flex_pass 0.3.0

data/test/dummy/config/routes.rb

@@ -0,0 +1,56 @@
+Dummy::Application.routes.draw do
+  # The priority is based upon order of creation: first created -> highest priority.
+  # See how all your routes lay out with "rake routes".
+
+  # You can have the root of your site routed with "root"
+  # root 'welcome#index'
+
+  # Example of regular route:
+  #   get 'products/:id' => 'catalog#view'
+
+  # Example of named route that can be invoked with purchase_url(id: product.id)
+  #   get 'products/:id/purchase' => 'catalog#purchase', as: :purchase
+
+  # Example resource route (maps HTTP verbs to controller actions automatically):
+  #   resources :products
+
+  # Example resource route with options:
+  #   resources :products do
+  #     member do
+  #       get 'short'
+  #       post 'toggle'
+  #     end
+  #
+  #     collection do
+  #       get 'sold'
+  #     end
+  #   end
+
+  # Example resource route with sub-resources:
+  #   resources :products do
+  #     resources :comments, :sales
+  #     resource :seller
+  #   end
+
+  # Example resource route with more complex sub-resources:
+  #   resources :products do
+  #     resources :comments
+  #     resources :sales do
+  #       get 'recent', on: :collection
+  #     end
+  #   end
+  
+  # Example resource route with concerns:
+  #   concern :toggleable do
+  #     post 'toggle'
+  #   end
+  #   resources :posts, concerns: :toggleable
+  #   resources :photos, concerns: :toggleable
+
+  # Example resource route within a namespace:
+  #   namespace :admin do
+  #     # Directs /admin/products/* to Admin::ProductsController
+  #     # (app/controllers/admin/products_controller.rb)
+  #     resources :products
+  #   end
+end

data/test/dummy/config.ru

@@ -0,0 +1,4 @@
+# This file is used by Rack-based servers to start the application.
+
+require ::File.expand_path('../config/environment',  __FILE__)
+run Rails.application

data/test/dummy/db/migrate/20130626105648_create_users.rb

@@ -0,0 +1,10 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :name
+      t.string :password_digest
+
+      t.timestamps
+    end
+  end
+end

data/test/dummy/db/schema.rb

@@ -0,0 +1,23 @@
+# encoding: UTF-8
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# Note that this schema.rb definition is the authoritative source for your
+# database schema. If you need to create the application database on another
+# system, you should be using db:schema:load, not running all the migrations
+# from scratch. The latter is a flawed and unsustainable approach (the more migrations
+# you'll amass, the slower it'll run and the greater likelihood for issues).
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema.define(version: 20130626105648) do
+
+  create_table "users", force: true do |t|
+    t.string   "name"
+    t.string   "password_digest"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
+end

data/test/dummy/lib/user1.rb

@@ -0,0 +1,12 @@
+class User1
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include FlexPass::FlexSecurePassword
+  
+  attr_accessor :password_digest, :password_salt
+
+  define_model_callbacks :create
+
+  has_flexible_secure_password
+  
+end

