devise 3.5.10 → 4.6.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CHANGELOG.md +240 -1147
- data/MIT-LICENSE +1 -1
- data/README.md +240 -65
- data/app/controllers/devise/confirmations_controller.rb +3 -1
- data/app/controllers/devise/omniauth_callbacks_controller.rb +8 -6
- data/app/controllers/devise/passwords_controller.rb +7 -4
- data/app/controllers/devise/registrations_controller.rb +39 -18
- data/app/controllers/devise/sessions_controller.rb +9 -7
- data/app/controllers/devise/unlocks_controller.rb +4 -2
- data/app/controllers/devise_controller.rb +23 -10
- data/app/helpers/devise_helper.rb +12 -19
- data/app/mailers/devise/mailer.rb +6 -0
- data/app/views/devise/confirmations/new.html.erb +2 -2
- data/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/app/views/devise/passwords/edit.html.erb +2 -2
- data/app/views/devise/passwords/new.html.erb +2 -2
- data/app/views/devise/registrations/edit.html.erb +9 -5
- data/app/views/devise/registrations/new.html.erb +4 -4
- data/app/views/devise/sessions/new.html.erb +4 -4
- data/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/app/views/devise/shared/_links.html.erb +7 -7
- data/app/views/devise/unlocks/new.html.erb +2 -2
- data/config/locales/en.yml +3 -0
- data/lib/devise/controllers/helpers.rb +23 -20
- data/lib/devise/controllers/rememberable.rb +3 -1
- data/lib/devise/controllers/scoped_views.rb +2 -0
- data/lib/devise/controllers/sign_in_out.rb +34 -11
- data/lib/devise/controllers/store_location.rb +25 -7
- data/lib/devise/controllers/url_helpers.rb +2 -0
- data/lib/devise/delegator.rb +2 -0
- data/lib/devise/encryptor.rb +6 -4
- data/lib/devise/failure_app.rb +81 -37
- data/lib/devise/hooks/activatable.rb +2 -0
- data/lib/devise/hooks/csrf_cleaner.rb +2 -0
- data/lib/devise/hooks/forgetable.rb +2 -0
- data/lib/devise/hooks/lockable.rb +6 -1
- data/lib/devise/hooks/proxy.rb +3 -1
- data/lib/devise/hooks/rememberable.rb +2 -0
- data/lib/devise/hooks/timeoutable.rb +2 -0
- data/lib/devise/hooks/trackable.rb +2 -0
- data/lib/devise/mailers/helpers.rb +7 -4
- data/lib/devise/mapping.rb +2 -0
- data/lib/devise/models/authenticatable.rb +51 -25
- data/lib/devise/models/confirmable.rb +76 -27
- data/lib/devise/models/database_authenticatable.rb +91 -23
- data/lib/devise/models/lockable.rb +10 -4
- data/lib/devise/models/omniauthable.rb +2 -0
- data/lib/devise/models/recoverable.rb +31 -19
- data/lib/devise/models/registerable.rb +4 -0
- data/lib/devise/models/rememberable.rb +5 -10
- data/lib/devise/models/timeoutable.rb +2 -0
- data/lib/devise/models/trackable.rb +15 -1
- data/lib/devise/models/validatable.rb +10 -3
- data/lib/devise/models.rb +3 -1
- data/lib/devise/modules.rb +2 -0
- data/lib/devise/omniauth/config.rb +2 -0
- data/lib/devise/omniauth/url_helpers.rb +14 -5
- data/lib/devise/omniauth.rb +2 -0
- data/lib/devise/orm/active_record.rb +5 -1
- data/lib/devise/orm/mongoid.rb +6 -2
- data/lib/devise/parameter_filter.rb +4 -0
- data/lib/devise/parameter_sanitizer.rb +139 -65
- data/lib/devise/rails/routes.rb +42 -31
- data/lib/devise/rails/warden_compat.rb +3 -10
- data/lib/devise/rails.rb +7 -16
- data/lib/devise/secret_key_finder.rb +27 -0
- data/lib/devise/strategies/authenticatable.rb +2 -0
- data/lib/devise/strategies/base.rb +2 -0
- data/lib/devise/strategies/database_authenticatable.rb +11 -4
- data/lib/devise/strategies/rememberable.rb +2 -0
- data/lib/devise/test/controller_helpers.rb +165 -0
- data/lib/devise/test/integration_helpers.rb +63 -0
- data/lib/devise/test_helpers.rb +7 -124
- data/lib/devise/time_inflector.rb +2 -0
- data/lib/devise/token_generator.rb +3 -41
- data/lib/devise/version.rb +3 -1
- data/lib/devise.rb +61 -40
- data/lib/generators/active_record/devise_generator.rb +29 -10
- data/lib/generators/active_record/templates/migration.rb +4 -2
- data/lib/generators/active_record/templates/migration_existing.rb +4 -2
- data/lib/generators/devise/controllers_generator.rb +3 -1
- data/lib/generators/devise/devise_generator.rb +4 -2
- data/lib/generators/devise/install_generator.rb +17 -0
- data/lib/generators/devise/orm_helpers.rb +10 -21
- data/lib/generators/devise/views_generator.rb +7 -8
