authpwn_rails 0.19.0 → 0.20.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/authpwn_rails.gemspec +4 -3
- data/lib/authpwn_rails/http_basic.rb +1 -1
- data/lib/authpwn_rails/http_token.rb +1 -1
- data/lib/authpwn_rails/session.rb +2 -2
- data/test/cookie_controller_test.rb +6 -0
- data/test/fixtures/layouts/application.html.erb +11 -0
- data/test/helpers/application_controller.rb +3 -0
- data/test/http_basic_controller_test.rb +3 -0
- data/test/http_token_controller_test.rb +3 -0
- data/test/session_controller_api_test.rb +7 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e74b051ae5f60f59a12f722ab166d5fc2b263493
|
|
4
|
+
data.tar.gz: 390e8ffb67cd7094dd54da1006742f94f6bce1fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f7182e18579ef2e3bd789025dfdefede81eafa12ed40dd0ad24950ab9ea24f5c8b7d73a4b89b4b8291d32eed0129b6cd13a6327f997f8dbdad0fc3ba851b047e
|
|
7
|
+
data.tar.gz: 14b118e149594915b6d4f6b141a2099f819da1e26f798a7e95e7900fea0be7b2cbc2f4350b7e11d37b4cc5128a0de9d1d186e50f0214b4bf10cc8d51eea65e2f
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.20.0
|
data/authpwn_rails.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: authpwn_rails 0.
|
|
5
|
+
# stub: authpwn_rails 0.20.0 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "authpwn_rails"
|
|
9
|
-
s.version = "0.
|
|
9
|
+
s.version = "0.20.0"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["Victor Costan"]
|
|
14
|
-
s.date = "
|
|
14
|
+
s.date = "2016-02-02"
|
|
15
15
|
s.description = "Works with Facebook."
|
|
16
16
|
s.email = "victor@costan.us"
|
|
17
17
|
s.extra_rdoc_files = [
|
|
@@ -101,6 +101,7 @@ Gem::Specification.new do |s|
|
|
|
101
101
|
"test/fixtures/bare_session/new.html.erb",
|
|
102
102
|
"test/fixtures/bare_session/password_change.html.erb",
|
|
103
103
|
"test/fixtures/bare_session/welcome.html.erb",
|
|
104
|
+
"test/fixtures/layouts/application.html.erb",
|
|
104
105
|
"test/helpers/action_controller.rb",
|
|
105
106
|
"test/helpers/action_mailer.rb",
|
|
106
107
|
"test/helpers/application_controller.rb",
|
|
@@ -52,7 +52,7 @@ module HttpBasicControllerInstanceMethods
|
|
|
52
52
|
|
|
53
53
|
respond_to do |format|
|
|
54
54
|
format.html do
|
|
55
|
-
render 'session/forbidden', status: :forbidden
|
|
55
|
+
render 'session/forbidden', layout: false, status: :forbidden
|
|
56
56
|
end
|
|
57
57
|
format.json do
|
|
58
58
|
render json: { error: "You're not allowed to access that" }
|
|
@@ -55,7 +55,7 @@ module HttpTokenControllerInstanceMethods
|
|
|
55
55
|
|
|
56
56
|
respond_to do |format|
|
|
57
57
|
format.html do
|
|
58
|
-
render 'session/forbidden', status: :forbidden
|
|
58
|
+
render 'session/forbidden', layout: false, status: :forbidden
|
|
59
59
|
end
|
|
60
60
|
format.json do
|
|
61
61
|
render json: { error: "You're not allowed to access that" }
|
|
@@ -78,10 +78,10 @@ module ControllerInstanceMethods
|
|
|
78
78
|
format.html do
|
|
79
79
|
@redirect_url = redirect_url
|
|
80
80
|
if current_user
|
|
81
|
-
render 'session/forbidden', status: :forbidden
|
|
81
|
+
render 'session/forbidden', layout: false, status: :forbidden
|
|
82
82
|
else
|
|
83
83
|
flash[:auth_redirect_url] = redirect_url
|
|
84
|
-
render 'session/forbidden', status: :forbidden
|
|
84
|
+
render 'session/forbidden', layout: false, status: :forbidden
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
format.json do
|
|
@@ -205,6 +205,9 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
205
205
|
assert_response :forbidden
|
|
206
206
|
assert_template 'session/forbidden'
