rodauth 1.20.0 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +170 -0
- data/MIT-LICENSE +1 -1
- data/README.rdoc +211 -79
- data/doc/account_expiration.rdoc +12 -26
- data/doc/active_sessions.rdoc +49 -0
- data/doc/audit_logging.rdoc +44 -0
- data/doc/base.rdoc +75 -128
- data/doc/change_login.rdoc +7 -14
- data/doc/change_password.rdoc +9 -13
- data/doc/change_password_notify.rdoc +2 -2
- data/doc/close_account.rdoc +9 -16
- data/doc/confirm_password.rdoc +12 -5
- data/doc/create_account.rdoc +11 -22
- data/doc/disallow_password_reuse.rdoc +6 -13
- data/doc/email_auth.rdoc +15 -14
- data/doc/email_base.rdoc +6 -15
- data/doc/http_basic_auth.rdoc +10 -1
- data/doc/internals.rdoc +1 -1
- data/doc/jwt.rdoc +22 -22
- data/doc/jwt_cors.rdoc +22 -0
- data/doc/jwt_refresh.rdoc +12 -8
- data/doc/lockout.rdoc +17 -15
- data/doc/login.rdoc +10 -2
- data/doc/login_password_requirements_base.rdoc +15 -37
- data/doc/logout.rdoc +2 -2
- data/doc/otp.rdoc +24 -19
- data/doc/password_complexity.rdoc +10 -26
- data/doc/password_expiration.rdoc +11 -25
- data/doc/password_grace_period.rdoc +16 -2
- data/doc/recovery_codes.rdoc +18 -12
- data/doc/release_notes/1.21.0.txt +12 -0
- data/doc/release_notes/1.22.0.txt +11 -0
- data/doc/release_notes/1.23.0.txt +32 -0
- data/doc/release_notes/2.0.0.txt +361 -0
- data/doc/release_notes/2.1.0.txt +31 -0
- data/doc/remember.rdoc +40 -64
- data/doc/reset_password.rdoc +12 -9
- data/doc/session_expiration.rdoc +1 -0
- data/doc/single_session.rdoc +16 -25
- data/doc/sms_codes.rdoc +24 -14
- data/doc/two_factor_base.rdoc +60 -22
- data/doc/verify_account.rdoc +14 -12
- data/doc/verify_account_grace_period.rdoc +6 -2
- data/doc/verify_login_change.rdoc +9 -8
- data/doc/webauthn.rdoc +115 -0
- data/doc/webauthn_login.rdoc +15 -0
- data/doc/webauthn_verify_account.rdoc +9 -0
- data/javascript/webauthn_auth.js +45 -0
- data/javascript/webauthn_setup.js +35 -0
- data/lib/roda/plugins/rodauth.rb +1 -1
- data/lib/rodauth.rb +32 -24
- data/lib/rodauth/features/account_expiration.rb +5 -5
- data/lib/rodauth/features/active_sessions.rb +160 -0
- data/lib/rodauth/features/audit_logging.rb +96 -0
- data/lib/rodauth/features/base.rb +144 -43
- data/lib/rodauth/features/change_password_notify.rb +2 -2
- data/lib/rodauth/features/confirm_password.rb +40 -2
- data/lib/rodauth/features/create_account.rb +8 -13
- data/lib/rodauth/features/disallow_common_passwords.rb +1 -1
- data/lib/rodauth/features/disallow_password_reuse.rb +1 -1
- data/lib/rodauth/features/email_auth.rb +30 -29
- data/lib/rodauth/features/email_base.rb +9 -4
- data/lib/rodauth/features/http_basic_auth.rb +55 -35
- data/lib/rodauth/features/jwt.rb +58 -10
- data/lib/rodauth/features/jwt_cors.rb +53 -0
- data/lib/rodauth/features/jwt_refresh.rb +3 -3
- data/lib/rodauth/features/lockout.rb +12 -14
- data/lib/rodauth/features/login.rb +54 -10
- data/lib/rodauth/features/login_password_requirements_base.rb +4 -4
- data/lib/rodauth/features/otp.rb +72 -74
