dcu-devise 1.0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +378 -0
- data/MIT-LICENSE +20 -0
- data/README.rdoc +260 -0
- data/Rakefile +53 -0
- data/TODO +2 -0
- data/app/controllers/confirmations_controller.rb +33 -0
- data/app/controllers/passwords_controller.rb +41 -0
- data/app/controllers/registrations_controller.rb +53 -0
- data/app/controllers/sessions_controller.rb +44 -0
- data/app/controllers/unlocks_controller.rb +41 -0
- data/app/models/devise_mailer.rb +68 -0
- data/app/views/confirmations/new.html.erb +12 -0
- data/app/views/devise_mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise_mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise_mailer/unlock_instructions.html.erb +7 -0
- data/app/views/passwords/edit.html.erb +16 -0
- data/app/views/passwords/new.html.erb +12 -0
- data/app/views/registrations/edit.html.erb +25 -0
- data/app/views/registrations/new.html.erb +17 -0
- data/app/views/sessions/new.html.erb +17 -0
- data/app/views/shared/_devise_links.erb +19 -0
- data/app/views/unlocks/new.html.erb +12 -0
- data/generators/devise/USAGE +5 -0
- data/generators/devise/devise_generator.rb +15 -0
- data/generators/devise/lib/route_devise.rb +32 -0
- data/generators/devise/templates/migration.rb +23 -0
- data/generators/devise/templates/model.rb +9 -0
- data/generators/devise_install/USAGE +3 -0
- data/generators/devise_install/devise_install_generator.rb +15 -0
- data/generators/devise_install/templates/README +23 -0
- data/generators/devise_install/templates/devise.rb +105 -0
- data/generators/devise_views/USAGE +3 -0
- data/generators/devise_views/devise_views_generator.rb +21 -0
- data/lib/devise.rb +264 -0
- data/lib/devise/controllers/helpers.rb +200 -0
- data/lib/devise/controllers/internal_helpers.rb +129 -0
- data/lib/devise/controllers/url_helpers.rb +41 -0
- data/lib/devise/encryptors/authlogic_sha512.rb +21 -0
- data/lib/devise/encryptors/base.rb +20 -0
- data/lib/devise/encryptors/bcrypt.rb +21 -0
- data/lib/devise/encryptors/clearance_sha1.rb +19 -0
- data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
- data/lib/devise/encryptors/sha1.rb +27 -0
- data/lib/devise/encryptors/sha512.rb +27 -0
- data/lib/devise/failure_app.rb +65 -0
- data/lib/devise/hooks/activatable.rb +15 -0
- data/lib/devise/hooks/rememberable.rb +32 -0
- data/lib/devise/hooks/timeoutable.rb +18 -0
- data/lib/devise/hooks/trackable.rb +18 -0
- data/lib/devise/locales/en.yml +35 -0
- data/lib/devise/mapping.rb +128 -0
- data/lib/devise/models.rb +117 -0
- data/lib/devise/models/activatable.rb +16 -0
- data/lib/devise/models/confirmable.rb +162 -0
- data/lib/devise/models/database_authenticatable.rb +144 -0
- data/lib/devise/models/http_authenticatable.rb +21 -0
- data/lib/devise/models/lockable.rb +150 -0
- data/lib/devise/models/recoverable.rb +80 -0
- data/lib/devise/models/registerable.rb +8 -0
- data/lib/devise/models/rememberable.rb +92 -0
- data/lib/devise/models/timeoutable.rb +28 -0
- data/lib/devise/models/token_authenticatable.rb +89 -0
- data/lib/devise/models/trackable.rb +16 -0
- data/lib/devise/models/validatable.rb +39 -0
