devise_token_auth 1.1.3 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/application_controller.rb +8 -0
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +14 -1
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +31 -7
- data/app/controllers/devise_token_auth/confirmations_controller.rb +9 -4
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +2 -1
- data/app/controllers/devise_token_auth/passwords_controller.rb +6 -2
- data/app/controllers/devise_token_auth/sessions_controller.rb +7 -1
- data/app/controllers/devise_token_auth/unlocks_controller.rb +6 -2
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +9 -10
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +4 -1
- data/app/validators/devise_token_auth_email_validator.rb +1 -1
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
- data/config/locales/en.yml +3 -0
- data/config/locales/ja.yml +1 -1
- data/config/locales/ko.yml +51 -0
- data/config/locales/pl.yml +4 -3
- data/config/locales/pt.yml +4 -3
- data/lib/devise_token_auth/blacklist.rb +5 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/engine.rb +8 -0
- data/lib/devise_token_auth/rails/routes.rb +15 -10
- data/lib/devise_token_auth/url.rb +3 -0
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +4 -4
- data/lib/generators/devise_token_auth/install_mongoid_generator.rb +2 -2
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +5 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
- data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +2 -2
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +95 -19
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -2
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +73 -21
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +28 -15
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +39 -10
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +21 -4
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/config/initializers/figaro.rb +1 -1
- data/test/dummy/config/initializers/omniauth.rb +1 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/{tmp/generators/db/migrate/20170630171909_devise_token_auth_create_mangs.rb → db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb} +9 -14
- data/test/dummy/db/schema.rb +26 -1
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +56 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +12 -0
- data/test/factories/users.rb +1 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +11 -3
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/devise_token_auth/url_test.rb +2 -2
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/test_helper.rb +35 -4
- metadata +25 -19
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/models/mang.rb +0 -7
- data/test/dummy/tmp/generators/app/models/user.rb +0 -7
- data/test/dummy/tmp/generators/config/routes.rb +0 -9
- data/test/dummy/tmp/generators/db/migrate/20170630171909_devise_token_auth_create_users.rb +0 -54
