gonow-devise 1.2.rc

Sign up to get free protection for your applications and to get access to all the features.
Files changed (163) hide show
  1. data/CHANGELOG.rdoc +506 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +335 -0
  4. data/app/controllers/devise/confirmations_controller.rb +33 -0
  5. data/app/controllers/devise/oauth_callbacks_controller.rb +4 -0
  6. data/app/controllers/devise/passwords_controller.rb +41 -0
  7. data/app/controllers/devise/registrations_controller.rb +109 -0
  8. data/app/controllers/devise/sessions_controller.rb +24 -0
  9. data/app/controllers/devise/unlocks_controller.rb +34 -0
  10. data/app/helpers/devise_helper.rb +19 -0
  11. data/app/mailers/devise/mailer.rb +88 -0
  12. data/app/views/devise/confirmations/new.html.erb +12 -0
  13. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  14. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  15. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  16. data/app/views/devise/passwords/edit.html.erb +16 -0
  17. data/app/views/devise/passwords/new.html.erb +12 -0
  18. data/app/views/devise/registrations/edit.html.erb +25 -0
  19. data/app/views/devise/registrations/new.html.erb +18 -0
  20. data/app/views/devise/sessions/new.html.erb +17 -0
  21. data/app/views/devise/shared/_links.erb +25 -0
  22. data/app/views/devise/unlocks/new.html.erb +12 -0
  23. data/config/locales/en.yml +46 -0
  24. data/lib/devise.rb +372 -0
  25. data/lib/devise/controllers/helpers.rb +228 -0
  26. data/lib/devise/controllers/internal_helpers.rb +113 -0
  27. data/lib/devise/controllers/scoped_views.rb +33 -0
  28. data/lib/devise/controllers/url_helpers.rb +39 -0
  29. data/lib/devise/encryptors/authlogic_sha512.rb +19 -0
  30. data/lib/devise/encryptors/base.rb +20 -0
  31. data/lib/devise/encryptors/clearance_sha1.rb +17 -0
  32. data/lib/devise/encryptors/restful_authentication_sha1.rb +22 -0
  33. data/lib/devise/encryptors/sha1.rb +25 -0
  34. data/lib/devise/encryptors/sha512.rb +25 -0
  35. data/lib/devise/failure_app.rb +126 -0
  36. data/lib/devise/hooks/activatable.rb +11 -0
  37. data/lib/devise/hooks/forgetable.rb +12 -0
  38. data/lib/devise/hooks/rememberable.rb +45 -0
  39. data/lib/devise/hooks/timeoutable.rb +22 -0
  40. data/lib/devise/hooks/trackable.rb +9 -0
  41. data/lib/devise/mapping.rb +105 -0
  42. data/lib/devise/models.rb +66 -0
  43. data/lib/devise/models/authenticatable.rb +143 -0
  44. data/lib/devise/models/confirmable.rb +160 -0
  45. data/lib/devise/models/database_authenticatable.rb +94 -0
  46. data/lib/devise/models/encryptable.rb +65 -0
  47. data/lib/devise/models/lockable.rb +168 -0
  48. data/lib/devise/models/oauthable.rb +49 -0
  49. data/lib/devise/models/recoverable.rb +83 -0
  50. data/lib/devise/models/registerable.rb +21 -0
  51. data/lib/devise/models/rememberable.rb +122 -0
  52. data/lib/devise/models/timeoutable.rb +43 -0
  53. data/lib/devise/models/token_authenticatable.rb +72 -0
  54. data/lib/devise/models/trackable.rb +30 -0
  55. data/lib/devise/models/validatable.rb +64 -0
  56. data/lib/devise/modules.rb +30 -0
  57. data/lib/devise/oauth.rb +41 -0
  58. data/lib/devise/oauth/config.rb +33 -0
  59. data/lib/devise/oauth/helpers.rb +18 -0
  60. data/lib/devise/oauth/internal_helpers.rb +182 -0
  61. data/lib/devise/oauth/test_helpers.rb +29 -0
  62. data/lib/devise/oauth/url_helpers.rb +35 -0
  63. data/lib/devise/orm/active_record.rb +38 -0
  64. data/lib/devise/orm/mongoid.rb +31 -0
  65. data/lib/devise/path_checker.rb +18 -0
  66. data/lib/devise/rails.rb +68 -0
  67. data/lib/devise/rails/routes.rb +260 -0
  68. data/lib/devise/rails/warden_compat.rb +41 -0
  69. data/lib/devise/schema.rb +96 -0
  70. data/lib/devise/strategies/authenticatable.rb +150 -0
