devise_token_auth 1.1.0 → 1.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -0
- data/app/controllers/devise_token_auth/application_controller.rb +2 -2
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +28 -31
- data/app/controllers/devise_token_auth/confirmations_controller.rb +55 -7
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +34 -11
- data/app/controllers/devise_token_auth/passwords_controller.rb +32 -14
- data/app/controllers/devise_token_auth/registrations_controller.rb +6 -5
- data/app/controllers/devise_token_auth/sessions_controller.rb +5 -5
- data/app/controllers/devise_token_auth/unlocks_controller.rb +3 -3
- data/app/models/devise_token_auth/concerns/active_record_support.rb +1 -21
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +31 -0
- data/app/models/devise_token_auth/concerns/user.rb +43 -48
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +5 -2
- data/app/validators/{devise_token_auth/email_validator.rb → devise_token_auth_email_validator.rb} +2 -2
- data/config/locales/da-DK.yml +2 -0
- data/config/locales/de.yml +2 -0
- data/config/locales/en.yml +7 -0
- data/config/locales/es.yml +2 -0
- data/config/locales/fr.yml +2 -0
- data/config/locales/he.yml +2 -0
- data/config/locales/it.yml +2 -0
- data/config/locales/ja.yml +3 -1
- data/config/locales/ko.yml +51 -0
- data/config/locales/nl.yml +2 -0
- data/config/locales/pl.yml +6 -3
- data/config/locales/pt-BR.yml +2 -0
- data/config/locales/pt.yml +6 -3
- data/config/locales/ro.yml +2 -0
- data/config/locales/ru.yml +2 -0
- data/config/locales/sq.yml +2 -0
- data/config/locales/sv.yml +2 -0
- data/config/locales/uk.yml +2 -0
- data/config/locales/vi.yml +2 -0
- data/config/locales/zh-CN.yml +2 -0
- data/config/locales/zh-HK.yml +2 -0
- data/config/locales/zh-TW.yml +2 -0
- data/lib/devise_token_auth.rb +1 -0
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/engine.rb +7 -1
- data/lib/devise_token_auth/rails/routes.rb +16 -11
- data/lib/devise_token_auth/token_factory.rb +126 -0
- data/lib/devise_token_auth/url.rb +3 -0
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +4 -4
- data/lib/generators/devise_token_auth/install_mongoid_generator.rb +2 -2
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +10 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
- data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +2 -2
- data/test/controllers/demo_user_controller_test.rb +2 -2
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +43 -0
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +107 -42
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +112 -8
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +3 -3
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -3
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +3 -3
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +1 -1
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/config/initializers/devise.rb +275 -2
- data/test/dummy/config/initializers/devise_token_auth.rb +35 -4
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +1 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
- data/test/dummy/db/schema.rb +26 -1
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +2 -2
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +10 -0
- data/test/dummy/tmp/generators/db/migrate/{20190112150327_devise_token_auth_create_azpire_v1_human_resource_users.rb → 20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb} +1 -8
