expertiza-authlogic 2.1.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (125) hide show
  1. data/CHANGELOG.rdoc +345 -0
  2. data/LICENSE +20 -0
  3. data/README.rdoc +246 -0
  4. data/Rakefile +41 -0
  5. data/VERSION.yml +5 -0
  6. data/expertiza-authlogic.gemspec +161 -0
  7. data/generators/session/session_generator.rb +9 -0
  8. data/generators/session/templates/session.rb +2 -0
  9. data/init.rb +1 -0
  10. data/lib/authlogic.rb +64 -0
  11. data/lib/authlogic/acts_as_authentic/base.rb +107 -0
  12. data/lib/authlogic/acts_as_authentic/email.rb +110 -0
  13. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +60 -0
  14. data/lib/authlogic/acts_as_authentic/login.rb +141 -0
  15. data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
  16. data/lib/authlogic/acts_as_authentic/password.rb +391 -0
  17. data/lib/authlogic/acts_as_authentic/perishable_token.rb +105 -0
  18. data/lib/authlogic/acts_as_authentic/persistence_token.rb +68 -0
  19. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +76 -0
  20. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +139 -0
  21. data/lib/authlogic/acts_as_authentic/single_access_token.rb +65 -0
  22. data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
  23. data/lib/authlogic/authenticates_many/association.rb +42 -0
  24. data/lib/authlogic/authenticates_many/base.rb +55 -0
  25. data/lib/authlogic/controller_adapters/abstract_adapter.rb +67 -0
  26. data/lib/authlogic/controller_adapters/merb_adapter.rb +30 -0
  27. data/lib/authlogic/controller_adapters/rails_adapter.rb +48 -0
  28. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +61 -0
  29. data/lib/authlogic/crypto_providers/aes256.rb +43 -0
  30. data/lib/authlogic/crypto_providers/bcrypt.rb +90 -0
  31. data/lib/authlogic/crypto_providers/md5.rb +34 -0
  32. data/lib/authlogic/crypto_providers/sha1.rb +35 -0
  33. data/lib/authlogic/crypto_providers/sha256.rb +50 -0
  34. data/lib/authlogic/crypto_providers/sha512.rb +50 -0
  35. data/lib/authlogic/crypto_providers/wordpress.rb +43 -0
  36. data/lib/authlogic/i18n.rb +83 -0
  37. data/lib/authlogic/i18n/translator.rb +15 -0
  38. data/lib/authlogic/random.rb +33 -0
  39. data/lib/authlogic/regex.rb +25 -0
  40. data/lib/authlogic/session/activation.rb +58 -0
  41. data/lib/authlogic/session/active_record_trickery.rb +64 -0
  42. data/lib/authlogic/session/base.rb +37 -0
  43. data/lib/authlogic/session/brute_force_protection.rb +96 -0
  44. data/lib/authlogic/session/callbacks.rb +99 -0
  45. data/lib/authlogic/session/cookies.rb +130 -0
  46. data/lib/authlogic/session/existence.rb +93 -0
  47. data/lib/authlogic/session/foundation.rb +63 -0
  48. data/lib/authlogic/session/http_auth.rb +58 -0
  49. data/lib/authlogic/session/id.rb +41 -0
  50. data/lib/authlogic/session/klass.rb +78 -0
  51. data/lib/authlogic/session/magic_columns.rb +95 -0
  52. data/lib/authlogic/session/magic_states.rb +59 -0
  53. data/lib/authlogic/session/params.rb +101 -0
  54. data/lib/authlogic/session/password.rb +240 -0
  55. data/lib/authlogic/session/perishable_token.rb +18 -0
  56. data/lib/authlogic/session/persistence.rb +70 -0
  57. data/lib/authlogic/session/priority_record.rb +34 -0
  58. data/lib/authlogic/session/scopes.rb +101 -0
  59. data/lib/authlogic/session/session.rb +62 -0
  60. data/lib/authlogic/session/timeout.rb +82 -0
  61. data/lib/authlogic/session/unauthorized_record.rb +50 -0
  62. data/lib/authlogic/session/validation.rb +82 -0
  63. data/lib/authlogic/test_case.rb +120 -0
