hero_generator 0.0.1.alpha5 → 0.0.1.alpha6

data/lib/generators/hero/authentication/templates/models/user.rb

@@ -0,0 +1,144 @@
+class User < ActiveRecord::Base
+  attr_accessible :email, :password, :password_confirmation, :new_email_confirmation, :set_new_email
+  
+  attr_accessor :password, :password_confirmation, :update_password, :new_email_confirmation, :set_new_email
+  before_save :encrypt_password
+     
+  validates_format_of :email, :with => /^([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)$/i
+  validates_presence_of :email
+  validates_uniqueness_of :email, :unless => :confirmed_duplicate
+  
+  validates_presence_of     :password, :if => :should_validate_password?
+  validates_length_of       :password, :if => :should_validate_password?,
+                                       :within => 3..30,
+                                       :too_short => 'too short message',
+                                       :too_long => 'too long message'
+
+  validates_confirmation_of :password, :if => :should_validate_password?
+  
+  #set new email
+  validates_presence_of     :new_email, :if => :should_validate_new_email?
+  validates_format_of :new_email, :with => /^([\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+\.)*[\w\!\#$\%\&\'\*\+\-\/\=\?\^\`{\|\}\~]+@((((([a-z0-9]{1}[a-z0-9\-]{0,62}[a-z0-9]{1})|[a-z])\.)+[a-z]{2,6})|(\d{1,3}\.){3}\d{1,3}(\:\d{1,5})?)$/i, 
+                                  :if => :should_validate_new_email?
+                                  
+  validates_presence_of     :new_email_confirmation, :if => :should_validate_new_email?                       
+  validates_confirmation_of :new_email, :if => :should_validate_new_email?  
+  
+      
+  def new_email=(new_email)
+    self[:new_email] = new_email if self.set_new_email.present?
+  end
+
+  
+  def confirm_signup!
+    update_attribute(:confirmed, Time.now)
+    update_attribute(:signup_token, nil)
+  end
+
+  def confirm_password!(password)
+    update_attribute(:password, password)
+    update_attribute(:password_token, nil)
+  end
+
+  def confirm_new_email!
+    update_attribute(:email, new_email)
+    update_attribute(:new_email_token, nil)
+  end
+  
+  def confirmed?
+    !self.confirmed.nil?
+  end
+  
+  def self.confirmed
+    where("confirmed IS NOT NULL")
+  end
+  
+  def self.with_email(email)
+    where(:email => email)
+  end
+    
+  # Wenn der User sich registriert, dann wird ein signup_token für ihn hinterlegt.
+  # Dieser Token wird per Mail verschickt. Der User kann sich nun per Klick auf den
+  # Tokenlink verifizieren. Sollte die Mail nicht mehr erreichbar sein, so kann der User
+  # unter Angabe seiner Email einen neuen signup_Token anfordern. Der alte Token ist
+  # ab diesem Zeitpunkt ungültig.
+
+  # Nach erfolgreicher Verifizierung der Email-Adresse) wird das
+  # Feld confirmed mit einem Datum gefüllt. Ab diesem Zeitpunkt kann keine neuer
+  # Confirmation-Token generiert und verschickt werden.
+    
+  def confirmed_duplicate
+    if ((User.confirmed.with_email(self.email).count == 0) || (User.with_email(self.email).count == 0))
+      true
+    else
+      self.id = User.confirmed.with_email(self.email).first.id    
+      false
+    end
+  end
+      
+  def should_validate_new_email?
+    set_new_email.present?
+  end  
+        
+  def should_validate_password?
+    update_password || new_record?
+  end    
+  
+  def self.authenticate(email, password)
+    user = find_by_email(email)
+    if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt) 
+      user
+    else
+      nil
+    end    
+  end
+  
+  def encrypt_password
+    if password.present?
+      self.password_salt = BCrypt::Engine.generate_salt
+      self.password_hash = BCrypt::Engine.hash_secret(password, password_salt) 
+    end
+  end
+  
+  
+  def send_password_reset  
+    if generate_token(:password_token)
+      ConfirmationMailer.send_password_reset( self ).deliver
+    end
+  end
+  
+  def send_registration
+    if generate_token(:signup_token)
+      ConfirmationMailer.registration( self ).deliver
+    end
+  end
+  
+  def resend_signup_token
+    if !confirmed? && generate_token(:signup_token)
+      ConfirmationMailer.resend_signup_token( self ).deliver
+    end
+  end
+  
+  def send_new_email_request
+    if generate_token(:new_email_token)
+      ConfirmationMailer.new_email_request( self ).deliver
+    end
+  end
+    
+  def send_new_email( new_email )
+    if self.set_new_email.present?
+      if self.save
+        send_new_email_request
+        self.set_new_email = false
+      end
+    end
+  end
+  
+  private
+  
+  def generate_token( token )
+    (defined?( token ) && update_attribute( token, SecureRandom.hex(13) ))? true : false
+  end  
+end
+
+

