signinable 2.0.17 → 3.0.1

data/spec/models/signin_spec.rb

@@ -18,84 +18,14 @@ describe Signin do
     end
   end
 
-  describe '#expireable?' do
-    it 'returns false when expireable' do
-      signin = create(:signin, expiration_time: nil)
-      expect(signin).to_not be_expireable
-    end
-
-    it 'returns true when expireable' do
-      signin = create(:signin, expiration_time: Time.zone.now)
-      expect(signin).to be_expireable
-    end
-  end
-
   describe '#expire!' do
     it 'sets expiration_time to now' do
-      signin = create(:signin, expiration_time: (Time.zone.now + 1.hour))
-      allow(signin).to receive(:renew!)
-      signin.expire!
-      expect(signin).to have_received(:renew!).with(period: 0, ip: signin.ip, user_agent: signin.user_agent)
-    end
-  end
-
-  describe '#renew!' do
-    let(:signin) { create(:signin) }
-    let(:attrs) do
-      {
-        period: 100,
-        ip: signin.ip,
-        user_agent: signin.user_agent,
-        refresh_token: false
-      }
-    end
-
-    before(:each) do
-      allow(signin).to receive(:update!)
-    end
-
-    it 'updates ip and user_agent' do
-      signin.renew!(**attrs)
-      expect(signin).to have_received(:update!).with(hash_including(ip: signin.ip, user_agent: signin.user_agent))
-    end
-
-    context 'when expireable' do
-      before(:each) do
-        allow(signin).to receive(:expireable?).and_return(true)
-      end
-
-      it 'updates expiration_time' do
-        Timecop.freeze do
-          signin.renew!(**attrs)
-          expect(signin).to have_received(:update!).with(hash_including(expiration_time: Time.zone.now + attrs[:period]))
-        end
-      end
-    end
-
-    context 'when not expireable' do
-      before(:each) do
-        allow(signin).to receive(:expireable?).and_return(false)
-      end
-
-      it 'does not update expiration_time' do
-        signin.renew!(**attrs)
-        expect(signin).to have_received(:update!).with(hash_excluding(expiration_time: Time.zone.now + attrs[:period]))
-      end
-    end
-
-    context 'when need to refresh_token' do
-      it 'updates expiration_time' do
-        allow(SecureRandom).to receive(:urlsafe_base64).and_return('bla')
-        signin.renew!(**attrs.merge(refresh_token: true))
-        expect(signin).to have_received(:update!).with(hash_including(token: 'bla'))
-      end
-    end
-
-    context 'when no need to refresh_token' do
-      it 'does not update expiration_time' do
-        allow(SecureRandom).to receive(:urlsafe_base64).and_return('bla')
-        signin.renew!(**attrs)
-        expect(signin).to have_received(:update!).with(hash_excluding(token: 'bla'))
+      time = Time.current
+      Timecop.freeze(time) do
+        signin = create(:signin, expiration_time: (Time.zone.now + 1.hour))
+        allow(signin).to receive(:update!)
+        signin.expire!
+        expect(signin).to have_received(:update!).with(ip: signin.ip, user_agent: signin.user_agent, expiration_time: time)
       end
     end
   end

data/spec/models/user_spec.rb

@@ -4,7 +4,6 @@ require 'rails_helper'
 
 describe User do
   let(:credentials) { ['127.0.0.1', 'user_agent'] }
-  let(:other_credentials) { ['127.0.0.2', 'user_agent2'] }
   let(:user) { create(:user) }
 
   before :each do
@@ -29,8 +28,7 @@ describe User do
     end
 
     it 'should generate jwt with correct payload' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
+      signin =  sign_in_user(user, credentials)
       payload = JWT.decode(user.jwt, 'test', true, { algorithm: 'HS256' })[0]
       expect(payload).to include(
         'refresh_token' => signin.token,
@@ -39,18 +37,10 @@ describe User do
     end
 
     it 'should set expiration_time' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
+      signin = sign_in_user(user, credentials)
       expect(signin.expiration_time.to_i).to eq((Time.zone.now + User.refresh_exp).to_i)
     end
 
