devise 1.5.4 → 2.0.0.rc
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/.gitignore +0 -2
- data/CHANGELOG.rdoc +18 -7
- data/Gemfile.lock +168 -0
- data/README.rdoc +2 -0
- data/app/controllers/devise/registrations_controller.rb +6 -1
- data/app/controllers/devise/unlocks_controller.rb +1 -2
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/config/locales/en.yml +1 -0
- data/lib/devise.rb +41 -22
- data/lib/devise/controllers/internal_helpers.rb +9 -2
- data/lib/devise/models/authenticatable.rb +30 -12
- data/lib/devise/models/confirmable.rb +73 -18
- data/lib/devise/models/database_authenticatable.rb +0 -11
- data/lib/devise/models/recoverable.rb +5 -5
- data/lib/devise/models/rememberable.rb +5 -20
- data/lib/devise/models/timeoutable.rb +1 -3
- data/lib/devise/models/token_authenticatable.rb +1 -4
- data/lib/devise/models/validatable.rb +1 -1
- data/lib/devise/orm/active_record.rb +6 -0
- data/lib/devise/param_filter.rb +2 -1
- data/lib/devise/rails.rb +31 -0
- data/lib/devise/schema.rb +5 -0
- data/lib/devise/strategies/authenticatable.rb +12 -8
- data/lib/devise/strategies/token_authenticatable.rb +3 -3
- data/lib/devise/version.rb +1 -1
- data/lib/generators/active_record/devise_generator.rb +40 -2
- data/lib/generators/active_record/templates/migration.rb +1 -9
- data/lib/generators/active_record/templates/migration_existing.rb +1 -9
- data/lib/generators/mongoid/devise_generator.rb +43 -0
- data/lib/generators/templates/devise.rb +15 -9
- data/test/controllers/internal_helpers_test.rb +4 -2
- data/test/devise_test.rb +2 -2
- data/test/integration/confirmable_test.rb +55 -3
- data/test/integration/http_authenticatable_test.rb +16 -1
- data/test/integration/lockable_test.rb +3 -3
- data/test/integration/registerable_test.rb +32 -1
- data/test/integration/rememberable_test.rb +0 -50
- data/test/integration/token_authenticatable_test.rb +2 -2
- data/test/integration/trackable_test.rb +1 -1
- data/test/mapping_test.rb +2 -3
- data/test/models/confirmable_test.rb +86 -8
- data/test/models/database_authenticatable_test.rb +6 -6
- data/test/models/encryptable_test.rb +1 -1
- data/test/models/recoverable_test.rb +0 -27
- data/test/models/rememberable_test.rb +41 -160
- data/test/models/serializable_test.rb +1 -1
- data/test/models_test.rb +7 -7
- data/test/rails_app/app/mongoid/admin.rb +22 -1
- data/test/rails_app/app/mongoid/user.rb +35 -0
- data/test/rails_app/config/initializers/devise.rb +6 -7
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +58 -12
- data/test/rails_app/lib/shared_admin.rb +5 -2
- data/test/support/assertions.rb +4 -1
- data/test/support/integration.rb +3 -1
- data/test/test_helpers_test.rb +2 -2
- metadata +21 -39
- data/test/models/authenticatable_test.rb +0 -9
- data/test/schema_test.rb +0 -33
|
@@ -25,7 +25,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
test 'authenticate with valid authentication token key but does not store if stateless' do
|
|
28
|
-
swap Devise, :token_authentication_key => :secret_token, :
|
|
28
|
+
swap Devise, :token_authentication_key => :secret_token, :skip_session_storage => [:token_auth] do
|
|
29
29
|
sign_in_as_new_user_with_token
|
|
30
30
|
assert warden.authenticated?(:user)
|
|
31
31
|
|
|
@@ -88,7 +88,7 @@ class TokenAuthenticationTest < ActionController::IntegrationTest
|
|
|
88
88
|
end
|
|
89
89
|
|