data/lib/generators/hero/authentication/templates/tests/spec/controllers/sessions_controller_spec.rb

@@ -0,0 +1,6 @@
+require 'spec_helper'
+
+describe SessionsController do
+
+
+end

data/lib/generators/hero/authentication/templates/tests/spec/controllers/users_controller_spec.rb

@@ -0,0 +1,6 @@
+require 'spec_helper'
+
+describe UsersController do
+
+
+end

data/lib/generators/hero/authentication/templates/tests/spec/factories.rb

@@ -0,0 +1,20 @@
+#Factory.define :propertyname do |f|  
+#  f.p0 "eins"
+#  f.p1 ""  
+#  f.p2 ""  
+#  f.p3 ""  
+#end  
+
+
+Factory.define :user do |u|
+  
+  u.email { Factory.next(:email) }
+  u.password 'secret'
+  #u.password_confirmation 'secret'
+end
+
+
+Factory.sequence :email do |n|
+   names = %w[ joe bob sue ]
+   "#{names[rand names.count]}#{n}@somewhere.com"
+end

data/lib/generators/hero/authentication/templates/tests/spec/models/user_spec.rb

@@ -0,0 +1,154 @@
+require 'spec_helper'
+
+describe User do
+
+  before(:each) do
+    @user = Factory.build(:user)
+  end
+
+  it "should have an email field" do
+    @user.should respond_to(:email)
+  end
+
+  it "should be valid when created by factory" do
+    @user.should be_valid
+  end
+  
+  it "should be invalid without email" do
+    @user.email = nil
+    @user.should_not be_valid
+  end
+    
+  it "should be invalid without password" do
+    @user.password = nil
+    @user.should_not be_valid
+  end
+
+  it "should only accept real emails" do
+    @user.email = nil
+
+    [ 'foo', 'foo.org', 'foo@.org', 'foo@', 'foo@@bar.org', '@bar.org' ].each do |email|
+      @user.email = email
+      @user.should_not be_valid
+    end
+    
+    @user.email = 'foo@bar.org'
+    @user.should be_valid      
+  end
+      
+
+  it "email address should only exist once" do
+    same_email = 'foo@bar.org'
+    
+    @user.email = same_email
+    @user.confirmed = Time.now
+    @user.save    
+    
+    @other_user = Factory.build( :user, :email => same_email )
+    @other_user.should_not be_valid  
+    
+    @other_user.email = 'foo@otherbar.org'
+    @other_user.should be_valid
+  end
+  
+  it 'saves same passwords with different salts' do
+    same_password = 'secret'
+    @user.password = same_password
+    @user.save
+    
+    @other_user = Factory.build( :user, :password => same_password ) 
+    @other_user.save
+        
+    @user.password_hash.should_not == @other_user.password_hash
+    @user.password_salt.should_not == @other_user.password_salt    
+  end
+  
+  it 'should authenticate valid user' do
+    @user.save
+    @user.should == User.authenticate( @user.email, @user.password )
+    
+    User.authenticate( '', @user.password ).should == nil
+    User.authenticate( @user.email, '' ).should == nil
+  end
+  
+  it 'should be confirmable' do
+    @user.should respond_to( :confirm_signup! )
+    @user.should respond_to( :confirmed? )
+    
+    @user.confirmed?.should be false
+    @user.confirm_signup!
+    @user.confirmed?.should be true
+  end
+
+  it 'has confirmation token' do
+    @user.save
+    @user.send_registration
+    @user.signup_token.should match /^[\da-z]{26}$/
+  end    
+  
+  describe "#send_password_reset" do
+    let(:user) { Factory(:user) }
+    
+    it "generate a unique password_token each time" do
+      user.send_password_reset
+      last_token = user.password_token
+      user.send_password_reset
+      user.password_token.should_not eq(last_token)
+    end
+  
+    it "delivers email to user" do
+      user.send_password_reset
+      last_email.to.should include(user.email)
+    end
