cm-devise_token_auth 0.1.30.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +13 -0
- data/README.md +688 -0
- data/Rakefile +34 -0
- data/app/controllers/devise_token_auth/application_controller.rb +17 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +109 -0
- data/app/controllers/devise_token_auth/confirmations_controller.rb +31 -0
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +171 -0
- data/app/controllers/devise_token_auth/passwords_controller.rb +155 -0
- data/app/controllers/devise_token_auth/registrations_controller.rb +123 -0
- data/app/controllers/devise_token_auth/sessions_controller.rb +98 -0
- data/app/controllers/devise_token_auth/token_validations_controller.rb +23 -0
- data/app/models/devise_token_auth/concerns/user.rb +231 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise_token_auth/omniauth_failure.html.erb +2 -0
- data/app/views/devise_token_auth/omniauth_success.html.erb +8 -0
- data/app/views/layouts/omniauth_response.html.erb +31 -0
- data/config/initializers/devise.rb +203 -0
- data/config/locales/devise.en.yml +59 -0
- data/config/routes.rb +5 -0
- data/lib/devise_token_auth.rb +7 -0
- data/lib/devise_token_auth/controllers/helpers.rb +129 -0
- data/lib/devise_token_auth/controllers/url_helpers.rb +8 -0
- data/lib/devise_token_auth/engine.rb +25 -0
- data/lib/devise_token_auth/rails/routes.rb +65 -0
- data/lib/devise_token_auth/version.rb +3 -0
- data/lib/generators/devise_token_auth/USAGE +31 -0
- data/lib/generators/devise_token_auth/install_generator.rb +115 -0
- data/lib/generators/devise_token_auth/install_views_generator.rb +16 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +22 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +54 -0
- data/lib/generators/devise_token_auth/templates/user.rb +3 -0
- data/lib/tasks/devise_token_auth_tasks.rake +4 -0
- data/test/controllers/demo_group_controller_test.rb +126 -0
- data/test/controllers/demo_mang_controller_test.rb +263 -0
- data/test/controllers/demo_user_controller_test.rb +262 -0
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +107 -0
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +167 -0
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +287 -0
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +458 -0
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +221 -0
- data/test/controllers/overrides/confirmations_controller_test.rb +44 -0
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +44 -0
- data/test/controllers/overrides/passwords_controller_test.rb +62 -0
- data/test/controllers/overrides/registrations_controller_test.rb +40 -0
- data/test/controllers/overrides/sessions_controller_test.rb +33 -0
- data/test/controllers/overrides/token_validations_controller_test.rb +38 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/images/logo.jpg +0 -0
- data/test/dummy/app/assets/images/omniauth-provider-settings.png +0 -0
- data/test/dummy/app/assets/javascripts/application.js +13 -0
- data/test/dummy/app/assets/stylesheets/application.css +15 -0
- data/test/dummy/app/controllers/application_controller.rb +16 -0
- data/test/dummy/app/controllers/demo_group_controller.rb +13 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +12 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +12 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +32 -0
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +14 -0
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +39 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +27 -0
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +43 -0
- data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
- data/test/dummy/app/helpers/application_helper.rb +1065 -0
- data/test/dummy/app/models/evil_user.rb +3 -0
- data/test/dummy/app/models/mang.rb +3 -0
- data/test/dummy/app/models/user.rb +18 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +8 -0
- data/test/dummy/bin/rake +8 -0
- data/test/dummy/bin/spring +18 -0
- data/test/dummy/config.ru +16 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/application.yml.bk +0 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +31 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +44 -0
- data/test/dummy/config/environments/production.rb +82 -0
