door_mat 0.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (176) hide show
  1. checksums.yaml +7 -0
  2. data/.rspec +2 -0
  3. data/Gemfile +3 -0
  4. data/MIT-LICENSE +20 -0
  5. data/README.md +88 -0
  6. data/Rakefile +32 -0
  7. data/app/assets/javascripts/door_mat/application.js +13 -0
  8. data/app/assets/stylesheets/door_mat/application.css +15 -0
  9. data/app/assets/stylesheets/scaffold.css +56 -0
  10. data/app/controllers/door_mat/activities_controller.rb +106 -0
  11. data/app/controllers/door_mat/application_controller.rb +14 -0
  12. data/app/controllers/door_mat/change_password_controller.rb +32 -0
  13. data/app/controllers/door_mat/forgot_passwords_controller.rb +57 -0
  14. data/app/controllers/door_mat/manage_email_controller.rb +61 -0
  15. data/app/controllers/door_mat/password_less_session_controller.rb +121 -0
  16. data/app/controllers/door_mat/reconfirm_password_controller.rb +27 -0
  17. data/app/controllers/door_mat/sessions_controller.rb +17 -0
  18. data/app/controllers/door_mat/sign_in_controller.rb +60 -0
  19. data/app/controllers/door_mat/sign_up_controller.rb +59 -0
  20. data/app/controllers/door_mat/static_controller.rb +5 -0
  21. data/app/mailers/door_mat/activity_mailer.rb +18 -0
  22. data/app/mailers/door_mat/password_less_session_mailer.rb +12 -0
  23. data/app/models/door_mat/access_token.rb +315 -0
  24. data/app/models/door_mat/activity.rb +14 -0
  25. data/app/models/door_mat/activity_confirm_email.rb +45 -0
  26. data/app/models/door_mat/activity_download_recovery_key.rb +30 -0
  27. data/app/models/door_mat/activity_reset_password.rb +47 -0
  28. data/app/models/door_mat/actor.rb +149 -0
  29. data/app/models/door_mat/change_password.rb +12 -0
  30. data/app/models/door_mat/email.rb +58 -0
  31. data/app/models/door_mat/forgot_password.rb +12 -0
  32. data/app/models/door_mat/membership.rb +42 -0
  33. data/app/models/door_mat/session.rb +315 -0
  34. data/app/models/door_mat/sign_in.rb +31 -0
  35. data/app/models/door_mat/sign_up.rb +17 -0
  36. data/app/views/door_mat/activity_mailer/confirm_email.html.erb +11 -0
  37. data/app/views/door_mat/activity_mailer/confirm_email.text.erb +7 -0
  38. data/app/views/door_mat/activity_mailer/reset_password.html.erb +11 -0
  39. data/app/views/door_mat/activity_mailer/reset_password.text.erb +7 -0
  40. data/app/views/door_mat/change_password/new.html.erb +22 -0
  41. data/app/views/door_mat/forgot_passwords/choose_new_password.html.erb +34 -0
  42. data/app/views/door_mat/forgot_passwords/new.html.erb +14 -0
  43. data/app/views/door_mat/helpers/_errors_if_any.html.erb +10 -0
  44. data/app/views/door_mat/manage_email/new.html.erb +14 -0
  45. data/app/views/door_mat/password_less_session/access_token.html.erb +16 -0
  46. data/app/views/door_mat/password_less_session/new.html.erb +34 -0
  47. data/app/views/door_mat/password_less_session_mailer/send_token.html.erb +11 -0
  48. data/app/views/door_mat/password_less_session_mailer/send_token.text.erb +7 -0
  49. data/app/views/door_mat/reconfirm_password/new.html.erb +12 -0
  50. data/app/views/door_mat/sign_in/new.html.erb +30 -0
  51. data/app/views/door_mat/sign_up/new.html.erb +24 -0
  52. data/app/views/door_mat/static/add_email_success.html.erb +5 -0
  53. data/app/views/door_mat/static/change_password_success.html.erb +2 -0
  54. data/app/views/door_mat/static/confirm_email_success.html.erb +2 -0
  55. data/app/views/door_mat/static/email_confirmation_required.html.erb +17 -0
  56. data/app/views/door_mat/static/forgot_password_verification_mail_sent.html.erb +2 -0
  57. data/app/views/door_mat/static/reconfirm_password_success.html.erb +4 -0
  58. data/app/views/door_mat/static/sign_in_success.html.erb +5 -0
  59. data/app/views/door_mat/static/sign_out_success.html.erb +5 -0
  60. data/app/views/door_mat/static/sign_up_success.html.erb +4 -0
  61. data/bin/rails +12 -0
  62. data/config/locales/en.yml +73 -0
  63. data/config/routes.rb +48 -0
