monban 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: cd09aa083126137a0de785ca3c26497485606236
-  data.tar.gz: c5280f21c291872564c4785f29951baa4292f541
+  metadata.gz: acd6663ce53c6af5ad43f138da55020b087cea3e
+  data.tar.gz: 048b50dc5d4f0fc2bec708a5d25c50123cb865e6
 SHA512:
-  metadata.gz: c49cea5a7cef423381cd17dae58d410ce93d3ab919b27cd25d7256a0a19e662464ed80a97ddb9fec4fc33e2e161f07478981368234c3340b94b7458fbffbc693
-  data.tar.gz: 3e6ca5fd876a5c8af8ead41c791eb2a57a342003a9ef6404860ef14950edd1598fb2fc7f8d1b43f9615d0a457b39d6301017de2d50661fd9c601724e339ed892
+  metadata.gz: 9c9a8140dfa2b6c5c04aa3d4513885d8b319b30edc2852d5ca68b3d87c8d5c6d580b422650ba2b3ae1508280690ecc5100eb7f767c3316386bb118a399b844f8
+  data.tar.gz: 75e929873ffa7175559ffc0779a5366f992d157353d1ce735f3db32a6b9f03802707951ed1c0203e56ce6f50b4885d87659fd07ba42fbd9eaaadaa362be0a0ca