- data/test/dummy/config/environments/test.rb +40 -0
- data/test/dummy/config/initializers/assets.rb +8 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/devise_token_auth.rb +22 -0
- data/test/dummy/config/initializers/figaro.rb +1 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/omniauth.rb +8 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +30 -0
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/config/spring.rb +1 -0
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +56 -0
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +56 -0
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +6 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +5 -0
- data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +57 -0
- data/test/dummy/db/schema.rb +114 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/fixtures/evil_users.yml +29 -0
- data/test/fixtures/mangs.yml +29 -0
- data/test/fixtures/users.yml +29 -0
- data/test/integration/navigation_test.rb +10 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +178 -0
- data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +23 -0
- data/test/models/user_test.rb +90 -0
- data/test/test_helper.rb +60 -0
- metadata +310 -0
|
@@ -0,0 +1,458 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
11
|
+
describe DeviseTokenAuth::RegistrationsController do
|
|
12
|
+
describe "Successful registration" do
|
|
13
|
+
before do
|
|
14
|
+
@mails_sent = ActionMailer::Base.deliveries.count
|
|
15
|
+
|
|
16
|
+
post '/auth', {
|
|
17
|
+
email: Faker::Internet.email,
|
|
18
|
+
password: "secret123",
|
|
19
|
+
password_confirmation: "secret123",
|
|
20
|
+
confirm_success_url: Faker::Internet.url,
|
|
21
|
+
unpermitted_param: '(x_x)'
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
@resource = assigns(:resource)
|
|
25
|
+
@data = JSON.parse(response.body)
|
|
26
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
test "request should be successful" do
|
|
30
|
+
assert_equal 200, response.status
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
test "user should have been created" do
|
|
34
|
+
assert @resource.id
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
test "user should not be confirmed" do
|
|
38
|
+
assert_nil @resource.confirmed_at
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
test "new user data should be returned as json" do
|
|
42
|
+
assert @data['data']['email']
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
test "new user should receive confirmation email" do
|
|
46
|
+
assert_equal @resource.email, @mail['to'].to_s
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
test "new user password should not be returned" do
|
|
50
|
+
assert_nil @data['data']['password']
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
test "only one email was sent" do
|
|
54
|
+
assert_equal @mails_sent + 1, ActionMailer::Base.deliveries.count
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
describe "case-insensitive email" do
|
|
59
|
+
|
|
60
|
+
before do
|
|
61
|
+
@resource_class = User
|
|
62
|
+
@request_params = {
|
|
63
|
+
email: "AlternatingCase@example.com",
|
|
64
|
+
password: "secret123",
|
|
65
|
+
password_confirmation: "secret123",
|
|
66
|
+
confirm_success_url: Faker::Internet.url
|
|
67
|
+
}
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
test "success should downcase uid if configured" do
|
|
71
|
+
@resource_class.case_insensitive_keys = [:email]
|
|
72
|
+
post '/auth', @request_params
|
|
73
|
+
assert_equal 200, response.status
|
|
74
|
+
@data = JSON.parse(response.body)
|
|
75
|
+
assert_equal "alternatingcase@example.com", @data['data']['uid']
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
test "request should not downcase uid if not configured" do
|
|
79
|
+
@resource_class.case_insensitive_keys = []
|
|
80
|
+
post '/auth', @request_params
|
|
81
|
+
assert_equal 200, response.status
|
|
82
|
+
@data = JSON.parse(response.body)
|
|
83
|
+
assert_equal "AlternatingCase@example.com", @data['data']['uid']
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
describe "Adding extra params" do
|
|
89
|
+
before do
|
|
90
|
+
@redirect_url = Faker::Internet.url
|
