devise_token_auth 1.1.3 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/application_controller.rb +8 -0
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +14 -1
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +31 -7
- data/app/controllers/devise_token_auth/confirmations_controller.rb +9 -4
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +2 -1
- data/app/controllers/devise_token_auth/passwords_controller.rb +6 -2
- data/app/controllers/devise_token_auth/sessions_controller.rb +7 -1
- data/app/controllers/devise_token_auth/unlocks_controller.rb +6 -2
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +9 -10
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +4 -1
- data/app/validators/devise_token_auth_email_validator.rb +1 -1
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
- data/config/locales/en.yml +3 -0
- data/config/locales/ja.yml +1 -1
- data/config/locales/ko.yml +51 -0
- data/config/locales/pl.yml +4 -3
- data/config/locales/pt.yml +4 -3
- data/lib/devise_token_auth/blacklist.rb +5 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/engine.rb +8 -0
- data/lib/devise_token_auth/rails/routes.rb +15 -10
- data/lib/devise_token_auth/url.rb +3 -0
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +4 -4
- data/lib/generators/devise_token_auth/install_mongoid_generator.rb +2 -2
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +5 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
- data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +2 -2
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +95 -19
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -2
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +73 -21
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +28 -15
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +39 -10
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +21 -4
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +1 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/{tmp/generators/db/migrate/20170630171909_devise_token_auth_create_mangs.rb → db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb} +9 -14
- data/test/dummy/db/schema.rb +26 -1
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +56 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +12 -0
- data/test/factories/users.rb +1 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +11 -3
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/devise_token_auth/url_test.rb +2 -2
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/test_helper.rb +35 -4
- metadata +25 -19
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/models/mang.rb +0 -7
- data/test/dummy/tmp/generators/app/models/user.rb +0 -7
- data/test/dummy/tmp/generators/config/routes.rb +0 -9
- data/test/dummy/tmp/generators/db/migrate/20170630171909_devise_token_auth_create_users.rb +0 -54
