RubyGems - devise_token_auth - Versions diffs - 0.1.30.beta3 → 0.1.30.beta4 - Mend

devise_token_auth 0.1.30.beta3 → 0.1.30.beta4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (48) hide show

data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb CHANGED Viewed

@@ -30,7 +30,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
           auth_origin_url: @redirect_url
         }
-        @user = assigns(:user)
+        @resource = assigns(:resource)
       end
       test 'status should be success' do
@@ -46,15 +46,15 @@ class OmniauthTest < ActionDispatch::IntegrationTest
       end
       test 'user should have been created' do
-        assert @user
+        assert @resource
       end
       test 'user should be assigned info from provider' do
-        assert_equal 'chongbong@aol.com', @user.email
+        assert_equal 'chongbong@aol.com', @resource.email
       end
       test 'user should be of the correct class' do
-        assert_equal User, @user.class
+        assert_equal User, @resource.class
       end
       test 'response contains all serializable attributes for user' do
@@ -88,7 +88,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
           name: @unpermitted_param
         }
-        @user = assigns(:user)
+        @resource = assigns(:resource)
       end
       test 'status shows success' do
@@ -96,11 +96,11 @@ class OmniauthTest < ActionDispatch::IntegrationTest
       end
       test 'additional attribute was passed' do
-        assert_equal @fav_color, @user.favorite_color
+        assert_equal @fav_color, @resource.favorite_color
       end
       test 'non-whitelisted attributes are ignored' do
-        refute_equal @unpermitted_param, @user.name
+        refute_equal @unpermitted_param, @resource.name
       end
     end
   end
@@ -113,7 +113,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
           auth_origin_url: @redirect_url
         }
-        @user = assigns(:user)
+        @resource = assigns(:resource)
       end
       test 'status should be success' do
@@ -129,15 +129,15 @@ class OmniauthTest < ActionDispatch::IntegrationTest
       end
       test 'user should have been created' do
-        assert @user
+        assert @resource
       end
       test 'user should be assigned info from provider' do
-        assert_equal 'chongbong@aol.com', @user.email
+        assert_equal 'chongbong@aol.com', @resource.email
       end
       test 'user should be of the correct class' do
-        assert_equal Mang, @user.class
+        assert_equal Mang, @resource.class
       end
     end
   end

data/test/controllers/devise_token_auth/passwords_controller_test.rb CHANGED Viewed