|
91
|
+
@operating_thetan = 2
|
|
92
|
+
|
|
93
|
+
post '/auth', {
|
|
94
|
+
email: Faker::Internet.email,
|
|
95
|
+
password: "secret123",
|
|
96
|
+
password_confirmation: "secret123",
|
|
97
|
+
confirm_success_url: @redirect_url,
|
|
98
|
+
favorite_color: @fav_color,
|
|
99
|
+
operating_thetan: @operating_thetan
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
@resource = assigns(:resource)
|
|
103
|
+
@data = JSON.parse(response.body)
|
|
104
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
105
|
+
|
|
106
|
+
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
|
107
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)\"/)[1])
|
|
108
|
+
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
test 'redirect_url is included as param in email' do
|
|
112
|
+
assert_equal @redirect_url, @mail_redirect_url
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
test "additional sign_up params should be considered" do
|
|
116
|
+
assert_equal @operating_thetan, @resource.operating_thetan
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
test 'config_name param is included in the confirmation email link' do
|
|
120
|
+
assert @mail_config_name
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
test "client config name falls back to 'default'" do
|
|
124
|
+
assert_equal "default", @mail_config_name
|
|
125
|
+
end
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
describe "Mismatched passwords" do
|
|
129
|
+
before do
|
|
130
|
+
post '/auth', {
|
|
131
|
+
email: Faker::Internet.email,
|
|
132
|
+
password: "secret123",
|
|
133
|
+
password_confirmation: "bogus",
|
|
134
|
+
confirm_success_url: Faker::Internet.url
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
@resource = assigns(:resource)
|
|
138
|
+
@data = JSON.parse(response.body)
|
|
139
|
+
end
|
|
140
|
+
|
|
141
|
+
test "request should not be successful" do
|
|
142
|
+
assert_equal 403, response.status
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
test "user should have been created" do
|
|
146
|
+
assert_nil @resource.id
|
|
147
|
+
end
|
|
148
|
+
|
|
149
|
+
test "error should be returned in the response" do
|
|
150
|
+
assert @data['errors'].length
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
test "full_messages should be included in error hash" do
|
|
154
|
+
assert @data['errors']['full_messages'].length
|
|
155
|
+
end
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
describe "Existing users" do
|
|
159
|
+
before do
|
|
160
|
+
@existing_user = users(:confirmed_email_user)
|
|
161
|
+
|
|
162
|
+
post "/auth", {
|
|
163
|
+
email: @existing_user.email,
|
|
164
|
+
password: "secret123",
|
|
165
|
+
password_confirmation: "secret123",
|
|
166
|
+
confirm_success_url: Faker::Internet.url
|
|
167
|
+
}
|
|
168
|
+
|
|
169
|
+
@resource = assigns(:resource)
|
|
170
|
+
@data = JSON.parse(response.body)
|
|
171
|
+
end
|
|
172
|
+
|
|
173
|
+
test "request should not be successful" do
|
|
174
|
+
assert_equal 403, response.status
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
test "user should have been created" do
|
|
178
|
+
assert_nil @resource.id
|
|
179
|
+
end
|
|
180
|
+
|
|
181
|
+
test "error should be returned in the response" do
|
|
182
|
+
assert @data['errors'].length
|
|
183
|
+
end
|
|
184
|
+
end
|
|
185
|
+
|
|
186
|
+
|
|
187
|
+
describe "Destroy user account" do
|
|
188
|
+
describe "success" do
|
|
189
|
+
before do
|
|
190
|
+
@existing_user = users(:confirmed_email_user)
|
|
191
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
192
|
+
@client_id = @auth_headers['client']
|
|
193
|
+
|
|
194
|
+
# ensure request is not treated as batch request
|
|
195
|
+
age_token(@existing_user, @client_id)
|
|
196
|
+
|
|
197
|
+
delete "/auth", {}, @auth_headers
|
|
198
|
+
|
|
199
|
+
@data = JSON.parse(response.body)
|
|
200
|
+
end
|
|
201
|
+
|
|
202
|
+
test 'request is successful' do
|
|
203
|
+
assert_equal 200, response.status
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
test "existing user should be deleted" do
|
|
207
|
+
refute User.where(id: @existing_user.id).first
|
|
208
|
+
end
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
describe 'failure: no auth headers' do