@@ -24,18 +24,6 @@ Rails.application.configure do
|
|
24
24
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
25
25
|
config.serve_static_files = false
|
26
26
|
|
27
|
-
# Compress JavaScripts and CSS.
|
28
|
-
config.assets.js_compressor = :uglifier
|
29
|
-
# config.assets.css_compressor = :sass
|
30
|
-
|
31
|
-
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
32
|
-
config.assets.compile = false
|
33
|
-
|
34
|
-
# Generate digests for assets URLs.
|
35
|
-
config.assets.digest = true
|
36
|
-
|
37
|
-
# `config.assets.precompile` has moved to config/initializers/assets.rb
|
38
|
-
|
39
27
|
# Specifies the header that your server uses for sending files.
|
40
28
|
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
|
41
29
|
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
|
@@ -58,10 +46,6 @@ Rails.application.configure do
|
|
58
46
|
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
59
47
|
# config.action_controller.asset_host = "http://assets.example.com"
|
60
48
|
|
61
|
-
# Precompile additional assets.
|
62
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
63
|
-
# config.assets.precompile += %w( search.js )
|
64
|
-
|
65
49
|
# Ignore bad email addresses and do not raise email delivery errors.
|
66
50
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
67
51
|
# config.action_mailer.raise_delivery_errors = false
|
@@ -1,3 +1,3 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET")
|
3
|
+
#Figaro.require("GITHUB_KEY", "GITHUB_SECRET", "FACEBOOK_KEY", "FACEBOOK_SECRET", "GOOGLE_KEY", "GOOGLE_SECRET", "APPLE_CLIENT_ID", "APPLE_TEAM_ID", "APPLE_KEY", "APPLE_PEM")
|
@@ -4,6 +4,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do |b|
|
|
4
4
|
provider :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET'], scope: 'email,profile'
|
5
5
|
provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
|
6
6
|
provider :google_oauth2, ENV['GOOGLE_KEY'], ENV['GOOGLE_SECRET']
|
7
|
+
provider :apple, ENV['APPLE_CLIENT_ID'], '', { scope: 'email name', team_id: ENV['APPLE_TEAM_ID'], key_id: ENV['APPLE_KEY'], pem: ENV['APPLE_PEM'] }
|
7
8
|
provider :developer,
|
8
9
|
fields: [:first_name, :last_name],
|
9
10
|
uid_field: :last_name
|
data/test/dummy/config/routes.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
|
-
class
|
1
|
+
class DeviseTokenAuthCreateConfirmableUsers < ActiveRecord::Migration[5.2]
|
2
2
|
def change
|
3
|
-
|
3
|
+
|
4
|
+
create_table(:confirmable_users) do |t|
|
4
5
|
## Required
|
5
6
|
t.string :provider, :null => false, :default => "email"
|
6
7
|
t.string :uid, :null => false, :default => ""
|
@@ -11,17 +12,11 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
|
|
11
12
|
## Recoverable
|
12
13
|
t.string :reset_password_token
|
13
14
|
t.datetime :reset_password_sent_at
|
15
|
+
t.boolean :allow_password_change, :default => false
|
14
16
|
|
15
17
|
## Rememberable
|
16
18
|
t.datetime :remember_created_at
|
17
19
|
|
18
|
-
## Trackable
|
19
|
-
t.integer :sign_in_count, :default => 0, :null => false
|
20
|
-
t.datetime :current_sign_in_at
|
21
|
-
t.datetime :last_sign_in_at
|
22
|
-
t.string :current_sign_in_ip
|
23
|
-
t.string :last_sign_in_ip
|
24
|
-
|
25
20
|
## Confirmable
|
26
21
|
t.string :confirmation_token
|
27
22
|
t.datetime :confirmed_at
|
@@ -45,10 +40,10 @@ class DeviseTokenAuthCreateMangs < ActiveRecord::Migration[4.2]
|
|
45
40
|
t.timestamps
|
46
41
|
end
|
47
42
|
|
48
|
-
add_index :
|
49
|
-
add_index :
|
50
|
-
add_index :
|
51
|
-
add_index :
|
52
|
-
# add_index :
|
43
|
+
add_index :confirmable_users, :email, unique: true
|
44
|
+
add_index :confirmable_users, [:uid, :provider], unique: true
|
45
|
+
add_index :confirmable_users, :reset_password_token, unique: true
|
46
|
+
