devise_token_auth 0.1.21.alpha1 → 0.1.21.alpha2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +12 -3
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +4 -0
- data/lib/generators/devise_token_auth/install_generator.rb +14 -0
- data/test/controllers/demo_controller_test.rb +170 -168
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +60 -58
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +147 -146
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +145 -143
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +81 -79
- data/test/dummy/db/test.sqlite3 +0 -0
- data/test/dummy/log/test.log +9354 -0
- metadata +3 -3
@@ -7,81 +7,83 @@ require 'test_helper'
|
|
7
7
|
# was the appropriate message delivered in the json payload?
|
8
8
|
|
9
9
|
class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
|
10
|
-
describe DeviseTokenAuth::ConfirmationsController
|
11
|
-
|
12
|
-
@new_user = users(:unconfirmed_email_user)
|
13
|
-
@new_user.send_confirmation_instructions
|
14
|
-
@mail = ActionMailer::Base.deliveries.last
|
15
|
-
@token = @mail.body.match(/confirmation_token=(.*)\"/)[1]
|
16
|
-
end
|
17
|
-
|
18
|
-
test 'should generate raw token' do
|
19
|
-
assert @token
|
20
|
-
end
|
21
|
-
|
22
|
-
test "should store token hash in user" do
|
23
|
-
assert @new_user.confirmation_token
|
24
|
-
end
|
25
|
-
|
26
|
-
describe "success" do
|
10
|
+
describe DeviseTokenAuth::ConfirmationsController do
|
11
|
+
describe "Confirmation" do
|
27
12
|
before do
|
28
|
-
|
29
|
-
@
|
13
|
+
@new_user = users(:unconfirmed_email_user)
|
14
|
+
@new_user.send_confirmation_instructions
|
15
|
+
@mail = ActionMailer::Base.deliveries.last
|
16
|
+
@token = @mail.body.match(/confirmation_token=(.*)\"/)[1]
|
30
17
|
end
|
31
18
|
|
32
|
-
test
|
33
|
-
assert @
|
19
|
+
test 'should generate raw token' do
|
20
|
+
assert @token
|
34
21
|
end
|
35
22
|
|
36
|
-
test "should
|
37
|
-
|
23
|
+
test "should store token hash in user" do
|
24
|
+
assert @new_user.confirmation_token
|
38
25
|
end
|
39
|
-
end
|
40
26
|
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
@user = assigns(:user)
|
47
|
-
refute @user.confirmed?
|
48
|
-
end
|
49
|
-
end
|
50
|
-
end
|
27
|
+
describe "success" do
|
28
|
+
before do
|
29
|
+
xhr :get, :show, {confirmation_token: @token}
|
30
|
+
@user = assigns(:user)
|
31
|
+
end
|
51
32
|
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
@request.env['devise.mapping'] = Devise.mappings[:mang]
|
56
|
-
end
|
33
|
+
test "user should now be confirmed" do
|
34
|
+
assert @user.confirmed?
|
35
|
+
end
|
57
36
|
|
58
|
-
|
59
|
-
|
60
|
-
|
37
|
+
test "should redirect to success url" do
|
38
|
+
assert_redirected_to(/^#{@user.confirm_success_url}/)
|
39
|
+
end
|
40
|
+
end
|
61
41
|
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
42
|
+
describe "failure" do
|
43
|
+
test "user should not be confirmed" do
|
44
|
+
assert_raises(ActionController::RoutingError) {
|
45
|
+
xhr :get, :show, {confirmation_token: "bogus"}
|
46
|
+
}
|
47
|
+
@user = assigns(:user)
|
48
|
+
refute @user.confirmed?
