devise 3.5.1 → 4.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (256) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +259 -1076
  3. data/MIT-LICENSE +1 -1
  4. data/README.md +256 -68
  5. data/app/controllers/devise/confirmations_controller.rb +3 -1
  6. data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
  7. data/app/controllers/devise/passwords_controller.rb +10 -7
  8. data/app/controllers/devise/registrations_controller.rb +39 -18
  9. data/app/controllers/devise/sessions_controller.rb +9 -7
  10. data/app/controllers/devise/unlocks_controller.rb +4 -2
  11. data/app/controllers/devise_controller.rb +23 -10
  12. data/app/helpers/devise_helper.rb +12 -19
  13. data/app/mailers/devise/mailer.rb +10 -0
  14. data/app/views/devise/confirmations/new.html.erb +2 -2
  15. data/app/views/devise/mailer/email_changed.html.erb +7 -0
  16. data/app/views/devise/mailer/password_change.html.erb +3 -0
  17. data/app/views/devise/passwords/edit.html.erb +5 -5
  18. data/app/views/devise/passwords/new.html.erb +2 -2
  19. data/app/views/devise/registrations/edit.html.erb +9 -5
  20. data/app/views/devise/registrations/new.html.erb +4 -4
  21. data/app/views/devise/sessions/new.html.erb +4 -4
  22. data/app/views/devise/shared/_error_messages.html.erb +15 -0
  23. data/app/views/devise/shared/_links.html.erb +8 -8
  24. data/app/views/devise/unlocks/new.html.erb +2 -2
  25. data/config/locales/en.yml +6 -1
  26. data/lib/devise/controllers/helpers.rb +35 -26
  27. data/lib/devise/controllers/rememberable.rb +11 -2
  28. data/lib/devise/controllers/scoped_views.rb +2 -0
  29. data/lib/devise/controllers/sign_in_out.rb +35 -18
  30. data/lib/devise/controllers/store_location.rb +25 -7
  31. data/lib/devise/controllers/url_helpers.rb +2 -0
  32. data/lib/devise/delegator.rb +2 -0
  33. data/lib/devise/encryptor.rb +6 -4
  34. data/lib/devise/failure_app.rb +84 -27
  35. data/lib/devise/hooks/activatable.rb +2 -0
  36. data/lib/devise/hooks/csrf_cleaner.rb +2 -0
  37. data/lib/devise/hooks/forgetable.rb +2 -0
  38. data/lib/devise/hooks/lockable.rb +6 -1
  39. data/lib/devise/hooks/proxy.rb +3 -1
  40. data/lib/devise/hooks/rememberable.rb +2 -0
  41. data/lib/devise/hooks/timeoutable.rb +7 -7
  42. data/lib/devise/hooks/trackable.rb +2 -0
  43. data/lib/devise/mailers/helpers.rb +7 -4
  44. data/lib/devise/mapping.rb +2 -0
  45. data/lib/devise/models/authenticatable.rb +51 -26
  46. data/lib/devise/models/confirmable.rb +106 -33
  47. data/lib/devise/models/database_authenticatable.rb +97 -21
  48. data/lib/devise/models/lockable.rb +15 -5
  49. data/lib/devise/models/omniauthable.rb +2 -0
  50. data/lib/devise/models/recoverable.rb +32 -24
  51. data/lib/devise/models/registerable.rb +4 -0
  52. data/lib/devise/models/rememberable.rb +42 -26
  53. data/lib/devise/models/timeoutable.rb +2 -6
  54. data/lib/devise/models/trackable.rb +15 -1
  55. data/lib/devise/models/validatable.rb +10 -3
  56. data/lib/devise/models.rb +3 -1
  57. data/lib/devise/modules.rb +2 -0
  58. data/lib/devise/omniauth/config.rb +2 -0
  59. data/lib/devise/omniauth/url_helpers.rb +14 -5
  60. data/lib/devise/omniauth.rb +2 -0
  61. data/lib/devise/orm/active_record.rb +5 -1
  62. data/lib/devise/orm/mongoid.rb +6 -2
  63. data/lib/devise/parameter_filter.rb +4 -0
  64. data/lib/devise/parameter_sanitizer.rb +139 -65
  65. data/lib/devise/rails/routes.rb +67 -47
  66. data/lib/devise/rails/warden_compat.rb +3 -10
  67. data/lib/devise/rails.rb +7 -16
  68. data/lib/devise/secret_key_finder.rb +27 -0
  69. data/lib/devise/strategies/authenticatable.rb +5 -3
  70. data/lib/devise/strategies/base.rb +2 -0
  71. data/lib/devise/strategies/database_authenticatable.rb +11 -4
  72. data/lib/devise/strategies/rememberable.rb +5 -6
  73. data/lib/devise/test/controller_helpers.rb +165 -0
  74. data/lib/devise/test/integration_helpers.rb +63 -0
  75. data/lib/devise/test_helpers.rb +7 -124
  76. data/lib/devise/time_inflector.rb +2 -0
