authlogic 4.5.0 → 6.4.2

data/test/acts_as_authentic_test/password_test.rb

@@ -1,263 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class PasswordTest < ActiveSupport::TestCase
-    # If test_human_name is executed after test_i18n_of_human_name the test will fail.
-    i_suck_and_my_tests_are_order_dependent!
-
-    def test_crypted_password_field_config
-      assert_equal :crypted_password, User.crypted_password_field
-      assert_equal :crypted_password, Employee.crypted_password_field
-
-      User.crypted_password_field = :nope
-      assert_equal :nope, User.crypted_password_field
-      User.crypted_password_field :crypted_password
-      assert_equal :crypted_password, User.crypted_password_field
-    end
-
-    def test_password_salt_field_config
-      assert_equal :password_salt, User.password_salt_field
-      assert_equal :password_salt, Employee.password_salt_field
-
-      User.password_salt_field = :nope
-      assert_equal :nope, User.password_salt_field
-      User.password_salt_field :password_salt
-      assert_equal :password_salt, User.password_salt_field
-    end
-
-    def test_ignore_blank_passwords_config
-      assert User.ignore_blank_passwords
-      assert Employee.ignore_blank_passwords
-
-      User.ignore_blank_passwords = false
-      refute User.ignore_blank_passwords
-      User.ignore_blank_passwords true
-      assert User.ignore_blank_passwords
-    end
-
-    def test_check_passwords_against_database
-      assert User.check_passwords_against_database
-      User.check_passwords_against_database = false
-      refute User.check_passwords_against_database
-      User.check_passwords_against_database true
-      assert User.check_passwords_against_database
-    end
-
-    def test_validate_password_field_config
-      assert User.validate_password_field
-      assert Employee.validate_password_field
-
-      User.validate_password_field = false
-      refute User.validate_password_field
-      User.validate_password_field true
-      assert User.validate_password_field
-    end
-
-    def test_validates_length_of_password_field_options_config
-      default = { minimum: 8, if: :require_password? }
-      assert_equal default, User.validates_length_of_password_field_options
-      assert_equal default, Employee.validates_length_of_password_field_options
-
-      User.validates_length_of_password_field_options = { yes: "no" }
-      assert_equal({ yes: "no" }, User.validates_length_of_password_field_options)
-      User.validates_length_of_password_field_options default
-      assert_equal default, User.validates_length_of_password_field_options
-    end
-
-    def test_validates_confirmation_of_password_field_options_config
-      default = { if: :require_password? }
-      assert_equal default, User.validates_confirmation_of_password_field_options
-      assert_equal default, Employee.validates_confirmation_of_password_field_options
-
-      User.validates_confirmation_of_password_field_options = { yes: "no" }
-      assert_equal({ yes: "no" }, User.validates_confirmation_of_password_field_options)
-      User.validates_confirmation_of_password_field_options default
-      assert_equal default, User.validates_confirmation_of_password_field_options
-    end
-
-    def test_validates_length_of_password_confirmation_field_options_config
-      default = { minimum: 8, if: :require_password? }
-      assert_equal default, User.validates_length_of_password_confirmation_field_options
-      assert_equal default, Employee.validates_length_of_password_confirmation_field_options
-
-      User.validates_length_of_password_confirmation_field_options = { yes: "no" }
-      assert_equal({ yes: "no" }, User.validates_length_of_password_confirmation_field_options)
-      User.validates_length_of_password_confirmation_field_options default
-      assert_equal default, User.validates_length_of_password_confirmation_field_options
-    end
-
-    def test_crypto_provider_config
-      assert_equal Authlogic::CryptoProviders::SCrypt, User.crypto_provider
-      assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
-
-      User.crypto_provider = Authlogic::CryptoProviders::BCrypt
-      assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
-      User.crypto_provider Authlogic::CryptoProviders::Sha512
-      assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
-    end
-
-    def test_transition_from_crypto_providers_config
-      assert_equal [Authlogic::CryptoProviders::Sha512], User.transition_from_crypto_providers
-      assert_equal [], Employee.transition_from_crypto_providers
-
-      User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
-      assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
-      User.transition_from_crypto_providers []
-      assert_equal [], User.transition_from_crypto_providers
-    end