  71. data/lib/devise/strategies/base.rb +15 -0
  72. data/lib/devise/strategies/database_authenticatable.rb +21 -0
  73. data/lib/devise/strategies/rememberable.rb +51 -0
  74. data/lib/devise/strategies/token_authenticatable.rb +53 -0
  75. data/lib/devise/test_helpers.rb +100 -0
  76. data/lib/devise/version.rb +3 -0
  77. data/lib/generators/active_record/devise_generator.rb +28 -0
  78. data/lib/generators/active_record/templates/migration.rb +30 -0
  79. data/lib/generators/devise/devise_generator.rb +17 -0
  80. data/lib/generators/devise/install_generator.rb +24 -0
  81. data/lib/generators/devise/orm_helpers.rb +24 -0
  82. data/lib/generators/devise/views_generator.rb +63 -0
  83. data/lib/generators/mongoid/devise_generator.rb +17 -0
  84. data/lib/generators/templates/README +25 -0
  85. data/lib/generators/templates/devise.rb +168 -0
  86. data/test/controllers/helpers_test.rb +205 -0
  87. data/test/controllers/internal_helpers_test.rb +56 -0
  88. data/test/controllers/url_helpers_test.rb +59 -0
  89. data/test/devise_test.rb +65 -0
  90. data/test/encryptors_test.rb +30 -0
  91. data/test/failure_app_test.rb +148 -0
  92. data/test/generators/generators_test_helper.rb +4 -0
  93. data/test/generators/install_generator_test.rb +14 -0
  94. data/test/generators/views_generator_test.rb +37 -0
  95. data/test/integration/authenticatable_test.rb +424 -0
  96. data/test/integration/confirmable_test.rb +104 -0
  97. data/test/integration/database_authenticatable_test.rb +38 -0
  98. data/test/integration/http_authenticatable_test.rb +64 -0
  99. data/test/integration/lockable_test.rb +109 -0
  100. data/test/integration/oauthable_test.rb +244 -0
  101. data/test/integration/recoverable_test.rb +134 -0
  102. data/test/integration/registerable_test.rb +180 -0
  103. data/test/integration/rememberable_test.rb +179 -0
  104. data/test/integration/timeoutable_test.rb +89 -0
  105. data/test/integration/token_authenticatable_test.rb +99 -0
  106. data/test/integration/trackable_test.rb +64 -0
  107. data/test/mailers/confirmation_instructions_test.rb +84 -0
  108. data/test/mailers/reset_password_instructions_test.rb +72 -0
  109. data/test/mailers/unlock_instructions_test.rb +66 -0
  110. data/test/mapping_test.rb +95 -0
  111. data/test/models/confirmable_test.rb +221 -0
  112. data/test/models/database_authenticatable_test.rb +82 -0
  113. data/test/models/encryptable_test.rb +65 -0
  114. data/test/models/lockable_test.rb +204 -0
  115. data/test/models/oauthable_test.rb +21 -0
  116. data/test/models/recoverable_test.rb +155 -0
  117. data/test/models/rememberable_test.rb +271 -0
  118. data/test/models/timeoutable_test.rb +28 -0
  119. data/test/models/token_authenticatable_test.rb +37 -0
  120. data/test/models/trackable_test.rb +5 -0
  121. data/test/models/validatable_test.rb +99 -0
  122. data/test/models_test.rb +77 -0
  123. data/test/oauth/config_test.rb +44 -0
  124. data/test/oauth/url_helpers_test.rb +47 -0
  125. data/test/orm/active_record.rb +9 -0
  126. data/test/orm/mongoid.rb +10 -0
  127. data/test/rails_app/app/active_record/admin.rb +6 -0
  128. data/test/rails_app/app/active_record/shim.rb +2 -0
  129. data/test/rails_app/app/active_record/user.rb +8 -0
  130. data/test/rails_app/app/controllers/admins/sessions_controller.rb +6 -0
  131. data/test/rails_app/app/controllers/admins_controller.rb +6 -0
  132. data/test/rails_app/app/controllers/application_controller.rb +9 -0
  133. data/test/rails_app/app/controllers/home_controller.rb +12 -0
  134. data/test/rails_app/app/controllers/publisher/registrations_controller.rb +2 -0
  135. data/test/rails_app/app/controllers/publisher/sessions_controller.rb +2 -0
  136. data/test/rails_app/app/controllers/users_controller.rb +18 -0
