devise_jwt_auth 0.1.1 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/app/controllers/devise_jwt_auth/application_controller.rb +15 -13
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +2 -6
- data/app/controllers/devise_jwt_auth/concerns/{set_user_by_jwt_token.rb → set_user_by_token.rb} +23 -19
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +10 -19
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +32 -33
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +29 -19
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +4 -1
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +40 -21
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +21 -21
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +5 -4
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +7 -4
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +4 -1
- data/app/models/devise_jwt_auth/concerns/user.rb +18 -9
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +11 -3
- data/app/validators/devise_jwt_auth_email_validator.rb +5 -4
- data/lib/devise_jwt_auth/blacklist.rb +2 -0
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +1 -2
- data/lib/devise_jwt_auth/engine.rb +4 -4
- data/lib/devise_jwt_auth/rails/routes.rb +35 -24
- data/lib/devise_jwt_auth/token_factory.rb +3 -2
- data/lib/devise_jwt_auth/url.rb +2 -4
- data/lib/devise_jwt_auth/version.rb +1 -1
- data/lib/generators/devise_jwt_auth/install_generator.rb +7 -6
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +27 -6
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +3 -2
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +15 -16
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth_create_users.rb.erb +15 -11
- data/lib/generators/devise_jwt_auth/templates/user.rb.erb +2 -2
- data/test/controllers/custom/custom_confirmations_controller_test.rb +2 -2
- data/test/controllers/custom/custom_passwords_controller_test.rb +4 -4
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +2 -3
- data/test/controllers/custom/custom_registrations_controller_test.rb +2 -2
- data/test/controllers/demo_mang_controller_test.rb +206 -210
- data/test/controllers/demo_user_controller_test.rb +358 -374
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +5 -5
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +6 -7
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +11 -13
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +8 -12
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +23 -25
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +32 -34
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +2 -2
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/controllers/overrides/refresh_token_controller_test.rb +1 -2
- data/test/controllers/overrides/registrations_controller_test.rb +1 -1
- data/test/dummy/app/controllers/application_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +2 -1
- data/test/dummy/app/controllers/custom/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
- data/test/dummy/app/models/concerns/favorite_color.rb +11 -9
- data/test/dummy/config.ru +2 -2
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/boot.rb +1 -1
- data/test/dummy/config/environments/test.rb +11 -7
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +2 -2
- data/test/dummy/config/routes.rb +8 -8
- data/test/dummy/db/migrate/{20140715061447_devise_token_auth_create_users.rb → 20140715061447_devise_jwt_auth_create_users.rb} +0 -0
- data/test/dummy/db/migrate/{20140715061805_devise_token_auth_create_mangs.rb → 20140715061805_devise_jwt_auth_create_mangs.rb} +0 -0
- data/test/dummy/db/migrate/{20141222035835_devise_token_auth_create_only_email_users.rb → 20141222035835_devise_jwt_auth_create_only_email_users.rb} +9 -9
- data/test/dummy/db/migrate/{20141222053502_devise_token_auth_create_unregisterable_users.rb → 20141222053502_devise_jwt_auth_create_unregisterable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20150708104536_devise_token_auth_create_unconfirmable_users.rb → 20150708104536_devise_jwt_auth_create_unconfirmable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160103235141_devise_token_auth_create_scoped_users.rb → 20160103235141_devise_jwt_auth_create_scoped_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160629184441_devise_token_auth_create_lockable_users.rb → 20160629184441_devise_jwt_auth_create_lockable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20190924101113_devise_token_auth_create_confirmable_users.rb → 20190924101113_devise_jwt_auth_create_confirmable_users.rb} +6 -5