- data/lib/generators/mongoid/devise_generator.rb +7 -5
- data/lib/generators/templates/README +1 -8
- data/lib/generators/templates/controllers/confirmations_controller.rb +2 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +2 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +2 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +6 -4
- data/lib/generators/templates/controllers/sessions_controller.rb +4 -2
- data/lib/generators/templates/controllers/unlocks_controller.rb +2 -0
- data/lib/generators/templates/devise.rb +50 -20
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +2 -2
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +5 -1
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +6 -1
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +4 -1
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +11 -3
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +7 -2
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +4 -1
- metadata +15 -307
- data/.gitignore +0 -10
- data/.travis.yml +0 -44
- data/.yardopts +0 -9
- data/CODE_OF_CONDUCT.md +0 -22
- data/CONTRIBUTING.md +0 -16
- data/Gemfile +0 -30
- data/Gemfile.lock +0 -187
- data/Rakefile +0 -36
- data/devise.gemspec +0 -27
- data/devise.png +0 -0
- data/gemfiles/Gemfile.rails-3.2-stable +0 -29
- data/gemfiles/Gemfile.rails-3.2-stable.lock +0 -172
- data/gemfiles/Gemfile.rails-4.0-stable +0 -30
- data/gemfiles/Gemfile.rails-4.0-stable.lock +0 -166
- data/gemfiles/Gemfile.rails-4.1-stable +0 -30
- data/gemfiles/Gemfile.rails-4.1-stable.lock +0 -171
- data/gemfiles/Gemfile.rails-4.2-stable +0 -30
- data/gemfiles/Gemfile.rails-4.2-stable.lock +0 -193
- data/script/cached-bundle +0 -49
- data/script/s3-put +0 -71
- data/test/controllers/custom_registrations_controller_test.rb +0 -40
- data/test/controllers/custom_strategy_test.rb +0 -62
- data/test/controllers/helper_methods_test.rb +0 -21
- data/test/controllers/helpers_test.rb +0 -316
- data/test/controllers/inherited_controller_i18n_messages_test.rb +0 -51
- data/test/controllers/internal_helpers_test.rb +0 -129
- data/test/controllers/load_hooks_controller_test.rb +0 -19
- data/test/controllers/passwords_controller_test.rb +0 -31
- data/test/controllers/sessions_controller_test.rb +0 -103
- data/test/controllers/url_helpers_test.rb +0 -65
- data/test/delegator_test.rb +0 -19
- data/test/devise_test.rb +0 -107
- data/test/failure_app_test.rb +0 -315
- data/test/generators/active_record_generator_test.rb +0 -109
- data/test/generators/controllers_generator_test.rb +0 -48
- data/test/generators/devise_generator_test.rb +0 -39
- data/test/generators/install_generator_test.rb +0 -13
- data/test/generators/mongoid_generator_test.rb +0 -23
- data/test/generators/views_generator_test.rb +0 -103
- data/test/helpers/devise_helper_test.rb +0 -49
- data/test/integration/authenticatable_test.rb +0 -729
- data/test/integration/confirmable_test.rb +0 -324
- data/test/integration/database_authenticatable_test.rb +0 -95
- data/test/integration/http_authenticatable_test.rb +0 -105
- data/test/integration/lockable_test.rb +0 -239
- data/test/integration/omniauthable_test.rb +0 -135
- data/test/integration/recoverable_test.rb +0 -347
- data/test/integration/registerable_test.rb +0 -359
- data/test/integration/rememberable_test.rb +0 -214
- data/test/integration/timeoutable_test.rb +0 -184
- data/test/integration/trackable_test.rb +0 -92
- data/test/mailers/confirmation_instructions_test.rb +0 -115
- data/test/mailers/reset_password_instructions_test.rb +0 -96
- data/test/mailers/unlock_instructions_test.rb +0 -91
- data/test/mapping_test.rb +0 -134
- data/test/models/authenticatable_test.rb +0 -23
- data/test/models/confirmable_test.rb +0 -511
- data/test/models/database_authenticatable_test.rb +0 -269
- data/test/models/lockable_test.rb +0 -350
- data/test/models/omniauthable_test.rb +0 -7
- data/test/models/recoverable_test.rb +0 -251
- data/test/models/registerable_test.rb +0 -7
- data/test/models/rememberable_test.rb +0 -169
- data/test/models/serializable_test.rb +0 -49
- data/test/models/timeoutable_test.rb +0 -51
- data/test/models/trackable_test.rb +0 -41