  64. data/lib/authlogic/test_case/mock_controller.rb +45 -0
  65. data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -0
  66. data/lib/authlogic/test_case/mock_logger.rb +10 -0
  67. data/lib/authlogic/test_case/mock_request.rb +19 -0
  68. data/lib/authlogic/test_case/rails_request_adapter.rb +30 -0
  69. data/rails/init.rb +1 -0
  70. data/shoulda_macros/authlogic.rb +69 -0
  71. data/test/acts_as_authentic_test/base_test.rb +18 -0
  72. data/test/acts_as_authentic_test/email_test.rb +101 -0
  73. data/test/acts_as_authentic_test/logged_in_status_test.rb +36 -0
  74. data/test/acts_as_authentic_test/login_test.rb +109 -0
  75. data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
  76. data/test/acts_as_authentic_test/password_test.rb +245 -0
  77. data/test/acts_as_authentic_test/perishable_token_test.rb +90 -0
  78. data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
  79. data/test/acts_as_authentic_test/restful_authentication_test.rb +40 -0
  80. data/test/acts_as_authentic_test/session_maintenance_test.rb +84 -0
  81. data/test/acts_as_authentic_test/single_access_test.rb +44 -0
  82. data/test/authenticates_many_test.rb +16 -0
  83. data/test/crypto_provider_test/aes256_test.rb +14 -0
  84. data/test/crypto_provider_test/bcrypt_test.rb +14 -0
  85. data/test/crypto_provider_test/sha1_test.rb +23 -0
  86. data/test/crypto_provider_test/sha256_test.rb +14 -0
  87. data/test/crypto_provider_test/sha512_test.rb +14 -0
  88. data/test/fixtures/companies.yml +5 -0
  89. data/test/fixtures/employees.yml +17 -0
  90. data/test/fixtures/projects.yml +3 -0
  91. data/test/fixtures/users.yml +24 -0
  92. data/test/i18n_test.rb +33 -0
  93. data/test/libs/affiliate.rb +7 -0
  94. data/test/libs/company.rb +6 -0
  95. data/test/libs/employee.rb +7 -0
  96. data/test/libs/employee_session.rb +2 -0
  97. data/test/libs/ldaper.rb +3 -0
  98. data/test/libs/ordered_hash.rb +9 -0
  99. data/test/libs/project.rb +3 -0
  100. data/test/libs/user.rb +5 -0
  101. data/test/libs/user_session.rb +6 -0
  102. data/test/random_test.rb +42 -0
  103. data/test/session_test/activation_test.rb +43 -0
  104. data/test/session_test/active_record_trickery_test.rb +36 -0
  105. data/test/session_test/brute_force_protection_test.rb +101 -0
  106. data/test/session_test/callbacks_test.rb +6 -0
  107. data/test/session_test/cookies_test.rb +112 -0
  108. data/test/session_test/credentials_test.rb +0 -0
  109. data/test/session_test/existence_test.rb +64 -0
  110. data/test/session_test/http_auth_test.rb +28 -0
  111. data/test/session_test/id_test.rb +17 -0
  112. data/test/session_test/klass_test.rb +40 -0
  113. data/test/session_test/magic_columns_test.rb +62 -0
  114. data/test/session_test/magic_states_test.rb +60 -0
  115. data/test/session_test/params_test.rb +53 -0
  116. data/test/session_test/password_test.rb +106 -0
  117. data/test/session_test/perishability_test.rb +15 -0
  118. data/test/session_test/persistence_test.rb +21 -0
  119. data/test/session_test/scopes_test.rb +60 -0
  120. data/test/session_test/session_test.rb +59 -0
  121. data/test/session_test/timeout_test.rb +52 -0
  122. data/test/session_test/unauthorized_record_test.rb +13 -0
  123. data/test/session_test/validation_test.rb +23 -0
  124. data/test/test_helper.rb +182 -0
  125. metadata +205 -0
@@ -0,0 +1,10 @@
1
+ module Authlogic
2
+ module TestCase
3
+ # Simple class to replace real loggers, so that we can raise any errors being logged.
