RubyGems - devise_jwt_auth - Versions diffs - 0.1.0 - Mend

devise_jwt_auth 0.1.0

Files changed (179) hide show

data/test/dummy/tmp/generators/config/routes.rb ADDED

@@ -0,0 +1,4 @@
+            Rails.application.routes.draw do
+  mount_devise_jwt_auth_for 'User', at: 'auth'
+              patch '/chong', to: 'bong#index'
+            end

data/test/dummy/tmp/generators/db/migrate/20200206224309_devise_jwt_auth_create_users.rb ADDED

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+class DeviseJwtAuthCreateUsers < ActiveRecord::Migration[6.0]
+  def change
+    create_table(:users) do |t|
+      ## Required
+      t.string :provider, null: false, default: 'email'
+      t.string :uid, null: false, default: ''
+      ## Database authenticatable
+      t.string :encrypted_password, null: false, default: ''
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      t.boolean  :allow_password_change, default: false
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Confirmable
+      t.string   :confirmation_token
+      t.datetime :confirmed_at
+      t.datetime :confirmation_sent_at
+      t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      # t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+      ## User Info
+      t.string :name
+      t.string :nickname
+      t.string :image
+      t.string :email
+      ## Tokens
+      t.text :tokens
+      t.timestamps
+    end
+    add_index :users, :email,                unique: true
+    add_index :users, [:uid, :provider],     unique: true
+    add_index :users, :reset_password_token, unique: true
+    add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,       unique: true
+  end
+end

data/test/factories/users.rb ADDED

@@ -0,0 +1,41 @@
+FactoryBot.define do
+  factory :user do
+    email { Faker::Internet.unique.safe_email }
+    password { Faker::Internet.password }
+    provider { 'email' }
+    transient do
+      allow_unconfirmed_period { Time.now.utc - Devise.allow_unconfirmed_access_for }
+    end
+    trait :with_nickname do
+      nickname { Faker::Internet.username }
+    end
+    trait :confirmed do
+      after(:create) { |user| user.confirm }
+    end
+    # confirmation period is expired
+    trait :unconfirmed do
+      after(:create) do |user, evaluator|
+        user.update_attribute(:confirmation_sent_at, evaluator.allow_unconfirmed_period - 1.day )
+      end
+    end
+    trait :facebook do
+      uid { Faker::Number.number }
+      provider { 'facebook' }
+    end
+    trait :locked do
+      after(:create) { |user| user.lock_access! }
+    end
+    factory :lockable_user, class: 'LockableUser'
+    factory :mang_user, class: 'Mang'
+    factory :only_email_user, class: 'OnlyEmailUser'
+    factory :scoped_user, class: 'ScopedUser'
+    factory :confirmable_user, class: 'ConfirmableUser'
+  end
+end

data/test/lib/devise_jwt_auth/blacklist_test.rb ADDED

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require 'test_helper'
+class DeviseJwtAuth::BlacklistTest < ActiveSupport::TestCase
+  describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
+    test 'should include :tokens' do
+      assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
+    end
+  end
+end

