quo_vadis 2.0.0 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CHANGELOG.md +7 -0
- data/Gemfile +0 -3
- data/README.md +4 -5
- data/lib/quo_vadis/version.rb +1 -1
- data/quo_vadis.gemspec +5 -3
- data/test/dummy/README.markdown +1 -0
- data/test/dummy/Rakefile +3 -0
- data/test/dummy/app/controllers/application_controller.rb +2 -0
- data/test/dummy/app/controllers/articles_controller.rb +17 -0
- data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
- data/test/dummy/app/controllers/users_controller.rb +25 -0
- data/test/dummy/app/models/application_record.rb +3 -0
- data/test/dummy/app/models/article.rb +3 -0
- data/test/dummy/app/models/person.rb +6 -0
- data/test/dummy/app/models/user.rb +6 -0
- data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
- data/test/dummy/app/views/articles/index.html.erb +1 -0
- data/test/dummy/app/views/articles/secret.html.erb +1 -0
- data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
- data/test/dummy/app/views/layouts/application.html.erb +46 -0
- data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
- data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +5 -0
- data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
- data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
- data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
- data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
- data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
- data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
- data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
- data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
- data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
- data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
- data/test/dummy/app/views/users/new.html.erb +37 -0
- data/test/dummy/config.ru +7 -0
- data/test/dummy/config/application.rb +30 -0
- data/test/dummy/config/boot.rb +4 -0
- data/test/dummy/config/database.yml +10 -0
- data/test/dummy/config/environment.rb +4 -0
- data/test/dummy/config/initializers/quo_vadis.rb +7 -0
- data/test/dummy/config/routes.rb +13 -0
- data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
- data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
- data/test/dummy/db/schema.rb +92 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
- data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
- data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
- data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
- data/test/integration/account_confirmation_test.rb +112 -0
- data/test/integration/controller_test.rb +280 -0
- data/test/integration/logging_test.rb +235 -0
- data/test/integration/password_change_test.rb +93 -0
- data/test/integration/password_login_test.rb +125 -0
- data/test/integration/password_reset_test.rb +136 -0
- data/test/integration/recovery_codes_test.rb +48 -0
- data/test/integration/sessions_test.rb +86 -0
- data/test/integration/sign_up_test.rb +35 -0
- data/test/integration/totps_test.rb +96 -0
- data/test/integration/twofa_test.rb +82 -0
- data/test/mailers/mailer_test.rb +200 -0
- data/test/models/account_test.rb +34 -0
- data/test/models/crypt_test.rb +22 -0
- data/test/models/log_test.rb +16 -0
- data/test/models/mask_ip_test.rb +27 -0
- data/test/models/model_test.rb +66 -0
- data/test/models/password_test.rb +163 -0
- data/test/models/recovery_code_test.rb +54 -0
- data/test/models/session_test.rb +67 -0
- data/test/models/token_test.rb +70 -0
- data/test/models/totp_test.rb +68 -0
- data/test/quo_vadis_test.rb +43 -0
- data/test/test_helper.rb +58 -0
- metadata +119 -4
- data/Gemfile.lock +0 -178
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class RecoveryCodeTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
setup do
|
|
6
|
+
@user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
7
|
+
@rc = QuoVadis::RecoveryCode.new(account: @user.qv_account).tap &:save!
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
test 'code can be retrieved initially' do
|
|
12
|
+
assert_equal 11, @rc.code.length
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
test 'code does not change' do
|
|
17
|
+
code = @rc.code
|
|
18
|
+
@rc.valid?
|
|
19
|
+
assert_equal code, @rc.code
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
test 'code not available after finding' do
|
|
24
|
+
rc = QuoVadis::RecoveryCode.find @rc.id
|
|
25
|
+
assert_nil rc.code
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
test 'authenticate' do
|
|
30
|
+
code = @rc.code
|
|
31
|
+
refute @rc.authenticate_code 'wrong'
|
|
32
|
+
assert @rc.authenticate_code code
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
test 'recovery code is destroyed after successful use' do
|
|
37
|
+
code = @rc.code
|
|
38
|
+
assert @rc.authenticate_code code
|
|
39
|
+
assert @rc.destroyed?