- data/lib/devise/orm/active_record.rb +41 -0
- data/lib/devise/orm/data_mapper.rb +83 -0
- data/lib/devise/orm/mongo_mapper.rb +47 -0
- data/lib/devise/rails.rb +14 -0
- data/lib/devise/rails/routes.rb +125 -0
- data/lib/devise/rails/warden_compat.rb +25 -0
- data/lib/devise/schema.rb +73 -0
- data/lib/devise/strategies/base.rb +16 -0
- data/lib/devise/strategies/database_authenticatable.rb +36 -0
- data/lib/devise/strategies/http_authenticatable.rb +59 -0
- data/lib/devise/strategies/rememberable.rb +37 -0
- data/lib/devise/strategies/token_authenticatable.rb +37 -0
- data/lib/devise/test_helpers.rb +90 -0
- data/lib/devise/version.rb +3 -0
- data/rails/init.rb +2 -0
- data/test/controllers/helpers_test.rb +177 -0
- data/test/controllers/internal_helpers_test.rb +55 -0
- data/test/controllers/url_helpers_test.rb +47 -0
- data/test/devise_test.rb +74 -0
- data/test/encryptors_test.rb +31 -0
- data/test/failure_app_test.rb +44 -0
- data/test/integration/authenticatable_test.rb +271 -0
- data/test/integration/confirmable_test.rb +97 -0
- data/test/integration/http_authenticatable_test.rb +52 -0
- data/test/integration/lockable_test.rb +102 -0
- data/test/integration/rack_middleware_test.rb +47 -0
- data/test/integration/recoverable_test.rb +141 -0
- data/test/integration/registerable_test.rb +144 -0
- data/test/integration/rememberable_test.rb +71 -0
- data/test/integration/timeoutable_test.rb +68 -0
- data/test/integration/token_authenticatable_test.rb +55 -0
- data/test/integration/trackable_test.rb +64 -0
- data/test/mailers/confirmation_instructions_test.rb +86 -0
- data/test/mailers/reset_password_instructions_test.rb +68 -0
- data/test/mailers/unlock_instructions_test.rb +62 -0
- data/test/mapping_test.rb +148 -0
- data/test/models/authenticatable_test.rb +180 -0
- data/test/models/confirmable_test.rb +212 -0
- data/test/models/lockable_test.rb +202 -0
- data/test/models/recoverable_test.rb +138 -0
- data/test/models/rememberable_test.rb +135 -0
- data/test/models/timeoutable_test.rb +28 -0
- data/test/models/token_authenticatable_test.rb +51 -0
- data/test/models/trackable_test.rb +5 -0
- data/test/models/validatable_test.rb +106 -0
- data/test/models_test.rb +70 -0
- data/test/orm/active_record.rb +31 -0
- data/test/orm/mongo_mapper.rb +20 -0
- data/test/rails_app/app/active_record/admin.rb +7 -0
- data/test/rails_app/app/active_record/user.rb +7 -0
- data/test/rails_app/app/controllers/admins_controller.rb +6 -0
- data/test/rails_app/app/controllers/application_controller.rb +12 -0
- data/test/rails_app/app/controllers/home_controller.rb +4 -0
- data/test/rails_app/app/controllers/users_controller.rb +16 -0
- data/test/rails_app/app/helpers/application_helper.rb +3 -0
- data/test/rails_app/app/mongo_mapper/admin.rb +13 -0
- data/test/rails_app/app/mongo_mapper/user.rb +14 -0
- data/test/rails_app/config/boot.rb +110 -0
- data/test/rails_app/config/environment.rb +42 -0
- data/test/rails_app/config/environments/development.rb +17 -0
- data/test/rails_app/config/environments/production.rb +28 -0
