devise_token_auth 1.0.0 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of devise_token_auth might be problematic. Click here for more details.

Files changed (83) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +4 -2
  3. data/app/controllers/devise_token_auth/application_controller.rb +0 -1
  4. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +11 -12
  5. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +39 -55
  6. data/app/controllers/devise_token_auth/confirmations_controller.rb +62 -20
  7. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +51 -26
  8. data/app/controllers/devise_token_auth/passwords_controller.rb +19 -23
  9. data/app/controllers/devise_token_auth/registrations_controller.rb +32 -40
  10. data/app/controllers/devise_token_auth/sessions_controller.rb +5 -5
  11. data/app/controllers/devise_token_auth/unlocks_controller.rb +4 -4
  12. data/app/models/devise_token_auth/concerns/active_record_support.rb +16 -0
  13. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  14. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +19 -0
  15. data/app/models/devise_token_auth/concerns/user.rb +44 -67
  16. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +2 -2
  17. data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb} +1 -1
  18. data/config/locales/en.yml +5 -0
  19. data/config/locales/he.yml +50 -0
  20. data/config/locales/ja.yml +1 -1
  21. data/lib/devise_token_auth/blacklist.rb +2 -0
  22. data/lib/devise_token_auth/engine.rb +2 -0
  23. data/lib/devise_token_auth/rails/routes.rb +1 -1
  24. data/lib/devise_token_auth/token_factory.rb +126 -0
  25. data/lib/devise_token_auth/version.rb +1 -1
  26. data/lib/devise_token_auth.rb +6 -3
  27. data/lib/generators/devise_token_auth/install_generator.rb +3 -87
  28. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  29. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  30. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +5 -0
  31. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +0 -7
  32. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  33. data/test/controllers/custom/custom_confirmations_controller_test.rb +1 -1
  34. data/test/controllers/demo_user_controller_test.rb +2 -2
  35. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +79 -19
  36. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -0
  37. data/test/controllers/devise_token_auth/passwords_controller_test.rb +115 -94
  38. data/test/controllers/devise_token_auth/registrations_controller_test.rb +31 -4
  39. data/test/controllers/devise_token_auth/sessions_controller_test.rb +0 -38
  40. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +2 -1
  41. data/test/dummy/app/{models → active_record}/scoped_user.rb +2 -2
  42. data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +1 -2
  43. data/test/dummy/app/{models → active_record}/unregisterable_user.rb +3 -3
  44. data/test/dummy/app/active_record/user.rb +6 -0
  45. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -3
  46. data/test/dummy/app/controllers/overrides/passwords_controller.rb +3 -3
  47. data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
  48. data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
  49. data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +7 -8
  50. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  51. data/test/dummy/app/mongoid/mang.rb +46 -0
  52. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  53. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  54. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  55. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  56. data/test/dummy/app/mongoid/user.rb +49 -0
  57. data/test/dummy/config/application.rb +23 -1
  58. data/test/dummy/config/boot.rb +4 -0
  59. data/test/dummy/config/initializers/devise.rb +285 -0
  60. data/test/dummy/config/initializers/devise_token_auth.rb +35 -4
  61. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +0 -7
  62. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +0 -7
  63. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +0 -7
  64. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +0 -7
  65. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +0 -7
  66. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +0 -7
  67. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +0 -7
  68. data/test/dummy/db/schema.rb +1 -28
  69. data/test/factories/users.rb +1 -1
  70. data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
  71. data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
  72. data/test/lib/generators/devise_token_auth/install_generator_test.rb +51 -31
  73. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +51 -31
  74. data/test/models/concerns/mongoid_support_test.rb +31 -0
  75. data/test/models/concerns/tokens_serialization_test.rb +70 -0
  76. data/test/models/only_email_user_test.rb +0 -8
  77. data/test/models/user_test.rb +1 -33
  78. data/test/test_helper.rb +12 -2
  79. metadata +105 -25
  80. data/config/initializers/devise.rb +0 -198
  81. /data/test/dummy/app/{models → active_record}/lockable_user.rb +0 -0
  82. /data/test/dummy/app/{models → active_record}/mang.rb +0 -0
  83. /data/test/dummy/app/{models → active_record}/only_email_user.rb +0 -0
@@ -41,22 +41,46 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
41
41
  before do
42
42
  @auth_headers = @resource.create_new_auth_token
43
43
  @new_password = Faker::Internet.password
44
-
45
- post :create,
46
- params: { email: 'chester@cheet.ah' }
47
- @data = JSON.parse(response.body)
48
44
  end
49
45
 
