digix_devise_token_auth 0.1.44

Sign up to get free protection for your applications and to get access to all the features.
Files changed (149) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +13 -0
  3. data/README.md +952 -0
  4. data/Rakefile +35 -0
  5. data/app/controllers/devise_token_auth/application_controller.rb +76 -0
  6. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +43 -0
  7. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +165 -0
  8. data/app/controllers/devise_token_auth/confirmations_controller.rb +30 -0
  9. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +243 -0
  10. data/app/controllers/devise_token_auth/passwords_controller.rb +202 -0
  11. data/app/controllers/devise_token_auth/registrations_controller.rb +205 -0
  12. data/app/controllers/devise_token_auth/sessions_controller.rb +133 -0
  13. data/app/controllers/devise_token_auth/token_validations_controller.rb +29 -0
  14. data/app/controllers/devise_token_auth/unlocks_controller.rb +89 -0
  15. data/app/models/devise_token_auth/concerns/user.rb +260 -0
  16. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +26 -0
  17. data/app/validators/email_validator.rb +21 -0
  18. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  19. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  20. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  21. data/app/views/devise_token_auth/omniauth_external_window.html.erb +38 -0
  22. data/config/initializers/devise.rb +196 -0
  23. data/config/locales/da-DK.yml +50 -0
  24. data/config/locales/de.yml +49 -0
  25. data/config/locales/en.yml +50 -0
  26. data/config/locales/es.yml +49 -0
  27. data/config/locales/fr.yml +49 -0
  28. data/config/locales/it.yml +46 -0
  29. data/config/locales/ja.yml +46 -0
  30. data/config/locales/nl.yml +30 -0
  31. data/config/locales/pl.yml +48 -0
  32. data/config/locales/pt-BR.yml +46 -0
  33. data/config/locales/pt.yml +48 -0
  34. data/config/locales/ro.yml +46 -0
  35. data/config/locales/ru.yml +50 -0
  36. data/config/locales/sq.yml +46 -0
  37. data/config/locales/uk.yml +59 -0
  38. data/config/locales/vi.yml +50 -0
  39. data/config/locales/zh-CN.yml +46 -0
  40. data/config/locales/zh-HK.yml +48 -0
  41. data/config/locales/zh-TW.yml +48 -0
  42. data/lib/devise_token_auth.rb +8 -0
  43. data/lib/devise_token_auth/controllers/helpers.rb +149 -0
  44. data/lib/devise_token_auth/controllers/url_helpers.rb +8 -0
  45. data/lib/devise_token_auth/engine.rb +90 -0
  46. data/lib/devise_token_auth/rails/routes.rb +114 -0
  47. data/lib/devise_token_auth/url.rb +37 -0
  48. data/lib/devise_token_auth/version.rb +3 -0
  49. data/lib/generators/devise_token_auth/USAGE +31 -0
  50. data/lib/generators/devise_token_auth/install_generator.rb +160 -0
  51. data/lib/generators/devise_token_auth/install_views_generator.rb +16 -0
  52. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +48 -0
  53. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +55 -0
  54. data/lib/generators/devise_token_auth/templates/user.rb +7 -0
  55. data/lib/tasks/devise_token_auth_tasks.rake +4 -0
  56. data/test/controllers/custom/custom_confirmations_controller_test.rb +21 -0
  57. data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +29 -0
  58. data/test/controllers/custom/custom_passwords_controller_test.rb +75 -0
  59. data/test/controllers/custom/custom_registrations_controller_test.rb +54 -0
  60. data/test/controllers/custom/custom_sessions_controller_test.rb +37 -0
  61. data/test/controllers/custom/custom_token_validations_controller_test.rb +40 -0
  62. data/test/controllers/demo_group_controller_test.rb +153 -0
  63. data/test/controllers/demo_mang_controller_test.rb +284 -0
  64. data/test/controllers/demo_user_controller_test.rb +601 -0
  65. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +129 -0
  66. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +371 -0
  67. data/test/controllers/devise_token_auth/passwords_controller_test.rb +649 -0
  68. data/test/controllers/devise_token_auth/registrations_controller_test.rb +878 -0
  69. data/test/controllers/devise_token_auth/sessions_controller_test.rb +500 -0
  70. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +90 -0
  71. data/test/controllers/devise_token_auth/unlocks_controller_test.rb +194 -0
  72. data/test/controllers/overrides/confirmations_controller_test.rb +43 -0
  73. data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +49 -0
  74. data/test/controllers/overrides/passwords_controller_test.rb +66 -0
  75. data/test/controllers/overrides/registrations_controller_test.rb +40 -0
  76. data/test/controllers/overrides/sessions_controller_test.rb +33 -0
