monban 0.0.11 → 0.0.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a1cceb69d6f7307db5055ed206dae78583979907
-  data.tar.gz: 3a922f46cd094d19defc0eaa17e518da87f63190
+  metadata.gz: aca082188020521eb26286f4329290137e03ee38
+  data.tar.gz: 9bfb518930ce8de955f38ebd44371645e1051324
 SHA512:
-  metadata.gz: 2c14ee5a537e4d2dd9e003b46211e268bc49f22a62ef8218c6c36f917466d8a854de83f7b8196e10a9773a1c92610bdc0109a7e2fcc2cf6878e0d8ba205a7439
-  data.tar.gz: a60bee9c220c98b5a78289e0b0b076ecdfeb5f56b6c7313ac587db30c918fee86e82a9f482ccebefa2ff18ec2c0c231a2266c10ff323843eb3d51e1de1d28f74
+  metadata.gz: 0e43239016ff07761fc2b870276033cbad7b16f4bb8dac62555f1bb5328be648d2ec74ec69c622d6ecec46bc8f9bbcc724f758b4f518ba10cafda1212bf6b3db
+  data.tar.gz: bccdc6fe8918d5b4ee34a9127fa591bb28617ff2b1cb786fe4ca8926746b72aa2800f73dd979d18677e4f96328a6145f41becccde90253266babf00760869db1

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    monban (0.0.11)
+    monban (0.0.12)
       bcrypt
       rails
       warden
@@ -9,38 +9,35 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (3.2.11)
-      actionpack (= 3.2.11)
-      mail (~> 2.4.4)
-    actionpack (3.2.11)
-      activemodel (= 3.2.11)
-      activesupport (= 3.2.11)
-      builder (~> 3.0.0)
+    actionmailer (0.6.1)
+      actionpack (>= 0.9.5)
+    actionpack (4.1.0)
+      actionview (= 4.1.0)
+      activesupport (= 4.1.0)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    actionview (4.1.0)
+      activesupport (= 4.1.0)
+      builder (~> 3.1)
       erubis (~> 2.7.0)
-      journey (~> 1.0.4)
-      rack (~> 1.4.0)
-      rack-cache (~> 1.2)
-      rack-test (~> 0.6.1)
-      sprockets (~> 2.2.1)
     active_hash (0.9.13)
       activesupport (>= 2.2.2)
-    activemodel (3.2.11)
-      activesupport (= 3.2.11)
-      builder (~> 3.0.0)
-    activerecord (3.2.11)
-      activemodel (= 3.2.11)
-      activesupport (= 3.2.11)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activeresource (3.2.11)
-      activemodel (= 3.2.11)
-      activesupport (= 3.2.11)
-    activesupport (3.2.11)
-      i18n (~> 0.6)
-      multi_json (~> 1.0)
-    arel (3.0.3)
+    activemodel (4.1.0)
+      activesupport (= 4.1.0)
+      builder (~> 3.1)
+    activerecord (4.1.0)
+      activemodel (= 4.1.0)
+      activesupport (= 4.1.0)
+      arel (~> 5.0.0)
+    activesupport (4.1.0)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
+    arel (5.0.1.20140414130214)
     bcrypt (3.1.7)
-    builder (3.0.4)
+    builder (3.2.2)
     capybara (2.0.2)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -50,79 +47,56 @@ GEM
       xpath (~> 1.0.0)
     childprocess (0.3.7)
       ffi (~> 1.0, >= 1.0.6)
-    diff-lcs (1.1.3)
+    diff-lcs (1.2.5)
     erubis (2.7.0)
     ffi (1.3.1)
-    hike (1.2.1)
-    i18n (0.6.1)
-    journey (1.0.4)
-    json (1.7.6)
-    mail (2.4.4)
-      i18n (>= 0.4.0)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
-    mime-types (1.20.1)
-    multi_json (1.5.0)
+    i18n (0.6.9)
+    json (1.8.1)
+    mime-types (2.2)
+    minitest (5.3.3)
+    multi_json (1.9.3)
     nokogiri (1.5.6)
-    polyglot (0.3.4)
-    rack (1.4.4)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.3)
-      rack
+    rack (1.5.2)
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.2.11)
-      actionmailer (= 3.2.11)
-      actionpack (= 3.2.11)
-      activerecord (= 3.2.11)
-      activeresource (= 3.2.11)
-      activesupport (= 3.2.11)
-      bundler (~> 1.0)
-      railties (= 3.2.11)
-    railties (3.2.11)
-      actionpack (= 3.2.11)
-      activesupport (= 3.2.11)
-      rack-ssl (~> 1.3.2)
+    rails (0.9.5)
+      actionmailer (>= 0.6.1)
+      actionpack (>= 1.4.0)
+      activerecord (>= 1.6.0)
+      rake (>= 0.4.15)
+    railties (4.1.0)
+      actionpack (= 4.1.0)
+      activesupport (= 4.1.0)
       rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
-    rake (10.1.1)
-    rdoc (3.12.1)
-      json (~> 1.4)
-    rspec (2.12.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
-    rspec-core (2.12.2)
-    rspec-expectations (2.12.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.12.2)
-    rspec-rails (2.12.0)
+      thor (>= 0.18.1, < 2.0)
+    rake (10.3.1)
+    rspec (2.14.1)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
+    rspec-core (2.14.8)
+    rspec-expectations (2.14.5)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.14.6)
+    rspec-rails (2.14.2)
       actionpack (>= 3.0)
+      activemodel (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
+      rspec-core (~> 2.14.0)
+      rspec-expectations (~> 2.14.0)
+      rspec-mocks (~> 2.14.0)
     rubyzip (0.9.9)
     selenium-webdriver (2.29.0)
       childprocess (>= 0.2.5)
       multi_json (~> 1.0)
       rubyzip
       websocket (~> 1.0.4)
-    sprockets (2.2.2)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
     sqlite3 (1.3.7)
-    thor (0.17.0)
-    tilt (1.3.3)
-    treetop (1.4.15)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.39)
+    thor (0.19.1)
+    thread_safe (0.3.3)
+    tzinfo (1.1.0)
+      thread_safe (~> 0.1)
     warden (1.2.3)
       rack (>= 1.0)
     websocket (1.0.7)

