devise_token_auth 0.1.20 → 0.1.21.alpha1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +274 -77
  3. data/app/controllers/devise_token_auth/auth_controller.rb +4 -1
  4. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +8 -2
  5. data/app/controllers/devise_token_auth/confirmations_controller.rb +1 -1
  6. data/app/controllers/devise_token_auth/passwords_controller.rb +3 -3
  7. data/app/controllers/devise_token_auth/registrations_controller.rb +1 -1
  8. data/app/controllers/devise_token_auth/sessions_controller.rb +1 -1
  9. data/app/models/{user.rb → devise_token_auth/concerns/user.rb} +28 -23
  10. data/config/initializers/devise.rb +4 -64
  11. data/config/routes.rb +2 -14
  12. data/lib/devise_token_auth/engine.rb +5 -1
  13. data/lib/devise_token_auth/rails/routes.rb +36 -0
  14. data/lib/devise_token_auth/version.rb +1 -1
  15. data/lib/generators/devise_token_auth/USAGE +23 -5
  16. data/lib/generators/devise_token_auth/install_generator.rb +69 -5
  17. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +5 -0
  18. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +56 -0
  19. data/lib/generators/devise_token_auth/templates/user.rb +3 -0
  20. data/test/controllers/demo_controller_test.rb +39 -4
  21. data/test/controllers/devise_token_auth/auth_controller_test.rb +98 -0
  22. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +37 -2
  23. data/test/controllers/devise_token_auth/passwords_controller_test.rb +38 -2
  24. data/test/controllers/devise_token_auth/registrations_controller_test.rb +31 -4
  25. data/test/controllers/devise_token_auth/sessions_controller_test.rb +32 -0
  26. data/test/dummy/app/assets/images/omniauth-provider-settings.png +0 -0
  27. data/test/dummy/app/models/mang.rb +3 -0
  28. data/test/dummy/app/models/user.rb +3 -0
  29. data/test/dummy/config/initializers/devise_token_auth.rb +5 -0
  30. data/test/dummy/config/routes.rb +16 -1
  31. data/test/dummy/db/development.sqlite3 +0 -0
  32. data/{lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb → test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb} +0 -0
  33. data/test/dummy/db/migrate/{20140714223034_devise_token_auth_create_users.rb → 20140715061805_devise_token_auth_create_mangs.rb} +7 -7
  34. data/test/dummy/db/schema.rb +35 -4
  35. data/test/dummy/db/test.sqlite3 +0 -0
  36. data/test/dummy/log/development.log +7601 -0
  37. data/test/dummy/log/test.log +128490 -0
  38. data/test/fixtures/mangs.yml +31 -0
  39. data/test/test_helper.rb +13 -9
  40. metadata +22 -8
@@ -14,4 +14,9 @@ DeviseTokenAuth.setup do |config|
14
14
  # auth token. This setting determines how far apart the requests can be while
15
15
  # still using the same auth token.
16
16
  #config.batch_request_buffer_throttle = 5.seconds
17
+
18
+ # This route will be the prefix for all oauth2 redirect callbacks. For
19
+ # example, using the default '/omniauth', the github oauth2 provider will
20
+ # redirect successful authentications to '/omniauth/github/callback'
21
+ #config.omniauth_prefix = "/omniauth"
17
22
  end
@@ -0,0 +1,56 @@
1
+ class DeviseTokenAuthCreate<%= user_class.pluralize %> < ActiveRecord::Migration
2
+ def change
3
+ create_table(:<%= user_class.pluralize.underscore %>) do |t|
4
+ ## Database authenticatable
5
+ t.string :email
6
+ t.string :encrypted_password, :null => false, :default => ""
7
+
8
+ ## Recoverable
9
+ t.string :reset_password_token
10
+ t.datetime :reset_password_sent_at
11
+ t.string :reset_password_redirect_url
12
+
13
+ ## Rememberable
14
+ t.datetime :remember_created_at
15
+
16
+ ## Trackable
17
+ t.integer :sign_in_count, :default => 0, :null => false
18
+ t.datetime :current_sign_in_at
19
+ t.datetime :last_sign_in_at
20
+ t.string :current_sign_in_ip
21
+ t.string :last_sign_in_ip
22
+
23
+ ## Confirmable
24
+ t.string :confirmation_token
25
+ t.datetime :confirmed_at
26
+ t.datetime :confirmation_sent_at
27
+ t.string :confirm_success_url
28
+ t.string :unconfirmed_email # Only if using reconfirmable
29
+
30
+ ## Lockable
31
+ # t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
32
+ # t.string :unlock_token # Only if unlock strategy is :email or :both
33
+ # t.datetime :locked_at
34
+
35
+ ## User Info
36
+ t.string :name
37
+ t.string :nickname
38
+ t.string :image
39
+
40
+ ## unique oauth id
41
+ t.string :provider
42
+ t.string :uid, :null => false, :default => ""
43
+
44
+ ## Tokens
45
+ t.text :tokens
46
+
47
+ t.timestamps
48
+ end
49
+
50
+ add_index :<%= user_class.pluralize.underscore %>, :email
51
+ add_index :<%= user_class.pluralize.underscore %>, :uid, :unique => true
52
+ add_index :<%= user_class.pluralize.underscore %>, :reset_password_token, :unique => true
53
+ # add_index :<%= user_class.pluralize.underscore %>, :confirmation_token, :unique => true
54
+ # add_index :<%= user_class.pluralize.underscore %>, :unlock_token, :unique => true
55
+ end
56
+ end
@@ -0,0 +1,3 @@
1
+ class <%= user_class %> < ActiveRecord::Base
2
+ include DeviseTokenAuth::Concerns::User
3
+ end
@@ -8,10 +8,6 @@ require 'test_helper'
8
8
 
