devise-multi-radius-authenticatable 0.1.1

data/spec/generators/install_generator_spec.rb

@@ -0,0 +1,66 @@
+require 'spec_helper'
+require 'generators/devise_radius_authenticatable/install_generator'
+
+describe DeviseRadiusAuthenticatable::InstallGenerator do
+  destination File.expand_path("../../../tmp", __FILE__)
+
+  before do
+    prepare_devise
+  end
+
+  it "requires the radius server IP to be specified" do
+    expect { run_generator }.
+      to raise_error(Thor::RequiredArgumentMissingError,
+                     /required arguments 'server'/)
+  end
+
+  it "requires the radius server shared secret to be specified" do
+    expect { run_generator ['1.1.1.1'] }.
+      to raise_error(Thor::RequiredArgumentMissingError,
+                     /required arguments 'secret'/)
+  end
+
+  context "with required arguments" do
+
+    subject { file('config/initializers/devise.rb') }
+
+    context "with default options" do
+      before do
+        run_generator ['1.1.1.1', 'secret']
+      end
+
+      it { should exist }
+      it { should contain('==> Configuration for radius_authenticatable') }
+      it { should contain("config.radius_server = '1.1.1.1'") }
+      it { should contain("config.radius_server_port = 1812") }
+      it { should contain("config.radius_server_secret = 'secret'") }
+      it { should contain("config.radius_server_timeout = 60") }
+      it { should contain("config.radius_server_retries = 0") }
+      it { should contain("config.radius_uid_field = :uid") }
+      it { should contain("config.radius_uid_generator =") }
+      it { should contain("config.radius_dictionary_path =") }
+      it { should contain("config.handle_radius_timeout_as_failure = false") }
+    end
+
+    context "with custom options" do
+      before do
+        run_generator ['1.1.1.2', 'password', '--port=1813',
+          '--timeout=120', '--retries=3', '--uid_field=email',
+          '--dictionary_path=/tmp/dictionaries',
+          '--handle_timeout_as_failure=true']
+      end
+
+      it { should exist }
+      it { should contain('==> Configuration for radius_authenticatable') }
+      it { should contain("config.radius_server = '1.1.1.2'") }
+      it { should contain("config.radius_server_port = 1813") }
+      it { should contain("config.radius_server_secret = 'password'") }
+      it { should contain("config.radius_server_timeout = 120") }
+      it { should contain("config.radius_server_retries = 3") }
+      it { should contain("config.radius_uid_field = :email") }
+      it { should contain("config.radius_uid_generator =") }
+      it { should contain("config.radius_dictionary_path = '/tmp/dictionaries'") }
+      it { should contain("config.handle_radius_timeout_as_failure = true") }
+    end
+  end
+end