  137. data/test/rails_app/app/helpers/application_helper.rb +3 -0
  138. data/test/rails_app/app/mongoid/admin.rb +9 -0
  139. data/test/rails_app/app/mongoid/shim.rb +24 -0
  140. data/test/rails_app/app/mongoid/user.rb +10 -0
  141. data/test/rails_app/config/application.rb +35 -0
  142. data/test/rails_app/config/boot.rb +13 -0
  143. data/test/rails_app/config/environment.rb +5 -0
  144. data/test/rails_app/config/environments/development.rb +19 -0
  145. data/test/rails_app/config/environments/production.rb +33 -0
  146. data/test/rails_app/config/environments/test.rb +33 -0
  147. data/test/rails_app/config/initializers/backtrace_silencers.rb +7 -0
  148. data/test/rails_app/config/initializers/devise.rb +172 -0
  149. data/test/rails_app/config/initializers/inflections.rb +2 -0
  150. data/test/rails_app/config/initializers/secret_token.rb +2 -0
  151. data/test/rails_app/config/routes.rb +54 -0
  152. data/test/rails_app/db/migrate/20100401102949_create_tables.rb +31 -0
  153. data/test/rails_app/db/schema.rb +52 -0
  154. data/test/rails_app/lib/shared_admin.rb +9 -0
  155. data/test/rails_app/lib/shared_user.rb +48 -0
  156. data/test/routes_test.rb +189 -0
  157. data/test/support/assertions.rb +24 -0
  158. data/test/support/helpers.rb +60 -0
  159. data/test/support/integration.rb +88 -0
  160. data/test/support/webrat/integrations/rails.rb +24 -0
  161. data/test/test_helper.rb +23 -0
  162. data/test/test_helpers_test.rb +101 -0
  163. metadata +357 -0
@@ -0,0 +1,3 @@
1
+ module Devise
2
+ VERSION = "1.2.rc".freeze
3
+ end
@@ -0,0 +1,28 @@
1
+ require 'rails/generators/active_record'
2
+ require 'generators/devise/orm_helpers'
3
+
4
+ module ActiveRecord
5
+ module Generators
6
+ class DeviseGenerator < ActiveRecord::Generators::Base
7
+ argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
8
+
9
+ include Devise::Generators::OrmHelpers
10
+ source_root File.expand_path("../templates", __FILE__)
11
+
12
+ def generate_model
13
+ invoke "active_record:model", [name], :migration => false unless model_exists?
14
+ end
15
+
16
+ def copy_devise_migration
17
+ migration_template "migration.rb", "db/migrate/devise_create_#{table_name}"
18
+ end
19
+
20
+ def inject_devise_content
21
+ inject_into_class model_path, class_name, model_contents + <<-CONTENT
22
+ # Setup accessible (or protected) attributes for your model
23
+ attr_accessible :email, :password, :password_confirmation, :remember_me
24
+ CONTENT
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,30 @@
1
+ class DeviseCreate<%= table_name.camelize %> < ActiveRecord::Migration
2
+ def self.up
3
+ create_table(:<%= table_name %>) do |t|
4
+ t.database_authenticatable :null => false
5
+ t.recoverable
6
+ t.rememberable
7
+ t.trackable
8
+
9
+ # t.encryptable
10
+ # t.confirmable
11
+ # t.lockable :lock_strategy => :<%= Devise.lock_strategy %>, :unlock_strategy => :<%= Devise.unlock_strategy %>
12
+ # t.token_authenticatable
13
+
14
+ <% for attribute in attributes -%>
15
+ t.<%= attribute.type %> :<%= attribute.name %>
16
+ <% end -%>
17
+
18
+ t.timestamps
19
+ end
20
+
21
+ add_index :<%= table_name %>, :email, :unique => true
22
+ add_index :<%= table_name %>, :reset_password_token, :unique => true
23
+ # add_index :<%= table_name %>, :confirmation_token, :unique => true
24
+ # add_index :<%= table_name %>, :unlock_token, :unique => true
25
+ end
26
+
27
+ def self.down
28
+ drop_table :<%= table_name %>
29
+ end
30
+ end
@@ -0,0 +1,17 @@
1
+ module Devise
2
+ module Generators
3
+ class DeviseGenerator < Rails::Generators::NamedBase
4
+ namespace "devise"
5
+ source_root File.expand_path("../templates", __FILE__)
6
+
7
+ desc "Generates a model with the given NAME (if one does not exist) with devise " <<
8
+ "configuration plus a migration file and devise routes."