- data/lib/rodauth/features/password_complexity.rb +4 -11
- data/lib/rodauth/features/password_expiration.rb +2 -2
- data/lib/rodauth/features/password_grace_period.rb +17 -10
- data/lib/rodauth/features/recovery_codes.rb +49 -53
- data/lib/rodauth/features/remember.rb +11 -27
- data/lib/rodauth/features/reset_password.rb +26 -26
- data/lib/rodauth/features/session_expiration.rb +6 -4
- data/lib/rodauth/features/single_session.rb +7 -5
- data/lib/rodauth/features/sms_codes.rb +62 -71
- data/lib/rodauth/features/two_factor_base.rb +132 -28
- data/lib/rodauth/features/verify_account.rb +25 -21
- data/lib/rodauth/features/verify_account_grace_period.rb +20 -9
- data/lib/rodauth/features/verify_login_change.rb +12 -11
- data/lib/rodauth/features/webauthn.rb +507 -0
- data/lib/rodauth/features/webauthn_login.rb +70 -0
- data/lib/rodauth/features/webauthn_verify_account.rb +46 -0
- data/lib/rodauth/version.rb +2 -2
- data/templates/button.str +1 -3
- data/templates/change-login.str +1 -2
- data/templates/change-password.str +3 -5
- data/templates/close-account.str +2 -2
- data/templates/confirm-password.str +1 -1
- data/templates/create-account.str +1 -1
- data/templates/email-auth-email.str +1 -1
- data/templates/email-auth-request-form.str +2 -3
- data/templates/email-auth.str +1 -1
- data/templates/global-logout-field.str +6 -0
- data/templates/login-confirm-field.str +2 -4
- data/templates/login-display.str +3 -2
- data/templates/login-field.str +2 -4
- data/templates/login-form-footer.str +6 -0
- data/templates/login-form.str +7 -0
- data/templates/login.str +1 -9
- data/templates/logout.str +1 -1
- data/templates/multi-phase-login.str +3 -0
- data/templates/otp-auth-code-field.str +5 -3
- data/templates/otp-auth.str +1 -1
- data/templates/otp-disable.str +1 -1
- data/templates/otp-setup.str +3 -3
- data/templates/password-confirm-field.str +2 -4
- data/templates/password-field.str +2 -4
- data/templates/recovery-auth.str +3 -6
- data/templates/recovery-codes.str +1 -1
- data/templates/remember.str +15 -20
- data/templates/reset-password-email.str +1 -1
- data/templates/reset-password-request.str +3 -3
- data/templates/reset-password.str +1 -2
- data/templates/sms-auth.str +1 -1
- data/templates/sms-code-field.str +5 -3
- data/templates/sms-confirm.str +1 -2
- data/templates/sms-disable.str +1 -2
- data/templates/sms-request.str +1 -1
- data/templates/sms-setup.str +6 -4
- data/templates/two-factor-auth.str +5 -0
- data/templates/two-factor-disable.str +6 -0
- data/templates/two-factor-manage.str +16 -0
- data/templates/unlock-account-email.str +1 -1
- data/templates/unlock-account-request.str +4 -4
- data/templates/unlock-account.str +1 -1
- data/templates/verify-account-email.str +1 -1
- data/templates/verify-account-resend.str +3 -3
- data/templates/verify-account.str +1 -2
- data/templates/verify-login-change-email.str +2 -1
- data/templates/verify-login-change.str +1 -1
- data/templates/webauthn-auth.str +11 -0
