RubyGems - devise - Versions diffs - 2.1.0.rc → 2.1.0.rc2 - Mend

devise 2.1.0.rc → 2.1.0.rc2

Potentially problematic release.

This version of devise might be problematic. Click here for more details.

Files changed (65) hide show

data/CHANGELOG.rdoc +23 -1
data/Gemfile +1 -1
data/Gemfile.lock +4 -6
data/MIT-LICENSE +1 -1
data/README.md +7 -3
data/Rakefile +1 -1
data/app/controllers/devise/sessions_controller.rb +2 -4
data/app/controllers/devise/unlocks_controller.rb +15 -2
data/app/controllers/devise_controller.rb +24 -11
data/devise.gemspec +1 -1
data/gemfiles/Gemfile.rails-3.1.x +1 -1
data/gemfiles/Gemfile.rails-3.1.x.lock +38 -40
data/lib/devise.rb +13 -55
data/lib/devise/controllers/helpers.rb +0 -5
data/lib/devise/failure_app.rb +3 -1
data/lib/devise/hooks/lockable.rb +7 -0
data/lib/devise/hooks/timeoutable.rb +1 -0
data/lib/devise/models.rb +9 -3
data/lib/devise/models/authenticatable.rb +13 -3
data/lib/devise/models/confirmable.rb +2 -5
data/lib/devise/models/database_authenticatable.rb +4 -6
data/lib/devise/models/lockable.rb +6 -6
data/lib/devise/models/rememberable.rb +3 -3
data/lib/devise/models/token_authenticatable.rb +4 -1
data/lib/devise/modules.rb +0 -1
data/lib/devise/orm/active_record.rb +1 -42
data/lib/devise/orm/mongoid.rb +1 -29
data/lib/devise/rails.rb +1 -58
data/lib/devise/rails/routes.rb +1 -1
data/lib/devise/rails/warden_compat.rb +10 -4
data/lib/devise/strategies/rememberable.rb +1 -1
data/lib/devise/test_helpers.rb +48 -9
data/lib/devise/version.rb +1 -1
data/lib/generators/active_record/devise_generator.rb +8 -4
data/lib/generators/devise/orm_helpers.rb +2 -1
data/lib/generators/mongoid/devise_generator.rb +0 -3
data/lib/generators/templates/devise.rb +1 -8
data/test/controllers/custom_strategy_test.rb +62 -0
data/test/controllers/sessions_controller_test.rb +21 -1
data/test/failure_app_test.rb +13 -3
data/test/generators/active_record_generator_test.rb +32 -0
data/test/integration/authenticatable_test.rb +2 -2
data/test/integration/recoverable_test.rb +13 -0
data/test/integration/token_authenticatable_test.rb +13 -0
data/test/models/lockable_test.rb +0 -9
data/test/models/rememberable_test.rb +1 -2
data/test/models_test.rb +5 -5
data/test/rails_app/app/mongoid/admin.rb +0 -3
data/test/rails_app/app/mongoid/user.rb +0 -3
data/test/rails_app/config/initializers/devise.rb +0 -15
data/test/rails_app/config/routes.rb +1 -0
data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -6
data/test/rails_app/lib/shared_admin.rb +1 -1
metadata +17 -24
data/lib/devise/encryptors/authlogic_sha512.rb +0 -19
data/lib/devise/encryptors/base.rb +0 -24
data/lib/devise/encryptors/bcrypt.rb +0 -14
data/lib/devise/encryptors/clearance_sha1.rb +0 -17
data/lib/devise/encryptors/restful_authentication_sha1.rb +0 -22
data/lib/devise/encryptors/sha1.rb +0 -25
data/lib/devise/encryptors/sha512.rb +0 -25
data/lib/devise/models/encryptable.rb +0 -80
data/lib/devise/schema.rb +0 -109
data/test/encryptors_test.rb +0 -30
data/test/models/encryptable_test.rb +0 -73