9
9
  class DemoControllerTest < ActionController::TestCase
10
10
  describe DemoController, "Token access" do
11
- setup do
12
- @routes = Dummy::Application.routes
13
- end
14
-
15
11
  before do
16
12
  @user = users(:confirmed_email_user)
17
13
  @user.skip_confirmation!
@@ -230,4 +226,43 @@ class DemoControllerTest < ActionController::TestCase
230
226
  end
231
227
  end
232
228
  end
229
+
230
+ # test with non-standard user class
231
+ describe DemoController, "Alternate user class" do
232
+ setup do
233
+ @request.env['devise.mapping'] = Devise.mappings[:mang]
234
+ end
235
+
236
+ teardown do
237
+ @request.env['devise.mapping'] = Devise.mappings[:user]
238
+ end
239
+
240
+ before do
241
+ @user = mangs(:confirmed_email_user)
242
+ @user.skip_confirmation!
243
+ @user.save!
244
+
245
+ @auth_header = @user.create_new_auth_token
246
+
247
+ @token = @auth_header[/token=(.*?) /,1]
248
+ @client_id = @auth_header[/client=(.*?) /,1]
249
+ @expiry = @auth_header[/expiry=(.*?) /,1]
250
+
251
+ # ensure that request is not treated as batch request
252
+ age_token(@user, @client_id)
253
+
254
+ request.headers['Authorization'] = @auth_header
255
+ xhr :get, :members_only
256
+
257
+ @resp_auth_header = response.headers['Authorization']
258
+ @resp_token = @resp_auth_header[/token=(.*?) /,1]
259
+ @resp_client_id = @resp_auth_header[/client=(.*?) /,1]
260
+ @resp_expiry = @resp_auth_header[/expiry=(.*?) /,1]
261
+ @resp_uid = @resp_auth_header[/uid=(.*?)$/,1]
262
+ end
263
+
264
+ it 'should return success status' do
265
+ assert_equal 200, response.status
266
+ end
267
+ end
233
268
  end
@@ -0,0 +1,98 @@
1
+ require 'test_helper'
2
+
3
+ # was the web request successful?
4
+ # was the user redirected to the right page?
5
+ # was the user successfully authenticated?
6
+ # was the correct object stored in the response?
7
+ # was the appropriate message delivered in the json payload?
8
+
9
+ class OmniauthTest < ActionDispatch::IntegrationTest
10
+ setup do
11
+ OmniAuth.config.test_mode = true
12
+ OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new({
13
+ :provider => 'facebook',
14
+ :uid => '123545',
15
+ :info => {
16
+ name: 'chong',
17
+ email: 'chongbong@aol.com'
18
+ }
19
+ })
20
+ end
21
+
22
+ before do
23
+ @redirect_url = "http://ng-token-auth.dev/"
24
+ end
25
+
26
+ describe 'default user model' do
27
+ describe 'from api to provider' do
28
+ before do
29
+ get_via_redirect '/auth/facebook', {
30
+ auth_origin_url: @redirect_url
31
+ }
32
+
33
+ @user = assigns(:user)
34
+ end
35
+
36
+ test 'status should be success' do
37
+ assert_equal 200, response.status
38
+ end
39
+
40
+ test 'request should determine the correct resource_class' do
41
+ assert_equal 'User', request.env['omniauth.params']['resource_class']
42
+ end
43
+
44
+ test 'request should pass correct redirect_url' do
45
+ assert_equal @redirect_url, request.env['omniauth.params']['auth_origin_url']
46
+ end
47
+
48
+ test 'user should have been created' do
49
+ assert @user
50
+ end
51
+
52
+ test 'user should be assigned info from provider' do
53
+ assert_equal 'chongbong@aol.com', @user.email
54
+ end
55
+
56
+ test 'user should be of the correct class' do
57
+ assert_equal User, @user.class
58
+ end
59
+ end
60
+ end
61
+
62
+
63
+ describe 'alternate user model' do
64
+ describe 'from api to provider' do
65
+ before do
66
+ get_via_redirect '/bong/facebook', {
67
+ auth_origin_url: @redirect_url
68
+ }
69
+
70
+ @user = assigns(:user)
71
+ end
72
+
73
+ test 'status should be success' do
74
+ assert_equal 200, response.status
75
+ end
76
+
77
+ test 'request should determine the correct resource_class' do
78
+ assert_equal 'Mang', request.env['omniauth.params']['resource_class']
79
+ end
80
+
81
+ test 'request should pass correct redirect_url' do
82
+ assert_equal @redirect_url, request.env['omniauth.params']['auth_origin_url']
83
+ end
84
+
85
+ test 'user should have been created' do
86
+ assert @user
87
+ end
88
+
89
+ test 'user should be assigned info from provider' do
90
+ assert_equal 'chongbong@aol.com', @user.email
91
+ end
92
+
93
+ test 'user should be of the correct class' do
94
+ assert_equal Mang, @user.class
95
+ end
96
+ end
97
+ end
98
+ end
@@ -8,8 +8,6 @@ require 'test_helper'
8
8
 
