authpwn_rails 0.20.0 → 0.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +2 -0
- data/Gemfile +2 -0
- data/Gemfile.lock +96 -60
- data/Gemfile.rails4 +1 -0
- data/Gemfile.rails41 +1 -0
- data/Gemfile.rails42 +1 -0
- data/Rakefile +2 -1
- data/VERSION +1 -1
- data/app/models/credentials/password.rb +3 -1
- data/app/models/tokens/base.rb +5 -3
- data/authpwn_rails.gemspec +10 -4
- data/legacy/migrate_020_to_021.rb +15 -0
- data/lib/authpwn_rails.rb +2 -2
- data/lib/authpwn_rails/generators/templates/credentials.yml +7 -7
- data/lib/authpwn_rails/generators/templates/users.yml +3 -3
- data/lib/authpwn_rails/user_model.rb +3 -1
- data/test/cookie_controller_test.rb +2 -2
- data/test/credentials/api_token_test.rb +2 -2
- data/test/credentials/email_credential_test.rb +1 -1
- data/test/credentials/email_verification_token_test.rb +2 -2
- data/test/credentials/omni_auth_uid_credential_test.rb +1 -1
- data/test/credentials/one_time_token_credential_test.rb +4 -4
- data/test/credentials/password_credential_test.rb +15 -1
- data/test/credentials/password_reset_token_test.rb +2 -2
- data/test/credentials/session_uid_token_test.rb +2 -2
- data/test/credentials/token_crendential_test.rb +28 -18
- data/test/helpers/rails.rb +0 -5
- data/test/helpers/view_helpers.rb +1 -1
- data/test/http_basic_controller_test.rb +1 -1
- data/test/http_token_controller_test.rb +3 -3
- data/test/initializer_test.rb +1 -1
- data/test/routes_test.rb +2 -2
- data/test/session_controller_api_test.rb +1 -1
- data/test/session_controller_test.rb +1 -1
- data/test/session_mailer_api_test.rb +1 -1
- data/test/session_mailer_test.rb +1 -1
- data/test/session_test.rb +1 -1
- data/test/test_extensions_test.rb +1 -1
- data/test/test_helper.rb +0 -1
- data/test/user_extensions/api_token_field_test.rb +1 -1
- data/test/user_extensions/email_field_test.rb +1 -1
- data/test/user_extensions/password_field_test.rb +1 -1
- data/test/user_test.rb +2 -2
- metadata +31 -3
- data/test/helpers/fbgraph.rb +0 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 675fbc46f9cd1ca6ec4ea6390fd648ec5ad4ab06
|
|
4
|
+
data.tar.gz: b5aa2f310aa8e5d7ece6df9912d3e3175f718de6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5d7d1c4b50aab9281d6b15c4ea51af277f1c7f1e3a1e0cc9958d48dbc7e748eda3cf46e2fad755a6769dc1bb7291d897192cf9fa1017c41f6fca6876f41cb23a
|
|
7
|
+
data.tar.gz: 3742acf28e0abf4e46d7819ece0d18c09d717fbde22cdd8ae2c8b4d8914823767bdf8d806cfe15853330f8bdda71b1cbe0280cbbbccafb74c047b42e5eecf8a8
|
data/.travis.yml
CHANGED
data/Gemfile
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
source 'https://rubygems.org'
|
|
2
2
|
|
|
3
|
+
gem 'base32', '>= 0.3.2'
|
|
3
4
|
gem 'rails', '>= 4.0.13'
|
|
4
5
|
|
|
5
6
|
group :development do
|
|
@@ -10,6 +11,7 @@ group :development do
|
|
|
10
11
|
gem 'mysql2', '>= 0.3.20'
|
|
11
12
|
gem 'omniauth', '>= 1.3.1'
|
|
12
13
|
gem 'pg', '>= 0.18.4'
|
|
14
|
+
gem 'rake', '>= 11.1.1'
|
|
13
15
|
gem 'sqlite3', '>= 1.3.11'
|
|
14
16
|
gem 'rubysl', platforms: [:rbx]
|
|
15
17
|
gem 'rubysl-bundler', platforms: [:rbx]
|
data/Gemfile.lock
CHANGED
|
@@ -1,34 +1,46 @@
|
|
|
1
1
|
GEM
|
|
2
2
|
remote: https://rubygems.org/
|
|
3
3
|
specs:
|
|
4
|
-
actionmailer (4.
|
|
5
|
-
actionpack (= 4.
|
|
4
|
+
actionmailer (4.2.6)
|
|
5
|
+
actionpack (= 4.2.6)
|
|
6
|
+
actionview (= 4.2.6)
|
|
7
|
+
activejob (= 4.2.6)
|
|
6
8
|
mail (~> 2.5, >= 2.5.4)
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
rack (~> 1.
