authpwn_rails 0.13.4 → 0.14.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.travis.yml +4 -2
- data/Gemfile +5 -5
- data/Gemfile.lock +47 -45
- data/Gemfile.rails3 +15 -0
- data/Gemfile.rails4 +15 -0
- data/VERSION +1 -1
- data/app/models/credentials/email.rb +35 -19
- data/app/models/credentials/facebook.rb +11 -9
- data/app/models/credentials/password.rb +7 -5
- data/app/models/tokens/base.rb +27 -14
- data/app/models/tokens/email_verification.rb +1 -1
- data/app/models/tokens/session_uid.rb +5 -5
- data/authpwn_rails.gemspec +15 -15
- data/lib/authpwn_rails/credential_model.rb +8 -6
- data/lib/authpwn_rails/expires.rb +1 -1
- data/lib/authpwn_rails/generators/templates/001_create_users.rb +4 -4
- data/lib/authpwn_rails/generators/templates/003_create_credentials.rb +8 -10
- data/lib/authpwn_rails/generators/templates/session/password_change.html.erb +1 -1
- data/lib/authpwn_rails/generators/templates/session_controller.rb +1 -1
- data/lib/authpwn_rails/generators/templates/session_controller_test.rb +9 -9
- data/lib/authpwn_rails/http_basic.rb +2 -2
- data/lib/authpwn_rails/routes.rb +18 -18
- data/lib/authpwn_rails/session.rb +3 -3
- data/lib/authpwn_rails/session_controller.rb +39 -25
- data/lib/authpwn_rails/session_mailer.rb +5 -5
- data/lib/authpwn_rails/test_extensions.rb +6 -6
- data/lib/authpwn_rails/user_extensions/email_field.rb +33 -16
- data/lib/authpwn_rails/user_extensions/facebook_fields.rb +1 -1
- data/lib/authpwn_rails/user_extensions/password_field.rb +17 -14
- data/lib/authpwn_rails/user_model.rb +9 -7
- data/test/cookie_controller_test.rb +22 -16
- data/test/credentials/facebook_credential_test.rb +17 -17
- data/test/credentials/password_credential_test.rb +1 -1
- data/test/credentials/password_reset_token_test.rb +1 -1
- data/test/credentials/session_uid_token_test.rb +1 -0
- data/test/credentials/token_crendential_test.rb +2 -4
- data/test/facebook_controller_test.rb +14 -14
- data/test/helpers/action_controller.rb +8 -0
- data/test/helpers/db_setup.rb +11 -9
- data/test/helpers/routes.rb +14 -9
- data/test/http_basic_controller_test.rb +35 -20
- data/test/routes_test.rb +18 -18
- data/test/session_controller_api_test.rb +76 -83
- data/test/test_helper.rb +4 -1
- data/test/user_extensions/email_field_test.rb +1 -1
- data/test/user_extensions/facebook_fields_test.rb +5 -5
- data/test/user_extensions/password_field_test.rb +2 -2
- metadata +14 -27
@@ -27,21 +27,21 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
27
27
|
end
|
28
28
|
|
29
29
|
test "show renders welcome without a user" do
|
30
|
-
|
30
|
+
@controller.expects(:welcome).once.returns nil
|
31
31
|
get :show
|
32
32
|
assert_template :welcome
|
33
33
|
assert_nil assigns(:current_user)
|
34
34
|
end
|
35
35
|
|
36
36
|
test "show json renders empty object without a user" do
|
37
|
-
|
38
|
-
get :show, :
|
37
|
+
@controller.expects(:welcome).once.returns nil
|
38
|
+
get :show, format: 'json'
|
39
39
|
assert_response :ok
|
40
40
|
assert_equal({}, ActiveSupport::JSON.decode(response.body))
|
41
41
|
end
|
42
42
|
|
43
43
|
test "show renders home with a user" do
|
44
|
-
|
44
|
+
@controller.expects(:home).once.returns nil
|
45
45
|
set_session_current_user @user
|
46
46
|
get :show
|
47
47
|
assert_template :home
|
@@ -50,8 +50,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
50
50
|
|
51
51
|
test "show json renders user when logged in" do
|
52
52
|
set_session_current_user @user
|
53
|
-
|
54
|
-
get :show, :
|
53
|
+
@controller.expects(:home).once.returns nil
|
54
|
+
get :show, format: 'json'
|
55
55
|
assert_response :ok
|
56
56
|
data = ActiveSupport::JSON.decode response.body
|
57
57
|
assert_equal @user.exuid, data['user']['exuid']
