sidecar_token_auth 1.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE +13 -0
- data/README.md +12 -0
- data/Rakefile +42 -0
- data/app/controllers/devise_token_auth/application_controller.rb +79 -0
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +44 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +162 -0
- data/app/controllers/devise_token_auth/confirmations_controller.rb +90 -0
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +287 -0
- data/app/controllers/devise_token_auth/passwords_controller.rb +206 -0
- data/app/controllers/devise_token_auth/registrations_controller.rb +283 -0
- data/app/controllers/devise_token_auth/sessions_controller.rb +245 -0
- data/app/controllers/devise_token_auth/token_validations_controller.rb +31 -0
- data/app/controllers/devise_token_auth/unlocks_controller.rb +89 -0
- data/app/models/devise_token_auth/concerns/active_record_support.rb +16 -0
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
- data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +19 -0
- data/app/models/devise_token_auth/concerns/user.rb +257 -0
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +31 -0
- data/app/validators/devise_token_auth_email_validator.rb +23 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +38 -0
- data/config/locales/da-DK.yml +52 -0
- data/config/locales/de.yml +51 -0
- data/config/locales/en.yml +60 -0
- data/config/locales/es.yml +51 -0
- data/config/locales/fr.yml +51 -0
- data/config/locales/he.yml +52 -0
- data/config/locales/it.yml +48 -0
- data/config/locales/ja.yml +48 -0
- data/config/locales/ko.yml +51 -0
- data/config/locales/nl.yml +32 -0
- data/config/locales/pl.yml +51 -0
- data/config/locales/pt-BR.yml +48 -0
- data/config/locales/pt.yml +51 -0
- data/config/locales/ro.yml +48 -0
- data/config/locales/ru.yml +52 -0
- data/config/locales/sq.yml +48 -0
- data/config/locales/sv.yml +52 -0
- data/config/locales/uk.yml +61 -0
- data/config/locales/vi.yml +52 -0
- data/config/locales/zh-CN.yml +48 -0
- data/config/locales/zh-HK.yml +50 -0
- data/config/locales/zh-TW.yml +50 -0
- data/lib/devise_token_auth.rb +14 -0
- data/lib/devise_token_auth/blacklist.rb +2 -0
- data/lib/devise_token_auth/controllers/helpers.rb +157 -0
- data/lib/devise_token_auth/controllers/url_helpers.rb +10 -0
- data/lib/devise_token_auth/engine.rb +96 -0
- data/lib/devise_token_auth/errors.rb +8 -0
- data/lib/devise_token_auth/rails/routes.rb +116 -0
- data/lib/devise_token_auth/token_factory.rb +126 -0
- data/lib/devise_token_auth/url.rb +44 -0
- data/lib/devise_token_auth/version.rb +5 -0
- data/lib/generators/devise_token_auth/USAGE +31 -0
- data/lib/generators/devise_token_auth/install_generator.rb +91 -0
- data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
- data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
- data/lib/generators/devise_token_auth/install_views_generator.rb +18 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +60 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +49 -0
- data/lib/generators/devise_token_auth/templates/user.rb.erb +9 -0
- data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
- data/lib/tasks/devise_token_auth_tasks.rake +6 -0
- data/test/controllers/custom/custom_confirmations_controller_test.rb +25 -0
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +33 -0
- data/test/controllers/custom/custom_passwords_controller_test.rb +79 -0
- data/test/controllers/custom/custom_registrations_controller_test.rb +63 -0
- data/test/controllers/custom/custom_sessions_controller_test.rb +39 -0
- data/test/controllers/custom/custom_token_validations_controller_test.rb +42 -0
- data/test/controllers/demo_group_controller_test.rb +151 -0
- data/test/controllers/demo_mang_controller_test.rb +284 -0
- data/test/controllers/demo_user_controller_test.rb +629 -0
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +191 -0
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +441 -0
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +780 -0
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +907 -0
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +503 -0
- data/test/controllers/devise_token_auth/token_validations_controller_test.rb +102 -0
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +196 -0
- data/test/controllers/overrides/confirmations_controller_test.rb +47 -0
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +53 -0