- data/test/dummy/db/schema.rb +170 -170
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +73 -0
- data/test/dummy/tmp/generators/db/migrate/20201006030349_devise_jwt_auth_create_users.rb +54 -0
- data/test/factories/users.rb +5 -3
- data/test/lib/devise_jwt_auth/token_factory_test.rb +6 -6
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +3 -20
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +4 -21
- data/test/models/concerns/tokens_serialization_test.rb +68 -68
- data/test/models/user_test.rb +35 -37
- data/test/support/controllers/routes.rb +7 -5
- data/test/test_helper.rb +1 -1
- metadata +70 -76
@@ -59,7 +59,7 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
59
59
|
end
|
60
60
|
|
61
61
|
test 'redirect url includes token params' do
|
62
|
-
assert
|
62
|
+
assert(@token_params.all? { |param| response.body.include?(param) })
|
63
63
|
assert response.body.include?('account_confirmation_success')
|
64
64
|
end
|
65
65
|
end
|
@@ -84,7 +84,7 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
84
84
|
end
|
85
85
|
|
86
86
|
test 'redirect url does not include token params' do
|
87
|
-
refute
|
87
|
+
refute(@token_params.any? { |param| response.body.include?(param) })
|
88
88
|
assert response.body.include?('account_confirmation_success')
|
89
89
|
end
|
90
90
|
end
|
@@ -92,9 +92,9 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
92
92
|
describe 'resend confirmation' do
|
93
93
|
before do
|
94
94
|
post :create,
|
95
|
-
|
96
|
-
|
97
|
-
|
95
|
+
params: { email: @new_user.email,
|
96
|
+
redirect_url: @redirect_url },
|
97
|
+
xhr: true
|
98
98
|
@resource = assigns(:resource)
|
99
99
|
|
100
100
|
@mail = ActionMailer::Base.deliveries.last
|
@@ -18,7 +18,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def get_parsed_data_json
|
21
|
-
encoded_json_data = @response.body.match(/var data
|
21
|
+
encoded_json_data = @response.body.match(/var data = JSON.parse\(decodeURIComponent\('(.+)'\)\);/)[1]
|
22
22
|
JSON.parse(URI.unescape(encoded_json_data))
|
23
23
|
end
|
24
24
|
|
@@ -286,9 +286,9 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
286
286
|
describe 'failure callback' do
|
287
287
|
setup do
|
288
288
|
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
|
289
|
-
OmniAuth.config.on_failure = proc
|
289
|
+
OmniAuth.config.on_failure = proc do |env|
|
290
290
|
OmniAuth::FailureEndpoint.new(env).redirect_to_failure
|
291
|
-
|
291
|
+
end
|
292
292
|
end
|
293
293
|
|
294
294
|
test 'renders expected data' do
|
@@ -331,8 +331,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
331
331
|
end
|
332
332
|
|
333
333
|
describe 'Using redirect_whitelist' do
|
334
|
-
|
335
|
-
describe "newWindow" do
|
334
|
+
describe 'newWindow' do
|
336
335
|
before do
|
337
336
|
@user_email = 'slemp.diggler@sillybandz.gov'
|
338
337
|
OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
|
@@ -361,7 +360,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
361
360
|
|
362
361
|
data = get_parsed_data_json
|
363
362
|
assert_equal "Redirect to '#{@bad_redirect_url}' not allowed.",
|
364
|
-
|
363
|
+
data['error']
|
365
364
|
# TODO: parse data and assert no access or refresh tokens were sent.
|
366
365
|
end
|
367
366
|
|
@@ -395,7 +394,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
395
394
|
end
|
396
395
|
end
|
397
396
|
|
398
|
-
describe
|
397
|
+
describe 'sameWindow' do
|
399
398
|
before do
|
400
399
|
@user_email = 'slemp.diggler@sillybandz.gov'
|
401
400
|
OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
|
@@ -66,7 +66,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
66
66
|
describe 'for edit' do
|
67
67
|
before do
|
68
68
|
get_reset_token
|
69
|
-
get :edit, params: { reset_password_token: @mail_reset_token}
|
69
|
+
get :edit, params: { reset_password_token: @mail_reset_token }
|
70
70
|
@data = JSON.parse(response.body)
|
71
71
|
end
|
72
72
|
|
@@ -145,7 +145,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
145
145
|
|
146
146
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
147
147
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
148
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
148
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
149
149
|
end
|
150
150
|
|
151
151
|
test 'response should return success status' do
|
