authlogic 4.5.0 → 6.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (153) hide show
  1. checksums.yaml +4 -4
  2. data/lib/authlogic/acts_as_authentic/base.rb +19 -19
  3. data/lib/authlogic/acts_as_authentic/email.rb +3 -170
  4. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +3 -1
  5. data/lib/authlogic/acts_as_authentic/login.rb +7 -174
  6. data/lib/authlogic/acts_as_authentic/magic_columns.rb +7 -4
  7. data/lib/authlogic/acts_as_authentic/password.rb +67 -256
  8. data/lib/authlogic/acts_as_authentic/perishable_token.rb +8 -5
  9. data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -4
  10. data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
  11. data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +36 -20
  12. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +12 -8
  13. data/lib/authlogic/acts_as_authentic/single_access_token.rb +10 -8
  14. data/lib/authlogic/config.rb +9 -1
  15. data/lib/authlogic/controller_adapters/abstract_adapter.rb +28 -4
  16. data/lib/authlogic/controller_adapters/rack_adapter.rb +2 -0
  17. data/lib/authlogic/controller_adapters/rails_adapter.rb +7 -30
  18. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +6 -0
  19. data/lib/authlogic/cookie_credentials.rb +63 -0
  20. data/lib/authlogic/crypto_providers/bcrypt.rb +3 -3
  21. data/lib/authlogic/crypto_providers/md5/v2.rb +35 -0
  22. data/lib/authlogic/crypto_providers/md5.rb +6 -6
  23. data/lib/authlogic/crypto_providers/scrypt.rb +2 -0
  24. data/lib/authlogic/crypto_providers/sha1/v2.rb +41 -0
  25. data/lib/authlogic/crypto_providers/sha1.rb +7 -6
  26. data/lib/authlogic/crypto_providers/sha256/v2.rb +58 -0
  27. data/lib/authlogic/crypto_providers/sha256.rb +5 -0
  28. data/lib/authlogic/crypto_providers/sha512/v2.rb +39 -0
  29. data/lib/authlogic/crypto_providers/sha512.rb +9 -5
  30. data/lib/authlogic/crypto_providers.rb +5 -20
  31. data/lib/authlogic/errors.rb +50 -0
  32. data/lib/authlogic/i18n/translator.rb +4 -1
  33. data/lib/authlogic/i18n.rb +3 -1
  34. data/lib/authlogic/random.rb +2 -0
  35. data/lib/authlogic/session/base.rb +2197 -39
  36. data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
  37. data/lib/authlogic/test_case/mock_api_controller.rb +52 -0
  38. data/lib/authlogic/test_case/mock_controller.rb +3 -1
  39. data/lib/authlogic/test_case/mock_cookie_jar.rb +32 -6
  40. data/lib/authlogic/test_case/mock_logger.rb +2 -0
  41. data/lib/authlogic/test_case/mock_request.rb +12 -0
  42. data/lib/authlogic/test_case/rails_request_adapter.rb +9 -1
  43. data/lib/authlogic/test_case.rb +5 -0
  44. data/lib/authlogic/version.rb +2 -1
  45. data/lib/authlogic.rb +5 -28
  46. metadata +175 -200
  47. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -28
  48. data/.github/ISSUE_TEMPLATE/feature_proposal.md +0 -32
  49. data/.github/triage.md +0 -86
  50. data/.gitignore +0 -15
  51. data/.rubocop.yml +0 -133
  52. data/.rubocop_todo.yml +0 -74
  53. data/.travis.yml +0 -24
  54. data/CHANGELOG.md +0 -348
  55. data/CONTRIBUTING.md +0 -91
  56. data/Gemfile +0 -6
  57. data/LICENSE +0 -20
  58. data/README.md +0 -448
  59. data/Rakefile +0 -21
  60. data/UPGRADING.md +0 -22
  61. data/authlogic.gemspec +0 -40
  62. data/doc/use_normal_rails_validation.md +0 -82
  63. data/gemfiles/Gemfile.rails-4.2.x +0 -6
  64. data/gemfiles/Gemfile.rails-5.1.x +0 -6
  65. data/gemfiles/Gemfile.rails-5.2.x +0 -6
  66. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -106
  67. data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -35
  68. data/lib/authlogic/authenticates_many/association.rb +0 -50
  69. data/lib/authlogic/authenticates_many/base.rb +0 -81
  70. data/lib/authlogic/crypto_providers/aes256.rb +0 -71
  71. data/lib/authlogic/crypto_providers/wordpress.rb +0 -72
  72. data/lib/authlogic/regex.rb +0 -79
  73. data/lib/authlogic/session/activation.rb +0 -73
  74. data/lib/authlogic/session/active_record_trickery.rb +0 -65
  75. data/lib/authlogic/session/brute_force_protection.rb +0 -127
  76. data/lib/authlogic/session/callbacks.rb +0 -153
  77. data/lib/authlogic/session/cookies.rb +0 -329