data/test/lib/devise_jwt_auth/token_factory_test.rb ADDED

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+require 'test_helper'
+class DeviseJwtAuth::TokenFactoryTest < ActiveSupport::TestCase
+  describe 'TokenFactory module' do
+    let(:tf) { DeviseJwtAuth::TokenFactory }
+    let(:token_regexp) { /^[A-Za-z0-9\-_=]+\.[A-Za-z0-9\-_=]+\.?[A-Za-z0-9\-_.+\/=]*$/ }
+    it 'should be defined' do
+      assert_equal(tf.present?, true)
+      assert_kind_of(Module, tf)
+    end
+    describe 'interface' do
+      let(:payload) { { foo: 'test'} }
+      let(:future_exp) { (Time.zone.now + 1.hour).to_i }
+      let(:past_exp) { (Time.zone.now - 1.hour).to_i }
+      it '::create_refresh_token' do
+        assert_respond_to(tf, :create_refresh_token)
+        token = tf.create_refresh_token(payload)
+        assert_match(token_regexp, token)
+      end
+      it '::create_access_token' do
+        assert_respond_to(tf, :create_access_token)
+        token = tf.create_access_token(payload)
+        assert_match(token_regexp, token)
+      end
+      describe '::decode_refresh_token' do
+        let(:valid_key) { DeviseJwtAuth.refresh_token_encryption_key }
+        it 'decodes payload' do
+          assert_respond_to(tf, :decode_refresh_token)
+          token = tf.create_refresh_token(payload)
+          result = tf.decode_refresh_token(token)
+          assert result['foo']
+        end
+        it 'validates expiry' do
+          token = tf.create_refresh_token(payload.merge(exp: future_exp))
+          result = tf.decode_refresh_token(token)
+          assert result['exp'] == future_exp
+        end
+        it 'invalidates expired token' do
+          token = tf.create_refresh_token(payload.merge(exp: past_exp))
+          result = tf.decode_refresh_token(token)
+          assert_nil result['exp']
+        end
+        it 'invalidates bogus token' do
+          result = tf.decode_refresh_token('bogus token')
+          assert_empty result
+        end
+        it 'invalidates nil token' do
+          result = tf.decode_refresh_token(nil)
+          assert_empty result
+        end
+        it 'invalidates token created with incorrect key' do
+          token = tf.create_refresh_token(payload)
+          DeviseJwtAuth.refresh_token_encryption_key = 'invalid key'
+          result = tf.decode_refresh_token(token)
+          assert_empty result
+          DeviseJwtAuth.refresh_token_encryption_key = valid_key
+        end
+      end
+      describe '::decode_access_token' do
+        let(:valid_key) { DeviseJwtAuth.access_token_encryption_key }
+        it 'decodes payload' do
+          assert_respond_to(tf, :decode_access_token)
+          token = tf.create_access_token(payload)
+          result = tf.decode_access_token(token)
+          assert result['foo']
+        end
+        it 'validates expiry' do
+          token = tf.create_access_token(payload.merge(exp: future_exp))
+          result = tf.decode_access_token(token)
+          assert result['exp'] == future_exp
+        end
+        it 'invalidates expired token' do
+          token = tf.create_access_token(payload.merge(exp: past_exp))
+          result = tf.decode_access_token(token)
+          assert_nil result['exp']
+        end
+        it 'invalidates bogus token' do
+          result = tf.decode_access_token('bogus token')
+          assert_empty result
+        end
+        it 'invalidates nil token' do
+          result = tf.decode_access_token(nil)
+          assert_empty result
+        end
+        it 'invalidates token created with incorrect key' do
+          token = tf.create_access_token(payload)
+          DeviseJwtAuth.access_token_encryption_key = 'invalid key'
+          result = tf.decode_access_token(token)
+          assert_empty result
+          DeviseJwtAuth.access_token_encryption_key = valid_key
+        end
+      end
+    end
+  end
+end

data/test/lib/devise_jwt_auth/url_test.rb ADDED

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+require 'test_helper'
+class DeviseJwtAuth::UrlTest < ActiveSupport::TestCase
+  describe 'DeviseJwtAuth::Url#generate' do
+    test 'URI fragment should appear at the end of URL with repeat of query params' do
+      params = { client_id: 123 }
+      url = 'http://example.com#fragment'
+      assert_equal DeviseJwtAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment?client_id=123'
+    end
+    describe 'with existing query params' do
+      test 'should preserve existing query params' do
+        url = 'http://example.com?a=1'
+        assert_equal DeviseJwtAuth::Url.send(:generate, url), 'http://example.com?a=1'
+      end
+      test 'should marge existing query params with new ones' do
+        params = { client_id: 123 }
+        url = 'http://example.com?a=1'
+        assert_equal DeviseJwtAuth::Url.send(:generate, url, params), 'http://example.com?a=1&client_id=123'
+      end
+    end
+  end
+end