9
+
10
+ hook_for :orm
11
+
12
+ def add_devise_routes
13
+ route "devise_for :#{table_name}"
14
+ end
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,24 @@
1
+ require 'active_support/secure_random'
2
+
3
+ module Devise
4
+ module Generators
5
+ class InstallGenerator < Rails::Generators::Base
6
+ source_root File.expand_path("../../templates", __FILE__)
7
+
8
+ desc "Creates a Devise initializer and copy locale files to your application."
9
+ class_option :orm
10
+
11
+ def copy_initializer
12
+ template "devise.rb", "config/initializers/devise.rb"
13
+ end
14
+
15
+ def copy_locale
16
+ copy_file "../../../config/locales/en.yml", "config/locales/devise.en.yml"
17
+ end
18
+
19
+ def show_readme
20
+ readme "README" if behavior == :invoke
21
+ end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,24 @@
1
+ module Devise
2
+ module Generators
3
+ module OrmHelpers
4
+ def model_contents
5
+ <<-CONTENT
6
+ # Include default devise modules. Others available are:
7
+ # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :oauthable
8
+ devise :database_authenticatable, :registerable,
9
+ :recoverable, :rememberable, :trackable, :validatable
10
+
11
+ CONTENT
12
+ end
13
+
14
+ def model_exists?
15
+ return @model_exists if instance_variable_defined?(:@model_exists)
16
+ @model_exists = File.exists?(File.join(destination_root, model_path))
17
+ end
18
+
19
+ def model_path
20
+ @model_path ||= File.join("app", "models", "#{file_path}.rb")
21
+ end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,63 @@
1
+ module Devise
2
+ module Generators
3
+ class ViewsGenerator < Rails::Generators::Base
4
+ source_root File.expand_path("../../../../app/views", __FILE__)
5
+ desc "Copies all Devise views to your application."
6
+
7
+ argument :scope, :required => false, :default => nil,
8
+ :desc => "The scope to copy views to"
9
+
10
+ class_option :template_engine, :type => :string, :aliases => "-t",
11
+ :desc => "Template engine for the views. Available options are 'erb' and 'haml'."
12
+
13
+ def copy_views
14
+ case options[:template_engine].to_s
15
+ when "haml"
16
+ verify_haml_existence
17
+ verify_haml_version
18
+ create_and_copy_haml_views
19
+ else
20
+ directory "devise", "app/views/#{scope || :devise}"
21
+ end
22
+ end
23
+
24
+ protected
25
+
26
+ def verify_haml_existence
27
+ begin
28
+ require 'haml'
29
+ rescue LoadError
30
+ say "HAML is not installed, or it is not specified in your Gemfile."
31
+ exit
32
+ end
33
+ end
34
+
35
+ def verify_haml_version
36
+ unless Haml.version[:major] == 2 and Haml.version[:minor] >= 3 or Haml.version[:major] >= 3
37
+ say "To generate HAML templates, you need to install HAML 2.3 or above."
38
+ exit
39
+ end
40
+ end
41
+
42
+ def create_and_copy_haml_views
43
+ require 'tmpdir'
44
+ html_root = "#{self.class.source_root}/devise"
45
+
46
+ Dir.mktmpdir("devise-haml.") do |haml_root|
47
+ Dir["#{html_root}/**/*"].each do |path|
48
+ relative_path = path.sub(html_root, "")
49
+ source_path = (haml_root + relative_path).sub(/erb$/, "haml")
50
+
51
+ if File.directory?(path)
52
+ FileUtils.mkdir_p(source_path)
53
+ else
54
+ `html2haml -r #{path} #{source_path}`
55
+ end
56
+ end
57
+
58
+ directory haml_root, "app/views/#{scope || :devise}"
59
+ end
60
+ end
61
+ end
62
+ end
63
+ end
@@ -0,0 +1,17 @@
1
+ require 'generators/devise/orm_helpers'
2
+
3
+ module Mongoid
4
+ module Generators
5
+ class DeviseGenerator < Rails::Generators::NamedBase
6
+ include Devise::Generators::OrmHelpers
7
+
8
+ def generate_model
9
+ invoke "mongoid:model", [name] unless model_exists?