  64. data/db/migrate/20140616234935_create_door_mat_actors.rb +23 -0
  65. data/db/migrate/20140617233357_create_door_mat_sessions.rb +17 -0
  66. data/db/migrate/20140630043202_create_door_mat_emails.rb +12 -0
  67. data/db/migrate/20140702045729_create_door_mat_activities.rb +14 -0
  68. data/db/migrate/20141115183045_create_door_mat_access_tokens.rb +17 -0
  69. data/db/migrate/20141121191824_create_door_mat_memberships.rb +14 -0
  70. data/db/migrate/20150910182126_rename_session_guid_column.rb +5 -0
  71. data/db/migrate/20150918210831_add_access_token_rating_column.rb +5 -0
  72. data/door_mat.gemspec +37 -0
  73. data/lib/door_mat.rb +20 -0
  74. data/lib/door_mat/attr_asymmetric_store.rb +82 -0
  75. data/lib/door_mat/attr_symmetric_store.rb +82 -0
  76. data/lib/door_mat/configuration.rb +193 -0
  77. data/lib/door_mat/controller.rb +117 -0
  78. data/lib/door_mat/crypto.rb +49 -0
  79. data/lib/door_mat/crypto/asymmetric_store.rb +77 -0
  80. data/lib/door_mat/crypto/fast_hash.rb +17 -0
  81. data/lib/door_mat/crypto/password_hash.rb +39 -0
  82. data/lib/door_mat/crypto/secure_compare.rb +23 -0
  83. data/lib/door_mat/crypto/symmetric_store.rb +68 -0
  84. data/lib/door_mat/engine.rb +23 -0
  85. data/lib/door_mat/process/actor_password_change.rb +65 -0
  86. data/lib/door_mat/process/actor_sign_in.rb +38 -0
  87. data/lib/door_mat/process/actor_sign_up.rb +39 -0
  88. data/lib/door_mat/process/create_new_anonymous_actor.rb +36 -0
  89. data/lib/door_mat/process/manage_email.rb +42 -0
  90. data/lib/door_mat/process/reset_password.rb +50 -0
  91. data/lib/door_mat/regex.rb +17 -0
  92. data/lib/door_mat/test_helper.rb +58 -0
  93. data/lib/door_mat/url_protocol.rb +9 -0
  94. data/lib/door_mat/version.rb +3 -0
  95. data/lib/tasks/door_mat_tasks.rake +31 -0
  96. data/spec/controllers/door_mat/activities_controller_spec.rb +70 -0
  97. data/spec/controllers/door_mat/forgot_passwords_controller_spec.rb +57 -0
  98. data/spec/controllers/door_mat/manage_email_spec.rb +181 -0
  99. data/spec/controllers/door_mat/password_less_session_controller_spec.rb +344 -0
  100. data/spec/controllers/door_mat/sign_in_controller_spec.rb +211 -0
  101. data/spec/controllers/door_mat/sign_up_controller_spec.rb +90 -0
  102. data/spec/factories/door_mat_access_tokens.rb +6 -0
  103. data/spec/factories/door_mat_activitiess.rb +6 -0
  104. data/spec/factories/door_mat_actors.rb +23 -0
  105. data/spec/factories/door_mat_emails.rb +14 -0
  106. data/spec/factories/door_mat_memberships.rb +6 -0
  107. data/spec/factories/door_mat_sessions.rb +24 -0
  108. data/spec/features/password_less_session_spec.rb +165 -0
  109. data/spec/features/remember_me_spec.rb +672 -0
  110. data/spec/features/session_spec.rb +336 -0
  111. data/spec/lib/attr_store_spec.rb +237 -0
  112. data/spec/lib/crypto_spec.rb +130 -0
  113. data/spec/lib/process_spec.rb +159 -0
  114. data/spec/models/door_mat/access_token_spec.rb +134 -0
  115. data/spec/models/door_mat/activity_spec.rb +38 -0
  116. data/spec/models/door_mat/actor_spec.rb +56 -0
  117. data/spec/models/door_mat/email_spec.rb +25 -0
  118. data/spec/models/door_mat/session_spec.rb +69 -0
  119. data/spec/spec_helper.rb +223 -0
  120. data/spec/support/timecop/timecop_helper.rb +52 -0
  121. data/spec/test_app/README.rdoc +28 -0
  122. data/spec/test_app/Rakefile +6 -0
  123. data/spec/test_app/app/assets/javascripts/application.js +13 -0
  124. data/spec/test_app/app/assets/stylesheets/application.css +15 -0
  125. data/spec/test_app/app/controllers/account_controller.rb +28 -0
  126. data/spec/test_app/app/controllers/application_controller.rb +10 -0
  127. data/spec/test_app/app/controllers/password_less_sample_controller.rb +56 -0
  128. data/spec/test_app/app/controllers/static_controller.rb +7 -0
  129. data/spec/test_app/app/helpers/account_helper.rb +2 -0
  130. data/spec/test_app/app/helpers/application_helper.rb +2 -0
  131. data/spec/test_app/app/models/game.rb +62 -0
