clearance 1.7.0 → 1.8.0

data/features/step_definitions/gem_file_steps.rb

@@ -1,15 +0,0 @@
-When /^I add the "([^"]*)" gem$/ do |gem_name|
-  append_to_file('Gemfile', %{\ngem "#{gem_name}"\n})
-end
-
-When /^I add the "([^"]*)" gem from this project$/ do |gem_name|
-  append_to_file('Gemfile', %{\ngem "#{gem_name}", path: "../../.."\n})
-end
-
-When /^I remove the "([^"]*)" gem from this project$/ do |gem_name|
-  in_current_dir do
-    content = File.read('Gemfile')
-    content.sub!(/^.*gem '#{gem_name}'.*\n/, "")
-    File.open('Gemfile', 'w') { |file| file.write(content) }
-  end
-end

data/features/support/aruba.rb

@@ -1,3 +0,0 @@
-Before do
-  @aruba_timeout_seconds = 60
-end

data/features/support/env.rb

@@ -1,27 +0,0 @@
-ENV["RAILS_ENV"] ||= "test"
-
-require "bundler"
-require "rails/all"
-
-require "clearance"
-require "aruba/cucumber"
-require_relative "../../spec/dummy/application"
-require "cucumber/rails/action_controller"
-require "cucumber/rails/application"
-require "cucumber/rails/capybara"
-require "cucumber/rails/database"
-require "cucumber/rails/hooks"
-require "cucumber/rails/world"
-
-ActionController::Base.allow_rescue = false
-Capybara.default_selector = :css
-Capybara.save_and_open_page_path = "tmp"
-Dummy::Application.initialize!
-
-DatabaseCleaner.strategy = :transaction
-
-Around do |scenario, block|
-  Bundler.with_clean_env do
-    block.call
-  end
-end

data/spec/models/bcrypt_spec.rb

@@ -1,66 +0,0 @@
-require 'spec_helper'
-
-describe Clearance::PasswordStrategies::BCrypt do
-  subject do
-    fake_model_with_password_strategy(Clearance::PasswordStrategies::BCrypt)
-  end
-
-  describe '#password=' do
-    let(:password) { 'password' }
-    let(:encrypted_password) { double("encrypted password") }
-
-    before do
-      allow(BCrypt::Password).to receive(:create).and_return(encrypted_password)
-    end
-
-    it 'encrypts the password into encrypted_password' do
-      subject.password = password
-
-      expect(subject.encrypted_password).to eq encrypted_password
-    end
-
-    it 'encrypts with BCrypt using default cost in non test environments' do
-      allow(Rails).to receive(:env).
-        and_return(ActiveSupport::StringInquirer.new("production"))
-
-      subject.password = password
-
-      expect(BCrypt::Password).to have_received(:create).with(
-        password,
-        cost: ::BCrypt::Engine::DEFAULT_COST
-      )
-    end
-
-    it 'encrypts with BCrypt using minimum cost in test environment' do
-      subject.password = password
-
-      expect(BCrypt::Password).to have_received(:create).with(
-        password,
-        cost: ::BCrypt::Engine::MIN_COST
-      )
-    end
-  end
-
-  describe '#authenticated?' do
-
-    before do
-      subject.password = password
-    end
-
-    context 'given a password' do
-      let(:password) { 'password' }
-
-      it 'is authenticated with BCrypt' do
-        expect(subject).to be_authenticated(password)
-      end
-    end
-
-    context 'given no password' do
-      let(:password) { nil }
-
-      it 'is not authenticated' do
-        expect(subject).not_to be_authenticated(password)
-      end
-    end
-  end
-end

data/spec/models/blowfish_spec.rb

@@ -1,42 +0,0 @@
-require 'spec_helper'
-
-describe Clearance::PasswordStrategies::Blowfish do
-  subject do
-    fake_model_with_password_strategy(Clearance::PasswordStrategies::Blowfish)
-  end
-
-  describe '#password=' do
-    context 'when the password is set' do
-      let(:salt) { 'salt' }
-      let(:password) { 'password' }
-
-      before do
-        subject.salt = salt
-        subject.password = password
-      end
-
-      it 'does not initialize the salt' do
-        expect(subject.salt).to eq salt
-      end
-
-      it 'encrypts the password using Blowfish and the existing salt' do
-        cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
-        cipher.key = Digest::SHA256.digest(salt)
-        expected = cipher.update("--#{salt}--#{password}--") << cipher.final
-        encrypted_password = Base64.decode64(subject.encrypted_password)
-        expect(encrypted_password).to eq expected
-      end
-    end
-
-    context 'when the salt is not set' do
-      before do
-        subject.salt = nil
-        subject.password = 'whatever'
-      end
-
-      it 'should initialize the salt' do
-        expect(subject.salt).not_to be_nil
-      end
-    end
-  end
-end