@@ -24,18 +24,6 @@ Rails.application.configure do
|
|
24
24
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
25
25
|
config.serve_static_files = false
|
26
26
|
|
27
|
-
# Compress JavaScripts and CSS.
|
28
|
-
config.assets.js_compressor = :uglifier
|
29
|
-
# config.assets.css_compressor = :sass
|
30
|
-
|
31
|
-
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
32
|
-
config.assets.compile = false
|
33
|
-
|
34
|
-
# Generate digests for assets URLs.
|
35
|
-
config.assets.digest = true
|
36
|
-
|
37
|
-
# `config.assets.precompile` has moved to config/initializers/assets.rb
|
38
|
-
|
39
27
|
# Specifies the header that your server uses for sending files.
|
40
28
|
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
|
41
29
|
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
|
@@ -58,10 +46,6 @@ Rails.application.configure do
|
|
58
46
|
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
59
47
|
# config.action_controller.asset_host = "http://assets.example.com"
|
60
48
|
|
61
|
-
# Precompile additional assets.
|
62
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
63
|
-
# config.assets.precompile += %w( search.js )
|
64
|
-
|
65
49
|
# Ignore bad email addresses and do not raise email delivery errors.
|
66
50
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
67
51
|
# config.action_mailer.raise_delivery_errors = false
|
@@ -1,3 +1,3 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET")
|
3
|
+
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET", "APPLE_CLIENT_ID", "APPLE_TEAM_ID", "APPLE_KEY", "APPLE_PEM")
|
@@ -4,6 +4,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do |b|
|
|
4
4
|
provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: 'email,profile'
|
5
5
|
provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
|
6
6
|
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
|
7
|
+
provider :apple, ENV['APPLE_CLIENT_ID'], '', { scope: 'email name', team_id: ENV['APPLE_TEAM_ID'], key_id: ENV['APPLE_KEY'], pem: ENV['APPLE_PEM'] }
|
7
8
|
provider :developer,
|
8
9
|
fields: [:first_name, :last_name],
|
9
10
|
uid_field: :last_name
|
data/test/dummy/config/routes.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
|
-
class
|
1
|
+
class DeviseTokenAuthCreateConfirmableUsers < ActiveRecord::Migration[5.2]
|
2
2
|
def change
|
3
|
-
|
3
|
+
|
4
|
+
create_table(:confirmable_users) do |t|
|
4
5
|
## Required
|
5
6
|
t.string :provider, :null => false, :default => "email"
|
6
7
|
t.string :uid, :null => false, :default => ""
|
@@ -11,17 +12,11 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
|
|
11
12
|
## Recoverable
|
12
13
|
t.string :reset_password_token
|
13
14
|
t.datetime :reset_password_sent_at
|
15
|
+
t.boolean :allow_password_change, :default => false
|
14
16
|
|
15
17
|
## Rememberable
|
16
18
|
t.datetime :remember_created_at
|
17
19
|
|
18
|
-
## Trackable
|
19
|
-
t.integer :sign_in_count, :default => 0, :null => false
|
20
|
-
t.datetime :current_sign_in_at
|
21
|
-
t.datetime :last_sign_in_at
|
22
|
-
t.string :current_sign_in_ip
|
23
|
-
t.string :last_sign_in_ip
|
24
|
-
|
25
20
|
## Confirmable
|
26
21
|
t.string :confirmation_token
|
27
22
|
t.datetime :confirmed_at
|
@@ -45,10 +40,10 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
|
|
45
40
|
t.timestamps
|
46
41
|
end
|
47
42
|
|
48
|
-
add_index :
|
49
|
-
add_index :
|
50
|
-
add_index :
|
51
|
-
add_index :
|
52
|
-
# add_index :
|
43
|
+
add_index :confirmable_users, :email, unique: true
|
44
|
+
add_index :confirmable_users, [:uid, :provider], unique: true
|
45
|
+
add_index :confirmable_users, :reset_password_token, unique: true
|
46
|
+
