cm-devise_token_auth 0.1.30.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE +13 -0
- data/README.md +688 -0
- data/Rakefile +34 -0
- data/app/controllers/devise_token_auth/application_controller.rb +17 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +109 -0
- data/app/controllers/devise_token_auth/confirmations_controller.rb +31 -0
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +171 -0
- data/app/controllers/devise_token_auth/passwords_controller.rb +155 -0
- data/app/controllers/devise_token_auth/registrations_controller.rb +123 -0
- data/app/controllers/devise_token_auth/sessions_controller.rb +98 -0
- data/app/controllers/devise_token_auth/token_validations_controller.rb +23 -0
- data/app/models/devise_token_auth/concerns/user.rb +231 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise_token_auth/omniauth_failure.html.erb +2 -0
- data/app/views/devise_token_auth/omniauth_success.html.erb +8 -0
- data/app/views/layouts/omniauth_response.html.erb +31 -0
- data/config/initializers/devise.rb +203 -0
- data/config/locales/devise.en.yml +59 -0
- data/config/routes.rb +5 -0
- data/lib/devise_token_auth.rb +7 -0
- data/lib/devise_token_auth/controllers/helpers.rb +129 -0
- data/lib/devise_token_auth/controllers/url_helpers.rb +8 -0
- data/lib/devise_token_auth/engine.rb +25 -0
- data/lib/devise_token_auth/rails/routes.rb +65 -0
- data/lib/devise_token_auth/version.rb +3 -0
- data/lib/generators/devise_token_auth/USAGE +31 -0
- data/lib/generators/devise_token_auth/install_generator.rb +115 -0
- data/lib/generators/devise_token_auth/install_views_generator.rb +16 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +22 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +54 -0
- data/lib/generators/devise_token_auth/templates/user.rb +3 -0
- data/lib/tasks/devise_token_auth_tasks.rake +4 -0
- data/test/controllers/demo_group_controller_test.rb +126 -0
- data/test/controllers/demo_mang_controller_test.rb +263 -0
- data/test/controllers/demo_user_controller_test.rb +262 -0
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +107 -0
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +167 -0
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +287 -0
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +458 -0
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +221 -0
- data/test/controllers/overrides/confirmations_controller_test.rb +44 -0
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +44 -0
- data/test/controllers/overrides/passwords_controller_test.rb +62 -0
- data/test/controllers/overrides/registrations_controller_test.rb +40 -0
- data/test/controllers/overrides/sessions_controller_test.rb +33 -0
- data/test/controllers/overrides/token_validations_controller_test.rb +38 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/images/logo.jpg +0 -0
- data/test/dummy/app/assets/images/omniauth-provider-settings.png +0 -0
- data/test/dummy/app/assets/javascripts/application.js +13 -0
- data/test/dummy/app/assets/stylesheets/application.css +15 -0
- data/test/dummy/app/controllers/application_controller.rb +16 -0
- data/test/dummy/app/controllers/demo_group_controller.rb +13 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +12 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +12 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +32 -0
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +14 -0
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +39 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +27 -0
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +43 -0
- data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
- data/test/dummy/app/helpers/application_helper.rb +1065 -0
- data/test/dummy/app/models/evil_user.rb +3 -0
- data/test/dummy/app/models/mang.rb +3 -0
- data/test/dummy/app/models/user.rb +18 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +8 -0
- data/test/dummy/bin/rake +8 -0
- data/test/dummy/bin/spring +18 -0