50
- test 'response should fail' do
51
- assert_equal 401, response.status
46
+ describe 'for create' do
47
+ before do
48
+ post :create,
49
+ params: { email: 'chester@cheet.ah' }
50
+ @data = JSON.parse(response.body)
51
+ end
52
+
53
+ test 'response should fail' do
54
+ assert_equal 401, response.status
55
+ end
56
+
57
+ test 'error message should be returned' do
58
+ assert @data['errors']
59
+ assert_equal(
60
+ @data['errors'],
61
+ [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
62
+ )
63
+ end
52
64
  end
53
65
 
54
- test 'error message should be returned' do
55
- assert @data['errors']
56
- assert_equal(
57
- @data['errors'],
58
- [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
59
- )
66
+ describe 'for edit' do
67
+ before do
68
+ get_reset_token
69
+ get :edit, params: { reset_password_token: @mail_reset_token}
70
+ @data = JSON.parse(response.body)
71
+ end
72
+
73
+ test 'response should fail' do
74
+ assert_equal 401, response.status
75
+ end
76
+
77
+ test 'error message should be returned' do
78
+ assert @data['errors']
79
+ assert_equal(
80
+ @data['errors'],
81
+ [I18n.t('devise_token_auth.passwords.missing_redirect_url')]
82
+ )
83
+ end
60
84
  end
61
85
  end
62
86
 
@@ -235,14 +259,14 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
235
259
  assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
236
260
  end
237
261
 
238
- test 'reset_password_token should be rewritten by origin mail_reset_token' do
262
+ test 'reset_password_token should not be rewritten by origin mail_reset_token' do
239
263
  get :edit, params: {
240
264
  reset_password_token: @mail_reset_token,
241
265
  redirect_url: @mail_redirect_url
242
266
  }
243
267
  @resource.reload
244
268
 
245
- assert_equal @mail_reset_token, @resource.reset_password_token
269
+ assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
246
270
  end
247
271
 
248
272
  test 'response should return success status' do
@@ -254,26 +278,6 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
254
278
  assert_equal 302, response.status
255
279
  end
256
280
 
257
- test 'reset_password_token should be valid only one first time' do
258
- get :edit, params: {
259
- reset_password_token: @mail_reset_token,
260
- redirect_url: @mail_redirect_url
261
- }
262
-
263
- @resource.reload
264
- assert_equal @mail_reset_token, @resource.reset_password_token
265
-
266
- assert_raises(ActionController::RoutingError) {
267
- get :edit, params: {
268
- reset_password_token: @mail_reset_token,
269
- redirect_url: @mail_redirect_url
270
- }
271
- }
272
-
273
- @resource.reload
274
- assert_equal @mail_reset_token, @resource.reset_password_token
275
- end
276
-
277
281
  test 'reset_password_sent_at should be valid' do
278
282
  assert_equal @resource.reset_password_period_valid?, true
279
283
 
@@ -283,7 +287,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
283
287
  }
284
288
 
285
289
  @resource.reload
286
- assert_equal @mail_reset_token, @resource.reset_password_token
290
+ assert_equal Devise.token_generator.digest(self, :reset_password_token, @mail_reset_token), @resource.reset_password_token
287
291
  end
288
292
 
