railsware-authlogic 2.1.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (126) hide show
  1. data/.gitignore +9 -0
  2. data/CHANGELOG.rdoc +345 -0
  3. data/LICENSE +20 -0
  4. data/README.rdoc +246 -0
  5. data/Rakefile +41 -0
  6. data/VERSION.yml +5 -0
  7. data/authlogic.gemspec +216 -0
  8. data/generators/session/session_generator.rb +9 -0
  9. data/generators/session/templates/session.rb +2 -0
  10. data/init.rb +1 -0
  11. data/lib/authlogic.rb +64 -0
  12. data/lib/authlogic/acts_as_authentic/base.rb +107 -0
  13. data/lib/authlogic/acts_as_authentic/email.rb +110 -0
  14. data/lib/authlogic/acts_as_authentic/logged_in_status.rb +65 -0
  15. data/lib/authlogic/acts_as_authentic/login.rb +141 -0
  16. data/lib/authlogic/acts_as_authentic/magic_columns.rb +24 -0
  17. data/lib/authlogic/acts_as_authentic/password.rb +355 -0
  18. data/lib/authlogic/acts_as_authentic/perishable_token.rb +105 -0
  19. data/lib/authlogic/acts_as_authentic/persistence_token.rb +68 -0
  20. data/lib/authlogic/acts_as_authentic/restful_authentication.rb +61 -0
  21. data/lib/authlogic/acts_as_authentic/session_maintenance.rb +139 -0
  22. data/lib/authlogic/acts_as_authentic/single_access_token.rb +65 -0
  23. data/lib/authlogic/acts_as_authentic/validations_scope.rb +32 -0
  24. data/lib/authlogic/authenticates_many/association.rb +42 -0
  25. data/lib/authlogic/authenticates_many/base.rb +55 -0
  26. data/lib/authlogic/controller_adapters/abstract_adapter.rb +67 -0
  27. data/lib/authlogic/controller_adapters/merb_adapter.rb +30 -0
  28. data/lib/authlogic/controller_adapters/rails_adapter.rb +48 -0
  29. data/lib/authlogic/controller_adapters/sinatra_adapter.rb +61 -0
  30. data/lib/authlogic/crypto_providers/aes256.rb +43 -0
  31. data/lib/authlogic/crypto_providers/bcrypt.rb +90 -0
  32. data/lib/authlogic/crypto_providers/md5.rb +34 -0
  33. data/lib/authlogic/crypto_providers/sha1.rb +35 -0
  34. data/lib/authlogic/crypto_providers/sha256.rb +50 -0
  35. data/lib/authlogic/crypto_providers/sha512.rb +50 -0
  36. data/lib/authlogic/crypto_providers/wordpress.rb +43 -0
  37. data/lib/authlogic/i18n.rb +83 -0
  38. data/lib/authlogic/i18n/translator.rb +15 -0
  39. data/lib/authlogic/random.rb +33 -0
  40. data/lib/authlogic/regex.rb +25 -0
  41. data/lib/authlogic/session/activation.rb +58 -0
  42. data/lib/authlogic/session/active_record_trickery.rb +64 -0
  43. data/lib/authlogic/session/base.rb +37 -0
  44. data/lib/authlogic/session/brute_force_protection.rb +96 -0
  45. data/lib/authlogic/session/callbacks.rb +99 -0
  46. data/lib/authlogic/session/cookies.rb +130 -0
  47. data/lib/authlogic/session/existence.rb +93 -0
  48. data/lib/authlogic/session/foundation.rb +71 -0
  49. data/lib/authlogic/session/http_auth.rb +58 -0
  50. data/lib/authlogic/session/id.rb +41 -0
  51. data/lib/authlogic/session/klass.rb +78 -0
  52. data/lib/authlogic/session/magic_columns.rb +95 -0
  53. data/lib/authlogic/session/magic_states.rb +59 -0
  54. data/lib/authlogic/session/params.rb +101 -0
  55. data/lib/authlogic/session/password.rb +240 -0
  56. data/lib/authlogic/session/perishable_token.rb +18 -0
  57. data/lib/authlogic/session/persistence.rb +70 -0
  58. data/lib/authlogic/session/priority_record.rb +34 -0
  59. data/lib/authlogic/session/scopes.rb +101 -0
  60. data/lib/authlogic/session/session.rb +62 -0
  61. data/lib/authlogic/session/timeout.rb +82 -0
  62. data/lib/authlogic/session/unauthorized_record.rb +50 -0
  63. data/lib/authlogic/session/validation.rb +82 -0
  64. data/lib/authlogic/test_case.rb +120 -0
  65. data/lib/authlogic/test_case/mock_controller.rb +45 -0
  66. data/lib/authlogic/test_case/mock_cookie_jar.rb +14 -0
  67. data/lib/authlogic/test_case/mock_logger.rb +10 -0
  68. data/lib/authlogic/test_case/mock_request.rb +19 -0
  69. data/lib/authlogic/test_case/rails_request_adapter.rb +30 -0
  70. data/rails/init.rb +1 -0