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
test 'generate a fresh set of codes' do
|
|
43
|
+
account = @user.qv_account
|
|
44
|
+
codes = []
|
|
45
|
+
assert_difference 'QuoVadis::RecoveryCode.count', 5 do
|
|
46
|
+
codes = account.generate_recovery_codes
|
|
47
|
+
end
|
|
48
|
+
assert_equal 5, codes.length
|
|
49
|
+
codes.each do |code|
|
|
50
|
+
assert_instance_of String, code
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
end
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class SessionTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
test 'expired?' do
|
|
6
|
+
refute QuoVadis::Session.new.expired?
|
|
7
|
+
assert QuoVadis::Session.new(lifetime_expires_at: 1.day.ago).expired?
|
|
8
|
+
refute QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now).expired?
|
|
9
|
+
|
|
10
|
+
QuoVadis.session_idle_timeout 5.minutes
|
|
11
|
+
refute QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now, last_seen_at: 1.minute.ago).expired?
|
|
12
|
+
assert QuoVadis::Session.new(lifetime_expires_at: 1.day.from_now, last_seen_at: 10.minutes.ago).expired?
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
test 'logout_other_sessions' do
|
|
17
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
18
|
+
account = user.qv_account
|
|
19
|
+
s0 = account.sessions.create! ip: 'ip', user_agent: 'useragent'
|
|
20
|
+
s1 = account.sessions.create! ip: 'ip', user_agent: 'useragent'
|
|
21
|
+
|
|
22
|
+
s0.logout_other_sessions
|
|
23
|
+
|
|
24
|
+
refute s0.destroyed?
|
|
25
|
+
assert s1.destroyed?
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
test 'reset authenticated with second factor' do
|
|
30
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
31
|
+
account = user.qv_account
|
|
32
|
+
session = account.sessions.create! ip: 'ip', user_agent: 'useragent'
|
|
33
|
+
|
|
34
|
+
refute session.second_factor_authenticated?
|
|
35
|
+
session.authenticated_with_second_factor
|
|
36
|
+
assert session.second_factor_authenticated?
|
|
37
|
+
session.reset_authenticated_with_second_factor
|
|
38
|
+
refute session.second_factor_authenticated?
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
|
|
42
|
+
test 'replace' do
|
|
43
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
44
|
+
account = user.qv_account
|
|
45
|
+
|
|
46
|
+
session = account.sessions.create! ip: 'ip', user_agent: 'useragent'
|
|
47
|
+
sess = session.replace
|
|
48
|
+
|
|
49
|
+
assert_instance_of QuoVadis::Session, sess
|
|
50
|
+
assert session.destroyed?
|
|
51
|
+
refute_equal session.id, sess.id
|
|
52
|
+
|
|
53
|
+
refute_includes account.sessions, session
|
|
54
|
+
assert_includes account.sessions, sess
|
|
55
|
+
|
|
56
|
+
session
|
|
57
|
+
.attributes
|
|
58
|
+
.reject { |name, _| %w[id created_at created_on updated_at updated_on].include? name }
|
|
59
|
+
.each do |name, value|
|
|
60
|
+
if value.nil?
|
|
61
|
+
assert_nil sess.send(name)
|
|
62
|
+
else
|
|
63
|
+
assert_equal value, sess.send(name)
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class TokenTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
setup do
|
|
6
|
+
u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
7
|
+
@account = u.qv_account
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
test 'account confirmation' do
|
|
12
|
+
token = QuoVadis::AccountConfirmationToken.generate @account
|
|
13
|
+
assert_match /^\d+-\d+--\h+$/, token
|
|
14
|
+
assert_equal @account, QuoVadis::AccountConfirmationToken.find_account(token)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
test 'account confirmation expired' do
|
|
18
|
+
token = QuoVadis::AccountConfirmationToken.generate @account
|
|
19
|
+
travel QuoVadis.account_confirmation_token_lifetime + 1.second
|
|
20
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account(token)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
test 'account confirmation already done' do
|
|
24
|
+
token = QuoVadis::AccountConfirmationToken.generate @account
|
|
25
|
+
@account.confirmed!