data/spec/integration/radius_authenticatable_spec.rb

@@ -0,0 +1,115 @@
+require 'spec_helper'
+
+describe "login" do
+  before do
+    @admin = FactoryGirl.create(:admin, :password => 'password')
+    create_radius_user('testuser', 'password')
+    visit new_admin_session_path
+  end
+
+  it "is successful for a database user with HTTP Basic Authentication" do
+    page.driver.browser.basic_authorize(@admin.email, 'password')
+    visit root_path
+
+    current_path.should == root_path
+  end
+
+  it "is successful for a database user with params authentication" do
+    fill_in "Login", :with => @admin.email
+    fill_in "Password", :with => 'password'
+    click_button "Sign in"
+
+    current_path.should == root_path
+    page.should have_content("Signed in successfully")
+  end
+
+  it "is successful for a radius user with HTTP Basic Authentication" do
+    page.driver.browser.basic_authorize('testuser', 'password')
+    visit root_path
+
+    current_path.should == root_path
+  end
+
+  it "is successful for a radius user with params authentication" do
+    fill_in "Login", :with => 'testuser'
+    fill_in "Password", :with => 'password'
+    click_button "Sign in"
+
+    current_path.should == root_path
+    page.should have_content("Signed in successfully")
+  end
+
+  it "fails for wrong database password" do
+    fill_in "Login", :with => @admin.email
+    fill_in "Password", :with => 'password2'
+    click_button "Sign in"
+
+    current_path.should == new_admin_session_path
+    page.should have_content("Invalid email or password")
+  end
+
+  it "fails for wrong radius password" do
+    fill_in "Login", :with => 'testuser'
+    fill_in "Password", :with => 'password2'
+    click_button "Sign in"
+
+    current_path.should == new_admin_session_path
+    page.should have_content("Invalid email or password")
+  end
+
+  it "invokes the after_radius_authentication callback" do
+    fill_in "Login", :with => 'testuser'
+    fill_in "Password", :with => 'password'
+    click_button "Sign in"
+
+    uid = Admin.radius_uid_generator.call('testuser', Admin.radius_server)
+    Admin.where(Admin.radius_uid_field => uid).count.should == 1
+  end
+
+  it "successfully logs in a user with case insensitive username" do
+    swap(Devise, :case_insensitive_keys => [Admin.authentication_keys.first]) do
+      fill_in "Login", :with => 'TESTUSER'
+      fill_in "Password", :with => 'password'
+      click_button "Sign in"
+
+      current_path.should == root_path
+      page.should have_content("Signed in successfully")
+    end
+  end
+
+  it "fails to log in a user with case sensitive username" do
+    swap(Devise, :case_insensitive_keys => []) do
+      fill_in "Login", :with => 'TESTUSER'
+      fill_in "Password", :with => 'password'
+      click_button "Sign in"
+
+      current_path.should == new_admin_session_path
+      page.should have_content("Invalid email or password")
+    end
+  end
+
+  context "when radius authentication is the first strategy" do
+    before do
+      @admin2 = FactoryGirl.create(:admin, :password => 'password')
+      create_radius_user(@admin2.email, 'password2')
+
+      @orig_order = Devise.warden_config.default_strategies(:scope => :admin)
+      Devise.warden_config.default_strategies(:radius_authenticatable,
+                                              :database_authenticatable,
+                                              {:scope => :admin})
+    end
+
+    after do
+      Devise.warden_config.default_strategies(@orig_order, {:scope => :admin})
+    end
+
+    it "proceeds with the next strategy if radius authentication fails" do
+      fill_in "Login", :with => @admin2.email
+      fill_in "Password", :with => 'password'
+      click_button "Sign in"
+
+      current_path.should == root_path
+      page.should have_content("Signed in successfully")
+    end
+  end
+end

data/spec/rails_app/.gitignore

@@ -0,0 +1,15 @@
+# See http://help.github.com/ignore-files/ for more about ignoring files.
+#
+# If you find yourself ignoring temporary files generated by your text editor
+# or operating system, you probably want to add a global ignore instead:
+#   git config --global core.excludesfile ~/.gitignore_global
+
+# Ignore bundler config
+/.bundle
+
+# Ignore the default SQLite database.
+/db/*.sqlite3
+
+# Ignore all logfiles and tempfiles.
+/log/*.log
+/tmp

data/spec/rails_app/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+gemspec :path => File.expand_path("../../../", __FILE__)
+

data/spec/rails_app/Rakefile

@@ -0,0 +1,7 @@
+#!/usr/bin/env rake
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+
+RailsApp::Application.load_tasks

data/spec/rails_app/app/assets/javascripts/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require_tree .

data/spec/rails_app/app/assets/stylesheets/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/spec/rails_app/app/controllers/admins_controller.rb

@@ -0,0 +1,83 @@
+class AdminsController < ApplicationController
+  # GET /admins
+  # GET /admins.json
+  def index
+    @admins = Admin.all
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: @admins }
+    end
+  end
+
+  # GET /admins/1
+  # GET /admins/1.json
+  def show
+    @admin = Admin.find(params[:id])
+
+    respond_to do |format|
+      format.html # show.html.erb
+      format.json { render json: @admin }
+    end
+  end
+
+  # GET /admins/new
+  # GET /admins/new.json
+  def new
+    @admin = Admin.new
+
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render json: @admin }
+    end
+  end
+
+  # GET /admins/1/edit
+  def edit
+    @admin = Admin.find(params[:id])
+  end
+
+  # POST /admins
+  # POST /admins.json
+  def create
+    @admin = Admin.new(params[:admin])
+
+    respond_to do |format|
+      if @admin.save
+        format.html { redirect_to @admin, notice: 'Admin was successfully created.' }
+        format.json { render json: @admin, status: :created, location: @admin }
+      else
+        format.html { render action: "new" }
+        format.json { render json: @admin.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # PUT /admins/1
+  # PUT /admins/1.json
+  def update
+    @admin = Admin.find(params[:id])
+
+    respond_to do |format|
+      if @admin.update_attributes(params[:admin])
+        format.html { redirect_to @admin, notice: 'Admin was successfully updated.' }
+        format.json { head :no_content }
+      else
+        format.html { render action: "edit" }
+        format.json { render json: @admin.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  # DELETE /admins/1
+  # DELETE /admins/1.json
+  def destroy
+    @admin = Admin.find(params[:id])
+    @admin.destroy
+
+    respond_to do |format|
+      format.html { redirect_to admins_url }
+      format.json { head :no_content }
+    end
+  end
+end