|
90
90
|
test 'authenticate with valid authentication token key and do not store if stateless and timeoutable are enabled' do
|
|
91
|
-
swap Devise, :token_authentication_key => :secret_token, :
|
|
91
|
+
swap Devise, :token_authentication_key => :secret_token, :skip_session_storage => [:token_auth], :timeout_in => (0.1).second do
|
|
92
92
|
user = sign_in_as_new_user_with_token
|
|
93
93
|
assert warden.authenticated?(:user)
|
|
94
94
|
|
|
@@ -63,7 +63,7 @@ class TrackableHooksTest < ActionController::IntegrationTest
|
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
test "does not update anything if user has signed out along the way" do
|
|
66
|
-
swap Devise, :
|
|
66
|
+
swap Devise, :allow_unconfirmed_access_for => 0 do
|
|
67
67
|
user = create_user(:confirm => false)
|
|
68
68
|
sign_in_as_user
|
|
69
69
|
|
data/test/mapping_test.rb
CHANGED
|
@@ -51,12 +51,12 @@ class MappingTest < ActiveSupport::TestCase
|
|
|
51
51
|
|
|
52
52
|
test 'has strategies depending on the model declaration' do
|
|
53
53
|
assert_equal [:rememberable, :token_authenticatable, :database_authenticatable], Devise.mappings[:user].strategies
|
|
54
|
-
assert_equal [:
|
|
54
|
+
assert_equal [:database_authenticatable], Devise.mappings[:admin].strategies
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
test 'has no input strategies depending on the model declaration' do
|
|
58
58
|
assert_equal [:rememberable, :token_authenticatable], Devise.mappings[:user].no_input_strategies
|
|
59
|
-
assert_equal [
|
|
59
|
+
assert_equal [], Devise.mappings[:admin].no_input_strategies
|
|
60
60
|
end
|
|
61
61
|
|
|
62
62
|
test 'find scope for a given object' do
|
|
@@ -108,7 +108,6 @@ class MappingTest < ActiveSupport::TestCase
|
|
|
108
108
|
assert mapping.authenticatable?
|
|
109
109
|
assert mapping.recoverable?
|
|
110
110
|
assert mapping.lockable?
|
|
111
|
-
assert_not mapping.confirmable?
|
|
112
111
|
assert_not mapping.omniauthable?
|
|
113
112
|
end
|
|
114
113
|
|
|
@@ -80,8 +80,8 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
|
80
80
|
end
|
|
81
81
|
|
|
82
82
|
test 'should send confirmation instructions by email' do
|
|
83
|
-
assert_email_sent do
|
|
84
|
-
create_user
|
|
83
|
+
assert_email_sent "mynewuser@example.com" do
|
|
84
|
+
create_user :email => "mynewuser@example.com"
|
|
85
85
|
end
|
|
86
86
|
end
|
|
87
87
|
|
|
@@ -123,7 +123,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
|
123
123
|
|
|
124
124
|
test 'should send email instructions for the user confirm its email' do
|
|
125
125
|
user = create_user
|
|
126
|
-
assert_email_sent do
|
|
126
|
+
assert_email_sent user.email do
|
|
127
127
|
User.send_confirmation_instructions(:email => user.email)
|
|
128
128
|
end
|
|
129
129
|
end
|
|
@@ -164,19 +164,19 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
|
164
164
|
end
|
|
165
165
|
|
|
166
166
|
test 'confirm time should fallback to devise confirm in default configuration' do
|
|
167
|
-
swap Devise, :
|
|
167
|
+
swap Devise, :allow_unconfirmed_access_for => 1.day do
|
|
168
168
|
user = new_user
|
|
169
169
|
user.confirmation_sent_at = 2.days.ago
|
|
170
170
|
assert_not user.active_for_authentication?
|
|
171
171
|
|
|
172
|
-
Devise.
|
|
172
|
+
Devise.allow_unconfirmed_access_for = 3.days
|
|
173
173
|
assert user.active_for_authentication?