- data/test/models/validatable_test.rb +0 -127
- data/test/models_test.rb +0 -153
- data/test/omniauth/config_test.rb +0 -57
- data/test/omniauth/url_helpers_test.rb +0 -54
- data/test/orm/active_record.rb +0 -10
- data/test/orm/mongoid.rb +0 -13
- data/test/parameter_sanitizer_test.rb +0 -81
- data/test/rails_app/Rakefile +0 -6
- data/test/rails_app/app/active_record/admin.rb +0 -6
- data/test/rails_app/app/active_record/shim.rb +0 -2
- data/test/rails_app/app/active_record/user.rb +0 -6
- data/test/rails_app/app/active_record/user_on_engine.rb +0 -7
- data/test/rails_app/app/active_record/user_on_main_app.rb +0 -7
- data/test/rails_app/app/active_record/user_without_email.rb +0 -8
- data/test/rails_app/app/controllers/admins/sessions_controller.rb +0 -6
- data/test/rails_app/app/controllers/admins_controller.rb +0 -6
- data/test/rails_app/app/controllers/application_controller.rb +0 -12
- data/test/rails_app/app/controllers/application_with_fake_engine.rb +0 -30
- data/test/rails_app/app/controllers/custom/registrations_controller.rb +0 -31
- data/test/rails_app/app/controllers/home_controller.rb +0 -25
- data/test/rails_app/app/controllers/publisher/registrations_controller.rb +0 -2
- data/test/rails_app/app/controllers/publisher/sessions_controller.rb +0 -2
- data/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +0 -14
- data/test/rails_app/app/controllers/users_controller.rb +0 -31
- data/test/rails_app/app/helpers/application_helper.rb +0 -3
- data/test/rails_app/app/mailers/users/from_proc_mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/mailer.rb +0 -3
- data/test/rails_app/app/mailers/users/reply_to_mailer.rb +0 -4
- data/test/rails_app/app/mongoid/admin.rb +0 -29
- data/test/rails_app/app/mongoid/shim.rb +0 -23
- data/test/rails_app/app/mongoid/user.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_engine.rb +0 -39
- data/test/rails_app/app/mongoid/user_on_main_app.rb +0 -39
- data/test/rails_app/app/mongoid/user_without_email.rb +0 -33
- data/test/rails_app/app/views/admins/index.html.erb +0 -1
- data/test/rails_app/app/views/admins/sessions/new.html.erb +0 -2
- data/test/rails_app/app/views/home/admin_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/home/index.html.erb +0 -1
- data/test/rails_app/app/views/home/join.html.erb +0 -1
- data/test/rails_app/app/views/home/private.html.erb +0 -1
- data/test/rails_app/app/views/home/user_dashboard.html.erb +0 -1
- data/test/rails_app/app/views/layouts/application.html.erb +0 -24
- data/test/rails_app/app/views/users/edit_form.html.erb +0 -1
- data/test/rails_app/app/views/users/index.html.erb +0 -1
- data/test/rails_app/app/views/users/mailer/confirmation_instructions.erb +0 -1
- data/test/rails_app/app/views/users/sessions/new.html.erb +0 -1
- data/test/rails_app/bin/bundle +0 -3
- data/test/rails_app/bin/rails +0 -4
- data/test/rails_app/bin/rake +0 -4
- data/test/rails_app/config/application.rb +0 -40
- data/test/rails_app/config/boot.rb +0 -14
- data/test/rails_app/config/database.yml +0 -18
- data/test/rails_app/config/environment.rb +0 -5
- data/test/rails_app/config/environments/development.rb +0 -30
- data/test/rails_app/config/environments/production.rb +0 -84
- data/test/rails_app/config/environments/test.rb +0 -41
- data/test/rails_app/config/initializers/backtrace_silencers.rb +0 -7
- data/test/rails_app/config/initializers/devise.rb +0 -180
- data/test/rails_app/config/initializers/inflections.rb +0 -2
- data/test/rails_app/config/initializers/secret_token.rb +0 -8
- data/test/rails_app/config/initializers/session_store.rb +0 -1
- data/test/rails_app/config/routes.rb +0 -125
- data/test/rails_app/config.ru +0 -4
- data/test/rails_app/db/migrate/20100401102949_create_tables.rb +0 -71
- data/test/rails_app/db/schema.rb +0 -55
- data/test/rails_app/lib/shared_admin.rb +0 -17
- data/test/rails_app/lib/shared_user.rb +0 -29
- data/test/rails_app/lib/shared_user_without_email.rb +0 -26
- data/test/rails_app/lib/shared_user_without_omniauth.rb +0 -13
- data/test/rails_app/public/404.html +0 -26
- data/test/rails_app/public/422.html +0 -26
- data/test/rails_app/public/500.html +0 -26
- data/test/rails_app/public/favicon.ico +0 -0
