devise_token_auth 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of devise_token_auth might be problematic. Click here for more details.

Files changed (74) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +2 -2
  3. data/app/controllers/devise_token_auth/application_controller.rb +0 -1
  4. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +11 -12
  5. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +15 -28
  6. data/app/controllers/devise_token_auth/confirmations_controller.rb +14 -19
  7. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +46 -21
  8. data/app/controllers/devise_token_auth/passwords_controller.rb +15 -19
  9. data/app/controllers/devise_token_auth/registrations_controller.rb +31 -39
  10. data/app/controllers/devise_token_auth/unlocks_controller.rb +1 -1
  11. data/app/models/devise_token_auth/concerns/active_record_support.rb +34 -0
  12. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  13. data/app/models/devise_token_auth/concerns/user.rb +9 -23
  14. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +2 -2
  15. data/app/validators/{email_validator.rb → devise_token_auth/email_validator.rb} +1 -1
  16. data/config/locales/he.yml +50 -0
  17. data/config/locales/ja.yml +1 -1
  18. data/lib/devise_token_auth.rb +5 -3
  19. data/lib/devise_token_auth/blacklist.rb +2 -0
  20. data/lib/devise_token_auth/version.rb +1 -1
  21. data/lib/generators/devise_token_auth/install_generator.rb +3 -87
  22. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  23. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  24. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +0 -7
  25. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  26. data/test/controllers/custom/custom_confirmations_controller_test.rb +1 -1
  27. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +41 -20
  28. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -0
  29. data/test/controllers/devise_token_auth/passwords_controller_test.rb +115 -94
  30. data/test/controllers/devise_token_auth/registrations_controller_test.rb +31 -4
  31. data/test/controllers/devise_token_auth/sessions_controller_test.rb +0 -38
  32. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +2 -1
  33. data/test/dummy/app/{models → active_record}/lockable_user.rb +0 -0
  34. data/test/dummy/app/{models → active_record}/mang.rb +0 -0
  35. data/test/dummy/app/{models → active_record}/only_email_user.rb +0 -0
  36. data/test/dummy/app/{models → active_record}/scoped_user.rb +2 -2
  37. data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +1 -2
  38. data/test/dummy/app/{models → active_record}/unregisterable_user.rb +3 -3
  39. data/test/dummy/app/active_record/user.rb +6 -0
  40. data/test/dummy/app/controllers/overrides/sessions_controller.rb +1 -1
  41. data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +7 -8
  42. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  43. data/test/dummy/app/mongoid/mang.rb +46 -0
  44. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  45. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  46. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  47. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  48. data/test/dummy/app/mongoid/user.rb +49 -0
  49. data/test/dummy/config/application.rb +23 -1
  50. data/test/dummy/config/boot.rb +4 -0
  51. data/test/dummy/config/initializers/devise.rb +12 -0
  52. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +0 -7
  53. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +0 -7
  54. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +0 -7
  55. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +0 -7
  56. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +0 -7
  57. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +0 -7
  58. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +0 -7
  59. data/test/dummy/db/schema.rb +1 -28
  60. data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +9 -0
  61. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +50 -0
  62. data/test/dummy/tmp/generators/config/routes.rb +4 -0
  63. data/test/dummy/tmp/generators/db/migrate/20190112150327_devise_token_auth_create_azpire_v1_human_resource_users.rb +56 -0
  64. data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
  65. data/test/lib/generators/devise_token_auth/install_generator_test.rb +51 -31
  66. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +51 -31
  67. data/test/models/concerns/mongoid_support_test.rb +31 -0
  68. data/test/models/only_email_user_test.rb +0 -8
  69. data/test/models/user_test.rb +1 -1
  70. data/test/test_helper.rb +12 -2
  71. metadata +91 -27
  72. data/config/initializers/devise.rb +0 -198
  73. data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
  74. data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'install_generator_helpers'
4
+
5
+ module DeviseTokenAuth
6
+ class InstallMongoidGenerator < Rails::Generators::Base
7
+ include DeviseTokenAuth::InstallGeneratorHelpers
8
+
9
+ def create_user_model
10
+ fname = "app/models/#{user_class.underscore}.rb"
11
+ if File.exist?(File.join(destination_root, fname))
12
+ inclusion = 'include DeviseTokenAuth::Concerns::User'
13
+ unless parse_file_for_line(fname, inclusion)
14
+ inject_into_file fname, before: /end\s\z/ do <<-'RUBY'
15
+
16
+ include Mongoid::Locker
17
+
18
+ field :locker_locked_at, type: Time
19
+ field :locker_locked_until, type: Time
20
+
21
+ locker locked_at_field: :locker_locked_at,
22
+ locked_until_field: :locker_locked_until
23
+
24
+ ## Required
25
+ field :provider, type: String
26
+ field :uid, type: String, default: ''
27
+
28
+ ## Tokens
29
+ field :tokens, type: Hash, default: {}
30
+
31
+ # Include default devise modules. Others available are:
32
+ # :confirmable, :lockable, :timeoutable and :omniauthable
33
+ devise :database_authenticatable, :registerable,
34
+ :recoverable, :rememberable, :trackable, :validatable
35
+ include DeviseTokenAuth::Concerns::User
36
+
37
+ index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
38
+ RUBY
39
+ end
40
+ end
41
+ else
42
+ template('user_mongoid.rb.erb', fname)
43
+ end
44
+ end
45
+ end
46
+ end
@@ -17,13 +17,6 @@ class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRec
17
17
  ## Rememberable
18
18
  t.datetime :remember_created_at
19
19
 