- data/test/rails_app/config/environments/test.rb +28 -0
- data/test/rails_app/config/initializers/devise.rb +82 -0
- data/test/rails_app/config/initializers/inflections.rb +2 -0
- data/test/rails_app/config/initializers/new_rails_defaults.rb +24 -0
- data/test/rails_app/config/initializers/session_store.rb +15 -0
- data/test/rails_app/config/routes.rb +21 -0
- data/test/routes_test.rb +110 -0
- data/test/support/assertions_helper.rb +37 -0
- data/test/support/integration_tests_helper.rb +71 -0
- data/test/support/test_silencer.rb +5 -0
- data/test/support/tests_helper.rb +39 -0
- data/test/test_helper.rb +21 -0
- data/test/test_helpers_test.rb +57 -0
- metadata +213 -0
@@ -0,0 +1,31 @@
|
|
1
|
+
gem 'bcrypt-ruby'
|
2
|
+
|
3
|
+
class Encryptors < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
test 'should match a password created by authlogic' do
|
6
|
+
authlogic = "b623c3bc9c775b0eb8edb218a382453396fec4146422853e66ecc4b6bc32d7162ee42074dcb5f180a770dc38b5df15812f09bbf497a4a1b95fe5e7d2b8eb7eb4"
|
7
|
+
encryptor = Devise::Encryptors::AuthlogicSha512.digest('123mudar', 20, 'usZK_z_EAaF61Gwkw-ed', '')
|
8
|
+
assert_equal authlogic, encryptor
|
9
|
+
end
|
10
|
+
|
11
|
+
test 'should match a password created by restful_authentication' do
|
12
|
+
restful_authentication = "93110f71309ce91366375ea44e2a6f5cc73fa8d4"
|
13
|
+
encryptor = Devise::Encryptors::RestfulAuthenticationSha1.digest('123mudar', 10, '48901d2b247a54088acb7f8ea3e695e50fe6791b', 'fee9a51ec0a28d11be380ca6dee6b4b760c1a3bf')
|
14
|
+
assert_equal restful_authentication, encryptor
|
15
|
+
end
|
16
|
+
|
17
|
+
test 'should match a password created by clearance' do
|
18
|
+
clearance = "0f40bbae18ddefd7066276c3ef209d40729b0378"
|
19
|
+
encryptor = Devise::Encryptors::ClearanceSha1.digest('123mudar', nil, '65c58472c207c829f28c68619d3e3aefed18ab3f', nil)
|
20
|
+
assert_equal clearance, encryptor
|
21
|
+
end
|
22
|
+
|
23
|
+
Devise::ENCRYPTORS_LENGTH.each do |key, value|
|
24
|
+
test "should have length #{value} for #{key.inspect}" do
|
25
|
+
swap Devise, :encryptor => key do
|
26
|
+
encryptor = Devise::Encryptors.const_get(key.to_s.classify)
|
27
|
+
assert_equal value, encryptor.digest('a', 4, encryptor.salt, nil).size
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
require 'ostruct'
|
3
|
+
|
4
|
+
class FailureTest < ActiveSupport::TestCase
|
5
|
+
|
6
|
+
def call_failure(env_params={})
|
7
|
+
env = {'warden.options' => { :scope => :user }}.merge!(env_params)
|
8
|
+
Devise::FailureApp.call(env)
|
9
|
+
end
|
10
|
+
|
11
|
+
test 'return 302 status' do
|
12
|
+
assert_equal 302, call_failure.first
|
13
|
+
end
|
14
|
+
|
15
|
+
test 'return to the default redirect location' do
|
16
|
+
assert_equal '/users/sign_in?unauthenticated=true', call_failure.second['Location']
|
17
|
+
end
|
18
|
+
|
19
|
+
test 'uses the proxy failure message' do
|
20
|
+
warden = OpenStruct.new(:message => :test)
|
21
|
+
location = call_failure('warden' => warden).second['Location']
|
22
|
+
assert_equal '/users/sign_in?test=true', location
|
23
|
+
end
|
24
|
+
|
25
|
+
test 'uses the given message' do
