devise 3.2.2 → 4.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/CHANGELOG.md +242 -978
- data/MIT-LICENSE +1 -1
- data/README.md +371 -100
- data/app/controllers/devise/confirmations_controller.rb +11 -5
- data/app/controllers/devise/omniauth_callbacks_controller.rb +12 -6
- data/app/controllers/devise/passwords_controller.rb +21 -8
- data/app/controllers/devise/registrations_controller.rb +59 -26
- data/app/controllers/devise/sessions_controller.rb +47 -17
- data/app/controllers/devise/unlocks_controller.rb +9 -4
- data/app/controllers/devise_controller.rb +67 -31
- data/app/helpers/devise_helper.rb +12 -19
- data/app/mailers/devise/mailer.rb +10 -0
- data/app/views/devise/confirmations/new.html.erb +9 -5
- data/app/views/devise/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/mailer/password_change.html.erb +3 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/devise/mailer/unlock_instructions.html.erb +1 -1
- data/app/views/devise/passwords/edit.html.erb +16 -7
- data/app/views/devise/passwords/new.html.erb +9 -5
- data/app/views/devise/registrations/edit.html.erb +29 -15
- data/app/views/devise/registrations/new.html.erb +20 -9
- data/app/views/devise/sessions/new.html.erb +19 -10
- data/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/app/views/devise/shared/{_links.erb → _links.html.erb} +9 -9
- data/app/views/devise/unlocks/new.html.erb +9 -5
- data/config/locales/en.yml +23 -17
- data/lib/devise/controllers/helpers.rb +112 -32
- data/lib/devise/controllers/rememberable.rb +15 -6
- data/lib/devise/controllers/scoped_views.rb +3 -1
- data/lib/devise/controllers/sign_in_out.rb +42 -26
- data/lib/devise/controllers/store_location.rb +31 -5
- data/lib/devise/controllers/url_helpers.rb +9 -7
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +24 -0
- data/lib/devise/failure_app.rb +125 -39
- data/lib/devise/hooks/activatable.rb +7 -6
- data/lib/devise/hooks/csrf_cleaner.rb +5 -1
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +7 -2
- data/lib/devise/hooks/proxy.rb +4 -2
- data/lib/devise/hooks/rememberable.rb +4 -2
- data/lib/devise/hooks/timeoutable.rb +16 -9
- data/lib/devise/hooks/trackable.rb +3 -1
- data/lib/devise/mailers/helpers.rb +15 -12
- data/lib/devise/mapping.rb +8 -2
- data/lib/devise/models/authenticatable.rb +82 -56
- data/lib/devise/models/confirmable.rb +125 -42
- data/lib/devise/models/database_authenticatable.rb +110 -32
- data/lib/devise/models/lockable.rb +30 -17
- data/lib/devise/models/omniauthable.rb +3 -1
- data/lib/devise/models/recoverable.rb +62 -26
- data/lib/devise/models/registerable.rb +4 -0
- data/lib/devise/models/rememberable.rb +62 -33
- data/lib/devise/models/timeoutable.rb +4 -8
- data/lib/devise/models/trackable.rb +20 -4
- data/lib/devise/models/validatable.rb +16 -9
- data/lib/devise/models.rb +3 -1
- data/lib/devise/modules.rb +12 -10
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +4 -0
- data/lib/devise/parameter_sanitizer.rb +139 -65
- data/lib/devise/rails/routes.rb +147 -116
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/rails.rb +10 -13
- data/lib/devise/secret_key_finder.rb +27 -0
- data/lib/devise/strategies/authenticatable.rb +20 -9
- data/lib/devise/strategies/base.rb +3 -1
- data/lib/devise/strategies/database_authenticatable.rb +14 -6
- data/lib/devise/strategies/rememberable.rb +15 -3
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +4 -2
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/devise.rb +111 -84
- data/lib/generators/active_record/devise_generator.rb +49 -12
- data/lib/generators/active_record/templates/migration.rb +9 -7
- data/lib/generators/active_record/templates/migration_existing.rb +9 -7
- data/lib/generators/devise/controllers_generator.rb +46 -0
- data/lib/generators/devise/devise_generator.rb +7 -5
- data/lib/generators/devise/install_generator.rb +21 -0
- data/lib/generators/devise/orm_helpers.rb +10 -21
- data/lib/generators/devise/views_generator.rb +49 -28
- data/lib/generators/mongoid/devise_generator.rb +21 -19
- data/lib/generators/templates/README +5 -12
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/devise.rb +81 -36
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
- data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +6 -2
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +9 -4
