clearance 1.5.0 → 1.5.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of clearance might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +2 -3
- data/Gemfile.lock +3 -3
- data/NEWS.md +5 -0
- data/README.md +1 -1
- data/bin/setup +12 -0
- data/lib/clearance/password_strategies/blowfish.rb +4 -2
- data/lib/clearance/version.rb +1 -1
- data/lib/generators/clearance/specs/specs_generator.rb +12 -0
- data/lib/generators/clearance/specs/templates/features/clearance/user_signs_out_spec.rb.tt +11 -0
- data/lib/generators/clearance/specs/templates/features/clearance/{visitor_resets_password_spec.rb → visitor_resets_password_spec.rb.tt} +17 -10
- data/lib/generators/clearance/specs/templates/features/clearance/{visitor_signs_in_spec.rb → visitor_signs_in_spec.rb.tt} +10 -9
- data/lib/generators/clearance/specs/templates/features/clearance/{visitor_signs_up_spec.rb → visitor_signs_up_spec.rb.tt} +5 -4
- data/lib/generators/clearance/specs/templates/features/clearance/{visitor_updates_password_spec.rb → visitor_updates_password_spec.rb.tt} +5 -4
- data/lib/generators/clearance/specs/templates/support/features/clearance_helpers.rb +8 -5
- data/spec/models/blowfish_spec.rb +2 -1
- metadata +8 -11
- data/.hound.yml +0 -2
- data/lib/generators/clearance/specs/templates/features/clearance/user_signs_out_spec.rb +0 -10
- data/lib/generators/clearance/specs/templates/support/action_mailer.rb +0 -3
- data/lib/generators/clearance/specs/templates/support/factory_girl.rb +0 -5
- data/lib/generators/clearance/specs/templates/support/features.rb +0 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6e291b837723c76c6e2a1615f30a1e93a3b01c6e
|
|
4
|
+
data.tar.gz: b2c577781ebc764be239d9a97a2bdda8d4c1ad0c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11de7a2908a2ebc5e294eaefa8376507f76977e072231b5d16528b0c79df241a30a6694ff3371057ac250875fe771a6ececb3efc9e54a050a5d9ad9d8f9568fe
|
|
7
|
+
data.tar.gz: 634fd82edae876f4ca39e929dcc0dfb0a58d44ec6c32cd7fbe2dec9ede67d99e623ffc719786f0bf55c600a2beb370053539d254d56cd48caed13a1ded5728db
|
data/CONTRIBUTING.md
CHANGED
|
@@ -1,9 +1,8 @@
|
|
|
1
1
|
We love pull requests. Here's a quick guide:
|
|
2
2
|
|
|
3
|
-
1. Fork the repo
|
|
3
|
+
1. Fork the repo.
|
|
4
4
|
|
|
5
|
-
2.
|
|
6
|
-
`bundle exec appraisal install`
|
|
5
|
+
2. Run `./bin/setup`.
|
|
7
6
|
|
|
8
7
|
3. Run the tests. We only take pull requests with passing tests, and it's great
|
|
9
8
|
to know that you have a clean slate: `bundle exec appraisal rake`
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
clearance (1.5.
|
|
4
|
+
clearance (1.5.1)
|
|
5
5
|
bcrypt
|
|
6
6
|
email_validator (~> 1.4)
|
|
7
7
|
rails (>= 3.1)
|
|
@@ -44,7 +44,7 @@ GEM
|
|
|
44
44
|
childprocess (>= 0.3.6)
|
|
45
45
|
cucumber (>= 1.1.1)
|
|
46
46
|
rspec-expectations (>= 2.7.0)
|
|
47
|
-
bcrypt (3.1.
|
|
47
|
+
bcrypt (3.1.9)
|
|
48
48
|
bourne (1.5.0)
|
|
49
49
|
mocha (>= 0.13.2, < 0.15)
|
|
50
50
|
builder (3.2.2)
|
|
@@ -70,7 +70,7 @@ GEM
|
|
|
70
70
|
rails (>= 3, < 5)
|
|
71
71
|
database_cleaner (1.3.0)
|
|
72
72
|
diff-lcs (1.2.5)
|
|
73
|
-
email_validator (1.
