door_mat 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.rspec +2 -0
- data/Gemfile +3 -0
- data/MIT-LICENSE +20 -0
- data/README.md +88 -0
- data/Rakefile +32 -0
- data/app/assets/javascripts/door_mat/application.js +13 -0
- data/app/assets/stylesheets/door_mat/application.css +15 -0
- data/app/assets/stylesheets/scaffold.css +56 -0
- data/app/controllers/door_mat/activities_controller.rb +106 -0
- data/app/controllers/door_mat/application_controller.rb +14 -0
- data/app/controllers/door_mat/change_password_controller.rb +32 -0
- data/app/controllers/door_mat/forgot_passwords_controller.rb +57 -0
- data/app/controllers/door_mat/manage_email_controller.rb +61 -0
- data/app/controllers/door_mat/password_less_session_controller.rb +121 -0
- data/app/controllers/door_mat/reconfirm_password_controller.rb +27 -0
- data/app/controllers/door_mat/sessions_controller.rb +17 -0
- data/app/controllers/door_mat/sign_in_controller.rb +60 -0
- data/app/controllers/door_mat/sign_up_controller.rb +59 -0
- data/app/controllers/door_mat/static_controller.rb +5 -0
- data/app/mailers/door_mat/activity_mailer.rb +18 -0
- data/app/mailers/door_mat/password_less_session_mailer.rb +12 -0
- data/app/models/door_mat/access_token.rb +315 -0
- data/app/models/door_mat/activity.rb +14 -0
- data/app/models/door_mat/activity_confirm_email.rb +45 -0
- data/app/models/door_mat/activity_download_recovery_key.rb +30 -0
- data/app/models/door_mat/activity_reset_password.rb +47 -0
- data/app/models/door_mat/actor.rb +149 -0
- data/app/models/door_mat/change_password.rb +12 -0
- data/app/models/door_mat/email.rb +58 -0
- data/app/models/door_mat/forgot_password.rb +12 -0
- data/app/models/door_mat/membership.rb +42 -0
- data/app/models/door_mat/session.rb +315 -0
- data/app/models/door_mat/sign_in.rb +31 -0
- data/app/models/door_mat/sign_up.rb +17 -0
- data/app/views/door_mat/activity_mailer/confirm_email.html.erb +11 -0
- data/app/views/door_mat/activity_mailer/confirm_email.text.erb +7 -0
- data/app/views/door_mat/activity_mailer/reset_password.html.erb +11 -0
- data/app/views/door_mat/activity_mailer/reset_password.text.erb +7 -0
- data/app/views/door_mat/change_password/new.html.erb +22 -0
- data/app/views/door_mat/forgot_passwords/choose_new_password.html.erb +34 -0
- data/app/views/door_mat/forgot_passwords/new.html.erb +14 -0
- data/app/views/door_mat/helpers/_errors_if_any.html.erb +10 -0
- data/app/views/door_mat/manage_email/new.html.erb +14 -0
- data/app/views/door_mat/password_less_session/access_token.html.erb +16 -0
- data/app/views/door_mat/password_less_session/new.html.erb +34 -0
- data/app/views/door_mat/password_less_session_mailer/send_token.html.erb +11 -0
- data/app/views/door_mat/password_less_session_mailer/send_token.text.erb +7 -0
- data/app/views/door_mat/reconfirm_password/new.html.erb +12 -0
- data/app/views/door_mat/sign_in/new.html.erb +30 -0
- data/app/views/door_mat/sign_up/new.html.erb +24 -0
- data/app/views/door_mat/static/add_email_success.html.erb +5 -0
- data/app/views/door_mat/static/change_password_success.html.erb +2 -0
- data/app/views/door_mat/static/confirm_email_success.html.erb +2 -0
- data/app/views/door_mat/static/email_confirmation_required.html.erb +17 -0
- data/app/views/door_mat/static/forgot_password_verification_mail_sent.html.erb +2 -0
- data/app/views/door_mat/static/reconfirm_password_success.html.erb +4 -0
- data/app/views/door_mat/static/sign_in_success.html.erb +5 -0
- data/app/views/door_mat/static/sign_out_success.html.erb +5 -0
- data/app/views/door_mat/static/sign_up_success.html.erb +4 -0
- data/bin/rails +12 -0
- data/config/locales/en.yml +73 -0
- data/config/routes.rb +48 -0
- data/db/migrate/20140616234935_create_door_mat_actors.rb +23 -0
- data/db/migrate/20140617233357_create_door_mat_sessions.rb +17 -0
- data/db/migrate/20140630043202_create_door_mat_emails.rb +12 -0
- data/db/migrate/20140702045729_create_door_mat_activities.rb +14 -0
- data/db/migrate/20141115183045_create_door_mat_access_tokens.rb +17 -0
- data/db/migrate/20141121191824_create_door_mat_memberships.rb +14 -0