  78. data/lib/authlogic/session/existence.rb +0 -103
  79. data/lib/authlogic/session/foundation.rb +0 -105
  80. data/lib/authlogic/session/http_auth.rb +0 -107
  81. data/lib/authlogic/session/id.rb +0 -53
  82. data/lib/authlogic/session/klass.rb +0 -73
  83. data/lib/authlogic/session/magic_columns.rb +0 -119
  84. data/lib/authlogic/session/magic_states.rb +0 -82
  85. data/lib/authlogic/session/params.rb +0 -130
  86. data/lib/authlogic/session/password.rb +0 -318
  87. data/lib/authlogic/session/perishable_token.rb +0 -24
  88. data/lib/authlogic/session/persistence.rb +0 -77
  89. data/lib/authlogic/session/priority_record.rb +0 -38
  90. data/lib/authlogic/session/scopes.rb +0 -138
  91. data/lib/authlogic/session/session.rb +0 -77
  92. data/lib/authlogic/session/timeout.rb +0 -103
  93. data/lib/authlogic/session/unauthorized_record.rb +0 -56
  94. data/lib/authlogic/session/validation.rb +0 -93
  95. data/test/acts_as_authentic_test/base_test.rb +0 -27
  96. data/test/acts_as_authentic_test/email_test.rb +0 -241
  97. data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -64
  98. data/test/acts_as_authentic_test/login_test.rb +0 -153
  99. data/test/acts_as_authentic_test/magic_columns_test.rb +0 -29
  100. data/test/acts_as_authentic_test/password_test.rb +0 -263
  101. data/test/acts_as_authentic_test/perishable_token_test.rb +0 -98
  102. data/test/acts_as_authentic_test/persistence_token_test.rb +0 -62
  103. data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -48
  104. data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -150
  105. data/test/acts_as_authentic_test/single_access_test.rb +0 -46
  106. data/test/adapter_test.rb +0 -23
  107. data/test/authenticates_many_test.rb +0 -33
  108. data/test/config_test.rb +0 -38
  109. data/test/crypto_provider_test/aes256_test.rb +0 -16
  110. data/test/crypto_provider_test/bcrypt_test.rb +0 -16
  111. data/test/crypto_provider_test/scrypt_test.rb +0 -16
  112. data/test/crypto_provider_test/sha1_test.rb +0 -25
  113. data/test/crypto_provider_test/sha256_test.rb +0 -16
  114. data/test/crypto_provider_test/sha512_test.rb +0 -16
  115. data/test/crypto_provider_test/wordpress_test.rb +0 -26
  116. data/test/fixtures/companies.yml +0 -5
  117. data/test/fixtures/employees.yml +0 -17
  118. data/test/fixtures/projects.yml +0 -3
  119. data/test/fixtures/users.yml +0 -41
  120. data/test/i18n/lol.yml +0 -4
  121. data/test/i18n_test.rb +0 -35
  122. data/test/libs/affiliate.rb +0 -9
  123. data/test/libs/company.rb +0 -8
  124. data/test/libs/employee.rb +0 -9
  125. data/test/libs/employee_session.rb +0 -4
  126. data/test/libs/ldaper.rb +0 -5
  127. data/test/libs/project.rb +0 -5
  128. data/test/libs/user.rb +0 -9
  129. data/test/libs/user_session.rb +0 -27
  130. data/test/random_test.rb +0 -15
  131. data/test/session_test/activation_test.rb +0 -45
  132. data/test/session_test/active_record_trickery_test.rb +0 -78
  133. data/test/session_test/brute_force_protection_test.rb +0 -110
  134. data/test/session_test/callbacks_test.rb +0 -42
  135. data/test/session_test/cookies_test.rb +0 -244
  136. data/test/session_test/credentials_test.rb +0 -0
  137. data/test/session_test/existence_test.rb +0 -88
  138. data/test/session_test/foundation_test.rb +0 -24
  139. data/test/session_test/http_auth_test.rb +0 -60
  140. data/test/session_test/id_test.rb +0 -19
  141. data/test/session_test/klass_test.rb +0 -42
  142. data/test/session_test/magic_columns_test.rb +0 -62
  143. data/test/session_test/magic_states_test.rb +0 -60
  144. data/test/session_test/params_test.rb +0 -61
  145. data/test/session_test/password_test.rb +0 -107
  146. data/test/session_test/perishability_test.rb +0 -17
  147. data/test/session_test/persistence_test.rb +0 -35
  148. data/test/session_test/scopes_test.rb +0 -68
  149. data/test/session_test/session_test.rb +0 -80
  150. data/test/session_test/timeout_test.rb +0 -84
  151. data/test/session_test/unauthorized_record_test.rb +0 -15
  152. data/test/session_test/validation_test.rb +0 -25