+  end
+  
+  describe "#send_password_reset" do
+    
+    it "should not set false emails" do
+      @user.email = "hallo@mail.de"
+      @user.set_new_email = true
+      [ 'foo', 'foo.org', 'foo@.org', 'foo@', 'foo@@bar.org', '@bar.org' ].each do |email|
+        @user.new_email = email
+        @user.new_email_confirmation = email
+        @user.should_not be_valid
+      end
+    end
+      
+    it "should set true emails" do
+      @user.set_new_email = true      
+      @user.new_email = 'foo@bar.org'
+      @user.new_email_confirmation = 'foo@bar.org'
+      @user.should be_valid
+    end
+    
+    it "should not set new emails without confirmation" do      
+      @user.set_new_email = true
+      @user.new_email = 'foo@bar.org'
+      @user.new_email_confirmation = nil
+      @user.should_not be_valid      
+    end    
+    
+    it "should not set new emails with false confirmation" do      
+      @user.set_new_email = true
+      @user.new_email = 'foo@bar.org'
+      @user.new_email_confirmation = 'ups@bar.org'
+      @user.should_not be_valid      
+    end     
+    
+    it "should not set new emails without set_new_email flag" do      
+      @user.set_new_email = nil
+      @user.new_email = 'foo@bar.org'
+      @user.new_email_confirmation = 'foo@bar.org'
+      @user.should be_valid      
+      @user.save
+      @user2 = User.find(@user.id)
+      @user2.new_email.should be_blank
+    end
+    
+    it "should not set new_email to a confirmed email address" do
+    
+    end
+        
+  end  
+
+end

data/lib/generators/hero/authentication/templates/tests/spec/requests/new_email_request_spec.rb

@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe "send new email" do
+
+  before(:each) do
+    @user = Factory(:user, :confirmed => Time.now)   
+    visit log_in_path
+    fill_in "email", :with => @user.email
+    fill_in "password", :with => @user.password
+    click_button "log_in_button"
+  end
+  
+  describe "GET index" do
+    it "send new email request" do
+      visit "/settings/index"
+      new_email = "neue@example.com"
+      fill_in "user_new_email", :with => new_email
+      fill_in "user_new_email_confirmation", :with => new_email
+      fill_in "user_password", :with => @user.password
+      click_button "change_email_button"  
+      @user = User.find(@user.id)
+      @user.new_email.should eq(new_email)
+    end        
+  end
+ 
+        
+  it "set new email with link" do
+    @user.set_new_email = true
+    @user.new_email = "new@email.de"
+    @user.new_email_confirmation = "new@email.de"
+    @user.send_new_email_request
+    @user.save
+
+    visit new_email_path(:token => @user.new_email_token)
+
+    @user = User.find @user.id
+    @user.email.should eq(@user.new_email)
+  end 
+
+  it "shows form if token is invalid" do
+    @user.set_new_email = true
+    @user.new_email = "new@email.de"
+    @user.new_email_confirmation = "new@email.de"
+    @user.send_new_email_request
+    @user.save
+   
+    visit new_email_path(:token => "wrong token here")
+    click_button "new_email_token_button"
+
+  end
+  
+  it "set new email with password token form" do
+    @user.set_new_email = true
+    @user.new_email = "new@email.de"
+    @user.new_email_confirmation = "new@email.de"
+    @user.send_new_email_request
+    @user.save
+
+    visit new_email_path    
+    fill_in "token", :with => @user.new_email_token
+    click_button "new_email_token_button"
+    
+    @user = User.find @user.id
+    @user.email.should eq(@user.new_email)
+  end 
+            
+end
+
+