add_index :confirmable_users, :confirmation_token, unique: true
|
47
|
+
# add_index :confirmable_users, :unlock_token, unique: true
|
53
48
|
end
|
54
49
|
end
|
data/test/dummy/db/schema.rb
CHANGED
@@ -10,7 +10,32 @@
|
|
10
10
|
#
|
11
11
|
# It's strongly recommended that you check this file into your version control system.
|
12
12
|
|
13
|
-
ActiveRecord::Schema.define(version:
|
13
|
+
ActiveRecord::Schema.define(version: 2019_09_24_101113) do
|
14
|
+
|
15
|
+
create_table "confirmable_users", force: :cascade do |t|
|
16
|
+
t.string "provider", default: "email", null: false
|
17
|
+
t.string "uid", default: "", null: false
|
18
|
+
t.string "encrypted_password", default: "", null: false
|
19
|
+
t.string "reset_password_token"
|
20
|
+
t.datetime "reset_password_sent_at"
|
21
|
+
t.boolean "allow_password_change", default: false
|
22
|
+
t.datetime "remember_created_at"
|
23
|
+
t.string "confirmation_token"
|
24
|
+
t.datetime "confirmed_at"
|
25
|
+
t.datetime "confirmation_sent_at"
|
26
|
+
t.string "unconfirmed_email"
|
27
|
+
t.string "name"
|
28
|
+
t.string "nickname"
|
29
|
+
t.string "image"
|
30
|
+
t.string "email"
|
31
|
+
t.text "tokens"
|
32
|
+
t.datetime "created_at", null: false
|
33
|
+
t.datetime "updated_at", null: false
|
34
|
+
t.index ["confirmation_token"], name: "index_confirmable_users_on_confirmation_token", unique: true
|
35
|
+
t.index ["email"], name: "index_confirmable_users_on_email", unique: true
|
36
|
+
t.index ["reset_password_token"], name: "index_confirmable_users_on_reset_password_token", unique: true
|
37
|
+
t.index ["uid", "provider"], name: "index_confirmable_users_on_uid_and_provider", unique: true
|
38
|
+
end
|
14
39
|
|
15
40
|
create_table "lockable_users", force: :cascade do |t|
|
16
41
|
t.string "provider", null: false
|
@@ -0,0 +1,56 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Azpire::V1::HumanResource::User
|
4
|
+
include Mongoid::Document
|
5
|
+
include Mongoid::Timestamps
|
6
|
+
include Mongoid::Locker
|
7
|
+
|
8
|
+
field :locker_locked_at, type: Time
|
9
|
+
field :locker_locked_until, type: Time
|
10
|
+
|
11
|
+
locker locked_at_field: :locker_locked_at,
|
12
|
+
locked_until_field: :locker_locked_until
|
13
|
+
|
14
|
+
## Database authenticatable
|
15
|
+
field :email, type: String, default: ''
|
16
|
+
field :encrypted_password, type: String, default: ''
|
17
|
+
|
18
|
+
## Recoverable
|
19
|
+
field :reset_password_token, type: String
|
20
|
+
field :reset_password_sent_at, type: Time
|
21
|
+
field :reset_password_redirect_url, type: String
|
22
|
+
field :allow_password_change, type: Boolean, default: false
|
23
|
+
|
24
|
+
## Rememberable
|
25
|
+
field :remember_created_at, type: Time
|
26
|
+
|
27
|
+
## Confirmable
|
28
|
+
field :confirmation_token, type: String
|
29
|
+
field :confirmed_at, type: Time
|
30
|
+
field :confirmation_sent_at, type: Time
|
31
|
+
field :unconfirmed_email, type: String # Only if using reconfirmable
|
32
|
+
|
33
|
+
## Lockable
|
34
|
+
# field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
|
35
|
+
# field :unlock_token, type: String # Only if unlock strategy is :email or :both
|
36
|
+
# field :locked_at, type: Time
|
37
|
+
|
38
|
+
## Required
|
39
|
+
field :provider, type: String
|
40
|
+
field :uid, type: String, default: ''
|
41
|
+
|
42
|
+
## Tokens
|
43
|
+
field :tokens, type: Hash, default: {}
|
44
|
+
|
45
|
+
# Include default devise modules. Others available are:
|
46
|
+
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
47
|
+
devise :database_authenticatable, :registerable,
|
48
|
+
:recoverable, :rememberable, :validatable
|
49
|
+
include DeviseTokenAuth::Concerns::User
|
50
|
+
|
51
|
+
index({ email: 1 }, { name: 'email_index', unique: true, background: true })