@@ -237,7 +237,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
237
237
|
before do
|
238
238
|
@resource_class = User
|
239
239
|
@request_params = {
|
240
|
-
email:
|
240
|
+
email: @resource.email.upcase,
|
241
241
|
redirect_url: @redirect_url
|
242
242
|
}
|
243
243
|
end
|
@@ -264,13 +264,12 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
264
264
|
|
265
265
|
@mail = ActionMailer::Base.deliveries.last
|
266
266
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
267
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
267
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
268
268
|
|
269
269
|
@resource.reload
|
270
270
|
end
|
271
271
|
|
272
272
|
describe 'reset_password_token is valid' do
|
273
|
-
|
274
273
|
test 'mail_reset_token should be the same as reset_password_token' do
|
275
274
|
assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
|
276
275
|
end
|
@@ -492,7 +491,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
492
491
|
|
493
492
|
@mail = ActionMailer::Base.deliveries.last
|
494
493
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
495
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
494
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
496
495
|
|
497
496
|
# confirm via password reset email link
|
498
497
|
get :edit, params: { reset_password_token: @mail_reset_token,
|
@@ -568,10 +567,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
568
567
|
DeviseJwtAuth.require_client_password_reset_token = true
|
569
568
|
@redirect_url = 'http://client-app.dev'
|
570
569
|
get_reset_token
|
571
|
-
edit_url = CGI.unescape(@mail.body.match(/href
|
570
|
+
edit_url = CGI.unescape(@mail.body.match(/href="(.+)"/)[1])
|
572
571
|
query_parts = Rack::Utils.parse_nested_query(URI.parse(edit_url).query)
|
573
572
|
get :edit, params: query_parts
|
574
|
-
|
575
573
|
end
|
576
574
|
|
577
575
|
test 'reponse should be redirect' do
|
@@ -668,8 +666,8 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
668
666
|
|
669
667
|
describe 'without valid headers' do
|
670
668
|
before do
|
671
|
-
|
672
|
-
|
669
|
+
@auth_headers = @resource.create_named_token_pair
|
670
|
+
new_password = Faker::Internet.password
|
673
671
|
|
674
672
|
put :update, params: { password: new_password,
|
675
673
|
password_confirmation: new_password }
|
@@ -856,8 +854,8 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
856
854
|
@config_name = 'altUser'
|
857
855
|
|
858
856
|
params = { email: @resource.email,
|
859
|
-
|
860
|
-
|
857
|
+
redirect_url: @redirect_url,
|
858
|
+
config_name: @config_name }
|
861
859
|
get_reset_token params
|
862
860
|
end
|
863
861
|
|
@@ -875,7 +873,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
875
873
|
|
876
874
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
877
875
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
878
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
876
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
879
877
|
end
|
880
878
|
end
|
881
879
|
end
|
@@ -8,8 +8,7 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
8
8
|
before do
|
9
9
|
@resource = create(:user, :confirmed)
|
10
10
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
11
|
-
@resource.create_refresh_token
|
12
|
-
)
|
11
|
+
@resource.create_refresh_token)
|
13
12
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
14
13
|
@resp = JSON.parse(response.body)
|
15
14
|
end
|
@@ -22,13 +21,12 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
22
21
|
assert @resp[DeviseJwtAuth.access_token_name]
|
23
22
|
end
|
24
23
|
end
|
25
|
-
|
24
|
+
|
26
25
|
describe 'unconfirmed user' do
|
27
26
|
before do
|
28
27
|
@resource = create(:user)
|
29
28
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
30
|
-
@resource.create_refresh_token
|
31
|
-
)
|
29
|
+
@resource.create_refresh_token)
|
32
30
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
33
31
|
@resp = JSON.parse(response.body)
|
34
32
|
end
|
@@ -41,19 +39,18 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
41
39
|
assert_nil @resp[DeviseJwtAuth.access_token_name]
|
42
40
|
end
|
43
41
|
end
|
44
|
-
|
42
|
+
|
45
43
|
describe 'an expired token' do
|
46
44
|
before do
|
47
45
|
@resource = create(:user, :confirmed)
|
48
46
|
@exp = (Time.now - 1.hour).to_i
|
49
47
|
@expired_token = @resource.create_refresh_token(exp: @exp)
|
50
48
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
51
|
-
@expired_token
|