- data/test/dummy/config.ru +16 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/application.yml.bk +0 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +31 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +44 -0
- data/test/dummy/config/environments/production.rb +82 -0
- data/test/dummy/config/environments/test.rb +40 -0
- data/test/dummy/config/initializers/assets.rb +8 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/devise_token_auth.rb +22 -0
- data/test/dummy/config/initializers/figaro.rb +1 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/omniauth.rb +8 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +30 -0
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/config/spring.rb +1 -0
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +56 -0
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +56 -0
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +6 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +5 -0
- data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +57 -0
- data/test/dummy/db/schema.rb +114 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/fixtures/evil_users.yml +29 -0
- data/test/fixtures/mangs.yml +29 -0
- data/test/fixtures/users.yml +29 -0
- data/test/integration/navigation_test.rb +10 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +178 -0
- data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +23 -0
- data/test/models/user_test.rb +90 -0
- data/test/test_helper.rb +60 -0
- metadata +310 -0
@@ -0,0 +1,25 @@
|
|
1
|
+
require 'devise_token_auth/rails/routes'
|
2
|
+
|
3
|
+
module DeviseTokenAuth
|
4
|
+
class Engine < ::Rails::Engine
|
5
|
+
isolate_namespace DeviseTokenAuth
|
6
|
+
|
7
|
+
initializer "devise_token_auth.url_helpers" do
|
8
|
+
Devise.helpers << DeviseTokenAuth::Controllers::Helpers
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
mattr_accessor :change_headers_on_each_request,
|
13
|
+
:token_lifespan,
|
14
|
+
:batch_request_buffer_throttle,
|
15
|
+
:omniauth_prefix
|
16
|
+
|
17
|
+
self.change_headers_on_each_request = true
|
18
|
+
self.token_lifespan = 2.weeks
|
19
|
+
self.batch_request_buffer_throttle = 5.seconds
|
20
|
+
self.omniauth_prefix = '/omniauth'
|
21
|
+
|
22
|
+
def self.setup(&block)
|
23
|
+
yield self
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
module ActionDispatch::Routing
|
2
|
+
class Mapper
|
3
|
+
def mount_devise_token_auth_for(resource, opts)
|
4
|
+
# ensure objects exist to simplify attr checks
|
5
|
+
opts[:controllers] ||= {}
|
6
|
+
opts[:skip] ||= []
|
7
|
+
|
8
|
+
# check for ctrl overrides, fall back to defaults
|
9
|
+
sessions_ctrl = opts[:controllers][:sessions] || "devise_token_auth/sessions"
|
10
|
+
registrations_ctrl = opts[:controllers][:registrations] || "devise_token_auth/registrations"
|
11
|
+
passwords_ctrl = opts[:controllers][:passwords] || "devise_token_auth/passwords"
|
12
|
+
confirmations_ctrl = opts[:controllers][:confirmations] || "devise_token_auth/confirmations"
|
13
|
+
token_validations_ctrl = opts[:controllers][:token_validations] || "devise_token_auth/token_validations"
|
14
|
+
omniauth_ctrl = opts[:controllers][:omniauth_callbacks] || "devise_token_auth/omniauth_callbacks"
|
15
|
+
|
16
|
+
# define devise controller mappings
|
17
|
+
controllers = {:sessions => sessions_ctrl,
|
18
|
+
:registrations => registrations_ctrl,
|
19
|
+
:passwords => passwords_ctrl,
|
20
|
+
:confirmations => confirmations_ctrl,
|
21
|
+
:omniauth_callbacks => omniauth_ctrl}
|
22
|
+
|
23
|
+
# remove any unwanted devise modules
|
24
|
+
opts[:skip].each{|item| controllers.delete(item)}
|
25
|
+
|
26
|
+
scope opts[:at] do
|
27
|
+
devise_for resource.pluralize.underscore.to_sym,
|
28
|
+
:class_name => resource,
|
29
|
+
:module => :devise,
|
30
|
+
:path => "",
|
31
|
+
:controllers => controllers
|
32
|
+
|
33
|
+
devise_scope resource.underscore.to_sym do
|
34
|
+
# path to verify token validity
|
35
|
+
get "validate_token", to: "#{token_validations_ctrl}#validate_token"