  77. data/test/controllers/overrides/token_validations_controller_test.rb +41 -0
  78. data/test/dummy/README.rdoc +28 -0
  79. data/test/dummy/app/controllers/application_controller.rb +16 -0
  80. data/test/dummy/app/controllers/auth_origin_controller.rb +5 -0
  81. data/test/dummy/app/controllers/custom/confirmations_controller.rb +13 -0
  82. data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +11 -0
  83. data/test/dummy/app/controllers/custom/passwords_controller.rb +40 -0
  84. data/test/dummy/app/controllers/custom/registrations_controller.rb +39 -0
  85. data/test/dummy/app/controllers/custom/sessions_controller.rb +29 -0
  86. data/test/dummy/app/controllers/custom/token_validations_controller.rb +19 -0
  87. data/test/dummy/app/controllers/demo_group_controller.rb +13 -0
  88. data/test/dummy/app/controllers/demo_mang_controller.rb +12 -0
  89. data/test/dummy/app/controllers/demo_user_controller.rb +25 -0
  90. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +26 -0
  91. data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +14 -0
  92. data/test/dummy/app/controllers/overrides/passwords_controller.rb +33 -0
  93. data/test/dummy/app/controllers/overrides/registrations_controller.rb +27 -0
  94. data/test/dummy/app/controllers/overrides/sessions_controller.rb +36 -0
  95. data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
  96. data/test/dummy/app/helpers/application_helper.rb +1065 -0
  97. data/test/dummy/app/models/evil_user.rb +3 -0
  98. data/test/dummy/app/models/lockable_user.rb +5 -0
  99. data/test/dummy/app/models/mang.rb +3 -0
  100. data/test/dummy/app/models/nice_user.rb +7 -0
  101. data/test/dummy/app/models/only_email_user.rb +5 -0
  102. data/test/dummy/app/models/scoped_user.rb +7 -0
  103. data/test/dummy/app/models/unconfirmable_user.rb +8 -0
  104. data/test/dummy/app/models/unregisterable_user.rb +7 -0
  105. data/test/dummy/app/models/user.rb +18 -0
  106. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  107. data/test/dummy/config.ru +16 -0
  108. data/test/dummy/config/application.rb +24 -0
  109. data/test/dummy/config/application.yml.bk +0 -0
  110. data/test/dummy/config/boot.rb +5 -0
  111. data/test/dummy/config/environment.rb +5 -0
  112. data/test/dummy/config/environments/development.rb +44 -0
  113. data/test/dummy/config/environments/production.rb +82 -0
  114. data/test/dummy/config/environments/test.rb +48 -0
  115. data/test/dummy/config/initializers/assets.rb +8 -0
  116. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  117. data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
  118. data/test/dummy/config/initializers/devise.rb +3 -0
  119. data/test/dummy/config/initializers/devise_token_auth.rb +22 -0
  120. data/test/dummy/config/initializers/figaro.rb +1 -0
  121. data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  122. data/test/dummy/config/initializers/inflections.rb +16 -0
  123. data/test/dummy/config/initializers/mime_types.rb +4 -0
  124. data/test/dummy/config/initializers/omniauth.rb +8 -0
  125. data/test/dummy/config/initializers/session_store.rb +3 -0
  126. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  127. data/test/dummy/config/routes.rb +72 -0
  128. data/test/dummy/config/spring.rb +1 -0
  129. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +63 -0
  130. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +62 -0
  131. data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +6 -0
  132. data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +5 -0
  133. data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +64 -0
  134. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +60 -0
  135. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +61 -0
  136. data/test/dummy/db/migrate/20150409095712_devise_token_auth_create_nice_users.rb +61 -0
  137. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +61 -0
  138. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +61 -0
  139. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +61 -0
  140. data/test/dummy/db/schema.rb +258 -0
  141. data/test/dummy/lib/migration_database_helper.rb +29 -0
  142. data/test/integration/navigation_test.rb +10 -0
  143. data/test/lib/devise_token_auth/url_test.rb +24 -0
  144. data/test/lib/generators/devise_token_auth/install_generator_test.rb +187 -0
  145. data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +23 -0
  146. data/test/models/only_email_user_test.rb +35 -0
  147. data/test/models/user_test.rb +169 -0
  148. data/test/test_helper.rb +77 -0
  149. metadata +342 -0
@@ -0,0 +1,601 @@
1
+ require 'test_helper'
2
+
3
+ # was the web request successful?