-    it 'should not set expiration_time' do
-      allow(described_class).to receive(:refresh_exp).and_return(0)
-      sign_in_user(user, credentials)
-      signin = user.last_signin
-      expect(signin.expiration_time).to be_nil
-    end
-
     context 'when simultaneous signins enabled' do
       before do
         allow(described_class).to receive(:simultaneous_signings).and_return(true)
@@ -78,54 +68,17 @@ describe User do
 
   describe '#signout' do
     it 'ignores expired signin' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
+      signin = sign_in_user(user, credentials)
       Timecop.travel(signin.expiration_time) do
-        expect(sign_out_user(user, credentials)).to be_falsey
+        expect(sign_out_user(user)).to be_falsey
       end
     end
 
     it 'should expire signin' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
-      sign_out_user(user, credentials)
+      signin = sign_in_user(user, credentials)
+      sign_out_user(user)
       expect(signin.reload).to be_expired
     end
-
-    context 'when has no restrictions' do
-      %i[ip user_agent].each do |c|
-        it "allows signout when #{c} changes" do
-          sign_in_user(user, credentials)
-          expect(sign_out_user(user, credentials)).to be_truthy
-        end
-      end
-    end
-
-    context 'when has restrictions' do
-      %i[ip user_agent].each do |c|
-        it "forbids signout when #{c} changes" do
-          allow(described_class).to receive(:signin_restrictions).and_return([c])
-          sign_in_user(user, credentials)
-          expect(sign_out_user(user, other_credentials)).to be_nil
-        end
-      end
-    end
-  end
-
-  describe '#last_signin' do
-    it 'retuns nil when no signins' do
-      expect(user.last_signin).to be_nil
-    end
-
-    it 'returns last active signin' do
-      sign_in_user(user, credentials)
-      sign_in_user(user, credentials)
-      signin = user.signins.active.last
-      sign_in_user(user, credentials)
-      user.signins.last.expire!
-
-      expect(user.last_signin).to eq(signin)
-    end
   end
 
   describe '.generate_jwt' do
@@ -180,17 +133,18 @@ describe User do
         Timecop.travel(Time.zone.now + described_class.jwt_exp)
       end
 
-      it 'does not do user lookup' do
-        allow(described_class).to receive(:find_by)
-        described_class.authenticate_with_token(user.jwt, *credentials)
-        expect(described_class).not_to have_received(:find_by)
-      end
-
       it 'calls for refresh token' do
         allow(described_class).to receive(:refresh_jwt)
         described_class.authenticate_with_token(user.jwt, *credentials)
         expect(described_class).to have_received(:refresh_jwt)
       end
+
+      it 'assigns new jwt' do
+        allow(User).to receive(:find_by).and_return(user)
+        allow(user).to receive(:jwt=)
+        described_class.authenticate_with_token(user.jwt, *credentials)
+        expect(user).to have_received(:jwt=)
+      end
     end
   end
 
@@ -207,60 +161,35 @@ describe User do
     end
 
     it 'returns nil when signin expired' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
-      Timecop.travel(Time.zone.now + described_class.refresh_exp)
-      expect(described_class.refresh_jwt(user.jwt, *credentials)).to be_nil
-    end
-
-    context 'when has no restrictions' do
-      %i[ip user_agent].each do |c|
-        it "allows signin when #{c} changed" do
-          sign_in_user(user, credentials)
-          expect(described_class.refresh_jwt(user.jwt, *other_credentials)).to eq(user)
-        end
-      end
-    end
-
-    context 'when has restrictions' do
-      %i[ip user_agent].each do |c|
-        it "forbids signin when #{c} changed" do
-          allow(User).to receive(:signin_restrictions).and_return([c])
-          sign_in_user(user, credentials)
-          expect(described_class.refresh_jwt(user.jwt, *other_credentials)).to be_nil
-        end
+      signin = sign_in_user(user, credentials)
+      Timecop.travel(Time.zone.now + described_class.refresh_exp) do
+        expect(described_class.refresh_jwt(
+          described_class.extract_jwt_payload(user.jwt)[:data],
+          *credentials
+        )).to be_nil
       end
     end
 
     it 'renews signin' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
-      allow(signin).to receive(:renew!)
-      allow(Signin).to receive(:find_by).with(token: signin.token).and_return(signin)
-
-      described_class.refresh_jwt(user.jwt, *credentials)
-      expect(signin).to have_received(:renew!).with(period: described_class.expiration_period, ip: credentials[0],
-                                                    user_agent: credentials[1], refresh_token: true)
-    end
-
-    it 'assigns new jwt' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
-      allow(user).to receive(:jwt=)
-      allow(signin).to receive(:signinable).and_return(user)
-      allow(Signin).to receive(:find_by).with(token: signin.token).and_return(signin)
-      allow(described_class).to receive(:generate_jwt).and_return('bla')
+      signin = sign_in_user(user, credentials)
 
-      described_class.refresh_jwt(user.jwt, *credentials)
-      expect(user).to have_received(:jwt=).with('bla')
+      expect {
+        described_class.refresh_jwt(
+          described_class.extract_jwt_payload(user.jwt)[:data],
+          *credentials
+        )
+        signin.reload
+      }.to change { signin.token }
     end
 
     it 'regenerates jwt' do
-      sign_in_user(user, credentials)
-      signin = user.last_signin
+      signin = sign_in_user(user, credentials)
       allow(described_class).to receive(:generate_jwt)
 
