devise_token_auth 1.1.3 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/devise_token_auth/application_controller.rb +8 -0
  3. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +14 -1
  4. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +31 -7
  5. data/app/controllers/devise_token_auth/confirmations_controller.rb +9 -4
  6. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +2 -1
  7. data/app/controllers/devise_token_auth/passwords_controller.rb +6 -2
  8. data/app/controllers/devise_token_auth/sessions_controller.rb +7 -1
  9. data/app/controllers/devise_token_auth/unlocks_controller.rb +6 -2
  10. data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
  11. data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
  12. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
  13. data/app/models/devise_token_auth/concerns/user.rb +9 -10
  14. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +4 -1
  15. data/app/validators/devise_token_auth_email_validator.rb +1 -1
  16. data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
  17. data/config/locales/en.yml +3 -0
  18. data/config/locales/ja.yml +1 -1
  19. data/config/locales/ko.yml +51 -0
  20. data/config/locales/pl.yml +4 -3
  21. data/config/locales/pt.yml +4 -3
  22. data/lib/devise_token_auth/blacklist.rb +5 -1
  23. data/lib/devise_token_auth/controllers/helpers.rb +5 -9
  24. data/lib/devise_token_auth/engine.rb +8 -0
  25. data/lib/devise_token_auth/rails/routes.rb +15 -10
  26. data/lib/devise_token_auth/url.rb +3 -0
  27. data/lib/devise_token_auth/version.rb +1 -1
  28. data/lib/generators/devise_token_auth/USAGE +1 -1
  29. data/lib/generators/devise_token_auth/install_generator.rb +4 -4
  30. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +2 -2
  31. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +5 -0
  32. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
  33. data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
  34. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +2 -2
  35. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +95 -19
  36. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -2
  37. data/test/controllers/devise_token_auth/passwords_controller_test.rb +73 -21
  38. data/test/controllers/devise_token_auth/registrations_controller_test.rb +28 -15
  39. data/test/controllers/devise_token_auth/sessions_controller_test.rb +39 -10
  40. data/test/controllers/devise_token_auth/unlocks_controller_test.rb +21 -4
  41. data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
  42. data/test/dummy/app/active_record/confirmable_user.rb +11 -0
  43. data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
  44. data/test/dummy/app/views/layouts/application.html.erb +0 -2
  45. data/test/dummy/config/application.rb +0 -1
  46. data/test/dummy/config/environments/development.rb +0 -10
  47. data/test/dummy/config/environments/production.rb +0 -16
  48. data/test/dummy/config/initializers/figaro.rb +1 -1
  49. data/test/dummy/config/initializers/omniauth.rb +1 -0
  50. data/test/dummy/config/routes.rb +2 -0
  51. data/test/dummy/{tmp/generators/db/migrate/20170630171909_devise_token_auth_create_mangs.rb → db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb} +9 -14
  52. data/test/dummy/db/schema.rb +26 -1
  53. data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
  54. data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +56 -0
  55. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +12 -0
  56. data/test/factories/users.rb +1 -0
  57. data/test/lib/devise_token_auth/blacklist_test.rb +11 -3
  58. data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
  59. data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
  60. data/test/lib/devise_token_auth/url_test.rb +2 -2
  61. data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
  62. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
  63. data/test/models/concerns/tokens_serialization_test.rb +39 -5
  64. data/test/models/confirmable_user_test.rb +35 -0
  65. data/test/test_helper.rb +35 -4
  66. metadata +25 -19
  67. data/test/dummy/config/initializers/assets.rb +0 -10
  68. data/test/dummy/tmp/generators/app/models/mang.rb +0 -7
  69. data/test/dummy/tmp/generators/app/models/user.rb +0 -7
  70. data/test/dummy/tmp/generators/config/routes.rb +0 -9
  71. data/test/dummy/tmp/generators/db/migrate/20170630171909_devise_token_auth_create_users.rb +0 -54
@@ -24,18 +24,6 @@ Rails.application.configure do
24
24
  # Disable Rails's static asset server (Apache or nginx will already do this).
25
25
  config.serve_static_files = false
26
26
 
