devise 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/MIT-LICENSE +20 -0
- data/README.rdoc +220 -0
- data/Rakefile +45 -0
- data/TODO +37 -0
- data/app/controllers/confirmations_controller.rb +32 -0
- data/app/controllers/passwords_controller.rb +38 -0
- data/app/controllers/sessions_controller.rb +35 -0
- data/app/models/notifier.rb +47 -0
- data/app/views/confirmations/new.html.erb +16 -0
- data/app/views/notifier/confirmation_instructions.html.erb +5 -0
- data/app/views/notifier/reset_password_instructions.html.erb +8 -0
- data/app/views/passwords/edit.html.erb +20 -0
- data/app/views/passwords/new.html.erb +16 -0
- data/app/views/sessions/new.html.erb +23 -0
- data/config/locales/en.yml +16 -0
- data/init.rb +2 -0
- data/lib/devise.rb +48 -0
- data/lib/devise/active_record.rb +86 -0
- data/lib/devise/controllers/filters.rb +109 -0
- data/lib/devise/controllers/helpers.rb +91 -0
- data/lib/devise/controllers/url_helpers.rb +47 -0
- data/lib/devise/hooks/rememberable.rb +24 -0
- data/lib/devise/mapping.rb +95 -0
- data/lib/devise/migrations.rb +50 -0
- data/lib/devise/models/authenticable.rb +98 -0
- data/lib/devise/models/confirmable.rb +125 -0
- data/lib/devise/models/recoverable.rb +88 -0
- data/lib/devise/models/rememberable.rb +71 -0
- data/lib/devise/models/validatable.rb +36 -0
- data/lib/devise/routes.rb +95 -0
- data/lib/devise/strategies/authenticable.rb +45 -0
- data/lib/devise/strategies/base.rb +24 -0
- data/lib/devise/strategies/rememberable.rb +33 -0
- data/lib/devise/version.rb +3 -0
- data/lib/devise/warden.rb +64 -0
- data/test/active_record_test.rb +96 -0
- data/test/controllers/filters_test.rb +97 -0
- data/test/controllers/helpers_test.rb +40 -0
- data/test/controllers/url_helpers_test.rb +47 -0
- data/test/integration/authenticable_test.rb +191 -0
- data/test/integration/confirmable_test.rb +60 -0
- data/test/integration/recoverable_test.rb +131 -0
- data/test/integration/rememberable_test.rb +56 -0
- data/test/mailers/confirmation_instructions_test.rb +59 -0
- data/test/mailers/reset_password_instructions_test.rb +62 -0
- data/test/mapping_test.rb +71 -0
- data/test/models/authenticable_test.rb +138 -0
- data/test/models/confirmable_test.rb +206 -0
- data/test/models/recoverable_test.rb +145 -0
- data/test/models/rememberable_test.rb +68 -0
- data/test/models/validatable_test.rb +99 -0
- data/test/rails_app/app/controllers/admins_controller.rb +6 -0
- data/test/rails_app/app/controllers/application_controller.rb +10 -0
- data/test/rails_app/app/controllers/home_controller.rb +4 -0
- data/test/rails_app/app/controllers/users_controller.rb +7 -0
- data/test/rails_app/app/helpers/application_helper.rb +3 -0
- data/test/rails_app/app/models/account.rb +3 -0
- data/test/rails_app/app/models/admin.rb +3 -0
- data/test/rails_app/app/models/organizer.rb +3 -0
- data/test/rails_app/app/models/user.rb +3 -0
- data/test/rails_app/config/boot.rb +110 -0
- data/test/rails_app/config/environment.rb +41 -0
- data/test/rails_app/config/environments/development.rb +17 -0
- data/test/rails_app/config/environments/production.rb +28 -0
- data/test/rails_app/config/environments/test.rb +28 -0
- data/test/rails_app/config/initializers/new_rails_defaults.rb +21 -0
- data/test/rails_app/config/initializers/session_store.rb +15 -0
- data/test/rails_app/config/routes.rb +18 -0
- data/test/routes_test.rb +75 -0
- data/test/support/assertions_helper.rb +22 -0
- data/test/support/integration_tests_helper.rb +66 -0
- data/test/support/model_tests_helper.rb +40 -0
- data/test/test_helper.rb +39 -0
- metadata +136 -0
@@ -0,0 +1,145 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class RecoverableTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
setup_mailer
|
7
|
+
end
|
8
|
+
|
9
|
+
test 'should not have reset password token accessible' do
|
10
|
+
assert_not field_accessible?(:reset_password_token)
|
11
|
+
end
|
12
|
+
|
13
|
+
test 'should not generate reset password token after creating a record' do
|
14
|
+
assert_nil new_user.reset_password_token
|
15
|
+
assert_nil create_user.reset_password_token
|
16
|
+
end
|
17
|
+
|
18
|
+
test 'should regenerate reset password token each time' do
|
19
|
+
user = create_user
|
20
|
+
3.times do
|
21
|
+
token = user.reset_password_token
|
22
|
+
user.send_reset_password_instructions
|
23
|
+
