RubyGems - devise_token_auth - Versions diffs - 0.2.0 → 1.0.0.rc1 - Mend

devise_token_auth 0.2.0 → 1.0.0.rc1

Potentially problematic release.

This version of devise_token_auth might be problematic. Click here for more details.

Files changed (92) hide show

data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb CHANGED

@@ -1,7 +1,7 @@
 class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRecord::Migration<%= "[#{Rails::VERSION::STRING[0..2]}]" if Rails::VERSION::MAJOR > 4 %>
   def change
     <% table_name = @user_class.pluralize.gsub("::","").underscore %>
-    create_table(:<%= table_name %>) do |t|
+    create_table(:<%= table_name %><%= primary_key_type %>) do |t|
       ## Required
       t.string :provider, :null => false, :default => "email"
       t.string :uid, :null => false, :default => ""

data/lib/generators/devise_token_auth/templates/{user.rb → user.rb.erb} RENAMED

File without changes

data/test/controllers/custom/custom_confirmations_controller_test.rb CHANGED

@@ -4,9 +4,11 @@ require 'test_helper'
 class Custom::ConfirmationsControllerTest < ActionController::TestCase
   describe Custom::ConfirmationsController do
+    include CustomControllersRoutes
     before do
       @redirect_url = Faker::Internet.url
-      @new_user = users(:unconfirmed_email_user)
+      @new_user = create(:user)
       @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
       @mail          = ActionMailer::Base.deliveries.last
       @token         = @mail.body.match(/confirmation_token=([^&]*)&/)[1]

data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb CHANGED

@@ -4,6 +4,8 @@ require 'test_helper'
 class Custom::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
   describe Custom::OmniauthCallbacksController do
+    include CustomControllersRoutes
     setup do
       OmniAuth.config.test_mode = true
       OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(

data/test/controllers/custom/custom_passwords_controller_test.rb CHANGED

@@ -4,8 +4,10 @@ require 'test_helper'
 class Custom::PasswordsControllerTest < ActionController::TestCase
   describe Custom::PasswordsController do
+    include CustomControllersRoutes
     before do
-      @resource = users(:confirmed_email_user)
+      @resource = create(:user, :confirmed)
       @redirect_url = 'http://ng-token-auth.dev'
     end
@@ -26,7 +28,7 @@ class Custom::PasswordsControllerTest < ActionController::TestCase
     end
     test 'yield resource to block on edit success' do
-      @resource = users(:unconfirmed_email_user)
+      @resource = create(:user)
       @redirect_url = 'http://ng-token-auth.dev'
       post :create,

data/test/controllers/custom/custom_registrations_controller_test.rb CHANGED

@@ -4,16 +4,14 @@ require 'test_helper'
 class Custom::RegistrationsControllerTest < ActionDispatch::IntegrationTest
   describe Custom::RegistrationsController do
-    setup do
-      @create_params = {
-        email: Faker::Internet.email,
-        password: 'secret123',
-        password_confirmation: 'secret123',
+    include CustomControllersRoutes
+    before do
+      @create_params = attributes_for(:user,
         confirm_success_url: Faker::Internet.url,
-        unpermitted_param: '(x_x)'
-      }
+        unpermitted_param: '(x_x)')
-      @existing_user = nice_users(:confirmed_email_user)
+      @existing_user = create(:user, :confirmed)
       @auth_headers  = @existing_user.create_new_auth_token
       @client_id     = @auth_headers['client']

data/test/controllers/custom/custom_sessions_controller_test.rb CHANGED

@@ -4,17 +4,17 @@ require 'test_helper'
 class Custom::SessionsControllerTest < ActionController::TestCase
   describe Custom::SessionsController do
+    include CustomControllersRoutes
     before do
-      @existing_user = users(:confirmed_email_user)
-      @existing_user.skip_confirmation!
-      @existing_user.save!
+      @existing_user = create(:user, :confirmed)
     end
     test 'yield resource to block on create success' do
       post :create,
            params: {
              email: @existing_user.email,
-             password: 'secret123'
+             password: @existing_user.password
            }
       assert @controller.create_block_called?,
              'create failed to yield resource to provided block'
@@ -31,7 +31,7 @@ class Custom::SessionsControllerTest < ActionController::TestCase
     test 'render method override' do
       post :create,
            params: { email: @existing_user.email,
-                     password: 'secret123' }
+                     password: @existing_user.password }
       @data = JSON.parse(response.body)
       assert_equal @data['custom'], 'foo'
     end

