nulogy-authlogic 3.1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +3 -0
- data/Gemfile.lock +62 -0
- data/LICENSE +20 -0
- data/README.rdoc +250 -0
- data/Rakefile +50 -0
- data/VERSION.yml +5 -0
- data/authlogic.gemspec +192 -0
- data/generators/session/session_generator.rb +9 -0
- data/generators/session/templates/session.rb +2 -0
- data/init.rb +1 -0
- data/lib/authlogic.rb +64 -0
- data/lib/authlogic/acts_as_authentic/base.rb +109 -0
- data/lib/authlogic/acts_as_authentic/email.rb +110 -0
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +59 -0
- data/lib/authlogic/acts_as_authentic/login.rb +142 -0
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
- data/lib/authlogic/acts_as_authentic/password.rb +355 -0
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +105 -0
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +68 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +61 -0
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +139 -0
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +65 -0
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
- data/lib/authlogic/authenticates_many/association.rb +42 -0
- data/lib/authlogic/authenticates_many/base.rb +54 -0
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +67 -0
- data/lib/authlogic/controller_adapters/merb_adapter.rb +30 -0
- data/lib/authlogic/controller_adapters/rails_adapter.rb +50 -0
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +61 -0
- data/lib/authlogic/crypto_providers/aes256.rb +43 -0
- data/lib/authlogic/crypto_providers/bcrypt.rb +90 -0
- data/lib/authlogic/crypto_providers/md5.rb +34 -0
- data/lib/authlogic/crypto_providers/sha1.rb +35 -0
- data/lib/authlogic/crypto_providers/sha256.rb +50 -0
- data/lib/authlogic/crypto_providers/sha512.rb +50 -0
- data/lib/authlogic/crypto_providers/wordpress.rb +43 -0
- data/lib/authlogic/i18n.rb +84 -0
- data/lib/authlogic/i18n/translator.rb +15 -0
- data/lib/authlogic/random.rb +33 -0
- data/lib/authlogic/regex.rb +25 -0
- data/lib/authlogic/session/activation.rb +58 -0
- data/lib/authlogic/session/active_record_trickery.rb +72 -0
- data/lib/authlogic/session/base.rb +37 -0
- data/lib/authlogic/session/brute_force_protection.rb +96 -0
- data/lib/authlogic/session/callbacks.rb +96 -0
- data/lib/authlogic/session/cookies.rb +182 -0
- data/lib/authlogic/session/existence.rb +93 -0
- data/lib/authlogic/session/foundation.rb +77 -0
- data/lib/authlogic/session/http_auth.rb +99 -0
- data/lib/authlogic/session/id.rb +41 -0
- data/lib/authlogic/session/klass.rb +69 -0
- data/lib/authlogic/session/magic_columns.rb +95 -0
- data/lib/authlogic/session/magic_states.rb +59 -0
- data/lib/authlogic/session/params.rb +101 -0
- data/lib/authlogic/session/password.rb +240 -0
- data/lib/authlogic/session/perishable_token.rb +18 -0
- data/lib/authlogic/session/persistence.rb +70 -0
- data/lib/authlogic/session/priority_record.rb +34 -0
- data/lib/authlogic/session/scopes.rb +101 -0
- data/lib/authlogic/session/session.rb +62 -0
- data/lib/authlogic/session/timeout.rb +82 -0
- data/lib/authlogic/session/unauthorized_record.rb +50 -0
- data/lib/authlogic/session/validation.rb +82 -0
- data/lib/authlogic/test_case.rb +120 -0
- data/lib/authlogic/test_case/mock_controller.rb +55 -0
- data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -0
- data/lib/authlogic/test_case/mock_logger.rb +10 -0
- data/lib/authlogic/test_case/mock_request.rb +19 -0
- data/lib/authlogic/test_case/rails_request_adapter.rb +30 -0
- data/lib/generators/authlogic/USAGE +8 -0