|
26
|
+
warden = OpenStruct.new(:message => 'Hello world')
|
27
|
+
location = call_failure('warden' => warden).second['Location']
|
28
|
+
assert_equal '/users/sign_in?message=Hello+world', location
|
29
|
+
end
|
30
|
+
|
31
|
+
test 'setup default url' do
|
32
|
+
Devise::FailureApp.default_url = 'test/sign_in'
|
33
|
+
location = call_failure('warden.options' => { :scope => nil }).second['Location']
|
34
|
+
assert_equal '/test/sign_in?unauthenticated=true', location
|
35
|
+
end
|
36
|
+
|
37
|
+
test 'set content type to default text/plain' do
|
38
|
+
assert_equal 'text/plain', call_failure.second['Content-Type']
|
39
|
+
end
|
40
|
+
|
41
|
+
test 'setup a default message' do
|
42
|
+
assert_equal ['You are being redirected to /users/sign_in?unauthenticated=true'], call_failure.last
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,271 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class AuthenticationSanityTest < ActionController::IntegrationTest
|
4
|
+
test 'home should be accessible without sign in' do
|
5
|
+
visit '/'
|
6
|
+
assert_response :success
|
7
|
+
assert_template 'home/index'
|
8
|
+
end
|
9
|
+
|
10
|
+
test 'sign in as user should not authenticate admin scope' do
|
11
|
+
sign_in_as_user
|
12
|
+
|
13
|
+
assert warden.authenticated?(:user)
|
14
|
+
assert_not warden.authenticated?(:admin)
|
15
|
+
end
|
16
|
+
|
17
|
+
test 'sign in as admin should not authenticate user scope' do
|
18
|
+
sign_in_as_admin
|
19
|
+
|
20
|
+
assert warden.authenticated?(:admin)
|
21
|
+
assert_not warden.authenticated?(:user)
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'sign in as both user and admin at same time' do
|
25
|
+
sign_in_as_user
|
26
|
+
sign_in_as_admin
|
27
|
+
|
28
|
+
assert warden.authenticated?(:user)
|
29
|
+
assert warden.authenticated?(:admin)
|
30
|
+
end
|
31
|
+
|
32
|
+
test 'sign out as user should not touch admin authentication' do
|
33
|
+
sign_in_as_user
|
34
|
+
sign_in_as_admin
|
35
|
+
|
36
|
+
get destroy_user_session_path
|
37
|
+
assert_not warden.authenticated?(:user)
|
38
|
+
assert warden.authenticated?(:admin)
|
39
|
+
end
|
40
|
+
|
41
|
+
test 'sign out as admin should not touch user authentication' do
|
42
|
+
sign_in_as_user
|
43
|
+
sign_in_as_admin
|
44
|
+
|
45
|
+
get destroy_admin_session_path
|
46
|
+
assert_not warden.authenticated?(:admin)
|
47
|
+
assert warden.authenticated?(:user)
|
48
|
+
end
|
49
|
+
|
50
|
+
test 'not signed in as admin should not be able to access admins actions' do
|
51
|
+
get admins_path
|
52
|
+
|
53
|
+
assert_redirected_to new_admin_session_path(:unauthenticated => true)
|
54
|
+
assert_not warden.authenticated?(:admin)
|
55
|
+
end
|
56
|
+
|
57
|
+
test 'signed in as user should not be able to access admins actions' do
|
58
|
+
sign_in_as_user
|
59
|
+
assert warden.authenticated?(:user)
|
60
|
+
assert_not warden.authenticated?(:admin)
|
61
|
+
|
62
|
+
get admins_path
|
63
|
+
assert_redirected_to new_admin_session_path(:unauthenticated => true)
|
64
|
+
end
|
65
|
+
|
66
|
+
test 'signed in as admin should be able to access admin actions' do