20
- ## Trackable
21
- t.integer :sign_in_count, :default => 0, :null => false
22
- t.datetime :current_sign_in_at
23
- t.datetime :last_sign_in_at
24
- t.string :current_sign_in_ip
25
- t.string :last_sign_in_ip
26
-
27
20
  ## Confirmable
28
21
  t.string :confirmation_token
29
22
  t.datetime :confirmed_at
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ class <%= user_class %>
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+ include Mongoid::Locker
7
+
8
+ field :locker_locked_at, type: Time
9
+ field :locker_locked_until, type: Time
10
+
11
+ locker locked_at_field: :locker_locked_at,
12
+ locked_until_field: :locker_locked_until
13
+
14
+ ## Database authenticatable
15
+ field :email, type: String, default: ''
16
+ field :encrypted_password, type: String, default: ''
17
+
18
+ ## Recoverable
19
+ field :reset_password_token, type: String
20
+ field :reset_password_sent_at, type: Time
21
+ field :reset_password_redirect_url, type: String
22
+ field :allow_password_change, type: Boolean, default: false
23
+
24
+ ## Rememberable
25
+ field :remember_created_at, type: Time
26
+
27
+ ## Confirmable
28
+ field :confirmation_token, type: String
29
+ field :confirmed_at, type: Time
30
+ field :confirmation_sent_at, type: Time
31
+ field :unconfirmed_email, type: String # Only if using reconfirmable
32
+
33
+ ## Lockable
34
+ # field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
35
+ # field :unlock_token, type: String # Only if unlock strategy is :email or :both
36
+ # field :locked_at, type: Time
37
+
38
+ ## Required
39
+ field :provider, type: String
40
+ field :uid, type: String, default: ''
41
+
42
+ ## Tokens
43
+ field :tokens, type: Hash, default: {}
44
+
45
+ # Include default devise modules. Others available are:
46
+ # :confirmable, :lockable, :timeoutable and :omniauthable
47
+ devise :database_authenticatable, :registerable,
48
+ :recoverable, :rememberable, :trackable, :validatable
49
+ include DeviseTokenAuth::Concerns::User
50
+
51
+ index({ email: 1 }, { name: 'email_index', unique: true, background: true })
52
+ index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
53
+ index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
54
+ index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
55
+ # index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
56
+ end
@@ -5,7 +5,7 @@ require 'test_helper'
5
5
  class Custom::ConfirmationsControllerTest < ActionController::TestCase
6
6
  describe Custom::ConfirmationsController do
7
7
  include CustomControllersRoutes
8
-
8
+
9
9
  before do
10
10
  @redirect_url = Faker::Internet.url
11
11
  @new_user = create(:user)
@@ -23,6 +23,7 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
23
23
  @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
24
24
  mail = ActionMailer::Base.deliveries.last
25
25
  @token, @client_config = token_and_client_config_from(mail.body)
26
+ @token_params = %w[access-token client client_id config expiry token uid]
26
27
  end
27
28
 