|
|
26
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account(token)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
test 'account confirmation token tampered with' do
|
|
30
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account(nil)
|
|
31
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account('')
|
|
32
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account('asdf')
|
|
33
|
+
|
|
34
|
+
token = QuoVadis::AccountConfirmationToken.generate @account
|
|
35
|
+
id, expires_at, hash = token.match(/^(\d+)-(\d+)--(\h+)$/).captures
|
|
36
|
+
fake_token = "#{id}-#{expires_at.to_i + 1}--#{hash}"
|
|
37
|
+
assert_nil QuoVadis::AccountConfirmationToken.find_account(fake_token)
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
|
|
41
|
+
test 'password reset' do
|
|
42
|
+
token = QuoVadis::PasswordResetToken.generate @account
|
|
43
|
+
assert_match /^\d+-\d+--\h+$/, token
|
|
44
|
+
assert_equal @account, QuoVadis::PasswordResetToken.find_account(token)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
test 'password reset expired' do
|
|
48
|
+
token = QuoVadis::PasswordResetToken.generate @account
|
|
49
|
+
travel QuoVadis.password_reset_token_lifetime + 1.second
|
|
50
|
+
assert_nil QuoVadis::PasswordResetToken.find_account(token)
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
test 'password reset already done' do
|
|
54
|
+
token = QuoVadis::PasswordResetToken.generate @account
|
|
55
|
+
@account.password.update password: 'secretsecret'
|
|
56
|
+
assert_nil QuoVadis::PasswordResetToken.find_account(token)
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
test 'password reset token tampered with' do
|
|
60
|
+
assert_nil QuoVadis::PasswordResetToken.find_account(nil)
|
|
61
|
+
assert_nil QuoVadis::PasswordResetToken.find_account('')
|
|
62
|
+
assert_nil QuoVadis::PasswordResetToken.find_account('asdf')
|
|
63
|
+
|
|
64
|
+
token = QuoVadis::PasswordResetToken.generate @account
|
|
65
|
+
id, expires_at, hash = token.match(/^(\d+)-(\d+)--(\h+)$/).captures
|
|
66
|
+
fake_token = "#{id}-#{expires_at.to_i + 1}--#{hash}"
|
|
67
|
+
assert_nil QuoVadis::PasswordResetToken.find_account(fake_token)
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
end
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
class TotpTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
test 'key changes for each new object' do
|
|
6
|
+
totp = QuoVadis::Totp.new
|
|
7
|
+
refute_empty totp.key
|
|
8
|
+
|
|
9
|
+
totp2 = QuoVadis::Totp.new
|
|
10
|
+
refute_empty totp2.key
|
|
11
|
+
|
|
12
|
+
refute_equal totp.key, totp2.key
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
test 'key is encrypted in database' do
|
|
17
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
18
|
+
totp = user.qv_account.create_totp last_used_at: 1.minute.ago
|
|
19
|
+
refute_equal totp.key, totp.read_attribute_before_type_cast(:key)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
test 'validates provided hmac' do
|
|
24
|
+
totp = QuoVadis::Totp.new account: QuoVadis::Account.new
|
|
25
|
+
hmac = totp.hmac_key
|
|
26
|
+
assert totp.valid?
|
|
27
|
+
|
|
28
|
+
totp.provided_hmac_key = 'wrong'
|
|
29
|
+
refute totp.valid?
|
|
30
|
+
refute_empty totp.errors[:key]
|
|
31
|
+
|
|
32
|
+
totp.provided_hmac_key = hmac
|
|
33
|
+
assert totp.valid?