|
|
207
207
|
assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
|
|
208
|
+
# Make sure no layout was rendered.
|
|
209
|
+
assert_select 'title', 0
|
|
210
|
+
assert_select 'h1', 0
|
|
208
211
|
end
|
|
209
212
|
|
|
210
213
|
test "valid user_id bounced in json" do
|
|
@@ -220,6 +223,9 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
220
223
|
assert_response :forbidden
|
|
221
224
|
assert_template 'session/forbidden'
|
|
222
225
|
assert_equal bouncer_cookie_url, flash[:auth_redirect_url]
|
|
226
|
+
# Make sure no layout was rendered.
|
|
227
|
+
assert_select 'title', 0
|
|
228
|
+
assert_select 'h1', 0
|
|
223
229
|
|
|
224
230
|
assert_select 'script', %r/.*window.location.*#{new_session_path}.*/
|
|
225
231
|
end
|
|
@@ -2,6 +2,9 @@
|
|
|
2
2
|
class ApplicationController < ActionController::Base
|
|
3
3
|
prepend_view_path File.expand_path(
|
|
4
4
|
'../../../lib/authpwn_rails/generators/templates', __FILE__)
|
|
5
|
+
prepend_view_path File.expand_path('../../fixtures', __FILE__)
|
|
6
|
+
|
|
7
|
+
layout 'application'
|
|
5
8
|
|
|
6
9
|
# This is necessary for testing CSRF exceptions in API calls.
|
|
7
10
|
protect_from_forgery with: :exception
|
|
@@ -95,6 +95,9 @@ class HttpBasicControllerTest < ActionController::TestCase
|
|
|
95
95
|
assert_response :forbidden
|
|
96
96
|
assert_template 'session/forbidden'
|
|
97
97
|
assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
|
|
98
|
+
# Make sure no layout was rendered.
|
|
99
|
+
assert_select 'title', 0
|
|
100
|
+
assert_select 'h1', 0
|
|
98
101
|
end
|
|
99
102
|
|
|
100
103
|
test "valid user bounced in json" do
|
|
@@ -101,6 +101,9 @@ class HttpTokenControllerTest < ActionController::TestCase
|
|
|
101
101
|
assert_response :forbidden
|
|
102
102
|
assert_template 'session/forbidden'
|
|
103
103
|
assert_select 'a[href="/session"][data-method="delete"]', 'sign out'
|
|
104
|
+
# Make sure no layout was rendered.
|
|
105
|
+
assert_select 'title', 0
|
|
106
|
+
assert_select 'h1', 0
|
|
104
107
|
end
|
|
105
108
|
|
|
106
109
|
test "valid user bounced in json" do
|
|
@@ -453,6 +453,9 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
|
453
453
|
test "password_change bounces without logged in user" do
|
|
454
454
|
get :password_change
|
|
455
455
|
assert_response :forbidden
|
|
456
|
+
# Make sure no layout was rendered.
|
|
457
|
+
assert_select 'title', 0
|
|
458
|
+
assert_select 'h1', 0
|
|
456
459
|
end
|
|
457
460
|
|
|
458
461
|
test "password_change renders correct form" do
|
|
@@ -467,6 +470,10 @@ class SessionControllerApiTest < ActionController::TestCase
|
|
|
467
470
|
post :change_password, credential: { old_password: 'pa55w0rd',
|
|
468
471
|
password: 'hacks', password_confirmation: 'hacks' }
|
|
469
472
|
assert_response :forbidden
|
|
473
|
+
assert_template 'session/forbidden'
|
|
474
|
+
# Make sure no layout was rendered.
|
|
475
|
+
assert_select 'title', 0
|
|
476
|
+
assert_select 'h1', 0
|
|
470
477
|
end
|
|
471
478
|
|
|
472
479
|
test "change_password works with correct input" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authpwn_rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.20.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Victor Costan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2016-02-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -268,6 +268,7 @@ files:
|
|
|
268
268
|
- test/fixtures/bare_session/new.html.erb
|
|
269
269
|
- test/fixtures/bare_session/password_change.html.erb
|
|
270
270
|
- test/fixtures/bare_session/welcome.html.erb
|
|
271
|
+
- test/fixtures/layouts/application.html.erb
|
|
271
272
|
- test/helpers/action_controller.rb
|
|
272
273
|
- test/helpers/action_mailer.rb
|
|
273
274
|
- test/helpers/application_controller.rb
|