devise 0.6.0 → 0.6.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise might be problematic. Click here for more details.
- data/CHANGELOG.rdoc +6 -0
- data/README.rdoc +15 -7
- data/TODO +1 -2
- data/generators/devise_install/templates/devise.rb +4 -0
- data/lib/devise.rb +6 -3
- data/lib/devise/hooks/confirmable.rb +0 -1
- data/lib/devise/hooks/timeoutable.rb +19 -0
- data/lib/devise/locales/en.yml +1 -0
- data/lib/devise/mapping.rb +1 -1
- data/lib/devise/models/timeoutable.rb +30 -0
- data/lib/devise/orm/data_mapper.rb +2 -2
- data/lib/devise/version.rb +1 -1
- data/test/failure_app_test.rb +13 -1
- data/test/integration/authenticatable_test.rb +3 -6
- data/test/integration/confirmable_test.rb +14 -16
- data/test/integration/timeoutable_test.rb +73 -0
- data/test/models/timeoutable_test.rb +27 -0
- data/test/models_test.rb +23 -9
- data/test/rails_app/app/controllers/users_controller.rb +10 -0
- data/test/rails_app/config/routes.rb +1 -1
- data/test/test_helper.rb +1 -0
- metadata +42 -37
data/CHANGELOG.rdoc
CHANGED
data/README.rdoc
CHANGED
@@ -13,6 +13,7 @@ Right now it's composed of five mainly modules:
|
|
13
13
|
* Confirmable: responsible for verifying whether an account is already confirmed to sign in, and to send emails with confirmation instructions.
|
14
14
|
* Recoverable: takes care of reseting the user password and send reset instructions.
|
15
15
|
* Rememberable: manages generating and clearing token for remember the user from a saved cookie.
|
16
|
+
* Timeoutable: expires sessions without activity in a certain period of time.
|
16
17
|
* Validatable: creates all needed validations for email and password. It's totally optional, so you're able to to customize validations by yourself.
|
17
18
|
|
18
19
|
There's an example application using Devise at http://github.com/plataformatec/devise_example .
|
@@ -27,7 +28,7 @@ All gems are on gemcutter, so you need to add gemcutter to your sources if you h
|
|
27
28
|
|
28
29
|
sudo gem sources -a http://gemcutter.org/
|
29
30
|
|
30
|
-
Install warden gem if you don't have it installed (requires 0.
|
31
|
+
Install warden gem if you don't have it installed (requires 0.6.4 or higher):
|
31
32
|
|
32
33
|
sudo gem install warden
|
33
34
|
|
@@ -67,10 +68,10 @@ You may also want to add some indexes to improve performance:
|
|
67
68
|
Now let's setup a User model adding the devise line to have your authentication working:
|
68
69
|
|
69
70
|
class User < ActiveRecord::Base
|
70
|
-
devise
|
71
|
+
devise :authenticatable
|
71
72
|
end
|
72
73
|
|
73
|
-
This line adds devise authenticatable
|
74
|
+
This line adds devise authenticatable inside your User class. Devise don't rely on _attr_accessible_ or _attr_protected_ inside its modules, so be sure to setup what attributes are accessible or protected in your model.
|
74
75
|
|
75
76
|
You could also include the other devise modules as below:
|
76
77
|
|
@@ -78,10 +79,13 @@ You could also include the other devise modules as below:
|
|
78
79
|
devise :authenticatable
|
79
80
|
|
80
81
|
# Include authenticatable + confirmable
|
81
|
-
devise :confirmable
|
82
|
+
devise :authenticatable, :confirmable
|
82
83
|
|
83
84
|
# Include authenticatable + recoverable + rememberable
|
84
|
-
devise :recoverable, :rememberable
|
85
|
+
devise :authenticatable, :recoverable, :rememberable
|
86
|
+
|
87
|
+
# Include authenticatable + timeoutable
|
88
|
+
devise :authenticatable, :timeoutable
|
85
89
|
|
86
90
|
# Include all of them
|
87
91
|
devise :all
|
@@ -93,7 +97,7 @@ Note that validations aren't added by default, so you're able to customize it. I
|
|
93
97
|
|
94
98
|
== Model configuration
|
95
99
|
|
96
|
-
In addition to :except, you can provide :pepper, :stretches, :encryptor, :authentication_keys, :confirm_within and :
|
100
|
+
In addition to :except, you can provide :pepper, :stretches, :encryptor, :authentication_keys, :confirm_within, :remember_for and :timeout as options to devise method.