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
|
|
37
|
+
test 'verify' do
|
|
38
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
39
|
+
|
|
40
|
+
qv_totp = QuoVadis::Totp.new account: user.qv_account
|
|
41
|
+
totp = ROTP::TOTP.new qv_totp.key
|
|
42
|
+
|
|
43
|
+
otp = totp.now
|
|
44
|
+
|
|
45
|
+
assert qv_totp.verify otp # one time
|
|
46
|
+
refute qv_totp.verify otp
|
|
47
|
+
|
|
48
|
+
travel 30.seconds
|
|
49
|
+
otp2 = totp.now
|
|
50
|
+
refute_equal otp, otp2
|
|
51
|
+
assert qv_totp.verify otp2
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
|
|
55
|
+
test 'reused?' do
|
|
56
|
+
user = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
57
|
+
|
|
58
|
+
qv_totp = QuoVadis::Totp.new account: user.qv_account
|
|
59
|
+
totp = ROTP::TOTP.new qv_totp.key
|
|
60
|
+
|
|
61
|
+
otp = totp.now
|
|
62
|
+
|
|
63
|
+
assert qv_totp.verify otp # one time
|
|
64
|
+
refute qv_totp.verify otp
|
|
65
|
+
assert qv_totp.reused? otp
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
end
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
require "test_helper"
|
|
2
|
+
|
|
3
|
+
class QuoVadisTest < ActiveSupport::TestCase
|
|
4
|
+
|
|
5
|
+
def test_that_it_has_a_version_number
|
|
6
|
+
assert QuoVadis::VERSION
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
test 'translate' do
|
|
11
|
+
assert_equal 'Welcome back!', QuoVadis.translate('flash.login.success')
|
|
12
|
+
assert_equal 'You have 3 recovery codes left.', QuoVadis.translate('flash.recovery_code.success', count: 3)
|
|
13
|
+
assert_nil QuoVadis.translate('does_not_exist')
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
test 'identifier' do
|
|
18
|
+
assert_equal :email, QuoVadis.identifier('User')
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
test 'humanise_identifier' do
|
|
23
|
+
assert_equal 'Email', QuoVadis.humanise_identifier('User')
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
test 'identifiers' do
|
|
28
|
+
assert_equal [:username, :email], QuoVadis.send(:identifiers)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
test 'detect_identifier' do
|
|
33
|
+
assert_equal 'email', QuoVadis.send(:detect_identifier, ['foo', 'email', 'commit'])
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
|
|
37
|
+
test 'find_account_by_identifier_in_params' do
|
|
38
|
+
u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
|
|
39
|
+
assert_equal u.qv_account,
|
|
40
|
+
QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => 'bob@example.com', 'commit' => 'Save'})
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
end
|
data/test/test_helper.rb
ADDED
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
ENV["RAILS_ENV"] = "test"
|
|
2
|
+
|
|
3
|
+
require_relative "../test/dummy/config/environment"
|
|
4
|
+
ActiveRecord::Migrator.migrations_paths = [File.expand_path("../test/dummy/db/migrate", __dir__)]
|
|
5
|
+
ActiveRecord::Migrator.migrations_paths << File.expand_path('../db/migrate', __dir__)
|
|
6
|
+
require "rails/test_help"
|
|
7
|
+
|
|
8
|
+
require 'capybara/rails'
|
|
9
|
+
require 'capybara/minitest'
|
|
10
|
+
|
|
11
|
+
# integration tests or system tests?
|
|
12
|
+
#
|
|
13
|
+
# system ones use a real browser and can therefore test css layout and js
|
|
14
|
+
# but integration ones are faster
|
|
15
|
+
class IntegrationTest < ActionDispatch::IntegrationTest
|
|
16
|
+
# include Capybara::DSL
|
|
17
|
+
# include Capybara::Minitest::Assertions
|
|
18
|
+
|
|
19
|
+
# include QuoVadis::Engine.routes.url_helpers
|
|
20
|
+
|
|
21
|
+
# setup do
|
|
22
|
+
# @routes = QuoVadis::Engine.routes
|
|
23
|
+
# end
|
|
24
|
+
|
|
25
|
+
teardown do
|
|
26
|
+
Capybara.reset_session!
|
|
27
|
+
Capybara.use_default_driver
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# https://philna.sh/blog/2020/01/15/test-signed-cookies-in-rails
|
|
31
|
+
#
|
|
32
|
+
# ActionDispatch::IntegrationTest's `cookies` is a Rack::Test::CookieJar
|
|
33
|
+
# not an ActionDispatch::Cookies::CookieJar, and doesn't have the #encrypted
|
|
34
|
+
# or #signed methods. So construct an ActionDispatch cookie jar.
|
|
35
|
+
def jar(_session = nil)
|
|
36
|
+
_request, _cookies = if _session
|
|
37
|
+
[_session.request, _session.cookies]
|
|
38
|
+
else
|
|
39
|
+
[@request, cookies]
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
ActionDispatch::Cookies::CookieJar.build(_request, _cookies.to_hash)
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
|
|
46
|
+
def assert_session_replaced(&block)
|
|
47
|
+
id = jar.encrypted[QuoVadis.cookie_name]
|
|
48
|
+
|
|
49
|
+
yield
|
|
50
|
+
|
|
51
|
+
_id = jar.encrypted[QuoVadis.cookie_name]
|
|
52
|
+
|
|
53
|
+
refute_equal id, _id
|
|
54
|
+
refute QuoVadis::Session.exists? id
|
|
55
|
+
assert QuoVadis::Session.exists? _id
|
|
56
|
+
assert controller.logged_in?