  77. data/lib/devise/token_generator.rb +3 -41
  78. data/lib/devise/version.rb +3 -1
  79. data/lib/devise.rb +73 -46
  80. data/lib/generators/active_record/devise_generator.rb +29 -10
  81. data/lib/generators/active_record/templates/migration.rb +4 -2
  82. data/lib/generators/active_record/templates/migration_existing.rb +4 -2
  83. data/lib/generators/devise/controllers_generator.rb +3 -1
  84. data/lib/generators/devise/devise_generator.rb +4 -2
  85. data/lib/generators/devise/install_generator.rb +17 -0
  86. data/lib/generators/devise/orm_helpers.rb +10 -21
  87. data/lib/generators/devise/views_generator.rb +21 -11
  88. data/lib/generators/mongoid/devise_generator.rb +7 -5
  89. data/lib/generators/templates/README +1 -8
  90. data/lib/generators/templates/controllers/README +1 -1
  91. data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
  92. data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
  93. data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
  94. data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
  95. data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
  96. data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
  97. data/lib/generators/templates/devise.rb +52 -22
  98. data/lib/generators/templates/markerb/confirmation_instructions.markerb +1 -1
  99. data/lib/generators/templates/markerb/email_changed.markerb +7 -0
  100. data/lib/generators/templates/markerb/password_change.markerb +3 -0
  101. data/lib/generators/templates/markerb/reset_password_instructions.markerb +1 -1
  102. data/lib/generators/templates/markerb/unlock_instructions.markerb +1 -1
  103. data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
  104. data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +10 -2
  105. data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
  106. data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
  107. data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
  108. data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
  109. data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
  110. metadata +15 -301
  111. data/.gitignore +0 -10
  112. data/.travis.yml +0 -45
  113. data/.yardopts +0 -9
  114. data/CONTRIBUTING.md +0 -14
  115. data/Gemfile +0 -29
  116. data/Gemfile.lock +0 -191
  117. data/Rakefile +0 -36
  118. data/devise.gemspec +0 -29
  119. data/devise.png +0 -0
  120. data/gemfiles/Gemfile.rails-3.2-stable +0 -29
  121. data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -169
  122. data/gemfiles/Gemfile.rails-4.0-stable +0 -29
  123. data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -163
  124. data/gemfiles/Gemfile.rails-4.1-stable +0 -29
  125. data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -169
  126. data/gemfiles/Gemfile.rails-4.2-stable +0 -29
  127. data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -191
  128. data/script/cached-bundle +0 -49
  129. data/script/s3-put +0 -71
  130. data/test/controllers/custom_registrations_controller_test.rb +0 -40
  131. data/test/controllers/custom_strategy_test.rb +0 -62
  132. data/test/controllers/helpers_test.rb +0 -316
  133. data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
  134. data/test/controllers/internal_helpers_test.rb +0 -129
  135. data/test/controllers/load_hooks_controller_test.rb +0 -19
  136. data/test/controllers/passwords_controller_test.rb +0 -31
  137. data/test/controllers/sessions_controller_test.rb +0 -103
  138. data/test/controllers/url_helpers_test.rb +0 -65
  139. data/test/delegator_test.rb +0 -19
  140. data/test/devise_test.rb +0 -107
  141. data/test/failure_app_test.rb +0 -298
  142. data/test/generators/active_record_generator_test.rb +0 -109
  143. data/test/generators/controllers_generator_test.rb +0 -48
  144. data/test/generators/devise_generator_test.rb +0 -39
  145. data/test/generators/install_generator_test.rb +0 -13
  146. data/test/generators/mongoid_generator_test.rb +0 -23
