rodauth 1.22.0 → 1.23.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +12 -0
- data/README.rdoc +5 -3
- data/doc/email_base.rdoc +1 -0
- data/doc/release_notes/1.23.0.txt +32 -0
- data/lib/rodauth.rb +5 -2
- data/lib/rodauth/features/base.rb +8 -0
- data/lib/rodauth/features/change_password_notify.rb +1 -1
- data/lib/rodauth/features/create_account.rb +1 -1
- data/lib/rodauth/features/email_auth.rb +3 -4
- data/lib/rodauth/features/email_base.rb +7 -2
- data/lib/rodauth/features/lockout.rb +1 -1
- data/lib/rodauth/features/login.rb +6 -2
- data/lib/rodauth/features/otp.rb +6 -3
- data/lib/rodauth/features/password_expiration.rb +1 -1
- data/lib/rodauth/features/recovery_codes.rb +3 -3
- data/lib/rodauth/features/reset_password.rb +2 -2
- data/lib/rodauth/features/sms_codes.rb +5 -5
- data/lib/rodauth/features/verify_account.rb +2 -2
- data/lib/rodauth/features/verify_login_change.rb +1 -1
- data/lib/rodauth/version.rb +1 -1
- data/templates/email-auth-request-form.str +2 -2
- data/templates/reset-password-request.str +3 -3
- data/templates/unlock-account-request.str +3 -3
- data/templates/verify-account-resend.str +3 -3
- metadata +5 -43
- data/Rakefile +0 -179
- data/spec/account_expiration_spec.rb +0 -225
- data/spec/all.rb +0 -1
- data/spec/change_login_spec.rb +0 -156
- data/spec/change_password_notify_spec.rb +0 -33
- data/spec/change_password_spec.rb +0 -202
- data/spec/close_account_spec.rb +0 -162
- data/spec/confirm_password_spec.rb +0 -70
- data/spec/create_account_spec.rb +0 -127
- data/spec/disallow_common_passwords_spec.rb +0 -93
- data/spec/disallow_password_reuse_spec.rb +0 -179
- data/spec/email_auth_spec.rb +0 -285
- data/spec/http_basic_auth_spec.rb +0 -143
- data/spec/jwt_cors_spec.rb +0 -57
- data/spec/jwt_refresh_spec.rb +0 -256
- data/spec/jwt_spec.rb +0 -235
- data/spec/lockout_spec.rb +0 -250
- data/spec/login_spec.rb +0 -328
- data/spec/migrate/001_tables.rb +0 -184
- data/spec/migrate/002_account_password_hash_column.rb +0 -11
- data/spec/migrate_password/001_tables.rb +0 -73
- data/spec/migrate_travis/001_tables.rb +0 -141
- data/spec/password_complexity_spec.rb +0 -109
- data/spec/password_expiration_spec.rb +0 -244
- data/spec/password_grace_period_spec.rb +0 -93
- data/spec/remember_spec.rb +0 -451
- data/spec/reset_password_spec.rb +0 -229
- data/spec/rodauth_spec.rb +0 -343
- data/spec/session_expiration_spec.rb +0 -58
- data/spec/single_session_spec.rb +0 -127
- data/spec/spec_helper.rb +0 -327
- data/spec/two_factor_spec.rb +0 -1462
- data/spec/update_password_hash_spec.rb +0 -40
- data/spec/verify_account_grace_period_spec.rb +0 -171
- data/spec/verify_account_spec.rb +0 -240
- data/spec/verify_change_login_spec.rb +0 -46
- data/spec/verify_login_change_spec.rb +0 -232
- data/spec/views/layout-other.str +0 -11
- data/spec/views/layout.str +0 -11
- data/spec/views/login.str +0 -21
data/Rakefile
DELETED
@@ -1,179 +0,0 @@
|
|
1
|
-
require "rake"