data/test/lib/generators/devise_jwt_auth/install_generator_test.rb ADDED

@@ -0,0 +1,219 @@
+# frozen_string_literal: true
+require 'test_helper'
+require 'fileutils'
+require 'generators/devise_jwt_auth/install_generator' if DEVISE_JWT_AUTH_ORM == :active_record
+require 'generators/devise_jwt_auth/install_mongoid_generator' if DEVISE_JWT_AUTH_ORM == :mongoid
+module DeviseJwtAuth
+  class InstallGeneratorTest < Rails::Generators::TestCase
+    tests InstallGenerator        if DEVISE_JWT_AUTH_ORM == :active_record
+    tests InstallMongoidGenerator if DEVISE_JWT_AUTH_ORM == :mongoid
+    destination Rails.root.join('tmp/generators')
+    describe 'default values, clean install' do
+      setup :prepare_destination
+      before do
+        run_generator
+      end
+      test 'user model is created, concern is included' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseJwtAuth::Concerns::User/, model)
+        end
+      end
+      test 'initializer is created' do
+        assert_file 'config/initializers/devise_jwt_auth.rb'
+      end
+      test 'subsequent runs raise no errors' do
+        run_generator
+      end
+      if DEVISE_JWT_AUTH_ORM == :active_record
+        test 'migration is created' do
+          assert_migration 'db/migrate/devise_jwt_auth_create_users.rb'
+        end
+        test 'migration file contains rails version' do
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration 'db/migrate/devise_jwt_auth_create_users.rb', /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
+          else
+            assert_migration 'db/migrate/devise_jwt_auth_create_users.rb'
+          end
+        end
+=begin
+        test 'add primary key type with rails 5 when specified in rails generator' do
+          run_generator %w[--primary_key_type=uuid --force]
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration 'db/migrate/devise_jwt_auth_create_users.rb', /create_table\(:users, id: :uuid\) do/
+          else
+            assert_migration 'db/migrate/devise_jwt_auth_create_users.rb', /create_table\(:users\) do/
+          end
+        end
+=end
+      end
+    end
+    describe 'existing user model' do
+      setup :prepare_destination
+      before do
+        @dir = File.join(destination_root, 'app', 'models')
+        @fname = File.join(@dir, 'user.rb')
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+        case DEVISE_JWT_AUTH_ORM
+        when :active_record
+          # account for rails version 5
+          active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-RUBY
+              class User < #{active_record_needle}
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        when :mongoid
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-'RUBY'
+              class User
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        end
+        run_generator
+      end
+      test 'user concern is injected into existing model' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseJwtAuth::Concerns::User/, model)
+        end
+      end
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/models/user.rb' do |model|
+          matches = model.scan(/include DeviseJwtAuth::Concerns::User/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+    describe 'routes' do
+      setup :prepare_destination
+      before do
+        @dir = File.join(destination_root, 'config')
+        @fname = File.join(@dir, 'routes.rb')
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
+          RUBY
+        end
+        run_generator
+      end
+      test 'route method is appended to routes file' do
+        assert_file 'config/routes.rb' do |routes|
+          assert_match(/mount_devise_jwt_auth_for 'User', at: 'auth'/, routes)
+        end
+      end
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'config/routes.rb' do |routes|
+          matches = routes.scan(/mount_devise_jwt_auth_for 'User', at: 'auth'/m).size
+          assert_equal 1, matches
+        end
+      end
+      describe 'subsequent models' do
+        before do
+          run_generator %w[Mang mangs]
+        end
+        test 'route method is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/mount_devise_jwt_auth_for 'Mang', at: 'mangs'/, routes)
+          end
+        end
+        test 'devise_for block is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/as :mang do/, routes)
+            assert_match(/# Define routes for Mang within this block./, routes)
+          end
+        end
+        if DEVISE_JWT_AUTH_ORM == :active_record
+          test 'migration is created' do
+            assert_migration 'db/migrate/devise_jwt_auth_create_mangs.rb'
+          end
+        end
+      end
+    end
+    describe 'application controller' do
+      setup :prepare_destination
+      before do
+        @dir = File.join(destination_root, 'app', 'controllers')
+        @fname = File.join(@dir, 'application_controller.rb')
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
+          RUBY
+        end
+        run_generator
+      end
+      test 'controller concern is appended to application controller' do
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          assert_match(/include DeviseJwtAuth::Concerns::SetUserByToken/, controller)
+        end
+      end
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          matches = controller.scan(/include DeviseJwtAuth::Concerns::SetUserByToken/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+  end
+end