devise_jwt_auth 0.1.1 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -3
- data/app/controllers/devise_jwt_auth/application_controller.rb +15 -13
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +2 -6
- data/app/controllers/devise_jwt_auth/concerns/{set_user_by_jwt_token.rb → set_user_by_token.rb} +23 -19
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +10 -19
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +32 -33
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +29 -19
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +4 -1
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +40 -21
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +21 -21
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +5 -4
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +7 -4
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +4 -1
- data/app/models/devise_jwt_auth/concerns/user.rb +18 -9
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +11 -3
- data/app/validators/devise_jwt_auth_email_validator.rb +5 -4
- data/lib/devise_jwt_auth/blacklist.rb +2 -0
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +1 -2
- data/lib/devise_jwt_auth/engine.rb +4 -4
- data/lib/devise_jwt_auth/rails/routes.rb +35 -24
- data/lib/devise_jwt_auth/token_factory.rb +3 -2
- data/lib/devise_jwt_auth/url.rb +2 -4
- data/lib/devise_jwt_auth/version.rb +1 -1
- data/lib/generators/devise_jwt_auth/install_generator.rb +7 -6
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +27 -6
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +3 -2
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +15 -16
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth_create_users.rb.erb +15 -11
- data/lib/generators/devise_jwt_auth/templates/user.rb.erb +2 -2
- data/test/controllers/custom/custom_confirmations_controller_test.rb +2 -2
- data/test/controllers/custom/custom_passwords_controller_test.rb +4 -4
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +2 -3
- data/test/controllers/custom/custom_registrations_controller_test.rb +2 -2
- data/test/controllers/demo_mang_controller_test.rb +206 -210
- data/test/controllers/demo_user_controller_test.rb +358 -374
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +5 -5
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +6 -7
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +11 -13
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +8 -12
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +23 -25
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +32 -34
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +2 -2
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/controllers/overrides/refresh_token_controller_test.rb +1 -2
- data/test/controllers/overrides/registrations_controller_test.rb +1 -1
- data/test/dummy/app/controllers/application_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +2 -1
- data/test/dummy/app/controllers/custom/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
- data/test/dummy/app/models/concerns/favorite_color.rb +11 -9
- data/test/dummy/config.ru +2 -2
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/boot.rb +1 -1
- data/test/dummy/config/environments/test.rb +11 -7
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +2 -2
- data/test/dummy/config/routes.rb +8 -8
- data/test/dummy/db/migrate/{20140715061447_devise_token_auth_create_users.rb → 20140715061447_devise_jwt_auth_create_users.rb} +0 -0
- data/test/dummy/db/migrate/{20140715061805_devise_token_auth_create_mangs.rb → 20140715061805_devise_jwt_auth_create_mangs.rb} +0 -0
- data/test/dummy/db/migrate/{20141222035835_devise_token_auth_create_only_email_users.rb → 20141222035835_devise_jwt_auth_create_only_email_users.rb} +9 -9
- data/test/dummy/db/migrate/{20141222053502_devise_token_auth_create_unregisterable_users.rb → 20141222053502_devise_jwt_auth_create_unregisterable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20150708104536_devise_token_auth_create_unconfirmable_users.rb → 20150708104536_devise_jwt_auth_create_unconfirmable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160103235141_devise_token_auth_create_scoped_users.rb → 20160103235141_devise_jwt_auth_create_scoped_users.rb} +0 -0
- data/test/dummy/db/migrate/{20160629184441_devise_token_auth_create_lockable_users.rb → 20160629184441_devise_jwt_auth_create_lockable_users.rb} +0 -0
- data/test/dummy/db/migrate/{20190924101113_devise_token_auth_create_confirmable_users.rb → 20190924101113_devise_jwt_auth_create_confirmable_users.rb} +6 -5
