authpwn_rails 0.20.0 → 0.21.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +96 -60
- data/Gemfile.rails4 +1 -0
- data/Gemfile.rails41 +1 -0
- data/Gemfile.rails42 +1 -0
- data/Rakefile +2 -1
- data/VERSION +1 -1
- data/app/models/credentials/password.rb +3 -1
- data/app/models/tokens/base.rb +5 -3
- data/authpwn_rails.gemspec +10 -4
- data/legacy/migrate_020_to_021.rb +15 -0
- data/lib/authpwn_rails.rb +2 -2
- data/lib/authpwn_rails/generators/templates/credentials.yml +7 -7
- data/lib/authpwn_rails/generators/templates/users.yml +3 -3
- data/lib/authpwn_rails/user_model.rb +3 -1
- data/test/cookie_controller_test.rb +2 -2
- data/test/credentials/api_token_test.rb +2 -2
- data/test/credentials/email_credential_test.rb +1 -1
- data/test/credentials/email_verification_token_test.rb +2 -2
- data/test/credentials/omni_auth_uid_credential_test.rb +1 -1
- data/test/credentials/one_time_token_credential_test.rb +4 -4
- data/test/credentials/password_credential_test.rb +15 -1
- data/test/credentials/password_reset_token_test.rb +2 -2
- data/test/credentials/session_uid_token_test.rb +2 -2
- data/test/credentials/token_crendential_test.rb +28 -18
- data/test/helpers/rails.rb +0 -5
- data/test/helpers/view_helpers.rb +1 -1
- data/test/http_basic_controller_test.rb +1 -1
- data/test/http_token_controller_test.rb +3 -3
- data/test/initializer_test.rb +1 -1
- data/test/routes_test.rb +2 -2
- data/test/session_controller_api_test.rb +1 -1
- data/test/session_controller_test.rb +1 -1
- data/test/session_mailer_api_test.rb +1 -1
- data/test/session_mailer_test.rb +1 -1
- data/test/session_test.rb +1 -1
- data/test/test_extensions_test.rb +1 -1
- data/test/test_helper.rb +0 -1
- data/test/user_extensions/api_token_field_test.rb +1 -1
- data/test/user_extensions/email_field_test.rb +1 -1
- data/test/user_extensions/password_field_test.rb +1 -1
- data/test/user_test.rb +2 -2
- metadata +31 -3
- data/test/helpers/fbgraph.rb +0 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 675fbc46f9cd1ca6ec4ea6390fd648ec5ad4ab06
|
|
4
|
+
data.tar.gz: b5aa2f310aa8e5d7ece6df9912d3e3175f718de6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5d7d1c4b50aab9281d6b15c4ea51af277f1c7f1e3a1e0cc9958d48dbc7e748eda3cf46e2fad755a6769dc1bb7291d897192cf9fa1017c41f6fca6876f41cb23a
|
|
7
|
+
data.tar.gz: 3742acf28e0abf4e46d7819ece0d18c09d717fbde22cdd8ae2c8b4d8914823767bdf8d806cfe15853330f8bdda71b1cbe0280cbbbccafb74c047b42e5eecf8a8
|
data/.travis.yml
CHANGED
data/Gemfile
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
source 'https://rubygems.org'
|
|
2
2
|
|
|
3
|
+
gem 'base32', '>= 0.3.2'
|
|
3
4
|
gem 'rails', '>= 4.0.13'
|
|
4
5
|
|
|
5
6
|
group :development do
|
|
@@ -10,6 +11,7 @@ group :development do
|
|
|
10
11
|
gem 'mysql2', '>= 0.3.20'
|
|
11
12
|
gem 'omniauth', '>= 1.3.1'
|
|
12
13
|
gem 'pg', '>= 0.18.4'
|
|
14
|
+
gem 'rake', '>= 11.1.1'
|
|
13
15
|
gem 'sqlite3', '>= 1.3.11'
|
|
14
16
|
gem 'rubysl', platforms: [:rbx]
|
|
15
17
|
gem 'rubysl-bundler', platforms: [:rbx]
|
data/Gemfile.lock
CHANGED
|
@@ -1,34 +1,46 @@
|
|
|
1
1
|
GEM
|
|
2
2
|
remote: https://rubygems.org/
|
|
3
3
|
specs:
|
|
4
|
-
actionmailer (4.
|
|
5
|
-
actionpack (= 4.
|
|
4
|
+
actionmailer (4.2.6)
|
|
5
|
+
actionpack (= 4.2.6)
|
|
6
|
+
actionview (= 4.2.6)
|
|
7
|
+
activejob (= 4.2.6)
|
|
6
8
|
mail (~> 2.5, >= 2.5.4)
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
rack (~> 1.