- data/db/migrate/20150910182126_rename_session_guid_column.rb +5 -0
- data/db/migrate/20150918210831_add_access_token_rating_column.rb +5 -0
- data/door_mat.gemspec +37 -0
- data/lib/door_mat.rb +20 -0
- data/lib/door_mat/attr_asymmetric_store.rb +82 -0
- data/lib/door_mat/attr_symmetric_store.rb +82 -0
- data/lib/door_mat/configuration.rb +193 -0
- data/lib/door_mat/controller.rb +117 -0
- data/lib/door_mat/crypto.rb +49 -0
- data/lib/door_mat/crypto/asymmetric_store.rb +77 -0
- data/lib/door_mat/crypto/fast_hash.rb +17 -0
- data/lib/door_mat/crypto/password_hash.rb +39 -0
- data/lib/door_mat/crypto/secure_compare.rb +23 -0
- data/lib/door_mat/crypto/symmetric_store.rb +68 -0
- data/lib/door_mat/engine.rb +23 -0
- data/lib/door_mat/process/actor_password_change.rb +65 -0
- data/lib/door_mat/process/actor_sign_in.rb +38 -0
- data/lib/door_mat/process/actor_sign_up.rb +39 -0
- data/lib/door_mat/process/create_new_anonymous_actor.rb +36 -0
- data/lib/door_mat/process/manage_email.rb +42 -0
- data/lib/door_mat/process/reset_password.rb +50 -0
- data/lib/door_mat/regex.rb +17 -0
- data/lib/door_mat/test_helper.rb +58 -0
- data/lib/door_mat/url_protocol.rb +9 -0
- data/lib/door_mat/version.rb +3 -0
- data/lib/tasks/door_mat_tasks.rake +31 -0
- data/spec/controllers/door_mat/activities_controller_spec.rb +70 -0
- data/spec/controllers/door_mat/forgot_passwords_controller_spec.rb +57 -0
- data/spec/controllers/door_mat/manage_email_spec.rb +181 -0
- data/spec/controllers/door_mat/password_less_session_controller_spec.rb +344 -0
- data/spec/controllers/door_mat/sign_in_controller_spec.rb +211 -0
- data/spec/controllers/door_mat/sign_up_controller_spec.rb +90 -0
- data/spec/factories/door_mat_access_tokens.rb +6 -0
- data/spec/factories/door_mat_activitiess.rb +6 -0
- data/spec/factories/door_mat_actors.rb +23 -0
- data/spec/factories/door_mat_emails.rb +14 -0
- data/spec/factories/door_mat_memberships.rb +6 -0
- data/spec/factories/door_mat_sessions.rb +24 -0
- data/spec/features/password_less_session_spec.rb +165 -0
- data/spec/features/remember_me_spec.rb +672 -0
- data/spec/features/session_spec.rb +336 -0
- data/spec/lib/attr_store_spec.rb +237 -0
- data/spec/lib/crypto_spec.rb +130 -0
- data/spec/lib/process_spec.rb +159 -0
- data/spec/models/door_mat/access_token_spec.rb +134 -0
- data/spec/models/door_mat/activity_spec.rb +38 -0
- data/spec/models/door_mat/actor_spec.rb +56 -0
- data/spec/models/door_mat/email_spec.rb +25 -0
- data/spec/models/door_mat/session_spec.rb +69 -0
- data/spec/spec_helper.rb +223 -0
- data/spec/support/timecop/timecop_helper.rb +52 -0
- data/spec/test_app/README.rdoc +28 -0
- data/spec/test_app/Rakefile +6 -0
- data/spec/test_app/app/assets/javascripts/application.js +13 -0
- data/spec/test_app/app/assets/stylesheets/application.css +15 -0
- data/spec/test_app/app/controllers/account_controller.rb +28 -0
- data/spec/test_app/app/controllers/application_controller.rb +10 -0
- data/spec/test_app/app/controllers/password_less_sample_controller.rb +56 -0
- data/spec/test_app/app/controllers/static_controller.rb +7 -0
- data/spec/test_app/app/helpers/account_helper.rb +2 -0
- data/spec/test_app/app/helpers/application_helper.rb +2 -0
- data/spec/test_app/app/models/game.rb +62 -0
- data/spec/test_app/app/models/shared_data.rb +4 -0
- data/spec/test_app/app/models/shared_key.rb +8 -0
- data/spec/test_app/app/models/user_detail.rb +7 -0
- data/spec/test_app/app/views/account/show.html.erb +133 -0
- data/spec/test_app/app/views/door_mat/static/sign_out_success.html.erb +7 -0
- data/spec/test_app/app/views/layouts/application.html.erb +20 -0
- data/spec/test_app/app/views/password_less_sample/draw_results.html.erb +6 -0
- data/spec/test_app/app/views/password_less_sample/final_result.html.erb +7 -0
- data/spec/test_app/app/views/password_less_sample/play_game.html.erb +5 -0
- data/spec/test_app/app/views/password_less_sample/show_loosing_door.html.erb +10 -0
- data/spec/test_app/app/views/static/index.html.erb +12 -0
- data/spec/test_app/app/views/static/only_confirmed_email_allowed.html.erb +10 -0
- data/spec/test_app/app/views/static/page_that_require_password_reconfirmation.html.erb +16 -0