289
293
  test 'reset_password_sent_at should be expired' do
@@ -354,8 +358,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
354
358
 
355
359
  describe 'Using redirect_whitelist' do
356
360
  before do
357
- @resource = create(:user, :confirmed)
358
- @good_redirect_url = Faker::Internet.url
361
+ @good_redirect_url = @redirect_url
359
362
  @bad_redirect_url = Faker::Internet.url
360
363
  DeviseTokenAuth.redirect_whitelist = [@good_redirect_url]
361
364
  end
@@ -364,31 +367,65 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
364
367
  DeviseTokenAuth.redirect_whitelist = nil
365
368
  end
366
369
 
367
- test 'request to whitelisted redirect should be successful' do
368
- post :create,
369
- params: { email: @resource.email,
370
- redirect_url: @good_redirect_url }
370
+ describe 'for create' do
371
+ test 'request to whitelisted redirect should be successful' do
372
+ post :create,
373
+ params: { email: @resource.email,
374
+ redirect_url: @good_redirect_url }
371
375
 
372
- assert_equal 200, response.status
373
- end
376
+ assert_equal 200, response.status
377
+ end
374
378
 
375
- test 'request to non-whitelisted redirect should fail' do
376
- post :create,
377
- params: { email: @resource.email,
378
- redirect_url: @bad_redirect_url }
379
+ test 'request to non-whitelisted redirect should fail' do
380
+ post :create,
381
+ params: { email: @resource.email,
382
+ redirect_url: @bad_redirect_url }
383
+
384
+ assert_equal 422, response.status
385
+ end
386
+
387
+ test 'request to non-whitelisted redirect should return error message' do
388
+ post :create,
389
+ params: { email: @resource.email,
390
+ redirect_url: @bad_redirect_url }
379
391
 
380
- assert_equal 422, response.status
392
+ @data = JSON.parse(response.body)
393
+ assert @data['errors']
394
+ assert_equal @data['errors'],
395
+ [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
396
+ redirect_url: @bad_redirect_url)]
397
+ end
381
398
  end
382
- test 'request to non-whitelisted redirect should return error message' do
383
- post :create,
384
- params: { email: @resource.email,
385
- redirect_url: @bad_redirect_url }
386
399
 
387
- @data = JSON.parse(response.body)
388
- assert @data['errors']
389
- assert_equal @data['errors'],
390
- [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
391
- redirect_url: @bad_redirect_url)]
400
+ describe 'for edit' do
401
+ before do
402
+ @auth_headers = @resource.create_new_auth_token
403
+ @new_password = Faker::Internet.password
404
+
405
+ get_reset_token
406
+ end
407
+
408
+ test 'request to whitelisted redirect should be successful' do
409
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @good_redirect_url }
410
+
411
+ assert_equal 302, response.status
412
+ end
413
+
414
+ test 'request to non-whitelisted redirect should fail' do
415
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @bad_redirect_url }
416
+
417
+ assert_equal 422, response.status
418
+ end
419
+
420
+ test 'request to non-whitelisted redirect should return error message' do
421
+ get :edit, params: { reset_password_token: @mail_reset_token, redirect_url: @bad_redirect_url }
422
+
423
+ @data = JSON.parse(response.body)
424
+ assert @data['errors']
425
+ assert_equal @data['errors'],
426
+ [I18n.t('devise_token_auth.passwords.not_allowed_redirect_url',
427
+ redirect_url: @bad_redirect_url)]
428
+ end
392
429
  end
393
430
  end
394
431
 
@@ -509,6 +546,10 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
509
546
  test 'new password should authenticate user' do
510
547
  assert @resource.valid_password?(@new_password)
511
548
  end
549
+
550
+ test 'reset_password_token should be removed' do
551
+ assert_nil @resource.reset_password_token
552
+ end
512
553
  end
513
554
 
