devise_jwt_auth 0.1.4 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/app/controllers/devise_jwt_auth/application_controller.rb +11 -22
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +3 -7
- data/app/controllers/devise_jwt_auth/concerns/set_user_by_token.rb +22 -18
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +10 -19
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +38 -46
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +34 -36
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +4 -1
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +40 -21
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +21 -21
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +5 -4
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +7 -14
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +3 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +4 -1
- data/app/models/devise_jwt_auth/concerns/user.rb +18 -11
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +11 -3
- data/app/validators/devise_jwt_auth_email_validator.rb +12 -2
- data/app/views/devise/mailer/reset_password_instructions.html.erb +1 -1
- data/lib/devise_jwt_auth/blacklist.rb +3 -1
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +1 -2
- data/lib/devise_jwt_auth/engine.rb +4 -4
- data/lib/devise_jwt_auth/rails/routes.rb +35 -24
- data/lib/devise_jwt_auth/token_factory.rb +3 -2
- data/lib/devise_jwt_auth/url.rb +2 -4
- data/lib/devise_jwt_auth/version.rb +1 -1
- data/lib/generators/devise_jwt_auth/USAGE +1 -1
- data/lib/generators/devise_jwt_auth/install_generator.rb +7 -6
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +27 -6
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +3 -2
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +6 -7
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth_create_users.rb.erb +15 -11
- data/lib/generators/devise_jwt_auth/templates/user.rb.erb +2 -2
- data/test/controllers/custom/custom_confirmations_controller_test.rb +2 -2
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +1 -1
- data/test/controllers/custom/custom_passwords_controller_test.rb +8 -8
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +2 -3
- data/test/controllers/custom/custom_registrations_controller_test.rb +2 -2
- data/test/controllers/demo_group_controller_test.rb +0 -24
- data/test/controllers/demo_mang_controller_test.rb +4 -224
- data/test/controllers/demo_user_controller_test.rb +6 -432
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +5 -5
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +9 -10
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +34 -35
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +8 -12
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +12 -26
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +32 -34
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +2 -2
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/controllers/overrides/passwords_controller_test.rb +1 -6
- data/test/controllers/overrides/refresh_token_controller_test.rb +1 -2
- data/test/controllers/overrides/registrations_controller_test.rb +1 -1
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +2 -1
- data/test/dummy/app/controllers/custom/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -16
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +4 -4
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +4 -16
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
- data/test/dummy/app/models/concerns/favorite_color.rb +11 -9
- data/test/dummy/config/application.rb +1 -0
- data/test/dummy/config/boot.rb +1 -1
- data/test/dummy/config/environments/development.rb +2 -2
- data/test/dummy/config/environments/test.rb +11 -7
- data/test/dummy/config/initializers/devise_jwt_auth.rb +1 -0
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +2 -2
- data/test/dummy/config/routes.rb +10 -8
- data/test/dummy/config.ru +2 -2
- data/test/dummy/db/migrate/20141222035835_devise_jwt_auth_create_only_email_users.rb +9 -9
- data/test/dummy/db/migrate/20190924101113_devise_jwt_auth_create_confirmable_users.rb +6 -5
- data/test/dummy/db/schema.rb +170 -170
- data/test/dummy/tmp/generators/app/models/user.rb +8 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +6 -7
- data/test/dummy/tmp/generators/db/migrate/{20200210193225_devise_jwt_auth_create_azpire_v1_human_resource_users.rb → 20220123023137_devise_jwt_auth_create_users.rb} +20 -17
- data/test/factories/users.rb +5 -3
- data/test/lib/devise_jwt_auth/blacklist_test.rb +2 -2
- data/test/lib/devise_jwt_auth/token_factory_test.rb +7 -7
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +3 -20
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +4 -21
- data/test/models/concerns/tokens_serialization_test.rb +68 -68
- data/test/models/user_test.rb +0 -38
- data/test/support/controllers/routes.rb +7 -5
- data/test/test_helper.rb +1 -1
- metadata +45 -71
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +0 -9
@@ -14,86 +14,36 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
|
|
14
14
|
before do
|
15
15
|
@resource = create(:mang_user, :confirmed)
|
16
16
|
@auth_headers = @resource.create_named_token_pair
|
17
|
-
|
18
|
-
# @token = @auth_headers['access-token']
|
19
|
-
# @client_id = @auth_headers['client']
|
20
|
-
# @expiry = @auth_headers['expiry']
|
21
17
|
end
|
22
18
|
|
23
19
|
describe 'successful request' do
|
24
20
|
before do
|
25
|
-
# ensure that request is not treated as batch request
|
26
|
-
# age_token(@resource, @client_id)
|
27
|
-
|
28
21
|
get '/demo/members_only_mang',
|
29
22
|
params: {},
|
30
23
|
headers: @auth_headers
|
31
|
-
|
32
|
-
# @resp_token = response.headers['access-token']
|
33
|
-
# @resp_client_id = response.headers['client']
|
34
|
-
# @resp_expiry = response.headers['expiry']
|
35
|
-
# @resp_uid = response.headers['uid']
|
36
24
|
end
|
37
25
|
|
38
26
|
describe 'devise mappings' do
|
39
27
|
it 'should define current_mang' do
|
40
28
|
assert_equal @resource, @controller.current_mang
|
41
29
|
end
|
42
|
-
|
30
|
+
|
43
31
|
it 'should define mang_signed_in?' do
|
44
32
|
assert @controller.mang_signed_in?