  132. data/spec/test_app/app/models/shared_data.rb +4 -0
  133. data/spec/test_app/app/models/shared_key.rb +8 -0
  134. data/spec/test_app/app/models/user_detail.rb +7 -0
  135. data/spec/test_app/app/views/account/show.html.erb +133 -0
  136. data/spec/test_app/app/views/door_mat/static/sign_out_success.html.erb +7 -0
  137. data/spec/test_app/app/views/layouts/application.html.erb +20 -0
  138. data/spec/test_app/app/views/password_less_sample/draw_results.html.erb +6 -0
  139. data/spec/test_app/app/views/password_less_sample/final_result.html.erb +7 -0
  140. data/spec/test_app/app/views/password_less_sample/play_game.html.erb +5 -0
  141. data/spec/test_app/app/views/password_less_sample/show_loosing_door.html.erb +10 -0
  142. data/spec/test_app/app/views/static/index.html.erb +12 -0
  143. data/spec/test_app/app/views/static/only_confirmed_email_allowed.html.erb +10 -0
  144. data/spec/test_app/app/views/static/page_that_require_password_reconfirmation.html.erb +16 -0
  145. data/spec/test_app/app/views/static/session_protected_page.html.erb +32 -0
  146. data/spec/test_app/bin/bundle +3 -0
  147. data/spec/test_app/bin/rails +4 -0
  148. data/spec/test_app/bin/rake +4 -0
  149. data/spec/test_app/config.ru +4 -0
  150. data/spec/test_app/config/application.rb +29 -0
  151. data/spec/test_app/config/boot.rb +5 -0
  152. data/spec/test_app/config/database.yml +25 -0
  153. data/spec/test_app/config/environment.rb +19 -0
  154. data/spec/test_app/config/environments/development.rb +50 -0
  155. data/spec/test_app/config/environments/production.rb +83 -0
  156. data/spec/test_app/config/environments/test.rb +48 -0
  157. data/spec/test_app/config/initializers/backtrace_silencers.rb +7 -0
  158. data/spec/test_app/config/initializers/cookies_serializer.rb +3 -0
  159. data/spec/test_app/config/initializers/door_mat.rb +72 -0
  160. data/spec/test_app/config/initializers/filter_parameter_logging.rb +4 -0
  161. data/spec/test_app/config/initializers/inflections.rb +16 -0
  162. data/spec/test_app/config/initializers/mime_types.rb +4 -0
  163. data/spec/test_app/config/initializers/session_store.rb +3 -0
  164. data/spec/test_app/config/initializers/wrap_parameters.rb +14 -0
  165. data/spec/test_app/config/locales/en.yml +23 -0
  166. data/spec/test_app/config/routes.rb +42 -0
  167. data/spec/test_app/config/secrets.yml +31 -0
  168. data/spec/test_app/db/migrate/20140717182813_create_user_details.rb +10 -0
  169. data/spec/test_app/db/migrate/20140908225256_create_shared_data.rb +10 -0
  170. data/spec/test_app/db/migrate/20140908225604_create_shared_keys.rb +11 -0
  171. data/spec/test_app/db/migrate/20141121190714_create_games.rb +10 -0
  172. data/spec/test_app/public/404.html +67 -0
  173. data/spec/test_app/public/422.html +67 -0
  174. data/spec/test_app/public/500.html +66 -0
  175. data/spec/test_app/public/favicon.ico +0 -0
  176. metadata +552 -0
@@ -0,0 +1,672 @@
1
+ require 'spec_helper'
2
+
3
+ module DoorMat
4
+
5
+ RSpec.describe 'the remember me feature', :type => :feature do
6
+ include EmailSpec::Helpers
7
+ include EmailSpec::Matchers
8
+
9
+ let(:admin) { {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd} }
10
+ let(:user) { {name: 'Alice', email: 'user@example.com', password: 'k#dkvKfdj38g!', new_password: 'new_k#dkvKfdj38g!'} }
11
+
12
+ describe 'session access control across time' do
13
+
14
+ describe 'with default config' do
15
+
16
+ before(:context) do
17
+ reset_default_config
18
+ end
19
+ after (:context) do
20
+ reset_default_config
21
+ end
22
+
23
+ describe 'login on public computer without remember me' do
24
+
25
+ before (:example) do
26
+ is_public_computer = true
27
+ remember_me = false
28
+
29
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
30
+ visit '/sign_in'
31
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
32
+ end
33
+
34
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
35
+ wait_less_than_public_computer_session_timeout
36
+ reload_page
37