- data/test/factories/users.rb +3 -2
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
- data/test/lib/devise_token_auth/url_test.rb +2 -2
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +104 -0
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/models/user_test.rb +0 -32
- data/test/test_helper.rb +1 -1
- metadata +46 -17
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/config/routes.rb +0 -4
@@ -5,20 +5,51 @@ DeviseTokenAuth.setup do |config|
|
|
5
5
|
# client is responsible for keeping track of the changing tokens. Change
|
6
6
|
# this to false to prevent the Authorization header from changing after
|
7
7
|
# each request.
|
8
|
-
#config.change_headers_on_each_request = true
|
8
|
+
# config.change_headers_on_each_request = true
|
9
9
|
|
10
10
|
# By default, users will need to re-authenticate after 2 weeks. This setting
|
11
11
|
# determines how long tokens will remain valid after they are issued.
|
12
|
-
#config.token_lifespan = 2.weeks
|
12
|
+
# config.token_lifespan = 2.weeks
|
13
|
+
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
18
|
+
|
19
|
+
# Sets the max number of concurrent devices per user, which is 10 by default.
|
20
|
+
# After this limit is reached, the oldest tokens will be removed.
|
21
|
+
# config.max_number_of_devices = 10
|
13
22
|
|
14
23
|
# Sometimes it's necessary to make several requests to the API at the same
|
15
24
|
# time. In this case, each request in the batch will need to share the same
|
16
25
|
# auth token. This setting determines how far apart the requests can be while
|
17
26
|
# still using the same auth token.
|
18
|
-
#config.batch_request_buffer_throttle = 5.seconds
|
27
|
+
# config.batch_request_buffer_throttle = 5.seconds
|
19
28
|
|
20
29
|
# This route will be the prefix for all oauth2 redirect callbacks. For
|
21
30
|
# example, using the default '/omniauth', the github oauth2 provider will
|
22
31
|
# redirect successful authentications to '/omniauth/github/callback'
|
23
|
-
#config.omniauth_prefix = "/omniauth"
|
32
|
+
# config.omniauth_prefix = "/omniauth"
|
33
|
+
|
34
|
+
# By default sending current password is not needed for the password update.
|
35
|
+
# Uncomment to enforce current_password param to be checked before all
|
36
|
+
# attribute updates. Set it to :password if you want it to be checked only if
|
37
|
+
# password is updated.
|
38
|
+
# config.check_current_password_before_update = :attributes
|
39
|
+
|
40
|
+
# By default we will use callbacks for single omniauth.
|
41
|
+
# It depends on fields like email, provider and uid.
|
42
|
+
# config.default_callbacks = true
|
43
|
+
|
44
|
+
# Makes it possible to change the headers names
|
45
|
+
# config.headers_names = {:'access-token' => 'access-token',
|
46
|
+
# :'client' => 'client',
|
47
|
+
# :'expiry' => 'expiry',
|
48
|
+
# :'uid' => 'uid',
|
49
|
+
# :'token-type' => 'token-type' }
|
50
|
+
|
51
|
+
# By default, only Bearer Token authentication is implemented out of the box.
|
52
|
+
# If, however, you wish to integrate with legacy Devise authentication, you can
|
53
|
+
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
54
|
+
# config.enable_standard_devise_support = false
|
24
55
|
end
|
@@ -1,3 +1,3 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET")
|
3
|
+
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET", "APPLE_CLIENT_ID", "APPLE_TEAM_ID", "APPLE_KEY", "APPLE_PEM")
|
@@ -4,6 +4,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do |b|
|
|
4
4
|
provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: 'email,profile'
|
5
5
|
provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
|
6
6
|
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
|
7
|
+
provider :apple, ENV['APPLE_CLIENT_ID'], '', { scope: 'email name', team_id: ENV['APPLE_TEAM_ID'], key_id: ENV['APPLE_KEY'], pem: ENV['APPLE_PEM'] }