- data/templates/webauthn-remove.str +14 -0
- data/templates/webauthn-setup.str +12 -0
- metadata +89 -50
- data/Rakefile +0 -179
- data/doc/verify_change_login.rdoc +0 -11
- data/lib/rodauth/features/verify_change_login.rb +0 -20
- data/spec/account_expiration_spec.rb +0 -225
- data/spec/all.rb +0 -1
- data/spec/change_login_spec.rb +0 -156
- data/spec/change_password_notify_spec.rb +0 -33
- data/spec/change_password_spec.rb +0 -202
- data/spec/close_account_spec.rb +0 -162
- data/spec/confirm_password_spec.rb +0 -70
- data/spec/create_account_spec.rb +0 -127
- data/spec/disallow_common_passwords_spec.rb +0 -93
- data/spec/disallow_password_reuse_spec.rb +0 -179
- data/spec/email_auth_spec.rb +0 -285
- data/spec/http_basic_auth_spec.rb +0 -143
- data/spec/jwt_refresh_spec.rb +0 -256
- data/spec/jwt_spec.rb +0 -235
- data/spec/lockout_spec.rb +0 -250
- data/spec/login_spec.rb +0 -328
- data/spec/migrate/001_tables.rb +0 -184
- data/spec/migrate/002_account_password_hash_column.rb +0 -11
- data/spec/migrate_password/001_tables.rb +0 -73
- data/spec/migrate_travis/001_tables.rb +0 -141
- data/spec/password_complexity_spec.rb +0 -109
- data/spec/password_expiration_spec.rb +0 -244
- data/spec/password_grace_period_spec.rb +0 -93
- data/spec/remember_spec.rb +0 -451
- data/spec/reset_password_spec.rb +0 -229
- data/spec/rodauth_spec.rb +0 -343
- data/spec/session_expiration_spec.rb +0 -58
- data/spec/single_session_spec.rb +0 -127
- data/spec/spec_helper.rb +0 -327
- data/spec/two_factor_spec.rb +0 -1423
- data/spec/update_password_hash_spec.rb +0 -40
- data/spec/verify_account_grace_period_spec.rb +0 -171
- data/spec/verify_account_spec.rb +0 -240
- data/spec/verify_change_login_spec.rb +0 -46
- data/spec/verify_login_change_spec.rb +0 -232
- data/spec/views/layout-other.str +0 -11
- data/spec/views/layout.str +0 -11
- data/spec/views/login.str +0 -21
@@ -1,33 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth change_password_notify feature' do
|
4
|
-
it "should email when using change password" do
|
5
|
-
rodauth do
|
6
|
-
enable :login, :logout, :change_password_notify
|
7
|
-
change_password_requires_password? false
|
8
|
-
end
|
9
|
-
roda do |r|
|
10
|
-
r.rodauth
|
11
|
-
r.root{view :content=>""}
|
12
|
-
end
|
13
|
-
|
14
|
-
login
|
15
|
-
page.current_path.must_equal '/'
|
16
|
-
|
17
|
-
visit '/change-password'
|
18
|
-
fill_in 'New Password', :with=>'0123456'
|
19
|
-
fill_in 'Confirm Password', :with=>'0123456'
|
20
|
-
click_button 'Change Password'
|
21
|
-
page.find('#notice_flash').text.must_equal "Your password has been changed"
|
22
|
-
|
23
|
-
page.current_path.must_equal '/'
|
24
|
-
msgs = Mail::TestMailer.deliveries
|
25
|
-
msgs.length.must_equal 1
|
26
|
-
msgs.first.to.first.must_equal 'foo@example.com'
|
27
|
-
msgs.first.body.to_s.must_equal <<EMAIL
|
28
|
-
Someone (hopefully you) has changed the password for the account
|
29
|
-
associated to this email address.