27
- # Compress JavaScripts and CSS.
28
- config.assets.js_compressor = :uglifier
29
- # config.assets.css_compressor = :sass
30
-
31
- # Do not fallback to assets pipeline if a precompiled asset is missed.
32
- config.assets.compile = false
33
-
34
- # Generate digests for assets URLs.
35
- config.assets.digest = true
36
-
37
- # `config.assets.precompile` has moved to config/initializers/assets.rb
38
-
39
27
  # Specifies the header that your server uses for sending files.
40
28
  # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
41
29
  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
@@ -58,10 +46,6 @@ Rails.application.configure do
58
46
  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
59
47
  # config.action_controller.asset_host = "http://assets.example.com"
60
48
 
61
- # Precompile additional assets.
62
- # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
63
- # config.assets.precompile += %w( search.js )
64
-
65
49
  # Ignore bad email addresses and do not raise email delivery errors.
66
50
  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
67
51
  # config.action_mailer.raise_delivery_errors = false
@@ -1,3 +1,3 @@
1
1
  # frozen_string_literal: true
2
2
 
3
- #Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET")
3
+ #Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET", "APPLE_CLIENT_ID", "APPLE_TEAM_ID", "APPLE_KEY", "APPLE_PEM")
@@ -4,6 +4,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do |b|
4
4
  provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: 'email,profile'
5
5
  provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
6
6
  provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
7
+ provider :apple, ENV['APPLE_CLIENT_ID'], '', { scope: 'email name', team_id: ENV['APPLE_TEAM_ID'], key_id: ENV['APPLE_KEY'], pem: ENV['APPLE_PEM'] }
7
8
  provider :developer,
8
9
  fields: [:first_name, :last_name],
9
10
  uid_field: :last_name
@@ -20,6 +20,8 @@ Rails.application.routes.draw do
20
20
 
21
21
  mount_devise_token_auth_for 'LockableUser', at: 'lockable_user_auth'
22
22
 
23
+ mount_devise_token_auth_for 'ConfirmableUser', at: 'confirmable_user_auth'
24
+
23
25
  # test namespacing
24
26
  namespace :api do
25
27
  scope :v1 do
@@ -1,6 +1,7 @@
1
- class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
1
+ class DeviseTokenAuthCreateConfirmableUsers < ActiveRecord::Migration[5.2]
2
2
  def change
3
- create_table(:mangs) do |t|
3
+
4
+ create_table(:confirmable_users) do |t|
4
5
  ## Required
5
6
  t.string :provider, :null => false, :default => "email"
6
7
  t.string :uid, :null => false, :default => ""
@@ -11,17 +12,11 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
11
12
  ## Recoverable
12
13
  t.string :reset_password_token
13
14
  t.datetime :reset_password_sent_at
15
+ t.boolean :allow_password_change, :default => false
14
16
 
15
17
  ## Rememberable
16
18
  t.datetime :remember_created_at
17
19
 
18
- ## Trackable
19
- t.integer :sign_in_count, :default => 0, :null => false
20
- t.datetime :current_sign_in_at
21
- t.datetime :last_sign_in_at
22
- t.string :current_sign_in_ip
23
- t.string :last_sign_in_ip
24
-
25
20
  ## Confirmable
26
21
  t.string :confirmation_token
27
22
  t.datetime :confirmed_at
@@ -45,10 +40,10 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
45
40
  t.timestamps
46
41
  end
47
42
 
48
- add_index :mangs, :email, unique: true
49
- add_index :mangs, [:uid, :provider], unique: true
50
- add_index :mangs, :reset_password_token, unique: true
51
- add_index :mangs, :confirmation_token, unique: true
52
- # add_index :mangs, :unlock_token, unique: true
43
+ add_index :confirmable_users, :email, unique: true
44
+ add_index :confirmable_users, [:uid, :provider], unique: true
45
+ add_index :confirmable_users, :reset_password_token, unique: true
46
+ add_index :confirmable_users, :confirmation_token, unique: true
47
+ # add_index :confirmable_users, :unlock_token, unique: true
53
48
  end
54
49
  end
@@ -10,7 +10,32 @@
10
10
  #
11
11
  # It's strongly recommended that you check this file into your version control system.
12
12
 