data/lib/generators/hero/authentication/templates/tests/spec/requests/password_resets_spec.rb

@@ -0,0 +1,58 @@
+require 'spec_helper'
+
+describe "PasswordResets" do
+  it "emails user when requesting password reset" do
+    user = Factory(:user)
+    visit log_in_path
+    click_link "password_forgotten_link"
+    fill_in "email", :with => user.email
+    click_button "send_new_password_button"
+    current_path.should eq root_path
+    page.should have_content( I18n.t( "fe.confirmation.order_new_password.flash.success" ))
+    last_email.to.should include(user.email)
+  end
+  
+  it "does not email invalid user when requesting password reset" do
+    visit log_in_path
+    click_link "password_forgotten_link"
+    fill_in "email", :with => "diese.mail@gibt.es.nicht.de"
+    click_button "send_new_password_button"
+    current_path.should eq root_path
+    last_email.should be_nil
+  end
+    
+  it "password recovery with password token form" do
+    user = Factory(:user, :password_token => "ein_kleiner_token")
+    visit recover_password_auth_path
+    fill_in "token", :with => user.password_token
+    click_button "password_token_button"
+    current_path.should eq recover_password_path
+  end
+    
+  it "password recovery without valid token leads to token_form" do
+    params = { :token => 'den_token_gibt_es_nicht' }
+    visit recover_password_path
+    current_path.should eq recover_password_auth_path
+  end
+      
+  it "password recovery with valid token leads password recover form and user sets new pw" do
+    user = Factory(:user, :password_token => "12345", :confirmed => Time.now)
+    visit recover_password_path(:token => "12345")
+    current_path.should eq recover_password_path(:token => "12345") 
+    fill_in "recover_password", :with => "geheim"
+    fill_in "recover_password_confirmation", :with => "geheim"
+    click_button "recover_password_button"
+    current_path.should eq log_in_path
+    
+    ## and logs in with new password
+    fill_in "email", :with => user.email
+    fill_in "password", :with => "geheim"
+    click_button "log_in_button"
+    current_path.should eq root_path
+    page.should have_content( I18n.t( "fe.session.create.flash.success" )) 
+  end
+       
+        
+end
+
+

data/lib/generators/hero/authentication/templates/tests/spec/requests/user_confirmation_spec.rb