+ expect(page.body).to have_content('Static#session_protected_page')
38
+ wait_two_minutes
39
+ reload_page
40
+ expect(page.body).to have_content('Static#session_protected_page')
41
+ wait_two_minutes
42
+ reload_page
43
+ expect(page.body).to have_content('Static#session_protected_page')
44
+ wait_longer_than_public_computer_session_timeout
45
+ reload_page
46
+ expect(page.current_path).to match(/sign_in/)
47
+ end
48
+
49
+ end
50
+
51
+ end
52
+
53
+ describe 'with remember_me enabled only on a private computer session' do
54
+
55
+ before(:context) do
56
+ reset_default_config
57
+ DoorMat.configuration.allow_remember_me_feature = true
58
+ end
59
+ after (:context) do
60
+ reset_default_config
61
+ end
62
+
63
+ describe 'login on public computer without remember me' do
64
+
65
+ before (:example) do
66
+ is_public_computer = true
67
+ remember_me = false
68
+
69
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
70
+ visit '/sign_in'
71
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
72
+ end
73
+
74
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
75
+ wait_less_than_public_computer_session_timeout
76
+ reload_page
77
+ expect(page.body).to have_content('Static#session_protected_page')
78
+ wait_two_minutes
79
+ reload_page
80
+ expect(page.body).to have_content('Static#session_protected_page')
81
+ wait_two_minutes
82
+ reload_page
83
+ expect(page.body).to have_content('Static#session_protected_page')
84
+ wait_longer_than_public_computer_session_timeout
85
+ reload_page
86
+ expect(page.current_path).to match(/sign_in/)
87
+ end
88
+
89
+ end
90
+
91
+ describe 'login on public computer with remember me' do
92
+
93
+ before (:example) do
94
+ is_public_computer = true
95
+ remember_me = true
96
+
97
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
98
+ visit '/sign_in'
99
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
100
+ end
101
+
102
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
103
+ wait_less_than_public_computer_session_timeout
104
+ reload_page
105
+ expect(page.body).to have_content('Static#session_protected_page')
106
+ wait_two_minutes
107
+ reload_page
108
+ expect(page.body).to have_content('Static#session_protected_page')
109
+ wait_two_minutes
110
+ reload_page
111
+ expect(page.body).to have_content('Static#session_protected_page')
112
+ wait_longer_than_public_computer_session_timeout
113
+ reload_page
114
+ expect(page.current_path).to match(/sign_in/)
115
+ end
116
+
117
+ end
118
+
119
+ describe 'login on private computer without remember me' do
120
+
121
+ before (:example) do
122
+ is_public_computer = false
123
+ remember_me = false
124
+
125
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
126
+ visit '/sign_in'
127
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
128
+ end
129
+
130
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
131
+ wait_less_than_private_computer_session_timeout
132
+ reload_page
133
+ expect(page.body).to have_content('Static#session_protected_page')
134
+ wait_two_minutes
135
+ reload_page
136
+ expect(page.body).to have_content('Static#session_protected_page')
137
+ wait_two_minutes
138
+ reload_page
139
+ expect(page.body).to have_content('Static#session_protected_page')
140
+ wait_longer_than_private_computer_session_timeout
141
+ reload_page
142
+ expect(page.current_path).to match(/sign_in/)
143
+ end
144
+
145
+ end
146
+
147
+ describe 'login on private computer with remember me' do
148
+
149
+ before (:example) do
150
+ is_public_computer = false
151
+ remember_me = true
152
+
153
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
154
+ visit '/sign_in'
155
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
156
+ end
157
+
158
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
159
+ wait_less_than_private_computer_session_timeout
160
+ reload_page
161
+ expect(page.body).to have_content('Static#session_protected_page')
162
+ wait_two_minutes
163
+ reload_page
164
+ expect(page.body).to have_content('Static#session_protected_page')