data/spec/rails_app/app/controllers/application_controller.rb

@@ -0,0 +1,11 @@
+class ApplicationController < ActionController::Base
+  protect_from_forgery
+
+  before_filter :authenticate_admin!
+
+  protected
+
+  def after_sign_out_path_for(resource)
+    new_admin_session_path
+  end
+end

data/spec/rails_app/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/rails_app/app/models/admin.rb

@@ -0,0 +1,11 @@
+class Admin < ActiveRecord::Base
+  devise :database_authenticatable, :radius_authenticatable
+
+  attr_accessor :login
+
+  def self.find_for_database_authentication(conditions)
+    login = conditions.delete(:login)
+    conditions[:email] = login
+    super
+  end
+end

data/spec/rails_app/app/views/admins/_form.html.erb

@@ -0,0 +1,17 @@
+<%= form_for(@admin) do |f| %>
+  <% if @admin.errors.any? %>
+    <div id="error_explanation">
+      <h2><%= pluralize(@admin.errors.count, "error") %> prohibited this admin from being saved:</h2>
+
+      <ul>
+      <% @admin.errors.full_messages.each do |msg| %>
+        <li><%= msg %></li>
+      <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="actions">
+    <%= f.submit %>
+  </div>
+<% end %>

data/spec/rails_app/app/views/admins/edit.html.erb

@@ -0,0 +1,6 @@
+<h1>Editing admin</h1>
+
+<%= render 'form' %>
+
+<%= link_to 'Show', @admin %> |
+<%= link_to 'Back', admins_path %>

data/spec/rails_app/app/views/admins/index.html.erb

@@ -0,0 +1,21 @@
+<h1>Listing admins</h1>
+
+<table>
+  <tr>
+    <th></th>
+    <th></th>
+    <th></th>
+  </tr>
+
+<% @admins.each do |admin| %>
+  <tr>
+    <td><%= link_to 'Show', admin %></td>
+    <td><%= link_to 'Edit', edit_admin_path(admin) %></td>
+    <td><%= link_to 'Destroy', admin, method: :delete, data: { confirm: 'Are you sure?' } %></td>
+  </tr>
+<% end %>
+</table>
+
+<br />
+
+<%= link_to 'New Admin', new_admin_path %>

data/spec/rails_app/app/views/admins/new.html.erb

@@ -0,0 +1,5 @@
+<h1>New admin</h1>
+
+<%= render 'form' %>
+
+<%= link_to 'Back', admins_path %>

data/spec/rails_app/app/views/admins/show.html.erb

@@ -0,0 +1,5 @@
+<p id="notice"><%= notice %></p>
+
+
+<%= link_to 'Edit', edit_admin_path(@admin) %> |
+<%= link_to 'Back', admins_path %>

data/spec/rails_app/app/views/devise/confirmations/new.html.erb

@@ -0,0 +1,12 @@
+<h2>Resend confirmation instructions</h2>
+
+<%= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f| %>
+  <%= devise_error_messages! %>
+
+  <div><%= f.label :email %><br />
+  <%= f.email_field :email, autofocus: true %></div>
+
+  <div><%= f.submit "Resend confirmation instructions" %></div>
+<% end %>
+
+<%= render "devise/shared/links" %>

data/spec/rails_app/app/views/devise/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,5 @@
+<p>Welcome <%= @email %>!</p>
+
+<p>You can confirm your account email through the link below:</p>
+
+<p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>