@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe "UserConfirmation" do
+  it "emails user to confirm his sign up" do
+    visit sign_up_form_path
+    fill_in "user_email", :with => "test@test.de"
+    fill_in "user_password", :with => "geheim"
+    fill_in "user_password_confirmation", :with => "geheim"
+    click_button "sign_up_button"
+    current_path.should eq root_path
+    page.should have_content( I18n.t( "fe.user.create.flash.success" ))
+    last_email.to.should include("test@test.de")
+  end
+
+  it "user uses confirmation token form and is confirmed" do
+    user = Factory(:user, :signup_token => "halloklaus")
+    visit confirm_path(:action => :registration)
+    fill_in "token", :with => user.signup_token
+    click_button "token_button"
+    current_path.should eq log_in_path
+    page.should have_content( I18n.t( "fe.confirmation.registration.flash.success" ))
+  end
+    
+  it "user not confirmed with false confirmation token" do
+    user = Factory(:user, :signup_token => "halloklaus")
+    visit confirm_path(:action => :registration)
+    fill_in "token", :with => "ein_anderer_token"
+    click_button "token_button"
+    current_path.should eq confirm_path(:action => :registration)
+    page.should have_content( I18n.t( "fe.confirmation.registration.flash.error" ))
+  end
+    
+  it "user asks for new confirmation token" do
+    user = Factory(:user, :signup_token => "halloklaus2")
+    visit confirm_path(:action => :registration)
+    click_link "resend_signup_token"
+    current_path.should eq confirm_path(:action => "resend_confirmation")
+    fill_in "email", :with => user.email
+    fill_in "password", :with => user.password
+    click_button "resend_signup_token_button"
+    user = User.find(user.id)
+    last_email.to.should include(user.email)
+    page.should have_content( I18n.t( "fe.confirmation.resend_signup_token.flash.success" ))
+    user.signup_token.should_not eq "halloklaus2"    
+  end
+      
+  it "confirmed user cannot request new confirmation token" do
+    user = Factory(:user, :signup_token => "halloklaus", :confirmed => Time.now)
+    visit confirm_path(:action => :registration)
+    click_link "resend_signup_token"
+    current_path.should eq confirm_path(:action => "resend_confirmation")
+    fill_in "email", :with => user.email
+    fill_in "password", :with => user.password
+    click_button "resend_signup_token_button"
+    last_email.should eq nil
+    current_path.should eq log_in_path
+    page.should have_content( I18n.t( "fe.confirmation.resend_signup_token.flash.error" ))
+  end
+  
+      
+end

data/lib/generators/hero/authentication/templates/tests/spec/requests/user_sign_in_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe "UserSignIn" do
+  it "Signed up user cannot login if not confirmed" do
+    user = Factory(:user, :confirmed => nil)   
+    visit log_in_path
+    fill_in "email", :with => user.email
+    fill_in "password", :with => user.password
+    click_button "log_in_button"
+    page.should have_content( I18n.t( "fe.session.create.flash.error.not_confirmed" ))
+    current_path.should eq confirm_path(:action => :registration)
+  end
+end

data/lib/generators/hero/authentication/templates/tests/spec/requests/user_sign_up_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe "UserSignUp" do
+
+  it "User can sign up" do   
+    visit sign_up_form_path
+    fill_in "user_email", :with => "hallo@test.de"
+    fill_in "user_password", :with => "geheim"
+    fill_in "user_password_confirmation", :with => "geheim"    
+    click_button "sign_up_button"
+    page.should have_content( I18n.t( "fe.user.create.flash.success" ))
+    current_path.should eq root_path
+  end
+  
+  [
+   {:email => "test@test.de", :password => "",       :password_confirmation => ""},
+   {:email => "test@test.de", :password => "geheim", :password_confirmation => ""},
+   {:email => "test@test.de", :password => "geheim", :password_confirmation => "gehei_"},
+   {:email => "test@test.de", :password => "",       :password_confirmation => "geheim"},
+   {:email => "test@test",    :password => "geheim", :password_confirmation => "geheim"},
+   {:email => "testtest.de",  :password => "geheim", :password_confirmation => "geheim"}    
+  ].each do |u|
+    it "User cannot sign up with wrong parameters" do   
+      visit sign_up_form_path
+      fill_in "user_email", :with => u[:email]
+      fill_in "user_password", :with => u[:password]
+      fill_in "user_password_confirmation", :with => u[:password_confirmation]
+      click_button "sign_up_button"
+      page.should have_content( I18n.t( "fe.user.create.flash.error" ))
+    end
+  end  
+  
+  
+  it "User can sign up with used email-address unless confirmed" do 
+    user = Factory(:user)  
+    visit sign_up_form_path
+    fill_in "user_email", :with => user.email
+    fill_in "user_password", :with => "geheim"
+    fill_in "user_password_confirmation", :with => "geheim"
+    click_button "sign_up_button"
+    page.should have_content( I18n.t( "fe.user.create.flash.success" ))
+  end
+      
+  it "User cannot sign up with used email-address if confirmed" do 
+    user = Factory(:user)
+    user.confirm_signup!
+    visit sign_up_form_path
+    fill_in "user_email", :with => user.email
+    fill_in "user_password", :with => "geheim"
+    fill_in "user_password_confirmation", :with => "geheim"
+    click_button "sign_up_button"
+    page.should have_content( I18n.t( "fe.user.create.flash.error" ))
+  end
+        
+end

data/lib/generators/hero/authentication/templates/tests/spec/routing/confirmation_mailer_spec.rb