- data/test/dummy/db/schema.rb +170 -170
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +73 -0
- data/test/dummy/tmp/generators/db/migrate/20201006030349_devise_jwt_auth_create_users.rb +54 -0
- data/test/factories/users.rb +5 -3
- data/test/lib/devise_jwt_auth/token_factory_test.rb +6 -6
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +3 -20
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +4 -21
- data/test/models/concerns/tokens_serialization_test.rb +68 -68
- data/test/models/user_test.rb +35 -37
- data/test/support/controllers/routes.rb +7 -5
- data/test/test_helper.rb +1 -1
- metadata +70 -76
@@ -59,7 +59,7 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
59
59
|
end
|
60
60
|
|
61
61
|
test 'redirect url includes token params' do
|
62
|
-
assert
|
62
|
+
assert(@token_params.all? { |param| response.body.include?(param) })
|
63
63
|
assert response.body.include?('account_confirmation_success')
|
64
64
|
end
|
65
65
|
end
|
@@ -84,7 +84,7 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
84
84
|
end
|
85
85
|
|
86
86
|
test 'redirect url does not include token params' do
|
87
|
-
refute
|
87
|
+
refute(@token_params.any? { |param| response.body.include?(param) })
|
88
88
|
assert response.body.include?('account_confirmation_success')
|
89
89
|
end
|
90
90
|
end
|
@@ -92,9 +92,9 @@ class DeviseJwtAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
92
92
|
describe 'resend confirmation' do
|
93
93
|
before do
|
94
94
|
post :create,
|
95
|
-
|
96
|
-
|
97
|
-
|
95
|
+
params: { email: @new_user.email,
|
96
|
+
redirect_url: @redirect_url },
|
97
|
+
xhr: true
|
98
98
|
@resource = assigns(:resource)
|
99
99
|
|
100
100
|
@mail = ActionMailer::Base.deliveries.last
|
@@ -18,7 +18,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def get_parsed_data_json
|
21
|
-
encoded_json_data = @response.body.match(/var data
|
21
|
+
encoded_json_data = @response.body.match(/var data = JSON.parse\(decodeURIComponent\('(.+)'\)\);/)[1]
|
22
22
|
JSON.parse(URI.unescape(encoded_json_data))
|
23
23
|
end
|
24
24
|
|
@@ -286,9 +286,9 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
286
286
|
describe 'failure callback' do
|
287
287
|
setup do
|
288
288
|
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
|
289
|
-
OmniAuth.config.on_failure = proc
|
289
|
+
OmniAuth.config.on_failure = proc do |env|
|
290
290
|
OmniAuth::FailureEndpoint.new(env).redirect_to_failure
|
291
|
-
|
291
|
+
end
|
292
292
|
end
|
293
293
|
|
294
294
|
test 'renders expected data' do
|
@@ -331,8 +331,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
331
331
|
end
|
332
332
|
|
333
333
|
describe 'Using redirect_whitelist' do
|
334
|
-
|
335
|
-
describe "newWindow" do
|
334
|
+
describe 'newWindow' do
|
336
335
|
before do
|
337
336
|
@user_email = 'slemp.diggler@sillybandz.gov'
|
338
337
|
OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
|
@@ -361,7 +360,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
361
360
|
|
362
361
|
data = get_parsed_data_json
|
363
362
|
assert_equal "Redirect to '#{@bad_redirect_url}' not allowed.",
|
364
|
-
|
363
|
+
data['error']
|
365
364
|
# TODO: parse data and assert no access or refresh tokens were sent.
|
366
365
|
end
|
367
366
|
|
@@ -395,7 +394,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
395
394
|
end
|
396
395
|
end
|
397
396
|
|
398
|
-
describe
|
397
|
+
describe 'sameWindow' do
|
399
398
|
before do
|
400
399
|
@user_email = 'slemp.diggler@sillybandz.gov'
|
401
400
|
OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
|
@@ -66,7 +66,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
66
66
|
describe 'for edit' do
|
67
67
|
before do
|
68
68
|
get_reset_token
|
69
|
-
get :edit, params: { reset_password_token: @mail_reset_token}
|
69
|
+
get :edit, params: { reset_password_token: @mail_reset_token }
|
70
70
|
@data = JSON.parse(response.body)
|
71
71
|
end
|
72
72
|
|
@@ -145,7 +145,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
145
145
|
|
146
146
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
147
147
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
148
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
148
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
149
149
|
end
|
150
150
|
|
151
151
|
test 'response should return success status' do
|
@@ -237,7 +237,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
237
237
|
before do
|
238