- data/test/rails_test.rb +0 -9
- data/test/routes_test.rb +0 -264
- data/test/support/action_controller/record_identifier.rb +0 -10
- data/test/support/assertions.rb +0 -39
- data/test/support/helpers.rb +0 -77
- data/test/support/integration.rb +0 -92
- data/test/support/locale/en.yml +0 -8
- data/test/support/mongoid.yml +0 -6
- data/test/support/webrat/integrations/rails.rb +0 -24
- data/test/test_helper.rb +0 -34
- data/test/test_helpers_test.rb +0 -178
- data/test/test_models.rb +0 -33
- data/test/time_helpers.rb +0 -137
@@ -1,184 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class SessionTimeoutTest < ActionDispatch::IntegrationTest
|
4
|
-
|
5
|
-
def last_request_at
|
6
|
-
@controller.user_session['last_request_at']
|
7
|
-
end
|
8
|
-
|
9
|
-
test 'set last request at in user session after each request' do
|
10
|
-
sign_in_as_user
|
11
|
-
assert_not_nil last_request_at
|
12
|
-
|
13
|
-
@controller.user_session.delete('last_request_at')
|
14
|
-
get users_path
|
15
|
-
assert_not_nil last_request_at
|
16
|
-
end
|
17
|
-
|
18
|
-
test 'set last request at in user session after each request is skipped if tracking is disabled' do
|
19
|
-
sign_in_as_user
|
20
|
-
old_last_request = last_request_at
|
21
|
-
assert_not_nil last_request_at
|
22
|
-
|
23
|
-
get users_path, {}, 'devise.skip_trackable' => true
|
24
|
-
assert_equal old_last_request, last_request_at
|
25
|
-
end
|
26
|
-
|
27
|
-
test 'does not set last request at in user session after each request if timeoutable is disabled' do
|
28
|
-
sign_in_as_user
|
29
|
-
old_last_request = last_request_at
|
30
|
-
assert_not_nil last_request_at
|
31
|
-
|
32
|
-
new_time = 2.seconds.from_now
|
33
|
-
Time.stubs(:now).returns(new_time)
|
34
|
-
|
35
|
-
get users_path, {}, 'devise.skip_timeoutable' => true
|
36
|
-
assert_equal old_last_request, last_request_at
|
37
|
-
end
|
38
|
-
|
39
|
-
test 'does not time out user session before default limit time' do
|
40
|
-
sign_in_as_user
|
41
|
-
assert_response :success
|
42
|
-
assert warden.authenticated?(:user)
|
43
|
-
|
44
|
-
get users_path
|
45
|
-
assert_response :success
|
46
|
-
assert warden.authenticated?(:user)
|
47
|
-
end
|
48
|
-
|
49
|
-
test 'time out user session after default limit time when sign_out_all_scopes is false' do
|
50
|
-
swap Devise, sign_out_all_scopes: false do
|
51
|
-
sign_in_as_admin
|
52
|
-
|
53
|
-
user = sign_in_as_user
|
54
|
-
get expire_user_path(user)
|
55
|
-
assert_not_nil last_request_at
|
56
|
-
|
57
|
-
get users_path
|
58
|
-
assert_redirected_to users_path
|
59
|
-
assert_not warden.authenticated?(:user)
|
60
|
-
assert warden.authenticated?(:admin)
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
test 'time out all sessions after default limit time when sign_out_all_scopes is true' do
|
65
|
-
swap Devise, sign_out_all_scopes: true do
|
66
|
-
sign_in_as_admin
|
67
|
-
|
68
|
-
user = sign_in_as_user
|
69
|
-
get expire_user_path(user)
|
70
|
-
assert_not_nil last_request_at
|
71
|
-
|
72
|
-
get root_path
|
73
|
-
assert_not warden.authenticated?(:user)
|
74
|
-
assert_not warden.authenticated?(:admin)
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
test 'time out user session after deault limit time and redirect to latest get request' do
|
79
|
-
user = sign_in_as_user
|
80
|
-
visit edit_form_user_path(user)
|
81
|
-
|
82
|
-
click_button 'Update'
|
83
|
-
sign_in_as_user
|
84
|
-
|
85
|
-
assert_equal edit_form_user_url(user), current_url
|
86
|
-
end
|
87
|
-
|
88
|
-
test 'time out is not triggered on sign out' do
|
89
|
-
user = sign_in_as_user
|
90
|
-
get expire_user_path(user)
|
91
|
-
|
92
|
-
get destroy_user_session_path
|
93
|
-
|
94
|
-
assert_response :redirect
|
95
|
-
assert_redirected_to root_path
|
96
|
-
follow_redirect!
|
97
|
-
assert_contain 'Signed out successfully'
|
98
|
-
end
|
99
|
-
|
100
|
-
test 'expired session is not extended by sign in page' do
|
101
|
-
user = sign_in_as_user
|
102
|
-
get expire_user_path(user)
|
103
|
-
assert warden.authenticated?(:user)
|
104
|
-
|
105
|
-
get "/users/sign_in"
|
106
|
-
assert_redirected_to "/users/sign_in"
|
107
|
-
follow_redirect!
