devise_token_auth 0.1.37 → 0.1.38
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of devise_token_auth might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +4 -3
- data/app/controllers/devise_token_auth/application_controller.rb +24 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +21 -4
- data/app/controllers/devise_token_auth/confirmations_controller.rb +1 -1
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +7 -5
- data/app/controllers/devise_token_auth/passwords_controller.rb +9 -10
- data/app/controllers/devise_token_auth/registrations_controller.rb +13 -13
- data/app/controllers/devise_token_auth/sessions_controller.rb +3 -3
- data/app/controllers/devise_token_auth/token_validations_controller.rb +3 -3
- data/app/models/devise_token_auth/concerns/user.rb +18 -35
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +28 -0
- data/config/initializers/devise.rb +1 -1
- data/config/locales/de.yml +1 -1
- data/config/locales/ja.yml +47 -0
- data/config/locales/nl.yml +31 -0
- data/lib/devise_token_auth/controllers/helpers.rb +6 -0
- data/lib/devise_token_auth/engine.rb +9 -1
- data/lib/devise_token_auth/rails/routes.rb +3 -2
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +3 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +12 -1
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +1 -1
- data/test/controllers/demo_group_controller_test.rb +14 -1
- data/test/controllers/demo_user_controller_test.rb +54 -5
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +10 -6
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +1 -1
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +3 -3
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +9 -9
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +15 -0
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/dummy/app/controllers/custom/confirmations_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/passwords_controller.rb +3 -3
- data/test/dummy/app/controllers/custom/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/custom/sessions_controller.rb +2 -2
- data/test/dummy/app/controllers/custom/token_validations_controller.rb +1 -1
- data/test/dummy/app/controllers/demo_user_controller.rb +13 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
- data/test/dummy/config/application.rb +2 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/tmp/generators/app/models/user.rb +7 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +48 -0
- data/test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb +54 -0
- data/test/lib/devise_token_auth/url_test.rb +19 -23
- data/test/test_helper.rb +1 -1
- metadata +16 -11
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
@@ -0,0 +1,28 @@
|
|
1
|
+
module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
|
2
|
+
extend ActiveSupport::Concern
|
3
|
+
|
4
|
+
included do
|
5
|
+
validates :email, presence: true, email: true, if: Proc.new { |u| u.provider == 'email' }
|
6
|
+
validates_presence_of :uid, if: Proc.new { |u| u.provider != 'email' }
|
7
|
+
|
8
|
+
# only validate unique emails among email registration users
|
9
|
+
validate :unique_email_user, on: :create
|
10
|
+
|
11
|
+
# keep uid in sync with email
|
12
|
+
before_save :sync_uid
|
13
|
+
before_create :sync_uid
|
14
|
+
end
|
15
|
+
|
16
|
+
protected
|
17
|
+
|
18
|
+
# only validate unique email among users that registered by email
|
19
|
+
def unique_email_user
|
20
|
+
if provider == 'email' and self.class.where(provider: 'email', email: email).count > 0
|
21
|
+
errors.add(:email, I18n.t("errors.messages.already_in_use"))
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def sync_uid
|
26
|
+
self.uid = email if provider == 'email'
|
27
|
+
end
|
28
|
+
end
|
@@ -142,7 +142,7 @@ Devise.setup do |config|
|
|
142
142
|
# Email regex used to validate email formats. It simply asserts that
|
143
143
|
# one (and only one) @ exists in the given string. This is mainly
|
144
144
|
# to give user feedback and not to assert the e-mail validity.
|
145
|
-
|
145
|
+
config.email_regexp = /\A[^@\s]+@([^@\s]+\.)+[^@\W]+\z/
|
146
146
|
|
147
147
|
# ==> Configuration for :timeoutable
|
148
148
|
# The time you want to timeout the user session without activity. After this
|
data/config/locales/de.yml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
de:
|
2
2
|
devise_token_auth:
|
3
3
|
sessions:
|
4
|
-
not_confirmed: "Ein E-Mail zu Bestätigung wurde an Ihre Adresse '%{email}'
|
4
|
+
not_confirmed: "Ein E-Mail zu Bestätigung wurde an Ihre Adresse '%{email}' gesendet. Sie müssen den Anleitungsschritten im E-Mail folgen, um Ihren Account zu aktivieren"
|
5
5
|
bad_credentials: "Ungültige Anmeldeinformationen. Bitte versuchen Sie es erneut."