|
97
101
|
|
98
102
|
All those options are described in "config/initializers/devise.rb", which is generated when you invoke `ruby script/generate devise_install` in your application root.
|
99
103
|
|
@@ -140,6 +144,10 @@ Finally, if you are using confirmable or recoverable, you also need to setup def
|
|
140
144
|
DeviseMailer.sender = "no-reply@yourapp.com"
|
141
145
|
config.action_mailer.default_url_options = { :host => 'localhost:3000' }
|
142
146
|
|
147
|
+
== Views
|
148
|
+
|
149
|
+
By default devise will use the same views for all scopes/roles you have. But what if you need so different views to each of them? Devise also has an easy way to accomplish it: just setup :scoped_views to true inside your devise config file, and you will be able to have views based on scope like 'sessions/users/new' and 'sessions/admin/new'. If no view is found within the scope, Devise will fallback to the default view.
|
150
|
+
|
143
151
|
== Tidying up
|
144
152
|
|
145
153
|
Devise let's you setup as many roles as you want, so let's say you already have this User model and also want an Admin model with the same authentication stuff, but not confirmation or password recovery. Just follow the same steps:
|
@@ -237,7 +245,7 @@ Devise implements encryption strategies for Clearance, Authlogic and Restful-Aut
|
|
237
245
|
|
238
246
|
== Other ORMs
|
239
247
|
|
240
|
-
Devise was made to work from scratch with ActiveRecord. However it currently supports MongoMapper as well.
|
248
|
+
Devise was made to work from scratch with ActiveRecord. However it currently supports DataMapper and MongoMapper as well.
|
241
249
|
To use it, just set Devise.orm or configure it in the initialization file (which is created with devise_install).
|
242
250
|
|
243
251
|
== TODO
|
data/TODO
CHANGED
@@ -34,6 +34,10 @@ Devise.setup do |config|
|
|
34
34
|
# The time the user will be remembered without asking for credentials again.
|
35
35
|
# config.remember_for = 2.weeks
|
36
36
|
|
37
|
+
# The time you want to timeout the user session without activity. After this
|
38
|
+
# time the user will be asked for credentials again.
|
39
|
+
# config.timeout = 10.minutes
|
40
|
+
|
37
41
|
# Configure the e-mail address which will be shown in DeviseMailer.
|
38
42
|
# config.mailer_sender = "foo.bar@yourapp.com"
|
39
43
|
|
data/lib/devise.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
module Devise
|
2
|
-
ALL = [:authenticatable, :confirmable, :recoverable, :rememberable, :validatable].freeze
|
2
|
+
ALL = [:authenticatable, :confirmable, :recoverable, :rememberable, :timeoutable, :validatable].freeze
|
3
3
|
|
4
4
|
# Maps controller names to devise modules
|
5
5
|
CONTROLLERS = {
|
@@ -14,7 +14,7 @@ module Devise
|
|
14
14
|
|
15
15
|
# Maps the messages types that are used in flash message. This array is not
|
16
16
|
# frozen, so you can add messages from your own strategies.
|
17
|
-
FLASH_MESSAGES = [ :unauthenticated, :unconfirmed, :invalid ]
|
17
|
+
FLASH_MESSAGES = [ :unauthenticated, :unconfirmed, :invalid, :timeout ]
|
18
18
|
|
19
19
|
# Declare encryptors length which are used in migrations.
|
20
20
|
ENCRYPTORS_LENGTH = {
|
@@ -45,6 +45,10 @@ module Devise
|
|
45
45
|
mattr_accessor :confirm_within
|
46
46
|
@@confirm_within = 0.days
|
47
47
|
|
48
|
+
# Time interval to timeout the user session without activity.
|
49
|
+
mattr_accessor :timeout
|
50
|
+
@@timeout = 30.minutes
|
51
|
+
|
48
52
|
# Used to define the password encryption algorithm.
|
49
53
|
mattr_accessor :encryptor
|
50
54
|
@@encryptor = :sha1
|
@@ -141,5 +145,4 @@ Warden::Manager.default_scope = nil
|
|
141
145
|
|
142
146
|
require 'devise/strategies/base'
|
143
147
|
require 'devise/serializers/base'
|
144
|
-
|
145
148
|
require 'devise/rails'
|
@@ -6,7 +6,6 @@ Warden::Manager.after_set_user do |record, warden, options|
|
|
6
6
|
if record && record.respond_to?(:active?) && !record.active?