|
45
33
|
end
|
46
|
-
|
34
|
+
|
47
35
|
it 'should not define current_user' do
|
48
36
|
refute_equal @resource, @controller.current_user
|
49
37
|
end
|
50
|
-
|
38
|
+
|
51
39
|
it 'should define render_authenticate_error' do
|
52
40
|
assert @controller.methods.include?(:render_authenticate_error)
|
53
41
|
end
|
54
42
|
end
|
55
|
-
|
43
|
+
|
56
44
|
it 'should return success status' do
|
57
45
|
assert_equal 200, response.status
|
58
46
|
end
|
59
|
-
|
60
|
-
=begin
|
61
|
-
it 'should receive new token after successful request' do
|
62
|
-
refute_equal @token, @resp_token
|
63
|
-
end
|
64
|
-
|
65
|
-
it 'should preserve the client id from the first request' do
|
66
|
-
assert_equal @client_id, @resp_client_id
|
67
|
-
end
|
68
|
-
|
69
|
-
it "should return the user's uid in the auth header" do
|
70
|
-
assert_equal @resource.uid, @resp_uid
|
71
|
-
end
|
72
|
-
|
73
|
-
it 'should not treat this request as a batch request' do
|
74
|
-
refute assigns(:is_batch_request)
|
75
|
-
end
|
76
|
-
|
77
|
-
describe 'subsequent requests' do
|
78
|
-
before do
|
79
|
-
@resource.reload
|
80
|
-
# ensure that request is not treated as batch request
|
81
|
-
# age_token(@resource, @client_id)
|
82
|
-
|
83
|
-
get '/demo/members_only_mang',
|
84
|
-
params: {},
|
85
|
-
headers: @auth_headers.merge('access-token' => @resp_token)
|
86
|
-
end
|
87
|
-
|
88
|
-
it 'should not treat this request as a batch request' do
|
89
|
-
refute assigns(:is_batch_request)
|
90
|
-
end
|
91
|
-
|
92
|
-
it 'should allow a new request to be made using new token' do
|
93
|
-
assert_equal 200, response.status
|
94
|
-
end
|
95
|
-
end
|
96
|
-
=end
|
97
47
|
end
|
98
48
|
|
99
49
|
describe 'failed request' do
|
@@ -111,176 +61,6 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
|
|
111
61
|
assert_equal 401, response.status
|
112
62
|
end
|
113
63
|
end
|
114
|
-
|
115
|
-
=begin
|
116
|
-
describe 'disable change_headers_on_each_request' do
|
117
|
-
before do
|
118
|
-
DeviseJwtAuth.change_headers_on_each_request = false
|
119
|
-
@resource.reload
|
120
|
-
# age_token(@resource, @client_id)
|
121
|
-
|
122
|
-
get '/demo/members_only_mang',
|
123
|
-
params: {},
|
124
|
-
headers: @auth_headers
|
125
|
-
|
126
|
-
@first_is_batch_request = assigns(:is_batch_request)
|
127
|
-
@first_user = assigns(:resource).dup
|
128
|
-
@first_access_token = response.headers['access-token']
|
129
|
-
@first_response_status = response.status
|
130
|
-
|
131
|
-
@resource.reload
|
132
|
-
# age_token(@resource, @client_id)
|
133
|
-
|
134
|
-
# use expired auth header
|
135
|
-
get '/demo/members_only_mang',
|
136
|
-
params: {},
|
137
|
-
headers: @auth_headers
|
138
|
-
|
139
|
-
@second_is_batch_request = assigns(:is_batch_request)
|
140
|
-
@second_user = assigns(:resource).dup
|
141
|
-
@second_access_token = response.headers['access-token']
|
142
|
-
@second_response_status = response.status
|
143
|
-
end
|
144
|
-
|
145
|
-
after do
|
146
|
-
DeviseJwtAuth.change_headers_on_each_request = true
|
147
|
-
end
|
148
|
-
|
149
|
-
it 'should allow the first request through' do
|
150
|
-
assert_equal 200, @first_response_status
|
151
|
-
end
|
152
|
-
|
153
|
-
it 'should allow the second request through' do
|
154
|
-
assert_equal 200, @second_response_status
|
155
|
-
end
|
156
|
-
|
157
|
-
it 'should return auth headers from the first request' do
|
158
|
-
assert @first_access_token
|
159
|
-
end
|
160
|
-
|
161
|
-
it 'should not treat either requests as batch requests' do
|
162
|
-
refute @first_is_batch_request
|
163
|
-
refute @second_is_batch_request
|
164
|
-
end
|
165
|
-
|
166
|
-
it 'should return auth headers from the second request' do
|
167
|
-
assert @second_access_token
|
168
|
-