assert_not_equal token, user.reset_password_token
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
test 'should never generate the same reset password token for different users' do
|
28
|
+
reset_password_tokens = []
|
29
|
+
10.times do
|
30
|
+
user = create_user
|
31
|
+
user.send_reset_password_instructions
|
32
|
+
token = user.reset_password_token
|
33
|
+
assert !reset_password_tokens.include?(token)
|
34
|
+
reset_password_tokens << token
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
test 'should reset password and password confirmation from params' do
|
39
|
+
user = create_user
|
40
|
+
user.reset_password('123456789', '987654321')
|
41
|
+
assert_equal '123456789', user.password
|
42
|
+
assert_equal '987654321', user.password_confirmation
|
43
|
+
end
|
44
|
+
|
45
|
+
test 'should reset password and save the record' do
|
46
|
+
assert create_user.reset_password!('123456789', '123456789')
|
47
|
+
end
|
48
|
+
|
49
|
+
test 'should clear reset password token while reseting the password' do
|
50
|
+
user = create_user
|
51
|
+
assert_nil user.reset_password_token
|
52
|
+
user.send_reset_password_instructions
|
53
|
+
assert_present user.reset_password_token
|
54
|
+
assert user.reset_password!('123456789', '123456789')
|
55
|
+
assert_nil user.reset_password_token
|
56
|
+
end
|
57
|
+
|
58
|
+
test 'should not clear reset password token if record is invalid' do
|
59
|
+
user = create_user
|
60
|
+
user.send_reset_password_instructions
|
61
|
+
assert_present user.reset_password_token
|
62
|
+
assert_not user.reset_password!('123456789', '987654321')
|
63
|
+
assert_present user.reset_password_token
|
64
|
+
end
|
65
|
+
|
66
|
+
test 'should not reset password with invalid data' do
|
67
|
+
user = create_user
|
68
|
+
user.stubs(:valid?).returns(false)
|
69
|
+
assert_not user.reset_password!('123456789', '987654321')
|
70
|
+
end
|
71
|
+
|
72
|
+
test 'should reset reset password token and send instructions by email' do
|
73
|
+
user = create_user
|
74
|
+
assert_email_sent do
|
75
|
+
token = user.reset_password_token
|
76
|
+
user.send_reset_password_instructions
|
77
|
+
assert_not_equal token, user.reset_password_token
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
test 'should find a user to send instructions by email' do
|
82
|
+
user = create_user
|
83
|
+
reset_password_user = User.send_reset_password_instructions(:email => user.email)
|
84
|
+
assert_not_nil reset_password_user
|
85
|
+
assert_equal reset_password_user, user
|
86
|
+
end
|
87
|
+
|
88
|
+
test 'should return a new user if no email was found' do
|
89
|
+
reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com")
|
90
|
+
assert_not_nil reset_password_user
|
91
|
+
assert reset_password_user.new_record?
|
92
|
+
end
|
93
|
+
|
94
|
+
test 'should add error to new user email if no email was found' do
|
95
|
+
reset_password_user = User.send_reset_password_instructions(:email => "invalid@email.com")
|
96
|
+
assert reset_password_user.errors[:email]
|
97
|
+
assert_equal 'not found', reset_password_user.errors[:email]
|
98
|
+
end
|
99
|
+
|
100
|
+
test 'should reset reset password token before send the reset instructions email' do
|
101
|
+
user = create_user
|
102
|
+
token = user.reset_password_token
|
103
|
+
reset_password_user = User.send_reset_password_instructions(:email => user.email)
|
104
|
+
assert_not_equal token, user.reload.reset_password_token
|
105
|
+
end
|
106
|
+
|
107
|
+
test 'should send email instructions to the user reset it\'s password' do
|
108
|
+
user = create_user
|
109
|
+
assert_email_sent do
|
110
|
+
User.send_reset_password_instructions(:email => user.email)
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
test 'should find a user to reset it\'s password based on reset_password_token' do
|
115
|
+
user = create_user
|
116
|
+
reset_password_user = User.reset_password!(:reset_password_token => user.reset_password_token)
|
117
|
+
assert_not_nil reset_password_user
|
118
|
+
assert_equal reset_password_user, user
|
119
|
+
end
|
120
|
+
|
121
|
+
test 'should return a new user when trying to reset it\'s password if no reset_password_token is found' do
|
122
|
+
reset_password_user = User.reset_password!(:reset_password_token => 'invalid_token')
|
123
|
+
assert_not_nil reset_password_user
|
124
|
+
assert reset_password_user.new_record?