- data/spec/test_app/app/views/static/session_protected_page.html.erb +32 -0
- data/spec/test_app/bin/bundle +3 -0
- data/spec/test_app/bin/rails +4 -0
- data/spec/test_app/bin/rake +4 -0
- data/spec/test_app/config.ru +4 -0
- data/spec/test_app/config/application.rb +29 -0
- data/spec/test_app/config/boot.rb +5 -0
- data/spec/test_app/config/database.yml +25 -0
- data/spec/test_app/config/environment.rb +19 -0
- data/spec/test_app/config/environments/development.rb +50 -0
- data/spec/test_app/config/environments/production.rb +83 -0
- data/spec/test_app/config/environments/test.rb +48 -0
- data/spec/test_app/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/test_app/config/initializers/cookies_serializer.rb +3 -0
- data/spec/test_app/config/initializers/door_mat.rb +72 -0
- data/spec/test_app/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/test_app/config/initializers/inflections.rb +16 -0
- data/spec/test_app/config/initializers/mime_types.rb +4 -0
- data/spec/test_app/config/initializers/session_store.rb +3 -0
- data/spec/test_app/config/initializers/wrap_parameters.rb +14 -0
- data/spec/test_app/config/locales/en.yml +23 -0
- data/spec/test_app/config/routes.rb +42 -0
- data/spec/test_app/config/secrets.yml +31 -0
- data/spec/test_app/db/migrate/20140717182813_create_user_details.rb +10 -0
- data/spec/test_app/db/migrate/20140908225256_create_shared_data.rb +10 -0
- data/spec/test_app/db/migrate/20140908225604_create_shared_keys.rb +11 -0
- data/spec/test_app/db/migrate/20141121190714_create_games.rb +10 -0
- data/spec/test_app/public/404.html +67 -0
- data/spec/test_app/public/422.html +67 -0
- data/spec/test_app/public/500.html +66 -0
- data/spec/test_app/public/favicon.ico +0 -0
- metadata +552 -0
|
@@ -0,0 +1,672 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
module DoorMat
|
|
4
|
+
|
|
5
|
+
RSpec.describe 'the remember me feature', :type => :feature do
|
|
6
|
+
include EmailSpec::Helpers
|
|
7
|
+
include EmailSpec::Matchers
|
|
8
|
+
|
|
9
|
+
let(:admin) { {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd} }
|
|
10
|
+
let(:user) { {name: 'Alice', email: 'user@example.com', password: 'k#dkvKfdj38g!', new_password: 'new_k#dkvKfdj38g!'} }
|
|
11
|
+
|
|
12
|
+
describe 'session access control across time' do
|
|
13
|
+
|
|
14
|
+
describe 'with default config' do
|
|
15
|
+
|
|
16
|
+
before(:context) do
|
|
17
|
+
reset_default_config
|
|
18
|
+
end
|
|
19
|
+
after (:context) do
|
|
20
|
+
reset_default_config
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
describe 'login on public computer without remember me' do
|
|
24
|
+
|
|
25
|
+
before (:example) do
|
|
26
|
+
is_public_computer = true
|
|
27
|
+
remember_me = false
|
|
28
|
+
|
|
29
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
30
|
+
visit '/sign_in'
|
|
31
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
35
|
+
wait_less_than_public_computer_session_timeout
|
|
36
|
+
reload_page
|
|
37
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
38
|
+
wait_two_minutes
|
|
39
|
+
reload_page
|
|
40
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
41
|
+
wait_two_minutes
|
|
42
|
+
reload_page
|
|
43
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
44
|
+
wait_longer_than_public_computer_session_timeout
|
|
45
|
+
reload_page
|
|
46
|
+
expect(page.current_path).to match(/sign_in/)
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
describe 'with remember_me enabled only on a private computer session' do
|
|
54
|
+
|
|
55
|
+
before(:context) do
|
|
56
|
+
reset_default_config
|
|
57
|
+
DoorMat.configuration.allow_remember_me_feature = true
|
|
58
|
+
end
|
|
59
|
+
after (:context) do
|
|
60
|
+
reset_default_config
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
describe 'login on public computer without remember me' do
|
|
64
|
+
|
|
65
|
+
before (:example) do
|
|
66
|
+
is_public_computer = true
|
|
67
|
+
remember_me = false
|
|
68
|
+
|
|
69
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
70
|
+
visit '/sign_in'
|
|
71
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
75
|
+
