devise_token_auth 0.2.0 → 1.0.0.rc1

data/test/dummy/db/schema.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # This file is auto-generated from the current state of the database. Instead
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
@@ -12,37 +14,6 @@
 
 ActiveRecord::Schema.define(version: 20160629184441) do
 
-  create_table "evil_users", force: :cascade do |t|
-    t.string "email"
-    t.string "encrypted_password", default: "", null: false
-    t.string "reset_password_token"
-    t.datetime "reset_password_sent_at"
-    t.boolean "allow_password_change", default: false
-    t.datetime "remember_created_at"
-    t.integer "sign_in_count", default: 0, null: false
-    t.datetime "current_sign_in_at"
-    t.datetime "last_sign_in_at"
-    t.string "current_sign_in_ip"
-    t.string "last_sign_in_ip"
-    t.string "confirmation_token"
-    t.datetime "confirmed_at"
-    t.datetime "confirmation_sent_at"
-    t.string "unconfirmed_email"
-    t.string "name"
-    t.string "nickname"
-    t.string "image"
-    t.string "provider"
-    t.string "uid", default: "", null: false
-    t.text "tokens"
-    t.string "favorite_color"
-    t.datetime "created_at"
-    t.datetime "updated_at"
-    t.index ["confirmation_token"], name: "index_evil_users_on_confirmation_token", unique: true
-    t.index ["email"], name: "index_evil_users_on_email"
-    t.index ["reset_password_token"], name: "index_evil_users_on_reset_password_token", unique: true
-    t.index ["uid", "provider"], name: "index_evil_users_on_uid_and_provider", unique: true
-  end
-
   create_table "lockable_users", force: :cascade do |t|
     t.string "provider", null: false
     t.string "uid", default: "", null: false
@@ -94,35 +65,6 @@ ActiveRecord::Schema.define(version: 20160629184441) do
     t.index ["uid", "provider"], name: "index_mangs_on_uid_and_provider", unique: true
   end
 
-  create_table "nice_users", force: :cascade do |t|
-    t.string "provider", null: false
-    t.string "uid", default: "", null: false
-    t.string "encrypted_password", default: "", null: false
-    t.string "reset_password_token"
-    t.datetime "reset_password_sent_at"
-    t.boolean "allow_password_change", default: false
-    t.datetime "remember_created_at"
-    t.integer "sign_in_count", default: 0, null: false
-    t.datetime "current_sign_in_at"
-    t.datetime "last_sign_in_at"
-    t.string "current_sign_in_ip"
-    t.string "last_sign_in_ip"
-    t.string "confirmation_token"
-    t.datetime "confirmed_at"
-    t.datetime "confirmation_sent_at"
-    t.string "unconfirmed_email"
-    t.string "name"
-    t.string "nickname"
-    t.string "image"
-    t.string "email"
-    t.text "tokens"
-    t.datetime "created_at"
-    t.datetime "updated_at"
-    t.index ["email"], name: "index_nice_users_on_email"
-    t.index ["reset_password_token"], name: "index_nice_users_on_reset_password_token", unique: true
-    t.index ["uid", "provider"], name: "index_nice_users_on_uid_and_provider", unique: true
-  end
-
   create_table "only_email_users", force: :cascade do |t|
     t.string "provider", null: false
     t.string "uid", default: "", null: false

data/test/factories/users.rb

@@ -0,0 +1,40 @@
+FactoryBot.define do
+  factory :user do
+    email { Faker::Internet.safe_email }
+    password { Faker::Internet.password }
+    provider { 'email' }
+
+    transient do
+      allow_unconfirmed_period { Time.now.utc - Devise.allow_unconfirmed_access_for }
+    end
+
+    trait :with_nickname do
+      nickname { Faker::Internet.username }
+    end
+
+    trait :confirmed do
+      after(:create) { |user| user.confirm }
+    end
+
+    # confirmation period is expired
+    trait :unconfirmed do
+      after(:create) do |user, evaluator|
+        user.update_attribute(:confirmation_sent_at, evaluator.allow_unconfirmed_period - 1.day )
+      end
+    end
+
+    trait :facebook do
+      uid { Faker::Number.number(10) }
+      provider { 'facebook' }
+    end
+
+    trait :locked do
+      after(:create) { |user| user.lock_access! }
+    end
+
+    factory :lockable_user, class: 'LockableUser'
+    factory :mang_user, class: 'Mang'
+    factory :only_email_user, class: 'OnlyEmailUser'
+    factory :scoped_user, class: 'ScopedUser'
+  end
+end