|
125
|
+
end
|
126
|
+
|
127
|
+
test 'should add error to new user email if no reset password token was found' do
|
128
|
+
reset_password_user = User.reset_password!(:reset_password_token => "invalid_token")
|
129
|
+
assert reset_password_user.errors[:reset_password_token]
|
130
|
+
assert_equal 'is invalid', reset_password_user.errors[:reset_password_token]
|
131
|
+
end
|
132
|
+
|
133
|
+
test 'should reset successfully user password given the new password and confirmation' do
|
134
|
+
user = create_user
|
135
|
+
old_password = user.password
|
136
|
+
reset_password_user = User.reset_password!(
|
137
|
+
:reset_password_token => user.reset_password_token,
|
138
|
+
:password => 'new_password',
|
139
|
+
:password_confirmation => 'new_password'
|
140
|
+
)
|
141
|
+
user.reload
|
142
|
+
assert_not user.valid_password?(old_password)
|
143
|
+
assert user.valid_password?('new_password')
|
144
|
+
end
|
145
|
+
end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class RememberableTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
test 'should respond to remember_me attribute' do
|
6
|
+
user = new_user
|
7
|
+
assert user.respond_to?(:remember_me)
|
8
|
+
end
|
9
|
+
|
10
|
+
test 'should have remember_me accessible' do
|
11
|
+
assert field_accessible?(:remember_me)
|
12
|
+
end
|
13
|
+
|
14
|
+
test 'remember_me should generate a new token and save the record without validating' do
|
15
|
+
user = create_user
|
16
|
+
user.expects(:valid?).never
|
17
|
+
token = user.remember_token
|
18
|
+
user.remember_me!
|
19
|
+
assert_not_equal token, user.remember_token
|
20
|
+
assert_not user.changed?
|
21
|
+
end
|
22
|
+
|
23
|
+
test 'forget_me should clear remember token and save the record without validating' do
|
24
|
+
user = create_user
|
25
|
+
user.remember_me!
|
26
|
+
assert_not_nil user.remember_token
|
27
|
+
user.expects(:valid?).never
|
28
|
+
user.forget_me!
|
29
|
+
assert_nil user.remember_token
|
30
|
+
assert_not user.changed?
|
31
|
+
end
|
32
|
+
|
33
|
+
test 'forget should do nothing if no remember token exists' do
|
34
|
+
user = create_user
|
35
|
+
user.expects(:save).never
|
36
|
+
user.forget_me!
|
37
|
+
end
|
38
|
+
|
39
|
+
test 'valid remember token' do
|
40
|
+
user = create_user
|
41
|
+
assert_not user.valid_remember_token?(user.remember_token)
|
42
|
+
user.remember_me!
|
43
|
+
assert user.valid_remember_token?(user.remember_token)
|
44
|
+
user.forget_me!
|
45
|
+
assert_not user.valid_remember_token?(user.remember_token)
|
46
|
+
end
|
47
|
+
|
48
|
+
test 'serialize into cookie' do
|
49
|
+
user = create_user
|
50
|
+
user.remember_me!
|
51
|
+
assert_equal "#{user.id}::#{user.remember_token}", User.serialize_into_cookie(user)
|
52
|
+
end
|
53
|
+
|
54
|
+
test 'serialize from cookie' do
|
55
|
+
user = create_user
|
56
|
+
user.remember_me!
|
57
|
+
assert_equal user, User.serialize_from_cookie("#{user.id}::#{user.remember_token}")
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'serialize should return nil if no user is found' do
|
61
|
+
assert_nil User.serialize_from_cookie('0::123')
|
62
|
+
end
|
63
|
+
|
64
|
+
test 'remember me return nil if is a valid user with invalid token' do
|
65
|
+
user = create_user
|
66
|
+
assert_nil User.serialize_from_cookie("#{user.id}::#{user.remember_token}123")
|
67
|
+
end
|
68
|
+
end
|
@@ -0,0 +1,99 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class ValidatableTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
test 'should require email to be set' do
|
6
|
+
user = new_user(:email => nil)
|
7
|
+
assert user.invalid?