4
+ class MockLogger
5
+ def error(message)
6
+ raise message
7
+ end
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,19 @@
1
+ module Authlogic
2
+ module TestCase
3
+ class MockRequest # :nodoc:
4
+ attr_accessor :controller
5
+
6
+ def initialize(controller)
7
+ self.controller = controller
8
+ end
9
+
10
+ def remote_ip
11
+ (controller && controller.respond_to?(:env) && controller.env.is_a?(Hash) && controller.env['REMOTE_ADDR']) || "1.1.1.1"
12
+ end
13
+
14
+ private
15
+ def method_missing(*args, &block)
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,30 @@
1
+ module Authlogic
2
+ module TestCase
3
+ # Adapts authlogic to work with the @request object when testing. This way Authlogic can set cookies and what not before
4
+ # a request is made, ultimately letting you log in users in functional tests.
5
+ class RailsRequestAdapter < ControllerAdapters::AbstractAdapter
6
+ def authenticate_with_http_basic(&block)
7
+ end
8
+
9
+ def cookies
10
+ new_cookies = MockCookieJar.new
11
+ super.each do |key, value|
12
+ new_cookies[key] = value[:value]
13
+ end
14
+ new_cookies
15
+ end
16
+
17
+ def cookie_domain
18
+ nil
19
+ end
20
+
21
+ def request
22
+ @request ||= MockRequest.new(controller)
23
+ end
24
+
25
+ def request_content_type
26
+ request.format.to_s
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1 @@
1
+ require "authlogic"
@@ -0,0 +1,69 @@
1
+ # Test::Unit
2
+ # Place this file into your test/shoulda_macros directory
3
+ #
4
+ # Example:
5
+ #
6
+ # class UserTest
7
+ # should_have_authlogic
8
+ # end
9
+ #
10
+ # Rspec
11
+ # Place this file into your spec/support/shoulda directory
12
+ #
13
+ # Example:
14
+ #
15
+ # describe User do
16
+ # it { should have_authlogic }
17
+ # end
18
+
19
+ module Authlogic
20
+ module Shoulda
21
+
22
+ module Matchers
23
+ def have_authlogic
24
+ HaveAuthlogic.new
25
+ end
26
+ alias_method :be_authentic, :have_authlogic
27
+
28
+ class HaveAuthlogic
29
+
30
+ def matches?(subject)
31
+ subject.respond_to?(:password=) && subject.respond_to?(:valid_password?)
32
+ end
33
+
34
+ def failure_message
35
+ "Add the line 'acts_as_authentic' to your model"
36
+ end
37
+
38
+ def description
39
+ "have Authlogic"
40
+ end
41
+ end
42
+
43
+ end
44
+
45
+ module Macros
46
+ include Matchers
47
+
48
+ def should_have_authlogic
49
+ klass = described_type rescue model_class
50
+ matcher = HaveAuthlogic.new
51
+
52
+ should matcher.description do
53
+ assert matcher.matches?(klass.new), matcher.failure_message
54
+ end
55
+ end
56
+ alias_method :should_be_authentic, :should_have_authlogic
57
+
58
+ end
59
+
60
+ end
61
+ end
62
+
63
+ if defined? Spec
64
+ Spec::Runner.configure do |config|
65
+ config.include(Authlogic::Shoulda::Matchers)
66
+ end
67
+ else
68
+ Test::Unit::TestCase.class_eval { extend Authlogic::Shoulda::Macros }
69
+ end
@@ -0,0 +1,18 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class BaseTest < ActiveSupport::TestCase
5
+ def test_acts_as_authentic
6
+ assert_nothing_raised do
7
+ User.acts_as_authentic do
8
+ end
9
+ end
10
+ end
11
+
12
+ def test_acts_as_authentic_with_old_config
13
+ assert_raise(ArgumentError) do
14
+ User.acts_as_authentic({})
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,101 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class EmailTest < ActiveSupport::TestCase
5
+ def test_email_field_config
6