|
6
6
|
not_supported: "Verwenden Sie POST /sign_in zur Anmeldung. GET wird nicht unterstützt."
|
7
7
|
user_not_found: "Benutzer wurde nicht gefunden oder konnte nicht angemeldet werden."
|
@@ -0,0 +1,47 @@
|
|
1
|
+
ja:
|
2
|
+
devise_token_auth:
|
3
|
+
sessions:
|
4
|
+
not_confirmed: "'%{email}' に確認用のメールを送信しました。メール内の説明を読み、アカウントの有効化をしてください。"
|
5
|
+
bad_credentials: "ログイン用の認証情報が正しくありません。再度お試しください。"
|
6
|
+
not_supported: "/sign_in に GET はサポートされていません。POST をお使いください。"
|
7
|
+
user_not_found: "ユーザーが見つからないか、ログインしていません。"
|
8
|
+
token_validations:
|
9
|
+
invalid: "ログイン用の認証情報が正しくありません。"
|
10
|
+
registrations:
|
11
|
+
missing_confirm_success_url: "'confirm_success_url' パラメータが与えられていません。"
|
12
|
+
redirect_url_not_allowed: "'%{redirect_url}' へのリダイレクトは許可されていません。"
|
13
|
+
email_already_exists: "'%{email}' のアカウントはすでに存在しています。"
|
14
|
+
account_with_uid_destroyed: "'%{uid}' のアカウントは削除されました。"
|
15
|
+
account_to_destroy_not_found: "削除するアカウントが見つかりません。"
|
16
|
+
user_not_found: "ユーザーが見つかりません。"
|
17
|
+
passwords:
|
18
|
+
missing_email: "メールアドレスが与えられていません。"
|
19
|
+
missing_redirect_url: "リダイレクト URL が与えられていません。"
|
20
|
+
not_allowed_redirect_url: "'%{redirect_url}' へのリダイレクトは許可されていません。"
|
21
|
+
sended: "'%{email}' にパスワードリセットの案内が送信されました。"
|
22
|
+
user_not_found: "メールアドレス '%{email}' のユーザーが見つかりません。"
|
23
|
+
password_not_required: "このアカウントはパスワードを要求していません。'%{provider}' を利用してログインしてください。"
|
24
|
+
missing_passwords: "'Password', 'Password confirmation' パラメータが与えられていません。"
|
25
|
+
successfully_updated: "パスワードの更新に成功しました。"
|
26
|
+
errors:
|
27
|
+
messages:
|
28
|
+
already_in_use: "すでに利用されています。"
|
29
|
+
validate_sign_up_params: "リクエストボディに適切なアカウント新規登録データを送信してください。"
|
30
|
+
validate_account_update_params: "リクエストボディに適切なアカウント更新のデータを送信してください。"
|
31
|
+
not_email: "はメールアドレスではありません"
|
32
|
+
devise:
|
33
|
+
mailer:
|
34
|
+
confirmation_instructions:
|
35
|
+
confirm_link_msg: "下記のリンクからアカウントを有効化できます:"
|
36
|
+
confirm_account_link: "アカウントを有効化する"
|
37
|
+
reset_password_instructions:
|
38
|
+
request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更をできます。"
|
39
|
+
password_change_link: "パスワードを変更する"
|
40
|
+
ignore_mail_msg: "もしこの内容に覚えがない場合は、このメールを無視してください。"
|
41
|
+
no_changes_msg: "上記のリンクにアクセスして新しいパスワードを作成するまで、現在のパスワードは変更されません。"
|
42
|
+
unlock_instructions:
|
43
|
+
account_lock_msg: "連続してログインに失敗したため、あなたのアカウントはロックされました。"
|
44
|
+
unlock_link_msg: "下記のリンクをクリックしてアカウントを有効化してください:"
|
45
|
+
unlock_link: "アカウントを有効化する"
|
46
|
+
hello: "こんにちは"
|
47
|
+
welcome: "ようこそ"
|
@@ -0,0 +1,31 @@
|
|
1
|
+
nl:
|
2
|
+
devise_token_auth:
|
3
|
+
sessions:
|
4
|
+
not_confirmed: "Een bevestingsmail is verzonden naar het adres '%{email}'. Volg de instructies in de mail om uw account te activeren."
|
5
|
+
bad_credentials: 'Ongeldige logingegevens.'
|
6
|
+
not_supported: "Gebruik POST /sign_in om in te loggen. GET wordt niet ondersteund."