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +5 -2
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +14 -6
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +12 -4
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +11 -6
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +5 -2
- metadata +52 -280
- data/.gitignore +0 -10
- data/.travis.yml +0 -20
- data/.yardopts +0 -9
- data/CONTRIBUTING.md +0 -14
- data/Gemfile +0 -31
- data/Gemfile.lock +0 -160
- data/Rakefile +0 -35
- data/devise.gemspec +0 -27
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.2.x +0 -31
- data/gemfiles/Gemfile.rails-3.2.x.lock +0 -159
- data/test/controllers/custom_strategy_test.rb +0 -62
- data/test/controllers/helpers_test.rb +0 -276
- data/test/controllers/internal_helpers_test.rb +0 -120
- data/test/controllers/passwords_controller_test.rb +0 -31
- data/test/controllers/sessions_controller_test.rb +0 -99
- data/test/controllers/url_helpers_test.rb +0 -59
- data/test/delegator_test.rb +0 -19
- data/test/devise_test.rb +0 -94
- data/test/failure_app_test.rb +0 -232
- data/test/generators/active_record_generator_test.rb +0 -103
- data/test/generators/devise_generator_test.rb +0 -39
- data/test/generators/install_generator_test.rb +0 -13
- data/test/generators/mongoid_generator_test.rb +0 -23
- data/test/generators/views_generator_test.rb +0 -67
- data/test/helpers/devise_helper_test.rb +0 -51
- data/test/integration/authenticatable_test.rb +0 -713
- data/test/integration/confirmable_test.rb +0 -284
- data/test/integration/database_authenticatable_test.rb +0 -84
- data/test/integration/http_authenticatable_test.rb +0 -105
- data/test/integration/lockable_test.rb +0 -239
- data/test/integration/omniauthable_test.rb +0 -133
- data/test/integration/recoverable_test.rb +0 -334
- data/test/integration/registerable_test.rb +0 -349
- data/test/integration/rememberable_test.rb +0 -167
- data/test/integration/timeoutable_test.rb +0 -183
- data/test/integration/trackable_test.rb +0 -92
- data/test/mailers/confirmation_instructions_test.rb +0 -115
- data/test/mailers/reset_password_instructions_test.rb +0 -96
- data/test/mailers/unlock_instructions_test.rb +0 -91
- data/test/mapping_test.rb +0 -127
- data/test/models/authenticatable_test.rb +0 -13
- data/test/models/confirmable_test.rb +0 -454
- data/test/models/database_authenticatable_test.rb +0 -249
- data/test/models/lockable_test.rb +0 -298
- data/test/models/omniauthable_test.rb +0 -7
- data/test/models/recoverable_test.rb +0 -184
- data/test/models/registerable_test.rb +0 -7
- data/test/models/rememberable_test.rb +0 -183
- data/test/models/serializable_test.rb +0 -49
- data/test/models/timeoutable_test.rb +0 -51
- data/test/models/trackable_test.rb +0 -13
- data/test/models/validatable_test.rb +0 -127
- data/test/models_test.rb +0 -144
- data/test/omniauth/config_test.rb +0 -57
- data/test/omniauth/url_helpers_test.rb +0 -54
- data/test/orm/active_record.rb +0 -10
- data/test/orm/mongoid.rb +0 -13
- data/test/parameter_sanitizer_test.rb +0 -81
- data/test/rails_app/Rakefile +0 -6
- data/test/rails_app/app/active_record/admin.rb +0 -6
- data/test/rails_app/app/active_record/shim.rb +0 -2
- data/test/rails_app/app/active_record/user.rb +0 -6
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
- data/test/rails_app/app/controllers/admins_controller.rb +0 -11
- data/test/rails_app/app/controllers/application_controller.rb +0 -9
- data/test/rails_app/app/controllers/home_controller.rb +0 -25
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
- data/test/rails_app/app/controllers/users_controller.rb +0 -31
- data/test/rails_app/app/helpers/application_helper.rb +0 -3
- data/test/rails_app/app/mailers/users/mailer.rb +0 -12
- data/test/rails_app/app/mongoid/admin.rb +0 -29
- data/test/rails_app/app/mongoid/shim.rb +0 -23
- data/test/rails_app/app/mongoid/user.rb +0 -39
- data/test/rails_app/app/views/admins/index.html.erb +0 -1
- data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/home/index.html.erb +0 -1
- data/test/rails_app/app/views/home/join.html.erb +0 -1
- data/test/rails_app/app/views/home/private.html.erb +0 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/layouts/application.html.erb +0 -24
- data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
