devise_jwt_auth 0.1.0

data/test/controllers/overrides/sessions_controller_test.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+
+class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
+  include OverridesControllersRoutes
+
+  describe Overrides::RegistrationsController do
+    before do
+      @existing_user = create(:user, :confirmed)
+
+      post '/evil_user_auth/sign_in',
+           params: { email: @existing_user.email,
+                     password: @existing_user.password }
+
+      @resource = assigns(:resource)
+      @data = JSON.parse(response.body)
+    end
+
+    test 'request should succeed' do
+      assert_equal 200, response.status
+    end
+
+    test 'controller was overridden' do
+      assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF,
+                   @data['override_proof']
+    end
+  end
+end

data/test/dummy/README.rdoc

@@ -0,0 +1,28 @@
+== README
+
+This README would normally document whatever steps are necessary to get the
+application up and running.
+
+Things you may want to cover:
+
+* Ruby version
+
+* System dependencies
+
+* Configuration
+
+* Database creation
+
+* Database initialization
+
+* How to run the test suite
+
+* Services (job queues, cache servers, search engines, etc.)
+
+* Deployment instructions
+
+* ...
+
+
+Please feel free to use a different markup language if you do not plan to run
+<tt>rake doc:app</tt>.

data/test/dummy/app/active_record/confirmable_user.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class ConfirmableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable,
+         :validatable, :confirmable
+  DeviseJwtAuth.send_confirmation_email = true
+  include DeviseJwtAuth::Concerns::User
+  DeviseJwtAuth.send_confirmation_email = false
+end

data/test/dummy/app/active_record/lockable_user.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class LockableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable, :lockable
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/mang.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class Mang < ActiveRecord::Base
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/only_email_user.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class OnlyEmailUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/scoped_user.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class ScopedUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable,
+         :validatable, :confirmable, :omniauthable
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/unconfirmable_user.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UnconfirmableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable,
+         :validatable, :omniauthable
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/unregisterable_user.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UnregisterableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :recoverable,
+         :validatable, :confirmable,
+         :omniauthable
+  include DeviseJwtAuth::Concerns::User
+end

data/test/dummy/app/active_record/user.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class User < ActiveRecord::Base
+  include DeviseJwtAuth::Concerns::User
+  include FavoriteColor
+end

data/test/dummy/app/controllers/application_controller.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class ApplicationController < ActionController::Base
+  include DeviseJwtAuth::Concerns::SetUserByJwtToken
+
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    permitted_parameters = devise_parameter_sanitizer.instance_values['permitted']
+    permitted_parameters[:sign_up] << :operating_thetan
+    permitted_parameters[:sign_up] << :favorite_color
+    permitted_parameters[:account_update] << :operating_thetan
+    permitted_parameters[:account_update] << :favorite_color
+    permitted_parameters[:account_update] << :current_password
+  end
+end

data/test/dummy/app/controllers/auth_origin_controller.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class AuthOriginController < ApplicationController
+  def redirected
+    head :ok
+  end
+end

data/test/dummy/app/controllers/custom/confirmations_controller.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class Custom::ConfirmationsController < DeviseJwtAuth::ConfirmationsController
+  def show
+    super do |resource|
+      @show_block_called = true unless resource.nil?
+    end
+  end
+
+  def show_block_called?
+    @show_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class Custom::OmniauthCallbacksController < DeviseJwtAuth::OmniauthCallbacksController
+  def omniauth_success
+    super do |resource|
+      @omniauth_success_block_called = true unless resource.nil?
+    end
+  end
+
+  def omniauth_success_block_called?
+    @omniauth_success_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/passwords_controller.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+class Custom::PasswordsController < DeviseJwtAuth::PasswordsController
+  def create
+    super do |resource|
+      @create_block_called = true unless resource.nil?
+    end
+  end
+
+  def edit
+    super do |resource|
+      @edit_block_called = true unless resource.nil?
+    end
+  end
+
+  def update
+    super do |resource|
+      @update_block_called = true unless resource.nil?
+    end
+  end
+
+  def create_block_called?
+    @create_block_called == true
+  end
+
+  def edit_block_called?
+    @edit_block_called == true
+  end
+
+  def update_block_called?
+    @update_block_called == true
+  end
+
+  protected
+
+  def render_update_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/custom/refresh_token_controller.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+module Custom
+  class RefreshTokenController < DeviseJwtAuth::RefreshTokenController
+    def show
+      super do |resource|
+        @refresh_token_block_called = true unless resource.nil?
+      end
+    end
+
+    def refresh_token_block_called?
+      @refresh_token_block_called == true
+    end
+
+    protected
+
+    def render_refresh_token_success
+      render json: { custom: 'foo' }
+    end
+  end
+end