data/test/dummy/log/test.log

@@ -0,0 +1,225 @@
+   (0.4ms)  begin transaction
+----------------------------------------------------------------
+FlexPassTest: test_Oauthed_user_can_be_created_with_blank_digest
+----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_User_should_not_be_created_with_blank_digest
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_authenticate_using_a_different_digest_column
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_authenticate_with_BCrypt
+-------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------
+FlexPassTest: test_authenticate_with_SHA2
+-----------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------
+FlexPassTest: test_blank_password
+---------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+--------------------------------------------------------------------------------------
+FlexPassTest: test_blank_password_confirmation_does_not_result_in_a_confirmation_error
+--------------------------------------------------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.1ms)  begin transaction
+--------------------------------------------------------------------
+FlexPassTest: test_blank_password_doesn't_override_previous_password
+--------------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+----------------------------------------------------------
+FlexPassTest: test_invalid_coder_should_use_Bcrypt_instead
+----------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------
+FlexPassTest: test_match_confirmation
+-------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------
+FlexPassTest: test_nil_password
+-------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_password_must_be_present
+-------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.1ms)  begin transaction
+------------------------
+FlexPassTest: test_truth
+------------------------
+   (0.0ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------
+FlexPassTest: test_using_a_non_existent_digest_column_should_fail
+-----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------------------
+FlexPassTest: test_will_not_save_if_confirmation_is_blank_but_password_is_not
+-----------------------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.4ms)  begin transaction
+----------------------------------------------------------------
+FlexPassTest: test_Oauthed_user_can_be_created_with_blank_digest
+----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_User_should_not_be_created_with_blank_digest
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_authenticate_using_a_different_digest_column
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_authenticate_with_BCrypt
+-------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------
+FlexPassTest: test_authenticate_with_SHA2
+-----------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------
+FlexPassTest: test_blank_password
+---------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+--------------------------------------------------------------------------------------
+FlexPassTest: test_blank_password_confirmation_does_not_result_in_a_confirmation_error
+--------------------------------------------------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+--------------------------------------------------------------------
+FlexPassTest: test_blank_password_doesn't_override_previous_password
+--------------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+----------------------------------------------------------
+FlexPassTest: test_invalid_coder_should_use_Bcrypt_instead
+----------------------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------
+FlexPassTest: test_match_confirmation
+-------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------
+FlexPassTest: test_nil_password
+-------------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_password_must_be_present
+-------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+------------------------
+FlexPassTest: test_truth
+------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+-----------------------------------------------------------------
+FlexPassTest: test_using_a_non_existent_digest_column_should_fail
+-----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------------------
+FlexPassTest: test_will_not_save_if_confirmation_is_blank_but_password_is_not
+-----------------------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.4ms)  begin transaction
+----------------------------------------------------------------
+FlexPassTest: test_Oauthed_user_can_be_created_with_blank_digest
+----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_User_should_not_be_created_with_blank_digest
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------------------------------------
+FlexPassTest: test_authenticate_using_a_different_digest_column
+---------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_authenticate_with_BCrypt
+-------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------
+FlexPassTest: test_authenticate_with_SHA2
+-----------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+---------------------------------
+FlexPassTest: test_blank_password
+---------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+--------------------------------------------------------------------------------------
+FlexPassTest: test_blank_password_confirmation_does_not_result_in_a_confirmation_error
+--------------------------------------------------------------------------------------
+   (0.0ms)  rollback transaction
+   (0.1ms)  begin transaction
+--------------------------------------------------------------------
+FlexPassTest: test_blank_password_doesn't_override_previous_password
+--------------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+----------------------------------------------------------
+FlexPassTest: test_invalid_coder_should_use_Bcrypt_instead
+----------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------
+FlexPassTest: test_match_confirmation
+-------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-------------------------------
+FlexPassTest: test_nil_password
+-------------------------------
+   (0.0ms)  rollback transaction
+   (0.0ms)  begin transaction
+-------------------------------------------
+FlexPassTest: test_password_must_be_present
+-------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.0ms)  begin transaction
+------------------------
+FlexPassTest: test_truth
+------------------------
+   (0.0ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------
+FlexPassTest: test_using_a_non_existent_digest_column_should_fail
+-----------------------------------------------------------------
+   (0.1ms)  rollback transaction
+   (0.1ms)  begin transaction
+-----------------------------------------------------------------------------
+FlexPassTest: test_will_not_save_if_confirmation_is_blank_but_password_is_not
+-----------------------------------------------------------------------------
+   (0.1ms)  rollback transaction

data/test/dummy/public/404.html

@@ -0,0 +1,58 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The page you were looking for doesn't exist (404)</title>
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+  }
+
+  div.dialog {
+    width: 25em;
+    margin: 4em auto 0 auto;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 4em 0 4em;
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  body > p {
+    width: 33em;
+    margin: 0 auto 1em;
+    padding: 1em 0;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/404.html -->
+  <div class="dialog">
+    <h1>The page you were looking for doesn't exist.</h1>
+    <p>You may have mistyped the address or the page may have moved.</p>
+  </div>
+  <p>If you are the application owner check the logs for more information.</p>
+</body>
+</html>

data/test/dummy/public/422.html

@@ -0,0 +1,58 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The change you wanted was rejected (422)</title>
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+  }
+
+  div.dialog {
+    width: 25em;
+    margin: 4em auto 0 auto;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 4em 0 4em;
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  body > p {
+    width: 33em;
+    margin: 0 auto 1em;
+    padding: 1em 0;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/422.html -->
+  <div class="dialog">
+    <h1>The change you wanted was rejected.</h1>
+    <p>Maybe you tried to change something you didn't have access to.</p>
+  </div>
+  <p>If you are the application owner check the logs for more information.</p>
+</body>
+</html>

data/test/dummy/public/500.html

@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>We're sorry, but something went wrong (500)</title>
+  <style>
+  body {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+  }
+
+  div.dialog {
+    width: 25em;
+    margin: 4em auto 0 auto;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 4em 0 4em;
+  }
+
+  h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  body > p {
+    width: 33em;
+    margin: 0 auto 1em;
+    padding: 1em 0;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow:0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body>
+  <!-- This file lives in public/500.html -->
+  <div class="dialog">
+    <h1>We're sorry, but something went wrong.</h1>
+  </div>
+  <p>If you are the application owner check the logs for more information.</p>
+</body>
+</html>

data/test/dummy/test/fixtures/users.yml

@@ -0,0 +1,9 @@
+# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/Fixtures.html
+
+one:
+  name: MyString
+  password_digest: MyString
+
+two:
+  name: MyString
+  password_digest: MyString