add_index :confirmable_users, :confirmation_token, unique: true
|
47
|
+
# add_index :confirmable_users, :unlock_token, unique: true
|
53
48
|
end
|
54
49
|
end
|
data/test/dummy/db/schema.rb
CHANGED
@@ -10,7 +10,32 @@
|
|
10
10
|
#
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
12
12
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
13
|
+
ActiveRecord::Schema.define(version: 2019_09_24_101113) do
|
14
|
+
|
15
|
+
create_table "confirmable_users", force: :cascade do |t|
|
16
|
+
t.string "provider", default: "email", null: false
|
17
|
+
t.string "uid", default: "", null: false
|
18
|
+
t.string "encrypted_password", default: "", null: false
|
19
|
+
t.string "reset_password_token"
|
20
|
+
t.datetime "reset_password_sent_at"
|
21
|
+
t.boolean "allow_password_change", default: false
|
22
|
+
t.datetime "remember_created_at"
|
23
|
+
t.string "confirmation_token"
|
24
|
+
t.datetime "confirmed_at"
|
25
|
+
t.datetime "confirmation_sent_at"
|
26
|
+
t.string "unconfirmed_email"
|
27
|
+
t.string "name"
|
28
|
+
t.string "nickname"
|
29
|
+
t.string "image"
|
30
|
+
t.string "email"
|
31
|
+
t.text "tokens"
|
32
|
+
t.datetime "created_at", null: false
|
33
|
+
t.datetime "updated_at", null: false
|
34
|
+
t.index ["confirmation_token"], name: "index_confirmable_users_on_confirmation_token", unique: true
|
35
|
+
t.index ["email"], name: "index_confirmable_users_on_email", unique: true
|
36
|
+
t.index ["reset_password_token"], name: "index_confirmable_users_on_reset_password_token", unique: true
|
37
|
+
t.index ["uid", "provider"], name: "index_confirmable_users_on_uid_and_provider", unique: true
|
38
|
+
end
|
14
39
|
|
15
40
|
create_table "lockable_users", force: :cascade do |t|
|
16
41
|
t.string "provider", null: false
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Azpire::V1::HumanResource::User
|
4
|
+
include Mongoid::Document
|
5
|
+
include Mongoid::Timestamps
|
6
|
+
include Mongoid::Locker
|
7
|
+
|
8
|
+
field :locker_locked_at, type: Time
|
9
|
+
field :locker_locked_until, type: Time
|
10
|
+
|
11
|
+
locker locked_at_field: :locker_locked_at,
|
12
|
+
locked_until_field: :locker_locked_until
|
13
|
+
|
14
|
+
## Database authenticatable
|
15
|
+
field :email, type: String, default: ''
|
16
|
+
field :encrypted_password, type: String, default: ''
|
17
|
+
|
18
|
+
## Recoverable
|
19
|
+
field :reset_password_token, type: String
|
20
|
+
field :reset_password_sent_at, type: Time
|
21
|
+
field :reset_password_redirect_url, type: String
|
22
|
+
field :allow_password_change, type: Boolean, default: false
|
23
|
+
|
24
|
+
## Rememberable
|
25
|
+
field :remember_created_at, type: Time
|
26
|
+
|
27
|
+
## Confirmable
|
28
|
+
field :confirmation_token, type: String
|
29
|
+
field :confirmed_at, type: Time
|
30
|
+
field :confirmation_sent_at, type: Time
|
31
|
+
field :unconfirmed_email, type: String # Only if using reconfirmable
|
32
|
+
|
33
|
+
## Lockable
|
34
|
+
# field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
35
|
+
# field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
36
|
+
# field :locked_at, type: Time
|
37
|
+
|
38
|
+
## Required
|
39
|
+
field :provider, type: String
|
40
|
+
field :uid, type: String, default: ''
|
41
|
+
|
42
|
+
## Tokens
|
43
|
+
field :tokens, type: Hash, default: {}
|
44
|
+
|
45
|
+
# Include default devise modules. Others available are:
|
46
|
+
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
47
|
+
devise :database_authenticatable, :registerable,
|
48
|
+
:recoverable, :rememberable, :validatable
|
49
|
+
include DeviseTokenAuth::Concerns::User
|
50
|
+
|
51
|
+
index({ email: 1 }, { name: 'email_index', unique: true, background: true })