|
@@ -72,7 +72,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
72
72
|
|
73
73
|
test "new renders redirect_url when present in flash" do
|
74
74
|
url = 'http://authpwn.redirect.url'
|
75
|
-
get :new, {}, {}, { :
|
75
|
+
get :new, {}, {}, { auth_redirect_url: url }
|
76
76
|
assert_template :new
|
77
77
|
assert_equal url, assigns(:redirect_url), 'redirect_url should be set'
|
78
78
|
assert_select 'form' do
|
@@ -81,7 +81,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
81
81
|
end
|
82
82
|
|
83
83
|
test "create logs in with good account details" do
|
84
|
-
post :create, :
|
84
|
+
post :create, email: @email_credential.email, password: 'password'
|
85
85
|
assert_equal @user, assigns(:current_user), 'instance variable'
|
86
86
|
assert_equal @user, session_current_user, 'session'
|
87
87
|
assert_redirected_to session_url
|
@@ -92,7 +92,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
92
92
|
old_token = credentials(:jane_session_token)
|
93
93
|
old_token.updated_at = Time.now - 1.year
|
94
94
|
old_token.save!
|
95
|
-
post :create, :
|
95
|
+
post :create, email: @email_credential.email, password: 'password'
|
96
96
|
assert_equal @user, session_current_user, 'session'
|
97
97
|
assert_nil Tokens::Base.with_code(old_token.code).first,
|
98
98
|
'old session not purged'
|
@@ -103,15 +103,15 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
103
103
|
old_token = credentials(:jane_session_token)
|
104
104
|
old_token.updated_at = Time.now - 1.year
|
105
105
|
old_token.save!
|
106
|
-
post :create, :
|
106
|
+
post :create, email: @email_credential.email, password: 'password'
|
107
107
|
assert_equal @user, session_current_user, 'session'
|
108
108
|
assert_equal old_token, Tokens::Base.with_code(old_token.code).first,
|
109
109
|
'old session purged'
|
110
110
|
end
|
111
111
|
|
112
112
|
test "create by json logs in with good account details" do
|
113
|
-
post :create, :
|
114
|
-
:
|
113
|
+
post :create, email: @email_credential.email, password: 'password',
|
114
|
+
format: 'json'
|
115
115
|
assert_response :ok
|
116
116
|
data = ActiveSupport::JSON.decode response.body
|
117
117
|
assert_equal @user.exuid, data['user']['exuid']
|
@@ -125,8 +125,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
125
125
|
old_token = credentials(:jane_session_token)
|
126
126
|
old_token.updated_at = Time.now - 1.year
|
127
127
|
old_token.save!
|
128
|
-
post :create, :
|
129
|
-
:
|
128
|
+
post :create, email: @email_credential.email, password: 'password',
|
129
|
+
format: 'json'
|
130
130
|
assert_response :ok
|
131
131
|
assert_equal @user, session_current_user, 'session'
|
132
132
|
assert_nil Tokens::Base.with_code(old_token.code).first,
|
@@ -135,13 +135,13 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
135
135
|
|
136
136
|
test "create redirects properly with good account details" do
|
137
137
|
url = 'http://authpwn.redirect.url'
|
138
|
-
post :create, :
|
139
|
-
:
|
138
|
+
post :create, email: @email_credential.email, password: 'password',
|
139
|
+
redirect_url: url
|
140
140
|
assert_redirected_to url
|
141
141
|
end
|
142
142
|
|
143
143
|
test "create does not log in with bad password" do
|
144
|
-
post :create, :
|
144
|
+
post :create, email: @email_credential.email, password: 'fail'
|
145
145
|
assert_redirected_to new_session_url
|
146
146
|
assert_nil assigns(:current_user), 'instance variable'
|
147
147
|
assert_nil session_current_user, 'session'
|
@@ -151,7 +151,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
151
151
|
test "create does not log in with expired password" do
|
152
152
|
@password_credential.updated_at = Time.now - 2.years
|
153
153
|
@password_credential.save!