|
|
9
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
10
|
+
actionpack (4.2.6)
|
|
11
|
+
actionview (= 4.2.6)
|
|
12
|
+
activesupport (= 4.2.6)
|
|
13
|
+
rack (~> 1.6)
|
|
12
14
|
rack-test (~> 0.6.2)
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
15
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
16
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
17
|
+
actionview (4.2.6)
|
|
18
|
+
activesupport (= 4.2.6)
|
|
19
|
+
builder (~> 3.1)
|
|
20
|
+
erubis (~> 2.7.0)
|
|
21
|
+
rails-dom-testing (~> 1.0, >= 1.0.5)
|
|
22
|
+
rails-html-sanitizer (~> 1.0, >= 1.0.2)
|
|
23
|
+
activejob (4.2.6)
|
|
24
|
+
activesupport (= 4.2.6)
|
|
25
|
+
globalid (>= 0.3.0)
|
|
26
|
+
activemodel (4.2.6)
|
|
27
|
+
activesupport (= 4.2.6)
|
|
28
|
+
builder (~> 3.1)
|
|
29
|
+
activerecord (4.2.6)
|
|
30
|
+
activemodel (= 4.2.6)
|
|
31
|
+
activesupport (= 4.2.6)
|
|
32
|
+
arel (~> 6.0)
|
|
33
|
+
activesupport (4.2.6)
|
|
34
|
+
i18n (~> 0.7)
|
|
35
|
+
json (~> 1.7, >= 1.7.7)
|
|
36
|
+
minitest (~> 5.1)
|
|
37
|
+
thread_safe (~> 0.3, >= 0.3.4)
|
|
38
|
+
tzinfo (~> 1.1)
|
|
28
39
|
addressable (2.4.0)
|
|
29
|
-
arel (
|
|
30
|
-
|
|
31
|
-
|
|
40
|
+
arel (6.0.3)
|
|
41
|
+
base32 (0.3.2)
|
|
42
|
+
builder (3.2.2)
|
|
43
|
+
concurrent-ruby (1.0.1)
|
|
32
44
|
descendants_tracker (0.0.4)
|
|
33
45
|
thread_safe (~> 0.3, >= 0.3.1)
|
|
34
46
|
docile (1.1.5)
|
|
@@ -36,7 +48,7 @@ GEM
|
|
|
36
48
|
faraday (0.9.2)
|
|
37
49
|
multipart-post (>= 1.2, < 3)
|
|
38
50
|
ffi2-generators (0.1.1)
|
|
39
|
-
git (1.
|
|
51
|
+
git (1.3.0)
|
|
40
52
|
github_api (0.13.1)
|
|
41
53
|
addressable (~> 2.4.0)
|
|
42
54
|
descendants_tracker (~> 0.0.4)
|
|
@@ -44,6 +56,8 @@ GEM
|
|
|
44
56
|
hashie (>= 3.4)
|
|
45
57
|
multi_json (>= 1.7.5, < 2.0)
|
|
46
58
|
oauth2
|
|
59
|
+
globalid (0.3.6)
|
|
60
|
+
activesupport (>= 4.1.0)
|
|
47
61
|
hashie (3.4.3)
|
|
48
62
|
highline (1.7.8)
|
|
49
63
|
i18n (0.7.0)
|
|
@@ -57,50 +71,66 @@ GEM
|
|
|
57
71
|
rake
|
|
58
72
|
rdoc
|
|
59
73
|
json (1.8.3)
|
|
60
|
-
jwt (1.5.
|
|
61
|
-
|
|
62
|
-
|
|
74
|
+
jwt (1.5.1)
|
|
75
|
+
loofah (2.0.3)
|
|
76
|
+
nokogiri (>= 1.5.9)
|
|
77
|
+
mail (2.6.4)
|
|
78
|
+
mime-types (>= 1.16, < 4)
|
|
63
79
|
metaclass (0.0.4)
|
|
64
|
-
mime-types (
|
|
80
|
+
mime-types (3.0)
|
|
81
|
+
mime-types-data (~> 3.2015)
|
|
82
|
+
mime-types-data (3.2016.0221)
|
|
65
83
|
mini_portile2 (2.0.0)
|
|
66
|
-
minitest (
|
|
84
|
+
minitest (5.8.4)
|
|
67
85
|
mocha (1.1.0)
|
|
68
86
|
metaclass (~> 0.0.1)
|
|
69
87
|
multi_json (1.11.2)
|
|
70
88
|
multi_xml (0.5.5)
|
|
71
89
|
multipart-post (2.0.0)
|
|
72
|
-
mysql2 (0.3
|
|
73
|
-
nokogiri (1.6.7.
|
|
90
|
+
mysql2 (0.4.3)
|
|
91
|
+
nokogiri (1.6.7.2)
|
|
74
92
|
mini_portile2 (~> 2.0.0.rc2)
|
|
75
|
-
oauth2 (1.
|
|
93
|
+
oauth2 (1.1.0)
|
|
76
94
|
faraday (>= 0.8, < 0.10)
|
|
77
|
-
jwt (~> 1.0)
|
|
95
|
+
jwt (~> 1.0, < 1.5.2)
|
|
78
96
|
multi_json (~> 1.3)
|
|
79
97
|
multi_xml (~> 0.5)
|
|
80
|
-
rack (
|
|
98
|
+
rack (>= 1.2, < 3)
|
|
81
99
|
omniauth (1.3.1)
|
|
82
100
|
hashie (>= 1.2, < 4)
|
|
83
101
|
rack (>= 1.0, < 3)
|
|
84
102
|
pg (0.18.4)
|
|
85
|
-
rack (1.