  71. data/shoulda_macros/authlogic.rb +69 -0
  72. data/test/acts_as_authentic_test/base_test.rb +18 -0
  73. data/test/acts_as_authentic_test/email_test.rb +101 -0
  74. data/test/acts_as_authentic_test/logged_in_status_test.rb +36 -0
  75. data/test/acts_as_authentic_test/login_test.rb +109 -0
  76. data/test/acts_as_authentic_test/magic_columns_test.rb +27 -0
  77. data/test/acts_as_authentic_test/password_test.rb +236 -0
  78. data/test/acts_as_authentic_test/perishable_token_test.rb +90 -0
  79. data/test/acts_as_authentic_test/persistence_token_test.rb +55 -0
  80. data/test/acts_as_authentic_test/restful_authentication_test.rb +40 -0
  81. data/test/acts_as_authentic_test/session_maintenance_test.rb +84 -0
  82. data/test/acts_as_authentic_test/single_access_test.rb +44 -0
  83. data/test/authenticates_many_test.rb +16 -0
  84. data/test/crypto_provider_test/aes256_test.rb +14 -0
  85. data/test/crypto_provider_test/bcrypt_test.rb +14 -0
  86. data/test/crypto_provider_test/sha1_test.rb +23 -0
  87. data/test/crypto_provider_test/sha256_test.rb +14 -0
  88. data/test/crypto_provider_test/sha512_test.rb +14 -0
  89. data/test/fixtures/companies.yml +5 -0
  90. data/test/fixtures/employees.yml +17 -0
  91. data/test/fixtures/projects.yml +3 -0
  92. data/test/fixtures/users.yml +24 -0
  93. data/test/i18n_test.rb +33 -0
  94. data/test/libs/affiliate.rb +7 -0
  95. data/test/libs/company.rb +6 -0
  96. data/test/libs/employee.rb +7 -0
  97. data/test/libs/employee_session.rb +2 -0
  98. data/test/libs/ldaper.rb +3 -0
  99. data/test/libs/ordered_hash.rb +9 -0
  100. data/test/libs/project.rb +3 -0
  101. data/test/libs/user.rb +5 -0
  102. data/test/libs/user_session.rb +6 -0
  103. data/test/random_test.rb +42 -0
  104. data/test/session_test/activation_test.rb +43 -0
  105. data/test/session_test/active_record_trickery_test.rb +36 -0
  106. data/test/session_test/brute_force_protection_test.rb +101 -0
  107. data/test/session_test/callbacks_test.rb +6 -0
  108. data/test/session_test/cookies_test.rb +112 -0
  109. data/test/session_test/credentials_test.rb +0 -0
  110. data/test/session_test/existence_test.rb +64 -0
  111. data/test/session_test/http_auth_test.rb +28 -0
  112. data/test/session_test/id_test.rb +17 -0
  113. data/test/session_test/klass_test.rb +40 -0
  114. data/test/session_test/magic_columns_test.rb +62 -0
  115. data/test/session_test/magic_states_test.rb +60 -0
  116. data/test/session_test/params_test.rb +53 -0
  117. data/test/session_test/password_test.rb +106 -0
  118. data/test/session_test/perishability_test.rb +15 -0
  119. data/test/session_test/persistence_test.rb +21 -0
  120. data/test/session_test/scopes_test.rb +60 -0
  121. data/test/session_test/session_test.rb +59 -0
  122. data/test/session_test/timeout_test.rb +52 -0
  123. data/test/session_test/unauthorized_record_test.rb +13 -0
  124. data/test/session_test/validation_test.rb +23 -0
  125. data/test/test_helper.rb +182 -0
  126. metadata +255 -0
@@ -0,0 +1,236 @@
1
+ require 'test_helper'
2
+
3
+ module ActsAsAuthenticTest
4
+ class PasswordTest < ActiveSupport::TestCase
5
+ def test_crypted_password_field_config
6
+ assert_equal :crypted_password, User.crypted_password_field
7
+ assert_equal :crypted_password, Employee.crypted_password_field
8
+
9
+ User.crypted_password_field = :nope
10
+ assert_equal :nope, User.crypted_password_field
11
+ User.crypted_password_field :crypted_password
12
+ assert_equal :crypted_password, User.crypted_password_field
13
+ end
14
+
15
+ def test_password_salt_field_config
16
+ assert_equal :password_salt, User.password_salt_field
17
+ assert_equal :password_salt, Employee.password_salt_field
18
+
19
+ User.password_salt_field = :nope
20
+ assert_equal :nope, User.password_salt_field
21
+ User.password_salt_field :password_salt
22
+ assert_equal :password_salt, User.password_salt_field