|
|
174
174
|
end
|
|
175
175
|
end
|
|
176
176
|
|
|
177
177
|
test 'should be active when confirmation sent at is not overpast' do
|
|
178
|
-
swap Devise, :
|
|
179
|
-
Devise.
|
|
178
|
+
swap Devise, :allow_unconfirmed_access_for => 5.days do
|
|
179
|
+
Devise.allow_unconfirmed_access_for = 5.days
|
|
180
180
|
user = create_user
|
|
181
181
|
|
|
182
182
|
user.confirmation_sent_at = 4.days.ago
|
|
@@ -198,7 +198,7 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
|
198
198
|
end
|
|
199
199
|
|
|
200
200
|
test 'should not be active when confirm in is zero' do
|
|
201
|
-
Devise.
|
|
201
|
+
Devise.allow_unconfirmed_access_for = 0.days
|
|
202
202
|
user = create_user
|
|
203
203
|
user.confirmation_sent_at = Date.today
|
|
204
204
|
assert_not user.active_for_authentication?
|
|
@@ -236,3 +236,81 @@ class ConfirmableTest < ActiveSupport::TestCase
|
|
|
236
236
|
end
|
|
237
237
|
end
|
|
238
238
|
end
|
|
239
|
+
|
|
240
|
+
class ReconfirmableTest < ActiveSupport::TestCase
|
|
241
|
+
test 'should generate confirmation token after changing email' do
|
|
242
|
+
admin = create_admin
|
|
243
|
+
assert admin.confirm!
|
|
244
|
+
assert_nil admin.confirmation_token
|
|
245
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
246
|
+
assert_not_nil admin.confirmation_token
|
|
247
|
+
end
|
|
248
|
+
|
|
249
|
+
test 'should send confirmation instructions by email after changing email' do
|
|
250
|
+
admin = create_admin
|
|
251
|
+
assert admin.confirm!
|
|
252
|
+
assert_email_sent "new_test@example.com" do
|
|
253
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
254
|
+
end
|
|
255
|
+
end
|
|
256
|
+
|
|
257
|
+
test 'should not send confirmation by email after changing password' do
|
|
258
|
+
admin = create_admin
|
|
259
|
+
assert admin.confirm!
|
|
260
|
+
assert_email_not_sent do
|
|
261
|
+
assert admin.update_attributes(:password => 'newpass', :password_confirmation => 'newpass')
|
|
262
|
+
end
|
|
263
|
+
end
|
|
264
|
+
|
|
265
|
+
test 'should stay confirmed when email is changed' do
|
|
266
|
+
admin = create_admin
|
|
267
|
+
assert admin.confirm!
|
|
268
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
269
|
+
assert admin.confirmed?
|
|
270
|
+
end
|
|
271
|
+
|
|
272
|
+
test 'should update email only when it is confirmed' do
|
|
273
|
+
admin = create_admin
|
|
274
|
+
assert admin.confirm!
|
|
275
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
276
|
+
assert_not_equal 'new_test@example.com', admin.email
|
|
277
|
+
assert admin.confirm!
|
|
278
|
+
assert_equal 'new_test@example.com', admin.email
|
|
279
|
+
end
|
|
280
|
+
|
|
281
|
+
test 'should not allow admin to get past confirmation email by resubmitting their new address' do
|
|
282
|
+
admin = create_admin
|
|
283
|
+
assert admin.confirm!
|
|
284
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
285
|
+
assert_not_equal 'new_test@example.com', admin.email
|
|
286
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
287
|
+
assert_not_equal 'new_test@example.com', admin.email
|
|
288
|
+
end
|
|
289
|
+
|
|
290
|
+
test 'should find a admin by send confirmation instructions with unconfirmed_email' do
|
|
291
|
+
admin = create_admin
|
|
292
|
+
assert admin.confirm!