4
+ # was the user redirected to the right page?
5
+ # was the user successfully authenticated?
6
+ # was the correct object stored in the response?
7
+ # was the appropriate message delivered in the json payload?
8
+
9
+ class DemoUserControllerTest < ActionDispatch::IntegrationTest
10
+ include Warden::Test::Helpers
11
+ describe DemoUserController do
12
+ describe 'Token access' do
13
+ before do
14
+ @resource = users(:confirmed_email_user)
15
+ @resource.skip_confirmation!
16
+ @resource.save!
17
+
18
+ @auth_headers = @resource.create_new_auth_token
19
+
20
+ @token = @auth_headers['access-token']
21
+ @client_id = @auth_headers['client']
22
+ @expiry = @auth_headers['expiry']
23
+ end
24
+
25
+ describe 'successful request' do
26
+ before do
27
+ # ensure that request is not treated as batch request
28
+ age_token(@resource, @client_id)
29
+
30
+ get '/demo/members_only',
31
+ params: {},
32
+ headers: @auth_headers
33
+
34
+ @resp_token = response.headers['access-token']
35
+ @resp_client_id = response.headers['client']
36
+ @resp_expiry = response.headers['expiry']
37
+ @resp_uid = response.headers['uid']
38
+ end
39
+
40
+ describe 'devise mappings' do
41
+ it 'should define current_user' do
42
+ assert_equal @resource, @controller.current_user
43
+ end
44
+
45
+ it 'should define user_signed_in?' do
46
+ assert @controller.user_signed_in?
47
+ end
48
+
49
+ it 'should not define current_mang' do
50
+ refute_equal @resource, @controller.current_mang
51
+ end
52
+
53
+ it 'should define render_authenticate_error' do
54
+ assert @controller.methods.include?(:render_authenticate_error)
55
+ end
56
+ end
57
+
58
+ it 'should return success status' do
59
+ assert_equal 200, response.status
60
+ end
61
+
62
+ it 'should receive new token after successful request' do
63
+ refute_equal @token, @resp_token
64
+ end
65
+
66
+ it 'should preserve the client id from the first request' do
67
+ assert_equal @client_id, @resp_client_id
68
+ end
69
+
70
+ it "should return the user's uid in the auth header" do
71
+ assert_equal @resource.uid, @resp_uid
72
+ end
73
+
74
+ it 'should not treat this request as a batch request' do
75
+ refute assigns(:is_batch_request)
76
+ end
77
+
78
+ describe 'subsequent requests' do
79
+ before do
80
+ @resource.reload
81
+ # ensure that request is not treated as batch request
82
+ age_token(@resource, @client_id)
83
+
84
+ get '/demo/members_only',
85
+ params: {},
86
+ headers: @auth_headers.merge('access-token' => @resp_token)
87
+ end
88
+
89
+ it 'should not treat this request as a batch request' do
90
+ refute assigns(:is_batch_request)
91
+ end
92
+
93
+ it 'should allow a new request to be made using new token' do
94
+ assert_equal 200, response.status
95
+ end
96
+ end
97
+ end
98
+
99
+ describe 'failed request' do
100
+ before do
101
+ get '/demo/members_only',
102
+ params: {},
103
+ headers: @auth_headers.merge('access-token' => 'bogus')
104
+ end
105
+
106
+ it 'should not return any auth headers' do
107
+ refute response.headers['access-token']
108
+ end
109
+
110
+ it 'should return error: unauthorized status' do
111
+ assert_equal 401, response.status
112
+ end
113
+ end
114
+
115
+ describe 'disable change_headers_on_each_request' do
116
+ before do
117
+ DeviseTokenAuth.change_headers_on_each_request = false
118
+ @resource.reload
119
+ age_token(@resource, @client_id)
120
+
121
+ get '/demo/members_only',
122
+ params: {},