|
|
103
|
+
rack (1.6.4)
|
|
86
104
|
rack-test (0.6.3)
|
|
87
105
|
rack (>= 1.0)
|
|
88
|
-
rails (4.
|
|
89
|
-
actionmailer (= 4.
|
|
90
|
-
actionpack (= 4.
|
|
91
|
-
|
|
92
|
-
|
|
106
|
+
rails (4.2.6)
|
|
107
|
+
actionmailer (= 4.2.6)
|
|
108
|
+
actionpack (= 4.2.6)
|
|
109
|
+
actionview (= 4.2.6)
|
|
110
|
+
activejob (= 4.2.6)
|
|
111
|
+
activemodel (= 4.2.6)
|
|
112
|
+
activerecord (= 4.2.6)
|
|
113
|
+
activesupport (= 4.2.6)
|
|
93
114
|
bundler (>= 1.3.0, < 2.0)
|
|
94
|
-
railties (= 4.
|
|
95
|
-
sprockets-rails
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
115
|
+
railties (= 4.2.6)
|
|
116
|
+
sprockets-rails
|
|
117
|
+
rails-deprecated_sanitizer (1.0.3)
|
|
118
|
+
activesupport (>= 4.2.0.alpha)
|
|
119
|
+
rails-dom-testing (1.0.7)
|
|
120
|
+
activesupport (>= 4.2.0.beta, < 5.0)
|
|
121
|
+
nokogiri (~> 1.6.0)
|
|
122
|
+
rails-deprecated_sanitizer (>= 1.0.1)
|
|
123
|
+
rails-html-sanitizer (1.0.3)
|
|
124
|
+
loofah (~> 2.0)
|
|
125
|
+
railties (4.2.6)
|
|
126
|
+
actionpack (= 4.2.6)
|
|
127
|
+
activesupport (= 4.2.6)
|
|
99
128
|
rake (>= 0.8.7)
|
|
100
129
|
thor (>= 0.18.1, < 2.0)
|
|
101
|
-
rake (
|
|
102
|
-
rdoc (4.2.
|
|
103
|
-
|
|
130
|
+
rake (11.1.1)
|
|
131
|
+
rdoc (4.2.2)
|
|
132
|
+
json (~> 1.4)
|
|
133
|
+
rubysl (2.2.0)
|
|
104
134
|
rubysl-abbrev (~> 2.0)
|
|
105
135
|
rubysl-base64 (~> 2.0)
|
|
106
136
|
rubysl-benchmark (~> 2.0)
|
|
@@ -185,6 +215,7 @@ GEM
|
|
|
185
215
|
rubysl-tmpdir (~> 2.0)
|
|
186
216
|
rubysl-tsort (~> 2.0)
|
|
187
217
|
rubysl-un (~> 2.0)
|
|
218
|
+
rubysl-unicode_normalize (~> 2.0)
|
|
188
219
|
rubysl-uri (~> 2.0)
|
|
189
220
|
rubysl-weakref (~> 2.0)
|
|
190
221
|
rubysl-webrick (~> 2.0)
|
|
@@ -265,11 +296,11 @@ GEM
|
|
|
265
296
|
rubysl-observer (2.0.0)
|
|
266
297
|
rubysl-open-uri (2.0.0)
|
|
267
298
|
rubysl-open3 (2.0.0)
|
|
268
|
-
rubysl-openssl (2.
|
|
299
|
+
rubysl-openssl (2.8.0)
|
|
269
300
|
rubysl-optparse (2.0.1)
|
|
270
301
|
rubysl-shellwords (~> 2.0)
|
|
271
302
|
rubysl-ostruct (2.1.0)
|
|
272
|
-
rubysl-pathname (2.
|
|
303
|
+
rubysl-pathname (2.3)
|
|
273
304
|
rubysl-prettyprint (2.0.3)
|
|
274
305
|
rubysl-prime (2.0.1)
|
|
275
306
|
rubysl-profile (2.0.0)
|
|
@@ -299,8 +330,9 @@ GEM
|
|
|
299
330
|
rubysl-set (2.0.1)
|
|
300
331
|
rubysl-shellwords (2.0.0)
|
|
301
332
|
rubysl-singleton (2.0.0)
|
|
302
|
-
rubysl-socket (2.
|
|
303
|
-
|
|
333
|
+
rubysl-socket (2.1.1)
|
|
334
|
+
rubysl-fcntl (~> 2.0)
|
|
335
|
+
rubysl-stringio (2.1.0)
|
|
304
336
|
rubysl-strscan (2.0.0)
|
|
305
337
|
rubysl-sync (2.0.0)
|
|
306
338
|
rubysl-syslog (2.1.0)
|
|
@@ -315,13 +347,14 @@ GEM
|
|
|
315
347
|
rubysl-un (2.0.0)
|
|
316
348
|
rubysl-fileutils (~> 2.0)
|
|
317
349
|
rubysl-optparse (~> 2.0)
|
|
350
|
+
rubysl-unicode_normalize (2.0)
|
|
318
351
|
rubysl-uri (2.0.0)
|
|
319
352
|
rubysl-weakref (2.0.0)
|
|
320
353
|
rubysl-webrick (2.0.0)
|
|
321
354
|
rubysl-xmlrpc (2.0.0)
|
|
322
355
|
rubysl-yaml (2.1.0)
|
|
323
356
|
rubysl-zlib (2.0.1)
|
|
324
|
-
simplecov (0.11.