|
7
7
|
scope = options[:scope]
|
8
8
|
warden.logout(scope)
|
9
|
-
|
10
9
|
if warden.winning_strategy
|
11
10
|
# If winning strategy was set, this is being called after authenticate and
|
12
11
|
# there is no need to force a redirect.
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# Each time a record is set we check whether it's session has already timed out
|
2
|
+
# or not, based on last request time. If so, the record is logged out and
|
3
|
+
# redirected to the sign in page. Also, each time the request comes and the
|
4
|
+
# record is set, we set the last request time inside it's scoped session to
|
5
|
+
# verify timeout in the following request.
|
6
|
+
Warden::Manager.after_set_user do |record, warden, options|
|
7
|
+
if record && record.respond_to?(:timeout?)
|
8
|
+
scope = options[:scope]
|
9
|
+
# Record may have already been logged out by another hook (ie confirmable).
|
10
|
+
if warden.authenticated?(scope)
|
11
|
+
last_request_at = warden.session(scope)['last_request_at']
|
12
|
+
if record.timeout?(last_request_at)
|
13
|
+
warden.logout(scope)
|
14
|
+
throw :warden, :scope => scope, :message => :timeout
|
15
|
+
end
|
16
|
+
warden.session(scope)['last_request_at'] = Time.now.utc
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
data/lib/devise/locales/en.yml
CHANGED
@@ -6,6 +6,7 @@ en:
|
|
6
6
|
unauthenticated: 'You need to sign in or sign up before continuing.'
|
7
7
|
unconfirmed: 'You have to confirm your account before continuing.'
|
8
8
|
invalid: 'Invalid email or password.'
|
9
|
+
timeout: 'Your session expired, please sign in again to continue.'
|
9
10
|
passwords:
|
10
11
|
send_instructions: 'You will receive an email with instructions about how to reset your password in a few minutes.'
|
11
12
|
updated: 'Your password was changed successfully. You are now signed in.'
|
data/lib/devise/mapping.rb
CHANGED
@@ -62,7 +62,7 @@ module Devise
|
|
62
62
|
@klass = (options.delete(:class_name) || name.to_s.classify).to_s
|
63
63
|
@name = (options.delete(:scope) || name.to_s.singularize).to_sym
|
64
64
|
@path_names = options.delete(:path_names) || {}
|
65
|
-
@path_prefix = options.delete(:path_prefix)
|
65
|
+
@path_prefix = options.delete(:path_prefix).to_s
|
66
66
|
@path_prefix << "/" unless @path_prefix[-1] == ?/
|
67
67
|
@route_options = options || {}
|
68
68
|
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'devise/hooks/timeoutable'
|
2
|
+
|
3
|
+
module Devise
|
4
|
+
module Models
|
5
|
+
|
6
|
+
# Timeoutable takes care of veryfing whether a user session has already
|
7
|
+
# expired or not. When a session expires after the configured time, the user
|
8
|
+
# will be asked for credentials again, it means, he/she will be redirected
|
9
|
+
# to the sign in page.
|
10
|
+
#
|
11
|
+
# Configuration:
|
12
|
+
#
|
13
|
+
# timeout: the time you want to timeout the user session without activity.
|
14
|
+
module Timeoutable
|
15
|
+
|
16
|
+
def self.included(base)
|
17
|
+
base.extend ClassMethods
|
18
|
+
end
|
19
|
+
|
20
|
+
# Checks whether the user session has expired based on configured time.
|
21
|
+
def timeout?(last_access)
|
22
|
+
last_access && last_access <= self.class.timeout.ago.utc
|
23
|
+
end
|
24
|
+
|
25
|
+
module ClassMethods
|
26
|
+
Devise::Models.config(self, :timeout)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -36,9 +36,9 @@ module Devise
|
|
36
36
|
options = args.extract_options!