|
7
8
|
provider :developer,
|
8
9
|
fields: [:first_name, :last_name],
|
9
10
|
uid_field: :last_name
|
data/test/dummy/config/routes.rb
CHANGED
@@ -0,0 +1,49 @@
|
|
1
|
+
class DeviseTokenAuthCreateConfirmableUsers < ActiveRecord::Migration[5.2]
|
2
|
+
def change
|
3
|
+
|
4
|
+
create_table(:confirmable_users) do |t|
|
5
|
+
## Required
|
6
|
+
t.string :provider, :null => false, :default => "email"
|
7
|
+
t.string :uid, :null => false, :default => ""
|
8
|
+
|
9
|
+
## Database authenticatable
|
10
|
+
t.string :encrypted_password, :null => false, :default => ""
|
11
|
+
|
12
|
+
## Recoverable
|
13
|
+
t.string :reset_password_token
|
14
|
+
t.datetime :reset_password_sent_at
|
15
|
+
t.boolean :allow_password_change, :default => false
|
16
|
+
|
17
|
+
## Rememberable
|
18
|
+
t.datetime :remember_created_at
|
19
|
+
|
20
|
+
## Confirmable
|
21
|
+
t.string :confirmation_token
|
22
|
+
t.datetime :confirmed_at
|
23
|
+
t.datetime :confirmation_sent_at
|
24
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
25
|
+
|
26
|
+
## Lockable
|
27
|
+
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
|
28
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
29
|
+
# t.datetime :locked_at
|
30
|
+
|
31
|
+
## User Info
|
32
|
+
t.string :name
|
33
|
+
t.string :nickname
|
34
|
+
t.string :image
|
35
|
+
t.string :email
|
36
|
+
|
37
|
+
## Tokens
|
38
|
+
t.text :tokens
|
39
|
+
|
40
|
+
t.timestamps
|
41
|
+
end
|
42
|
+
|
43
|
+
add_index :confirmable_users, :email, unique: true
|
44
|
+
add_index :confirmable_users, [:uid, :provider], unique: true
|
45
|
+
add_index :confirmable_users, :reset_password_token, unique: true
|
46
|
+
add_index :confirmable_users, :confirmation_token, unique: true
|
47
|
+
# add_index :confirmable_users, :unlock_token, unique: true
|
48
|
+
end
|
49
|
+
end
|
data/test/dummy/db/schema.rb
CHANGED
@@ -10,7 +10,32 @@
|
|
10
10
|
#
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
12
12
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
13
|
+
ActiveRecord::Schema.define(version: 2019_09_24_101113) do
|
14
|
+
|
15
|
+
create_table "confirmable_users", force: :cascade do |t|
|
16
|
+
t.string "provider", default: "email", null: false
|
17
|
+
t.string "uid", default: "", null: false
|
18
|
+
t.string "encrypted_password", default: "", null: false
|
19
|
+
t.string "reset_password_token"
|
20
|
+
t.datetime "reset_password_sent_at"
|
21
|
+
t.boolean "allow_password_change", default: false
|
22
|
+
t.datetime "remember_created_at"
|
23
|
+
t.string "confirmation_token"
|
24
|
+
t.datetime "confirmed_at"
|
25
|
+
t.datetime "confirmation_sent_at"
|
26
|
+
t.string "unconfirmed_email"
|
27
|
+
t.string "name"
|
28
|
+
t.string "nickname"
|
29
|
+
t.string "image"
|
30
|
+
t.string "email"
|
31
|
+
t.text "tokens"
|
32
|
+
t.datetime "created_at", null: false
|
33
|
+
t.datetime "updated_at", null: false
|
34
|
+
t.index ["confirmation_token"], name: "index_confirmable_users_on_confirmation_token", unique: true
|
35
|
+
t.index ["email"], name: "index_confirmable_users_on_email", unique: true
|
36
|
+
t.index ["reset_password_token"], name: "index_confirmable_users_on_reset_password_token", unique: true
|
37
|
+
t.index ["uid", "provider"], name: "index_confirmable_users_on_uid_and_provider", unique: true
|
38
|
+
end
|
14
39
|
|
15
40
|
create_table "lockable_users", force: :cascade do |t|
|
16
41
|
t.string "provider", null: false
|
@@ -2,8 +2,8 @@
|
|
2
2
|
|
3
3
|
class Azpire::V1::HumanResource::User < ActiveRecord::Base
|
4
4
|
# Include default devise modules. Others available are:
|
5
|
-
# :confirmable, :lockable, :timeoutable and :omniauthable
|
5
|
+
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
6
6
|
devise :database_authenticatable, :registerable,
|
7
|
-
:recoverable, :rememberable, :