|
|
9
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
10
|
+
actionpack (4.2.6)
|
|
11
|
+
actionview (= 4.2.6)
|
|
12
|
+
activesupport (= 4.2.6)
|
|
13
|
+
rack (~> 1.6)
|
|
12
14
|
rack-test (~> 0.6.2)
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
15
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
16
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
17
|
+
actionview (4.2.6)
|
|
18
|
+
activesupport (= 4.2.6)
|
|
19
|
+
builder (~> 3.1)
|
|
20
|
+
erubis (~> 2.7.0)
|
|
21
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
22
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
23
|
+
activejob (4.2.6)
|
|
24
|
+
activesupport (= 4.2.6)
|
|
25
|
+
globalid (>= 0.3.0)
|
|
26
|
+
activemodel (4.2.6)
|
|
27
|
+
activesupport (= 4.2.6)
|
|
28
|
+
builder (~> 3.1)
|
|
29
|
+
activerecord (4.2.6)
|
|
30
|
+
activemodel (= 4.2.6)
|
|
31
|
+
activesupport (= 4.2.6)
|
|
32
|
+
arel (~> 6.0)
|
|
33
|
+
activesupport (4.2.6)
|
|
34
|
+
i18n (~> 0.7)
|
|
35
|
+
json (~> 1.7, >= 1.7.7)
|
|
36
|
+
minitest (~> 5.1)
|
|
37
|
+
thread_safe (~> 0.3, >= 0.3.4)
|
|
38
|
+
tzinfo (~> 1.1)
|
|
28
39
|
addressable (2.4.0)
|
|
29
|
-
arel (
|
|
30
|
-
|
|
31
|
-
|
|
40
|
+
arel (6.0.3)
|
|
41
|
+
base32 (0.3.2)
|
|
42
|
+
builder (3.2.2)
|
|
43
|
+
concurrent-ruby (1.0.1)
|
|
32
44
|
descendants_tracker (0.0.4)
|
|
33
45
|
thread_safe (~> 0.3, >= 0.3.1)
|
|
34
46
|
docile (1.1.5)
|
|
@@ -36,7 +48,7 @@ GEM
|
|
|
36
48
|
faraday (0.9.2)
|
|
37
49
|
multipart-post (>= 1.2, < 3)
|
|
38
50
|
ffi2-generators (0.1.1)
|
|
39
|
-
git (1.
|
|
51
|
+
git (1.3.0)
|
|
40
52
|
github_api (0.13.1)
|
|
41
53
|
addressable (~> 2.4.0)
|
|
42
54
|
descendants_tracker (~> 0.0.4)
|
|
@@ -44,6 +56,8 @@ GEM
|
|
|
44
56
|
hashie (>= 3.4)
|
|
45
57
|
multi_json (>= 1.7.5, < 2.0)
|
|
46
58
|
oauth2
|
|
59
|
+
globalid (0.3.6)
|
|
60
|
+
activesupport (>= 4.1.0)
|
|
47
61
|
hashie (3.4.3)
|
|
48
62
|
highline (1.7.8)
|
|
49
63
|
i18n (0.7.0)
|
|
@@ -57,50 +71,66 @@ GEM
|
|
|
57
71
|
rake
|
|
58
72
|
rdoc
|
|
59
73
|
json (1.8.3)
|
|
60
|
-
jwt (1.5.
|
|
61
|
-
|
|
62
|
-
|
|
74
|
+
jwt (1.5.1)
|
|
75
|
+
loofah (2.0.3)
|
|
76
|
+
nokogiri (>= 1.5.9)
|
|
77
|
+
mail (2.6.4)
|
|
78
|
+
mime-types (>= 1.16, < 4)
|
|
63
79
|
metaclass (0.0.4)
|
|
64
|
-
mime-types (
|
|
80
|
+
mime-types (3.0)
|
|
81
|
+
mime-types-data (~> 3.2015)
|
|
82
|
+
mime-types-data (3.2016.0221)
|
|
65
83
|
mini_portile2 (2.0.0)
|
|
66
|
-
minitest (
|
|
84
|
+
minitest (5.8.4)
|
|
67
85
|
mocha (1.1.0)
|
|
68
86
|
metaclass (~> 0.0.1)
|
|
69
87
|
multi_json (1.11.2)
|
|
70
88
|
multi_xml (0.5.5)
|
|
71
89
|
multipart-post (2.0.0)
|
|
72
|
-
mysql2 (0.3
|
|
73
|
-
nokogiri (1.6.7.
|
|
90
|
+
mysql2 (0.4.3)
|
|
91
|
+
nokogiri (1.6.7.2)
|
|
74
92
|
mini_portile2 (~> 2.0.0.rc2)
|
|
75
|
-
oauth2 (1.
|
|
93
|
+
oauth2 (1.1.0)
|
|
76
94
|
faraday (>= 0.8, < 0.10)
|
|
77
|
-
jwt (~> 1.0)
|
|
95
|
+
jwt (~> 1.0, < 1.5.2)
|
|
78
96
|
multi_json (~> 1.3)
|
|
79
97
|
multi_xml (~> 0.5)
|
|
80
|
-
rack (
|
|
98
|
+
rack (>= 1.2, < 3)
|
|
81
99
|
omniauth (1.3.1)
|
|
82
100
|
hashie (>= 1.2, < 4)
|
|
83
101
|
rack (>= 1.0, < 3)
|
|
84
102
|
pg (0.18.4)
|
|
85
|
-
rack (1.
