devise-tokens 1.0.3 → 1.0.4

data/lib/generators/{devise_tokens → devise_token_auth}/install_mongoid_generator.rb

@@ -1,15 +1,15 @@
-
+# frozen_string_literal: true
 
 require_relative 'install_generator_helpers'
 
-module DeviseTokens
+module DeviseTokenAuth
   class InstallMongoidGenerator < Rails::Generators::Base
-    include DeviseTokens::InstallGeneratorHelpers
+    include DeviseTokenAuth::InstallGeneratorHelpers
 
     def create_user_model
       fname = "app/models/#{user_class.underscore}.rb"
       if File.exist?(File.join(destination_root, fname))
-        inclusion = 'include DeviseTokens::Concerns::User'
+        inclusion = 'include DeviseTokenAuth::Concerns::User'
         unless parse_file_for_line(fname, inclusion)
           inject_into_file fname, before: /end\s\z/ do <<-'RUBY'
 
@@ -32,7 +32,7 @@ module DeviseTokens
   # :confirmable, :lockable, :timeoutable and :omniauthable
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable
-  include DeviseTokens::Concerns::User
+  include DeviseTokenAuth::Concerns::User
 
   index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
             RUBY

data/lib/generators/{devise_tokens → devise_token_auth}/install_views_generator.rb

@@ -1,6 +1,6 @@
+# frozen_string_literal: true
 
-
-module DeviseTokens
+module DeviseTokenAuth
   class InstallViewsGenerator < Rails::Generators::Base
     source_root File.expand_path('../../../app/views/devise/mailer', __dir__)
 

data/lib/generators/{devise_tokens/templates/devise_tokens.rb → devise_token_auth/templates/devise_token_auth.rb}

@@ -1,6 +1,6 @@
+# frozen_string_literal: true
 
-
-DeviseTokens.setup do |config|
+DeviseTokenAuth.setup do |config|
   # By default the authorization headers will change after each request. The
   # client is responsible for keeping track of the changing tokens. Change
   # this to false to prevent the Authorization header from changing after

data/lib/generators/{devise_tokens/templates/devise_tokens_create_users.rb.erb → devise_token_auth/templates/devise_token_auth_create_users.rb.erb}

@@ -1,4 +1,4 @@
-class DeviseTokensCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRecord::Migration<%= "[#{Rails::VERSION::STRING[0..2]}]" if Rails::VERSION::MAJOR > 4 %>
+class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRecord::Migration<%= "[#{Rails::VERSION::STRING[0..2]}]" if Rails::VERSION::MAJOR > 4 %>
   def change
     <% table_name = @user_class.pluralize.gsub("::","").underscore %>
     create_table(:<%= table_name %><%= primary_key_type %>) do |t|

data/lib/generators/{devise_tokens → devise_token_auth}/templates/user.rb.erb

@@ -1,9 +1,9 @@
-
+# frozen_string_literal: true
 
 class <%= user_class %> < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable and :omniauthable
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable
-  include DeviseTokens::Concerns::User
+  include DeviseTokenAuth::Concerns::User
 end

data/lib/generators/{devise_tokens → devise_token_auth}/templates/user_mongoid.rb.erb

@@ -1,4 +1,4 @@
-
+# frozen_string_literal: true
 
 class <%= user_class %>
   include Mongoid::Document
@@ -46,7 +46,7 @@ class <%= user_class %>
   # :confirmable, :lockable, :timeoutable and :omniauthable
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable
-  include DeviseTokens::Concerns::User
+  include DeviseTokenAuth::Concerns::User
 
   index({ email: 1 }, { name: 'email_index', unique: true, background: true })
   index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })

data/lib/tasks/{devise_tokens_tasks.rake → devise_token_auth_tasks.rake}

@@ -1,6 +1,6 @@
-
+# frozen_string_literal: true
 
 # desc "Explaining what the task does"
-# task :devise_tokens do
+# task :devise_token_auth do
 #   # Task goes here
 # end

data/test/controllers/custom/custom_confirmations_controller_test.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::ConfirmationsControllerTest < ActionController::TestCase
+  describe Custom::ConfirmationsController do
+    include CustomControllersRoutes
+
+    before do
+      @redirect_url = Faker::Internet.url
+      @new_user = create(:user)
+      @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
+      @mail          = ActionMailer::Base.deliveries.last
+      @token         = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
+      @client_config = @mail.body.match(/config=([^&]*)&/)[1]
+
+      get :show,
+          params: { confirmation_token: @token, redirect_url: @redirect_url }
+    end
+
+    test 'yield resource to block on show success' do
+      assert @controller.show_block_called?, 'show failed to yield resource to provided block'
+    end
+  end
+end