+ assert_equal :email, User.email_field
7
+ assert_equal :email, Employee.email_field
8
+
9
+ User.email_field = :nope
10
+ assert_equal :nope, User.email_field
11
+ User.email_field :email
12
+ assert_equal :email, User.email_field
13
+ end
14
+
15
+ def test_validate_email_field_config
16
+ assert User.validate_email_field
17
+ assert Employee.validate_email_field
18
+
19
+ User.validate_email_field = false
20
+ assert !User.validate_email_field
21
+ User.validate_email_field true
22
+ assert User.validate_email_field
23
+ end
24
+
25
+ def test_validates_length_of_email_field_options_config
26
+ assert_equal({:within => 6..100}, User.validates_length_of_email_field_options)
27
+ assert_equal({:within => 6..100}, Employee.validates_length_of_email_field_options)
28
+
29
+ User.validates_length_of_email_field_options = {:yes => "no"}
30
+ assert_equal({:yes => "no"}, User.validates_length_of_email_field_options)
31
+ User.validates_length_of_email_field_options({:within => 6..100})
32
+ assert_equal({:within => 6..100}, User.validates_length_of_email_field_options)
33
+ end
34
+
35
+ def test_validates_format_of_email_field_options_config
36
+ default = {:with => Authlogic::Regex.email, :message => I18n.t('error_messages.email_invalid', :default => "should look like an email address.")}
37
+ assert_equal default, User.validates_format_of_email_field_options
38
+ assert_equal default, Employee.validates_format_of_email_field_options
39
+
40
+ User.validates_format_of_email_field_options = {:yes => "no"}
41
+ assert_equal({:yes => "no"}, User.validates_format_of_email_field_options)
42
+ User.validates_format_of_email_field_options default
43
+ assert_equal default, User.validates_format_of_email_field_options
44
+ end
45
+
46
+ def test_validates_uniqueness_of_email_field_options_config
47
+ default = {:case_sensitive => false, :scope => Employee.validations_scope, :if => "#{Employee.email_field}_changed?".to_sym}
48
+ assert_equal default, Employee.validates_uniqueness_of_email_field_options
49
+
50
+ Employee.validates_uniqueness_of_email_field_options = {:yes => "no"}
51
+ assert_equal({:yes => "no"}, Employee.validates_uniqueness_of_email_field_options)
52
+ Employee.validates_uniqueness_of_email_field_options default
53
+ assert_equal default, Employee.validates_uniqueness_of_email_field_options
54
+ end
55
+
56
+ def test_validates_length_of_email_field
57
+ u = User.new
58
+ u.email = "a@a.a"
59
+ assert !u.valid?
60
+ assert u.errors[:email].size > 0
61
+
62
+ u.email = "a@a.com"
63
+ assert !u.valid?
64
+ assert u.errors[:email].size == 0
65
+ end
66
+
67
+ def test_validates_format_of_email_field
68
+ u = User.new
69
+ u.email = "aaaaaaaaaaaaa"
70
+ u.valid?
71
+ assert u.errors[:email].size > 0
72
+
73
+ u.email = "a@a.com"
74
+ u.valid?
75
+ assert u.errors[:email].size == 0
76
+
77
+ u.email = "damien+test1...etc..@mydomain.com"
78
+ u.valid?
79
+ assert u.errors[:email].size == 0
80
+
81
+ u.email = "dakota.dux+1@gmail.com"
82
+ u.valid?
83
+ assert u.errors[:email].size == 0
84
+ end
85
+
86
+ def test_validates_uniqueness_of_email_field
87
+ u = User.new
88
+ u.email = "bjohnson@binarylogic.com"
89
+ assert !u.valid?
90
+ assert u.errors[:email].size > 0
91
+
92
+ u.email = "BJOHNSON@binarylogic.com"
93
+ assert !u.valid?
94
+ assert u.errors[:email].size > 0
95
+
96
+ u.email = "a@a.com"
97
+ assert !u.valid?
