authpwn_rails 0.9.6 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.travis.yml +6 -0
- data/Gemfile +3 -2
- data/Gemfile.lock +38 -36
- data/README.rdoc +6 -11
- data/VERSION +1 -1
- data/authpwn_rails.gemspec +30 -22
- data/lib/authpwn_rails.rb +2 -2
- data/lib/authpwn_rails/credential_model.rb +38 -0
- data/lib/authpwn_rails/credentials.rb +10 -0
- data/lib/authpwn_rails/credentials/email.rb +30 -0
- data/lib/authpwn_rails/credentials/facebook.rb +77 -0
- data/lib/authpwn_rails/credentials/password.rb +63 -0
- data/lib/authpwn_rails/engine.rb +5 -7
- data/lib/authpwn_rails/facebook_session.rb +5 -5
- data/lib/authpwn_rails/generators/{session_generator.rb → all_generator.rb} +28 -9
- data/lib/authpwn_rails/generators/templates/001_create_users.rb +3 -11
- data/lib/authpwn_rails/generators/templates/002_create_credentials.rb +19 -0
- data/lib/authpwn_rails/generators/templates/credential.rb +16 -0
- data/lib/authpwn_rails/generators/templates/credentials.yml +34 -0
- data/lib/authpwn_rails/generators/templates/session/forbidden.html.erb +2 -2
- data/lib/authpwn_rails/generators/templates/session/home.html.erb +1 -1
- data/lib/authpwn_rails/generators/templates/session/new.html.erb +6 -6
- data/lib/authpwn_rails/generators/templates/session_controller.rb +1 -1
- data/lib/authpwn_rails/generators/templates/session_controller_test.rb +2 -2
- data/lib/authpwn_rails/generators/templates/user.rb +2 -2
- data/lib/authpwn_rails/generators/templates/users.yml +5 -8
- data/lib/authpwn_rails/session.rb +7 -7
- data/lib/authpwn_rails/session_controller.rb +15 -13
- data/lib/authpwn_rails/test_extensions.rb +6 -6
- data/lib/authpwn_rails/user_model.rb +23 -92
- data/test/email_credential_test.rb +50 -0
- data/test/facebook_controller_test.rb +7 -2
- data/test/facebook_credential_test.rb +74 -0
- data/test/helpers/db_setup.rb +4 -4
- data/test/helpers/fbgraph.rb +6 -2
- data/test/password_credential_test.rb +67 -0
- data/test/session_controller_api_test.rb +12 -12
- data/test/test_helper.rb +1 -0
- data/test/user_test.rb +11 -100
- metadata +41 -25
- data/lib/authpwn_rails/facebook_token_model.rb +0 -66
- data/lib/authpwn_rails/generators/facebook_generator.rb +0 -18
- data/lib/authpwn_rails/generators/templates/002_create_facebook_tokens.rb +0 -15
- data/lib/authpwn_rails/generators/templates/facebook_token.rb +0 -6
- data/lib/authpwn_rails/generators/templates/facebook_tokens.yml +0 -10
- data/lib/authpwn_rails/generators/users_generator.rb +0 -16
- data/test/facebook_token_test.rb +0 -28
data/test/test_helper.rb
CHANGED
data/test/user_test.rb
CHANGED
@@ -2,125 +2,36 @@ require File.expand_path('../test_helper', __FILE__)
|
|
2
2
|
|
3
3
|
class UserTest < ActiveSupport::TestCase
|
4
4
|
def setup
|
5
|
-
@user = User.new
|
6
|
-
:password_confirmation => 'awesome',
|
7
|
-
:email => 'dvdjohn@mit.edu'
|
5
|
+
@user = User.new
|
8
6
|
end
|
9
7
|
|
10
|
-
test '
|
11
|
-
@user.password_salt = nil
|
8
|
+
test 'setup' do
|
12
9
|
assert @user.valid?