123
+ headers: @auth_headers
124
+
125
+ @first_is_batch_request = assigns(:is_batch_request)
126
+ @first_user = assigns(:resource).dup
127
+ @first_access_token = response.headers['access-token']
128
+ @first_response_status = response.status
129
+
130
+ @resource.reload
131
+ age_token(@resource, @client_id)
132
+
133
+ # use expired auth header
134
+ get '/demo/members_only',
135
+ params: {},
136
+ headers: @auth_headers
137
+
138
+ @second_is_batch_request = assigns(:is_batch_request)
139
+ @second_user = assigns(:resource).dup
140
+ @second_access_token = response.headers['access-token']
141
+ @second_response_status = response.status
142
+ end
143
+
144
+ after do
145
+ DeviseTokenAuth.change_headers_on_each_request = true
146
+ end
147
+
148
+ it 'should allow the first request through' do
149
+ assert_equal 200, @first_response_status
150
+ end
151
+
152
+ it 'should allow the second request through' do
153
+ assert_equal 200, @second_response_status
154
+ end
155
+
156
+ it 'should return auth headers from the first request' do
157
+ assert @first_access_token
158
+ end
159
+
160
+ it 'should not treat either requests as batch requests' do
161
+ refute @first_is_batch_request
162
+ refute @second_is_batch_request
163
+ end
164
+
165
+ it 'should return auth headers from the second request' do
166
+ assert @second_access_token
167
+ end
168
+
169
+ it 'should define user during first request' do
170
+ assert @first_user
171
+ end
172
+
173
+ it 'should define user during second request' do
174
+ assert @second_user
175
+ end
176
+ end
177
+
178
+ describe 'batch requests' do
179
+ describe 'success' do
180
+ before do
181
+ age_token(@resource, @client_id)
182
+ # request.headers.merge!(@auth_headers)
183
+
184
+ get '/demo/members_only',
185
+ params: {},
186
+ headers: @auth_headers
187
+
188
+ @first_is_batch_request = assigns(:is_batch_request)
189
+ @first_user = assigns(:resource)
190
+ @first_access_token = response.headers['access-token']
191
+
192
+ get '/demo/members_only',
193
+ params: {},
194
+ headers: @auth_headers
195
+
196
+ @second_is_batch_request = assigns(:is_batch_request)
197
+ @second_user = assigns(:resource)
198
+ @second_access_token = response.headers['access-token']
199
+ end
200
+
201
+ it 'should allow both requests through' do
202
+ assert_equal 200, response.status
203
+ end
204
+
205
+ it 'should not treat the first request as a batch request' do
206
+ refute @first_is_batch_request
207
+ end
208
+
209
+ it 'should treat the second request as a batch request' do
210
+ assert @second_is_batch_request
211
+ end
212
+
213
+ it 'should return access token for first (non-batch) request' do
214
+ assert @first_access_token
215
+ end
216
+
217
+ it 'should not return auth headers for second (batched) requests' do
218
+ assert_equal ' ', @second_access_token
219
+ end
220
+ end
221
+
222
+ describe 'unbatch' do
223
+ before do
224
+ @resource.reload
225
+ age_token(@resource, @client_id)
226
+
227
+ get '/demo/members_only',
228
+ params: {},
229
+ headers: @auth_headers
230
+
231
+ @first_is_batch_request = assigns(:is_batch_request)
232
+ @first_user = assigns(:resource).dup
233
+ @first_access_token = response.headers['access-token']
234
+ @first_response_status = response.status
235
+
236
+ get '/demo/members_only?unbatch=true',
237
+ params: {},
238
+ headers: @auth_headers
239
+
240
+ @second_is_batch_request = assigns(:is_batch_request)
