cadenero 0.0.2.b6 → 0.0.2.b7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/README.md +54 -9
- data/app/extenders/controllers/application_controller_decorator.rb +5 -1
- data/app/models/cadenero/auth_token.rb +35 -0
- data/app/models/cadenero/member.rb +1 -39
- data/app/models/cadenero/user.rb +1 -2
- data/app/models/cadenero/v1/account.rb +3 -46
- data/config/initializers/apartment.rb +3 -1
- data/config/initializers/warden/strategies/token_authentication.rb +35 -0
- data/config/initializers/warden.rb +1 -1
- data/db/migrate/20130612061604_create_cadenero_v1_accounts.rb +2 -2
- data/lib/cadenero/testing_support/authentication_helpers.rb +7 -7
- data/lib/cadenero/version.rb +1 -1
- data/spec/controllers/cadenero/v1/accounts_controller_spec.rb +1 -1
- data/spec/controllers/cadenero/v1/users_controller_spec.rb +1 -1
- data/spec/dummy/db/schema.rb +8 -8
- data/spec/dummy/db/seeds.rb +1 -1
- data/spec/dummy/log/development.log +37 -0
- data/spec/dummy/log/test.log +68034 -0
- data/spec/features/accounts/sign_up_spec.rb +2 -4
- data/spec/features/users/sign_in_spec.rb +106 -62
- data/spec/features/users/sign_up_spec.rb +3 -5
- data/spec/spec_helper.rb +2 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
Y2Y5NTFlM2YzZjVjMzY2OTBjMDg2ZDA2NmVhZWY1MmM4OWUzYTc4OA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
MjE3ZTBmODY0MDJlOGRkYTQ0NjYwYTVlOTAyMzY3YWEwNjRlOGUxMg==
|
7
7
|
!binary "U0hBNTEy":
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
NGYyN2MyNDk2YWVjYWE0ZWIyZDcyNjEzMWNlNzA1MTMwNzQ5YzQ1MDM5NmZk
|
10
|
+
NjU1ZDljZmYyYzk0YWVhZTU3YmJjMDY2MjVkYTEzMzdlNThiMDEyZWZkM2M2
|
11
|
+
YTRjYWViNzczZmY0MTEyNDdkYmRjYWVhN2Y2YWM1MDJlYTE4OWY=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
NmZhYmMyMDEwNzAzOTMxYmNlYjM5YzBmMzIyY2FhNDc5MTkzZTM3NzJjYTJh
|
14
|
+
NjAwNjYyMDliMmY1NmZkZTdmY2U4YjNiZGNjNzViMjc5YzEzNDg2MmViZDE5
|
15
|
+
OGJkOTc1ZmZjNzBiMzA4YzgzZjZlMTg1ZmE5MTdhYjQxYTg4ZWE=
|
data/README.md
CHANGED
@@ -7,6 +7,8 @@ By [![Agiltec Logo](https://launchrock-assets.s3.amazonaws.com/logo-files/Gpujzv
|
|
7
7
|
[![Coverage Status](https://coveralls.io/repos/AgilTec/cadenero/badge.png?branch=master)](https://coveralls.io/r/AgilTec/cadenero?branch=master)
|
8
8
|
[![Dependency Status](https://gemnasium.com/AgilTec/cadenero.png)](https://gemnasium.com/AgilTec/cadenero)
|
9
9
|
|
10
|
+
THIS README IS FOR THE MASTER BRANCH OF **CADENERO** AND REFLECTS THE WORK CURRENTLY EXISTING ON THE MASTER BRANCH. IF YOU ARE WISHING TO USE A NON-MASTER BRANCH OF **CADENERO**, PLEASE CONSULT THAT BRANCH'S README AND NOT THIS ONE.
|
11
|
+
|
10
12
|
Authentication Engine for Rails.API multitenant RESTful APIs based on Warden. It:
|
11
13
|
* Is Racked based
|
12
14
|
* Use token authentication as strategy for the API
|
@@ -17,22 +19,43 @@ Authentication Engine for Rails.API multitenant RESTful APIs based on Warden. It
|
|
17
19
|
|
18
20
|
### Why Cadenero?
|
19
21
|
**"Cadenero"** is the spanish word for ["Bouncer (doorman)"](http://en.wikipedia.org/wiki/Bouncer_(doorman\)). The main function of **Cadenero** is to be a resource for authenticating consumers of the services that the API provides. As the real bouncers, **Cadenero** aims to provide security, check authorized access, to refuse entry for intoxication, aggressive behavior or non-compliance with statutory or establishment rules.
