authlogic 4.5.0 → 6.4.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (153) hide show
  1. checksums.yaml +4 -4
  2. data/lib/authlogic/acts_as_authentic/base.rb +19 -19
  3. data/lib/authlogic/acts_as_authentic/email.rb +3 -170
  4. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +3 -1
  5. data/lib/authlogic/acts_as_authentic/login.rb +7 -174
  6. data/lib/authlogic/acts_as_authentic/magic_columns.rb +7 -4
  7. data/lib/authlogic/acts_as_authentic/password.rb +67 -256
  8. data/lib/authlogic/acts_as_authentic/perishable_token.rb +8 -5
  9. data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -4
  10. data/lib/authlogic/acts_as_authentic/queries/case_sensitivity.rb +53 -0
  11. data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +36 -20
  12. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +12 -8
  13. data/lib/authlogic/acts_as_authentic/single_access_token.rb +10 -8
  14. data/lib/authlogic/config.rb +9 -1
  15. data/lib/authlogic/controller_adapters/abstract_adapter.rb +28 -4
  16. data/lib/authlogic/controller_adapters/rack_adapter.rb +2 -0
  17. data/lib/authlogic/controller_adapters/rails_adapter.rb +7 -30
  18. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +6 -0
  19. data/lib/authlogic/cookie_credentials.rb +63 -0
  20. data/lib/authlogic/crypto_providers/bcrypt.rb +3 -3
  21. data/lib/authlogic/crypto_providers/md5/v2.rb +35 -0
  22. data/lib/authlogic/crypto_providers/md5.rb +6 -6
  23. data/lib/authlogic/crypto_providers/scrypt.rb +2 -0
  24. data/lib/authlogic/crypto_providers/sha1/v2.rb +41 -0
  25. data/lib/authlogic/crypto_providers/sha1.rb +7 -6
  26. data/lib/authlogic/crypto_providers/sha256/v2.rb +58 -0
  27. data/lib/authlogic/crypto_providers/sha256.rb +5 -0
  28. data/lib/authlogic/crypto_providers/sha512/v2.rb +39 -0
  29. data/lib/authlogic/crypto_providers/sha512.rb +9 -5
  30. data/lib/authlogic/crypto_providers.rb +5 -20
  31. data/lib/authlogic/errors.rb +50 -0
  32. data/lib/authlogic/i18n/translator.rb +4 -1
  33. data/lib/authlogic/i18n.rb +3 -1
  34. data/lib/authlogic/random.rb +2 -0
  35. data/lib/authlogic/session/base.rb +2197 -39
  36. data/lib/authlogic/session/magic_column/assigns_last_request_at.rb +46 -0
  37. data/lib/authlogic/test_case/mock_api_controller.rb +52 -0
  38. data/lib/authlogic/test_case/mock_controller.rb +3 -1
  39. data/lib/authlogic/test_case/mock_cookie_jar.rb +32 -6
  40. data/lib/authlogic/test_case/mock_logger.rb +2 -0
  41. data/lib/authlogic/test_case/mock_request.rb +12 -0
  42. data/lib/authlogic/test_case/rails_request_adapter.rb +9 -1
  43. data/lib/authlogic/test_case.rb +5 -0
  44. data/lib/authlogic/version.rb +2 -1
  45. data/lib/authlogic.rb +5 -28
  46. metadata +175 -200
  47. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -28
  48. data/.github/ISSUE_TEMPLATE/feature_proposal.md +0 -32
  49. data/.github/triage.md +0 -86
  50. data/.gitignore +0 -15
  51. data/.rubocop.yml +0 -133
  52. data/.rubocop_todo.yml +0 -74
  53. data/.travis.yml +0 -24
  54. data/CHANGELOG.md +0 -348
  55. data/CONTRIBUTING.md +0 -91
  56. data/Gemfile +0 -6
  57. data/LICENSE +0 -20
  58. data/README.md +0 -448
  59. data/Rakefile +0 -21
  60. data/UPGRADING.md +0 -22
  61. data/authlogic.gemspec +0 -40
  62. data/doc/use_normal_rails_validation.md +0 -82
  63. data/gemfiles/Gemfile.rails-4.2.x +0 -6
  64. data/gemfiles/Gemfile.rails-5.1.x +0 -6
  65. data/gemfiles/Gemfile.rails-5.2.x +0 -6
  66. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +0 -106
  67. data/lib/authlogic/acts_as_authentic/validations_scope.rb +0 -35
  68. data/lib/authlogic/authenticates_many/association.rb +0 -50
  69. data/lib/authlogic/authenticates_many/base.rb +0 -81
  70. data/lib/authlogic/crypto_providers/aes256.rb +0 -71
  71. data/lib/authlogic/crypto_providers/wordpress.rb +0 -72
  72. data/lib/authlogic/regex.rb +0 -79
  73. data/lib/authlogic/session/activation.rb +0 -73