|
|
293
|
+
assert admin.update_attributes(:email => 'new_test@example.com')
|
|
294
|
+
confirmation_admin = Admin.send_confirmation_instructions(:email => admin.unconfirmed_email)
|
|
295
|
+
assert_equal confirmation_admin, admin
|
|
296
|
+
end
|
|
297
|
+
|
|
298
|
+
test 'should return a new admin if no email or unconfirmed_email was found' do
|
|
299
|
+
confirmation_admin = Admin.send_confirmation_instructions(:email => "invalid@email.com")
|
|
300
|
+
assert_not confirmation_admin.persisted?
|
|
301
|
+
end
|
|
302
|
+
|
|
303
|
+
test 'should add error to new admin email if no email or unconfirmed_email was found' do
|
|
304
|
+
confirmation_admin = Admin.send_confirmation_instructions(:email => "invalid@email.com")
|
|
305
|
+
assert confirmation_admin.errors[:email]
|
|
306
|
+
assert_equal "not found", confirmation_admin.errors[:email].join
|
|
307
|
+
end
|
|
308
|
+
|
|
309
|
+
test 'should find admin with email in unconfirmed_emails' do
|
|
310
|
+
admin = create_admin
|
|
311
|
+
admin.unconfirmed_email = "new_test@email.com"
|
|
312
|
+
assert admin.save
|
|
313
|
+
admin = Admin.find_by_unconfirmed_email_with_errors(:email => "new_test@email.com")
|
|
314
|
+
assert admin.persisted?
|
|
315
|
+
end
|
|
316
|
+
end
|
|
@@ -11,7 +11,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
11
11
|
user.save!
|
|
12
12
|
assert_equal email.downcase, user.email
|
|
13
13
|
end
|
|
14
|
-
|
|
14
|
+
|
|
15
15
|
test 'should remove whitespace from strip whitespace keys when saving' do
|
|
16
16
|
# strip_whitespace_keys is set to :email by default.
|
|
17
17
|
email = ' foo@bar.com '
|
|
@@ -23,9 +23,9 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "param filter should not convert booleans and integer to strings" do
|
|
26
|
-
conditions = {
|
|
26
|
+
conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
|
|
27
27
|
conditions = Devise::ParamFilter.new([], []).filter(conditions)
|
|
28
|
-
assert_equal( {
|
|
28
|
+
assert_equal( { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => "1..10" }, conditions)
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
test 'should respond to password and password confirmation' do
|
|
@@ -86,14 +86,14 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
86
86
|
:password => 'pass321', :password_confirmation => 'pass321')
|
|
87
87
|
assert user.reload.valid_password?('pass321')
|
|
88
88
|
end
|
|
89
|
-
|
|
89
|
+
|
|
90
90
|
test 'should update password with valid current password and :as option' do
|
|
91
91
|
user = create_user
|
|
92
92
|
assert user.update_with_password(:current_password => '123456',
|
|
93
93
|
:password => 'pass321', :password_confirmation => 'pass321', :as => :admin)
|
|
94
94
|
assert user.reload.valid_password?('pass321')
|
|
95
95
|
end
|
|
96
|
-
|
|
96
|
+
|
|
97
97
|
test 'should add an error to current password when it is invalid' do
|
|
98
98
|
user = create_user
|
|
99
99
|
assert_not user.update_with_password(:current_password => 'other',
|
|
@@ -145,7 +145,7 @@ class DatabaseAuthenticatableTest < ActiveSupport::TestCase
|
|
|
145
145
|
user.update_without_password(:email => 'new@example.com')
|
|
146
146
|
assert_equal 'new@example.com', user.email
|
|
147
147
|
end
|
|
148
|
-
|
|
148
|
+
|
|
149
149
|
test 'should update the user without password with :as option' do
|
|
150
150
|
user = create_user
|
|
151
151
|
user.update_without_password(:email => 'new@example.com', :as => :admin)
|
|
@@ -31,7 +31,7 @@ class EncryptableTest < ActiveSupport::TestCase
|
|
|
31
31
|
|
|
32
32
|
test 'should generate a base64 hash using SecureRandom for password salt' do
|
|
33
33
|