|
|
103
|
+
rack (1.6.4)
|
|
86
104
|
rack-test (0.6.3)
|
|
87
105
|
rack (>= 1.0)
|
|
88
|
-
rails (4.
|
|
89
|
-
actionmailer (= 4.
|
|
90
|
-
actionpack (= 4.
|
|
91
|
-
|
|
92
|
-
|
|
106
|
+
rails (4.2.6)
|
|
107
|
+
actionmailer (= 4.2.6)
|
|
108
|
+
actionpack (= 4.2.6)
|
|
109
|
+
actionview (= 4.2.6)
|
|
110
|
+
activejob (= 4.2.6)
|
|
111
|
+
activemodel (= 4.2.6)
|
|
112
|
+
activerecord (= 4.2.6)
|
|
113
|
+
activesupport (= 4.2.6)
|
|
93
114
|
bundler (>= 1.3.0, < 2.0)
|
|
94
|
-
railties (= 4.
|
|
95
|
-
sprockets-rails
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
115
|
+
railties (= 4.2.6)
|
|
116
|
+
sprockets-rails
|
|
117
|
+
rails-deprecated_sanitizer (1.0.3)
|
|
118
|
+
activesupport (>= 4.2.0.alpha)
|
|
119
|
+
rails-dom-testing (1.0.7)
|
|
120
|
+
activesupport (>= 4.2.0.beta, < 5.0)
|
|
121
|
+
nokogiri (~> 1.6.0)
|
|
122
|
+
rails-deprecated_sanitizer (>= 1.0.1)
|
|
123
|
+
rails-html-sanitizer (1.0.3)
|
|
124
|
+
loofah (~> 2.0)
|
|
125
|
+
railties (4.2.6)
|
|
126
|
+
actionpack (= 4.2.6)
|
|
127
|
+
activesupport (= 4.2.6)
|
|
99
128
|
rake (>= 0.8.7)
|
|
100
129
|
thor (>= 0.18.1, < 2.0)
|
|
101
|
-
rake (
|
|
102
|
-
rdoc (4.2.
|
|
103
|
-
|
|
130
|
+
rake (11.1.1)
|
|
131
|
+
rdoc (4.2.2)
|
|
132
|
+
json (~> 1.4)
|
|
133
|
+
rubysl (2.2.0)
|
|
104
134
|
rubysl-abbrev (~> 2.0)
|
|
105
135
|
rubysl-base64 (~> 2.0)
|
|
106
136
|
rubysl-benchmark (~> 2.0)
|
|
@@ -185,6 +215,7 @@ GEM
|
|
|
185
215
|
rubysl-tmpdir (~> 2.0)
|
|
186
216
|
rubysl-tsort (~> 2.0)
|
|
187
217
|
rubysl-un (~> 2.0)
|
|
218
|
+
rubysl-unicode_normalize (~> 2.0)
|
|
188
219
|
rubysl-uri (~> 2.0)
|
|
189
220
|
rubysl-weakref (~> 2.0)
|
|
190
221
|
rubysl-webrick (~> 2.0)
|
|
@@ -265,11 +296,11 @@ GEM
|
|
|
265
296
|
rubysl-observer (2.0.0)
|
|
266
297
|
rubysl-open-uri (2.0.0)
|
|
267
298
|
rubysl-open3 (2.0.0)
|
|
268
|
-
rubysl-openssl (2.
|
|
299
|
+
rubysl-openssl (2.8.0)
|
|
269
300
|
rubysl-optparse (2.0.1)
|
|
270
301
|
rubysl-shellwords (~> 2.0)
|
|
271
302
|
rubysl-ostruct (2.1.0)
|
|
272
|
-
rubysl-pathname (2.
|
|
303
|
+
rubysl-pathname (2.3)
|
|
273
304
|
rubysl-prettyprint (2.0.3)
|
|
274
305
|
rubysl-prime (2.0.1)
|
|
275
306
|
rubysl-profile (2.0.0)
|
|
@@ -299,8 +330,9 @@ GEM
|
|
|
299
330
|
rubysl-set (2.0.1)
|
|
300
331
|
rubysl-shellwords (2.0.0)
|
|
301
332
|
rubysl-singleton (2.0.0)
|
|
302
|
-
rubysl-socket (2.