-      described_class.refresh_jwt(user.jwt, *credentials)
+      described_class.refresh_jwt(
+        described_class.extract_jwt_payload(user.jwt)[:data],
+        *credentials
+      )
       signin.reload
       expect(described_class).to have_received(:generate_jwt).with(signin.token, signin.signinable_id)
     end

data/spec/support/utilities.rb

@@ -4,6 +4,6 @@ def sign_in_user(user, credentials)
   user.signin(*credentials, 'referer')
 end
 
-def sign_out_user(user, credentials)
-  user.signout(user.jwt, *credentials)
+def sign_out_user(user)
+  user.signout(user.jwt)
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: signinable
 version: !ruby/object:Gem::Version
-  version: 2.0.17
+  version: 3.0.1
 platform: ruby
 authors:
 - Ivan Novozhenets
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-14 00:00:00.000000000 Z
+date: 2024-02-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -16,28 +16,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.1
+        version: 2.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.4.1
+        version: 2.8.0
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: 7.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: 7.0.0
 - !ruby/object:Gem::Dependency
   name: factory_bot_rails
   requirement: !ruby/object:Gem::Requirement
@@ -154,6 +154,8 @@ files:
 - spec/dummy/db/migrate/20140103165606_create_users.rb
 - spec/dummy/db/schema.rb
 - spec/dummy/db/test.sqlite3
+- spec/dummy/db/test.sqlite3-shm
+- spec/dummy/db/test.sqlite3-wal
 - spec/dummy/log/development.log
 - spec/dummy/log/test.log
 - spec/dummy/public/404.html
@@ -179,55 +181,57 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '3.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.3.26
 signing_key: 
 specification_version: 4
 summary: Token based signin
 test_files:
-- spec/dummy/config.ru
 - spec/dummy/README.rdoc
-- spec/dummy/db/test.sqlite3
-- spec/dummy/db/development.sqlite3
-- spec/dummy/db/migrate/20140103165606_create_users.rb
-- spec/dummy/db/schema.rb
-- spec/dummy/config/environment.rb
-- spec/dummy/config/routes.rb
-- spec/dummy/config/database.yml
+- spec/dummy/Rakefile
+- spec/dummy/app/models/user.rb
+- spec/dummy/bin/bundle
+- spec/dummy/bin/rails
+- spec/dummy/bin/rake
 - spec/dummy/config/application.rb
-- spec/dummy/config/initializers/mime_types.rb
+- spec/dummy/config/boot.rb
+- spec/dummy/config/database.yml
+- spec/dummy/config/environment.rb
+- spec/dummy/config/environments/development.rb
+- spec/dummy/config/environments/production.rb
+- spec/dummy/config/environments/test.rb
 - spec/dummy/config/initializers/backtrace_silencers.rb
-- spec/dummy/config/initializers/wrap_parameters.rb
-- spec/dummy/config/initializers/inflections.rb
 - spec/dummy/config/initializers/filter_parameter_logging.rb
+- spec/dummy/config/initializers/inflections.rb
+- spec/dummy/config/initializers/mime_types.rb
 - spec/dummy/config/initializers/secret_token.rb
 - spec/dummy/config/initializers/session_store.rb
-- spec/dummy/config/boot.rb
-- spec/dummy/config/environments/test.rb
-- spec/dummy/config/environments/production.rb
-- spec/dummy/config/environments/development.rb
+- spec/dummy/config/initializers/wrap_parameters.rb
 - spec/dummy/config/locales/en.yml
-- spec/dummy/app/models/user.rb
-- spec/dummy/Rakefile
-- spec/dummy/bin/rails
-- spec/dummy/bin/bundle
-- spec/dummy/bin/rake
-- spec/dummy/public/500.html
-- spec/dummy/public/favicon.ico
+- spec/dummy/config/routes.rb
+- spec/dummy/config.ru
+- spec/dummy/db/development.sqlite3
+- spec/dummy/db/migrate/20140103165606_create_users.rb
+- spec/dummy/db/schema.rb
+- spec/dummy/db/test.sqlite3
+- spec/dummy/db/test.sqlite3-shm
+- spec/dummy/db/test.sqlite3-wal
+- spec/dummy/log/development.log
+- spec/dummy/log/test.log
 - spec/dummy/public/404.html
 - spec/dummy/public/422.html
-- spec/dummy/log/test.log
-- spec/dummy/log/development.log
-- spec/rails_helper.rb
-- spec/support/utilities.rb
-- spec/factories/users.rb
+- spec/dummy/public/500.html
+- spec/dummy/public/favicon.ico
 - spec/factories/signins.rb
-- spec/spec_helper.rb
+- spec/factories/users.rb
 - spec/models/signin_spec.rb
 - spec/models/user_spec.rb
+- spec/rails_helper.rb
+- spec/spec_helper.rb
+- spec/support/utilities.rb