|
7
|
+
:recoverable, :rememberable, :validatable
|
8
8
|
include DeviseTokenAuth::Concerns::User
|
9
9
|
end
|
@@ -11,6 +11,11 @@ DeviseTokenAuth.setup do |config|
|
|
11
11
|
# determines how long tokens will remain valid after they are issued.
|
12
12
|
# config.token_lifespan = 2.weeks
|
13
13
|
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
18
|
+
|
14
19
|
# Sets the max number of concurrent devices per user, which is 10 by default.
|
15
20
|
# After this limit is reached, the oldest tokens will be removed.
|
16
21
|
# config.max_number_of_devices = 10
|
@@ -47,4 +52,9 @@ DeviseTokenAuth.setup do |config|
|
|
47
52
|
# If, however, you wish to integrate with legacy Devise authentication, you can
|
48
53
|
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
49
54
|
# config.enable_standard_devise_support = false
|
55
|
+
|
56
|
+
# By default DeviseTokenAuth will not send confirmation email, even when including
|
57
|
+
# devise confirmable module. If you want to use devise confirmable module and
|
58
|
+
# send email, set it to true. (This is a setting for compatibility)
|
59
|
+
# config.send_confirmation_email = true
|
50
60
|
end
|
@@ -17,13 +17,6 @@ class DeviseTokenAuthCreateAzpireV1HumanResourceUsers < ActiveRecord::Migration[
|
|
17
17
|
## Rememberable
|
18
18
|
t.datetime :remember_created_at
|
19
19
|
|
20
|
-
## Trackable
|
21
|
-
t.integer :sign_in_count, :default => 0, :null => false
|
22
|
-
t.datetime :current_sign_in_at
|
23
|
-
t.datetime :last_sign_in_at
|
24
|
-
t.string :current_sign_in_ip
|
25
|
-
t.string :last_sign_in_ip
|
26
|
-
|
27
20
|
## Confirmable
|
28
21
|
t.string :confirmation_token
|
29
22
|
t.datetime :confirmed_at
|
@@ -51,6 +44,6 @@ class DeviseTokenAuthCreateAzpireV1HumanResourceUsers < ActiveRecord::Migration[
|
|
51
44
|
add_index :azpire_v1_human_resource_users, [:uid, :provider], unique: true
|
52
45
|
add_index :azpire_v1_human_resource_users, :reset_password_token, unique: true
|
53
46
|
add_index :azpire_v1_human_resource_users, :confirmation_token, unique: true
|
54
|
-
# add_index :azpire_v1_human_resource_users, :unlock_token,
|
47
|
+
# add_index :azpire_v1_human_resource_users, :unlock_token, unique: true
|
55
48
|
end
|
56
49
|
end
|
data/test/factories/users.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
FactoryBot.define do
|
2
2
|
factory :user do
|
3
|
-
email { Faker::Internet.safe_email }
|
3
|
+
email { Faker::Internet.unique.safe_email }
|
4
4
|
password { Faker::Internet.password }
|
5
5
|
provider { 'email' }
|
6
6
|
|
@@ -24,7 +24,7 @@ FactoryBot.define do
|
|
24
24
|
end
|
25
25
|
|
26
26
|
trait :facebook do
|
27
|
-
uid { Faker::Number.number
|
27
|
+
uid { Faker::Number.number }
|
28
28
|
provider { 'facebook' }
|
29
29
|
end
|
30
30
|
|
@@ -36,5 +36,6 @@ FactoryBot.define do
|
|
36
36
|
factory :mang_user, class: 'Mang'
|
37
37
|
factory :only_email_user, class: 'OnlyEmailUser'
|
38
38
|
factory :scoped_user, class: 'ScopedUser'
|
39
|
+
factory :confirmable_user, class: 'ConfirmableUser'
|
39
40
|
end
|
40
41
|
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
|
6
|
+
after do
|
7
|
+
Rails.application.reload_routes!
|
8
|
+
end
|
9
|
+
test 'custom controllers' do
|
10
|
+
class ActionDispatch::Routing::Mapper
|
11
|
+
include Mocha::ParameterMatchers
|
12
|
+
end
|
13
|
+
Rails.application.routes.draw do
|
14
|
+
self.expects(:devise_for).with(
|
15
|
+
:users,
|
16
|
+
has_entries(
|
17
|
+
controllers: has_entries(
|
18
|
+
invitations: "custom/invitations", foo: "custom/foo"
|
19
|
+
)
|
20
|
+
)
|
21
|
+
)
|
22
|
+
|
23
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
24
|
+
invitations: 'custom/invitations',
|
25
|
+
foo: 'custom/foo'
|
26
|
+
}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
# Needed for MiniTest to start a controller test so we can use assert_recognizes
|
6
|
+
class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
|
7
|
+
end
|
8
|
+
|
9
|
+
class DeviseTokenAuth::RoutesTest < ActionController::TestCase
|
10
|
+
self.controller_class = DeviseTokenAuth::RoutesTestController
|
11
|
+
before do
|
12
|
+
Rails.application.routes.draw do
|
13
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
14
|
+
invitations: 'custom/invitations',
|
15
|
+
foo: 'custom/foo'
|
16
|
+
}
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
after do
|
21
|
+
Rails.application.reload_routes!
