authpwn_rails 0.13.1 → 0.13.2
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/authpwn_rails.gemspec +2 -2
- data/lib/authpwn_rails/session.rb +1 -1
- data/lib/authpwn_rails/session_controller.rb +1 -1
- data/test/cookie_controller_test.rb +6 -0
- data/test/helpers/db_setup.rb +8 -4
- metadata +3 -3
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.13.
|
|
1
|
+
0.13.2
|
data/authpwn_rails.gemspec
CHANGED
|
@@ -5,11 +5,11 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |s|
|
|
7
7
|
s.name = "authpwn_rails"
|
|
8
|
-
s.version = "0.13.
|
|
8
|
+
s.version = "0.13.2"
|
|
9
9
|
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
11
11
|
s.authors = ["Victor Costan"]
|
|
12
|
-
s.date = "2012-10-
|
|
12
|
+
s.date = "2012-10-19"
|
|
13
13
|
s.description = "Works with Facebook."
|
|
14
14
|
s.email = "victor@costan.us"
|
|
15
15
|
s.extra_rdoc_files = [
|
|
@@ -30,6 +30,7 @@ module ControllerInstanceMethods
|
|
|
30
30
|
|
|
31
31
|
# Sets up the session so that it will authenticate the given user.
|
|
32
32
|
def set_session_current_user(user)
|
|
33
|
+
self.current_user = user
|
|
33
34
|
# Try to reuse existing sessions.
|
|
34
35
|
if session[:authpwn_suid]
|
|
35
36
|
token = Tokens::SessionUid.with_code(session[:authpwn_suid]).first
|
|
@@ -48,7 +49,6 @@ module ControllerInstanceMethods
|
|
|
48
49
|
else
|
|
49
50
|
session.delete :authpwn_suid
|
|
50
51
|
end
|
|
51
|
-
self.current_user = user
|
|
52
52
|
end
|
|
53
53
|
|
|
54
54
|
# Filter that implements authenticates_using_session.
|
|
@@ -62,7 +62,7 @@ module SessionController
|
|
|
62
62
|
@email = params[:email]
|
|
63
63
|
auth = User.authenticate_signin @email, params[:password]
|
|
64
64
|
unless auth.kind_of? Symbol
|
|
65
|
-
|
|
65
|
+
set_session_current_user auth
|
|
66
66
|
Tokens::SessionUid.remove_expired if auto_purge_sessions
|
|
67
67
|
end
|
|
68
68
|
|
|
@@ -106,6 +106,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
106
106
|
end
|
|
107
107
|
assert_response :success
|
|
108
108
|
assert_equal @token.suid, request.session[:authpwn_suid]
|
|
109
|
+
assert_equal @user, assigns(:current_user)
|
|
109
110
|
|
|
110
111
|
get :show
|
|
111
112
|
assert_response :success
|
|
@@ -121,6 +122,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
121
122
|
assert_response :success
|
|
122
123
|
assert_operator @token.reload.updated_at, :>=, Time.now - 1.hour,
|
|
123
124
|
'Old token not refreshed'
|
|
125
|
+
assert_equal @user, assigns(:current_user)
|
|
124
126
|
|
|
125
127
|
get :show
|
|
126
128
|
assert_response :success
|
|
@@ -152,6 +154,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
152
154
|
assert_nil Tokens::Base.with_code(old_token.suid).first,
|
|
153
155
|
"old user's token not destroyed"
|
|
154
156
|
assert_not_equal @token.suid, request.session[:authpwn_suid]
|
|
157
|
+
assert_equal @user, assigns(:current_user)
|
|
155
158
|
|
|
156
159
|
get :show
|
|
157
160
|
assert_response :success
|
|
@@ -166,6 +169,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
166
169
|
put :update, :exuid => @user.exuid
|
|
167
170
|
end
|
|
168
171
|
assert_response :success
|
|
172
|
+
assert_equal @user, assigns(:current_user)
|
|
169
173
|
|
|
170
174
|
get :show
|
|
171
175
|
assert_response :success
|
|
@@ -179,6 +183,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
179
183
|
end
|
|
180
184
|
assert_response :success
|
|
181
185
|
assert_nil request.session[:authpwn_suid]
|
|
186
|
+
assert_equal nil, assigns(:current_user)
|
|
182
187
|
|
|
183
188
|
get :show
|
|
184
189
|
assert_response :success
|
|
@@ -191,6 +196,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
191
196
|
end
|
|
192
197
|
assert_response :success
|
|
193
198
|
assert_nil request.session[:authpwn_suid]
|
|
199
|
+
assert_equal nil, assigns(:current_user)
|
|
194
200
|
end
|
|
195
201
|
|
|
196
202
|
test "valid user_id bounced" do
|
data/test/helpers/db_setup.rb
CHANGED
|
@@ -18,9 +18,14 @@ else
|
|
|
18
18
|
ActiveRecord::Base.establish_connection :adapter => 'sqlite3',
|
|
19
19
|
:database => ':memory:'
|
|
20
20
|
end
|
|
21
|
-
|
|
22
|
-
ActiveRecord::Base
|
|
23
|
-
|
|
21
|
+
|
|
22
|
+
class ActiveRecord::Base
|
|
23
|
+
self.configurations = true
|
|
24
|
+
self.mass_assignment_sanitizer = :strict
|
|
25
|
+
|
|
26
|
+
# Hacky equivalent to config.active_record.whitelist_attributes = true
|
|
27
|
+
attr_accessible
|
|
28
|
+
end
|
|
24
29
|
|
|
25
30
|
ActiveRecord::Migration.verbose = false
|
|
26
31
|
require 'authpwn_rails/generators/templates/001_create_users.rb'
|
|
@@ -31,7 +36,6 @@ CreateCredentials.migrate :up
|
|
|
31
36
|
require 'authpwn_rails/generators/templates/user.rb'
|
|
32
37
|
require 'authpwn_rails/generators/templates/credential.rb'
|
|
33
38
|
|
|
34
|
-
# :nodoc: open TestCase to setup fixtures
|
|
35
39
|
class ActiveSupport::TestCase
|
|
36
40
|
include ActiveRecord::TestFixtures
|
|
37
41
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authpwn_rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.13.
|
|
4
|
+
version: 0.13.2
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2012-10-
|
|
12
|
+
date: 2012-10-19 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: fbgraph_rails
|
|
@@ -285,7 +285,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
285
285
|
version: '0'
|
|
286
286
|
segments:
|
|
287
287
|
- 0
|
|
288
|
-
hash: -
|
|
288
|
+
hash: -724367736535056714
|
|
289
289
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
290
290
|
none: false
|
|
291
291
|
requirements:
|