23
+ end
24
+
25
+ def test_ignore_blank_passwords_config
26
+ assert User.ignore_blank_passwords
27
+ assert Employee.ignore_blank_passwords
28
+
29
+ User.ignore_blank_passwords = false
30
+ assert !User.ignore_blank_passwords
31
+ User.ignore_blank_passwords true
32
+ assert User.ignore_blank_passwords
33
+ end
34
+
35
+ def test_check_passwords_against_database
36
+ assert User.check_passwords_against_database
37
+ User.check_passwords_against_database = false
38
+ assert !User.check_passwords_against_database
39
+ User.check_passwords_against_database true
40
+ assert User.check_passwords_against_database
41
+ end
42
+
43
+ def test_validate_password_field_config
44
+ assert User.validate_password_field
45
+ assert Employee.validate_password_field
46
+
47
+ User.validate_password_field = false
48
+ assert !User.validate_password_field
49
+ User.validate_password_field true
50
+ assert User.validate_password_field
51
+ end
52
+
53
+ def test_validates_length_of_password_field_options_config
54
+ default = {:minimum => 4, :if => :require_password?}
55
+ assert_equal default, User.validates_length_of_password_field_options
56
+ assert_equal default, Employee.validates_length_of_password_field_options
57
+
58
+ User.validates_length_of_password_field_options = {:yes => "no"}
59
+ assert_equal({:yes => "no"}, User.validates_length_of_password_field_options)
60
+ User.validates_length_of_password_field_options default
61
+ assert_equal default, User.validates_length_of_password_field_options
62
+ end
63
+
64
+ def test_validates_confirmation_of_password_field_options_config
65
+ default = {:if => :require_password?}
66
+ assert_equal default, User.validates_confirmation_of_password_field_options
67
+ assert_equal default, Employee.validates_confirmation_of_password_field_options
68
+
69
+ User.validates_confirmation_of_password_field_options = {:yes => "no"}
70
+ assert_equal({:yes => "no"}, User.validates_confirmation_of_password_field_options)
71
+ User.validates_confirmation_of_password_field_options default
72
+ assert_equal default, User.validates_confirmation_of_password_field_options
73
+ end
74
+
75
+ def test_validates_length_of_password_confirmation_field_options_config
76
+ default = {:minimum => 4, :if => :require_password?}
77
+ assert_equal default, User.validates_length_of_password_confirmation_field_options
78
+ assert_equal default, Employee.validates_length_of_password_confirmation_field_options
79
+
80
+ User.validates_length_of_password_confirmation_field_options = {:yes => "no"}
81
+ assert_equal({:yes => "no"}, User.validates_length_of_password_confirmation_field_options)
82
+ User.validates_length_of_password_confirmation_field_options default
83
+ assert_equal default, User.validates_length_of_password_confirmation_field_options
84
+ end
85
+
86
+ def test_crypto_provider_config
87
+ assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
88
+ assert_equal Authlogic::CryptoProviders::AES256, Employee.crypto_provider
89
+
90
+ User.crypto_provider = Authlogic::CryptoProviders::BCrypt
91
+ assert_equal Authlogic::CryptoProviders::BCrypt, User.crypto_provider
92
+ User.crypto_provider Authlogic::CryptoProviders::Sha512
93
+ assert_equal Authlogic::CryptoProviders::Sha512, User.crypto_provider
94
+ end
95
+
96
+ def test_transition_from_crypto_providers_config
97
+ assert_equal [], User.transition_from_crypto_providers
98
+ assert_equal [], Employee.transition_from_crypto_providers
99
+
100
+ User.transition_from_crypto_providers = [Authlogic::CryptoProviders::BCrypt]
101
+ assert_equal [Authlogic::CryptoProviders::BCrypt], User.transition_from_crypto_providers
102
+ User.transition_from_crypto_providers []
103
+ assert_equal [], User.transition_from_crypto_providers
104
+ end
105
+
106
+ def test_validates_length_of_password
107
+ u = User.new
108
+ u.password_confirmation = "test2"
109
+ assert !u.valid?