- data/test/rails_app/app/views/users/index.html.erb +0 -1
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
- data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
- data/test/rails_app/bin/bundle +0 -3
- data/test/rails_app/bin/rails +0 -4
- data/test/rails_app/bin/rake +0 -4
- data/test/rails_app/config/application.rb +0 -40
- data/test/rails_app/config/boot.rb +0 -14
- data/test/rails_app/config/database.yml +0 -18
- data/test/rails_app/config/environment.rb +0 -5
- data/test/rails_app/config/environments/development.rb +0 -30
- data/test/rails_app/config/environments/production.rb +0 -80
- data/test/rails_app/config/environments/test.rb +0 -36
- data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
- data/test/rails_app/config/initializers/devise.rb +0 -181
- data/test/rails_app/config/initializers/inflections.rb +0 -2
- data/test/rails_app/config/initializers/secret_token.rb +0 -8
- data/test/rails_app/config/initializers/session_store.rb +0 -1
- data/test/rails_app/config/routes.rb +0 -104
- data/test/rails_app/config.ru +0 -4
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
- data/test/rails_app/db/schema.rb +0 -55
- data/test/rails_app/lib/shared_admin.rb +0 -17
- data/test/rails_app/lib/shared_user.rb +0 -29
- data/test/rails_app/public/404.html +0 -26
- data/test/rails_app/public/422.html +0 -26
- data/test/rails_app/public/500.html +0 -26
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/routes_test.rb +0 -250
- data/test/support/assertions.rb +0 -40
- data/test/support/helpers.rb +0 -70
- data/test/support/integration.rb +0 -92
- data/test/support/locale/en.yml +0 -8
- data/test/support/webrat/integrations/rails.rb +0 -24
- data/test/test_helper.rb +0 -27
- data/test/test_helpers_test.rb +0 -173
- data/test/test_models.rb +0 -33
data/test/models_test.rb
DELETED
|
@@ -1,144 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
require 'test_models'
|
|
3
|
-
|
|
4
|
-
class ActiveRecordTest < ActiveSupport::TestCase
|
|
5
|
-
def include_module?(klass, mod)
|
|
6
|
-
klass.devise_modules.include?(mod) &&
|
|
7
|
-
klass.included_modules.include?(Devise::Models::const_get(mod.to_s.classify))
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
def assert_include_modules(klass, *modules)
|
|
11
|
-
modules.each do |mod|
|
|
12
|
-
assert include_module?(klass, mod)
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
(Devise::ALL - modules).each do |mod|
|
|
16
|
-
assert_not include_module?(klass, mod)
|
|
17
|
-
end
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
test 'can cherry pick modules' do
|
|
21
|
-
assert_include_modules Admin, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
test 'validations options are not applied too late' do
|
|
25
|
-
validators = WithValidation.validators_on :password
|
|
26
|
-
length = validators.find { |v| v.kind == :length }
|
|
27
|
-
assert_equal 2, length.options[:minimum]
|
|
28
|
-
assert_equal 6, length.options[:maximum]
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
test 'validations are applied just once' do
|
|
32
|
-
validators = Several.validators_on :password
|
|
33
|
-
assert_equal 1, validators.select{ |v| v.kind == :length }.length
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
test 'chosen modules are inheritable' do
|
|
37
|
-
assert_include_modules Inheritable, :database_authenticatable, :registerable, :timeoutable, :recoverable, :lockable, :confirmable
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
test 'order of module inclusion' do
|
|
41
|
-
correct_module_order = [:database_authenticatable, :recoverable, :registerable, :confirmable, :lockable, :timeoutable]
|
|
42
|
-
incorrect_module_order = [:database_authenticatable, :timeoutable, :registerable, :recoverable, :lockable, :confirmable]
|
|
43
|
-
|
|
44
|
-
assert_include_modules Admin, *incorrect_module_order
|
|
45
|
-
|
|
46
|
-
# get module constants from symbol list
|
|
47
|
-
module_constants = correct_module_order.collect { |mod| Devise::Models::const_get(mod.to_s.classify) }
|
|
48
|
-
|
|
49
|
-
# confirm that they adhere to the order in ALL
|
|
50
|
-
# get included modules, filter out the noise, and reverse the order
|
|
51
|
-
assert_equal module_constants, (Admin.included_modules & module_constants).reverse