514
555
  describe 'password mismatch error' do
@@ -554,16 +595,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
554
595
  before do
555
596
  @resource = create(:mang_user, :confirmed)
556
597
  @redirect_url = 'http://ng-token-auth.dev'
557
-
558
- post :create, params: { email: @resource.email,
559
- redirect_url: @redirect_url }
560
-
561
- @mail = ActionMailer::Base.deliveries.last
562
- @resource.reload
563
-
564
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
565
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
566
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
598
+ get_reset_token
567
599
  end
568
600
 
569
601
  test 'response should return success status' do
@@ -582,15 +614,7 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
582
614
  @resource = create(:user)
583
615
  @redirect_url = 'http://ng-token-auth.dev'
584
616
 
585
- post :create, params: { email: @resource.email,
586
- redirect_url: @redirect_url }
587
-
588
- @mail = ActionMailer::Base.deliveries.last
589
- @resource.reload
590
-
591
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
592
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
593
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
617
+ get_reset_token
594
618
 
595
619
  get :edit, params: { reset_password_token: @mail_reset_token,
596
620
  redirect_url: @mail_redirect_url }
@@ -610,17 +634,8 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
610
634
 
611
635
  before do
612
636
  @resource = unconfirmable_users(:user)
613
- @redirect_url = 'http://ng-token-auth.dev'
614
-
615
- post :create, params: { email: @resource.email,
616
- redirect_url: @redirect_url }
617
-
618
- @mail = ActionMailer::Base.deliveries.last
619
- @resource.reload
620
637
 
621
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
622
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
623
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
638
+ get_reset_token
624
639
 
625
640
  get :edit, params: { reset_password_token: @mail_reset_token,
626
641
  redirect_url: @mail_redirect_url }
@@ -635,21 +650,27 @@ class DeviseTokenAuth::PasswordsControllerTest < ActionController::TestCase
635
650
  @redirect_url = 'http://ng-token-auth.dev'
636
651
  @config_name = 'altUser'
637
652
 
638
- post :create, params: { email: @resource.email,
653
+ params = { email: @resource.email,
639
654
  redirect_url: @redirect_url,
640
655
  config_name: @config_name }
641
-
642
- @mail = ActionMailer::Base.deliveries.last
643
- @resource.reload
644
-
645
- @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
646
- @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
647
- @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
656
+ get_reset_token params
648
657
  end
649
658
 
650
659
  test 'config_name param is included in the confirmation email link' do
651
660
  assert_equal @config_name, @mail_config_name
652
661
  end
653
662
  end
663
+
664
+ def get_reset_token(params = nil)
665
+ params ||= { email: @resource.email, redirect_url: @redirect_url }
666
+ post :create, params: params
667
+
668
+ @mail = ActionMailer::Base.deliveries.last
669
+ @resource.reload
670
+
671
+ @mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
672
+ @mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
673
+ @mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
674
+ end
654
675
  end
655
676
  end
@@ -83,6 +83,33 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
83
83
  end
84
84
  end
85
85
 
86
+ describe 'using allow_unconfirmed_access_for' do
87
+ before do
88
+ @original_duration = Devise.allow_unconfirmed_access_for
89
+ Devise.allow_unconfirmed_access_for = nil
90
+ post '/auth',
91
+ params: {
92
+ email: Faker::Internet.email,
93
+ password: 'secret123',
94
+ password_confirmation: 'secret123',
95
+ confirm_success_url: Faker::Internet.url,
96
+ unpermitted_param: '(x_x)'
97
+ }
98
+ end
99
+
100
+ test 'auth headers were returned in response' do
101
+ assert response.headers['access-token']
102
+ assert response.headers['token-type']
103
+ assert response.headers['client']
104
+ assert response.headers['expiry']
105
+ assert response.headers['uid']
106
+ end
107
+
108
+ after do
109
+ Devise.allow_unconfirmed_access_for = @original_duration
110
+ end
111
+ end
112
+
86
113
  describe 'using "+" in email' do
87
114
  test 'can use + sign in email addresses' do
88
115
  @plus_email = 'ak+testing@gmail.com'
@@ -305,7 +332,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
305
332
  end
306
333
 