data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::OmniauthCallbacksController do
+    include CustomControllersRoutes
+
+    setup do
+      OmniAuth.config.test_mode = true
+      OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
+        provider: 'facebook',
+        uid: '123545',
+        info: {
+          name: 'swong',
+          email: 'swongsong@yandex.ru'
+        }
+      )
+    end
+
+    test 'yield resource to block on omniauth_success success' do
+      @redirect_url = 'http://ng-token-auth.dev/'
+      get '/nice_user_auth/facebook',
+          params: { auth_origin_url: @redirect_url,
+                    omniauth_window_type: 'newWindow' }
+
+      follow_all_redirects!
+
+      assert @controller.omniauth_success_block_called?,
+             'omniauth_success failed to yield resource to provided block'
+    end
+  end
+end

data/test/controllers/custom/custom_passwords_controller_test.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::PasswordsControllerTest < ActionController::TestCase
+  describe Custom::PasswordsController do
+    include CustomControllersRoutes
+
+    before do
+      @resource = create(:user, :confirmed)
+      @redirect_url = 'http://ng-token-auth.dev'
+    end
+
+    test 'yield resource to block on create success' do
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url }
+
+      @mail = ActionMailer::Base.deliveries.last
+      @resource.reload
+
+      @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+      @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
+      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on edit success' do
+      @resource = create(:user)
+      @redirect_url = 'http://ng-token-auth.dev'
+
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url },
+           xhr: true
+
+      @mail = ActionMailer::Base.deliveries.last
+      @resource.reload
+
+      @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+      @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
+      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+
+      get :edit,
+          params: { reset_password_token: @mail_reset_token,
+                    redirect_url: @mail_redirect_url },
+          xhr: true
+      @resource.reload
+      assert @controller.edit_block_called?,
+             'edit failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on update success' do
+      @auth_headers = @resource.create_new_auth_token
+      request.headers.merge!(@auth_headers)
+      @new_password = Faker::Internet.password
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on update success with custom json' do
+      @auth_headers = @resource.create_new_auth_token
+      request.headers.merge!(@auth_headers)
+      @new_password = Faker::Internet.password
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
+
+      @data = JSON.parse(response.body)
+
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/custom/custom_registrations_controller_test.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::RegistrationsController do
+    include CustomControllersRoutes
+
+    before do
+      @create_params = attributes_for(:user,
+        confirm_success_url: Faker::Internet.url,
+        unpermitted_param: '(x_x)')
+
+      @existing_user = create(:user, :confirmed)
+      @auth_headers  = @existing_user.create_new_auth_token
+      @client_id     = @auth_headers['client']
+
+      # ensure request is not treated as batch request
+      age_token(@existing_user, @client_id)
+    end
+
+    test 'yield resource to block on create success' do
+      post '/nice_user_auth', params: @create_params
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on create success with custom json' do
+      post '/nice_user_auth', params: @create_params
+
+      @data = JSON.parse(response.body)
+
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+
+    test 'yield resource to block on update success' do
+      put '/nice_user_auth',
+          params: {
+            nickname: "Ol' Sunshine-face"
+          },
+          headers: @auth_headers
+      assert @controller.update_block_called?,
+             'update failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on destroy success' do
+      delete '/nice_user_auth', headers: @auth_headers
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
+    end
+
+    describe 'when overriding #build_resource' do
+      test 'it fails' do
+        Custom::RegistrationsController.any_instance.stubs(:build_resource).returns(nil)
+        assert_raises DeviseTokenAuth::Errors::NoResourceDefinedError do
+          post '/nice_user_auth', params: @create_params
+        end
+      end
+    end
+  end
+end

