currentuser-services 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b080ee8d8fd1da8e9c5e48619af3777f9f70445a
-  data.tar.gz: f1c3851cf3aed33c94901f9ae6804055264199e0
+  metadata.gz: 27d69251789724bbec4043769a4ccb50dd11829e
+  data.tar.gz: 6367213142ff7f9d6aa4ad3e5cb5e852bfc857d8
 SHA512:
-  metadata.gz: 9b0a18db88b70c5a297bee84a9605fe1df160a8bfe47c892b8fac81e9bc4d9602408adc2f652ea2f0c885f934308bf17f87e63b03647de4f109f904a55ad48a3
-  data.tar.gz: 7b3cc50c475469277e63725f94f98f27355ba49581d6478c3fce957f7f38917a6560d2f46a7a3f968daaa5dc78b5a7cf934e3291763aeba805ded223f0a94648
+  metadata.gz: 831b8cd72a0f0fd91c5003a746a0a5fc56846dc6e6dd3ac2a41a8c7430e07b1d4abc7dac6cf176f28c37df410d55c1b97b424fd1ddd9ba16bce66bb84e0970d1
+  data.tar.gz: 58c9a09c718cbea0f0400be11486569064d9b7761f4a697586064665792fac1bd0444e2b4500148ae1d16c0ba8091e8f4a494fd26bdc9f57a6c644773d8001d6

data/CHANGELOG.md

@@ -0,0 +1,17 @@
+# Changelog
+
+## 0.2.0
+
+**Feature**
+
+* Set `:sign_up` context in session (undocumented because unreliable yet)
+
+**Refactoring**
+
+* Change the way currentuser data is stored in session
+
+## 0.1.0
+
+**Improvement**
+
+* **[Breaking change]** Use HTTP DELETE rather than HTTP GET for sign out