|
52
|
+
index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
|
53
|
+
index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
|
54
|
+
index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
|
55
|
+
# index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
|
56
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
DeviseTokenAuth.setup do |config|
|
2
4
|
# By default the authorization headers will change after each request. The
|
3
5
|
# client is responsible for keeping track of the changing tokens. Change
|
@@ -9,6 +11,11 @@ DeviseTokenAuth.setup do |config|
|
|
9
11
|
# determines how long tokens will remain valid after they are issued.
|
10
12
|
# config.token_lifespan = 2.weeks
|
11
13
|
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
18
|
+
|
12
19
|
# Sets the max number of concurrent devices per user, which is 10 by default.
|
13
20
|
# After this limit is reached, the oldest tokens will be removed.
|
14
21
|
# config.max_number_of_devices = 10
|
@@ -45,4 +52,9 @@ DeviseTokenAuth.setup do |config|
|
|
45
52
|
# If, however, you wish to integrate with legacy Devise authentication, you can
|
46
53
|
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
47
54
|
# config.enable_standard_devise_support = false
|
55
|
+
|
56
|
+
# By default DeviseTokenAuth will not send confirmation email, even when including
|
57
|
+
# devise confirmable module. If you want to use devise confirmable module and
|
58
|
+
# send email, set it to true. (This is a setting for compatibility)
|
59
|
+
# config.send_confirmation_email = true
|
48
60
|
end
|
data/test/factories/users.rb
CHANGED
@@ -3,9 +3,17 @@
|
|
3
3
|
require 'test_helper'
|
4
4
|
|
5
5
|
class DeviseTokenAuth::BlacklistTest < ActiveSupport::TestCase
|
6
|
-
|
7
|
-
|
8
|
-
|
6
|
+
if defined? Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
|
7
|
+
describe Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION do
|
8
|
+
test 'should include :tokens' do
|
9
|
+
assert Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION.include?(:tokens)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
else
|
13
|
+
describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
|
14
|
+
test 'should include :tokens' do
|
15
|
+
assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
|
16
|
+
end
|
9
17
|
end
|
10
18
|
end
|
11
19
|
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
|
6
|
+
after do
|
7
|
+
Rails.application.reload_routes!
|
8
|
+
end
|
9
|
+
test 'custom controllers' do
|
10
|
+
class ActionDispatch::Routing::Mapper
|
11
|
+
include Mocha::ParameterMatchers
|
12
|
+
end
|
13
|
+
Rails.application.routes.draw do
|
14
|
+
self.expects(:devise_for).with(
|
15
|
+
:users,
|
16
|
+
has_entries(
|
17
|
+
controllers: has_entries(
|
18
|
+
invitations: "custom/invitations", foo: "custom/foo"
|
19
|
+
)
|
20
|
+
)
|
21
|
+
)
|
22
|
+
|
23
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
24
|
+
invitations: 'custom/invitations',
|
25
|
+
foo: 'custom/foo'
|
26
|
+
}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
# Needed for MiniTest to start a controller test so we can use assert_recognizes
|
6
|
+
class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
|
7
|
+
end
|
8
|
+
|
9
|
+
class DeviseTokenAuth::RoutesTest < ActionController::TestCase
|
10
|
+
self.controller_class = DeviseTokenAuth::RoutesTestController
|
11
|
+
before do
|
12
|
+
Rails.application.routes.draw do
|
13
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
14
|
+
invitations: 'custom/invitations',
|
15
|
+
foo: 'custom/foo'
|
16
|
+
}
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
after do
|
21
|
+
Rails.application.reload_routes!
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'map new user session' do
|
25
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
|
26
|
+
end
|
27
|
+
|
28
|
+
test 'map create user session' do
|
29
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
|
30
|
+
end
|
31
|
+
|
32
|
+
test 'map destroy user session' do
|
33
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
|
34
|
+
end
|
35
|
+
|
36
|
+
test 'map new user confirmation' do
|
37
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
|
38
|
+
end
|
39
|
+
|
40
|
+
test 'map create user confirmation' do
|
41
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
|
42
|
+
end
|
43
|
+
|
44
|
+
test 'map show user confirmation' do
|
45
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
|
46
|
+
end
|
47
|
+
|
48
|
+
test 'map new user password' do
|
49
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
|
50
|
+
end
|
51
|
+
|