  147. data/test/generators/views_generator_test.rb +0 -96
  148. data/test/helpers/devise_helper_test.rb +0 -49
  149. data/test/integration/authenticatable_test.rb +0 -729
  150. data/test/integration/confirmable_test.rb +0 -324
  151. data/test/integration/database_authenticatable_test.rb +0 -95
  152. data/test/integration/http_authenticatable_test.rb +0 -105
  153. data/test/integration/lockable_test.rb +0 -239
  154. data/test/integration/omniauthable_test.rb +0 -133
  155. data/test/integration/recoverable_test.rb +0 -347
  156. data/test/integration/registerable_test.rb +0 -359
  157. data/test/integration/rememberable_test.rb +0 -176
  158. data/test/integration/timeoutable_test.rb +0 -189
  159. data/test/integration/trackable_test.rb +0 -92
  160. data/test/mailers/confirmation_instructions_test.rb +0 -115
  161. data/test/mailers/reset_password_instructions_test.rb +0 -96
  162. data/test/mailers/unlock_instructions_test.rb +0 -91
  163. data/test/mapping_test.rb +0 -134
  164. data/test/models/authenticatable_test.rb +0 -23
  165. data/test/models/confirmable_test.rb +0 -468
  166. data/test/models/database_authenticatable_test.rb +0 -249
  167. data/test/models/lockable_test.rb +0 -328
  168. data/test/models/omniauthable_test.rb +0 -7
  169. data/test/models/recoverable_test.rb +0 -228
  170. data/test/models/registerable_test.rb +0 -7
  171. data/test/models/rememberable_test.rb +0 -204
  172. data/test/models/serializable_test.rb +0 -49
  173. data/test/models/timeoutable_test.rb +0 -51
  174. data/test/models/trackable_test.rb +0 -41
  175. data/test/models/validatable_test.rb +0 -127
  176. data/test/models_test.rb +0 -144
  177. data/test/omniauth/config_test.rb +0 -57
  178. data/test/omniauth/url_helpers_test.rb +0 -54
  179. data/test/orm/active_record.rb +0 -10
  180. data/test/orm/mongoid.rb +0 -13
  181. data/test/parameter_sanitizer_test.rb +0 -81
  182. data/test/rails_app/Rakefile +0 -6
  183. data/test/rails_app/app/active_record/admin.rb +0 -6
  184. data/test/rails_app/app/active_record/shim.rb +0 -2
  185. data/test/rails_app/app/active_record/user.rb +0 -6
  186. data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
  187. data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
  188. data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
  189. data/test/rails_app/app/controllers/admins_controller.rb +0 -11
  190. data/test/rails_app/app/controllers/application_controller.rb +0 -12
  191. data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
  192. data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
  193. data/test/rails_app/app/controllers/home_controller.rb +0 -25
  194. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
  195. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
  196. data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
  197. data/test/rails_app/app/controllers/users_controller.rb +0 -31
  198. data/test/rails_app/app/helpers/application_helper.rb +0 -3
  199. data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
  200. data/test/rails_app/app/mailers/users/mailer.rb +0 -3
  201. data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
  202. data/test/rails_app/app/mongoid/admin.rb +0 -29
  203. data/test/rails_app/app/mongoid/shim.rb +0 -23
  204. data/test/rails_app/app/mongoid/user.rb +0 -39
  205. data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
  206. data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
  207. data/test/rails_app/app/views/admins/index.html.erb +0 -1
  208. data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
  209. data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
  210. data/test/rails_app/app/views/home/index.html.erb +0 -1
  211. data/test/rails_app/app/views/home/join.html.erb +0 -1
  212. data/test/rails_app/app/views/home/private.html.erb +0 -1
  213. data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