data/lib/monban/configuration.rb

@@ -7,7 +7,7 @@ module Monban
     attr_accessor :sign_in_service, :sign_up_service, :sign_out_service
     attr_accessor :authentication_service, :password_reset_service
     attr_accessor :failure_app
-    attr_accessor :creation_method
+    attr_accessor :creation_method, :find_method
 
     def initialize
       setup_class_defaults
@@ -25,6 +25,10 @@ module Monban
       ->(token) { BCrypt::Password.create(token) }
     end
 
+    def default_find_method
+      ->(params) { Monban.user_class.find_by(params) }
+    end
+
     def default_password_comparison
       ->(digest, unencrypted_token) do
         BCrypt::Password.new(digest) == unencrypted_token
@@ -48,6 +52,7 @@ module Monban
       @user_token_store_field = :password_digest
       @user_lookup_field = :email
       @creation_method = default_creation_method
+      @find_method = default_find_method
     end
 
     def setup_services

data/lib/monban/constraints/signed_in.rb

@@ -0,0 +1,10 @@
+module Monban
+  module Constraints
+    class SignedIn
+      def matches?(request)
+        warden = request.env["warden"]
+        warden && warden.authenticated?
+      end
+    end
+  end
+end

data/lib/monban/services/sign_up.rb

@@ -1,9 +1,10 @@
 module Monban
   class SignUp
     def initialize user_params
-      unencrypted_token = user_params[token_field]
-      token_digest = Monban.encrypt_token(unencrypted_token)
-      @user_params = user_params.except(token_field).merge(token_store_field.to_sym => token_digest)
+      encrypted_token = token_digest(user_params)
+      @user_params = user_params.
+        except(token_field).
+        merge(token_store_field.to_sym => encrypted_token)
     end
 
     def perform
@@ -12,6 +13,13 @@ module Monban
 
     private
 
+    def token_digest(user_params)
+      unencrypted_token = user_params[token_field]
+      unless unencrypted_token.empty?
+        Monban.encrypt_token(unencrypted_token)
+      end
+    end
+
     def token_store_field
       Monban.config.user_token_store_field
     end

data/lib/monban/version.rb

@@ -1,3 +1,3 @@
 module Monban
-  VERSION = "0.0.11"
+  VERSION = "0.0.12"
 end

data/lib/monban.rb

@@ -37,7 +37,8 @@ module Monban
 
   def self.lookup(params, field_map)
     fields = FieldMap.new(params, field_map).to_fields
-    user_class.where(fields).first
+    default_fields = { Monban.config.user_lookup_field => nil }
+    self.config.find_method.call(default_fields.merge(fields))
   end
 
   def self.test_mode!
@@ -50,7 +51,7 @@ module Monban
   end
 
   def self.configure(&block)
-    self.config = Monban::Configuration.new
+    self.config ||= Monban::Configuration.new
     yield self.config
   end
 

data/spec/features/visitor/visitor_fails_to_sign_up_spec.rb

@@ -5,6 +5,6 @@ feature 'Visitor signs up' do
     visit sign_up_path
     click_on 'go'
 