165
+ wait_two_minutes
166
+ reload_page
167
+ expect(page.body).to have_content('Static#session_protected_page')
168
+ wait_longer_than_private_computer_session_timeout
169
+ reload_page
170
+ expect(page.body).to have_content('Static#session_protected_page')
171
+ wait_less_than_remember_me_timeout
172
+ reload_page
173
+ expect(page.body).to have_content('Static#session_protected_page')
174
+ wait_two_days
175
+ reload_page
176
+ expect(page.current_path).to match(/sign_in/)
177
+ end
178
+
179
+ end
180
+
181
+ end
182
+
183
+
184
+ describe 'with remember_me enabled on any session' do
185
+
186
+ before(:context) do
187
+ reset_default_config
188
+ DoorMat.configuration.allow_remember_me_feature = true
189
+ DoorMat.configuration.remember_me_require_private_computer_confirmation = false
190
+ end
191
+ after (:context) do
192
+ reset_default_config
193
+ end
194
+
195
+ describe 'login on public computer without remember me' do
196
+
197
+ before (:example) do
198
+ is_public_computer = true
199
+ remember_me = false
200
+
201
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
202
+ visit '/sign_in'
203
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
204
+ end
205
+
206
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
207
+ wait_less_than_public_computer_session_timeout
208
+ reload_page
209
+ expect(page.body).to have_content('Static#session_protected_page')
210
+ wait_two_minutes
211
+ reload_page
212
+ expect(page.body).to have_content('Static#session_protected_page')
213
+ wait_two_minutes
214
+ reload_page
215
+ expect(page.body).to have_content('Static#session_protected_page')
216
+ wait_longer_than_public_computer_session_timeout
217
+ reload_page
218
+ expect(page.current_path).to match(/sign_in/)
219
+ end
220
+
221
+ end
222
+
223
+ describe 'login on public computer with remember me' do
224
+
225
+ before (:example) do
226
+ is_public_computer = true
227
+ remember_me = true
228
+
229
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
230
+ visit '/sign_in'
231
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
232
+ end
233
+
234
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
235
+ wait_less_than_private_computer_session_timeout
236
+ reload_page
237
+ expect(page.body).to have_content('Static#session_protected_page')
238
+ wait_two_minutes
239
+ reload_page
240
+ expect(page.body).to have_content('Static#session_protected_page')
241
+ wait_two_minutes
242
+ reload_page
243
+ expect(page.body).to have_content('Static#session_protected_page')
244
+ wait_longer_than_private_computer_session_timeout
245
+ reload_page
246
+ expect(page.body).to have_content('Static#session_protected_page')
247
+ wait_less_than_remember_me_timeout
248
+ reload_page
249
+ expect(page.body).to have_content('Static#session_protected_page')
250
+ wait_two_days
251
+ reload_page
252
+ expect(page.current_path).to match(/sign_in/)
253
+ end
254
+
255
+ end
256
+
257
+ describe 'login on private computer without remember me' do
258
+
259
+ before (:example) do
260
+ is_public_computer = false
261
+ remember_me = false
262
+
263
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
264
+ visit '/sign_in'
265
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
266
+ end
267
+
268
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
269
+ wait_less_than_private_computer_session_timeout
270
+ reload_page
271
+ expect(page.body).to have_content('Static#session_protected_page')
272
+ wait_two_minutes
273
+ reload_page
274
+ expect(page.body).to have_content('Static#session_protected_page')
275
+ wait_two_minutes
276
+ reload_page
277
+ expect(page.body).to have_content('Static#session_protected_page')
278
+ wait_longer_than_private_computer_session_timeout
279
+ reload_page
280
+ expect(page.current_path).to match(/sign_in/)
281
+ end
282
+
283
+ end
284
+
285
+ describe 'login on private computer with remember me' do
286
+
287
+ before (:example) do
288
+ is_public_computer = false