data/test/lib/devise_token_auth/url_test.rb

@@ -3,23 +3,23 @@
 require 'test_helper'
 
 class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
-  describe "DeviseTokenAuth::Url#generate" do
+  describe 'DeviseTokenAuth::Url#generate' do
     test 'URI fragment should appear at the end of URL' do
-      params = {client_id: 123}
+      params = { client_id: 123 }
       url = 'http://example.com#fragment'
-      assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?client_id=123#fragment"
+      assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment'
     end
 
     describe 'with existing query params' do
       test 'should preserve existing query params' do
         url = 'http://example.com?a=1'
-        assert_equal DeviseTokenAuth::Url.send(:generate, url), "http://example.com?a=1"
+        assert_equal DeviseTokenAuth::Url.send(:generate, url), 'http://example.com?a=1'
       end
 
       test 'should marge existing query params with new ones' do
-        params = {client_id: 123}
+        params = { client_id: 123 }
         url = 'http://example.com?a=1'
-        assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?a=1&client_id=123"
+        assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?a=1&client_id=123'
       end
     end
   end

data/test/lib/generators/devise_token_auth/install_generator_test.rb

@@ -41,15 +41,24 @@ module DeviseTokenAuth
       test 'subsequent runs raise no errors' do
         run_generator
       end
+
+      test 'add primary key type with rails 5 when specified in rails generator' do
+        run_generator %w[--primary_key_type=uuid --force]
+        if Rails::VERSION::MAJOR >= 5
+          assert_migration 'db/migrate/devise_token_auth_create_users.rb', /create_table\(:users, id: :uuid\) do/
+        else
+          assert_migration 'db/migrate/devise_token_auth_create_users.rb', /create_table\(:users\) do/
+        end
+      end
     end
 
     describe 'existing user model' do
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "app", "models")
+        @dir = File.join(destination_root, 'app', 'models')
 
-        @fname = File.join(@dir, "user.rb")
+        @fname = File.join(@dir, 'user.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
@@ -57,7 +66,7 @@ module DeviseTokenAuth
         # account for rails version 5
         active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             class User < #{active_record_needle}
 
@@ -66,7 +75,7 @@ module DeviseTokenAuth
               end
             end
           RUBY
-        }
+        end
 
         run_generator
       end
@@ -86,25 +95,24 @@ module DeviseTokenAuth
       end
     end
 
-
     describe 'routes' do
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "config")
+        @dir = File.join(destination_root, 'config')
 
-        @fname = File.join(@dir, "routes.rb")
+        @fname = File.join(@dir, 'routes.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             Rails.application.routes.draw do
               patch '/chong', to: 'bong#index'
             end
           RUBY
-        }
+        end
 
         run_generator
       end
@@ -125,7 +133,7 @@ module DeviseTokenAuth
 
       describe 'subsequent models' do
         before do
-          run_generator %w(Mang mangs)
+          run_generator %w[Mang mangs]
         end
 
         test 'migration is created' do
@@ -151,14 +159,14 @@ module DeviseTokenAuth
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "app", "controllers")
+        @dir = File.join(destination_root, 'app', 'controllers')
 
-        @fname = File.join(@dir, "application_controller.rb")
+        @fname = File.join(@dir, 'application_controller.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             class ApplicationController < ActionController::Base
               def whatever
@@ -166,7 +174,7 @@ module DeviseTokenAuth
               end
             end
           RUBY
-        }
+        end
 
         run_generator
       end

data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb

@@ -10,15 +10,15 @@ module DeviseTokenAuth
     destination Rails.root.join('tmp/generators')
 
