RubyGems - cb-sorcery - Versions diffs - 0.8.6 - Mend

cb-sorcery 0.8.6

Files changed (135) hide show

data/.document +5 -0
data/.gitignore +56 -0
data/.rspec +1 -0
data/.travis.yml +40 -0
data/CHANGELOG.md +263 -0
data/Gemfile +6 -0
data/LICENSE.txt +20 -0
data/README.md +360 -0
data/Rakefile +6 -0
data/gemfiles/active_record-rails40.gemfile +7 -0
data/gemfiles/active_record-rails41.gemfile +7 -0
data/lib/generators/sorcery/USAGE +22 -0
data/lib/generators/sorcery/helpers.rb +40 -0
data/lib/generators/sorcery/install_generator.rb +95 -0
data/lib/generators/sorcery/templates/initializer.rb +451 -0
data/lib/generators/sorcery/templates/migration/activity_logging.rb +10 -0
data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +9 -0
data/lib/generators/sorcery/templates/migration/core.rb +13 -0
data/lib/generators/sorcery/templates/migration/external.rb +12 -0
data/lib/generators/sorcery/templates/migration/remember_me.rb +8 -0
data/lib/generators/sorcery/templates/migration/reset_password.rb +9 -0
data/lib/generators/sorcery/templates/migration/user_activation.rb +9 -0
data/lib/sorcery.rb +85 -0
data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
data/lib/sorcery/adapters/base_adapter.rb +30 -0
data/lib/sorcery/controller.rb +157 -0
data/lib/sorcery/controller/config.rb +65 -0
data/lib/sorcery/controller/submodules/activity_logging.rb +82 -0
data/lib/sorcery/controller/submodules/brute_force_protection.rb +38 -0
data/lib/sorcery/controller/submodules/external.rb +199 -0
data/lib/sorcery/controller/submodules/http_basic_auth.rb +74 -0
data/lib/sorcery/controller/submodules/remember_me.rb +81 -0
data/lib/sorcery/controller/submodules/session_timeout.rb +56 -0
data/lib/sorcery/crypto_providers/aes256.rb +51 -0
data/lib/sorcery/crypto_providers/bcrypt.rb +97 -0
data/lib/sorcery/crypto_providers/common.rb +35 -0
data/lib/sorcery/crypto_providers/md5.rb +19 -0
data/lib/sorcery/crypto_providers/sha1.rb +28 -0
data/lib/sorcery/crypto_providers/sha256.rb +36 -0
data/lib/sorcery/crypto_providers/sha512.rb +36 -0
data/lib/sorcery/engine.rb +21 -0
data/lib/sorcery/model.rb +183 -0
data/lib/sorcery/model/config.rb +96 -0
data/lib/sorcery/model/submodules/activity_logging.rb +70 -0
data/lib/sorcery/model/submodules/brute_force_protection.rb +125 -0
data/lib/sorcery/model/submodules/external.rb +100 -0
data/lib/sorcery/model/submodules/remember_me.rb +62 -0
data/lib/sorcery/model/submodules/reset_password.rb +131 -0
data/lib/sorcery/model/submodules/user_activation.rb +149 -0
data/lib/sorcery/model/temporary_token.rb +30 -0
data/lib/sorcery/protocols/certs/ca-bundle.crt +5182 -0
data/lib/sorcery/protocols/oauth.rb +42 -0
data/lib/sorcery/protocols/oauth2.rb +47 -0
data/lib/sorcery/providers/base.rb +27 -0
data/lib/sorcery/providers/facebook.rb +63 -0
data/lib/sorcery/providers/github.rb +51 -0
data/lib/sorcery/providers/google.rb +51 -0
data/lib/sorcery/providers/jira.rb +77 -0
data/lib/sorcery/providers/linkedin.rb +66 -0
data/lib/sorcery/providers/liveid.rb +53 -0
data/lib/sorcery/providers/twitter.rb +59 -0
data/lib/sorcery/providers/vk.rb +63 -0
data/lib/sorcery/providers/xing.rb +64 -0
data/lib/sorcery/railties/tasks.rake +6 -0