swap_with_encryptor Admin, :sha1 do
|
|
34
|
-
SecureRandom.expects(:base64).with(15).returns('01lI')
|
|
34
|
+
SecureRandom.expects(:base64).with(15).returns('01lI').twice
|
|
35
35
|
salt = create_admin.password_salt
|
|
36
36
|
assert_not_equal '01lI', salt
|
|
37
37
|
assert_equal 4, salt.size
|
|
@@ -195,31 +195,4 @@ class RecoverableTest < ActiveSupport::TestCase
|
|
|
195
195
|
assert_equal "has expired, please request a new one", reset_password_user.errors[:reset_password_token].join
|
|
196
196
|
end
|
|
197
197
|
end
|
|
198
|
-
|
|
199
|
-
test 'should save the model when the reset_password_sent_at doesnt exist' do
|
|
200
|
-
user = create_user
|
|
201
|
-
def user.respond_to?(meth, *)
|
|
202
|
-
if meth == :reset_password_sent_at=
|
|
203
|
-
false
|
|
204
|
-
else
|
|
205
|
-
super
|
|
206
|
-
end
|
|
207
|
-
end
|
|
208
|
-
user.send_reset_password_instructions
|
|
209
|
-
user.reload
|
|
210
|
-
assert_not_nil user.reset_password_token
|
|
211
|
-
end
|
|
212
|
-
|
|
213
|
-
test 'should have valid period if does not respond to reset_password_sent_at' do
|
|
214
|
-
user = create_user
|
|
215
|
-
def user.respond_to?(meth, *)
|
|
216
|
-
if meth == :reset_password_sent_at
|
|
217
|
-
false
|
|
218
|
-
else
|
|
219
|
-
super
|
|
220
|
-
end
|
|
221
|
-
end
|
|
222
|
-
assert user.reset_password_period_valid?
|
|
223
|
-
end
|
|
224
|
-
|
|
225
198
|
end
|
|
@@ -1,7 +1,46 @@
|
|
|
1
1
|
require 'test_helper'
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
3
|
+
class RememberableTest < ActiveSupport::TestCase
|
|
4
|
+
def resource_class
|
|
5
|
+
User
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
def create_resource
|
|
9
|
+
create_user
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
test 'remember_me should not generate a new token if using salt' do
|
|
13
|
+
user = create_user
|
|
14
|
+
user.expects(:valid?).never
|
|
15
|
+
user.remember_me!
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
test 'forget_me should not clear remember token if using salt' do
|
|
19
|
+
user = create_user
|
|
20
|
+
user.remember_me!
|
|
21
|
+
user.expects(:valid?).never
|
|
22
|
+
user.forget_me!
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
test 'serialize into cookie' do
|
|
26
|
+
user = create_user
|
|
27
|
+
user.remember_me!
|
|
28
|
+
assert_equal [user.to_key, user.authenticatable_salt], User.serialize_into_cookie(user)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
test 'serialize from cookie' do
|
|
32
|
+
user = create_user
|
|
33
|
+
user.remember_me!
|
|
34
|
+
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
test 'raises a RuntimeError if authenticatable_salt is nil' do
|
|
38
|
+
user = User.new
|
|
39
|
+
user.encrypted_password = nil
|
|
40
|
+
assert_raise RuntimeError do
|
|
41
|
+
user.rememberable_value
|
|
42
|
+
end
|
|
43
|
+
end
|
|
5
44
|
|
|
6
45
|
test 'should respond to remember_me attribute' do
|
|
7
46
|
assert resource_class.new.respond_to?(:remember_me)
|
|
@@ -127,161 +166,3 @@ module SharedRememberableTest
|
|
|
127
166
|
end
|
|
128
167
|
end
|
|
129
168
|
end
|
|
130
|
-
|
|
131
|
-
class RememberableTest < ActiveSupport::TestCase
|
|
132
|
-
include SharedRememberableTest
|
|
133
|
-
|
|
134
|
-
def resource_class
|
|
135
|
-
Admin
|
|
136
|
-
end
|
|
137
|
-
|
|
138
|
-
def create_resource
|
|
139
|
-
create_admin
|
|
140
|
-
end
|
|
141
|
-
|
|
142
|
-
test 'remember_me should generate a new token and save the record without validating' do
|
|
143
|
-
admin = create_admin
|
|
144
|
-
admin.expects(:valid?).never
|
|
145
|
-
token = admin.remember_token
|
|
146
|
-
admin.remember_me!