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
test 'raise error on invalid module' do
|
|
55
|
-
assert_raise NameError do
|
|
56
|
-
# Mix valid an invalid modules.
|
|
57
|
-
Configurable.class_eval { devise :database_authenticatable, :doesnotexit }
|
|
58
|
-
end
|
|
59
|
-
end
|
|
60
|
-
|
|
61
|
-
test 'set a default value for stretches' do
|
|
62
|
-
assert_equal 15, Configurable.stretches
|
|
63
|
-
end
|
|
64
|
-
|
|
65
|
-
test 'set a default value for pepper' do
|
|
66
|
-
assert_equal 'abcdef', Configurable.pepper
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
test 'set a default value for allow_unconfirmed_access_for' do
|
|
70
|
-
assert_equal 5.days, Configurable.allow_unconfirmed_access_for
|
|
71
|
-
end
|
|
72
|
-
|
|
73
|
-
test 'set a default value for remember_for' do
|
|
74
|
-
assert_equal 7.days, Configurable.remember_for
|
|
75
|
-
end
|
|
76
|
-
|
|
77
|
-
test 'set a default value for timeout_in' do
|
|
78
|
-
assert_equal 15.minutes, Configurable.timeout_in
|
|
79
|
-
end
|
|
80
|
-
|
|
81
|
-
test 'set a default value for unlock_in' do
|
|
82
|
-
assert_equal 10.days, Configurable.unlock_in
|
|
83
|
-
end
|
|
84
|
-
|
|
85
|
-
test 'set null fields on migrations' do
|
|
86
|
-
# Ignore email sending since no email exists.
|
|
87
|
-
klass = Class.new(Admin) do
|
|
88
|
-
def send_devise_notification(*); end
|
|
89
|
-
end
|
|
90
|
-
|
|
91
|
-
klass.create!
|
|
92
|
-
end
|
|
93
|
-
end
|
|
94
|
-
|
|
95
|
-
class CheckFieldsTest < ActiveSupport::TestCase
|
|
96
|
-
test 'checks if the class respond_to the required fields' do
|
|
97
|
-
Player = Class.new do
|
|
98
|
-
extend Devise::Models
|
|
99
|
-
|
|
100
|
-
def self.before_validation(instance)
|
|
101
|
-
end
|
|
102
|
-
|
|
103
|
-
devise :database_authenticatable
|
|
104
|
-
|
|
105
|
-
attr_accessor :encrypted_password, :email
|
|
106
|
-
end
|
|
107
|
-
|
|
108
|
-
assert_nothing_raised Devise::Models::MissingAttribute do
|
|
109
|
-
Devise::Models.check_fields!(Player)
|
|
110
|
-
end
|
|
111
|
-
end
|
|
112
|
-
|
|
113
|
-
test 'raises Devise::Models::MissingAtrribute and shows the missing attribute if the class doesn\'t respond_to one of the attributes' do
|
|
114
|
-
Clown = Class.new do
|
|
115
|
-
extend Devise::Models
|
|
116
|
-
|
|
117
|
-
def self.before_validation(instance)
|
|
118
|
-
end
|
|
119
|
-
|
|
120
|
-
devise :database_authenticatable
|
|
121
|
-
|
|
122
|
-
attr_accessor :encrypted_password
|
|
123
|
-
end
|
|
124
|
-
|
|
125
|
-
assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: email" do
|
|
126
|
-
Devise::Models.check_fields!(Clown)
|
|
127
|
-
end
|
|
128
|
-
end
|
|
129
|
-
|
|
130
|
-
test 'raises Devise::Models::MissingAtrribute with all the missing attributes if there is more than one' do
|
|
131
|
-
Magician = Class.new do
|
|
132
|
-
extend Devise::Models
|
|
133
|
-
|
|
134
|
-
def self.before_validation(instance)
|
|
135
|
-
end
|
|
136
|
-
|
|
137
|
-
devise :database_authenticatable
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
assert_raise_with_message Devise::Models::MissingAttribute, "The following attribute(s) is (are) missing on your model: encrypted_password, email" do
|
|
141
|
-
Devise::Models.check_fields!(Magician)
|
|
142
|
-
end
|
|
143
|
-
end
|
|
144
|
-
end
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class OmniAuthConfigTest < ActiveSupport::TestCase
|
|
4
|
-
class MyStrategy
|
|
5
|
-
include OmniAuth::Strategy
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
test 'strategy_name returns provider if no options given' do
|
|
9
|
-
config = Devise::OmniAuth::Config.new :facebook, [{}]
|
|
10
|
-
assert_equal :facebook, config.strategy_name
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
test 'strategy_name returns provider if no name option are given' do
|
|
14
|
-
config = Devise::OmniAuth::Config.new :facebook, [{ :other => :option }]
|
|
15
|
-
assert_equal :facebook, config.strategy_name
|
|
16
|
-
end
|
|
17
|
-
|
|
18
|
-
test 'returns name option when have a name' do
|
|
19
|
-
config = Devise::OmniAuth::Config.new :facebook, [{ :name => :github }]
|
|
20
|
-
assert_equal :github, config.strategy_name