- data/lib/generators/authlogic/session_generator.rb +14 -0
- data/lib/generators/authlogic/templates/session.rb +2 -0
- data/rails/init.rb +1 -0
- data/shoulda_macros/authlogic.rb +69 -0
- data/test/acts_as_authentic_test/base_test.rb +18 -0
- data/test/acts_as_authentic_test/email_test.rb +116 -0
- data/test/acts_as_authentic_test/logged_in_status_test.rb +50 -0
- data/test/acts_as_authentic_test/login_test.rb +116 -0
- data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
- data/test/acts_as_authentic_test/password_test.rb +236 -0
- data/test/acts_as_authentic_test/perishable_token_test.rb +90 -0
- data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
- data/test/acts_as_authentic_test/restful_authentication_test.rb +40 -0
- data/test/acts_as_authentic_test/session_maintenance_test.rb +84 -0
- data/test/acts_as_authentic_test/single_access_test.rb +44 -0
- data/test/authenticates_many_test.rb +16 -0
- data/test/crypto_provider_test/aes256_test.rb +14 -0
- data/test/crypto_provider_test/bcrypt_test.rb +14 -0
- data/test/crypto_provider_test/sha1_test.rb +23 -0
- data/test/crypto_provider_test/sha256_test.rb +14 -0
- data/test/crypto_provider_test/sha512_test.rb +14 -0
- data/test/fixtures/companies.yml +5 -0
- data/test/fixtures/employees.yml +17 -0
- data/test/fixtures/projects.yml +3 -0
- data/test/fixtures/users.yml +24 -0
- data/test/i18n_test.rb +33 -0
- data/test/libs/affiliate.rb +7 -0
- data/test/libs/company.rb +6 -0
- data/test/libs/employee.rb +7 -0
- data/test/libs/employee_session.rb +2 -0
- data/test/libs/ldaper.rb +3 -0
- data/test/libs/ordered_hash.rb +9 -0
- data/test/libs/project.rb +3 -0
- data/test/libs/user.rb +5 -0
- data/test/libs/user_session.rb +5 -0
- data/test/random_test.rb +42 -0
- data/test/session_test/activation_test.rb +43 -0
- data/test/session_test/active_record_trickery_test.rb +46 -0
- data/test/session_test/brute_force_protection_test.rb +101 -0
- data/test/session_test/callbacks_test.rb +54 -0
- data/test/session_test/cookies_test.rb +136 -0
- data/test/session_test/credentials_test.rb +0 -0
- data/test/session_test/existence_test.rb +64 -0
- data/test/session_test/http_auth_test.rb +57 -0
- data/test/session_test/id_test.rb +17 -0
- data/test/session_test/klass_test.rb +40 -0
- data/test/session_test/magic_columns_test.rb +62 -0
- data/test/session_test/magic_states_test.rb +60 -0
- data/test/session_test/params_test.rb +53 -0
- data/test/session_test/password_test.rb +106 -0
- data/test/session_test/perishability_test.rb +15 -0
- data/test/session_test/persistence_test.rb +21 -0
- data/test/session_test/scopes_test.rb +60 -0
- data/test/session_test/session_test.rb +59 -0
- data/test/session_test/timeout_test.rb +52 -0
- data/test/session_test/unauthorized_record_test.rb +13 -0
- data/test/session_test/validation_test.rb +23 -0
- data/test/test_helper.rb +168 -0
- metadata +252 -0
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module ActsAsAuthenticTest
|
|
4
|
+
class MagicColumnsTest < ActiveSupport::TestCase
|
|
5
|
+
def test_validates_numericality_of_login_count
|
|
6
|
+
u = User.new
|
|
7
|
+
u.login_count = -1
|
|
8
|
+
assert !u.valid?
|
|
9
|
+
assert u.errors[:login_count].size > 0
|
|
10
|
+
|
|
11
|
+
u.login_count = 0
|
|
12
|
+
assert !u.valid?
|
|
13
|
+
assert u.errors[:login_count].size == 0
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def test_validates_numericality_of_failed_login_count
|
|
17
|
+
u = User.new
|
|
18
|
+
u.failed_login_count = -1
|
|
19
|
+
assert !u.valid?