98
+ assert u.errors[:email].size == 0
99
+ end
100
+ end
101
+ end
@@ -0,0 +1,36 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class LoggedInStatusTest < ActiveSupport::TestCase
5
+ def test_logged_in_timeout_config
6
+ assert_equal 10.minutes.to_i, User.logged_in_timeout
7
+ assert_equal 10.minutes.to_i, Employee.logged_in_timeout
8
+
9
+ User.logged_in_timeout = 1.hour
10
+ assert_equal 1.hour.to_i, User.logged_in_timeout
11
+ User.logged_in_timeout 10.minutes
12
+ assert_equal 10.minutes.to_i, User.logged_in_timeout
13
+ end
14
+
15
+ def test_named_scope_logged_in
16
+ assert_equal 0, User.logged_in.count
17
+ User.first.update_attribute(:last_request_at, Time.now)
18
+ assert_equal 1, User.logged_in.count
19
+ end
20
+
21
+ def test_named_scope_logged_out
22
+ assert_equal 2, User.logged_out.count
23
+ User.first.update_attribute(:last_request_at, Time.now)
24
+ assert_equal 1, User.logged_out.count
25
+ end
26
+
27
+ def test_logged_in_logged_out
28
+ u = User.first
29
+ assert !u.logged_in?
30
+ assert u.logged_out?
31
+ u.last_request_at = Time.now
32
+ assert u.logged_in?
33
+ assert !u.logged_out?
34
+ end
35
+ end
36
+ end
@@ -0,0 +1,109 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class LoginTest < ActiveSupport::TestCase
5
+ def test_login_field_config
6
+ assert_equal :login, User.login_field
7
+ assert_nil Employee.login_field
8
+
9
+ User.login_field = :nope
10
+ assert_equal :nope, User.login_field
11
+ User.login_field :login
12
+ assert_equal :login, User.login_field
13
+ end
14
+
15
+ def test_validate_login_field_config
16
+ assert User.validate_login_field
17
+ assert Employee.validate_login_field
18
+
19
+ User.validate_login_field = false
20
+ assert !User.validate_login_field
21
+ User.validate_login_field true
22
+ assert User.validate_login_field
23
+ end
24
+
25
+ def test_validates_length_of_login_field_options_config
26
+ assert_equal({:within => 3..100}, User.validates_length_of_login_field_options)
27
+ assert_equal({:within => 3..100}, Employee.validates_length_of_login_field_options)
28
+
29
+ User.validates_length_of_login_field_options = {:yes => "no"}
30
+ assert_equal({:yes => "no"}, User.validates_length_of_login_field_options)
31
+ User.validates_length_of_login_field_options({:within => 3..100})
32
+ assert_equal({:within => 3..100}, User.validates_length_of_login_field_options)
33
+ end
34
+
35
+ def test_validates_format_of_login_field_options_config
36
+ default = {:with => /\A\w[\w\.+\-_@ ]+$/, :message => I18n.t('error_messages.login_invalid', :default => "should use only letters, numbers, spaces, and .-_@ please.")}
37
+ assert_equal default, User.validates_format_of_login_field_options
38
+ assert_equal default, Employee.validates_format_of_login_field_options
39
+
40
+ User.validates_format_of_login_field_options = {:yes => "no"}
41
+ assert_equal({:yes => "no"}, User.validates_format_of_login_field_options)
42
+ User.validates_format_of_login_field_options default
43
+ assert_equal default, User.validates_format_of_login_field_options
44
+ end
45
+
46
+ def test_validates_uniqueness_of_login_field_options_config
47
+ default = {:case_sensitive => false, :scope => User.validations_scope, :if => "#{User.login_field}_changed?".to_sym}
48
+ assert_equal default, User.validates_uniqueness_of_login_field_options
49
+
50
+ User.validates_uniqueness_of_login_field_options = {:yes => "no"}
51
+ assert_equal({:yes => "no"}, User.validates_uniqueness_of_login_field_options)
52
+ User.validates_uniqueness_of_login_field_options default
53
+ assert_equal default, User.validates_uniqueness_of_login_field_options
54
+ end
55
+
56
+ def test_validates_length_of_login_field
57
+ u = User.new
58
+ u.login = "a"
59
+ assert !u.valid?
60
+ assert u.errors[:login].size > 0
61
+
62
+ u.login = "aaaaaaaaaa"
63
+ assert !u.valid?
64
+ assert u.errors[:login].size == 0
65
+ end
66
+
67
+ def test_validates_format_of_login_field
68
+ u = User.new
69
+ u.login = "fdsf@^&*"
70
+ assert !u.valid?
