RubyGems - devise_jwt_auth - Versions diffs - 0.1.0 - Mend

devise_jwt_auth 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (179) hide show

data/lib/generators/devise_jwt_auth/templates/user.rb.erb ADDED

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+class <%= user_class %> < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+  include DeviseJwtAuth::Concerns::User
+end

data/lib/generators/devise_jwt_auth/templates/user_mongoid.rb.erb ADDED

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+class <%= user_class %>
+  include Mongoid::Document
+  include Mongoid::Timestamps
+  include Mongoid::Locker
+  field :locker_locked_at, type: Time
+  field :locker_locked_until, type: Time
+  locker locked_at_field: :locker_locked_at,
+         locked_until_field: :locker_locked_until
+  ## Database authenticatable
+  field :email,              type: String, default: ''
+  field :encrypted_password, type: String, default: ''
+  ## Recoverable
+  field :reset_password_token,        type: String
+  field :reset_password_sent_at,      type: Time
+  field :reset_password_redirect_url, type: String
+  field :allow_password_change,       type: Boolean, default: false
+  ## Rememberable
+  field :remember_created_at, type: Time
+  ## Confirmable
+  field :confirmation_token,   type: String
+  field :confirmed_at,         type: Time
+  field :confirmation_sent_at, type: Time
+  field :unconfirmed_email,    type: String # Only if using reconfirmable
+  ## Lockable
+  # field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
+  # field :unlock_token,    type: String # Only if unlock strategy is :email or :both
+  # field :locked_at,       type: Time
+  ## Required
+  field :provider, type: String
+  field :uid,      type: String, default: ''
+  ## Tokens
+  field :tokens, type: Hash, default: {}
+  # Include default devise modules. Others available are:
+  # :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+  include DeviseJwtAuth::Concerns::User
+  index({ email: 1 }, { name: 'email_index', unique: true, background: true })
+  index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
+  index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
+  index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
+  # index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
+end

data/lib/tasks/devise_token_auth_tasks.rake ADDED

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+# desc "Explaining what the task does"
+# task :devise_jwt_auth do
+#   # Task goes here
+# end

data/test/controllers/custom/custom_confirmations_controller_test.rb ADDED

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::ConfirmationsControllerTest < ActionController::TestCase
+  describe Custom::ConfirmationsController do
+    include CustomControllersRoutes
+    before do
+      @redirect_url = Faker::Internet.url
+      @new_user = create(:user)
+      @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
+      @mail          = ActionMailer::Base.deliveries.last
+      @token         = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
+      @client_config = @mail.body.match(/config=([^&]*)&/)[1]
+      get :show,
+          params: { confirmation_token: @token, redirect_url: @redirect_url }
+    end
+    test 'yield resource to block on show success' do
+      assert @controller.show_block_called?, 'show failed to yield resource to provided block'
+    end
+  end
+end

data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb ADDED

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::OmniauthCallbacksController do
+    include CustomControllersRoutes
+    setup do
+      OmniAuth.config.test_mode = true
+      OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
+        provider: 'facebook',
+        uid: '123545',
+        info: {
+          name: 'swong',
+          email: 'swongsong@yandex.ru'
+        }
+      )
+    end
+    test 'yield resource to block on omniauth_success success' do
+      @redirect_url = 'http://ng-token-auth.dev/'
+      get '/nice_user_auth/facebook',
+          params: { auth_origin_url: @redirect_url,
+                    omniauth_window_type: 'newWindow' }
+      follow_all_redirects!
+      assert @controller.omniauth_success_block_called?,
+             'omniauth_success failed to yield resource to provided block'
+    end
+  end
+end