|
|
303
|
-
|
|
333
|
+
rubysl-socket (2.1.1)
|
|
334
|
+
rubysl-fcntl (~> 2.0)
|
|
335
|
+
rubysl-stringio (2.1.0)
|
|
304
336
|
rubysl-strscan (2.0.0)
|
|
305
337
|
rubysl-sync (2.0.0)
|
|
306
338
|
rubysl-syslog (2.1.0)
|
|
@@ -315,13 +347,14 @@ GEM
|
|
|
315
347
|
rubysl-un (2.0.0)
|
|
316
348
|
rubysl-fileutils (~> 2.0)
|
|
317
349
|
rubysl-optparse (~> 2.0)
|
|
350
|
+
rubysl-unicode_normalize (2.0)
|
|
318
351
|
rubysl-uri (2.0.0)
|
|
319
352
|
rubysl-weakref (2.0.0)
|
|
320
353
|
rubysl-webrick (2.0.0)
|
|
321
354
|
rubysl-xmlrpc (2.0.0)
|
|
322
355
|
rubysl-yaml (2.1.0)
|
|
323
356
|
rubysl-zlib (2.0.1)
|
|
324
|
-
simplecov (0.11.
|
|
357
|
+
simplecov (0.11.2)
|
|
325
358
|
docile (~> 1.1.0)
|
|
326
359
|
json (~> 1.8)
|
|
327
360
|
simplecov-html (~> 0.10.0)
|
|
@@ -329,19 +362,21 @@ GEM
|
|
|
329
362
|
sprockets (3.5.2)
|
|
330
363
|
concurrent-ruby (~> 1.0)
|
|
331
364
|
rack (> 1, < 3)
|
|
332
|
-
sprockets-rails (
|
|
333
|
-
actionpack (>=
|
|
334
|
-
activesupport (>=
|
|
335
|
-
sprockets (>=
|
|
365
|
+
sprockets-rails (3.0.4)
|
|
366
|
+
actionpack (>= 4.0)
|
|
367
|
+
activesupport (>= 4.0)
|
|
368
|
+
sprockets (>= 3.0.0)
|
|
336
369
|
sqlite3 (1.3.11)
|
|
337
370
|
thor (0.19.1)
|
|
338
371
|
thread_safe (0.3.5)
|
|
339
|
-
tzinfo (
|
|
372
|
+
tzinfo (1.2.2)
|
|
373
|
+
thread_safe (~> 0.1)
|
|
340
374
|
|
|
341
375
|
PLATFORMS
|
|
342
376
|
ruby
|
|
343
377
|
|
|
344
378
|
DEPENDENCIES
|
|
379
|
+
base32 (>= 0.3.2)
|
|
345
380
|
bundler (>= 1.6.6)
|
|
346
381
|
jeweler (>= 2.0.1)
|
|
347
382
|
mocha (>= 1.1.0)
|
|
@@ -349,6 +384,7 @@ DEPENDENCIES
|
|
|
349
384
|
omniauth (>= 1.3.1)
|
|
350
385
|
pg (>= 0.18.4)
|
|
351
386
|
rails (>= 4.0.13)
|
|
387
|
+
rake (>= 11.1.1)
|
|
352
388
|
rubysl
|
|
353
389
|
rubysl-bundler
|
|
354
390
|
rubysl-rake
|
data/Gemfile.rails4
CHANGED
data/Gemfile.rails41
CHANGED
data/Gemfile.rails42
CHANGED
data/Rakefile
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.21.0
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'securerandom'
|
|
2
|
+
|
|
1
3
|
# :namespace
|
|
2
4
|
module Credentials
|
|
3
5
|
|
|
@@ -78,7 +80,7 @@ class Password < ::Credential
|
|
|
78
80
|
|
|
79
81
|
# Generates a random salt value.
|
|
80
82
|
def self.random_salt
|
|
81
|
-
[(
|
|
83
|
+
[SecureRandom.random_bytes(12)].pack('m').strip
|
|
82
84
|
end
|
|
83
85
|
end # class Credentials::Password
|
|
84
86
|
|
data/app/models/tokens/base.rb
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
require 'securerandom'
|
|
2
2
|
|
|
3
|
+
require 'base32'
|
|
4
|
+
|
|
5
|
+
|
|
3
6
|
# :namespace
|
|
4
7
|
module Tokens
|
|
5
8
|
|
|
@@ -12,8 +15,7 @@ class Base < ::Credential
|
|
|
12
15
|
# Token names are random, so we can expect they'll be unique across the
|
|
13
16
|
# entire namespace. We need this check to enforce name uniqueness across
|
|
14
17
|
# different token types.
|
|
15
|
-
validates :name, format: /\A[
|
|
16
|
-
uniqueness: true
|
|
18
|
+
validates :name, format: /\A[a-z0-9]+\Z/, presence: true, uniqueness: true
|
|
17
19
|
|
|
18
20
|
# Tokens can expire. This is a good idea most of the time, because token
|
|
19
21
|
# codes are supposed to be used quickly.
|
|
@@ -93,7 +95,7 @@ class Base < ::Credential
|
|
|
93
95
|
|
|
94
96
|
# Generates a random token code.
|
|
95
97
|
def self.random_code
|
|
96
|
-
SecureRandom.