71
+ assert u.errors[:login].size > 0
72
+
73
+ u.login = "fdsfdsfdsfdsfs"
74
+ assert !u.valid?
75
+ assert u.errors[:login].size == 0
76
+
77
+ u.login = "dakota.dux+1@gmail.com"
78
+ assert !u.valid?
79
+ assert u.errors[:login].size == 0
80
+ end
81
+
82
+ def test_validates_uniqueness_of_login_field
83
+ u = User.new
84
+ u.login = "bjohnson"
85
+ assert !u.valid?
86
+ assert u.errors[:login].size > 0
87
+
88
+ u.login = "BJOHNSON"
89
+ assert !u.valid?
90
+ assert u.errors[:login].size > 0
91
+
92
+ u.login = "fdsfdsf"
93
+ assert !u.valid?
94
+ assert u.errors[:login].size == 0
95
+ end
96
+
97
+ def test_find_by_smart_case_login_field
98
+ ben = users(:ben)
99
+ assert_equal ben, User.find_by_smart_case_login_field("bjohnson")
100
+ assert_equal ben, User.find_by_smart_case_login_field("BJOHNSON")
101
+ assert_equal ben, User.find_by_smart_case_login_field("Bjohnson")
102
+
103
+ drew = employees(:drew)
104
+ assert_equal drew, Employee.find_by_smart_case_login_field("dgainor@binarylogic.com")
105
+ assert_equal drew, Employee.find_by_smart_case_login_field("Dgainor@binarylogic.com")
106
+ assert_equal drew, Employee.find_by_smart_case_login_field("DGAINOR@BINARYLOGIC.COM")
107
+ end
108
+ end
109
+ end
@@ -0,0 +1,27 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class MagicColumnsTest < ActiveSupport::TestCase
5
+ def test_validates_numericality_of_login_count
6
+ u = User.new
7
+ u.login_count = -1
8
+ assert !u.valid?
9
+ assert u.errors[:login_count].size > 0
10
+
11
+ u.login_count = 0
12
+ assert !u.valid?
13
+ assert u.errors[:login_count].size == 0
14
+ end
15
+
16
+ def test_validates_numericality_of_failed_login_count
17
+ u = User.new
18
+ u.failed_login_count = -1
19
+ assert !u.valid?
20
+ assert u.errors[:failed_login_count].size > 0
21
+
22
+ u.failed_login_count = 0
23
+ assert !u.valid?
24
+ assert u.errors[:failed_login_count].size == 0
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,245 @@
1
+ require File.dirname(__FILE__) + '/../test_helper.rb'
2
+
3
+ module ActsAsAuthenticTest
4
+ class PasswordTest < ActiveSupport::TestCase
5
+ def test_password_field_config
6
+ User.password_field = :nope
7
+ assert_equal :nope, User.password_field
8
+ assert_equal :nope_confirmation, User.password_confirmation_field
9
+ User.password_field :password
10
+ assert_equal :password, User.password_field
11
+ assert_equal :password_confirmation, User.password_confirmation_field
12
+ end
13
+
14
+ def test_crypted_password_field_config
15
+ assert_equal :crypted_password, User.crypted_password_field
16
+ assert_equal :crypted_password, Employee.crypted_password_field
17
+
18
+ User.crypted_password_field = :nope
19
+ assert_equal :nope, User.crypted_password_field
20
+ User.crypted_password_field :crypted_password
21
+ assert_equal :crypted_password, User.crypted_password_field
22
+ end
23
+
24
+ def test_password_salt_field_config
25
+ assert_equal :password_salt, User.password_salt_field
26
+ assert_equal :password_salt, Employee.password_salt_field
27
+
28
+ User.password_salt_field = :nope
29
+ assert_equal :nope, User.password_salt_field
30
+ User.password_salt_field :password_salt
31
+ assert_equal :password_salt, User.password_salt_field
32
+ end
33
+
34
+ def test_ignore_blank_passwords_config
35
+ assert User.ignore_blank_passwords
36
+ assert Employee.ignore_blank_passwords
37
+
38
+ User.ignore_blank_passwords = false
39
+ assert !User.ignore_blank_passwords
40
+ User.ignore_blank_passwords true
41
+ assert User.ignore_blank_passwords
42
+ end
43
+
44
+ def test_check_passwords_against_database
45
+ assert User.check_passwords_against_database
46
+ User.check_passwords_against_database = false
47
+ assert !User.check_passwords_against_database
48
+ User.check_passwords_against_database true
49