  74. data/lib/authlogic/session/active_record_trickery.rb +0 -65
  75. data/lib/authlogic/session/brute_force_protection.rb +0 -127
  76. data/lib/authlogic/session/callbacks.rb +0 -153
  77. data/lib/authlogic/session/cookies.rb +0 -329
  78. data/lib/authlogic/session/existence.rb +0 -103
  79. data/lib/authlogic/session/foundation.rb +0 -105
  80. data/lib/authlogic/session/http_auth.rb +0 -107
  81. data/lib/authlogic/session/id.rb +0 -53
  82. data/lib/authlogic/session/klass.rb +0 -73
  83. data/lib/authlogic/session/magic_columns.rb +0 -119
  84. data/lib/authlogic/session/magic_states.rb +0 -82
  85. data/lib/authlogic/session/params.rb +0 -130
  86. data/lib/authlogic/session/password.rb +0 -318
  87. data/lib/authlogic/session/perishable_token.rb +0 -24
  88. data/lib/authlogic/session/persistence.rb +0 -77
  89. data/lib/authlogic/session/priority_record.rb +0 -38
  90. data/lib/authlogic/session/scopes.rb +0 -138
  91. data/lib/authlogic/session/session.rb +0 -77
  92. data/lib/authlogic/session/timeout.rb +0 -103
  93. data/lib/authlogic/session/unauthorized_record.rb +0 -56
  94. data/lib/authlogic/session/validation.rb +0 -93
  95. data/test/acts_as_authentic_test/base_test.rb +0 -27
  96. data/test/acts_as_authentic_test/email_test.rb +0 -241
  97. data/test/acts_as_authentic_test/logged_in_status_test.rb +0 -64
  98. data/test/acts_as_authentic_test/login_test.rb +0 -153
  99. data/test/acts_as_authentic_test/magic_columns_test.rb +0 -29
  100. data/test/acts_as_authentic_test/password_test.rb +0 -263
  101. data/test/acts_as_authentic_test/perishable_token_test.rb +0 -98
  102. data/test/acts_as_authentic_test/persistence_token_test.rb +0 -62
  103. data/test/acts_as_authentic_test/restful_authentication_test.rb +0 -48
  104. data/test/acts_as_authentic_test/session_maintenance_test.rb +0 -150
  105. data/test/acts_as_authentic_test/single_access_test.rb +0 -46
  106. data/test/adapter_test.rb +0 -23
  107. data/test/authenticates_many_test.rb +0 -33
  108. data/test/config_test.rb +0 -38
  109. data/test/crypto_provider_test/aes256_test.rb +0 -16
  110. data/test/crypto_provider_test/bcrypt_test.rb +0 -16
  111. data/test/crypto_provider_test/scrypt_test.rb +0 -16
  112. data/test/crypto_provider_test/sha1_test.rb +0 -25
  113. data/test/crypto_provider_test/sha256_test.rb +0 -16
  114. data/test/crypto_provider_test/sha512_test.rb +0 -16
  115. data/test/crypto_provider_test/wordpress_test.rb +0 -26
  116. data/test/fixtures/companies.yml +0 -5
  117. data/test/fixtures/employees.yml +0 -17
  118. data/test/fixtures/projects.yml +0 -3
  119. data/test/fixtures/users.yml +0 -41
  120. data/test/i18n/lol.yml +0 -4
  121. data/test/i18n_test.rb +0 -35
  122. data/test/libs/affiliate.rb +0 -9
  123. data/test/libs/company.rb +0 -8
  124. data/test/libs/employee.rb +0 -9
  125. data/test/libs/employee_session.rb +0 -4
  126. data/test/libs/ldaper.rb +0 -5
  127. data/test/libs/project.rb +0 -5
  128. data/test/libs/user.rb +0 -9
  129. data/test/libs/user_session.rb +0 -27
  130. data/test/random_test.rb +0 -15
  131. data/test/session_test/activation_test.rb +0 -45
  132. data/test/session_test/active_record_trickery_test.rb +0 -78
  133. data/test/session_test/brute_force_protection_test.rb +0 -110
  134. data/test/session_test/callbacks_test.rb +0 -42
  135. data/test/session_test/cookies_test.rb +0 -244
  136. data/test/session_test/credentials_test.rb +0 -0
  137. data/test/session_test/existence_test.rb +0 -88
  138. data/test/session_test/foundation_test.rb +0 -24
  139. data/test/session_test/http_auth_test.rb +0 -60
  140. data/test/session_test/id_test.rb +0 -19
  141. data/test/session_test/klass_test.rb +0 -42
  142. data/test/session_test/magic_columns_test.rb +0 -62
  143. data/test/session_test/magic_states_test.rb +0 -60
  144. data/test/session_test/params_test.rb +0 -61