|
154
|
-
post :create, :
|
154
|
+
post :create, email: @email_credential.email, password: 'password'
|
155
155
|
assert_redirected_to new_session_url
|
156
156
|
assert_nil assigns(:current_user), 'instance variable'
|
157
157
|
assert_nil session_current_user, 'session'
|
@@ -163,7 +163,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
163
163
|
old_token = credentials(:jane_session_token)
|
164
164
|
old_token.updated_at = Time.now - 1.year
|
165
165
|
old_token.save!
|
166
|
-
post :create, :
|
166
|
+
post :create, email: @email_credential.email, password: 'fail'
|
167
167
|
assert_nil session_current_user, 'session'
|
168
168
|
assert_equal old_token, Tokens::Base.with_code(old_token.code).first,
|
169
169
|
'old session purged'
|
@@ -171,7 +171,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
171
171
|
|
172
172
|
test "create does not log in blocked accounts" do
|
173
173
|
with_blocked_credential @email_credential do
|
174
|
-
post :create, :
|
174
|
+
post :create, email: @email_credential.email, password: 'password'
|
175
175
|
end
|
176
176
|
assert_redirected_to new_session_url
|
177
177
|
assert_nil assigns(:current_user), 'instance variable'
|
@@ -180,17 +180,17 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
180
180
|
end
|
181
181
|
|
182
182
|
test "create uses User.authenticate_signin" do
|
183
|
-
|
184
|
-
with('em@ail.com', 'fail').
|
185
|
-
post :create, :
|
183
|
+
User.expects(:authenticate_signin).at_least_once.
|
184
|
+
with('em@ail.com', 'fail').returns @email_credential.user
|
185
|
+
post :create, email: 'em@ail.com', password: 'fail'
|
186
186
|
assert_equal @user, assigns(:current_user), 'instance variable'
|
187
187
|
assert_equal @user, session_current_user, 'session'
|
188
188
|
assert_redirected_to session_url
|
189
189
|
end
|
190
190
|
|
191
191
|
test "create by json does not log in with bad password" do
|
192
|
-
post :create, :
|
193
|
-
:
|
192
|
+
post :create, email: @email_credential.email, password: 'fail',
|
193
|
+
format: 'json'
|
194
194
|
assert_response :ok
|
195
195
|
data = ActiveSupport::JSON.decode response.body
|
196
196
|
assert_equal 'invalid', data['error']
|
@@ -202,8 +202,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
202
202
|
test "create by json does not log in with expired password" do
|
203
203
|
@password_credential.updated_at = Time.now - 2.years
|
204
204
|
@password_credential.save!
|
205
|
-
post :create, :
|
206
|
-
:
|
205
|
+
post :create, email: @email_credential.email, password: 'password',
|
206
|
+
format: 'json'
|
207
207
|
assert_response :ok
|
208
208
|
data = ActiveSupport::JSON.decode response.body
|
209
209
|
assert_equal 'expired', data['error']
|
@@ -214,8 +214,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
214
214
|
|
215
215
|
test "create by json does not log in blocked accounts" do
|
216
216
|
with_blocked_credential @email_credential do
|
217
|
-
post :create, :
|
218
|
-
:
|
217
|
+
post :create, email: @email_credential.email, password: 'password',
|
218
|
+
format: 'json'
|
219
219
|
end
|
220
220
|
assert_response :ok
|
221
221
|
data = ActiveSupport::JSON.decode response.body
|
@@ -227,15 +227,15 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
227
227
|
|
228
228
|
test "create maintains redirect_url for bad logins" do
|
229
229
|
url = 'http://authpwn.redirect.url'
|
230
|
-
post :create, :
|
231
|
-
:
|
230
|
+
post :create, email: @email_credential.email, password: 'fail',
|
231
|
+
redirect_url: url
|
232
232
|
assert_redirected_to new_session_url
|
233
233
|
assert_match(/Invalid /, flash[:alert])
|
234
234
|
assert_equal url, flash[:auth_redirect_url]
|
235
235
|
end
|
236
236
|
|
237
237
|
test "create does not log in with bad e-mail" do
|
238
|
-
post :create, :
|
238
|
+
post :create, email: 'nobody@gmail.com', password: 'no'
|
239
239
|
assert_redirected_to new_session_url
|
240
240
|
assert_nil assigns(:current_user), 'instance variable'
|
241
241
|
assert_nil session_current_user, 'session'
|
@@ -243,9 +243,9 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
243
243
|
end
|
244
244
|
|
245
245
|
test "token logs in with good token" do
|
246
|
-
|
247
|
-
|
248
|
-
get :token, :
|
246
|
+
@controller.expects(:home_with_token).once.with(@token_credential).
