rack-cerberus 1.0.0 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/rack/cerberus.rb +5 -1
  3. data/spec/rack_cerberus_spec.rb +21 -5
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: afcdada63ffd1a684458910d59b89d15fa216886
4
- data.tar.gz: d412afa1080dfcc3fe423ed035c359c5caaff232
3
+ metadata.gz: bda08956b38e4898a4230985bf562a70a9ecf50a
4
+ data.tar.gz: 6a3e4ebddeafa5208a32babee28ab3e0fea06d31
5
5
  SHA512:
6
- metadata.gz: 76d1daf65b65cfc21b741b33e9874d69a4f259c464d92906897fb80cddf9d491358288e5820317843ef64b9567335f5dc7ee11a7ccaf584cb09524e90f8368c7
7
- data.tar.gz: ede819c5610004dca634ec0e4e2a5fe035feef2b9e55ae667b16fd5039b4cb4d792f33734b749122f3a2714fa435deb5c65e10173c588496c347ff0dc0b2b905
6
+ metadata.gz: e5d2fec915ce81fd648339e7f6aefc5f12dca26df92b84c20116f569c3b3d99ea657e2bbd7325e2cb272398c31b1e4211a08aeedcf6e3ecadee06e3a3c3ceb98
7
+ data.tar.gz: 2232cd7f89419f33b95a9ee0c8f51c46bb7f5de7d1666ff098dc953714383b8a9906103f61689edf6bb02028ee05dd16f9a47ca28a6b61abaf05f4837966f37a
data/lib/rack/cerberus.rb CHANGED
@@ -4,9 +4,11 @@ module Rack
4
4
 
5
5
  class Cerberus
6
6
 
7
- VERSION = '1.0.0'
7
+ VERSION = '1.0.1'
8
8
 
9
9
  class NoSessionError < RuntimeError; end
10
+
11
+ def self.new(*); ::Rack::MethodOverride.new(super); end
10
12
 
11
13
  def initialize(app, options={}, &block)
12
14
  @app = app
@@ -49,6 +51,7 @@ module Rack
49
51
  401, {'Content-Type' => 'text/html'},
50
52
  [AUTH_PAGE % @options.merge({
51
53
  error: err, submit_path: env['REQUEST_URI'],
54
+ request_method: req.request_method,
52
55
  login: Rack::Utils.escape_html(login),
53
56
  pass: Rack::Utils.escape_html(pass)
54
57
  })]
@@ -107,6 +110,7 @@ module Rack
107
110
  <form action="%{submit_path}" method="post" accept-charset="utf-8">
108
111
  <input type="text" name="cerberus_login" value="%{login}" id='login' title='Login' placeholder='Login'><br />
109
112
  <input type="password" name="cerberus_pass" value="%{pass}" id='pass' title='Password' placeholder='Password'>
113
+ <input type="hidden" name="_method" value="%{request_method}">
110
114
  <p><input type="submit" value="SIGN IN &rarr;"></p>
111
115
  </form>
112
116
  <script type="text/javascript" charset="utf-8">
data/spec/rack_cerberus_spec.rb CHANGED
@@ -40,8 +40,8 @@ RSpec.describe Rack::Cerberus do
40
40
  expect(last_response.status).to eq 401
41
41
  body = last_response.body
42
42
  expect(body.class).to eq String
43
- expect(body).to match(/name="cerberus_login" value=""/)
44
- expect(body).to match(/name="cerberus_pass" value=""/)
43
+ expect(body).to include('name="cerberus_login" value=""')
44
+ expect(body).to include('name="cerberus_pass" value=""')
45
45
  end
46
46
  end
47
47
 
@@ -51,12 +51,12 @@ RSpec.describe Rack::Cerberus do
51
51
  it 'Stops requests' do
52
52
  post('/', {'cerberus_login' => 'fake_login', 'cerberus_pass' => 'fake_pass'})
53
53
  expect(last_response.status).to eq 401
54
- expect(last_response.body).to match(/Wrong login or password/)
54
+ expect(last_response.body).to include('Wrong login or password')
55
55
  end
56
56
  it 'Keeps what was entered in the fields' do
57
57
  post('/', {'cerberus_login' => 'fake_login', 'cerberus_pass' => 'fake_pass'})
58
- expect(last_response.body).to match(/name="cerberus_login" value="fake_login"/)
59
- expect(last_response.body).to match(/name="cerberus_pass" value="fake_pass"/)
58
+ expect(last_response.body).to include('name="cerberus_login" value="fake_login"')
59
+ expect(last_response.body).to include('name="cerberus_pass" value="fake_pass"')
60
60
  end
61
61
  it 'Escapes HTML on submitted info' do
62
62
  expect(Rack::Utils).to receive(:escape_html).with('<script>bad</script>').twice
@@ -65,10 +65,25 @@ RSpec.describe Rack::Cerberus do
65
65
  end
66
66
 
67
67
  context 'Login details are correct' do
68
+ let(:secret_app) {
69
+ lambda {|env|
70
+ [200, {'Content-Type'=>'text/plain'}, env['REQUEST_METHOD']]
71
+ }
72
+ }
68
73
  it 'Gives access' do
69
74
  get('/', {'cerberus_login' => 'mario@nintendo.com', 'cerberus_pass' => 'bros'})
70
75
  expect(last_response.status).to eq 200
71
76
  end
77
+ it 'Calls the final page with the original method' do
78
+ get('/')
79
+ expect(last_response.body).to include('name="_method" value="GET"')
80
+ post('/', {
81
+ 'cerberus_login' => 'mario@nintendo.com',
82
+ 'cerberus_pass' => 'bros',
83
+ '_method' => 'GET'
84
+ })
85
+ expect(last_response.body).to eq 'GET'
86
+ end
72
87
  end
73
88
 
74
89
  end
@@ -131,3 +146,4 @@ RSpec.describe Rack::Cerberus do
131
146
  end
132
147
 
133
148
  end
149
+
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cerberus
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mickael Riga