52
|
+
test 'map create user password' do
|
53
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
|
54
|
+
end
|
55
|
+
|
56
|
+
test 'map edit user password' do
|
57
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'map update user password' do
|
61
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
|
62
|
+
end
|
63
|
+
|
64
|
+
test 'map new user registration' do
|
65
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
|
66
|
+
end
|
67
|
+
|
68
|
+
test 'map create user registration' do
|
69
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
|
70
|
+
end
|
71
|
+
|
72
|
+
test 'map edit user registration' do
|
73
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
|
74
|
+
end
|
75
|
+
|
76
|
+
test 'map update user registration' do
|
77
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
|
78
|
+
end
|
79
|
+
|
80
|
+
test 'map destroy user registration' do
|
81
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
|
82
|
+
end
|
83
|
+
|
84
|
+
test 'map cancel user registration' do
|
85
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
|
86
|
+
end
|
87
|
+
end
|
@@ -4,10 +4,10 @@ require 'test_helper'
|
|
4
4
|
|
5
5
|
class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
|
6
6
|
describe 'DeviseTokenAuth::Url#generate' do
|
7
|
-
test 'URI fragment should appear at the end of URL' do
|
7
|
+
test 'URI fragment should appear at the end of URL with repeat of query params' do
|
8
8
|
params = { client_id: 123 }
|
9
9
|
url = 'http://example.com#fragment'
|
10
|
-
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment'
|
10
|
+
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment?client_id=123'
|
11
11
|
end
|
12
12
|
|
13
13
|
describe 'with existing query params' do
|
@@ -70,7 +70,7 @@ module DeviseTokenAuth
|
|
70
70
|
case DEVISE_TOKEN_AUTH_ORM
|
71
71
|
when :active_record
|
72
72
|
# account for rails version 5
|
73
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
73
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
74
74
|
|
75
75
|
@f = File.open(@fname, 'w') do |f|
|
76
76
|
f.write <<-RUBY
|
@@ -75,7 +75,7 @@ module DeviseTokenAuth
|
|
75
75
|
case DEVISE_TOKEN_AUTH_ORM
|
76
76
|
when :active_record
|
77
77
|
# account for rails version 5
|
78
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
78
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
79
79
|
|
80
80
|
@f = File.open(@fname, 'w') do |f|
|
81
81
|
f.write <<-RUBY
|
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
13
13
|
|
14
14
|
user.tokens
|
15
15
|
end
|
16
|
-
let(:json) { JSON.generate(tokens) }
|
17
16
|
|
18
17
|
it 'is defined' do
|
19
18
|
assert_equal(ts.present?, true)
|
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
21
20
|
end
|
22
21
|
|
23
22
|
describe '.load(json)' do
|
23
|
+
|
24
|
+
let(:json) { JSON.generate(tokens) }
|
25
|
+
|
24
26
|
let(:default) { {} }
|
25
27
|
|
26
28
|
it 'is defined' do
|
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
55
57
|
assert_equal(ts.dump({}), '{}')
|
56
58
|
end
|
57
59
|
|
58
|
-
it 'deserialize tokens' do
|
59
|
-
assert_equal(ts.dump(tokens), json)
|
60
|
-
end
|
61
|
-
|
62
60
|
it 'removes nil values' do
|
63
61
|
new_tokens = tokens.dup
|
64
62
|
new_tokens[new_tokens.first[0]][:kos] = nil
|
65
63
|
|
66
64
|
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
67
65
|
end
|
66
|
+
|
67
|
+
describe 'updated_at' do
|
68
|
+
before do
|
69
|
+
@default_format = ::Time::DATE_FORMATS[:default]
|
70
|
+
::Time::DATE_FORMATS[:default] = 'imprecise format'
|
71
|
+
end
|
72
|
+
|
73
|
+
after do
|
74
|
+
::Time::DATE_FORMATS[:default] = @default_format
|
75
|
+
end
|
76
|
+
|
77
|
+
def updated_ats(tokens)
|
78
|
+
tokens.
|
79
|
+
values.
|
80
|
+
flat_map do |token|
|
81
|
+
[:updated_at, 'updated_at'].map do |key|
|
82
|
+
token[key]
|
83
|
+
end
|
84
|
+
end.
|
85
|
+
compact
|
86
|
+
end
|
87
|
+
|
88
|
+
it 'is defined' do
|
89
|
+
refute_empty updated_ats(tokens)
|
90
|
+
end
|
91
|
+
|
92
|
+
it 'uses iso8601' do
|
93
|
+
updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
|
94
|
+
Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'does not rely on Time#to_s' do
|
99
|
+
refute_includes(updated_ats(tokens), 'imprecise format')
|
100
|
+
end
|
101
|
+
end
|
68
102
|
end
|
69
103
|
end
|
70
104
|
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class ConfirmableUserTest < ActiveSupport::TestCase
|
6
|
+
describe ConfirmableUser do
|
7
|
+
describe 'creation' do
|
8
|
+
test 'email should be saved' do
|
9
|
+
@resource = create(:confirmable_user)
|
10
|
+
assert @resource.email.present?