|
247
|
+
returns(nil)
|
248
|
+
get :token, code: @token_credential.code
|
249
249
|
assert_redirected_to session_url
|
250
250
|
assert_equal @user, assigns(:current_user), 'instance variable'
|
251
251
|
assert_equal @user, session_current_user, 'session'
|
@@ -254,9 +254,9 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
254
254
|
end
|
255
255
|
|
256
256
|
test "token by json logs in with good token" do
|
257
|
-
|
258
|
-
|
259
|
-
get :token, :
|
257
|
+
@controller.expects(:home_with_token).once.with(@token_credential).
|
258
|
+
returns(nil)
|
259
|
+
get :token, code: @token_credential.code, format: 'json'
|
260
260
|
assert_response :ok
|
261
261
|
data = ActiveSupport::JSON.decode response.body
|
262
262
|
assert_equal @user.exuid, data['user']['exuid']
|
@@ -269,7 +269,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
269
269
|
|
270
270
|
test "token does not log in with random token" do
|
271
271
|
assert_no_difference 'Credential.count', 'no credential is spent' do
|
272
|
-
get :token, :
|
272
|
+
get :token, code: 'no-such-token'
|
273
273
|
end
|
274
274
|
assert_redirected_to new_session_url
|
275
275
|
assert_nil assigns(:current_user), 'instance variable'
|
@@ -280,7 +280,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
280
280
|
test "token does not log in blocked accounts" do
|
281
281
|
with_blocked_credential @token_credential do
|
282
282
|
assert_no_difference 'Credential.count', 'no credential is spent' do
|
283
|
-
get :token, :
|
283
|
+
get :token, code: @token_credential.code
|
284
284
|
end
|
285
285
|
end
|
286
286
|
assert_redirected_to new_session_url
|
@@ -291,7 +291,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
291
291
|
|
292
292
|
test "token by json does not log in with random token" do
|
293
293
|
assert_no_difference 'Credential.count', 'no credential is spent' do
|
294
|
-
get :token, :
|
294
|
+
get :token, code: 'no-such-token', format: 'json'
|
295
295
|
end
|
296
296
|
assert_response :ok
|
297
297
|
data = ActiveSupport::JSON.decode response.body
|
@@ -304,7 +304,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
304
304
|
test "token by json does not log in blocked accounts" do
|
305
305
|
with_blocked_credential @token_credential do
|
306
306
|
assert_no_difference 'Credential.count', 'no credential is spent' do
|
307
|
-
get :token, :
|
307
|
+
get :token, code: @token_credential.code, format: 'json'
|
308
308
|
end
|
309
309
|
end
|
310
310
|
assert_response :ok
|
@@ -325,7 +325,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
325
325
|
|
326
326
|
test "logout by json" do
|
327
327
|
set_session_current_user @user
|
328
|
-
delete :destroy, :
|
328
|
+
delete :destroy, format: 'json'
|
329
329
|
|
330
330
|
assert_response :ok
|
331
331
|
assert_nil assigns(:current_user)
|
@@ -345,17 +345,16 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
345
345
|
end
|
346
346
|
|
347
347
|
test "change_password bounces without logged in user" do
|
348
|
-
post :change_password, :
|
349
|
-
:
|
350
|
-
:
|
348
|
+
post :change_password, old_password: 'password',
|
349
|
+
credential: { password: 'hacks',
|
350
|
+
password_confirmation: 'hacks'}
|
351
351
|
assert_response :forbidden
|
352
352
|
end
|
353
353
|
|
354
354
|
test "change_password works with correct input" do
|
355
355
|
set_session_current_user @user
|
356
|
-
post :change_password, :
|
357
|
-
:
|
358
|
-
:password_confirmation => 'hacks'}
|
356
|
+
post :change_password, old_password: 'password',
|
357
|
+
credential: { password: 'hacks', password_confirmation: 'hacks'}
|