data/lib/devise/schema.rb DELETED Viewed

@@ -1,109 +0,0 @@
-module Devise
-  # Holds devise schema information. To use it, just include its methods
-  # and overwrite the apply_schema method.
-  module Schema
-    # Creates encrypted_password, and email when it is used as an authentication
-    # key (default).
-    #
-    # == Options
-    # * :null - When true, allow columns to be null.
-    # * :default - Set to "" when :null is false, unless overridden.
-    #
-    # == Notes
-    # For Datamapper compatibility, we explicitly hardcode the limit for the
-    # encrypter password field in 128 characters.
-    def database_authenticatable(options={})
-      null    = options[:null] || false
-      default = options.key?(:default) ? options[:default] : ("" if null == false)
-      include_email = !respond_to?(:authentication_keys) || self.authentication_keys.include?(:email)
-      apply_devise_schema :email,              String, :null => null, :default => default if include_email
-      apply_devise_schema :encrypted_password, String, :null => null, :default => default, :limit => 128
-    end
-    # Creates password salt for encryption support when using encryptors other
-    # than the database_authenticable default of bcrypt.
-    def encryptable
-      apply_devise_schema :password_salt, String
-    end
-    # Creates authentication_token.
-    def token_authenticatable
-      apply_devise_schema :authentication_token, String
-    end
-    # Creates confirmation_token, confirmed_at and confirmation_sent_at.
-    def confirmable
-      apply_devise_schema :confirmation_token,   String
-      apply_devise_schema :confirmed_at,         DateTime
-      apply_devise_schema :confirmation_sent_at, DateTime
-    end
-    # Creates unconfirmed_email
-    def reconfirmable
-      apply_devise_schema :unconfirmed_email,    String
-    end
-    # Creates reset_password_token and reset_password_sent_at.
-    #
-    # == Options
-    # * :reset_within - When true, adds a column that reset passwords within some date
-    def recoverable(options={})
-      use_within = options.fetch(:reset_within, Devise.reset_password_within.present?)
-      apply_devise_schema :reset_password_token, String
-      apply_devise_schema :reset_password_sent_at, DateTime if use_within
-    end
-    # Creates remember_token and remember_created_at.
-    #
-    # == Options
-    # * :use_salt - When true, does not create a remember_token and use password_salt instead.
-    def rememberable(options={})
-      use_salt = options.fetch(:use_salt, Devise.use_salt_as_remember_token)
-      apply_devise_schema :remember_token,      String unless use_salt
-      apply_devise_schema :remember_created_at, DateTime
-    end
-    # Creates sign_in_count, current_sign_in_at, last_sign_in_at,
-    # current_sign_in_ip, last_sign_in_ip.
-    def trackable
-      apply_devise_schema :sign_in_count,      Integer, :default => 0
-      apply_devise_schema :current_sign_in_at, DateTime
-      apply_devise_schema :last_sign_in_at,    DateTime
-      apply_devise_schema :current_sign_in_ip, String
-      apply_devise_schema :last_sign_in_ip,    String
-    end
-    # Creates failed_attempts, unlock_token and locked_at depending on the options given.
-    #
-    # == Options
-    # * :unlock_strategy - The strategy used for unlock. Can be :time, :email, :both (default), :none.
-    #   If :email or :both, creates a unlock_token field.
-    # * :lock_strategy - The strategy used for locking. Can be :failed_attempts (default) or :none.
-    def lockable(options={})
-      unlock_strategy   = options[:unlock_strategy]
-      unlock_strategy ||= self.unlock_strategy if respond_to?(:unlock_strategy)
-      unlock_strategy ||= :both
-      lock_strategy   = options[:lock_strategy]
-      lock_strategy ||= self.lock_strategy if respond_to?(:lock_strategy)
-      lock_strategy ||= :failed_attempts
-      if lock_strategy == :failed_attempts
-        apply_devise_schema :failed_attempts, Integer, :default => 0
-      end
-      if [:both, :email].include?(unlock_strategy)
-        apply_devise_schema :unlock_token, String
-      end
-      apply_devise_schema :locked_at, DateTime
-    end
-    # Overwrite with specific modification to create your own schema.
-    def apply_devise_schema(name, type, options={})
-      raise NotImplementedError
-    end
-  end
-end