|
30
|
-
EMAIL
|
31
|
-
msgs.clear
|
32
|
-
end
|
33
|
-
end
|
@@ -1,202 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth change_password feature' do
|
4
|
-
[false, true].each do |ph|
|
5
|
-
it "should support changing passwords for accounts #{'with account_password_hash_column' if ph}" do
|
6
|
-
require_password = true
|
7
|
-
rodauth do
|
8
|
-
enable :login, :logout, :change_password
|
9
|
-
account_password_hash_column :ph if ph
|
10
|
-
change_password_requires_password?{require_password}
|
11
|
-
end
|
12
|
-
roda do |r|
|
13
|
-
r.rodauth
|
14
|
-
r.root{view :content=>""}
|
15
|
-
end
|
16
|
-
|
17
|
-
login
|
18
|
-
page.current_path.must_equal '/'
|
19
|
-
|
20
|
-
visit '/change-password'
|
21
|
-
page.title.must_equal 'Change Password'
|
22
|
-
|
23
|
-
fill_in 'Password', :with=>'0123456789'
|
24
|
-
fill_in 'New Password', :with=>'0123456'
|
25
|
-
fill_in 'Confirm Password', :with=>'0123456789'
|
26
|
-
click_button 'Change Password'
|
27
|
-
page.html.must_include("passwords do not match")
|
28
|
-
page.find('#error_flash').text.must_equal "There was an error changing your password"
|
29
|
-
page.current_path.must_equal '/change-password'
|
30
|
-
|
31
|
-
fill_in 'Password', :with=>'0123456'
|
32
|
-
fill_in 'New Password', :with=>'0123456'
|
33
|
-
fill_in 'Confirm Password', :with=>'0123456'
|
34
|
-
click_button 'Change Password'
|
35
|
-
page.find('#error_flash').text.must_equal "There was an error changing your password"
|
36
|
-
page.body.must_include 'invalid password'
|
37
|
-
page.current_path.must_equal '/change-password'
|
38
|
-
|
39
|
-
fill_in 'Password', :with=>'0123456789'
|
40
|
-
fill_in 'New Password', :with=>'0123456789'
|
41
|
-
fill_in 'Confirm Password', :with=>'0123456789'
|
42
|
-
click_button 'Change Password'
|
43
|
-
page.find('#error_flash').text.must_equal "There was an error changing your password"
|
44
|
-
page.body.must_include 'invalid password, same as current password'
|
45
|
-
page.current_path.must_equal '/change-password'
|
46
|
-
|
47
|
-
fill_in 'Password', :with=>'0123456789'
|
48
|
-
fill_in 'New Password', :with=>'0123456'
|
49
|
-
fill_in 'Confirm Password', :with=>'0123456'
|
50
|
-
click_button 'Change Password'
|
51
|
-
page.find('#notice_flash').text.must_equal "Your password has been changed"
|
52
|
-
page.current_path.must_equal '/'
|
53
|
-
|
54
|
-
logout
|
55
|
-
login
|
56
|
-
page.html.must_include("invalid password")
|
57
|
-
page.current_path.must_equal '/login'
|
58
|
-
|
59
|
-
fill_in 'Password', :with=>'0123456'
|
60
|
-
click_button 'Login'
|
61
|
-
page.current_path.must_equal '/'
|
62
|
-
|
63
|
-
require_password = false
|
64
|
-
visit '/change-password'
|
65
|
-
fill_in 'New Password', :with=>'012345678'
|
66
|
-
fill_in 'Confirm Password', :with=>'012345678'
|
67
|
-
click_button 'Change Password'
|
68
|
-
page.find('#notice_flash').text.must_equal "Your password has been changed"
|
69
|
-
page.current_path.must_equal '/'
|
70
|
-
|
71
|
-
login(:pass=>'012345678')
|
72
|
-
page.current_path.must_equal '/'
|
73
|
-
end
|
74
|
-
end
|
75
|
-
|
76
|
-
it "should support changing passwords for accounts without confirmation" do
|
77
|
-
rodauth do
|
78
|
-
enable :login, :change_password
|
79
|
-
modifications_require_password? false
|
80
|
-
require_password_confirmation? false
|
81
|
-
end
|
82
|
-
roda do |r|
|
83
|
-
r.rodauth
|
84
|
-
r.root{view :content=>""}
|
85
|
-
end
|
86
|
-
|
87
|
-
login
|
88
|
-
visit '/change-password'
|
89
|
-
fill_in 'New Password', :with=>'012345678'
|
90
|
-