241
+ @second_user = assigns(:resource)
242
+ @second_access_token = response.headers['access-token']
243
+ @second_response_status = response.status
244
+ end
245
+
246
+ it 'should NOT treat the second request as a batch request when "unbatch" param is set' do
247
+ refute @second_is_batch_request
248
+ end
249
+ end
250
+
251
+ describe 'time out' do
252
+ before do
253
+ @resource.reload
254
+ age_token(@resource, @client_id)
255
+
256
+ get '/demo/members_only',
257
+ params: {},
258
+ headers: @auth_headers
259
+
260
+ @first_is_batch_request = assigns(:is_batch_request)
261
+ @first_user = assigns(:resource).dup
262
+ @first_access_token = response.headers['access-token']
263
+ @first_response_status = response.status
264
+
265
+ @resource.reload
266
+ age_token(@resource, @client_id)
267
+
268
+ # use expired auth header
269
+ get '/demo/members_only',
270
+ params: {},
271
+ headers: @auth_headers
272
+
273
+ @second_is_batch_request = assigns(:is_batch_request)
274
+ @second_user = assigns(:resource)
275
+ @second_access_token = response.headers['access-token']
276
+ @second_response_status = response.status
277
+ end
278
+
279
+ it 'should allow the first request through' do
280
+ assert_equal 200, @first_response_status
281
+ end
282
+
283
+ it 'should not allow the second request through' do
284
+ assert_equal 401, @second_response_status
285
+ end
286
+
287
+ it 'should not treat first request as batch request' do
288
+ refute @second_is_batch_request
289
+ end
290
+
291
+ it 'should return auth headers from the first request' do
292
+ assert @first_access_token
293
+ end
294
+
295
+ it 'should not treat second request as batch request' do
296
+ refute @second_is_batch_request
297
+ end
298
+
299
+ it 'should not return auth headers from the second request' do
300
+ refute @second_access_token
301
+ end
302
+
303
+ it 'should define user during first request' do
304
+ assert @first_user
305
+ end
306
+
307
+ it 'should not define user during second request' do
308
+ refute @second_user
309
+ end
310
+ end
311
+ end
312
+
313
+ describe 'successful password change' do
314
+ before do
315
+ DeviseTokenAuth.remove_tokens_after_password_reset = true
316
+
317
+ # adding one more token to simulate another logged in device
318
+ @old_auth_headers = @auth_headers
319
+ @auth_headers = @resource.create_new_auth_token
320
+ age_token(@resource, @client_id)
321
+ assert @resource.tokens.count > 1
322
+
323
+ # password changed from new device
324
+ @resource.update_attributes(password: 'newsecret123',
325
+ password_confirmation: 'newsecret123')
326
+
327
+ get '/demo/members_only',
328
+ params: {},
329
+ headers: @auth_headers
330
+ end
331
+
332
+ after do
333
+ DeviseTokenAuth.remove_tokens_after_password_reset = false
334
+ end
335
+
336
+ it 'should have only one token' do
337
+ assert_equal 1, @resource.tokens.count
338
+ end
339
+
340
+ it 'new request should be successful' do
341
+ assert 200, response.status
342
+ end
343
+
344
+ describe 'another device should not be able to login' do
345
+ it 'should return forbidden status' do
346
+ get '/demo/members_only',
347
+ params: {},
348
+ headers: @old_auth_headers
349
+ assert 401, response.status
350
+ end
351
+ end
352
+ end
353
+
354
+ describe 'request including destroy of token' do
355
+ describe 'when change_headers_on_each_request is set to false' do
356
+ before do
357