9
9
  class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
10
10
  describe DeviseTokenAuth::ConfirmationsController, "Confirmation" do
11
- fixtures :users
12
-
13
11
  before do
14
12
  @new_user = users(:unconfirmed_email_user)
15
13
  @new_user.send_confirmation_instructions
@@ -50,4 +48,41 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
50
48
  end
51
49
  end
52
50
  end
51
+
52
+ # test with non-standard user class
53
+ describe DeviseTokenAuth::ConfirmationsController, "Alternate user class" do
54
+ setup do
55
+ @request.env['devise.mapping'] = Devise.mappings[:mang]
56
+ end
57
+
58
+ teardown do
59
+ @request.env['devise.mapping'] = Devise.mappings[:user]
60
+ end
61
+
62
+ before do
63
+ @new_user = mangs(:unconfirmed_email_user)
64
+ @new_user.send_confirmation_instructions
65
+ @mail = ActionMailer::Base.deliveries.last
66
+ @token = @mail.body.match(/confirmation_token=(.*)\"/)[1]
67
+ end
68
+
69
+ test 'should generate raw token' do
70
+ assert @token
71
+ end
72
+
73
+ test "should store token hash in user" do
74
+ assert @new_user.confirmation_token
75
+ end
76
+
77
+ describe "success" do
78
+ before do
79
+ xhr :get, :show, {confirmation_token: @token}
80
+ @user = assigns(:user)
81
+ end
82
+
83
+ test "user should now be confirmed" do
84
+ assert @user.confirmed?
85
+ end
86
+ end
87
+ end
53
88
  end
@@ -8,8 +8,6 @@ require 'test_helper'
8
8
 
9
9
  class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
10
10
  describe DeviseTokenAuth::PasswordsController, "Password reset" do
11
- fixtures :users
12
-
13
11
  before do
14
12
  @user = users(:confirmed_email_user)
15
13
  @redirect_url = 'http://ng-token-auth.dev'
@@ -163,5 +161,43 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
163
161
  end
164
162
  end
165
163
  end
164
+
165
+ describe DeviseTokenAuth::PasswordsController, "Alternate user class" do
166
+ setup do
167
+ @request.env['devise.mapping'] = Devise.mappings[:mang]
168
+ end
169
+
170
+ teardown do
171
+ @request.env['devise.mapping'] = Devise.mappings[:user]
172
+ end
173
+
174
+ before do
175
+ @user = mangs(:confirmed_email_user)
176
+ @redirect_url = 'http://ng-token-auth.dev'
177
+
178
+ xhr :post, :create, {
179
+ email: @user.email,
180
+ redirect_url: @redirect_url
181
+ }
182
+
183
+ @mail = ActionMailer::Base.deliveries.last
184
+ @user.reload
185
+
186
+ @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
187
+ @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)&amp;/)[1])
188
+ end
189
+
190
+ test 'response should return success status' do
191
+ assert_equal 200, response.status
192
+ end
193
+
194
+ test 'the email body should contain a link with reset token as a query param' do
195
+ user = Mang.reset_password_by_token({
196
+ reset_password_token: @mail_reset_token
197
+ })
198
+
199
+ assert_equal user.id, @user.id
200
+ end
201
+ end
166
202
  end
167
203
 