click_button 'Change Password'
|
91
|
-
page.find('#notice_flash').text.must_equal "Your password has been changed"
|
92
|
-
end
|
93
|
-
|
94
|
-
it "should support invalid_previous_password_message" do
|
95
|
-
rodauth do
|
96
|
-
enable :login, :logout, :change_password
|
97
|
-
invalid_previous_password_message "Previous password not correct"
|
98
|
-
end
|
99
|
-
roda do |r|
|
100
|
-
r.rodauth
|
101
|
-
r.root{view :content=>""}
|
102
|
-
end
|
103
|
-
|
104
|
-
login
|
105
|
-
page.current_path.must_equal '/'
|
106
|
-
|
107
|
-
visit '/change-password'
|
108
|
-
page.title.must_equal 'Change Password'
|
109
|
-
|
110
|
-
fill_in 'Password', :with=>'0123456'
|
111
|
-
fill_in 'New Password', :with=>'0123456'
|
112
|
-
fill_in 'Confirm Password', :with=>'0123456'
|
113
|
-
click_button 'Change Password'
|
114
|
-
page.find('#error_flash').text.must_equal "There was an error changing your password"
|
115
|
-
page.body.must_include 'Previous password not correct'
|
116
|
-
page.current_path.must_equal '/change-password'
|
117
|
-
end
|
118
|
-
|
119
|
-
it "should support setting requirements for passwords" do
|
120
|
-
rodauth do
|
121
|
-
enable :login, :create_account, :change_password
|
122
|
-
create_account_autologin? false
|
123
|
-
password_meets_requirements? do |password|
|
124
|
-
password =~ /banana/
|
125
|
-
end
|
126
|
-
end
|
127
|
-
roda do |r|
|
128
|
-
r.rodauth
|
129
|
-
r.root{view :content=>""}
|
130
|
-
end
|
131
|
-
|
132
|
-
visit '/create-account'
|
133
|
-
fill_in 'Login', :with=>'foo2@example.com'
|
134
|
-
fill_in 'Confirm Login', :with=>'foo2@example.com'
|
135
|
-
fill_in 'Password', :with=>'apple'
|
136
|
-
fill_in 'Confirm Password', :with=>'apple'
|
137
|
-
click_button 'Create Account'
|
138
|
-
page.html.must_include("invalid password, does not meet requirements")
|
139
|
-
page.find('#error_flash').text.must_equal "There was an error creating your account"
|
140
|
-
page.current_path.must_equal '/create-account'
|
141
|
-
|
142
|
-
fill_in 'Password', :with=>'banana'
|
143
|
-
fill_in 'Confirm Password', :with=>'banana'
|
144
|
-
click_button 'Create Account'
|
145
|
-
|
146
|
-
login(:login=>'foo2@example.com', :pass=>'banana')
|
147
|
-
|
148
|
-
visit '/change-password'
|
149
|
-
fill_in 'Password', :with=>'banana'
|
150
|
-
fill_in 'New Password', :with=>'apple'
|
151
|
-
fill_in 'Confirm Password', :with=>'apple'
|
152
|
-
click_button 'Change Password'
|
153
|
-
page.html.must_include("invalid password, does not meet requirements")
|
154
|
-
page.find('#error_flash').text.must_equal "There was an error changing your password"
|
155
|
-
page.current_path.must_equal '/change-password'
|
156
|
-
|
157
|
-
fill_in 'Password', :with=>'banana'
|
158
|
-
fill_in 'New Password', :with=>'my_banana_3'
|
159
|
-
fill_in 'Confirm Password', :with=>'my_banana_3'
|
160
|
-
click_button 'Change Password'
|
161
|
-
page.current_path.must_equal '/'
|
162
|
-
end
|
163
|
-
|
164
|
-
it "should support changing passwords for accounts via jwt" do
|
165
|
-
require_password = true
|
166
|
-
rodauth do
|
167
|
-
enable :login, :logout, :change_password
|
168
|
-
change_password_requires_password?{require_password}
|
169
|
-
end
|
170
|
-
roda(:jwt) do |r|
|
171
|
-
r.rodauth
|
172
|
-
end
|
173
|
-
|
174
|
-
json_login
|
175
|
-
|
176
|
-
res = json_request('/change-password', :password=>'0123456789', "new-password"=>'0123456', "password-confirm"=>'0123456789')
|
177
|
-
res.must_equal [422, {'error'=>"There was an error changing your password", "field-error"=>["new-password", "passwords do not match"]}]
