devise 0.1.1 → 0.2.0

data/test/active_record_test.rb

@@ -29,7 +29,10 @@ class Exceptable < User
 end
 
 class Configurable < User
-  devise :all, :stretches => 15, :pepper => 'abcdef'
+  devise :all, :stretches => 15,
+               :pepper => 'abcdef',
+               :confirm_in => 5.days,
+               :remember_for => 7.days
 end
 
 class ActiveRecordTest < ActiveSupport::TestCase
@@ -87,10 +90,22 @@ class ActiveRecordTest < ActiveSupport::TestCase
   end
 
   test 'set a default value for stretches' do
-    assert_equal 15, Configurable.new.send(:stretches)
+    assert_equal 15, Configurable.new.stretches
   end
 
   test 'set a default value for pepper' do
-    assert_equal 'abcdef', Configurable.new.send(:pepper)
+    assert_equal 'abcdef', Configurable.new.pepper
+  end
+
+  test 'set a default value for confirm_in' do
+    assert_equal 5.days, Configurable.new.confirm_in
+  end
+
+  test 'set a default value for remember_for' do
+    assert_equal 7.days, Configurable.new.remember_for
+  end
+
+  test 'set null fields on migrations' do
+    Admin.create!
   end
 end

data/test/failure_test.rb

@@ -0,0 +1,34 @@
+require 'test/test_helper'
+
+class FailureTest < ActiveSupport::TestCase
+
+  def call_failure(env_params={})
+    env = {'warden.options' => {:scope => :user}.update(env_params)}
+    Devise::Failure.call(env)
+  end
+
+  test 'return 302 status' do
+    assert_equal 302, call_failure.first
+  end
+
+  test 'return redirect location based on mapping with params' do
+    assert_equal '/users/sign_in', call_failure.second['Location']
+  end
+
+  test 'add params to redirect location' do
+    location = call_failure(:params => {:test => true}).second['Location']
+    assert_equal '/users/sign_in?test=true', location
+  end
+
+  test 'set content type to default text/plain' do
+    assert_equal 'text/plain', call_failure.second['Content-Type']
+  end
+
+  test 'setup a default message' do
+    assert_equal 'You are being redirected to /users/sign_in', call_failure.last
+  end
+
+  test 'pass in a different message' do
+    assert_equal 'Hello world', call_failure(:message => 'Hello world').last
+  end
+end

data/test/integration/authenticable_test.rb

@@ -81,8 +81,8 @@ class AuthenticationTest < ActionController::IntegrationTest
       fill_in 'email', :with => 'wrongemail@test.com'
     end
 
-    assert_response :success
-    assert_template 'sessions/new'
+    assert_redirected_to new_admin_session_path(:unauthenticated => true)
+    follow_redirect!
     assert_contain 'Invalid email or password'
     assert_not warden.authenticated?(:admin)
   end
@@ -92,8 +92,8 @@ class AuthenticationTest < ActionController::IntegrationTest
       fill_in 'password', :with => 'abcdef'
     end
 
-    assert_response :success
-    assert_template 'sessions/new'
+    assert_redirected_to new_admin_session_path(:unauthenticated => true)
+    follow_redirect!
     assert_contain 'Invalid email or password'
     assert_not warden.authenticated?(:admin)
   end
@@ -107,6 +107,7 @@ class AuthenticationTest < ActionController::IntegrationTest
         fill_in 'password', :with => 'abcdef'
       end
 
+      follow_redirect!
       assert_contain 'Invalid credentials'
     ensure
       I18n.reload!

