devise_token_auth 1.0.0 → 1.2.2

data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb

@@ -2,11 +2,13 @@
 
 require 'test_helper'
 require 'fileutils'
-require 'generators/devise_token_auth/install_generator'
+require 'generators/devise_token_auth/install_generator' if DEVISE_TOKEN_AUTH_ORM == :active_record
+require 'generators/devise_token_auth/install_mongoid_generator' if DEVISE_TOKEN_AUTH_ORM == :mongoid
 
 module DeviseTokenAuth
   class InstallGeneratorTest < Rails::Generators::TestCase
-    tests InstallGenerator
+    tests InstallGenerator        if DEVISE_TOKEN_AUTH_ORM == :active_record
+    tests InstallMongoidGenerator if DEVISE_TOKEN_AUTH_ORM == :mongoid
     destination Rails.root.join('tmp/generators')
 
     # The namespaced user model for testing
@@ -31,28 +33,30 @@ module DeviseTokenAuth
         assert_file 'config/initializers/devise_token_auth.rb'
       end
 
-      test 'migration is created for user model with namespace' do
-        assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb"
+      test 'subsequent runs raise no errors' do
+        run_generator %W[#{user_class} auth]
       end
 
-      test 'migration file for user model with namespace contains rails version' do
-        if Rails::VERSION::MAJOR >= 5
-          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
-        else
+      if DEVISE_TOKEN_AUTH_ORM == :active_record
+        test 'migration is created for user model with namespace' do
           assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb"
         end
-      end
 
-      test 'subsequent runs raise no errors' do
-        run_generator %W[#{user_class} auth]
-      end
+        test 'migration file for user model with namespace contains rails version' do
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
+          else
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb"
+          end
+        end
 
-      test 'add primary key type with rails 5 when specified in rails generator' do
-        run_generator %W[#{user_class} auth --primary_key_type=uuid --force]
-        if Rails::VERSION::MAJOR >= 5
-          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}, id: :uuid\) do/
-        else
-          assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}\) do/
+        test 'add primary key type with rails 5 when specified in rails generator' do
+          run_generator %W[#{user_class} auth --primary_key_type=uuid --force]
+          if Rails::VERSION::MAJOR >= 5
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}, id: :uuid\) do/
+          else
+            assert_migration "db/migrate/devise_token_auth_create_#{table_name}.rb", /create_table\(:#{table_name}\) do/
+          end
         end
       end
     end
@@ -68,18 +72,32 @@ module DeviseTokenAuth
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
 
-        # account for rails version 5
-        active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
+        case DEVISE_TOKEN_AUTH_ORM
+        when :active_record
+          # account for rails version 5
+          active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
 
-        @f = File.open(@fname, 'w') do |f|
-          f.write <<-RUBY
-            class User < #{active_record_needle}
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-RUBY
+              class User < #{active_record_needle}
 
-              def whatever
-                puts 'whatever'
+                def whatever
+                  puts 'whatever'
+                end
               end
-            end
-          RUBY
+            RUBY
+          end
+        when :mongoid
+          @f = File.open(@fname, 'w') do |f|
+            f.write <<-'RUBY'
+              class User
+
+                def whatever
+                  puts 'whatever'
+                end
+              end
+            RUBY
+          end
         end
 
         run_generator
@@ -141,10 +159,6 @@ module DeviseTokenAuth
           run_generator %w[Mang mangs]
         end
 
-        test 'migration is created' do
-          assert_migration 'db/migrate/devise_token_auth_create_mangs.rb'
-        end
-
         test 'route method is appended to routes file' do
           assert_file 'config/routes.rb' do |routes|
             assert_match(/mount_devise_token_auth_for 'Mang', at: 'mangs'/, routes)
@@ -157,6 +171,12 @@ module DeviseTokenAuth
             assert_match(/# Define routes for Mang within this block./, routes)
           end
         end
+
+        if DEVISE_TOKEN_AUTH_ORM == :active_record
+          test 'migration is created' do
+            assert_migration 'db/migrate/devise_token_auth_create_mangs.rb'
+          end
+        end
       end
     end
 

data/test/models/concerns/mongoid_support_test.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+if DEVISE_TOKEN_AUTH_ORM == :mongoid
+  class DeviseTokenAuth::Concerns::MongoidSupportTest < ActiveSupport::TestCase
+    describe DeviseTokenAuth::Concerns::MongoidSupport do
+      before do
+        @user = create(:user)
+      end
+
+      describe '#as_json' do
+        test 'should be defined' do
+          assert @user.methods.include?(:as_json)
+        end
+
+        test 'should except _id attribute' do
+          refute @user.as_json.key?('_id')
+        end
+
+        test 'should return with id attribute' do
+          assert_equal @user._id.to_s, @user.as_json['id']
+        end
+
+        test 'should accept options' do
+          refute @user.as_json(except: [:created_at]).key?('created_at')
+        end
+      end
+    end
+  end
+end