  214. data/test/rails_app/app/views/layouts/application.html.erb +0 -24
  215. data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
  216. data/test/rails_app/app/views/users/index.html.erb +0 -1
  217. data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
  218. data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
  219. data/test/rails_app/bin/bundle +0 -3
  220. data/test/rails_app/bin/rails +0 -4
  221. data/test/rails_app/bin/rake +0 -4
  222. data/test/rails_app/config/application.rb +0 -40
  223. data/test/rails_app/config/boot.rb +0 -14
  224. data/test/rails_app/config/database.yml +0 -18
  225. data/test/rails_app/config/environment.rb +0 -5
  226. data/test/rails_app/config/environments/development.rb +0 -30
  227. data/test/rails_app/config/environments/production.rb +0 -84
  228. data/test/rails_app/config/environments/test.rb +0 -41
  229. data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
  230. data/test/rails_app/config/initializers/devise.rb +0 -180
  231. data/test/rails_app/config/initializers/inflections.rb +0 -2
  232. data/test/rails_app/config/initializers/secret_token.rb +0 -8
  233. data/test/rails_app/config/initializers/session_store.rb +0 -1
  234. data/test/rails_app/config/routes.rb +0 -122
  235. data/test/rails_app/config.ru +0 -4
  236. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
  237. data/test/rails_app/db/schema.rb +0 -55
  238. data/test/rails_app/lib/shared_admin.rb +0 -17
  239. data/test/rails_app/lib/shared_user.rb +0 -29
  240. data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
  241. data/test/rails_app/public/404.html +0 -26
  242. data/test/rails_app/public/422.html +0 -26
  243. data/test/rails_app/public/500.html +0 -26
  244. data/test/rails_app/public/favicon.ico +0 -0
  245. data/test/rails_test.rb +0 -9
  246. data/test/routes_test.rb +0 -264
  247. data/test/support/action_controller/record_identifier.rb +0 -10
  248. data/test/support/assertions.rb +0 -39
  249. data/test/support/helpers.rb +0 -73
  250. data/test/support/integration.rb +0 -92
  251. data/test/support/locale/en.yml +0 -8
  252. data/test/support/mongoid.yml +0 -6
  253. data/test/support/webrat/integrations/rails.rb +0 -24
  254. data/test/test_helper.rb +0 -34
  255. data/test/test_helpers_test.rb +0 -178
  256. data/test/test_models.rb +0 -33
@@ -1,239 +0,0 @@
1
- require 'test_helper'
2
-
3
- class LockTest < ActionDispatch::IntegrationTest
4
-
5
- def visit_user_unlock_with_token(unlock_token)
6
- visit user_unlock_path(unlock_token: unlock_token)
7
- end
8
-
9
- def send_unlock_request
10
- user = create_user(locked: true)
11
- ActionMailer::Base.deliveries.clear
12
-
13
- visit new_user_session_path
14
- click_link "Didn't receive unlock instructions?"
15
-
16
- Devise.stubs(:friendly_token).returns("abcdef")
17
- fill_in 'email', with: user.email
18
- click_button 'Resend unlock instructions'
19
- end
20
-
21
- test 'user should be able to request a new unlock token' do
22
- send_unlock_request
23
-
24
- assert_template 'sessions/new'
25
- assert_contain 'You will receive an email with instructions for how to unlock your account in a few minutes'
26
-
27
- mail = ActionMailer::Base.deliveries.last
28
- assert_equal 1, ActionMailer::Base.deliveries.size
29
- assert_equal ['please-change-me@config-initializers-devise.com'], mail.from
30
- assert_match user_unlock_path(unlock_token: 'abcdef'), mail.body.encoded
31
- end
32
-
33
- test 'user should receive the instructions from a custom mailer' do
34
- User.any_instance.stubs(:devise_mailer).returns(Users::Mailer)
35
-
36
- send_unlock_request
37
-
38
- assert_equal ['custom@example.com'], ActionMailer::Base.deliveries.first.from
39
- end
40
-
41
- test 'unlocked user should not be able to request a unlock token' do
42
- user = create_user(locked: false)
43
- ActionMailer::Base.deliveries.clear
44
-
45
- visit new_user_session_path
46
- click_link "Didn't receive unlock instructions?"