|
|
57
|
+
end
|
|
58
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: quo_vadis
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andy Stewart
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -38,6 +38,34 @@ dependencies:
|
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: 3.1.7
|
|
41
|
+
- !ruby/object:Gem::Dependency
|
|
42
|
+
name: rotp
|
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
|
44
|
+
requirements:
|
|
45
|
+
- - ">="
|
|
46
|
+
- !ruby/object:Gem::Version
|
|
47
|
+
version: '6'
|
|
48
|
+
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
+
requirements:
|
|
52
|
+
- - ">="
|
|
53
|
+
- !ruby/object:Gem::Version
|
|
54
|
+
version: '6'
|
|
55
|
+
- !ruby/object:Gem::Dependency
|
|
56
|
+
name: rqrcode
|
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
|
58
|
+
requirements:
|
|
59
|
+
- - "~>"
|
|
60
|
+
- !ruby/object:Gem::Version
|
|
61
|
+
version: '2.0'
|
|
62
|
+
type: :runtime
|
|
63
|
+
prerelease: false
|
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
65
|
+
requirements:
|
|
66
|
+
- - "~>"
|
|
67
|
+
- !ruby/object:Gem::Version
|
|
68
|
+
version: '2.0'
|
|
41
69
|
description:
|
|
42
70
|
email:
|
|
43
71
|
- boss@airbladesoftware.com
|
|
@@ -48,7 +76,6 @@ files:
|
|
|
48
76
|
- ".gitignore"
|
|
49
77
|
- CHANGELOG.md
|
|
50
78
|
- Gemfile
|
|
51
|
-
- Gemfile.lock
|
|
52
79
|
- LICENSE.txt
|
|
53
80
|
- README.md
|
|
54
81
|
- Rakefile
|
|
@@ -89,6 +116,94 @@ files:
|
|
|
89
116
|
- lib/quo_vadis/model.rb
|
|
90
117
|
- lib/quo_vadis/version.rb
|
|
91
118
|
- quo_vadis.gemspec
|
|
119
|
+
- test/dummy/README.markdown
|
|
120
|
+
- test/dummy/Rakefile
|
|
121
|
+
- test/dummy/app/controllers/application_controller.rb
|
|
122
|
+
- test/dummy/app/controllers/articles_controller.rb
|
|
123
|
+
- test/dummy/app/controllers/sign_ups_controller.rb
|
|
124
|
+
- test/dummy/app/controllers/users_controller.rb
|
|
125
|
+
- test/dummy/app/models/application_record.rb
|
|
126
|
+
- test/dummy/app/models/article.rb
|
|
127
|
+
- test/dummy/app/models/person.rb
|
|
128
|
+
- test/dummy/app/models/user.rb
|
|
129
|
+
- test/dummy/app/views/articles/also_secret.html.erb
|
|
130
|
+
- test/dummy/app/views/articles/index.html.erb
|
|
131
|
+
- test/dummy/app/views/articles/secret.html.erb
|
|
132
|
+
- test/dummy/app/views/articles/very_secret.html.erb
|
|
133
|
+
- test/dummy/app/views/layouts/application.html.erb
|
|
134
|
+
- test/dummy/app/views/quo_vadis/confirmations/edit.html.erb
|
|
135
|
+
- test/dummy/app/views/quo_vadis/confirmations/index.html.erb
|
|
136
|
+
- test/dummy/app/views/quo_vadis/confirmations/new.html.erb
|
|
137
|
+
- test/dummy/app/views/quo_vadis/logs/index.html.erb
|
|
138
|
+
- test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb
|
|
139
|
+
- test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb
|
|
140
|
+
- test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb
|
|
141
|
+
- test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb
|
|
142
|
+
- test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb
|
|
143
|
+
- test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb
|
|
144
|
+
- test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb
|
|
145
|
+
- test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb
|
|
146
|
+
- test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb
|
|
147
|
+
- test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb
|
|
148
|
+
- test/dummy/app/views/quo_vadis/password_resets/edit.html.erb
|
|
149
|
+
- test/dummy/app/views/quo_vadis/password_resets/index.html.erb
|
|
150
|
+