359
358
|
assert_redirected_to session_url
|
360
359
|
assert_equal @password_credential, assigns(:credential)
|
361
360
|
assert_equal @user, User.authenticate_signin(@email_credential.email,
|
@@ -364,9 +363,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
364
363
|
|
365
364
|
test "change_password rejects bad old password" do
|
366
365
|
set_session_current_user @user
|
367
|
-
post :change_password, :
|
368
|
-
:
|
369
|
-
:password_confirmation => 'hacks'}
|
366
|
+
post :change_password, old_password: '_password',
|
367
|
+
credential: { password: 'hacks', password_confirmation: 'hacks'}
|
370
368
|
assert_response :ok
|
371
369
|
assert_template :password_change
|
372
370
|
assert_equal @password_credential, assigns(:credential)
|
@@ -376,9 +374,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
376
374
|
|
377
375
|
test "change_password rejects un-confirmed password" do
|
378
376
|
set_session_current_user @user
|
379
|
-
post :change_password, :
|
380
|
-
:
|
381
|
-
:password_confirmation => 'hacks_'}
|
377
|
+
post :change_password, old_password: 'password',
|
378
|
+
credential: { password: 'hacks', password_confirmation: 'hacks_'}
|
382
379
|
assert_response :ok
|
383
380
|
assert_template :password_change
|
384
381
|
assert_equal @password_credential, assigns(:credential)
|
@@ -390,8 +387,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
390
387
|
set_session_current_user @user
|
391
388
|
@password_credential.destroy
|
392
389
|
post :change_password,
|
393
|
-
:
|
394
|
-
:
|
390
|
+
credential: { password: 'hacks',
|
391
|
+
password_confirmation: 'hacks'}
|
395
392
|
assert_redirected_to session_url
|
396
393
|
assert_equal @user, User.authenticate_signin(@email_credential.email,
|
397
394
|
'hacks'), 'password not changed'
|
@@ -402,17 +399,16 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
402
399
|
@password_credential.destroy
|
403
400
|
assert_no_difference 'Credential.count' do
|
404
401
|
post :change_password,
|
405
|
-
:
|
406
|
-
:
|
402
|
+
credential: { password: 'hacks',
|
403
|
+
password_confirmation: 'hacks_'}
|
407
404
|
end
|
408
405
|
assert_response :ok
|
409
406
|
assert_template :password_change
|
410
407
|
end
|
411
408
|
|
412
409
|
test "change_password by json bounces without logged in user" do
|
413
|
-
post :change_password, :
|
414
|
-
:
|
415
|
-
:password_confirmation => 'hacks'}
|
410
|
+
post :change_password, format: 'json', old_password: 'password',
|
411
|
+
credential: { password: 'hacks', password_confirmation: 'hacks'}
|
416
412
|
assert_response :ok
|
417
413
|
data = ActiveSupport::JSON.decode response.body
|
418
414
|
assert_equal 'Please sign in', data['error']
|
@@ -420,9 +416,9 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
420
416
|
|
421
417
|
test "change_password by json works with correct input" do
|
422
418
|
set_session_current_user @user
|
423
|
-
post :change_password, :
|
424
|
-
:
|
425
|
-
:
|
419
|
+
post :change_password, format: 'json', old_password: 'password',
|
420
|
+
credential: { password: 'hacks',
|
421
|
+
password_confirmation: 'hacks'}
|
426
422
|
assert_response :ok
|
427
423
|
assert_equal @user, User.authenticate_signin(@email_credential.email,
|
428
424
|
'hacks'), 'password not changed'
|
@@ -430,9 +426,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
430
426
|
|
431
427
|
test "change_password by json rejects bad old password" do
|
432
428
|
set_session_current_user @user
|
433
|
-
post :change_password, :
|
434
|
-
:
|
435
|
-
:password_confirmation => 'hacks'}
|
429
|
+