data/.rspec

@@ -0,0 +1 @@
+--color

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    monban (0.2.0)
+    monban (0.2.1)
       bcrypt
       rails
       warden
@@ -9,98 +9,130 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (0.6.1)
-      actionpack (>= 0.9.5)
-    actionpack (4.1.0)
-      actionview (= 4.1.0)
-      activesupport (= 4.1.0)
-      rack (~> 1.5.2)
+    actionmailer (4.2.2)
+      actionpack (= 4.2.2)
+      actionview (= 4.2.2)
+      activejob (= 4.2.2)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+    actionpack (4.2.2)
+      actionview (= 4.2.2)
+      activesupport (= 4.2.2)
+      rack (~> 1.6)
       rack-test (~> 0.6.2)
-    actionview (4.1.0)
-      activesupport (= 4.1.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.1)
+    actionview (4.2.2)
+      activesupport (= 4.2.2)
       builder (~> 3.1)
       erubis (~> 2.7.0)
-    active_hash (0.9.13)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.1)
+    active_hash (1.4.0)
       activesupport (>= 2.2.2)
-    activemodel (4.1.0)
-      activesupport (= 4.1.0)
+    activejob (4.2.2)
+      activesupport (= 4.2.2)
+      globalid (>= 0.3.0)
+    activemodel (4.2.2)
+      activesupport (= 4.2.2)
       builder (~> 3.1)
-    activerecord (4.1.0)
-      activemodel (= 4.1.0)
-      activesupport (= 4.1.0)
-      arel (~> 5.0.0)
-    activesupport (4.1.0)
-      i18n (~> 0.6, >= 0.6.9)
+    activerecord (4.2.2)
+      activemodel (= 4.2.2)
+      activesupport (= 4.2.2)
+      arel (~> 6.0)
+    activesupport (4.2.2)
+      i18n (~> 0.7)
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
-      thread_safe (~> 0.1)
+      thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-    arel (5.0.1.20140414130214)
+    arel (6.0.0)
     bcrypt (3.1.10)
     builder (3.2.2)
-    capybara (2.0.2)
+    capybara (2.4.4)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
-      selenium-webdriver (~> 2.0)
-      xpath (~> 1.0.0)
-    childprocess (0.3.7)
-      ffi (~> 1.0, >= 1.0.6)
+      xpath (~> 2.0)
     diff-lcs (1.2.5)
     erubis (2.7.0)
-    ffi (1.3.1)
-    i18n (0.6.9)
-    json (1.8.1)
-    mime-types (2.2)
-    minitest (5.3.3)
-    multi_json (1.9.3)
-    nokogiri (1.5.6)
-    rack (1.5.2)
-    rack-test (0.6.2)
+    globalid (0.3.5)
+      activesupport (>= 4.1.0)
+    i18n (0.7.0)
+    json (1.8.3)
+    loofah (2.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.6.3)
+      mime-types (>= 1.16, < 3)
+    mime-types (2.6.1)
+    mini_portile (0.6.2)
+    minitest (5.7.0)
+    nokogiri (1.6.6.2)
+      mini_portile (~> 0.6.0)
+    rack (1.6.4)
+    rack-test (0.6.3)
       rack (>= 1.0)
-    rails (0.9.5)
-      actionmailer (>= 0.6.1)
-      actionpack (>= 1.4.0)
-      activerecord (>= 1.6.0)
-      rake (>= 0.4.15)
-    railties (4.1.0)
-      actionpack (= 4.1.0)
-      activesupport (= 4.1.0)
+    rails (4.2.2)
+      actionmailer (= 4.2.2)
+      actionpack (= 4.2.2)
+      actionview (= 4.2.2)
+      activejob (= 4.2.2)
+      activemodel (= 4.2.2)
+      activerecord (= 4.2.2)
+      activesupport (= 4.2.2)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.2.2)
+      sprockets-rails
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.6)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6.0)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.2)
+      loofah (~> 2.0)
+    railties (4.2.2)
+      actionpack (= 4.2.2)
+      activesupport (= 4.2.2)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
-    rake (10.3.1)
-    rspec (2.14.1)
-      rspec-core (~> 2.14.0)
-      rspec-expectations (~> 2.14.0)
-      rspec-mocks (~> 2.14.0)
-    rspec-core (2.14.8)
-    rspec-expectations (2.14.5)
-      diff-lcs (>= 1.1.3, < 2.0)
-    rspec-mocks (2.14.6)
-    rspec-rails (2.14.2)
+    rake (10.4.2)
+    rspec (3.3.0)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+    rspec-core (3.3.1)
+      rspec-support (~> 3.3.0)
+    rspec-expectations (3.3.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-mocks (3.3.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.3.0)
+    rspec-rails (3.3.2)
+      actionpack (>= 3.0, < 4.3)
+      activesupport (>= 3.0, < 4.3)
+      railties (>= 3.0, < 4.3)
+      rspec-core (~> 3.3.0)
+      rspec-expectations (~> 3.3.0)
+      rspec-mocks (~> 3.3.0)
+      rspec-support (~> 3.3.0)
+    rspec-support (3.3.0)
+    sprockets (3.2.0)
+      rack (~> 1.0)
+    sprockets-rails (2.3.1)
       actionpack (>= 3.0)
-      activemodel (>= 3.0)
       activesupport (>= 3.0)
-      railties (>= 3.0)
-      rspec-core (~> 2.14.0)
-      rspec-expectations (~> 2.14.0)
-      rspec-mocks (~> 2.14.0)
-    rubyzip (0.9.9)
-    selenium-webdriver (2.29.0)
-      childprocess (>= 0.2.5)
-      multi_json (~> 1.0)
-      rubyzip
-      websocket (~> 1.0.4)
-    sqlite3 (1.3.7)
+      sprockets (>= 2.8, < 4.0)
+    sqlite3 (1.3.10)
     thor (0.19.1)
-    thread_safe (0.3.3)
-    tzinfo (1.1.0)
+    thread_safe (0.3.5)
+    tzinfo (1.2.2)
       thread_safe (~> 0.1)
     warden (1.2.3)
       rack (>= 1.0)
-    websocket (1.0.7)
-    xpath (1.0.0)
+    xpath (2.0.0)
       nokogiri (~> 1.3)
 
 PLATFORMS

data/NEWS.rdoc

@@ -1,3 +1,8 @@
+== 0.2.1
+* Updated documentation for test helpers
+* Updated documentation for using monban in console
+* Fixed bug with failure app now allowing actual http auth to occur
+
 == 0.2.0
 * `sign_in` test helper now returns the user
 * `authenticate_session` arguments are coerced to Hash

data/README.md

@@ -57,6 +57,15 @@ configure and change any of these:
 
 ### Suggestions
 
+#### Console Usage
+
+If you're trying to sign up a User in a console you won't be able to call User#new or User#create because the User model does not know how to encrypt passwords.
+You should instead use the sign up service in order to create the user:
+
+```ruby
+Monban.config.sign_up_service.new(email: "foo@example.com", password: "password").perform 
+```
+
 #### Validations
 
 Monban doesn't add validations to your user model unless you're using [monban generators] so it's suggested to add the following validations:
@@ -175,7 +184,7 @@ end
 
 ### Spec helpers
 
-A couple of convenience methods are available in your tests.
+A couple of convenience methods are available in your tests. In order to set this up you'll want to add the following to `rails_helper.rb` or if that doesn't exist `spec_helper.rb`
 
 ```ruby
 Monban.test_mode!
@@ -188,6 +197,8 @@ RSpec.configure do |config|
 end
 ```
 