52
|
-
)
|
49
|
+
@expired_token)
|
53
50
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
54
51
|
@resp = JSON.parse(response.body)
|
55
52
|
end
|
56
|
-
|
53
|
+
|
57
54
|
it 'response error' do
|
58
55
|
assert_equal 401, response.status
|
59
56
|
end
|
@@ -66,12 +63,11 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
66
63
|
describe 'an invalid refresh token' do
|
67
64
|
before do
|
68
65
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
69
|
-
|
70
|
-
)
|
66
|
+
'invalid-token')
|
71
67
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
72
68
|
@resp = JSON.parse(response.body)
|
73
69
|
end
|
74
|
-
|
70
|
+
|
75
71
|
it 'response error' do
|
76
72
|
assert_equal 401, response.status
|
77
73
|
end
|
@@ -105,7 +105,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
105
105
|
|
106
106
|
@data = JSON.parse(response.body)
|
107
107
|
end
|
108
|
-
|
108
|
+
|
109
109
|
test 'an access token should be returned' do
|
110
110
|
assert @data[DeviseJwtAuth.access_token_name]
|
111
111
|
end
|
@@ -185,7 +185,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
185
185
|
unpermitted_param: '(x_x)' }
|
186
186
|
|
187
187
|
@data = JSON.parse(response.body)
|
188
|
-
|
188
|
+
|
189
189
|
assert_equal 422, response.status
|
190
190
|
assert_nil @data[DeviseJwtAuth.access_token_name]
|
191
191
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
@@ -223,17 +223,17 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
223
223
|
@resource = assigns(:resource)
|
224
224
|
@data = JSON.parse(response.body)
|
225
225
|
@mail = ActionMailer::Base.deliveries.last
|
226
|
-
@sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(
|
226
|
+
@sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(&|")/)[1])
|
227
227
|
end
|
228
|
-
|
228
|
+
|
229
229
|
teardown do
|
230
230
|
DeviseJwtAuth.default_confirm_success_url = nil
|
231
231
|
end
|
232
|
-
|
232
|
+
|
233
233
|
test 'request should be successful' do
|
234
234
|
assert_equal 200, response.status
|
235
235
|
end
|
236
|
-
|
236
|
+
|
237
237
|
test 'email contains the default redirect url' do
|
238
238
|
assert_equal @redirect_url, @sent_redirect_url
|
239
239
|
end
|
@@ -310,7 +310,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
310
310
|
@mail = ActionMailer::Base.deliveries.last
|
311
311
|
|
312
312
|
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
313
|
-
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)
|
313
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
|
314
314
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
315
315
|
end
|
316
316
|
|
@@ -449,10 +449,10 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
449
449
|
before do
|
450
450
|
@existing_user = create(:user, :confirmed)
|
451
451
|
@auth_headers = @existing_user.create_named_token_pair
|
452
|
-
|
452
|
+
# @client_id = @auth_headers['client']
|
453
453
|
|
454
454
|
# ensure request is not treated as batch request
|
455
|
-
#age_token(@existing_user, @client_id)
|
455
|
+
# age_token(@existing_user, @client_id)
|
456
456
|
|
457
457
|
delete '/auth', params: {}, headers: @auth_headers
|
458
458
|
|
@@ -495,7 +495,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
495
495
|
describe 'Update user account' do
|
496
496
|
describe 'existing user' do
|
497
497
|
before do
|
498
|
-
@existing_user = create(:user, :confirmed)
|
498
|
+
@existing_user = create(:user, :confirmed)
|
499
499
|
@auth_headers = @existing_user.create_named_token_pair
|
500
500
|
|
501
501
|
# @client_id = @auth_headers['client']
|
@@ -799,7 +799,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
799
799
|
@resource.skip_confirmation!
|
800
800
|
@resource.save!
|
801
801
|
@auth_headers = @resource.create_named_token_pair
|
802
|
-
|
802
|
+
|
803
803
|
# @client_id = @auth_headers['client']
|
804
804
|
|
805
805
|
# ensure request is not treated as batch request
|
@@ -832,7 +832,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
832
832
|
@resource.reload
|
833
833
|
|
834
834
|
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
835
|
-
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)
|
835
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
|
836
836
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
837
837
|
end
|
838
838
|
|
@@ -879,20 +879,18 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
879
879
|
test 'user was confirmed' do
|
880
880
|
assert @resource.confirmed?
