devise_jwt_auth 0.1.0

data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb

@@ -0,0 +1,224 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+require 'fileutils'
+require 'generators/devise_jwt_auth/install_generator' if DEVISE_JWT_AUTH_ORM == :active_record
+require 'generators/devise_jwt_auth/install_mongoid_generator' if DEVISE_JWT_AUTH_ORM == :mongoid
+
+module DeviseJwtAuth
+  class InstallGeneratorTest < Rails::Generators::TestCase
+    tests InstallGenerator        if DEVISE_JWT_AUTH_ORM == :active_record
+    tests InstallMongoidGenerator if DEVISE_JWT_AUTH_ORM == :mongoid
+    destination Rails.root.join('tmp/generators')
+
+    # The namespaced user model for testing
+    let(:user_class) { 'Azpire::V1::HumanResource::User' }
+    let(:namespace_path) { user_class.underscore }
+    let(:table_name) { user_class.pluralize.underscore.gsub('/','_') }
+
+    describe 'user model with namespace, clean install' do
+      setup :prepare_destination
+
+      before do
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'user model (with namespace) is created, concern is included' do
+        assert_file "app/models/#{namespace_path}.rb" do |model|
+          assert_match(/include DeviseJwtAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'initializer is created' do
+        assert_file 'config/initializers/devise_jwt_auth.rb'
+      end
+
+      test 'subsequent runs raise no errors' do
+        run_generator %W[#{user_class} auth]
+      end
+
+      if DEVISE_JWT_AUTH_ORM == :active_record
+        test 'migration is created for user model with namespace' do
+          assert_migration "db/migrate/devise_jwt_auth_create_#{table_name}.rb"
+        end
+
+        test 'migration file for user model with namespace contains rails version' do
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_jwt_auth_create_#{table_name}.rb", /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
+          else
+            assert_migration "db/migrate/devise_jwt_auth_create_#{table_name}.rb"
+          end
+        end
+
+=begin
+        test 'add primary key type with rails 5 when specified in rails generator' do
+          run_generator %W[#{user_class} auth --primary_key_type=uuid --force]
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_jwt_auth_create_#{table_name}.rb", /create_table\(:#{table_name}, id: :uuid\) do/
+          else
+            assert_migration "db/migrate/devise_jwt_auth_create_#{table_name}.rb", /create_table\(:#{table_name}\) do/
+          end
+        end
+=end
+      end
+    end
+
+    describe 'existing user model' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'models')
+
+        @fname = File.join(@dir, 'user.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        case DEVISE_JWT_AUTH_ORM
+        when :active_record
+          # account for rails version 5
+          active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-RUBY
+              class User < #{active_record_needle}
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        when :mongoid
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-'RUBY'
+              class User
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
+        end
+
+        run_generator
+      end
+
+      test 'user concern is injected into existing model' do
+        assert_file 'app/models/user.rb' do |model|
+          assert_match(/include DeviseJwtAuth::Concerns::User/, model)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator
+        assert_file 'app/models/user.rb' do |model|
+          matches = model.scan(/include DeviseJwtAuth::Concerns::User/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+
+    describe 'routes' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'config')
+
+        @fname = File.join(@dir, 'routes.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
+          RUBY
+        end
+
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'route method for user model with namespace is appended to routes file' do
+        assert_file 'config/routes.rb' do |routes|
+          assert_match(/mount_devise_jwt_auth_for '#{user_class}', at: 'auth'/, routes)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator %W[#{user_class} auth]
+        assert_file 'config/routes.rb' do |routes|
+          matches = routes.scan(/mount_devise_jwt_auth_for '#{user_class}', at: 'auth'/m).size
+          assert_equal 1, matches
+        end
+      end
+
+      describe 'subsequent models' do
+        before do
+          run_generator %w[Mang mangs]
+        end
+
+        test 'route method is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/mount_devise_jwt_auth_for 'Mang', at: 'mangs'/, routes)
+          end
+        end
+
+        test 'devise_for block is appended to routes file' do
+          assert_file 'config/routes.rb' do |routes|
+            assert_match(/as :mang do/, routes)
+            assert_match(/# Define routes for Mang within this block./, routes)
+          end
+        end
+
+        if DEVISE_JWT_AUTH_ORM == :active_record
+          test 'migration is created' do
+            assert_migration 'db/migrate/devise_jwt_auth_create_mangs.rb'
+          end
+        end
+      end
+    end
+
+    describe 'application controller' do
+      setup :prepare_destination
+
+      before do
+        @dir = File.join(destination_root, 'app', 'controllers')
+
+        @fname = File.join(@dir, 'application_controller.rb')
+
+        # make dir if not exists
+        FileUtils.mkdir_p(@dir)
+
+        @f = File.open(@fname, 'w') do |f|
+          f.write <<-RUBY
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
+          RUBY
+        end
+
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'controller concern is appended to application controller' do
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          assert_match(/include DeviseJwtAuth::Concerns::SetUserByToken/, controller)
+        end
+      end
+
+      test 'subsequent runs do not modify file' do
+        run_generator %W[#{user_class} auth]
+        assert_file 'app/controllers/application_controller.rb' do |controller|
+          matches = controller.scan(/include DeviseJwtAuth::Concerns::SetUserByToken/m).size
+          assert_equal 1, matches
+        end
+      end
+    end
+  end
+end