data/README.md

@@ -32,7 +32,7 @@ end
 
 ## Usage
 
-* Use `currentuser_sign_up_url`, `currentuser_sign_in_url` and `currentuser_sign_out_url`in your navigation to allow
+* Use `currentuser_sign_up_url` (GET), `currentuser_sign_in_url` (GET) and `currentuser_sign_out_url` (DELETE) in your navigation to allow
  visitor to sign up, in and out
 * Use `:require_currentuser` as `before_action` to protect your restricted actions
 * In any action or view, you can use `currentuser_id` to retrieve the id of the connected user (if any)
@@ -84,13 +84,13 @@ end
 ```haml
 -# views/shared/_menu.html.haml
 %ul
+  %li
+    = link_to 'Home', :root
   - if currentuser_id
-    %li
-      = link_to 'Home', :root
     %li
       = link_to 'Restricted', :restricted
     %li
-      = link_to 'Sign out', currentuser_sign_out_url
+      = button_to 'Sign out', currentuser_sign_out_url, method: :delete
   - else
     %li
       = link_to 'Sign up', currentuser_sign_up_url

data/Rakefile

@@ -15,7 +15,7 @@ require 'jeweler'
 Jeweler::Tasks.new do |gem|
   # gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
   gem.name = 'currentuser-services'
-  gem.homepage = 'http://github.com/currentuser/currentuser-services-gem'
+  gem.homepage = 'http://www.currentuser.io'
   gem.license = 'MIT'
   gem.summary = %Q{Offsite sign up and sign in forms for Currentuser.io}
   gem.description = %Q{Offsite sign up and sign in forms for Currentuser.io}

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.2.0

data/app/controllers/currentuser/services/sessions_controller.rb

@@ -6,13 +6,15 @@ module Currentuser
         Services.check_authentication_params!(params)
 
         # Log in
-        session[:currentuser_id] = params[:currentuser_id]
+        session[:currentuser] = {id: params[:currentuser_id]}
+        # Note that params[:sign_up] should equal 'true' (String) or should be absent.
+        session[:currentuser][:sign_up] = true  if params[:sign_up]
 
         redirect_to '/'
       end
 
       def sign_out
-        session.delete(:currentuser_id)
+        session.delete(:currentuser)
 
         redirect_to '/'
       end

data/currentuser-services.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: currentuser-services 0.1.0 ruby lib
+# stub: currentuser-services 0.2.0 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "currentuser-services"
-  s.version = "0.1.0"
+  s.version = "0.2.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["eric-currentuser"]
-  s.date = "2014-12-16"
+  s.date = "2014-12-27"
   s.description = "Offsite sign up and sign in forms for Currentuser.io"
   s.email = "TBD"
   s.extra_rdoc_files = [
@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
   ]
   s.files = [
     ".document",
+    "CHANGELOG.md",
     "Gemfile",
     "LICENSE.txt",
     "README.md",
@@ -34,11 +35,12 @@ Gem::Specification.new do |s|
     "lib/currentuser/services/engine.rb",
     "test/currentuser/services/authenticates_test.rb",
     "test/currentuser/services/integration_test.rb",
+    "test/currentuser/services/sessions_controller_test.rb",
     "test/currentuser/services_test.rb",
     "test/helper.rb",
     "test/test_application/application.rb"
   ]
-  s.homepage = "http://github.com/currentuser/currentuser-services-gem"
+  s.homepage = "http://www.currentuser.io"
   s.licenses = ["MIT"]
   s.rubygems_version = "2.2.2"
   s.summary = "Offsite sign up and sign in forms for Currentuser.io"

data/lib/currentuser/services/controllers/authenticates.rb

@@ -6,8 +6,12 @@ module Currentuser
         redirect_to currentuser_sign_in_url
       end
 
+      def currentuser_session
+        return session[:currentuser]
+      end
+
       def currentuser_id
-        return @currentuser_id ||= session[:currentuser_id]
+        return @currentuser_id ||= currentuser_session && currentuser_session[:id]
       end
 
       def currentuser_sign_in_url

data/test/currentuser/services/authenticates_test.rb

@@ -30,28 +30,41 @@ module Currentuser
       # require_currentuser
 
       test 'execute action if currentuser_id is available' do
-        session[:currentuser_id] = 'user_id_1'
+        session[:currentuser] = {id: 'user_id_1'}
 
         get_with_route :test_action_requiring_user
         assert_response :ok
       end
 
       test 'redirects to sign_in URL if currentuser_id is not available' do
-        assert_nil session[:currentuser_id]
+        assert_nil session[:currentuser]
 
         get_with_route :test_action_requiring_user
         assert_response :redirect
         assert_redirected_to Services.currentuser_url(:sign_in)
       end
 
+      # currentuser_session
+
+      test 'currentuser_session returns currentuser session' do
+        session[:currentuser] = {foo: 'blah'}
+
+        assert_equal({foo: 'blah'}, @controller.currentuser_session)
+      end
+
       # currentuser_id
 
       test 'currentuser_id returns currentuser ID' do
-        session[:currentuser_id] = 'user_id_1'
+        session[:currentuser] = {id: 'user_id_1'}
 
         assert_equal 'user_id_1', @controller.currentuser_id
       end
 
+      test 'currentuser_id returns nil if no current user session' do
+        refute session.key?(:currentuser)
+        assert_nil @controller.currentuser_id
+      end
+
       # sign_in_url
 
       test 'sign_in_url returns the expected url' do