  153. data/test/test_helper.rb +0 -272
@@ -1,263 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class PasswordTest < ActiveSupport::TestCase
7
- # If test_human_name is executed after test_i18n_of_human_name the test will fail.
8
- i_suck_and_my_tests_are_order_dependent!
9
-
10
- def test_crypted_password_field_config
11
- assert_equal :crypted_password, User.crypted_password_field
12
- assert_equal :crypted_password, Employee.crypted_password_field
13
-
14
- User.crypted_password_field = :nope
15
- assert_equal :nope, User.crypted_password_field
16
- User.crypted_password_field :crypted_password
17
- assert_equal :crypted_password, User.crypted_password_field
18
- end
19
-
20
- def test_password_salt_field_config
21
- assert_equal :password_salt, User.password_salt_field
22
- assert_equal :password_salt, Employee.password_salt_field
23
-
24
- User.password_salt_field = :nope
25
- assert_equal :nope, User.password_salt_field
26
- User.password_salt_field :password_salt
27
- assert_equal :password_salt, User.password_salt_field
28
- end
29
-
30
- def test_ignore_blank_passwords_config
31
- assert User.ignore_blank_passwords
32
- assert Employee.ignore_blank_passwords
33
-
34
- User.ignore_blank_passwords = false
35
- refute User.ignore_blank_passwords
36
- User.ignore_blank_passwords true
37
- assert User.ignore_blank_passwords
38
- end
39
-
40
- def test_check_passwords_against_database
41
- assert User.check_passwords_against_database
42
- User.check_passwords_against_database = false
43
- refute User.check_passwords_against_database
44
- User.check_passwords_against_database true
45
- assert User.check_passwords_against_database
46
- end
47
-
48
- def test_validate_password_field_config
49
- assert User.validate_password_field
50
- assert Employee.validate_password_field
51
-
52
- User.validate_password_field = false
53
- refute User.validate_password_field
54
- User.validate_password_field true
55
- assert User.validate_password_field
56
- end
57
-
58
- def test_validates_length_of_password_field_options_config
59
- default = { minimum: 8, if: :require_password? }
60
- assert_equal default, User.validates_length_of_password_field_options
61
- assert_equal default, Employee.validates_length_of_password_field_options
62
-
63
- User.validates_length_of_password_field_options = { yes: "no" }
64
- assert_equal({ yes: "no" }, User.validates_length_of_password_field_options)
65
- User.validates_length_of_password_field_options default
66
- assert_equal default, User.validates_length_of_password_field_options
67
- end
68
-
69
- def test_validates_confirmation_of_password_field_options_config
70
- default = { if: :require_password? }
71
- assert_equal default, User.validates_confirmation_of_password_field_options
72
- assert_equal default, Employee.validates_confirmation_of_password_field_options
73
-
74
- User.validates_confirmation_of_password_field_options = { yes: "no" }
75
- assert_equal({ yes: "no" }, User.validates_confirmation_of_password_field_options)
76
- User.validates_confirmation_of_password_field_options default
77
- assert_equal default, User.validates_confirmation_of_password_field_options
78
- end
79
-
80
- def test_validates_length_of_password_confirmation_field_options_config
81
- default = { minimum: 8, if: :require_password? }
82
- assert_equal default, User.validates_length_of_password_confirmation_field_options
83
- assert_equal default, Employee.validates_length_of_password_confirmation_field_options
84
-
85
- User.validates_length_of_password_confirmation_field_options = { yes: "no" }
86
- assert_equal({ yes: "no" }, User.validates_length_of_password_confirmation_field_options)
87
- User.validates_length_of_password_confirmation_field_options default
88
- assert_equal default, User.validates_length_of_password_confirmation_field_options
89
- end
90
-
91
- def test_crypto_provider_config
92
- assert_equal Authlogic::CryptoProviders::SCrypt, User.crypto_provider
93
- assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
94
-
95
- User.crypto_provider = Authlogic::CryptoProviders::BCrypt
96
- assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
97
- User.crypto_provider Authlogic::CryptoProviders::Sha512
98
- assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
99
- end
100
-
101
- def test_transition_from_crypto_providers_config
102
- assert_equal [Authlogic::CryptoProviders::Sha512], User.transition_from_crypto_providers
103
- assert_equal [], Employee.transition_from_crypto_providers
104
-
105
- User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
106
- assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
107
- User.transition_from_crypto_providers []
108
- assert_equal [], User.transition_from_crypto_providers
109
- end
110
-
111
- def test_validates_length_of_password
112
- u = User.new(
113
- login: "abcde",
114
- email: "abcde@test.com",
115
- password: "abcdefgh",
116
- password_confirmation: "abcdefgh"
117
- )
118
- assert u.valid?
119
-
120
- u.password = u.password_confirmation = "abcdef"
121
- refute u.valid?
122
-
123
- assert u.errors[:password].include?("is too short (minimum is 8 characters)")
124
- assert u.errors[:password_confirmation].include?("is too short (minimum is 8 characters)")
125
- end
126
-
127
- def test_validates_confirmation_of_password
128
- u = User.new(
129
- login: "abcde",
130
- email: "abcde@test.com",
131
- password: "abcdefgh",
132
- password_confirmation: "abcdefgh"
133
- )
134
- assert u.valid?
135
-
136
- u.password_confirmation = "abcdefghij"
137
- refute u.valid?
138
-
139
- assert u.errors[:password_confirmation].include?("doesn't match Password")
140
- end
141
-
142
- def test_validates_length_of_password_confirmation
143
- u = User.new
144
-
145
- u.password = "testpass"
146
- u.password_confirmation = ""
147
- refute u.valid?
148
- refute u.errors[:password_confirmation].empty?
149
-
150
- u.password_confirmation = "testpass"
151
- refute u.valid?
152
- assert u.errors[:password_confirmation].empty?
153
-
154
- ben = users(:ben)
155
- assert ben.valid?
156
-
157
- ben.password = "newpasswd"
158
- refute ben.valid?
159
- refute ben.errors[:password_confirmation].empty?
160
-
161
- ben.password_confirmation = "newpasswd"
162
- assert ben.valid?
163
- end
164
-
165
- def test_password
166
- u = User.new
167
- old_password_salt = u.password_salt
168
- old_crypted_password = u.crypted_password
169
- u.password = "test"
170
- assert_not_equal old_password_salt, u.password_salt
171
- assert_not_equal old_crypted_password, u.crypted_password
172
- end
173
-
174
- def test_transitioning_password
175
- ben = users(:ben)
176
-
177
- transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
178
- transition_password_to(
179
- Authlogic::CryptoProviders::Sha1,
180
- ben,
181
- [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt]
182
- )
183
- transition_password_to(
184
- Authlogic::CryptoProviders::Sha512,
185
- ben,
186
- [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt]
187
- )
188
- end
189
-
190
- def test_checks_password_against_database
191
- ben = users(:aaron)
192
- ben.password = "new pass"
193
- refute ben.valid_password?("new pass")
194
- assert ben.valid_password?("aaronrocks")
195
- end
196
-
197
- def test_checks_password_against_database_and_always_fails_on_new_records
198
- user = User.new
199
- user.password = "new pass"
200
- refute user.valid_password?("new pass")
201
- end
202
-
203
- def test_checks_password_against_object
204
- ben = users(:ben)
205
- ben.password = "new pass"
206
- assert ben.valid_password?("new pass", false)
207
- refute ben.valid_password?("benrocks", false)
208
- end
209
-
210
- def test_reset_password
211
- ben = users(:ben)
212
- old_crypted_password = ben.crypted_password
213
- old_password_salt = ben.password_salt
214
-
215
- # soft reset
216
- ben.reset_password
217
- assert_not_equal old_crypted_password, ben.crypted_password
218
- assert_not_equal old_password_salt, ben.password_salt
219
-
220
- # make sure it didn't go into the db
221
- ben.reload
222
- assert_equal old_crypted_password, ben.crypted_password
223
- assert_equal old_password_salt, ben.password_salt
224
-
225
- # hard reset
226
- assert ben.reset_password!