|
67
|
+
sign_in_as_admin
|
68
|
+
assert warden.authenticated?(:admin)
|
69
|
+
assert_not warden.authenticated?(:user)
|
70
|
+
|
71
|
+
get admins_path
|
72
|
+
|
73
|
+
assert_response :success
|
74
|
+
assert_template 'admins/index'
|
75
|
+
assert_contain 'Welcome Admin'
|
76
|
+
end
|
77
|
+
|
78
|
+
test 'authenticated admin should not be able to sign as admin again' do
|
79
|
+
sign_in_as_admin
|
80
|
+
get new_admin_session_path
|
81
|
+
|
82
|
+
assert_response :redirect
|
83
|
+
assert_redirected_to admin_root_path
|
84
|
+
assert warden.authenticated?(:admin)
|
85
|
+
end
|
86
|
+
|
87
|
+
test 'authenticated admin should be able to sign out' do
|
88
|
+
sign_in_as_admin
|
89
|
+
assert warden.authenticated?(:admin)
|
90
|
+
|
91
|
+
get destroy_admin_session_path
|
92
|
+
assert_response :redirect
|
93
|
+
assert_redirected_to root_path
|
94
|
+
|
95
|
+
get root_path
|
96
|
+
assert_contain 'Signed out successfully'
|
97
|
+
assert_not warden.authenticated?(:admin)
|
98
|
+
end
|
99
|
+
|
100
|
+
test 'unauthenticated admin does not set message on sign out' do
|
101
|
+
get destroy_admin_session_path
|
102
|
+
assert_response :redirect
|
103
|
+
assert_redirected_to root_path
|
104
|
+
|
105
|
+
get root_path
|
106
|
+
assert_not_contain 'Signed out successfully'
|
107
|
+
end
|
108
|
+
end
|
109
|
+
|
110
|
+
class AuthenticationTest < ActionController::IntegrationTest
|
111
|
+
test 'sign in should not authenticate if not using proper authentication keys' do
|
112
|
+
swap Devise, :authentication_keys => [:username] do
|
113
|
+
sign_in_as_user
|
114
|
+
assert_not warden.authenticated?(:user)
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
test 'sign in with invalid email should return to sign in form with error message' do
|
119
|
+
sign_in_as_admin do
|
120
|
+
fill_in 'email', :with => 'wrongemail@test.com'
|
121
|
+
end
|
122
|
+
|
123
|
+
assert_contain 'Invalid email or password'
|
124
|
+
assert_not warden.authenticated?(:admin)
|
125
|
+
end
|
126
|
+
|
127
|
+
test 'sign in with invalid pasword should return to sign in form with error message' do
|
128
|
+
sign_in_as_admin do
|
129
|
+
fill_in 'password', :with => 'abcdef'
|
130
|
+
end
|
131
|
+
|
132
|
+
assert_contain 'Invalid email or password'
|
133
|
+
assert_not warden.authenticated?(:admin)
|
134
|
+
end
|
135
|
+
|
136
|
+
test 'error message is configurable by resource name' do
|
137
|
+
store_translations :en, :devise => {
|
138
|
+
:sessions => { :admin => { :invalid => "Invalid credentials" } }
|
139
|
+
} do
|
140
|
+
sign_in_as_admin do
|
141
|
+
fill_in 'password', :with => 'abcdef'
|
142
|
+
end
|
143
|
+
|
144
|
+
assert_contain 'Invalid credentials'
|
145
|
+
end
|
146
|
+
end
|
147
|
+
|
148
|
+
test 'redirect from warden shows sign in or sign up message' do
|
149
|
+
get admins_path
|
150
|
+
|
151
|
+
warden_path = new_admin_session_path(:unauthenticated => true)
|
152
|
+
assert_redirected_to warden_path
|
153
|
+
|
154
|
+
get warden_path
|
155
|
+
assert_contain 'You need to sign in or sign up before continuing.'