|
|
73
|
+
email_validator (1.5.0)
|
|
74
74
|
activemodel
|
|
75
75
|
erubis (2.7.0)
|
|
76
76
|
factory_girl (4.4.0)
|
data/NEWS.md
CHANGED
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
Thank you to all the [contributors](https://github.com/thoughtbot/clearance/graphs/contributors)!
|
|
2
2
|
|
|
3
|
+
New for 1.5.1 (December 19, 2014)
|
|
4
|
+
* Blowfish password strategy fixed
|
|
5
|
+
* Specs generated with `rails generate clearance:specs` now work properly in
|
|
6
|
+
RSpec 3 projects.
|
|
7
|
+
|
|
3
8
|
New for 1.5.0 (October 17, 2014)
|
|
4
9
|
* Disable clearance routes by setting `config.routes = false`.
|
|
5
10
|
* Running `rails generate clearance:routes` will dump the default set of
|
data/README.md
CHANGED
data/bin/setup
ADDED
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
#!/bin/sh
|
|
2
|
+
|
|
3
|
+
set -e
|
|
4
|
+
|
|
5
|
+
# Install required gems, including Appraisal, which helps us test against
|
|
6
|
+
# multiple Rails versions
|
|
7
|
+
bundle install
|
|
8
|
+
bundle exec appraisal clean
|
|
9
|
+
bundle exec appraisal install
|
|
10
|
+
|
|
11
|
+
# Set up database for the application that Clearance tests against
|
|
12
|
+
RAILS_ENV=test bundle exec rake db:reset
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
|
+
require 'base64'
|
|
2
3
|
|
|
3
4
|
module Clearance
|
|
4
5
|
module PasswordStrategies
|
|
@@ -25,7 +26,8 @@ module Clearance
|
|
|
25
26
|
def generate_hash(string)
|
|
26
27
|
cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
|
|
27
28
|
cipher.key = Digest::SHA256.digest(salt)
|
|
28
|
-
cipher.update(string) << cipher.final
|
|
29
|
+
hash = cipher.update(string) << cipher.final
|
|
30
|
+
Base64.encode64(hash).encode('utf-8')
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def initialize_salt_if_necessary
|
|
@@ -35,7 +37,7 @@ module Clearance
|
|
|
35
37
|
end
|
|
36
38
|
|
|
37
39
|
def generate_salt
|
|
38
|
-
SecureRandom.hex(20).encode('
|
|
40
|
+
Base64.encode64(SecureRandom.hex(20)).encode('utf-8')
|
|
39
41
|
end
|
|
40
42
|
end
|
|
41
43
|
end
|
data/lib/clearance/version.rb
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
require 'rails/generators/base'
|
|
2
|
+
require 'rspec/rails/version'
|
|
2
3
|
|
|
3
4
|
module Clearance
|
|
4
5
|
module Generators
|
|
@@ -6,8 +7,19 @@ module Clearance
|
|
|
6
7
|
source_root File.expand_path('../templates', __FILE__)
|
|
7
8
|
|
|
8
9
|
def create_specs
|
|
10
|
+
@helper_file = rspec_helper_file
|
|
9
11
|
directory '.', 'spec'
|
|
10
12
|
end
|
|
13
|
+
|
|
14
|
+
private
|
|
15
|
+
|
|
16
|
+
def rspec_helper_file
|
|
17
|
+
if RSpec::Rails::Version::STRING.to_i > 2
|
|
18
|
+
"rails_helper"
|
|
19
|
+
else
|
|
20
|
+
"spec_helper"
|
|
21
|
+
end
|
|
22
|
+
end
|
|
11
23
|
end
|
|
12
24
|
end
|
|
13
25
|
end
|
|
@@ -1,6 +1,9 @@
|
|
|
1
|
-
require "
|
|
1
|
+
require "<%= @helper_file %>"
|
|
2
|
+
require "support/features/clearance_helpers"
|
|
2
3
|
|
|
3
4
|
feature "Visitor resets password" do
|
|
5
|
+
before { ActionMailer::Base.deliveries.clear }
|
|
6
|
+
|
|
4
7
|
scenario "by navigating to the page" do
|
|
5
8
|
visit sign_in_path
|
|
6
9
|
|
|
@@ -12,29 +15,33 @@ feature "Visitor resets password" do
|
|
|
12
15
|