227
- assert_not_equal old_crypted_password, ben.crypted_password
228
- assert_not_equal old_password_salt, ben.password_salt
229
-
230
- # make sure it did go into the db
231
- ben.reload
232
- assert_not_equal old_crypted_password, ben.crypted_password
233
- assert_not_equal old_password_salt, ben.password_salt
234
- end
235
-
236
- private
237
-
238
- def transition_password_to(
239
- crypto_provider,
240
- records,
241
- from_crypto_providers = Authlogic::CryptoProviders::Sha512
242
- )
243
- records = [records] unless records.is_a?(Array)
244
- User.acts_as_authentic do |c|
245
- c.crypto_provider = crypto_provider
246
- c.transition_from_crypto_providers = from_crypto_providers
247
- end
248
- records.each do |record|
249
- old_hash = record.crypted_password
250
- old_persistence_token = record.persistence_token
251
- assert record.valid_password?(password_for(record))
252
- assert_not_equal old_hash.to_s, record.crypted_password.to_s
253
- assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
254
-
255
- old_hash = record.crypted_password
256
- old_persistence_token = record.persistence_token
257
- assert record.valid_password?(password_for(record))
258
- assert_equal old_hash.to_s, record.crypted_password.to_s
259
- assert_equal old_persistence_token.to_s, record.persistence_token.to_s
260
- end
261
- end
262
- end
263
- end
@@ -1,98 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class PerishableTokenTest < ActiveSupport::TestCase
7
- def test_perishable_token_valid_for_config
8
- assert_equal 10.minutes.to_i, User.perishable_token_valid_for
9
- assert_equal 10.minutes.to_i, Employee.perishable_token_valid_for
10
-
11
- User.perishable_token_valid_for = 1.hour
12
- assert_equal 1.hour.to_i, User.perishable_token_valid_for
13
- User.perishable_token_valid_for 10.minutes
14
- assert_equal 10.minutes.to_i, User.perishable_token_valid_for
15
- end
16
-
17
- def test_disable_perishable_token_maintenance_config
18
- refute User.disable_perishable_token_maintenance
19
- refute Employee.disable_perishable_token_maintenance
20
-
21
- User.disable_perishable_token_maintenance = true
22
- assert User.disable_perishable_token_maintenance
23
- User.disable_perishable_token_maintenance false
24
- refute User.disable_perishable_token_maintenance
25
- end
26
-
27
- def test_validates_uniqueness_of_perishable_token
28
- u = User.new
29
- u.perishable_token = users(:ben).perishable_token
30
- refute u.valid?
31
- refute u.errors[:perishable_token].empty?
32
- end
33
-
34
- def test_before_save_reset_perishable_token
35
- ben = users(:ben)
36
- old_perishable_token = ben.perishable_token
37
- assert ben.save
38
- assert_not_equal old_perishable_token, ben.perishable_token
39
- end
40
-
41
- def test_reset_perishable_token
42
- ben = users(:ben)
43
- old_perishable_token = ben.perishable_token
44
-
45
- assert ben.reset_perishable_token
46
- assert_not_equal old_perishable_token, ben.perishable_token
47
-
48
- ben.reload
49
- assert_equal old_perishable_token, ben.perishable_token
50
-
51
- assert ben.reset_perishable_token!