47
-
48
- fill_in 'email', with: user.email
49
- click_button 'Resend unlock instructions'
50
-
51
- assert_template 'unlocks/new'
52
- assert_contain 'not locked'
53
- assert_equal 0, ActionMailer::Base.deliveries.size
54
- end
55
-
56
- test 'unlocked pages should not be available if email strategy is disabled' do
57
- visit "/admin_area/sign_in"
58
-
59
- assert_raise Webrat::NotFoundError do
60
- click_link "Didn't receive unlock instructions?"
61
- end
62
-
63
- assert_raise NameError do
64
- visit new_admin_unlock_path
65
- end
66
-
67
- assert_raise ActionController::RoutingError do
68
- visit "/admin_area/unlock/new"
69
- end
70
- end
71
-
72
- test 'user with invalid unlock token should not be able to unlock an account' do
73
- visit_user_unlock_with_token('invalid_token')
74
-
75
- assert_response :success
76
- assert_current_url '/users/unlock?unlock_token=invalid_token'
77
- assert_have_selector '#error_explanation'
78
- assert_contain /Unlock token(.*)invalid/
79
- end
80
-
81
- test "locked user should be able to unlock account" do
82
- user = create_user
83
- raw = user.lock_access!
84
- visit_user_unlock_with_token(raw)
85
-
86
- assert_current_url "/users/sign_in"
87
- assert_contain 'Your account has been unlocked successfully. Please sign in to continue.'
88
- assert_not user.reload.access_locked?
89
- end
90
-
91
- test "user should not send a new e-mail if already locked" do
92
- user = create_user(locked: true)
93
- user.failed_attempts = User.maximum_attempts + 1
94
- user.save!
95
-
96
- ActionMailer::Base.deliveries.clear
97
-
98
- sign_in_as_user(password: "invalid")
99
- assert_contain 'Your account is locked.'
100
- assert ActionMailer::Base.deliveries.empty?
101
- end
102
-
103
- test 'error message is configurable by resource name' do
104
- store_translations :en, devise: {
105
- failure: {user: {locked: "You are locked!"}}
106
- } do
107
-
108
- user = create_user(locked: true)
109
- user.failed_attempts = User.maximum_attempts + 1
110
- user.save!
111
-
112
- sign_in_as_user(password: "invalid")
113
- assert_contain "You are locked!"
114
- end
115
- end
116
-
117
- test "user should not be able to sign in when locked" do
118
- store_translations :en, devise: {
119
- failure: {user: {locked: "You are locked!"}}
120
- } do
121
-
122
- user = create_user(locked: true)
123
- user.failed_attempts = User.maximum_attempts + 1
124
- user.save!
125
-
126
- sign_in_as_user(password: "123456")
127
- assert_contain "You are locked!"
128
- end
129
- end
130
-
131
- test 'user should be able to request a new unlock token via XML request' do
132
- user = create_user(locked: true)
133
- ActionMailer::Base.deliveries.clear
134
-
135
- post user_unlock_path(format: 'xml'), user: {email: user.email}
136
- assert_response :success
137
- assert_equal response.body, {}.to_xml
138
- assert_equal 1, ActionMailer::Base.deliveries.size
139
- end
140
-
141
- test 'unlocked user should not be able to request a unlock token via XML request' do
142
- user = create_user(locked: false)
143
- ActionMailer::Base.deliveries.clear
144
-
145
- post user_unlock_path(format: 'xml'), user: {email: user.email}
146
- assert_response :unprocessable_entity
147
- assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
148
- assert_equal 0, ActionMailer::Base.deliveries.size
149
- end
150
-
151
- test 'user with valid unlock token should be able to unlock account via XML request' do
152
- user = create_user()
153
- raw = user.lock_access!