|
108
|
-
|
109
|
-
assert_response :success
|
110
|
-
assert_contain 'Sign in'
|
111
|
-
assert_not warden.authenticated?(:user)
|
112
|
-
end
|
113
|
-
|
114
|
-
test 'time out is not triggered on sign in' do
|
115
|
-
user = sign_in_as_user
|
116
|
-
get expire_user_path(user)
|
117
|
-
|
118
|
-
post "/users/sign_in", email: user.email, password: "123456"
|
119
|
-
|
120
|
-
assert_response :redirect
|
121
|
-
follow_redirect!
|
122
|
-
assert_contain 'You are signed in'
|
123
|
-
end
|
124
|
-
|
125
|
-
test 'user configured timeout limit' do
|
126
|
-
swap Devise, timeout_in: 8.minutes do
|
127
|
-
user = sign_in_as_user
|
128
|
-
|
129
|
-
get users_path
|
130
|
-
assert_not_nil last_request_at
|
131
|
-
assert_response :success
|
132
|
-
assert warden.authenticated?(:user)
|
133
|
-
|
134
|
-
get expire_user_path(user)
|
135
|
-
get users_path
|
136
|
-
assert_redirected_to users_path
|
137
|
-
assert_not warden.authenticated?(:user)
|
138
|
-
end
|
139
|
-
end
|
140
|
-
|
141
|
-
test 'error message with i18n' do
|
142
|
-
store_translations :en, devise: {
|
143
|
-
failure: { user: { timeout: 'Session expired!' } }
|
144
|
-
} do
|
145
|
-
user = sign_in_as_user
|
146
|
-
|
147
|
-
get expire_user_path(user)
|
148
|
-
get root_path
|
149
|
-
follow_redirect!
|
150
|
-
assert_contain 'Session expired!'
|
151
|
-
end
|
152
|
-
end
|
153
|
-
|
154
|
-
test 'error message with i18n with double redirect' do
|
155
|
-
store_translations :en, devise: {
|
156
|
-
failure: { user: { timeout: 'Session expired!' } }
|
157
|
-
} do
|
158
|
-
user = sign_in_as_user
|
159
|
-
|
160
|
-
get expire_user_path(user)
|
161
|
-
get users_path
|
162
|
-
follow_redirect!
|
163
|
-
follow_redirect!
|
164
|
-
assert_contain 'Session expired!'
|
165
|
-
end
|
166
|
-
end
|
167
|
-
|
168
|
-
test 'time out not triggered if remembered' do
|
169
|
-
user = sign_in_as_user remember_me: true
|
170
|
-
get expire_user_path(user)
|
171
|
-
assert_not_nil last_request_at
|
172
|
-
|
173
|
-
get users_path
|
174
|
-
assert_response :success
|
175
|
-
assert warden.authenticated?(:user)
|
176
|
-
end
|
177
|
-
|
178
|
-
test 'does not crash when the last_request_at is a String' do
|
179
|
-
user = sign_in_as_user
|
180
|
-
|
181
|
-
get edit_form_user_path(user, last_request_at: Time.now.utc.to_s)
|
182
|
-
get users_path
|
183
|
-
end
|
184
|
-
end
|
@@ -1,92 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class TrackableHooksTest < ActionDispatch::IntegrationTest
|
4
|
-
|
5
|
-
test "current and last sign in timestamps are updated on each sign in" do
|
6
|
-
user = create_user
|
7
|
-
assert_nil user.current_sign_in_at
|
8
|
-
assert_nil user.last_sign_in_at
|
9
|
-
|
10
|
-
sign_in_as_user
|
11
|
-
user.reload
|
12
|
-
|
13
|
-
assert user.current_sign_in_at.acts_like?(:time)
|
14
|
-
assert user.last_sign_in_at.acts_like?(:time)
|
15
|
-
|
16
|
-
assert_equal user.current_sign_in_at, user.last_sign_in_at
|
17
|
-
assert user.current_sign_in_at >= user.created_at
|
18
|
-
|
19
|
-
visit destroy_user_session_path
|
20
|
-
new_time = 2.seconds.from_now
|
21
|
-
Time.stubs(:now).returns(new_time)
|
22
|
-
|
23
|
-
sign_in_as_user
|
24
|
-
user.reload
|
25
|
-
assert user.current_sign_in_at > user.last_sign_in_at
|
26
|
-
end
|
27
|
-
|
28
|
-
test "current and last sign in remote ip are updated on each sign in" do
|
29
|
-
user = create_user
|
30
|
-
assert_nil user.current_sign_in_ip
|
31
|
-
assert_nil user.last_sign_in_ip
|
32
|
-
|
33
|
-
sign_in_as_user
|
34
|
-
user.reload
|
35
|
-
|
36
|
-
assert_equal "127.0.0.1", user.current_sign_in_ip
|
37
|
-
assert_equal "127.0.0.1", user.last_sign_in_ip
|
38
|
-
end
|
39
|
-
|
40
|
-
test "current remote ip returns original ip behind a non transparent proxy" do
|
41
|
-
user = create_user
|
42
|
-
|
43
|
-
arbitrary_ip = '200.121.1.69'
|
44
|
-
sign_in_as_user do
|
45
|
-