28
29
  test 'should generate raw token' do
@@ -38,32 +39,52 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
38
39
  end
39
40
 
40
41
  describe 'success' do
41
- before do
42
- get :show,
43
- params: { confirmation_token: @token,
44
- redirect_url: @redirect_url },
45
- xhr: true
46
- @resource = assigns(:resource)
47
- end
42
+ describe 'when authenticated' do
43
+ before do
44
+ sign_in(@new_user)
45
+ get :show,
46
+ params: { confirmation_token: @token,
47
+ redirect_url: @redirect_url },
48
+ xhr: true
49
+ @resource = assigns(:resource)
50
+ end
48
51
 
49
- test 'user should now be confirmed' do
50
- assert @resource.confirmed?
51
- end
52
+ test 'user should now be confirmed' do
53
+ assert @resource.confirmed?
54
+ end
52
55
 
53
- test 'should redirect to success url' do
54
- assert_redirected_to(/^#{@redirect_url}/)
55
- end
56
+ test 'should redirect to success url' do
57
+ assert_redirected_to(/^#{@redirect_url}/)
58
+ end
56
59
 
57
- test 'the sign_in_count should be 1' do
58
- assert @resource.sign_in_count == 1
60
+ test 'redirect url includes token params' do
61
+ assert @token_params.all? { |param| response.body.include?(param) }
62
+ assert response.body.include?('account_confirmation_success')
63
+ end
59
64
  end
60
65
 
61
- test 'User shoud have the signed in info filled' do
62
- assert @resource.current_sign_in_at?
63
- end
66
+ describe 'when unauthenticated' do
67
+ before do
68
+ sign_out(@new_user)
69
+ get :show,
70
+ params: { confirmation_token: @token,
71
+ redirect_url: @redirect_url },
72
+ xhr: true
73
+ @resource = assigns(:resource)
74
+ end
64
75
 
65
- test 'User shoud have the Last checkin filled' do
66
- assert @resource.last_sign_in_at?
76
+ test 'user should now be confirmed' do
77
+ assert @resource.confirmed?
78
+ end
79
+
80
+ test 'should redirect to success url' do
81
+ assert_redirected_to(/^#{@redirect_url}/)
82
+ end
83
+
84
+ test 'redirect url does not include token params' do
85
+ refute @token_params.any? { |param| response.body.include?(param) }
86
+ assert response.body.include?('account_confirmation_success')
87
+ end
67
88
  end
68
89
  end
69
90
 
@@ -155,6 +155,8 @@ class OmniauthTest < ActionDispatch::IntegrationTest
155
155
  describe 'with new user' do
156
156
  before do
157
157
  User.any_instance.expects(:new_record?).returns(true).at_least_once
158
+ # https://docs.mongodb.com/mongoid/master/tutorials/mongoid-documents/#notes-on-persistence
159
+ User.any_instance.expects(:save!).returns(true)
158
160
  end
159
161
 
160
162
  test 'response contains oauth_registration attr' do
@@ -41,22 +41,46 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
41
41
  before do
42
42
  @auth_headers = @resource.create_new_auth_token
43
43
  @new_password = Faker::Internet.password
44
-
45
- post :create,
46
- params: { email: 'chester@cheet.ah' }
47
- @data = JSON.parse(response.body)
48
44
  end
49
45
 
50
- test 'response should fail' do
51
- assert_equal 401, response.status
46
+ describe 'for create' do
47
+ before do
48
+ post :create,
49
+ params: { email: 'chester@cheet.ah' }
50
+ @data = JSON.parse(response.body)
51
+ end
52
+
53
+ test 'response should fail' do
54
+ assert_equal 401, response.status
55
+ end
56
+
57
+ test 'error message should be returned' do
58
+ assert @data['errors']
59
+ assert_equal(
60
+ @data['errors'],
61
+ [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
62
+ )
63
+ end
52
64
  end
53
65
 
54
- test 'error message should be returned' do
55
- assert @data['errors']
56
- assert_equal(
57
- @data['errors'],
58
- [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
59
- )
66
+ describe 'for edit' do
67
+ before do
68
+ get_reset_token
69
+ get :edit, params: { reset_password_token: @mail_reset_token}
70
+ @data = JSON.parse(response.body)
71
+ end
72
+
73
+ test 'response should fail' do
74
+ assert_equal 401, response.status
75
+ end
76
+
77
+ test 'error message should be returned' do
78
+ assert @data['errors']
79
+ assert_equal(
80
+ @data['errors'],
81
+ [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
82
+ )
83
+ end
60
84
  end
61
85
  end
62
86
 