+Then you can use any of the [test helpers] in your scenarios
+
 ```ruby
 feature "A feature spec" do
   scenario "that requires login" do
@@ -359,3 +370,4 @@ Here are a few of the current limitations of monban:
 5. Create new Pull Request
 
 [monban generators]: https://github.com/halogenandtoast/monban-generators
+[test helpers]: https://github.com/halogenandtoast/monban/blob/master/lib/monban/test/helpers.rb

data/lib/monban.rb

@@ -4,6 +4,7 @@ require "monban/configuration"
 require "monban/services"
 require "monban/controller_helpers"
 require "monban/railtie"
+require "monban/failure_app"
 require "monban/back_door"
 require "monban/warden_setup"
 require "monban/field_map"

data/lib/monban/configuration.rb

@@ -109,7 +109,7 @@ module Monban
     end
 
     def setup_warden_requirements
-      @failure_app = lambda{|e|[401, {"Content-Type" => "text/plain"}, ["Authorization Failed"]] }
+      @failure_app = Monban::FailureApp
       @authentication_strategy = Monban::Strategies::PasswordStrategy
     end
   end

data/lib/monban/failure_app.rb

@@ -0,0 +1,48 @@
+module Monban
+  class FailureApp
+    def self.call(env)
+      request = Rack::Request.new(env)
+      new(request).response
+    end
+
+    def initialize(request)
+      @request = request
+    end
+
+    def response
+      [401, headers, body]
+    end
+
+    private
+
+    attr_reader :request
+
+    def headers
+      if http_auth_header?
+        basic_headers.merge(auth_headers)
+      else
+        basic_headers
+      end
+    end
+
+    def basic_headers
+      {
+        "Content-Type" => request.content_type.to_s
+      }
+    end
+
+    def auth_headers
+      {
+        "WWW-Authenticate" => 'Basic realm="Application"'
+      }
+    end
+
+    def body
+      ["Authorization Failed"]
+    end
+
+    def http_auth_header?
+      !request.xhr?
+    end
+  end
+end

data/lib/monban/version.rb

@@ -1,4 +1,4 @@
 module Monban
-  # 0.2.0
-  VERSION = "0.2.0"
+  # 0.2.1
+  VERSION = "0.2.1"
 end

data/spec/features/user/user_tries_to_access_http_auth_page_spec.rb

@@ -0,0 +1,9 @@
+require 'spec_helper'
+
+feature 'User tries to access constrained routes' do
+  scenario 'they can access a route constrained to users' do
+    page.driver.browser.basic_authorize("admin", "password")
+    visit basic_auth_path
+    expect(page.status_code).to eq(200)
+  end
+end

data/spec/features/visitor/visitor_fails_to_sign_up_spec.rb

@@ -5,6 +5,6 @@ feature 'Visitor signs up' do
     visit sign_up_path
     click_on 'go'
 
-    page.should_not have_content("Sign out")
+    expect(page).not_to have_content("Sign out")
   end
 end

data/spec/features/visitor/visitor_signs_up_spec.rb

@@ -7,7 +7,7 @@ feature 'Visitor signs up' do
     fill_in 'user_password', with: 'password'
     click_on 'go'
 
-    page.current_path.should eq(posts_path)
+    expect(page.current_path).to eq(posts_path)
   end
 
   scenario 'multiple users' do
@@ -26,6 +26,6 @@ feature 'Visitor signs up' do
     fill_in 'session_password', with: 'password'
     click_on 'go'
 
-    page.current_path.should eq(posts_path)
+    expect(page.current_path).to eq(posts_path)
   end
 end

data/spec/monban/controller_helpers_spec.rb

@@ -46,22 +46,25 @@ module Monban
     it 'runs the block when user is signed in' do
       user = stub_sign_in
       expectation = double()
-      expectation.should_receive(:success)
+      allow(expectation).to receive(:success)
       @dummy.sign_in(user) { expectation.success }
+      expect(expectation).to have_received(:success)
     end
 
     it 'does not run the block when user can not be signed in' do
       user = stub_sign_in(false)
       expectation = double()
-      expectation.should_not_receive(:failure)
+      allow(expectation).to receive(:failure)
       @dummy.sign_in(user) { expectation.failure }
+      expect(expectation).not_to have_received(:failure)
     end
 
     it 'performs a sign out' do
       sign_out = double()
-      sign_out.should_receive(:perform)
-      Services::SignOut.should_receive(:new).with(@warden).and_return(sign_out)
+      allow(sign_out).to receive(:perform)
+      allow(Services::SignOut).to receive(:new).with(@warden).and_return(sign_out)
       @dummy.sign_out
+      expect(sign_out).to have_received(:perform)
     end
 
     it 'performs a sign_up' do
@@ -72,25 +75,27 @@ module Monban