data/test/integration/confirmable_test.rb

@@ -57,4 +57,33 @@ class ConfirmationTest < ActionController::IntegrationTest
 
     assert warden.authenticated?(:user)
   end
+
+  test 'not confirmed user and setup to block without confirmation should not be able to sign in' do
+    Devise.confirm_in = 0
+    user = sign_in_as_user(:confirm => false)
+
+    assert_redirected_to new_user_session_path(:unconfirmed => true)
+    assert_not warden.authenticated?(:user)
+  end
+
+  test 'not confirmed user but configured with some days to confirm should be able to sign in' do
+    Devise.confirm_in = 1
+    user = sign_in_as_user(:confirm => false)
+
+    assert_response :success
+    assert warden.authenticated?(:user)
+  end
+
+  test 'error message is configurable by resource name' do
+    begin
+      I18n.backend.store_translations(:en, :devise => { :sessions =>
+        { :admin => { :unconfirmed => "Not confirmed user" } } })
+
+      get new_admin_session_path(:unconfirmed => true)
+
+      assert_contain 'Not confirmed user'
+    ensure
+      I18n.reload!
+    end
+  end
 end

data/test/integration/rememberable_test.rb

@@ -3,6 +3,7 @@ require 'test/test_helper'
 class RememberMeTest < ActionController::IntegrationTest
 
   def create_user_and_remember(add_to_token='')
+    Devise.remember_for = 1
     user = create_user
     user.remember_me!
     cookies['remember_token'] = User.serialize_into_cookie(user) + add_to_token
@@ -36,6 +37,14 @@ class RememberMeTest < ActionController::IntegrationTest
     assert_not warden.authenticated?(:user)
   end
 
+  test 'do not remember with token expired' do
+    user = create_user_and_remember
+    Devise.remember_for = 0
+    get users_path
+    assert_response :success
+    assert_not warden.authenticated?(:user)
+  end
+
   test 'forget the user before sign out' do
     user = create_user_and_remember
     get users_path

data/test/models/authenticable_test.rb

@@ -15,26 +15,6 @@ class AuthenticableTest < ActiveSupport::TestCase
     assert user.respond_to?(:password_confirmation)
   end
 
-  test 'should have email acessible' do
-    assert field_accessible?(:email)
-  end
-
-  test 'should have password acessible' do
-    assert field_accessible?(:password)
-  end
-
-  test 'should have password confirmation accessible' do
-    assert field_accessible?(:password_confirmation)
-  end
-
-  test 'should not have password salt accessible' do
-    assert_not field_accessible?(:password_salt)
-  end
-
-  test 'should not have encrypted password accessible' do
-    assert_not field_accessible?(:encrypted_password)
-  end
-
   test 'should generate salt while setting password' do
     assert_present new_user.password_salt
     assert_present new_user(:password => nil).password_salt

data/test/models/confirmable_test.rb

@@ -6,18 +6,6 @@ class ConfirmableTest < ActiveSupport::TestCase
     setup_mailer
   end
 
-  test 'should not have confirmed at accessible' do
-    assert_not field_accessible?(:confirmed_at)
-  end
-
-  test 'should not have confirmation token accessible' do
-    assert_not field_accessible?(:confirmation_token)
-  end
-
-  test 'should not have confirmation sent at accessible' do
-    assert_not field_accessible?(:confirmation_sent_at)
-  end
-
   test 'should generate confirmation token after creating a record' do
     assert_nil new_user.confirmation_token
     assert_not_nil create_user.confirmation_token
@@ -203,4 +191,62 @@ class ConfirmableTest < ActiveSupport::TestCase
     assert user.errors[:email].present?
     assert_equal 'already confirmed', user.errors[:email]
   end
+
+  test 'confirm time should fallback to devise confirm in default configuration' do
+    begin
+      confirm_in = Devise.confirm_in
+      Devise.confirm_in = 1.day
+      user = new_user
+      user.confirmation_sent_at = 2.days.ago
+      assert_not user.active?
+      Devise.confirm_in = 3.days
+      assert user.active?
+    ensure
+      Devise.confirm_in = confirm_in
+    end
+  end
+
+  test 'should be active when confirmation sent at is not overpast' do
+    Devise.confirm_in = 5.days
+    user = create_user
+    user.confirmation_sent_at = 4.days.ago
+    assert user.active?
+  end
+
+  test 'should be active when already confirmed' do
+    user = create_user
+    assert_not user.confirmed?
+    assert_not user.active?
+    user.confirm!
+    assert user.confirmed?
+    assert user.active?
+  end
+
+  test 'should not be active when confirmation was sent within the limit' do
+    Devise.confirm_in = 5.days
+    user = create_user
+    user.confirmation_sent_at = 5.days.ago
+    assert_not user.active?
+  end
+
+  test 'should be active when confirm in is zero' do
+    Devise.confirm_in = 0.days
+    user = create_user
+    user.confirmation_sent_at = Date.today
+    assert_not user.active?
+  end
+
+  test 'should not be active when confirmation was sent before confirm in time' do
+    Devise.confirm_in = 4.days
+    user = create_user
+    user.confirmation_sent_at = 5.days.ago
+    assert_not user.active?
+  end
+
+  test 'should not be active without confirmation' do
+    user = create_user
+    user.update_attribute(:confirmation_sent_at, nil)
+    assert_not user.reload.active?
+  end
+
 end