110
+ assert u.errors[:password].size > 0
111
+
112
+ u.password = "test"
113
+ assert !u.valid?
114
+ assert u.errors[:password_confirmation].size == 0
115
+ end
116
+
117
+ def test_validates_confirmation_of_password
118
+ u = User.new
119
+ u.password = "test"
120
+ u.password_confirmation = "test2"
121
+ assert !u.valid?
122
+ assert u.errors[:password].size > 0
123
+
124
+ u.password_confirmation = "test"
125
+ assert !u.valid?
126
+ assert u.errors[:password].size == 0
127
+ end
128
+
129
+ def test_validates_length_of_password_confirmation
130
+ u = User.new
131
+
132
+ u.password = "test"
133
+ u.password_confirmation = ""
134
+ assert !u.valid?
135
+ assert u.errors[:password_confirmation].size > 0
136
+
137
+ u.password_confirmation = "test"
138
+ assert !u.valid?
139
+ assert u.errors[:password_confirmation].size == 0
140
+
141
+ ben = users(:ben)
142
+ assert ben.valid?
143
+
144
+ ben.password = "newpass"
145
+ assert !ben.valid?
146
+ assert ben.errors[:password_confirmation].size > 0
147
+
148
+ ben.password_confirmation = "newpass"
149
+ assert ben.valid?
150
+ end
151
+
152
+ def test_password
153
+ u = User.new
154
+ old_password_salt = u.password_salt
155
+ old_crypted_password = u.crypted_password
156
+ u.password = "test"
157
+ assert_not_equal old_password_salt, u.password_salt
158
+ assert_not_equal old_crypted_password, u.crypted_password
159
+ end
160
+
161
+ def test_transitioning_password
162
+ ben = users(:ben)
163
+ transition_password_to(Authlogic::CryptoProviders::BCrypt, ben)
164
+ transition_password_to(Authlogic::CryptoProviders::Sha1, ben, [Authlogic::CryptoProviders::Sha512, Authlogic::CryptoProviders::BCrypt])
165
+ transition_password_to(Authlogic::CryptoProviders::Sha512, ben, [Authlogic::CryptoProviders::Sha1, Authlogic::CryptoProviders::BCrypt])
166
+ end
167
+
168
+ def test_checks_password_against_database
169
+ ben = users(:ben)
170
+ ben.password = "new pass"
171
+ assert !ben.valid_password?("new pass")
172
+ assert ben.valid_password?("benrocks")
173
+ end
174
+
175
+ def test_checks_password_against_database_and_always_fails_on_new_records
176
+ user = User.new
177
+ user.password = "new pass"
178
+ assert !user.valid_password?("new pass")
179
+ end
180
+
181
+ def test_checks_password_against_object
182
+ ben = users(:ben)
183
+ ben.password = "new pass"
184
+ assert ben.valid_password?("new pass", false)
185
+ assert !ben.valid_password?("benrocks", false)
186
+ end
187
+
188
+ def test_reset_password
189
+ ben = users(:ben)
190
+ old_crypted_password = ben.crypted_password
191
+ old_password_salt = ben.password_salt
192
+
193
+ # soft reset
194
+ ben.reset_password
195
+ assert_not_equal old_crypted_password, ben.crypted_password
196
+ assert_not_equal old_password_salt, ben.password_salt
197
+
198
+ # make sure it didn't go into the db
199
+ ben.reload
200
+ assert_equal old_crypted_password, ben.crypted_password
201
+ assert_equal old_password_salt, ben.password_salt
202
+
203
+ # hard reset
204
+ assert ben.reset_password!