wait_less_than_public_computer_session_timeout
|
|
76
|
+
reload_page
|
|
77
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
78
|
+
wait_two_minutes
|
|
79
|
+
reload_page
|
|
80
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
81
|
+
wait_two_minutes
|
|
82
|
+
reload_page
|
|
83
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
84
|
+
wait_longer_than_public_computer_session_timeout
|
|
85
|
+
reload_page
|
|
86
|
+
expect(page.current_path).to match(/sign_in/)
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
describe 'login on public computer with remember me' do
|
|
92
|
+
|
|
93
|
+
before (:example) do
|
|
94
|
+
is_public_computer = true
|
|
95
|
+
remember_me = true
|
|
96
|
+
|
|
97
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
98
|
+
visit '/sign_in'
|
|
99
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
103
|
+
wait_less_than_public_computer_session_timeout
|
|
104
|
+
reload_page
|
|
105
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
106
|
+
wait_two_minutes
|
|
107
|
+
reload_page
|
|
108
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
109
|
+
wait_two_minutes
|
|
110
|
+
reload_page
|
|
111
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
112
|
+
wait_longer_than_public_computer_session_timeout
|
|
113
|
+
reload_page
|
|
114
|
+
expect(page.current_path).to match(/sign_in/)
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
describe 'login on private computer without remember me' do
|
|
120
|
+
|
|
121
|
+
before (:example) do
|
|
122
|
+
is_public_computer = false
|
|
123
|
+
remember_me = false
|
|
124
|
+
|
|
125
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
126
|
+
visit '/sign_in'
|
|
127
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
131
|
+
wait_less_than_private_computer_session_timeout
|
|
132
|
+
reload_page
|
|
133
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
134
|
+
wait_two_minutes
|
|
135
|
+
reload_page
|
|
136
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
137
|
+
wait_two_minutes
|
|
138
|
+
reload_page
|
|
139
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
140
|
+
wait_longer_than_private_computer_session_timeout
|
|
141
|
+
reload_page
|
|
142
|
+
expect(page.current_path).to match(/sign_in/)
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
end
|
|
146
|
+
|
|
147
|
+
describe 'login on private computer with remember me' do
|
|
148
|
+
|
|
149
|
+
before (:example) do
|
|
150
|
+
is_public_computer = false
|
|
151
|
+
remember_me = true
|
|
152
|
+
|
|
153
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
154
|
+
visit '/sign_in'
|
|
155
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
159
|
+
wait_less_than_private_computer_session_timeout
|
|
160
|
+
reload_page
|
|
161
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
162
|
+
wait_two_minutes
|
|
163
|
+
reload_page
|
|
164
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
165
|
+
wait_two_minutes
|
|
166
|
+
reload_page
|
|
167
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
168
|
+
wait_longer_than_private_computer_session_timeout
|
|
169
|
+
reload_page
|
|
170
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
171
|
+
wait_less_than_remember_me_timeout
|
|
172
|
+
reload_page
|
|
173
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
174
|
+
wait_two_days
|
|
175
|
+
reload_page
|
|
176
|
+
expect(page.current_path).to match(/sign_in/)
|
|
177
|
+
end
|
|
178
|
+
|
|
179
|
+
end
|
|
180
|
+
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
|
|
184
|
+
describe 'with remember_me enabled on any session' do
|
|
185
|
+
|
|
186
|
+
before(:context) do
|
|
187
|
+
reset_default_config
|
|
188
|
+
DoorMat.configuration.allow_remember_me_feature = true
|
|
189
|
+
DoorMat.configuration.remember_me_require_private_computer_confirmation = false
|
|
190
|
+
end
|
|
191
|
+
after (:context) do
|
|
192
|
+
reset_default_config
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
describe 'login on public computer without remember me' do
|
|
196
|
+
|
|
197
|
+
before (:example) do
|
|
198
|
+
is_public_computer = true
|
|
199
|
+
remember_me = false