|
36
|
+
|
37
|
+
# omniauth routes. only define if omniauth is installed and not skipped.
|
38
|
+
if defined?(::OmniAuth) and not opts[:skip].include?(:omniauth_callbacks)
|
39
|
+
get "failure", to: "#{omniauth_ctrl}#omniauth_failure"
|
40
|
+
get ":provider/callback", to: "#{omniauth_ctrl}#omniauth_success"
|
41
|
+
|
42
|
+
# preserve the resource class thru oauth authentication by setting name of
|
43
|
+
# resource as "resource_class" param
|
44
|
+
match ":provider", to: redirect{|params, request|
|
45
|
+
# get the current querystring
|
46
|
+
qs = CGI::parse(request.env["QUERY_STRING"])
|
47
|
+
|
48
|
+
# append name of current resource
|
49
|
+
qs["resource_class"] = [resource]
|
50
|
+
|
51
|
+
# re-construct the path for omniauth
|
52
|
+
"#{::OmniAuth::config.path_prefix}/#{params[:provider]}?#{{}.tap {|hash| qs.each{|k, v| hash[k] = v.first}}.to_param}"
|
53
|
+
}, via: [:get]
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
# ignore error about omniauth/multiple model support
|
60
|
+
def set_omniauth_path_prefix!(path_prefix)
|
61
|
+
::OmniAuth.config.path_prefix = path_prefix
|
62
|
+
end
|
63
|
+
|
64
|
+
end
|
65
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
Description:
|
2
|
+
This generator will install all the necessary configuration and migration
|
3
|
+
files for the devies_token_auth gem. See
|
4
|
+
https://github.com/lynndylanhurley/devise_token_auth for more information.
|
5
|
+
|
6
|
+
Arguments:
|
7
|
+
USER_CLASS # The name of the class to use for user authentication. Default is
|
8
|
+
# 'User'
|
9
|
+
MOUNT_PATH # The path at which to mount the authentication routes. Default is
|
10
|
+
# 'auth'. More detail documentation is here:
|
11
|
+
# https://github.com/lynndylanhurley/devise_token_auth#usage
|
12
|
+
|
13
|
+
Example:
|
14
|
+
rails generate devise_token_auth:install User auth
|
15
|
+
|
16
|
+
This will create:
|
17
|
+
config/initializers/devise_token_auth.rb
|
18
|
+
db/migrate/<%= Time.now.utc.strftime("%Y%m%d%H%M%S") %>_create_devise_token_auth_create_users.rb
|
19
|
+
app/models/user.rb
|
20
|
+
|
21
|
+
If 'app/models/user.rb' already exists, the following line will be inserted
|
22
|
+
after the class definition:
|
23
|
+
include DeviseTokenAuth::Concerns::User
|
24
|
+
|
25
|
+
The following line will be inserted into your application controller at
|
26
|
+
app/controllers/application_controller.rb:
|
27
|
+
include DeviseTokenAuth::Concerns::SetUserByToken
|
28
|
+
|
29
|
+
The following line will be inserted at the top of 'config/routes.rb' if it
|
30
|
+
does not already exist:
|
31
|
+
mount_devise_token_auth_for "User", at: '/auth'
|
@@ -0,0 +1,115 @@
|
|
1
|
+
module DeviseTokenAuth
|
2
|
+
class InstallGenerator < Rails::Generators::Base
|
3
|
+
include Rails::Generators::Migration
|
4
|
+
|
5
|
+
source_root File.expand_path('../templates', __FILE__)
|
6
|
+
|
7
|
+
argument :user_class, type: :string, default: "User"
|
8
|
+
argument :mount_path, type: :string, default: '/auth'
|
9
|
+
|
10
|
+
def create_initializer_file
|
11
|
+
copy_file("devise_token_auth.rb", "config/initializers/devise_token_auth.rb")
|
12
|
+
end
|
13
|
+
|
14
|
+
def copy_migrations
|
15
|
+
if self.class.migration_exists?("db/migrate", "devise_token_auth_create_#{ user_class.underscore }")
|
16
|
+
say_status("skipped", "Migration 'devise_token_auth_create_#{ user_class.underscore }' already exists")
|
17
|
+
else
|
18
|
+
migration_template(
|
19
|
+
"devise_token_auth_create_users.rb.erb",
|
20
|
+
"db/migrate/devise_token_auth_create_#{ user_class.pluralize.underscore }.rb"
|
21
|
+
)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def create_user_model
|
26
|
+
fname = "app/models/#{ user_class.underscore }.rb"
|
27
|
+
unless File.exist?(File.join(destination_root, fname))
|
28
|
+
template("user.rb", fname)
|
29
|
+
else
|
30
|
+
inclusion = "include DeviseTokenAuth::Concerns::User"
|
31
|
+
unless parse_file_for_line(fname, inclusion)
|
32
|
+
inject_into_file fname, after: "class #{user_class} < ActiveRecord::Base\n" do <<-'RUBY'
|
33
|
+
include DeviseTokenAuth::Concerns::User
|
34
|
+
RUBY
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def include_controller_concerns
|
41
|
+
fname = "app/controllers/application_controller.rb"
|
42
|
+
line = "include DeviseTokenAuth::Concerns::SetUserByToken"
|
43
|
+
|
44
|
+
if File.exist?(File.join(destination_root, fname))
|
45
|
+
if parse_file_for_line(fname, line)
|
46
|
+
say_status("skipped", "Concern is already included in the application controller.")
