mongoid-devise 1.0.1

data/lib/devise/strategies/rememberable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Remember the user through the remember token. This strategy is responsible
+    # to verify whether there is a cookie with the remember token, and to
+    # recreate the user from this cookie if it exists.  Must be called *before*
+    # authenticatable.
+    class Rememberable < Devise::Strategies::Base
+
+      # A valid strategy for rememberable needs a remember token in the cookies.
+      def valid?
+        remember_me_cookie.present? && mapping.to.respond_to?(:serialize_from_cookie)
+      end
+
+      # To authenticate a user we deserialize the cookie and attempt finding
+      # the record in the database. If the attempt fails, we pass to another
+      # strategy handle the authentication.
+      def authenticate!
+        if resource = mapping.to.serialize_from_cookie(remember_me_cookie)
+          success!(resource)
+        else
+          pass
+        end
+      end
+
+    private
+
+      # Accessor for remember cookie
+      def remember_me_cookie
+        @remember_me_cookie ||= request.cookies["remember_#{mapping.name}_token"]
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:rememberable, Devise::Strategies::Rememberable)

data/lib/devise/strategies/token_authenticatable.rb

@@ -0,0 +1,37 @@
+require 'devise/strategies/base'
+
+module Devise
+  module Strategies
+    # Strategy for signing in a user, based on a authenticatable token.
+    # Redirects to sign_in page if it's not authenticated.
+    class TokenAuthenticatable < Base
+      def valid?
+        mapping.to.respond_to?(:authenticate_with_token) && authentication_token(scope).present?
+      end
+
+      # Authenticate a user based on authenticatable token params, returning to warden
+      # success and the authenticated user if everything is okay. Otherwise redirect
+      # to sign in page.
+      def authenticate!
+        if resource = mapping.to.authenticate_with_token(params[scope] || params)
+          success!(resource)
+        else
+          fail!(:invalid_token)
+        end
+      end
+
+    private
+
+      # Detect authentication token in params: scoped or not.
+      def authentication_token(scope)
+        if params[scope]
+          params[scope][mapping.to.token_authentication_key]
+        else
+          params[mapping.to.token_authentication_key]
+        end
+      end
+    end
+  end
+end
+
+Warden::Strategies.add(:token_authenticatable, Devise::Strategies::TokenAuthenticatable)

data/lib/devise/test_helpers.rb

@@ -0,0 +1,86 @@
+module Devise
+  module TestHelpers
+    def self.included(base)
+      base.class_eval do
+        setup :setup_controller_for_warden, :warden if respond_to?(:setup)
+      end
+    end
+
+    # This is a Warden::Proxy customized for functional tests. It's meant to
+    # some of Warden::Manager responsibilities, as retrieving configuration
+    # options and calling the FailureApp.
+    class TestWarden < Warden::Proxy #:nodoc:
+      attr_reader :controller
+
+      def initialize(controller)
+        @controller = controller
+        manager = Warden::Manager.new(nil) do |config|
+          Devise.configure_warden(config)
+        end
+        super(controller.request.env, manager)
+      end
+
+      def authenticate!(*args)
+        catch_with_redirect { super }
+      end
+
+      def catch_with_redirect(&block)
+        result = catch(:warden, &block)
+
+        if result.is_a?(Hash) && !custom_failure? && !@controller.send(:performed?)
+          result[:action] ||= :unauthenticated
+
+          env = @controller.request.env
+          env["PATH_INFO"] = "/#{result[:action]}"
+          env["warden.options"] = result
+          Warden::Manager._before_failure.each{ |hook| hook.call(env, result) }
+
+          status, headers, body = Devise::FailureApp.call(env).to_a
+          @controller.send :redirect_to, headers["Location"]
+        else
+          result
+        end
+      end
+    end
+
+    # We need to setup the environment variables and the response in the controller.
+    def setup_controller_for_warden #:nodoc:
+      @request.env['action_controller.rescue.request']  = @request
+      @request.env['action_controller.rescue.response'] = @response
+      @request.env['rack.session'] = session
+      @controller.response = @response
+    end
+
+    # Quick access to Warden::Proxy.
+    def warden #:nodoc:
+      @warden ||= (@request.env['warden'] = TestWarden.new(@controller))
+    end
+
+    # sign_in a given resource by storing its keys in the session.
+    #
+    # Examples:
+    #
+    #   sign_in :user, @user   # sign_in(scope, resource)
+    #   sign_in @user          # sign_in(resource)
+    #
+    def sign_in(resource_or_scope, resource=nil)
+      scope    ||= Devise::Mapping.find_scope!(resource_or_scope)
+      resource ||= resource_or_scope
+      warden.session_serializer.store(resource, scope)
+    end
+
+    # Sign out a given resource or scope by calling logout on Warden.
+    #
+    # Examples:
+    #
+    #   sign_out :user     # sign_out(scope)
+    #   sign_out @user     # sign_out(resource)
+    #
+    def sign_out(resource_or_scope)
+      scope = Devise::Mapping.find_scope!(resource_or_scope)
+      @controller.instance_variable_set(:"@current_#{scope}", nil)
+      warden.logout(scope)
+    end
+
+  end
+end