@@ -10,97 +10,123 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
   describe DeviseTokenAuth::PasswordsController do
     describe "Password reset" do
       before do
-        @user = users(:confirmed_email_user)
+        @resource = users(:confirmed_email_user)
         @redirect_url = 'http://ng-token-auth.dev'
       end
       describe 'request password reset' do
-        before do
-          xhr :post, :create, {
-            email:        @user.email,
-            redirect_url: @redirect_url
-          }
-          @mail = ActionMailer::Base.deliveries.last
-          @user.reload
-          @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
-          @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
-          @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
-        end
-        test 'response should return success status' do
-          assert_equal 200, response.status
-        end
+        describe 'case-sensitive email' do
+          before do
+            xhr :post, :create, {
+              email:        @resource.email,
+              redirect_url: @redirect_url
+            }
-        test 'action should send an email' do
-          assert @mail
-        end
+            @mail = ActionMailer::Base.deliveries.last
+            @resource.reload
-        test 'the email should be addressed to the user' do
-          assert_equal @mail.to.first, @user.email
-        end
+            @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
+            @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
+            @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
+          end
-        test 'the email body should contain a link with redirect url as a query param' do
-          assert_equal @redirect_url, @mail_redirect_url
-        end
+          test 'response should return success status' do
+            assert_equal 200, response.status
+          end
-        test 'the client config name should fall back to "default"' do
-          assert_equal 'default', @mail_config_name
-        end
+          test 'action should send an email' do
+            assert @mail
+          end
-        test 'the email body should contain a link with reset token as a query param' do
-          user = User.reset_password_by_token({
-            reset_password_token: @mail_reset_token
-          })
+          test 'the email should be addressed to the user' do
+            assert_equal @mail.to.first, @resource.email
+          end
-          assert_equal user.id, @user.id
-        end
+          test 'the email body should contain a link with redirect url as a query param' do
+            assert_equal @redirect_url, @mail_redirect_url
+          end
+          test 'the client config name should fall back to "default"' do
+            assert_equal 'default', @mail_config_name
+          end
+          test 'the email body should contain a link with reset token as a query param' do
+            user = User.reset_password_by_token({
+              reset_password_token: @mail_reset_token
+            })
+            assert_equal user.id, @resource.id
+          end
-        describe 'password reset link failure' do
-          test 'request should not be authorized' do
-            assert_raises(ActionController::RoutingError) {
+          describe 'password reset link failure' do
+            test 'request should not be authorized' do
+              assert_raises(ActionController::RoutingError) {
+                xhr :get, :edit, {
+                  reset_password_token: 'bogus',
+                  redirect_url: @mail_redirect_url
+                }
+              }
+            end
+          end
+          describe 'password reset link success' do
+            before do
               xhr :get, :edit, {
-                reset_password_token: 'bogus',
+                reset_password_token: @mail_reset_token,
                 redirect_url: @mail_redirect_url
               }
-            }
+              @resource.reload
+              raw_qs = response.location.split('?')[1]
+              @qs = Rack::Utils.parse_nested_query(raw_qs)
+              @client_id      = @qs["client_id"]
+              @expiry         = @qs["expiry"]
+              @reset_password = @qs["reset_password"]
+              @token          = @qs["token"]
+              @uid            = @qs["uid"]
+            end
+            test 'respones should have success redirect status' do
+              assert_equal 302, response.status
+            end
+            test 'response should contain auth params' do
+              assert @client_id
+              assert @expiry
+              assert @reset_password
+              assert @token
+              assert @uid
+            end
+            test 'response auth params should be valid' do
+              assert @resource.valid_token?(@token, @client_id)
+            end
           end
         end
-        describe 'password reset link success' do
+        describe 'case-insensitive email' do
           before do
-            xhr :get, :edit, {
-              reset_password_token: @mail_reset_token,
-              redirect_url: @mail_redirect_url
+            @resource_class = User
+            @request_params = {
+              email:        @resource.email.upcase,
+              redirect_url: @redirect_url
             }
-            @user.reload
-            raw_qs = response.location.split('?')[1]
-            @qs = Rack::Utils.parse_nested_query(raw_qs)
-            @client_id      = @qs["client_id"]
-            @expiry         = @qs["expiry"]
-            @reset_password = @qs["reset_password"]
-            @token          = @qs["token"]
-            @uid            = @qs["uid"]
-          end
-          test 'respones should have success redirect status' do
-            assert_equal 302, response.status
           end
-          test 'response should contain auth params' do
-            assert @client_id
-            assert @expiry
-            assert @reset_password
-            assert @token
-            assert @uid
+          test 'response should return success status if configured' do
+            @resource_class.case_insensitive_keys = [:email]
+            xhr :post, :create, @request_params
+            assert_equal 200, response.status
           end
-          test 'response auth params should be valid' do
-            assert @user.valid_token?(@token, @client_id)
+          test 'response should return failure status if not configured' do
+            @resource_class.case_insensitive_keys = []
+            xhr :post, :create, @request_params
+            assert_equal 400, response.status
           end
         end
       end
@@ -108,7 +134,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
       describe "change password" do
         describe 'success' do
           before do
-            @auth_headers = @user.create_new_auth_token
+            @auth_headers = @resource.create_new_auth_token
             request.headers.merge!(@auth_headers)
             @new_password = Faker::Internet.password
@@ -117,7 +143,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
               password_confirmation: @new_password
             }
-            @user.reload
+            @resource.reload
           end
           test "request should be successful" do
@@ -125,13 +151,13 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
           end
           test "new password should authenticate user" do
-            assert @user.valid_password?(@new_password)
+            assert @resource.valid_password?(@new_password)
           end
         end
         describe 'password mismatch error' do
           before do
-            @auth_headers = @user.create_new_auth_token
+            @auth_headers = @resource.create_new_auth_token
             request.headers.merge!(@auth_headers)
             @new_password = Faker::Internet.password
@@ -148,7 +174,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
         describe 'unauthorized user' do
           before do
-            @auth_headers = @user.create_new_auth_token
+            @auth_headers = @resource.create_new_auth_token
             @new_password = Faker::Internet.password
             xhr :put, :update, {
@@ -174,16 +200,16 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
       end
       before do
-        @user = mangs(:confirmed_email_user)
+        @resource = mangs(:confirmed_email_user)
         @redirect_url = 'http://ng-token-auth.dev'
         xhr :post, :create, {
-          email:        @user.email,
+          email:        @resource.email,
           redirect_url: @redirect_url
         }
         @mail = ActionMailer::Base.deliveries.last
-        @user.reload
+        @resource.reload
         @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
         @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
@@ -199,22 +225,22 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
           reset_password_token: @mail_reset_token
         })
-        assert_equal user.id, @user.id
+        assert_equal user.id, @resource.id
       end
     end
     describe 'unconfirmed user' do
       before do
-        @user = users(:unconfirmed_email_user)
+        @resource = users(:unconfirmed_email_user)
         @redirect_url = 'http://ng-token-auth.dev'
         xhr :post, :create, {
-          email:        @user.email,
+          email:        @resource.email,
           redirect_url: @redirect_url
         }
         @mail = ActionMailer::Base.deliveries.last
-        @user.reload
+        @resource.reload
         @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
         @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
@@ -225,28 +251,28 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
           redirect_url: @mail_redirect_url
         }
-        @user.reload
+        @resource.reload
       end
       test 'unconfirmed email user should now be confirmed' do
-        assert @user.confirmed_at
+        assert @resource.confirmed_at
       end
     end
     describe 'alternate user type' do
       before do
-        @user         = users(:confirmed_email_user)
+        @resource         = users(:confirmed_email_user)
         @redirect_url = 'http://ng-token-auth.dev'
         @config_name  = "altUser"
         xhr :post, :create, {
-          email:        @user.email,
+          email:        @resource.email,
           redirect_url: @redirect_url,
           config_name:  @config_name
         }
         @mail = ActionMailer::Base.deliveries.last
-        @user.reload
+        @resource.reload
         @mail_config_name  = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
         @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])

