quo_vadis 1.3.1 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (126) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +11 -8
  3. data/CHANGELOG.md +26 -0
  4. data/Gemfile +14 -1
  5. data/Gemfile.lock +178 -0
  6. data/LICENSE.txt +21 -0
  7. data/README.md +435 -127
  8. data/Rakefile +14 -16
  9. data/app/controllers/quo_vadis/confirmations_controller.rb +56 -0
  10. data/app/controllers/quo_vadis/logs_controller.rb +20 -0
  11. data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
  12. data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
  13. data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
  14. data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
  15. data/app/controllers/quo_vadis/totps_controller.rb +72 -0
  16. data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
  17. data/app/mailers/quo_vadis/mailer.rb +73 -0
  18. data/app/models/quo_vadis/account.rb +59 -0
  19. data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
  20. data/app/models/quo_vadis/log.rb +57 -0
  21. data/app/models/quo_vadis/password.rb +52 -0
  22. data/app/models/quo_vadis/password_reset_token.rb +17 -0
  23. data/app/models/quo_vadis/recovery_code.rb +26 -0
  24. data/app/models/quo_vadis/session.rb +55 -0
  25. data/app/models/quo_vadis/token.rb +42 -0
  26. data/app/models/quo_vadis/totp.rb +56 -0
  27. data/bin/console +15 -0
  28. data/bin/rails +21 -0
  29. data/bin/setup +8 -0
  30. data/config/locales/quo_vadis.en.yml +51 -18
  31. data/config/routes.rb +40 -12
  32. data/db/migrate/202102150904_setup.rb +48 -0
  33. data/lib/generators/quo_vadis/install_generator.rb +4 -23
  34. data/lib/quo_vadis.rb +100 -106
  35. data/lib/quo_vadis/controller.rb +227 -0
  36. data/lib/quo_vadis/crypt.rb +43 -0
  37. data/lib/quo_vadis/current_request_details.rb +11 -0
  38. data/lib/quo_vadis/defaults.rb +18 -0
  39. data/lib/quo_vadis/encrypted_type.rb +17 -0
  40. data/lib/quo_vadis/engine.rb +9 -11
  41. data/lib/quo_vadis/hmacable.rb +26 -0
  42. data/lib/quo_vadis/ip_masking.rb +31 -0
  43. data/lib/quo_vadis/model.rb +86 -0
  44. data/lib/quo_vadis/version.rb +3 -1
  45. data/quo_vadis.gemspec +18 -24
  46. metadata +49 -229
  47. data/app/controllers/controller_mixin.rb +0 -109
  48. data/app/mailers/quo_vadis/notifier.rb +0 -30
  49. data/app/models/model_mixin.rb +0 -128
  50. data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
  51. data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
  52. data/test/dummy/.gitignore +0 -2
  53. data/test/dummy/Rakefile +0 -7
  54. data/test/dummy/app/controllers/application_controller.rb +0 -3
  55. data/test/dummy/app/controllers/articles_controller.rb +0 -20
  56. data/test/dummy/app/controllers/users_controller.rb +0 -17
  57. data/test/dummy/app/helpers/application_helper.rb +0 -2
  58. data/test/dummy/app/helpers/articles_helper.rb +0 -2
  59. data/test/dummy/app/models/article.rb +0 -2
  60. data/test/dummy/app/models/person.rb +0 -3
  61. data/test/dummy/app/models/user.rb +0 -3
  62. data/test/dummy/app/views/articles/index.html.erb +0 -1
  63. data/test/dummy/app/views/articles/new.html.erb +0 -11
  64. data/test/dummy/app/views/layouts/application.html.erb +0 -30
  65. data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
  66. data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
  67. data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
  68. data/test/dummy/app/views/sessions/edit.html.erb +0 -11
  69. data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
  70. data/test/dummy/app/views/sessions/invite.html.erb +0 -31
  71. data/test/dummy/app/views/sessions/new.html.erb +0 -15