13
- ActiveRecord::Schema.define(version: 2016_06_29_184441) do
13
+ ActiveRecord::Schema.define(version: 2019_09_24_101113) do
14
+
15
+ create_table "confirmable_users", force: :cascade do |t|
16
+ t.string "provider", default: "email", null: false
17
+ t.string "uid", default: "", null: false
18
+ t.string "encrypted_password", default: "", null: false
19
+ t.string "reset_password_token"
20
+ t.datetime "reset_password_sent_at"
21
+ t.boolean "allow_password_change", default: false
22
+ t.datetime "remember_created_at"
23
+ t.string "confirmation_token"
24
+ t.datetime "confirmed_at"
25
+ t.datetime "confirmation_sent_at"
26
+ t.string "unconfirmed_email"
27
+ t.string "name"
28
+ t.string "nickname"
29
+ t.string "image"
30
+ t.string "email"
31
+ t.text "tokens"
32
+ t.datetime "created_at", null: false
33
+ t.datetime "updated_at", null: false
34
+ t.index ["confirmation_token"], name: "index_confirmable_users_on_confirmation_token", unique: true
35
+ t.index ["email"], name: "index_confirmable_users_on_email", unique: true
36
+ t.index ["reset_password_token"], name: "index_confirmable_users_on_reset_password_token", unique: true
37
+ t.index ["uid", "provider"], name: "index_confirmable_users_on_uid_and_provider", unique: true
38
+ end
14
39
 
15
40
  create_table "lockable_users", force: :cascade do |t|
16
41
  t.string "provider", null: false
@@ -0,0 +1,6 @@
1
+ class ApplicationController < ActionController::Base
2
+ include DeviseTokenAuth::Concerns::SetUserByToken
3
+ def whatever
4
+ 'whatever'
5
+ end
6
+ end
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ class Azpire::V1::HumanResource::User
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+ include Mongoid::Locker
7
+
8
+ field :locker_locked_at, type: Time
9
+ field :locker_locked_until, type: Time
10
+
11
+ locker locked_at_field: :locker_locked_at,
12
+ locked_until_field: :locker_locked_until
13
+
14
+ ## Database authenticatable
15
+ field :email, type: String, default: ''
16
+ field :encrypted_password, type: String, default: ''
17
+
18
+ ## Recoverable
19
+ field :reset_password_token, type: String
20
+ field :reset_password_sent_at, type: Time
21
+ field :reset_password_redirect_url, type: String
22
+ field :allow_password_change, type: Boolean, default: false
23
+
24
+ ## Rememberable
25
+ field :remember_created_at, type: Time
26
+
27
+ ## Confirmable
28
+ field :confirmation_token, type: String
29
+ field :confirmed_at, type: Time
30
+ field :confirmation_sent_at, type: Time
31
+ field :unconfirmed_email, type: String # Only if using reconfirmable
32
+
33
+ ## Lockable
34
+ # field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
35
+ # field :unlock_token, type: String # Only if unlock strategy is :email or :both
36
+ # field :locked_at, type: Time
37
+
38
+ ## Required
39
+ field :provider, type: String
40
+ field :uid, type: String, default: ''
41
+
42
+ ## Tokens
43
+ field :tokens, type: Hash, default: {}
44
+
45
+ # Include default devise modules. Others available are:
46
+ # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
47
+ devise :database_authenticatable, :registerable,
48
+ :recoverable, :rememberable, :validatable
49
+ include DeviseTokenAuth::Concerns::User
50
+
51
+ index({ email: 1 }, { name: 'email_index', unique: true, background: true })
52
+ index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
53
+ index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
54
+ index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
55
+ # index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
56
+ end
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  DeviseTokenAuth.setup do |config|
2
4
  # By default the authorization headers will change after each request. The
3
5
  # client is responsible for keeping track of the changing tokens. Change
@@ -9,6 +11,11 @@ DeviseTokenAuth.setup do |config|
9
11
  # determines how long tokens will remain valid after they are issued.
10
12
  # config.token_lifespan = 2.weeks
11
13
 