data/test/controllers/devise_token_auth/registrations_controller_test.rb CHANGED Viewed

@@ -21,7 +21,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           unpermitted_param: '(x_x)'
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
         @mail = ActionMailer::Base.deliveries.last
       end
@@ -31,11 +31,11 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "user should have been created" do
-        assert @user.id
+        assert @resource.id
       end
       test "user should not be confirmed" do
-        assert_nil @user.confirmed_at
+        assert_nil @resource.confirmed_at
       end
       test "new user data should be returned as json" do
@@ -43,7 +43,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "new user should receive confirmation email" do
-        assert_equal @user.email, @mail['to'].to_s
+        assert_equal @resource.email, @mail['to'].to_s
       end
       test "new user password should not be returned" do
@@ -69,7 +69,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           operating_thetan: @operating_thetan
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
         @mail = ActionMailer::Base.deliveries.last
@@ -83,7 +83,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "additional sign_up params should be considered" do
-        assert_equal @operating_thetan, @user.operating_thetan
+        assert_equal @operating_thetan, @resource.operating_thetan
       end
       test 'config_name param is included in the confirmation email link' do
@@ -104,7 +104,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           confirm_success_url: Faker::Internet.url
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -113,7 +113,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "user should have been created" do
-        assert_nil @user.id
+        assert_nil @resource.id
       end
       test "error should be returned in the response" do
@@ -136,7 +136,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           confirm_success_url: Faker::Internet.url
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -145,7 +145,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "user should have been created" do
-        assert_nil @user.id
+        assert_nil @resource.id
       end
       test "error should be returned in the response" do
@@ -287,7 +287,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           confirm_success_url: Faker::Internet.url
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -296,7 +296,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "user should have been created" do
-        assert @user.id
+        assert @resource.id
       end
       test "new user data should be returned as json" do
@@ -313,7 +313,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           confirm_success_url: Faker::Internet.url
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
         @mail = ActionMailer::Base.deliveries.last
       end
@@ -323,20 +323,20 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "use should be a Mang" do
-        assert_equal "Mang", @user.class.name
+        assert_equal "Mang", @resource.class.name
       end
       test "Mang should be destroyed" do
-        @auth_headers  = @user.create_new_auth_token
+        @auth_headers  = @resource.create_new_auth_token
         @client_id     = @auth_headers['client']
         # ensure request is not treated as batch request
-        age_token(@user, @client_id)
+        age_token(@resource, @client_id)
         delete "/mangs", {}, @auth_headers
         assert_equal 200, response.status
-        refute Mang.where(id: @user.id).first
+        refute Mang.where(id: @resource.id).first
       end
     end
@@ -352,11 +352,11 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           config_name: @config_name
         }
-        @user = assigns(:resource)
+        @resource = assigns(:resource)
         @data = JSON.parse(response.body)
         @mail = ActionMailer::Base.deliveries.last
-        @user.reload
+        @resource.reload
         @mail_reset_token  = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
         @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=(.*)\"/)[1])
@@ -379,7 +379,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
           confirm_success_url: Faker::Internet.url
         }
-        @user      = assigns(:user)
+        @resource  = assigns(:resource)
         @token     = response.headers["access-token"]
         @client_id = response.headers["client"]
       end
@@ -389,11 +389,11 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "user was created" do
-        assert @user
+        assert @resource
       end
       test "user was confirmed" do
-        assert @user.confirmed?
+        assert @resource.confirmed?
       end
       test "auth headers were returned in response" do
@@ -405,7 +405,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       end
       test "response token is valid" do
-        assert @user.valid_token?(@token, @client_id)
+        assert @resource.valid_token?(@token, @client_id)
       end
     end
   end