authpwn_rails 0.7.0 → 0.7.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/VERSION +1 -1
  2. data/authpwn_rails.gemspec +1 -1
  3. data/lib/authpwn_rails/session.rb +8 -3
  4. data/test/session_controller_api_test.rb +46 -1
  5. metadata +3 -3
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.7.0
1
+ 0.7.1
data/authpwn_rails.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{authpwn_rails}
8
- s.version = "0.7.0"
8
+ s.version = "0.7.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Victor Costan"]
data/lib/authpwn_rails/session.rb CHANGED
@@ -115,12 +115,14 @@ module SessionControllerInstanceMethods
115
115
  respond_to do |format|
116
116
  if current_user
117
117
  format.html { redirect_to @redirect_url }
118
+ format.json { render :json => current_user }
118
119
  else
120
+ notice = 'Invalid e-mail or password'
119
121
  format.html do
120
122
  redirect_to new_session_url, :flash => {
121
- :notice => 'Invalid e-mail or password',
122
- :auth_redirect_url => @redirect_url }
123
+ :notice => notice, :auth_redirect_url => @redirect_url }
123
124
  end
125
+ format.json { render :json => { :error => notice} }
124
126
  end
125
127
  end
126
128
  end
@@ -128,7 +130,10 @@ module SessionControllerInstanceMethods
128
130
  # DELETE /session
129
131
  def destroy
130
132
  self.current_user = nil
131
- redirect_to session_url
133
+ respond_to do |format|
134
+ format.html { redirect_to session_url }
135
+ format.json { head :ok }
136
+ end
132
137
  end
133
138
 
134
139
  # Hook for setting up the home view.
data/test/session_controller_api_test.rb CHANGED
@@ -20,6 +20,14 @@ class SessionControllerApiTest < ActionController::TestCase
20
20
  assert_equal User.count, assigns(:user_count),
21
21
  'welcome controller method not called'
22
22
  end
23
+
24
+ test "show json renders empty object without a user" do
25
+ get :show, :format => 'json'
26
+ assert_response :ok
27
+ assert_equal({}, ActiveSupport::JSON.decode(response.body))
28
+ assert_equal User.count, assigns(:user_count),
29
+ 'welcome controller method not called'
30
+ end
23
31
 
24
32
  test "show renders home with a user" do
25
33
  set_session_current_user @user
@@ -29,6 +37,15 @@ class SessionControllerApiTest < ActionController::TestCase
29
37
  assert_equal @user, assigns(:user), 'home controller method not called'
30
38
  end
31
39
 
40
+ test "show json renders user when logged in" do
41
+ set_session_current_user @user
42
+ get :show, :format => 'json'
43
+ assert_response :ok
44
+ data = ActiveSupport::JSON.decode response.body
45
+ assert_equal @user.email, data['user']['email']
46
+ assert_equal @user, assigns(:user), 'home controller method not called'
47
+ end
48
+
32
49
  test "new redirects homes with a user" do
33
50
  set_session_current_user @user
34
51
  get :new
@@ -64,6 +81,16 @@ class SessionControllerApiTest < ActionController::TestCase
64
81
  assert_equal @user, assigns(:current_user), 'instance variable'
65
82
  assert_equal @user, session_current_user, 'session'
66
83
  end
84
+
85
+ test "create by json logs in with good account details" do
86
+ post :create, :user => { :email => @user.email, :password => 'password' },
87
+ :format => 'json'
88
+ assert_response :ok
89
+ data = ActiveSupport::JSON.decode response.body
90
+ assert_equal @user.email, data['user']['email']
91
+ assert_equal @user, assigns(:current_user), 'instance variable'
92
+ assert_equal @user, session_current_user, 'session'
93
+ end
67
94
 
68
95
  test "create redirects properly with good account details" do
69
96
  url = 'http://authpwn.redirect.url'
@@ -80,6 +107,16 @@ class SessionControllerApiTest < ActionController::TestCase
80
107
  assert_not_nil flash[:notice]
81
108
  end
82
109
 
110
+ test "create by json does not log in with bad password" do
111
+ post :create, :user => { :email => @user.email, :password => 'fail' },
112
+ :format => 'json'
113
+ assert_response :ok
114
+ data = ActiveSupport::JSON.decode response.body
115
+ assert_match(/invalid/i , data['error'])
116
+ assert_nil assigns(:current_user), 'instance variable'
117
+ assert_nil session_current_user, 'session'
118
+ end
119
+
83
120
  test "create maintains redirect_url for bad logins" do
84
121
  url = 'http://authpwn.redirect.url'
85
122
  post :create, :user => { :email => @user.email, :password => 'fail' },
@@ -103,5 +140,13 @@ class SessionControllerApiTest < ActionController::TestCase
103
140
 
104
141
  assert_redirected_to session_url
105
142
  assert_nil assigns(:current_user)
106
- end
143
+ end
144
+
145
+ test "logout by json" do
146
+ set_session_current_user @user
147
+ delete :destroy, :format => 'json'
148
+
149
+ assert_response :ok
150
+ assert_nil assigns(:current_user)
151
+ end
107
152
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authpwn_rails
3
3
  version: !ruby/object:Gem::Version
4
- hash: 3
4
+ hash: 1
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 7
9
- - 0
10
- version: 0.7.0
9
+ - 1
10
+ version: 0.7.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Victor Costan