data/test/dummy/app/controllers/custom/registrations_controller.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+class Custom::RegistrationsController < DeviseJwtAuth::RegistrationsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+
+  def update
+    super do |resource|
+      @update_block_called = true unless resource.nil?
+    end
+  end
+
+  def destroy
+    super do |resource|
+      @destroy_block_called = true unless resource.nil?
+    end
+  end
+
+  def create_block_called?
+    @create_block_called == true
+  end
+
+  def update_block_called?
+    @update_block_called == true
+  end
+
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+
+  protected
+
+  def render_create_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/custom/sessions_controller.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+class Custom::SessionsController < DeviseJwtAuth::SessionsController
+  def create
+    super do |resource|
+      @create_block_called = true unless resource.nil?
+    end
+  end
+
+  def destroy
+    super do |resource|
+      @destroy_block_called = true unless resource.nil?
+    end
+  end
+
+  def create_block_called?
+    @create_block_called == true
+  end
+
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+
+  protected
+
+  def render_create_success
+    render json: { custom: 'foo' }
+  end
+end

data/test/dummy/app/controllers/demo_group_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+class DemoGroupController < ApplicationController
+  devise_jwt_auth_group :member, contains: [:user, :mang]
+  before_action :authenticate_member!
+
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_member.name}",
+        user: current_member
+      }
+    }, status: 200
+  end
+end

data/test/dummy/app/controllers/demo_mang_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class DemoMangController < ApplicationController
+  before_action :authenticate_mang!
+
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_mang.name}",
+        user: current_mang
+      }
+    }, status: 200
+  end
+end

data/test/dummy/app/controllers/demo_user_controller.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+class DemoUserController < ApplicationController
+  before_action :authenticate_user!
+
+  def members_only
+    render json: {
+      data: {
+        message: "Welcome #{current_user.name}",
+        user: current_user
+      }
+    }, status: 200
+  end
+
+  def members_only_remove_token
+    u = User.find(current_user.id)
+    u.tokens = {}
+    u.save!
+
+    render json: {
+      data: {
+        message: "Welcome #{current_user.name}",
+        user: current_user
+      }
+    }, status: 200
+  end
+end

data/test/dummy/app/controllers/overrides/confirmations_controller.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Overrides
+  class ConfirmationsController < DeviseJwtAuth::ConfirmationsController
+    def show
+      @resource = resource_class.confirm_by_token(params[:confirmation_token])
+
+      if @resource && @resource.id
+        # token = @resource.create_token
+        # @resource.save!
+        
+        update_refresh_token_cookie
+        redirect_header_options = {
+          account_confirmation_success: true,
+          config: params[:config],
+          override_proof: '(^^,)'
+        }
+        redirect_headers = @resource.create_named_token_pair.
+                             merge(redirect_header_options)  
+        redirect_to_link = DeviseJwtAuth::Url.generate(params[:redirect_url], redirect_headers)
+        redirect_to redirect_to_link
+        # redirect_header_options = {
+        #   account_confirmation_success: true,
+        #   config: params[:config],
+        #   override_proof: '(^^,)'
+        # }
+        # redirect_headers = build_redirect_headers(token.token,
+        #                                           token.client,
+        #                                           redirect_header_options)
+        # redirect_to(@resource.build_auth_url(params[:redirect_url],
+        #                                      redirect_headers))
+      else
+        raise ActionController::RoutingError, 'Not Found'
+      end
+    end
+  end
+end

data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Overrides
+  class OmniauthCallbacksController < DeviseJwtAuth::OmniauthCallbacksController
+    DEFAULT_NICKNAME = 'stimpy'.freeze
+
+    def assign_provider_attrs(user, auth_hash)
+      user.assign_attributes(
+        nickname: DEFAULT_NICKNAME,
+        name:     auth_hash['info']['name'],
+        image:    auth_hash['info']['image'],
+        email:    auth_hash['info']['email']
+      )
+    end
+  end
+end