post :change_password, format: 'json', old_password: '_password',
|
430
|
+
credential: { password: 'hacks', password_confirmation: 'hacks'}
|
436
431
|
assert_response :ok
|
437
432
|
data = ActiveSupport::JSON.decode response.body
|
438
433
|
assert_equal 'invalid', data['error']
|
@@ -443,9 +438,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
443
438
|
|
444
439
|
test "change_password by json rejects un-confirmed password" do
|
445
440
|
set_session_current_user @user
|
446
|
-
post :change_password, :
|
447
|
-
:
|
448
|
-
:password_confirmation => 'hacks_'}
|
441
|
+
post :change_password, format: 'json', old_password: 'password',
|
442
|
+
credential: { password: 'hacks', password_confirmation: 'hacks_'}
|
449
443
|
assert_response :ok
|
450
444
|
data = ActiveSupport::JSON.decode response.body
|
451
445
|
assert_equal 'invalid', data['error']
|
@@ -456,9 +450,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
456
450
|
test "change_password by json works for password recovery" do
|
457
451
|
set_session_current_user @user
|
458
452
|
@password_credential.destroy
|
459
|
-
post :change_password, :
|
460
|
-
:
|
461
|
-
:password_confirmation => 'hacks'}
|
453
|
+
post :change_password, format: 'json',
|
454
|
+
credential: { password: 'hacks', password_confirmation: 'hacks'}
|
462
455
|
assert_response :ok
|
463
456
|
assert_equal @user, User.authenticate_signin(
|
464
457
|
@email_credential.email, 'hacks'), 'password not changed'
|
@@ -468,9 +461,9 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
468
461
|
set_session_current_user @user
|
469
462
|
@password_credential.destroy
|
470
463
|
assert_no_difference 'Credential.count' do
|
471
|
-
post :change_password, :
|
472
|
-
:
|
473
|
-
:
|
464
|
+
post :change_password, format: 'json',
|
465
|
+
credential: { password: 'hacks',
|
466
|
+
password_confirmation: 'hacks_'}
|
474
467
|
end
|
475
468
|
assert_response :ok
|
476
469
|
data = ActiveSupport::JSON.decode response.body
|
@@ -482,7 +475,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
482
475
|
@request.host = 'mail.test.host:1234'
|
483
476
|
|
484
477
|
assert_difference 'Credential.count', 1 do
|
485
|
-
post :reset_password, :
|
478
|
+
post :reset_password, email: @email_credential.email
|
486
479
|
end
|
487
480
|
|
488
481
|
token = Credential.last
|
@@ -504,7 +497,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
504
497
|
ActionMailer::Base.deliveries = []
|
505
498
|
|
506
499
|
assert_difference 'Credential.count', 1 do
|
507
|
-
post :reset_password, :
|
500
|
+
post :reset_password, email: @email_credential.email, format: 'json'
|
508
501
|
end
|
509
502
|
|
510
503
|
token = Credential.last
|
@@ -521,7 +514,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
521
514
|
ActionMailer::Base.deliveries = []
|
522
515
|
|
523
516
|
assert_no_difference 'Credential.count' do
|
524
|
-
post :reset_password, :
|
517
|
+
post :reset_password, email: 'no@such.email'
|
525
518
|
end
|
526
519
|
assert ActionMailer::Base.deliveries.empty?, 'no email generated'
|
527
520
|
|
@@ -532,7 +525,7 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
532
525
|
ActionMailer::Base.deliveries = []
|
533
526
|
|
534
527
|
assert_no_difference 'Credential.count' do
|
535
|
-
post :reset_password, :
|
528
|
+
post :reset_password, email: 'no@such.email', format: 'json'
|
536
529
|
end
|
537
530
|
assert ActionMailer::Base.deliveries.empty?, 'no email generated'
|
538
531
|
|
@@ -545,8 +538,8 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
545
538
|
ActionMailer::Base.deliveries = []
|
546
539
|
|
547