|
|
200
|
+
|
|
201
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
202
|
+
visit '/sign_in'
|
|
203
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
204
|
+
end
|
|
205
|
+
|
|
206
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
207
|
+
wait_less_than_public_computer_session_timeout
|
|
208
|
+
reload_page
|
|
209
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
210
|
+
wait_two_minutes
|
|
211
|
+
reload_page
|
|
212
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
213
|
+
wait_two_minutes
|
|
214
|
+
reload_page
|
|
215
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
216
|
+
wait_longer_than_public_computer_session_timeout
|
|
217
|
+
reload_page
|
|
218
|
+
expect(page.current_path).to match(/sign_in/)
|
|
219
|
+
end
|
|
220
|
+
|
|
221
|
+
end
|
|
222
|
+
|
|
223
|
+
describe 'login on public computer with remember me' do
|
|
224
|
+
|
|
225
|
+
before (:example) do
|
|
226
|
+
is_public_computer = true
|
|
227
|
+
remember_me = true
|
|
228
|
+
|
|
229
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
230
|
+
visit '/sign_in'
|
|
231
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
232
|
+
end
|
|
233
|
+
|
|
234
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
235
|
+
wait_less_than_private_computer_session_timeout
|
|
236
|
+
reload_page
|
|
237
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
238
|
+
wait_two_minutes
|
|
239
|
+
reload_page
|
|
240
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
241
|
+
wait_two_minutes
|
|
242
|
+
reload_page
|
|
243
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
244
|
+
wait_longer_than_private_computer_session_timeout
|
|
245
|
+
reload_page
|
|
246
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
247
|
+
wait_less_than_remember_me_timeout
|
|
248
|
+
reload_page
|
|
249
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
250
|
+
wait_two_days
|
|
251
|
+
reload_page
|
|
252
|
+
expect(page.current_path).to match(/sign_in/)
|
|
253
|
+
end
|
|
254
|
+
|
|
255
|
+
end
|
|
256
|
+
|
|
257
|
+
describe 'login on private computer without remember me' do
|
|
258
|
+
|
|
259
|
+
before (:example) do
|
|
260
|
+
is_public_computer = false
|
|
261
|
+
remember_me = false
|
|
262
|
+
|
|
263
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
264
|
+
visit '/sign_in'
|
|
265
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
266
|
+
end
|
|
267
|
+
|
|
268
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
269
|
+
wait_less_than_private_computer_session_timeout
|
|
270
|
+
reload_page
|
|
271
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
272
|
+
wait_two_minutes
|
|
273
|
+
reload_page
|
|
274
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
275
|
+
wait_two_minutes
|
|
276
|
+
reload_page
|
|
277
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
278
|
+
wait_longer_than_private_computer_session_timeout
|
|
279
|
+
reload_page
|
|
280
|
+
expect(page.current_path).to match(/sign_in/)
|
|
281
|
+
end
|
|
282
|
+
|
|
283
|
+
end
|
|
284
|
+
|
|
285
|
+
describe 'login on private computer with remember me' do
|
|
286
|
+
|
|
287
|
+
before (:example) do
|
|
288
|
+
is_public_computer = false
|
|
289
|
+
remember_me = true
|
|
290
|
+
|
|
291
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
|
|
292
|
+
visit '/sign_in'
|
|
293
|
+
fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
|
|
294
|
+
end
|
|
295
|
+
|
|
296
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
297
|
+
wait_less_than_private_computer_session_timeout
|
|
298
|
+
reload_page
|
|
299
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
300
|
+
wait_two_minutes
|
|
301
|
+
reload_page
|
|
302
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
303
|
+
wait_two_minutes
|
|
304
|
+
reload_page
|
|
305
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
306
|
+
wait_longer_than_private_computer_session_timeout
|
|
307
|
+
reload_page
|
|
308
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
309
|
+
wait_less_than_remember_me_timeout
|
|
310
|
+
reload_page
|
|
311
|
+
expect(page.body).to have_content('Static#session_protected_page')