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
test "finds contrib strategies" do
|
|
24
|
-
config = Devise::OmniAuth::Config.new :facebook, [{}]
|
|
25
|
-
assert_equal OmniAuth::Strategies::Facebook, config.strategy_class
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
test "finds the strategy in OmniAuth's list by name" do
|
|
29
|
-
NamedTestStrategy = Class.new
|
|
30
|
-
NamedTestStrategy.send :include, OmniAuth::Strategy
|
|
31
|
-
NamedTestStrategy.option :name, :the_one
|
|
32
|
-
|
|
33
|
-
config = Devise::OmniAuth::Config.new :the_one, [{}]
|
|
34
|
-
assert_equal NamedTestStrategy, config.strategy_class
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
test "finds the strategy in OmniAuth's list by class name" do
|
|
38
|
-
UnNamedTestStrategy = Class.new
|
|
39
|
-
UnNamedTestStrategy.send :include, OmniAuth::Strategy
|
|
40
|
-
|
|
41
|
-
config = Devise::OmniAuth::Config.new :un_named_test_strategy, [{}]
|
|
42
|
-
assert_equal UnNamedTestStrategy, config.strategy_class
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
test 'raises an error if strategy cannot be found' do
|
|
46
|
-
config = Devise::OmniAuth::Config.new :my_other_strategy, [{}]
|
|
47
|
-
assert_raise Devise::OmniAuth::StrategyNotFound do
|
|
48
|
-
config.strategy_class
|
|
49
|
-
end
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
test 'allows the user to define a custom require path' do
|
|
53
|
-
config = Devise::OmniAuth::Config.new :my_strategy, [{:strategy_class => MyStrategy}]
|
|
54
|
-
config_class = config.strategy_class
|
|
55
|
-
assert_equal MyStrategy, config_class
|
|
56
|
-
end
|
|
57
|
-
end
|
|
@@ -1,54 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
|
|
3
|
-
class OmniAuthRoutesTest < ActionController::TestCase
|
|
4
|
-
ExpectedUrlGeneratiorError = Devise.rails4? ?
|
|
5
|
-
ActionController::UrlGenerationError : ActionController::RoutingError
|
|
6
|
-
|
|
7
|
-
tests ApplicationController
|
|
8
|
-
|
|
9
|
-
def assert_path(action, provider, with_param=true)
|
|
10
|
-
# Resource param
|
|
11
|
-
assert_equal @controller.send(action, :user, provider),
|
|
12
|
-
@controller.send("user_#{action}", provider)
|
|
13
|
-
|
|
14
|
-
# With an object
|
|
15
|
-
assert_equal @controller.send(action, User.new, provider),
|
|
16
|
-
@controller.send("user_#{action}", provider)
|
|
17
|
-
|
|
18
|
-
if with_param
|
|
19
|
-
# Default url params
|
|
20
|
-
assert_equal @controller.send(action, :user, provider, :param => 123),
|
|
21
|
-
@controller.send("user_#{action}", provider, :param => 123)
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
test 'should alias omniauth_callback to mapped user auth_callback' do
|
|
26
|
-
assert_path :omniauth_callback_path, :facebook
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
test 'should alias omniauth_authorize to mapped user auth_authorize' do
|
|
30
|
-
assert_path :omniauth_authorize_path, :facebook, false
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
test 'should generate authorization path' do
|
|
34
|
-
assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook)
|
|
35
|
-
|
|
36
|
-
assert_raise ExpectedUrlGeneratiorError do
|
|
37
|
-
@controller.omniauth_authorize_path(:user, :github)
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
test 'should generate authorization path for named open_id omniauth' do
|
|
42
|
-
assert_match "/users/auth/google", @controller.omniauth_authorize_path(:user, :google)
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
test 'should generate authorization path with params' do
|
|
46
|
-
assert_match "/users/auth/openid?openid_url=http%3A%2F%2Fyahoo.com",
|
|
47
|
-
@controller.omniauth_authorize_path(:user, :openid, :openid_url => "http://yahoo.com")
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
test 'should not add a "?" if no param was sent' do
|
|
51
|
-
assert_equal "/users/auth/openid",
|
|
52
|
-
@controller.omniauth_authorize_path(:user, :openid)
|
|
53
|
-
end
|
|
54
|
-
end
|
data/test/orm/active_record.rb
DELETED
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
ActiveRecord::Migration.verbose = false
|
|
2
|
-
ActiveRecord::Base.logger = Logger.new(nil)