     it 'runs the block when user is signed up' do
       user_params = stub_sign_up
       expectation = double()
-      expectation.should_receive(:success)
+      allow(expectation).to receive(:success)
       @dummy.sign_up(user_params) { expectation.success }
+      expect(expectation).to have_received(:success)
     end
 
     it 'does not run the block when user can not be signed up' do
       user_params = stub_sign_up(false)
       expectation = double()
-      expectation.should_not_receive(:failure)
-      @dummy.sign_up(user_params) { expecation.failure }
+      allow(expectation).to receive(:failure)
+      @dummy.sign_up(user_params) { expectation.failure }
+      expect(expectation).not_to have_received(:failure)
     end
 
     it 'authenticates a session' do
       session_params = { password: 'password', email: 'a@b.com' }
       user = double()
       authentication = double()
-      authentication.should_receive(:perform).and_return(user)
-      Monban.should_receive(:lookup).with({email: 'a@b.com'}, nil).and_return(user)
-      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
-      @dummy.authenticate_session(session_params).should == user
+      allow(authentication).to receive(:perform).and_return(user)
+      allow(Monban).to receive(:lookup).with({email: 'a@b.com'}, nil).and_return(user)
+      allow(Services::Authentication).to receive(:new).with(user, 'password').and_return(authentication)
+      expect(@dummy.authenticate_session(session_params)).to eq user
     end
 
     it 'authenticates a session against multiple fields' do
@@ -98,44 +103,48 @@ module Monban
       field_map = { email_or_username: [:email, :username] }
       user = double()
       authentication = double()
-      authentication.should_receive(:perform).and_return(user)
-      Monban.should_receive(:lookup).with(session_params.except(:password), field_map).and_return(user)
-      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
-      @dummy.authenticate_session(session_params, field_map).should == user
+      allow(authentication).to receive(:perform).and_return(user)
+      allow(Monban).to receive(:lookup).with(session_params.except(:password), field_map).and_return(user)
+      allow(Services::Authentication).to receive(:new).with(user, 'password').and_return(authentication)
+      expect(@dummy.authenticate_session(session_params, field_map)).to eq user
     end
 
     it 'returns false when it could not authenticate the user' do
       session_params = { password: "password", lookup_key: "lookup_key" }
       user = double()
       authentication = double()
-      authentication.should_receive(:perform).and_return(false)
-      Monban.should_receive(:lookup).with({ lookup_key: "lookup_key" }, nil).and_return(user)
-      Services::Authentication.should_receive(:new).with(user, 'password').and_return(authentication)
-      @dummy.authenticate_session(session_params).should == false
+      allow(authentication).to receive(:perform).and_return(false)
+      allow(Monban).to receive(:lookup).with({ lookup_key: "lookup_key" }, nil).and_return(user)
+      allow(Services::Authentication).to receive(:new).with(user, 'password').and_return(authentication)
+      expect(@dummy.authenticate_session(session_params)).to be_falsey
     end
 
     it 'performs an authenticate' do
       user = double()
       password = double()
       authentication = double()
-      authentication.should_receive(:perform)
-      Services::Authentication.should_receive(:new).with(user, password).and_return(authentication)
+      allow(authentication).to receive(:perform)
+      allow(Services::Authentication).to receive(:new).with(user, password).and_return(authentication)
       @dummy.authenticate user, password
+      expect(authentication).to have_received(:perform)
     end
 
     it 'returns the current user' do
-      @warden.should_receive(:user)
-      @dummy.current_user
+      current_user = double()
+      allow(@warden).to receive(:user).and_return(current_user)
+      expect(@dummy.current_user).to eq current_user
     end
 
     it 'returns signed_in?' do
-      @warden.should_receive(:user)
-      @dummy.should_not_receive(:current_user)
+      allow(@warden).to receive(:user)
+      allow(@dummy).to receive(:current_user)
       @dummy.signed_in?
+      expect(@warden).to have_received(:user)