14
+ # Limiting the token_cost to just 4 in testing will increase the performance of
15
+ # your test suite dramatically. The possible cost value is within range from 4
16
+ # to 31. It is recommended to not use a value more than 10 in other environments.
17
+ config.token_cost = Rails.env.test? ? 4 : 10
18
+
12
19
  # Sets the max number of concurrent devices per user, which is 10 by default.
13
20
  # After this limit is reached, the oldest tokens will be removed.
14
21
  # config.max_number_of_devices = 10
@@ -45,4 +52,9 @@ DeviseTokenAuth.setup do |config|
45
52
  # If, however, you wish to integrate with legacy Devise authentication, you can
46
53
  # do so by enabling this flag. NOTE: This feature is highly experimental!
47
54
  # config.enable_standard_devise_support = false
55
+
56
+ # By default DeviseTokenAuth will not send confirmation email, even when including
57
+ # devise confirmable module. If you want to use devise confirmable module and
58
+ # send email, set it to true. (This is a setting for compatibility)
59
+ # config.send_confirmation_email = true
48
60
  end
@@ -36,5 +36,6 @@ FactoryBot.define do
36
36
  factory :mang_user, class: 'Mang'
37
37
  factory :only_email_user, class: 'OnlyEmailUser'
38
38
  factory :scoped_user, class: 'ScopedUser'
39
+ factory :confirmable_user, class: 'ConfirmableUser'
39
40
  end
40
41
  end
@@ -3,9 +3,17 @@
3
3
  require 'test_helper'
4
4
 
5
5
  class DeviseTokenAuth::BlacklistTest < ActiveSupport::TestCase
6
- describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
7
- test 'should include :tokens' do
8
- assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
6
+ if defined? Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
7
+ describe Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION do
8
+ test 'should include :tokens' do
9
+ assert Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION.include?(:tokens)
10
+ end
11
+ end
12
+ else
13
+ describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
14
+ test 'should include :tokens' do
15
+ assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
16
+ end
9
17
  end
10
18
  end
11
19
  end
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_helper'
4
+
5
+ class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
6
+ after do
7
+ Rails.application.reload_routes!
8
+ end
9
+ test 'custom controllers' do
10
+ class ActionDispatch::Routing::Mapper
11
+ include Mocha::ParameterMatchers
12
+ end
13
+ Rails.application.routes.draw do
14
+ self.expects(:devise_for).with(
15
+ :users,
16
+ has_entries(
17
+ controllers: has_entries(
18
+ invitations: "custom/invitations", foo: "custom/foo"
19
+ )
20
+ )
21
+ )
22
+
23
+ mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
24
+ invitations: 'custom/invitations',
25
+ foo: 'custom/foo'
26
+ }
27
+ end
28
+ end
29
+ end
@@ -0,0 +1,87 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_helper'
4
+
5
+ # Needed for MiniTest to start a controller test so we can use assert_recognizes
6
+ class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
7
+ end
8
+
9
+ class DeviseTokenAuth::RoutesTest < ActionController::TestCase
10
+ self.controller_class = DeviseTokenAuth::RoutesTestController
11
+ before do
12
+ Rails.application.routes.draw do
13
+ mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
14
+ invitations: 'custom/invitations',
15
+ foo: 'custom/foo'
16
+ }
17
+ end
18
+ end
19
+
20
+ after do
21
+ Rails.application.reload_routes!
22
+ end
23
+
24
+ test 'map new user session' do
25
+ assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
26
+ end
27
+
28
+ test 'map create user session' do
29
+ assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
30
+ end
31
+
32
+ test 'map destroy user session' do
33
+ assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
34
+ end
35
+
36
+ test 'map new user confirmation' do
37
+ assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
38
+ end
39
+
40
+ test 'map create user confirmation' do
41
+ assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
42
+ end
43
+
44
+ test 'map show user confirmation' do
45
+ assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
46
+ end
47
+
48
+ test 'map new user password' do
49
+ assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
50
+ end
51
+
52
+ test 'map create user password' do
53
+ assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
54
+ end
55
+
56
+ test 'map edit user password' do
57
+ assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
58
+ end
59
+
60
+ test 'map update user password' do
61
+ assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
62
+ end
63
+
64
+ test 'map new user registration' do
65
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
66
+ end
67
+
68
+ test 'map create user registration' do
69
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
70
+ end
71
+
72
+ test 'map edit user registration' do
73
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
74
+ end
75
+
76
+ test 'map update user registration' do
77
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
78
+ end
79
+
80
+ test 'map destroy user registration' do
81
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
82
+ end
83
+
84
+ test 'map cancel user registration' do
85
+ assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
86
+ end
87
+ end
@@ -4,10 +4,10 @@ require 'test_helper'
4
4
 
