rodauth 1.21.0 → 2.2.0

data/spec/verify_change_login_spec.rb

@@ -1,46 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth verify_change_login feature' do
-  it "should support reverifying accounts after changing logins" do
-    rodauth do
-      enable :login, :verify_change_login
-      change_login_requires_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In#{rodauth.verified_account?}" : "Not Logged"}
-    end
-
-    visit '/create-account'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    fill_in 'Password', :with=>'0123456789'
-    fill_in 'Confirm Password', :with=>'0123456789'
-    click_button 'Create Account'
-    link = email_link(/(\/verify-account\?key=.+)$/, 'foo@example2.com')
-
-    visit '/change-login'
-    page.find('#error_flash').text.must_equal "Cannot change login for unverified account. Please verify this account before changing the login."
-    page.current_path.must_equal '/'
-
-    visit link
-    click_button 'Verify Account'
-    page.find('#notice_flash').text.must_equal "Your account has been verified"
-    page.body.must_include('Logged Intrue')
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo3@example.com'
-    fill_in 'Confirm Login', :with=>'foo3@example.com'
-    click_button 'Change Login'
-    page.find('#notice_flash').text.must_equal "Your login has been changed. An email has been sent to you with a link to verify your account"
-    page.current_path.must_equal '/'
-    page.body.must_include('Logged Infalse')
-    link2 = email_link(/(\/verify-account\?key=.+)$/, 'foo3@example.com')
-    link2.wont_equal link
-
-    visit link2
-    click_button 'Verify Account'
-    page.find('#notice_flash').text.must_equal "Your account has been verified"
-    page.body.must_include('Logged Intrue')
-  end
-end

data/spec/verify_login_change_spec.rb

@@ -1,232 +0,0 @@
-require File.expand_path("spec_helper", File.dirname(__FILE__))
-
-describe 'Rodauth verify_login_change feature' do
-  it "should support verifying login changes" do
-    rodauth do
-      enable :login, :logout, :verify_login_change
-      change_login_requires_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    login
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    link = email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example2.com')
-    page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to verify your login change"
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example2.com').must_equal link
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example3.com'
-    fill_in 'Confirm Login', :with=>'foo@example3.com'
-    click_button 'Change Login'
-    new_link = email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example3.com')
-    new_link.wont_equal link
-
-    logout
-
-    visit link
-    page.find('#error_flash').text.must_equal "There was an error verifying your login change: invalid verify login change key"
-
-    visit new_link
-    page.title.must_equal 'Verify Login Change'
-    click_button 'Verify Login Change'
-    page.find('#notice_flash').text.must_equal "Your login change has been verified"
-    page.body.must_include('Not Logged')
-
-    login
-    page.find('#error_flash').text.must_equal "There was an error logging in"
-
-    login(:login=>'foo@example3.com')
-    page.body.must_include('Logged In')
-  end
-
-  it "should support verifying login changes with autologin" do
-    rodauth do
-      enable :login, :logout, :verify_login_change
-      verify_login_change_autologin? true
-      change_login_requires_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    login
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    link = email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example2.com')
-
-    logout
-
-    visit link
-    click_button 'Verify Login Change'
-    page.find('#notice_flash').text.must_equal "Your login change has been verified"
-    page.body.must_include('Logged In')
-  end
-
-  it "should check for duplicate accounts before sending verify email and before updating login" do
-    rodauth do
-      enable :login, :logout, :verify_login_change, :create_account
-      change_login_requires_password? false
-      create_account_autologin? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    visit '/create-account'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    fill_in 'Password', :with=>'0123456789'
-    fill_in 'Confirm Password', :with=>'0123456789'
-    click_button 'Create Account'
-
-    login
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example.com'
-    click_button 'Change Login'
-    page.find('#error_flash').text.must_equal "There was an error changing your login"
-    page.body.must_include "logins do not match"
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    page.find('#error_flash').text.must_equal "There was an error changing your login"
-    page.body.must_include "invalid login, already an account with this login"
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example3.com'
-    fill_in 'Confirm Login', :with=>'foo@example3.com'
-    click_button 'Change Login'
-    link = email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example3.com')
-
-    logout
-
-    DB[:accounts].where(:email=>'foo@example2.com').update(:email=>'foo@example3.com')
-
-    visit link
-    click_button 'Verify Login Change'
-    page.find('#error_flash').text.must_equal "Unable to change login as there is already an account with the new login"
-    page.current_path.must_equal '/login'
-
-    visit link
-    page.find('#error_flash').text.must_equal "There was an error verifying your login change: invalid verify login change key"
-  end
-
-  it "should handle uniqueness errors raised when inserting verify login change entry" do
-    unique = false
-    rodauth do
-      enable :login, :logout, :verify_login_change
-      change_login_requires_password? false
-
-      auth_class_eval do
-        define_method(:raised_uniqueness_violation) do |*a, &block|
-          unique.call if unique
-          super(*a, &block)
-        end
-      end
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    login
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    email_link(/(\/verify-login-change\?key=.+)$/, 'foo@example2.com')
-    page.find('#notice_flash').text.must_equal "An email has been sent to you with a link to verify your login change"
-
-    unique = lambda{DB[:account_login_change_keys].update(:login=>'foo@example3.com'); true}
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    proc{click_button 'Change Login'}.must_raise Sequel::ConstraintViolation
-  end
-
-  it "should clear verify login change token when closing account" do
-    rodauth do
-      enable :login, :verify_login_change, :close_account
-      change_login_requires_password? false
-    end
-    roda do |r|
-      r.rodauth
-      r.root{view :content=>rodauth.logged_in? ? "Logged In" : "Not Logged"}
-    end
-
-    login
-
-    visit '/change-login'
-    fill_in 'Login', :with=>'foo@example2.com'
-    fill_in 'Confirm Login', :with=>'foo@example2.com'
-    click_button 'Change Login'
-    email_link(/key=.+$/, 'foo@example2.com').wont_be_nil
-
-    DB[:account_login_change_keys].count.must_equal 1
-    visit '/close-account'
-    fill_in 'Password', :with=>'0123456789'
-    click_button 'Close Account'
-    DB[:account_login_change_keys].count.must_equal 0
-  end
-
-  it "should support verifying login changes for accounts via jwt" do
-    rodauth do
-      enable :login, :verify_login_change
-      change_login_requires_password? false
-      verify_login_change_email_body{verify_login_change_email_link}
-    end
-    roda(:jwt) do |r|
-      r.rodauth
-    end
-
-    json_login
-
-    res = json_request('/change-login', :login=>'foo2@example.com', "login-confirm"=>'foo2@example.com')
-    res.must_equal [200, {'success'=>"An email has been sent to you with a link to verify your login change"}]
-    link = email_link(/key=.+$/, 'foo2@example.com')
-
-    res = json_request('/change-login', :login=>'foo2@example.com', "login-confirm"=>'foo2@example.com')
-    res.must_equal [200, {'success'=>"An email has been sent to you with a link to verify your login change"}]
-    email_link(/key=.+$/, 'foo2@example.com').must_equal link
-
-    res = json_request('/change-login', :login=>'foo3@example.com', "login-confirm"=>'foo3@example.com')
-    res.must_equal [200, {'success'=>"An email has been sent to you with a link to verify your login change"}]
-    new_link = email_link(/key=.+$/, 'foo3@example.com')
-    new_link.wont_equal link
-
-    res = json_request('/verify-login-change')
-    res.must_equal [401, {"error"=>"Unable to verify login change"}]
-
-    res = json_request('/verify-login-change', :key=>link[4..-1])
-    res.must_equal [401, {"error"=>"Unable to verify login change"}]
-
-    res = json_request('/verify-login-change', :key=>new_link[4..-1])
-    res.must_equal [200, {"success"=>"Your login change has been verified"}]
-
-    res = json_request("/login", :login=>'foo@example.com', :password=>'0123456789')
-    res.must_equal [401, {'error'=>"There was an error logging in", "field-error"=>["login", "no matching login"]}]
-
-    json_login(:login=>'foo3@example.com')
-  end
-end