data/test/models/recoverable_test.rb

@@ -6,10 +6,6 @@ class RecoverableTest < ActiveSupport::TestCase
     setup_mailer
   end
 
-  test 'should not have reset password token accessible' do
-    assert_not field_accessible?(:reset_password_token)
-  end
-
   test 'should not generate reset password token after creating a record' do
     assert_nil new_user.reset_password_token
     assert_nil create_user.reset_password_token

data/test/models/rememberable_test.rb

@@ -2,15 +2,15 @@ require 'test/test_helper'
 
 class RememberableTest < ActiveSupport::TestCase
 
+  def setup
+    Devise.remember_for = 1
+  end
+
   test 'should respond to remember_me attribute' do
     user = new_user
     assert user.respond_to?(:remember_me)
   end
 
-  test 'should have remember_me accessible' do
-    assert field_accessible?(:remember_me)
-  end
-
   test 'remember_me should generate a new token and save the record without validating' do
     user = create_user
     user.expects(:valid?).never
@@ -20,16 +20,32 @@ class RememberableTest < ActiveSupport::TestCase
     assert_not user.changed?
   end
 
+  test 'remember_me should calculate expires_at based on remember_for setup' do
+    user = create_user
+    assert_not user.remember_created_at?
+    user.remember_me!
+    assert user.remember_created_at?
+    assert_equal Date.today, user.remember_created_at.to_date
+  end
+
   test 'forget_me should clear remember token and save the record without validating' do
     user = create_user
     user.remember_me!
-    assert_not_nil user.remember_token
+    assert user.remember_token?
     user.expects(:valid?).never
     user.forget_me!
-    assert_nil user.remember_token
+    assert_not user.remember_token?
     assert_not user.changed?
   end
 
+  test 'forget_me should clear remember_expires_at' do
+    user = create_user
+    user.remember_me!
+    assert user.remember_created_at?
+    user.forget_me!
+    assert_not user.remember_created_at?
+  end
+
   test 'forget should do nothing if no remember token exists' do
     user = create_user
     user.expects(:save).never
@@ -45,6 +61,13 @@ class RememberableTest < ActiveSupport::TestCase
     assert_not user.valid_remember_token?(user.remember_token)
   end
 