52
- assert_not_equal old_perishable_token, ben.perishable_token
53
-
54
- ben.reload
55
- assert_not_equal old_perishable_token, ben.perishable_token
56
- end
57
-
58
- def test_find_using_perishable_token
59
- ben = users(:ben)
60
- assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
61
- end
62
-
63
- def test_find_using_perishable_token_when_perished
64
- ben = users(:ben)
65
- ActiveRecord::Base.connection.execute(
66
- "UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}"
67
- )
68
- assert_nil User.find_using_perishable_token(ben.perishable_token)
69
- end
70
-
71
- def test_find_using_perishable_token_when_perished_2
72
- User.perishable_token_valid_for = 1.minute
73
- ben = users(:ben)
74
- ActiveRecord::Base.connection.execute(
75
- "UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}"
76
- )
77
- assert_nil User.find_using_perishable_token(ben.perishable_token)
78
- User.perishable_token_valid_for = 10.minutes
79
- end
80
-
81
- def test_find_using_perishable_token_when_passing_threshold
82
- User.perishable_token_valid_for = 1.minute
83
- ben = users(:ben)
84
- ActiveRecord::Base.connection.execute(
85
- "UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}"
86
- )
87
- assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
88
- assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
89
- User.perishable_token_valid_for = 10.minutes
90
- end
91
-
92
- def test_find_perishable_token_with_bang
93
- assert_raises ActiveRecord::RecordNotFound do
94
- User.find_using_perishable_token!("some_bad_value")
95
- end
96
- end
97
- end
98
- end
@@ -1,62 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class PersistenceTokenTest < ActiveSupport::TestCase
7
- def test_after_password_set_reset_persistence_token
8
- ben = users(:ben)
9
- old_persistence_token = ben.persistence_token
10
- ben.password = "newpass"
11
- assert_not_equal old_persistence_token, ben.persistence_token
12
- end
13
-
14
- def test_after_password_verification_reset_persistence_token
15
- aaron = users(:aaron)
16
- old_persistence_token = aaron.persistence_token
17
-
18
- assert aaron.valid_password?(password_for(aaron))
19
- assert_equal old_persistence_token, aaron.reload.persistence_token
20
-
21
- # only update it if it is nil
22
- assert aaron.update_attribute(:persistence_token, nil)
23
- assert aaron.valid_password?(password_for(aaron))
24
- assert_not_equal old_persistence_token, aaron.persistence_token
25
- end
26
-
27
- def test_before_validate_reset_persistence_token
28
- u = User.new
29
- refute u.valid?
30
- assert_not_nil u.persistence_token
31
- end
32
-
33
- def test_forget_all
34
- UserSession.allow_http_basic_auth = true
35
-
36
- http_basic_auth_for(users(:ben)) { UserSession.find }
37
- http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
38
- assert UserSession.find
39
- assert UserSession.find(:ziggity_zack)
40
- User.forget_all
41
- refute UserSession.find
42
- refute UserSession.find(:ziggity_zack)
43
- end
44
-
45
- def test_forget
46
- UserSession.allow_http_basic_auth = true
47
-
48
- ben = users(:ben)
49
- zack = users(:zack)
50
- http_basic_auth_for(ben) { UserSession.find }
51
- http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
52
-
53
- assert ben.reload.logged_in?
54
- assert zack.reload.logged_in?
55
-
56
- ben.forget!