+      expect(@dummy).not_to have_received(:current_user)
     end
 
     it 'redirects when not signed_in' do
-      @warden.should_receive(:user).and_return(false)
+      allow(@warden).to receive(:user).and_return(false)
       @dummy.require_login
       expect(@dummy.redirected).to eq(true)
       expect(@dummy.redirected_to).to eq(Monban.config.no_login_redirect)
@@ -143,28 +152,28 @@ module Monban
     end
 
     it 'does not redirect when signed_in' do
-      @warden.should_receive(:user).and_return(true)
+      allow(@warden).to receive(:user).and_return(true)
       @dummy.require_login
       expect(@dummy.redirected).to eq(false)
     end
 
     it 'returns warden' do
-      @dummy.warden.should == @warden
+      expect(@dummy.warden).to eq @warden
     end
 
     def stub_sign_in(success = true)
       user = double()
       sign_in = double()
-      sign_in.should_receive(:perform).and_return(success)
-      Services::SignIn.should_receive(:new).with(user, @warden).and_return(sign_in)
+      allow(sign_in).to receive(:perform).and_return(success)
+      allow(Services::SignIn).to receive(:new).with(user, @warden).and_return(sign_in)
       user
     end
 
     def stub_sign_up(success = true)
       user_params = double()
       sign_up = double()
-      sign_up.should_receive(:perform).and_return(success)
-      Services::SignUp.should_receive(:new).with(user_params).and_return(sign_up)
+      allow(sign_up).to receive(:perform).and_return(success)
+      allow(Services::SignUp).to receive(:new).with(user_params).and_return(sign_up)
       user_params
     end
   end

data/spec/monban/services/password_reset_spec.rb

@@ -11,10 +11,11 @@ describe Monban::Services::PasswordReset do
     password_digest = Monban.hash_token('password')
     user = double()
     field = Monban.config.user_token_store_field
-    user.should_receive(:[]=).with(field, 'passwordsecret')
+    allow(user).to receive(:[]=)
     password_reset = Monban::Services::PasswordReset.new(user, 'password')
 
     password_reset.perform
+    expect(user).to have_received(:[]=).with(field, 'passwordsecret')
   end
 
   after do

data/spec/monban/services/sign_in_spec.rb

@@ -5,8 +5,9 @@ describe Monban::Services::SignIn, '#perform' do
   it 'signs the user in' do
     user = double()
     warden = double()
-    warden.should_receive(:set_user).with(user)
+    allow(warden).to receive(:set_user)
 
     Monban::Services::SignIn.new(user, warden).perform
+    expect(warden).to have_received(:set_user).with(user)
   end
 end

data/spec/monban/services/sign_out_spec.rb

@@ -4,8 +4,9 @@ require 'monban/services/sign_out'
 describe Monban::Services::SignOut, '#perform' do
   it 'signs out the user' do
     warden = double()
-    warden.should_receive(:logout)
+    allow(warden).to receive(:logout)
 
     Monban::Services::SignOut.new(warden).perform
+    expect(warden).to have_received(:logout)
   end
 end

data/spec/monban/services/sign_up_spec.rb

@@ -9,7 +9,7 @@ describe Monban::Services::SignUp, '#perform' do
     Monban::Services::SignUp.new(user_params).perform
     expect(User).to have_received(:create) do |args|
       expect(args[:email]).to eq(user_params[:email])
-      expect(Monban.compare_token(args[:password_digest], 'password')).to be_true
+      expect(Monban.compare_token(args[:password_digest], 'password')).to be_truthy
     end
   end
 
@@ -23,7 +23,7 @@ describe Monban::Services::SignUp, '#perform' do
     end
 
     expect(user_create_double).to have_received(:call) do |args|
-      expect(Monban.compare_token(args[:password_digest], 'password')).to be_true
+      expect(Monban.compare_token(args[:password_digest], 'password')).to be_truthy
     end
   end
 

data/spec/monban/test_helpers_spec.rb

@@ -67,14 +67,14 @@ module Monban
         return_value = sign_in(user)
         app = lambda do |env|
           $captures << :run
-          env['warden'].should be_authenticated
-          env['warden'].user.should eq(user)
+          expect(env['warden']).to be_authenticated
+          expect(env['warden'].user).to eq(user)
           valid_response
         end
         setup_rack(app).call(env_with_params)
 
-        return_value.should eq(user)
-        $captures.should eq([:run])
+        expect(return_value).to eq(user)
+        expect($captures).to eq([:run])
       end
 