data/spec/models/password_strategies_spec.rb

@@ -1,41 +0,0 @@
-require 'spec_helper'
-
-describe Clearance::User do
-  subject do
-    class UniquenessValidator < ActiveModel::Validator
-      undef validate
-
-      def validate(record)
-      end
-    end
-
-    Class.new do
-      include ActiveModel::Validations
-
-      validates_with UniquenessValidator
-
-      def self.before_validation(*args); end
-      def self.before_create(*args); end
-
-      include Clearance::User
-    end.new
-  end
-
-  describe 'when Clearance.configuration.password_strategy is set' do
-    let(:mock_password_strategy) { Module.new }
-
-    before { Clearance.configuration.password_strategy = mock_password_strategy }
-
-    it 'includes the value it is set to' do
-      expect(subject).to be_kind_of(mock_password_strategy)
-    end
-  end
-
-  describe 'when Clearance.configuration.password_strategy is not set' do
-    before { Clearance.configuration.password_strategy = nil }
-
-    it 'includes Clearance::PasswordStrategies::BCrypt' do
-      expect(subject).to be_kind_of(Clearance::PasswordStrategies::BCrypt)
-    end
-  end
-end

data/spec/models/sha1_spec.rb

@@ -1,43 +0,0 @@
-require 'spec_helper'
-
-describe Clearance::PasswordStrategies::SHA1 do
-  subject do
-    fake_model_with_password_strategy(Clearance::PasswordStrategies::SHA1)
-  end
-
-  describe '#password=' do
-    context 'when the password is set' do
-      let(:salt) { 'salt' }
-      let(:password) { 'password' }
-
-      before do
-        subject.salt = salt
-        subject.password = password
-      end
-
-      it 'does not initialize the salt' do
-        expect(subject.salt).to eq salt
-      end
-
-      it 'encrypts the password using SHA1 and the existing salt' do
-        expected = Digest::SHA1.hexdigest("--#{salt}--#{password}--")
-        expect(subject.encrypted_password).to eq expected
-      end
-    end
-
-    context "when the password is not set" do
-      before do
-        subject.salt     = nil
-        subject.password = ""
-      end
-
-      it "initializes the salt" do
-        expect(subject.salt).not_to be_nil
-      end
-
-      it "doesn't encrpt the password" do
-        expect(subject.encrypted_password).to be_nil
-      end
-    end
-  end
-end