data/test/controllers/custom/custom_passwords_controller_test.rb ADDED

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::PasswordsControllerTest < ActionController::TestCase
+  describe Custom::PasswordsController do
+    include CustomControllersRoutes
+    before do
+      @resource = create(:user, :confirmed)
+      @redirect_url = 'http://ng-token-auth.dev'
+    end
+    test 'yield resource to block on create success' do
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url }
+      @mail = ActionMailer::Base.deliveries.last
+      @resource.reload
+      @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+      @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
+      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+    test 'yield resource to block on edit success' do
+      @resource = create(:user)
+      @redirect_url = 'http://ng-token-auth.dev'
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url },
+           xhr: true
+      @mail = ActionMailer::Base.deliveries.last
+      @resource.reload
+      @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+      @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
+      @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+      get :edit,
+          params: { reset_password_token: @mail_reset_token,
+                    redirect_url: @mail_redirect_url },
+          xhr: true
+      @resource.reload
+      assert @controller.edit_block_called?,
+             'edit failed to yield resource to provided block'
+    end
+    test 'yield resource to block on update success' do
+      @auth_headers = @resource.create_named_token_pair
+      request.headers.merge!(@auth_headers)
+      @new_password = Faker::Internet.password
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
+    end
+    test 'yield resource to block on update success with custom json' do
+      @auth_headers = @resource.create_named_token_pair
+      request.headers.merge!(@auth_headers)
+      @new_password = Faker::Internet.password
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
+      @data = JSON.parse(response.body)
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/custom/custom_refresh_token_controller_test.rb ADDED

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::RefreshTokenControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::RefreshTokenController do
+    include CustomControllersRoutes
+    before do
+      @resource = create(:user, :confirmed)
+      @auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
+                                        @resource.create_refresh_token
+      )
+    end
+    test 'yield resource to block on refresh_token success' do
+      get '/nice_user_auth/refresh_token',
+          params: {},
+          headers: @auth_headers
+      assert @controller.refresh_token_block_called?,
+             'refresh_token failed to yield resource to provided block'
+    end
+    test 'yield resource to block on refresh_token success with custom json' do
+      get '/nice_user_auth/refresh_token',
+          params: {},
+          headers: @auth_headers
+      @data = JSON.parse(response.body)
+      assert @controller.refresh_token_block_called?,
+             'refresh_token failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/custom/custom_registrations_controller_test.rb ADDED

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
+  describe Custom::RegistrationsController do
+    include CustomControllersRoutes
+    before do
+      @create_params = attributes_for(:user,
+        confirm_success_url: Faker::Internet.url,
+        unpermitted_param: '(x_x)')
+      @existing_user = create(:user, :confirmed)
+      @auth_headers = @existing_user.create_named_token_pair
+    end
+    test 'yield resource to block on create success' do
+      post '/nice_user_auth', params: @create_params
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+    test 'yield resource to block on create success with custom json' do
+      post '/nice_user_auth', params: @create_params
+      @data = JSON.parse(response.body)
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
+    end
+    test 'yield resource to block on update success' do
+      put '/nice_user_auth',
+          params: {
+            nickname: "Ol' Sunshine-face"
+          },
+          headers: @auth_headers
+      assert @controller.update_block_called?,
+             'update failed to yield resource to provided block'
+    end
+    test 'yield resource to block on destroy success' do
+      delete '/nice_user_auth', headers: @auth_headers
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
+    end
+    describe 'when overriding #build_resource' do
+      test 'it fails' do
+        Custom::RegistrationsController.any_instance.stubs(:build_resource).returns(nil)
+        assert_raises DeviseJwtAuth::Errors::NoResourceDefinedError do
+          post '/nice_user_auth', params: @create_params
+        end
+      end
+    end
+  end
+end

data/test/controllers/custom/custom_sessions_controller_test.rb ADDED

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+require 'test_helper'
+class Custom::SessionsControllerTest < ActionController::TestCase
+  describe Custom::SessionsController do
+    include CustomControllersRoutes
+    before do
+      @existing_user = create(:user, :confirmed)
+    end
+    test 'yield resource to block on create success' do
+      post :create,
+           params: {
+             email: @existing_user.email,
+             password: @existing_user.password
+           }
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+    end
+    test 'yield resource to block on destroy success' do
+      @auth_headers = @existing_user.create_named_token_pair
+      request.headers.merge!(@auth_headers)
+      delete :destroy, format: :json
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
+    end
+    test 'render method override' do
+      post :create,
+           params: { email: @existing_user.email,
+                     password: @existing_user.password }
+      @data = JSON.parse(response.body)
+      assert_equal @data['custom'], 'foo'
+    end
+  end
+end