10
+ end
11
+
12
+ def inject_devise_content
13
+ inject_into_file model_path, model_contents, :after => "include Mongoid::Document\n"
14
+ end
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,25 @@
1
+
2
+ ===============================================================================
3
+
4
+ Some setup you must do manually if you haven't yet:
5
+
6
+ 1. Setup default url options for your specific environment. Here is an
7
+ example of development environment:
8
+
9
+ config.action_mailer.default_url_options = { :host => 'localhost:3000' }
10
+
11
+ This is a required Rails configuration. In production it must be the
12
+ actual host of your application
13
+
14
+ 2. Ensure you have defined root_url to *something* in your config/routes.rb.
15
+ For example:
16
+
17
+ root :to => "home#index"
18
+
19
+ 3. Ensure you have flash messages in app/views/layouts/application.html.erb.
20
+ For example:
21
+
22
+ <p class="notice"><%= notice %></p>
23
+ <p class="alert"><%= alert %></p>
24
+
25
+ ===============================================================================
@@ -0,0 +1,168 @@
1
+ # Use this hook to configure devise mailer, warden hooks and so forth. The first
2
+ # four configuration values can also be set straight in your models.
3
+ Devise.setup do |config|
4
+ # ==> Mailer Configuration
5
+ # Configure the e-mail address which will be shown in DeviseMailer.
6
+ config.mailer_sender = "please-change-me@config-initializers-devise.com"
7
+
8
+ # Configure the class responsible to send e-mails.
9
+ # config.mailer = "Devise::Mailer"
10
+
11
+ # ==> ORM configuration
12
+ # Load and configure the ORM. Supports :active_record (default) and
13
+ # :mongoid (bson_ext recommended) by default. Other ORMs may be
14
+ # available as additional gems.
15
+ require 'devise/orm/<%= options[:orm] %>'
16
+
17
+ # ==> Configuration for any authentication mechanism
18
+ # Configure which keys are used when authenticating an user. By default is
19
+ # just :email. You can configure it to use [:username, :subdomain], so for
20
+ # authenticating an user, both parameters are required. Remember that those
21
+ # parameters are used only when authenticating and not when retrieving from
22
+ # session. If you need permissions, you should implement that in a before filter.
23
+ # You can also supply hash where the value is a boolean expliciting if authentication
24
+ # should be aborted or not if the value is not present. By default is empty.
25
+ # config.authentication_keys = [ :email ]
26
+
27
+ # Configure parameters from the request object used for authentication. Each entry
28
+ # given should be a request method and it will automatically be passed to
29
+ # find_for_authentication method and considered in your model lookup. For instance,
30
+ # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
31
+ # The same considerations mentioned for authentication_keys also apply to request_keys.
32
+ # config.request_keys = []
33
+
34
+ # Tell if authentication through request.params is enabled. True by default.
35
+ # config.params_authenticatable = true
36
+
37
+ # Tell if authentication through HTTP Basic Auth is enabled. False by default.
38
+ # config.http_authenticatable = false
39
+
40
+ # If http headers should be returned for AJAX requests. True by default.
41
+ # config.http_authenticatable_on_xhr = true
42
+
43
+ # The realm used in Http Basic Authentication. "Application" by default.
44
+ # config.http_authentication_realm = "Application"
45
+
46
+ # ==> Configuration for :database_authenticatable
47
+ # For bcrypt, this is the cost for hashing the password and defaults to 10. If
48
+ # using other encryptors, it sets how many times you want the password re-encrypted.
49
+ config.stretches = 10
50
+
51
+ # ==> Configuration for :confirmable
52
+ # The time you want to give your user to confirm his account. During this time
53
+ # he will be able to access your application without confirming. Default is nil.
54
+ # When confirm_within is zero, the user won't be able to sign in without confirming.
55
+ # You can use this to let your user access some features of your application
56
+ # without confirming the account, but blocking it after a certain period
57
+ # (ie 2 days).
58
+ # config.confirm_within = 2.days
59
+
60
+ # ==> Configuration for :rememberable
61
+ # The time the user will be remembered without asking for credentials again.
62
+ # config.remember_for = 2.weeks
63
+
64
+ # If true, a valid remember token can be re-used between multiple browsers.
65
+ # config.remember_across_browsers = true
66
+
67
+ # If true, extends the user's remember period when remembered via cookie.
68
+ # config.extend_remember_period = false
69
+
70
+ # If true, uses the password salt as remember token. This should be turned
71
+ # to false if you are not using database authenticatable.