       it 'performs a sign out' do
@@ -85,12 +85,12 @@ module Monban
         app = lambda do |env|
           $captures << :run
           warden = env['warden']
-          warden.user.should be_nil
-          warden.should_not be_authenticated
+          expect(warden.user).to be_nil
+          expect(warden).not_to be_authenticated
         end
 
         setup_rack(app).call(env_with_params)
-        $captures.should eq([:run])
+        expect($captures).to eq([:run])
       end
     end
   end

data/spec/monban_spec.rb

@@ -9,7 +9,7 @@ describe 'Monban' do
   it "provides a .test_mode!" do
     Monban.test_mode!
     expect(Monban.hash_token('password')).to eql('password')
-    expect(Monban.compare_token('password', 'password')).to be_true
+    expect(Monban.compare_token('password', 'password')).to be_truthy
   end
 
   it "allows lookup with a field_map" do

data/spec/rails_app/app/controllers/basic_auth_controller.rb

@@ -0,0 +1,7 @@
+class BasicAuthController < ApplicationController
+  http_basic_authenticate_with name: "admin", password: "password"
+
+  def show
+    render plain: "Hello"
+  end
+end

data/spec/rails_app/app/controllers/sessions_controller.rb

@@ -1,6 +1,4 @@
 class SessionsController < ApplicationController
-  respond_to :html
-
   def new
   end
 
@@ -22,7 +20,7 @@ class SessionsController < ApplicationController
   private
 
   def session_params
-    params[:session]
+    params.require(:session).permit(:email, :password)
   end
 end
 

data/spec/rails_app/app/controllers/users_controller.rb

@@ -1,6 +1,4 @@
 class UsersController < ApplicationController
-  respond_to :html
-
   def new
     @user = User.new
   end
@@ -19,7 +17,7 @@ class UsersController < ApplicationController
   private
 
   def user_params
-    params[:user]
+    params.require(:user).permit(:email, :password)
   end
 end
 

data/spec/rails_app/config/routes.rb

@@ -20,4 +20,5 @@ RailsApp::Application.routes.draw do
   get "sign_up" => "users#new"
   get "invalid_sign_in" => "invalid_sessions#new"
   post "invalid_sign_in" => "invalid_sessions#create"
+  get "basic_auth" => "basic_auth#show"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: monban
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - halogenandtoast
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-24 00:00:00.000000000 Z
+date: 2015-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -145,6 +145,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".gitignore"
+- ".rspec"
 - ".travis.yml"
 - Gemfile
 - Gemfile.lock
@@ -158,6 +159,7 @@ files:
 - lib/monban/constraints/signed_in.rb
 - lib/monban/constraints/signed_out.rb
 - lib/monban/controller_helpers.rb
+- lib/monban/failure_app.rb
 - lib/monban/field_map.rb
 - lib/monban/railtie.rb
 - lib/monban/services.rb
@@ -174,6 +176,7 @@ files:
 - monban.gemspec
 - spec/features/user/user_signs_in_through_back_door_spec.rb
 - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
+- spec/features/user/user_tries_to_access_http_auth_page_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
 - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
@@ -197,6 +200,7 @@ files:
 - spec/rails_app/app/assets/javascripts/application.js
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/basic_auth_controller.rb
 - spec/rails_app/app/controllers/constrained_to_users_controller.rb
 - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb
@@ -250,13 +254,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: Making rails authentication as simple as possible
 test_files:
 - spec/features/user/user_signs_in_through_back_door_spec.rb
 - spec/features/user/user_tries_to_access_constrained_routes_spec.rb
+- spec/features/user/user_tries_to_access_http_auth_page_spec.rb
 - spec/features/visitor/visitor_fails_to_sign_up_spec.rb
 - spec/features/visitor/visitor_is_unauthorized_spec.rb
 - spec/features/visitor/visitor_signs_in_via_invalid_form_spec.rb
@@ -280,6 +285,7 @@ test_files:
 - spec/rails_app/app/assets/javascripts/application.js
 - spec/rails_app/app/assets/stylesheets/application.css
 - spec/rails_app/app/controllers/application_controller.rb
+- spec/rails_app/app/controllers/basic_auth_controller.rb
 - spec/rails_app/app/controllers/constrained_to_users_controller.rb
 - spec/rails_app/app/controllers/constrained_to_visitors_controller.rb
 - spec/rails_app/app/controllers/failures_controller.rb