data/test/controllers/custom/custom_token_validations_controller_test.rb CHANGED

@@ -4,10 +4,10 @@ require 'test_helper'
 class Custom::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
   describe Custom::TokenValidationsController do
+    include CustomControllersRoutes
     before do
-      @resource = nice_users(:confirmed_email_user)
-      @resource.skip_confirmation!
-      @resource.save!
+      @resource = create(:user, :confirmed)
       @auth_headers = @resource.create_new_auth_token

data/test/controllers/demo_group_controller_test.rb CHANGED

@@ -13,9 +13,7 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
     describe 'Token access' do
       before do
         # user
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
         @resource_auth_headers = @resource.create_new_auth_token
@@ -24,9 +22,7 @@ class DemoGroupControllerTest < ActionDispatch::IntegrationTest
         @resource_expiry    = @resource_auth_headers['expiry']
         # mang
-        @mang = mangs(:confirmed_email_user)
-        @mang.skip_confirmation!
-        @mang.save!
+        @mang = create(:mang_user, :confirmed)
         @mang_auth_headers = @mang.create_new_auth_token

data/test/controllers/demo_mang_controller_test.rb CHANGED

@@ -12,9 +12,7 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
   describe DemoMangController do
     describe 'Token access' do
       before do
-        @resource = mangs(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:mang_user, :confirmed)
         @auth_headers = @resource.create_new_auth_token
@@ -216,7 +214,7 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
           end
           it 'should not return auth headers for second (batched) requests' do
-            refute @second_access_token
+            assert_equal ' ', @second_access_token
           end
         end
@@ -284,4 +282,3 @@ class DemoMangControllerTest < ActionDispatch::IntegrationTest
     end
   end
 end

data/test/controllers/demo_user_controller_test.rb CHANGED

@@ -13,9 +13,7 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
   describe DemoUserController do
     describe 'Token access' do
       before do
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
         @auth_headers = @resource.create_new_auth_token
@@ -217,7 +215,7 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
           end
           it 'should not return auth headers for second (batched) requests' do
-            refute @second_access_token
+            assert_equal ' ', @second_access_token
           end
         end
@@ -440,8 +438,8 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
           # get the oldest token client_id
           oldest_client_id, = @resource.reload.tokens.min_by do |cid, v|
-                                v[:expiry] || v["expiry"]
-                              end # => [ 'CLIENT_ID', {token: ...} ]
+            v[:expiry] || v['expiry']
+          end # => [ 'CLIENT_ID', {token: ...} ]
           # create another token, thereby dropping the oldest token
           @resource.create_new_auth_token
@@ -457,8 +455,7 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
     describe 'bypass_sign_in' do
       before do
-        @resource = users(:unconfirmed_email_user)
-        @resource.save!
+        @resource = create(:user)
         @auth_headers = @resource.create_new_auth_token
@@ -513,16 +510,14 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
     describe 'enable_standard_devise_support' do
       before do
-        @resource = users(:confirmed_email_user)
+        @resource = create(:user, :confirmed)
         @auth_headers = @resource.create_new_auth_token
         DeviseTokenAuth.enable_standard_devise_support = true
       end
       describe 'Existing Warden authentication' do
         before do
-          @resource = users(:second_confirmed_email_user)
-          @resource.skip_confirmation!
-          @resource.save!
+          @resource = create(:user, :confirmed)
           login_as(@resource, scope: :user)
           # no auth headers sent, testing that warden authenticates correctly.
@@ -549,8 +544,6 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
             refute_equal @resource, @controller.current_mang
           end
         end
         it 'should return success status' do
@@ -576,9 +569,7 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
       describe 'existing Warden authentication with ignored token data' do
         before do
-          @resource = users(:second_confirmed_email_user)
-          @resource.skip_confirmation!
-          @resource.save!
+          @resource = create(:user, :confirmed)
           login_as(@resource, scope: :user)
           get '/demo/members_only',

data/test/controllers/devise_token_auth/confirmations_controller_test.rb CHANGED

@@ -19,7 +19,7 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
     describe 'Confirmation' do
       before do
         @redirect_url = Faker::Internet.url
-        @new_user = users(:unconfirmed_email_user)
+        @new_user = create(:user)
         @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
         mail = ActionMailer::Base.deliveries.last
         @token, @client_config = token_and_client_config_from(mail.body)
@@ -90,7 +90,7 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
       before do
         @config_name = 'altUser'
-        @new_user    = mangs(:unconfirmed_email_user)
+        @new_user    = create(:mang_user)
         @new_user.send_confirmation_instructions(client_config: @config_name)