data/spec/models/user_spec.rb

@@ -1,196 +0,0 @@
-require 'spec_helper'
-
-describe User do
-  it { should have_db_index(:email) }
-  it { should have_db_index(:remember_token) }
-
-  describe 'when signing up' do
-    it { is_expected.to validate_presence_of(:email) }
-    it { is_expected.to validate_presence_of(:password) }
-    it { is_expected.to allow_value('foo@example.co.uk').for(:email) }
-    it { is_expected.to allow_value('foo@example.com').for(:email) }
-    it { is_expected.to allow_value('foo+bar@example.com').for(:email) }
-    it { is_expected.not_to allow_value('foo@').for(:email) }
-    it { is_expected.not_to allow_value('foo@example..com').for(:email) }
-    it { is_expected.not_to allow_value('foo@.example.com').for(:email) }
-    it { is_expected.not_to allow_value('foo').for(:email) }
-    it { is_expected.not_to allow_value('example.com').for(:email) }
-    it { is_expected.not_to allow_value('foo;@example.com').for(:email) }
-
-    it 'stores email in down case and removes whitespace' do
-      user = create(:user, email: 'Jo hn.Do e @exa mp le.c om')
-      expect(user.email).to eq 'john.doe@example.com'
-    end
-  end
-
-  describe 'when multiple users have signed up' do
-    before { create(:user) }
-    it { is_expected.to validate_uniqueness_of(:email) }
-  end
-
-  describe 'a user' do
-    before do
-      @user = create(:user)
-      @password = @user.password
-    end
-
-    it 'is authenticated with correct email and password' do
-      expect(User.authenticate(@user.email, @password)).to eq(@user)
-      expect(@user).to be_authenticated(@password)
-    end
-
-    it 'is authenticated with correct uppercased email and correct password' do
-      expect(User.authenticate(@user.email.upcase, @password)).to eq(@user)
-      expect(@user).to be_authenticated(@password)
-    end
-
-    it 'is not authenticated with incorrect credentials' do
-      expect(User.authenticate(@user.email, 'bad_password')).to be_nil
-      expect(@user).not_to be_authenticated('bad password')
-    end
-
-    it 'is retrieved via a case-insensitive search' do
-      expect(User.find_by_normalized_email(@user.email.upcase)).to eq(@user)
-    end
-  end
-
-  describe 'when resetting authentication with reset_remember_token!' do
-    before do
-      @user = create(:user)
-      @user.remember_token = 'old-token'
-      @user.reset_remember_token!
-    end
-
-    it 'changes the remember token' do
-      expect(@user.remember_token).not_to eq 'old-token'
-    end
-  end
-
-  describe 'an email confirmed user' do
-    before do
-      @user = create(:user)
-      @old_encrypted_password = @user.encrypted_password
-    end
-
-    describe 'who updates password' do
-      before do
-        @user.update_password('new_password')
-      end
-
-      it 'changes encrypted password' do
-        expect(@user.encrypted_password).not_to eq @old_encrypted_password
-      end
-    end
-  end
-
-  it 'does not generate same remember token for users with same password at same time' do
-    allow(Time).to receive(:now).and_return(Time.now)
-    password = 'secret'
-    first_user = create(:user, password: password)
-    second_user = create(:user, password: password)
-    expect(second_user.remember_token).not_to eq first_user.remember_token
-  end
-
-  describe 'a user' do
-    before do
-      @user = create(:user)
-      @old_encrypted_password = @user.encrypted_password
-    end
-
-    describe 'who requests password reminder' do
-      before do
-        expect(@user.confirmation_token).to be_nil
-        @user.forgot_password!
-      end
-
-      it 'generates confirmation token' do
-        expect(@user.confirmation_token).not_to be_nil
-      end
-
-      describe 'and then updates password' do
-        describe 'with password' do
-          before do
-            @user.update_password 'new_password'
-          end
-
-          it 'changes encrypted password' do
-            expect(@user.encrypted_password).not_to eq @old_encrypted_password
-          end
-
-          it 'clears confirmation token' do
-            expect(@user.confirmation_token).to be_nil
-          end
-        end
-
-        describe 'with blank password' do
-          before do
-            @user.update_password ''
-          end
-
-          it 'does not change encrypted password' do
-            expect(@user.encrypted_password.to_s).to eq @old_encrypted_password
-          end
-
-          it 'does not clear confirmation token' do
-            expect(@user.confirmation_token).to_not be_nil
-          end
-        end
-      end
-    end
-  end
-
-  describe 'a user with an optional email' do
-    before do
-      @user = User.new
-
-      class << @user
-        def email_optional?
-          true
-        end
-      end
-    end
-
-    subject { @user }
-
-    it { is_expected.to allow_value(nil).for(:email) }
-    it { is_expected.to allow_value('').for(:email) }
-  end
-
-  describe 'user factory' do
-    it 'should create a valid user with just an overridden password' do
-      expect(build(:user, password: 'test')).to be_valid
-    end
-  end
-
-  describe 'email address normalization' do
-    let(:email) { 'Jo hn.Do e @exa mp le.c om' }
-
-    it 'downcases the address and strips spaces' do
-      expect(User.normalize_email(email)).to eq 'john.doe@example.com'
-    end
-  end
-
-  describe 'the password setter on a User' do
-    let(:password) { 'a-password' }
-    before { subject.send(:password=, password) }
-
-    it 'sets password to the plain-text password' do
-      expect(subject.password).to eq password
-    end
-
-    it 'also sets encrypted_password' do
-      expect(subject.encrypted_password).to_not be_nil
-    end
-  end
-end
-
-describe UserWithOptionalPassword do
-  it { is_expected.to allow_value(nil).for(:password) }
-  it { is_expected.to allow_value('').for(:password) }
-
-  it 'cannot authenticate with blank password' do
-    user = create(:user_with_optional_password)
-
-    expect(UserWithOptionalPassword.authenticate(user.email, '')).to be_nil
-  end
-end