data/test/dummy/test/models/user_test.rb

@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class UserTest < ActiveSupport::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end

data/test/flex_pass_test.rb

@@ -0,0 +1,122 @@
+require 'test_helper'
+require 'models/user'
+require 'models/user_sha'
+require 'models/user_other_column'
+require 'models/user_not_valid_coder'
+require 'models/oauthed_user'
+require 'models/visitor'
+require 'models/administrator'
+
+class FlexPassTest < ActiveSupport::TestCase
+  setup do
+    @user = User.new
+    @user_sha = UserSHA.new
+    @user_other_column = UserOtherColumn.new
+    @visitor = Visitor.new
+    @oauthed_user = OauthedUser.new
+  end
+
+  test "truth" do
+    assert_kind_of Module, FlexPass
+  end
+  test "blank password" do
+    @user.password = @visitor.password = ''
+    assert !@user.valid?(:create), 'user should be invalid'
+    assert @visitor.valid?(:create), 'visitor should be valid'
+  end
+
+  test "nil password" do
+    @user.password = @visitor.password = nil
+    assert !@user.valid?(:create), 'user should be invalid'
+    assert @visitor.valid?(:create), 'visitor should be valid'
+  end
+
+  test "blank password doesn't override previous password" do
+    @user.password = 'test'
+    @user.password = ''
+    assert_equal @user.password, 'test'
+  end
+
+  test "password must be present" do
+    assert !@user.valid?(:create)
+    assert_equal 1, @user.errors.size
+  end
+
+  test "match confirmation" do
+    @user.password = @visitor.password = "thiswillberight"
+    @user.password_confirmation = @visitor.password_confirmation = "wrong"
+
+    assert !@user.valid?
+    assert @visitor.valid?
+
+    @user.password_confirmation = "thiswillberight"
+
+    assert @user.valid?
+  end
+
+  test "authenticate with BCrypt" do
+    @user.password = "secret"
+
+    assert_not_equal @user.password, @user.password_digest.to_s, 'Password digest should not be equal to the password'
+    assert !@user.authenticate("wrong")
+    assert @user.authenticate("secret")
+  end
+
+  test "authenticate with SHA2" do
+    @user_sha.password = "secret"
+    
+    assert_not_equal @user_sha.password, @user_sha.password_digest.to_s, 'Password digest should not be equal to the password'
+    assert !@user_sha.authenticate("wrong"), '"wrong" should be wrong'
+    assert @user_sha.authenticate("secret"), '"secret" should be right'
+  end
+  
+  test "using a non existent digest column should fail" do
+    assert_raise RuntimeError do
+      require 'models/user_non_existent_column'
+    end
+  end
+
+  test "authenticate using a different digest column" do
+    @user_other_column.password = "secret"
+
+    assert_not_equal @user_other_column.password, @user_other_column.other_digest_column.to_s, 'Password digest should not be equal to the password'
+    assert_nil @user_other_column.password_digest
+    assert !@user_other_column.authenticate("wrong"), '"wrong" should be wrong'
+    assert @user_other_column.authenticate("secret"), '"secret" should be right'
+  end
+
+  test "invalid coder should use Bcrypt instead" do
+    assert_equal UserNotValidCoder.coder, BCrypt::Password, 'When invalid coder is specified, BCrypt should be used instead'
+  end
+
+  test "User should not be created with blank digest" do
+    assert_raise RuntimeError do
+      @user.run_callbacks :create
+    end
+    @user.password = "supersecretpassword"
+    assert_nothing_raised do
+      @user.run_callbacks :create
+    end
+  end
+
+  test "Oauthed user can be created with blank digest" do
+    assert_nothing_raised do
+      @oauthed_user.run_callbacks :create
+    end
+  end
+
+  test "blank password_confirmation does not result in a confirmation error" do
+    @user.password = ""
+    @user.password_confirmation = ""
+    assert @user.valid?(:update), "user should be valid"
+  end
+
+  test "will not save if confirmation is blank but password is not" do
+    @user.password = "password"
+    @user.password_confirmation = ""
+    assert_not @user.valid?(:create)
+
+    @user.password_confirmation = "password"
+    assert @user.valid?(:create)
+  end
+end

data/test/models/administrator.rb

@@ -0,0 +1,12 @@
+class Administrator
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include FlexPass::FlexSecurePassword
+
+  define_model_callbacks :create
+
+  attr_accessor :name, :password_digest
+
+  has_flexible_secure_password
+
+end

data/test/models/oauthed_user.rb

@@ -0,0 +1,12 @@
+class OauthedUser
+  extend ActiveModel::Callbacks
+  include ActiveModel::Validations
+  include FlexPass::FlexSecurePassword
+  
+  define_model_callbacks :create
+
+  attr_accessor :password_digest, :password_salt
+
+  has_flexible_secure_password(validations: false)
+
+end