  145. data/test/session_test/password_test.rb +0 -107
  146. data/test/session_test/perishability_test.rb +0 -17
  147. data/test/session_test/persistence_test.rb +0 -35
  148. data/test/session_test/scopes_test.rb +0 -68
  149. data/test/session_test/session_test.rb +0 -80
  150. data/test/session_test/timeout_test.rb +0 -84
  151. data/test/session_test/unauthorized_record_test.rb +0 -15
  152. data/test/session_test/validation_test.rb +0 -25
  153. data/test/test_helper.rb +0 -272
data/test/test_helper.rb DELETED
@@ -1,272 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "byebug"
4
- require "rubygems"
5
- require "minitest/autorun"
6
- require "active_record"
7
- require "active_record/fixtures"
8
- require "timecop"
9
- require "i18n"
10
- require "minitest/reporters"
11
-
12
- Minitest::Reporters.use!(Minitest::Reporters::SpecReporter.new)
13
-
14
- I18n.load_path << File.dirname(__FILE__) + "/i18n/lol.yml"
15
-
16
- # ActiveRecord::Schema.verbose = false
17
- ActiveRecord::Base.establish_connection(adapter: "sqlite3", database: ":memory:")
18
- logger = Logger.new(STDOUT)
19
- logger.level = Logger::FATAL
20
- ActiveRecord::Base.logger = logger
21
-
22
- if ActiveRecord::VERSION::STRING < "4.1"
23
- ActiveRecord::Base.configurations = true
24
- end
25
-
26
- if ActiveSupport.respond_to?(:test_order)
27
- ActiveSupport.test_order = :sorted
28
- end
29
-
30
- ActiveRecord::Base.default_timezone = :local
31
- ActiveRecord::Schema.define(version: 1) do
32
- create_table :companies do |t|
33
- t.datetime :created_at
34
- t.datetime :updated_at
35
- t.string :name
36
- t.boolean :active
37
- end
38
-
39
- create_table :projects do |t|
40
- t.datetime :created_at
41
- t.datetime :updated_at
42
- t.string :name
43
- end
44
-
45
- create_table :projects_users, id: false do |t|
46
- t.integer :project_id
47
- t.integer :user_id
48
- end
49
-
50
- create_table :users do |t|
51
- t.datetime :created_at
52
- t.datetime :updated_at
53
- t.integer :lock_version, default: 0
54
- t.integer :company_id
55
- t.string :login
56
- t.string :crypted_password
57
- t.string :password_salt
58
- t.string :persistence_token
59
- t.string :single_access_token
60
- t.string :perishable_token
61
- t.string :email
62
- t.string :first_name
63
- t.string :last_name
64
- t.integer :login_count, default: 0, null: false
65
- t.integer :failed_login_count, default: 0, null: false
66
- t.datetime :last_request_at
67
- t.datetime :current_login_at
68
- t.datetime :last_login_at
69
- t.string :current_login_ip
70
- t.string :last_login_ip
71
- t.boolean :active, default: true
72
- t.boolean :approved, default: true
73
- t.boolean :confirmed, default: true
74
- end
75
-
76
- create_table :employees do |t|
77
- t.datetime :created_at
78
- t.datetime :updated_at
79
- t.integer :company_id
80
- t.string :email
81
- t.string :crypted_password
82
- t.string :password_salt
83
- t.string :persistence_token
84
- t.string :first_name
85
- t.string :last_name
86
- t.integer :login_count, default: 0, null: false
87
- t.datetime :last_request_at
88
- t.datetime :current_login_at
89
- t.datetime :last_login_at
90
- t.string :current_login_ip
91
- t.string :last_login_ip
92
- end
93
-
94
- create_table :affiliates do |t|
95
- t.datetime :created_at
96
- t.datetime :updated_at
97
- t.integer :company_id
98
- t.string :username
99
- t.string :pw_hash
100
- t.string :pw_salt
101
- t.string :persistence_token
102
- end
103
-
104
- create_table :ldapers do |t|
105
- t.datetime :created_at
106
- t.datetime :updated_at
107
- t.string :ldap_login
108
- t.string :persistence_token
109
- end
110
- end
111
-
112
- require "English"
113
- $LOAD_PATH.unshift(File.expand_path("../lib", __dir__))
114
- require "authlogic"
115
- require "authlogic/test_case"
116
-
117
- # Configure SCrypt to be as fast as possible. This is desirable for a test
118
- # suite, and would be the opposite of desirable for production.
