devise_token_auth 0.1.42 → 0.1.43.beta1

data/lib/devise_token_auth/rails/routes.rb

@@ -12,7 +12,7 @@ module ActionDispatch::Routing
       confirmations_ctrl     = opts[:controllers][:confirmations] || "devise_token_auth/confirmations"
       token_validations_ctrl = opts[:controllers][:token_validations] || "devise_token_auth/token_validations"
       omniauth_ctrl          = opts[:controllers][:omniauth_callbacks] || "devise_token_auth/omniauth_callbacks"
-      unlocks_ctrl           = opts[:controllers][:unlocks]
+      unlocks_ctrl           = opts[:controllers][:unlocks] || "devise_token_auth/unlocks"
 
       # define devise controller mappings
       controllers = {:sessions           => sessions_ctrl,

data/lib/devise_token_auth/url.rb

@@ -14,7 +14,7 @@ module DeviseTokenAuth::Url
   end
 
   def self.whitelisted?(url)
-    !!DeviseTokenAuth.redirect_whitelist.find { |pattern| !!Wildcat.new(pattern).match(url) }
+    url.nil? || !!DeviseTokenAuth.redirect_whitelist.find { |pattern| !!Wildcat.new(pattern).match(url) }
   end
 
 

data/lib/devise_token_auth/version.rb

@@ -1,3 +1,3 @@
 module DeviseTokenAuth
-  VERSION = "0.1.42"
+  VERSION = '0.1.43.beta1'
 end

data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb

@@ -1,4 +1,4 @@
-class DeviseTokenAuthCreate<%= user_class.pluralize %> < ActiveRecord::Migration<%= '[' << Rails::VERSION::STRING[0..2] << ']'%>
+class DeviseTokenAuthCreate<%= user_class.pluralize %> < ActiveRecord::Migration<%= "[#{Rails::VERSION::STRING[0..2]}]" if Rails::VERSION::MAJOR > 4 %>
   def change
     create_table(:<%= user_class.pluralize.underscore %>) do |t|
       ## Required
@@ -11,6 +11,7 @@ class DeviseTokenAuthCreate<%= user_class.pluralize %> < ActiveRecord::Migration
       ## Recoverable
       t.string   :reset_password_token
       t.datetime :reset_password_sent_at
+      t.boolean  :allow_password_change, :default => false
 
       ## Rememberable
       t.datetime :remember_created_at

data/lib/generators/devise_token_auth/templates/user.rb

@@ -1,4 +1,4 @@
-class <%= user_class %> < ActiveRecord::Base
+class <%= user_class.capitalize %> < ActiveRecord::Base
   # Include default devise modules.
   devise :database_authenticatable, :registerable,
           :recoverable, :rememberable, :trackable, :validatable,

data/test/controllers/custom/custom_confirmations_controller_test.rb

@@ -1,26 +1,21 @@
 require 'test_helper'
 
 class Custom::ConfirmationsControllerTest < ActionController::TestCase
-
   describe Custom::ConfirmationsController do
-
     before do
       @redirect_url = Faker::Internet.url
       @new_user = users(:unconfirmed_email_user)
-      @new_user.send_confirmation_instructions({
-        redirect_url: @redirect_url
-      })
+      @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
       @mail          = ActionMailer::Base.deliveries.last
       @token         = @mail.body.match(/confirmation_token=([^&]*)&/)[1]
       @client_config = @mail.body.match(/config=([^&]*)&/)[1]
 
-      get :show, {confirmation_token: @token, redirect_url: @redirect_url}
+      get :show,
+          params: { confirmation_token: @token, redirect_url: @redirect_url }
     end
 