|
37
37
|
case args.first
|
38
38
|
when :first
|
39
|
-
first(options
|
39
|
+
first(options)
|
40
40
|
when :all
|
41
|
-
all(options
|
41
|
+
all(options)
|
42
42
|
else
|
43
43
|
get(*args)
|
44
44
|
end
|
data/lib/devise/version.rb
CHANGED
data/test/failure_app_test.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
require 'test/test_helper'
|
2
|
-
require 'ostruct'
|
2
|
+
require 'ostruct'
|
3
3
|
|
4
4
|
class FailureTest < ActiveSupport::TestCase
|
5
5
|
|
@@ -22,6 +22,18 @@ class FailureTest < ActiveSupport::TestCase
|
|
22
22
|
assert_equal '/users/sign_in?test=true', location
|
23
23
|
end
|
24
24
|
|
25
|
+
test 'uses the given message' do
|
26
|
+
warden = OpenStruct.new(:message => 'Hello world')
|
27
|
+
location = call_failure('warden' => warden).second['Location']
|
28
|
+
assert_equal '/users/sign_in?message=Hello+world', location
|
29
|
+
end
|
30
|
+
|
31
|
+
test 'setup default url' do
|
32
|
+
Devise::FailureApp.default_url = 'test/sign_in'
|
33
|
+
location = call_failure('warden.options' => { :scope => nil }).second['Location']
|
34
|
+
assert_equal '/test/sign_in?unauthenticated=true', location
|
35
|
+
end
|
36
|
+
|
25
37
|
test 'set content type to default text/plain' do
|
26
38
|
assert_equal 'text/plain', call_failure.second['Content-Type']
|
27
39
|
end
|
@@ -102,17 +102,14 @@ class AuthenticationTest < ActionController::IntegrationTest
|
|
102
102
|
end
|
103
103
|
|
104
104
|
test 'error message is configurable by resource name' do
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
105
|
+
store_translations :en, :devise => {
|
106
|
+
:sessions => { :admin => { :invalid => "Invalid credentials" } }
|
107
|
+
} do
|
109
108
|
sign_in_as_admin do
|
110
109
|
fill_in 'password', :with => 'abcdef'
|
111
110
|
end
|
112
111
|
|
113
112
|
assert_contain 'Invalid credentials'
|
114
|
-
ensure
|
115
|
-
I18n.reload!
|
116
113
|
end
|
117
114
|
end
|
118
115
|
|
@@ -58,32 +58,30 @@ class ConfirmationTest < ActionController::IntegrationTest
|
|
58
58
|
assert warden.authenticated?(:user)
|
59
59
|
end
|
60
60
|
|
61
|
-
test 'not confirmed user
|
62
|
-
Devise
|
63
|
-
|
61
|
+
test 'not confirmed user with setup to block without confirmation should not be able to sign in' do
|
62
|
+
swap Devise, :confirm_within => 0.days do
|
63
|
+
sign_in_as_user(:confirm => false)
|
64
64
|
|
65
|
-
|
66
|
-
|
65
|
+
assert_contain 'You have to confirm your account before continuing'
|
66
|
+
assert_not warden.authenticated?(:user)
|
67
|
+
end
|
67
68
|
end
|
68
69
|
|
69
70
|
test 'not confirmed user but configured with some days to confirm should be able to sign in' do
|
70
|
-
Devise
|
71
|
-
|
71
|
+
swap Devise, :confirm_within => 1.day do
|
72
|
+
sign_in_as_user(:confirm => false)
|
72
73
|
|
73
|
-
|
74
|
-
|
74
|
+
assert_response :success
|
75
|
+
assert warden.authenticated?(:user)
|
76
|
+
end
|
75
77
|
end
|
76
78
|
|
77
79
|
test 'error message is configurable by resource name' do
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
80
|
+
store_translations :en, :devise => {
|
81
|
+
:sessions => { :admin => { :unconfirmed => "Not confirmed user" } }
|
82
|
+
} do
|
82
83
|
get new_admin_session_path(:unconfirmed => true)
|
83
|
-
|
84
84
|
assert_contain 'Not confirmed user'
|
85
|
-
ensure
|
86
|
-
I18n.reload!