|
13
10
|
end
|
14
11
|
|
15
|
-
test '
|
16
|
-
@user.password_salt = '12345' * 4
|
17
|
-
assert !@user.valid?, 'Long salt'
|
18
|
-
@user.password_salt = ''
|
19
|
-
assert !@user.valid?, 'Empty salt'
|
20
|
-
end
|
21
|
-
|
22
|
-
test 'password_hash not required' do
|
23
|
-
@user.password_hash = nil
|
12
|
+
test 'exuid generation' do
|
24
13
|
assert @user.valid?
|
14
|
+
assert @user.exuid
|
25
15
|
end
|
26
16
|
|
27
|
-
test '
|
28
|
-
@user.
|
29
|
-
assert !@user.valid?, 'Long hash'
|
30
|
-
@user.password_hash = ''
|
31
|
-
assert !@user.valid?, 'Empty hash'
|
32
|
-
end
|
33
|
-
|
34
|
-
test 'email presence' do
|
35
|
-
@user.email = nil
|
36
|
-
assert !@user.valid?
|
37
|
-
end
|
38
|
-
|
39
|
-
test 'email length' do
|
40
|
-
@user.email = 'abcde' * 25 + '@mit.edu'
|
41
|
-
assert !@user.valid?, 'Overly long user name'
|
42
|
-
end
|
43
|
-
|
44
|
-
test 'email format' do
|
45
|
-
['cos tan@gmail.com', 'costan@x@mit.edu'].each do |email|
|
46
|
-
@user.email = email
|
47
|
-
assert !@user.valid?, "Bad email format - #{email}"
|
48
|
-
end
|
49
|
-
end
|
50
|
-
|
51
|
-
test 'email uniqueness' do
|
52
|
-
@user.email = users(:john).email
|
17
|
+
test 'exuid uniqueness' do
|
18
|
+
@user.exuid = users(:john).exuid
|
53
19
|
assert !@user.valid?
|
54
20
|
end
|
55
21
|
|
56
|
-
test '
|
57
|
-
@user.
|
58
|
-
assert @user.valid?
|
59
|
-
end
|
60
|
-
|
61
|
-
test 'password confirmation' do
|
62
|
-
@user.password_confirmation = 'not awesome'
|
22
|
+
test 'exuid presence' do
|
23
|
+
@user.exuid = ''
|
63
24
|
assert !@user.valid?
|
64
25
|
end
|
65
|
-
|
66
|
-
test 'password can be nil' do
|
67
|
-
@user.password = @user.password_confirmation = nil
|
68
|
-
assert @user.valid?
|
69
|
-
end
|
70
|
-
|
26
|
+
|
71
27
|
test 'to_param' do
|
72
|
-
|
73
|
-
assert_equal sha2, @user.to_param
|
28
|
+
assert_equal '56789', users(:john).to_param
|
74
29
|
end
|
75
30
|
|
76
|
-
test 'password_matches?' do
|
77
|
-
assert_equal true, @user.password_matches?('awesome')
|
78
|
-
assert_equal false, @user.password_matches?('not awesome'), 'Bogus password'
|
79
|
-
assert_equal false, @user.password_matches?('password'),
|
80
|
-
"Another user's password"
|
81
|
-
end
|
82
|
-
|
83
31
|
test 'find_by_param' do
|
84
32
|
assert_equal users(:john), User.find_by_param(users(:john).to_param)
|
85
33
|
assert_equal users(:jane), User.find_by_param(users(:jane).to_param)
|
86
|
-
assert_equal nil, User.find_by_param('bogus
|
34
|
+
assert_equal nil, User.find_by_param('bogus id')
|
87
35
|
assert_equal nil, User.find_by_param(nil)
|
88
36
|
end
|
89
|
-
|
90
|
-
test 'to_json does not show implementation details' do
|
91
|
-
json_data = ActiveSupport::JSON.decode users(:john).to_json
|
92
|
-
assert_operator json_data, :has_key?, 'user'
|
93
|
-
assert_nil json_data['user']['password_hash']
|
94
|
-
assert_nil json_data['user']['password_salt']
|
95
|
-
assert_nil json_data['user']['id']
|
96
|
-
end
|
97
|
-
|
98
|
-
test 'find_by_email_and_password' do
|
99
|
-