header 'HTTP_X_FORWARDED_FOR', arbitrary_ip
|
46
|
-
end
|
47
|
-
user.reload
|
48
|
-
assert_equal arbitrary_ip, user.current_sign_in_ip
|
49
|
-
end
|
50
|
-
|
51
|
-
test "increase sign in count" do
|
52
|
-
user = create_user
|
53
|
-
assert_equal 0, user.sign_in_count
|
54
|
-
|
55
|
-
sign_in_as_user
|
56
|
-
user.reload
|
57
|
-
assert_equal 1, user.sign_in_count
|
58
|
-
|
59
|
-
visit destroy_user_session_path
|
60
|
-
sign_in_as_user
|
61
|
-
user.reload
|
62
|
-
assert_equal 2, user.sign_in_count
|
63
|
-
end
|
64
|
-
|
65
|
-
test "does not update anything if user has signed out along the way" do
|
66
|
-
swap Devise, allow_unconfirmed_access_for: 0.days do
|
67
|
-
user = create_user(confirm: false)
|
68
|
-
sign_in_as_user
|
69
|
-
|
70
|
-
user.reload
|
71
|
-
assert_nil user.current_sign_in_at
|
72
|
-
assert_nil user.last_sign_in_at
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
test "do not track if devise.skip_trackable is set" do
|
77
|
-
user = create_user
|
78
|
-
sign_in_as_user do
|
79
|
-
header 'devise.skip_trackable', '1'
|
80
|
-
end
|
81
|
-
user.reload
|
82
|
-
assert_equal 0, user.sign_in_count
|
83
|
-
visit destroy_user_session_path
|
84
|
-
|
85
|
-
sign_in_as_user do
|
86
|
-
header 'devise.skip_trackable', false
|
87
|
-
end
|
88
|
-
user.reload
|
89
|
-
assert_equal 1, user.sign_in_count
|
90
|
-
end
|
91
|
-
|
92
|
-
end
|
@@ -1,115 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class ConfirmationInstructionsTest < ActionMailer::TestCase
|
4
|
-
|
5
|
-
def setup
|
6
|
-
setup_mailer
|
7
|
-
Devise.mailer = 'Devise::Mailer'
|
8
|
-
Devise.mailer_sender = 'test@example.com'
|
9
|
-
end
|
10
|
-
|
11
|
-
def teardown
|
12
|
-
Devise.mailer = 'Devise::Mailer'
|
13
|
-
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
14
|
-
end
|
15
|
-
|
16
|
-
def user
|
17
|
-
@user ||= create_user
|
18
|
-
end
|
19
|
-
|
20
|
-
def mail
|
21
|
-
@mail ||= begin
|
22
|
-
user
|
23
|
-
ActionMailer::Base.deliveries.first
|
24
|
-
end
|
25
|
-
end
|
26
|
-
|
27
|
-
test 'email sent after creating the user' do
|
28
|
-
assert_not_nil mail
|
29
|
-
end
|
30
|
-
|
31
|
-
test 'content type should be set to html' do
|
32
|
-
assert mail.content_type.include?('text/html')
|
33
|
-
end
|
34
|
-
|
35
|
-
test 'send confirmation instructions to the user email' do
|
36
|
-
mail
|
37
|
-
assert_equal [user.email], mail.to
|
38
|
-
end
|
39
|
-
|
40
|
-
test 'setup sender from configuration' do
|
41
|
-
assert_equal ['test@example.com'], mail.from
|
42
|
-
end
|
43
|
-
|
44
|
-
test 'setup sender from custom mailer defaults' do
|
45
|
-
Devise.mailer = 'Users::Mailer'
|
46
|
-
assert_equal ['custom@example.com'], mail.from
|
47
|
-
end
|
48
|
-
|
49
|
-
test 'setup sender from custom mailer defaults with proc' do
|
50
|
-
Devise.mailer = 'Users::FromProcMailer'
|
51
|
-
assert_equal ['custom@example.com'], mail.from
|
52
|
-
end
|
53
|
-
|
54
|
-
test 'custom mailer renders parent mailer template' do
|
55
|
-
Devise.mailer = 'Users::Mailer'
|
56
|
-
assert_present mail.body.encoded
|
57
|
-
end
|
58
|
-
|
59
|
-
test 'setup reply to as copy from sender' do
|
60
|
-
assert_equal ['test@example.com'], mail.reply_to
|
61
|
-
end
|
62
|
-
|
63
|
-
test 'setup reply to as different if set in defaults' do
|
64
|
-
Devise.mailer = 'Users::ReplyToMailer'
|
65
|
-
assert_equal ['custom@example.com'], mail.from
|
66
|
-
assert_equal ['custom_reply_to@example.com'], mail.reply_to
|
67
|
-
end
|
68
|
-
|
69
|
-
test 'setup subject from I18n' do
|
70
|
-
store_translations :en, devise: { mailer: { confirmation_instructions: { subject: 'Account Confirmation' } } } do
|
71
|
-
assert_equal 'Account Confirmation', mail.subject
|
72
|
-
end
|
73
|
-
end
|
74
|
-
|
75
|
-
test 'subject namespaced by model' do
|
76
|
-
store_translations :en, devise: { mailer: { confirmation_instructions: { user_subject: 'User Account Confirmation' } } } do