72
+ config.use_salt_as_remember_token = true
73
+
74
+ # ==> Configuration for :validatable
75
+ # Range for password length. Default is 6..20.
76
+ # config.password_length = 6..20
77
+
78
+ # Regex to use to validate the email address
79
+ # config.email_regexp = /^([\w\.%\+\-]+)@([\w\-]+\.)+([\w]{2,})$/i
80
+
81
+ # ==> Configuration for :timeoutable
82
+ # The time you want to timeout the user session without activity. After this
83
+ # time the user will be asked for credentials again. Default is 30 minutes.
84
+ # config.timeout_in = 30.minutes
85
+
86
+ # ==> Configuration for :lockable
87
+ # Defines which strategy will be used to lock an account.
88
+ # :failed_attempts = Locks an account after a number of failed attempts to sign in.
89
+ # :none = No lock strategy. You should handle locking by yourself.
90
+ # config.lock_strategy = :failed_attempts
91
+
92
+ # Defines which strategy will be used to unlock an account.
93
+ # :email = Sends an unlock link to the user email
94
+ # :time = Re-enables login after a certain amount of time (see :unlock_in below)
95
+ # :both = Enables both strategies
96
+ # :none = No unlock strategy. You should handle unlocking by yourself.
97
+ # config.unlock_strategy = :both
98
+
99
+ # Number of authentication tries before locking an account if lock_strategy
100
+ # is failed attempts.
101
+ # config.maximum_attempts = 20
102
+
103
+ # Time interval to unlock the account if :time is enabled as unlock_strategy.
104
+ # config.unlock_in = 1.hour
105
+
106
+ # ==> Configuration for :encryptable
107
+ # Allow you to use another encryption algorithm besides bcrypt (default). You can use
108
+ # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
109
+ # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
110
+ # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
111
+ # REST_AUTH_SITE_KEY to pepper)
112
+ # config.encryptor = :sha512
113
+
114
+ # Setup a pepper to generate the encrypted password.
115
+ config.pepper = <%= ActiveSupport::SecureRandom.hex(64).inspect %>
116
+
117
+ # ==> Configuration for :token_authenticatable
118
+ # Defines name of the authentication token params key
119
+ # config.token_authentication_key = :auth_token
120
+
121
+ # If true, authentication through token does not store user in session and needs
122
+ # to be supplied on each request. Useful if you are using the token as API token.
123
+ # config.stateless_token = false
124
+
125
+ # ==> Scopes configuration
126
+ # Turn scoped views on. Before rendering "sessions/new", it will first check for
127
+ # "users/sessions/new". It's turned off by default because it's slower if you
128
+ # are using only default views.
129
+ # config.scoped_views = false
130
+
131
+ # Configure the default scope given to Warden. By default it's the first
132
+ # devise role declared in your routes (usually :user).
133
+ # config.default_scope = :user
134
+
135
+ # Configure sign_out behavior.
136
+ # Sign_out action can be scoped (i.e. /users/sign_out affects only :user scope).
137
+ # The default is true, which means any logout action will sign out all active scopes.
138
+ # config.sign_out_all_scopes = true
139
+
140
+ # ==> Navigation configuration
141
+ # Lists the formats that should be treated as navigational. Formats like
142
+ # :html, should redirect to the sign in page when the user does not have
143
+ # access, but formats like :xml or :json, should return 401.
144
+ # If you have any extra navigational formats, like :iphone or :mobile, you
145
+ # should add them to the navigational formats lists. Default is [:html]
146
+ # config.navigational_formats = [:html, :iphone]
147
+
148
+ # The default HTTP method used to sign out a resource. Default is :get.
149
+ # config.sign_out_via = :get
150
+
151
+ # ==> OAuth2
152
+ # Add a new OAuth2 provider. Check the README for more information on setting
153
+ # up on your models and hooks. By default this is not set.
154
+ # config.oauth :github, 'APP_ID', 'APP_SECRET',
155
+ # :site => 'https://github.com/',
156
+ # :authorize_path => '/login/oauth/authorize',
157
+ # :access_token_path => '/login/oauth/access_token',
158
+ # :scope => %w(user public_repo)
159
+
160
+ # ==> Warden configuration
161
+ # If you want to use other strategies, that are not supported by Devise, or
162
+ # change the failure app, you can configure them inside the config.warden block.