|
|
357
|
+
simplecov (0.11.2)
|
|
325
358
|
docile (~> 1.1.0)
|
|
326
359
|
json (~> 1.8)
|
|
327
360
|
simplecov-html (~> 0.10.0)
|
|
@@ -329,19 +362,21 @@ GEM
|
|
|
329
362
|
sprockets (3.5.2)
|
|
330
363
|
concurrent-ruby (~> 1.0)
|
|
331
364
|
rack (> 1, < 3)
|
|
332
|
-
sprockets-rails (
|
|
333
|
-
actionpack (>=
|
|
334
|
-
activesupport (>=
|
|
335
|
-
sprockets (>=
|
|
365
|
+
sprockets-rails (3.0.4)
|
|
366
|
+
actionpack (>= 4.0)
|
|
367
|
+
activesupport (>= 4.0)
|
|
368
|
+
sprockets (>= 3.0.0)
|
|
336
369
|
sqlite3 (1.3.11)
|
|
337
370
|
thor (0.19.1)
|
|
338
371
|
thread_safe (0.3.5)
|
|
339
|
-
tzinfo (
|
|
372
|
+
tzinfo (1.2.2)
|
|
373
|
+
thread_safe (~> 0.1)
|
|
340
374
|
|
|
341
375
|
PLATFORMS
|
|
342
376
|
ruby
|
|
343
377
|
|
|
344
378
|
DEPENDENCIES
|
|
379
|
+
base32 (>= 0.3.2)
|
|
345
380
|
bundler (>= 1.6.6)
|
|
346
381
|
jeweler (>= 2.0.1)
|
|
347
382
|
mocha (>= 1.1.0)
|
|
@@ -349,6 +384,7 @@ DEPENDENCIES
|
|
|
349
384
|
omniauth (>= 1.3.1)
|
|
350
385
|
pg (>= 0.18.4)
|
|
351
386
|
rails (>= 4.0.13)
|
|
387
|
+
rake (>= 11.1.1)
|
|
352
388
|
rubysl
|
|
353
389
|
rubysl-bundler
|
|
354
390
|
rubysl-rake
|
data/Gemfile.rails4
CHANGED
data/Gemfile.rails41
CHANGED
data/Gemfile.rails42
CHANGED
data/Rakefile
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.21.0
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'securerandom'
|
|
2
|
+
|
|
1
3
|
# :namespace
|
|
2
4
|
module Credentials
|
|
3
5
|
|
|
@@ -78,7 +80,7 @@ class Password < ::Credential
|
|
|
78
80
|
|
|
79
81
|
# Generates a random salt value.
|
|
80
82
|
def self.random_salt
|
|
81
|
-
[(
|
|
83
|
+
[SecureRandom.random_bytes(12)].pack('m').strip
|
|
82
84
|
end
|
|
83
85
|
end # class Credentials::Password
|
|
84
86
|
|
data/app/models/tokens/base.rb
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
require 'securerandom'
|
|
2
2
|
|
|
3
|
+
require 'base32'
|
|
4
|
+
|
|
5
|
+
|
|
3
6
|
# :namespace
|
|
4
7
|
module Tokens
|
|
5
8
|
|
|
@@ -12,8 +15,7 @@ class Base < ::Credential
|
|
|
12
15
|
# Token names are random, so we can expect they'll be unique across the
|
|
13
16
|
# entire namespace. We need this check to enforce name uniqueness across
|
|
14
17
|
# different token types.
|
|
15
|
-
validates :name, format: /\A[
|
|
16
|
-
uniqueness: true
|
|
18
|
+
validates :name, format: /\A[a-z0-9]+\Z/, presence: true, uniqueness: true
|
|
17
19
|
|
|
18
20
|
# Tokens can expire. This is a good idea most of the time, because token
|
|
19
21
|
# codes are supposed to be used quickly.
|
|
@@ -93,7 +95,7 @@ class Base < ::Credential
|
|
|
93
95
|
|
|
94
96
|
# Generates a random token code.
|
|
95
97
|
def self.random_code
|
|
96
|
-
SecureRandom.
|
|
98
|
+
Base32.encode(SecureRandom.random_bytes(32)).downcase.sub(/=*$/, '')
|
|
97
99
|
end
|
|
98
100
|
|
|
99
101
|
# Use codes instead of exposing ActiveRecord IDs.
|
data/authpwn_rails.gemspec
CHANGED
|
@@ -2,16 +2,16 @@
|
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
|
3
3
|
# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
|
|
4
4
|
# -*- encoding: utf-8 -*-
|
|
5
|
-
# stub: authpwn_rails 0.
|
|
5
|
+
# stub: authpwn_rails 0.21.0 ruby lib
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
8
|
s.name = "authpwn_rails"
|
|
9
|
-
s.version = "0.
|
|
9
|
+
s.version = "0.21.0"
|
|
10
10
|
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.authors = ["Victor Costan"]
|
|
14
|
-
s.date = "2016-
|
|
14
|
+
s.date = "2016-03-27"
|
|
15
15
|
s.description = "Works with Facebook."