data/lib/devise/version.rb

@@ -0,0 +1,3 @@
+module Devise
+  VERSION = "1.0.1".freeze
+end

data/test/controllers/helpers_test.rb

@@ -0,0 +1,177 @@
+require 'test/test_helper'
+require 'ostruct'
+
+class MockController < ApplicationController
+  attr_accessor :env
+
+  def request
+    self
+  end
+
+  def path
+    ''
+  end
+end
+
+class ControllerAuthenticableTest < ActionController::TestCase
+  tests MockController
+
+  def setup
+    @controller = MockController.new
+    @mock_warden = OpenStruct.new
+    @controller.env = { 'warden' => @mock_warden }
+    @controller.session = {}
+  end
+
+  test 'setup warden' do
+    assert_not_nil @controller.warden
+  end
+
+  test 'provide access to warden instance' do
+    assert_equal @controller.warden, @controller.env['warden']
+  end
+
+  test 'proxy signed_in? to authenticated' do
+    @mock_warden.expects(:authenticate?).with(:scope => :my_scope)
+    @controller.signed_in?(:my_scope)
+  end
+
+  test 'proxy current_admin to authenticate with admin scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :admin)
+    @controller.current_admin
+  end
+
+  test 'proxy current_user to authenticate with user scope' do
+    @mock_warden.expects(:authenticate).with(:scope => :user)
+    @controller.current_user
+  end
+
+  test 'proxy user_authenticate! to authenticate with user scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :user)
+    @controller.authenticate_user!
+  end
+
+  test 'proxy admin_authenticate! to authenticate with admin scope' do
+    @mock_warden.expects(:authenticate!).with(:scope => :admin)
+    @controller.authenticate_admin!
+  end
+
+  test 'proxy user_signed_in? to authenticate? with user scope' do
+    @mock_warden.expects(:authenticate?).with(:scope => :user)
+    @controller.user_signed_in?
+  end
+
+  test 'proxy admin_signed_in? to authenticate? with admin scope' do
+    @mock_warden.expects(:authenticate?).with(:scope => :admin)
+    @controller.admin_signed_in?
+  end
+
+  test 'proxy user_session to session scope in warden' do
+    @mock_warden.expects(:authenticate).with(:scope => :user).returns(true)
+    @mock_warden.expects(:session).with(:user).returns({})
+    @controller.user_session
+  end
+
+  test 'proxy admin_session to session scope in warden' do
+    @mock_warden.expects(:authenticate).with(:scope => :admin).returns(true)
+    @mock_warden.expects(:session).with(:admin).returns({})
+    @controller.admin_session
+  end
+
+  test 'sign in proxy to set_user on warden' do
+    user = User.new
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.sign_in(:user, user)
+  end
+
+  test 'sign in accepts a resource as argument' do
+    user = User.new
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.sign_in(user)
+  end
+
+  test 'sign out proxy to logout on warden' do
+    @mock_warden.expects(:user).with(:user).returns(true)
+    @mock_warden.expects(:logout).with(:user).returns(true)
+    @controller.sign_out(:user)
+  end
+
+  test 'sign out accepts a resource as argument' do
+    @mock_warden.expects(:user).with(:user).returns(true)
+    @mock_warden.expects(:logout).with(:user).returns(true)
+    @controller.sign_out(User.new)
+  end
+
+  test 'stored location for returns the location for a given scope' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.session[:"user.return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+  end
+
+  test 'stored location for accepts a resource as argument' do
+    assert_nil @controller.stored_location_for(:user)
+    @controller.session[:"user.return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(User.new)
+  end
+
+  test 'stored location cleans information after reading' do
+    @controller.session[:"user.return_to"] = "/foo.bar"
+    assert_equal "/foo.bar", @controller.stored_location_for(:user)
+    assert_nil @controller.session[:"user.return_to"]
+  end
+
+  test 'after sign in path defaults to root path if none by was specified for the given scope' do
+    assert_equal root_path, @controller.after_sign_in_path_for(:user)
+  end
+
+  test 'after sign in path defaults to the scoped root path' do
+    assert_equal admin_root_path, @controller.after_sign_in_path_for(:admin)
+  end
+
+  test 'after sign out path defaults to the root path' do
+    assert_equal root_path, @controller.after_sign_out_path_for(:admin)
+    assert_equal root_path, @controller.after_sign_out_path_for(:user)
+  end
+
+  test 'sign in and redirect uses the stored location' do
+    user = User.new
+    @controller.session[:"user.return_to"] = "/foo.bar"
+    @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
+    @controller.expects(:redirect_to).with("/foo.bar")
+    @controller.sign_in_and_redirect(user)
+  end
+
+  test 'sign in and redirect uses the configured after sign in path' do
+    admin = Admin.new
+    @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
+    @controller.expects(:redirect_to).with(admin_root_path)
+    @controller.sign_in_and_redirect(admin)
+  end
+
+  test 'only redirect if skip is given' do
+    admin = Admin.new
+    @controller.expects(:redirect_to).with(admin_root_path)
+    @controller.sign_in_and_redirect(:admin, admin, true)
+  end
+
+  test 'sign out and redirect uses the configured after sign out path' do
+    @mock_warden.expects(:user).with(:admin).returns(true)
+    @mock_warden.expects(:logout).with(:admin).returns(true)
+    @controller.expects(:redirect_to).with(admin_root_path)
+    @controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
+    @controller.sign_out_and_redirect(:admin)
+  end
+
+  test 'is not a devise controller' do
+    assert_not @controller.devise_controller?
+  end
+
+  test 'default url options are retrieved from devise' do
+    begin
+      Devise.default_url_options {{ :locale => I18n.locale }}
+      assert_equal({ :locale => :en }, @controller.send(:default_url_options))
+    ensure
+      Devise.default_url_options {{ }}
+    end
+  end
+end