data/test/controllers/custom/custom_sessions_controller_test.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::SessionsControllerTest < ActionController::TestCase
+  describe Custom::SessionsController do
+    include CustomControllersRoutes
+
+    before do
+      @existing_user = create(:user, :confirmed)
+    end
+
+    test 'yield resource to block on create success' do
+      post :create,
+           params: {
+             email: @existing_user.email,
+             password: @existing_user.password
+           }
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on destroy success' do
+      @auth_headers = @existing_user.create_new_auth_token
+      request.headers.merge!(@auth_headers)
+      delete :destroy, format: :json
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
+    end
+
+    test 'render method override' do
+      post :create,
+           params: { email: @existing_user.email,
+                     password: @existing_user.password }
+      @data = JSON.parse(response.body)
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/custom/custom_token_validations_controller_test.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class Custom::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::TokenValidationsController do
+    include CustomControllersRoutes
+
+    before do
+      @resource = create(:user, :confirmed)
+
+      @auth_headers = @resource.create_new_auth_token
+
+      @token     = @auth_headers['access-token']
+      @client_id = @auth_headers['client']
+      @expiry    = @auth_headers['expiry']
+
+      # ensure that request is not treated as batch request
+      age_token(@resource, @client_id)
+    end
+
+    test 'yield resource to block on validate_token success' do
+      get '/nice_user_auth/validate_token',
+          params: {},
+          headers: @auth_headers
+      assert @controller.validate_token_block_called?,
+             'validate_token failed to yield resource to provided block'
+    end
+
+    test 'yield resource to block on validate_token success with custom json' do
+      get '/nice_user_auth/validate_token',
+          params: {},
+          headers: @auth_headers
+
+      @data = JSON.parse(response.body)
+
+      assert @controller.validate_token_block_called?,
+             'validate_token failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/demo_group_controller_test.rb

@@ -0,0 +1,151 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+
+class DemoGroupControllerTest < ActionDispatch::IntegrationTest
+  describe DemoGroupController do
+    describe 'Token access' do
+      before do
+        # user
+        @resource = create(:user, :confirmed)
+
+        @resource_auth_headers = @resource.create_new_auth_token
+
+        @resource_token     = @resource_auth_headers['access-token']
+        @resource_client_id = @resource_auth_headers['client']
+        @resource_expiry    = @resource_auth_headers['expiry']
+
+        # mang
+        @mang = create(:mang_user, :confirmed)
+
+        @mang_auth_headers = @mang.create_new_auth_token
+
+        @mang_token     = @mang_auth_headers['access-token']
+        @mang_client_id = @mang_auth_headers['client']
+        @mang_expiry    = @mang_auth_headers['expiry']
+      end
+
+      describe 'user access' do
+        before do
+          # ensure that request is not treated as batch request
+          age_token(@resource, @resource_client_id)
+
+          get '/demo/members_only_group',
+              params: {},
+              headers: @resource_auth_headers
+
+          @resp_token       = response.headers['access-token']
+          @resp_client_id   = response.headers['client']
+          @resp_expiry      = response.headers['expiry']
+          @resp_uid         = response.headers['uid']
+        end
+
+        test 'request is successful' do
+          assert_equal 200, response.status
+        end
+
+        describe 'devise mappings' do
+          it 'should define current_user' do
+            assert_equal @resource, @controller.current_user
+          end
+
+          it 'should define user_signed_in?' do
+            assert @controller.user_signed_in?
+          end
+
+          it 'should not define current_mang' do
+            refute_equal @resource, @controller.current_mang
+          end
+
+          it 'should define current_member' do
+            assert_equal @resource, @controller.current_member
+          end
+
+          it 'should define current_members' do
+            assert @controller.current_members.include? @resource
+          end
+
+          it 'should define member_signed_in?' do
+            assert @controller.current_members.include? @resource
+          end
+
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
+        end
+      end
+
+      describe 'mang access' do
+        before do
+          # ensure that request is not treated as batch request
+          age_token(@mang, @mang_client_id)
+
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers
+
+          @resp_token       = response.headers['access-token']
+          @resp_client_id   = response.headers['client']
+          @resp_expiry      = response.headers['expiry']
+          @resp_uid         = response.headers['uid']
+        end
+
+        test 'request is successful' do
+          assert_equal 200, response.status
+        end
+
+        describe 'devise mappings' do
+          it 'should define current_mang' do
+            assert_equal @mang, @controller.current_mang
+          end
+
+          it 'should define mang_signed_in?' do
+            assert @controller.mang_signed_in?
+          end
+
+          it 'should not define current_mang' do
+            refute_equal @mang, @controller.current_user
+          end
+
+          it 'should define current_member' do
+            assert_equal @mang, @controller.current_member
+          end
+
+          it 'should define current_members' do
+            assert @controller.current_members.include? @mang
+          end
+
+          it 'should define member_signed_in?' do
+            assert @controller.current_members.include? @mang
+          end
+
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
+        end
+      end
+
+      describe 'failed access' do
+        before do
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers.merge('access-token' => 'bogus')
+        end
+
+        it 'should not return any auth headers' do
+          refute response.headers['access-token']
+        end
+
+        it 'should return error: unauthorized status' do
+          assert_equal 401, response.status
+        end
+      end
+    end
+  end
+end