|
77
|
-
assert_equal 'User Account Confirmation', mail.subject
|
78
|
-
end
|
79
|
-
end
|
80
|
-
|
81
|
-
test 'body should have user info' do
|
82
|
-
assert_match user.email, mail.body.encoded
|
83
|
-
end
|
84
|
-
|
85
|
-
test 'body should have link to confirm the account' do
|
86
|
-
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
|
87
|
-
|
88
|
-
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/confirmation\?confirmation_token=([^"]+)">}
|
89
|
-
assert_equal $1, user.confirmation_token
|
90
|
-
else
|
91
|
-
flunk "expected confirmation url regex to match"
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
|
-
test 'renders a scoped if scoped_views is set to true' do
|
96
|
-
swap Devise, scoped_views: true do
|
97
|
-
assert_equal user.email, mail.body.decoded
|
98
|
-
end
|
99
|
-
end
|
100
|
-
|
101
|
-
test 'renders a scoped if scoped_views is set in the mailer class' do
|
102
|
-
begin
|
103
|
-
Devise::Mailer.scoped_views = true
|
104
|
-
assert_equal user.email, mail.body.decoded
|
105
|
-
ensure
|
106
|
-
Devise::Mailer.send :remove_instance_variable, :@scoped_views
|
107
|
-
end
|
108
|
-
end
|
109
|
-
|
110
|
-
test 'mailer sender accepts a proc' do
|
111
|
-
swap Devise, mailer_sender: proc { "another@example.com" } do
|
112
|
-
assert_equal ['another@example.com'], mail.from
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
@@ -1,96 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class ResetPasswordInstructionsTest < ActionMailer::TestCase
|
4
|
-
def setup
|
5
|
-
setup_mailer
|
6
|
-
Devise.mailer = 'Devise::Mailer'
|
7
|
-
Devise.mailer_sender = 'test@example.com'
|
8
|
-
end
|
9
|
-
|
10
|
-
def teardown
|
11
|
-
Devise.mailer = 'Devise::Mailer'
|
12
|
-
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
13
|
-
end
|
14
|
-
|
15
|
-
def user
|
16
|
-
@user ||= begin
|
17
|
-
user = create_user
|
18
|
-
user.send_reset_password_instructions
|
19
|
-
user
|
20
|
-
end
|
21
|
-
end
|
22
|
-
|
23
|
-
def mail
|
24
|
-
@mail ||= begin
|
25
|
-
user
|
26
|
-
ActionMailer::Base.deliveries.last
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
test 'email sent after reseting the user password' do
|
31
|
-
assert_not_nil mail
|
32
|
-
end
|
33
|
-
|
34
|
-
test 'content type should be set to html' do
|
35
|
-
assert mail.content_type.include?('text/html')
|
36
|
-
end
|
37
|
-
|
38
|
-
test 'send confirmation instructions to the user email' do
|
39
|
-
assert_equal [user.email], mail.to
|
40
|
-
end
|
41
|
-
|
42
|
-
test 'setup sender from configuration' do
|
43
|
-
assert_equal ['test@example.com'], mail.from
|
44
|
-
end
|
45
|
-
|
46
|
-
test 'setup sender from custom mailer defaults' do
|
47
|
-
Devise.mailer = 'Users::Mailer'
|
48
|
-
assert_equal ['custom@example.com'], mail.from
|
49
|
-
end
|
50
|
-
|
51
|
-
test 'setup sender from custom mailer defaults with proc' do
|
52
|
-
Devise.mailer = 'Users::FromProcMailer'
|
53
|
-
assert_equal ['custom@example.com'], mail.from
|
54
|
-
end
|
55
|
-
|
56
|
-
test 'custom mailer renders parent mailer template' do
|
57
|
-
Devise.mailer = 'Users::Mailer'
|
58
|
-
assert_present mail.body.encoded
|
59
|
-
end
|
60
|
-
|
61
|
-
test 'setup reply to as copy from sender' do
|
62
|
-
assert_equal ['test@example.com'], mail.reply_to
|
63
|
-
end
|
64
|
-
|
65
|
-
test 'setup subject from I18n' do
|
66
|
-
store_translations :en, devise: { mailer: { reset_password_instructions: { subject: 'Reset instructions' } } } do
|
67
|
-
assert_equal 'Reset instructions', mail.subject
|
68
|
-
end
|
69
|
-
end
|
70
|
-
|
71
|
-
test 'subject namespaced by model' do
|
72
|
-
store_translations :en, devise: { mailer: { reset_password_instructions: { user_subject: 'User Reset Instructions' } } } do
|
73
|
-
assert_equal 'User Reset Instructions', mail.subject
|
74
|
-
end
|
75
|
-
end