|
|
16
16
|
s.email = "victor@costan.us"
|
|
17
17
|
s.extra_rdoc_files = [
|
|
@@ -43,6 +43,7 @@ Gem::Specification.new do |s|
|
|
|
43
43
|
"app/models/tokens/session_uid.rb",
|
|
44
44
|
"authpwn_rails.gemspec",
|
|
45
45
|
"legacy/migrate_011_to_012.rb",
|
|
46
|
+
"legacy/migrate_020_to_021.rb",
|
|
46
47
|
"legacy/migrate_09_to_010.rb",
|
|
47
48
|
"lib/authpwn_rails.rb",
|
|
48
49
|
"lib/authpwn_rails/credential_model.rb",
|
|
@@ -107,7 +108,6 @@ Gem::Specification.new do |s|
|
|
|
107
108
|
"test/helpers/application_controller.rb",
|
|
108
109
|
"test/helpers/autoload_path.rb",
|
|
109
110
|
"test/helpers/db_setup.rb",
|
|
110
|
-
"test/helpers/fbgraph.rb",
|
|
111
111
|
"test/helpers/i18n.rb",
|
|
112
112
|
"test/helpers/rails.rb",
|
|
113
113
|
"test/helpers/rails_undo.rb",
|
|
@@ -139,6 +139,7 @@ Gem::Specification.new do |s|
|
|
|
139
139
|
s.specification_version = 4
|
|
140
140
|
|
|
141
141
|
if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
|
|
142
|
+
s.add_runtime_dependency(%q<base32>, [">= 0.3.2"])
|
|
142
143
|
s.add_runtime_dependency(%q<rails>, [">= 4.0.13"])
|
|
143
144
|
s.add_development_dependency(%q<bundler>, [">= 1.6.6"])
|
|
144
145
|
s.add_development_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -147,11 +148,13 @@ Gem::Specification.new do |s|
|
|
|
147
148
|
s.add_development_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
148
149
|
s.add_development_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
149
150
|
s.add_development_dependency(%q<pg>, [">= 0.18.4"])
|
|
151
|
+
s.add_development_dependency(%q<rake>, [">= 11.1.1"])
|
|
150
152
|
s.add_development_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
151
153
|
s.add_development_dependency(%q<rubysl>, [">= 0"])
|
|
152
154
|
s.add_development_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
153
155
|
s.add_development_dependency(%q<rubysl-rake>, [">= 0"])
|
|
154
156
|
else
|
|
157
|
+
s.add_dependency(%q<base32>, [">= 0.3.2"])
|
|
155
158
|
s.add_dependency(%q<rails>, [">= 4.0.13"])
|
|
156
159
|
s.add_dependency(%q<bundler>, [">= 1.6.6"])
|
|
157
160
|
s.add_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -160,12 +163,14 @@ Gem::Specification.new do |s|
|
|
|
160
163
|
s.add_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
161
164
|
s.add_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
162
165
|
s.add_dependency(%q<pg>, [">= 0.18.4"])
|
|
166
|
+
s.add_dependency(%q<rake>, [">= 11.1.1"])
|
|
163
167
|
s.add_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
164
168
|
s.add_dependency(%q<rubysl>, [">= 0"])
|
|
165
169
|
s.add_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
166
170
|
s.add_dependency(%q<rubysl-rake>, [">= 0"])
|
|
167
171
|
end
|
|
168
172
|
else
|
|
173
|
+
s.add_dependency(%q<base32>, [">= 0.3.2"])
|
|
169
174
|
s.add_dependency(%q<rails>, [">= 4.0.13"])
|
|
170
175
|
s.add_dependency(%q<bundler>, [">= 1.6.6"])
|
|
171
176
|
s.add_dependency(%q<mocha>, [">= 1.1.0"])
|
|
@@ -174,6 +179,7 @@ Gem::Specification.new do |s|
|
|
|
174
179
|
s.add_dependency(%q<mysql2>, [">= 0.3.20"])
|
|
175
180
|
s.add_dependency(%q<omniauth>, [">= 1.3.1"])
|
|
176
181
|
s.add_dependency(%q<pg>, [">= 0.18.4"])
|
|
182
|
+
s.add_dependency(%q<rake>, [">= 11.1.1"])
|
|
177
183
|
s.add_dependency(%q<sqlite3>, [">= 1.3.11"])
|
|
178
184
|
s.add_dependency(%q<rubysl>, [">= 0"])
|
|
179
185
|
s.add_dependency(%q<rubysl-bundler>, [">= 0"])
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# This script migrates the authpwn 0.20 token codes and user IDs to the new
|
|
2
|
+
# 0.21 format.
|
|
3
|
+
# It should be run in a rails console.
|
|
4
|
+
|
|
5
|
+
User.all.each do |user|
|
|
6
|
+
user.exuid = nil
|
|
7
|
+
user.set_default_exuid
|
|
8
|
+
user.save!
