RubyGems - devise_token_auth - Versions diffs - 0.1.32.beta10 → 0.1.32 - Mend

devise_token_auth 0.1.32.beta10 → 0.1.32

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (59) hide show

data/test/controllers/devise_token_auth/sessions_controller_test.rb CHANGED

@@ -73,6 +73,24 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         end
       end
+      describe 'get sign_in is not supported' do
+        before do
+          xhr :get, :new, {
+            nickname: @existing_user.nickname,
+            password: 'secret123'
+          }
+          @data = JSON.parse(response.body)
+        end
+        test 'user is notified that they should use post sign_in to authenticate' do
+          assert_equal 405, response.status
+        end
+        test "response should contain errors" do
+          assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_supported")]
+        end
+      end
       describe 'alt auth keys' do
         before do
           xhr :post, :create, {
@@ -115,11 +133,17 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           @auth_headers = @existing_user.create_new_auth_token
           xhr :delete, :destroy, format: :json
+          @data = JSON.parse(response.body)
         end
         test "unauthed request returns 404" do
           assert_equal 404, response.status
         end
+        test "response should contain errors" do
+          assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.user_not_found")]
+        end
       end
       describe 'failure' do
@@ -139,6 +163,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         test "response should contain errors" do
           assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
         end
       end
@@ -146,7 +171,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           DeviseTokenAuth.change_headers_on_each_request = false
-          # accessing current_user calls through set_user_by_token,
+          # accessing current_user calls through set_user_by_token,
           # which initializes client_id
           @controller.current_user
@@ -165,6 +190,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         test "response should contain errors" do
           assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
         end
         after do
@@ -212,6 +238,59 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         assert_equal 401, response.status
       end
+      test "response should contain errors" do
+        assert @data['errors']
+        assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_confirmed", email: @unconfirmed_user.email)]
+      end
+    end
+    describe "Unconfirmed user with allowed unconfirmed access" do
+      before do
+        @original_duration = Devise.allow_unconfirmed_access_for
+        Devise.allow_unconfirmed_access_for = 3.days
+        @recent_unconfirmed_user = users(:recent_unconfirmed_email_user)
+        xhr :post, :create, {
+          email: @recent_unconfirmed_user.email,
+          password: 'secret123'
+        }
+        @resource = assigns(:resource)
+        @data = JSON.parse(response.body)
+      end
+      after do
+        Devise.allow_unconfirmed_access_for = @original_duration
+      end
+      test "request should succeed" do
+        assert_equal 200, response.status
+      end
+      test "request should return user data" do
+        assert_equal @recent_unconfirmed_user.email, @data['data']['email']
+      end
+    end
+    describe "Unconfirmed user with expired unconfirmed access" do
+      before do
+        @original_duration = Devise.allow_unconfirmed_access_for
+        Devise.allow_unconfirmed_access_for = 3.days
+        @unconfirmed_user = users(:unconfirmed_email_user)
+        xhr :post, :create, {
+          email: @unconfirmed_user.email,
+          password: 'secret123'
+        }
+        @resource = assigns(:resource)
+        @data = JSON.parse(response.body)
+      end
+      after do
+        Devise.allow_unconfirmed_access_for = @original_duration
+      end
+      test "request should fail" do
+        assert_equal 401, response.status
+      end
       test "response should contain errors" do
         assert @data['errors']
       end

data/test/controllers/devise_token_auth/token_validations_controller_test.rb CHANGED

@@ -45,5 +45,22 @@ class DeviseTokenAuth::TokenValidationsControllerTest < ActionDispatch::Integrat
         assert_equal 200, response.status
       end
     end
+    describe 'failure' do
+      before do
+        get '/api/v1/auth/validate_token', {}, @auth_headers.merge({"access-token" => "12345"})
+        @resp = JSON.parse(response.body)
+      end
+      test "request should fail" do
+        assert_equal 401, response.status
+      end
+      test "response should contain errors" do
+        assert @resp['errors']
+        assert_equal @resp['errors'], [I18n.t("devise_token_auth.token_validations.invalid")]
+      end
+    end
   end
 end

data/test/dummy/app/controllers/application_controller.rb CHANGED

@@ -10,5 +10,6 @@ class ApplicationController < ActionController::Base
     devise_parameter_sanitizer.for(:sign_up) << :favorite_color
     devise_parameter_sanitizer.for(:account_update) << :operating_thetan
     devise_parameter_sanitizer.for(:account_update) << :favorite_color
+    devise_parameter_sanitizer.for(:account_update) << :current_password
   end
 end

data/test/dummy/app/controllers/custom/confirmations_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
+  def show
+    super do |resource|
+      @show_block_called = true
+    end
+  end
+  def show_block_called?
+    @show_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
+  def omniauth_success
+    super do |resource|
+      @omniauth_success_block_called = true
+    end
+  end
+  def omniauth_success_block_called?
+    @omniauth_success_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/passwords_controller.rb ADDED