540
|
assert_difference 'Credential.count', 1 do
|
548
|
-
post :create, :
|
549
|
-
:
|
541
|
+
post :create, email: @email_credential.email, password: '',
|
542
|
+
reset_password: :requested
|
550
543
|
end
|
551
544
|
|
552
545
|
token = Credential.last
|
data/test/test_helper.rb
CHANGED
@@ -1,19 +1,22 @@
|
|
1
1
|
require 'rubygems'
|
2
2
|
require 'test/unit'
|
3
3
|
|
4
|
+
require 'action_controller'
|
4
5
|
require 'action_mailer'
|
5
6
|
require 'active_record'
|
6
7
|
require 'rails'
|
7
8
|
|
8
9
|
require 'fbgraph_rails'
|
9
10
|
require 'fbgraph_rails/controller'
|
10
|
-
require 'flexmock/test_unit'
|
11
11
|
require 'sqlite3'
|
12
12
|
|
13
|
+
require 'mocha/setup'
|
14
|
+
|
13
15
|
require 'authpwn_rails'
|
14
16
|
|
15
17
|
require 'helpers/view_helpers.rb'
|
16
18
|
# NOTE: application_controller and action_mailer have to follow view_helpers
|
19
|
+
require 'helpers/action_controller.rb'
|
17
20
|
require 'helpers/application_controller.rb'
|
18
21
|
require 'helpers/action_mailer.rb'
|
19
22
|
require 'helpers/autoload_path.rb'
|
@@ -6,7 +6,7 @@ end
|
|
6
6
|
|
7
7
|
class EmailFieldTest < ActiveSupport::TestCase
|
8
8
|
def setup
|
9
|
-
@user = UserWithEmail.new :
|
9
|
+
@user = UserWithEmail.new email: 'blah@gmail.com'
|
10
10
|
|
11
11
|
@john = UserWithEmail.find_by_id(users(:john).id)
|
12
12
|
@jane = UserWithEmail.find_by_id(users(:jane).id)
|
@@ -7,16 +7,16 @@ end
|
|
7
7
|
class FacebookFieldsTest < ActiveSupport::TestCase
|
8
8
|
def setup
|
9
9
|
@user = UserWithFb.new
|
10
|
-
|
10
|
+
|
11
11
|
@john = UserWithFb.find_by_id(users(:john).id)
|
12
12
|
@jane = UserWithFb.find_by_id(users(:jane).id)
|
13
13
|
@bill = UserWithFb.find_by_id(users(:bill).id)
|
14
14
|
end
|
15
|
-
|
15
|
+
|
16
16
|
test 'setup' do
|
17
17
|
assert @user.valid?
|
18
18
|
end
|
19
|
-
|
19
|
+
|
20
20
|
test 'facebook_credential' do
|
21
21
|
assert_equal credentials(:john_facebook), @john.facebook_credential
|
22
22
|
assert_equal credentials(:jane_facebook), @jane.facebook_credential
|
@@ -52,9 +52,9 @@ class FacebookFieldsTest < ActiveSupport::TestCase
|
|
52
52
|
end
|
53
53
|
|
54
54
|
test 'for_facebook_token' do
|
55
|
-
|
55
|
+
Credentials::Facebook.expects(:uid_from_token).at_least_once.
|
56
56
|
with(credentials(:john_facebook).key).
|
57
|
-
|
57
|
+
returns credentials(:john_facebook).facebook_uid
|
58
58
|
assert_equal users(:john),
|
59
59
|
UserWithFb.for_facebook_token(credentials(:john_facebook).access_token)
|
60
60
|
end
|
@@ -6,8 +6,8 @@ end
|
|
6
6
|
|
7
7
|
class PasswordFieldTest < ActiveSupport::TestCase
|
8
8
|
def setup
|
9
|
-
@user = UserWithPassword.new :
|
10
|
-
:
|
9
|
+
@user = UserWithPassword.new password: 'awesome',
|
10
|
+
password_confirmation: 'awesome'
|
11
11
|
|
12
12
|
@john = UserWithPassword.find_by_id(users(:john).id)
|
13
13
|
@jane = UserWithPassword.find_by_id(users(:jane).id)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authpwn_rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.14.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-
|
12
|
+
date: 2013-03-14 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: fbgraph_rails
|
@@ -34,7 +34,7 @@ dependencies:
|
|
34
34
|
requirements:
|
35
35
|
- - ! '>='
|
36
36
|
- !ruby/object:Gem::Version
|
37
|
-
version: 3.2.
|
37
|
+
version: 3.2.12
|
38
38
|
type: :runtime
|
39
39
|
prerelease: false
|
40
40
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -42,7 +42,7 @@ dependencies:
|
|
42
42
|
requirements:
|
43
43
|
- - ! '>='
|
44
44
|
- !ruby/object:Gem::Version
|
45
|
-
version: 3.2.