|
|
312
|
+
wait_two_days
|
|
313
|
+
reload_page
|
|
314
|
+
expect(page.current_path).to match(/sign_in/)
|
|
315
|
+
end
|
|
316
|
+
|
|
317
|
+
end
|
|
318
|
+
|
|
319
|
+
end
|
|
320
|
+
|
|
321
|
+
|
|
322
|
+
end
|
|
323
|
+
|
|
324
|
+
|
|
325
|
+
|
|
326
|
+
describe 'access_token access control across time' do
|
|
327
|
+
|
|
328
|
+
describe 'with default config' do
|
|
329
|
+
|
|
330
|
+
before(:context) do
|
|
331
|
+
reset_default_config
|
|
332
|
+
end
|
|
333
|
+
after (:context) do
|
|
334
|
+
reset_default_config
|
|
335
|
+
end
|
|
336
|
+
|
|
337
|
+
describe 'login on public computer without remember me' do
|
|
338
|
+
|
|
339
|
+
before (:example) do
|
|
340
|
+
is_public_computer = true
|
|
341
|
+
remember_me = false
|
|
342
|
+
|
|
343
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
344
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
345
|
+
|
|
346
|
+
visit '/big_ticket'
|
|
347
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
348
|
+
|
|
349
|
+
visit manage_list_url
|
|
350
|
+
end
|
|
351
|
+
|
|
352
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
353
|
+
wait_longer_than_public_computer_session_timeout
|
|
354
|
+
reload_page
|
|
355
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
356
|
+
end
|
|
357
|
+
|
|
358
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
359
|
+
wait_less_than_public_computer_session_timeout
|
|
360
|
+
reload_page
|
|
361
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
362
|
+
wait_two_minutes
|
|
363
|
+
reload_page
|
|
364
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
365
|
+
wait_two_minutes
|
|
366
|
+
reload_page
|
|
367
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
368
|
+
wait_longer_than_public_computer_session_timeout
|
|
369
|
+
reload_page
|
|
370
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
371
|
+
end
|
|
372
|
+
|
|
373
|
+
end
|
|
374
|
+
|
|
375
|
+
end
|
|
376
|
+
|
|
377
|
+
describe 'with remember_me enabled only on a private computer session' do
|
|
378
|
+
|
|
379
|
+
before(:context) do
|
|
380
|
+
reset_default_config
|
|
381
|
+
DoorMat.configuration.allow_remember_me_feature = true
|
|
382
|
+
end
|
|
383
|
+
after (:context) do
|
|
384
|
+
reset_default_config
|
|
385
|
+
end
|
|
386
|
+
|
|
387
|
+
describe 'login on public computer without remember me' do
|
|
388
|
+
|
|
389
|
+
before (:example) do
|
|
390
|
+
is_public_computer = true
|
|
391
|
+
remember_me = false
|
|
392
|
+
|
|
393
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
394
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
395
|
+
|
|
396
|
+
visit '/big_ticket'
|
|
397
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
398
|
+
visit manage_list_url
|
|
399
|
+
end
|
|
400
|
+
|
|
401
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
402
|
+
wait_less_than_public_computer_session_timeout
|
|
403
|
+
reload_page
|
|
404
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
405
|
+
wait_two_minutes
|
|
406
|
+
reload_page
|
|
407
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
408
|
+
wait_two_minutes
|
|
409
|
+
reload_page
|
|
410
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
411
|
+
wait_longer_than_public_computer_session_timeout
|
|
412
|
+
reload_page
|
|
413
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
414
|
+
end
|
|
415
|
+
|
|
416
|
+
end
|
|
417
|
+
|
|
418
|
+
describe 'login on public computer with remember me' do
|
|
419
|
+
|
|
420
|
+
before (:example) do
|
|
421
|
+
is_public_computer = true
|
|
422
|
+
remember_me = true
|
|
423
|
+
|
|
424
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
425
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
426
|
+
|
|
427
|
+
visit '/big_ticket'
|
|
428
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
429
|
+
visit manage_list_url
|
|
430
|
+
end
|
|
431
|
+
|
|
432
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
433
|
+
wait_less_than_public_computer_session_timeout
|
|
434
|
+
reload_page
|
|
435
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
436
|
+
wait_two_minutes
|
|
437
|
+
reload_page
|
|
438