|
178
|
-
|
179
|
-
res = json_request('/change-password', :password=>'0123456', "new-password"=>'0123456', "password-confirm"=>'0123456')
|
180
|
-
res.must_equal [401, {'error'=>"There was an error changing your password", "field-error"=>["password", "invalid password"]}]
|
181
|
-
|
182
|
-
res = json_request('/change-password', :password=>'0123456789', "new-password"=>'0123456789', "password-confirm"=>'0123456789')
|
183
|
-
res.must_equal [422, {'error'=>"There was an error changing your password", "field-error"=>["new-password", "invalid password, same as current password"]}]
|
184
|
-
|
185
|
-
res = json_request('/change-password', :password=>'0123456789', "new-password"=>'0123456', "password-confirm"=>'0123456')
|
186
|
-
res.must_equal [200, {'success'=>"Your password has been changed"}]
|
187
|
-
|
188
|
-
json_logout
|
189
|
-
res = json_login(:no_check=>true)
|
190
|
-
res.must_equal [401, {'error'=>"There was an error logging in", "field-error"=>["password", "invalid password"]}]
|
191
|
-
|
192
|
-
json_login(:pass=>'0123456')
|
193
|
-
|
194
|
-
require_password = false
|
195
|
-
|
196
|
-
res = json_request('/change-password', "new-password"=>'012345678', "password-confirm"=>'012345678')
|
197
|
-
res.must_equal [200, {'success'=>"Your password has been changed"}]
|
198
|
-
|
199
|
-
json_logout
|
200
|
-
json_login(:pass=>'012345678')
|
201
|
-
end
|
202
|
-
end
|
data/spec/close_account_spec.rb
DELETED
@@ -1,162 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth close_account feature' do
|
4
|
-
it "should support closing accounts when passwords are not required" do
|
5
|
-
rodauth do
|
6
|
-
enable :login, :close_account
|
7
|
-
close_account_requires_password? false
|
8
|
-
end
|
9
|
-
roda do |r|
|
10
|
-
r.rodauth
|
11
|
-
r.root{view(:content=>"")}
|
12
|
-
end
|
13
|
-
|
14
|
-
login
|
15
|
-
page.current_path.must_equal '/'
|
16
|
-
|
17
|
-
visit '/close-account'
|
18
|
-
click_button 'Close Account'
|
19
|
-
page.current_path.must_equal '/'
|
20
|
-
|
21
|
-
DB[:accounts].select_map(:status_id).must_equal [3]
|
22
|
-
end
|
23
|
-
|
24
|
-
it "should update account information when closing accounts" do
|
25
|
-
statuses = nil
|
26
|
-
rodauth do
|
27
|
-
enable :login, :close_account
|
28
|
-
close_account_requires_password? false
|
29
|
-
after_close_account{statuses = [account[:status_id], account_ds.get(:status_id)]}
|
30
|
-
end
|
31
|
-
roda do |r|
|
32
|
-
r.rodauth
|
33
|
-
r.root{view(:content=>"")}
|
34
|
-
end
|
35
|
-
|
36
|
-
login
|
37
|
-
visit '/close-account'
|
38
|
-
click_button 'Close Account'
|
39
|
-
statuses[0].must_equal 3
|
40
|
-
statuses[1].must_equal 3
|
41
|
-
end
|
42
|
-
|
43
|
-
it "should delete accounts when skip_status_checks? is true" do
|
44
|
-
rodauth do
|
45
|
-
enable :login, :close_account
|
46
|
-
close_account_requires_password? false
|
47
|
-
skip_status_checks? true
|
48
|
-
end
|
49
|
-
roda do |r|
|
50
|
-
r.rodauth
|
51
|
-
r.root{view(:content=>"")}
|
52
|
-
end
|
53
|
-
|
54
|
-
login
|
55
|
-
page.current_path.must_equal '/'
|
56
|
-
|
57
|
-
visit '/close-account'
|
58
|
-
click_button 'Close Account'
|
59
|
-
page.current_path.must_equal '/'
|
60
|
-
|
61
|
-
DB[:accounts].count.must_equal 0
|
62
|
-
end
|
63
|
-
|
64
|
-
it "should support closing accounts when passwords are required" do
|
65
|
-
rodauth do
|
66
|
-
enable :login, :close_account
|
67
|
-
end
|
68
|
-
roda do |r|
|
69
|
-
r.rodauth
|
70
|
-
r.root{view(:content=>"")}
|
71
|
-
end
|
72
|
-
|
73
|
-
login
|
74
|
-