|
|
98
|
+
Base32.encode(SecureRandom.random_bytes(32)).downcase.sub(/=*$/, '')
|
|
97
99
|
end
|
|
98
100
|
|
|
99
101
|
# Use codes instead of exposing ActiveRecord IDs.
|
data/authpwn_rails.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: authpwn_rails 0.
|
|
5
|
+
# stub: authpwn_rails 0.21.0 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "authpwn_rails"
|
|
9
|
-
s.version = "0.
|
|
9
|
+
s.version = "0.21.0"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["Victor Costan"]
|
|
14
|
-
s.date = "2016-
|
|
14
|
+
s.date = "2016-03-27"
|
|
15
15
|
s.description = "Works with Facebook."
|
|
16
16
|
s.email = "victor@costan.us"
|
|
17
17
|
s.extra_rdoc_files = [
|
|
@@ -43,6 +43,7 @@ Gem::Specification.new do |s|
|
|
|
43
43
|
"app/models/tokens/session_uid.rb",
|
|
44
44
|
"authpwn_rails.gemspec",
|
|
45
45
|
"legacy/migrate_011_to_012.rb",
|
|
46
|
+
"legacy/migrate_020_to_021.rb",
|
|
46
47
|
"legacy/migrate_09_to_010.rb",
|
|
47
48
|
"lib/authpwn_rails.rb",
|
|
48
49
|
"lib/authpwn_rails/credential_model.rb",
|
|
@@ -107,7 +108,6 @@ Gem::Specification.new do |s|
|
|
|
107
108
|
"test/helpers/application_controller.rb",
|
|
108
109
|
"test/helpers/autoload_path.rb",
|
|
109
110
|
"test/helpers/db_setup.rb",
|
|
110
|
-
"test/helpers/fbgraph.rb",
|
|
111
111
|
"test/helpers/i18n.rb",
|
|
112
112
|
"test/helpers/rails.rb",
|
|
113
113
|
"test/helpers/rails_undo.rb",
|
|
@@ -139,6 +139,7 @@ Gem::Specification.new do |s|
|
|
|
139
139
|
s.specification_version = 4
|
|
140
140
|
|
|
141
141
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
|
142
|
+
s.add_runtime_dependency(%q<base32>, [">= 0.3.2"])
|
|
142
143
|
s.add_runtime_dependency(%q<rails>, [">= 4.0.13"])
|
|
143
144
|
s.add_development_dependency(%q<bundler>, [">= 1.6.6"])
|
|
144
145
|
s.add_development_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -147,11 +148,13 @@ Gem::Specification.new do |s|
|
|
|
147
148
|
s.add_development_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
148
149
|
s.add_development_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
149
150
|
s.add_development_dependency(%q<pg>, [">= 0.18.4"])
|
|
151
|
+
s.add_development_dependency(%q<rake>, [">= 11.1.1"])
|
|
150
152
|
s.add_development_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
151
153
|
s.add_development_dependency(%q<rubysl>, [">= 0"])
|
|
152
154
|
s.add_development_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
153
155
|
s.add_development_dependency(%q<rubysl-rake>, [">= 0"])
|
|
154
156
|
else
|
|
157
|
+
s.add_dependency(%q<base32>, [">= 0.3.2"])
|
|
155
158
|
s.add_dependency(%q<rails>, [">= 4.0.13"])
|
|
156
159
|
s.add_dependency(%q<bundler>, [">= 1.6.6"])
|
|
157
160
|
s.add_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -160,12 +163,14 @@ Gem::Specification.new do |s|
|
|
|
160
163
|
s.add_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
161
164
|
s.add_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
162
165
|
s.add_dependency(%q<pg>, [">= 0.18.4"])
|
|
166
|
+
s.add_dependency(%q<rake>, [">= 11.1.1"])
|
|
163
167
|
s.add_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
164
168
|
s.add_dependency(%q<rubysl>, [">= 0"])
|
|
165
169
|
s.add_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
166
170
|
s.add_dependency(%q<rubysl-rake>, [">= 0"])
|
|
167
171
|
end
|
|
168
172
|
else
|
|
173
|
+
s.add_dependency(%q<base32>, [">= 0.3.2"])
|
|
169
174
|
s.add_dependency(%q<rails>, [">= 4.0.13"])
|
|
170
175
|
s.add_dependency(%q<bundler>, [">= 1.6.6"])
|
|
171
176
|
s.add_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -174,6 +179,7 @@ Gem::Specification.new do |s|
|
|
|
174
179
|
s.add_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
175
180
|
s.add_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
176
181
|
s.add_dependency(%q<pg>, [">= 0.18.4"])
|
|
182
|
+
s.add_dependency(%q<rake>, [">= 11.1.1"])
|
|
177
183
|
s.add_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
178
184
|
s.add_dependency(%q<rubysl>, [">= 0"])
|
|
179
185
|
s.add_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# This script migrates the authpwn 0.20 token codes and user IDs to the new
|
|
2
|
+
# 0.21 format.
|
|
3
|
+
# It should be run in a rails console.
|
|
4
|
+
|
|
5
|
+
User.all.each do |user|
|
|
6
|
+
user.exuid = nil
|
|
7
|
+
user.set_default_exuid
|
|
8
|
+
user.save!