- data/test/controllers/overrides/passwords_controller_test.rb +64 -0
- data/test/controllers/overrides/registrations_controller_test.rb +46 -0
- data/test/controllers/overrides/sessions_controller_test.rb +35 -0
- data/test/controllers/overrides/token_validations_controller_test.rb +43 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/active_record/lockable_user.rb +7 -0
- data/test/dummy/app/active_record/mang.rb +5 -0
- data/test/dummy/app/active_record/only_email_user.rb +7 -0
- data/test/dummy/app/active_record/scoped_user.rb +9 -0
- data/test/dummy/app/active_record/unconfirmable_user.rb +9 -0
- data/test/dummy/app/active_record/unregisterable_user.rb +9 -0
- data/test/dummy/app/active_record/user.rb +6 -0
- data/test/dummy/app/controllers/application_controller.rb +18 -0
- data/test/dummy/app/controllers/auth_origin_controller.rb +7 -0
- data/test/dummy/app/controllers/custom/confirmations_controller.rb +13 -0
- data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +13 -0
- data/test/dummy/app/controllers/custom/passwords_controller.rb +39 -0
- data/test/dummy/app/controllers/custom/registrations_controller.rb +39 -0
- data/test/dummy/app/controllers/custom/sessions_controller.rb +29 -0
- data/test/dummy/app/controllers/custom/token_validations_controller.rb +19 -0
- data/test/dummy/app/controllers/demo_group_controller.rb +15 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +14 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +27 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +28 -0
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +16 -0
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +35 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +29 -0
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +36 -0
- data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
- data/test/dummy/app/helpers/application_helper.rb +1058 -0
- data/test/dummy/app/models/concerns/favorite_color.rb +19 -0
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/mongoid/lockable_user.rb +38 -0
- data/test/dummy/app/mongoid/mang.rb +46 -0
- data/test/dummy/app/mongoid/only_email_user.rb +33 -0
- data/test/dummy/app/mongoid/scoped_user.rb +50 -0
- data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
- data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
- data/test/dummy/app/mongoid/user.rb +49 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/config.ru +18 -0
- data/test/dummy/config/application.rb +48 -0
- data/test/dummy/config/application.yml.bk +0 -0
- data/test/dummy/config/boot.rb +11 -0
- data/test/dummy/config/environment.rb +7 -0
- data/test/dummy/config/environments/development.rb +46 -0
- data/test/dummy/config/environments/production.rb +84 -0
- data/test/dummy/config/environments/test.rb +50 -0
- data/test/dummy/config/initializers/assets.rb +10 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +9 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
- data/test/dummy/config/initializers/devise.rb +290 -0
- data/test/dummy/config/initializers/devise_token_auth.rb +55 -0
- data/test/dummy/config/initializers/figaro.rb +3 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +6 -0
- data/test/dummy/config/initializers/inflections.rb +18 -0
- data/test/dummy/config/initializers/mime_types.rb +6 -0
- data/test/dummy/config/initializers/omniauth.rb +11 -0
- data/test/dummy/config/initializers/session_store.rb +5 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +16 -0
- data/test/dummy/config/routes.rb +57 -0
- data/test/dummy/config/spring.rb +3 -0
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +58 -0
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +57 -0
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +8 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +7 -0
- data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +55 -0
- data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +56 -0
- data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +56 -0
- data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +56 -0
- data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +56 -0
- data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
- data/test/dummy/db/schema.rb +198 -0
- data/test/dummy/lib/migration_database_helper.rb +43 -0
- data/test/factories/users.rb +41 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