|
2
|
-
require "rake/clean"
|
3
|
-
|
4
|
-
CLEAN.include ["rodauth-*.gem", "rdoc", "coverage", "www/public/rdoc", "www/public/*.html"]
|
5
|
-
|
6
|
-
# Packaging
|
7
|
-
|
8
|
-
desc "Build rodauth gem"
|
9
|
-
task :package=>[:clean] do |p|
|
10
|
-
sh %{#{FileUtils::RUBY} -S gem build rodauth.gemspec}
|
11
|
-
end
|
12
|
-
|
13
|
-
### RDoc
|
14
|
-
|
15
|
-
RDOC_DEFAULT_OPTS = ["--line-numbers", "--inline-source", '--title', 'Rodauth: Authentication and Account Management Framework for Rack Applications']
|
16
|
-
|
17
|
-
begin
|
18
|
-
gem 'hanna-nouveau'
|
19
|
-
RDOC_DEFAULT_OPTS.concat(['-f', 'hanna'])
|
20
|
-
rescue Gem::LoadError
|
21
|
-
end
|
22
|
-
|
23
|
-
rdoc_task_class = begin
|
24
|
-
require "rdoc/task"
|
25
|
-
RDoc::Task
|
26
|
-
rescue LoadError
|
27
|
-
require "rake/rdoctask"
|
28
|
-
Rake::RDocTask
|
29
|
-
end
|
30
|
-
|
31
|
-
RDOC_OPTS = RDOC_DEFAULT_OPTS + ['--main', 'README.rdoc']
|
32
|
-
RDOC_FILES = %w"README.rdoc CHANGELOG MIT-LICENSE lib/**/*.rb" + Dir["doc/*.rdoc"] + Dir['doc/release_notes/*.txt']
|
33
|
-
|
34
|
-
rdoc_task_class.new do |rdoc|
|
35
|
-
rdoc.rdoc_dir = "rdoc"
|
36
|
-
rdoc.options += RDOC_OPTS
|
37
|
-
rdoc.rdoc_files.add RDOC_FILES
|
38
|
-
end
|
39
|
-
|
40
|
-
# Specs
|
41
|
-
|
42
|
-
desc "Run specs"
|
43
|
-
task :default=>:spec
|
44
|
-
|
45
|
-
spec = proc do |env|
|
46
|
-
env.each{|k,v| ENV[k] = v}
|
47
|
-
sh "#{FileUtils::RUBY} spec/all.rb"
|
48
|
-
env.each{|k,v| ENV.delete(k)}
|
49
|
-
end
|
50
|
-
|
51
|
-
desc "Run specs on PostgreSQL"
|
52
|
-
task "spec" do
|
53
|
-
spec.call({})
|
54
|
-
end
|
55
|
-
|
56
|
-
desc "Run specs with coverage"
|
57
|
-
task "spec_cov" do
|
58
|
-
ENV['COVERAGE'] = '1'
|
59
|
-
spec.call('COVERAGE'=>'1')
|
60
|
-
end
|
61
|
-
|
62
|
-
desc "Run specs with -w, some warnings filtered"
|
63
|
-
task "spec_w" do
|
64
|
-
rubyopt = ENV['RUBYOPT']
|
65
|
-
ENV['RUBYOPT'] = "#{rubyopt} -w"
|
66
|
-
spec.call('WARNING'=>'1')
|
67
|
-
ENV['RUBYOPT'] = rubyopt
|
68
|
-
end
|
69
|
-
|
70
|
-
desc "Setup database used for testing on PostgreSQL"
|
71
|
-
task :db_setup_postgres do
|
72
|
-
sh 'psql -U postgres -c "CREATE USER rodauth_test PASSWORD \'rodauth_test\'"'
|
73
|
-
sh 'psql -U postgres -c "CREATE USER rodauth_test_password PASSWORD \'rodauth_test\'"'
|
74
|
-
sh 'createdb -U postgres -O rodauth_test rodauth_test'
|
75
|
-
sh 'psql -U postgres -c "CREATE EXTENSION citext" rodauth_test'
|
76
|
-
$: << 'lib'
|
77
|
-
require 'sequel'
|
78
|
-
Sequel.extension :migration
|
79
|
-
Sequel.postgres(:user=>'rodauth_test', :password=>'rodauth_test') do |db|
|
80
|
-
Sequel::Migrator.run(db, 'spec/migrate')
|
81
|
-
end
|
82
|
-
Sequel.postgres('rodauth_test', :user=>'rodauth_test_password', :password=>'rodauth_test') do |db|
|
83
|
-
Sequel::Migrator.run(db, 'spec/migrate_password', :table=>'schema_info_password')
|
84
|
-
end
|
85
|
-
end
|
86
|
-
|
87
|
-
desc "Teardown database used for testing on MySQL"