|
8
|
+
assert user.errors[:email]
|
9
|
+
assert_equal 'can\'t be blank', user.errors[:email]
|
10
|
+
end
|
11
|
+
|
12
|
+
test 'should require uniqueness of email, allowing blank' do
|
13
|
+
existing_user = create_user
|
14
|
+
user = new_user(:email => '')
|
15
|
+
assert user.invalid?
|
16
|
+
assert_not_equal 'has already been taken', user.errors[:email]
|
17
|
+
user.email = existing_user.email
|
18
|
+
assert user.invalid?
|
19
|
+
assert user.errors[:email]
|
20
|
+
assert_equal 1, user.errors[:email].to_a.size
|
21
|
+
assert_equal 'has already been taken', user.errors[:email]
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'should require correct email format, allowing blank' do
|
25
|
+
user = new_user(:email => '')
|
26
|
+
assert user.invalid?
|
27
|
+
assert_not_equal 'is invalid', user.errors[:email]
|
28
|
+
%w(invalid_email_format email@invalid invalid$character@mail.com other@not 123).each do |email|
|
29
|
+
user.email = email
|
30
|
+
assert user.invalid?, 'should be invalid with email ' << email
|
31
|
+
assert user.errors[:email]
|
32
|
+
assert_equal 1, user.errors[:email].to_a.size
|
33
|
+
assert_equal 'is invalid', user.errors[:email]
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
test 'should accept valid emails' do
|
38
|
+
%w(a.b.c@example.com test_mail@gmail.com any@any.net email@test.br 123@mail.test).each do |email|
|
39
|
+
user = new_user(:email => email)
|
40
|
+
assert user.valid?, 'should be valid with email ' << email
|
41
|
+
assert_nil user.errors[:email]
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
test 'should require password to be set when creating a new record' do
|
46
|
+
user = new_user(:password => '', :password_confirmation => '')
|
47
|
+
assert user.invalid?
|
48
|
+
assert user.errors[:password]
|
49
|
+
assert_equal 'can\'t be blank', user.errors[:password]
|
50
|
+
end
|
51
|
+
|
52
|
+
test 'should require confirmation to be set when creating a new record' do
|
53
|
+
user = new_user(:password => 'new_password', :password_confirmation => 'blabla')
|
54
|
+
assert user.invalid?
|
55
|
+
assert user.errors[:password]
|
56
|
+
assert_equal 'doesn\'t match confirmation', user.errors[:password]
|
57
|
+
end
|
58
|
+
|
59
|
+
test 'should require password when updating/reseting password' do
|
60
|
+
user = create_user
|
61
|
+
user.password = ''
|
62
|
+
user.password_confirmation = ''
|
63
|
+
assert user.invalid?
|
64
|
+
assert user.errors[:password]
|
65
|
+
assert_equal 'can\'t be blank', user.errors[:password]
|
66
|
+
end
|
67
|
+
|
68
|
+
test 'should require confirmation when updating/reseting password' do
|
69
|
+
user = create_user
|
70
|
+
user.password_confirmation = 'another_password'
|
71
|
+
assert user.invalid?
|
72
|
+
assert user.errors[:password]
|
73
|
+
assert_equal 'doesn\'t match confirmation', user.errors[:password]
|
74
|
+
end
|
75
|
+
|
76
|
+
test 'should require a password with minimum of 6 characters' do
|
77
|
+
user = new_user(:password => '12345', :password_confirmation => '12345')
|
78
|
+
assert user.invalid?
|
79
|
+
assert user.errors[:password]
|
80
|
+
assert_equal 'is too short (minimum is 6 characters)', user.errors[:password]
|
81
|
+
end
|
82
|
+
|
83
|
+
test 'should require a password with maximum of 20 characters long' do
|
84
|
+
user = new_user(:password => 'x'*21, :password_confirmation => 'x'*21)
|
85
|
+
assert user.invalid?
|
86
|
+
assert user.errors[:password]
|
87
|
+
assert_equal 'is too long (maximum is 20 characters)', user.errors[:password]
|
88
|
+
end
|
89
|
+
|
90
|
+
test 'should not require password length when it\'s not changed' do
|
91
|
+
user = create_user.reload
|
92
|
+
user.password = user.password_confirmation = nil
|
93
|
+
assert user.valid?
|
94
|
+
user.password_confirmation = 'confirmation'
|
95
|
+
assert user.invalid?
