simple_auth 1.5.0 → 2.0.0

data/spec/controllers/redirect_logged_user_spec.rb

@@ -12,7 +12,7 @@ describe ApplicationController do
 
   context "redirecting logged users" do
     context "using hash" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => { :controller => "dashboard" }
 
         def index
@@ -20,17 +20,17 @@ describe ApplicationController do
         end
       end
 
-      it "should redirect logged users" do
+      it "redirects logged users" do
         session[:user_id] = user.id
         get :index
 
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
 
     context "using block" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => proc { dashboard_path }
 
         def index
@@ -38,17 +38,17 @@ describe ApplicationController do
         end
       end
 
-      it "should redirect logged users" do
+      it "redirects logged users" do
         session[:user_id] = user.id
         get :index
 
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
 
     context "using configuration" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user
 
         def index
@@ -56,18 +56,18 @@ describe ApplicationController do
         end
       end
 
-      it "should redirect logged users" do
+      it "redirects logged users" do
         SimpleAuth::Config.logged_url = proc { dashboard_path }
         session[:user_id] = user.id
         get :index
 
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
 
     context "when unlogged" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => { :controller => "dashboard" }
 
         def index
@@ -75,12 +75,12 @@ describe ApplicationController do
         end
       end
 
-      it "should render page" do
+      it "renders page" do
         session[:user_id] = nil
         get :index
 
-        response.code.should match(/200/)
-        response.body.should == "Rendered"
+        expect(response.code).to match(/200/)
+        expect(response.body).to eq("Rendered")
       end
     end
   end

data/spec/controllers/require_logged_user_spec.rb

@@ -15,7 +15,7 @@ describe ApplicationController do
   end
 
   context "redirecting to requested page" do
-    controller do
+    controller ApplicationController do
       require_logged_user :to => "/login"
 
       def index
@@ -23,66 +23,66 @@ describe ApplicationController do
       end
     end
 
-    it "should keep other session data" do
+    it "keeps other session data" do
       session[:skip_intro] = true
       get :index
-      session[:skip_intro].should be_true
+      expect(session[:skip_intro]).to be_truthy
     end
 
-    it "should remove record id from session" do
+    it "removes record id from session" do
       session[:user_id] = 0
       get :index
-      session.should_not have_key(:user)
+      expect(session).not_to have_key(:user)
     end
 
-    it "should remove session id from session" do
+    it "removes session id from session" do
       session[:session_id] = "xSQR"
       get :index
-      session.should_not have_key(:session_id)
+      expect(session).not_to have_key(:session_id)
     end
 
-    it "should return the request url" do
+    it "returns the request url" do
       get :index, :some => "param"
-      controller.send(:return_to, "/dashboard").should == "/anonymous?some=param"
+      expect(controller.send(:return_to, "/dashboard")).to eq("/anonymous?some=param")
     end
 
-    it "should return the default url" do
-      controller.send(:return_to, "/dashboard").should == "/dashboard"
+    it "returns the default url" do
+      expect(controller.send(:return_to, "/dashboard")).to eq("/dashboard")
     end
 
-    it "should set return to" do
+    it "sets return to" do
       get :index, :some => "param"
-      session[:return_to].should == "/anonymous?some=param"
+      expect(session[:return_to]).to eq("/anonymous?some=param")
     end
 
-    it "should remove return to from session" do
+    it "removes return to from session" do
       get :index, :some => "param"
       controller.send(:return_to, "/dashboard")
-      session[:return_to].should be_nil
+      expect(session[:return_to]).to be_nil
     end
 
-    it "should set warning message" do
+    it "sets warning message" do
       get :index
-      flash[:alert].should == "You need to be logged"
+      expect(flash[:alert]).to eq("You need to be logged")
     end
 
-    it "should redirect when user is not authorized on controller level" do
+    it "redirects when user is not authorized on controller level" do
       session[:user_id] = user.id
-      @controller.should_receive(:authorized?).and_return(false)
+      expect(@controller).to receive(:authorized?).and_return(false)
 
       get :index
-      response.should redirect_to("/login")
+      expect(response).to redirect_to("/login")
     end
 