205
+ assert_not_equal old_crypted_password, ben.crypted_password
206
+ assert_not_equal old_password_salt, ben.password_salt
207
+
208
+ # make sure it did go into the db
209
+ ben.reload
210
+ assert_not_equal old_crypted_password, ben.crypted_password
211
+ assert_not_equal old_password_salt, ben.password_salt
212
+ end
213
+
214
+ private
215
+ def transition_password_to(crypto_provider, records, from_crypto_providers = Authlogic::CryptoProviders::Sha512)
216
+ records = [records] unless records.is_a?(Array)
217
+ User.acts_as_authentic do |c|
218
+ c.crypto_provider = crypto_provider
219
+ c.transition_from_crypto_providers = from_crypto_providers
220
+ end
221
+ records.each do |record|
222
+ old_hash = record.crypted_password
223
+ old_persistence_token = record.persistence_token
224
+ assert record.valid_password?(password_for(record))
225
+ assert_not_equal old_hash.to_s, record.crypted_password.to_s
226
+ assert_not_equal old_persistence_token.to_s, record.persistence_token.to_s
227
+
228
+ old_hash = record.crypted_password
229
+ old_persistence_token = record.persistence_token
230
+ assert record.valid_password?(password_for(record))
231
+ assert_equal old_hash.to_s, record.crypted_password.to_s
232
+ assert_equal old_persistence_token.to_s, record.persistence_token.to_s
233
+ end
234
+ end
235
+ end
236
+ end
@@ -0,0 +1,90 @@
1
+ require 'test_helper'
2
+
3
+ module ActsAsAuthenticTest
4
+ class PerishableTokenTest < ActiveSupport::TestCase
5
+ def test_perishable_token_valid_for_config
6
+ assert_equal 10.minutes.to_i, User.perishable_token_valid_for
7
+ assert_equal 10.minutes.to_i, Employee.perishable_token_valid_for
8
+
9
+ User.perishable_token_valid_for = 1.hour
10
+ assert_equal 1.hour.to_i, User.perishable_token_valid_for
11
+ User.perishable_token_valid_for 10.minutes
12
+ assert_equal 10.minutes.to_i, User.perishable_token_valid_for
13
+ end
14
+
15
+ def test_disable_perishable_token_maintenance_config
16
+ assert !User.disable_perishable_token_maintenance
17
+ assert !Employee.disable_perishable_token_maintenance
18
+
19
+ User.disable_perishable_token_maintenance = true
20
+ assert User.disable_perishable_token_maintenance
21
+ User.disable_perishable_token_maintenance false
22
+ assert !User.disable_perishable_token_maintenance
23
+ end
24
+
25
+ def test_validates_uniqueness_of_perishable_token
26
+ u = User.new
27
+ u.perishable_token = users(:ben).perishable_token
28
+ assert !u.valid?
29
+ assert u.errors[:perishable_token].size > 0
30
+ end
31
+
32
+ def test_before_save_reset_perishable_token
33
+ ben = users(:ben)
34
+ old_perishable_token = ben.perishable_token
35
+ assert ben.save
36
+ assert_not_equal old_perishable_token, ben.perishable_token
37
+ end
38
+
39
+ def test_reset_perishable_token
40
+ ben = users(:ben)
41
+ old_perishable_token = ben.perishable_token
42
+
43
+ assert ben.reset_perishable_token
44
+ assert_not_equal old_perishable_token, ben.perishable_token
45
+
46
+ ben.reload
47
+ assert_equal old_perishable_token, ben.perishable_token
48
+
49
+ assert ben.reset_perishable_token!