307
334
  test 'user should not have been created' do
308
- assert_nil @resource.id
335
+ refute @resource.persisted?
309
336
  end
310
337
 
311
338
  test 'error should be returned in the response' do
@@ -333,7 +360,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
333
360
  end
334
361
 
335
362
  test 'user should not have been created' do
336
- assert_nil @resource.id
363
+ refute @resource.persisted?
337
364
  end
338
365
 
339
366
  test 'error should be returned in the response' do
@@ -362,7 +389,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
362
389
  end
363
390
 
364
391
  test 'user should have been created' do
365
- assert_nil @resource.id
392
+ refute @resource.persisted?
366
393
  end
367
394
 
368
395
  test 'error should be returned in the response' do
@@ -393,7 +420,7 @@ class DeviseTokenAuth::RegistrationsControllerTest < ActionDispatch::Integration
393
420
  end
394
421
 
395
422
  test 'user should have been created' do
396
- assert_nil @resource.id
423
+ refute @resource.persisted?
397
424
  end
398
425
 
399
426
  test 'error should be returned in the response' do
@@ -17,12 +17,6 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
17
17
 
18
18
  describe 'success' do
19
19
  before do
20
- @old_sign_in_count = @existing_user.sign_in_count
21
- @old_current_sign_in_at = @existing_user.current_sign_in_at
22
- @old_last_sign_in_at = @existing_user.last_sign_in_at
23
- @old_sign_in_ip = @existing_user.current_sign_in_ip
24
- @old_last_sign_in_ip = @existing_user.last_sign_in_ip
25
-
26
20
  post :create,
27
21
  params: {
28
22
  email: @existing_user.email,
@@ -31,12 +25,6 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
31
25
 
32
26
  @resource = assigns(:resource)
33
27
  @data = JSON.parse(response.body)
34
-
35
- @new_sign_in_count = @resource.sign_in_count
36
- @new_current_sign_in_at = @resource.current_sign_in_at
37
- @new_last_sign_in_at = @resource.last_sign_in_at
38
- @new_sign_in_ip = @resource.current_sign_in_ip
39
- @new_last_sign_in_ip = @resource.last_sign_in_ip
40
28
  end
41
29
 
42
30
  test 'request should succeed' do
@@ -47,32 +35,6 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
47
35
  assert_equal @existing_user.email, @data['data']['email']
48
36
  end
49
37
 
50
- describe 'trackable' do
51
- test 'sign_in_count incrementns' do
52
- assert_equal @old_sign_in_count + 1, @new_sign_in_count
53
- end
54
-
55
- test 'current_sign_in_at is updated' do
56
- refute @old_current_sign_in_at
57
- assert @new_current_sign_in_at
58
- end
59
-
60
- test 'last_sign_in_at is updated' do
61
- refute @old_last_sign_in_at
62
- assert @new_last_sign_in_at
63
- end
64
-
65
- test 'sign_in_ip is updated' do
66
- refute @old_sign_in_ip
67
- assert_equal '0.0.0.0', @new_sign_in_ip
68
- end
69
-
70
- test 'last_sign_in_ip is updated' do
71
- refute @old_last_sign_in_ip
72
- assert_equal '0.0.0.0', @new_last_sign_in_ip
73
- end
74
- end
75
-
76
38
  describe "with multiple clients and headers don't change in each request" do
77
39
  before do
78
40
  # Set the max_number_of_devices to a lower number
@@ -47,7 +47,8 @@ class DeviseTokenAuth::TokenValidationsControllerTest < ActionDispatch::Integrat
47
47
 
48
48
  describe 'with invalid user' do
49
49
  before do
50
- @resource.update_column :email, 'invalid'
50
+ @resource.update_column(:email, 'invalid') if DEVISE_TOKEN_AUTH_ORM == :active_record
51
+ @resource.set(email: 'invalid') if DEVISE_TOKEN_AUTH_ORM == :mongoid
51
52
  end
52
53
 