|
76
|
-
|
77
|
-
test 'body should have user info' do
|
78
|
-
assert_match user.email, mail.body.encoded
|
79
|
-
end
|
80
|
-
|
81
|
-
test 'body should have link to confirm the account' do
|
82
|
-
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
|
83
|
-
|
84
|
-
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/password/edit\?reset_password_token=([^"]+)">}
|
85
|
-
assert_equal Devise.token_generator.digest(user.class, :reset_password_token, $1), user.reset_password_token
|
86
|
-
else
|
87
|
-
flunk "expected reset password url regex to match"
|
88
|
-
end
|
89
|
-
end
|
90
|
-
|
91
|
-
test 'mailer sender accepts a proc' do
|
92
|
-
swap Devise, mailer_sender: proc { "another@example.com" } do
|
93
|
-
assert_equal ['another@example.com'], mail.from
|
94
|
-
end
|
95
|
-
end
|
96
|
-
end
|
@@ -1,91 +0,0 @@
|
|
1
|
-
require 'test_helper'
|
2
|
-
|
3
|
-
class UnlockInstructionsTest < ActionMailer::TestCase
|
4
|
-
|
5
|
-
def setup
|
6
|
-
setup_mailer
|
7
|
-
Devise.mailer = 'Devise::Mailer'
|
8
|
-
Devise.mailer_sender = 'test@example.com'
|
9
|
-
end
|
10
|
-
|
11
|
-
def teardown
|
12
|
-
Devise.mailer = 'Devise::Mailer'
|
13
|
-
Devise.mailer_sender = 'please-change-me@config-initializers-devise.com'
|
14
|
-
end
|
15
|
-
|
16
|
-
def user
|
17
|
-
@user ||= begin
|
18
|
-
user = create_user
|
19
|
-
user.lock_access!
|
20
|
-
user
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
def mail
|
25
|
-
@mail ||= begin
|
26
|
-
user
|
27
|
-
ActionMailer::Base.deliveries.last
|
28
|
-
end
|
29
|
-
end
|
30
|
-
|
31
|
-
test 'email sent after locking the user' do
|
32
|
-
assert_not_nil mail
|
33
|
-
end
|
34
|
-
|
35
|
-
test 'content type should be set to html' do
|
36
|
-
assert mail.content_type.include?('text/html')
|
37
|
-
end
|
38
|
-
|
39
|
-
test 'send unlock instructions to the user email' do
|
40
|
-
assert_equal [user.email], mail.to
|
41
|
-
end
|
42
|
-
|
43
|
-
test 'setup sender from configuration' do
|
44
|
-
assert_equal ['test@example.com'], mail.from
|
45
|
-
end
|
46
|
-
|
47
|
-
test 'setup sender from custom mailer defaults' do
|
48
|
-
Devise.mailer = 'Users::Mailer'
|
49
|
-
assert_equal ['custom@example.com'], mail.from
|
50
|
-
end
|
51
|
-
|
52
|
-
test 'setup sender from custom mailer defaults with proc' do
|
53
|
-
Devise.mailer = 'Users::FromProcMailer'
|
54
|
-
assert_equal ['custom@example.com'], mail.from
|
55
|
-
end
|
56
|
-
|
57
|
-
test 'custom mailer renders parent mailer template' do
|
58
|
-
Devise.mailer = 'Users::Mailer'
|
59
|
-
assert_present mail.body.encoded
|
60
|
-
end
|
61
|
-
|
62
|
-
test 'setup reply to as copy from sender' do
|
63
|
-
assert_equal ['test@example.com'], mail.reply_to
|
64
|
-
end
|
65
|
-
|
66
|
-
test 'setup subject from I18n' do
|
67
|
-
store_translations :en, devise: { mailer: { unlock_instructions: { subject: 'Yo unlock instructions' } } } do
|
68
|
-
assert_equal 'Yo unlock instructions', mail.subject
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
|
-
test 'subject namespaced by model' do
|
73
|
-
store_translations :en, devise: { mailer: { unlock_instructions: { user_subject: 'User Unlock Instructions' } } } do
|
74
|
-
assert_equal 'User Unlock Instructions', mail.subject
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
test 'body should have user info' do
|
79
|
-
assert_match user.email, mail.body.encoded
|
80
|
-
end
|
81
|
-
|
82
|
-
test 'body should have link to unlock the account' do
|
83
|
-
host, port = ActionMailer::Base.default_url_options.values_at :host, :port
|
84
|
-
|
85
|
-
if mail.body.encoded =~ %r{<a href=\"http://#{host}:#{port}/users/unlock\?unlock_token=([^"]+)">}
|
86
|
-
assert_equal Devise.token_generator.digest(user.class, :unlock_token, $1), user.unlock_token
|
87
|
-
else
|
88
|
-
flunk "expected unlock url regex to match"
|
89
|
-
end
|
90
|
-
end
|
91
|
-
end
|