data/test/currentuser/services/integration_test.rb

@@ -10,16 +10,9 @@ require 'test_application/application'
 require 'minitest/rails/capybara'
 require 'capybara/mechanize'
 
-require 'currentuser/data'
-require 'currentuser/data/test/helpers'
-
 #Rails.logger = Logger.new(STDOUT)
 Rails.logger = Logger.new('/dev/null')
 
-Currentuser::Data::BaseResource.site = ENV['CURRENTUSER_DATA_URL']
-Currentuser::Data::Test::UseReadApi.currentuser_project_id_for_tests =
-    Currentuser::Services.configuration.project_id
-
 module Currentuser
   module Services
     Capybara.current_driver = :mechanize

data/test/currentuser/services/sessions_controller_test.rb

@@ -0,0 +1,90 @@
+require 'helper'
+
+module Currentuser
+  module Services
+
+    class SessionsControllerTest < ActionController::TestCase
+      tests SessionsController
+
+      def process_with_route(verb, action, params, session={})
+        with_routing do |map|
+          map.draw do
+            currentuser
+          end
+          send verb, action, params.merge(use_route: 'currentuser/services'), session
+        end
+      end
+
+      def get_with_route(action, params={})
+        process_with_route :get, action, params
+      end
+
+      def delete_with_route(action, params, session)
+        process_with_route :delete, action, params, session
+      end
+
+      # sign_in
+
+      test 'sign_in logs user in and redirects to root' do
+
+        # Take a recent timestamp
+        timestamp = (Time.now - 60).to_i.to_s
+        user_id = 'user_id_1'
+
+        # By pass signature checking
+        Services.stub :signature_authentic?, true do
+          get_with_route :sign_in, currentuser_id: user_id, timestamp: timestamp, signature: 'any_signature'
+        end
+
+        assert_redirected_to '/'
+        assert_equal({id: user_id}, session[:currentuser])
+        refute session[:currentuser].has_key?(:sign_up)
+      end
+
+      test 'sign_in sets sign_up if sign_up is true' do
+
+        # Take a recent timestamp
+        timestamp = (Time.now - 60).to_i.to_s
+
+        # By pass signature checking
+        Services.stub :signature_authentic?, true do
+          get_with_route :sign_in, currentuser_id: 'user_id_1', timestamp: timestamp, signature: 'any_signature',
+                         sign_up: 'true'
+        end
+
+        assert_redirected_to '/'
+        assert_equal true, session[:currentuser][:sign_up]
+      end
+
+      # This test proves that we use Services#check_authentication_params!
+      test 'sign_in raises SignatureNotAuthentic if signature is wrong' do
+         # Take a recent timestamp
+        timestamp = (Time.now - 60).to_i.to_s
+
+        assert_raises SignatureNotAuthentic do
+          get_with_route :sign_in, currentuser_id: 'user_id_1', timestamp: timestamp, signature: 'any_signature'
+        end
+      end
+
+      # sign_out
+
+      test 'sign_out deletes session and redirects to root' do
+        session_hash = {currentuser: {foo: :blah}, other_key: :other_value}
+
+        delete_with_route :sign_out, {}, session_hash
+        assert_redirected_to '/'
+
+        assert_nil session[:currentuser]
+        assert_equal :other_value, session[:other_key]
+      end
+
+      # available
+
+      test 'GET available return 300' do
+        get_with_route 'available'
+        assert_response :ok
+      end
+
+    end
+  end
+end

data/test/helper.rb

@@ -11,16 +11,21 @@ require 'action_controller'
 require 'dotenv'
 Dotenv.load
 
+# Load and configure this gem (currentuser-services)
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
 $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'app'))
 $LOAD_PATH.unshift(File.dirname(__FILE__))
 require 'currentuser/services'
-
 Currentuser::Services.configure do |config|
   config.project_id = ENV['CURRENTUSER_PROJECT_ID_FOR_TESTS']
-end
-
-Currentuser::Services.configure do |config|
   config.currentuser_services_host = ENV['CURRENTUSER_SERVICES_HOST']
   config.currentuser_services_public_key = ENV['CURRENTUSER_SERVICES_PUBLIC_KEY']
 end
+
+# Load and configure 'currentuser-data' for tests.
+# Note this is required only in 'integration_test.rb'.
+require 'currentuser/data'
+require 'currentuser/data/test/helpers'
+Currentuser::Data::BaseResource.site = ENV['CURRENTUSER_DATA_URL']
+Currentuser::Data::Test::UseReadApi.currentuser_project_id_for_tests =
+    Currentuser::Services.configuration.project_id

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: currentuser-services
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - eric-currentuser
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-12-16 00:00:00.000000000 Z
+date: 2014-12-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gem_config
@@ -173,6 +173,7 @@ extra_rdoc_files:
 - README.md
 files:
 - .document
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -187,10 +188,11 @@ files:
 - lib/currentuser/services/engine.rb
 - test/currentuser/services/authenticates_test.rb
 - test/currentuser/services/integration_test.rb
+- test/currentuser/services/sessions_controller_test.rb
 - test/currentuser/services_test.rb
 - test/helper.rb
 - test/test_application/application.rb
-homepage: http://github.com/currentuser/currentuser-services-gem
+homepage: http://www.currentuser.io
 licenses:
 - MIT
 metadata: {}