data/test/controllers/devise_token_auth/passwords_controller_test.rb CHANGED

@@ -12,7 +12,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
   describe DeviseTokenAuth::PasswordsController do
     describe 'Password reset' do
       before do
-        @resource = users(:confirmed_email_user)
+        @resource = create(:user, :confirmed)
         @redirect_url = 'http://ng-token-auth.dev'
       end
@@ -53,8 +53,10 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
         test 'error message should be returned' do
           assert @data['errors']
-          assert_equal @data['errors'],
-                       [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
+          assert_equal(
+            @data['errors'],
+            [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
+          )
         end
       end
@@ -113,7 +115,9 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
           end
           test 'response should contains message' do
-            assert_equal @data['message'], I18n.t('devise_token_auth.passwords.sended', email: @resource.email)
+            assert_equal \
+              @data['message'],
+              I18n.t('devise_token_auth.passwords.sended', email: @resource.email)
           end
           test 'action should send an email' do
@@ -316,7 +320,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
       describe 'Using default_password_reset_url' do
         before do
-          @resource = users(:confirmed_email_user)
+          @resource = create(:user, :confirmed)
           @redirect_url = 'http://ng-token-auth.dev'
           DeviseTokenAuth.default_password_reset_url = @redirect_url
@@ -350,7 +354,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
       describe 'Using redirect_whitelist' do
         before do
-          @resource = users(:confirmed_email_user)
+          @resource = create(:user, :confirmed)
           @good_redirect_url = Faker::Internet.url
           @bad_redirect_url = Faker::Internet.url
           DeviseTokenAuth.redirect_whitelist = [@good_redirect_url]
@@ -548,7 +552,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
       end
       before do
-        @resource = mangs(:confirmed_email_user)
+        @resource = create(:mang_user, :confirmed)
         @redirect_url = 'http://ng-token-auth.dev'
         post :create, params: { email: @resource.email,
@@ -575,7 +579,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
     describe 'unconfirmed user' do
       before do
-        @resource = users(:unconfirmed_email_user)
+        @resource = create(:user)
         @redirect_url = 'http://ng-token-auth.dev'
         post :create, params: { email: @resource.email,
@@ -627,7 +631,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
     describe 'alternate user type' do
       before do
-        @resource = users(:confirmed_email_user)
+        @resource = create(:user, :confirmed)
         @redirect_url = 'http://ng-token-auth.dev'
         @config_name  = 'altUser'

data/test/controllers/devise_token_auth/registrations_controller_test.rb CHANGED

@@ -376,7 +376,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
     describe 'Existing users' do
       before do
-        @existing_user = users(:confirmed_email_user)
+        @existing_user = create(:user, :confirmed)
         post '/auth',
              params: { email: @existing_user.email,
@@ -404,7 +404,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
     describe 'Destroy user account' do
       describe 'success' do
         before do
-          @existing_user = users(:confirmed_email_user)
+          @existing_user = create(:user, :confirmed)
           @auth_headers  = @existing_user.create_new_auth_token
           @client_id     = @auth_headers['client']
@@ -451,7 +451,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
     describe 'Update user account' do
       describe 'existing user' do
         before do
-          @existing_user = users(:confirmed_email_user)
+          @existing_user = create(:user, :confirmed)
           @auth_headers  = @existing_user.create_new_auth_token
           @client_id     = @auth_headers['client']
@@ -499,13 +499,13 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
             end
             test 'Supply current password' do
-              @request_params[:current_password] = 'secret123'
-              @request_params[:email] = 'new.email@example.com'
+              @request_params[:current_password] = @existing_user.password
+              @request_params[:email] = @existing_user.email
               put '/auth', params: @request_params, headers: @auth_headers
               @data = JSON.parse(response.body)
               @existing_user.reload
-              assert_equal @existing_user.email, 'new.email@example.com'
+              assert_equal @existing_user.email, @request_params[:email]
             end
           end
@@ -668,7 +668,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
       describe 'invalid user' do
         before do
-          @existing_user = users(:confirmed_email_user)
+          @existing_user = create(:user, :confirmed)
           @auth_headers  = @existing_user.create_new_auth_token
           @client_id     = @auth_headers['client']
@@ -705,7 +705,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
     describe 'Ouath user has existing email' do
       before do
-        @existing_user = users(:duplicate_email_facebook_user)
+        @existing_user = create(:user, :facebook, :confirmed)
         post '/auth',
              params: { email: @existing_user.email,