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
Credential.all.each do |token|
|
|
12
|
+
next unless token.kind_of? Tokens::Base
|
|
13
|
+
token.code = Tokens::Base.random_code
|
|
14
|
+
token.save!
|
|
15
|
+
end
|
data/lib/authpwn_rails.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
require 'active_support'
|
|
1
|
+
require 'active_support/dependencies'
|
|
2
2
|
|
|
3
3
|
# :nodoc: namespace
|
|
4
4
|
module Authpwn
|
|
@@ -31,6 +31,6 @@ if defined?(Rails)
|
|
|
31
31
|
|
|
32
32
|
# HACK(pwnall): this works around a known Rails bug
|
|
33
33
|
# https://rails.lighthouseapp.com/projects/8994/tickets/1905-apphelpers-within-plugin-not-being-mixed-in
|
|
34
|
-
|
|
34
|
+
require_relative '../app/helpers/session_helper.rb'
|
|
35
35
|
ActionController::Base.helper SessionHelper
|
|
36
36
|
end
|
|
@@ -23,28 +23,28 @@ john_password:
|
|
|
23
23
|
jane_token:
|
|
24
24
|
user: jane
|
|
25
25
|
type: Tokens::OneTime
|
|
26
|
-
name:
|
|
26
|
+
name: skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa
|
|
27
27
|
|
|
28
28
|
john_token:
|
|
29
29
|
user: john
|
|
30
30
|
type: Tokens::Base
|
|
31
|
-
name:
|
|
31
|
+
name: ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq
|
|
32
32
|
|
|
33
33
|
john_email_token:
|
|
34
34
|
user: john
|
|
35
35
|
type: Tokens::EmailVerification
|
|
36
|
-
name:
|
|
36
|
+
name: qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca
|
|
37
37
|
key: john@gmail.com
|
|
38
38
|
|
|
39
39
|
jane_password_token:
|
|
40
40
|
user: jane
|
|
41
41
|
type: Tokens::PasswordReset
|
|
42
|
-
name:
|
|
42
|
+
name: 5pfbsvdcxaf3wrj2mf5h4j2skk3q7vni4dc4iqs6okqv2km3zrga
|
|
43
43
|
|
|
44
44
|
john_session_token:
|
|
45
45
|
user: john
|
|
46
46
|
type: Tokens::SessionUid
|
|
47
|
-
name:
|
|
47
|
+
name: gordzvlpnvwyjy53jklfcwcjxdjvvhwnfwenqql4tzotma5c7k7a
|
|
48
48
|
key: <%= { :browser_ip => '18.241.1.121',
|
|
49
49
|
:browser_ua => 'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
50
50
|
}.to_yaml.inspect %>
|
|
@@ -52,7 +52,7 @@ john_session_token:
|
|
|
52
52
|
jane_session_token:
|
|
53
53
|
user: jane
|
|
54
54
|
type: Tokens::SessionUid
|
|
55
|
-
name:
|
|
55
|
+
name: nnn4cz75nta35aqu34c3kozxokszfaxt46vvvpq6gxxfnh3fvbuq
|
|
56
56
|
key: <%= { :browser_ip => '18.70.0.160',
|
|
57
57
|
:browser_ua => 'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
58
58
|
}.to_yaml.inspect %>
|
|
@@ -72,4 +72,4 @@ jane_omniauth_developer:
|
|
|
72
72
|
john_api_token:
|
|
73
73
|
user: john
|
|
74
74
|
type: Tokens::Api
|
|
75
|
-
name:
|
|
75
|
+
name: k2cof7wjyi3672laumnajizwax73x262gfmoqoiau3cgap7z3pdq
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
require 'securerandom'
|
|
2
|
+
|
|
2
3
|
require 'active_model'
|
|
3
4
|
require 'active_support'
|
|
5
|
+
require 'base32'
|
|
4
6
|
|
|
5
7
|
|
|
6
8
|
# :nodoc: namespace
|
|
@@ -109,7 +111,7 @@ module UserModel
|
|
|
109
111
|
# :nodoc: sets exuid to a (hopefully) unique value before validations occur.
|
|
110
112
|
def set_default_exuid
|
|
111
113
|
self.exuid ||=
|
|
112
|
-
SecureRandom.random_bytes(
|
|
114
|
+
Base32.encode(SecureRandom.random_bytes(16)).downcase.sub(/=*$/, '')