- data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
- data/test/lib/devise_token_auth/url_test.rb +26 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +217 -0
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +222 -0
- data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +25 -0
- data/test/models/concerns/mongoid_support_test.rb +31 -0
- data/test/models/concerns/tokens_serialization_test.rb +70 -0
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/models/only_email_user_test.rb +29 -0
- data/test/models/user_test.rb +108 -0
- data/test/support/controllers/routes.rb +43 -0
- data/test/test_helper.rb +103 -0
- metadata +481 -0
@@ -0,0 +1,25 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
require 'fileutils'
|
5
|
+
require 'generators/devise_token_auth/install_views_generator'
|
6
|
+
|
7
|
+
module DeviseTokenAuth
|
8
|
+
class InstallViewsGeneratorTest < Rails::Generators::TestCase
|
9
|
+
tests InstallViewsGenerator
|
10
|
+
destination Rails.root.join('tmp/generators')
|
11
|
+
|
12
|
+
describe 'default values, clean install' do
|
13
|
+
setup :prepare_destination
|
14
|
+
|
15
|
+
before do
|
16
|
+
run_generator
|
17
|
+
end
|
18
|
+
|
19
|
+
test 'files are copied' do
|
20
|
+
assert_file 'app/views/devise/mailer/reset_password_instructions.html.erb'
|
21
|
+
assert_file 'app/views/devise/mailer/confirmation_instructions.html.erb'
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
if DEVISE_TOKEN_AUTH_ORM == :mongoid
|
6
|
+
class DeviseTokenAuth::Concerns::MongoidSupportTest < ActiveSupport::TestCase
|
7
|
+
describe DeviseTokenAuth::Concerns::MongoidSupport do
|
8
|
+
before do
|
9
|
+
@user = create(:user)
|
10
|
+
end
|
11
|
+
|
12
|
+
describe '#as_json' do
|
13
|
+
test 'should be defined' do
|
14
|
+
assert @user.methods.include?(:as_json)
|
15
|
+
end
|
16
|
+
|
17
|
+
test 'should except _id attribute' do
|
18
|
+
refute @user.as_json.key?('_id')
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'should return with id attribute' do
|
22
|
+
assert_equal @user._id.to_s, @user.as_json['id']
|
23
|
+
end
|
24
|
+
|
25
|
+
test 'should accept options' do
|
26
|
+
refute @user.as_json(except: [:created_at]).key?('created_at')
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
if DEVISE_TOKEN_AUTH_ORM == :active_record
|
4
|
+
describe 'DeviseTokenAuth::Concerns::TokensSerialization' do
|
5
|
+
let(:ts) { DeviseTokenAuth::Concerns::TokensSerialization }
|
6
|
+
let(:user) { FactoryBot.create(:user) }
|
7
|
+
let(:tokens) do
|
8
|
+
# Сreate all possible token's attributes combinations
|
9
|
+
user.create_token
|
10
|
+
2.times { user.create_new_auth_token(user.tokens.first[0]) }
|
11
|
+
user.create_new_auth_token
|
12
|
+
user.create_token
|
13
|
+
|
14
|
+
user.tokens
|
15
|
+
end
|
16
|
+
let(:json) { JSON.generate(tokens) }
|
17
|
+
|
18
|
+
it 'is defined' do
|
19
|
+
assert_equal(ts.present?, true)
|
20
|
+
assert_kind_of(Module, ts)
|
21
|
+
end
|
22
|
+
|
23
|
+
describe '.load(json)' do
|
24
|
+
let(:default) { {} }
|
25
|
+
|
26
|
+
it 'is defined' do
|
27
|
+
assert_respond_to(ts, :load)
|
28
|
+
end
|
29
|
+
|
30
|
+
it 'handles nil' do
|
31
|
+
assert_equal(ts.load(nil), default)
|
32
|
+
end
|
33
|
+
|
34
|
+
it 'handles string' do
|
35
|
+
assert_equal(ts.load(json), JSON.parse(json))
|
36
|
+
end
|
37
|
+
|
38
|
+
it 'returns object of undesirable class' do
|
39
|
+
assert_equal(ts.load([]), [])
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
describe '.dump(object)' do
|
44
|
+
let(:default) { 'null' }
|
45
|
+
|
46
|
+
it 'is defined' do
|
47
|
+
assert_respond_to(ts, :dump)
|
48
|
+
end
|
49
|
+
|
50
|
+
it 'handles nil' do
|
51
|
+
assert_equal(ts.dump(nil), default)
|
52
|
+
end
|
53
|
+
|
54
|
+
it 'handles empty hash' do
|
55
|
+
assert_equal(ts.dump({}), '{}')
|
56
|
+
end
|
57
|
+
|
58
|
+
it 'deserialize tokens' do
|
59
|
+
assert_equal(ts.dump(tokens), json)
|
60
|
+
end
|
61
|
+
|
62
|
+
it 'removes nil values' do
|
63
|
+
new_tokens = tokens.dup
|
64
|
+
new_tokens[new_tokens.first[0]][:kos] = nil
|
65
|
+
|
66
|
+
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class ConfirmableUserTest < ActiveSupport::TestCase
|
6
|
+
describe ConfirmableUser do
|
7
|
+
describe 'creation' do
|
8
|
+
test 'email should be saved' do
|
9
|
+
@resource = create(:confirmable_user)
|
10
|
+
assert @resource.email.present?