|
|
20
|
+
assert u.errors[:failed_login_count].size > 0
|
|
21
|
+
|
|
22
|
+
u.failed_login_count = 0
|
|
23
|
+
assert !u.valid?
|
|
24
|
+
assert u.errors[:failed_login_count].size == 0
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -0,0 +1,236 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module ActsAsAuthenticTest
|
|
4
|
+
class PasswordTest < ActiveSupport::TestCase
|
|
5
|
+
def test_crypted_password_field_config
|
|
6
|
+
assert_equal :crypted_password, User.crypted_password_field
|
|
7
|
+
assert_equal :crypted_password, Employee.crypted_password_field
|
|
8
|
+
|
|
9
|
+
User.crypted_password_field = :nope
|
|
10
|
+
assert_equal :nope, User.crypted_password_field
|
|
11
|
+
User.crypted_password_field :crypted_password
|
|
12
|
+
assert_equal :crypted_password, User.crypted_password_field
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def test_password_salt_field_config
|
|
16
|
+
assert_equal :password_salt, User.password_salt_field
|
|
17
|
+
assert_equal :password_salt, Employee.password_salt_field
|
|
18
|
+
|
|
19
|
+
User.password_salt_field = :nope
|
|
20
|
+
assert_equal :nope, User.password_salt_field
|
|
21
|
+
User.password_salt_field :password_salt
|
|
22
|
+
assert_equal :password_salt, User.password_salt_field
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def test_ignore_blank_passwords_config
|
|
26
|
+
assert User.ignore_blank_passwords
|
|
27
|
+
assert Employee.ignore_blank_passwords
|
|
28
|
+
|
|
29
|
+
User.ignore_blank_passwords = false
|
|
30
|
+
assert !User.ignore_blank_passwords
|
|
31
|
+
User.ignore_blank_passwords true
|
|
32
|
+
assert User.ignore_blank_passwords
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def test_check_passwords_against_database
|
|
36
|
+
assert User.check_passwords_against_database
|
|
37
|
+
User.check_passwords_against_database = false
|
|
38
|
+
assert !User.check_passwords_against_database
|
|
39
|
+
User.check_passwords_against_database true
|
|
40
|
+
assert User.check_passwords_against_database
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def test_validate_password_field_config
|
|
44
|
+
assert User.validate_password_field
|
|
45
|
+
assert Employee.validate_password_field
|
|
46
|
+
|
|
47
|
+
User.validate_password_field = false
|
|
48
|
+
assert !User.validate_password_field
|
|
49
|
+
User.validate_password_field true
|
|
50
|
+
assert User.validate_password_field
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
def test_validates_length_of_password_field_options_config
|
|
54
|
+
default = {:minimum => 4, :if => :require_password?}
|
|
55
|
+
assert_equal default, User.validates_length_of_password_field_options
|
|
56
|
+
assert_equal default, Employee.validates_length_of_password_field_options
|
|
57
|
+
|
|
58
|
+
User.validates_length_of_password_field_options = {:yes => "no"}
|
|
59
|
+
assert_equal({:yes => "no"}, User.validates_length_of_password_field_options)
|
|
60
|
+
User.validates_length_of_password_field_options default
|
|
61
|
+
assert_equal default, User.validates_length_of_password_field_options
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def test_validates_confirmation_of_password_field_options_config
|
|
65
|
+
default = {:if => :require_password?}
|
|
66
|
+
assert_equal default, User.validates_confirmation_of_password_field_options
|
|
67
|
+
assert_equal default, Employee.validates_confirmation_of_password_field_options
|
|
68
|
+
|
|
69
|
+
User.validates_confirmation_of_password_field_options = {:yes => "no"}