  72. data/test/dummy/app/views/users/new.html.erb +0 -14
  73. data/test/dummy/config.ru +0 -4
  74. data/test/dummy/config/application.rb +0 -21
  75. data/test/dummy/config/boot.rb +0 -10
  76. data/test/dummy/config/database.yml +0 -22
  77. data/test/dummy/config/environment.rb +0 -5
  78. data/test/dummy/config/environments/development.rb +0 -26
  79. data/test/dummy/config/environments/production.rb +0 -49
  80. data/test/dummy/config/environments/test.rb +0 -37
  81. data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
  82. data/test/dummy/config/initializers/inflections.rb +0 -10
  83. data/test/dummy/config/initializers/mime_types.rb +0 -5
  84. data/test/dummy/config/initializers/quo_vadis.rb +0 -84
  85. data/test/dummy/config/initializers/rack_patch.rb +0 -16
  86. data/test/dummy/config/initializers/secret_token.rb +0 -7
  87. data/test/dummy/config/initializers/session_store.rb +0 -8
  88. data/test/dummy/config/locales/en.yml +0 -5
  89. data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
  90. data/test/dummy/config/routes.rb +0 -5
  91. data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
  92. data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
  93. data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
  94. data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
  95. data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
  96. data/test/dummy/db/schema.rb +0 -33
  97. data/test/dummy/public/404.html +0 -26
  98. data/test/dummy/public/422.html +0 -26
  99. data/test/dummy/public/500.html +0 -26
  100. data/test/dummy/public/favicon.ico +0 -0
  101. data/test/dummy/public/javascripts/application.js +0 -2
  102. data/test/dummy/public/javascripts/controls.js +0 -965
  103. data/test/dummy/public/javascripts/dragdrop.js +0 -974
  104. data/test/dummy/public/javascripts/effects.js +0 -1123
  105. data/test/dummy/public/javascripts/prototype.js +0 -6001
  106. data/test/dummy/public/javascripts/rails.js +0 -175
  107. data/test/dummy/public/stylesheets/.gitkeep +0 -0
  108. data/test/dummy/script/rails +0 -6
  109. data/test/integration/activation_test.rb +0 -108
  110. data/test/integration/authenticate_test.rb +0 -39
  111. data/test/integration/blocked_test.rb +0 -23
  112. data/test/integration/config_test.rb +0 -132
  113. data/test/integration/cookie_test.rb +0 -67
  114. data/test/integration/csrf_test.rb +0 -41
  115. data/test/integration/forgotten_test.rb +0 -93
  116. data/test/integration/helper_test.rb +0 -18
  117. data/test/integration/locale_test.rb +0 -197
  118. data/test/integration/navigation_test.rb +0 -7
  119. data/test/integration/sign_in_person_test.rb +0 -26
  120. data/test/integration/sign_in_test.rb +0 -24
  121. data/test/integration/sign_out_test.rb +0 -20
  122. data/test/integration/sign_up_test.rb +0 -21
  123. data/test/quo_vadis_test.rb +0 -7
  124. data/test/support/integration_case.rb +0 -11
  125. data/test/test_helper.rb +0 -88
  126. data/test/unit/user_test.rb +0 -75
@@ -1,24 +0,0 @@
1
- require 'test_helper'
2
-
3
- class SignInTest < ActiveSupport::IntegrationCase
4
-
5
- test 'failed sign in' do
6
- sign_in_as 'bob', 'secret'
7
-
8
- assert_equal sign_in_path, current_path
9
- within '.flash.alert' do
10
- assert page.has_content?('Sorry, we did not recognise you.')
11
- end
12
- end
13
-
14
- test 'successful sign in' do
15
- user_factory 'Bob', 'bob', 'secret'
16
- sign_in_as 'bob', 'secret'
17
-
18
- assert_equal root_path, current_path
19
- within '.flash.notice' do
20
- assert page.has_content?('You have successfully signed in.')