+ assert User.check_passwords_against_database
50
+ end
51
+
52
+ def test_validate_password_field_config
53
+ assert User.validate_password_field
54
+ assert Employee.validate_password_field
55
+
56
+ User.validate_password_field = false
57
+ assert !User.validate_password_field
58
+ User.validate_password_field true
59
+ assert User.validate_password_field
60
+ end
61
+
62
+ def test_validates_length_of_password_field_options_config
63
+ default = {:minimum => 4, :if => :require_password?}
64
+ assert_equal default, User.validates_length_of_password_field_options
65
+ assert_equal default, Employee.validates_length_of_password_field_options
66
+
67
+ User.validates_length_of_password_field_options = {:yes => "no"}
68
+ assert_equal({:yes => "no"}, User.validates_length_of_password_field_options)
69
+ User.validates_length_of_password_field_options default
70
+ assert_equal default, User.validates_length_of_password_field_options
71
+ end
72
+
73
+ def test_validates_confirmation_of_password_field_options_config
74
+ default = {:if => :require_password?}
75
+ assert_equal default, User.validates_confirmation_of_password_field_options
76
+ assert_equal default, Employee.validates_confirmation_of_password_field_options
77
+
78
+ User.validates_confirmation_of_password_field_options = {:yes => "no"}
79
+ assert_equal({:yes => "no"}, User.validates_confirmation_of_password_field_options)
80
+ User.validates_confirmation_of_password_field_options default
81
+ assert_equal default, User.validates_confirmation_of_password_field_options
82
+ end
83
+
84
+ def test_validates_length_of_password_confirmation_field_options_config
85
+ default = {:minimum => 4, :if => :require_password?}
86
+ assert_equal default, User.validates_length_of_password_confirmation_field_options
87
+ assert_equal default, Employee.validates_length_of_password_confirmation_field_options
88
+
89
+ User.validates_length_of_password_confirmation_field_options = {:yes => "no"}
90
+ assert_equal({:yes => "no"}, User.validates_length_of_password_confirmation_field_options)
91
+ User.validates_length_of_password_confirmation_field_options default
92
+ assert_equal default, User.validates_length_of_password_confirmation_field_options
93
+ end
94
+
95
+ def test_crypto_provider_config
96
+ assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
97
+ assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
98
+
99
+ User.crypto_provider = Authlogic::CryptoProviders::BCrypt
100
+ assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
101
+ User.crypto_provider Authlogic::CryptoProviders::Sha512
102
+ assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
103
+ end
104
+
105
+ def test_transition_from_crypto_providers_config
106
+ assert_equal [], User.transition_from_crypto_providers
107
+ assert_equal [], Employee.transition_from_crypto_providers
108
+
109
+ User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
110
+ assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
111
+ User.transition_from_crypto_providers []
112
+ assert_equal [], User.transition_from_crypto_providers
113
+ end
114
+
115
+ def test_validates_length_of_password
116
+ u = User.new
117
+ u.send("#{User.password_confirmation_field}=", "test2")
118
+ assert !u.valid?
119
+ assert u.errors[User.password_field].size > 0
120
+
121
+ u.send("#{User.password_field}=", "test")
122
+ assert !u.valid?
123
+ assert u.errors[User.password_confirmation_field].size == 0
124
+ end
125
+
126
+ def test_validates_confirmation_of_password
127
+ u = User.new
128
+ u.send("#{User.password_field}=", "test")
129
+ u.send("#{User.password_confirmation_field}=", "test2")
130
+ assert !u.valid?
131
+ assert u.errors[User.password_field].size > 0
132
+
133
+ u.password_confirmation = "test"
134
+ assert !u.valid?