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
describe 'updating email' do
|
15
|
+
test 'new email should be saved to unconfirmed_email' do
|
16
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
17
|
+
@resource.update(email: 'new_address@example.com')
|
18
|
+
assert @resource.unconfirmed_email == 'new_address@example.com'
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'old email should be kept in email' do
|
22
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
23
|
+
@resource.update(email: 'new_address@example.com')
|
24
|
+
assert @resource.email == 'old_address@example.com'
|
25
|
+
end
|
26
|
+
|
27
|
+
test 'confirmation_token should be changed' do
|
28
|
+
@resource = create(:confirmable_user, email: 'old_address@example.com')
|
29
|
+
old_token = @resource.confirmation_token
|
30
|
+
@resource.update(email: 'new_address@example.com')
|
31
|
+
assert @resource.confirmation_token != old_token
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class OnlyEmailUserTest < ActiveSupport::TestCase
|
6
|
+
describe OnlyEmailUser do
|
7
|
+
test 'confirmable is disabled' do
|
8
|
+
refute OnlyEmailUser.method_defined?(:confirmation_token)
|
9
|
+
refute OnlyEmailUser.method_defined?(:confirmed_at)
|
10
|
+
refute OnlyEmailUser.method_defined?(:confirmation_sent_at)
|
11
|
+
refute OnlyEmailUser.method_defined?(:unconfirmed_email)
|
12
|
+
end
|
13
|
+
|
14
|
+
test 'lockable is disabled' do
|
15
|
+
refute OnlyEmailUser.method_defined?(:failed_attempts)
|
16
|
+
refute OnlyEmailUser.method_defined?(:unlock_token)
|
17
|
+
refute OnlyEmailUser.method_defined?(:locked_at)
|
18
|
+
end
|
19
|
+
|
20
|
+
test 'recoverable is disabled' do
|
21
|
+
refute OnlyEmailUser.method_defined?(:reset_password_token)
|
22
|
+
refute OnlyEmailUser.method_defined?(:reset_password_sent_at)
|
23
|
+
end
|
24
|
+
|
25
|
+
test 'rememberable is disabled' do
|
26
|
+
refute OnlyEmailUser.method_defined?(:remember_created_at)
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,108 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'test_helper'
|
4
|
+
|
5
|
+
class UserTest < ActiveSupport::TestCase
|
6
|
+
describe User do
|
7
|
+
describe 'serialization' do
|
8
|
+
test 'hash should not include sensitive info' do
|
9
|
+
@resource = build(:user)
|
10
|
+
refute @resource.as_json[:tokens]
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
describe 'creation' do
|
15
|
+
test 'save fails if uid is missing' do
|
16
|
+
@resource = User.new
|
17
|
+
@resource.uid = nil
|
18
|
+
@resource.save
|
19
|
+
|
20
|
+
assert @resource.errors.messages[:uid]
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
describe 'email registration' do
|
25
|
+
test 'model should not save if email is blank' do
|
26
|
+
@resource = build(:user, email: nil)
|
27
|
+
|
28
|
+
refute @resource.save
|
29
|
+
assert @resource.errors.messages[:email] == [I18n.t('errors.messages.blank')]
|
30
|
+
end
|
31
|
+
|
32
|
+
test 'model should not save if email is not an email' do
|
33
|
+
@resource = build(:user, email: '@example.com')
|
34
|
+
|
35
|
+
refute @resource.save
|
36
|
+
assert @resource.errors.messages[:email] == [I18n.t('errors.messages.not_email')]
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
describe 'email uniqueness' do
|
41
|
+
test 'model should not save if email is taken' do
|
42
|
+
user_attributes = attributes_for(:user)
|
43
|
+
create(:user, user_attributes)
|
44
|
+
@resource = build(:user, user_attributes)
|
45
|
+
|
46
|
+
refute @resource.save
|
47
|
+
assert @resource.errors.messages[:email].first.include? 'taken'
|
48
|
+
assert @resource.errors.messages[:email].none? { |e| e =~ /translation missing/ }
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
describe 'oauth2 authentication' do
|
53
|
+
test 'model should save even if email is blank' do
|
54
|
+
@resource = build(:user, :facebook, email: nil)
|
55
|
+
|
56
|
+
assert @resource.save
|
57
|
+
assert @resource.errors.messages[:email].blank?