289
+ remember_me = true
290
+
291
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(user[:email], user[:password])
292
+ visit '/sign_in'
293
+ fill_sign_in_form(user[:email], user[:password], is_public_computer, remember_me)
294
+ end
295
+
296
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
297
+ wait_less_than_private_computer_session_timeout
298
+ reload_page
299
+ expect(page.body).to have_content('Static#session_protected_page')
300
+ wait_two_minutes
301
+ reload_page
302
+ expect(page.body).to have_content('Static#session_protected_page')
303
+ wait_two_minutes
304
+ reload_page
305
+ expect(page.body).to have_content('Static#session_protected_page')
306
+ wait_longer_than_private_computer_session_timeout
307
+ reload_page
308
+ expect(page.body).to have_content('Static#session_protected_page')
309
+ wait_less_than_remember_me_timeout
310
+ reload_page
311
+ expect(page.body).to have_content('Static#session_protected_page')
312
+ wait_two_days
313
+ reload_page
314
+ expect(page.current_path).to match(/sign_in/)
315
+ end
316
+
317
+ end
318
+
319
+ end
320
+
321
+
322
+ end
323
+
324
+
325
+
326
+ describe 'access_token access control across time' do
327
+
328
+ describe 'with default config' do
329
+
330
+ before(:context) do
331
+ reset_default_config
332
+ end
333
+ after (:context) do
334
+ reset_default_config
335
+ end
336
+
337
+ describe 'login on public computer without remember me' do
338
+
339
+ before (:example) do
340
+ is_public_computer = true
341
+ remember_me = false
342
+
343
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
344
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
345
+
346
+ visit '/big_ticket'
347
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
348
+
349
+ visit manage_list_url
350
+ end
351
+
352
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
353
+ wait_longer_than_public_computer_session_timeout
354
+ reload_page
355
+ expect(page.current_path).to match(/big_ticket/)
356
+ end
357
+
358
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
359
+ wait_less_than_public_computer_session_timeout
360
+ reload_page
361
+ expect(page.body).to have_content('Big ticket Winner')
362
+ wait_two_minutes
363
+ reload_page
364
+ expect(page.body).to have_content('Big ticket Winner')
365
+ wait_two_minutes
366
+ reload_page
367
+ expect(page.body).to have_content('Big ticket Winner')
368
+ wait_longer_than_public_computer_session_timeout
369
+ reload_page
370
+ expect(page.current_path).to match(/big_ticket/)
371
+ end
372
+
373
+ end
374
+
375
+ end
376
+
377
+ describe 'with remember_me enabled only on a private computer session' do
378
+
379
+ before(:context) do
380
+ reset_default_config
381
+ DoorMat.configuration.allow_remember_me_feature = true
382
+ end
383
+ after (:context) do
384
+ reset_default_config
385
+ end
386
+
387
+ describe 'login on public computer without remember me' do
388
+
389
+ before (:example) do
390
+ is_public_computer = true
391
+ remember_me = false
392
+
393
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
394
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
395
+
396
+ visit '/big_ticket'
397
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
398
+ visit manage_list_url
399
+ end
400
+
401
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
402
+ wait_less_than_public_computer_session_timeout
403
+ reload_page
404
+ expect(page.body).to have_content('Big ticket Winner')
405
+ wait_two_minutes
406
+ reload_page
407
+ expect(page.body).to have_content('Big ticket Winner')
408
+ wait_two_minutes
409
+ reload_page
410
+ expect(page.body).to have_content('Big ticket Winner')
411
+ wait_longer_than_public_computer_session_timeout
412
+ reload_page
413
+ expect(page.current_path).to match(/big_ticket/)
414
+ end
415
+
416
+ end
417
+
418
+ describe 'login on public computer with remember me' do
419
+
420
+ before (:example) do
421
+ is_public_computer = true
422
+ remember_me = true
423
+
424