assert_equal users(:john),
|
100
|
-
User.find_by_email_and_password('john@gmail.com', 'password')
|
101
|
-
assert_equal nil,
|
102
|
-
User.find_by_email_and_password('john@gmail.com', 'pa55w0rd'),
|
103
|
-
"Jane's password on John's account"
|
104
|
-
assert_equal users(:jane),
|
105
|
-
User.find_by_email_and_password('jane@gmail.com', 'pa55w0rd')
|
106
|
-
assert_equal nil,
|
107
|
-
User.find_by_email_and_password('jane@gmail.com', 'password'),
|
108
|
-
"John's password on Jane's account"
|
109
|
-
assert_equal nil,
|
110
|
-
User.find_by_email_and_password('john@gmail.com', 'awesome'),
|
111
|
-
'Bogus password'
|
112
|
-
end
|
113
|
-
|
114
|
-
test 'facebook_token' do
|
115
|
-
assert_nil @user.facebook_token
|
116
|
-
|
117
|
-
user = users(:john)
|
118
|
-
assert_equal facebook_tokens(:john), user.facebook_token
|
119
|
-
end
|
120
|
-
|
121
|
-
|
122
|
-
test 'for_facebook_token' do
|
123
|
-
assert_equal users(:john),
|
124
|
-
User.for_facebook_token(users(:john). facebook_token.access_token)
|
125
|
-
end
|
126
37
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authpwn_rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,11 +9,11 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2011-
|
12
|
+
date: 2011-11-21 00:00:00.000000000Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: fbgraph_rails
|
16
|
-
requirement: &
|
16
|
+
requirement: &16565780 !ruby/object:Gem::Requirement
|
17
17
|
none: false
|
18
18
|
requirements:
|
19
19
|
- - ! '>='
|
@@ -21,21 +21,21 @@ dependencies:
|
|
21
21
|
version: 0.2.2
|
22
22
|
type: :runtime
|
23
23
|
prerelease: false
|
24
|
-
version_requirements: *
|
24
|
+
version_requirements: *16565780
|
25
25
|
- !ruby/object:Gem::Dependency
|
26
26
|
name: rails
|
27
|
-
requirement: &
|
27
|
+
requirement: &16564740 !ruby/object:Gem::Requirement
|
28
28
|
none: false
|
29
29
|
requirements:
|
30
30
|
- - ! '>='
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.1.
|
32
|
+
version: 3.1.3
|
33
33
|
type: :runtime
|
34
34
|
prerelease: false
|
35
|
-
version_requirements: *
|
35
|
+
version_requirements: *16564740
|
36
36
|
- !ruby/object:Gem::Dependency
|
37
37
|
name: bundler
|
38
|
-
requirement: &
|
38
|
+
requirement: &16563820 !ruby/object:Gem::Requirement
|
39
39
|
none: false
|
40
40
|
requirements:
|
41
41
|
- - ~>
|
@@ -43,10 +43,21 @@ dependencies:
|
|
43
43
|
version: 1.0.0
|
44
44
|
type: :development
|
45
45
|
prerelease: false
|
46
|
-
version_requirements: *
|
46
|
+
version_requirements: *16563820
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: flexmock
|
49
|
+
requirement: &16563000 !ruby/object:Gem::Requirement
|
50
|
+
none: false
|
51
|
+
requirements:
|
52
|
+
- - ~>
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: 0.9.0
|
55
|
+
type: :development
|
56
|
+
prerelease: false
|
57
|
+
version_requirements: *16563000
|
47
58
|
- !ruby/object:Gem::Dependency
|
48
59
|
name: jeweler
|
49
|
-
requirement: &
|
60
|
+
requirement: &16561920 !ruby/object:Gem::Requirement
|
50
61
|