|
|
212
|
+
before do
|
|
213
|
+
delete "/auth"
|
|
214
|
+
@data = JSON.parse(response.body)
|
|
215
|
+
end
|
|
216
|
+
|
|
217
|
+
test 'request returns 404 (not found) status' do
|
|
218
|
+
assert_equal 404, response.status
|
|
219
|
+
end
|
|
220
|
+
end
|
|
221
|
+
end
|
|
222
|
+
|
|
223
|
+
|
|
224
|
+
describe "Update user account" do
|
|
225
|
+
describe "existing user" do
|
|
226
|
+
before do
|
|
227
|
+
@existing_user = users(:confirmed_email_user)
|
|
228
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
229
|
+
@client_id = @auth_headers['client']
|
|
230
|
+
|
|
231
|
+
# ensure request is not treated as batch request
|
|
232
|
+
age_token(@existing_user, @client_id)
|
|
233
|
+
end
|
|
234
|
+
|
|
235
|
+
describe "success" do
|
|
236
|
+
before do
|
|
237
|
+
# test valid update param
|
|
238
|
+
@resource_class = User
|
|
239
|
+
@new_operating_thetan = 1000000
|
|
240
|
+
@email = "AlternatingCase2@example.com"
|
|
241
|
+
@request_params = {
|
|
242
|
+
operating_thetan: @new_operating_thetan,
|
|
243
|
+
email: @email
|
|
244
|
+
}
|
|
245
|
+
end
|
|
246
|
+
|
|
247
|
+
test "Request was successful" do
|
|
248
|
+
put "/auth", @request_params, @auth_headers
|
|
249
|
+
assert_equal 200, response.status
|
|
250
|
+
end
|
|
251
|
+
|
|
252
|
+
test "Case sensitive attributes update" do
|
|
253
|
+
@resource_class.case_insensitive_keys = []
|
|
254
|
+
put "/auth", @request_params, @auth_headers
|
|
255
|
+
@data = JSON.parse(response.body)
|
|
256
|
+
@existing_user.reload
|
|
257
|
+
assert_equal @new_operating_thetan, @existing_user.operating_thetan
|
|
258
|
+
assert_equal @email, @existing_user.email
|
|
259
|
+
assert_equal @email, @existing_user.uid
|
|
260
|
+
end
|
|
261
|
+
|
|
262
|
+
test "Case insensitive attributes update" do
|
|
263
|
+
@resource_class.case_insensitive_keys = [:email]
|
|
264
|
+
put "/auth", @request_params, @auth_headers
|
|
265
|
+
@data = JSON.parse(response.body)
|
|
266
|
+
@existing_user.reload
|
|
267
|
+
assert_equal @new_operating_thetan, @existing_user.operating_thetan
|
|
268
|
+
assert_equal @email.downcase, @existing_user.email
|
|
269
|
+
assert_equal @email.downcase, @existing_user.uid
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
|
|
273
|
+
describe "error" do
|
|
274
|
+
before do
|
|
275
|
+
# test invalid update param
|
|
276
|
+
@new_operating_thetan = "blegh"
|
|
277
|
+
put "/auth", {
|
|
278
|
+
operating_thetan: @new_operating_thetan
|
|
279
|
+
}, @auth_headers
|
|
280
|
+
|
|
281
|
+
@data = JSON.parse(response.body)
|
|
282
|
+
@existing_user.reload
|
|
283
|
+
end
|
|
284
|
+
|
|
285
|
+
test "Request was NOT successful" do
|
|
286
|
+
assert_equal 403, response.status
|
|
287
|
+
end
|
|
288
|
+
|
|
289
|
+
test "Errors were provided with response" do
|
|
290
|
+
assert @data["errors"].length
|
|
291
|
+
end
|
|
292
|
+
end
|
|
293
|
+
end
|
|
294
|
+
|
|
295
|
+
describe "invalid user" do
|
|
296
|
+
before do
|
|
297
|
+
@existing_user = users(:confirmed_email_user)
|
|
298
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
299
|
+
@client_id = @auth_headers['client']
|
|
300
|
+
|
|
301
|
+
# ensure request is not treated as batch request
|
|
302
|
+
expire_token(@existing_user, @client_id)
|
|
303
|
+
|
|
304
|
+
# test valid update param
|
|
305
|
+
@new_operating_thetan = 3
|
|
306
|
+
|
|
307
|
+
put "/auth", {
|
|
308
|
+
operating_thetan: @new_operating_thetan
|
|
309
|
+
}, @auth_headers
|
|
310
|
+
|
|
311
|
+
@data = JSON.parse(response.body)
|
|
312
|
+
@existing_user.reload
|
|
313
|
+
end
|
|
314
|
+
|
|
315
|
+
test "Response should return 404 status" do
|
|
316
|
+
assert_equal 404, response.status
|
|
317
|
+
end
|
|
318
|
+
|
|
319
|
+
test "User should not be updated" do
|
|
320
|
+
refute_equal @new_operating_thetan, @existing_user.operating_thetan
|
|
321
|
+
end
|
|
322
|
+
end
|
|
323
|
+
end
|
|
324
|
+
|
|
325
|
+
describe "Ouath user has existing email" do
|
|
326
|
+
before do
|
|
327
|
+
@existing_user = users(:duplicate_email_facebook_user)
|
|
328
|
+
|
|
329
|
+
post "/auth", {
|
|
330
|
+
email: @existing_user.email,
|
|
331
|
+
password: "secret123",
|
|
332
|
+
password_confirmation: "secret123",