135
+ assert u.errors[User.password_field].size == 0
136
+ end
137
+
138
+ def test_validates_length_of_password_confirmation
139
+ u = User.new
140
+
141
+ u.send("#{User.password_field}=", "test")
142
+ u.send("#{User.password_confirmation_field}=", "")
143
+ assert !u.valid?
144
+ assert u.errors[User.password_confirmation_field].size > 0
145
+
146
+ u.password_confirmation = "test"
147
+ assert !u.valid?
148
+ assert u.errors[User.password_confirmation_field].size == 0
149
+
150
+ ben = users(:ben)
151
+ assert ben.valid?
152
+
153
+ ben.send("#{User.password_field}=", "newpass")
154
+ assert !ben.valid?
155
+ assert ben.errors[User.password_confirmation_field].size > 0
156
+
157
+ ben.send("#{User.password_confirmation_field}=", "newpass")
158
+ assert ben.valid?
159
+ end
160
+
161
+ def test_password
162
+ u = User.new
163
+ old_password_salt = u.password_salt
164
+ old_crypted_password = u.crypted_password
165
+ u.send("#{User.password_field}=", "test")
166
+ assert_not_equal old_password_salt, u.password_salt
167
+ assert_not_equal old_crypted_password, u.crypted_password
168
+ end
169
+
170
+ def test_transitioning_password
171
+ ben = users(:ben)
172
+ transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
173
+ transition_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
174
+ transition_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
175
+ end
176
+
177
+ def test_checks_password_against_database
178
+ ben = users(:ben)
179
+ ben.send("#{User.password_field}=", "new pass")
180
+ assert !ben.valid_password?("new pass")
181
+ assert ben.valid_password?("benrocks")
182
+ end
183
+
184
+ def test_checks_password_against_database_and_always_fails_on_new_records
185
+ user = User.new
186
+ user.send("#{User.password_field}=", "new pass")
187
+ assert !user.valid_password?("new pass")
188
+ end
189
+
190
+ def test_checks_password_against_object
191
+ ben = users(:ben)
192
+ ben.send("#{User.password_field}=", "new pass")
193
+ assert ben.valid_password?("new pass", false)
194
+ assert !ben.valid_password?("benrocks", false)
195
+ end
196
+
197
+ def test_reset_password
198
+ ben = users(:ben)
199
+ old_crypted_password = ben.crypted_password
200
+ old_password_salt = ben.password_salt
201
+
202
+ # soft reset
203
+ ben.reset_password
204
+ assert_not_equal old_crypted_password, ben.crypted_password
205
+ assert_not_equal old_password_salt, ben.password_salt
206
+
207
+ # make sure it didn't go into the db
208
+ ben.reload
209
+ assert_equal old_crypted_password, ben.crypted_password
210
+ assert_equal old_password_salt, ben.password_salt
211
+
212
+ # hard reset
213
+ assert ben.reset_password!
214
+ assert_not_equal old_crypted_password, ben.crypted_password
215
+ assert_not_equal old_password_salt, ben.password_salt
216
+
217
+ # make sure it did go into the db
218
+ ben.reload
219
+ assert_not_equal old_crypted_password, ben.crypted_password
220
+ assert_not_equal old_password_salt, ben.password_salt
221
+ end
222
+
223
+ private
224
+ def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
225
+ records = [records] unless records.is_a?(Array)
226
+ User.acts_as_authentic do |c|
227
+ c.crypto_provider = crypto_provider
228
+ c.transition_from_crypto_providers = from_crypto_providers
229
+ end
230
+ records.each do |record|
231
+ old_hash = record.crypted_password
232
+ old_persistence_token = record.persistence_token
233
+ assert record.valid_password?(password_for(record))
234
+ assert_not_equal old_hash.to_s, record.crypted_password.to_s
235
+ assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
236
+
237
+ old_hash = record.crypted_password
238
+ old_persistence_token = record.persistence_token
239
+ assert record.valid_password?(password_for(record))
240
+ assert_equal old_hash.to_s, record.crypted_password.to_s
241
+ assert_equal old_persistence_token.to_s, record.persistence_token.to_s
242
+ end
243
+ end
244
+ end
245
+ end