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'map new user session' do
|
25
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
|
26
|
+
end
|
27
|
+
|
28
|
+
test 'map create user session' do
|
29
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
|
30
|
+
end
|
31
|
+
|
32
|
+
test 'map destroy user session' do
|
33
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
|
34
|
+
end
|
35
|
+
|
36
|
+
test 'map new user confirmation' do
|
37
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
|
38
|
+
end
|
39
|
+
|
40
|
+
test 'map create user confirmation' do
|
41
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
|
42
|
+
end
|
43
|
+
|
44
|
+
test 'map show user confirmation' do
|
45
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
|
46
|
+
end
|
47
|
+
|
48
|
+
test 'map new user password' do
|
49
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
|
50
|
+
end
|
51
|
+
|
52
|
+
test 'map create user password' do
|
53
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
|
54
|
+
end
|
55
|
+
|
56
|
+
test 'map edit user password' do
|
57
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'map update user password' do
|
61
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
|
62
|
+
end
|
63
|
+
|
64
|
+
test 'map new user registration' do
|
65
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
|
66
|
+
end
|
67
|
+
|
68
|
+
test 'map create user registration' do
|
69
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
|
70
|
+
end
|
71
|
+
|
72
|
+
test 'map edit user registration' do
|
73
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
|
74
|
+
end
|
75
|
+
|
76
|
+
test 'map update user registration' do
|
77
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
|
78
|
+
end
|
79
|
+
|
80
|
+
test 'map destroy user registration' do
|
81
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
|
82
|
+
end
|
83
|
+
|
84
|
+
test 'map cancel user registration' do
|
85
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
|
86
|
+
end
|
87
|
+
end
|
@@ -0,0 +1,191 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class DeviseTokenAuth::TokenFactoryTest < ActiveSupport::TestCase
|
4
|
+
describe 'TokenFactory module' do
|
5
|
+
let(:tf) { DeviseTokenAuth::TokenFactory }
|
6
|
+
let(:token_regexp) { /^[-_A-Za-z0-9]{22}$/ }
|
7
|
+
|
8
|
+
it 'should be defined' do
|
9
|
+
assert_equal(tf.present?, true)
|
10
|
+
assert_kind_of(Module, tf)
|
11
|
+
end
|
12
|
+
|
13
|
+
describe 'interface' do
|
14
|
+
let(:token_hash_cost_regexp) { /\$[\w]+\$([\d]+)\$/ }
|
15
|
+
let(:lifespan) { 10 }
|
16
|
+
let(:cost) { DeviseTokenAuth.token_cost }
|
17
|
+
|
18
|
+
it '::secure_string' do
|
19
|
+
assert_respond_to(tf, :secure_string)
|
20
|
+
|
21
|
+
secure_string = tf.secure_string
|
22
|
+
assert_equal(secure_string.size, 22)
|
23
|
+
assert_match(token_regexp, secure_string)
|
24
|
+
|
25
|
+
SecureRandom.stub(:urlsafe_base64, secure_string) do
|
26
|
+
assert_equal(tf.secure_string, secure_string)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
it '::client' do
|
31
|
+
assert_respond_to(tf, :client)
|
32
|
+
|
33
|
+
client = tf.client
|
34
|
+
assert_equal(client.size, 22)
|
35
|
+
assert_match(token_regexp, client)
|
36
|
+
|
37
|
+
secure_string = tf.secure_string
|
38
|
+
tf.stub(:secure_string, secure_string) do
|
39
|
+
assert_equal(tf.client, secure_string)
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
it '::token' do
|
44
|
+
assert_respond_to(tf, :token)
|
45
|
+
|
46
|
+
token = tf.token
|
47
|
+
assert_kind_of(String, token)
|
48
|
+
assert_equal(token.size, 22)
|
49
|
+
assert_match(token_regexp, token)
|
50
|
+
|
51
|
+
secure_string = tf.secure_string
|
52
|
+
tf.stub(:secure_string, secure_string) do
|
53
|
+
assert_equal(tf.token, secure_string)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
it '::token_hash(args)' do
|
58
|
+
assert_respond_to(tf, :token_hash)
|
59
|
+
|
60
|
+
token_hash = tf.token_hash(tf.token)
|
61
|
+
assert_equal(token_hash.size, 60)
|
62
|
+