none: false
|
51
62
|
requirements:
|
52
63
|
- - ~>
|
@@ -54,10 +65,10 @@ dependencies:
|
|
54
65
|
version: 1.6.0
|
55
66
|
type: :development
|
56
67
|
prerelease: false
|
57
|
-
version_requirements: *
|
68
|
+
version_requirements: *16561920
|
58
69
|
- !ruby/object:Gem::Dependency
|
59
70
|
name: rcov
|
60
|
-
requirement: &
|
71
|
+
requirement: &16560900 !ruby/object:Gem::Requirement
|
61
72
|
none: false
|
62
73
|
requirements:
|
63
74
|
- - ! '>='
|
@@ -65,10 +76,10 @@ dependencies:
|
|
65
76
|
version: '0'
|
66
77
|
type: :development
|
67
78
|
prerelease: false
|
68
|
-
version_requirements: *
|
79
|
+
version_requirements: *16560900
|
69
80
|
- !ruby/object:Gem::Dependency
|
70
81
|
name: sqlite3
|
71
|
-
requirement: &
|
82
|
+
requirement: &16540280 !ruby/object:Gem::Requirement
|
72
83
|
none: false
|
73
84
|
requirements:
|
74
85
|
- - ! '>='
|
@@ -76,7 +87,7 @@ dependencies:
|
|
76
87
|
version: 1.3.3
|
77
88
|
type: :development
|
78
89
|
prerelease: false
|
79
|
-
version_requirements: *
|
90
|
+
version_requirements: *16540280
|
80
91
|
description: Works with Facebook.
|
81
92
|
email: victor@costan.us
|
82
93
|
executables: []
|
@@ -87,6 +98,7 @@ extra_rdoc_files:
|
|
87
98
|
files:
|
88
99
|
- .document
|
89
100
|
- .project
|
101
|
+
- .travis.yml
|
90
102
|
- Gemfile
|
91
103
|
- Gemfile.lock
|
92
104
|
- LICENSE
|
@@ -96,15 +108,18 @@ files:
|
|
96
108
|
- app/helpers/session_helper.rb
|
97
109
|
- authpwn_rails.gemspec
|
98
110
|
- lib/authpwn_rails.rb
|
111
|
+
- lib/authpwn_rails/credential_model.rb
|
112
|
+
- lib/authpwn_rails/credentials.rb
|
113
|
+
- lib/authpwn_rails/credentials/email.rb
|
114
|
+
- lib/authpwn_rails/credentials/facebook.rb
|
115
|
+
- lib/authpwn_rails/credentials/password.rb
|
99
116
|
- lib/authpwn_rails/engine.rb
|
100
117
|
- lib/authpwn_rails/facebook_session.rb
|
101
|
-
- lib/authpwn_rails/
|
102
|
-
- lib/authpwn_rails/generators/facebook_generator.rb
|
103
|
-
- lib/authpwn_rails/generators/session_generator.rb
|
118
|
+
- lib/authpwn_rails/generators/all_generator.rb
|
104
119
|
- lib/authpwn_rails/generators/templates/001_create_users.rb
|
105
|
-
- lib/authpwn_rails/generators/templates/
|
106
|
-
- lib/authpwn_rails/generators/templates/
|
107
|
-
- lib/authpwn_rails/generators/templates/
|
120
|
+
- lib/authpwn_rails/generators/templates/002_create_credentials.rb
|
121
|
+
- lib/authpwn_rails/generators/templates/credential.rb
|
122
|
+
- lib/authpwn_rails/generators/templates/credentials.yml
|
108
123
|
- lib/authpwn_rails/generators/templates/session/forbidden.html.erb
|
109
124
|
- lib/authpwn_rails/generators/templates/session/home.html.erb
|
110
125
|
- lib/authpwn_rails/generators/templates/session/new.html.erb
|
@@ -113,19 +128,20 @@ files:
|
|
113
128
|
- lib/authpwn_rails/generators/templates/session_controller_test.rb
|
114
129
|
- lib/authpwn_rails/generators/templates/user.rb
|
115
130
|
- lib/authpwn_rails/generators/templates/users.yml
|
116
|
-
- lib/authpwn_rails/generators/users_generator.rb