|
49
|
+
end
|
50
|
+
end
|
67
51
|
end
|
68
52
|
|
69
|
-
test
|
70
|
-
|
71
|
-
|
53
|
+
# test with non-standard user class
|
54
|
+
describe "Alternate user model" do
|
55
|
+
setup do
|
56
|
+
@request.env['devise.mapping'] = Devise.mappings[:mang]
|
57
|
+
end
|
72
58
|
|
73
|
-
|
74
|
-
|
75
|
-
|
59
|
+
teardown do
|
60
|
+
@request.env['devise.mapping'] = Devise.mappings[:user]
|
61
|
+
end
|
76
62
|
|
77
|
-
describe "success" do
|
78
63
|
before do
|
79
|
-
|
80
|
-
@
|
64
|
+
@new_user = mangs(:unconfirmed_email_user)
|
65
|
+
@new_user.send_confirmation_instructions
|
66
|
+
@mail = ActionMailer::Base.deliveries.last
|
67
|
+
@token = @mail.body.match(/confirmation_token=(.*)\"/)[1]
|
81
68
|
end
|
82
69
|
|
83
|
-
test
|
84
|
-
assert @
|
70
|
+
test 'should generate raw token' do
|
71
|
+
assert @token
|
72
|
+
end
|
73
|
+
|
74
|
+
test "should store token hash in user" do
|
75
|
+
assert @new_user.confirmation_token
|
76
|
+
end
|
77
|
+
|
78
|
+
describe "success" do
|
79
|
+
before do
|
80
|
+
xhr :get, :show, {confirmation_token: @token}
|
81
|
+
@user = assigns(:user)
|
82
|
+
end
|
83
|
+
|
84
|
+
test "user should now be confirmed" do
|
85
|
+
assert @user.confirmed?
|
86
|
+
end
|
85
87
|
end
|
86
88
|
end
|
87
89
|
end
|
@@ -7,197 +7,198 @@ require 'test_helper'
|
|
7
7
|
# was the appropriate message delivered in the json payload?
|
8
8
|
|
9
9
|
class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
|
10
|
-
describe DeviseTokenAuth::PasswordsController
|
11
|
-
|
12
|
-
@user = users(:confirmed_email_user)
|
13
|
-
@redirect_url = 'http://ng-token-auth.dev'
|
14
|
-
end
|
15
|
-
|
16
|
-
describe 'request password reset' do
|
10
|
+
describe DeviseTokenAuth::PasswordsController do
|
11
|
+
describe "Password reset" do
|
17
12
|
before do
|
18
|
-
|
19
|
-
|
20
|
-
redirect_url: @redirect_url
|
21
|
-
}
|
22
|
-
|
23
|
-
@mail = ActionMailer::Base.deliveries.last
|
24
|
-
@user.reload
|
25
|
-
|
26
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
|
27
|
-
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)&/)[1])
|
28
|
-
end
|
29
|
-
|
30
|
-
test 'response should return success status' do
|
31
|
-
assert_equal 200, response.status
|
32
|
-
end
|
33
|
-
|
34
|
-
test 'action should save password_reset_redirect_url to user table' do
|
35
|
-
assert_equal @redirect_url, @user.reset_password_redirect_url
|
36
|
-
end
|
37
|
-
|
38
|
-
test 'action should send an email' do
|
39
|
-
assert @mail
|
40
|
-
end
|
41
|
-
|
42
|
-
test 'the email should be addressed to the user' do
|
43
|
-
assert_equal @mail.to.first, @user.email
|
44
|
-
end
|
45
|
-
|
46
|
-
test 'the email body should contain a link with redirect url as a query param' do
|
47
|
-
assert_equal @redirect_url, @mail_redirect_url
|
48
|
-
end
|
49
|
-
|
50
|
-
test 'the email body should contain a link with reset token as a query param' do
|
51
|
-
user = User.reset_password_by_token({
|
52
|
-
reset_password_token: @mail_reset_token
|
53
|
-
})
|
54
|
-
|
55
|
-
assert_equal user.id, @user.id
|
13
|
+
@user = users(:confirmed_email_user)
|
14
|
+
@redirect_url = 'http://ng-token-auth.dev'
|
56
15
|
end
|
57
16
|
|
58
|
-
describe 'password reset
|
59
|
-
test 'request should not be authorized' do
|
60
|
-
assert_raises(ActionController::RoutingError) {
|
61
|
-
xhr :get, :edit, {
|
62
|
-
reset_password_token: 'bogus',
|
63
|
-
redirect_url: @mail_redirect_url
|
64
|
-
}
|
65
|
-
}
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
describe 'password reset link success' do
|
17