|
|
70
|
+
assert_equal({:yes => "no"}, User.validates_confirmation_of_password_field_options)
|
|
71
|
+
User.validates_confirmation_of_password_field_options default
|
|
72
|
+
assert_equal default, User.validates_confirmation_of_password_field_options
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def test_validates_length_of_password_confirmation_field_options_config
|
|
76
|
+
default = {:minimum => 4, :if => :require_password?}
|
|
77
|
+
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
|
78
|
+
assert_equal default, Employee.validates_length_of_password_confirmation_field_options
|
|
79
|
+
|
|
80
|
+
User.validates_length_of_password_confirmation_field_options = {:yes => "no"}
|
|
81
|
+
assert_equal({:yes => "no"}, User.validates_length_of_password_confirmation_field_options)
|
|
82
|
+
User.validates_length_of_password_confirmation_field_options default
|
|
83
|
+
assert_equal default, User.validates_length_of_password_confirmation_field_options
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def test_crypto_provider_config
|
|
87
|
+
assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
|
|
88
|
+
assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
|
|
89
|
+
|
|
90
|
+
User.crypto_provider = Authlogic::CryptoProviders::BCrypt
|
|
91
|
+
assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
|
|
92
|
+
User.crypto_provider Authlogic::CryptoProviders::Sha512
|
|
93
|
+
assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def test_transition_from_crypto_providers_config
|
|
97
|
+
assert_equal [], User.transition_from_crypto_providers
|
|
98
|
+
assert_equal [], Employee.transition_from_crypto_providers
|
|
99
|
+
|
|
100
|
+
User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
|
|
101
|
+
assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
|
|
102
|
+
User.transition_from_crypto_providers []
|
|
103
|
+
assert_equal [], User.transition_from_crypto_providers
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
def test_validates_length_of_password
|
|
107
|
+
u = User.new
|
|
108
|
+
u.password_confirmation = "test2"
|
|
109
|
+
assert !u.valid?
|
|
110
|
+
assert u.errors[:password].size > 0
|
|
111
|
+
|
|
112
|
+
u.password = "test"
|
|
113
|
+
assert !u.valid?
|
|
114
|
+
assert u.errors[:password_confirmation].size == 0
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
def test_validates_confirmation_of_password
|
|
118
|
+
u = User.new
|
|
119
|
+
u.password = "test"
|
|
120
|
+
u.password_confirmation = "test2"
|
|
121
|
+
assert !u.valid?
|
|
122
|
+
assert u.errors[:password].size > 0
|
|
123
|
+
|
|
124
|
+
u.password_confirmation = "test"
|
|
125
|
+
assert !u.valid?
|
|
126
|
+
assert u.errors[:password].size == 0
|
|
127
|
+
end
|
|
128
|
+
|
|
129
|
+
def test_validates_length_of_password_confirmation
|
|
130
|
+
u = User.new
|
|
131
|
+
|
|
132
|
+
u.password = "test"
|
|
133
|
+
u.password_confirmation = ""
|
|
134
|
+
assert !u.valid?
|
|
135
|
+
assert u.errors[:password_confirmation].size > 0
|
|
136
|
+
|
|
137
|
+
u.password_confirmation = "test"
|
|
138
|
+
assert !u.valid?
|
|
139
|
+
assert u.errors[:password_confirmation].size == 0
|
|
140
|
+
|
|
141
|
+
ben = users(:ben)
|
|
142
|
+
assert ben.valid?
|
|
143
|
+
|
|
144
|
+
ben.password = "newpass"
|
|
145
|
+
assert !ben.valid?
|
|
146
|
+
assert ben.errors[:password_confirmation].size > 0
|
|
147
|
+
|
|
148
|
+
ben.password_confirmation = "newpass"
|
|
149
|
+
assert ben.valid?