|
22
|
+
|
20
23
|
You can use [Warden](https://github.com/hassox/warden) or [Devise](https://github.com/plataformatec/devise) directly but for API apps the rewritting and monkey patching can be messy.
|
21
24
|
|
22
25
|
### Installing **Cadenero**
|
23
26
|
|
27
|
+
#### Preconditions
|
28
|
+
|
29
|
+
##### Postgresql
|
30
|
+
You should have a Postgresql server (for downloading see: http://www.postgresql.org/download/). If you are using OSX, you can install using [Homebrew](http://mxcl.github.io/homebrew/) for that you can follow the following this [instructions](http://www.moncefbelyamani.com/how-to-install-postgresql-on-a-mac-with-homebrew-and-lunchy/)
|
31
|
+
|
32
|
+
##### Ruby 1.9.x or 2.x
|
33
|
+
For that we recommend that you use [rbenv](https://github.com/sstephenson/rbenv) with [ruby-build](https://github.com/sstephenson/ruby-build) or [rvm](https://rvm.io/)
|
34
|
+
|
35
|
+
We use the standard `rake`, `bundler` and `gem`
|
36
|
+
|
37
|
+
##### Git/Github
|
38
|
+
You are here. Then you know what to do ;-)
|
39
|
+
|
40
|
+
#### Setup
|
41
|
+
|
24
42
|
Rails 3.2.13 is the master version used now by **Cadenero**, if you want to use Rails 4 goodness please use the branch "rails4"
|
25
43
|
|
26
44
|
Generate first your Rails app as usual using:
|
27
45
|
|
28
46
|
```
|
29
|
-
$ rails _3.2.13_ new your_app --skip-test-unit
|
47
|
+
$ rails _3.2.13_ new your_app --skip-test-unit -d postgresql
|
30
48
|
```
|
31
49
|
|
32
50
|
In the `Gemfile` add the following lines:
|
33
51
|
```ruby
|
34
|
-
gem 'cadenero', '~> 0.0.2.
|
35
|
-
|
52
|
+
gem 'cadenero', '~> 0.0.2.b7'
|
53
|
+
|
54
|
+
group :development, :test do
|
55
|
+
gem 'rspec-rails', '~> 2.14.0'
|
56
|
+
gem 'capybara', '~> 2.1.0'
|
57
|
+
gem 'rack-test', '~> 0.6.2'
|
58
|
+
end
|
36
59
|
```
|
37
60
|
|
38
61
|
In the `config/database.yml` replace the `sqlite3` adapter for `postgresql` as follow:
|
@@ -40,12 +63,16 @@ In the `config/database.yml` replace the `sqlite3` adapter for `postgresql` as f
|
|
40
63
|
```
|
41
64
|
development:
|
42
65
|
adapter: postgresql
|
66
|
+
encoding: unicode
|
43
67
|
database: your_app_development
|
68
|
+
pool: 5
|
44
69
|
min_messages: warning
|
45
70
|
|
46
71
|
test:
|
47
72
|
adapter: postgresql
|
48
|
-
|
73
|
+
encoding: unicode
|
74
|
+
database: your_app_test
|
75
|
+
pool: 5
|
49
76
|
min_messages: warning
|
50
77
|
```
|
51
78
|
|
@@ -114,6 +141,15 @@ You can check them running:
|
|
114
141
|
```
|
115
142
|
$ rake routes
|
116
143
|
```
|
144
|
+
### Strategies
|
145
|
+
For authentication **Cadenero** has two default Warden Strategies:
|
146
|
+
* **Password**. That expect that the client to keep a session cookie and using for authentication the user `email` and `password`.
|
147
|
+
* **Token Authentication**. That is stateless and expects that for each request the user include the `auth_token` as a key-value of the request params.
|
148
|
+
|
149
|
+
In any case when you signed up **Cadenero** creates an auth_token for the membership to the account that you signed up.