|
88
|
-
task :db_teardown_postgres do
|
89
|
-
sh 'dropdb -U postgres rodauth_test'
|
90
|
-
sh 'dropuser -U postgres rodauth_test_password'
|
91
|
-
sh 'dropuser -U postgres rodauth_test'
|
92
|
-
end
|
93
|
-
|
94
|
-
desc "Setup database used for testing on MySQL"
|
95
|
-
task :db_setup_mysql do
|
96
|
-
sh 'mysql --user=root -p mysql < spec/sql/mysql_setup.sql'
|
97
|
-
$: << 'lib'
|
98
|
-
require 'sequel'
|
99
|
-
Sequel.extension :migration
|
100
|
-
Sequel.mysql2('rodauth_test', :user=>'rodauth_test_password', :password=>'rodauth_test') do |db|
|
101
|
-
Sequel::Migrator.run(db, 'spec/migrate')
|
102
|
-
end
|
103
|
-
Sequel.mysql2('rodauth_test', :user=>'rodauth_test_password', :password=>'rodauth_test') do |db|
|
104
|
-
Sequel::Migrator.run(db, 'spec/migrate_password', :table=>'schema_info_password')
|
105
|
-
end
|
106
|
-
end
|
107
|
-
|
108
|
-
desc "Teardown database used for testing on MySQL"
|
109
|
-
task :db_teardown_mysql do
|
110
|
-
sh 'mysql --user=root -p mysql < spec/sql/mysql_teardown.sql'
|
111
|
-
end
|
112
|
-
|
113
|
-
desc "Setup database used for testing on Microsoft SQL Server"
|
114
|
-
task :db_setup_mssql do
|
115
|
-
sh 'sqlcmd -E -e -b -r1 -i spec\\sql\\mssql_setup.sql'
|
116
|
-
$: << 'lib'
|
117
|
-
require 'sequel'
|
118
|
-
Sequel.extension :migration
|
119
|
-
Sequel.tinytds('rodauth_test', :host=>'localhost', :user=>'rodauth_test_password', :password=>'Rodauth1.') do |db|
|
120
|
-
Sequel::Migrator.run(db, 'spec/migrate')
|
121
|
-
end
|
122
|
-
Sequel.tinytds('rodauth_test', :host=>'localhost', :user=>'rodauth_test_password', :password=>'Rodauth1.') do |db|
|
123
|
-
Sequel::Migrator.run(db, 'spec/migrate_password', :table=>'schema_info_password')
|
124
|
-
end
|
125
|
-
end
|
126
|
-
|
127
|
-
desc "Teardown database used for testing on Microsoft SQL Server"
|
128
|
-
task :db_teardown_mssql do
|
129
|
-
sh 'sqlcmd -E -e -b -r1 -i spec\\sql\\mssql_teardown.sql'
|
130
|
-
end
|
131
|
-
|
132
|
-
desc "Run specs on MySQL"
|
133
|
-
task :spec_mysql do
|
134
|
-
spec.call('RODAUTH_SPEC_DB'=>'mysql2://rodauth_test:rodauth_test@localhost/rodauth_test')
|
135
|
-
end
|
136
|
-
|
137
|
-
task :spec_travis do
|
138
|
-
if defined?(RUBY_ENGINE) && RUBY_ENGINE == 'jruby'
|
139
|
-
pg_db = 'jdbc:postgresql://localhost/rodauth_test?user=postgres'
|
140
|
-
my_db = "jdbc:mysql://localhost/rodauth_test?user=root"
|
141
|
-
else
|
142
|
-
pg_db = 'postgres:///rodauth_test?user=postgres'
|
143
|
-
my_db = "mysql2://localhost/rodauth_test?user=root"
|
144
|
-
end
|
145
|
-
sh 'psql -U postgres -c "CREATE EXTENSION citext" rodauth_test'
|
146
|
-
spec.call('RODAUTH_SPEC_MIGRATE'=>'1', 'RODAUTH_SPEC_DB'=>pg_db)
|
147
|
-
spec.call('RODAUTH_SPEC_MIGRATE'=>'1', 'RODAUTH_SPEC_DB'=>my_db)
|
148
|
-
end
|
149
|
-
|
150
|
-
desc "Run specs on SQLite"
|
151
|
-
task :spec_sqlite do
|
152
|
-
spec_db = if defined?(RUBY_ENGINE) && RUBY_ENGINE == 'jruby'