154
- assert user.access_locked?
155
- get user_unlock_path(format: 'xml', unlock_token: raw)
156
- assert_response :success
157
- assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<user>)
158
- end
159
-
160
-
161
- test 'user with invalid unlock token should not be able to unlock the account via XML request' do
162
- get user_unlock_path(format: 'xml', unlock_token: 'invalid_token')
163
- assert_response :unprocessable_entity
164
- assert response.body.include? %(<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<errors>)
165
- end
166
-
167
- test "when using json to ask a unlock request, should not return the user" do
168
- user = create_user(locked: true)
169
- post user_unlock_path(format: "json", user: {email: user.email})
170
- assert_response :success
171
- assert_equal response.body, {}.to_json
172
- end
173
-
174
- test "in paranoid mode, when trying to unlock an user that exists it should not say that it exists if it is locked" do
175
- swap Devise, paranoid: true do
176
- user = create_user(locked: true)
177
-
178
- visit new_user_session_path
179
- click_link "Didn't receive unlock instructions?"
180
-
181
- fill_in 'email', with: user.email
182
- click_button 'Resend unlock instructions'
183
-
184
- assert_current_url "/users/sign_in"
185
- assert_contain "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
186
- end
187
- end
188
-
189
- test "in paranoid mode, when trying to unlock an user that exists it should not say that it exists if it is not locked" do
190
- swap Devise, paranoid: true do
191
- user = create_user(locked: false)
192
-
193
- visit new_user_session_path
194
- click_link "Didn't receive unlock instructions?"
195
-
196
- fill_in 'email', with: user.email
197
- click_button 'Resend unlock instructions'
198
-
199
- assert_current_url "/users/sign_in"
200
- assert_contain "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
201
- end
202
- end
203
-
204
- test "in paranoid mode, when trying to unlock an user that does not exists it should not say that it does not exists" do
205
- swap Devise, paranoid: true do
206
- visit new_user_session_path
207
- click_link "Didn't receive unlock instructions?"
208
-
209
- fill_in 'email', with: "arandomemail@hotmail.com"
210
- click_button 'Resend unlock instructions'
211
-
212
- assert_not_contain "1 error prohibited this user from being saved:"
213
- assert_not_contain "Email not found"
214
- assert_current_url "/users/sign_in"
215
-
216
- assert_contain "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
217
-
218
- end
219
- end
220
-
221
- test "in paranoid mode, when locking a user that exists it should not say that the user was locked" do
222
- swap Devise, paranoid: true, maximum_attempts: 1 do
223
- user = create_user(locked: false)
224
-
225
- visit new_user_session_path
226
- fill_in 'email', with: user.email
227
- fill_in 'password', with: "abadpassword"
228
- click_button 'Log in'
229
-
230
- fill_in 'email', with: user.email
231
- fill_in 'password', with: "abadpassword"
232
- click_button 'Log in'
233
-
234
- assert_current_url "/users/sign_in"
235
- assert_not_contain "locked"
236
- end
237
- end
238
-
239
- end
@@ -1,133 +0,0 @@
1
- require 'test_helper'
2
-
3
-
4
- class OmniauthableIntegrationTest < ActionDispatch::IntegrationTest
5
- FACEBOOK_INFO = {
6
- "id" => '12345',
7
- "link" => 'http://facebook.com/josevalim',
8
- "email" => 'user@example.com',
9
- "first_name" => 'Jose',
10
- "last_name" => 'Valim',
11
- "website" => 'http://blog.plataformatec.com.br'
12
- }
13
-
14
- setup do
15
- OmniAuth.config.test_mode = true
16
- OmniAuth.config.mock_auth[:facebook] = {