data/lib/sorcery/test_helpers/internal.rb +78 -0
data/lib/sorcery/test_helpers/internal/rails.rb +68 -0
data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
data/lib/sorcery/version.rb +3 -0
data/sorcery.gemspec +34 -0
data/spec/active_record/user_activation_spec.rb +18 -0
data/spec/active_record/user_activity_logging_spec.rb +17 -0
data/spec/active_record/user_brute_force_protection_spec.rb +16 -0
data/spec/active_record/user_oauth_spec.rb +16 -0
data/spec/active_record/user_remember_me_spec.rb +16 -0
data/spec/active_record/user_reset_password_spec.rb +16 -0
data/spec/active_record/user_spec.rb +37 -0
data/spec/controllers/controller_activity_logging_spec.rb +124 -0
data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
data/spec/controllers/controller_oauth2_spec.rb +407 -0
data/spec/controllers/controller_oauth_spec.rb +240 -0
data/spec/controllers/controller_remember_me_spec.rb +117 -0
data/spec/controllers/controller_session_timeout_spec.rb +80 -0
data/spec/controllers/controller_spec.rb +215 -0
data/spec/orm/active_record.rb +21 -0
data/spec/rails_app/app/active_record/authentication.rb +3 -0
data/spec/rails_app/app/active_record/user.rb +5 -0
data/spec/rails_app/app/active_record/user_provider.rb +3 -0
data/spec/rails_app/app/controllers/sorcery_controller.rb +265 -0
data/spec/rails_app/app/helpers/application_helper.rb +2 -0
data/spec/rails_app/app/mailers/sorcery_mailer.rb +32 -0
data/spec/rails_app/app/views/application/index.html.erb +17 -0
data/spec/rails_app/app/views/layouts/application.html.erb +14 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
data/spec/rails_app/config.ru +4 -0
data/spec/rails_app/config/application.rb +56 -0
data/spec/rails_app/config/boot.rb +4 -0
data/spec/rails_app/config/database.yml +22 -0
data/spec/rails_app/config/environment.rb +5 -0
data/spec/rails_app/config/environments/test.rb +37 -0
data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
data/spec/rails_app/config/initializers/inflections.rb +10 -0
data/spec/rails_app/config/initializers/mime_types.rb +5 -0
data/spec/rails_app/config/initializers/secret_token.rb +7 -0
data/spec/rails_app/config/initializers/session_store.rb +12 -0
data/spec/rails_app/config/locales/en.yml +5 -0
data/spec/rails_app/config/routes.rb +48 -0
data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +19 -0
data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +13 -0
data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +16 -0
data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
data/spec/rails_app/db/schema.rb +23 -0
data/spec/rails_app/db/seeds.rb +7 -0
data/spec/shared_examples/user_activation_shared_examples.rb +242 -0
data/spec/shared_examples/user_activity_logging_shared_examples.rb +97 -0
data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +156 -0
data/spec/shared_examples/user_oauth_shared_examples.rb +36 -0
data/spec/shared_examples/user_remember_me_shared_examples.rb +57 -0
data/spec/shared_examples/user_reset_password_shared_examples.rb +263 -0
data/spec/shared_examples/user_shared_examples.rb +467 -0
data/spec/sorcery_crypto_providers_spec.rb +198 -0
data/spec/spec.opts +2 -0
data/spec/spec_helper.rb +41 -0
metadata +350 -0