|
153
|
-
'jdbc:sqlite::memory:'
|
154
|
-
else
|
155
|
-
'sqlite:/'
|
156
|
-
end
|
157
|
-
spec.call('RODAUTH_SPEC_MIGRATE'=>'1', 'RODAUTH_SPEC_DB'=>spec_db)
|
158
|
-
end
|
159
|
-
|
160
|
-
### Website
|
161
|
-
|
162
|
-
rdoc_task_class.new(:website_rdoc) do |rdoc|
|
163
|
-
rdoc.rdoc_dir = "www/public/rdoc"
|
164
|
-
rdoc.options += RDOC_OPTS
|
165
|
-
rdoc.rdoc_files.add RDOC_FILES
|
166
|
-
end
|
167
|
-
|
168
|
-
desc "Make local version of website"
|
169
|
-
task :website_base do
|
170
|
-
sh %{#{FileUtils::RUBY} -I lib www/make_www.rb}
|
171
|
-
end
|
172
|
-
|
173
|
-
desc "Make local version of website, with rdoc"
|
174
|
-
task :website => [:website_base, :website_rdoc]
|
175
|
-
|
176
|
-
desc "Serve local version of website via rackup"
|
177
|
-
task :serve => :website do
|
178
|
-
sh %{#{FileUtils::RUBY} -C www -S rackup}
|
179
|
-
end
|
@@ -1,225 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth account expiration feature' do
|
4
|
-
it "should force account expiration after x number of days since last login" do
|
5
|
-
rodauth do
|
6
|
-
enable :login, :logout, :account_expiration
|
7
|
-
end
|
8
|
-
roda do |r|
|
9
|
-
r.rodauth
|
10
|
-
r.root{view :content=>rodauth.logged_in? ? "Logged In#{rodauth.last_account_login_at.strftime('%m%d%y')}" : "Not Logged"}
|
11
|
-
end
|
12
|
-
|
13
|
-
now = Time.now
|
14
|
-
2.times do
|
15
|
-
login
|
16
|
-
page.body.must_include "Logged In#{now.strftime('%m%d%y')}"
|
17
|
-
|
18
|
-
logout
|
19
|
-
end
|
20
|
-
|
21
|
-
DB[:account_activity_times].update(:last_login_at => Time.now - 181*86400)
|
22
|
-
|
23
|
-
2.times do
|
24
|
-
login
|
25
|
-
page.body.must_include 'Not Logged'
|
26
|
-
page.find('#error_flash').text.must_equal "You cannot log into this account as it has expired"
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
it "should not allow resetting of passwords for expired accounts" do
|
31
|
-
rodauth do
|
32
|
-
enable :login, :logout, :account_expiration, :reset_password
|
33
|
-
end
|
34
|
-
roda do |r|
|
35
|
-
r.rodauth
|
36
|
-
r.root{view :content=>rodauth.logged_in? ? "Logged In#{rodauth.last_account_login_at.strftime('%m%d%y')}" : "Not Logged"}
|
37
|
-
end
|
38
|
-
|
39
|
-
now = Time.now
|
40
|
-
login
|
41
|
-
page.body.must_include "Logged In#{now.strftime('%m%d%y')}"
|
42
|
-
logout
|
43
|
-
|
44
|
-
visit '/login'
|
45
|
-
click_link 'Forgot Password?'
|
46
|
-
fill_in 'Login', :with=>'foo@example.com'
|
47
|
-
click_button 'Request Password Reset'
|
48
|
-
link = email_link(/(\/reset-password\?key=.+)$/)
|
49
|
-
|
50
|
-
visit link
|
51
|
-
fill_in 'Password', :with=>'0123456'
|
52
|
-
fill_in 'Confirm Password', :with=>'0123456'
|
53
|
-
click_button 'Reset Password'
|
54
|
-
page.find('#notice_flash').text.must_equal "Your password has been reset"
|
55
|
-
page.current_path.must_equal '/'
|
56
|
-
|
57
|
-
visit '/login'
|
58
|
-
click_link 'Forgot Password?'