+  test 'valid remember token should also verify if remember is not expired' do
+    user = create_user
+    user.remember_me!
+    user.update_attribute(:remember_created_at, 3.days.ago)
+    assert_not user.valid_remember_token?(user.remember_token)
+  end
+
   test 'serialize into cookie' do
     user = create_user
     user.remember_me!
@@ -65,4 +88,51 @@ class RememberableTest < ActiveSupport::TestCase
     user = create_user
     assert_nil User.serialize_from_cookie("#{user.id}::#{user.remember_token}123")
   end
+
+  test 'remember for should fallback to devise remember for default configuration' do
+    begin
+      remember_for = Devise.remember_for
+      user = create_user
+      Devise.remember_for = 1.day
+      user.remember_me!
+      assert_not user.remember_expired?
+      Devise.remember_for = 0.days
+      user.remember_me!
+      assert user.remember_expired?
+    ensure
+      Devise.remember_for = remember_for
+    end
+  end
+
+  test 'remember expires at should sum date of creation with remember for configuration' do
+    Devise.remember_for = 3.days
+    user = create_user
+    user.remember_me!
+    assert_equal 3.days.from_now.to_date, user.remember_expires_at.to_date
+    Devise.remember_for = 5.days
+    assert_equal 5.days.from_now.to_date, user.remember_expires_at.to_date
+  end
+
+  test 'remember should be expired if remember_for is zero' do
+    Devise.remember_for = 0.days
+    user = create_user
+    user.remember_me!
+    assert user.remember_expired?
+  end
+
+  test 'remember should be expired if it was created before limit time' do
+    Devise.remember_for = 1.day
+    user = create_user
+    user.remember_me!
+    user.update_attribute(:remember_created_at, 2.days.ago)
+    assert user.remember_expired?
+  end
+
+  test 'remember should not be expired if it was created whitin the limit time' do
+    Devise.remember_for = 30.days
+    user = create_user
+    user.remember_me!
+    user.update_attribute(:remember_created_at, 30.days.ago + 2.minutes)
+    assert_not user.remember_expired?
+  end
 end

data/test/rails_app/app/models/admin.rb

@@ -1,3 +1,3 @@
 class Admin < ActiveRecord::Base
-  devise :all, :except => [:recoverable, :confirmable, :rememberable]
+  devise :all, :except => [:recoverable, :confirmable, :rememberable, :validatable]
 end

data/test/support/model_tests_helper.rb

@@ -33,8 +33,4 @@ class ActiveSupport::TestCase
   def create_user(attributes={})
     User.create!(valid_attributes(attributes))
   end
-
-  def field_accessible?(field)
-    new_user(field => 'test').send(field) == 'test'
-  end
 end

data/test/test_helper.rb

@@ -16,7 +16,7 @@ ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":me
 ActiveRecord::Schema.define(:version => 1) do
   [:users, :admins].each do |table|
     create_table table do |t|
-      t.authenticable
+      t.authenticable :null => table == :admins
 