53
54
  test 'request should raise invalid model error' do
@@ -3,7 +3,7 @@
3
3
  class ScopedUser < ActiveRecord::Base
4
4
  # Include default devise modules.
5
5
  devise :database_authenticatable, :registerable,
6
- :recoverable, :rememberable, :trackable, :validatable,
7
- :confirmable, :omniauthable
6
+ :recoverable, :rememberable,
7
+ :validatable, :confirmable, :omniauthable
8
8
  include DeviseTokenAuth::Concerns::User
9
9
  end
@@ -4,7 +4,6 @@ class UnconfirmableUser < ActiveRecord::Base
4
4
  # Include default devise modules.
5
5
  devise :database_authenticatable, :registerable,
6
6
  :recoverable, :rememberable,
7
- :trackable, :validatable,
8
- :omniauthable
7
+ :validatable, :omniauthable
9
8
  include DeviseTokenAuth::Concerns::User
10
9
  end
@@ -2,8 +2,8 @@
2
2
 
3
3
  class UnregisterableUser < ActiveRecord::Base
4
4
  # Include default devise modules.
5
- devise :database_authenticatable,
6
- :recoverable, :trackable, :validatable,
7
- :confirmable, :omniauthable
5
+ devise :database_authenticatable, :recoverable,
6
+ :validatable, :confirmable,
7
+ :omniauthable
8
8
  include DeviseTokenAuth::Concerns::User
9
9
  end
@@ -0,0 +1,6 @@
1
+ # frozen_string_literal: true
2
+
3
+ class User < ActiveRecord::Base
4
+ include DeviseTokenAuth::Concerns::User
5
+ include FavoriteColor
6
+ end
@@ -6,7 +6,7 @@ module Overrides
6
6
  @resource = resource_class.confirm_by_token(params[:confirmation_token])
7
7
 
8
8
  if @resource && @resource.id
9
- client_id, token = @resource.create_token
9
+ token = @resource.create_token
10
10
  @resource.save!
11
11
 
12
12
  redirect_header_options = {
@@ -14,8 +14,8 @@ module Overrides
14
14
  config: params[:config],
15
15
  override_proof: '(^^,)'
16
16
  }
17
- redirect_headers = build_redirect_headers(token,
18
- client_id,
17
+ redirect_headers = build_redirect_headers(token.token,
18
+ token.client,
19
19
  redirect_header_options)
20
20
 
21
21
  redirect_to(@resource.build_auth_url(params[:redirect_url],
@@ -11,7 +11,7 @@ module Overrides
11
11
  )
12
12
 
13
13
  if @resource && @resource.id
14
- client_id, token = @resource.create_token
14
+ token = @resource.create_token
15
15
 
16
16
  # ensure that user is confirmed
17
17
  @resource.skip_confirmation! unless @resource.confirmed_at
@@ -22,8 +22,8 @@ module Overrides
22
22
  override_proof: OVERRIDE_PROOF,
23
23
  reset_password: true
24
24
  }
25
- redirect_headers = build_redirect_headers(token,
26
- client_id,
25
+ redirect_headers = build_redirect_headers(token.token,
26
+ token.client,
27
27
  redirect_header_options)
28
28
  redirect_to(@resource.build_auth_url(params[:redirect_url],
29
29
  redirect_headers))
@@ -6,7 +6,7 @@ module Overrides
6
6
 
7
7
  def update
8
8
  if @resource
9
- if @resource.update_attributes(account_update_params)
9
+ if @resource.update(account_update_params)
10
10
  render json: {
11
11
  status: 'success',
12
12
  data: @resource.as_json,
@@ -5,10 +5,10 @@ module Overrides
5
5
  OVERRIDE_PROOF = '(^^,)'.freeze
6
6
 