scenario "with valid email" do
|
|
13
16
|
user = user_with_reset_password
|
|
14
17
|
|
|
15
|
-
|
|
16
|
-
|
|
18
|
+
expect_page_to_display_change_password_message
|
|
19
|
+
expect_reset_notification_to_be_sent_to user
|
|
17
20
|
end
|
|
18
21
|
|
|
19
22
|
scenario "with non-user account" do
|
|
20
23
|
reset_password_for "unknown.email@example.com"
|
|
21
24
|
|
|
22
|
-
|
|
23
|
-
|
|
25
|
+
expect_page_to_display_change_password_message
|
|
26
|
+
expect_mailer_to_have_no_deliveries
|
|
24
27
|
end
|
|
25
28
|
|
|
26
29
|
private
|
|
27
30
|
|
|
28
|
-
def
|
|
31
|
+
def expect_reset_notification_to_be_sent_to(user)
|
|
29
32
|
expect(user.confirmation_token).not_to be_blank
|
|
30
|
-
|
|
33
|
+
expect_mailer_to_have_delivery(
|
|
34
|
+
user.email,
|
|
35
|
+
"password",
|
|
36
|
+
user.confirmation_token
|
|
37
|
+
)
|
|
31
38
|
end
|
|
32
39
|
|
|
33
|
-
def
|
|
40
|
+
def expect_page_to_display_change_password_message
|
|
34
41
|
expect(page).to have_content I18n.t("passwords.create.description")
|
|
35
42
|
end
|
|
36
43
|
|
|
37
|
-
def
|
|
44
|
+
def expect_mailer_to_have_delivery(recipient, subject, body)
|
|
38
45
|
expect(ActionMailer::Base.deliveries).not_to be_empty
|
|
39
46
|
|
|
40
47
|
message = ActionMailer::Base.deliveries.any? do |email|
|
|
@@ -46,7 +53,7 @@ feature "Visitor resets password" do
|
|
|
46
53
|
expect(message).to be
|
|
47
54
|
end
|
|
48
55
|
|
|
49
|
-
def
|
|
56
|
+
def expect_mailer_to_have_no_deliveries
|
|
50
57
|
expect(ActionMailer::Base.deliveries).to be_empty
|
|
51
58
|
end
|
|
52
59
|
end
|
|
@@ -1,42 +1,43 @@
|
|
|
1
|
-
require "
|
|
1
|
+
require "<%= @helper_file %>"
|
|
2
|
+
require "support/features/clearance_helpers"
|
|
2
3
|
|
|
3
4
|
feature "Visitor signs in" do
|
|
4
5
|
scenario "with valid email and password" do
|
|
5
6
|
create_user "user@example.com", "password"
|
|
6
7
|
sign_in_with "user@example.com", "password"
|
|
7
8
|
|
|
8
|
-
|
|
9
|
+
expect_user_to_be_signed_in
|
|
9
10
|
end
|
|
10
11
|
|
|
11
12
|
scenario "with valid mixed-case email and password " do
|
|
12
13
|
create_user "user.name@example.com", "password"
|
|
13
14
|
sign_in_with "User.Name@example.com", "password"
|
|
14
15
|
|
|
15
|
-
|
|
16
|
+
expect_user_to_be_signed_in
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
scenario "tries with invalid password" do
|
|
19
20
|
create_user "user@example.com", "password"
|
|
20
21
|
sign_in_with "user@example.com", "wrong_password"
|
|
21
22
|
|
|
22
|
-
|
|
23
|
-
|
|
23
|
+
expect_page_to_display_sign_in_error
|
|
24
|
+
expect_user_to_be_signed_out
|
|
24
25
|
end
|
|
25
26
|
|
|
26
27
|
scenario "tries with invalid email" do
|
|
27
28
|
sign_in_with "unknown.email@example.com", "password"
|
|
28
29
|
|
|
29
|
-
|
|
30
|
-
|
|
30
|
+
expect_page_to_display_sign_in_error
|
|
31
|
+
expect_user_to_be_signed_out
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
private
|
|
34
35
|
|
|
35
36
|
def create_user(email, password)
|
|
36
|
-
create(:user, email: email, password: password)
|
|
37
|
+
FactoryGirl.create(:user, email: email, password: password)
|
|
37
38
|
end
|
|
38
39
|
|
|
39
|
-
def
|
|
40
|
+
def expect_page_to_display_sign_in_error
|
|
40
41
|
expect(page.body).to include(