data/test/controllers/internal_helpers_test.rb

@@ -0,0 +1,55 @@
+require 'test/test_helper'
+
+class MyController < ApplicationController
+  include Devise::Controllers::InternalHelpers
+end
+
+class HelpersTest < ActionController::TestCase
+  tests MyController
+
+  test 'get resource name from request path' do
+    @request.path = '/users/session'
+    assert_equal :user, @controller.resource_name
+  end
+
+  test 'get resource name from specific request path' do
+    @request.path = '/admin_area/session'
+    assert_equal :admin, @controller.resource_name
+  end
+
+  test 'get resource class from request path' do
+    @request.path = '/users/session'
+    assert_equal User, @controller.resource_class
+  end
+
+  test 'get resource instance variable from request path' do
+    @request.path = '/admin_area/session'
+    @controller.instance_variable_set(:@admin, admin = Admin.new)
+    assert_equal admin, @controller.resource
+  end
+
+  test 'set resource instance variable from request path' do
+    @request.path = '/admin_area/session'
+
+    admin = @controller.send(:resource_class).new
+    @controller.send(:resource=, admin)
+
+    assert_equal admin, @controller.send(:resource)
+    assert_equal admin, @controller.instance_variable_get(:@admin)
+  end
+
+  test 'resources methods are not controller actions' do
+    assert @controller.class.action_methods.empty?
+  end
+
+  test 'require no authentication tests current mapping' do
+    @controller.expects(:resource_name).returns(:user).twice
+    @mock_warden.expects(:authenticated?).with(:user).returns(true)
+    @controller.expects(:redirect_to).with(root_path)
+    @controller.send :require_no_authentication
+  end
+  
+  test 'is a devise controller' do
+    assert @controller.devise_controller?
+  end
+end

data/test/controllers/url_helpers_test.rb

@@ -0,0 +1,47 @@
+require 'test/test_helper'
+
+class RoutesTest < ActionController::TestCase
+  tests ApplicationController
+
+  def test_path_and_url(name, prepend_path=nil)
+    @request.path = '/users/session'
+    prepend_path = "#{prepend_path}_" if prepend_path
+
+    # Resource param
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user),
+                 send(:"#{prepend_path}user_#{name}_path")
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user),
+                 send(:"#{prepend_path}user_#{name}_url")
+
+    # Default url params
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", :user, :param => 123),
+                 send(:"#{prepend_path}user_#{name}_path", :param => 123)
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", :user, :param => 123),
+                 send(:"#{prepend_path}user_#{name}_url", :param => 123)
+
+    @request.path = nil
+    # With an AR object
+    assert_equal @controller.send(:"#{prepend_path}#{name}_path", User.new),
+                 send(:"#{prepend_path}user_#{name}_path")
+    assert_equal @controller.send(:"#{prepend_path}#{name}_url", User.new),
+                 send(:"#{prepend_path}user_#{name}_url")
+  end
+
+
+  test 'should alias session to mapped user session' do
+    test_path_and_url :session
+    test_path_and_url :session, :new
+    test_path_and_url :session, :destroy
+  end
+
+  test 'should alias password to mapped user password' do
+    test_path_and_url :password
+    test_path_and_url :password, :new
+    test_path_and_url :password, :edit
+  end
+
+  test 'should alias confirmation to mapped user confirmation' do
+    test_path_and_url :confirmation
+    test_path_and_url :confirmation, :new
+  end
+end