|
156
|
+
end
|
157
|
+
|
158
|
+
test 'redirect to default url if no other was configured' do
|
159
|
+
sign_in_as_user
|
160
|
+
|
161
|
+
assert_template 'home/index'
|
162
|
+
assert_nil session[:"user.return_to"]
|
163
|
+
end
|
164
|
+
|
165
|
+
test 'redirect to requested url after sign in' do
|
166
|
+
get users_path
|
167
|
+
assert_redirected_to new_user_session_path(:unauthenticated => true)
|
168
|
+
assert_equal users_path, session[:"user.return_to"]
|
169
|
+
|
170
|
+
follow_redirect!
|
171
|
+
sign_in_as_user :visit => false
|
172
|
+
|
173
|
+
assert_template 'users/index'
|
174
|
+
assert_nil session[:"user.return_to"]
|
175
|
+
end
|
176
|
+
|
177
|
+
test 'redirect to last requested url overwriting the stored return_to option' do
|
178
|
+
get expire_user_path(create_user)
|
179
|
+
assert_redirected_to new_user_session_path(:unauthenticated => true)
|
180
|
+
assert_equal expire_user_path(create_user), session[:"user.return_to"]
|
181
|
+
|
182
|
+
get users_path
|
183
|
+
assert_redirected_to new_user_session_path(:unauthenticated => true)
|
184
|
+
assert_equal users_path, session[:"user.return_to"]
|
185
|
+
|
186
|
+
follow_redirect!
|
187
|
+
sign_in_as_user :visit => false
|
188
|
+
|
189
|
+
assert_template 'users/index'
|
190
|
+
assert_nil session[:"user.return_to"]
|
191
|
+
end
|
192
|
+
|
193
|
+
test 'redirect to configured home path for a given scope after sign in' do
|
194
|
+
sign_in_as_admin
|
195
|
+
assert_equal "/admin_area/home", @request.path
|
196
|
+
end
|
197
|
+
|
198
|
+
test 'destroyed account is signed out' do
|
199
|
+
sign_in_as_user
|
200
|
+
visit 'users/index'
|
201
|
+
|
202
|
+
User.destroy_all
|
203
|
+
visit 'users/index'
|
204
|
+
assert_redirected_to '/users/sign_in?unauthenticated=true'
|
205
|
+
end
|
206
|
+
|
207
|
+
test 'allows session to be set by a given scope' do
|
208
|
+
sign_in_as_user
|
209
|
+
visit 'users/index'
|
210
|
+
assert_equal "Cart", @controller.user_session[:cart]
|
211
|
+
end
|
212
|
+
|
213
|
+
test 'renders the scoped view if turned on and view is available' do
|
214
|
+
swap Devise, :scoped_views => true do
|
215
|
+
assert_raise Webrat::NotFoundError do
|
216
|
+
sign_in_as_user
|
217
|
+
end
|
218
|
+
assert_match /Special user view/, response.body
|
219
|
+
end
|
220
|
+
end
|
221
|
+
|
222
|
+
test 'renders the scoped view if turned on in an specific controller' do
|
223
|
+
begin
|
224
|
+
SessionsController.scoped_views = true
|
225
|
+
assert_raise Webrat::NotFoundError do
|
226
|
+
sign_in_as_user
|
227
|
+
end
|
228
|
+
|
229
|
+
assert_match /Special user view/, response.body
|
230
|
+
assert !PasswordsController.scoped_views
|
231
|
+
ensure
|
232
|
+
SessionsController.send :remove_instance_variable, :@scoped_views
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