|
47
|
+
else
|
48
|
+
inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
|
49
|
+
include DeviseTokenAuth::Concerns::SetUserByToken
|
50
|
+
RUBY
|
51
|
+
end
|
52
|
+
end
|
53
|
+
else
|
54
|
+
say_status("skipped", "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def add_route_mount
|
59
|
+
f = "config/routes.rb"
|
60
|
+
str = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
|
61
|
+
|
62
|
+
if File.exist?(File.join(destination_root, f))
|
63
|
+
line = parse_file_for_line(f, "mount_devise_token_auth_for")
|
64
|
+
|
65
|
+
unless line
|
66
|
+
line = "Rails.application.routes.draw do"
|
67
|
+
existing_user_class = false
|
68
|
+
else
|
69
|
+
existing_user_class = true
|
70
|
+
end
|
71
|
+
|
72
|
+
if parse_file_for_line(f, str)
|
73
|
+
say_status("skipped", "Routes already exist for #{user_class} at #{mount_path}")
|
74
|
+
else
|
75
|
+
insert_after_line(f, line, str)
|
76
|
+
|
77
|
+
if existing_user_class
|
78
|
+
scoped_routes = ""+
|
79
|
+
"as :#{user_class.underscore} do\n"+
|
80
|
+
" # Define routes for #{user_class} within this block.\n"+
|
81
|
+
" end\n"
|
82
|
+
insert_after_line(f, str, scoped_routes)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
else
|
86
|
+
say_status("skipped", "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
private
|
91
|
+
|
92
|
+
def self.next_migration_number(path)
|
93
|
+
Time.now.utc.strftime("%Y%m%d%H%M%S")
|
94
|
+
end
|
95
|
+
|
96
|
+
def insert_after_line(filename, line, str)
|
97
|
+
gsub_file filename, /(#{Regexp.escape(line)})/mi do |match|
|
98
|
+
"#{match}\n #{str}"
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
102
|
+
def parse_file_for_line(filename, str)
|
103
|
+
match = false
|
104
|
+
|
105
|
+
File.open(File.join(destination_root, filename)) do |f|
|
106
|
+
f.each_line do |line|
|
107
|
+
if line =~ /(#{Regexp.escape(str)})/mi
|
108
|
+
match = line
|
109
|
+
end
|
110
|
+
end
|
111
|
+
end
|
112
|
+
match
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
module DeviseTokenAuth
|
2
|
+
class InstallViewsGenerator < Rails::Generators::Base
|
3
|
+
source_root File.expand_path('../../../../app/views/devise/mailer', __FILE__)
|
4
|
+
|
5
|
+
def copy_mailer_templates
|
6
|
+
copy_file(
|
7
|
+
"confirmation_instructions.html.erb",
|
8
|
+
"app/views/devise/mailer/confirmation_instructions.html.erb"
|
9
|
+
)
|
10
|
+
copy_file(
|
11
|
+
"reset_password_instructions.html.erb",
|
12
|
+
"app/views/devise/mailer/reset_password_instructions.html.erb"