163
+ #
164
+ # config.warden do |manager|
165
+ # manager.failure_app = AnotherApp
166
+ # manager.default_strategies(:scope => :user).unshift :some_external_strategy
167
+ # end
168
+ end
@@ -0,0 +1,205 @@
1
+ require 'test_helper'
2
+ require 'ostruct'
3
+
4
+ class ControllerAuthenticableTest < ActionController::TestCase
5
+ tests ApplicationController
6
+
7
+ def setup
8
+ @mock_warden = OpenStruct.new
9
+ @controller.request.env['warden'] = @mock_warden
10
+ end
11
+
12
+ test 'provide access to warden instance' do
13
+ assert_equal @mock_warden, @controller.warden
14
+ end
15
+
16
+ test 'proxy signed_in? to authenticated' do
17
+ @mock_warden.expects(:authenticate?).with(:scope => :my_scope)
18
+ @controller.signed_in?(:my_scope)
19
+ end
20
+
21
+ test 'proxy anybody_signed_in? to signed_in?' do
22
+ Devise.mappings.keys.each do |scope| # :user, :admin, :manager
23
+ @controller.expects(:signed_in?).with(scope)
24
+ end
25
+ @controller.anybody_signed_in?
26
+ end
27
+
28
+ test 'proxy current_user to authenticate with user scope' do
29
+ @mock_warden.expects(:authenticate).with(:scope => :user)
30
+ @controller.current_user
31
+ end
32
+
33
+ test 'proxy current_admin to authenticate with admin scope' do
34
+ @mock_warden.expects(:authenticate).with(:scope => :admin)
35
+ @controller.current_admin
36
+ end
37
+
38
+ test 'proxy current_publisher_account to authenticate with namespaced publisher account scope' do
39
+ @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
40
+ @controller.current_publisher_account
41
+ end
42
+
43
+ test 'proxy authenticate_user! to authenticate with user scope' do
44
+ @mock_warden.expects(:authenticate!).with(:scope => :user)
45
+ @controller.authenticate_user!
46
+ end
47
+
48
+ test 'proxy authenticate_admin! to authenticate with admin scope' do
49
+ @mock_warden.expects(:authenticate!).with(:scope => :admin)
50
+ @controller.authenticate_admin!
51
+ end
52
+
53
+ test 'proxy authenticate_publisher_account! to authenticate with namespaced publisher account scope' do
54
+ @mock_warden.expects(:authenticate!).with(:scope => :publisher_account)
55
+ @controller.authenticate_publisher_account!
56
+ end
57
+
58
+ test 'proxy user_signed_in? to authenticate with user scope' do
59
+ @mock_warden.expects(:authenticate).with(:scope => :user).returns("user")
60
+ assert @controller.user_signed_in?
61
+ end
62
+
63
+ test 'proxy admin_signed_in? to authenticatewith admin scope' do
64
+ @mock_warden.expects(:authenticate).with(:scope => :admin)
65
+ assert_not @controller.admin_signed_in?
66
+ end
67
+
68
+ test 'proxy publisher_account_signed_in? to authenticate with namespaced publisher account scope' do
69
+ @mock_warden.expects(:authenticate).with(:scope => :publisher_account)
70
+ @controller.publisher_account_signed_in?
71
+ end
72
+
73
+ test 'proxy user_session to session scope in warden' do
74
+ @mock_warden.expects(:authenticate).with(:scope => :user).returns(true)
75
+ @mock_warden.expects(:session).with(:user).returns({})
76
+ @controller.user_session
77
+ end
78
+
79
+ test 'proxy admin_session to session scope in warden' do
80
+ @mock_warden.expects(:authenticate).with(:scope => :admin).returns(true)
81
+ @mock_warden.expects(:session).with(:admin).returns({})
82
+ @controller.admin_session
83
+ end
84
+
85
+ test 'proxy publisher_account_session from namespaced scope to session scope in warden' do
86
+ @mock_warden.expects(:authenticate).with(:scope => :publisher_account).returns(true)
87
+ @mock_warden.expects(:session).with(:publisher_account).returns({})
88
+ @controller.publisher_account_session
89
+ end
90
+
91
+ test 'sign in proxy to set_user on warden' do
92
+ user = User.new
93
+ @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
94
+ @controller.sign_in(:user, user)
95
+ end
96
+
97
+ test 'sign in accepts a resource as argument' do
98
+ user = User.new
99
+ @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
100
+ @controller.sign_in(user)
101
+ end
102
+
103
+ test 'sign in accepts bypass as option' do
104
+ user = User.new
105
+ @mock_warden.expects(:session_serializer).returns(serializer = mock())
106