21
- end
22
- end
23
-
24
- end
@@ -1,20 +0,0 @@
1
- require 'test_helper'
2
-
3
- class SignOutTest < ActiveSupport::IntegrationCase
4
-
5
- teardown do
6
- Capybara.reset_sessions!
7
- end
8
-
9
- test 'sign out' do
10
- user_factory 'Bob', 'bob', 'secret'
11
- sign_in_as 'bob', 'secret'
12
- visit sign_out_path
13
-
14
- assert_equal root_path, current_path
15
- within '.flash.notice' do
16
- assert page.has_content?('You have successfully signed out.')
17
- end
18
- end
19
-
20
- end
@@ -1,21 +0,0 @@
1
- require 'test_helper'
2
-
3
- class SignUpTest < ActiveSupport::IntegrationCase
4
-
5
- test 'sign in of a just-signed-up user' do
6
- visit new_user_path
7
- fill_in 'user_name', :with => 'Robert'
8
- fill_in 'user_username', :with => 'bob'
9
- fill_in 'user_password', :with => 'secret'
10
- click_button 'Sign up'
11
-
12
- assert_equal root_path, current_path
13
-
14
- within '.flash.notice' do
15
- assert page.has_content?('You have signed up!')
16
- end
17
-
18
- assert page.has_content?('You are signed in as Robert')
19
- end
20
-
21
- end
@@ -1,7 +0,0 @@
1
- require 'test_helper'
2
-
3
- class QuoVadisTest < ActiveSupport::TestCase
4
- test 'Sanity test' do
5
- assert_kind_of Module, QuoVadis
6
- end
7
- end
@@ -1,11 +0,0 @@
1
- # Define a bare test case to use with Capybara
2
- class ActiveSupport::IntegrationCase < ActiveSupport::TestCase
3
- include Capybara::DSL
4
- include Rails.application.routes.url_helpers
5
-
6
- teardown do
7
- Capybara.reset_sessions!
8
- reset_quo_vadis_configuration
9
- end
10
-
11
- end
data/test/test_helper.rb DELETED
@@ -1,88 +0,0 @@
1
- # Configure Rails Envinronment
2
- ENV["RAILS_ENV"] = "test"
3
-
4
- require File.expand_path("../dummy/config/environment.rb", __FILE__)
5
- require "rails/test_help"
6
-
7
- ActionMailer::Base.delivery_method = :test
8
- ActionMailer::Base.perform_deliveries = true
9
- ActionMailer::Base.default_url_options[:host] = "www.example.com"
10
-
11
- Rails.backtrace_cleaner.remove_silencers!
12
-
13
- # Configure capybara for integration testing
14
- require "capybara/rails"
15
- Capybara.default_driver = :rack_test
16
- Capybara.default_selector = :css
17
-
18
- # Run any available migration
19
- ActiveRecord::Migrator.migrate File.expand_path("../dummy/db/migrate/", __FILE__)
20
-
21
- # Load support files
22
- Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
23
-
24
- #
25
- # Common methods
26
- #
27
-
28
- def sign_in_as(username, password)
29
- visit sign_in_path
30
- fill_in 'username', :with => username
31
- fill_in 'password', :with => password
32
- click_button 'Sign in'
33
- end
34
-
35
- def submit_forgotten_details(username)
36
- visit forgotten_sign_in_path
37
- fill_in 'username', :with => username
38
- click_button 'Send me that email'
39
- end
40
-
41
- def user_factory(name, username, password, email = nil)
42
- User.create! :name => name, :username => username, :password => password, :email => email
43
- end
44
-
45
- def person_factory(name, username, password, email = nil)
46
- Person.create! :name => name, :username => username, :password => password, :email => email
47
- end
48
-
49
- def reset_quo_vadis_configuration
50
- QuoVadis.signed_in_url = :root
51
- QuoVadis.cookie_domain = :all
52
- QuoVadis.override_original_url = false
53
- QuoVadis.signed_out_url = :root
54
- QuoVadis.signed_in_hook = nil
55
- QuoVadis.failed_sign_in_hook = nil
56
- QuoVadis.signed_out_hook = nil
57
- QuoVadis.layout = 'application'