page.current_path.must_equal '/'
|
75
|
-
|
76
|
-
visit '/close-account'
|
77
|
-
fill_in 'Password', :with=>'012345678'
|
78
|
-
click_button 'Close Account'
|
79
|
-
page.find('#error_flash').text.must_equal "There was an error closing your account"
|
80
|
-
page.html.must_include("invalid password")
|
81
|
-
DB[:accounts].select_map(:status_id).must_equal [2]
|
82
|
-
|
83
|
-
fill_in 'Password', :with=>'0123456789'
|
84
|
-
click_button 'Close Account'
|
85
|
-
page.find('#notice_flash').text.must_equal "Your account has been closed"
|
86
|
-
page.current_path.must_equal '/'
|
87
|
-
|
88
|
-
DB[:accounts].select_map(:status_id).must_equal [3]
|
89
|
-
end
|
90
|
-
|
91
|
-
it "should support closing accounts with overrides" do
|
92
|
-
rodauth do
|
93
|
-
enable :login, :close_account
|
94
|
-
close_account do
|
95
|
-
account_ds.update(:email => 'foo@bar.com', :status_id=>3)
|
96
|
-
end
|
97
|
-
close_account_route 'close'
|
98
|
-
close_account_redirect '/login'
|
99
|
-
end
|
100
|
-
roda do |r|
|
101
|
-
r.rodauth
|
102
|
-
r.root{""}
|
103
|
-
end
|
104
|
-
|
105
|
-
login
|
106
|
-
page.current_path.must_equal '/'
|
107
|
-
|
108
|
-
visit '/close'
|
109
|
-
page.title.must_equal 'Close Account'
|
110
|
-
fill_in 'Password', :with=>'0123456789'
|
111
|
-
click_button 'Close Account'
|
112
|
-
page.find('#notice_flash').text.must_equal "Your account has been closed"
|
113
|
-
page.current_path.must_equal '/login'
|
114
|
-
|
115
|
-
DB[:accounts].select_map(:status_id).must_equal [3]
|
116
|
-
DB[:accounts].select_map(:email).must_equal ['foo@bar.com']
|
117
|
-
end
|
118
|
-
|
119
|
-
it "should close accounts when account_password_hash_column is set" do
|
120
|
-
rodauth do
|
121
|
-
enable :create_account, :close_account
|
122
|
-
close_account_requires_password? false
|
123
|
-
account_password_hash_column :ph
|
124
|
-
end
|
125
|
-
roda do |r|
|
126
|
-
r.rodauth
|
127
|
-
r.root{view(:content=>"")}
|
128
|
-
end
|
129
|
-
|
130
|
-
visit '/create-account'
|
131
|
-
fill_in 'Login', :with=>'foo2@example.com'
|
132
|
-
fill_in 'Confirm Login', :with=>'foo2@example.com'
|
133
|
-
fill_in 'Password', :with=>'apple2'
|
134
|
-
fill_in 'Confirm Password', :with=>'apple2'
|
135
|
-
click_button 'Create Account'
|
136
|
-
|
137
|
-
visit '/close-account'
|
138
|
-
click_button 'Close Account'
|
139
|
-
page.current_path.must_equal '/'
|
140
|
-
|
141
|
-
DB[:accounts].reverse(:id).get(:status_id).must_equal 3
|
142
|
-
end
|
143
|
-
|
144
|
-
it "should support closing accounts via jwt" do
|
145
|
-
rodauth do
|
146
|
-
enable :login, :close_account
|
147
|
-
end
|
148
|
-
roda(:jwt) do |r|
|
149
|
-
r.rodauth
|
150
|
-
end
|
151
|
-
|
152
|
-
json_login
|
153
|
-
|
154
|
-
res = json_request('/close-account', :password=>'0123456')
|
155
|
-
res.must_equal [401, {'error'=>"There was an error closing your account", "field-error"=>["password", "invalid password"]}]
|
156
|
-
DB[:accounts].select_map(:status_id).must_equal [2]
|
157
|
-
|
158
|
-
res = json_request('/close-account', :password=>'0123456789')
|
159
|
-
res.must_equal [200, {'success'=>"Your account has been closed"}]
|
160
|
-
DB[:accounts].select_map(:status_id).must_equal [3]
|
161
|
-
end
|
162
|
-
end
|
@@ -1,70 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth confirm password feature' do
|
4
|
-
it "should support confirming passwords" do
|
5
|
-
rodauth do
|
6
|
-
enable :login, :change_login, :confirm_password, :password_grace_period
|
7
|
-
before_change_login_route do
|
8
|
-
unless password_recently_entered?