|
87
85
|
end
|
88
86
|
end
|
89
87
|
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class SessionTimeoutTest < ActionController::IntegrationTest
|
4
|
+
|
5
|
+
def last_request_at
|
6
|
+
@controller.user_session['last_request_at']
|
7
|
+
end
|
8
|
+
|
9
|
+
test 'set last request at in user session after each request' do
|
10
|
+
sign_in_as_user
|
11
|
+
old_last_request = last_request_at
|
12
|
+
assert_not_nil last_request_at
|
13
|
+
get users_path
|
14
|
+
assert_not_nil last_request_at
|
15
|
+
assert_not_equal old_last_request, last_request_at
|
16
|
+
end
|
17
|
+
|
18
|
+
test 'not time out user session before default limit time' do
|
19
|
+
user = sign_in_as_user
|
20
|
+
|
21
|
+
# Setup last_request_at to timeout
|
22
|
+
get edit_user_path(user)
|
23
|
+
assert_not_nil last_request_at
|
24
|
+
|
25
|
+
get users_path
|
26
|
+
assert_response :success
|
27
|
+
assert warden.authenticated?(:user)
|
28
|
+
end
|
29
|
+
|
30
|
+
test 'time out user session after default limit time' do
|
31
|
+
sign_in_as_user
|
32
|
+
assert_response :success
|
33
|
+
assert warden.authenticated?(:user)
|
34
|
+
|
35
|
+
# Setup last_request_at to timeout
|
36
|
+
get new_user_path
|
37
|
+
assert_not_nil last_request_at
|
38
|
+
|
39
|
+
get users_path
|
40
|
+
assert_redirected_to new_user_session_path(:timeout => true)
|
41
|
+
assert_not warden.authenticated?(:user)
|
42
|
+
end
|
43
|
+
|
44
|
+
test 'user configured timeout limit' do
|
45
|
+
swap Devise, :timeout => 8.minutes do
|
46
|
+
user = sign_in_as_user
|
47
|
+
|
48
|
+
# Setup last_request_at to timeout
|
49
|
+
get edit_user_path(user)
|
50
|
+
assert_not_nil last_request_at
|
51
|
+
assert_response :success
|
52
|
+
assert warden.authenticated?(:user)
|
53
|
+
|
54
|
+
get users_path
|
55
|
+
assert_redirected_to new_user_session_path(:timeout => true)
|
56
|
+
assert_not warden.authenticated?(:user)
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'error message with i18n' do
|
61
|
+
store_translations :en, :devise => {
|
62
|
+
:sessions => { :user => { :timeout => 'Session expired!' } }
|
63
|
+
} do
|
64
|
+
sign_in_as_user
|
65
|
+
# Setup last_request_at to timeout
|
66
|
+
get new_user_path
|
67
|
+
get users_path
|
68
|
+
follow_redirect!
|
69
|
+
assert_contain 'Session expired!'