-
-    def test_validates_length_of_password
-      u = User.new(
-        login: "abcde",
-        email: "abcde@test.com",
-        password: "abcdefgh",
-        password_confirmation: "abcdefgh"
-      )
-      assert u.valid?
-
-      u.password = u.password_confirmation = "abcdef"
-      refute u.valid?
-
-      assert u.errors[:password].include?("is too short (minimum is 8 characters)")
-      assert u.errors[:password_confirmation].include?("is too short (minimum is 8 characters)")
-    end
-
-    def test_validates_confirmation_of_password
-      u = User.new(
-        login: "abcde",
-        email: "abcde@test.com",
-        password: "abcdefgh",
-        password_confirmation: "abcdefgh"
-      )
-      assert u.valid?
-
-      u.password_confirmation = "abcdefghij"
-      refute u.valid?
-
-      assert u.errors[:password_confirmation].include?("doesn't match Password")
-    end
-
-    def test_validates_length_of_password_confirmation
-      u = User.new
-
-      u.password = "testpass"
-      u.password_confirmation = ""
-      refute u.valid?
-      refute u.errors[:password_confirmation].empty?
-
-      u.password_confirmation = "testpass"
-      refute u.valid?
-      assert u.errors[:password_confirmation].empty?
-
-      ben = users(:ben)
-      assert ben.valid?
-
-      ben.password = "newpasswd"
-      refute ben.valid?
-      refute ben.errors[:password_confirmation].empty?
-
-      ben.password_confirmation = "newpasswd"
-      assert ben.valid?
-    end
-
-    def test_password
-      u = User.new
-      old_password_salt = u.password_salt
-      old_crypted_password = u.crypted_password
-      u.password = "test"
-      assert_not_equal old_password_salt, u.password_salt
-      assert_not_equal old_crypted_password, u.crypted_password
-    end
-
-    def test_transitioning_password
-      ben = users(:ben)
-
-      transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
-      transition_password_to(
-        Authlogic::CryptoProviders::Sha1,
-        ben,
-        [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt]
-      )
-      transition_password_to(
-        Authlogic::CryptoProviders::Sha512,
-        ben,
-        [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt]
-      )
-    end
-
-    def test_checks_password_against_database
-      ben = users(:aaron)
-      ben.password = "new pass"
-      refute ben.valid_password?("new pass")
-      assert ben.valid_password?("aaronrocks")
-    end
-
-    def test_checks_password_against_database_and_always_fails_on_new_records
-      user = User.new
-      user.password = "new pass"
-      refute user.valid_password?("new pass")
-    end
-
-    def test_checks_password_against_object
-      ben = users(:ben)
-      ben.password = "new pass"
-      assert ben.valid_password?("new pass", false)
-      refute ben.valid_password?("benrocks", false)
-    end
-
-    def test_reset_password
-      ben = users(:ben)
-      old_crypted_password = ben.crypted_password
-      old_password_salt = ben.password_salt
-
-      # soft reset
-      ben.reset_password
-      assert_not_equal old_crypted_password, ben.crypted_password
-      assert_not_equal old_password_salt, ben.password_salt
-
-      # make sure it didn't go into the db
-      ben.reload
-      assert_equal old_crypted_password, ben.crypted_password
-      assert_equal old_password_salt, ben.password_salt
-
-      # hard reset
-      assert ben.reset_password!
-      assert_not_equal old_crypted_password, ben.crypted_password
-      assert_not_equal old_password_salt, ben.password_salt
-
-      # make sure it did go into the db
-      ben.reload
-      assert_not_equal old_crypted_password, ben.crypted_password
-      assert_not_equal old_password_salt, ben.password_salt
-    end
-
-    private
-
-    def transition_password_to(
-      crypto_provider,
-      records,
-      from_crypto_providers = Authlogic::CryptoProviders::Sha512
-    )
-      records = [records] unless records.is_a?(Array)
-      User.acts_as_authentic do |c|
-        c.crypto_provider = crypto_provider
-        c.transition_from_crypto_providers = from_crypto_providers
-      end
-      records.each do |record|
-        old_hash = record.crypted_password
-        old_persistence_token = record.persistence_token
-        assert record.valid_password?(password_for(record))
-        assert_not_equal old_hash.to_s, record.crypted_password.to_s
-        assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
-
-        old_hash = record.crypted_password
-        old_persistence_token = record.persistence_token
-        assert record.valid_password?(password_for(record))
-        assert_equal old_hash.to_s, record.crypted_password.to_s
-        assert_equal old_persistence_token.to_s, record.persistence_token.to_s
-      end
-    end
-  end
-end