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
Credential.all.each do |token|
|
|
12
|
+
next unless token.kind_of? Tokens::Base
|
|
13
|
+
token.code = Tokens::Base.random_code
|
|
14
|
+
token.save!
|
|
15
|
+
end
|
data/lib/authpwn_rails.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
require 'active_support'
|
|
1
|
+
require 'active_support/dependencies'
|
|
2
2
|
|
|
3
3
|
# :nodoc: namespace
|
|
4
4
|
module Authpwn
|
|
@@ -31,6 +31,6 @@ if defined?(Rails)
|
|
|
31
31
|
|
|
32
32
|
# HACK(pwnall): this works around a known Rails bug
|
|
33
33
|
# https://rails.lighthouseapp.com/projects/8994/tickets/1905-apphelpers-within-plugin-not-being-mixed-in
|
|
34
|
-
|
|
34
|
+
require_relative '../app/helpers/session_helper.rb'
|
|
35
35
|
ActionController::Base.helper SessionHelper
|
|
36
36
|
end
|
|
@@ -23,28 +23,28 @@ john_password:
|
|
|
23
23
|
jane_token:
|
|
24
24
|
user: jane
|
|
25
25
|
type: Tokens::OneTime
|
|
26
|
-
name:
|
|
26
|
+
name: skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa
|
|
27
27
|
|
|
28
28
|
john_token:
|
|
29
29
|
user: john
|
|
30
30
|
type: Tokens::Base
|
|
31
|
-
name:
|
|
31
|
+
name: ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq
|
|
32
32
|
|
|
33
33
|
john_email_token:
|
|
34
34
|
user: john
|
|
35
35
|
type: Tokens::EmailVerification
|
|
36
|
-
name:
|
|
36
|
+
name: qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca
|
|
37
37
|
key: john@gmail.com
|
|
38
38
|
|
|
39
39
|
jane_password_token:
|
|
40
40
|
user: jane
|
|
41
41
|
type: Tokens::PasswordReset
|
|
42
|
-
name:
|
|
42
|
+
name: 5pfbsvdcxaf3wrj2mf5h4j2skk3q7vni4dc4iqs6okqv2km3zrga
|
|
43
43
|
|
|
44
44
|
john_session_token:
|
|
45
45
|
user: john
|
|
46
46
|
type: Tokens::SessionUid
|
|
47
|
-
name:
|
|
47
|
+
name: gordzvlpnvwyjy53jklfcwcjxdjvvhwnfwenqql4tzotma5c7k7a
|
|
48
48
|
key: <%= { :browser_ip => '18.241.1.121',
|
|
49
49
|
:browser_ua => 'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
50
50
|
}.to_yaml.inspect %>
|
|
@@ -52,7 +52,7 @@ john_session_token:
|
|
|
52
52
|
jane_session_token:
|
|
53
53
|
user: jane
|
|
54
54
|
type: Tokens::SessionUid
|
|
55
|
-
name:
|
|
55
|
+
name: nnn4cz75nta35aqu34c3kozxokszfaxt46vvvpq6gxxfnh3fvbuq
|
|
56
56
|
key: <%= { :browser_ip => '18.70.0.160',
|
|
57
57
|
:browser_ua => 'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
58
58
|
}.to_yaml.inspect %>
|
|
@@ -72,4 +72,4 @@ jane_omniauth_developer:
|
|
|
72
72
|
john_api_token:
|
|
73
73
|
user: john
|
|
74
74
|
type: Tokens::Api
|
|
75
|
-
name:
|
|
75
|
+
name: k2cof7wjyi3672laumnajizwax73x262gfmoqoiau3cgap7z3pdq
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
require 'securerandom'
|
|
2
|
+
|
|
2
3
|
require 'active_model'
|
|
3
4
|
require 'active_support'
|
|
5
|
+
require 'base32'
|
|
4
6
|
|
|
5
7
|
|
|
6
8
|
# :nodoc: namespace
|
|
@@ -109,7 +111,7 @@ module UserModel
|
|
|
109
111
|
# :nodoc: sets exuid to a (hopefully) unique value before validations occur.
|
|
110
112
|
def set_default_exuid
|
|
111
113
|
self.exuid ||=
|
|
112
|
-
SecureRandom.random_bytes(
|
|
114
|
+
Base32.encode(SecureRandom.random_bytes(16)).downcase.sub(/=*$/, '')
|
|
113
115
|
end
|
|
114
116
|
end # namespace Authpwn::UserModel
|
|
115
117
|
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
# Mock controller used for testing session handling.
|
|
4
4
|
class CookieController < ApplicationController
|
|
@@ -190,7 +190,7 @@ class CookieControllerTest < ActionController::TestCase
|
|
|
190
190
|
assert_equal nil, assigns(:current_user)
|
|
191
191
|
end
|
|
192
192
|
|
|
193
|
-
test "set_session_current_user
|
|
193
|
+
test "set_session_current_user behavhttps://appear.in/pwnalles when no user is logged off" do
|
|
194
194
|
assert_no_difference 'Credential.count' do
|
|
195
195
|
put :update, exuid: ''
|
|
196
196
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class ApiTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::Api.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class EmailVerificationTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::EmailVerification.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.key = 'jane@gmail.com'
|
|
8
8
|
@credential.user = users(:jane)
|
|
9
9
|
end
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::OneTime.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -37,7 +37,7 @@ class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
test 'authenticate spends the token' do
|
|
40
|
-
jane = '
|
|
40
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
41
41
|
bogus = 'AyCMIixa5C7BBqU-XFI7l7IaUFJ4zQZPmcK6oNb3FLo'
|
|
42
42
|
assert_difference 'Credential.count', -1, 'token spent' do
|
|
43
43
|
assert_equal users(:jane), Tokens::Base.authenticate(jane)
|
|
@@ -48,7 +48,7 @@ class OneTimeTokenCredentialTest < ActiveSupport::TestCase
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
test 'authenticate calls User#auth_bounce_reason' do
|
|
51
|
-
jane = '
|
|
51
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
52
52
|
|
|
53
53
|
with_blocked_credential credentials(:jane_token), :reason do
|
|
54
54
|
assert_no_difference 'Credential.count', 'no token spent' do
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class PasswordCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
@@ -42,6 +42,20 @@ class PasswordCredentialTest < ActiveSupport::TestCase
|
|
|
42
42
|
assert !@credential.valid?