|
150
|
+
|
151
|
+
If you want to know more about Warden Strategies see: https://github.com/hassox/warden/wiki/Strategies
|
152
|
+
|
117
153
|
### Documentation
|
118
154
|
You can review the YARD docs in: http://rubydoc.info/github/AgilTec/cadenero/frames
|
119
155
|
|
@@ -135,14 +171,20 @@ If you found a security bug, do *NOT* use the GitHub issue tracker. Send an emai
|
|
135
171
|
|
136
172
|
### Contributing
|
137
173
|
|
138
|
-
We hope that you will consider contributing to **Cadenero**.
|
174
|
+
We hope that you will consider contributing to **Cadenero**. You're encouraged to submit pull requests, propose features and discuss issues.
|
139
175
|
|
140
|
-
|
176
|
+
* Fork the project
|
177
|
+
* Write test for your new feature or a test that reproduces a bug
|
178
|
+
* Implement your feature or make a bug fix
|
179
|
+
* Commit, push and make a pull request. Bonus points for topic branches.
|
141
180
|
|
142
|
-
You will usually want to write tests for your changes using BDD tools as RSpec, Rack::Test and Capybara.
|
181
|
+
You will usually want to write tests for your changes using BDD tools as RSpec, Rack::Test and Capybara.
|
182
|
+
|
183
|
+
To run the test suite, go into **Cadenero**'s top-level directory and run `bundle install` and `rspec spec`. For the tests to pass, you will need to have a Postgresql server running on your system.
|
143
184
|
|
144
185
|
#### Running the Specs
|
145
|
-
**Cadenero** use [RSpec](https://github.com/rspec/rspec) and [Capybara](https://github.com/jnicklas/capybara).
|
186
|
+
**Cadenero** use [RSpec](https://github.com/rspec/rspec) and [Capybara](https://github.com/jnicklas/capybara). To run the specs you only need to do:
|
187
|
+
|
146
188
|
```
|
147
189
|
$ RAILS_ENV=test bundle exec rake db:create
|
148
190
|
$ RAILS_ENV=test bundle exec rake db:migrate
|
@@ -157,7 +199,10 @@ You can `binstub` the command bins to avoid writing `bundle exec`. You only need
|
|
157
199
|
|
158
200
|
### Warden
|
159
201
|
|
160
|
-
**Cadenero** is based on Warden, which is a general Rack authentication framework created by Daniel Neighman. We encourage you to read more about Warden here: https://github.com/hassox/warden
|
202
|
+
**Cadenero** is based on [Warden](https://github.com/hassox/warden), which is a general Rack authentication framework created by Daniel Neighman. We encourage you to read more about Warden here: https://github.com/hassox/warden/wiki
|
203
|
+
|
204
|
+
#### Devise
|
205
|
+
Some code and architectural decisions in **Cadenero** have been inspired for the excellent gem [Devise](https://github.com/plataformatec/devise).
|
161
206
|
|
162
207
|
### Rails::API
|
163
208
|
|
@@ -30,13 +30,17 @@
|
|
30
30
|
|
31
31
|
# Check to see if there is an authenticated user
|
32
32
|
def user_signed_in?
|
33
|
+
unless env['action_dispatch.request.parameters']["auth_token"].nil?
|
34
|
+
env['warden'].logout(:user)
|
35
|
+
env['warden'].authenticate(:token_authentication, scope: :user)
|
36
|
+
end
|
33
37
|
env['warden'].authenticated?(:user) unless env['warden'].nil?
|
34
38
|
end
|
35
39
|
|
36
40
|
# it the user is not authenticated returns a 422 and an informative error with the link for sign
|
37
41
|
def authenticate_user!
|
38
42
|
unless user_signed_in?
|
39
|
-
@errors = %Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} to /v1/sessions}
|
43
|
+
@errors = %Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} or {"user": {"auth_token": d8Ff8uvupXQfChangeMe}} to /v1/sessions}
|
40
44
|
render json: {errors: @errors, links: "/v1/sessions"}, status: 422
|
41
45
|
end
|
42
46
|
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# Mixin for Models that have an auth_token
|
2
|
+
module Cadenero::AuthToken
|
3
|
+
|
4
|
+
# Generate authentication token unless already exists.
|
5
|
+
def ensure_auth_token
|
6
|
+
reset_auth_token if auth_token.blank?
|
7
|
+
end
|
8
|
+
|
9
|
+
# Generate authentication token unless already exists and save the record.
|
10
|
+
def ensure_auth_token!