|
7
|
+
user_not_found: "Gebruiker is niet gevonden of niet ingelogd."
|
8
|
+
token_validations:
|
9
|
+
invalid: "Ongeldige logingegevens."
|
10
|
+
registrations:
|
11
|
+
missing_confirm_success_url: "Parameter 'confirm_success_url' ontbreekt."
|
12
|
+
redirect_url_not_allowed: "Redirect naar '%{redirect_url}' niet toegestaan."
|
13
|
+
email_already_exists: "Er bestaat al een account voor het adres '%{email}'"
|
14
|
+
account_with_uid_destroyed: "Account met id '%{uid}' is verwijderd."
|
15
|
+
account_to_destroy_not_found: "Te verwijderen account niet gevonden."
|
16
|
+
user_not_found: "Gebruiker niet gevonden."
|
17
|
+
passwords:
|
18
|
+
missing_email: "Je moet een e-mailadres opgeven."
|
19
|
+
missing_redirect_url: "Redirect URL ontbreekt."
|
20
|
+
not_allowed_redirect_url: "Redirect naar '%{redirect_url}' niet toegestaan."
|
21
|
+
sended: "Er is een e-mail naar '%{email}' verstuurd met instructies om uw wachtwoord te resetten."
|
22
|
+
user_not_found: "Kan gebruiker met e-mail '%{email}' niet vinden."
|
23
|
+
password_not_required: "Voor dit account is geen wachtwoord nodig. Log in met uw '%{provider}' account."
|
24
|
+
missing_passwords: "De velden 'Wachtwoord' en 'Wachtwoord bevestiging' zijn verplicht."
|
25
|
+
successfully_updated: "Uw wachtwoord is aangepast."
|
26
|
+
errors:
|
27
|
+
messages:
|
28
|
+
already_in_use: "al in gebruik"
|
29
|
+
validate_sign_up_params: "Gegevens voor aanmaken van het account zijn niet geldig."
|
30
|
+
validate_account_update_params: "Gegevens voor updaten van het account zijn niet geldig."
|
31
|
+
not_email: "is geen geldig e-emailadres"
|
@@ -19,7 +19,9 @@ module DeviseTokenAuth
|
|
19
19
|
:redirect_whitelist,
|
20
20
|
:check_current_password_before_update,
|
21
21
|
:enable_standard_devise_support,
|
22
|
-
:remove_tokens_after_password_reset
|
22
|
+
:remove_tokens_after_password_reset,
|
23
|
+
:default_callbacks,
|
24
|
+
:headers_names
|
23
25
|
|
24
26
|
self.change_headers_on_each_request = true
|
25
27
|
self.max_number_of_devices = 10
|
@@ -32,6 +34,12 @@ module DeviseTokenAuth
|
|
32
34
|
self.check_current_password_before_update = false
|
33
35
|
self.enable_standard_devise_support = false
|
34
36
|
self.remove_tokens_after_password_reset = false
|
37
|
+
self.default_callbacks = true
|
38
|
+
self.headers_names = {:'access-token' => 'access-token',
|
39
|
+
:'client' => 'client',
|
40
|
+
:'expiry' => 'expiry',
|
41
|
+
:'uid' => 'uid',
|
42
|
+
:'token-type' => 'token-type' }
|
35
43
|
|
36
44
|
def self.setup(&block)
|
37
45
|
yield self
|
@@ -58,8 +58,8 @@ module ActionDispatch::Routing
|
|
58
58
|
match "#{full_path}/failure", controller: omniauth_ctrl, action: "omniauth_failure", via: [:get]
|
59
59
|
match "#{full_path}/:provider/callback", controller: omniauth_ctrl, action: "omniauth_success", via: [:get]
|
60
60
|
|
61
|
-
match "#{DeviseTokenAuth.omniauth_prefix}/:provider/callback", controller: omniauth_ctrl, action: "redirect_callbacks", via: [:get]
|
62
|
-
match "#{DeviseTokenAuth.omniauth_prefix}/failure", controller: omniauth_ctrl, action: "omniauth_failure", via: [:get]
|
61
|
+
match "#{DeviseTokenAuth.omniauth_prefix}/:provider/callback", controller: omniauth_ctrl, action: "redirect_callbacks", via: [:get, :post]
|
62
|
+
match "#{DeviseTokenAuth.omniauth_prefix}/failure", controller: omniauth_ctrl, action: "omniauth_failure", via: [:get, :post]
|
63
63
|
|
64
64
|
# preserve the resource class thru oauth authentication by setting name of
|
65
65
|
# resource as "resource_class" param
|
@@ -69,6 +69,7 @@ module ActionDispatch::Routing
|
|
69
69
|
|
70
70
|
# append name of current resource
|
71
71
|
qs["resource_class"] = [resource]
|
72
|
+
qs["namespace_name"] = [namespace_name] if namespace_name
|
72
73
|
|
73
74
|
set_omniauth_path_prefix!(DeviseTokenAuth.omniauth_prefix)
|
74
75
|
|
@@ -29,7 +29,9 @@ module DeviseTokenAuth
|
|
29
29
|
else
|
30
30
|
inclusion = "include DeviseTokenAuth::Concerns::User"
|
31
31
|
unless parse_file_for_line(fname, inclusion)
|
32
|
-
|
32
|
+
|
33
|
+
active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
34
|
+
inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do <<-'RUBY'