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
+
test 'generates salt' do
|
|
46
|
+
assert @credential.valid?
|
|
47
|
+
assert_match(/^[^|]{12,16}\|.+$/, @credential.key)
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
test 'generates random salts' do
|
|
51
|
+
salts = []
|
|
52
|
+
1000.times do
|
|
53
|
+
@credential.password = 'password'
|
|
54
|
+
salts << @credential.key.split('|').first
|
|
55
|
+
end
|
|
56
|
+
assert_equal salts.length, salts.uniq.length, 'Salts are not random enough'
|
|
57
|
+
end
|
|
58
|
+
|
|
45
59
|
test 'old_password always returns nil' do
|
|
46
60
|
assert_equal @credential.old_password, nil
|
|
47
61
|
@credential.old_password = 'old password'
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class PasswordVerificationTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::PasswordReset.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:john)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class SessionUidTokenTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::SessionUid.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.browser_ip = '18.70.0.160'
|
|
8
8
|
@credential.browser_ua =
|
|
9
9
|
'Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1'
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../test_helper'
|
|
2
2
|
|
|
3
3
|
class TokenCredentialTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
5
5
|
@credential = Tokens::Base.new
|
|
6
|
-
@credential.code = '
|
|
6
|
+
@credential.code = 'fitobg6hzsk7odiiw3ca45ltghget4tlbbapxikgdsugfa36llwq'
|
|
7
7
|
@credential.user = users(:bill)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -44,11 +44,21 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
44
44
|
assert_operator users(:jane).credentials, :include?, token
|
|
45
45
|
end
|
|
46
46
|
|
|
47
|
+
test 'random_for randomness' do
|
|
48
|
+
codes = []
|
|
49
|
+
1000.times do
|
|
50
|
+
token = Tokens::Base.random_for users(:jane)
|
|
51
|
+
codes << token.code
|
|
52
|
+
end
|
|
53
|
+
assert_equal codes.length, codes.uniq.length,
|
|
54
|
+
'Token codes are not random enough'
|
|
55
|
+
end
|
|
56
|
+
|
|
47
57
|
test 'with_code' do
|
|
48
|
-
john = '
|
|
49
|
-
john_email = '
|
|
50
|
-
jane = '
|
|
51
|
-
bogus = '
|
|
58
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
59
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
60
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
61
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
52
62
|
assert_equal credentials(:john_token),
|
|
53
63
|
Tokens::Base.with_code(john).first
|
|
54
64
|
assert_equal credentials(:jane_token),
|
|
@@ -76,10 +86,10 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
76
86
|
end
|
|
77
87
|
|
|
78
88
|
test 'class authenticate' do
|
|
79
|
-
john = '
|
|
80
|
-
john_email = '
|
|
81
|
-
jane = '
|
|
82
|
-
bogus = '
|
|
89
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
90
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
91
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
92
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
83
93
|
|
|
84
94
|
assert_equal users(:john), Tokens::Base.authenticate(john)
|
|
85
95
|
assert_equal users(:john), Tokens::Base.authenticate(john_email)
|
|
@@ -88,9 +98,9 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
88
98
|
end
|
|
89
99
|
|
|
90
100
|
test 'class authenticate with non-base class' do
|
|
91
|
-
john = '
|
|
92
|
-
john_email = '
|
|
93
|
-
bogus = '
|
|
101
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
102
|
+
john_email = 'qid3ipai5be3bcilygdztwvtlpiyrfzxks2solmetndb4vzuvkca'
|
|
103
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
94
104
|
|
|
95
105
|
assert_equal :invalid, Tokens::EmailVerification.authenticate(john)
|
|
96
106
|
assert_equal users(:john),
|
|
@@ -99,8 +109,8 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
99
109
|
end
|
|
100
110
|
|
|
101
111
|
test 'class authenticate on expired tokens' do
|
|
102
|
-
john = '
|
|
103
|
-
jane = '
|
|
112
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
113
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
104
114
|
|
|
105
115
|
Tokens::Base.all.each do |token|
|
|
106
116
|
token.updated_at = Time.now - 1.year
|
|
@@ -120,9 +130,9 @@ class TokenCredentialTest < ActiveSupport::TestCase
|
|
|
120
130
|
end
|
|
121
131
|
|
|
122
132
|
test 'class authenticate calls User#auth_bounce_reason' do
|
|
123
|
-
john = '
|
|
124
|
-
jane = '
|
|
125
|
-
bogus = '
|
|
133
|
+
john = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
134
|
+
jane = 'skygyoxxmnerxwe4zbi3p5yjtg7zpjl2peyfcwh5wnc37fyfc4xa'
|
|
135
|
+
bogus = '3bl3iypby25bqooia7hpskihlrzjkt7opz5vgdp7i3mkaopdjcza'
|
|
126
136
|
|
|
127
137
|
with_blocked_credential credentials(:john_token), :reason do
|
|
128
138
|
assert_equal :reason, Tokens::Base.authenticate(john)
|
data/test/helpers/rails.rb
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative '../../app/helpers/session_helper.rb'