57
-
58
- refute UserSession.find
59
- assert UserSession.find(:ziggity_zack)
60
- end
61
- end
62
- end
@@ -1,48 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class RestfulAuthenticationTest < ActiveSupport::TestCase
7
- def setup
8
- @old_deprecation_behavior = ::ActiveSupport::Deprecation.behavior
9
- ::ActiveSupport::Deprecation.behavior = :silence
10
- end
11
-
12
- def teardown
13
- ::ActiveSupport::Deprecation.behavior = @old_deprecation_behavior
14
- end
15
-
16
- def test_act_like_restful_authentication_config
17
- refute User.act_like_restful_authentication
18
- refute Employee.act_like_restful_authentication
19
-
20
- User.act_like_restful_authentication = true
21
- assert User.act_like_restful_authentication
22
- assert_equal Authlogic::CryptoProviders::Sha1, User.crypto_provider
23
- assert defined?(::REST_AUTH_SITE_KEY)
24
- assert_equal "", ::REST_AUTH_SITE_KEY
25
- assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
26
-
27
- User.act_like_restful_authentication false
28
- refute User.act_like_restful_authentication
29
-
30
- User.crypto_provider = Authlogic::CryptoProviders::Sha512
31
- User.transition_from_crypto_providers = []
32
- end
33
-
34
- def test_transition_from_restful_authentication_config
35
- refute User.transition_from_restful_authentication
36
- refute Employee.transition_from_restful_authentication
37
-
38
- User.transition_from_restful_authentication = true
39
- assert User.transition_from_restful_authentication
40
- assert defined?(::REST_AUTH_SITE_KEY)
41
- assert_equal "", ::REST_AUTH_SITE_KEY
42
- assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
43
-
44
- User.transition_from_restful_authentication false
45
- refute User.transition_from_restful_authentication
46
- end
47
- end
48
- end
@@ -1,150 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class SessionMaintenanceTest < ActiveSupport::TestCase
7
- def setup
8
- User.log_in_after_create = true
9
- User.log_in_after_password_change = true
10
- end
11
-
12
- def test_log_in_after_create_config
13
- assert User.log_in_after_create
14
- User.log_in_after_create = false
15
- refute User.log_in_after_create
16
- User.log_in_after_create = true
17
- assert User.log_in_after_create
18
- end
19
-
20
- def test_log_in_after_password_change_config
21
- assert User.log_in_after_password_change
22
- User.log_in_after_password_change = false
23
- refute User.log_in_after_password_change
24
- User.log_in_after_password_change = true
25
- assert User.log_in_after_password_change
26
- end
27
-
28
- def test_login_after_create
29
- User.log_in_after_create = true
30
- user = User.create(
31
- login: "awesome",
32
- password: "saweeeet",
33
- password_confirmation: "saweeeet",
34
- email: "awesome@awesome.com"
35
- )
36
- assert user.persisted?
37
- assert UserSession.find
38
- logged_in_user = UserSession.find.user
39
- assert_equal logged_in_user, user
40
- end
41
-
42
- def test_no_login_after_create
43
- old_user = User.create(
44
- login: "awesome",
45
- password: "saweeeet",
46
- password_confirmation: "saweeeet",
47
- email: "awesome@awesome.com"
48
- )
49
- User.log_in_after_create = false
50
- user2 = User.create(
51
- login: "awesome2",
52
- password: "saweeeet2",
53
- password_confirmation: "saweeeet2",
54
- email: "awesome2@awesome.com"
55
- )
56
- assert user2.persisted?
57
- logged_in_user = UserSession.find.user
58
- assert_not_equal logged_in_user, user2
59
- assert_equal logged_in_user, old_user
60
- end
61
-
62
- def test_updating_session_with_failed_magic_state
63
- ben = users(:ben)
64
- ben.confirmed = false
65
- ben.password = "newpasswd"
66
- ben.password_confirmation = "newpasswd"
67
- assert ben.save
68
- end
69
-
70
- def test_update_session_after_password_modify
71
- User.log_in_after_password_change = true
72
- ben = users(:ben)
73
- UserSession.create(ben)
74
- old_session_key = controller.session["user_credentials"]
75
- old_cookie_key = controller.cookies["user_credentials"]
76
- ben.password = "newpasswd"
77
- ben.password_confirmation = "newpasswd"
78
- assert ben.save
79
- assert controller.session["user_credentials"]
80
- assert controller.cookies["user_credentials"]
81
- assert_not_equal controller.session["user_credentials"], old_session_key
82
- assert_not_equal controller.cookies["user_credentials"], old_cookie_key
83
- end
84
-
85
- def test_no_update_session_after_password_modify
86
- User.log_in_after_password_change = false
87
- ben = users(:ben)
88
- UserSession.create(ben)
89
- old_session_key = controller.session["user_credentials"]
90
- old_cookie_key = controller.cookies["user_credentials"]
91
- ben.password = "newpasswd"
92
- ben.password_confirmation = "newpasswd"
93
- assert ben.save
94
- assert controller.session["user_credentials"]
95
- assert controller.cookies["user_credentials"]
96
- assert_equal controller.session["user_credentials"], old_session_key
97
- assert_equal controller.cookies["user_credentials"], old_cookie_key
98
- end
99
-
100
- def test_no_session_update_after_modify
101
- ben = users(:ben)
102
- UserSession.create(ben)
103
- old_session_key = controller.session["user_credentials"]
104
- old_cookie_key = controller.cookies["user_credentials"]
105
- ben.first_name = "Ben"
106
- assert ben.save
107
- assert_equal controller.session["user_credentials"], old_session_key
108
- assert_equal controller.cookies["user_credentials"], old_cookie_key
109
- end
110
-
111
- def test_creating_other_user
112
- ben = users(:ben)
113
- UserSession.create(ben)
114
- old_session_key = controller.session["user_credentials"]
115
- old_cookie_key = controller.cookies["user_credentials"]
116
- user = User.create(
117
- login: "awesome",
118
- password: "saweet", # Password is too short, user invalid
119
- password_confirmation: "saweet",
120
- email: "awesome@saweet.com"
121
- )
122
- refute user.persisted?