|
59
|
-
fill_in 'Login', :with=>'foo@example.com'
|
60
|
-
click_button 'Request Password Reset'
|
61
|
-
link = email_link(/(\/reset-password\?key=.+)$/)
|
62
|
-
|
63
|
-
DB[:account_activity_times].update(:last_login_at => Time.now - 181*86400)
|
64
|
-
|
65
|
-
visit link
|
66
|
-
page.title.must_equal 'Reset Password'
|
67
|
-
fill_in 'Password', :with=>'01234567'
|
68
|
-
fill_in 'Confirm Password', :with=>'01234567'
|
69
|
-
click_button 'Reset Password'
|
70
|
-
page.find('#error_flash').text.must_equal "You cannot log into this account as it has expired"
|
71
|
-
page.body.must_include 'Not Logged'
|
72
|
-
page.current_path.must_equal '/'
|
73
|
-
|
74
|
-
visit '/login'
|
75
|
-
click_link 'Forgot Password?'
|
76
|
-
fill_in 'Login', :with=>'foo@example.com'
|
77
|
-
click_button 'Request Password Reset'
|
78
|
-
page.find('#error_flash').text.must_equal "You cannot log into this account as it has expired"
|
79
|
-
page.body.must_include 'Not Logged'
|
80
|
-
page.current_path.must_equal '/'
|
81
|
-
end
|
82
|
-
|
83
|
-
it "should not allow account unlocks for expired accounts" do
|
84
|
-
rodauth do
|
85
|
-
enable :lockout, :account_expiration, :logout
|
86
|
-
max_invalid_logins 2
|
87
|
-
unlock_account_autologin? false
|
88
|
-
end
|
89
|
-
roda do |r|
|
90
|
-
r.rodauth
|
91
|
-
r.root{view :content=>(rodauth.logged_in? ? "Logged In" : "Not Logged")}
|
92
|
-
end
|
93
|
-
|
94
|
-
login
|
95
|
-
logout
|
96
|
-
|
97
|
-
visit '/login'
|
98
|
-
fill_in 'Login', :with=>'foo@example.com'
|
99
|
-
3.times do
|
100
|
-
fill_in 'Password', :with=>'012345678910'
|
101
|
-
click_button 'Login'
|
102
|
-
end
|
103
|
-
|
104
|
-
page.body.must_include("This account is currently locked out")
|
105
|
-
click_button 'Request Account Unlock'
|
106
|
-
page.find('#notice_flash').text.must_equal 'An email has been sent to you with a link to unlock your account'
|
107
|
-
link = email_link(/(\/unlock-account\?key=.+)$/)
|
108
|
-
|
109
|
-
visit link
|
110
|
-
click_button 'Unlock Account'
|
111
|
-
page.find('#notice_flash').text.must_equal 'Your account has been unlocked'
|
112
|
-
page.body.must_include('Not Logged')
|
113
|
-
|
114
|
-
visit '/login'
|
115
|
-
fill_in 'Login', :with=>'foo@example.com'
|
116
|
-
3.times do
|
117
|
-
fill_in 'Password', :with=>'012345678910'
|
118
|
-
click_button 'Login'
|
119
|
-
end
|
120
|
-
|
121
|
-
page.body.must_include("This account is currently locked out")
|
122
|
-
click_button 'Request Account Unlock'
|
123
|
-
page.find('#notice_flash').text.must_equal 'An email has been sent to you with a link to unlock your account'
|
124
|
-
link = email_link(/(\/unlock-account\?key=.+)$/)
|
125
|
-
|
126
|
-
DB[:account_activity_times].update(:last_login_at => Time.now - 181*86400)
|
127
|
-
|
128
|
-
visit link
|
129
|
-
click_button 'Unlock Account'
|
130
|
-
page.find('#error_flash').text.must_equal "You cannot log into this account as it has expired"
|
131
|
-
page.body.must_include 'Not Logged'
|
132
|
-
page.current_path.must_equal '/'
|
133
|
-
end
|
134
|
-
|
135
|
-
it "should not allow account unlock requests for expired accounts" do
|
136
|
-
rodauth do
|
137
|
-
enable :lockout, :account_expiration, :logout
|
138
|
-
max_invalid_logins 2
|
139
|
-
unlock_account_autologin? false
|
140
|
-
end
|
141
|
-
roda do |r|
|
142
|
-