58
- QuoVadis.from = 'noreply@example.com'
59
- QuoVadis.subject_change_password = 'Change your password'
60
- QuoVadis.subject_invitation = 'Activate your account'
61
- QuoVadis.remember_for = 2.weeks
62
- QuoVadis.blocked = false
63
- end
64
-
65
-
66
- #
67
- # Code below from https://github.com/nruth/show_me_the_cookies
68
- #
69
-
70
- def delete_cookie(cookie_name)
71
- cookie_jar.instance_variable_get(:@cookies).reject! do |existing_cookie|
72
- existing_cookie.name.downcase == cookie_name
73
- end
74
- end
75
-
76
- def get_cookie(cookie_name)
77
- cookie_jar.instance_variable_get(:@cookies).select do |existing_cookie|
78
- existing_cookie.name.downcase == cookie_name
79
- end.first
80
- end
81
-
82
- def cookie_jar
83
- Capybara.current_session.driver.browser.current_session.instance_variable_get(:@rack_mock_session).cookie_jar
84
- end
85
-
86
- def close_browser
87
- delete_cookie Rails.application.config.session_options[:key]
88
- end
@@ -1,75 +0,0 @@
1
- require 'test_helper'
2
-
3
- class UserTest < ActiveSupport::TestCase
4
-
5
- test 'user must have a unique username' do
6
- User.create :username => 'bob', :password => 'secret'
7
- assert User.new(:username => 'bob', :password => 'secret').invalid?
8
- assert User.new(:username => 'Bob', :password => 'secret').invalid?
9
- end
10
-
11
- test 'user must have a valid password on create' do
12
- assert User.create(:username => 'bob', :password => nil).invalid?
13
- assert User.create(:username => 'bob', :password => '').invalid?
14
- assert User.create(:username => 'bob', :password => 'secret').valid?
15
- end
16
-
17
- test 'user need not supply password when updating other attributes' do
18
- User.create :username => 'bob', :password => 'secret'
19
- user = User.last # reload from database so password is nil
20
- assert_nil user.password
21
- assert user.update_attributes(:username => 'Robert')
22
- assert user.update_attributes(:username => 'Robert', :password => nil)
23
- assert user.update_attributes(:username => 'Robert', :password => '')
24
- assert User.last.has_matching_password?('secret')
25
- end
26
-
27
- test 'user must have a valid password when updating password' do
28
- user = User.create :username => 'bob', :password => 'secret'
29
- assert user.update_attributes(:password => 'topsecret')
30
- end
31
-
32
- test 'has_matching_password?' do
33
- User.create :username => 'bob', :password => 'secret'
34
- user = User.last
35
- assert user.has_matching_password?('secret')
36
- end
37
-
38
- test 'conditional validation' do
39
- user = User.new
40
- user.class_eval <<-END
41
- def should_authenticate?
42
- username == 'bob'
43
- end
44
- END
45
- user.username = 'bob'
46
- assert user.invalid?
47
-
48
- user.username = 'robert'
49
- assert user.valid?
50
-
51
- user.username = nil
52
- assert user.valid?
53
- end
54
-
55
- test 'create for activation' do
56
- user = User.new_for_activation :name => 'Bob'
57
- assert user.valid?
58
-
59
- user = User.new_for_activation :name => 'John', :username => 'john', :password => 'secret'
60
- assert user.valid?
61
- assert_not_equal 'john', user.username
62
- assert_not_equal 'secret', user.password
63
- end
64
-
65
- test 'ignore blank usernames when authenticating' do
66
- user = User.new :username => '', :password => ''
67
- user.class_eval <<-END
68
- def should_authenticate?; false end
69
- END
70
- user.save!
71
-
72
- assert_equal nil, User.authenticate('', '')
73
- end
74
-
75
- end