test 'does not render the scoped view if turned off' do
|
237
|
+
swap Devise, :scoped_views => false do
|
238
|
+
assert_nothing_raised do
|
239
|
+
sign_in_as_user
|
240
|
+
end
|
241
|
+
end
|
242
|
+
end
|
243
|
+
|
244
|
+
test 'does not render the scoped view if not available' do
|
245
|
+
swap Devise, :scoped_views => true do
|
246
|
+
assert_nothing_raised do
|
247
|
+
sign_in_as_admin
|
248
|
+
end
|
249
|
+
end
|
250
|
+
end
|
251
|
+
|
252
|
+
test 'render 404 on roles without permission' do
|
253
|
+
get 'admin_area/password/new'
|
254
|
+
assert_response :not_found
|
255
|
+
assert_not_contain 'Send me reset password instructions'
|
256
|
+
end
|
257
|
+
|
258
|
+
test 'render 404 on roles without mapping' do
|
259
|
+
get 'sign_in'
|
260
|
+
assert_response :not_found
|
261
|
+
assert_not_contain 'Sign in'
|
262
|
+
end
|
263
|
+
|
264
|
+
test 'uses the mapping from the default scope if specified' do
|
265
|
+
swap Devise, :use_default_scope => true do
|
266
|
+
get 'sign_in'
|
267
|
+
assert_response :ok
|
268
|
+
assert_contain 'Sign in'
|
269
|
+
end
|
270
|
+
end
|
271
|
+
end
|
@@ -0,0 +1,97 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class ConfirmationTest < ActionController::IntegrationTest
|
4
|
+
|
5
|
+
def visit_user_confirmation_with_token(confirmation_token)
|
6
|
+
visit user_confirmation_path(:confirmation_token => confirmation_token)
|
7
|
+
end
|
8
|
+
|
9
|
+
test 'user should be able to request a new confirmation' do
|
10
|
+
user = create_user(:confirm => false)
|
11
|
+
ActionMailer::Base.deliveries.clear
|
12
|
+
|
13
|
+
visit new_user_session_path
|
14
|
+
click_link 'Didn\'t receive confirmation instructions?'
|
15
|
+
|
16
|
+
fill_in 'email', :with => user.email
|
17
|
+
click_button 'Resend confirmation instructions'
|
18
|
+
|
19
|
+
assert_template 'sessions/new'
|
20
|
+
assert_contain 'You will receive an email with instructions about how to confirm your account in a few minutes'
|
21
|
+
assert_equal 1, ActionMailer::Base.deliveries.size
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'user with invalid confirmation token should not be able to confirm an account' do
|
25
|
+
visit_user_confirmation_with_token('invalid_confirmation')
|
26
|
+
|
27
|
+
assert_response :success
|
28
|
+
assert_template 'confirmations/new'
|
29
|
+
assert_have_selector '#errorExplanation'
|
30
|
+
assert_contain /Confirmation token(.*)invalid/
|
31
|
+
end
|
32
|
+
|
33
|
+
test 'user with valid confirmation token should be able to confirm an account' do
|
34
|
+
user = create_user(:confirm => false)
|
35
|
+
assert_not user.confirmed?
|
36
|
+
|
37
|
+
visit_user_confirmation_with_token(user.confirmation_token)
|
38
|
+
|
39
|
+
assert_template 'home/index'
|
40
|
+
assert_contain 'Your account was successfully confirmed.'
|
41
|
+
|
42
|
+
assert user.reload.confirmed?
