authpwn_rails 0.7.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. data/VERSION +1 -1
  2. data/authpwn_rails.gemspec +1 -1
  3. data/lib/authpwn_rails/session.rb +8 -3
  4. data/test/session_controller_api_test.rb +46 -1
  5. metadata +3 -3
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.7.0
1
+ 0.7.1
data/authpwn_rails.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{authpwn_rails}
8
- s.version = "0.7.0"
8
+ s.version = "0.7.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Victor Costan"]
data/lib/authpwn_rails/session.rb CHANGED
@@ -115,12 +115,14 @@ module SessionControllerInstanceMethods
115
115
  respond_to do |format|
116
116
  if current_user
117
117
  format.html { redirect_to @redirect_url }
118
+ format.json { render :json => current_user }
118
119
  else
120
+ notice = 'Invalid e-mail or password'
119
121
  format.html do
120
122
  redirect_to new_session_url, :flash => {
121
- :notice => 'Invalid e-mail or password',
122
- :auth_redirect_url => @redirect_url }
123
+ :notice => notice, :auth_redirect_url => @redirect_url }
123
124
  end
125
+ format.json { render :json => { :error => notice} }
124
126
  end
125
127
  end
126
128
  end
@@ -128,7 +130,10 @@ module SessionControllerInstanceMethods
128
130
  # DELETE /session
129
131
  def destroy
130
132
  self.current_user = nil
131
- redirect_to session_url
133
+ respond_to do |format|
134
+ format.html { redirect_to session_url }
135
+ format.json { head :ok }
136
+ end
132
137
  end
133
138
 
134
139
  # Hook for setting up the home view.
data/test/session_controller_api_test.rb CHANGED
@@ -20,6 +20,14 @@ class SessionControllerApiTest < ActionController::TestCase
20
20
  assert_equal User.count, assigns(:user_count),
21
21
  'welcome controller method not called'
22
22
  end
23
+
24
+ test "show json renders empty object without a user" do
25
+ get :show, :format => 'json'
26
+ assert_response :ok
27
+ assert_equal({}, ActiveSupport::JSON.decode(response.body))
28
+ assert_equal User.count, assigns(:user_count),
29
+ 'welcome controller method not called'
30
+ end
23
31
 
24
32
  test "show renders home with a user" do
25
33
  set_session_current_user @user
@@ -29,6 +37,15 @@ class SessionControllerApiTest < ActionController::TestCase
29
37
  assert_equal @user, assigns(:user), 'home controller method not called'
30
38
  end
31
39
 
40
+ test "show json renders user when logged in" do
41
+ set_session_current_user @user
42
+ get :show, :format => 'json'
43
+ assert_response :ok
44
+ data = ActiveSupport::JSON.decode response.body
45
+ assert_equal @user.email, data['user']['email']
46
+ assert_equal @user, assigns(:user), 'home controller method not called'
47
+ end
48
+
32
49
  test "new redirects homes with a user" do
33
50
  set_session_current_user @user
34
51
  get :new
@@ -64,6 +81,16 @@ class SessionControllerApiTest < ActionController::TestCase
64
81
  assert_equal @user, assigns(:current_user), 'instance variable'
65
82
  assert_equal @user, session_current_user, 'session'
66
83
  end
84
+
85
+ test "create by json logs in with good account details" do
86
+ post :create, :user => { :email => @user.email, :password => 'password' },
87
+ :format => 'json'
88
+ assert_response :ok
89
+ data = ActiveSupport::JSON.decode response.body
90
+ assert_equal @user.email, data['user']['email']
91
+ assert_equal @user, assigns(:current_user), 'instance variable'
92
+ assert_equal @user, session_current_user, 'session'
93
+ end
67
94
 
68
95
  test "create redirects properly with good account details" do
69
96
  url = 'http://authpwn.redirect.url'
@@ -80,6 +107,16 @@ class SessionControllerApiTest < ActionController::TestCase
80
107
  assert_not_nil flash[:notice]
81
108
  end
82
109
 
110
+ test "create by json does not log in with bad password" do
111
+ post :create, :user => { :email => @user.email, :password => 'fail' },
112
+ :format => 'json'
113
+ assert_response :ok
114
+ data = ActiveSupport::JSON.decode response.body
115
+ assert_match(/invalid/i , data['error'])
116
+ assert_nil assigns(:current_user), 'instance variable'
117
+ assert_nil session_current_user, 'session'
118
+ end
119
+
83
120
  test "create maintains redirect_url for bad logins" do
84
121
  url = 'http://authpwn.redirect.url'
85
122
  post :create, :user => { :email => @user.email, :password => 'fail' },
@@ -103,5 +140,13 @@ class SessionControllerApiTest < ActionController::TestCase
103
140
 
104
141
  assert_redirected_to session_url
105
142
  assert_nil assigns(:current_user)
106
- end
143
+ end
144
+
145
+ test "logout by json" do
146
+ set_session_current_user @user
147
+ delete :destroy, :format => 'json'
148
+
149
+ assert_response :ok
150
+ assert_nil assigns(:current_user)
151
+ end
107
152
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authpwn_rails
3
3
  version: !ruby/object:Gem::Version
4
- hash: 3
4
+ hash: 1
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 7
9
- - 0
10
- version: 0.7.0
9
+ - 1
10
+ version: 0.7.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Victor Costan