|
96
|
+
assert user.errors[:password]
|
97
|
+
assert_not user.errors[:password].to_a.include?('is too short (minimum is 6 characters)')
|
98
|
+
end
|
99
|
+
end
|
@@ -0,0 +1,10 @@
|
|
1
|
+
# Filters added to this controller apply to all controllers in the application.
|
2
|
+
# Likewise, all the methods added will be available for all controllers.
|
3
|
+
|
4
|
+
class ApplicationController < ActionController::Base
|
5
|
+
helper :all # include all helpers, all the time
|
6
|
+
protect_from_forgery # See ActionController::RequestForgeryProtection for details
|
7
|
+
|
8
|
+
# Scrub sensitive parameters from your log
|
9
|
+
filter_parameter_logging :password
|
10
|
+
end
|
@@ -0,0 +1,110 @@
|
|
1
|
+
# Don't change this file!
|
2
|
+
# Configure your app in config/environment.rb and config/environments/*.rb
|
3
|
+
|
4
|
+
RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
|
5
|
+
|
6
|
+
module Rails
|
7
|
+
class << self
|
8
|
+
def boot!
|
9
|
+
unless booted?
|
10
|
+
preinitialize
|
11
|
+
pick_boot.run
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def booted?
|
16
|
+
defined? Rails::Initializer
|
17
|
+
end
|
18
|
+
|
19
|
+
def pick_boot
|
20
|
+
(vendor_rails? ? VendorBoot : GemBoot).new
|
21
|
+
end
|
22
|
+
|
23
|
+
def vendor_rails?
|
24
|
+
File.exist?("#{RAILS_ROOT}/vendor/rails")
|
25
|
+
end
|
26
|
+
|
27
|
+
def preinitialize
|
28
|
+
load(preinitializer_path) if File.exist?(preinitializer_path)
|
29
|
+
end
|
30
|
+
|
31
|
+
def preinitializer_path
|
32
|
+
"#{RAILS_ROOT}/config/preinitializer.rb"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
class Boot
|
37
|
+
def run
|
38
|
+
load_initializer
|
39
|
+
Rails::Initializer.run(:set_load_path)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
class VendorBoot < Boot
|
44
|
+
def load_initializer
|
45
|
+
require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
|
46
|
+
Rails::Initializer.run(:install_gem_spec_stubs)
|
47
|
+
Rails::GemDependency.add_frozen_gem_path
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
class GemBoot < Boot
|
52
|
+
def load_initializer
|
53
|
+
self.class.load_rubygems
|
54
|
+
load_rails_gem
|
55
|
+
require 'initializer'
|
56
|
+
end
|
57
|
+
|
58
|
+
def load_rails_gem
|
59
|
+
if version = self.class.gem_version
|
60
|
+
gem 'rails', version
|
61
|
+
else
|
62
|
+
gem 'rails'
|
63
|
+
end
|
64
|
+
rescue Gem::LoadError => load_error
|
65
|
+
$stderr.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
|
66
|
+
exit 1
|
67
|
+
end
|
68
|
+
|
69
|
+
class << self
|
70
|
+
def rubygems_version
|
71
|
+
Gem::RubyGemsVersion rescue nil
|
72
|
+
end
|
73
|
+
|
74
|
+
def gem_version
|
75
|
+
if defined? RAILS_GEM_VERSION
|
76
|
+
RAILS_GEM_VERSION
|
77
|
+
elsif ENV.include?('RAILS_GEM_VERSION')
|
78
|
+
ENV['RAILS_GEM_VERSION']
|
79
|
+
else
|
80
|
+
parse_gem_version(read_environment_rb)
|
81
|
+
end
|
82
|
+
end
|
83
|
+
|
84
|
+
def load_rubygems
|
85
|
+
min_version = '1.3.2'
|
86
|
+
require 'rubygems'
|
87
|
+
unless rubygems_version >= min_version
|
88
|
+
$stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
|
89
|
+
exit 1
|
90
|
+
end
|
91
|
+
|
92
|
+
rescue LoadError
|
93
|
+
$stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
|
94
|
+
exit 1
|
95
|
+
end
|
96
|
+
|
97
|
+
def parse_gem_version(text)
|
98
|
+
$1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
|
99
|
+
end
|
100
|
+
|
101
|
+
private
|
102
|
+
def read_environment_rb
|
103
|
+
File.read("#{RAILS_ROOT}/config/environment.rb")
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
# All that for this:
|
110
|
+
Rails.boot!
|