@@ -0,0 +1,49 @@
+require 'spec_helper'
+
+describe ConfirmationMailer do
+   
+  describe "#password_reset" do
+    let(:user) { Factory(:user, :password_token => "irgendwas") }
+    let(:mail) { ConfirmationMailer.send_password_reset(user) }
+    
+    it "send user password reset url" do
+      mail.subject.should eq( I18n.t( 'confirmation_mailer.send_password_reset.subject' ))
+      mail.to.should eq([user.email])
+      mail.body.encoded.should match(recover_password_url(user.password_token))
+    end
+  end
+    
+  describe "#registration" do 
+    let(:user) { Factory(:user, :signup_token => "irgendwas") }
+    let(:mail) { ConfirmationMailer.registration(user) }
+              
+    it "send user confirmation url" do
+      mail.subject.should eq( I18n.t( 'confirmation_mailer.registration.subject' ))
+      mail.to.should eq([user.email])
+      mail.body.encoded.should match(confirm_url(user.signup_token))
+    end
+  end
+      
+  describe "#new_user_email" do 
+    let(:user) { Factory(:user, :set_new_email => true, :new_email => "new@email.de", :new_email_confirmation => "new@email.de" , :new_email_token => "irgendwas") }
+    let(:mail) { ConfirmationMailer.new_email_request(user) }
+              
+    it "send user new email confirmation url" do
+      mail.subject.should eq( I18n.t( 'confirmation_mailer.new_email_request.subject' ))
+      mail.to.should eq([user.new_email])
+      mail.body.encoded.should match( new_email_url(user.new_email_token ))
+    end
+  end
+        
+  describe "#resend_signup_token" do 
+    let(:user) { Factory(:user, :signup_token => "irgendwas") }
+    let(:mail) { ConfirmationMailer.resend_signup_token(user) }
+              
+    it "send user new confirmation url" do
+      mail.subject.should eq( I18n.t( 'confirmation_mailer.resend_signup_token.subject' ))
+      mail.to.should eq([user.email])
+      mail.body.encoded.should match(confirm_url( :registration, user.signup_token ))
+    end
+  end
+        
+end

data/lib/generators/hero/authentication/templates/tests/spec/spec_helper.rb

@@ -0,0 +1,34 @@
+# This file is copied to spec/ when you run 'rails generate rspec:install'
+ENV["RAILS_ENV"] ||= 'test'
+require File.expand_path("../../config/environment", __FILE__)
+require 'rspec/rails'
+require 'capybara/rspec'
+
+# Requires supporting ruby files with custom matchers and macros, etc,
+# in spec/support/ and its subdirectories.
+
+Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
+
+ConfirmationMailer.default_url_options = { :host => 'localhost:3000' }
+
+RSpec.configure do |config| 
+  config.mock_with :rspec
+  config.use_transactional_fixtures = false
+  config.include(MailerMacros)
+  config.before(:each) { reset_email }
+  
+  config.before(:suite) do
+    DatabaseCleaner.strategy = :transaction
+    DatabaseCleaner.clean_with(:truncation)
+  end
+
+  config.before(:each) do
+    DatabaseCleaner.start
+  end
+
+  config.after(:each) do
+    DatabaseCleaner.clean
+  end  
+  
+end
+

data/lib/generators/hero/authentication/templates/tests/spec/support/mailer_macros.rb

@@ -0,0 +1,10 @@
+module MailerMacros
+  def last_email
+    ActionMailer::Base.deliveries.last
+  end
+  
+  def reset_email
+    ActionMailer::Base.deliveries = []
+  end
+
+end