-    test "yield resource to block on show success" do
-      assert @controller.show_block_called?, "show failed to yield resource to provided block"
+    test 'yield resource to block on show success' do
+      assert @controller.show_block_called?, 'show failed to yield resource to provided block'
     end
-
   end
-
 end

data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb

@@ -1,30 +1,29 @@
 require 'test_helper'
 
 class Custom::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
-
   describe Custom::OmniauthCallbacksController do
-
     setup do
       OmniAuth.config.test_mode = true
-      OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new({
-        :provider => 'facebook',
-        :uid => '123545',
-        :info => {
+      OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(
+        provider: 'facebook',
+        uid: '123545',
+        info: {
           name: 'swong',
           email: 'swongsong@yandex.ru'
         }
-      })
+      )
     end
 
-    test "yield resource to block on omniauth_success success" do
-      @redirect_url = "http://ng-token-auth.dev/"
-      get_via_redirect '/nice_user_auth/facebook', {
-        auth_origin_url: @redirect_url,
-        omniauth_window_type: 'newWindow'
-      }
-      assert @controller.omniauth_success_block_called?, "omniauth_success failed to yield resource to provided block"
-    end
+    test 'yield resource to block on omniauth_success success' do
+      @redirect_url = 'http://ng-token-auth.dev/'
+      get '/nice_user_auth/facebook',
+          params: { auth_origin_url: @redirect_url,
+                    omniauth_window_type: 'newWindow' }
 
-  end
+      follow_all_redirects!
 
+      assert @controller.omniauth_success_block_called?,
+             'omniauth_success failed to yield resource to provided block'
+    end
+  end
 end

data/test/controllers/custom/custom_passwords_controller_test.rb

@@ -1,19 +1,16 @@
 require 'test_helper'
 
 class Custom::PasswordsControllerTest < ActionController::TestCase
-
   describe Custom::PasswordsController do
-
     before do
       @resource = users(:confirmed_email_user)
       @redirect_url = 'http://ng-token-auth.dev'
     end
 
-    test "yield resource to block on create success" do
-      post :create, {
-        email:        @resource.email,
-        redirect_url: @redirect_url
-      }
+    test 'yield resource to block on create success' do
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url }
 
       @mail = ActionMailer::Base.deliveries.last
       @resource.reload
@@ -22,17 +19,18 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
       @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
       @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
 
-      assert @controller.create_block_called?, "create failed to yield resource to provided block"
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
     end
 
-    test "yield resource to block on edit success" do
+    test 'yield resource to block on edit success' do
       @resource = users(:unconfirmed_email_user)
       @redirect_url = 'http://ng-token-auth.dev'
 
-      xhr :post, :create, {
-        email:        @resource.email,
-        redirect_url: @redirect_url
-      }
+      post :create,
+           params: { email:  @resource.email,
+                     redirect_url: @redirect_url },
+           xhr: true
 
       @mail = ActionMailer::Base.deliveries.last
       @resource.reload
@@ -41,41 +39,37 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
       @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
       @mail_reset_token  = @mail.body.match(/reset_password_token=(.*)\"/)[1]
 
-      xhr :get, :edit, {
-        reset_password_token: @mail_reset_token,
-        redirect_url: @mail_redirect_url
-      }
-
+      get :edit,
+          params: { reset_password_token: @mail_reset_token,
+                    redirect_url: @mail_redirect_url },
+          xhr: true
       @resource.reload
-      assert @controller.edit_block_called?, "edit failed to yield resource to provided block"
+      assert @controller.edit_block_called?,
+             'edit failed to yield resource to provided block'
     end
 
-    test "yield resource to block on update success" do
+    test 'yield resource to block on update success' do
       @auth_headers = @resource.create_new_auth_token
       request.headers.merge!(@auth_headers)
       @new_password = Faker::Internet.password
-      put :update, {
-        password: @new_password,
-        password_confirmation: @new_password
-      }
-      assert @controller.update_block_called?, "update failed to yield resource to provided block"
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
     end
 