|
13
|
+
)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
DeviseTokenAuth.setup do |config|
|
2
|
+
# By default the authorization headers will change after each request. The
|
3
|
+
# client is responsible for keeping track of the changing tokens. Change
|
4
|
+
# this to false to prevent the Authorization header from changing after
|
5
|
+
# each request.
|
6
|
+
#config.change_headers_on_each_request = true
|
7
|
+
|
8
|
+
# By default, users will need to re-authenticate after 2 weeks. This setting
|
9
|
+
# determines how long tokens will remain valid after they are issued.
|
10
|
+
#config.token_lifespan = 2.weeks
|
11
|
+
|
12
|
+
# Sometimes it's necessary to make several requests to the API at the same
|
13
|
+
# time. In this case, each request in the batch will need to share the same
|
14
|
+
# auth token. This setting determines how far apart the requests can be while
|
15
|
+
# still using the same auth token.
|
16
|
+
#config.batch_request_buffer_throttle = 5.seconds
|
17
|
+
|
18
|
+
# This route will be the prefix for all oauth2 redirect callbacks. For
|
19
|
+
# example, using the default '/omniauth', the github oauth2 provider will
|
20
|
+
# redirect successful authentications to '/omniauth/github/callback'
|
21
|
+
#config.omniauth_prefix = "/omniauth"
|
22
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
class DeviseTokenAuthCreate<%= user_class.pluralize %> < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table(:<%= user_class.pluralize.underscore %>) do |t|
|
4
|
+
## Required
|
5
|
+
t.string :provider, :null => false
|
6
|
+
t.string :uid, :null => false, :default => ""
|
7
|
+
|
8
|
+
## Database authenticatable
|
9
|
+
t.string :encrypted_password, :null => false, :default => ""
|
10
|
+
|
11
|
+
## Recoverable
|
12
|
+
t.string :reset_password_token
|
13
|
+
t.datetime :reset_password_sent_at
|
14
|
+
|
15
|
+
## Rememberable
|
16
|
+
t.datetime :remember_created_at
|
17
|
+
|
18
|
+
## Trackable
|
19
|
+
t.integer :sign_in_count, :default => 0, :null => false
|
20
|
+
t.datetime :current_sign_in_at
|
21
|
+
t.datetime :last_sign_in_at
|
22
|
+
t.string :current_sign_in_ip
|
23
|
+
t.string :last_sign_in_ip
|
24
|
+
|
25
|
+
## Confirmable
|
26
|
+
t.string :confirmation_token
|
27
|
+
t.datetime :confirmed_at
|
28
|
+
t.datetime :confirmation_sent_at
|
29
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
30
|
+
|
31
|
+
## Lockable
|
32
|
+
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
|
33
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
34
|
+
# t.datetime :locked_at
|
35
|
+
|
36
|
+
## User Info
|
37
|
+
t.string :name
|
38
|
+
t.string :nickname
|
39
|
+
t.string :image
|
40
|
+
t.string :email
|
41
|
+
|
42
|
+
## Tokens
|
43
|
+
t.text :tokens
|
44
|
+
|
45
|
+
t.timestamps
|
46
|
+
end
|
47
|
+
|
48
|
+
add_index :<%= user_class.pluralize.underscore %>, :email
|
49
|
+
add_index :<%= user_class.pluralize.underscore %>, [:uid, :provider], :unique => true
|
50
|
+
add_index :<%= user_class.pluralize.underscore %>, :reset_password_token, :unique => true
|
51
|
+
# add_index :<%= user_class.pluralize.underscore %>, :confirmation_token, :unique => true
|
52
|
+
# add_index :<%= user_class.pluralize.underscore %>, :unlock_token, :unique => true
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,126 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
# was the web request successful?
|
4
|
+
# was the user redirected to the right page?
|
5
|
+
# was the user successfully authenticated?
|
6
|
+
# was the correct object stored in the response?
|
7
|
+
# was the appropriate message delivered in the json payload?
|
8
|
+
|
9
|
+
class DemoGroupControllerTest < ActionDispatch::IntegrationTest
|
10
|
+
describe DemoGroupController do
|
11
|
+
describe "Token access" do
|
12
|
+
before do
|
13
|
+
# user
|
14
|
+
@resource = users(:confirmed_email_user)
|
15
|
+
@resource.skip_confirmation!
|
16
|
+
@resource.save!