|
52
|
+
index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
|
53
|
+
index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
|
54
|
+
index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
|
55
|
+
# index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
|
56
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
DeviseTokenAuth.setup do |config|
|
2
4
|
# By default the authorization headers will change after each request. The
|
3
5
|
# client is responsible for keeping track of the changing tokens. Change
|
@@ -9,6 +11,11 @@ DeviseTokenAuth.setup do |config|
|
|
9
11
|
# determines how long tokens will remain valid after they are issued.
|
10
12
|
# config.token_lifespan = 2.weeks
|
11
13
|
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
18
|
+
|
12
19
|
# Sets the max number of concurrent devices per user, which is 10 by default.
|
13
20
|
# After this limit is reached, the oldest tokens will be removed.
|
14
21
|
# config.max_number_of_devices = 10
|
@@ -45,4 +52,9 @@ DeviseTokenAuth.setup do |config|
|
|
45
52
|
# If, however, you wish to integrate with legacy Devise authentication, you can
|
46
53
|
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
47
54
|
# config.enable_standard_devise_support = false
|
55
|
+
|
56
|
+
# By default DeviseTokenAuth will not send confirmation email, even when including
|
57
|
+
# devise confirmable module. If you want to use devise confirmable module and
|
58
|
+
# send email, set it to true. (This is a setting for compatibility)
|
59
|
+
# config.send_confirmation_email = true
|
48
60
|
end
|
data/test/factories/users.rb
CHANGED
@@ -3,9 +3,17 @@
|
|
3
3
|
require 'test_helper'
|
4
4
|
|
5
5
|
class DeviseTokenAuth::BlacklistTest < ActiveSupport::TestCase
|
6
|
-
|
7
|
-
|
8
|
-
|
6
|
+
if defined? Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
|
7
|
+
describe Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION do
|
8
|
+
test 'should include :tokens' do
|
9
|
+
assert Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION.include?(:tokens)
|
10
|
+
end
|
11
|
+
end
|
12
|
+
else
|
13
|
+
describe Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION do
|
14
|
+
test 'should include :tokens' do
|
15
|
+
assert Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION.include?(:tokens)
|
16
|
+
end
|
9
17
|
end
|
10
18
|
end
|
11
19
|
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
|
6
|
+
after do
|
7
|
+
Rails.application.reload_routes!
|
8
|
+
end
|
9
|
+
test 'custom controllers' do
|
10
|
+
class ActionDispatch::Routing::Mapper
|
11
|
+
include Mocha::ParameterMatchers
|
12
|
+
end
|
13
|
+
Rails.application.routes.draw do
|
14
|
+
self.expects(:devise_for).with(
|
15
|
+
:users,
|
16
|
+
has_entries(
|
17
|
+
controllers: has_entries(
|
18
|
+
invitations: "custom/invitations", foo: "custom/foo"
|
19
|
+
)
|
20
|
+
)
|
21
|
+
)
|
22
|
+
|
23
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
24
|
+
invitations: 'custom/invitations',
|
25
|
+
foo: 'custom/foo'
|
26
|
+
}
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
# Needed for MiniTest to start a controller test so we can use assert_recognizes
|
6
|
+
class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
|
7
|
+
end
|
8
|
+
|
9
|
+
class DeviseTokenAuth::RoutesTest < ActionController::TestCase
|
10
|
+
self.controller_class = DeviseTokenAuth::RoutesTestController
|
11
|
+
before do
|
12
|
+
Rails.application.routes.draw do
|
13
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
14
|
+
invitations: 'custom/invitations',
|
15
|
+
foo: 'custom/foo'
|
16
|
+
}
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
after do
|
21
|
+
Rails.application.reload_routes!
|
22
|
+
end
|
23
|
+
|
24
|
+
test 'map new user session' do
|
25
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
|
26
|
+
end
|
27
|
+
|
28
|
+
test 'map create user session' do
|
29
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
|
30
|
+
end
|
31
|
+
|
32
|
+
test 'map destroy user session' do
|
33
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
|
34
|
+
end
|
35
|
+
|
36
|
+
test 'map new user confirmation' do
|
37
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
|
38
|
+
end
|
39
|
+
|
40
|
+
test 'map create user confirmation' do
|
41
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
|
42
|
+
end
|
43
|
+
|
44
|
+
test 'map show user confirmation' do
|
45
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
|
46
|
+
end
|
47
|
+
|
48
|
+
test 'map new user password' do
|
49
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
|
50
|
+
end
|
51
|
+
|
52
|
+
test 'map create user password' do