|
|
113
115
|
end
|
|
114
116
|
end # namespace Authpwn::UserModel
|
|
115
117
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
# Mock controller used for testing session handling.
|
|
4
4
|
class CookieController < ApplicationController
|
|
@@ -190,7 +190,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
190
190
|
assert_equal nil, assigns(:current_user)
|
|
191
191
|
end
|
|
192
192
|
|
|
193
|
-
test "set_session_current_user
|
|
193
|
+
test "set_session_current_user behavhttps://appear.in/pwnalles when no user is logged off" do
|
|
194
194
|
assert_no_difference 'Credential.count' do
|
|
195
195
|
put :update, exuid: ''
|
|
196
196
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class ApiTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::Api.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class EmailVerificationTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::EmailVerification.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.key = 'jane@gmail.com'
|
|
8
8
|
@credential.user = users(:jane)
|
|
9
9
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::OneTime.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -37,7 +37,7 @@ class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
test 'authenticate spends the token' do
|
|
40
|
-
jane = '
|
|
40
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
41
41
|
bogus = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
|
|
42
42
|
assert_difference 'Credential.count', -1, 'token spent' do
|
|
43
43
|
assert_equal users(:jane), Tokens::Base.authenticate(jane)
|
|
@@ -48,7 +48,7 @@ class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
test 'authenticate calls User#auth_bounce_reason' do
|
|
51
|
-
jane = '
|
|
51
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
52
52
|
|
|
53
53
|
with_blocked_credential credentials(:jane_token), :reason do
|
|
54
54
|
assert_no_difference 'Credential.count', 'no token spent' do
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class PasswordCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
@@ -42,6 +42,20 @@ class PasswordCredentialTest < ActiveSupport::TestCase
|
|
|
42
42
|
assert !@credential.valid?
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
+
test 'generates salt' do
|
|
46
|
+
assert @credential.valid?
|
|
47
|
+
assert_match(/^[^|]{12,16}\|.+$/, @credential.key)
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
test 'generates random salts' do
|
|
51
|
+
salts = []
|
|
52
|
+
1000.times do
|
|
53
|
+
@credential.password = 'password'
|
|
54
|
+
salts << @credential.key.split('|').first
|
|
55
|
+
end
|
|
56
|
+
assert_equal salts.length, salts.uniq.length, 'Salts are not random enough'
|
|
57
|
+
end
|
|
58
|
+
|
|
45
59
|
test 'old_password always returns nil' do
|
|
46
60
|
assert_equal @credential.old_password, nil
|
|
47
61
|
@credential.old_password = 'old password'
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class PasswordVerificationTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::PasswordReset.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:john)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class SessionUidTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::SessionUid.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.browser_ip = '18.70.0.160'
|
|
8
8
|
@credential.browser_ua =
|
|
9
9
|
'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class TokenCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::Base.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -44,11 +44,21 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
44
44
|
assert_operator users(:jane).credentials, :include?, token
|
|
45
45
|
end
|
|
46
46
|
|
|
47
|
+
test 'random_for randomness' do
|
|
48
|
+
codes = []
|
|
49
|
+
1000.times do
|
|
50
|
+
token = Tokens::Base.random_for users(:jane)
|
|
51
|
+
codes << token.code
|
|
52
|
+
end
|
|
53
|
+
assert_equal codes.length, codes.uniq.length,
|
|
54
|
+
'Token codes are not random enough'
|
|
55
|
+
end
|
|
56
|
+
|
|
47
57
|
test 'with_code' do
|
|
48
|
-
john = '
|
|
49
|
-
john_email = '
|
|
50
|
-
jane = '
|
|
51
|
-
bogus = '
|
|
58
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
59
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
60
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
61
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
52
62
|
assert_equal credentials(:john_token),
|
|
53
63
|
Tokens::Base.with_code(john).first
|
|
54
64
|
assert_equal credentials(:jane_token),
|
|
@@ -76,10 +86,10 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
76
86
|
end
|
|
77
87
|
|
|
78
88
|
test 'class authenticate' do
|
|
79
|
-
john = '
|
|
80
|
-
john_email = '
|
|
81
|
-
jane = '
|
|
82
|
-
bogus = '
|
|
89
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
90
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
91
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
92
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
83
93
|
|
|
84
94
|
assert_equal users(:john), Tokens::Base.authenticate(john)
|
|
85
95
|
assert_equal users(:john), Tokens::Base.authenticate(john_email)
|
|
@@ -88,9 +98,9 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
88
98
|
end
|
|
89
99
|
|
|
90
100
|
test 'class authenticate with non-base class' do
|
|
91
|
-
john = '
|
|
92
|
-
john_email = '
|
|
93
|
-
bogus = '
|
|
101
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
102
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
103
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
94
104
|
|
|
95
105
|
assert_equal :invalid, Tokens::EmailVerification.authenticate(john)
|
|
96
106
|
assert_equal users(:john),
|
|
@@ -99,8 +109,8 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
99
109
|
end
|
|
100
110
|
|
|
101
111
|
test 'class authenticate on expired tokens' do
|
|
102
|
-
john = '
|
|
103
|
-
jane = '
|
|
112
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
113
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
104
114
|
|
|
105
115
|
Tokens::Base.all.each do |token|
|
|
106
116
|
token.updated_at = Time.now - 1.year
|
|
@@ -120,9 +130,9 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
120
130
|
end
|
|
121
131
|
|
|
122
132
|
test 'class authenticate calls User#auth_bounce_reason' do
|
|
123
|
-
john = '
|
|
124
|
-
jane = '
|
|
125
|
-
bogus = '
|
|
133
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
134
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
135
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
126
136
|
|
|
127
137
|
with_blocked_credential credentials(:john_token), :reason do
|
|
128
138
|
assert_equal :reason, Tokens::Base.authenticate(john)
|
data/test/helpers/rails.rb
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../../app/helpers/session_helper.rb'