|
|
41
42
|
I18n.t("flashes.failure_after_create", sign_up_path: sign_up_path)
|
|
42
43
|
)
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
require "
|
|
1
|
+
require "<%= @helper_file %>"
|
|
2
|
+
require "support/features/clearance_helpers"
|
|
2
3
|
|
|
3
4
|
feature "Visitor signs up" do
|
|
4
5
|
scenario "by navigating to the page" do
|
|
@@ -12,18 +13,18 @@ feature "Visitor signs up" do
|
|
|
12
13
|
scenario "with valid email and password" do
|
|
13
14
|
sign_up_with "valid@example.com", "password"
|
|
14
15
|
|
|
15
|
-
|
|
16
|
+
expect_user_to_be_signed_in
|
|
16
17
|
end
|
|
17
18
|
|
|
18
19
|
scenario "tries with invalid email" do
|
|
19
20
|
sign_up_with "invalid_email", "password"
|
|
20
21
|
|
|
21
|
-
|
|
22
|
+
expect_user_to_be_signed_out
|
|
22
23
|
end
|
|
23
24
|
|
|
24
25
|
scenario "tries with blank password" do
|
|
25
26
|
sign_up_with "valid@example.com", ""
|
|
26
27
|
|
|
27
|
-
|
|
28
|
+
expect_user_to_be_signed_out
|
|
28
29
|
end
|
|
29
30
|
end
|
|
@@ -1,11 +1,12 @@
|
|
|
1
|
-
require "
|
|
1
|
+
require "<%= @helper_file %>"
|
|
2
|
+
require "support/features/clearance_helpers"
|
|
2
3
|
|
|
3
4
|
feature "Visitor updates password" do
|
|
4
5
|
scenario "with valid password" do
|
|
5
6
|
user = user_with_reset_password
|
|
6
7
|
update_password user, "newpassword"
|
|
7
8
|
|
|
8
|
-
|
|
9
|
+
expect_user_to_be_signed_in
|
|
9
10
|
end
|
|
10
11
|
|
|
11
12
|
scenario "signs in with new password" do
|
|
@@ -14,7 +15,7 @@ feature "Visitor updates password" do
|
|
|
14
15
|
sign_out
|
|
15
16
|
sign_in_with user.email, "newpassword"
|
|
16
17
|
|
|
17
|
-
|
|
18
|
+
expect_user_to_be_signed_in
|
|
18
19
|
end
|
|
19
20
|
|
|
20
21
|
scenario "tries with a blank password" do
|
|
@@ -23,7 +24,7 @@ feature "Visitor updates password" do
|
|
|
23
24
|
change_password_to ""
|
|
24
25
|
|
|
25
26
|
expect(page).to have_content I18n.t("flashes.failure_after_update")
|
|
26
|
-
|
|
27
|
+
expect_user_to_be_signed_out
|
|
27
28
|
end
|
|
28
29
|
|
|
29
30
|
private
|
|
@@ -8,7 +8,7 @@ module Features
|
|
|
8
8
|
|
|
9
9
|
def sign_in
|
|
10
10
|
password = "password"
|
|
11
|
-
user = create(:user, password: password)
|
|
11
|
+
user = FactoryGirl.create(:user, password: password)
|
|
12
12
|
sign_in_with user.email, password
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -30,20 +30,23 @@ module Features
|
|
|
30
30
|
click_button I18n.t("helpers.submit.user.create")
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
-
def
|
|
33
|
+
def expect_user_to_be_signed_in
|
|
34
34
|
visit root_path
|
|
35
35
|
expect(page).to have_button I18n.t("layouts.application.sign_out")
|
|
36
36
|
end
|
|
37
37
|
|
|
38
|
-
def
|
|
38
|
+
def expect_user_to_be_signed_out
|
|
39
39
|
expect(page).to have_content I18n.t("layouts.application.sign_in")
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def user_with_reset_password
|
|
43
|
-
user = create(:user)
|
|
43
|
+
user = FactoryGirl.create(:user)
|
|
44
44
|
reset_password_for user.email
|
|
45
45
|
user.reload
|
|
46
46
|
end
|
|
47
|
-
|
|
48
47
|
end
|
|
49
48
|
end
|
|
49
|
+
|
|
50
|
+
RSpec.configure do |config|
|
|
51
|
+
config.include Features::ClearanceHelpers, type: :feature