5
5
  class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
6
6
  describe 'DeviseTokenAuth::Url#generate' do
7
- test 'URI fragment should appear at the end of URL' do
7
+ test 'URI fragment should appear at the end of URL with repeat of query params' do
8
8
  params = { client_id: 123 }
9
9
  url = 'http://example.com#fragment'
10
- assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment'
10
+ assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment?client_id=123'
11
11
  end
12
12
 
13
13
  describe 'with existing query params' do
@@ -70,7 +70,7 @@ module DeviseTokenAuth
70
70
  case DEVISE_TOKEN_AUTH_ORM
71
71
  when :active_record
72
72
  # account for rails version 5
73
- active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
73
+ active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
74
74
 
75
75
  @f = File.open(@fname, 'w') do |f|
76
76
  f.write <<-RUBY
@@ -75,7 +75,7 @@ module DeviseTokenAuth
75
75
  case DEVISE_TOKEN_AUTH_ORM
76
76
  when :active_record
77
77
  # account for rails version 5
78
- active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
78
+ active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
79
79
 
80
80
  @f = File.open(@fname, 'w') do |f|
81
81
  f.write <<-RUBY
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
13
13
 
14
14
  user.tokens
15
15
  end
16
- let(:json) { JSON.generate(tokens) }
17
16
 
18
17
  it 'is defined' do
19
18
  assert_equal(ts.present?, true)
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
21
20
  end
22
21
 
23
22
  describe '.load(json)' do
23
+
24
+ let(:json) { JSON.generate(tokens) }
25
+
24
26
  let(:default) { {} }
25
27
 
26
28
  it 'is defined' do
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
55
57
  assert_equal(ts.dump({}), '{}')
56
58
  end
57
59
 
58
- it 'deserialize tokens' do
59
- assert_equal(ts.dump(tokens), json)
60
- end
61
-
62
60
  it 'removes nil values' do
63
61
  new_tokens = tokens.dup
64
62
  new_tokens[new_tokens.first[0]][:kos] = nil
65
63
 