data/test/models/concerns/tokens_serialization_test.rb

@@ -0,0 +1,104 @@
+require 'test_helper'
+
+if DEVISE_TOKEN_AUTH_ORM == :active_record
+  describe 'DeviseTokenAuth::Concerns::TokensSerialization' do
+    let(:ts) { DeviseTokenAuth::Concerns::TokensSerialization }
+    let(:user) { FactoryBot.create(:user) }
+    let(:tokens) do
+      # Сreate all possible token's attributes combinations
+      user.create_token
+      2.times { user.create_new_auth_token(user.tokens.first[0]) }
+      user.create_new_auth_token
+      user.create_token
+
+      user.tokens
+    end
+
+    it 'is defined' do
+      assert_equal(ts.present?, true)
+      assert_kind_of(Module, ts)
+    end
+
+    describe '.load(json)' do
+
+      let(:json) { JSON.generate(tokens) }
+
+      let(:default) { {} }
+
+      it 'is defined' do
+        assert_respond_to(ts, :load)
+      end
+
+      it 'handles nil' do
+        assert_equal(ts.load(nil), default)
+      end
+
+      it 'handles string' do
+        assert_equal(ts.load(json), JSON.parse(json))
+      end
+
+      it 'returns object of undesirable class' do
+        assert_equal(ts.load([]), [])
+      end
+    end
+
+    describe '.dump(object)' do
+      let(:default) { 'null' }
+
+      it 'is defined' do
+        assert_respond_to(ts, :dump)
+      end
+
+      it 'handles nil' do
+        assert_equal(ts.dump(nil), default)
+      end
+
+      it 'handles empty hash' do
+        assert_equal(ts.dump({}), '{}')
+      end
+
+      it 'removes nil values' do
+        new_tokens = tokens.dup
+        new_tokens[new_tokens.first[0]][:kos] = nil
+
+        assert_equal(ts.dump(tokens), ts.dump(new_tokens))
+      end
+
+      describe 'updated_at' do
+        before do
+          @default_format = ::Time::DATE_FORMATS[:default]
+          ::Time::DATE_FORMATS[:default] = 'imprecise format'
+        end
+
+        after do
+          ::Time::DATE_FORMATS[:default] = @default_format
+        end
+
+        def updated_ats(tokens)
+          tokens.
+            values.
+            flat_map do |token|
+            [:updated_at, 'updated_at'].map do |key|
+              token[key]
+            end
+          end.
+          compact
+        end
+
+        it 'is defined' do
+          refute_empty updated_ats(tokens)
+        end
+
+        it 'uses iso8601' do
+          updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
+            Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
+          end
+        end
+
+        it 'does not rely on Time#to_s' do
+          refute_includes(updated_ats(tokens), 'imprecise format')
+        end
+      end
+    end
+  end
+end

data/test/models/confirmable_user_test.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class ConfirmableUserTest < ActiveSupport::TestCase
+  describe ConfirmableUser do
+    describe 'creation' do
+      test 'email should be saved' do
+        @resource = create(:confirmable_user)
+        assert @resource.email.present?
+      end
+    end
+
+    describe 'updating email' do
+      test 'new email should be saved to unconfirmed_email' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.unconfirmed_email == 'new_address@example.com'
+      end
+
+      test 'old email should be kept in email' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.email == 'old_address@example.com'
+      end
+
+      test 'confirmation_token should be changed' do
+        @resource = create(:confirmable_user, email: 'old_address@example.com')
+        old_token = @resource.confirmation_token
+        @resource.update(email: 'new_address@example.com')
+        assert @resource.confirmation_token != old_token
+      end
+    end
+  end
+end

data/test/models/only_email_user_test.rb

@@ -4,14 +4,6 @@ require 'test_helper'
 
 class OnlyEmailUserTest < ActiveSupport::TestCase
   describe OnlyEmailUser do
-    test 'trackable is disabled' do
-      refute OnlyEmailUser.method_defined?(:sign_in_count)
-      refute OnlyEmailUser.method_defined?(:current_sign_in_at)
-      refute OnlyEmailUser.method_defined?(:last_sign_in_at)
-      refute OnlyEmailUser.method_defined?(:current_sign_in_ip)
-      refute OnlyEmailUser.method_defined?(:last_sign_in_ip)
-    end
-
     test 'confirmable is disabled' do
       refute OnlyEmailUser.method_defined?(:confirmation_token)
       refute OnlyEmailUser.method_defined?(:confirmed_at)

data/test/models/user_test.rb

@@ -44,7 +44,7 @@ class UserTest < ActiveSupport::TestCase
         @resource = build(:user, user_attributes)
 
         refute @resource.save
-        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.taken')]
+        assert @resource.errors.messages[:email].first.include? 'taken'
         assert @resource.errors.messages[:email].none? { |e| e =~ /translation missing/ }
       end
     end
@@ -76,35 +76,25 @@ class UserTest < ActiveSupport::TestCase
       end
     end
 