-    test "yield resource to block on update success with custom json" do
+    test 'yield resource to block on update success with custom json' do
       @auth_headers = @resource.create_new_auth_token
       request.headers.merge!(@auth_headers)
       @new_password = Faker::Internet.password
-      put :update, {
-        password: @new_password,
-        password_confirmation: @new_password
-      }
+      put :update,
+          params: { password: @new_password,
+                    password_confirmation: @new_password }
 
       @data = JSON.parse(response.body)
 
-      assert @controller.update_block_called?, "update failed to yield resource to provided block"
-      assert_equal @data["custom"], "foo"
+      assert @controller.update_block_called?, 'update failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
     end
-
   end
-
 end

data/test/controllers/custom/custom_registrations_controller_test.rb

@@ -1,14 +1,12 @@
 require 'test_helper'
 
 class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
-
   describe Custom::RegistrationsController do
-
     setup do
       @create_params = {
         email: Faker::Internet.email,
-        password: "secret123",
-        password_confirmation: "secret123",
+        password: 'secret123',
+        password_confirmation: 'secret123',
         confirm_success_url: Faker::Internet.url,
         unpermitted_param: '(x_x)'
       }
@@ -21,32 +19,36 @@ class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
       age_token(@existing_user, @client_id)
     end
 
-    test "yield resource to block on create success" do
-      post '/nice_user_auth', @create_params
-      assert @controller.create_block_called?, "create failed to yield resource to provided block"
+    test 'yield resource to block on create success' do
+      post '/nice_user_auth', params: @create_params
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
     end
 
-    test "yield resource to block on create success with custom json" do
-      post '/nice_user_auth', @create_params
+    test 'yield resource to block on create success with custom json' do
+      post '/nice_user_auth', params: @create_params
 
       @data = JSON.parse(response.body)
 
-      assert @controller.create_block_called?, "create failed to yield resource to provided block"
-      assert_equal @data["custom"], "foo"
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
     end
 
-    test "yield resource to block on update success" do
-      put '/nice_user_auth', {
-        nickname: "Ol' Sunshine-face",
-      }, @auth_headers
-      assert @controller.update_block_called?, "update failed to yield resource to provided block"
+    test 'yield resource to block on update success' do
+      put '/nice_user_auth',
+          params: {
+            nickname: "Ol' Sunshine-face"
+          },
+          headers: @auth_headers
+      assert @controller.update_block_called?,
+             'update failed to yield resource to provided block'
     end
 
-    test "yield resource to block on destroy success" do
-      delete '/nice_user_auth', @auth_headers
-      assert @controller.destroy_block_called?, "destroy failed to yield resource to provided block"
+    test 'yield resource to block on destroy success' do
+      delete '/nice_user_auth', headers: @auth_headers
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
     end
-
   end
-
 end

data/test/controllers/custom/custom_sessions_controller_test.rb

@@ -1,39 +1,37 @@
 require 'test_helper'
 
 class Custom::SessionsControllerTest < ActionController::TestCase
-
   describe Custom::SessionsController do
-
     before do
       @existing_user = users(:confirmed_email_user)
       @existing_user.skip_confirmation!
       @existing_user.save!
     end
 
-    test "yield resource to block on create success" do
-      post :create, {
-        email: @existing_user.email,
-        password: 'secret123'
-      }
-      assert @controller.create_block_called?, "create failed to yield resource to provided block"
+    test 'yield resource to block on create success' do
+      post :create,
+           params: {
+             email: @existing_user.email,
+             password: 'secret123'
+           }
+      assert @controller.create_block_called?,
+             'create failed to yield resource to provided block'
     end
 
-    test "yield resource to block on destroy success" do
+    test 'yield resource to block on destroy success' do
       @auth_headers = @existing_user.create_new_auth_token
       request.headers.merge!(@auth_headers)
       delete :destroy, format: :json
-      assert @controller.destroy_block_called?, "destroy failed to yield resource to provided block"
+      assert @controller.destroy_block_called?,
+             'destroy failed to yield resource to provided block'
     end
 