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
def test_password
|
|
153
|
+
u = User.new
|
|
154
|
+
old_password_salt = u.password_salt
|
|
155
|
+
old_crypted_password = u.crypted_password
|
|
156
|
+
u.password = "test"
|
|
157
|
+
assert_not_equal old_password_salt, u.password_salt
|
|
158
|
+
assert_not_equal old_crypted_password, u.crypted_password
|
|
159
|
+
end
|
|
160
|
+
|
|
161
|
+
def test_transitioning_password
|
|
162
|
+
ben = users(:ben)
|
|
163
|
+
transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
|
|
164
|
+
transition_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
|
|
165
|
+
transition_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
def test_checks_password_against_database
|
|
169
|
+
ben = users(:ben)
|
|
170
|
+
ben.password = "new pass"
|
|
171
|
+
assert !ben.valid_password?("new pass")
|
|
172
|
+
assert ben.valid_password?("benrocks")
|
|
173
|
+
end
|
|
174
|
+
|
|
175
|
+
def test_checks_password_against_database_and_always_fails_on_new_records
|
|
176
|
+
user = User.new
|
|
177
|
+
user.password = "new pass"
|
|
178
|
+
assert !user.valid_password?("new pass")
|
|
179
|
+
end
|
|
180
|
+
|
|
181
|
+
def test_checks_password_against_object
|
|
182
|
+
ben = users(:ben)
|
|
183
|
+
ben.password = "new pass"
|
|
184
|
+
assert ben.valid_password?("new pass", false)
|
|
185
|
+
assert !ben.valid_password?("benrocks", false)
|
|
186
|
+
end
|
|
187
|
+
|
|
188
|
+
def test_reset_password
|
|
189
|
+
ben = users(:ben)
|
|
190
|
+
old_crypted_password = ben.crypted_password
|
|
191
|
+
old_password_salt = ben.password_salt
|
|
192
|
+
|
|
193
|
+
# soft reset
|
|
194
|
+
ben.reset_password
|
|
195
|
+
assert_not_equal old_crypted_password, ben.crypted_password
|
|
196
|
+
assert_not_equal old_password_salt, ben.password_salt
|
|
197
|
+
|
|
198
|
+
# make sure it didn't go into the db
|
|
199
|
+
ben.reload
|
|
200
|
+
assert_equal old_crypted_password, ben.crypted_password
|
|
201
|
+
assert_equal old_password_salt, ben.password_salt
|
|
202
|
+
|
|
203
|
+
# hard reset
|
|
204
|
+
assert ben.reset_password!
|
|
205
|
+
assert_not_equal old_crypted_password, ben.crypted_password
|
|
206
|
+
assert_not_equal old_password_salt, ben.password_salt
|
|
207
|
+
|
|
208
|
+
# make sure it did go into the db
|
|
209
|
+
ben.reload
|
|
210
|
+
assert_not_equal old_crypted_password, ben.crypted_password
|
|
211
|
+
assert_not_equal old_password_salt, ben.password_salt
|
|
212
|
+
end
|
|
213
|
+
|
|
214
|
+
private
|
|
215
|
+
def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
|
|
216
|
+
records = [records] unless records.is_a?(Array)
|
|
217
|
+
User.acts_as_authentic do |c|
|
|
218
|
+
c.crypto_provider = crypto_provider
|
|
219
|
+
c.transition_from_crypto_providers = from_crypto_providers
|
|
220
|
+
end
|
|
221
|
+
records.each do |record|
|
|
222
|
+
old_hash = record.crypted_password
|
|
223
|
+
old_persistence_token = record.persistence_token
|
|
224
|
+
assert record.valid_password?(password_for(record))
|
|
225
|
+
assert_not_equal old_hash.to_s, record.crypted_password.to_s
|
|
226
|
+
assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
|
|
227
|
+
|
|
228
|
+
old_hash = record.crypted_password
|
|
229
|
+
old_persistence_token = record.persistence_token
|
|
230
|
+
assert record.valid_password?(password_for(record))
|
|
231
|
+
assert_equal old_hash.to_s, record.crypted_password.to_s
|
|
232
|
+
assert_equal old_persistence_token.to_s, record.persistence_token.to_s
|
|
233
|
+
end
|
|
234
|
+
end
|
|
235
|
+
end
|
|
236
|
+
end
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module ActsAsAuthenticTest
|
|
4
|
+
class PerishableTokenTest < ActiveSupport::TestCase
|
|
5
|
+
def test_perishable_token_valid_for_config
|
|
6
|
+
assert_equal 10.minutes.to_i, User.perishable_token_valid_for
|
|
7
|
+
assert_equal 10.minutes.to_i, Employee.perishable_token_valid_for
|
|
8
|
+
|
|
9
|
+
User.perishable_token_valid_for = 1.hour
|
|
10
|
+
assert_equal 1.hour.to_i, User.perishable_token_valid_for
|
|
11
|
+
User.perishable_token_valid_for 10.minutes
|
|
12
|
+
assert_equal 10.minutes.to_i, User.perishable_token_valid_for