- test/dummy/app/views/quo_vadis/password_resets/new.html.erb
|
|
151
|
+
- test/dummy/app/views/quo_vadis/passwords/edit.html.erb
|
|
152
|
+
- test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb
|
|
153
|
+
- test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb
|
|
154
|
+
- test/dummy/app/views/quo_vadis/sessions/index.html.erb
|
|
155
|
+
- test/dummy/app/views/quo_vadis/sessions/new.html.erb
|
|
156
|
+
- test/dummy/app/views/quo_vadis/totps/challenge.html.erb
|
|
157
|
+
- test/dummy/app/views/quo_vadis/totps/new.html.erb
|
|
158
|
+
- test/dummy/app/views/quo_vadis/twofas/show.html.erb
|
|
159
|
+
- test/dummy/app/views/sign_ups/new.html.erb
|
|
160
|
+
- test/dummy/app/views/sign_ups/show.html.erb
|
|
161
|
+
- test/dummy/app/views/users/new.html.erb
|
|
162
|
+
- test/dummy/config.ru
|
|
163
|
+
- test/dummy/config/application.rb
|
|
164
|
+
- test/dummy/config/boot.rb
|
|
165
|
+
- test/dummy/config/database.yml
|
|
166
|
+
- test/dummy/config/environment.rb
|
|
167
|
+
- test/dummy/config/initializers/quo_vadis.rb
|
|
168
|
+
- test/dummy/config/routes.rb
|
|
169
|
+
- test/dummy/db/migrate/202102121932_create_users.rb
|
|
170
|
+
- test/dummy/db/migrate/202102121935_create_people.rb
|
|
171
|
+
- test/dummy/db/schema.rb
|
|
172
|
+
- test/dummy/public/favicon.ico
|
|
173
|
+
- test/fixtures/quo_vadis/mailer/account_confirmation.text
|
|
174
|
+
- test/fixtures/quo_vadis/mailer/email_change_notification.text
|
|
175
|
+
- test/fixtures/quo_vadis/mailer/identifier_change_notification.text
|
|
176
|
+
- test/fixtures/quo_vadis/mailer/password_change_notification.text
|
|
177
|
+
- test/fixtures/quo_vadis/mailer/password_reset_notification.text
|
|
178
|
+
- test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text
|
|
179
|
+
- test/fixtures/quo_vadis/mailer/reset_password.text
|
|
180
|
+
- test/fixtures/quo_vadis/mailer/totp_reuse_notification.text
|
|
181
|
+
- test/fixtures/quo_vadis/mailer/totp_setup_notification.text
|
|
182
|
+
- test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text
|
|
183
|
+
- test/integration/account_confirmation_test.rb
|
|
184
|
+
- test/integration/controller_test.rb
|
|
185
|
+
- test/integration/logging_test.rb
|
|
186
|
+
- test/integration/password_change_test.rb
|
|
187
|
+
- test/integration/password_login_test.rb
|
|
188
|
+
- test/integration/password_reset_test.rb
|
|
189
|
+
- test/integration/recovery_codes_test.rb
|
|
190
|
+
- test/integration/sessions_test.rb
|
|
191
|
+
- test/integration/sign_up_test.rb
|
|
192
|
+
- test/integration/totps_test.rb
|
|
193
|
+
- test/integration/twofa_test.rb
|
|
194
|
+
- test/mailers/mailer_test.rb
|
|
195
|
+
- test/models/account_test.rb
|
|
196
|
+
- test/models/crypt_test.rb
|
|
197
|
+
- test/models/log_test.rb
|
|
198
|
+
- test/models/mask_ip_test.rb
|
|
199
|
+
- test/models/model_test.rb
|
|
200
|
+
- test/models/password_test.rb
|
|
201
|
+
- test/models/recovery_code_test.rb
|
|
202
|
+
- test/models/session_test.rb
|
|
203
|
+
- test/models/token_test.rb
|
|
204
|
+
- test/models/totp_test.rb
|
|
205
|
+
- test/quo_vadis_test.rb
|
|
206
|
+
- test/test_helper.rb
|
|
92
207
|
homepage: https://github.com/airblade/quo_vadis
|
|
93
208
|
licenses:
|
|
94
209
|
- MIT
|
|
@@ -108,7 +223,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
108
223
|
- !ruby/object:Gem::Version
|
|
109
224
|
version: '0'
|
|
110
225
|
requirements: []
|
|
111
|
-
rubygems_version: 3.1.
|
|
226
|
+
rubygems_version: 3.1.2
|
|
112
227
|
signing_key:
|
|
113
228
|
specification_version: 4
|
|
114
229
|
summary: Multifactor authentication for Rails 6.
|