|
881
881
|
end
|
882
|
-
|
883
|
-
=begin
|
884
|
-
test 'auth headers were returned in response' do
|
885
|
-
assert response.headers['access-token']
|
886
|
-
assert response.headers['token-type']
|
887
|
-
assert response.headers['client']
|
888
|
-
assert response.headers['expiry']
|
889
|
-
assert response.headers['uid']
|
890
|
-
end
|
891
882
|
|
892
|
-
test '
|
893
|
-
|
894
|
-
|
895
|
-
|
883
|
+
# test 'auth headers were returned in response' do
|
884
|
+
# assert response.headers['access-token']
|
885
|
+
# assert response.headers['token-type']
|
886
|
+
# assert response.headers['client']
|
887
|
+
# assert response.headers['expiry']
|
888
|
+
# assert response.headers['uid']
|
889
|
+
# end
|
890
|
+
#
|
891
|
+
# test 'response token is valid' do
|
892
|
+
# assert @resource.valid_token?(@token, @client_id)
|
893
|
+
# end
|
896
894
|
end
|
897
895
|
|
898
896
|
describe 'User with only :database_authenticatable and :registerable included' do
|
@@ -141,7 +141,8 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
141
141
|
assert_nil @data[DeviseJwtAuth.access_token_name]
|
142
142
|
end
|
143
143
|
|
144
|
-
test 'response should
|
144
|
+
test 'response should delete refresh token from client' do
|
145
|
+
assert_equal true, response.cookies.keys.include?(DeviseJwtAuth.refresh_token_name)
|
145
146
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
146
147
|
end
|
147
148
|
|
@@ -174,7 +175,7 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
174
175
|
|
175
176
|
test 'response should not have refresh token' do
|
176
177
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
177
|
-
end
|
178
|
+
end
|
178
179
|
end
|
179
180
|
|
180
181
|
describe 'failure' do
|
@@ -206,37 +207,35 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
206
207
|
end
|
207
208
|
end
|
208
209
|
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
end
|
239
|
-
=end
|
210
|
+
# describe 'failure with bad password when change_headers_on_each_request false' do
|
211
|
+
# before do
|
212
|
+
# DeviseJwtAuth.change_headers_on_each_request = false
|
213
|
+
#
|
214
|
+
# # accessing current_user calls through set_user_by_token,
|
215
|
+
# # which initializes client_id
|
216
|
+
# @controller.current_user
|
217
|
+
#
|
218
|
+
# post :create,
|
219
|
+
# params: { email: @existing_user.email,
|
220
|
+
# password: 'bogus' }
|
221
|
+
#
|
222
|
+
# @resource = assigns(:resource)
|
223
|
+
# @data = JSON.parse(response.body)
|
224
|
+
# end
|
225
|
+
#
|
226
|
+
# test 'request should fail' do
|
227
|
+
# assert_equal 401, response.status
|
228
|
+
# end
|
229
|
+
#
|
230
|
+
# test 'response should contain errors' do
|
231
|
+
# assert @data['errors']
|
232
|
+
# assert_equal @data['errors'], [I18n.t('devise_jwt_auth.sessions.bad_credentials')]
|
233
|
+
# end
|
234
|
+
#
|
235
|
+
# after do
|
236
|
+
# DeviseJwtAuth.change_headers_on_each_request = true
|
237
|
+
# end
|
238
|
+
# end
|
240
239
|
|
241
240
|
describe 'case-insensitive email' do
|
242
241
|
before do
|
@@ -284,7 +283,6 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
284
283
|
@data = JSON.parse(response.body)
|
285
284
|
|
286
285
|
assert_equal 200, response.status
|
287
|
-
# p 'DATA', @data.inspect
|
288
286
|
assert @data[DeviseJwtAuth.access_token_name]
|
289
287
|
assert response.cookies[DeviseJwtAuth.refresh_token_name]
|
290
288
|
end
|
@@ -95,7 +95,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
|
|
95
95
|
@data = JSON.parse(response.body)
|
96
96
|
|
97
97
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
98
|
-
@mail_reset_token = @mail.body.match(/unlock_token=(.*)
|
98
|
+
@mail_reset_token = @mail.body.match(/unlock_token=(.*)"/)[1]
|
99
99
|
end
|
100
100
|
|
101
101
|
test 'response should return success status' do
|
@@ -161,7 +161,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
|
|
161
161
|
before do
|
162
162
|
@resource_class = LockableUser
|
163
163
|
@request_params = {
|
164
|
-
email:
|
164
|
+
email: @resource.email.upcase
|
165
165
|
}
|
166
166
|
end
|
167
167
|
|