|
33
35
|
# Include default devise modules.
|
34
36
|
devise :database_authenticatable, :registerable,
|
35
37
|
:recoverable, :rememberable, :trackable, :validatable,
|
@@ -30,8 +30,19 @@ DeviseTokenAuth.setup do |config|
|
|
30
30
|
# password is updated.
|
31
31
|
# config.check_current_password_before_update = :attributes
|
32
32
|
|
33
|
+
# By default we will use callbacks for single omniauth.
|
34
|
+
# It depends on fields like email, provider and uid.
|
35
|
+
# config.default_callbacks = true
|
36
|
+
|
37
|
+
# Makes it possible to change the headers names
|
38
|
+
# config.headers_names = {:'access-token' => 'access-token',
|
39
|
+
# :'client' => 'client',
|
40
|
+
# :'expiry' => 'expiry',
|
41
|
+
# :'uid' => 'uid',
|
42
|
+
# :'token-type' => 'token-type' }
|
43
|
+
|
33
44
|
# By default, only Bearer Token authentication is implemented out of the box.
|
34
45
|
# If, however, you wish to integrate with legacy Devise authentication, you can
|
35
46
|
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
36
|
-
# enable_standard_devise_support = false
|
47
|
+
# config.enable_standard_devise_support = false
|
37
48
|
end
|
@@ -16,7 +16,7 @@ class Custom::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
|
|
16
16
|
})
|
17
17
|
end
|
18
18
|
|
19
|
-
test "yield resource to block on
|
19
|
+
test "yield resource to block on omniauth_success success" do
|
20
20
|
@redirect_url = "http://ng-token-auth.dev/"
|
21
21
|
get_via_redirect '/nice_user_auth/facebook', {
|
22
22
|
auth_origin_url: @redirect_url,
|
@@ -120,7 +120,20 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
|
|
120
120
|
end
|
121
121
|
end
|
122
122
|
end
|
123
|
+
|
124
|
+
describe 'failed access' do
|
125
|
+
before do
|
126
|
+
get '/demo/members_only_group', {}, @mang_auth_headers.merge({'access-token' => "bogus"})
|
127
|
+
end
|
128
|
+
|
129
|
+
it 'should not return any auth headers' do
|
130
|
+
refute response.headers['access-token']
|
131
|
+
end
|
132
|
+
|
133
|
+
it 'should return error: unauthorized status' do
|
134
|
+
assert_equal 401, response.status
|
135
|
+
end
|
136
|
+
end
|
123
137
|
end
|
124
138
|
end
|
125
139
|
end
|
126
|
-
|
@@ -315,17 +315,67 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
315
315
|
assert 200, response.status
|
316
316
|
end
|
317
317
|
|
318
|
-
describe 'another device should not be
|
318
|
+
describe 'another device should not be able to login' do
|
319
319
|
|
320
320
|
it 'should return forbidden status' do
|
321
321
|
get '/demo/members_only', {}, @old_auth_headers
|
322
322
|
assert 401, response.status
|
323
323
|
end
|
324
|
-
|
324
|
+
|
325
|
+
end
|
326
|
+
|
327
|
+
end
|
328
|
+
|
329
|
+
describe 'request including destroy of token' do
|
330
|
+
describe 'when change_headers_on_each_request is set to false' do
|
331
|
+
before do
|
332
|
+
DeviseTokenAuth.change_headers_on_each_request = false
|
333
|
+
age_token(@resource, @client_id)
|
334
|
+
|
335
|
+
get '/demo/members_only_remove_token', {}, @auth_headers
|
336
|
+
end
|
337
|
+
|
338
|
+
after do
|
339
|
+
DeviseTokenAuth.change_headers_on_each_request = true
|
340
|
+
end
|
341
|
+
|
342
|
+
it 'should not return auth-headers' do
|
343
|
+
refute response.headers['access-token']
|
344
|
+
end
|
325
345
|
end
|
326
346
|
|
347
|
+
describe 'when change_headers_on_each_request is set to true' do
|
348
|
+
before do
|
349
|
+
age_token(@resource, @client_id)
|
350
|
+
get '/demo/members_only_remove_token', {}, @auth_headers
|
351
|
+
end
|