|
11
|
+
reset_auth_token! if auth_token.blank?
|
12
|
+
end
|
13
|
+
|
14
|
+
# Generate new authentication token (a.k.a. "single access token").
|
15
|
+
def reset_auth_token
|
16
|
+
self.auth_token = generate_token(:auth_token)
|
17
|
+
end
|
18
|
+
|
19
|
+
# Generate new authentication token and save the record.
|
20
|
+
def reset_auth_token!
|
21
|
+
reset_auth_token
|
22
|
+
save(:validate => false)
|
23
|
+
end
|
24
|
+
|
25
|
+
protected
|
26
|
+
# Generate a token by looping and ensuring does not already exist.
|
27
|
+
# @param [String] column is the name of the column that has the authentication token
|
28
|
+
# @return {String]} a unique generated auth_token
|
29
|
+
def generate_token(column)
|
30
|
+
loop do
|
31
|
+
token = SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
|
32
|
+
break token unless self.class.where({ column => token }).first
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -1,50 +1,12 @@
|
|
1
1
|
module Cadenero
|
2
2
|
# Defines that a Cadenero::User is member of an Cadenero::V1::Account
|
3
3
|
class Member < ActiveRecord::Base
|
4
|
+
include Cadenero::AuthToken
|
4
5
|
attr_accessible :account_id, :user_id
|
5
6
|
belongs_to :account, :class_name => "Cadenero::V1::Account"
|
6
7
|
belongs_to :user, :class_name => "Cadenero::User"
|
7
8
|
after_create :ensure_auth_token!
|
8
9
|
|
9
|
-
# Generate authentication token unless already exists.
|
10
|
-
def ensure_auth_token
|
11
|
-
reset_auth_token if auth_token.blank?
|
12
|
-
end
|
13
|
-
|
14
|
-
# Generate authentication token unless already exists and save the record.
|
15
|
-
def ensure_auth_token!
|
16
|
-
reset_auth_token! if auth_token.blank?
|
17
|
-
end
|
18
|
-
|
19
|
-
# Generate new authentication token (a.k.a. "single access token").
|
20
|
-
def reset_auth_token
|
21
|
-
self.auth_token = self.class.auth_token
|
22
|
-
end
|
23
|
-
|
24
|
-
# Generate new authentication token and save the record.
|
25
|
-
def reset_auth_token!
|
26
|
-
reset_auth_token
|
27
|
-
save(:validate => false)
|
28
|
-
end
|
29
|
-
|
30
|
-
class << self
|
31
|
-
# Generate a token checking if one does not already exist in the database.
|
32
|
-
def auth_token
|
33
|
-
generate_token(:auth_token)
|
34
|
-
end
|
35
|
-
|
36
|
-
protected
|
37
|
-
# Generate a token by looping and ensuring does not already exist.
|
38
|
-
# @param [String] column is the name of the column that has the authentication token
|
39
|
-
# @return {String]} a unique generated auth_token
|
40
|
-
def generate_token(column)
|
41
|
-
loop do
|
42
|
-
token = SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
|
43
|
-
break token unless Member.where({ column => token }).first
|
44
|
-
end
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
10
|
end
|
49
11
|
|
50
12
|
end
|
data/app/models/cadenero/user.rb
CHANGED
@@ -7,10 +7,9 @@ module Cadenero
|
|
7
7
|
has_many :members, class_name: "Cadenero::Member"
|
8
8
|
has_many :memberships, through: :members, source: :account
|
9
9
|
|
10
|
-
#
|
10
|
+
# Map the auth_tokens for each account that the User is memeber
|
11
11
|
def auth_token
|
12
12
|
members.map{|member| member.auth_token}
|
13
13
|
end
|
14
|
-
|
15
14
|
end
|
16
15
|
end
|
@@ -1,6 +1,7 @@
|
|
1
1
|
module Cadenero::V1
|
2
2
|
# Defines a subdomain with a default admin (owner) as a tenant in the Rails App
|
3
3
|
class Account < ActiveRecord::Base
|
4
|
+
include Cadenero::AuthToken
|
4
5
|
belongs_to :owner, :class_name => "Cadenero::User"
|
5
6
|
has_many :members, :class_name => "Cadenero::Member"
|
6
7
|
has_many :users, :through => :members, :class_name => "Cadenero::User"
|
@@ -9,7 +10,7 @@ module Cadenero::V1
|
|
9
10
|
attr_accessible :name, :subdomain, :owner_attributes, :owner
|
10
11
|
validates :subdomain, :presence => true, :uniqueness => true
|
11
12
|
validates :owner, :presence => true
|
12
|
-
after_create :
|
13
|
+
after_create :ensure_auth_token!