@@ -235,14 +259,14 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
235
259
  assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
236
260
  end
237
261
 
238
- test 'reset_password_token should be rewritten by origin mail_reset_token' do
262
+ test 'reset_password_token should not be rewritten by origin mail_reset_token' do
239
263
  get :edit, params: {
240
264
  reset_password_token: @mail_reset_token,
241
265
  redirect_url: @mail_redirect_url
242
266
  }
243
267
  @resource.reload
244
268
 
245
- assert_equal @mail_reset_token, @resource.reset_password_token
269
+ assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
246
270
  end
247
271
 
248
272
  test 'response should return success status' do
@@ -254,26 +278,6 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
254
278
  assert_equal 302, response.status
255
279
  end
256
280
 
257
- test 'reset_password_token should be valid only one first time' do
258
- get :edit, params: {
259
- reset_password_token: @mail_reset_token,
260
- redirect_url: @mail_redirect_url
261
- }
262
-
263
- @resource.reload
264
- assert_equal @mail_reset_token, @resource.reset_password_token
265
-
266
- assert_raises(ActionController::RoutingError) {
267
- get :edit, params: {
268
- reset_password_token: @mail_reset_token,
269
- redirect_url: @mail_redirect_url
270
- }
271
- }
272
-
273
- @resource.reload
274
- assert_equal @mail_reset_token, @resource.reset_password_token
275
- end
276
-
277
281
  test 'reset_password_sent_at should be valid' do
278
282
  assert_equal @resource.reset_password_period_valid?, true
279
283
 
@@ -283,7 +287,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
283
287
  }
284
288
 
285
289
  @resource.reload
286
- assert_equal @mail_reset_token, @resource.reset_password_token
290
+ assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
287
291
  end
288
292
 
289
293
  test 'reset_password_sent_at should be expired' do
@@ -354,8 +358,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
354
358
 
355
359
  describe 'Using redirect_whitelist' do
356
360
  before do
357
- @resource = create(:user, :confirmed)
358
- @good_redirect_url = Faker::Internet.url
361
+ @good_redirect_url = @redirect_url
359
362
  @bad_redirect_url = Faker::Internet.url
360
363
  DeviseTokenAuth.redirect_whitelist = [@good_redirect_url]
361
364
  end
@@ -364,31 +367,65 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
364
367
  DeviseTokenAuth.redirect_whitelist = nil
365
368
  end
366
369
 
367
- test 'request to whitelisted redirect should be successful' do
368
- post :create,
369
- params: { email: @resource.email,
370
- redirect_url: @good_redirect_url }
370
+ describe 'for create' do
371
+ test 'request to whitelisted redirect should be successful' do
372
+ post :create,
373
+ params: { email: @resource.email,
374
+ redirect_url: @good_redirect_url }
371
375
 
372
- assert_equal 200, response.status
373
- end
376
+ assert_equal 200, response.status
377
+ end
374
378
 
375
- test 'request to non-whitelisted redirect should fail' do
376
- post :create,
377
- params: { email: @resource.email,
378
- redirect_url: @bad_redirect_url }
379
+ test 'request to non-whitelisted redirect should fail' do
380
+ post :create,
381
+ params: { email: @resource.email,
382
+ redirect_url: @bad_redirect_url }
383
+
384
+ assert_equal 422, response.status
385
+ end
386
+
387
+ test 'request to non-whitelisted redirect should return error message' do
388
+ post :create,
389
+ params: { email: @resource.email,
390
+ redirect_url: @bad_redirect_url }
379
391
 
380
- assert_equal 422, response.status
392
+ @data = JSON.parse(response.body)
393
+ assert @data['errors']
394
+ assert_equal @data['errors'],
395
+ [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
396
+ redirect_url: @bad_redirect_url)]
397
+ end
381
398
  end
382
- test 'request to non-whitelisted redirect should return error message' do
383
- post :create,
384
- params: { email: @resource.email,
385
- redirect_url: @bad_redirect_url }
386
399
 