50
+ assert_not_equal old_perishable_token, ben.perishable_token
51
+
52
+ ben.reload
53
+ assert_not_equal old_perishable_token, ben.perishable_token
54
+ end
55
+
56
+ def test_find_using_perishable_token
57
+ ben = users(:ben)
58
+ assert_equal ben, User.find_using_perishable_token(ben.perishable_token)
59
+ end
60
+
61
+ def test_find_using_perishable_token_when_perished
62
+ ben = users(:ben)
63
+ ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{1.week.ago.to_s(:db)}' where id = #{ben.id}")
64
+ assert_nil User.find_using_perishable_token(ben.perishable_token)
65
+ end
66
+
67
+ def test_find_using_perishable_token_when_perished
68
+ User.perishable_token_valid_for = 1.minute
69
+ ben = users(:ben)
70
+ ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{2.minutes.ago.to_s(:db)}' where id = #{ben.id}")
71
+ assert_nil User.find_using_perishable_token(ben.perishable_token)
72
+ User.perishable_token_valid_for = 10.minutes
73
+ end
74
+
75
+ def test_find_using_perishable_token_when_passing_threshold
76
+ User.perishable_token_valid_for = 1.minute
77
+ ben = users(:ben)
78
+ ActiveRecord::Base.connection.execute("UPDATE users set updated_at = '#{10.minutes.ago.to_s(:db)}' where id = #{ben.id}")
79
+ assert_nil User.find_using_perishable_token(ben.perishable_token, 5.minutes)
80
+ assert_equal ben, User.find_using_perishable_token(ben.perishable_token, 20.minutes)
81
+ User.perishable_token_valid_for = 10.minutes
82
+ end
83
+
84
+ def test_find_perishable_token_with_bang
85
+ assert_raises ActiveRecord::RecordNotFound do
86
+ User.find_using_perishable_token!('some_bad_value')
87
+ end
88
+ end
89
+ end
90
+ end
@@ -0,0 +1,55 @@
1
+ require 'test_helper'
2
+
3
+ module ActsAsAuthenticTest
4
+ class PersistenceTokenTest < ActiveSupport::TestCase
5
+ def test_after_password_set_reset_persistence_token
6
+ ben = users(:ben)
7
+ old_persistence_token = ben.persistence_token
8
+ ben.password = "newpass"
9
+ assert_not_equal old_persistence_token, ben.persistence_token
10
+ end
11
+
12
+ def test_after_password_verification_reset_persistence_token
13
+ ben = users(:ben)
14
+ old_persistence_token = ben.persistence_token
15
+ assert ben.valid_password?(password_for(ben))
16
+ assert_equal old_persistence_token, ben.persistence_token
17
+
18
+ # only update it if it is nil
19
+ assert ben.update_attribute(:persistence_token, nil)
20
+ assert ben.valid_password?(password_for(ben))
21
+ assert_not_equal old_persistence_token, ben.persistence_token
22
+ end
23
+
24
+ def test_before_validate_reset_persistence_token
25
+ u = User.new
26
+ assert !u.valid?
27
+ assert_not_nil u.persistence_token
28
+ end
29
+
30
+ def test_forget_all
31
+ http_basic_auth_for(users(:ben)) { UserSession.find }
32
+ http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
33
+ assert UserSession.find
34
+ assert UserSession.find(:ziggity_zack)
35
+ User.forget_all
36
+ assert !UserSession.find
37
+ assert !UserSession.find(:ziggity_zack)
38
+ end
39
+
40
+ def test_forget
41
+ ben = users(:ben)
42
+ zack = users(:zack)
43
+ http_basic_auth_for(ben) { UserSession.find }
44
+ http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
45
+
46
+ assert ben.reload.logged_in?
47
+ assert zack.reload.logged_in?
48
+
49
+ ben.forget!