end
|
169
|
-
|
170
|
-
it 'should define user during first request' do
|
171
|
-
assert @first_user
|
172
|
-
end
|
173
|
-
|
174
|
-
it 'should define user during second request' do
|
175
|
-
assert @second_user
|
176
|
-
end
|
177
|
-
end
|
178
|
-
|
179
|
-
describe 'batch requests' do
|
180
|
-
describe 'success' do
|
181
|
-
before do
|
182
|
-
# age_token(@resource, @client_id)
|
183
|
-
|
184
|
-
get '/demo/members_only_mang',
|
185
|
-
params: {},
|
186
|
-
headers: @auth_headers
|
187
|
-
|
188
|
-
@first_is_batch_request = assigns(:is_batch_request)
|
189
|
-
@first_user = assigns(:resource)
|
190
|
-
@first_access_token = response.headers['access-token']
|
191
|
-
|
192
|
-
get '/demo/members_only_mang',
|
193
|
-
params: {},
|
194
|
-
headers: @auth_headers
|
195
|
-
|
196
|
-
@second_is_batch_request = assigns(:is_batch_request)
|
197
|
-
@second_user = assigns(:resource)
|
198
|
-
@second_access_token = response.headers['access-token']
|
199
|
-
end
|
200
|
-
|
201
|
-
it 'should allow both requests through' do
|
202
|
-
assert_equal 200, response.status
|
203
|
-
end
|
204
|
-
|
205
|
-
it 'should not treat the first request as a batch request' do
|
206
|
-
refute @first_is_batch_request
|
207
|
-
end
|
208
|
-
|
209
|
-
it 'should treat the second request as a batch request' do
|
210
|
-
assert @second_is_batch_request
|
211
|
-
end
|
212
|
-
|
213
|
-
it 'should return access token for first (non-batch) request' do
|
214
|
-
assert @first_access_token
|
215
|
-
end
|
216
|
-
|
217
|
-
it 'should not return auth headers for second (batched) requests' do
|
218
|
-
assert_equal ' ', @second_access_token
|
219
|
-
end
|
220
|
-
end
|
221
|
-
|
222
|
-
describe 'time out' do
|
223
|
-
before do
|
224
|
-
@resource.reload
|
225
|
-
# age_token(@resource, @client_id)
|
226
|
-
|
227
|
-
get '/demo/members_only_mang',
|
228
|
-
params: {},
|
229
|
-
headers: @auth_headers
|
230
|
-
|
231
|
-
@first_is_batch_request = assigns(:is_batch_request)
|
232
|
-
@first_user = assigns(:resource).dup
|
233
|
-
@first_access_token = response.headers['access-token']
|
234
|
-
@first_response_status = response.status
|
235
|
-
|
236
|
-
@resource.reload
|
237
|
-
# age_token(@resource, @client_id)
|
238
|
-
|
239
|
-
# use expired auth header
|
240
|
-
get '/demo/members_only_mang',
|
241
|
-
params: {},
|
242
|
-
headers: @auth_headers
|
243
|
-
|
244
|
-
@second_is_batch_request = assigns(:is_batch_request)
|
245
|
-
@second_user = assigns(:resource)
|
246
|
-
@second_access_token = response.headers['access-token']
|
247
|
-
@second_response_status = response.status
|
248
|
-
end
|
249
|
-
|
250
|
-
it 'should allow the first request through' do
|
251
|
-
assert_equal 200, @first_response_status
|
252
|
-
end
|
253
|
-
|
254
|
-
it 'should not allow the second request through' do
|
255
|
-
assert_equal 401, @second_response_status
|
256
|
-
end
|
257
|
-
|
258
|
-
it 'should not treat first request as batch request' do
|
259
|
-
refute @second_is_batch_request
|
260
|
-
end
|
261
|
-
|
262
|
-
it 'should return auth headers from the first request' do
|
263
|
-
assert @first_access_token
|
264
|
-
end
|
265
|
-
|
266
|
-
it 'should not treat second request as batch request' do
|
267
|
-
refute @second_is_batch_request
|
268
|
-
end
|
269
|
-
|
270
|
-
it 'should not return auth headers from the second request' do
|
271
|
-
refute @second_access_token
|
272
|
-
end
|
273
|
-
|
274
|
-
it 'should define user during first request' do
|
275
|
-
assert @first_user
|
276
|
-
end
|
277
|
-
|
278
|
-
it 'should not define user during second request' do
|
279
|
-
refute @second_user
|
280
|
-
end
|
281
|
-
end
|
282
|
-
end
|
283
|
-
=end
|
284
64
|
end
|
285
65
|
end
|
286
66
|
end
|