data/test/acts_as_authentic_test/perishable_token_test.rb

@@ -1,98 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class PerishableTokenTest < ActiveSupport::TestCase
-    def test_perishable_token_valid_for_config
-      assert_equal 10.minutes.to_i, User.perishable_token_valid_for
-      assert_equal 10.minutes.to_i, Employee.perishable_token_valid_for
-
-      User.perishable_token_valid_for = 1.hour
-      assert_equal 1.hour.to_i, User.perishable_token_valid_for
-      User.perishable_token_valid_for 10.minutes
-      assert_equal 10.minutes.to_i, User.perishable_token_valid_for
-    end
-
-    def test_disable_perishable_token_maintenance_config
-      refute User.disable_perishable_token_maintenance
-      refute Employee.disable_perishable_token_maintenance
-
-      User.disable_perishable_token_maintenance = true
-      assert User.disable_perishable_token_maintenance
-      User.disable_perishable_token_maintenance false
-      refute User.disable_perishable_token_maintenance
-    end
-
-    def test_validates_uniqueness_of_perishable_token
-      u = User.new
-      u.perishable_token = users(:ben).perishable_token
-      refute u.valid?
-      refute u.errors[:perishable_token].empty?
-    end
-
-    def test_before_save_reset_perishable_token
-      ben = users(:ben)
-      old_perishable_token = ben.perishable_token
-      assert ben.save
-      assert_not_equal old_perishable_token, ben.perishable_token
-    end
-
-    def test_reset_perishable_token
-      ben = users(:ben)
-      old_perishable_token = ben.perishable_token
-
-      assert ben.reset_perishable_token
-      assert_not_equal old_perishable_token, ben.perishable_token
-
-      ben.reload
-      assert_equal old_perishable_token, ben.perishable_token
-
-      assert ben.reset_perishable_token!
-      assert_not_equal old_perishable_token, ben.perishable_token
-
-      ben.reload
-      assert_not_equal old_perishable_token, ben.perishable_token
-    end
-
-    def test_find_using_perishable_token
-      ben = users(:ben)
-      assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
-    end
-
-    def test_find_using_perishable_token_when_perished
-      ben = users(:ben)
-      ActiveRecord::Base.connection.execute(
-        "UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}"
-      )
-      assert_nil User.find_using_perishable_token(ben.perishable_token)
-    end
-
-    def test_find_using_perishable_token_when_perished_2
-      User.perishable_token_valid_for = 1.minute
-      ben = users(:ben)
-      ActiveRecord::Base.connection.execute(
-        "UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}"
-      )
-      assert_nil User.find_using_perishable_token(ben.perishable_token)
-      User.perishable_token_valid_for = 10.minutes
-    end
-
-    def test_find_using_perishable_token_when_passing_threshold
-      User.perishable_token_valid_for = 1.minute
-      ben = users(:ben)
-      ActiveRecord::Base.connection.execute(
-        "UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}"
-      )
-      assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
-      assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
-      User.perishable_token_valid_for = 10.minutes
-    end
-
-    def test_find_perishable_token_with_bang
-      assert_raises ActiveRecord::RecordNotFound do
-        User.find_using_perishable_token!("some_bad_value")
-      end
-    end
-  end
-end

data/test/acts_as_authentic_test/persistence_token_test.rb

@@ -1,62 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class PersistenceTokenTest < ActiveSupport::TestCase
-    def test_after_password_set_reset_persistence_token
-      ben = users(:ben)
-      old_persistence_token = ben.persistence_token
-      ben.password = "newpass"
-      assert_not_equal old_persistence_token, ben.persistence_token
-    end
-
-    def test_after_password_verification_reset_persistence_token
-      aaron = users(:aaron)
-      old_persistence_token = aaron.persistence_token
-
-      assert aaron.valid_password?(password_for(aaron))
-      assert_equal old_persistence_token, aaron.reload.persistence_token
-
-      # only update it if it is nil
-      assert aaron.update_attribute(:persistence_token, nil)
-      assert aaron.valid_password?(password_for(aaron))
-      assert_not_equal old_persistence_token, aaron.persistence_token
-    end
-
-    def test_before_validate_reset_persistence_token
-      u = User.new
-      refute u.valid?
-      assert_not_nil u.persistence_token
-    end
-
-    def test_forget_all
-      UserSession.allow_http_basic_auth = true
-
-      http_basic_auth_for(users(:ben)) { UserSession.find }
-      http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
-      assert UserSession.find
-      assert UserSession.find(:ziggity_zack)
-      User.forget_all
-      refute UserSession.find
-      refute UserSession.find(:ziggity_zack)
-    end
-
-    def test_forget
-      UserSession.allow_http_basic_auth = true
-
-      ben = users(:ben)
-      zack = users(:zack)
-      http_basic_auth_for(ben) { UserSession.find }
-      http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
-
-      assert ben.reload.logged_in?
-      assert zack.reload.logged_in?
-
-      ben.forget!
-
-      refute UserSession.find
-      assert UserSession.find(:ziggity_zack)
-    end
-  end
-end