|
53
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
|
54
|
+
end
|
55
|
+
|
56
|
+
test 'map edit user password' do
|
57
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
|
58
|
+
end
|
59
|
+
|
60
|
+
test 'map update user password' do
|
61
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
|
62
|
+
end
|
63
|
+
|
64
|
+
test 'map new user registration' do
|
65
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
|
66
|
+
end
|
67
|
+
|
68
|
+
test 'map create user registration' do
|
69
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
|
70
|
+
end
|
71
|
+
|
72
|
+
test 'map edit user registration' do
|
73
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
|
74
|
+
end
|
75
|
+
|
76
|
+
test 'map update user registration' do
|
77
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
|
78
|
+
end
|
79
|
+
|
80
|
+
test 'map destroy user registration' do
|
81
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
|
82
|
+
end
|
83
|
+
|
84
|
+
test 'map cancel user registration' do
|
85
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
|
86
|
+
end
|
87
|
+
end
|
@@ -4,10 +4,10 @@ require 'test_helper'
|
|
4
4
|
|
5
5
|
class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
|
6
6
|
describe 'DeviseTokenAuth::Url#generate' do
|
7
|
-
test 'URI fragment should appear at the end of URL' do
|
7
|
+
test 'URI fragment should appear at the end of URL with repeat of query params' do
|
8
8
|
params = { client_id: 123 }
|
9
9
|
url = 'http://example.com#fragment'
|
10
|
-
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment'
|
10
|
+
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), 'http://example.com?client_id=123#fragment?client_id=123'
|
11
11
|
end
|
12
12
|
|
13
13
|
describe 'with existing query params' do
|
@@ -70,7 +70,7 @@ module DeviseTokenAuth
|
|
70
70
|
case DEVISE_TOKEN_AUTH_ORM
|
71
71
|
when :active_record
|
72
72
|
# account for rails version 5
|
73
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
73
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
74
74
|
|
75
75
|
@f = File.open(@fname, 'w') do |f|
|
76
76
|
f.write <<-RUBY
|
@@ -75,7 +75,7 @@ module DeviseTokenAuth
|
|
75
75
|
case DEVISE_TOKEN_AUTH_ORM
|
76
76
|
when :active_record
|
77
77
|
# account for rails version 5
|
78
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
78
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
79
79
|
|
80
80
|
@f = File.open(@fname, 'w') do |f|
|
81
81
|
f.write <<-RUBY
|
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
13
13
|
|
14
14
|
user.tokens
|
15
15
|
end
|
16
|
-
let(:json) { JSON.generate(tokens) }
|
17
16
|
|
18
17
|
it 'is defined' do
|
19
18
|
assert_equal(ts.present?, true)
|
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
21
20
|
end
|
22
21
|
|
23
22
|
describe '.load(json)' do
|
23
|
+
|
24
|
+
let(:json) { JSON.generate(tokens) }
|
25
|
+
|
24
26
|
let(:default) { {} }
|
25
27
|
|
26
28
|
it 'is defined' do
|
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
55
57
|
assert_equal(ts.dump({}), '{}')
|
56
58
|
end
|
57
59
|
|
58
|
-
it 'deserialize tokens' do
|
59
|
-
assert_equal(ts.dump(tokens), json)
|
60
|
-
end
|
61
|
-
|
62
60
|
it 'removes nil values' do
|
63
61
|
new_tokens = tokens.dup
|
64
62
|
new_tokens[new_tokens.first[0]][:kos] = nil
|
65
63
|
|
66
64
|
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
67
65
|
end
|
66
|
+
|
67
|
+
describe 'updated_at' do
|
68
|
+
before do
|
69
|
+
@default_format = ::Time::DATE_FORMATS[:default]
|
70
|
+
::Time::DATE_FORMATS[:default] = 'imprecise format'
|
71
|
+
end
|
72
|
+
|
73
|
+
after do
|
74
|
+
::Time::DATE_FORMATS[:default] = @default_format
|
75
|
+
end
|
76
|
+
|
77
|
+
def updated_ats(tokens)
|
78
|
+
tokens.
|
79
|
+
values.
|
80
|
+
flat_map do |token|
|
81
|
+
[:updated_at, 'updated_at'].map do |key|
|
82
|
+
token[key]
|
83
|
+
end
|
84
|
+
end.
|
85
|
+
compact
|
86
|
+
end
|
87
|
+
|
88
|
+
it 'is defined' do
|
89
|
+
refute_empty updated_ats(tokens)
|
90
|
+
end
|
91
|
+
|
92
|
+
it 'uses iso8601' do
|
93
|
+
updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
|
94
|
+
Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'does not rely on Time#to_s' do
|
99
|
+
refute_includes(updated_ats(tokens), 'imprecise format')
|
100
|
+
end
|
101
|
+
end
|
68
102
|
end
|
69
103
|
end
|
70
104
|
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class ConfirmableUserTest < ActiveSupport::TestCase
|
6
|
+
describe ConfirmableUser do
|
7
|
+
describe 'creation' do
|
8
|
+
test 'email should be saved' do
|
9
|
+
@resource = create(:confirmable_user)
|
10
|
+
assert @resource.email.present?