r.rodauth
|
143
|
-
r.root{view :content=>(rodauth.logged_in? ? "Logged In" : "Not Logged")}
|
144
|
-
end
|
145
|
-
|
146
|
-
login
|
147
|
-
logout
|
148
|
-
|
149
|
-
visit '/login'
|
150
|
-
fill_in 'Login', :with=>'foo@example.com'
|
151
|
-
3.times do
|
152
|
-
fill_in 'Password', :with=>'012345678910'
|
153
|
-
click_button 'Login'
|
154
|
-
end
|
155
|
-
|
156
|
-
DB[:account_activity_times].update(:last_login_at => Time.now - 181*86400)
|
157
|
-
|
158
|
-
page.body.must_include("This account is currently locked out")
|
159
|
-
click_button 'Request Account Unlock'
|
160
|
-
page.find('#error_flash').text.must_equal "You cannot log into this account as it has expired"
|
161
|
-
page.body.must_include 'Not Logged'
|
162
|
-
page.current_path.must_equal '/'
|
163
|
-
end
|
164
|
-
|
165
|
-
it "should use last activity time if configured" do
|
166
|
-
rodauth do
|
167
|
-
enable :login, :logout, :account_expiration
|
168
|
-
expire_account_on_last_activity? true
|
169
|
-
account_expiration_error_flash{"Account expired on #{account_expired_at.strftime('%m%d%y')}"}
|
170
|
-
end
|
171
|
-
roda do |r|
|
172
|
-
r.is("a"){view :content=>"Logged In#{rodauth.last_account_activity_at.strftime('%m%d%y')}"}
|
173
|
-
rodauth.update_last_activity
|
174
|
-
r.rodauth
|
175
|
-
r.root{view :content=>rodauth.logged_in? ? "Logged In#{rodauth.last_account_activity_at.strftime('%m%d%y')}" : 'Not Logged'}
|
176
|
-
end
|
177
|
-
|
178
|
-
now = Time.now
|
179
|
-
login
|
180
|
-
page.body.must_include "Logged In#{now.strftime('%m%d%y')}"
|
181
|
-
|
182
|
-
DB[:account_activity_times].count.must_equal 1
|
183
|
-
DB[:account_activity_times].delete
|
184
|
-
|
185
|
-
visit '/'
|
186
|
-
DB[:account_activity_times].count.must_equal 1
|
187
|
-
|
188
|
-
t1 = now - 179*86400
|
189
|
-
DB[:account_activity_times].update(:last_activity_at => t1)
|
190
|
-
visit '/a'
|
191
|
-
page.body.must_include "Logged In#{t1.strftime('%m%d%y')}"
|
192
|
-
|
193
|
-
logout
|
194
|
-
|
195
|
-
t2 = now - 181*86400
|
196
|
-
DB[:account_activity_times].update(:last_activity_at => t2).must_equal 1
|
197
|
-
|
198
|
-
login
|
199
|
-
page.body.must_include 'Not Logged'
|
200
|
-
page.find('#error_flash').text.must_equal "Account expired on #{now.strftime('%m%d%y')}"
|
201
|
-
|
202
|
-
DB[:account_activity_times].update(:expired_at=>t1).must_equal 1
|
203
|
-
|
204
|
-
login
|
205
|
-
page.body.must_include 'Not Logged'
|
206
|
-
page.find('#error_flash').text.must_equal "Account expired on #{t1.strftime('%m%d%y')}"
|
207
|
-
end
|
208
|
-
|
209
|
-
it "should remove account activity data when closing accounts" do
|
210
|
-
rodauth do
|
211
|
-
enable :login, :close_account, :account_expiration
|
212
|
-
close_account_requires_password? false
|
213
|
-
end
|
214
|
-
roda do |r|
|
215
|
-
r.rodauth
|
216
|
-
r.root{view :content=>rodauth.logged_in? ? "Logged In#{rodauth.last_account_login_at.strftime('%m%d%y')}" : "Not Logged"}
|
217
|
-
end
|
218
|
-
|
219
|
-
login
|
220
|
-
DB[:account_activity_times].count.must_equal 1
|
221
|
-
visit '/close-account'
|
222
|
-
click_button 'Close Account'
|
223
|
-
DB[:account_activity_times].count.must_equal 0
|
224
|
-
end
|
225
|
-
end
|
data/spec/all.rb
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
Dir['./spec/*_spec.rb'].each{|f| require f}
|