+ serializer.expects(:store).with(user, :user)
107
+ @controller.sign_in(user, :bypass => true)
108
+ end
109
+
110
+ test 'sign out proxy to logout on warden' do
111
+ @mock_warden.expects(:user).with(:user).returns(true)
112
+ @mock_warden.expects(:logout).with(:user).returns(true)
113
+ @controller.sign_out(:user)
114
+ end
115
+
116
+ test 'sign out accepts a resource as argument' do
117
+ @mock_warden.expects(:user).with(:user).returns(true)
118
+ @mock_warden.expects(:logout).with(:user).returns(true)
119
+ @controller.sign_out(User.new)
120
+ end
121
+
122
+ test 'sign out everybody proxy to logout on warden' do
123
+ @mock_warden.expects(:logout).with().returns(true)
124
+ @controller.sign_out_all_scopes
125
+ end
126
+
127
+ test 'stored location for returns the location for a given scope' do
128
+ assert_nil @controller.stored_location_for(:user)
129
+ @controller.session[:"user_return_to"] = "/foo.bar"
130
+ assert_equal "/foo.bar", @controller.stored_location_for(:user)
131
+ end
132
+
133
+ test 'stored location for accepts a resource as argument' do
134
+ assert_nil @controller.stored_location_for(:user)
135
+ @controller.session[:"user_return_to"] = "/foo.bar"
136
+ assert_equal "/foo.bar", @controller.stored_location_for(User.new)
137
+ end
138
+
139
+ test 'stored location cleans information after reading' do
140
+ @controller.session[:"user_return_to"] = "/foo.bar"
141
+ assert_equal "/foo.bar", @controller.stored_location_for(:user)
142
+ assert_nil @controller.session[:"user_return_to"]
143
+ end
144
+
145
+ test 'after sign in path defaults to root path if none by was specified for the given scope' do
146
+ assert_equal root_path, @controller.after_sign_in_path_for(:user)
147
+ end
148
+
149
+ test 'after sign in path defaults to the scoped root path' do
150
+ assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
151
+ end
152
+
153
+ test 'after sign out path defaults to the root path' do
154
+ assert_equal root_path, @controller.after_sign_out_path_for(:admin)
155
+ assert_equal root_path, @controller.after_sign_out_path_for(:user)
156
+ end
157
+
158
+ test 'sign in and redirect uses the stored location' do
159
+ user = User.new
160
+ @controller.session[:"user_return_to"] = "/foo.bar"
161
+ @mock_warden.expects(:user).with(:user).returns(nil)
162
+ @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
163
+ @controller.expects(:redirect_to).with("/foo.bar")
164
+ @controller.sign_in_and_redirect(user)
165
+ end
166
+
167
+ test 'sign in and redirect uses the configured after sign in path' do
168
+ admin = Admin.new
169
+ @mock_warden.expects(:user).with(:admin).returns(nil)
170
+ @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
171
+ @controller.expects(:redirect_to).with(admin_root_path)
172
+ @controller.sign_in_and_redirect(admin)
173
+ end
174
+
175
+ test 'sign in and redirect does not sign in again if user is already signed' do
176
+ admin = Admin.new
177
+ @mock_warden.expects(:user).with(:admin).returns(admin)
178
+ @mock_warden.expects(:set_user).never
179
+ @controller.expects(:redirect_to).with(admin_root_path)
180
+ @controller.sign_in_and_redirect(admin)
181
+ end
182
+
183
+ test 'sign out and redirect uses the configured after sign out path when signing out only the current scope' do
184
+ swap Devise, :sign_out_all_scopes => false do
185
+ @mock_warden.expects(:user).with(:admin).returns(true)
186
+ @mock_warden.expects(:logout).with(:admin).returns(true)
187
+ @controller.expects(:redirect_to).with(admin_root_path)
188
+ @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
189
+ @controller.sign_out_and_redirect(:admin)
190
+ end
191
+ end
192
+
193
+ test 'sign out and redirect uses the configured after sign out path when signing out all scopes' do
194
+ swap Devise, :sign_out_all_scopes => true do
195
+ @mock_warden.expects(:logout).with().returns(true)
196
+ @controller.expects(:redirect_to).with(admin_root_path)
197
+ @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
198
+ @controller.sign_out_and_redirect(:admin)
199
+ end
200
+ end
201
+
202
+ test 'is not a devise controller' do
203
+ assert_not @controller.devise_controller?
204
+ end
205
+ end