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
describe 'updating email' do
|
15
|
+
test 'new email should be saved to unconfirmed_email' do
|
16
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
17
|
+
@resource.update(email: 'new_address@example.com')
|
18
|
+
assert @resource.unconfirmed_email == 'new_address@example.com'
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'old email should be kept in email' do
|
22
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
23
|
+
@resource.update(email: 'new_address@example.com')
|
24
|
+
assert @resource.email == 'old_address@example.com'
|
25
|
+
end
|
26
|
+
|
27
|
+
test 'confirmation_token should be changed' do
|
28
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
29
|
+
old_token = @resource.confirmation_token
|
30
|
+
@resource.update(email: 'new_address@example.com')
|
31
|
+
assert @resource.confirmation_token != old_token
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
data/test/test_helper.rb
CHANGED
@@ -15,7 +15,11 @@ require File.expand_path('dummy/config/environment', __dir__)
|
|
15
15
|
require 'active_support/testing/autorun'
|
16
16
|
require 'minitest/rails'
|
17
17
|
require 'mocha/minitest'
|
18
|
-
|
18
|
+
if DEVISE_TOKEN_AUTH_ORM == :active_record
|
19
|
+
require 'database_cleaner'
|
20
|
+
else
|
21
|
+
require 'database_cleaner/mongoid'
|
22
|
+
end
|
19
23
|
|
20
24
|
FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
|
21
25
|
FactoryBot.find_definitions
|
@@ -37,16 +41,43 @@ class ActiveSupport::TestCase
|
|
37
41
|
ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
|
38
42
|
|
39
43
|
strategies = { active_record: :transaction,
|
40
|
-
mongoid: :
|
44
|
+
mongoid: :deletion }
|
41
45
|
DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
|
42
46
|
setup { DatabaseCleaner.start }
|
43
47
|
teardown { DatabaseCleaner.clean }
|
44
48
|
|
45
49
|
# Add more helper methods to be used by all tests here...
|
46
50
|
|
51
|
+
# Execute the block setting the given values and restoring old values after
|
52
|
+
# the block is executed.
|
53
|
+
# shamelessly copied from devise test_helper.
|
54
|
+
def swap(object, new_values)
|
55
|
+
old_values = {}
|
56
|
+
new_values.each do |key, value|
|
57
|
+
old_values[key] = object.send key
|
58
|
+
object.send :"#{key}=", value
|
59
|
+
end
|
60
|
+
clear_cached_variables(new_values)
|
61
|
+
yield
|
62
|
+
ensure
|
63
|
+
clear_cached_variables(new_values)
|
64
|
+
old_values.each do |key, value|
|
65
|
+
object.send :"#{key}=", value
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
# shamelessly copied from devise test_helper.
|
70
|
+
def clear_cached_variables(options)
|
71
|
+
if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
|
72
|
+
Devise.mappings.each do |_, mapping|
|
73
|
+
mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
47
78
|
def age_token(user, client_id)
|
48
79
|
if user.tokens[client_id]
|
49
|
-
user.tokens[client_id]['updated_at'] = Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)
|
80
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
50
81
|
user.save!
|
51
82
|
end
|
52
83
|
end
|
@@ -85,7 +116,7 @@ module Rails
|
|
85
116
|
%w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
|
86
117
|
define_method(method) do |path_or_action, **args|
|
87
118
|
if Rails::VERSION::MAJOR >= 5
|
88
|
-
super path_or_action, args
|
119
|
+
super path_or_action, **args
|
89
120
|
else
|
90
121
|
super path_or_action, args[:params], args[:headers]
|
91
122
|
end
|