|
43
|
+
end
|
44
|
+
|
45
|
+
test 'user already confirmed user should not be able to confirm the account again' do
|
46
|
+
user = create_user(:confirm => false)
|
47
|
+
user.confirmed_at = Time.now
|
48
|
+
user.save
|
49
|
+
visit_user_confirmation_with_token(user.confirmation_token)
|
50
|
+
|
51
|
+
assert_template 'confirmations/new'
|
52
|
+
assert_have_selector '#errorExplanation'
|
53
|
+
assert_contain 'already confirmed'
|
54
|
+
end
|
55
|
+
|
56
|
+
test 'sign in user automatically after confirming it\'s email' do
|
57
|
+
user = create_user(:confirm => false)
|
58
|
+
visit_user_confirmation_with_token(user.confirmation_token)
|
59
|
+
|
60
|
+
assert warden.authenticated?(:user)
|
61
|
+
end
|
62
|
+
|
63
|
+
test 'increases sign count when signed in through confirmation' do
|
64
|
+
user = create_user(:confirm => false)
|
65
|
+
visit_user_confirmation_with_token(user.confirmation_token)
|
66
|
+
|
67
|
+
user.reload
|
68
|
+
assert_equal 1, user.sign_in_count
|
69
|
+
end
|
70
|
+
|
71
|
+
test 'not confirmed user with setup to block without confirmation should not be able to sign in' do
|
72
|
+
swap Devise, :confirm_within => 0.days do
|
73
|
+
sign_in_as_user(:confirm => false)
|
74
|
+
|
75
|
+
assert_contain 'You have to confirm your account before continuing'
|
76
|
+
assert_not warden.authenticated?(:user)
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
test 'not confirmed user but configured with some days to confirm should be able to sign in' do
|
81
|
+
swap Devise, :confirm_within => 1.day do
|
82
|
+
sign_in_as_user(:confirm => false)
|
83
|
+
|
84
|
+
assert_response :success
|
85
|
+
assert warden.authenticated?(:user)
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
test 'error message is configurable by resource name' do
|
90
|
+
store_translations :en, :devise => {
|
91
|
+
:sessions => { :admin => { :unconfirmed => "Not confirmed user" } }
|
92
|
+
} do
|
93
|
+
get new_admin_session_path(:unconfirmed => true)
|
94
|
+
assert_contain 'Not confirmed user'
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class HttpAuthenticationTest < ActionController::IntegrationTest
|
4
|
+
|
5
|
+
test 'sign in should authenticate with http' do
|
6
|
+
sign_in_as_new_user_with_http
|
7
|
+
assert_response :success
|
8
|
+
assert_template 'users/index'
|
9
|
+
assert_contain 'Welcome'
|
10
|
+
assert warden.authenticated?(:user)
|
11
|
+
end
|
12
|
+
|
13
|
+
test 'returns a custom response with www-authenticate header on failures' do
|
14
|
+
sign_in_as_new_user_with_http("unknown")
|
15
|
+
assert_equal 401, status
|
16
|
+
assert_equal 'Basic realm="Application"', headers["WWW-Authenticate"]
|
17
|
+
end
|
18
|
+
|
19
|
+
test 'uses the request format as response content type' do
|
20
|
+
sign_in_as_new_user_with_http("unknown", "123456", :xml)
|
21
|
+
assert_equal 401, status
|
22
|
+
assert_equal "application/xml", headers["Content-Type"]
|
23
|
+
# Cannot assert this due to a bug between integration tests and rack on 2.3
|
24
|
+
# assert response.body.include?("<error>HTTP Basic: Access denied.</error>")
|
25
|
+
end
|
26
|
+
|
27
|
+
test 'returns a custom response with www-authenticate and chosen realm' do
|
28
|
+
swap Devise, :http_authentication_realm => "MyApp" do
|
29
|
+
sign_in_as_new_user_with_http("unknown")
|
30
|
+
assert_equal 401, status
|
31
|
+
assert_equal 'Basic realm="MyApp"', headers["WWW-Authenticate"]
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
test 'sign in should authenticate with http even with specific authentication keys' do
|
36
|
+
swap Devise, :authentication_keys => [:username] do
|
37
|
+
sign_in_as_new_user_with_http "usertest"
|
38
|
+
assert_response :success
|
39
|
+
assert_template 'users/index'
|
40
|
+
assert_contain 'Welcome'
|
41
|
+
assert warden.authenticated?(:user)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
private
|
46
|
+
|
47
|
+
def sign_in_as_new_user_with_http(username="user@test.com", password="123456", format=:html)
|
48
|
+
user = create_user
|
49
|
+
get users_path(:format => format), {}, :authorization => "Basic #{ActiveSupport::Base64.encode64("#{username}:#{password}")}"
|
50
|
+
user
|
51
|
+
end
|
52
|
+
end
|