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
describe 'token expiry' do
|
62
|
+
before do
|
63
|
+
@resource = create(:user, :confirmed)
|
64
|
+
|
65
|
+
@auth_headers = @resource.create_new_auth_token
|
66
|
+
|
67
|
+
@token = @auth_headers['access-token']
|
68
|
+
@client_id = @auth_headers['client']
|
69
|
+
end
|
70
|
+
|
71
|
+
test 'should properly indicate whether token is current' do
|
72
|
+
assert @resource.token_is_current?(@token, @client_id)
|
73
|
+
# we want to update the expiry without forcing a cleanup (see below)
|
74
|
+
@resource.tokens[@client_id]['expiry'] = Time.zone.now.to_i - 10.seconds
|
75
|
+
refute @resource.token_is_current?(@token, @client_id)
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
79
|
+
describe 'expired tokens are destroyed on save' do
|
80
|
+
before do
|
81
|
+
@resource = create(:user, :confirmed)
|
82
|
+
|
83
|
+
@old_auth_headers = @resource.create_new_auth_token
|
84
|
+
@new_auth_headers = @resource.create_new_auth_token
|
85
|
+
expire_token(@resource, @old_auth_headers['client'])
|
86
|
+
end
|
87
|
+
|
88
|
+
test 'expired token was removed' do
|
89
|
+
refute @resource.tokens[@old_auth_headers[:client]]
|
90
|
+
end
|
91
|
+
|
92
|
+
test 'current token was not removed' do
|
93
|
+
assert @resource.tokens[@new_auth_headers['client']]
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
97
|
+
describe 'nil tokens are handled properly' do
|
98
|
+
before do
|
99
|
+
@resource = create(:user, :confirmed)
|
100
|
+
end
|
101
|
+
|
102
|
+
test 'tokens can be set to nil' do
|
103
|
+
@resource.tokens = nil
|
104
|
+
assert @resource.save
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
108
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
class Module
|
2
|
+
include Minitest::Spec::DSL
|
3
|
+
end
|
4
|
+
|
5
|
+
module ControllerRoutesAfterBlock
|
6
|
+
after do
|
7
|
+
Rails.application.reload_routes!
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
module CustomControllersRoutes
|
12
|
+
include ControllerRoutesAfterBlock
|
13
|
+
|
14
|
+
before do
|
15
|
+
Rails.application.routes.draw do
|
16
|
+
mount_devise_token_auth_for 'User', at: 'nice_user_auth', controllers: {
|
17
|
+
registrations: 'custom/registrations',
|
18
|
+
confirmations: 'custom/confirmations',
|
19
|
+
passwords: 'custom/passwords',
|
20
|
+
sessions: 'custom/sessions',
|
21
|
+
token_validations: 'custom/token_validations',
|
22
|
+
omniauth_callbacks: 'custom/omniauth_callbacks'
|
23
|
+
}
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
module OverridesControllersRoutes
|
29
|
+
include ControllerRoutesAfterBlock
|
30
|
+
|
31
|
+
before do
|
32
|
+
Rails.application.routes.draw do
|
33
|
+
mount_devise_token_auth_for 'User', at: 'evil_user_auth', controllers: {
|
34
|
+
confirmations: 'overrides/confirmations',
|
35
|
+
passwords: 'overrides/passwords',
|
36
|
+
omniauth_callbacks: 'overrides/omniauth_callbacks',
|
37
|
+
registrations: 'overrides/registrations',
|
38
|
+
sessions: 'overrides/sessions',
|
39
|
+
token_validations: 'overrides/token_validations'
|
40
|
+
}
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
data/test/test_helper.rb
ADDED
@@ -0,0 +1,103 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'simplecov'
|
4
|
+
SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