@@ -0,0 +1,21 @@
+require 'sorcery'
+ActiveRecord::Migration.verbose = false
+# ActiveRecord::Base.logger = Logger.new(nil)
+# ActiveRecord::Base.include_root_in_json = true
+class TestUser < ActiveRecord::Base
+  authenticates_with_sorcery!
+end
+def setup_orm
+  ActiveRecord::Migrator.migrate(migrations_path)
+end
+def teardown_orm
+  ActiveRecord::Migrator.rollback(migrations_path)
+end
+def migrations_path
+  Rails.root.join("db", "migrate", "core")
+end

data/spec/rails_app/app/active_record/authentication.rb ADDED

@@ -0,0 +1,3 @@
+class Authentication < ActiveRecord::Base
+  belongs_to :user
+end

data/spec/rails_app/app/active_record/user.rb ADDED

@@ -0,0 +1,5 @@
+class User < ActiveRecord::Base
+  has_many :authentications, :dependent => :destroy
+  has_many :user_providers, :dependent => :destroy
+  accepts_nested_attributes_for :authentications
+end

data/spec/rails_app/app/active_record/user_provider.rb ADDED

@@ -0,0 +1,3 @@
+class UserProvider < ActiveRecord::Base
+  belongs_to :user
+end

data/spec/rails_app/app/controllers/sorcery_controller.rb ADDED

@@ -0,0 +1,265 @@
+require 'oauth'
+class SorceryController < ActionController::Base
+  protect_from_forgery
+  before_filter :require_login_from_http_basic, only: [:test_http_basic_auth]
+  before_filter :require_login, only: [:test_logout, :test_should_be_logged_in, :some_action]
+  def index
+  end
+  def some_action
+    render nothing: true
+  end
+  def some_action_making_a_non_persisted_change_to_the_user
+    current_user.email = 'to_be_ignored'
+    render nothing: true
+  end
+  def test_login
+    @user = login(params[:email], params[:password])
+    render nothing: true
+  end
+  def test_auto_login
+    @user = User.first
+    auto_login(@user)
+    @result = current_user
+    render nothing: true
+  end
+  def test_return_to
+    @user = login(params[:email], params[:password])
+    redirect_back_or_to(:index, notice: 'haha!')
+  end
+  def test_logout
+    logout
+    render nothing: true
+  end
+  def test_logout_with_remember
+    remember_me!
+    logout
+    render nothing: true
+  end
+  def test_login_with_remember
+    @user = login(params[:email], params[:password])
+    remember_me!
+    render nothing: true
+  end
+  def test_login_with_remember_in_login
+    @user = login(params[:email], params[:password], params[:remember])
+    render nothing: true
+  end
+  def test_login_from_cookie
+    @user = current_user
+    render nothing: true
+  end
+  def test_not_authenticated_action
+    render text: 'test_not_authenticated_action'
+  end
+  def test_should_be_logged_in
+    render nothing: true
+  end
+  def test_http_basic_auth
+    render text: 'HTTP Basic Auth'
+  end
+  def login_at_test_twitter
+    login_at(:twitter)
+  end
+  alias :login_at_test :login_at_test_twitter
+  def login_at_test_facebook
+    login_at(:facebook)
+  end
+  def login_at_test_github
+    login_at(:github)
+  end
+  def login_at_test_google
+    login_at(:google)
+  end
+  def login_at_test_liveid
+    login_at(:liveid)
+  end
+  def login_at_test_jira
+    login_at(:jira)
+  end
+  def login_at_test_vk
+    login_at(:vk)
+  end
+  def login_at_test_with_state
+    login_at(:facebook, {state: 'bla'})
+  end
+  def test_login_from_twitter
+    if @user = login_from(:twitter)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  alias :test_login_from :test_login_from_twitter
+  def test_login_from_facebook
+    if @user = login_from(:facebook)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_login_from_github
+    if @user = login_from(:github)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_login_from_google
+    if @user = login_from(:google)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_login_from_liveid
+    if @user = login_from(:liveid)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_login_from_vk
+    if @user = login_from(:vk)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_login_from_jira
+    if @user = login_from(:jira)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_twitter
+    if @user = login_from(:twitter)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_jira
+    if @user = login_from(:jira)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  alias :test_return_to_with_external :test_return_to_with_external_twitter
+  def test_return_to_with_external_facebook
+    if @user = login_from(:facebook)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_github
+    if @user = login_from(:github)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_google
+    if @user = login_from(:google)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_liveid
+    if @user = login_from(:liveid)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_return_to_with_external_vk
+    if @user = login_from(:vk)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_create_from_provider
+    provider = params[:provider]
+    login_from(provider)
+    if @user = create_from(provider)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+  def test_add_second_provider
+    provider = params[:provider]
+    if logged_in?
+      if @user = add_provider_to_user(provider)
+        redirect_to "bla", :notice => "Success!"
+      else
+        redirect_to "blu", :alert => "Failed!"
+      end
+    end
+  end
+  def test_create_from_provider_with_block
+    provider = params[:provider]
+    login_from(provider)
+    @user = create_from(provider) do |user|
+      # check uniqueness of email
+      # User.where(email: user.email).empty?
+      false
+    end
+    if @user
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+end