-    test "render method override" do
-      post :create, {
-        email: @existing_user.email,
-        password: 'secret123'
-      }
+    test 'render method override' do
+      post :create,
+           params: { email: @existing_user.email,
+                     password: 'secret123' }
       @data = JSON.parse(response.body)
-      assert_equal @data["custom"], "foo"
+      assert_equal @data['custom'], 'foo'
     end
-
   end
-
 end

data/test/controllers/custom/custom_token_validations_controller_test.rb

@@ -1,9 +1,7 @@
 require 'test_helper'
 
 class Custom::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
-
   describe Custom::TokenValidationsController do
-
     before do
       @resource = nice_users(:confirmed_email_user)
       @resource.skip_confirmation!
@@ -19,20 +17,24 @@ class Custom::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
       age_token(@resource, @client_id)
     end
 
-    test "yield resource to block on validate_token success" do
-      get '/nice_user_auth/validate_token', {}, @auth_headers
-      assert @controller.validate_token_block_called?, "validate_token failed to yield resource to provided block"
+    test 'yield resource to block on validate_token success' do
+      get '/nice_user_auth/validate_token',
+          params: {},
+          headers: @auth_headers
+      assert @controller.validate_token_block_called?,
+             'validate_token failed to yield resource to provided block'
     end
 
-    test "yield resource to block on validate_token success with custom json" do
-      get '/nice_user_auth/validate_token', {}, @auth_headers
+    test 'yield resource to block on validate_token success with custom json' do
+      get '/nice_user_auth/validate_token',
+          params: {},
+          headers: @auth_headers
 
       @data = JSON.parse(response.body)
 
-      assert @controller.validate_token_block_called?, "validate_token failed to yield resource to provided block"
-      assert_equal @data["custom"], "foo"
+      assert @controller.validate_token_block_called?,
+             'validate_token failed to yield resource to provided block'
+      assert_equal @data['custom'], 'foo'
     end
-
   end
-
 end

data/test/controllers/demo_group_controller_test.rb

@@ -8,7 +8,7 @@ require 'test_helper'
 
 class DemoGroupControllerTest < ActionDispatch::IntegrationTest
   describe DemoGroupController do
-    describe "Token access" do
+    describe 'Token access' do
       before do
         # user
         @resource = users(:confirmed_email_user)
@@ -38,7 +38,9 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
           # ensure that request is not treated as batch request
           age_token(@resource, @resource_client_id)
 
-          get '/demo/members_only_group', {}, @resource_auth_headers
+          get '/demo/members_only_group',
+              params: {},
+              headers: @resource_auth_headers
 
           @resp_token       = response.headers['access-token']
           @resp_client_id   = response.headers['client']
@@ -74,6 +76,10 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
           it 'should define member_signed_in?' do
             assert @controller.current_members.include? @resource
           end
+
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
         end
       end
 
@@ -82,7 +88,9 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
           # ensure that request is not treated as batch request
           age_token(@mang, @mang_client_id)
 
-          get '/demo/members_only_group', {}, @mang_auth_headers
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers
 
           @resp_token       = response.headers['access-token']
           @resp_client_id   = response.headers['client']
@@ -118,12 +126,18 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
           it 'should define member_signed_in?' do
             assert @controller.current_members.include? @mang
           end
+
+          it 'should define render_authenticate_error' do
+            assert @controller.methods.include?(:render_authenticate_error)
+          end
         end
       end
 
       describe 'failed access' do
         before do
-          get '/demo/members_only_group', {}, @mang_auth_headers.merge({'access-token' => "bogus"})
+          get '/demo/members_only_group',
+              params: {},
+              headers: @mang_auth_headers.merge('access-token' => 'bogus')
         end
 
         it 'should not return any auth headers' do
@@ -132,7 +146,7 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
 
         it 'should return error: unauthorized status' do
           assert_equal 401, response.status
-        end      
+        end
       end
     end
   end