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'test/test_helper'
|
2
|
+
|
3
|
+
class TimeoutableTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
test 'should be expired' do
|
6
|
+
assert new_user.timeout?(11.minutes.ago)
|
7
|
+
end
|
8
|
+
|
9
|
+
test 'should not be expired' do
|
10
|
+
assert_not new_user.timeout?(9.minutes.ago)
|
11
|
+
end
|
12
|
+
|
13
|
+
test 'should not be expired when params is nil' do
|
14
|
+
assert_not new_user.timeout?(nil)
|
15
|
+
end
|
16
|
+
|
17
|
+
test 'fallback to Devise config option' do
|
18
|
+
swap Devise, :timeout => 1.minute do
|
19
|
+
user = new_user
|
20
|
+
assert user.timeout?(2.minutes.ago)
|
21
|
+
assert_not user.timeout?(30.seconds.ago)
|
22
|
+
Devise.timeout = 5.minutes
|
23
|
+
assert_not user.timeout?(2.minutes.ago)
|
24
|
+
assert user.timeout?(6.minutes.ago)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
data/test/models_test.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
require 'test/test_helper'
|
2
2
|
|
3
|
-
class
|
3
|
+
class Authenticatable < User
|
4
4
|
devise :authenticatable
|
5
5
|
end
|
6
6
|
|
@@ -16,6 +16,10 @@ class Rememberable < User
|
|
16
16
|
devise :authenticatable, :rememberable
|
17
17
|
end
|
18
18
|
|
19
|
+
class Timeoutable < User
|
20
|
+
devise :authenticatable, :timeoutable
|
21
|
+
end
|
22
|
+
|
19
23
|
class Validatable < User
|
20
24
|
devise :authenticatable, :validatable
|
21
25
|
end
|
@@ -32,7 +36,8 @@ class Configurable < User
|
|
32
36
|
devise :all, :stretches => 15,
|
33
37
|
:pepper => 'abcdef',
|
34
38
|
:confirm_within => 5.days,
|
35
|
-
:remember_for => 7.days
|
39
|
+
:remember_for => 7.days,
|
40
|
+
:timeout => 15.minutes
|
36
41
|
end
|
37
42
|
|
38
43
|
class ActiveRecordTest < ActiveSupport::TestCase
|
@@ -54,33 +59,38 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
54
59
|
end
|
55
60
|
|
56
61
|
test 'include by default authenticatable only' do
|
57
|
-
assert_include_modules
|
58
|
-
assert_not_include_modules
|
62
|
+
assert_include_modules Authenticatable, :authenticatable
|
63
|
+
assert_not_include_modules Authenticatable, :confirmable, :recoverable, :rememberable, :timeoutable, :validatable
|
59
64
|
end
|
60
65
|
|
61
66
|
test 'add confirmable module only' do
|
62
67
|
assert_include_modules Confirmable, :authenticatable, :confirmable
|
63
|
-
assert_not_include_modules Confirmable, :recoverable, :rememberable, :validatable
|
68
|
+
assert_not_include_modules Confirmable, :recoverable, :rememberable, :timeoutable, :validatable
|
64
69
|
end
|
65
70
|
|
66
71
|
test 'add recoverable module only' do
|
67
72
|
assert_include_modules Recoverable, :authenticatable, :recoverable
|
68
|
-
assert_not_include_modules Recoverable, :confirmable, :rememberable, :validatable
|
73
|
+
assert_not_include_modules Recoverable, :confirmable, :rememberable, :timeoutable, :validatable
|
69
74
|
end
|
70
75
|
|
71
76
|
test 'add rememberable module only' do
|
72
77
|
assert_include_modules Rememberable, :authenticatable, :rememberable
|
73
|
-
assert_not_include_modules Rememberable, :confirmable, :recoverable, :validatable
|
78
|
+
assert_not_include_modules Rememberable, :confirmable, :recoverable, :timeoutable, :validatable
|
79
|
+
end
|
80
|
+
|
81
|
+
test 'add timeoutable module only' do
|
82
|
+
assert_include_modules Timeoutable, :authenticatable, :timeoutable
|
83
|
+
assert_not_include_modules Timeoutable, :confirmable, :recoverable, :rememberable, :validatable
|
74
84
|
end
|
75
85
|
|
76
86
|
test 'add validatable module only' do
|
77
87
|
assert_include_modules Validatable, :authenticatable, :validatable
|
78
|
-
assert_not_include_modules Validatable, :confirmable, :recoverable, :rememberable
|
88
|
+
assert_not_include_modules Validatable, :confirmable, :recoverable, :timeoutable, :rememberable
|
79
89
|
end
|
80
90
|
|
81
91
|
test 'add all modules' do
|
82
92
|
assert_include_modules Devisable,
|
83
|
-
:authenticatable, :confirmable, :recoverable, :rememberable, :validatable
|
93
|
+
:authenticatable, :confirmable, :recoverable, :rememberable, :timeoutable, :validatable
|
84
94
|
end
|
85
95
|
|
86
96
|
test 'configure modules with except option' do
|
@@ -104,6 +114,10 @@ class ActiveRecordTest < ActiveSupport::TestCase
|
|
104
114
|
assert_equal 7.days, Configurable.remember_for
|
105
115
|
end
|
106
116
|
|
117
|
+
test 'set a default value for timeout' do
|
118
|
+
assert_equal 15.minutes, Configurable.timeout
|
119
|
+
end
|
120
|
+
|
107
121
|
test 'set null fields on migrations' do
|
108
122
|
Admin.create!