|
13
14
|
|
14
15
|
# Creates an account and assign the provided [Cadenero::User] as owner to the account
|
15
16
|
# @param [Hash] params list
|
@@ -24,7 +25,7 @@ module Cadenero::V1
|
|
24
25
|
if account.save
|
25
26
|
account.users << account.owner
|
26
27
|
account.create_schema
|
27
|
-
account.
|
28
|
+
account.ensure_auth_token!
|
28
29
|
end
|
29
30
|
account
|
30
31
|
end
|
@@ -48,49 +49,5 @@ module Cadenero::V1
|
|
48
49
|
Apartment::Database.create(subdomain)
|
49
50
|
end
|
50
51
|
|
51
|
-
# Obtain the auth_token from the members to be use for the Account
|
52
|
-
def auth_token
|
53
|
-
members.map{|member| member.auth_token}
|
54
|
-
end
|
55
|
-
|
56
|
-
# Generate authentication token unless already exists.
|
57
|
-
def ensure_authentication_token
|
58
|
-
reset_authentication_token if authentication_token.blank?
|
59
|
-
end
|
60
|
-
|
61
|
-
# Generate authentication token unless already exists and save the record.
|
62
|
-
def ensure_authentication_token!
|
63
|
-
reset_authentication_token! if authentication_token.blank?
|
64
|
-
end
|
65
|
-
|
66
|
-
# Generate new authentication token (a.k.a. "single access token").
|
67
|
-
def reset_authentication_token
|
68
|
-
self.authentication_token = self.class.authentication_token
|
69
|
-
end
|
70
|
-
|
71
|
-
# Generate new authentication token and save the record.
|
72
|
-
def reset_authentication_token!
|
73
|
-
reset_authentication_token
|
74
|
-
save(:validate => false)
|
75
|
-
end
|
76
|
-
|
77
|
-
class << self
|
78
|
-
# Generate a token checking if one does not already exist in the database.
|
79
|
-
def authentication_token
|
80
|
-
generate_token(:authentication_token)
|
81
|
-
end
|
82
|
-
|
83
|
-
protected
|
84
|
-
# Generate a token by looping and ensuring does not already exist.
|
85
|
-
# @param [String] column is the name of the column that has the authentication token
|
86
|
-
# @return {String]} a unique generated authentication_token
|
87
|
-
def generate_token(column)
|
88
|
-
loop do
|
89
|
-
token = SecureRandom.base64(15).tr('+/=lIO0', 'pqrsxyz')
|
90
|
-
break token unless Account.where({ column => token }).first
|
91
|
-
end
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
52
|
end
|
96
53
|
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
Warden::Strategies.add(:token_authentication) do
|
2
|
+
def subdomain
|
3
|
+
ActionDispatch::Http::URL.extract_subdomains(request.host, 1)
|
4
|
+
end
|
5
|
+
|
6
|
+
def json_params
|
7
|
+
unless params.empty?
|
8
|
+
params
|
9
|
+
else
|
10
|
+
@json ||= env['rack.input'].gets
|
11
|
+
JSON.parse(@json)
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def valid?
|
16
|
+
subdomain.present? && json_params["auth_token"]
|
17
|
+
end
|
18
|
+
|
19
|
+
def authenticate!
|
20
|
+
account = Cadenero::V1::Account.get_by_subdomain(subdomain)
|
21
|
+
if account
|
22
|
+
member = account.members.where(auth_token: json_params["auth_token"]).first
|
23
|
+
u = nil
|
24
|
+
u = member.user unless member.nil?
|
25
|
+
if u.nil? || u.blank?
|
26
|
+
fail!
|
27
|
+
else
|
28
|
+
env['warden'].set_user(u.id, :scope => :user)
|
29
|
+
success!(u)
|
30
|
+
end
|
31
|
+
else
|
32
|
+
fail!