data/test/lib/generators/devise_jwt_auth/install_views_generator_test.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+require 'fileutils'
+require 'generators/devise_jwt_auth/install_views_generator'
+
+module DeviseJwtAuth
+  class InstallViewsGeneratorTest < Rails::Generators::TestCase
+    tests InstallViewsGenerator
+    destination Rails.root.join('tmp/generators')
+
+    describe 'default values, clean install' do
+      setup :prepare_destination
+
+      before do
+        run_generator
+      end
+
+      test 'files are copied' do
+        assert_file 'app/views/devise/mailer/reset_password_instructions.html.erb'
+        assert_file 'app/views/devise/mailer/confirmation_instructions.html.erb'
+      end
+    end
+  end
+end

data/test/models/concerns/mongoid_support_test.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+if DEVISE_JWT_AUTH_ORM == :mongoid
+  class DeviseJwtAuth::Concerns::MongoidSupportTest < ActiveSupport::TestCase
+    describe DeviseJwtAuth::Concerns::MongoidSupport do
+      before do
+        @user = create(:user)
+      end
+
+      describe '#as_json' do
+        test 'should be defined' do
+          assert @user.methods.include?(:as_json)
+        end
+
+        test 'should except _id attribute' do
+          refute @user.as_json.key?('_id')
+        end
+
+        test 'should return with id attribute' do
+          assert_equal @user._id.to_s, @user.as_json['id']
+        end
+
+        test 'should accept options' do
+          refute @user.as_json(except: [:created_at]).key?('created_at')
+        end
+      end
+    end
+  end
+end

data/test/models/concerns/tokens_serialization_test.rb

@@ -0,0 +1,72 @@
+require 'test_helper'
+
+if DEVISE_JWT_AUTH_ORM == :active_record
+=begin
+  describe 'DeviseJwtAuth::Concerns::TokensSerialization' do
+    let(:ts) { DeviseJwtAuth::Concerns::TokensSerialization }
+    let(:user) { FactoryBot.create(:user) }
+    let(:tokens) do
+      # Сreate all possible token's attributes combinations
+      user.create_token
+      2.times { user.create_new_auth_token(user.tokens.first[0]) }
+      user.create_new_auth_token
+      user.create_token
+
+      user.tokens
+    end
+    let(:json) { JSON.generate(tokens) }
+
+    it 'is defined' do
+      assert_equal(ts.present?, true)
+      assert_kind_of(Module, ts)
+    end
+
+    describe '.load(json)' do
+      let(:default) { {} }
+
+      it 'is defined' do
+        assert_respond_to(ts, :load)
+      end
+
+      it 'handles nil' do
+        assert_equal(ts.load(nil), default)
+      end
+
+      it 'handles string' do
+        assert_equal(ts.load(json), JSON.parse(json))
+      end
+
+      it 'returns object of undesirable class' do
+        assert_equal(ts.load([]), [])
+      end
+    end
+
+    describe '.dump(object)' do
+      let(:default) { 'null' }
+
+      it 'is defined' do
+        assert_respond_to(ts, :dump)
+      end
+
+      it 'handles nil' do
+        assert_equal(ts.dump(nil), default)
+      end
+
+      it 'handles empty hash' do
+        assert_equal(ts.dump({}), '{}')
+      end
+
+      it 'deserialize tokens' do
+        assert_equal(ts.dump(tokens), json)
+      end
+
+      it 'removes nil values' do
+        new_tokens = tokens.dup
+        new_tokens[new_tokens.first[0]][:kos] = nil
+
+        assert_equal(ts.dump(tokens), ts.dump(new_tokens))
+      end
+    end
+  end
+=end
+end