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
425
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
426
+
427
+ visit '/big_ticket'
428
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
429
+ visit manage_list_url
430
+ end
431
+
432
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
433
+ wait_less_than_public_computer_session_timeout
434
+ reload_page
435
+ expect(page.body).to have_content('Big ticket Winner')
436
+ wait_two_minutes
437
+ reload_page
438
+ expect(page.body).to have_content('Big ticket Winner')
439
+ wait_two_minutes
440
+ reload_page
441
+ expect(page.body).to have_content('Big ticket Winner')
442
+ wait_longer_than_public_computer_session_timeout
443
+ reload_page
444
+ expect(page.current_path).to match(/big_ticket/)
445
+ end
446
+
447
+ end
448
+
449
+ describe 'login on private computer without remember me' do
450
+
451
+ before (:example) do
452
+ is_public_computer = false
453
+ remember_me = false
454
+
455
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
456
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
457
+
458
+ visit '/big_ticket'
459
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
460
+ visit manage_list_url
461
+ end
462
+
463
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
464
+ wait_less_than_private_computer_session_timeout
465
+ reload_page
466
+ expect(page.body).to have_content('Big ticket Winner')
467
+ wait_two_minutes
468
+ reload_page
469
+ expect(page.body).to have_content('Big ticket Winner')
470
+ wait_two_minutes
471
+ reload_page
472
+ expect(page.body).to have_content('Big ticket Winner')
473
+ wait_longer_than_private_computer_session_timeout
474
+ reload_page
475
+ expect(page.current_path).to match(/big_ticket/)
476
+ end
477
+
478
+ end
479
+
480
+ describe 'login on private computer with remember me' do
481
+
482
+ before (:example) do
483
+ is_public_computer = false
484
+ remember_me = true
485
+
486
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
487
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
488
+
489
+ visit '/big_ticket'
490
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
491
+ visit manage_list_url
492
+ end
493
+
494
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
495
+ wait_less_than_private_computer_session_timeout
496
+ reload_page
497
+ expect(page.body).to have_content('Big ticket Winner')
498
+ wait_two_minutes
499
+ reload_page
500
+ expect(page.body).to have_content('Big ticket Winner')
501
+ wait_two_minutes
502
+ reload_page
503
+ expect(page.body).to have_content('Big ticket Winner')
504
+ wait_longer_than_private_computer_session_timeout
505
+ reload_page
506
+ expect(page.body).to have_content('Big ticket Winner')
507
+ wait_less_than_remember_me_timeout
508
+ reload_page
509
+ expect(page.body).to have_content('Big ticket Winner')
510
+ wait_two_days
511
+ reload_page
512
+ expect(page.current_path).to match(/big_ticket/)
513
+ end
514
+
515
+ end
516
+
517
+ end
518
+
519
+
520
+ describe 'with remember_me enabled on any session' do
521
+
522
+ before(:context) do
523
+ reset_default_config
524
+ DoorMat.configuration.allow_remember_me_feature = true
525
+ DoorMat.configuration.remember_me_require_private_computer_confirmation = false
526
+ end
527
+ after (:context) do
528
+ reset_default_config
529
+ end
530
+
531
+ describe 'login on public computer without remember me' do
532
+
533
+ before (:example) do
534
+ is_public_computer = true
535
+ remember_me = false
536
+
537
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
538
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
539
+
540
+ visit '/big_ticket'
541
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
542
+ visit manage_list_url
543
+ end
544
+
545
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
546
+ wait_less_than_public_computer_session_timeout
547
+ reload_page
548
+ expect(page.body).to have_content('Big ticket Winner')
549
+ wait_two_minutes
550
+ reload_page
551