|
+
describe 'request password reset' do
|
70
18
|
before do
|
71
|
-
xhr :
|
72
|
-
|
73
|
-
redirect_url: @
|
19
|
+
xhr :post, :create, {
|
20
|
+
email: @user.email,
|
21
|
+
redirect_url: @redirect_url
|
74
22
|
}
|
75
23
|
|
24
|
+
@mail = ActionMailer::Base.deliveries.last
|
76
25
|
@user.reload
|
77
26
|
|
78
|
-
@
|
79
|
-
@
|
27
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
|
28
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)&/)[1])
|
29
|
+
end
|
80
30
|
|
81
|
-
|
82
|
-
|
83
|
-
@reset_password = @qs["reset_password"].first
|
84
|
-
@token = @qs["token"].first
|
85
|
-
@uid = @qs["uid"].first
|
31
|
+
test 'response should return success status' do
|
32
|
+
assert_equal 200, response.status
|
86
33
|
end
|
87
34
|
|
88
|
-
test '
|
89
|
-
assert_equal
|
35
|
+
test 'action should save password_reset_redirect_url to user table' do
|
36
|
+
assert_equal @redirect_url, @user.reset_password_redirect_url
|
90
37
|
end
|
91
38
|
|
92
|
-
test '
|
93
|
-
assert @
|
94
|
-
assert @expiry
|
95
|
-
assert @reset_password
|
96
|
-
assert @token
|
97
|
-
assert @uid
|
39
|
+
test 'action should send an email' do
|
40
|
+
assert @mail
|
98
41
|
end
|
99
42
|
|
100
|
-
test '
|
101
|
-
|
43
|
+
test 'the email should be addressed to the user' do
|
44
|
+
assert_equal @mail.to.first, @user.email
|
102
45
|
end
|
103
|
-
end
|
104
|
-
end
|
105
46
|
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
@auth_header = @user.create_new_auth_token
|
110
|
-
request.headers['Authorization'] = @auth_header
|
111
|
-
@new_password = Faker::Internet.password
|
47
|
+
test 'the email body should contain a link with redirect url as a query param' do
|
48
|
+
assert_equal @redirect_url, @mail_redirect_url
|
49
|
+
end
|
112
50
|
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
}
|
51
|
+
test 'the email body should contain a link with reset token as a query param' do
|
52
|
+
user = User.reset_password_by_token({
|
53
|
+
reset_password_token: @mail_reset_token
|
54
|
+
})
|
117
55
|
|
118
|
-
@user.
|
56
|
+
assert_equal user.id, @user.id
|
119
57
|
end
|
120
58
|
|
121
|
-
|
122
|
-
|
59
|
+
describe 'password reset link failure' do
|
60
|
+
test 'request should not be authorized' do
|
61
|
+
assert_raises(ActionController::RoutingError) {
|
62
|
+
xhr :get, :edit, {
|
63
|
+
reset_password_token: 'bogus',
|
64
|
+
redirect_url: @mail_redirect_url
|
65
|
+
}
|
66
|
+
}
|
67
|
+
end
|
123
68
|
end
|
124
69
|
|
125
|
-
|
126
|
-
|
70
|
+
describe 'password reset link success' do
|
71
|
+
before do
|
72
|
+
xhr :get, :edit, {
|
73
|
+
reset_password_token: @mail_reset_token,
|
74
|
+
redirect_url: @mail_redirect_url
|
75
|
+
}
|
76
|
+
|
77
|
+
@user.reload
|
78
|
+
|
79
|
+
@uri = URI.parse(response.location)
|
80
|
+
@qs = CGI::parse(@uri.query)
|
81
|
+
|
82
|
+
@client_id = @qs["client_id"].first
|
83
|
+
@expiry = @qs["expiry"].first
|
84
|
+
@reset_password = @qs["reset_password"].first
|
85
|
+
@token = @qs["token"].first
|
86
|
+
@uid = @qs["uid"].first
|
87
|
+
end
|
88
|
+
|
89
|
+
test 'respones should have success redirect status' do
|
90
|
+
assert_equal 302, response.status
|
91
|
+
end
|
92
|
+
|
93
|
+
test 'response should contain auth params' do
|
94
|
+
assert @client_id
|
95
|
+
assert @expiry
|
96
|
+
assert @reset_password
|
97
|
+
assert @token
|
98
|
+
assert @uid
|
99
|
+
end
|
100
|
+
|
101
|
+
test 'response auth params should be valid' do
|
102
|
+
assert @user.valid_token?(@token, @client_id)
|
103
|
+
end
|
127
104
|
end
|
128
105
|
end
|
129