@@ -73,8 +73,6 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionController::TestCase
73
73
  end
74
74
 
75
75
  describe DeviseTokenAuth::RegistrationsController, "Existing users" do
76
- fixtures :users
77
-
78
76
  before do
79
77
  @existing_user = users(:confirmed_email_user)
80
78
 
@@ -104,8 +102,6 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionController::TestCase
104
102
 
105
103
 
106
104
  describe DeviseTokenAuth::RegistrationsController, "Ouath user has existing email" do
107
- fixtures :users
108
-
109
105
  before do
110
106
  @existing_user = users(:duplicate_email_facebook_user)
111
107
 
@@ -132,4 +128,35 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionController::TestCase
132
128
  assert @data['data']['email']
133
129
  end
134
130
  end
131
+
132
+ describe DeviseTokenAuth::RegistrationsController, "Alternate user class" do
133
+ setup do
134
+ @request.env['devise.mapping'] = Devise.mappings[:mang]
135
+ end
136
+
137
+ teardown do
138
+ @request.env['devise.mapping'] = Devise.mappings[:user]
139
+ end
140
+
141
+ before do
142
+ xhr :post, :create, {
143
+ email: -> { Faker::Internet.email },
144
+ password: "secret123",
145
+ password_confirmation: "secret123",
146
+ confirm_success_url: -> { Faker::Internet.url }
147
+ }
148
+
149
+ @user = assigns(:resource)
150
+ @data = JSON.parse(response.body)
151
+ @mail = ActionMailer::Base.deliveries.last
152
+ end
153
+
154
+ test "request should be successful" do
155
+ assert_equal 200, response.status
156
+ end
157
+
158
+ test "use should be a Mang" do
159
+ assert_equal "Mang", @user.class.name
160
+ end
161
+ end
135
162
  end
@@ -93,4 +93,36 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
93
93
  assert @data['errors']
94
94
  end
95
95
  end
96
+
97
+ describe DeviseTokenAuth::SessionsController, "Alternate user class" do
98
+ setup do
99
+ @request.env['devise.mapping'] = Devise.mappings[:mang]
100
+ end
101
+
102
+ teardown do
103
+ @request.env['devise.mapping'] = Devise.mappings[:user]
104
+ end
105
+
106
+ before do
107
+ @existing_user = mangs(:confirmed_email_user)
108
+ @existing_user.skip_confirmation!
109
+ @existing_user.save!
110
+
111
+ xhr :post, :create, {
112
+ email: @existing_user.email,
113
+ password: 'secret123'
114
+ }
115
+
116
+ @user = assigns(:user)
117
+ @data = JSON.parse(response.body)
118
+ end
119
+
120
+ test "request should succeed" do
121
+ assert_equal 200, response.status
122
+ end
123
+
124
+ test "request should return user data" do
125
+ assert_equal @existing_user.email, @data['data']['email']
126
+ end
127
+ end
96
128
  end
@@ -0,0 +1,3 @@
1
+ class Mang < ActiveRecord::Base
2
+ include DeviseTokenAuth::Concerns::User
3
+ end
@@ -0,0 +1,3 @@
1
+ class User < ActiveRecord::Base
2
+ include DeviseTokenAuth::Concerns::User
3
+ end
@@ -14,4 +14,9 @@ DeviseTokenAuth.setup do |config|
14
14
  # auth token. This setting determines how far apart the requests can be while
15
15
  # still using the same auth token.
16
16
  #config.batch_request_buffer_throttle = 5.seconds
17
+
18
+ # This route will be the prefix for all oauth2 redirect callbacks. For
19
+ # example, using the default '/omniauth', the github oauth2 provider will
20
+ # redirect successful authentications to '/omniauth/github/callback'
21
+ #config.omniauth_prefix = "/omniauth"
17
22
  end