352
|
+
|
353
|
+
it 'should not return auth-headers' do
|
354
|
+
refute response.headers['access-token']
|
355
|
+
end
|
356
|
+
end
|
327
357
|
end
|
328
358
|
|
359
|
+
describe 'when access-token name has been changed' do
|
360
|
+
before do
|
361
|
+
# ensure that request is not treated as batch request
|
362
|
+
DeviseTokenAuth.headers_names[:'access-token'] = 'new-access-token'
|
363
|
+
auth_headers_modified = @resource.create_new_auth_token
|
364
|
+
client_id = auth_headers_modified['client']
|
365
|
+
age_token(@resource, client_id)
|
366
|
+
|
367
|
+
get '/demo/members_only', {}, auth_headers_modified
|
368
|
+
@resp_token = response.headers['new-access-token']
|
369
|
+
end
|
370
|
+
|
371
|
+
it 'should have "new-access-token" header' do
|
372
|
+
assert @resp_token.present?
|
373
|
+
end
|
374
|
+
|
375
|
+
after do
|
376
|
+
DeviseTokenAuth.headers_names[:'access-token'] = 'access-token'
|
377
|
+
end
|
378
|
+
end
|
329
379
|
end
|
330
380
|
|
331
381
|
describe 'enable_standard_devise_support' do
|
@@ -364,8 +414,8 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
364
414
|
it 'should not define current_mang' do
|
365
415
|
refute_equal @resource, @controller.current_mang
|
366
416
|
end
|
367
|
-
|
368
|
-
|
417
|
+
|
418
|
+
|
369
419
|
it 'should increase the number of tokens by a factor of 2 up to 11' do
|
370
420
|
@first_token = @resource.tokens.keys.first
|
371
421
|
|
@@ -459,6 +509,5 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
|
|
459
509
|
end
|
460
510
|
|
461
511
|
end
|
462
|
-
|
463
512
|
end
|
464
513
|
end
|
@@ -8,6 +8,12 @@ require 'test_helper'
|
|
8
8
|
|
9
9
|
class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
|
10
10
|
describe DeviseTokenAuth::ConfirmationsController do
|
11
|
+
def token_and_client_config_from(body)
|
12
|
+
token = body.match(/confirmation_token=([^&]*)&/)[1]
|
13
|
+
client_config = body.match(/config=([^&]*)&/)[1]
|
14
|
+
[token, client_config]
|
15
|
+
end
|
16
|
+
|
11
17
|
describe "Confirmation" do
|
12
18
|
before do
|
13
19
|
@redirect_url = Faker::Internet.url
|
@@ -15,9 +21,8 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
15
21
|
@new_user.send_confirmation_instructions({
|
16
22
|
redirect_url: @redirect_url
|
17
23
|
})
|
18
|
-
|
19
|
-
@token
|
20
|
-
@client_config = @mail.body.match(/config=([^&]*)&/)[1]
|
24
|
+
mail = ActionMailer::Base.deliveries.last
|
25
|
+
@token, @client_config = token_and_client_config_from(mail.body)
|
21
26
|
end
|
22
27
|
|
23
28
|
test 'should generate raw token' do
|
@@ -74,9 +79,8 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
|
|
74
79
|
|
75
80
|
@new_user.send_confirmation_instructions(client_config: @config_name)
|
76
81
|
|
77
|
-
|
78
|
-
@token
|
79
|
-
@client_config = @mail.body.match(/config=(.*)\&/)[1]
|
82
|
+
mail = ActionMailer::Base.deliveries.last
|
83
|
+
@token, @client_config = token_and_client_config_from(mail.body)
|
80
84
|
end
|
81
85
|
|
82
86
|
test 'should generate raw token' do
|
@@ -263,7 +263,7 @@ class OmniauthTest < ActionDispatch::IntegrationTest
|
|
263
263
|
assert_equal({"error"=>"invalid_credentials", "message"=>"authFailure"}, data)
|
264
264
|
end
|
265
265
|
|
266
|
-
test 'renders
|
266
|
+
test 'renders something with no auth_origin_url' do
|
267
267
|
get_via_redirect '/auth/facebook'
|
268
268
|
assert_equal 200, response.status
|
269
269
|
assert_select "body", "invalid_credentials"
|
@@ -256,7 +256,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
|
|
256
256