|
|
52
|
+
end
|
|
@@ -23,7 +23,8 @@ describe Clearance::PasswordStrategies::Blowfish do
|
|
|
23
23
|
cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
|
|
24
24
|
cipher.key = Digest::SHA256.digest(salt)
|
|
25
25
|
expected = cipher.update("--#{salt}--#{password}--") << cipher.final
|
|
26
|
-
|
|
26
|
+
encrypted_password = Base64.decode64(subject.encrypted_password)
|
|
27
|
+
expect(encrypted_password).to eq expected
|
|
27
28
|
end
|
|
28
29
|
end
|
|
29
30
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clearance
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dan Croak
|
|
@@ -25,7 +25,7 @@ authors:
|
|
|
25
25
|
autorequire:
|
|
26
26
|
bindir: bin
|
|
27
27
|
cert_chain: []
|
|
28
|
-
date: 2014-
|
|
28
|
+
date: 2014-12-19 00:00:00.000000000 Z
|
|
29
29
|
dependencies:
|
|
30
30
|
- !ruby/object:Gem::Dependency
|
|
31
31
|
name: bcrypt
|
|
@@ -78,7 +78,6 @@ extra_rdoc_files:
|
|
|
78
78
|
- README.md
|
|
79
79
|
files:
|
|
80
80
|
- ".gitignore"
|
|
81
|
-
- ".hound.yml"
|
|
82
81
|
- ".rspec"
|
|
83
82
|
- ".travis.yml"
|
|
84
83
|
- Appraisals
|
|
@@ -103,6 +102,7 @@ files:
|
|
|
103
102
|
- app/views/sessions/new.html.erb
|
|
104
103
|
- app/views/users/_form.html.erb
|
|
105
104
|
- app/views/users/new.html.erb
|
|
105
|
+
- bin/setup
|
|
106
106
|
- clearance.gemspec
|
|
107
107
|
- config/locales/clearance.en.yml
|
|
108
108
|
- config/routes.rb
|
|
@@ -161,15 +161,12 @@ files:
|
|
|
161
161
|
- lib/generators/clearance/specs/USAGE
|
|
162
162
|
- lib/generators/clearance/specs/specs_generator.rb
|
|
163
163
|
- lib/generators/clearance/specs/templates/factories/clearance.rb
|
|
164
|
-
- lib/generators/clearance/specs/templates/features/clearance/user_signs_out_spec.rb
|
|
165
|
-
- lib/generators/clearance/specs/templates/features/clearance/visitor_resets_password_spec.rb
|
|
166
|
-
- lib/generators/clearance/specs/templates/features/clearance/visitor_signs_in_spec.rb
|
|
167
|
-
- lib/generators/clearance/specs/templates/features/clearance/visitor_signs_up_spec.rb
|
|
168
|
-
- lib/generators/clearance/specs/templates/features/clearance/visitor_updates_password_spec.rb
|
|
169
|
-
- lib/generators/clearance/specs/templates/support/action_mailer.rb
|
|
164
|
+
- lib/generators/clearance/specs/templates/features/clearance/user_signs_out_spec.rb.tt
|
|
165
|
+
- lib/generators/clearance/specs/templates/features/clearance/visitor_resets_password_spec.rb.tt
|
|
166
|
+
- lib/generators/clearance/specs/templates/features/clearance/visitor_signs_in_spec.rb.tt
|
|
167
|
+
- lib/generators/clearance/specs/templates/features/clearance/visitor_signs_up_spec.rb.tt
|
|
168
|
+
- lib/generators/clearance/specs/templates/features/clearance/visitor_updates_password_spec.rb.tt
|
|
170
169
|
- lib/generators/clearance/specs/templates/support/clearance.rb
|
|
171
|
-
- lib/generators/clearance/specs/templates/support/factory_girl.rb
|
|
172
|
-
- lib/generators/clearance/specs/templates/support/features.rb
|
|
173
170
|
- lib/generators/clearance/specs/templates/support/features/clearance_helpers.rb
|
|
174
171
|
- lib/generators/clearance/views/USAGE
|
|
175
172
|
- lib/generators/clearance/views/views_generator.rb
|
data/.hound.yml
DELETED