238
|
@resource_class = User
|
239
239
|
@request_params = {
|
240
|
-
email:
|
240
|
+
email: @resource.email.upcase,
|
241
241
|
redirect_url: @redirect_url
|
242
242
|
}
|
243
243
|
end
|
@@ -264,13 +264,12 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
264
264
|
|
265
265
|
@mail = ActionMailer::Base.deliveries.last
|
266
266
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
267
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
267
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
268
268
|
|
269
269
|
@resource.reload
|
270
270
|
end
|
271
271
|
|
272
272
|
describe 'reset_password_token is valid' do
|
273
|
-
|
274
273
|
test 'mail_reset_token should be the same as reset_password_token' do
|
275
274
|
assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
|
276
275
|
end
|
@@ -492,7 +491,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
492
491
|
|
493
492
|
@mail = ActionMailer::Base.deliveries.last
|
494
493
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
495
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
494
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
496
495
|
|
497
496
|
# confirm via password reset email link
|
498
497
|
get :edit, params: { reset_password_token: @mail_reset_token,
|
@@ -568,10 +567,9 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
568
567
|
DeviseJwtAuth.require_client_password_reset_token = true
|
569
568
|
@redirect_url = 'http://client-app.dev'
|
570
569
|
get_reset_token
|
571
|
-
edit_url = CGI.unescape(@mail.body.match(/href
|
570
|
+
edit_url = CGI.unescape(@mail.body.match(/href="(.+)"/)[1])
|
572
571
|
query_parts = Rack::Utils.parse_nested_query(URI.parse(edit_url).query)
|
573
572
|
get :edit, params: query_parts
|
574
|
-
|
575
573
|
end
|
576
574
|
|
577
575
|
test 'reponse should be redirect' do
|
@@ -668,8 +666,8 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
668
666
|
|
669
667
|
describe 'without valid headers' do
|
670
668
|
before do
|
671
|
-
|
672
|
-
|
669
|
+
@auth_headers = @resource.create_named_token_pair
|
670
|
+
new_password = Faker::Internet.password
|
673
671
|
|
674
672
|
put :update, params: { password: new_password,
|
675
673
|
password_confirmation: new_password }
|
@@ -856,8 +854,8 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
856
854
|
@config_name = 'altUser'
|
857
855
|
|
858
856
|
params = { email: @resource.email,
|
859
|
-
|
860
|
-
|
857
|
+
redirect_url: @redirect_url,
|
858
|
+
config_name: @config_name }
|
861
859
|
get_reset_token params
|
862
860
|
end
|
863
861
|
|
@@ -875,7 +873,7 @@ class DeviseJwtAuth::PasswordsControllerTest < ActionController::TestCase
|
|
875
873
|
|
876
874
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
877
875
|
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
878
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)
|
876
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)"/)[1]
|
879
877
|
end
|
880
878
|
end
|
881
879
|
end
|
@@ -8,8 +8,7 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
8
8
|
before do
|
9
9
|
@resource = create(:user, :confirmed)
|
10
10
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
11
|
-
@resource.create_refresh_token
|
12
|
-
)
|
11
|
+
@resource.create_refresh_token)
|
13
12
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
14
13
|
@resp = JSON.parse(response.body)
|
15
14
|
end
|
@@ -22,13 +21,12 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
22
21
|
assert @resp[DeviseJwtAuth.access_token_name]
|
23
22
|
end
|
24
23
|
end
|
25
|
-
|
24
|
+
|
26
25
|
describe 'unconfirmed user' do
|
27
26
|
before do
|
28
27
|
@resource = create(:user)
|
29
28
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
30
|
-
@resource.create_refresh_token
|
31
|
-
)
|
29
|
+
@resource.create_refresh_token)
|
32
30
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
33
31
|
@resp = JSON.parse(response.body)
|
34
32
|
end
|
@@ -41,19 +39,18 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
41
39
|
assert_nil @resp[DeviseJwtAuth.access_token_name]
|
42
40
|
end
|
43
41
|
end
|
44
|
-
|
42
|
+
|
45
43
|
describe 'an expired token' do
|
46
44
|
before do
|
47
45
|
@resource = create(:user, :confirmed)
|
48
46
|
@exp = (Time.now - 1.hour).to_i
|
49
47
|
@expired_token = @resource.create_refresh_token(exp: @exp)
|
50
48
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
51
|
-
@expired_token
|
52
|
-
)
|
49
|
+
@expired_token)
|
53
50
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