66
64
  assert_equal(ts.dump(tokens), ts.dump(new_tokens))
67
65
  end
66
+
67
+ describe 'updated_at' do
68
+ before do
69
+ @default_format = ::Time::DATE_FORMATS[:default]
70
+ ::Time::DATE_FORMATS[:default] = 'imprecise format'
71
+ end
72
+
73
+ after do
74
+ ::Time::DATE_FORMATS[:default] = @default_format
75
+ end
76
+
77
+ def updated_ats(tokens)
78
+ tokens.
79
+ values.
80
+ flat_map do |token|
81
+ [:updated_at, 'updated_at'].map do |key|
82
+ token[key]
83
+ end
84
+ end.
85
+ compact
86
+ end
87
+
88
+ it 'is defined' do
89
+ refute_empty updated_ats(tokens)
90
+ end
91
+
92
+ it 'uses iso8601' do
93
+ updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
94
+ Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
95
+ end
96
+ end
97
+
98
+ it 'does not rely on Time#to_s' do
99
+ refute_includes(updated_ats(tokens), 'imprecise format')
100
+ end
101
+ end
68
102
  end
69
103
  end
70
104
  end
@@ -0,0 +1,35 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'test_helper'
4
+
5
+ class ConfirmableUserTest < ActiveSupport::TestCase
6
+ describe ConfirmableUser do
7
+ describe 'creation' do
8
+ test 'email should be saved' do
9
+ @resource = create(:confirmable_user)
10
+ assert @resource.email.present?
11
+ end
12
+ end
13
+
14
+ describe 'updating email' do
15
+ test 'new email should be saved to unconfirmed_email' do
16
+ @resource = create(:confirmable_user, email: 'old_address@example.com')
17
+ @resource.update(email: 'new_address@example.com')
18
+ assert @resource.unconfirmed_email == 'new_address@example.com'
19
+ end
20
+
21
+ test 'old email should be kept in email' do
22
+ @resource = create(:confirmable_user, email: 'old_address@example.com')
23
+ @resource.update(email: 'new_address@example.com')
24
+ assert @resource.email == 'old_address@example.com'
25
+ end
26
+
27
+ test 'confirmation_token should be changed' do
28
+ @resource = create(:confirmable_user, email: 'old_address@example.com')
29
+ old_token = @resource.confirmation_token
30
+ @resource.update(email: 'new_address@example.com')
31
+ assert @resource.confirmation_token != old_token
32
+ end
33
+ end
34
+ end
35
+ end
data/test/test_helper.rb CHANGED
@@ -15,7 +15,11 @@ require File.expand_path('dummy/config/environment', __dir__)
15
15
  require 'active_support/testing/autorun'
16
16
  require 'minitest/rails'
17
17
  require 'mocha/minitest'
18
- require 'database_cleaner'
18
+ if DEVISE_TOKEN_AUTH_ORM == :active_record
19
+ require 'database_cleaner'
20
+ else
21
+ require 'database_cleaner/mongoid'
22
+ end
19
23
 
20
24
  FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
21
25
  FactoryBot.find_definitions
@@ -37,16 +41,43 @@ class ActiveSupport::TestCase
37
41
  ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
38
42
 
39
43
  strategies = { active_record: :transaction,
40
- mongoid: :truncation }
44
+ mongoid: :deletion }
41
45
  DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
42
46
  setup { DatabaseCleaner.start }
43
47
  teardown { DatabaseCleaner.clean }
44
48
 
45
49
  # Add more helper methods to be used by all tests here...
46
50
 
51
+ # Execute the block setting the given values and restoring old values after
52
+ # the block is executed.
53
+ # shamelessly copied from devise test_helper.
54
+ def swap(object, new_values)
55
+ old_values = {}
56
+ new_values.each do |key, value|
57
+ old_values[key] = object.send key
58
+ object.send :"#{key}=", value
59
+ end
60
+ clear_cached_variables(new_values)
61
+ yield
62
+ ensure
63
+ clear_cached_variables(new_values)
64
+ old_values.each do |key, value|
65
+ object.send :"#{key}=", value
66
+ end
67
+ end
68
+
69
+ # shamelessly copied from devise test_helper.
70
+ def clear_cached_variables(options)
71
+ if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
72
+ Devise.mappings.each do |_, mapping|
73
+ mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
74
+ end
75
+ end
76
+ end
77
+
47
78
  def age_token(user, client_id)
48
79
  if user.tokens[client_id]
49
- user.tokens[client_id]['updated_at'] = Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)
80
+ user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
50
81
  user.save!
51
82
  end
52
83
  end
@@ -85,7 +116,7 @@ module Rails
85
116
  %w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
86
117
  define_method(method) do |path_or_action, **args|
87
118
  if Rails::VERSION::MAJOR >= 5
88
- super path_or_action, args
119
+ super path_or_action, **args
89
120
  else
90
121
  super path_or_action, args[:params], args[:headers]
91
122
  end