|
117
131
|
- lib/authpwn_rails/session.rb
|
118
132
|
- lib/authpwn_rails/session_controller.rb
|
119
133
|
- lib/authpwn_rails/test_extensions.rb
|
120
134
|
- lib/authpwn_rails/user_model.rb
|
121
135
|
- test/cookie_controller_test.rb
|
136
|
+
- test/email_credential_test.rb
|
122
137
|
- test/facebook_controller_test.rb
|
123
|
-
- test/
|
138
|
+
- test/facebook_credential_test.rb
|
124
139
|
- test/helpers/application_controller.rb
|
125
140
|
- test/helpers/db_setup.rb
|
126
141
|
- test/helpers/fbgraph.rb
|
127
142
|
- test/helpers/routes.rb
|
128
143
|
- test/helpers/view_helpers.rb
|
144
|
+
- test/password_credential_test.rb
|
129
145
|
- test/session_controller_api_test.rb
|
130
146
|
- test/test_helper.rb
|
131
147
|
- test/user_test.rb
|
@@ -144,7 +160,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
144
160
|
version: '0'
|
145
161
|
segments:
|
146
162
|
- 0
|
147
|
-
hash:
|
163
|
+
hash: -1320439618928497186
|
148
164
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
149
165
|
none: false
|
150
166
|
requirements:
|
@@ -153,7 +169,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
153
169
|
version: '0'
|
154
170
|
requirements: []
|
155
171
|
rubyforge_project:
|
156
|
-
rubygems_version: 1.8.
|
172
|
+
rubygems_version: 1.8.11
|
157
173
|
signing_key:
|
158
174
|
specification_version: 3
|
159
175
|
summary: User authentication for Rails 3 applications.
|
@@ -1,66 +0,0 @@
|
|
1
|
-
require 'active_support'
|
2
|
-
|
3
|
-
# :nodoc: namespace
|
4
|
-
module AuthpwnRails
|
5
|
-
|
6
|
-
# Included by the model class that represents facebook tokens.
|
7
|
-
#
|
8
|
-
# Right now, some parts of the codebase assume the model will be named
|
9
|
-
# FacebookToken.
|
10
|
-
module FacebookTokenModel
|
11
|
-
extend ActiveSupport::Concern
|
12
|
-
|
13
|
-
included do
|
14
|
-
# The user whose token this is.
|
15
|
-
belongs_to :user, :inverse_of => :facebook_token
|
16
|
-
validates :user, :presence => true
|
17
|
-
|
18
|
-
# A unique ID on the Facebook site for the user owning this token.
|
19
|
-
validates :external_uid, :length => 1..32, :presence => true
|
20
|
-
|
21
|
-
# The OAuth2 access token.
|
22
|
-
validates :access_token, :length => 1..128, :presence => true
|
23
|
-
end
|
24
|
-
|
25
|
-
# Included in the metaclass of models that call pwnauth_facebook_token_model.
|
26
|
-
module ClassMethods
|
27
|
-
# Finds or creates the model containing a token.
|
28
|
-
#
|
29
|
-
# If a model for the same user exists, the model is updated with the given
|
30
|
-
# token. Otherwise, a new model will be created, together with a user.
|
31
|
-
def for(access_token)
|
32
|
-
uid = uid_from_token access_token
|
33
|
-
token = self.where(:external_uid => uid.to_str).first
|
34
|
-
if token
|
35
|
-
token.access_token = access_token
|
36
|
-
else
|
37
|
-
token = FacebookToken.new :external_uid => uid,
|
38
|
-
:access_token => access_token
|
39
|
-
token.user = User.create_with_facebook_token token
|
40
|
-
end
|
41
|
-
token.save!