|
|
333
|
+
confirm_success_url: Faker::Internet.url
|
|
334
|
+
}
|
|
335
|
+
|
|
336
|
+
@resource = assigns(:resource)
|
|
337
|
+
@data = JSON.parse(response.body)
|
|
338
|
+
end
|
|
339
|
+
|
|
340
|
+
test "request should be successful" do
|
|
341
|
+
assert_equal 200, response.status
|
|
342
|
+
end
|
|
343
|
+
|
|
344
|
+
test "user should have been created" do
|
|
345
|
+
assert @resource.id
|
|
346
|
+
end
|
|
347
|
+
|
|
348
|
+
test "new user data should be returned as json" do
|
|
349
|
+
assert @data['data']['email']
|
|
350
|
+
end
|
|
351
|
+
end
|
|
352
|
+
|
|
353
|
+
describe "Alternate user class" do
|
|
354
|
+
before do
|
|
355
|
+
post "/mangs", {
|
|
356
|
+
email: Faker::Internet.email,
|
|
357
|
+
password: "secret123",
|
|
358
|
+
password_confirmation: "secret123",
|
|
359
|
+
confirm_success_url: Faker::Internet.url
|
|
360
|
+
}
|
|
361
|
+
|
|
362
|
+
@resource = assigns(:resource)
|
|
363
|
+
@data = JSON.parse(response.body)
|
|
364
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
365
|
+
end
|
|
366
|
+
|
|
367
|
+
test "request should be successful" do
|
|
368
|
+
assert_equal 200, response.status
|
|
369
|
+
end
|
|
370
|
+
|
|
371
|
+
test "use should be a Mang" do
|
|
372
|
+
assert_equal "Mang", @resource.class.name
|
|
373
|
+
end
|
|
374
|
+
|
|
375
|
+
test "Mang should be destroyed" do
|
|
376
|
+
@auth_headers = @resource.create_new_auth_token
|
|
377
|
+
@client_id = @auth_headers['client']
|
|
378
|
+
|
|
379
|
+
# ensure request is not treated as batch request
|
|
380
|
+
age_token(@resource, @client_id)
|
|
381
|
+
|
|
382
|
+
delete "/mangs", {}, @auth_headers
|
|
383
|
+
|
|
384
|
+
assert_equal 200, response.status
|
|
385
|
+
refute Mang.where(id: @resource.id).first
|
|
386
|
+
end
|
|
387
|
+
end
|
|
388
|
+
|
|
389
|
+
describe "Passing client config name" do
|
|
390
|
+
before do
|
|
391
|
+
@config_name = 'altUser'
|
|
392
|
+
|
|
393
|
+
post "/mangs", {
|
|
394
|
+
email: Faker::Internet.email,
|
|
395
|
+
password: "secret123",
|
|
396
|
+
password_confirmation: "secret123",
|
|
397
|
+
confirm_success_url: Faker::Internet.url,
|
|
398
|
+
config_name: @config_name
|
|
399
|
+
}
|
|
400
|
+
|
|
401
|
+
@resource = assigns(:resource)
|
|
402
|
+
@data = JSON.parse(response.body)
|
|
403
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
404
|
+
|
|
405
|
+
@resource.reload
|
|
406
|
+
|
|
407
|
+
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
|
408
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)\"/)[1])
|
|
409
|
+
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
|
410
|
+
end
|
|
411
|
+
|
|
412
|
+
test 'config_name param is included in the confirmation email link' do
|
|
413
|
+
assert_equal @config_name, @mail_config_name
|
|
414
|
+
end
|
|
415
|
+
end
|
|
416
|
+
|
|
417
|
+
describe "Skipped confirmation" do
|
|
418
|
+
setup do
|
|
419
|
+
User.set_callback(:create, :before, :skip_confirmation!)
|
|
420
|
+
|
|
421
|
+
post "/auth", {
|
|
422
|
+
email: Faker::Internet.email,
|
|
423
|
+
password: "secret123",
|
|
424
|
+
password_confirmation: "secret123",
|
|
425
|
+
confirm_success_url: Faker::Internet.url
|
|
426
|
+
}
|
|
427
|
+
|
|
428
|
+
@resource = assigns(:resource)
|
|
429
|
+
@token = response.headers["access-token"]
|
|
430
|
+
@client_id = response.headers["client"]
|
|
431
|
+
end
|
|
432
|
+
|
|
433
|
+
teardown do
|
|
434
|
+
User.skip_callback(:create, :before, :skip_confirmation!)
|
|
435
|
+
end
|
|
436
|
+
|
|
437
|
+
test "user was created" do
|
|
438
|
+
assert @resource
|
|
439
|
+
end
|
|
440
|
+
|
|
441
|
+
test "user was confirmed" do
|
|
442
|
+
assert @resource.confirmed?
|
|
443
|
+
end
|
|
444
|
+
|
|
445
|
+
test "auth headers were returned in response" do
|
|
446
|
+
assert response.headers["access-token"]
|
|
447
|
+
assert response.headers["token-type"]
|
|
448
|
+
assert response.headers["client"]
|
|
449
|
+
assert response.headers["expiry"]
|
|
450
|
+
assert response.headers["uid"]
|
|
451
|
+
end
|
|
452
|
+
|
|
453
|
+
test "response token is valid" do
|
|
454
|
+
assert @resource.valid_token?(@token, @client_id)
|
|
455
|
+
end
|
|
456
|
+
end
|
|
457
|
+
end
|
|
458
|
+
end
|