data/test/encryptors_test.rb DELETED Viewed

@@ -1,30 +0,0 @@
-require 'test_helper'
-class Encryptors < ActiveSupport::TestCase
-  test 'should match a password created by authlogic' do
-    authlogic = "b623c3bc9c775b0eb8edb218a382453396fec4146422853e66ecc4b6bc32d7162ee42074dcb5f180a770dc38b5df15812f09bbf497a4a1b95fe5e7d2b8eb7eb4"
-    encryptor = Devise::Encryptors::AuthlogicSha512.digest('123mudar', 20, 'usZK_z_EAaF61Gwkw-ed', '')
-    assert_equal authlogic, encryptor
-  end
-  test 'should match a password created by restful_authentication' do
-    restful_authentication = "93110f71309ce91366375ea44e2a6f5cc73fa8d4"
-    encryptor = Devise::Encryptors::RestfulAuthenticationSha1.digest('123mudar', 10, '48901d2b247a54088acb7f8ea3e695e50fe6791b', 'fee9a51ec0a28d11be380ca6dee6b4b760c1a3bf')
-    assert_equal restful_authentication, encryptor
-  end
-  test 'should match a password created by clearance' do
-    clearance = "0f40bbae18ddefd7066276c3ef209d40729b0378"
-    encryptor = Devise::Encryptors::ClearanceSha1.digest('123mudar', nil, '65c58472c207c829f28c68619d3e3aefed18ab3f', nil)
-    assert_equal clearance, encryptor
-  end
-  Devise::ENCRYPTORS_LENGTH.each do |key, value|
-    test "should have length #{value} for #{key.inspect}" do
-      swap Devise, :encryptor => key do
-        encryptor = Devise::Encryptors.const_get(key.to_s.classify)
-        assert_equal value, encryptor.digest('a', 4, encryptor.salt(4), nil).size
-      end
-    end
-  end
-end

data/test/models/encryptable_test.rb DELETED Viewed

@@ -1,73 +0,0 @@
-require 'test_helper'
-class EncryptableTest < ActiveSupport::TestCase
-  def encrypt_password(admin, pepper=Admin.pepper, stretches=Admin.stretches, encryptor=Admin.encryptor_class)
-    encryptor.digest('123456', stretches, admin.password_salt, pepper)
-  end
-  def swap_with_encryptor(klass, encryptor, options={})
-    klass.instance_variable_set(:@encryptor_class, nil)
-    swap klass, options.merge(:encryptor => encryptor) do
-      begin
-        yield
-      ensure
-        klass.instance_variable_set(:@encryptor_class, nil)
-      end
-    end
-  end
-  test 'should generate salt while setting password' do
-    assert_present create_admin.password_salt
-  end
-  test 'should not change password salt when updating' do
-    admin = create_admin
-    salt = admin.password_salt
-    admin.expects(:password_salt=).never
-    admin.save!
-    assert_equal salt, admin.password_salt
-  end
-  test 'should generate a base64 hash using SecureRandom for password salt' do
-    swap_with_encryptor Admin, :sha1 do
-      SecureRandom.expects(:base64).with(15).returns('01lI').twice
-      salt = create_admin.password_salt
-      assert_not_equal '01lI', salt
-      assert_equal 4, salt.size
-    end
-  end
-  test 'should not generate salt if password is blank' do
-    assert_blank create_admin(:password => nil).password_salt
-    assert_blank create_admin(:password => '').password_salt
-  end
-  test 'should encrypt password again if password has changed' do
-    admin = create_admin
-    encrypted_password = admin.encrypted_password
-    admin.password = admin.password_confirmation = 'new_password'
-    admin.save!
-    assert_not_equal encrypted_password, admin.encrypted_password
-  end
-  test 'should respect encryptor configuration' do
-    swap_with_encryptor Admin, :sha512 do
-      admin = create_admin
-      assert_equal admin.encrypted_password, encrypt_password(admin, Admin.pepper, Admin.stretches, ::Devise::Encryptors::Sha512)
-    end
-  end
-  test 'should not validate password when salt is nil' do
-    admin = create_admin
-    admin.password_salt = nil
-    admin.save
-    assert_not admin.valid_password?('123456')
-  end
-  test 'required_fields should contain the fields that Devise uses' do
-    assert_same_content Devise::Models::Encryptable.required_fields(User), [
-      :password_salt
-    ]
-  end
-end