|
42
|
-
token
|
43
|
-
end
|
44
|
-
|
45
|
-
# Extracts the Facebook user ID from a OAuth2 token.
|
46
|
-
#
|
47
|
-
# This used to be a hack that pulled the UID out of an OAuth2 token. The new
|
48
|
-
# encrypted OAuth2 tokens don't have UIDs anymore, so this method is an
|
49
|
-
# interim hack for old code that still depends on it.
|
50
|
-
def uid_from_token(access_token)
|
51
|
-
FBGraphRails.fbclient(access_token).selection.me.info!.id.to_s
|
52
|
-
end
|
53
|
-
end # module AuthpwnRails::FacebookTokenModel::ClassMethods
|
54
|
-
|
55
|
-
|
56
|
-
# Included in models that include AuthpwnRails::FacebookTokenModel.
|
57
|
-
module InstanceMethods
|
58
|
-
# FBGraph client loaded with this access token.
|
59
|
-
def facebook_client
|
60
|
-
@client ||= FBGraphRails.fbclient(access_token)
|
61
|
-
end
|
62
|
-
end # module AuthpwnRails::FacebookTokenModel::InstanceMethods
|
63
|
-
|
64
|
-
end # namespace AuthpwnRails::FacebookTokenModel
|
65
|
-
|
66
|
-
end # namespace AuthpwnRails
|
@@ -1,18 +0,0 @@
|
|
1
|
-
# :nodoc: namespace
|
2
|
-
module Authpwn
|
3
|
-
|
4
|
-
# rails g authpwn:facebook
|
5
|
-
class FacebookGenerator < Rails::Generators::Base
|
6
|
-
source_root File.expand_path("../templates", __FILE__)
|
7
|
-
|
8
|
-
def create_facebook_model
|
9
|
-
copy_file 'facebook_token.rb',
|
10
|
-
File.join('app', 'models', 'facebook_token.rb')
|
11
|
-
copy_file '002_create_facebook_tokens.rb',
|
12
|
-
File.join('db', 'migrate', '20100725000002_create_facebook_tokens.rb')
|
13
|
-
copy_file 'facebook_tokens.yml',
|
14
|
-
File.join('test', 'fixtures', 'facebook_tokens.yml')
|
15
|
-
end
|
16
|
-
end # class Authpwn::FacebookGenerator
|
17
|
-
|
18
|
-
end # namespace Authpwn
|
@@ -1,15 +0,0 @@
|
|
1
|
-
class CreateFacebookTokens < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
create_table :facebook_tokens do |t|
|
4
|
-
t.integer :user_id, :null => false
|
5
|
-
t.string :external_uid, :limit => 32, :null => false
|
6
|
-
t.string :access_token, :limit => 128, :null => false
|
7
|
-
end
|
8
|
-
|
9
|
-
add_index :facebook_tokens, :external_uid, :unique => true, :null => false
|
10
|
-
end
|
11
|
-
|
12
|
-
def self.down
|
13
|
-
drop_table :facebook_tokens
|
14
|
-
end
|
15
|
-
end
|
@@ -1,10 +0,0 @@
|
|
1
|
-
# Test account vic.tor@costan.us
|
2
|
-
jane:
|
3
|
-
user: jane
|
4
|
-
external_uid: 100001181310542
|
5
|
-
access_token: 125502267478972|d2ecea6d763d2fb17cfa70fa-100001181310542|h849k0nQBq4FkAVEGVgeyoSd_RA.
|
6
|
-
|
7
|
-
john:
|
8
|
-
user: john
|
9
|
-
external_uid: 702659
|
10
|
-
access_token: 702659|ffffffffffffffffffffffff-702659|ZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
|