     # The namespaced user model for testing
-    let(:user_class) { "Azpire::V1::HumanResource::User" }
+    let(:user_class) { 'Azpire::V1::HumanResource::User' }
     let(:namespace_path) { user_class.underscore }
-    let(:table_name) { user_class.pluralize.underscore.gsub("/","_") }
+    let(:table_name) { user_class.pluralize.underscore.gsub('/','_') }
 
     describe 'user model with namespace, clean install' do
       setup :prepare_destination
 
       before do
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
       end
 
       test 'user model (with namespace) is created, concern is included' do
@@ -44,7 +44,16 @@ module DeviseTokenAuth
       end
 
       test 'subsequent runs raise no errors' do
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
+      end
+
+      test 'add primary key type with rails 5 when specified in rails generator' do
+        run_generator %W[#{user_class} auth --primary_key_type=uuid --force]
+        if Rails::VERSION::MAJOR >= 5
+          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}, id: :uuid\) do/
+        else
+          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}\) do/
+        end
       end
     end
 
@@ -52,9 +61,9 @@ module DeviseTokenAuth
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "app", "models")
+        @dir = File.join(destination_root, 'app', 'models')
 
-        @fname = File.join(@dir, "user.rb")
+        @fname = File.join(@dir, 'user.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
@@ -62,7 +71,7 @@ module DeviseTokenAuth
         # account for rails version 5
         active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             class User < #{active_record_needle}
 
@@ -71,7 +80,7 @@ module DeviseTokenAuth
               end
             end
           RUBY
-        }
+        end
 
         run_generator
       end
@@ -91,27 +100,26 @@ module DeviseTokenAuth
       end
     end
 
-
     describe 'routes' do
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "config")
+        @dir = File.join(destination_root, 'config')
 
-        @fname = File.join(@dir, "routes.rb")
+        @fname = File.join(@dir, 'routes.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             Rails.application.routes.draw do
               patch '/chong', to: 'bong#index'
             end
           RUBY
-        }
+        end
 
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
       end
 
       test 'route method for user model with namespace is appended to routes file' do
@@ -121,7 +129,7 @@ module DeviseTokenAuth
       end
 
       test 'subsequent runs do not modify file' do
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
         assert_file 'config/routes.rb' do |routes|
           matches = routes.scan(/mount_devise_token_auth_for '#{user_class}', at: 'auth'/m).size
           assert_equal 1, matches
@@ -130,7 +138,7 @@ module DeviseTokenAuth
 
       describe 'subsequent models' do
         before do
-          run_generator %w(Mang mangs)
+          run_generator %w[Mang mangs]
         end
 
         test 'migration is created' do
@@ -156,14 +164,14 @@ module DeviseTokenAuth
       setup :prepare_destination
 
       before do
-        @dir = File.join(destination_root, "app", "controllers")
+        @dir = File.join(destination_root, 'app', 'controllers')
 
-        @fname = File.join(@dir, "application_controller.rb")
+        @fname = File.join(@dir, 'application_controller.rb')
 
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
-        @f = File.open(@fname, 'w') {|f|
+        @f = File.open(@fname, 'w') do |f|
           f.write <<-RUBY
             class ApplicationController < ActionController::Base
               def whatever
@@ -171,9 +179,9 @@ module DeviseTokenAuth
               end
             end
           RUBY
-        }
+        end
 
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
       end
 
       test 'controller concern is appended to application controller' do
@@ -183,7 +191,7 @@ module DeviseTokenAuth
       end
 
       test 'subsequent runs do not modify file' do
-        run_generator %W(#{user_class} auth)
+        run_generator %W[#{user_class} auth]
         assert_file 'app/controllers/application_controller.rb' do |controller|
           matches = controller.scan(/include DeviseTokenAuth::Concerns::SetUserByToken/m).size
           assert_equal 1, matches

data/test/lib/generators/devise_token_auth/install_views_generator_test.rb

@@ -16,7 +16,7 @@ module DeviseTokenAuth
         run_generator
       end
 
-      test "files are copied" do
+      test 'files are copied' do
         assert_file 'app/views/devise/mailer/reset_password_instructions.html.erb'
         assert_file 'app/views/devise/mailer/confirmation_instructions.html.erb'
       end