+ DeviseTokenAuth.change_headers_on_each_request = false
358
+ age_token(@resource, @client_id)
359
+
360
+ get '/demo/members_only_remove_token',
361
+ params: {},
362
+ headers: @auth_headers
363
+ end
364
+
365
+ after do
366
+ DeviseTokenAuth.change_headers_on_each_request = true
367
+ end
368
+
369
+ it 'should not return auth-headers' do
370
+ refute response.headers['access-token']
371
+ end
372
+ end
373
+
374
+ describe 'when change_headers_on_each_request is set to true' do
375
+ before do
376
+ age_token(@resource, @client_id)
377
+ get '/demo/members_only_remove_token',
378
+ params: {},
379
+ headers: @auth_headers
380
+ end
381
+
382
+ it 'should not return auth-headers' do
383
+ refute response.headers['access-token']
384
+ end
385
+ end
386
+ end
387
+
388
+ describe 'when access-token name has been changed' do
389
+ before do
390
+ # ensure that request is not treated as batch request
391
+ DeviseTokenAuth.headers_names[:'access-token'] = 'new-access-token'
392
+ auth_headers_modified = @resource.create_new_auth_token
393
+ client_id = auth_headers_modified['client']
394
+ age_token(@resource, client_id)
395
+
396
+ get '/demo/members_only',
397
+ params: {},
398
+ headers: auth_headers_modified
399
+ @resp_token = response.headers['new-access-token']
400
+ end
401
+
402
+ it 'should have "new-access-token" header' do
403
+ assert @resp_token.present?
404
+ end
405
+
406
+ after do
407
+ DeviseTokenAuth.headers_names[:'access-token'] = 'access-token'
408
+ end
409
+ end
410
+ end
411
+
412
+ describe 'bypass_sign_in' do
413
+ before do
414
+ @resource = users(:unconfirmed_email_user)
415
+ @resource.save!
416
+
417
+ @auth_headers = @resource.create_new_auth_token
418
+
419
+ @token = @auth_headers['access-token']
420
+ @client_id = @auth_headers['client']
421
+ @expiry = @auth_headers['expiry']
422
+ end
423
+ describe 'is default value (true)' do
424
+ before do
425
+ age_token(@resource, @client_id)
426
+
427
+ get '/demo/members_only', params: {}, headers: @auth_headers
428
+
429
+ @access_token = response.headers['access-token']
430
+ @response_status = response.status
431
+ end
432
+
433
+ it 'should allow the request through' do
434
+ assert_equal 200, @response_status
435
+ end
436
+
437
+ it 'should return auth headers' do
438
+ assert @access_token
439
+ end
440
+
441
+ it 'should set current user' do
442
+ assert_equal @controller.current_user, @resource
443
+ end
444
+ end
445
+ describe 'is false' do
446
+ before do
447
+ DeviseTokenAuth.bypass_sign_in = false
448
+ age_token(@resource, @client_id)
449
+
450
+ get '/demo/members_only', params: {}, headers: @auth_headers
451
+
452
+ @access_token = response.headers['access-token']
453
+ @response_status = response.status
454
+
455
+ DeviseTokenAuth.bypass_sign_in = true
456
+ end
457
+
458
+ it 'should not allow the request through' do
459
+ refute_equal 200, @response_status
460
+ end
461
+
462
+ it 'should not return auth headers from the first request' do
463
+ assert_nil @access_token
464
+ end
465
+ end
466
+ end
467
+
468
+ describe 'enable_standard_devise_support' do
469
+ before do
470
+ @resource = users(:confirmed_email_user)
471
+ @auth_headers = @resource.create_new_auth_token
472
+ DeviseTokenAuth.enable_standard_devise_support = true
473
+ end
474
+
475
+ describe 'Existing Warden authentication' do
476
+ before do
477
+ @resource = users(:second_confirmed_email_user)
478
+ @resource.skip_confirmation!