data/test/controllers/demo_group_controller_test.rb ADDED

@@ -0,0 +1,150 @@
+# frozen_string_literal: true
+require 'test_helper'
+#  was the web request successful?
+#  was the user redirected to the right page?
+#  was the user successfully authenticated?
+#  was the correct object stored in the response?
+#  was the appropriate message delivered in the json payload?
+class DemoGroupControllerTest < ActionDispatch::IntegrationTest
+  describe DemoGroupController do
+    describe 'Token access' do
+      before do
+        # user
+        @resource = create(:user, :confirmed)
+        @resource_auth_headers = @resource.create_named_token_pair
+        # @resource_token     = @resource_auth_headers['access-token']
+        # @resource_client_id = @resource_auth_headers['client']
+        # @resource_expiry    = @resource_auth_headers['expiry']
+        # mang
+        @mang = create(:mang_user, :confirmed)
+        @mang_auth_headers = @mang.create_named_token_pair
+        # @mang_token     = @mang_auth_headers['access-token']
+        # @mang_client_id = @mang_auth_headers['client']
+        # @mang_expiry    = @mang_auth_headers['expiry']
+      end
+      describe 'user access' do
+        before do
+          # ensure that request is not treated as batch request
+          # age_token(@resource, @resource_client_id)
+          get '/demo/members_only_group',
+              params: {},
+              headers: @resource_auth_headers
+          @resp_token       = response.headers['access-token']
+          @resp_client_id   = response.headers['client']
+          @resp_expiry      = response.headers['expiry']
+          @resp_uid         = response.headers['uid']
+        end
+        test 'request is successful' do
+          assert_equal 200, response.status
+        end
+        describe 'devise mappings' do
+          it 'should define current_user' do
+            assert_equal @resource, @controller.current_user
+          end
+          it 'should define user_signed_in?' do
+            assert @controller.user_signed_in?
+          end
+          it 'should not define current_mang' do
+            refute_equal @resource, @controller.current_mang
+          end
+          it 'should define current_member' do
+            assert_equal @resource, @controller.current_member
+          end
+          it 'should define current_members' do
+            assert @controller.current_members.include? @resource
+          end
+          it 'should define member_signed_in?' do
+            assert @controller.current_members.include? @resource
+          end
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
+        end
+      end
+      describe 'mang access' do
+        before do
+          # ensure that request is not treated as batch request
+          # age_token(@mang, @mang_client_id)
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers
+          @resp_token       = response.headers['access-token']
+          @resp_client_id   = response.headers['client']
+          @resp_expiry      = response.headers['expiry']
+          @resp_uid         = response.headers['uid']
+        end
+        test 'request is successful' do
+          assert_equal 200, response.status
+        end
+        describe 'devise mappings' do
+          it 'should define current_mang' do
+            assert_equal @mang, @controller.current_mang
+          end
+          it 'should define mang_signed_in?' do
+            assert @controller.mang_signed_in?
+          end
+          it 'should not define current_mang' do
+            refute_equal @mang, @controller.current_user
+          end
+          it 'should define current_member' do
+            assert_equal @mang, @controller.current_member
+          end
+          it 'should define current_members' do
+            assert @controller.current_members.include? @mang
+          end
+          it 'should define member_signed_in?' do
+            assert @controller.current_members.include? @mang
+          end
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
+        end
+      end
+      describe 'failed access' do
+        before do
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers.merge('access-token' => 'bogus')
+        end
+        it 'should not return any auth headers' do
+          refute response.headers['access-token']
+        end
+        it 'should return error: unauthorized status' do
+          assert_equal 401, response.status
+        end
+      end
+    end
+  end
+end