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
describe 'updating email' do
|
15
|
+
test 'new email should be saved to unconfirmed_email' do
|
16
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
17
|
+
@resource.update(email: 'new_address@example.com')
|
18
|
+
assert @resource.unconfirmed_email == 'new_address@example.com'
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'old email should be kept in email' do
|
22
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
23
|
+
@resource.update(email: 'new_address@example.com')
|
24
|
+
assert @resource.email == 'old_address@example.com'
|
25
|
+
end
|
26
|
+
|
27
|
+
test 'confirmation_token should be changed' do
|
28
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
29
|
+
old_token = @resource.confirmation_token
|
30
|
+
@resource.update(email: 'new_address@example.com')
|
31
|
+
assert @resource.confirmation_token != old_token
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
data/test/test_helper.rb
CHANGED
@@ -15,7 +15,11 @@ require File.expand_path('dummy/config/environment', __dir__)
|
|
15
15
|
require 'active_support/testing/autorun'
|
16
16
|
require 'minitest/rails'
|
17
17
|
require 'mocha/minitest'
|
18
|
-
|
18
|
+
if DEVISE_TOKEN_AUTH_ORM == :active_record
|
19
|
+
require 'database_cleaner'
|
20
|
+
else
|
21
|
+
require 'database_cleaner/mongoid'
|
22
|
+
end
|
19
23
|
|
20
24
|
FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
|
21
25
|
FactoryBot.find_definitions
|
@@ -37,16 +41,43 @@ class ActiveSupport::TestCase
|
|
37
41
|
ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
|
38
42
|
|
39
43
|
strategies = { active_record: :transaction,
|
40
|
-
mongoid: :
|
44
|
+
mongoid: :deletion }
|
41
45
|
DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
|
42
46
|
setup { DatabaseCleaner.start }
|
43
47
|
teardown { DatabaseCleaner.clean }
|
44
48
|
|
45
49
|
# Add more helper methods to be used by all tests here...
|
46
50
|
|
51
|
+
# Execute the block setting the given values and restoring old values after
|
52
|
+
# the block is executed.
|
53
|
+
# shamelessly copied from devise test_helper.
|
54
|
+
def swap(object, new_values)
|
55
|
+
old_values = {}
|
56
|
+
new_values.each do |key, value|
|
57
|
+
old_values[key] = object.send key
|
58
|
+
object.send :"#{key}=", value
|
59
|
+
end
|
60
|
+
clear_cached_variables(new_values)
|
61
|
+
yield
|
62
|
+
ensure
|
63
|
+
clear_cached_variables(new_values)
|
64
|
+
old_values.each do |key, value|
|
65
|
+
object.send :"#{key}=", value
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
# shamelessly copied from devise test_helper.
|
70
|
+
def clear_cached_variables(options)
|
71
|
+
if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
|
72
|
+
Devise.mappings.each do |_, mapping|
|
73
|
+
mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
47
78
|
def age_token(user, client_id)
|
48
79
|
if user.tokens[client_id]
|
49
|
-
user.tokens[client_id]['updated_at'] = Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)
|
80
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
50
81
|
user.save!
|
51
82
|
end
|
52
83
|
end
|
@@ -85,7 +116,7 @@ module Rails
|
|
85
116
|
%w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
|
86
117
|
define_method(method) do |path_or_action, **args|
|
87
118
|
if Rails::VERSION::MAJOR >= 5
|
88
|
-
super path_or_action, args
|
119
|
+
super path_or_action, **args
|
89
120
|
else
|
90
121
|
super path_or_action, args[:params], args[:headers]
|
91
122
|
end
|