|
45
|
+
version: 3.2.12
|
46
46
|
- !ruby/object:Gem::Dependency
|
47
47
|
name: bundler
|
48
48
|
requirement: !ruby/object:Gem::Requirement
|
@@ -50,7 +50,7 @@ dependencies:
|
|
50
50
|
requirements:
|
51
51
|
- - ! '>='
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: 1.
|
53
|
+
version: 1.3.3
|
54
54
|
type: :development
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -58,15 +58,15 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - ! '>='
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: 1.
|
61
|
+
version: 1.3.3
|
62
62
|
- !ruby/object:Gem::Dependency
|
63
|
-
name:
|
63
|
+
name: mocha
|
64
64
|
requirement: !ruby/object:Gem::Requirement
|
65
65
|
none: false
|
66
66
|
requirements:
|
67
67
|
- - ! '>='
|
68
68
|
- !ruby/object:Gem::Version
|
69
|
-
version:
|
69
|
+
version: 0.13.3
|
70
70
|
type: :development
|
71
71
|
prerelease: false
|
72
72
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -74,7 +74,7 @@ dependencies:
|
|
74
74
|
requirements:
|
75
75
|
- - ! '>='
|
76
76
|
- !ruby/object:Gem::Version
|
77
|
-
version:
|
77
|
+
version: 0.13.3
|
78
78
|
- !ruby/object:Gem::Dependency
|
79
79
|
name: jeweler
|
80
80
|
requirement: !ruby/object:Gem::Requirement
|
@@ -91,22 +91,6 @@ dependencies:
|
|
91
91
|
- - ! '>='
|
92
92
|
- !ruby/object:Gem::Version
|
93
93
|
version: 1.8.4
|
94
|
-
- !ruby/object:Gem::Dependency
|
95
|
-
name: rcov
|
96
|
-
requirement: !ruby/object:Gem::Requirement
|
97
|
-
none: false
|
98
|
-
requirements:
|
99
|
-
- - ! '>='
|
100
|
-
- !ruby/object:Gem::Version
|
101
|
-
version: '0'
|
102
|
-
type: :development
|
103
|
-
prerelease: false
|
104
|
-
version_requirements: !ruby/object:Gem::Requirement
|
105
|
-
none: false
|
106
|
-
requirements:
|
107
|
-
- - ! '>='
|
108
|
-
- !ruby/object:Gem::Version
|
109
|
-
version: '0'
|
110
94
|
- !ruby/object:Gem::Dependency
|
111
95
|
name: simplecov
|
112
96
|
requirement: !ruby/object:Gem::Requirement
|
@@ -184,6 +168,8 @@ files:
|
|
184
168
|
- .travis.yml
|
185
169
|
- Gemfile
|
186
170
|
- Gemfile.lock
|
171
|
+
- Gemfile.rails3
|
172
|
+
- Gemfile.rails4
|
187
173
|
- LICENSE
|
188
174
|
- README.rdoc
|
189
175
|
- Rakefile
|
@@ -252,6 +238,7 @@ files:
|
|
252
238
|
- test/fixtures/bare_session/new.html.erb
|
253
239
|
- test/fixtures/bare_session/password_change.html.erb
|
254
240
|
- test/fixtures/bare_session/welcome.html.erb
|
241
|
+
- test/helpers/action_controller.rb
|
255
242
|
- test/helpers/action_mailer.rb
|
256
243
|
- test/helpers/application_controller.rb
|
257
244
|
- test/helpers/autoload_path.rb
|
@@ -287,7 +274,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
287
274
|
version: '0'
|
288
275
|
segments:
|
289
276
|
- 0
|
290
|
-
hash: -
|
277
|
+
hash: -1894489992034246350
|
291
278
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
292
279
|
none: false
|
293
280
|
requirements:
|
@@ -296,7 +283,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
296
283
|
version: '0'
|
297
284
|
requirements: []
|
298
285
|
rubyforge_project:
|
299
|
-
rubygems_version: 1.8.
|
286
|
+
rubygems_version: 1.8.25
|
300
287
|
signing_key:
|
301
288
|
specification_version: 3
|
302
289
|
summary: User authentication for Rails 3 applications.
|