-    describe 'user specific token lifespan' do
+    describe 'previous token' do
       before do
         @resource = create(:user, :confirmed)
 
-        auth_headers = @resource.create_new_auth_token
-        @token_global     = auth_headers['access-token']
-        @client_id_global = auth_headers['client']
-
-        def @resource.token_lifespan
-          1.minute
-        end
-
-        auth_headers = @resource.create_new_auth_token
-        @token_specific     = auth_headers['access-token']
-        @client_id_specific = auth_headers['client']
+        @auth_headers1 = @resource.create_new_auth_token
       end
 
-      test 'works per user' do
-        assert @resource.token_is_current?(@token_global, @client_id_global)
-
-        time = Time.zone.now.to_i
-        expiry_global = @resource.tokens[@client_id_global]['expiry'] || @resource.tokens[@client_id_global][:expiry]
+      test 'should properly indicate whether previous token is current' do
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
+        # create another token, emulating a new request
+        @auth_headers2 = @resource.create_new_auth_token
 
-        assert expiry_global > time + DeviseTokenAuth.token_lifespan - 5.seconds
-        assert expiry_global < time + DeviseTokenAuth.token_lifespan + 5.seconds
+        # should work for previous token
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
+        # should work for latest token as well
+        assert @resource.token_is_current?(@auth_headers2['access-token'], @auth_headers2['client'])
 
-        expiry_specific = @resource.tokens[@client_id_specific]['expiry'] || @resource.tokens[@client_id_specific][:expiry]
-        assert expiry_specific > time + 55.seconds
-        assert expiry_specific < time + 65.seconds
+        # after using latest token, previous token should not work
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
       end
     end
 

data/test/test_helper.rb

@@ -7,11 +7,19 @@ SimpleCov.start 'rails' do
 end
 
 ENV['RAILS_ENV'] = 'test'
+DEVISE_TOKEN_AUTH_ORM = (ENV['DEVISE_TOKEN_AUTH_ORM'] || :active_record).to_sym
+
+puts "\n==> DeviseTokenAuth.orm = #{DEVISE_TOKEN_AUTH_ORM.inspect}"
 
 require File.expand_path('dummy/config/environment', __dir__)
-require 'rails/test_help'
+require 'active_support/testing/autorun'
 require 'minitest/rails'
 require 'mocha/minitest'
+if DEVISE_TOKEN_AUTH_ORM == :active_record
+  require 'database_cleaner'
+else
+  require 'database_cleaner/mongoid'
+end
 
 FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
 FactoryBot.find_definitions
@@ -30,13 +38,46 @@ end
 class ActiveSupport::TestCase
   include FactoryBot::Syntax::Methods
 
-  ActiveRecord::Migration.check_pending!
+  ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
+
+  strategies = { active_record: :transaction,
+                 mongoid: :deletion }
+  DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
+  setup { DatabaseCleaner.start }
+  teardown { DatabaseCleaner.clean }
 
   # Add more helper methods to be used by all tests here...
 
+  # Execute the block setting the given values and restoring old values after
+  # the block is executed.
+  # shamelessly copied from devise test_helper.
+  def swap(object, new_values)
+    old_values = {}
+    new_values.each do |key, value|
+      old_values[key] = object.send key
+      object.send :"#{key}=", value
+    end
+    clear_cached_variables(new_values)
+    yield
+  ensure
+    clear_cached_variables(new_values)
+    old_values.each do |key, value|
+      object.send :"#{key}=", value
+    end
+  end
+
+  # shamelessly copied from devise test_helper.
+  def clear_cached_variables(options)
+    if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
+      Devise.mappings.each do |_, mapping|
+        mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
+      end
+    end
+  end
+
   def age_token(user, client_id)
     if user.tokens[client_id]
-      user.tokens[client_id]['updated_at'] = Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)
+      user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
       user.save!
     end
   end
@@ -75,7 +116,7 @@ module Rails
         %w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
           define_method(method) do |path_or_action, **args|
             if Rails::VERSION::MAJOR >= 5
-              super path_or_action, args
+              super path_or_action, **args
             else
               super path_or_action, args[:params], args[:headers]
             end