|
|
2
2
|
ActionController::Base.helper SessionHelper
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
# Mock controller used for testing session handling.
|
|
4
4
|
class HttpTokenController < ApplicationController
|
|
@@ -57,9 +57,9 @@ class HttpTokenControllerTest < ActionController::TestCase
|
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
test "uses Tokens::Api.authenticate" do
|
|
60
|
-
Tokens::Api.expects(:authenticate).at_least_once.with('
|
|
60
|
+
Tokens::Api.expects(:authenticate).at_least_once.with('ap1c0d3').
|
|
61
61
|
returns @user
|
|
62
|
-
set_http_token_user @user, '
|
|
62
|
+
set_http_token_user @user, 'ap1c0d3'
|
|
63
63
|
get :show
|
|
64
64
|
assert_equal @user, assigns(:current_user)
|
|
65
65
|
assert_equal nil, session_current_user,
|
data/test/initializer_test.rb
CHANGED
data/test/routes_test.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
require 'authpwn_rails/generators/templates/session_controller.rb'
|
|
4
4
|
|
|
@@ -24,7 +24,7 @@ class RoutesTest < ActionController::TestCase
|
|
|
24
24
|
assert_routing({path: '/session/reset_password', method: :post},
|
|
25
25
|
{controller: 'session', action: 'reset_password'})
|
|
26
26
|
|
|
27
|
-
code = '
|
|
27
|
+
code = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
28
28
|
assert_routing({path: "/session/token/#{code}", method: :get},
|
|
29
29
|
{controller: 'session', action: 'token', code: code})
|
|
30
30
|
|
data/test/session_mailer_test.rb
CHANGED
data/test/session_test.rb
CHANGED
data/test/test_helper.rb
CHANGED
|
@@ -20,7 +20,6 @@ require 'helpers/application_controller.rb'
|
|
|
20
20
|
require 'helpers/action_mailer.rb'
|
|
21
21
|
require 'helpers/autoload_path.rb'
|
|
22
22
|
require 'helpers/db_setup.rb'
|
|
23
|
-
require 'helpers/fbgraph.rb'
|
|
24
23
|
require 'helpers/i18n.rb'
|
|
25
24
|
require 'helpers/rails.rb'
|
|
26
25
|
require 'helpers/routes.rb'
|
data/test/user_test.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
class UserTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
@@ -37,7 +37,7 @@ class UserTest < ActiveSupport::TestCase
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
test 'to_param' do
|
|
40
|
-
assert_equal '
|
|
40
|
+
assert_equal 'john000exuid', users(:john).to_param
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test 'with_param' do
|
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authpwn_rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.21.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Victor Costan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-03-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: base32
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 0.3.2
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 0.3.2
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: rails
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -122,6 +136,20 @@ dependencies:
|
|
|
122
136
|
- - ">="
|
|
123
137
|
- !ruby/object:Gem::Version
|
|
124
138
|
version: 0.18.4
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rake
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - ">="
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 11.1.1
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - ">="
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 11.1.1
|
|
125
153
|
- !ruby/object:Gem::Dependency
|
|
126
154
|
name: sqlite3
|
|
127
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -210,6 +238,7 @@ files:
|
|
|
210
238
|
- app/models/tokens/session_uid.rb
|
|
211
239
|
- authpwn_rails.gemspec
|
|
212
240
|
- legacy/migrate_011_to_012.rb
|
|
241
|
+
- legacy/migrate_020_to_021.rb
|
|
213
242
|
- legacy/migrate_09_to_010.rb
|
|
214
243
|
- lib/authpwn_rails.rb
|
|
215
244
|
- lib/authpwn_rails/credential_model.rb
|
|
@@ -274,7 +303,6 @@ files:
|
|
|
274
303
|
- test/helpers/application_controller.rb
|
|
275
304
|
- test/helpers/autoload_path.rb
|
|
276
305
|
- test/helpers/db_setup.rb
|
|
277
|
-
- test/helpers/fbgraph.rb
|
|
278
306
|
- test/helpers/i18n.rb
|
|
279
307
|
- test/helpers/rails.rb
|
|
280
308
|
- test/helpers/rails_undo.rb
|