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def test_disable_perishable_token_maintenance_config
|
|
16
|
+
assert !User.disable_perishable_token_maintenance
|
|
17
|
+
assert !Employee.disable_perishable_token_maintenance
|
|
18
|
+
|
|
19
|
+
User.disable_perishable_token_maintenance = true
|
|
20
|
+
assert User.disable_perishable_token_maintenance
|
|
21
|
+
User.disable_perishable_token_maintenance false
|
|
22
|
+
assert !User.disable_perishable_token_maintenance
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def test_validates_uniqueness_of_perishable_token
|
|
26
|
+
u = User.new
|
|
27
|
+
u.perishable_token = users(:ben).perishable_token
|
|
28
|
+
assert !u.valid?
|
|
29
|
+
assert u.errors[:perishable_token].size > 0
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def test_before_save_reset_perishable_token
|
|
33
|
+
ben = users(:ben)
|
|
34
|
+
old_perishable_token = ben.perishable_token
|
|
35
|
+
assert ben.save
|
|
36
|
+
assert_not_equal old_perishable_token, ben.perishable_token
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def test_reset_perishable_token
|
|
40
|
+
ben = users(:ben)
|
|
41
|
+
old_perishable_token = ben.perishable_token
|
|
42
|
+
|
|
43
|
+
assert ben.reset_perishable_token
|
|
44
|
+
assert_not_equal old_perishable_token, ben.perishable_token
|
|
45
|
+
|
|
46
|
+
ben.reload
|
|
47
|
+
assert_equal old_perishable_token, ben.perishable_token
|
|
48
|
+
|
|
49
|
+
assert ben.reset_perishable_token!
|
|
50
|
+
assert_not_equal old_perishable_token, ben.perishable_token
|
|
51
|
+
|
|
52
|
+
ben.reload
|
|
53
|
+
assert_not_equal old_perishable_token, ben.perishable_token
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def test_find_using_perishable_token
|
|
57
|
+
ben = users(:ben)
|
|
58
|
+
assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def test_find_using_perishable_token_when_perished
|
|
62
|
+
ben = users(:ben)
|
|
63
|
+
ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}")
|
|
64
|
+
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def test_find_using_perishable_token_when_perished
|
|
68
|
+
User.perishable_token_valid_for = 1.minute
|
|
69
|
+
ben = users(:ben)
|
|
70
|
+
ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}")
|
|
71
|
+
assert_nil User.find_using_perishable_token(ben.perishable_token)
|
|
72
|
+
User.perishable_token_valid_for = 10.minutes
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def test_find_using_perishable_token_when_passing_threshold
|
|
76
|
+
User.perishable_token_valid_for = 1.minute
|
|
77
|
+
ben = users(:ben)
|
|
78
|
+
ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}")
|
|
79
|
+
assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
|
|
80
|
+
assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
|
|
81
|
+
User.perishable_token_valid_for = 10.minutes
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def test_find_perishable_token_with_bang
|
|
85
|
+
assert_raises ActiveRecord::RecordNotFound do
|
|
86
|
+
User.find_using_perishable_token!('some_bad_value')
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
end
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module ActsAsAuthenticTest
|
|
4
|
+
class PersistenceTokenTest < ActiveSupport::TestCase
|
|
5
|
+
def test_after_password_set_reset_persistence_token
|
|
6
|
+
ben = users(:ben)
|
|
7
|
+
old_persistence_token = ben.persistence_token
|
|
8
|
+
ben.password = "newpass"
|
|
9
|
+
assert_not_equal old_persistence_token, ben.persistence_token
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def test_after_password_verification_reset_persistence_token
|
|
13
|
+
ben = users(:ben)
|
|
14
|
+
old_persistence_token = ben.persistence_token
|
|
15
|
+
assert ben.valid_password?(password_for(ben))
|
|
16
|
+
assert_equal old_persistence_token, ben.persistence_token
|
|
17
|
+
|
|
18
|
+
# only update it if it is nil
|
|
19
|
+
assert ben.update_attribute(:persistence_token, nil)
|
|
20
|
+
assert ben.valid_password?(password_for(ben))
|
|
21
|
+
assert_not_equal old_persistence_token, ben.persistence_token
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def test_before_validate_reset_persistence_token
|
|
25
|
+
u = User.new
|
|
26
|
+
assert !u.valid?