|
109
123
|
end
|
@@ -4,4 +4,14 @@ class UsersController < ApplicationController
|
|
4
4
|
def index
|
5
5
|
user_session[:cart] = "Cart"
|
6
6
|
end
|
7
|
+
|
8
|
+
def new
|
9
|
+
user_session['last_request_at'] = 11.minutes.ago.utc
|
10
|
+
render :text => 'New user!'
|
11
|
+
end
|
12
|
+
|
13
|
+
def edit
|
14
|
+
user_session['last_request_at'] = 9.minutes.ago.utc
|
15
|
+
render :text => 'Edit user!'
|
16
|
+
end
|
7
17
|
end
|
@@ -8,7 +8,7 @@ ActionController::Routing::Routes.draw do |map|
|
|
8
8
|
:path_prefix => '/:locale',
|
9
9
|
:requirements => { :extra => 'value' }
|
10
10
|
|
11
|
-
map.resources :users, :only => :index
|
11
|
+
map.resources :users, :only => [:index, :new, :edit]
|
12
12
|
map.resources :admins, :only => :index
|
13
13
|
map.root :controller => :home
|
14
14
|
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.6.
|
4
|
+
version: 0.6.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- "Jos\xC3\xA9 Valim"
|
@@ -10,7 +10,7 @@ autorequire:
|
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
12
|
|
13
|
-
date: 2009-11-
|
13
|
+
date: 2009-11-24 00:00:00 -02:00
|
14
14
|
default_executable:
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
@@ -31,6 +31,7 @@ extensions: []
|
|
31
31
|
|
32
32
|
extra_rdoc_files:
|
33
33
|
- README.rdoc
|
34
|
+
- TODO
|
34
35
|
files:
|
35
36
|
- CHANGELOG.rdoc
|
36
37
|
- MIT-LICENSE
|
@@ -70,6 +71,7 @@ files:
|
|
70
71
|
- lib/devise/encryptors/sha512.rb
|
71
72
|
- lib/devise/failure_app.rb
|
72
73
|
- lib/devise/hooks/confirmable.rb
|
74
|
+
- lib/devise/hooks/timeoutable.rb
|
73
75
|
- lib/devise/locales/en.yml
|
74
76
|
- lib/devise/mapping.rb
|
75
77
|
- lib/devise/models.rb
|
@@ -77,6 +79,7 @@ files:
|
|
77
79
|
- lib/devise/models/confirmable.rb
|
78
80
|
- lib/devise/models/recoverable.rb
|
79
81
|
- lib/devise/models/rememberable.rb
|
82
|
+
- lib/devise/models/timeoutable.rb
|
80
83
|
- lib/devise/models/validatable.rb
|
81
84
|
- lib/devise/orm/active_record.rb
|
82
85
|
- lib/devise/orm/data_mapper.rb
|
@@ -121,45 +124,47 @@ signing_key:
|
|
121
124
|
specification_version: 3
|
122
125
|
summary: Flexible authentication solution for Rails with Warden
|
123
126
|
test_files:
|
124
|
-
- test/rails_app/config/boot.rb
|
125
|
-
- test/rails_app/config/routes.rb
|
126
|
-
- test/rails_app/config/environments/development.rb
|
127
|
-
- test/rails_app/config/environments/production.rb
|
128
|
-
- test/rails_app/config/environments/test.rb
|
129
|
-
- test/rails_app/config/environment.rb
|
130
|
-
- test/rails_app/config/initializers/session_store.rb
|
131
|
-
- test/rails_app/config/initializers/new_rails_defaults.rb
|
132
|
-
- test/rails_app/app/controllers/users_controller.rb
|
133
|
-
- test/rails_app/app/controllers/application_controller.rb
|
134
|
-
- test/rails_app/app/controllers/admins_controller.rb
|
135
|
-
- test/rails_app/app/controllers/home_controller.rb
|
136
|
-
- test/rails_app/app/helpers/application_helper.rb
|
137
|
-
- test/rails_app/app/models/admin.rb
|
138
|
-