|
17
|
+
|
18
|
+
@resource_auth_headers = @resource.create_new_auth_token
|
19
|
+
|
20
|
+
@resource_token = @resource_auth_headers['access-token']
|
21
|
+
@resource_client_id = @resource_auth_headers['client']
|
22
|
+
@resource_expiry = @resource_auth_headers['expiry']
|
23
|
+
|
24
|
+
# mang
|
25
|
+
@mang = mangs(:confirmed_email_user)
|
26
|
+
@mang.skip_confirmation!
|
27
|
+
@mang.save!
|
28
|
+
|
29
|
+
@mang_auth_headers = @mang.create_new_auth_token
|
30
|
+
|
31
|
+
@mang_token = @mang_auth_headers['access-token']
|
32
|
+
@mang_client_id = @mang_auth_headers['client']
|
33
|
+
@mang_expiry = @mang_auth_headers['expiry']
|
34
|
+
end
|
35
|
+
|
36
|
+
describe 'user access' do
|
37
|
+
before do
|
38
|
+
# ensure that request is not treated as batch request
|
39
|
+
age_token(@resource, @resource_client_id)
|
40
|
+
|
41
|
+
get '/demo/members_only_group', {}, @resource_auth_headers
|
42
|
+
|
43
|
+
@resp_token = response.headers['access-token']
|
44
|
+
@resp_client_id = response.headers['client']
|
45
|
+
@resp_expiry = response.headers['expiry']
|
46
|
+
@resp_uid = response.headers['uid']
|
47
|
+
end
|
48
|
+
|
49
|
+
test 'request is successful' do
|
50
|
+
assert_equal 200, response.status
|
51
|
+
end
|
52
|
+
|
53
|
+
describe 'devise mappings' do
|
54
|
+
it 'should define current_user' do
|
55
|
+
assert_equal @resource, @controller.current_user
|
56
|
+
end
|
57
|
+
|
58
|
+
it 'should define user_signed_in?' do
|
59
|
+
assert @controller.user_signed_in?
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'should not define current_mang' do
|
63
|
+
refute_equal @resource, @controller.current_mang
|
64
|
+
end
|
65
|
+
|
66
|
+
it 'should define current_member' do
|
67
|
+
assert_equal @resource, @controller.current_member
|
68
|
+
end
|
69
|
+
|
70
|
+
it 'should define current_members' do
|
71
|
+
assert @controller.current_members.include? @resource
|
72
|
+
end
|
73
|
+
|
74
|
+
it 'should define member_signed_in?' do
|
75
|
+
assert @controller.current_members.include? @resource
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
describe 'mang access' do
|
81
|
+
before do
|
82
|
+
# ensure that request is not treated as batch request
|
83
|
+
age_token(@mang, @mang_client_id)
|
84
|
+
|
85
|
+
get '/demo/members_only_group', {}, @mang_auth_headers
|
86
|
+
|
87
|
+
@resp_token = response.headers['access-token']
|
88
|
+
@resp_client_id = response.headers['client']
|
89
|
+
@resp_expiry = response.headers['expiry']
|
90
|
+
@resp_uid = response.headers['uid']
|
91
|
+
end
|
92
|
+
|
93
|
+
test 'request is successful' do
|
94
|
+
assert_equal 200, response.status
|
95
|
+
end
|
96
|
+
|
97
|
+
describe 'devise mappings' do
|
98
|
+
it 'should define current_mang' do
|
99
|
+
assert_equal @mang, @controller.current_mang
|
100
|
+
end
|
101
|
+
|
102
|
+
it 'should define mang_signed_in?' do
|
103
|
+
assert @controller.mang_signed_in?
|
104
|
+
end
|
105
|
+
|
106
|
+
it 'should not define current_mang' do
|
107
|
+
refute_equal @mang, @controller.current_user
|
108
|
+
end
|
109
|
+
|
110
|
+
it 'should define current_member' do
|
111
|
+
assert_equal @mang, @controller.current_member
|
112
|
+
end
|
113
|
+
|
114
|
+
it 'should define current_members' do
|
115
|
+
assert @controller.current_members.include? @mang
|
116
|
+
end
|
117
|
+
|
118
|
+
it 'should define member_signed_in?' do
|
119
|
+
assert @controller.current_members.include? @mang
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|