-    expect(page).not_to have_content("Sign out")
+    page.should_not have_content("Sign out")
   end
 end

data/spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb

@@ -0,0 +1,11 @@
+require 'spec_helper'
+
+feature 'Visitor signs in with invalid form' do
+  scenario 'is not signed in' do
+    Monban::SignUp.new(email: 'email@example.com', password: 'password').perform
+    visit invalid_sign_in_path
+    fill_in "session_password", with: 'password'
+    click_button 'go'
+    expect(page).to have_content("Sign in")
+  end
+end

data/spec/monban/services/sign_up_spec.rb

@@ -22,7 +22,28 @@ describe Monban::SignUp, '#perform' do
     end
 
     user_params = { email: 'email@example.com', password: 'password' }
-    Monban.config.creation_method = user_create_double
+    swap_creation_method user_create_double do
+      Monban::SignUp.new(user_params).perform
+    end
+  end
+
+  def swap_creation_method(new_creation_method, &block)
+    old_creation_method = Monban.config.creation_method
+    Monban.config.creation_method = new_creation_method
+    yield
+  ensure
+    Monban.config.creation_method = old_creation_method
+  end
+
+  it 'does not create a user with an empty password' do
+    create = double
+    stub_const('User', create)
+    user_params = { email: 'email@example.com', password: '' }
+
+    create.should_receive(:create) do |args|
+      args[:password_digest].should be_nil
+    end
+
     Monban::SignUp.new(user_params).perform
   end
 end

data/spec/rails_app/app/controllers/invalid_sessions_controller.rb

@@ -0,0 +1,2 @@
+class InvalidSessionsController < SessionsController
+end

data/spec/rails_app/app/models/user.rb

@@ -3,4 +3,8 @@ class User < ActiveHash::Base
   include ActiveModel::Validations
   attr_accessor :email, :password_digest, :password
   validates :email, presence: true
+
+  def self.find_by(params)
+    where(params).first
+  end
 end

data/spec/rails_app/app/views/invalid_sessions/new.html.erb

@@ -0,0 +1,4 @@
+<%= form_for :session do |f| %>
+  <%= f.text_field :password %>
+  <%= f.submit 'go' %>
+<% end %>

data/spec/rails_app/app/views/layouts/application.html.erb

@@ -9,6 +9,8 @@
 <body>
   <% if signed_in? %>
     <%= link_to "Sign out", sign_out_path, method: :delete %>
+  <% else %>
+    <%= link_to "Sign in", sign_in_path %>
   <% end %>
 <%= yield %>
 

data/spec/rails_app/config/routes.rb

@@ -7,4 +7,6 @@ RailsApp::Application.routes.draw do
   post "sign_in" => "sessions#create"
   delete "sign_out" => "sessions#destroy"
   get "sign_up" => "users#new"
+  get "invalid_sign_in" => "invalid_sessions#new"
+  post "invalid_sign_in" => "invalid_sessions#create"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: monban
 version: !ruby/object:Gem::Version
-  version: 0.0.11
+  version: 0.0.12
 platform: ruby
 authors:
 - halogenandtoast
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-28 00:00:00.000000000 Z
+date: 2014-05-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -161,6 +161,7 @@ files:
 - lib/monban.rb
 - lib/monban/back_door.rb
 - lib/monban/configuration.rb
+- lib/monban/constraints/signed_in.rb
 - lib/monban/controller_helpers.rb
 - lib/monban/field_map.rb
 - lib/monban/railtie.rb
@@ -178,6 +179,7 @@ files:
 - monban.gemspec
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
+- spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
 - spec/features/visitor/visitor_signs_up_spec.rb
 - spec/features/visitor/visitor_uses_remember_token_spec.rb
 - spec/monban/controller_helpers_spec.rb
@@ -196,11 +198,13 @@ files:
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb
+- spec/rails_app/app/controllers/invalid_sessions_controller.rb
 - spec/rails_app/app/controllers/posts_controller.rb
 - spec/rails_app/app/controllers/sessions_controller.rb
 - spec/rails_app/app/controllers/users_controller.rb
 - spec/rails_app/app/helpers/application_helper.rb
 - spec/rails_app/app/models/user.rb
+- spec/rails_app/app/views/invalid_sessions/new.html.erb
 - spec/rails_app/app/views/layouts/application.html.erb
 - spec/rails_app/app/views/posts/index.html.erb
 - spec/rails_app/app/views/sessions/new.html.erb
@@ -251,6 +255,7 @@ summary: Making rails authentication as simple as possible
 test_files:
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
+- spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
 - spec/features/visitor/visitor_signs_up_spec.rb
 - spec/features/visitor/visitor_uses_remember_token_spec.rb
 - spec/monban/controller_helpers_spec.rb
@@ -269,11 +274,13 @@ test_files:
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb
+- spec/rails_app/app/controllers/invalid_sessions_controller.rb
 - spec/rails_app/app/controllers/posts_controller.rb
 - spec/rails_app/app/controllers/sessions_controller.rb
 - spec/rails_app/app/controllers/users_controller.rb
 - spec/rails_app/app/helpers/application_helper.rb
 - spec/rails_app/app/models/user.rb
+- spec/rails_app/app/views/invalid_sessions/new.html.erb
 - spec/rails_app/app/views/layouts/application.html.erb
 - spec/rails_app/app/views/posts/index.html.erb
 - spec/rails_app/app/views/sessions/new.html.erb