RubyGems - devise_token_auth - Versions diffs - 0.1.32.beta10 → 0.1.32 - Mend

devise_token_auth 0.1.32.beta10 → 0.1.32

Files changed (59) hide show

data/test/controllers/devise_token_auth/sessions_controller_test.rb CHANGED

@@ -73,6 +73,24 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         end
       end
+      describe 'get sign_in is not supported' do
+        before do
+          xhr :get, :new, {
+            nickname: @existing_user.nickname,
+            password: 'secret123'
+          }
+          @data = JSON.parse(response.body)
+        end
+        test 'user is notified that they should use post sign_in to authenticate' do
+          assert_equal 405, response.status
+        end
+        test "response should contain errors" do
+          assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_supported")]
+        end
+      end
       describe 'alt auth keys' do
         before do
           xhr :post, :create, {
@@ -115,11 +133,17 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           @auth_headers = @existing_user.create_new_auth_token
           xhr :delete, :destroy, format: :json
+          @data = JSON.parse(response.body)
         end
         test "unauthed request returns 404" do
           assert_equal 404, response.status
         end
+        test "response should contain errors" do
+          assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.user_not_found")]
+        end
       end
       describe 'failure' do
@@ -139,6 +163,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         test "response should contain errors" do
           assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
         end
       end
@@ -146,7 +171,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           DeviseTokenAuth.change_headers_on_each_request = false
-          # accessing current_user calls through set_user_by_token,
+          # accessing current_user calls through set_user_by_token,
           # which initializes client_id
           @controller.current_user
@@ -165,6 +190,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         test "response should contain errors" do
           assert @data['errors']
+          assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.bad_credentials")]
         end
         after do
@@ -212,6 +238,59 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         assert_equal 401, response.status
       end
+      test "response should contain errors" do
+        assert @data['errors']
+        assert_equal @data['errors'], [I18n.t("devise_token_auth.sessions.not_confirmed", email: @unconfirmed_user.email)]
+      end
+    end
+    describe "Unconfirmed user with allowed unconfirmed access" do
+      before do
+        @original_duration = Devise.allow_unconfirmed_access_for
+        Devise.allow_unconfirmed_access_for = 3.days
+        @recent_unconfirmed_user = users(:recent_unconfirmed_email_user)
+        xhr :post, :create, {
+          email: @recent_unconfirmed_user.email,
+          password: 'secret123'
+        }
+        @resource = assigns(:resource)
+        @data = JSON.parse(response.body)
+      end
+      after do
+        Devise.allow_unconfirmed_access_for = @original_duration
+      end
+      test "request should succeed" do
+        assert_equal 200, response.status
+      end
+      test "request should return user data" do
+        assert_equal @recent_unconfirmed_user.email, @data['data']['email']
+      end
+    end
+    describe "Unconfirmed user with expired unconfirmed access" do
+      before do
+        @original_duration = Devise.allow_unconfirmed_access_for
+        Devise.allow_unconfirmed_access_for = 3.days
+        @unconfirmed_user = users(:unconfirmed_email_user)
+        xhr :post, :create, {
+          email: @unconfirmed_user.email,
+          password: 'secret123'
+        }
+        @resource = assigns(:resource)
+        @data = JSON.parse(response.body)
+      end
+      after do
+        Devise.allow_unconfirmed_access_for = @original_duration
+      end
+      test "request should fail" do
+        assert_equal 401, response.status
+      end
       test "response should contain errors" do
         assert @data['errors']
       end

data/test/controllers/devise_token_auth/token_validations_controller_test.rb CHANGED

@@ -45,5 +45,22 @@ class DeviseTokenAuth::TokenValidationsControllerTest < ActionDispatch::Integrat
         assert_equal 200, response.status
       end
     end
+    describe 'failure' do
+      before do
+        get '/api/v1/auth/validate_token', {}, @auth_headers.merge({"access-token" => "12345"})
+        @resp = JSON.parse(response.body)
+      end
+      test "request should fail" do
+        assert_equal 401, response.status
+      end
+      test "response should contain errors" do
+        assert @resp['errors']
+        assert_equal @resp['errors'], [I18n.t("devise_token_auth.token_validations.invalid")]
+      end
+    end
   end
 end

data/test/dummy/app/controllers/application_controller.rb CHANGED

@@ -10,5 +10,6 @@ class ApplicationController < ActionController::Base
     devise_parameter_sanitizer.for(:sign_up) << :favorite_color
     devise_parameter_sanitizer.for(:account_update) << :operating_thetan
     devise_parameter_sanitizer.for(:account_update) << :favorite_color
+    devise_parameter_sanitizer.for(:account_update) << :current_password
   end
 end

data/test/dummy/app/controllers/custom/confirmations_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
+  def show
+    super do |resource|
+      @show_block_called = true
+    end
+  end
+  def show_block_called?
+    @show_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
+  def omniauth_success
+    super do |resource|
+      @omniauth_success_block_called = true
+    end
+  end
+  def omniauth_success_block_called?
+    @omniauth_success_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/passwords_controller.rb ADDED