17
- "uid" => '12345',
18
- "provider" => 'facebook',
19
- "user_info" => {"nickname" => 'josevalim'},
20
- "credentials" => {"token" => 'plataformatec'},
21
- "extra" => {"user_hash" => FACEBOOK_INFO}
22
- }
23
- end
24
-
25
- teardown do
26
- OmniAuth.config.test_mode = false
27
- end
28
-
29
- def stub_action!(name)
30
- Users::OmniauthCallbacksController.class_eval do
31
- alias_method :__old_facebook, :facebook
32
- alias_method :facebook, name
33
- end
34
- yield
35
- ensure
36
- Users::OmniauthCallbacksController.class_eval do
37
- alias_method :facebook, :__old_facebook
38
- end
39
- end
40
-
41
- test "can access omniauth.auth in the env hash" do
42
- visit "/users/sign_in"
43
- click_link "Sign in with Facebook"
44
-
45
- json = ActiveSupport::JSON.decode(response.body)
46
-
47
- assert_equal "12345", json["uid"]
48
- assert_equal "facebook", json["provider"]
49
- assert_equal "josevalim", json["user_info"]["nickname"]
50
- assert_equal FACEBOOK_INFO, json["extra"]["user_hash"]
51
- assert_equal "plataformatec", json["credentials"]["token"]
52
- end
53
-
54
- test "cleans up session on sign up" do
55
- assert_no_difference "User.count" do
56
- visit "/users/sign_in"
57
- click_link "Sign in with Facebook"
58
- end
59
-
60
- assert session["devise.facebook_data"]
61
-
62
- assert_difference "User.count" do
63
- visit "/users/sign_up"
64
- fill_in "Password", with: "12345678"
65
- fill_in "Password confirmation", with: "12345678"
66
- click_button "Sign up"
67
- end
68
-
69
- assert_current_url "/"
70
- assert_contain "You have signed up successfully."
71
- assert_contain "Hello User user@example.com"
72
- assert_not session["devise.facebook_data"]
73
- end
74
-
75
- test "cleans up session on cancel" do
76
- assert_no_difference "User.count" do
77
- visit "/users/sign_in"
78
- click_link "Sign in with Facebook"
79
- end
80
-
81
- assert session["devise.facebook_data"]
82
- visit "/users/cancel"
83
- assert !session["devise.facebook_data"]
84
- end
85
-
86
- test "cleans up session on sign in" do
87
- assert_no_difference "User.count" do
88
- visit "/users/sign_in"
89
- click_link "Sign in with Facebook"
90
- end
91
-
92
- assert session["devise.facebook_data"]
93
- sign_in_as_user
94
- assert !session["devise.facebook_data"]
95
- end
96
-
97
- test "sign in and send remember token if configured" do
98
- visit "/users/sign_in"
99
- click_link "Sign in with Facebook"
100
- assert_nil warden.cookies["remember_user_token"]
101
-
102
- stub_action!(:sign_in_facebook) do
103
- create_user
104
- visit "/users/sign_in"
105
- click_link "Sign in with Facebook"
106
- assert warden.authenticated?(:user)
107
- assert warden.cookies["remember_user_token"]
108
- end
109
- end
110
-
111
- test "generates a proper link when SCRIPT_NAME is set" do
112
- header 'SCRIPT_NAME', '/q'
113
- visit "/users/sign_in"
114
- assert_select "a", href: "/q/users/auth/facebook"
115
- end
116
-
117
- test "handles callback error parameter according to the specification" do
118
- OmniAuth.config.mock_auth[:facebook] = :access_denied
119
- visit "/users/auth/facebook/callback?error=access_denied"
120
- assert_current_url "/users/sign_in"
121
- assert_contain 'Could not authenticate you from Facebook because "Access denied".'
122
- end
123
-
124
- test "handles other exceptions from OmniAuth" do
125
- OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
126
-
127
- visit "/users/sign_in"
128
- click_link "Sign in with Facebook"
129
-
130
- assert_current_url "/users/sign_in"
131
- assert_contain 'Could not authenticate you from Facebook because "Invalid credentials".'
132
- end
133
- end