|
|
3
|
-
ActiveRecord::Base.include_root_in_json = true
|
|
4
|
-
|
|
5
|
-
ActiveRecord::Migrator.migrate(File.expand_path("../../rails_app/db/migrate/", __FILE__))
|
|
6
|
-
|
|
7
|
-
class ActiveSupport::TestCase
|
|
8
|
-
self.use_transactional_fixtures = true
|
|
9
|
-
self.use_instantiated_fixtures = false
|
|
10
|
-
end
|
data/test/orm/mongoid.rb
DELETED
|
@@ -1,81 +0,0 @@
|
|
|
1
|
-
require 'test_helper'
|
|
2
|
-
require 'devise/parameter_sanitizer'
|
|
3
|
-
|
|
4
|
-
class BaseSanitizerTest < ActiveSupport::TestCase
|
|
5
|
-
def sanitizer(params)
|
|
6
|
-
Devise::BaseSanitizer.new(User, :user, params)
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
test 'returns chosen params' do
|
|
10
|
-
sanitizer = sanitizer(user: { "email" => "jose" })
|
|
11
|
-
assert_equal({ "email" => "jose" }, sanitizer.sanitize(:sign_in))
|
|
12
|
-
end
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
if defined?(ActionController::StrongParameters)
|
|
16
|
-
require 'active_model/forbidden_attributes_protection'
|
|
17
|
-
|
|
18
|
-
class ParameterSanitizerTest < ActiveSupport::TestCase
|
|
19
|
-
def sanitizer(params)
|
|
20
|
-
params = ActionController::Parameters.new(params)
|
|
21
|
-
Devise::ParameterSanitizer.new(User, :user, params)
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
test 'filters some parameters on sign in by default' do
|
|
25
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid", "remember_me" => "1" })
|
|
26
|
-
assert_equal({ "email" => "jose", "password" => "invalid", "remember_me" => "1" }, sanitizer.sanitize(:sign_in))
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
test 'handles auth keys as a hash' do
|
|
30
|
-
swap Devise, :authentication_keys => {:email => true} do
|
|
31
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
|
|
32
|
-
assert_equal({ "email" => "jose", "password" => "invalid" }, sanitizer.sanitize(:sign_in))
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
test 'filters some parameters on sign up by default' do
|
|
37
|
-
sanitizer = sanitizer(user: { "email" => "jose", "role" => "invalid" })
|
|
38
|
-
assert_equal({ "email" => "jose" }, sanitizer.sanitize(:sign_up))
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
test 'filters some parameters on account update by default' do
|
|
42
|
-
sanitizer = sanitizer(user: { "email" => "jose", "role" => "invalid" })
|
|
43
|
-
assert_equal({ "email" => "jose" }, sanitizer.sanitize(:account_update))
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
test 'allows custom hooks' do
|
|
47
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
|
|
48
|
-
sanitizer.for(:sign_in) { |user| user.permit(:email, :password) }
|
|
49
|
-
assert_equal({ "email" => "jose", "password" => "invalid" }, sanitizer.sanitize(:sign_in))
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
test 'adding multiple permitted parameters' do
|
|
53
|
-
sanitizer = sanitizer(user: { "email" => "jose", "username" => "jose1", "role" => "valid" })
|
|
54
|
-
sanitizer.for(:sign_in).concat([:username, :role])
|
|
55
|
-
assert_equal({ "email" => "jose", "username" => "jose1", "role" => "valid" }, sanitizer.sanitize(:sign_in))
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
test 'removing multiple default parameters' do
|
|
59
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid", "remember_me" => "1" })
|
|
60
|
-
sanitizer.for(:sign_in).delete(:email)
|
|
61
|
-
sanitizer.for(:sign_in).delete(:password)
|
|
62
|
-
assert_equal({ "remember_me" => "1" }, sanitizer.sanitize(:sign_in))
|
|
63
|
-
end
|
|
64
|
-
|
|
65
|
-
test 'raises on unknown hooks' do
|
|
66
|
-
sanitizer = sanitizer(user: { "email" => "jose", "password" => "invalid" })
|
|
67
|
-
assert_raise NotImplementedError do
|
|
68
|
-
sanitizer.sanitize(:unknown)
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
test 'passes parameters to filter as arguments to sanitizer' do
|
|
73
|
-
params = {user: stub}
|
|
74
|
-
sanitizer = Devise::ParameterSanitizer.new(User, :user, params)
|
|
75
|
-
|
|
76
|
-
params[:user].expects(:permit).with(kind_of(Symbol), kind_of(Symbol), kind_of(Symbol))
|
|
77
|
-
|
|
78
|
-
sanitizer.sanitize(:sign_in)