data/test/controllers/devise_token_auth/sessions_controller_test.rb CHANGED

@@ -12,9 +12,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
   describe DeviseTokenAuth::SessionsController do
     describe 'Confirmed user' do
       before do
-        @existing_user = users(:confirmed_email_user)
-        @existing_user.skip_confirmation!
-        @existing_user.save!
+        @existing_user = create(:user, :with_nickname, :confirmed)
       end
       describe 'success' do
@@ -28,7 +26,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           post :create,
                params: {
                  email: @existing_user.email,
-                 password: 'secret123'
+                 password: @existing_user.password
                }
           @resource = assigns(:resource)
@@ -84,7 +82,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
             @user_session_params = {
               email: @existing_user.email,
-              password: 'secret123'
+              password: @existing_user.password
             }
           end
@@ -112,7 +110,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
             end
             oldest_token, _ = @existing_user.reload.tokens \
-                                .min_by { |cid, v| v[:expiry] || v["expiry"] }
+                                .min_by { |cid, v| v[:expiry] || v['expiry'] }
             post :create, params: @user_session_params
@@ -130,7 +128,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           get :new,
               params: { nickname: @existing_user.nickname,
-                        password: 'secret123' }
+                        password: @existing_user.password }
           @data = JSON.parse(response.body)
         end
@@ -147,7 +145,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           request.headers.merge!(
             'email' => @existing_user.email,
-            'password' => 'secret123'
+            'password' => @existing_user.password
           )
           head :create
@@ -163,7 +161,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
         before do
           post :create,
                params: { nickname: @existing_user.nickname,
-                         password: 'secret123' }
+                         password: @existing_user.password }
           @data = JSON.parse(response.body)
         end
@@ -275,7 +273,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           @resource_class = User
           @request_params = {
             email: @existing_user.email.upcase,
-            password: 'secret123'
+            password: @existing_user.password
           }
         end
@@ -298,7 +296,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
           @request_params = {
             # adding whitespace before and after email
             email: " #{@existing_user.email}  ",
-            password: 'secret123'
+            password: @existing_user.password
           }
         end
@@ -318,9 +316,9 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
     describe 'Unconfirmed user' do
       before do
-        @unconfirmed_user = users(:unconfirmed_email_user)
+        @unconfirmed_user = create(:user)
         post :create, params: { email: @unconfirmed_user.email,
-                                password: 'secret123' }
+                                password: @unconfirmed_user.password }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -341,10 +339,10 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       before do
         @original_duration = Devise.allow_unconfirmed_access_for
         Devise.allow_unconfirmed_access_for = 3.days
-        @recent_unconfirmed_user = users(:recent_unconfirmed_email_user)
+        @recent_unconfirmed_user = create(:user)
         post :create,
              params: { email: @recent_unconfirmed_user.email,
-                       password: 'secret123' }
+                       password: @recent_unconfirmed_user.password }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
@@ -364,20 +362,14 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
     describe 'Unconfirmed user with expired unconfirmed access' do
       before do
-        @original_duration = Devise.allow_unconfirmed_access_for
-        Devise.allow_unconfirmed_access_for = 3.days
-        @unconfirmed_user = users(:unconfirmed_email_user)
+        @unconfirmed_user = create(:user, :unconfirmed)
         post :create,
              params: { email: @unconfirmed_user.email,
-                       password: 'secret123' }
+                       password: @unconfirmed_user.password }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
       end
-      after do
-        Devise.allow_unconfirmed_access_for = @original_duration
-      end
       test 'request should fail' do
         assert_equal 401, response.status
       end
@@ -415,13 +407,11 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       end
       before do
-        @existing_user = mangs(:confirmed_email_user)
-        @existing_user.skip_confirmation!
-        @existing_user.save!
+        @existing_user = create(:mang_user, :confirmed)
         post :create,
              params: { email: @existing_user.email,
-                       password: 'secret123' }
+                       password: @existing_user.password }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
@@ -446,12 +436,11 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       end
       before do
-        @existing_user = only_email_users(:user)
-        @existing_user.save!
+        @existing_user = create(:only_email_user)
         post :create,
              params: { email: @existing_user.email,
-                       password: 'secret123' }
+                       password: @existing_user.password }
         @resource = assigns(:resource)
         @data = JSON.parse(response.body)
@@ -489,10 +478,10 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       describe 'locked user' do
         before do
-          @locked_user = lockable_users(:locked_user)
+          @locked_user = create(:lockable_user, :locked)
           post :create,
                params: { email: @locked_user.email,
-                         password: 'secret123' }
+                         password: @locked_user.password }
           @data = JSON.parse(response.body)
         end
@@ -508,7 +497,7 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
       describe 'unlocked user with bad password' do
         before do
-          @unlocked_user = lockable_users(:unlocked_user)
+          @unlocked_user = create(:lockable_user)
           post :create,
                params: { email: @unlocked_user.email,
                          password: 'bad-password' }