|
9
|
-
session[:confirm_password_redirect] = request.path_info
|
10
|
-
redirect '/confirm-password'
|
11
|
-
end
|
12
|
-
end
|
13
|
-
end
|
14
|
-
roda do |r|
|
15
|
-
r.rodauth
|
16
|
-
r.get("reset"){session[:last_password_entry] = Time.now.to_i - 400; "a"}
|
17
|
-
view :content=>""
|
18
|
-
end
|
19
|
-
|
20
|
-
login
|
21
|
-
|
22
|
-
visit '/change-login'
|
23
|
-
page.title.must_equal 'Change Login'
|
24
|
-
|
25
|
-
visit '/reset'
|
26
|
-
page.body.must_equal 'a'
|
27
|
-
|
28
|
-
visit '/change-login'
|
29
|
-
page.title.must_equal 'Confirm Password'
|
30
|
-
fill_in 'Password', :with=>'012345678'
|
31
|
-
click_button 'Confirm Password'
|
32
|
-
page.find('#error_flash').text.must_equal "There was an error confirming your password"
|
33
|
-
page.html.must_include("invalid password")
|
34
|
-
|
35
|
-
fill_in 'Password', :with=>'0123456789'
|
36
|
-
click_button 'Confirm Password'
|
37
|
-
page.find('#notice_flash').text.must_equal "Your password has been confirmed"
|
38
|
-
|
39
|
-
fill_in 'Login', :with=>'foo3@example.com'
|
40
|
-
fill_in 'Confirm Login', :with=>'foo3@example.com'
|
41
|
-
click_button 'Change Login'
|
42
|
-
page.find('#notice_flash').text.must_equal "Your login has been changed"
|
43
|
-
end
|
44
|
-
|
45
|
-
it "should support confirming passwords via jwt" do
|
46
|
-
rodauth do
|
47
|
-
enable :login, :change_password, :confirm_password, :password_grace_period
|
48
|
-
end
|
49
|
-
roda(:jwt) do |r|
|
50
|
-
r.rodauth
|
51
|
-
r.post("reset"){rodauth.send(:set_session_value, :last_password_entry, Time.now.to_i - 400); [1]}
|
52
|
-
end
|
53
|
-
|
54
|
-
json_login
|
55
|
-
|
56
|
-
res = json_request('/change-password', "new-password"=>'0123456', "password-confirm"=>'0123456')
|
57
|
-
res.must_equal [200, {'success'=>"Your password has been changed"}]
|
58
|
-
|
59
|
-
json_request('/reset').must_equal [200, [1]]
|
60
|
-
|
61
|
-
res = json_request('/change-password', "new-password"=>'01234567', "password-confirm"=>'01234567')
|
62
|
-
res.must_equal [401, {"field-error"=>["password", "invalid password"], "error"=>"There was an error changing your password"}]
|
63
|
-
|
64
|
-
res = json_request('/confirm-password', "password"=>'0123456')
|
65
|
-
res.must_equal [200, {'success'=>"Your password has been confirmed"}]
|
66
|
-
|
67
|
-
res = json_request('/change-password', "new-password"=>'01234567', "password-confirm"=>'01234567')
|
68
|
-
res.must_equal [200, {'success'=>"Your password has been changed"}]
|
69
|
-
end
|
70
|
-
end
|