50
+
51
+ assert !UserSession.find
52
+ assert UserSession.find(:ziggity_zack)
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,40 @@
1
+ require 'test_helper'
2
+
3
+ module ActsAsAuthenticTest
4
+ class RestfulAuthenticationTest < ActiveSupport::TestCase
5
+ def test_act_like_restful_authentication_config
6
+ assert !User.act_like_restful_authentication
7
+ assert !Employee.act_like_restful_authentication
8
+
9
+ User.act_like_restful_authentication = true
10
+ assert User.act_like_restful_authentication
11
+ assert_equal Authlogic::CryptoProviders::Sha1, User.crypto_provider
12
+ assert defined?(::REST_AUTH_SITE_KEY)
13
+ assert_equal '', ::REST_AUTH_SITE_KEY
14
+ assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
15
+
16
+ User.act_like_restful_authentication false
17
+ assert !User.act_like_restful_authentication
18
+
19
+ User.crypto_provider = Authlogic::CryptoProviders::Sha512
20
+ User.transition_from_crypto_providers = []
21
+ end
22
+
23
+ def test_transition_from_restful_authentication_config
24
+ assert !User.transition_from_restful_authentication
25
+ assert !Employee.transition_from_restful_authentication
26
+
27
+ User.transition_from_restful_authentication = true
28
+ assert User.transition_from_restful_authentication
29
+ assert defined?(::REST_AUTH_SITE_KEY)
30
+ assert_equal '', ::REST_AUTH_SITE_KEY
31
+ assert_equal 1, Authlogic::CryptoProviders::Sha1.stretches
32
+
33
+ User.transition_from_restful_authentication false
34
+ assert !User.transition_from_restful_authentication
35
+
36
+ User.crypto_provider = Authlogic::CryptoProviders::Sha512
37
+ User.transition_from_crypto_providers = []
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,84 @@
1
+ require 'test_helper'
2
+
3
+ module ActsAsAuthenticTest
4
+ class SessionMaintenanceTest < ActiveSupport::TestCase
5
+ def test_maintain_sessions_config
6
+ assert User.maintain_sessions
7
+ User.maintain_sessions = false
8
+ assert !User.maintain_sessions
9
+ User.maintain_sessions true
10
+ assert User.maintain_sessions
11
+ end
12
+
13
+ def test_login_after_create
14
+ assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@awesome.com")
15
+ assert UserSession.find
16
+ end
17
+
18
+ def test_updating_session_with_failed_magic_state
19
+ ben = users(:ben)
20
+ ben.confirmed = false
21
+ ben.password = "newpass"
22
+ ben.password_confirmation = "newpass"
23
+ assert ben.save
24
+ end
25
+
26
+ def test_update_session_after_password_modify
27
+ ben = users(:ben)
28
+ UserSession.create(ben)
29
+ old_session_key = controller.session["user_credentials"]
30
+ old_cookie_key = controller.cookies["user_credentials"]
31
+ ben.password = "newpass"
32
+ ben.password_confirmation = "newpass"
33
+ assert ben.save
34
+ assert controller.session["user_credentials"]
35
+ assert controller.cookies["user_credentials"]
36
+ assert_not_equal controller.session["user_credentials"], old_session_key
37
+ assert_not_equal controller.cookies["user_credentials"], old_cookie_key
38
+ end
39
+
40
+ def test_no_session_update_after_modify
41
+ ben = users(:ben)
42
+ UserSession.create(ben)
43
+ old_session_key = controller.session["user_credentials"]
44
+ old_cookie_key = controller.cookies["user_credentials"]
45
+ ben.first_name = "Ben"
46
+ assert ben.save
47
+ assert_equal controller.session["user_credentials"], old_session_key
48
+ assert_equal controller.cookies["user_credentials"], old_cookie_key
49
+ end
50
+
51
+ def test_creating_other_user
52
+ ben = users(:ben)
53
+ UserSession.create(ben)
54
+ old_session_key = controller.session["user_credentials"]
55
+ old_cookie_key = controller.cookies["user_credentials"]
56
+ assert User.create(:login => "awesome", :password => "saweet", :password_confirmation => "saweet", :email => "awesome@saweet.com")
57
+ assert_equal controller.session["user_credentials"], old_session_key
58
+ assert_equal controller.cookies["user_credentials"], old_cookie_key
59
+ end
60
+
61
+ def test_updating_other_user
62
+ ben = users(:ben)
63
+ UserSession.create(ben)
64
+ old_session_key = controller.session["user_credentials"]
65
+ old_cookie_key = controller.cookies["user_credentials"]
66
+ zack = users(:zack)
67
+ zack.password = "newpass"
68
+ zack.password_confirmation = "newpass"
69
+ assert zack.save
70
+ assert_equal controller.session["user_credentials"], old_session_key
71
+ assert_equal controller.cookies["user_credentials"], old_cookie_key
72
+ end
73
+
74
+ def test_resetting_password_when_logged_out
75
+ ben = users(:ben)
76
+ assert !UserSession.find
77
+ ben.password = "newpass"
78
+ ben.password_confirmation = "newpass"
79
+ assert ben.save
80
+ assert UserSession.find
81
+ assert_equal ben, UserSession.find.record
82
+ end
83
+ end
84
+ end