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
439
|
+
wait_two_minutes
|
|
440
|
+
reload_page
|
|
441
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
442
|
+
wait_longer_than_public_computer_session_timeout
|
|
443
|
+
reload_page
|
|
444
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
445
|
+
end
|
|
446
|
+
|
|
447
|
+
end
|
|
448
|
+
|
|
449
|
+
describe 'login on private computer without remember me' do
|
|
450
|
+
|
|
451
|
+
before (:example) do
|
|
452
|
+
is_public_computer = false
|
|
453
|
+
remember_me = false
|
|
454
|
+
|
|
455
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
456
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
457
|
+
|
|
458
|
+
visit '/big_ticket'
|
|
459
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
460
|
+
visit manage_list_url
|
|
461
|
+
end
|
|
462
|
+
|
|
463
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
464
|
+
wait_less_than_private_computer_session_timeout
|
|
465
|
+
reload_page
|
|
466
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
467
|
+
wait_two_minutes
|
|
468
|
+
reload_page
|
|
469
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
470
|
+
wait_two_minutes
|
|
471
|
+
reload_page
|
|
472
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
473
|
+
wait_longer_than_private_computer_session_timeout
|
|
474
|
+
reload_page
|
|
475
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
476
|
+
end
|
|
477
|
+
|
|
478
|
+
end
|
|
479
|
+
|
|
480
|
+
describe 'login on private computer with remember me' do
|
|
481
|
+
|
|
482
|
+
before (:example) do
|
|
483
|
+
is_public_computer = false
|
|
484
|
+
remember_me = true
|
|
485
|
+
|
|
486
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
487
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
488
|
+
|
|
489
|
+
visit '/big_ticket'
|
|
490
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
491
|
+
visit manage_list_url
|
|
492
|
+
end
|
|
493
|
+
|
|
494
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
495
|
+
wait_less_than_private_computer_session_timeout
|
|
496
|
+
reload_page
|
|
497
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
498
|
+
wait_two_minutes
|
|
499
|
+
reload_page
|
|
500
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
501
|
+
wait_two_minutes
|
|
502
|
+
reload_page
|
|
503
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
504
|
+
wait_longer_than_private_computer_session_timeout
|
|
505
|
+
reload_page
|
|
506
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
507
|
+
wait_less_than_remember_me_timeout
|
|
508
|
+
reload_page
|
|
509
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
510
|
+
wait_two_days
|
|
511
|
+
reload_page
|
|
512
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
513
|
+
end
|
|
514
|
+
|
|
515
|
+
end
|
|
516
|
+
|
|
517
|
+
end
|
|
518
|
+
|
|
519
|
+
|
|
520
|
+
describe 'with remember_me enabled on any session' do
|
|
521
|
+
|
|
522
|
+
before(:context) do
|
|
523
|
+
reset_default_config
|
|
524
|
+
DoorMat.configuration.allow_remember_me_feature = true
|
|
525
|
+
DoorMat.configuration.remember_me_require_private_computer_confirmation = false
|
|
526
|
+
end
|
|
527
|
+
after (:context) do
|
|
528
|
+
reset_default_config
|
|
529
|
+
end
|
|
530
|
+
|
|
531
|
+
describe 'login on public computer without remember me' do
|
|
532
|
+
|
|
533
|
+
before (:example) do
|
|
534
|
+
is_public_computer = true
|
|
535
|
+
remember_me = false
|
|
536
|
+
|
|
537
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
538
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
539
|
+
|
|
540
|
+
visit '/big_ticket'
|
|
541
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
542
|
+
visit manage_list_url
|
|
543
|
+
end
|
|
544
|
+
|
|
545
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
546
|
+
wait_less_than_public_computer_session_timeout
|
|
547
|
+
reload_page
|
|
548
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
549
|
+
wait_two_minutes
|
|
550
|
+
reload_page
|
|
551
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
552
|
+
wait_two_minutes
|
|
553
|
+
reload_page
|
|
554
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