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -3,12 +3,12 @@ class CreateCadeneroV1Accounts < ActiveRecord::Migration
|
|
3
3
|
create_table :cadenero_accounts do |t|
|
4
4
|
t.string :name
|
5
5
|
t.string :subdomain
|
6
|
-
t.string :
|
6
|
+
t.string :auth_token
|
7
7
|
t.references :owner
|
8
8
|
|
9
9
|
t.timestamps
|
10
10
|
end
|
11
11
|
add_index :cadenero_accounts, :owner_id
|
12
|
-
add_index :cadenero_accounts, :
|
12
|
+
add_index :cadenero_accounts, :auth_token
|
13
13
|
end
|
14
14
|
end
|
@@ -46,7 +46,7 @@ module Cadenero
|
|
46
46
|
# Expect that the JSON response will be a default error message when the user has not signed in yet
|
47
47
|
# the errors_redirect_ro_sign_in is defined if was not previously defined is a Spec
|
48
48
|
def check_error_for_not_signed_in_yet
|
49
|
-
errors_redirect_ro_sign_in ||= {errors: %Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} to /v1/sessions}, links: "/v1/sessions"}.to_json
|
49
|
+
errors_redirect_ro_sign_in ||= {errors: %Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} or {"user": {"auth_token": d8Ff8uvupXQfChangeMe}} to /v1/sessions}, links: "/v1/sessions"}.to_json
|
50
50
|
get cadenero.v1_root_url(:subdomain => account.subdomain)
|
51
51
|
expected_json_errors(errors_redirect_ro_sign_in)
|
52
52
|
end
|
@@ -73,23 +73,23 @@ module Cadenero
|
|
73
73
|
# @param [Integer] http_code Optional expected returned HTTP Code from last_response
|
74
74
|
def expect_subject_ids_to_have(subject, ids_key, ids_values, http_code=201)
|
75
75
|
expect(last_response.status).to eq http_code
|
76
|
-
expect(json_last_response_body[subject][ids_key]).to eq ids_values
|
76
|
+
expect(json_last_response_body[subject][ids_key].sort).to eq ids_values.sort
|
77
77
|
end
|
78
78
|
|
79
|
-
# Expect that a owner sign in successfuly to one of his accounts
|
79
|
+
# Expect that a owner sign in successfuly to one of his accounts creating a session
|
80
80
|
# @param [Cadenero::V1::Account] account
|
81
81
|
# @return [String] email for the last response user
|
82
|
-
def
|
82
|
+
def successful_sign_in_owner_with_session(account)
|
83
83
|
sign_in_user sessions_url, account_user_params_json(account.owner)
|
84
84
|
expect_subject_ids_to_have("user", "account_ids", [account.id])
|
85
|
-
expect_auth_token("user", account.auth_token)
|
85
|
+
expect_auth_token("user", account.owner.auth_token)
|
86
86
|
return json_last_response_body["user"]["email"]
|
87
87
|
end
|
88
88
|
|
89
89
|
# Expect that a user sign in successfuly to an account
|
90
90
|
# @param [Cadenero::V1::Account] account
|
91
91
|
# @return [String] email for the last response user
|
92
|
-
def
|
92
|
+
def successful_sign_in_user_with_session(account, user)
|
93
93
|
sign_in_user sessions_url, user
|
94
94
|
expect_subject_ids_to_have("user", "membership_ids", [account.id])
|
95
95
|
return json_last_response_body["user"]["email"]
|
@@ -98,7 +98,7 @@ module Cadenero
|
|
98
98
|
# Expect that a user sign in successfuly to an account
|
99
99
|
# @param [Cadenero::V1::Account] account
|
100
100
|
# @return [String] email for the last response user
|
101
|
-
def
|
101
|
+
def successful_sign_up_user_in_existing_account_with_session(account, suffix=nil)
|
102
102
|
url = "http://#{account.subdomain}.example.com/"
|
103
103
|
sign_up_user url, suffix
|
104
104
|
expect(last_request.url).to eq "#{url}v1/users"
|
data/lib/cadenero/version.rb
CHANGED
@@ -17,7 +17,7 @@ module Cadenero
|
|
17
17
|
post :create, format: :json, account: { name: "First Account", subdomain: "first" }, use_route: :cadenero
|
18
18
|
expect(response.status).to eq(201)
|
19
19
|
expect(assigns(:account)).to eq(account)
|
20
|
-
expect(assigns(:account)[:authentication_token]).to eq(account.