data/test/acts_as_authentic_test/restful_authentication_test.rb

@@ -1,48 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class RestfulAuthenticationTest < ActiveSupport::TestCase
-    def setup
-      @old_deprecation_behavior = ::ActiveSupport::Deprecation.behavior
-      ::ActiveSupport::Deprecation.behavior = :silence
-    end
-
-    def teardown
-      ::ActiveSupport::Deprecation.behavior = @old_deprecation_behavior
-    end
-
-    def test_act_like_restful_authentication_config
-      refute User.act_like_restful_authentication
-      refute Employee.act_like_restful_authentication
-
-      User.act_like_restful_authentication = true
-      assert User.act_like_restful_authentication
-      assert_equal Authlogic::CryptoProviders::Sha1, User.crypto_provider
-      assert defined?(::REST_AUTH_SITE_KEY)
-      assert_equal "", ::REST_AUTH_SITE_KEY
-      assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
-
-      User.act_like_restful_authentication false
-      refute User.act_like_restful_authentication
-
-      User.crypto_provider = Authlogic::CryptoProviders::Sha512
-      User.transition_from_crypto_providers = []
-    end
-
-    def test_transition_from_restful_authentication_config
-      refute User.transition_from_restful_authentication
-      refute Employee.transition_from_restful_authentication
-
-      User.transition_from_restful_authentication = true
-      assert User.transition_from_restful_authentication
-      assert defined?(::REST_AUTH_SITE_KEY)
-      assert_equal "", ::REST_AUTH_SITE_KEY
-      assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
-
-      User.transition_from_restful_authentication false
-      refute User.transition_from_restful_authentication
-    end
-  end
-end

data/test/acts_as_authentic_test/session_maintenance_test.rb

@@ -1,150 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class SessionMaintenanceTest < ActiveSupport::TestCase
-    def setup
-      User.log_in_after_create = true
-      User.log_in_after_password_change = true
-    end
-
-    def test_log_in_after_create_config
-      assert User.log_in_after_create
-      User.log_in_after_create = false
-      refute User.log_in_after_create
-      User.log_in_after_create = true
-      assert User.log_in_after_create
-    end
-
-    def test_log_in_after_password_change_config
-      assert User.log_in_after_password_change
-      User.log_in_after_password_change = false
-      refute User.log_in_after_password_change
-      User.log_in_after_password_change = true
-      assert User.log_in_after_password_change
-    end
-
-    def test_login_after_create
-      User.log_in_after_create = true
-      user = User.create(
-        login: "awesome",
-        password: "saweeeet",
-        password_confirmation: "saweeeet",
-        email: "awesome@awesome.com"
-      )
-      assert user.persisted?
-      assert UserSession.find
-      logged_in_user = UserSession.find.user
-      assert_equal logged_in_user, user
-    end
-
-    def test_no_login_after_create
-      old_user = User.create(
-        login: "awesome",
-        password: "saweeeet",
-        password_confirmation: "saweeeet",
-        email: "awesome@awesome.com"
-      )
-      User.log_in_after_create = false
-      user2 = User.create(
-        login: "awesome2",
-        password: "saweeeet2",
-        password_confirmation: "saweeeet2",
-        email: "awesome2@awesome.com"
-      )
-      assert user2.persisted?
-      logged_in_user = UserSession.find.user
-      assert_not_equal logged_in_user, user2
-      assert_equal logged_in_user, old_user
-    end
-
-    def test_updating_session_with_failed_magic_state
-      ben = users(:ben)
-      ben.confirmed = false
-      ben.password = "newpasswd"
-      ben.password_confirmation = "newpasswd"
-      assert ben.save
-    end
-
-    def test_update_session_after_password_modify
-      User.log_in_after_password_change = true
-      ben = users(:ben)
-      UserSession.create(ben)
-      old_session_key = controller.session["user_credentials"]
-      old_cookie_key = controller.cookies["user_credentials"]
-      ben.password = "newpasswd"
-      ben.password_confirmation = "newpasswd"
-      assert ben.save
-      assert controller.session["user_credentials"]
-      assert controller.cookies["user_credentials"]
-      assert_not_equal controller.session["user_credentials"], old_session_key
-      assert_not_equal controller.cookies["user_credentials"], old_cookie_key
-    end
-
-    def test_no_update_session_after_password_modify
-      User.log_in_after_password_change = false
-      ben = users(:ben)
-      UserSession.create(ben)
-      old_session_key = controller.session["user_credentials"]
-      old_cookie_key = controller.cookies["user_credentials"]
-      ben.password = "newpasswd"
-      ben.password_confirmation = "newpasswd"
-      assert ben.save
-      assert controller.session["user_credentials"]
-      assert controller.cookies["user_credentials"]
-      assert_equal controller.session["user_credentials"], old_session_key
-      assert_equal controller.cookies["user_credentials"], old_cookie_key
-    end
-
-    def test_no_session_update_after_modify
-      ben = users(:ben)
-      UserSession.create(ben)
-      old_session_key = controller.session["user_credentials"]
-      old_cookie_key = controller.cookies["user_credentials"]
-      ben.first_name = "Ben"
-      assert ben.save
-      assert_equal controller.session["user_credentials"], old_session_key
-      assert_equal controller.cookies["user_credentials"], old_cookie_key
-    end
-
-    def test_creating_other_user
-      ben = users(:ben)
-      UserSession.create(ben)
-      old_session_key = controller.session["user_credentials"]
-      old_cookie_key = controller.cookies["user_credentials"]
-      user = User.create(
-        login: "awesome",
-        password: "saweet", # Password is too short, user invalid
-        password_confirmation: "saweet",
-        email: "awesome@saweet.com"
-      )
-      refute user.persisted?
-      assert_equal controller.session["user_credentials"], old_session_key
-      assert_equal controller.cookies["user_credentials"], old_cookie_key
-    end
-
-    def test_updating_other_user
-      ben = users(:ben)
-      UserSession.create(ben)
-      old_session_key = controller.session["user_credentials"]
-      old_cookie_key = controller.cookies["user_credentials"]
-      zack = users(:zack)
-      zack.password = "newpasswd"
-      zack.password_confirmation = "newpasswd"
-      assert zack.save
-      assert_equal controller.session["user_credentials"], old_session_key
-      assert_equal controller.cookies["user_credentials"], old_cookie_key
-    end
-
-    def test_resetting_password_when_logged_out
-      ben = users(:ben)
-      refute UserSession.find
-      ben.password = "newpasswd"
-      ben.password_confirmation = "newpasswd"
-      assert ben.save
-      assert UserSession.find
-      assert_equal ben, UserSession.find.record
-    end
-  end
-end