|
|
147
|
-
assert_not_equal token, admin.remember_token
|
|
148
|
-
assert_not admin.changed?
|
|
149
|
-
end
|
|
150
|
-
|
|
151
|
-
test 'forget_me should clear remember token and save the record without validating' do
|
|
152
|
-
admin = create_admin
|
|
153
|
-
admin.remember_me!
|
|
154
|
-
assert_not admin.remember_token.nil?
|
|
155
|
-
admin.expects(:valid?).never
|
|
156
|
-
admin.forget_me!
|
|
157
|
-
assert admin.remember_token.nil?
|
|
158
|
-
assert_not admin.changed?
|
|
159
|
-
end
|
|
160
|
-
|
|
161
|
-
test 'serialize into cookie' do
|
|
162
|
-
admin = create_admin
|
|
163
|
-
admin.remember_me!
|
|
164
|
-
assert_equal [admin.to_key, admin.remember_token], Admin.serialize_into_cookie(admin)
|
|
165
|
-
end
|
|
166
|
-
|
|
167
|
-
test 'serialize from cookie' do
|
|
168
|
-
admin = create_admin
|
|
169
|
-
admin.remember_me!
|
|
170
|
-
assert_equal admin, Admin.serialize_from_cookie(admin.to_key, admin.remember_token)
|
|
171
|
-
end
|
|
172
|
-
|
|
173
|
-
test 'if remember_across_browsers is true, remember_me! should create a new token if no token exists' do
|
|
174
|
-
swap Devise, :remember_across_browsers => true, :remember_for => 1.year do
|
|
175
|
-
admin = create_admin
|
|
176
|
-
assert_equal nil, admin.remember_token
|
|
177
|
-
admin.remember_me!
|
|
178
|
-
assert_not_equal nil, admin.remember_token
|
|
179
|
-
end
|
|
180
|
-
end
|
|
181
|
-
|
|
182
|
-
test 'if remember_across_browsers is true, remember_me! should create a new token if a token exists but has expired' do
|
|
183
|
-
swap Devise, :remember_across_browsers => true, :remember_for => 1.day do
|
|
184
|
-
admin = create_admin
|
|
185
|
-
admin.remember_me!
|
|
186
|
-
admin.remember_created_at = 2.days.ago
|
|
187
|
-
admin.save
|
|
188
|
-
token = admin.remember_token
|
|
189
|
-
admin.remember_me!
|
|
190
|
-
assert_not_equal token, admin.remember_token
|
|
191
|
-
end
|
|
192
|
-
end
|
|
193
|
-
|
|
194
|
-
test 'if remember_across_browsers is true, remember_me! should not create a new token if a token exists and has not expired' do
|
|
195
|
-
swap Devise, :remember_across_browsers => true, :remember_for => 2.days do
|
|
196
|
-
admin = create_admin
|
|
197
|
-
admin.remember_me!
|
|
198
|
-
admin.remember_created_at = 1.day.ago
|
|
199
|
-
admin.save
|
|
200
|
-
token = admin.remember_token
|
|
201
|
-
admin.remember_me!
|
|
202
|
-
assert_equal token, admin.remember_token
|
|
203
|
-
end
|
|
204
|
-
end
|
|
205
|
-
|
|
206
|
-
test 'if remember_across_browsers is false, remember_me! should create a new token if no token exists' do
|
|
207
|
-
swap Devise, :remember_across_browsers => false do
|
|
208
|
-
admin = create_admin
|
|
209
|
-
assert_equal nil, admin.remember_token
|
|
210
|
-
admin.remember_me!