|
|
2
2
|
ActionController::Base.helper SessionHelper
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
# Mock controller used for testing session handling.
|
|
4
4
|
class HttpTokenController < ApplicationController
|
|
@@ -57,9 +57,9 @@ class HttpTokenControllerTest < ActionController::TestCase
|
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
test "uses Tokens::Api.authenticate" do
|
|
60
|
-
Tokens::Api.expects(:authenticate).at_least_once.with('
|
|
60
|
+
Tokens::Api.expects(:authenticate).at_least_once.with('ap1c0d3').
|
|
61
61
|
returns @user
|
|
62
|
-
set_http_token_user @user, '
|
|
62
|
+
set_http_token_user @user, 'ap1c0d3'
|
|
63
63
|
get :show
|
|
64
64
|
assert_equal @user, assigns(:current_user)
|
|
65
65
|
assert_equal nil, session_current_user,
|
data/test/initializer_test.rb
CHANGED
data/test/routes_test.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
require 'authpwn_rails/generators/templates/session_controller.rb'
|
|
4
4
|
|
|
@@ -24,7 +24,7 @@ class RoutesTest < ActionController::TestCase
|
|
|
24
24
|
assert_routing({path: '/session/reset_password', method: :post},
|
|
25
25
|
{controller: 'session', action: 'reset_password'})
|
|
26
26
|
|
|
27
|
-
code = '
|
|
27
|
+
code = 'ue5tqbx3u4z7jxxglickknirxroy7c3bgig4e2yccbmwqvf3r2vq'
|
|
28
28
|
assert_routing({path: "/session/token/#{code}", method: :get},
|
|
29
29
|
{controller: 'session', action: 'token', code: code})
|
|
30
30
|
|
data/test/session_mailer_test.rb
CHANGED
data/test/session_test.rb
CHANGED
data/test/test_helper.rb
CHANGED
|
@@ -20,7 +20,6 @@ require 'helpers/application_controller.rb'
|
|
|
20
20
|
require 'helpers/action_mailer.rb'
|
|
21
21
|
require 'helpers/autoload_path.rb'
|
|
22
22
|
require 'helpers/db_setup.rb'
|
|
23
|
-
require 'helpers/fbgraph.rb'
|
|
24
23
|
require 'helpers/i18n.rb'
|
|
25
24
|
require 'helpers/rails.rb'
|
|
26
25
|
require 'helpers/routes.rb'
|
data/test/user_test.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
require_relative 'test_helper'
|
|
2
2
|
|
|
3
3
|
class UserTest < ActiveSupport::TestCase
|
|
4
4
|
def setup
|
|
@@ -37,7 +37,7 @@ class UserTest < ActiveSupport::TestCase
|
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
test 'to_param' do
|
|
40
|
-
assert_equal '
|
|
40
|
+
assert_equal 'john000exuid', users(:john).to_param
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test 'with_param' do
|
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authpwn_rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.21.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Victor Costan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-03-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: base32
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - ">="
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 0.3.2
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - ">="
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 0.3.2
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: rails
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -122,6 +136,20 @@ dependencies:
|
|
|
122
136
|
- - ">="
|
|
123
137
|
- !ruby/object:Gem::Version
|
|
124
138
|
version: 0.18.4
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rake
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - ">="
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 11.1.1
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - ">="
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 11.1.1
|
|
125
153
|
- !ruby/object:Gem::Dependency
|
|
126
154
|
name: sqlite3
|
|
127
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -210,6 +238,7 @@ files:
|
|
|
210
238
|
- app/models/tokens/session_uid.rb
|
|
211
239
|
- authpwn_rails.gemspec
|
|
212
240
|
- legacy/migrate_011_to_012.rb
|
|
241
|
+
- legacy/migrate_020_to_021.rb
|
|
213
242
|
- legacy/migrate_09_to_010.rb
|
|
214
243
|
- lib/authpwn_rails.rb
|
|
215
244
|
- lib/authpwn_rails/credential_model.rb
|
|
@@ -274,7 +303,6 @@ files:
|
|
|
274
303
|
- test/helpers/application_controller.rb
|
|
275
304
|
- test/helpers/autoload_path.rb
|
|
276
305
|
- test/helpers/db_setup.rb
|
|
277
|
-
- test/helpers/fbgraph.rb
|
|
278
306
|
- test/helpers/i18n.rb
|
|
279
307
|
- test/helpers/rails.rb
|
|
280
308
|
- test/helpers/rails_undo.rb
|