data/test/models/confirmable_user_test.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class ConfirmableUserTest < ActiveSupport::TestCase
+  describe ConfirmableUser do
+    describe 'creation' do
+      test 'email should be saved' do
+        @resource = create(:confirmable_user)
+        assert @resource.email.present?
+      end
+    end
+
+    describe 'updating email' do
+      test 'new email should be saved to unconfirmed_email' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.unconfirmed_email == 'new_address@example.com'
+      end
+
+      test 'old email should be kept in email' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.email == 'old_address@example.com'
+      end
+
+      test 'confirmation_token should be changed' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        old_token = @resource.confirmation_token
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.confirmation_token != old_token
+      end
+    end
+  end
+end

data/test/models/only_email_user_test.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class OnlyEmailUserTest < ActiveSupport::TestCase
+  describe OnlyEmailUser do
+    test 'confirmable is disabled' do
+      refute OnlyEmailUser.method_defined?(:confirmation_token)
+      refute OnlyEmailUser.method_defined?(:confirmed_at)
+      refute OnlyEmailUser.method_defined?(:confirmation_sent_at)
+      refute OnlyEmailUser.method_defined?(:unconfirmed_email)
+    end
+
+    test 'lockable is disabled' do
+      refute OnlyEmailUser.method_defined?(:failed_attempts)
+      refute OnlyEmailUser.method_defined?(:unlock_token)
+      refute OnlyEmailUser.method_defined?(:locked_at)
+    end
+
+    test 'recoverable is disabled' do
+      refute OnlyEmailUser.method_defined?(:reset_password_token)
+      refute OnlyEmailUser.method_defined?(:reset_password_sent_at)
+    end
+
+    test 'rememberable is disabled' do
+      refute OnlyEmailUser.method_defined?(:remember_created_at)
+    end
+  end
+end

data/test/models/user_test.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class UserTest < ActiveSupport::TestCase
+  describe User do
+    describe 'serialization' do
+      test 'hash should not include sensitive info' do
+        @resource = build(:user)
+        refute @resource.as_json[:tokens]
+      end
+    end
+
+    describe 'creation' do
+      test 'save fails if uid is missing' do
+        @resource = User.new
+        @resource.uid = nil
+        @resource.save
+
+        assert @resource.errors.messages[:uid]
+      end
+    end
+
+    describe 'email registration' do
+      test 'model should not save if email is blank' do
+        @resource = build(:user, email: nil)
+
+        refute @resource.save
+        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.blank')]
+      end
+
+      test 'model should not save if email is not an email' do
+        @resource = build(:user, email: '@example.com')
+
+        refute @resource.save
+        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.not_email')]
+      end
+    end
+
+    describe 'email uniqueness' do
+      test 'model should not save if email is taken' do
+        user_attributes = attributes_for(:user)
+        create(:user, user_attributes)
+        @resource = build(:user, user_attributes)
+
+        refute @resource.save
+        assert @resource.errors.messages[:email].first.include? 'taken'
+        assert @resource.errors.messages[:email].none? { |e| e =~ /translation missing/ }
+      end
+    end
+
+    describe 'oauth2 authentication' do
+      test 'model should save even if email is blank' do
+        @resource = build(:user, :facebook, email: nil)
+
+        assert @resource.save
+        assert @resource.errors.messages[:email].blank?
+      end
+    end
+
+=begin
+    describe 'token expiry' do
+      before do
+        @resource = create(:user, :confirmed)
+        # TODO: expire this token?
+        @auth_headers = @resource.create_named_token_pair
+
+        # @token     = @auth_headers['access-token']
+        # @client_id = @auth_headers['client']
+      end
+
+      test 'should properly indicate whether token is current' do
+        assert @resource.token_is_current?(@token, @client_id)
+        # we want to update the expiry without forcing a cleanup (see below)
+        @resource.tokens[@client_id]['expiry'] = Time.zone.now.to_i - 10.seconds
+        refute @resource.token_is_current?(@token, @client_id)
+      end
+    end
+
+    describe 'expired tokens are destroyed on save' do
+      before do
+        @resource = create(:user, :confirmed)
+
+        @old_auth_headers = @resource.create_new_auth_token
+        @new_auth_headers = @resource.create_new_auth_token
+        expire_token(@resource, @old_auth_headers['client'])
+      end
+
+      test 'expired token was removed' do
+        refute @resource.tokens[@old_auth_headers[:client]]
+      end
+
+      test 'current token was not removed' do
+        assert @resource.tokens[@new_auth_headers['client']]
+      end
+    end
+=end
+
+    describe 'nil tokens are handled properly' do
+      before do
+        @resource = create(:user, :confirmed)
+      end
+
+      test 'tokens can be set to nil' do
+        @resource.tokens = nil
+        assert @resource.save
+      end
+    end
+  end
+end