|
|
79
|
-
end
|
|
80
|
-
end
|
|
81
|
-
end
|
data/test/rails_app/Rakefile
DELETED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
# Filters added to this controller apply to all controllers in the application.
|
|
2
|
-
# Likewise, all the methods added will be available for all controllers.
|
|
3
|
-
|
|
4
|
-
class ApplicationController < ActionController::Base
|
|
5
|
-
protect_from_forgery
|
|
6
|
-
before_filter :current_user, :unless => :devise_controller?
|
|
7
|
-
before_filter :authenticate_user!, :if => :devise_controller?
|
|
8
|
-
respond_to *Mime::SET.map(&:to_sym)
|
|
9
|
-
end
|
|
@@ -1,25 +0,0 @@
|
|
|
1
|
-
class HomeController < ApplicationController
|
|
2
|
-
def index
|
|
3
|
-
end
|
|
4
|
-
|
|
5
|
-
def private
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
def user_dashboard
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def admin_dashboard
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def join
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def set
|
|
18
|
-
session["devise.foo_bar"] = "something"
|
|
19
|
-
head :ok
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
def unauthenticated
|
|
23
|
-
render :text => "unauthenticated", :status => :unauthorized
|
|
24
|
-
end
|
|
25
|
-
end
|
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
|
2
|
-
def facebook
|
|
3
|
-
data = env["omniauth.auth"]
|
|
4
|
-
session["devise.facebook_data"] = data["extra"]["user_hash"]
|
|
5
|
-
render :json => data
|
|
6
|
-
end
|
|
7
|
-
|
|
8
|
-
def sign_in_facebook
|
|
9
|
-
user = User.find_by_email('user@test.com')
|
|
10
|
-
user.remember_me = true
|
|
11
|
-
sign_in user
|
|
12
|
-
render :text => ""
|
|
13
|
-
end
|
|
14
|
-
end
|
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
class UsersController < ApplicationController
|
|
2
|
-
prepend_before_filter :current_user, :only => :exhibit
|
|
3
|
-
before_filter :authenticate_user!, :except => [:accept, :exhibit]
|
|
4
|
-
respond_to :html, :xml
|
|
5
|
-
|
|
6
|
-
def index
|
|
7
|
-
user_session[:cart] = "Cart"
|
|
8
|
-
respond_with(current_user)
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
def edit_form
|
|
12
|
-
user_session['last_request_at'] = 31.minutes.ago.utc
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
def update_form
|
|
16
|
-
render :text => 'Update'
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
def accept
|
|
20
|
-
@current_user = current_user
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
def exhibit
|
|
24
|
-
render :text => current_user ? "User is authenticated" : "User is not authenticated"
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
def expire
|
|
28
|
-
user_session['last_request_at'] = 31.minutes.ago.utc
|
|
29
|
-
render :text => 'User will be expired on next request'
|
|
30
|
-
end
|
|
31
|
-
end
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
class Users::Mailer < Devise::Mailer
|
|
2
|
-
default :from => 'custom@example.com'
|
|
3
|
-
end
|
|
4
|
-
|
|
5
|
-
class Users::ReplyToMailer < Devise::Mailer
|
|
6
|
-
default :from => 'custom@example.com'
|
|
7
|
-
default :reply_to => 'custom_reply_to@example.com'
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
class Users::FromProcMailer < Devise::Mailer
|
|
11
|
-
default :from => proc { 'custom@example.com' }
|
|
12
|
-
end
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
require 'shared_admin'
|
|
2
|
-
|
|
3
|
-
class Admin
|
|
4
|
-
include Mongoid::Document
|
|
5
|
-
include Shim
|
|
6
|
-
include SharedAdmin
|
|
7
|
-
|
|
8
|
-
## Database authenticatable
|
|
9
|
-
field :email, :type => String
|
|
10
|
-
field :encrypted_password, :type => String
|
|
11
|
-
|
|
12
|
-
## Recoverable
|
|
13
|
-
field :reset_password_token, :type => String
|
|
14
|
-
field :reset_password_sent_at, :type => Time
|
|
15
|
-
|
|
16
|
-
## Rememberable
|
|
17
|
-
field :remember_created_at, :type => Time
|
|
18
|
-
|
|
19
|
-
## Confirmable
|
|
20
|
-
field :confirmation_token, :type => String
|
|
21
|
-