data/spec/rails_app/app/helpers/application_helper.rb ADDED

	@@ -0,0 +1,2 @@
1	+ module ApplicationHelper
2	+ end

data/spec/rails_app/app/mailers/sorcery_mailer.rb ADDED

@@ -0,0 +1,32 @@
+class SorceryMailer < ActionMailer::Base
+  default :from => "notifications@example.com"
+  def activation_needed_email(user)
+    @user = user
+    @url  = "http://example.com/login"
+    mail(:to => user.email,
+         :subject => "Welcome to My Awesome Site")
+  end
+  def activation_success_email(user)
+    @user = user
+    @url  = "http://example.com/login"
+    mail(:to => user.email,
+         :subject => "Your account is now activated")
+  end
+  def reset_password_email(user)
+    @user = user
+    @url  = "http://example.com/login"
+    mail(:to => user.email,
+         :subject => "Your password has been reset")
+  end
+  def send_unlock_token_email(user)
+    @user = user
+    @url = "http://example.com/unlock/#{user.unlock_token}"
+    mail(:to => user.email,
+         :subject => "Your account has been locked due to many wrong logins")
+  end
+end

data/spec/rails_app/app/views/application/index.html.erb ADDED

@@ -0,0 +1,17 @@
+<%= form_tag :action => :test_login, :method => :post do %>
+  <div class="field">
+    <%= label_tag :username %><br />
+    <%= text_field_tag :username %>
+  </div>
+  <div class="field">
+    <%= label_tag :password %><br />
+    <%= password_field_tag :password %>
+  </div>
+  <div class="actions">
+    <%= submit_tag "Login" %>
+  </div>
+  <div>
+  	<%= label_tag "keep me logged in" %><br />
+    <%= check_box_tag :remember %>
+  </div>
+<% end %>

data/spec/rails_app/app/views/layouts/application.html.erb ADDED

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>AppRoot</title>
+  <%= stylesheet_link_tag :all %>
+  <%= javascript_include_tag :defaults %>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+<%= yield %>
+</body>
+</html>

data/spec/rails_app/app/views/sorcery_mailer/activation_email.html.erb ADDED

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
+  </head>
+  <body>
+    <h1>Welcome to example.com, <%= @user.username %></h1>
+    <p>
+      You have successfully signed up to example.com,
+      your username is: <%= @user.username %>.<br/>
+    </p>
+    <p>
+      To login to the site, just follow this link: <%= @url %>.
+    </p>
+    <p>Thanks for joining and have a great day!</p>
+  </body>
+</html>

data/spec/rails_app/app/views/sorcery_mailer/activation_email.text.erb ADDED

@@ -0,0 +1,9 @@
+Welcome to example.com, <%= @user.username %>
+===============================================
+You have successfully signed up to example.com,
+your username is: <%= @user.username %>.
+To login to the site, just follow this link: <%= @url %>.
+Thanks for joining and have a great day!

data/spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb ADDED

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
+  </head>
+  <body>
+    <h1>Congratz, <%= @user.username %></h1>
+    <p>
+      You have successfully activated your example.com account,
+      your username is: <%= @user.username %>.<br/>
+    </p>
+    <p>
+      To login to the site, just follow this link: <%= @url %>.
+    </p>
+    <p>Thanks for joining and have a great day!</p>
+  </body>
+</html>

data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb ADDED

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" />
+  </head>
+  <body>
+    <h1>Congratz, <%= @user.username %></h1>
+    <p>
+      You have successfully activated your example.com account,
+      your username is: <%= @user.username %>.<br/>
+    </p>
+    <p>
+      To login to the site, just follow this link: <%= @url %>.
+    </p>
+    <p>Thanks for joining and have a great day!</p>
+  </body>
+</html>

data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb ADDED

@@ -0,0 +1,9 @@
+Congratz, <%= @user.username %>
+===============================================
+You have successfully activated your example.com account,
+your username is: <%= @user.username %>.
+To login to the site, just follow this link: <%= @url %>.
+Thanks for joining and have a great day!