- test/rails_app/app/models/organizer.rb
|
139
|
-
- test/rails_app/app/models/account.rb
|
140
|
-
- test/rails_app/app/models/user.rb
|
141
|
-
- test/controllers/url_helpers_test.rb
|
142
|
-
- test/controllers/helpers_test.rb
|
143
127
|
- test/controllers/filters_test.rb
|
144
|
-
- test/
|
145
|
-
- test/
|
146
|
-
- test/integration/rememberable_test.rb
|
147
|
-
- test/integration/recoverable_test.rb
|
148
|
-
- test/integration/confirmable_test.rb
|
149
|
-
- test/mailers/confirmation_instructions_test.rb
|
150
|
-
- test/mailers/reset_password_instructions_test.rb
|
151
|
-
- test/models/authenticatable_test.rb
|
152
|
-
- test/models/rememberable_test.rb
|
153
|
-
- test/models/recoverable_test.rb
|
128
|
+
- test/controllers/helpers_test.rb
|
129
|
+
- test/controllers/url_helpers_test.rb
|
154
130
|
- test/models/validatable_test.rb
|
131
|
+
- test/models/rememberable_test.rb
|
132
|
+
- test/models/timeoutable_test.rb
|
155
133
|
- test/models/confirmable_test.rb
|
134
|
+
- test/models/recoverable_test.rb
|
135
|
+
- test/models/authenticatable_test.rb
|
136
|
+
- test/integration/rememberable_test.rb
|
137
|
+
- test/integration/timeoutable_test.rb
|
138
|
+
- test/integration/confirmable_test.rb
|
139
|
+
- test/integration/recoverable_test.rb
|
140
|
+
- test/integration/authenticatable_test.rb
|
141
|
+
- test/test_helper.rb
|
142
|
+
- test/test_helpers_test.rb
|
156
143
|
- test/encryptors_test.rb
|
144
|
+
- test/mailers/reset_password_instructions_test.rb
|
145
|
+
- test/mailers/confirmation_instructions_test.rb
|
146
|
+
- test/routes_test.rb
|
147
|
+
- test/devise_test.rb
|
148
|
+
- test/failure_app_test.rb
|
149
|
+
- test/rails_app/app/controllers/admins_controller.rb
|
150
|
+
- test/rails_app/app/controllers/home_controller.rb
|
151
|
+
- test/rails_app/app/controllers/users_controller.rb
|
152
|
+
- test/rails_app/app/controllers/application_controller.rb
|
153
|
+
- test/rails_app/app/models/account.rb
|
154
|
+
- test/rails_app/app/models/user.rb
|
155
|
+
- test/rails_app/app/models/admin.rb
|
156
|
+
- test/rails_app/app/models/organizer.rb
|
157
|
+
- test/rails_app/app/helpers/application_helper.rb
|
158
|
+
- test/rails_app/config/boot.rb
|
159
|
+
- test/rails_app/config/environments/production.rb
|
160
|
+
- test/rails_app/config/environments/development.rb
|
161
|
+
- test/rails_app/config/environments/test.rb
|
162
|
+
- test/rails_app/config/initializers/new_rails_defaults.rb
|
163
|
+
- test/rails_app/config/initializers/session_store.rb
|
164
|
+
- test/rails_app/config/routes.rb
|
165
|
+
- test/rails_app/config/environment.rb
|
166
|
+
- test/mapping_test.rb
|
157
167
|
- test/support/model_tests_helper.rb
|
158
168
|
- test/support/assertions_helper.rb
|
159
169
|
- test/support/integration_tests_helper.rb
|
160
|
-
- test/
|
161
|
-
- test/devise_test.rb
|
162
|
-
- test/routes_test.rb
|
163
|
-
- test/test_helper.rb
|
164
|
-
- test/test_helpers_test.rb
|
165
|
-
- test/mapping_test.rb
|
170
|
+
- test/models_test.rb
|