       if table == :users
         t.confirmable

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: devise
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors: 
 - "Jos\xC3\xA9 Valim"
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-10-21 00:00:00 -02:00
+date: 2009-10-24 00:00:00 -02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -21,7 +21,7 @@ dependencies:
     requirements: 
     - - ~>
       - !ruby/object:Gem::Version 
-        version: 0.5.0
+        version: 0.5.1
     version: 
 description: Flexible authentication solution for Rails with Warden
 email: contact@plataformatec.com.br
@@ -32,6 +32,7 @@ extensions: []
 extra_rdoc_files: 
 - README.rdoc
 files: 
+- CHANGELOG.rdoc
 - MIT-LICENSE
 - README.rdoc
 - Rakefile
@@ -47,12 +48,28 @@ files:
 - app/views/passwords/new.html.erb
 - app/views/sessions/new.html.erb
 - config/locales/en.yml
+- generators/devise/USAGE
+- generators/devise/devise_generator.rb
+- generators/devise/lib/route_devise.rb
+- generators/devise/templates/README
+- generators/devise/templates/migration.rb
+- generators/devise/templates/model.rb
+- generators/devise_views/USAGE
+- generators/devise_views/devise_views_generator.rb
+- generators/devise_views/templates/confirmations/new.html.erb
+- generators/devise_views/templates/notifier/confirmation_instructions.html.erb
+- generators/devise_views/templates/notifier/reset_password_instructions.html.erb
+- generators/devise_views/templates/passwords/edit.html.erb
+- generators/devise_views/templates/passwords/new.html.erb
+- generators/devise_views/templates/sessions/new.html.erb
 - init.rb
 - lib/devise.rb
 - lib/devise/active_record.rb
 - lib/devise/controllers/filters.rb
 - lib/devise/controllers/helpers.rb
 - lib/devise/controllers/url_helpers.rb
+- lib/devise/failure.rb
+- lib/devise/hooks/confirmable.rb
 - lib/devise/hooks/rememberable.rb
 - lib/devise/mapping.rb
 - lib/devise/migrations.rb
@@ -96,41 +113,42 @@ signing_key:
 specification_version: 3
 summary: Flexible authentication solution for Rails with Warden
 test_files: 
-- test/rails_app/config/boot.rb
-- test/rails_app/config/routes.rb
-- test/rails_app/config/environments/development.rb
-- test/rails_app/config/environments/production.rb
-- test/rails_app/config/environments/test.rb
-- test/rails_app/config/environment.rb
-- test/rails_app/config/initializers/session_store.rb
-- test/rails_app/config/initializers/new_rails_defaults.rb
-- test/rails_app/app/controllers/users_controller.rb
-- test/rails_app/app/controllers/application_controller.rb
-- test/rails_app/app/controllers/admins_controller.rb
-- test/rails_app/app/controllers/home_controller.rb
-- test/rails_app/app/helpers/application_helper.rb
-- test/rails_app/app/models/admin.rb
-- test/rails_app/app/models/organizer.rb
-- test/rails_app/app/models/account.rb
-- test/rails_app/app/models/user.rb
-- test/controllers/url_helpers_test.rb
-- test/controllers/helpers_test.rb
 - test/controllers/filters_test.rb
-- test/integration/authenticable_test.rb
+- test/controllers/helpers_test.rb
+- test/controllers/url_helpers_test.rb
+- test/models/validatable_test.rb
+- test/models/rememberable_test.rb
+- test/models/confirmable_test.rb
+- test/models/authenticable_test.rb
+- test/models/recoverable_test.rb
 - test/integration/rememberable_test.rb
-- test/integration/recoverable_test.rb
 - test/integration/confirmable_test.rb
-- test/mailers/confirmation_instructions_test.rb
+- test/integration/authenticable_test.rb
+- test/integration/recoverable_test.rb
+- test/active_record_test.rb
+- test/test_helper.rb
 - test/mailers/reset_password_instructions_test.rb
-- test/models/authenticable_test.rb
-- test/models/rememberable_test.rb
-- test/models/recoverable_test.rb
-- test/models/validatable_test.rb
-- test/models/confirmable_test.rb
+- test/mailers/confirmation_instructions_test.rb
+- test/failure_test.rb
+- test/routes_test.rb
+- test/rails_app/app/controllers/admins_controller.rb
+- test/rails_app/app/controllers/home_controller.rb
+- test/rails_app/app/controllers/users_controller.rb
+- test/rails_app/app/controllers/application_controller.rb
+- test/rails_app/app/models/account.rb
+- test/rails_app/app/models/user.rb
+- test/rails_app/app/models/admin.rb
+- test/rails_app/app/models/organizer.rb
+- test/rails_app/app/helpers/application_helper.rb
+- test/rails_app/config/boot.rb
+- test/rails_app/config/environments/production.rb
+- test/rails_app/config/environments/development.rb
+- test/rails_app/config/environments/test.rb
+- test/rails_app/config/initializers/new_rails_defaults.rb
+- test/rails_app/config/initializers/session_store.rb
+- test/rails_app/config/routes.rb
+- test/rails_app/config/environment.rb
+- test/mapping_test.rb
 - test/support/model_tests_helper.rb
 - test/support/assertions_helper.rb
 - test/support/integration_tests_helper.rb
-- test/routes_test.rb
-- test/test_helper.rb
-- test/mapping_test.rb
-- test/active_record_test.rb