|
5
|
+
SimpleCov.start 'rails' do
|
6
|
+
add_filter ['.bundle', 'test', 'config']
|
7
|
+
end
|
8
|
+
|
9
|
+
ENV['RAILS_ENV'] = 'test'
|
10
|
+
DEVISE_TOKEN_AUTH_ORM = (ENV['DEVISE_TOKEN_AUTH_ORM'] || :active_record).to_sym
|
11
|
+
|
12
|
+
puts "\n==> DeviseTokenAuth.orm = #{DEVISE_TOKEN_AUTH_ORM.inspect}"
|
13
|
+
|
14
|
+
require File.expand_path('dummy/config/environment', __dir__)
|
15
|
+
require 'active_support/testing/autorun'
|
16
|
+
require 'minitest/rails'
|
17
|
+
require 'mocha/minitest'
|
18
|
+
require 'database_cleaner'
|
19
|
+
|
20
|
+
FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
|
21
|
+
FactoryBot.find_definitions
|
22
|
+
|
23
|
+
Dir[File.join(__dir__, 'support/**', '*.rb')].each { |file| require file }
|
24
|
+
|
25
|
+
# I hate the default reporter. Use ProgressReporter instead.
|
26
|
+
Minitest::Reporters.use! Minitest::Reporters::ProgressReporter.new
|
27
|
+
|
28
|
+
class ActionDispatch::IntegrationTest
|
29
|
+
def follow_all_redirects!
|
30
|
+
follow_redirect! while response.status.to_s =~ /^3\d{2}/
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
class ActiveSupport::TestCase
|
35
|
+
include FactoryBot::Syntax::Methods
|
36
|
+
|
37
|
+
ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
|
38
|
+
|
39
|
+
strategies = { active_record: :transaction,
|
40
|
+
mongoid: :truncation }
|
41
|
+
DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
|
42
|
+
setup { DatabaseCleaner.start }
|
43
|
+
teardown { DatabaseCleaner.clean }
|
44
|
+
|
45
|
+
# Add more helper methods to be used by all tests here...
|
46
|
+
|
47
|
+
def age_token(user, client_id)
|
48
|
+
if user.tokens[client_id]
|
49
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)).to_s(:rfc822)
|
50
|
+
user.save!
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def expire_token(user, client_id)
|
55
|
+
if user.tokens[client_id]
|
56
|
+
user.tokens[client_id]['expiry'] = (Time.zone.now - (DeviseTokenAuth.token_lifespan.to_f + 10.seconds)).to_i
|
57
|
+
user.save!
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
# Suppress OmniAuth logger output
|
62
|
+
def silence_omniauth
|
63
|
+
previous_logger = OmniAuth.config.logger
|
64
|
+
OmniAuth.config.logger = Logger.new('/dev/null')
|
65
|
+
yield
|
66
|
+
ensure
|
67
|
+
OmniAuth.config.logger = previous_logger
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
class ActionController::TestCase
|
72
|
+
include Devise::Test::ControllerHelpers
|
73
|
+
|
74
|
+
setup do
|
75
|
+
@routes = Dummy::Application.routes
|
76
|
+
@request.env['devise.mapping'] = Devise.mappings[:user]
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
# TODO: remove it when support for Rails < 5 has been dropped
|
81
|
+
module Rails
|
82
|
+
module Controller
|
83
|
+
module Testing
|
84
|
+
module Integration
|
85
|
+
%w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
|
86
|
+
define_method(method) do |path_or_action, **args|
|
87
|
+
if Rails::VERSION::MAJOR >= 5
|
88
|
+
super path_or_action, args
|
89
|
+
else
|
90
|
+
super path_or_action, args[:params], args[:headers]
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
|
99
|
+
module ActionController
|
100
|
+
class TestCase
|
101
|
+
include Rails::Controller::Testing::Integration
|
102
|
+
end
|
103
|
+
end
|