387
- @data = JSON.parse(response.body)
388
- assert @data['errors']
389
- assert_equal @data['errors'],
390
- [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
391
- redirect_url: @bad_redirect_url)]
400
+ describe 'for edit' do
401
+ before do
402
+ @auth_headers = @resource.create_new_auth_token
403
+ @new_password = Faker::Internet.password
404
+
405
+ get_reset_token
406
+ end
407
+
408
+ test 'request to whitelisted redirect should be successful' do
409
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @good_redirect_url }
410
+
411
+ assert_equal 302, response.status
412
+ end
413
+
414
+ test 'request to non-whitelisted redirect should fail' do
415
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @bad_redirect_url }
416
+
417
+ assert_equal 422, response.status
418
+ end
419
+
420
+ test 'request to non-whitelisted redirect should return error message' do
421
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @bad_redirect_url }
422
+
423
+ @data = JSON.parse(response.body)
424
+ assert @data['errors']
425
+ assert_equal @data['errors'],
426
+ [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
427
+ redirect_url: @bad_redirect_url)]
428
+ end
392
429
  end
393
430
  end
394
431
 
@@ -509,6 +546,10 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
509
546
  test 'new password should authenticate user' do
510
547
  assert @resource.valid_password?(@new_password)
511
548
  end
549
+
550
+ test 'reset_password_token should be removed' do
551
+ assert_nil @resource.reset_password_token
552
+ end
512
553
  end
513
554
 
514
555
  describe 'password mismatch error' do
@@ -554,16 +595,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
554
595
  before do
555
596
  @resource = create(:mang_user, :confirmed)
556
597
  @redirect_url = 'http://ng-token-auth.dev'
557
-
558
- post :create, params: { email: @resource.email,
559
- redirect_url: @redirect_url }
560
-
561
- @mail = ActionMailer::Base.deliveries.last
562
- @resource.reload
563
-
564
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
565
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
566
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
598
+ get_reset_token
567
599
  end
568
600
 
569
601
  test 'response should return success status' do
@@ -582,15 +614,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
582
614
  @resource = create(:user)
583
615
  @redirect_url = 'http://ng-token-auth.dev'
584
616
 
585
- post :create, params: { email: @resource.email,
586
- redirect_url: @redirect_url }
587
-
588
- @mail = ActionMailer::Base.deliveries.last
589
- @resource.reload
590
-
591
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
592
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
593
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
617
+ get_reset_token
594
618
 
595
619
  get :edit, params: { reset_password_token: @mail_reset_token,
596
620
  redirect_url: @mail_redirect_url }
@@ -610,17 +634,8 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
610
634
 
611
635
  before do
612
636
  @resource = unconfirmable_users(:user)
613
- @redirect_url = 'http://ng-token-auth.dev'
614
-
615
- post :create, params: { email: @resource.email,
616
- redirect_url: @redirect_url }
617
-
618
- @mail = ActionMailer::Base.deliveries.last
619
- @resource.reload
620
637
 
621
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
622
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
623
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
638
+ get_reset_token
624
639
 
625
640
  get :edit, params: { reset_password_token: @mail_reset_token,
626
641
  redirect_url: @mail_redirect_url }
@@ -635,21 +650,27 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
635
650
  @redirect_url = 'http://ng-token-auth.dev'
636
651
  @config_name = 'altUser'
637
652
 
638
- post :create, params: { email: @resource.email,
653
+ params = { email: @resource.email,
639
654
  redirect_url: @redirect_url,
640
655
  config_name: @config_name }
641
-
642
- @mail = ActionMailer::Base.deliveries.last
643
- @resource.reload
644
-
645
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
646
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
647
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
656
+ get_reset_token params
648
657
  end
649
658
 
650
659
  test 'config_name param is included in the confirmation email link' do
651
660
  assert_equal @config_name, @mail_config_name
652
661
  end
653
662
  end
663
+
664
+ def get_reset_token(params = nil)
665
+ params ||= { email: @resource.email, redirect_url: @redirect_url }
666
+ post :create, params: params
667
+
668
+ @mail = ActionMailer::Base.deliveries.last
669
+ @resource.reload
670
+
671
+ @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
672
+ @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
673
+ @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
674
+ end
654
675
  end
655
676
  end