119
- Authlogic::CryptoProviders::SCrypt.max_time = 0.001 # 1ms
120
- Authlogic::CryptoProviders::SCrypt.max_mem = 1024 * 1024 # 1MB, the minimum SCrypt allows
121
-
122
- require "libs/project"
123
- require "libs/affiliate"
124
- require "libs/employee"
125
- require "libs/employee_session"
126
- require "libs/ldaper"
127
- require "libs/user"
128
- require "libs/user_session"
129
- require "libs/company"
130
-
131
- # Recent change, 2017-10-23: We had used a 54-letter string here. In the default
132
- # encoding, UTF-8, that's 54 bytes, which is clearly incorrect for an algorithm
133
- # with a 256-bit key, but I guess it worked. With the release of ruby 2.4 (and
134
- # thus openssl gem 2.0), it is more strict, and must be exactly 32 bytes.
135
- Authlogic::CryptoProviders::AES256.key = ::OpenSSL::Random.random_bytes(32)
136
-
137
- module ActiveSupport
138
- class TestCase
139
- include ActiveRecord::TestFixtures
140
- self.fixture_path = File.dirname(__FILE__) + "/fixtures"
141
-
142
- # use_transactional_fixtures= is deprecated and will be removed from Rails 5.1
143
- # (use use_transactional_tests= instead)
144
- if respond_to?(:use_transactional_tests=)
145
- self.use_transactional_tests = false
146
- else
147
- self.use_transactional_fixtures = false
148
- end
149
-
150
- self.use_instantiated_fixtures = false
151
- self.pre_loaded_fixtures = false
152
- fixtures :all
153
- setup :activate_authlogic
154
- setup :config_setup
155
- teardown :config_teardown
156
- teardown { Timecop.return } # for tests that need to freeze the time
157
-
158
- private
159
-
160
- # Many of the tests change Authlogic config for the test models. Some tests
161
- # were not resetting the config after tests, which didn't surface as broken
162
- # tests until Rails 4.1 was added for testing. This ensures that all the
163
- # models start tests with their original config.
164
- def config_setup
165
- [
166
- Project,
167
- Affiliate,
168
- Employee,
169
- EmployeeSession,
170
- Ldaper,
171
- User,
172
- UserSession,
173
- Company
174
- ].each do |model|
175
- unless model.respond_to?(:original_acts_as_authentic_config)
176
- model.class_attribute :original_acts_as_authentic_config
177
- end
178
- model.original_acts_as_authentic_config = model.acts_as_authentic_config
179
- end
180
- end
181
-
182
- def config_teardown
183
- [
184
- Project,
185
- Affiliate,
186
- Employee,
187
- EmployeeSession,
188
- Ldaper,
189
- User,
190
- UserSession,
191
- Company
192
- ].each do |model|
193
- model.acts_as_authentic_config = model.original_acts_as_authentic_config
194
- end
195
- end
196
-
197
- def password_for(user)
198
- case user
199
- when users(:ben)
200
- "benrocks"
201
- when users(:zack)
202
- "zackrocks"
203
- when users(:aaron)
204
- "aaronrocks"
205
- end
206
- end
207
-
208
- def http_basic_auth_for(user = nil)
209
- unless user.blank?
210
- controller.http_user = user.login
211
- controller.http_password = password_for(user)
212
- end
213
- yield
214
- controller.http_user = controller.http_password = controller.realm = nil
215
- end
216
-
217
- def set_cookie_for(user)
218
- controller.cookies["user_credentials"] = {
219
- value: "#{user.persistence_token}::#{user.id}",
220
- expires: nil
221
- }
222
- end
223
-
224
- def unset_cookie
225
- controller.cookies["user_credentials"] = nil
226
- end
227
-
228
- def set_params_for(user)
229
- controller.params["user_credentials"] = user.single_access_token
230
- end
231
-
232
- def unset_params
233
- controller.params["user_credentials"] = nil
234
- end
235
-
236
- def set_request_content_type(type)
237
- controller.request_content_type = type
238
- end
239
-
240
- def unset_request_content_type
241
- controller.request_content_type = nil
242
- end
243
-
244
- def session_credentials_prefix(scope_record)
245
- if scope_record.nil?
246
- ""
247
- else
248
- format(
249
- "%s_%d_",
250
- scope_record.class.model_name.name.underscore,
251
- scope_record.id
252
- )
253
- end
254
- end
255
-
256
- # Sets the session variables that `record` (eg. a `User`) would have after
257
- # logging in.
258
- #
259
- # If `record` belongs to an `authenticates_many` association that uses the
260
- # `scope_cookies` option, then a `scope_record` can be provided.
261
- def set_session_for(record, scope_record = nil)
262
- prefix = session_credentials_prefix(scope_record)
263
- record_class_name = record.class.model_name.name.underscore
264
- controller.session["#{prefix}#{record_class_name}_credentials"] = record.persistence_token
265
- controller.session["#{prefix}#{record_class_name}_credentials_id"] = record.id
266
- end
267
-
268
- def unset_session
269
- controller.session["user_credentials"] = controller.session["user_credentials_id"] = nil
270
- end
271
- end
272
- end