assert_kind_of(String, token_hash)
|
63
|
+
|
64
|
+
token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
|
65
|
+
assert_equal(token_cost, cost)
|
66
|
+
|
67
|
+
cost = DeviseTokenAuth.token_cost == 4 ? 10 : 4
|
68
|
+
token_hash = tf.token_hash(tf.token, cost)
|
69
|
+
token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
|
70
|
+
assert_equal(token_cost, cost)
|
71
|
+
|
72
|
+
cost = nil
|
73
|
+
token_hash = tf.token_hash(tf.token, cost)
|
74
|
+
token_cost = token_hash_cost_regexp.match(token_hash)[1].to_i
|
75
|
+
assert_equal(token_cost, DeviseTokenAuth.token_cost)
|
76
|
+
end
|
77
|
+
|
78
|
+
it '::expiry' do
|
79
|
+
assert_respond_to(tf, :expiry)
|
80
|
+
|
81
|
+
assert_kind_of(Integer, tf.expiry)
|
82
|
+
assert tf.expiry > Time.now.to_i
|
83
|
+
end
|
84
|
+
|
85
|
+
it '::expiry(args)' do
|
86
|
+
time = Time.now
|
87
|
+
Time.stub(:now, time) do
|
88
|
+
assert_equal(tf.expiry(lifespan), (time + lifespan).to_i)
|
89
|
+
|
90
|
+
lifespan = nil
|
91
|
+
assert_equal(tf.expiry(lifespan), (time + DeviseTokenAuth.token_lifespan).to_i)
|
92
|
+
end
|
93
|
+
end
|
94
|
+
|
95
|
+
it '::create' do
|
96
|
+
assert_respond_to(tf, :create)
|
97
|
+
|
98
|
+
token = tf.create
|
99
|
+
assert token
|
100
|
+
token.members.each { |m| refute_nil token[m] }
|
101
|
+
end
|
102
|
+
|
103
|
+
it '::create(args)' do
|
104
|
+
client = tf.client
|
105
|
+
token = tf.create(client: client)
|
106
|
+
assert_equal(token.client, client)
|
107
|
+
|
108
|
+
time = Time.now
|
109
|
+
Time.stub(:now, time) do
|
110
|
+
token = tf.create(lifespan: lifespan)
|
111
|
+
assert_equal(token.expiry, (time + lifespan).to_i)
|
112
|
+
end
|
113
|
+
|
114
|
+
token = tf.create(cost: cost)
|
115
|
+
token_cost = token_hash_cost_regexp.match(token.token_hash)[1].to_i
|
116
|
+
assert_equal(token_cost, cost)
|
117
|
+
end
|
118
|
+
|
119
|
+
it '::new' do
|
120
|
+
assert_respond_to(tf, :new)
|
121
|
+
|
122
|
+
token = tf.new
|
123
|
+
token.each { |v| assert_nil v }
|
124
|
+
end
|
125
|
+
|
126
|
+
it '::valid_token_hash?' do
|
127
|
+
assert_respond_to(tf, :valid_token_hash?)
|
128
|
+
|
129
|
+
refute tf.valid_token_hash?('koskoskos')
|
130
|
+
assert tf.valid_token_hash?(tf.create.token_hash)
|
131
|
+
end
|
132
|
+
|
133
|
+
it '::token_hash_is_token?' do
|
134
|
+
assert_respond_to(tf, :token_hash_is_token?)
|
135
|
+
|
136
|
+
token = tf.create
|
137
|
+
refute tf.token_hash_is_token?(token.token_hash, 'koskoskos')
|
138
|
+
refute tf.token_hash_is_token?('koskoskos', token.token)
|
139
|
+
assert tf.token_hash_is_token?(token.token_hash, token.token)
|
140
|
+
end
|
141
|
+
end
|
142
|
+
|
143
|
+
describe 'token object implements' do
|
144
|
+
let(:object) { tf.create }
|
145
|
+
|
146
|
+
it '#client' do
|
147
|
+
assert_respond_to(object, :client)
|
148
|
+
|
149
|
+
assert_kind_of(String, object.client)
|
150
|
+
assert_equal(object.client.size, 22)
|
151
|
+
assert_match(token_regexp, object.client)
|
152
|
+
end
|
153
|
+
|
154
|
+
it '#token' do
|
155
|
+
assert_respond_to(object, :token)
|
156
|
+
|
157
|
+
assert_kind_of(String, object.token)
|
158
|
+
assert_equal(object.token.size, 22)
|
159
|
+
assert_match(token_regexp, object.token)
|
160
|
+
end
|
161
|
+
|
162
|
+
it '#token_hash' do
|
163
|
+
assert_respond_to(object, :token_hash)
|
164
|
+
|
165
|
+
assert_kind_of(String, object.token_hash)
|
166
|
+
assert_equal(object.token_hash.size, 60)
|
167
|
+
end
|
168
|
+
|
169
|
+
it '#expiry' do
|
170
|
+
assert_respond_to(object, :expiry)
|
171
|
+
assert_kind_of(Integer, object.expiry)
|
172
|
+
end
|
173
|
+
|
174
|
+
it '#clear!' do
|
175
|
+
assert_respond_to(object, :clear!)
|
176
|
+
|
177
|
+
assert object.clear!
|
178
|
+
object.each { |v| assert_nil v }
|
179
|
+
end
|
180
|
+
|
181
|
+
it '#present?' do
|
182
|
+
assert_respond_to(object, :present?)
|
183
|
+
|
184
|
+
assert object.present?
|
185
|
+
|
186
|
+
object.token = nil
|
187
|
+
refute object.present?
|
188
|
+
end
|
189
|
+
end
|
190
|
+
end
|
191
|
+
end
|