106
|
|
130
|
-
describe
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
107
|
+
describe "change password" do
|
108
|
+
describe 'success' do
|
109
|
+
before do
|
110
|
+
@auth_header = @user.create_new_auth_token
|
111
|
+
request.headers['Authorization'] = @auth_header
|
112
|
+
@new_password = Faker::Internet.password
|
135
113
|
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
114
|
+
xhr :put, :update, {
|
115
|
+
password: @new_password,
|
116
|
+
password_confirmation: @new_password
|
117
|
+
}
|
118
|
+
|
119
|
+
@user.reload
|
120
|
+
end
|
121
|
+
|
122
|
+
test "request should be successful" do
|
123
|
+
assert_equal 200, response.status
|
124
|
+
end
|
141
125
|
|
142
|
-
|
143
|
-
|
126
|
+
test "new password should authenticate user" do
|
127
|
+
assert @user.valid_password?(@new_password)
|
128
|
+
end
|
144
129
|
end
|
145
|
-
end
|
146
130
|
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
131
|
+
describe 'password mismatch error' do
|
132
|
+
before do
|
133
|
+
@auth_header = @user.create_new_auth_token
|
134
|
+
request.headers['Authorization'] = @auth_header
|
135
|
+
@new_password = Faker::Internet.password
|
151
136
|
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
137
|
+
xhr :put, :update, {
|
138
|
+
password: 'chong',
|
139
|
+
password_confirmation: 'bong'
|
140
|
+
}
|
141
|
+
end
|
142
|
+
|
143
|
+
test 'response should fail' do
|
144
|
+
assert_equal 422, response.status
|
145
|
+
end
|
156
146
|
end
|
157
147
|
|
158
|
-
|
159
|
-
|
148
|
+
describe 'unauthorized user' do
|
149
|
+
before do
|
150
|
+
@auth_header = @user.create_new_auth_token
|
151
|
+
@new_password = Faker::Internet.password
|
152
|
+
|
153
|
+
xhr :put, :update, {
|
154
|
+
password: @new_password,
|
155
|
+
password_confirmation: @new_password
|
156
|
+
}
|
157
|
+
end
|
158
|
+
|
159
|
+
test 'response should fail' do
|
160
|
+
assert_equal 401, response.status
|
161
|
+
end
|
160
162
|
end
|
161
163
|
end
|
162
164
|
end
|
163
|
-
end
|
164
165
|
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
166
|
+
describe "Alternate user class" do
|
167
|
+
setup do
|
168
|
+
@request.env['devise.mapping'] = Devise.mappings[:mang]
|
169
|
+
end
|
169
170
|
|
170
|
-
|
171
|
-
|
172
|
-
|
171
|
+
teardown do
|
172
|
+
@request.env['devise.mapping'] = Devise.mappings[:user]
|
173
|
+
end
|
173
174
|
|
174
|
-
|
175
|
-
|
176
|
-
|
175
|
+
before do
|
176
|
+
@user = mangs(:confirmed_email_user)
|
177
|
+
@redirect_url = 'http://ng-token-auth.dev'
|
177
178
|
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
179
|
+
xhr :post, :create, {
|
180
|
+
email: @user.email,
|
181
|
+
redirect_url: @redirect_url
|
182
|
+
}
|
182
183
|
|
183
|
-
|
184
|
-
|
184
|
+
@mail = ActionMailer::Base.deliveries.last
|
185
|
+
@user.reload
|
185
186
|
|
186
|
-
|
187
|
-
|
188
|
-
|
187
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
|
188
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)&/)[1])
|
189
|
+
end
|
189
190
|
|
190
|
-
|
191
|
-
|
192
|
-
|
191
|
+
test 'response should return success status' do
|
192
|
+
assert_equal 200, response.status
|
193
|
+
end
|
193
194
|
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
195
|
+
test 'the email body should contain a link with reset token as a query param' do
|
196
|
+
user = Mang.reset_password_by_token({
|
197
|
+
reset_password_token: @mail_reset_token
|
198
|
+
})
|
198
199
|
|
199
|
-
|
200
|
+
assert_equal user.id, @user.id
|
201
|
+
end
|
200
202
|
end
|
201
203
|
end
|
202
204
|
end
|
203
|
-
|