ -1,88 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  module ExistenceTest
-    class ClassMethodsTest < ActiveSupport::TestCase
-      def test_create_with_good_credentials
-        ben = users(:ben)
-        session = UserSession.create(login: ben.login, password: "benrocks")
-        refute session.new_session?
-      end
-      def test_create_with_bad_credentials
-        session = UserSession.create(login: "somelogin", password: "badpw2")
-        assert session.new_session?
-      end
-      def test_create_bang
-        ben = users(:ben)
-        err = assert_raise(Authlogic::Session::Existence::SessionInvalidError) do
-          UserSession.create!(login: ben.login, password: "badpw")
-        end
-        assert_includes err.message, "Password is not valid"
-        refute UserSession.create!(login: ben.login, password: "benrocks").new_session?
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_new_session
-        session = UserSession.new
-        assert session.new_session?
-        set_session_for(users(:ben))
-        session = UserSession.find
-        refute session.new_session?
-      end
-      def test_save_with_nothing
-        session = UserSession.new
-        refute session.save
-        assert session.new_session?
-      end
-      def test_save_with_block
-        session = UserSession.new
-        block_result = session.save do |result|
-          refute result
-        end
-        refute block_result
-        assert session.new_session?
-      end
-      def test_save_with_bang
-        session = UserSession.new
-        assert_raise(Authlogic::Session::Existence::SessionInvalidError) { session.save! }
-        session.unauthorized_record = users(:ben)
-        assert_nothing_raised { session.save! }
-      end
-      def test_destroy
-        ben = users(:ben)
-        session = UserSession.new
-        refute session.valid?
-        refute session.errors.empty?
-        assert session.destroy
-        assert session.errors.empty?
-        session.unauthorized_record = ben
-        assert session.save
-        assert session.record
-        assert session.destroy
-        refute session.record
-      end
-    end
-    class SessionInvalidErrorTest < ActiveSupport::TestCase
-      def test_message
-        session = UserSession.new
-        assert !session.valid?
-        error = Authlogic::Session::Existence::SessionInvalidError.new(session)
-        message = "Your session is invalid and has the following errors: " +
-          session.errors.full_messages.to_sentence
-        assert_equal message, error.message
-      end
-    end
-  end
-end

data/test/session_test/foundation_test.rb DELETED

@@ -1,24 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-# We forbid the use of AC::Parameters, and we have a test to that effect, but we
-# do not want a development dependency on `actionpack`, so we define it here.
-module ActionController
-  class Parameters; end
-end
-module SessionTest
-  class FoundationTest < ActiveSupport::TestCase
-    def test_credentials_raise_if_not_a_hash
-      session = UserSession.new
-      e = assert_raises(TypeError) {
-        session.credentials = ActionController::Parameters.new
-      }
-      assert_equal(
-        ::Authlogic::Session::Foundation::InstanceMethods::E_AC_PARAMETERS,
-        e.message
-      )
-    end
-  end
-end

data/test/session_test/http_auth_test.rb DELETED

@@ -1,60 +0,0 @@
-# frozen_string_literal: true
-require "test_helper"
-module SessionTest
-  class HttpAuthTest < ActiveSupport::TestCase
-    class ConfigTest < ActiveSupport::TestCase
-      def test_allow_http_basic_auth
-        UserSession.allow_http_basic_auth = false
-        assert_equal false, UserSession.allow_http_basic_auth
-        UserSession.allow_http_basic_auth true
-        assert_equal true, UserSession.allow_http_basic_auth
-      end
-      def test_request_http_basic_auth
-        UserSession.request_http_basic_auth = true
-        assert_equal true, UserSession.request_http_basic_auth
-        UserSession.request_http_basic_auth = false
-        assert_equal false, UserSession.request_http_basic_auth
-      end
-      def test_http_basic_auth_realm
-        assert_equal "Application", UserSession.http_basic_auth_realm
-        UserSession.http_basic_auth_realm = "TestRealm"
-        assert_equal "TestRealm", UserSession.http_basic_auth_realm
-      end
-    end
-    class InstanceMethodsTest < ActiveSupport::TestCase
-      def test_persist_persist_by_http_auth
-        UserSession.allow_http_basic_auth = true
-        aaron = users(:aaron)
-        http_basic_auth_for do
-          refute UserSession.find
-        end
-        http_basic_auth_for(aaron) do
-          assert session = UserSession.find
-          assert_equal aaron, session.record
-          assert_equal aaron.login, session.login
-          assert_equal "aaronrocks", session.send(:protected_password)
-          refute controller.http_auth_requested?
-        end
-        unset_session
-        UserSession.request_http_basic_auth = true
-        UserSession.http_basic_auth_realm = "PersistTestRealm"
-        http_basic_auth_for(aaron) do
-          assert session = UserSession.find
-          assert_equal aaron, session.record
-          assert_equal aaron.login, session.login
-          assert_equal "aaronrocks", session.send(:protected_password)
-          assert_equal "PersistTestRealm", controller.realm
-          assert controller.http_auth_requested?
-        end
-      end
-    end
-  end
-end