data/spec/change_login_spec.rb
DELETED
@@ -1,156 +0,0 @@
|
|
1
|
-
require File.expand_path("spec_helper", File.dirname(__FILE__))
|
2
|
-
|
3
|
-
describe 'Rodauth change_login feature' do
|
4
|
-
it "should support changing logins for accounts" do
|
5
|
-
DB[:accounts].insert(:email=>'foo2@example.com')
|
6
|
-
require_password = false
|
7
|
-
require_email = true
|
8
|
-
|
9
|
-
rodauth do
|
10
|
-
enable :login, :logout, :change_login
|
11
|
-
change_login_requires_password?{require_password}
|
12
|
-
require_email_address_logins?{require_email}
|
13
|
-
end
|
14
|
-
roda do |r|
|
15
|
-
r.rodauth
|
16
|
-
r.root{view :content=>""}
|
17
|
-
end
|
18
|
-
|
19
|
-
login
|
20
|
-
page.current_path.must_equal '/'
|
21
|
-
|
22
|
-
visit '/change-login'
|
23
|
-
page.title.must_equal 'Change Login'
|
24
|
-
|
25
|
-
fill_in 'Login', :with=>'foobar'
|
26
|
-
fill_in 'Confirm Login', :with=>'foobar'
|
27
|
-
click_button 'Change Login'
|
28
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
29
|
-
page.html.must_include("invalid login, not a valid email address")
|
30
|
-
page.current_path.must_equal '/change-login'
|
31
|
-
|
32
|
-
require_email = false
|
33
|
-
|
34
|
-
fill_in 'Login', :with=>'fb'
|
35
|
-
fill_in 'Confirm Login', :with=>'fb'
|
36
|
-
click_button 'Change Login'
|
37
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
38
|
-
page.html.must_include("invalid login, minimum 3 characters")
|
39
|
-
page.current_path.must_equal '/change-login'
|
40
|
-
|
41
|
-
fill_in 'Login', :with=>'f'*256
|
42
|
-
fill_in 'Confirm Login', :with=>'f'*256
|
43
|
-
click_button 'Change Login'
|
44
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
45
|
-
page.html.must_include("invalid login, maximum 255 characters")
|
46
|
-
page.current_path.must_equal '/change-login'
|
47
|
-
|
48
|
-
fill_in 'Login', :with=>'foo@example.com'
|
49
|
-
fill_in 'Confirm Login', :with=>'foo2@example.com'
|
50
|
-
click_button 'Change Login'
|
51
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
52
|
-
page.html.must_include("logins do not match")
|
53
|
-
page.current_path.must_equal '/change-login'
|
54
|
-
|
55
|
-
fill_in 'Login', :with=>'foo2@example.com'
|
56
|
-
click_button 'Change Login'
|
57
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
58
|
-
page.html.must_include("invalid login, already an account with this login")
|
59
|
-
page.current_path.must_equal '/change-login'
|
60
|
-
|
61
|
-
fill_in 'Login', :with=>'foo@example.com'
|
62
|
-
fill_in 'Confirm Login', :with=>'foo@example.com'
|
63
|
-
click_button 'Change Login'
|
64
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
65
|
-
page.html.must_include("invalid login, same as current login")
|
66
|
-
page.current_path.must_equal '/change-login'
|
67
|
-
|
68
|
-
fill_in 'Login', :with=>'foo3@example.com'
|
69
|
-
fill_in 'Confirm Login', :with=>'foo3@example.com'
|
70
|
-
click_button 'Change Login'
|
71
|
-
page.find('#notice_flash').text.must_equal "Your login has been changed"
|
72
|
-
page.current_path.must_equal '/'
|
73
|
-
|
74
|
-
logout
|
75
|
-
login(:login=>'foo3@example.com')
|
76
|
-
page.current_path.must_equal '/'
|
77
|
-
|
78
|
-
require_password = true
|
79
|
-
visit '/change-login'
|
80
|
-
fill_in 'Password', :with=>'012345678'
|
81
|
-
fill_in 'Login', :with=>'foo4@example.com'
|
82
|
-