@@ -0,0 +1,35 @@
+class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+  def edit
+    super do |resource|
+      @edit_block_called = true
+    end
+  end
+  def update
+    super do |resource|
+      @update_block_called = true
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def edit_block_called?
+    @edit_block_called == true
+  end
+  def update_block_called?
+    @update_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/sessions_controller.rb ADDED

@@ -0,0 +1,23 @@
+class Custom::SessionsController < DeviseTokenAuth::SessionsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+  def destroy
+    super do |resource|
+      @destroy_block_called = true
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/token_validations_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsController
+  def validate_token
+    super do |resource|
+      @validate_token_block_called = true
+    end
+  end
+  def validate_token_block_called?
+    @validate_token_block_called == true
+  end
+end

data/test/dummy/app/models/unconfirmable_user.rb ADDED

@@ -0,0 +1,8 @@
+class UnconfirmableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable,
+         :trackable, :validatable,
+         :omniauthable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/config/application.rb CHANGED

@@ -19,5 +19,6 @@ module Dummy
     # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
+    config.autoload_paths << Rails.root.join('lib')
   end
 end

data/test/dummy/config/routes.rb CHANGED

@@ -20,13 +20,20 @@ Rails.application.routes.draw do
   }
   mount_devise_token_auth_for 'NiceUser', at: 'nice_user_auth', controllers: {
-    registrations: 'custom/registrations'
+    registrations: 'custom/registrations',
+    confirmations: 'custom/confirmations',
+    passwords: 'custom/passwords',
+    sessions: 'custom/sessions',
+    token_validations: 'custom/token_validations',
+    omniauth_callbacks: 'custom/omniauth_callbacks'
   }
   mount_devise_token_auth_for 'OnlyEmailUser', at: 'only_email_auth', skip: [:omniauth_callbacks]
   mount_devise_token_auth_for 'UnregisterableUser', at: 'unregisterable_user_auth', skip: [:registrations]
+  mount_devise_token_auth_for 'UnconfirmableUser', at: 'unconfirmable_user_auth'
   # test namespacing
   namespace :api do
     scope :v1 do

data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
   def change
     create_table(:users) do |t|
@@ -42,7 +44,11 @@ class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateMangs < ActiveRecord::Migration
   def change
     create_table(:mangs) do |t|
@@ -42,7 +44,11 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateEvilUsers < ActiveRecord::Migration
   def change
     create_table(:evil_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateEvilUsers < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       ## etc.
       t.string :favorite_color

data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateOnlyEmailUsers < ActiveRecord::Migration
   def change
     create_table(:only_email_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateOnlyEmailUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateUnregisterableUsers < ActiveRecord::Migration
   def change
     create_table(:unregisterable_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateUnregisterableUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20150409095712_devise_token_auth_create_nice_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateNiceUsers < ActiveRecord::Migration
   def change
     create_table(:nice_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateNiceUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb ADDED

@@ -0,0 +1,60 @@
+include MigrationDatabaseHelper
+class DeviseTokenAuthCreateUnconfirmableUsers < ActiveRecord::Migration
+  def change
+    create_table(:unconfirmable_users) do |t|
+      ## Required
+      t.string :provider, :null => false
+      t.string :uid, :null => false, :default => ""
+      ## Database authenticatable
+      t.string :encrypted_password, :null => false, :default => ""
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      t.integer  :sign_in_count, :default => 0, :null => false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      # t.integer  :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+      ## User Info
+      t.string :name
+      t.string :nickname
+      t.string :image
+      t.string :email
+      ## Tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
+      t.timestamps
+    end
+    add_index :unconfirmable_users, :email
+    add_index :unconfirmable_users, [:uid, :provider],     :unique => true
+    add_index :unconfirmable_users, :reset_password_token, :unique => true
+    # add_index :nice_users, :confirmation_token,   :unique => true
+    # add_index :nice_users, :unlock_token,         :unique => true
+  end
+end