+ expect(page.body).to have_content('Big ticket Winner')
552
+ wait_two_minutes
553
+ reload_page
554
+ expect(page.body).to have_content('Big ticket Winner')
555
+ wait_longer_than_public_computer_session_timeout
556
+ reload_page
557
+ expect(page.current_path).to match(/big_ticket/)
558
+ end
559
+
560
+ end
561
+
562
+ describe 'login on public computer with remember me' do
563
+
564
+ before (:example) do
565
+ is_public_computer = true
566
+ remember_me = true
567
+
568
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
569
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
570
+
571
+ visit '/big_ticket'
572
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
573
+ visit manage_list_url
574
+ end
575
+
576
+ it 'requires a sign in if I wait longer than the public computer timeout without interacting with the site' do
577
+ wait_less_than_private_computer_session_timeout
578
+ reload_page
579
+ expect(page.body).to have_content('Big ticket Winner')
580
+ wait_two_minutes
581
+ reload_page
582
+ expect(page.body).to have_content('Big ticket Winner')
583
+ wait_two_minutes
584
+ reload_page
585
+ expect(page.body).to have_content('Big ticket Winner')
586
+ wait_longer_than_private_computer_session_timeout
587
+ reload_page
588
+ expect(page.body).to have_content('Big ticket Winner')
589
+ wait_less_than_remember_me_timeout
590
+ reload_page
591
+ expect(page.body).to have_content('Big ticket Winner')
592
+ wait_two_days
593
+ reload_page
594
+ expect(page.current_path).to match(/big_ticket/)
595
+ end
596
+
597
+ end
598
+
599
+ describe 'login on private computer without remember me' do
600
+
601
+ before (:example) do
602
+ is_public_computer = false
603
+ remember_me = false
604
+
605
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
606
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
607
+
608
+ visit '/big_ticket'
609
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
610
+ visit manage_list_url
611
+ end
612
+
613
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
614
+ wait_less_than_private_computer_session_timeout
615
+ reload_page
616
+ expect(page.body).to have_content('Big ticket Winner')
617
+ wait_two_minutes
618
+ reload_page
619
+ expect(page.body).to have_content('Big ticket Winner')
620
+ wait_two_minutes
621
+ reload_page
622
+ expect(page.body).to have_content('Big ticket Winner')
623
+ wait_longer_than_private_computer_session_timeout
624
+ reload_page
625
+ expect(page.current_path).to match(/big_ticket/)
626
+ end
627
+
628
+ end
629
+
630
+ describe 'login on private computer with remember me' do
631
+
632
+ before (:example) do
633
+ is_public_computer = false
634
+ remember_me = true
635
+
636
+ admin = {email: Rails.application.secrets.admin_account_email, password: Rails.application.secrets.admin_account_pwd}
637
+ DoorMat::TestHelper.create_signed_up_actor_with_confirmed_email_address(admin[:email], admin[:password])
638
+
639
+ visit '/big_ticket'
640
+ manage_list_url = fill_access_token_form(user[:name], user[:email], user[:email], is_public_computer, remember_me)
641
+ visit manage_list_url
642
+ end
643
+
644
+ it 'requires a sign in if I wait longer than the private computer timeout without interacting with the site' do
645
+ wait_less_than_private_computer_session_timeout
646
+ reload_page
647
+ expect(page.body).to have_content('Big ticket Winner')
648
+ wait_two_minutes
649
+ reload_page
650
+ expect(page.body).to have_content('Big ticket Winner')
651
+ wait_two_minutes
652
+ reload_page
653
+ expect(page.body).to have_content('Big ticket Winner')
654
+ wait_longer_than_private_computer_session_timeout
655
+ reload_page
656
+ expect(page.body).to have_content('Big ticket Winner')
657
+ wait_less_than_remember_me_timeout
658
+ reload_page
659
+ expect(page.body).to have_content('Big ticket Winner')
660
+ wait_two_days
661
+ reload_page
662
+ expect(page.current_path).to match(/big_ticket/)
663
+ end
664
+
665
+ end
666
+
667
+ end
668
+
669
+ end
670
+
671
+ end
672
+ end