123
- assert_equal controller.session["user_credentials"], old_session_key
124
- assert_equal controller.cookies["user_credentials"], old_cookie_key
125
- end
126
-
127
- def test_updating_other_user
128
- ben = users(:ben)
129
- UserSession.create(ben)
130
- old_session_key = controller.session["user_credentials"]
131
- old_cookie_key = controller.cookies["user_credentials"]
132
- zack = users(:zack)
133
- zack.password = "newpasswd"
134
- zack.password_confirmation = "newpasswd"
135
- assert zack.save
136
- assert_equal controller.session["user_credentials"], old_session_key
137
- assert_equal controller.cookies["user_credentials"], old_cookie_key
138
- end
139
-
140
- def test_resetting_password_when_logged_out
141
- ben = users(:ben)
142
- refute UserSession.find
143
- ben.password = "newpasswd"
144
- ben.password_confirmation = "newpasswd"
145
- assert ben.save
146
- assert UserSession.find
147
- assert_equal ben, UserSession.find.record
148
- end
149
- end
150
- end
@@ -1,46 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module ActsAsAuthenticTest
6
- class SingleAccessTest < ActiveSupport::TestCase
7
- def test_change_single_access_token_with_password_config
8
- refute User.change_single_access_token_with_password
9
- refute Employee.change_single_access_token_with_password
10
-
11
- User.change_single_access_token_with_password = true
12
- assert User.change_single_access_token_with_password
13
- User.change_single_access_token_with_password false
14
- refute User.change_single_access_token_with_password
15
- end
16
-
17
- def test_validates_uniqueness_of_single_access_token
18
- u = User.new
19
- u.single_access_token = users(:ben).single_access_token
20
- refute u.valid?
21
- refute u.errors[:single_access_token].empty?
22
- end
23
-
24
- def test_before_validation_reset_single_access_token
25
- u = User.new
26
- refute u.valid?
27
- assert_not_nil u.single_access_token
28
- end
29
-
30
- def test_after_password_set_reset_single_access_token
31
- User.change_single_access_token_with_password = true
32
-
33
- ben = users(:ben)
34
- old_single_access_token = ben.single_access_token
35
- ben.password = "new_pass"
36
- assert_not_equal old_single_access_token, ben.single_access_token
37
-
38
- User.change_single_access_token_with_password = false
39
- end
40
-
41
- def test_after_password_set_is_not_called
42
- ldaper = Ldaper.new
43
- assert ldaper.save
44
- end
45
- end
46
- end
data/test/adapter_test.rb DELETED
@@ -1,23 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "test_helper"
4
-
5
- module Authlogic
6
- module ControllerAdapters
7
- class AbstractAdapterTest < ActiveSupport::TestCase
8
- def test_controller
9
- controller = Class.new(MockController) do
10
- def controller.an_arbitrary_method
11
- "bar"
12
- end
13
- end.new
14
- adapter = Authlogic::ControllerAdapters::AbstractAdapter.new(controller)
15
-
16
- assert_equal controller, adapter.controller
17
- assert controller.params.equal?(adapter.params)
18
- assert adapter.respond_to?(:an_arbitrary_method)
19
- assert_equal "bar", adapter.an_arbitrary_method
20
- end
21
- end
22
- end
23
- end