54
51
|
@resp = JSON.parse(response.body)
|
55
52
|
end
|
56
|
-
|
53
|
+
|
57
54
|
it 'response error' do
|
58
55
|
assert_equal 401, response.status
|
59
56
|
end
|
@@ -66,12 +63,11 @@ class DeviseJwtAuth::RefreshTokenControllerTest < ActionDispatch::IntegrationTes
|
|
66
63
|
describe 'an invalid refresh token' do
|
67
64
|
before do
|
68
65
|
@auth_headers = get_cookie_header(DeviseJwtAuth.refresh_token_name,
|
69
|
-
|
70
|
-
)
|
66
|
+
'invalid-token')
|
71
67
|
get '/auth/refresh_token', params: {}, headers: @auth_headers
|
72
68
|
@resp = JSON.parse(response.body)
|
73
69
|
end
|
74
|
-
|
70
|
+
|
75
71
|
it 'response error' do
|
76
72
|
assert_equal 401, response.status
|
77
73
|
end
|
@@ -105,7 +105,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
105
105
|
|
106
106
|
@data = JSON.parse(response.body)
|
107
107
|
end
|
108
|
-
|
108
|
+
|
109
109
|
test 'an access token should be returned' do
|
110
110
|
assert @data[DeviseJwtAuth.access_token_name]
|
111
111
|
end
|
@@ -185,7 +185,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
185
185
|
unpermitted_param: '(x_x)' }
|
186
186
|
|
187
187
|
@data = JSON.parse(response.body)
|
188
|
-
|
188
|
+
|
189
189
|
assert_equal 422, response.status
|
190
190
|
assert_nil @data[DeviseJwtAuth.access_token_name]
|
191
191
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
@@ -223,17 +223,17 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
223
223
|
@resource = assigns(:resource)
|
224
224
|
@data = JSON.parse(response.body)
|
225
225
|
@mail = ActionMailer::Base.deliveries.last
|
226
|
-
@sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(
|
226
|
+
@sent_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)(&|")/)[1])
|
227
227
|
end
|
228
|
-
|
228
|
+
|
229
229
|
teardown do
|
230
230
|
DeviseJwtAuth.default_confirm_success_url = nil
|
231
231
|
end
|
232
|
-
|
232
|
+
|
233
233
|
test 'request should be successful' do
|
234
234
|
assert_equal 200, response.status
|
235
235
|
end
|
236
|
-
|
236
|
+
|
237
237
|
test 'email contains the default redirect url' do
|
238
238
|
assert_equal @redirect_url, @sent_redirect_url
|
239
239
|
end
|
@@ -310,7 +310,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
310
310
|
@mail = ActionMailer::Base.deliveries.last
|
311
311
|
|
312
312
|
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
313
|
-
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)
|
313
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
|
314
314
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
315
315
|
end
|
316
316
|
|
@@ -449,10 +449,10 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
449
449
|
before do
|
450
450
|
@existing_user = create(:user, :confirmed)
|
451
451
|
@auth_headers = @existing_user.create_named_token_pair
|
452
|
-
|
452
|
+
# @client_id = @auth_headers['client']
|
453
453
|
|
454
454
|
# ensure request is not treated as batch request
|
455
|
-
#age_token(@existing_user, @client_id)
|
455
|
+
# age_token(@existing_user, @client_id)
|
456
456
|
|
457
457
|
delete '/auth', params: {}, headers: @auth_headers
|
458
458
|
|
@@ -495,7 +495,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
495
495
|
describe 'Update user account' do
|
496
496
|
describe 'existing user' do
|
497
497
|
before do
|
498
|
-
@existing_user = create(:user, :confirmed)
|
498
|
+
@existing_user = create(:user, :confirmed)
|
499
499
|
@auth_headers = @existing_user.create_named_token_pair
|
500
500
|
|
501
501
|
# @client_id = @auth_headers['client']
|
@@ -799,7 +799,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
799
799
|
@resource.skip_confirmation!
|
800
800
|
@resource.save!
|
801
801
|
@auth_headers = @resource.create_named_token_pair
|
802
|
-
|
802
|
+
|
803
803
|
# @client_id = @auth_headers['client']
|
804
804
|
|
805
805
|
# ensure request is not treated as batch request
|
@@ -832,7 +832,7 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
832
832
|
@resource.reload
|
833
833
|
|
834
834
|
@mail_reset_token = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
|
835
|
-
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)
|
835
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)"/)[1])
|
836
836
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
837
837
|
end
|
838
838
|
|
@@ -879,20 +879,18 @@ class DeviseJwtAuth::RegistrationsControllerTest < ActionDispatch::IntegrationTe
|
|
879
879
|
test 'user was confirmed' do
|
880
880
|
assert @resource.confirmed?