data/test/acts_as_authentic_test/single_access_test.rb

@@ -1,46 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module ActsAsAuthenticTest
-  class SingleAccessTest < ActiveSupport::TestCase
-    def test_change_single_access_token_with_password_config
-      refute User.change_single_access_token_with_password
-      refute Employee.change_single_access_token_with_password
-
-      User.change_single_access_token_with_password = true
-      assert User.change_single_access_token_with_password
-      User.change_single_access_token_with_password false
-      refute User.change_single_access_token_with_password
-    end
-
-    def test_validates_uniqueness_of_single_access_token
-      u = User.new
-      u.single_access_token = users(:ben).single_access_token
-      refute u.valid?
-      refute u.errors[:single_access_token].empty?
-    end
-
-    def test_before_validation_reset_single_access_token
-      u = User.new
-      refute u.valid?
-      assert_not_nil u.single_access_token
-    end
-
-    def test_after_password_set_reset_single_access_token
-      User.change_single_access_token_with_password = true
-
-      ben = users(:ben)
-      old_single_access_token = ben.single_access_token
-      ben.password = "new_pass"
-      assert_not_equal old_single_access_token, ben.single_access_token
-
-      User.change_single_access_token_with_password = false
-    end
-
-    def test_after_password_set_is_not_called
-      ldaper = Ldaper.new
-      assert ldaper.save
-    end
-  end
-end

data/test/adapter_test.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-require "test_helper"
-
-module Authlogic
-  module ControllerAdapters
-    class AbstractAdapterTest < ActiveSupport::TestCase
-      def test_controller
-        controller = Class.new(MockController) do
-          def controller.an_arbitrary_method
-            "bar"
-          end
-        end.new
-        adapter = Authlogic::ControllerAdapters::AbstractAdapter.new(controller)
-
-        assert_equal controller, adapter.controller
-        assert controller.params.equal?(adapter.params)
-        assert adapter.respond_to?(:an_arbitrary_method)
-        assert_equal "bar", adapter.an_arbitrary_method
-      end
-    end
-  end
-end