field :confirmed_at, :type => Time
|
|
22
|
-
field :confirmation_sent_at, :type => Time
|
|
23
|
-
field :unconfirmed_email, :type => String # Only if using reconfirmable
|
|
24
|
-
|
|
25
|
-
## Lockable
|
|
26
|
-
field :locked_at, :type => Time
|
|
27
|
-
|
|
28
|
-
field :active, :type => Boolean, :default => false
|
|
29
|
-
end
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
module Shim
|
|
2
|
-
extend ::ActiveSupport::Concern
|
|
3
|
-
|
|
4
|
-
included do
|
|
5
|
-
include ::Mongoid::Timestamps
|
|
6
|
-
field :created_at, :type => DateTime
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
module ClassMethods
|
|
10
|
-
def order(attribute)
|
|
11
|
-
asc(attribute)
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def find_by_email(email)
|
|
15
|
-
find_by(:email => email)
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
# overwrite equality (because some devise tests use this for asserting model equality)
|
|
20
|
-
def ==(other)
|
|
21
|
-
other.is_a?(self.class) && _id == other._id
|
|
22
|
-
end
|
|
23
|
-
end
|
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
require 'shared_user'
|
|
2
|
-
|
|
3
|
-
class User
|
|
4
|
-
include Mongoid::Document
|
|
5
|
-
include Shim
|
|
6
|
-
include SharedUser
|
|
7
|
-
|
|
8
|
-
field :username, :type => String
|
|
9
|
-
field :facebook_token, :type => String
|
|
10
|
-
|
|
11
|
-
## Database authenticatable
|
|
12
|
-
field :email, :type => String, :default => ""
|
|
13
|
-
field :encrypted_password, :type => String, :default => ""
|
|
14
|
-
|
|
15
|
-
## Recoverable
|
|
16
|
-
field :reset_password_token, :type => String
|
|
17
|
-
field :reset_password_sent_at, :type => Time
|
|
18
|
-
|
|
19
|
-
## Rememberable
|
|
20
|
-
field :remember_created_at, :type => Time
|
|
21
|
-
|
|
22
|
-
## Trackable
|
|
23
|
-
field :sign_in_count, :type => Integer, :default => 0
|
|
24
|
-
field :current_sign_in_at, :type => Time
|
|
25
|
-
field :last_sign_in_at, :type => Time
|
|
26
|
-
field :current_sign_in_ip, :type => String
|
|
27
|
-
field :last_sign_in_ip, :type => String
|
|
28
|
-
|
|
29
|
-
## Confirmable
|
|
30
|
-
field :confirmation_token, :type => String
|
|
31
|
-
field :confirmed_at, :type => Time
|
|
32
|
-
field :confirmation_sent_at, :type => Time
|
|
33
|
-
# field :unconfirmed_email, :type => String # Only if using reconfirmable
|
|
34
|
-
|
|
35
|
-
## Lockable
|
|
36
|
-
field :failed_attempts, :type => Integer, :default => 0 # Only if lock strategy is :failed_attempts
|
|
37
|
-
field :unlock_token, :type => String # Only if unlock strategy is :email or :both
|
|
38
|
-
field :locked_at, :type => Time
|
|
39
|
-
end
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Welcome Admin!
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Admin dashboard
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Home!
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Join
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Private!
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
User dashboard
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
|
|
2
|
-
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
3
|
-
<html>
|
|
4
|
-
<head>
|
|
5
|
-
<title>Devise Test App</title>
|
|
6
|
-
</head>
|
|
7
|
-
<body>
|
|
8
|
-
<div id="container">
|
|
9
|
-
<%- flash.each do |name, msg| -%>
|
|
10
|
-
<%= content_tag :div, msg, :id => "flash_#{name}" %>
|
|
11
|
-
<%- end -%>
|
|
12
|
-
|
|
13
|
-
<% if user_signed_in? -%>
|
|
14
|
-
<p>Hello User <%= current_user.email %>! You are signed in!</p>
|
|
15
|
-
<% end -%>
|
|
16
|
-
|
|
17
|
-
<% if admin_signed_in? -%>
|
|
18
|
-
<p>Hello Admin <%= current_admin.email %>! You are signed in!</p>
|
|
19
|
-
<% end -%>
|
|
20
|
-
|
|
21
|
-
<%= yield %>
|
|
22
|
-
</div>
|
|
23
|
-
</body>
|
|
24
|
-
</html>
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
<%= button_to 'Update', update_form_user_path(current_user), method: 'put' %>
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
Welcome User #<%= current_user.id %>!
|