fill_in 'Confirm Login', :with=>'foo4@example.com'
|
83
|
-
click_button 'Change Login'
|
84
|
-
page.find('#error_flash').text.must_equal "There was an error changing your login"
|
85
|
-
page.html.must_include("invalid password")
|
86
|
-
page.current_path.must_equal '/change-login'
|
87
|
-
|
88
|
-
fill_in 'Password', :with=>'0123456789'
|
89
|
-
click_button 'Change Login'
|
90
|
-
page.find('#notice_flash').text.must_equal "Your login has been changed"
|
91
|
-
page.current_path.must_equal '/'
|
92
|
-
|
93
|
-
logout
|
94
|
-
login(:login=>'foo4@example.com')
|
95
|
-
page.current_path.must_equal '/'
|
96
|
-
end
|
97
|
-
|
98
|
-
it "should support changing logins for accounts with login confirmation" do
|
99
|
-
rodauth do
|
100
|
-
enable :login, :change_login
|
101
|
-
change_login_requires_password? false
|
102
|
-
require_login_confirmation? false
|
103
|
-
end
|
104
|
-
roda do |r|
|
105
|
-
r.rodauth
|
106
|
-
r.root{view :content=>""}
|
107
|
-
end
|
108
|
-
|
109
|
-
login
|
110
|
-
visit '/change-login'
|
111
|
-
fill_in 'Login', :with=>'foo3@example.com'
|
112
|
-
click_button 'Change Login'
|
113
|
-
page.find('#notice_flash').text.must_equal "Your login has been changed"
|
114
|
-
end
|
115
|
-
|
116
|
-
it "should support changing logins via jwt" do
|
117
|
-
DB[:accounts].insert(:email=>'foo2@example.com')
|
118
|
-
require_password = false
|
119
|
-
|
120
|
-
rodauth do
|
121
|
-
enable :login, :logout, :change_login
|
122
|
-
change_login_requires_password?{require_password}
|
123
|
-
end
|
124
|
-
roda(:jwt) do |r|
|
125
|
-
r.rodauth
|
126
|
-
end
|
127
|
-
|
128
|
-
json_login
|
129
|
-
|
130
|
-
res = json_request('/change-login', :login=>'foobar', "login-confirm"=>'foobar')
|
131
|
-
res.must_equal [422, {'error'=>"There was an error changing your login", "field-error"=>["login", "invalid login, not a valid email address"]}]
|
132
|
-
|
133
|
-
res = json_request('/change-login', :login=>'foo@example.com', "login-confirm"=>'foo2@example.com')
|
134
|
-
res.must_equal [422, {'error'=>"There was an error changing your login", "field-error"=>["login", "logins do not match"]}]
|
135
|
-
|
136
|
-
res = json_request('/change-login', :login=>'foo2@example.com', "login-confirm"=>'foo2@example.com')
|
137
|
-
res.must_equal [422, {'error'=>"There was an error changing your login", "field-error"=>["login", "invalid login, already an account with this login"]}]
|
138
|
-
|
139
|
-
res = json_request('/change-login', :login=>'foo3@example.com', "login-confirm"=>'foo3@example.com')
|
140
|
-
res.must_equal [200, {'success'=>"Your login has been changed"}]
|
141
|
-
|
142
|
-
json_logout
|
143
|
-
json_login(:login=>'foo3@example.com')
|
144
|
-
|
145
|
-
require_password = true
|
146
|
-
|
147
|
-
res = json_request('/change-login', :login=>'foo4@example.com', "login-confirm"=>'foo4@example.com', :password=>'012345678')
|
148
|
-
res.must_equal [401, {'error'=>"There was an error changing your login", "field-error"=>["password", "invalid password"]}]
|
149
|
-
|
150
|
-
res = json_request('/change-login', :login=>'foo4@example.com', "login-confirm"=>'foo4@example.com', :password=>'0123456789')
|
151
|
-
res.must_equal [200, {'success'=>"Your login has been changed"}]
|
152
|
-
|
153
|
-
json_logout
|
154
|
-
json_login(:login=>'foo4@example.com')
|
155
|
-
end
|
156
|
-
end
|