555
|
+
wait_longer_than_public_computer_session_timeout
|
|
556
|
+
reload_page
|
|
557
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
558
|
+
end
|
|
559
|
+
|
|
560
|
+
end
|
|
561
|
+
|
|
562
|
+
describe 'login on public computer with remember me' do
|
|
563
|
+
|
|
564
|
+
before (:example) do
|
|
565
|
+
is_public_computer = true
|
|
566
|
+
remember_me = true
|
|
567
|
+
|
|
568
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
569
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
570
|
+
|
|
571
|
+
visit '/big_ticket'
|
|
572
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
573
|
+
visit manage_list_url
|
|
574
|
+
end
|
|
575
|
+
|
|
576
|
+
it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
|
|
577
|
+
wait_less_than_private_computer_session_timeout
|
|
578
|
+
reload_page
|
|
579
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
580
|
+
wait_two_minutes
|
|
581
|
+
reload_page
|
|
582
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
583
|
+
wait_two_minutes
|
|
584
|
+
reload_page
|
|
585
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
586
|
+
wait_longer_than_private_computer_session_timeout
|
|
587
|
+
reload_page
|
|
588
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
589
|
+
wait_less_than_remember_me_timeout
|
|
590
|
+
reload_page
|
|
591
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
592
|
+
wait_two_days
|
|
593
|
+
reload_page
|
|
594
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
595
|
+
end
|
|
596
|
+
|
|
597
|
+
end
|
|
598
|
+
|
|
599
|
+
describe 'login on private computer without remember me' do
|
|
600
|
+
|
|
601
|
+
before (:example) do
|
|
602
|
+
is_public_computer = false
|
|
603
|
+
remember_me = false
|
|
604
|
+
|
|
605
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
606
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
607
|
+
|
|
608
|
+
visit '/big_ticket'
|
|
609
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
610
|
+
visit manage_list_url
|
|
611
|
+
end
|
|
612
|
+
|
|
613
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
614
|
+
wait_less_than_private_computer_session_timeout
|
|
615
|
+
reload_page
|
|
616
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
617
|
+
wait_two_minutes
|
|
618
|
+
reload_page
|
|
619
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
620
|
+
wait_two_minutes
|
|
621
|
+
reload_page
|
|
622
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
623
|
+
wait_longer_than_private_computer_session_timeout
|
|
624
|
+
reload_page
|
|
625
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
626
|
+
end
|
|
627
|
+
|
|
628
|
+
end
|
|
629
|
+
|
|
630
|
+
describe 'login on private computer with remember me' do
|
|
631
|
+
|
|
632
|
+
before (:example) do
|
|
633
|
+
is_public_computer = false
|
|
634
|
+
remember_me = true
|
|
635
|
+
|
|
636
|
+
admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
|
|
637
|
+
DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
|
|
638
|
+
|
|
639
|
+
visit '/big_ticket'
|
|
640
|
+
manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
|
|
641
|
+
visit manage_list_url
|
|
642
|
+
end
|
|
643
|
+
|
|
644
|
+
it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
|
|
645
|
+
wait_less_than_private_computer_session_timeout
|
|
646
|
+
reload_page
|
|
647
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
648
|
+
wait_two_minutes
|
|
649
|
+
reload_page
|
|
650
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
651
|
+
wait_two_minutes
|
|
652
|
+
reload_page
|
|
653
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
654
|
+
wait_longer_than_private_computer_session_timeout
|
|
655
|
+
reload_page
|
|
656
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
657
|
+
wait_less_than_remember_me_timeout
|
|
658
|
+
reload_page
|
|
659
|
+
expect(page.body).to have_content('Big ticket Winner')
|
|
660
|
+
wait_two_days
|
|
661
|
+
reload_page
|
|
662
|
+
expect(page.current_path).to match(/big_ticket/)
|
|
663
|
+
end
|
|
664
|
+
|
|
665
|
+
end
|
|
666
|
+
|
|
667
|
+
end
|
|
668
|
+
|
|
669
|
+
end
|
|
670
|
+
|
|
671
|
+
end
|
|
672
|
+
end
|