|
881
881
|
end
|
882
|
-
|
883
|
-
=begin
|
884
|
-
test 'auth headers were returned in response' do
|
885
|
-
assert response.headers['access-token']
|
886
|
-
assert response.headers['token-type']
|
887
|
-
assert response.headers['client']
|
888
|
-
assert response.headers['expiry']
|
889
|
-
assert response.headers['uid']
|
890
|
-
end
|
891
882
|
|
892
|
-
test '
|
893
|
-
|
894
|
-
|
895
|
-
|
883
|
+
# test 'auth headers were returned in response' do
|
884
|
+
# assert response.headers['access-token']
|
885
|
+
# assert response.headers['token-type']
|
886
|
+
# assert response.headers['client']
|
887
|
+
# assert response.headers['expiry']
|
888
|
+
# assert response.headers['uid']
|
889
|
+
# end
|
890
|
+
#
|
891
|
+
# test 'response token is valid' do
|
892
|
+
# assert @resource.valid_token?(@token, @client_id)
|
893
|
+
# end
|
896
894
|
end
|
897
895
|
|
898
896
|
describe 'User with only :database_authenticatable and :registerable included' do
|
@@ -141,7 +141,8 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
141
141
|
assert_nil @data[DeviseJwtAuth.access_token_name]
|
142
142
|
end
|
143
143
|
|
144
|
-
test 'response should
|
144
|
+
test 'response should delete refresh token from client' do
|
145
|
+
assert_equal true, response.cookies.keys.include?(DeviseJwtAuth.refresh_token_name)
|
145
146
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
146
147
|
end
|
147
148
|
|
@@ -174,7 +175,7 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
174
175
|
|
175
176
|
test 'response should not have refresh token' do
|
176
177
|
assert_nil response.cookies[DeviseJwtAuth.refresh_token_name]
|
177
|
-
end
|
178
|
+
end
|
178
179
|
end
|
179
180
|
|
180
181
|
describe 'failure' do
|
@@ -206,37 +207,35 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
206
207
|
end
|
207
208
|
end
|
208
209
|
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
end
|
239
|
-
=end
|
210
|
+
# describe 'failure with bad password when change_headers_on_each_request false' do
|
211
|
+
# before do
|
212
|
+
# DeviseJwtAuth.change_headers_on_each_request = false
|
213
|
+
#
|
214
|
+
# # accessing current_user calls through set_user_by_token,
|
215
|
+
# # which initializes client_id
|
216
|
+
# @controller.current_user
|
217
|
+
#
|
218
|
+
# post :create,
|
219
|
+
# params: { email: @existing_user.email,
|
220
|
+
# password: 'bogus' }
|
221
|
+
#
|
222
|
+
# @resource = assigns(:resource)
|
223
|
+
# @data = JSON.parse(response.body)
|
224
|
+
# end
|
225
|
+
#
|
226
|
+
# test 'request should fail' do
|
227
|
+
# assert_equal 401, response.status
|
228
|
+
# end
|
229
|
+
#
|
230
|
+
# test 'response should contain errors' do
|
231
|
+
# assert @data['errors']
|
232
|
+
# assert_equal @data['errors'], [I18n.t('devise_jwt_auth.sessions.bad_credentials')]
|
233
|
+
# end
|
234
|
+
#
|
235
|
+
# after do
|
236
|
+
# DeviseJwtAuth.change_headers_on_each_request = true
|
237
|
+
# end
|
238
|
+
# end
|
240
239
|
|
241
240
|
describe 'case-insensitive email' do
|
242
241
|
before do
|
@@ -284,7 +283,6 @@ class DeviseJwtAuth::SessionsControllerTest < ActionController::TestCase
|
|
284
283
|
@data = JSON.parse(response.body)
|
285
284
|
|
286
285
|
assert_equal 200, response.status
|
287
|
-
# p 'DATA', @data.inspect
|
288
286
|
assert @data[DeviseJwtAuth.access_token_name]
|
289
287
|
assert response.cookies[DeviseJwtAuth.refresh_token_name]
|
290
288
|
end
|
@@ -95,7 +95,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
|
|
95
95
|
@data = JSON.parse(response.body)
|
96
96
|
|
97
97
|
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
98
|
-
@mail_reset_token = @mail.body.match(/unlock_token=(.*)
|
98
|
+
@mail_reset_token = @mail.body.match(/unlock_token=(.*)"/)[1]
|
99
99
|
end
|
100
100
|
|
101
101
|
test 'response should return success status' do
|
@@ -161,7 +161,7 @@ class DeviseJwtAuth::UnlocksControllerTest < ActionController::TestCase
|
|
161
161
|
before do
|
162
162
|
@resource_class = LockableUser
|
163
163
|
@request_params = {
|
164
|
-
email:
|
164
|
+
email: @resource.email.upcase
|
165
165
|
}
|
166
166
|
end
|
167
167
|
|