data/test/models/user_test.rb

@@ -4,21 +4,16 @@ require 'test_helper'
 
 class UserTest < ActiveSupport::TestCase
   describe User do
-    before do
-      @password    = Faker::Internet.password(10, 20)
-      @email       = Faker::Internet.email
-      @success_url = Faker::Internet.url
-      @resource    = User.new()
-    end
-
     describe 'serialization' do
       test 'hash should not include sensitive info' do
+        @resource = build(:user)
         refute @resource.as_json[:tokens]
       end
     end
 
     describe 'creation' do
       test 'save fails if uid is missing' do
+        @resource = User.new
         @resource.uid = nil
         @resource.save
 
@@ -28,40 +23,25 @@ class UserTest < ActiveSupport::TestCase
 
     describe 'email registration' do
       test 'model should not save if email is blank' do
-        @resource.provider              = 'email'
-        @resource.password              = @password
-        @resource.password_confirmation = @password
+        @resource = build(:user, email: nil)
 
         refute @resource.save
-        assert @resource.errors.messages[:email] == [I18n.t("errors.messages.blank")]
+        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.blank')]
       end
 
       test 'model should not save if email is not an email' do
-        @resource.provider              = 'email'
-        @resource.email                 = '@example.com'
-        @resource.password              = @password
-        @resource.password_confirmation = @password
+        @resource = build(:user, email: '@example.com')
 
         refute @resource.save
-        assert @resource.errors.messages[:email] == [I18n.t("errors.messages.not_email")]
+        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.not_email')]
       end
     end
 
     describe 'email uniqueness' do
       test 'model should not save if email is taken' do
-        provider = 'email'
-
-        User.create(
-          email: @email,
-          provider: provider,
-          password: @password,
-          password_confirmation: @password
-        )
-
-        @resource.email                 = @email
-        @resource.provider              = provider
-        @resource.password              = @password
-        @resource.password_confirmation = @password
+        user_attributes = attributes_for(:user)
+        create(:user, user_attributes)
+        @resource = build(:user, user_attributes)
 
         refute @resource.save
         assert @resource.errors.messages[:email] == [I18n.t('errors.messages.taken')]
@@ -71,10 +51,7 @@ class UserTest < ActiveSupport::TestCase
 
     describe 'oauth2 authentication' do
       test 'model should save even if email is blank' do
-        @resource.provider              = 'facebook'
-        @resource.uid                   = 123
-        @resource.password              = @password
-        @resource.password_confirmation = @password
+        @resource = build(:user, :facebook, email: nil)
 
         assert @resource.save
         assert @resource.errors.messages[:email].blank?
@@ -83,9 +60,7 @@ class UserTest < ActiveSupport::TestCase
 
     describe 'token expiry' do
       before do
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
 
         @auth_headers = @resource.create_new_auth_token
 
@@ -103,9 +78,7 @@ class UserTest < ActiveSupport::TestCase
 
     describe 'user specific token lifespan' do
       before do
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
 
         auth_headers = @resource.create_new_auth_token
         @token_global     = auth_headers['access-token']
@@ -137,9 +110,7 @@ class UserTest < ActiveSupport::TestCase
 
     describe 'expired tokens are destroyed on save' do
       before do
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
 
         @old_auth_headers = @resource.create_new_auth_token
         @new_auth_headers = @resource.create_new_auth_token
@@ -151,15 +122,13 @@ class UserTest < ActiveSupport::TestCase
       end
 
       test 'current token was not removed' do
-        assert @resource.tokens[@new_auth_headers["client"]]
+        assert @resource.tokens[@new_auth_headers['client']]
       end
     end
 
     describe 'nil tokens are handled properly' do
       before do
-        @resource = users(:confirmed_email_user)
-        @resource.skip_confirmation!
-        @resource.save!
+        @resource = create(:user, :confirmed)
       end
 
       test 'tokens can be set to nil' do