|
20
|
+
expect(assigns(:account)[:authentication_token]).to eq(account.auth_token)
|
21
21
|
end
|
22
22
|
end
|
23
23
|
|
@@ -5,7 +5,7 @@ module Cadenero
|
|
5
5
|
let!(:user) { stub_model(Cadenero::User, id: 101, email: "testy@example.com", password: "12345678")}
|
6
6
|
let!(:account) { stub_model(Cadenero::V1::Account, id: 1001, authentication_token: "dsdaefer412add",
|
7
7
|
owner: user) }
|
8
|
-
let(:errors_redirect_ro_sign_in) {%Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} to /v1/sessions}}
|
8
|
+
let(:errors_redirect_ro_sign_in) {%Q{Please sign in. posting the user json credentials as: {"user": {"email": "testy2@example.com", "password": "changeme"}} or {"user": {"auth_token": d8Ff8uvupXQfChangeMe}} to /v1/sessions}}
|
9
9
|
|
10
10
|
|
11
11
|
context "User signed out" do
|
data/spec/dummy/db/schema.rb
CHANGED
@@ -16,20 +16,20 @@ ActiveRecord::Schema.define(:version => 20130715174857) do
|
|
16
16
|
create_table "cadenero_accounts", :force => true do |t|
|
17
17
|
t.string "name"
|
18
18
|
t.string "subdomain"
|
19
|
-
t.string "
|
19
|
+
t.string "auth_token"
|
20
20
|
t.integer "owner_id"
|
21
|
-
t.datetime "created_at"
|
22
|
-
t.datetime "updated_at"
|
21
|
+
t.datetime "created_at"
|
22
|
+
t.datetime "updated_at"
|
23
23
|
end
|
24
24
|
|
25
|
-
add_index "cadenero_accounts", ["
|
25
|
+
add_index "cadenero_accounts", ["auth_token"], :name => "index_cadenero_accounts_on_auth_token"
|
26
26
|
add_index "cadenero_accounts", ["owner_id"], :name => "index_cadenero_accounts_on_owner_id"
|
27
27
|
|
28
28
|
create_table "cadenero_members", :force => true do |t|
|
29
29
|
t.integer "account_id"
|
30
30
|
t.integer "user_id"
|
31
|
-
t.datetime "created_at"
|
32
|
-
t.datetime "updated_at"
|
31
|
+
t.datetime "created_at"
|
32
|
+
t.datetime "updated_at"
|
33
33
|
t.string "auth_token"
|
34
34
|
end
|
35
35
|
|
@@ -40,8 +40,8 @@ ActiveRecord::Schema.define(:version => 20130715174857) do
|
|
40
40
|
create_table "cadenero_users", :force => true do |t|
|
41
41
|
t.string "email"
|
42
42
|
t.string "password_digest"
|
43
|
-
t.datetime "created_at"
|
44
|
-
t.datetime "updated_at"
|
43
|
+
t.datetime "created_at"
|
44
|
+
t.datetime "updated_at"
|
45
45
|
end
|
46
46
|
|
47
47
|
end
|
data/spec/dummy/db/seeds.rb
CHANGED
@@ -370,3 +370,40 @@ Processing by Cadenero::V1::Account::DashboardController#index as HTML
|
|
370
370
|
Parameters: {"default"=>:json}
|
371
371
|
Filter chain halted as :authenticate_user! rendered or redirected
|
372
372
|
Completed 422 Unprocessable Entity in 5ms (Views: 0.3ms | ActiveRecord: 0.0ms)
|
373
|
+
Connecting to database specified by database.yml
|
374
|
+
[1m[36m (7.2ms)[0m [1mCREATE TABLE "schema_migrations" ("version" character varying(255) NOT NULL) [0m
|
375
|
+
[1m[35m (1.9ms)[0m CREATE UNIQUE INDEX "unique_schema_migrations" ON "schema_migrations" ("version")
|
376
|
+
[1m[36m (0.2ms)[0m [1mSELECT "schema_migrations"."version" FROM "schema_migrations" [0m
|
377
|
+
Migrating to CreateCadeneroV1Accounts (20130612061604)
|
378
|