@@ -0,0 +1,35 @@
+class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+  def edit
+    super do |resource|
+      @edit_block_called = true
+    end
+  end
+  def update
+    super do |resource|
+      @update_block_called = true
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def edit_block_called?
+    @edit_block_called == true
+  end
+  def update_block_called?
+    @update_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/sessions_controller.rb ADDED

@@ -0,0 +1,23 @@
+class Custom::SessionsController < DeviseTokenAuth::SessionsController
+  def create
+    super do |resource|
+      @create_block_called = true
+    end
+  end
+  def destroy
+    super do |resource|
+      @destroy_block_called = true
+    end
+  end
+  def create_block_called?
+    @create_block_called == true
+  end
+  def destroy_block_called?
+    @destroy_block_called == true
+  end
+end

data/test/dummy/app/controllers/custom/token_validations_controller.rb ADDED

@@ -0,0 +1,13 @@
+class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsController
+  def validate_token
+    super do |resource|
+      @validate_token_block_called = true
+    end
+  end
+  def validate_token_block_called?
+    @validate_token_block_called == true
+  end
+end

data/test/dummy/app/models/unconfirmable_user.rb ADDED

@@ -0,0 +1,8 @@
+class UnconfirmableUser < ActiveRecord::Base
+  # Include default devise modules.
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable,
+         :trackable, :validatable,
+         :omniauthable
+  include DeviseTokenAuth::Concerns::User
+end

data/test/dummy/config/application.rb CHANGED

@@ -19,5 +19,6 @@ module Dummy
     # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
+    config.autoload_paths << Rails.root.join('lib')
   end
 end

data/test/dummy/config/routes.rb CHANGED

@@ -20,13 +20,20 @@ Rails.application.routes.draw do
   }
   mount_devise_token_auth_for 'NiceUser', at: 'nice_user_auth', controllers: {
-    registrations: 'custom/registrations'
+    registrations: 'custom/registrations',
+    confirmations: 'custom/confirmations',
+    passwords: 'custom/passwords',
+    sessions: 'custom/sessions',
+    token_validations: 'custom/token_validations',
+    omniauth_callbacks: 'custom/omniauth_callbacks'
   }
   mount_devise_token_auth_for 'OnlyEmailUser', at: 'only_email_auth', skip: [:omniauth_callbacks]
   mount_devise_token_auth_for 'UnregisterableUser', at: 'unregisterable_user_auth', skip: [:registrations]
+  mount_devise_token_auth_for 'UnconfirmableUser', at: 'unconfirmable_user_auth'
   # test namespacing
   namespace :api do
     scope :v1 do

data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
   def change
     create_table(:users) do |t|
@@ -42,7 +44,11 @@ class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateMangs < ActiveRecord::Migration
   def change
     create_table(:mangs) do |t|
@@ -42,7 +44,11 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateEvilUsers < ActiveRecord::Migration
   def change
     create_table(:evil_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateEvilUsers < ActiveRecord::Migration
       t.string :uid, :null => false, :default => ""
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       ## etc.
       t.string :favorite_color

data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateOnlyEmailUsers < ActiveRecord::Migration
   def change
     create_table(:only_email_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateOnlyEmailUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateUnregisterableUsers < ActiveRecord::Migration
   def change
     create_table(:unregisterable_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateUnregisterableUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20150409095712_devise_token_auth_create_nice_users.rb CHANGED

@@ -1,3 +1,5 @@
+include MigrationDatabaseHelper
 class DeviseTokenAuthCreateNiceUsers < ActiveRecord::Migration
   def change
     create_table(:nice_users) do |t|
@@ -40,7 +42,11 @@ class DeviseTokenAuthCreateNiceUsers < ActiveRecord::Migration
       t.string :email
       ## Tokens
-      t.text :tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
       t.timestamps
     end

data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb ADDED

@@ -0,0 +1,60 @@
+include MigrationDatabaseHelper
+class DeviseTokenAuthCreateUnconfirmableUsers < ActiveRecord::Migration
+  def change
+    create_table(:unconfirmable_users) do |t|
+      ## Required
+      t.string :provider, :null => false
+      t.string :uid, :null => false, :default => ""
+      ## Database authenticatable
+      t.string :encrypted_password, :null => false, :default => ""
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      t.integer  :sign_in_count, :default => 0, :null => false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      # t.integer  :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
+      # t.string   :unlock_token # Only if unlock strategy is :email or :both
+      # t.datetime :locked_at
+      ## User Info
+      t.string :name
+      t.string :nickname
+      t.string :image
+      t.string :email
+      ## Tokens
+      if json_supported_database?
+        t.json :tokens
+      else
+        t.text :tokens
+      end
+      t.timestamps
+    end
+    add_index :unconfirmable_users, :email
+    add_index :unconfirmable_users, [:uid, :provider],     :unique => true
+    add_index :unconfirmable_users, :reset_password_token, :unique => true
+    # add_index :nice_users, :confirmation_token,   :unique => true
+    # add_index :nice_users, :unlock_token,         :unique => true
+  end
+end