data/spec/views/layout-other.str

@@ -1,11 +0,0 @@
-<!doctype html>
-<html>
-<head>
-<title>Foo #{@title}</title>
-</head>
-<body>
-#{"<div id='error_flash'>#{flash['error2']}</div>" if flash['error2']}
-#{"<div id='notice_flash'>#{flash['notice2']}</div>" if flash['notice2']}
-#{yield}
-</body>
-</html>

data/spec/views/layout.str

@@ -1,11 +0,0 @@
-<!doctype html>
-<html>
-<head>
-<title>#{@title}</title>
-</head>
-<body>
-#{"<div id='error_flash'>#{opts[:sessions_convert_symbols] ? flash['error'] : flash[:error]}</div>" if opts[:sessions_convert_symbols] ? flash['error'] : flash[:error]}
-#{"<div id='notice_flash'>#{opts[:sessions_convert_symbols] ? flash['notice'] : flash[:notice]}</div>" if opts[:sessions_convert_symbols] ? flash['notice'] : flash[:notice]}
-#{yield}
-</body>
-</html>

data/spec/views/login.str

@@ -1,21 +0,0 @@
-<form method="post" class="form-horizontal" role="form" id="login-form">
-  #{csrf_tag if respond_to?(:csrf_tag)}
-  <input type="hidden" name="lp" value="#{rodauth.param('lp')}"/>
-  <div class="form-group">
-    <label class="col-sm-2 control-label" for="login">Login</label>
-    <div class="col-sm-10">
-      <input type="text" class="form-control#{' error' if rodauth.field_error(rodauth.login_param)}" name="l" id="login"/> #{rodauth.field_error(rodauth.login_param)}
-    </div>
-  </div>
-  <div class="form-group">
-    <label class="col-sm-2 control-label" for="password">Password</label>
-    <div class="col-sm-10">
-      <input type="password" class="form-control#{' error' if rodauth.field_error(rodauth.password_param)}" name="p" id="password"/> #{rodauth.field_error(rodauth.password_param)}
-    </div>
-  </div>
-  <div class="form-group">
-    <div class="col-sm-offset-2 col-sm-10">
-      <input type="submit" class="btn btn-default" value="Login"/>
-    </div>
-  </div>
-</form>