479
+ @resource.save!
480
+ login_as(@resource, scope: :user)
481
+
482
+ # no auth headers sent, testing that warden authenticates correctly.
483
+ get '/demo/members_only',
484
+ params: {},
485
+ headers: nil
486
+
487
+ @resp_token = response.headers['access-token']
488
+ @resp_client_id = response.headers['client']
489
+ @resp_expiry = response.headers['expiry']
490
+ @resp_uid = response.headers['uid']
491
+ end
492
+
493
+ describe 'devise mappings' do
494
+ it 'should define current_user' do
495
+ assert_equal @resource, @controller.current_user
496
+ end
497
+
498
+ it 'should define user_signed_in?' do
499
+ assert @controller.user_signed_in?
500
+ end
501
+
502
+ it 'should not define current_mang' do
503
+ refute_equal @resource, @controller.current_mang
504
+ end
505
+
506
+ it 'should increase the number of tokens by a factor of 2 up to 11' do
507
+ @first_token = @resource.tokens.keys.first
508
+
509
+ DeviseTokenAuth.max_number_of_devices = 11
510
+ (1..10).each do |n|
511
+ assert_equal [11, 2 * n].min, @resource.reload.tokens.keys.length
512
+ get '/demo/members_only', params: {}, headers: nil
513
+ end
514
+
515
+ assert_not_includes @resource.reload.tokens.keys, @first_token
516
+ end
517
+ end
518
+
519
+ it 'should return success status' do
520
+ assert_equal 200, response.status
521
+ end
522
+
523
+ it 'should receive new token after successful request' do
524
+ assert @resp_token
525
+ end
526
+
527
+ it 'should set the token expiry in the auth header' do
528
+ assert @resp_expiry
529
+ end
530
+
531
+ it 'should return the client id in the auth header' do
532
+ assert @resp_client_id
533
+ end
534
+
535
+ it "should return the user's uid in the auth header" do
536
+ assert @resp_uid
537
+ end
538
+ end
539
+
540
+ describe 'existing Warden authentication with ignored token data' do
541
+ before do
542
+ @resource = users(:second_confirmed_email_user)
543
+ @resource.skip_confirmation!
544
+ @resource.save!
545
+ login_as(@resource, scope: :user)
546
+
547
+ get '/demo/members_only',
548
+ params: {},
549
+ headers: @auth_headers
550
+
551
+ @resp_token = response.headers['access-token']
552
+ @resp_client_id = response.headers['client']
553
+ @resp_expiry = response.headers['expiry']
554
+ @resp_uid = response.headers['uid']
555
+ end
556
+
557
+ describe 'devise mappings' do
558
+ it 'should define current_user' do
559
+ assert_equal @resource, @controller.current_user
560
+ end
561
+
562
+ it 'should define user_signed_in?' do
563
+ assert @controller.user_signed_in?
564
+ end
565
+
566
+ it 'should not define current_mang' do
567
+ refute_equal @resource, @controller.current_mang
568
+ end
569
+ end
570
+
571
+ it 'should return success status' do
572
+ assert_equal 200, response.status
573
+ end
574
+
575
+ it 'should receive new token after successful request' do
576
+ assert @resp_token
577
+ end
578
+
579
+ it 'should set the token expiry in the auth header' do
580
+ assert @resp_expiry
581
+ end
582
+
583
+ it 'should return the client id in the auth header' do
584
+ assert @resp_client_id
585
+ end
586
+
587
+ it "should not use the existing token's client" do
588
+ refute_equal @auth_headers['client'], @resp_client_id
589
+ end
590
+
591
+ it "should return the user's uid in the auth header" do
592
+ assert @resp_uid
593
+ end
594
+
595
+ it "should not return the token user's uid in the auth header" do
596
+ refute_equal @resp_uid, @auth_headers['uid']
597
+ end
598
+ end
599
+ end
600
+ end
601
+ end