|
|
27
|
+
assert_not_nil u.persistence_token
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def test_forget_all
|
|
31
|
+
http_basic_auth_for(users(:ben)) { UserSession.find }
|
|
32
|
+
http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
|
|
33
|
+
assert UserSession.find
|
|
34
|
+
assert UserSession.find(:ziggity_zack)
|
|
35
|
+
User.forget_all
|
|
36
|
+
assert !UserSession.find
|
|
37
|
+
assert !UserSession.find(:ziggity_zack)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def test_forget
|
|
41
|
+
ben = users(:ben)
|
|
42
|
+
zack = users(:zack)
|
|
43
|
+
http_basic_auth_for(ben) { UserSession.find }
|
|
44
|
+
http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
|
|
45
|
+
|
|
46
|
+
assert ben.reload.logged_in?
|
|
47
|
+
assert zack.reload.logged_in?
|
|
48
|
+
|
|
49
|
+
ben.forget!
|
|
50
|
+
|
|
51
|
+
assert !UserSession.find
|
|
52
|
+
assert UserSession.find(:ziggity_zack)
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
end
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
module ActsAsAuthenticTest
|
|
4
|
+
class RestfulAuthenticationTest < ActiveSupport::TestCase
|
|
5
|
+
def test_act_like_restful_authentication_config
|
|
6
|
+
assert !User.act_like_restful_authentication
|
|
7
|
+
assert !Employee.act_like_restful_authentication
|
|
8
|
+
|
|
9
|
+
User.act_like_restful_authentication = true
|
|
10
|
+
assert User.act_like_restful_authentication
|
|
11
|
+
assert_equal Authlogic::CryptoProviders::Sha1, User.crypto_provider
|
|
12
|
+
assert defined?(::REST_AUTH_SITE_KEY)
|
|
13
|
+
assert_equal '', ::REST_AUTH_SITE_KEY
|
|
14
|
+
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
|
15
|
+
|
|
16
|
+
User.act_like_restful_authentication false
|
|
17
|
+
assert !User.act_like_restful_authentication
|
|
18
|
+
|
|
19
|
+
User.crypto_provider = Authlogic::CryptoProviders::Sha512
|
|
20
|
+
User.transition_from_crypto_providers = []
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def test_transition_from_restful_authentication_config
|
|
24
|
+
assert !User.transition_from_restful_authentication
|
|
25
|
+
assert !Employee.transition_from_restful_authentication
|
|
26
|
+
|
|
27
|
+
User.transition_from_restful_authentication = true
|
|
28
|
+
assert User.transition_from_restful_authentication
|
|
29
|
+
assert defined?(::REST_AUTH_SITE_KEY)
|
|
30
|
+
assert_equal '', ::REST_AUTH_SITE_KEY
|
|
31
|
+
assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
|
|
32
|
+
|
|
33
|
+
User.transition_from_restful_authentication false
|
|
34
|
+
assert !User.transition_from_restful_authentication
|
|
35
|
+
|
|
36
|
+
User.crypto_provider = Authlogic::CryptoProviders::Sha512
|
|
37
|
+
User.transition_from_crypto_providers = []
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|