+
[1m[35m (0.1ms)[0m BEGIN
|
379
|
+
[1m[36m (6.7ms)[0m [1mCREATE TABLE "cadenero_accounts" ("id" serial primary key, "name" character varying(255), "subdomain" character varying(255), "authentication_token" character varying(255), "owner_id" integer, "created_at" timestamp NOT NULL, "updated_at" timestamp NOT NULL) [0m
|
380
|
+
[1m[35m (0.9ms)[0m CREATE INDEX "index_cadenero_accounts_on_owner_id" ON "cadenero_accounts" ("owner_id")
|
381
|
+
[1m[36m (0.8ms)[0m [1mCREATE INDEX "index_cadenero_accounts_on_authentication_token" ON "cadenero_accounts" ("authentication_token")[0m
|
382
|
+
[1m[35m (0.5ms)[0m INSERT INTO "schema_migrations" ("version") VALUES ('20130612061604')
|
383
|
+
[1m[36m (1.1ms)[0m [1mCOMMIT[0m
|
384
|
+
Migrating to CreateCadeneroV1Users (20130612064652)
|
385
|
+
[1m[35m (0.2ms)[0m BEGIN
|
386
|
+
[1m[36m (4.5ms)[0m [1mCREATE TABLE "cadenero_users" ("id" serial primary key, "email" character varying(255), "password_digest" character varying(255), "created_at" timestamp NOT NULL, "updated_at" timestamp NOT NULL) [0m
|
387
|
+
[1m[35m (0.2ms)[0m INSERT INTO "schema_migrations" ("version") VALUES ('20130612064652')
|
388
|
+
[1m[36m (0.9ms)[0m [1mCOMMIT[0m
|
389
|
+
Migrating to CreateCadeneroV1Members (20130612073709)
|
390
|
+
[1m[35m (0.2ms)[0m BEGIN
|
391
|
+
[1m[36m (4.5ms)[0m [1mCREATE TABLE "cadenero_members" ("id" serial primary key, "account_id" integer, "user_id" integer, "created_at" timestamp NOT NULL, "updated_at" timestamp NOT NULL) [0m
|
392
|
+
[1m[35m (1.4ms)[0m CREATE INDEX "index_cadenero_members_on_account_id" ON "cadenero_members" ("account_id")
|
393
|
+
[1m[36m (6.1ms)[0m [1mCREATE INDEX "index_cadenero_members_on_user_id" ON "cadenero_members" ("user_id")[0m
|
394
|
+
[1m[35m (0.1ms)[0m INSERT INTO "schema_migrations" ("version") VALUES ('20130612073709')
|
395
|
+
[1m[36m (0.8ms)[0m [1mCOMMIT[0m
|
396
|
+
Migrating to AddAuthTokenToCadeneroMembers (20130715174857)
|
397
|
+
[1m[35m (0.2ms)[0m BEGIN
|
398
|
+
[1m[36m (9.1ms)[0m [1mALTER TABLE "cadenero_members" ADD COLUMN "auth_token" character varying(255)[0m
|
399
|
+
[1m[35m (1.3ms)[0m CREATE INDEX "index_cadenero_members_on_auth_token" ON "cadenero_members" ("auth_token")
|
400
|
+
[1m[36m (0.1ms)[0m [1mINSERT INTO "schema_migrations" ("version") VALUES ('20130715174857')[0m
|
401
|
+
[1m[35m (0.5ms)[0m COMMIT
|
402
|
+
Migrating to RenameAuthenticationTokenToV1Account (20130717234244)
|
403
|
+
[1m[36m (0.1ms)[0m [1mBEGIN[0m
|
404
|
+
[1m[35m (0.2ms)[0m ALTER TABLE "cadenero_accounts" RENAME COLUMN "authentication_token" TO "auth_token"
|
405
|
+
[1m[36m (1.1ms)[0m [1mCREATE INDEX "index_cadenero_accounts_on_auth_token" ON "cadenero_accounts" ("auth_token")[0m
|
406
|
+
[1m[35m (0.6ms)[0m DROP INDEX "index_cadenero_accounts_on_authentication_token"
|
407
|
+
[1m[36m (0.1ms)[0m [1mINSERT INTO "schema_migrations" ("version") VALUES ('20130717234244')[0m
|
408
|
+
[1m[35m (1.6ms)[0m COMMIT
|
409
|
+
[1m[36m (0.2ms)[0m [1mSELECT "schema_migrations"."version" FROM "schema_migrations" [0m
|