7
7
  def create
8
- @resource = resource_class.find_by(email: resource_params[:email])
8
+ @resource = resource_class.dta_find_by(email: resource_params[:email])
9
9
 
10
10
  if @resource && valid_params?(:email, resource_params[:email]) && @resource.valid_password?(resource_params[:password]) && @resource.confirmed?
11
- @client_id, @token = @resource.create_token
11
+ @token = @resource.create_token
12
12
  @resource.save
13
13
 
14
14
  render json: {
@@ -1,13 +1,12 @@
1
- # frozen_string_literal: true
2
-
3
- class User < ActiveRecord::Base
4
- include DeviseTokenAuth::Concerns::User
5
-
6
- validates :operating_thetan, numericality: true, allow_nil: true
7
- validate :ensure_correct_favorite_color
1
+ module FavoriteColor
2
+ extend ActiveSupport::Concern
8
3
 
4
+ included do
5
+ validates :operating_thetan, numericality: true, allow_nil: true
6
+ validate :ensure_correct_favorite_color
7
+ end
8
+
9
9
  def ensure_correct_favorite_color
10
-
11
10
  if favorite_color && (favorite_color != '')
12
11
  unless ApplicationHelper::COLOR_NAMES.any?{ |s| s.casecmp(favorite_color)==0 }
13
12
  matches = ApplicationHelper::COLOR_SEARCH.search(favorite_color)
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ class LockableUser
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+ include Mongoid::Locker
7
+
8
+ field :locker_locked_at, type: Time
9
+ field :locker_locked_until, type: Time
10
+
11
+ locker locked_at_field: :locker_locked_at,
12
+ locked_until_field: :locker_locked_until
13
+
14
+ ## User Info
15
+ field :name, type: String
16
+ field :nickname, type: String
17
+ field :image, type: String
18
+
19
+ ## Database authenticatable
20
+ field :email, type: String, default: ''
21
+ field :encrypted_password, type: String, default: ''
22
+
23
+ ## Lockable
24
+ field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
25
+ field :unlock_token, type: String # Only if unlock strategy is :email or :both
26
+ field :locked_at, type: Time
27
+
28
+ ## Required
29
+ field :provider, type: String
30
+ field :uid, type: String, default: ''
31
+
32
+ ## Tokens
33
+ field :tokens, type: Hash, default: {}
34
+
35
+ # Include default devise modules.
36
+ devise :database_authenticatable, :registerable, :lockable
37
+ include DeviseTokenAuth::Concerns::User
38
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ class Mang
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+ include Mongoid::Locker
7
+
8
+ field :locker_locked_at, type: Time
9
+ field :locker_locked_until, type: Time
10
+
11
+ locker locked_at_field: :locker_locked_at,
12
+ locked_until_field: :locker_locked_until
13
+
14
+ ## User Info
15
+ field :name, type: String
16
+ field :nickname, type: String
17
+ field :image, type: String
18
+
19
+ ## Database authenticatable
20
+ field :email, type: String, default: ''
21
+ field :encrypted_password, type: String, default: ''
22
+
23
+ ## Recoverable
24
+ field :reset_password_token, type: String
25
+ field :reset_password_sent_at, type: Time
26
+ field :reset_password_redirect_url, type: String
27
+ field :allow_password_change, type: Boolean, default: false
28
+
29
+ ## Rememberable
30
+ field :remember_created_at, type: Time
31
+
32
+ ## Confirmable
33
+ field :confirmation_token, type: String
34
+ field :confirmed_at, type: Time
35
+ field :confirmation_sent_at, type: Time
36
+ field :unconfirmed_email, type: String # Only if using reconfirmable
37
+
38
+ ## Required
39
+ field :provider, type: String
40
+ field :uid, type: String, default: ''
41
+
42
+ ## Tokens
43
+ field :tokens, type: Hash, default: {}
44
+
45
+ include DeviseTokenAuth::Concerns::User
46
+ end