|
redirect_url: @bad_redirect_url
|
257
257
|
}
|
258
258
|
|
259
|
-
assert_equal
|
259
|
+
assert_equal 422, response.status
|
260
260
|
end
|
261
261
|
test "request to non-whitelisted redirect should return error message" do
|
262
262
|
xhr :post, :create, {
|
@@ -380,8 +380,8 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
|
|
380
380
|
end
|
381
381
|
|
382
382
|
test "request should return success message" do
|
383
|
-
assert @data["
|
384
|
-
assert_equal @data["
|
383
|
+
assert @data["message"]
|
384
|
+
assert_equal @data["message"], I18n.t("devise_token_auth.passwords.successfully_updated")
|
385
385
|
end
|
386
386
|
|
387
387
|
test "new password should authenticate user" do
|
@@ -131,7 +131,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
131
131
|
}
|
132
132
|
@data = JSON.parse(response.body)
|
133
133
|
|
134
|
-
assert_equal
|
134
|
+
assert_equal 422, response.status
|
135
135
|
assert @data["errors"]
|
136
136
|
assert_equal @data["errors"], [I18n.t("devise_token_auth.registrations.redirect_url_not_allowed", redirect_url: @bad_redirect_url)]
|
137
137
|
end
|
@@ -147,7 +147,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
147
147
|
unpermitted_param: '(x_x)'
|
148
148
|
}
|
149
149
|
|
150
|
-
assert_equal
|
150
|
+
assert_equal 422, response.status
|
151
151
|
end
|
152
152
|
|
153
153
|
test "request to non-whitelisted redirect should fail" do
|
@@ -311,7 +311,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
311
311
|
end
|
312
312
|
|
313
313
|
test "request should not be successful" do
|
314
|
-
assert_equal
|
314
|
+
assert_equal 422, response.status
|
315
315
|
end
|
316
316
|
|
317
317
|
test "user should not have been created" do
|
@@ -340,7 +340,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
340
340
|
end
|
341
341
|
|
342
342
|
test "request should not be successful" do
|
343
|
-
assert_equal
|
343
|
+
assert_equal 422, response.status
|
344
344
|
end
|
345
345
|
|
346
346
|
test "user should not have been created" do
|
@@ -370,7 +370,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
370
370
|
end
|
371
371
|
|
372
372
|
test "request should not be successful" do
|
373
|
-
assert_equal
|
373
|
+
assert_equal 422, response.status
|
374
374
|
end
|
375
375
|
|
376
376
|
test "user should have been created" do
|
@@ -402,7 +402,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
402
402
|
end
|
403
403
|
|
404
404
|
test "request should not be successful" do
|
405
|
-
assert_equal
|
405
|
+
assert_equal 422, response.status
|
406
406
|
end
|
407
407
|
|
408
408
|
test "user should have been created" do
|
@@ -563,7 +563,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
563
563
|
end
|
564
564
|
|
565
565
|
test "Request was NOT successful" do
|
566
|
-
assert_equal
|
566
|
+
assert_equal 422, response.status
|
567
567
|
end
|
568
568
|
|
569
569
|
test "Errors were provided with response" do
|
@@ -627,7 +627,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
627
627
|
|
628
628
|
test "Request was NOT successful" do
|
629
629
|
put "/auth", @request_params, @auth_headers
|
630
|
-
assert_equal
|
630
|
+
assert_equal 422, response.status
|
631
631
|
end
|
632
632
|
end
|
633
633
|
end
|
@@ -671,7 +671,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
|
|
671
671
|
|
672
672
|
test "Request was NOT successful" do
|
673
673
|
put "/auth", @request_params, @auth_headers
|
674
|
-
assert_equal
|
674
|
+
assert_equal 422, response.status
|
675
675
|
end
|
676
676
|
end
|
677
677
|
end
|