|
|
211
|
-
assert_not_equal nil, admin.remember_token
|
|
212
|
-
end
|
|
213
|
-
end
|
|
214
|
-
|
|
215
|
-
test 'if remember_across_browsers is false, remember_me! should create a new token if a token exists but has expired' do
|
|
216
|
-
swap Devise, :remember_across_browsers => false, :remember_for => 1.day do
|
|
217
|
-
admin = create_admin
|
|
218
|
-
admin.remember_me!
|
|
219
|
-
admin.remember_created_at = 2.days.ago
|
|
220
|
-
admin.save
|
|
221
|
-
token = admin.remember_token
|
|
222
|
-
admin.remember_me!
|
|
223
|
-
assert_not_equal token, admin.remember_token
|
|
224
|
-
end
|
|
225
|
-
end
|
|
226
|
-
|
|
227
|
-
test 'if remember_across_browsers is false, remember_me! should create a new token if a token exists and has not expired' do
|
|
228
|
-
swap Devise, :remember_across_browsers => false, :remember_for => 2.days do
|
|
229
|
-
admin = create_admin
|
|
230
|
-
admin.remember_me!
|
|
231
|
-
admin.remember_created_at = 1.day.ago
|
|
232
|
-
admin.save
|
|
233
|
-
token = admin.remember_token
|
|
234
|
-
admin.remember_me!
|
|
235
|
-
assert_not_equal token, admin.remember_token
|
|
236
|
-
end
|
|
237
|
-
end
|
|
238
|
-
end
|
|
239
|
-
|
|
240
|
-
class WithSaltRememberableTest < ActiveSupport::TestCase
|
|
241
|
-
include SharedRememberableTest
|
|
242
|
-
|
|
243
|
-
setup do
|
|
244
|
-
assert_not User.new.respond_to?(:remember_token)
|
|
245
|
-
end
|
|
246
|
-
|
|
247
|
-
def resource_class
|
|
248
|
-
User
|
|
249
|
-
end
|
|
250
|
-
|
|
251
|
-
def create_resource
|
|
252
|
-
create_user
|
|
253
|
-
end
|
|
254
|
-
|
|
255
|
-
test 'remember_me should not generate a new token if using salt' do
|
|
256
|
-
user = create_user
|
|
257
|
-
user.expects(:valid?).never
|
|
258
|
-
user.remember_me!
|
|
259
|
-
end
|
|
260
|
-
|
|
261
|
-
test 'forget_me should not clear remember token if using salt' do
|
|
262
|
-
user = create_user
|
|
263
|
-
user.remember_me!
|
|
264
|
-
user.expects(:valid?).never
|
|
265
|
-
user.forget_me!
|
|
266
|
-
end
|
|
267
|
-
|
|
268
|
-
test 'serialize into cookie' do
|
|
269
|
-
user = create_user
|
|
270
|
-
user.remember_me!
|
|
271
|
-
assert_equal [user.to_key, user.authenticatable_salt], User.serialize_into_cookie(user)
|
|
272
|
-
end
|
|
273
|
-
|
|
274
|
-
test 'serialize from cookie' do
|
|
275
|
-
user = create_user
|
|
276
|
-
user.remember_me!
|
|
277
|
-
assert_equal user, User.serialize_from_cookie(user.to_key, user.authenticatable_salt)
|
|
278
|
-
end
|
|
279
|
-
|
|
280
|
-
test 'raises a RuntimeError if authenticatable_salt is nil' do
|
|
281
|
-
user = User.new
|
|
282
|
-
user.encrypted_password = nil
|
|
283
|
-
assert_raise RuntimeError do
|
|
284
|
-
user.rememberable_value
|
|
285
|
-
end
|
|
286
|
-
end
|
|
287
|
-
end
|