-    it "should redirect when session is not valid" do
+    it "redirects when session is not valid" do
       session[:user_id] = "invalid"
 
       get :index
-      response.should redirect_to("/login")
+      expect(response).to redirect_to("/login")
     end
 
     context "using hash" do
-      controller do
+      controller ApplicationController do
         require_logged_user :to => {:controller => "session", :action => "new"}
 
         def index
@@ -90,14 +90,14 @@ describe ApplicationController do
         end
       end
 
-      it "should be redirected" do
+      it "is redirected" do
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
 
     context "using block" do
-      controller do
+      controller ApplicationController do
         require_logged_user :to => proc { login_path }
 
         def index
@@ -105,14 +105,14 @@ describe ApplicationController do
         end
       end
 
-      it "should be redirected" do
+      it "is redirected" do
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
 
     context "using configuration" do
-      controller do
+      controller ApplicationController do
         require_logged_user
 
         def index
@@ -120,16 +120,16 @@ describe ApplicationController do
         end
       end
 
-      it "should be redirected" do
+      it "is redirected" do
         SimpleAuth::Config.login_url = "/login"
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
   end
 
   context "when logged" do
-    controller do
+    controller ApplicationController do
       require_logged_user
 
       def index
@@ -137,10 +137,10 @@ describe ApplicationController do
       end
     end
 
-    it "should render page" do
+    it "renders page" do
       session[:user_id] = user.id
       get :index
-      response.body.should == "Rendered"
+      expect(response.body).to eq("Rendered")
     end
   end
 end

data/spec/schema.rb

@@ -1,5 +1,9 @@
 ActiveRecord::Schema.define(:version => 0) do
   create_table :users do |t|
-    t.string :email, :login, :password_hash, :password_salt, :username
+    t.string :email, :login, :password_digest, :username
+  end
+
+  create_table :customers do |t|
+    t.string :email, :login, :password_digest, :password_salt
   end
 end

data/spec/simple_auth/active_record_spec.rb

@@ -1,9 +1,111 @@
 require "spec_helper"
 
-describe SimpleAuth::Orm::ActiveRecord do
+describe SimpleAuth::ActiveRecord do
   let(:model) { User }
   let(:model_name) { :user }
   subject { model.new }
 
-  it_should_behave_like "orm"
+  before do
+    SimpleAuth::Config.model = model_name
+  end
+
+  context "configuration" do
+    it "sets credentials" do
+      model.authentication do |config|
+        config.credentials = ["uid"]
+      end
+
+      expect(SimpleAuth::Config.credentials).to eq(["uid"])
+    end
+
+    it "automatically sets model" do
+      model.authentication do |config|
+        config.model = nil
+      end
+
+      expect(SimpleAuth::Config.model).to eq(model_name)
+    end
+  end
+
+  context "new record" do
+    before do
+      expect(subject).not_to be_valid
+    end
+
+    it "requires password" do
+      expect(subject.errors[:password]).not_to be_empty
+    end
+
+    it "requires password to be at least 4-chars long" do
+      subject.password = "123"
+      expect(subject).not_to be_valid
+      expect(subject.errors[:password]).not_to be_empty
+    end
+
+    it "requires password confirmation", if: Rails::VERSION::STRING >= "4.0" do
+      user = User.create(password: "test", password_confirmation: "invalid")
+      expect(user.errors[:password_confirmation]).not_to be_empty
+    end
+
+    it "requires password confirmation", if: Rails::VERSION::STRING < "4.0" do
+      user = User.create(password: "test", password_confirmation: "invalid")
+      expect(user.errors[:password]).not_to be_empty
+    end
+  end
+
+  context "existing record" do
+    before do
+      model.delete_all
+      model.create(
+        :email => "john@doe.com",
+        :login => "johndoe",
+        :password => "test",
+        :password_confirmation => "test",
+        :username => "john"
+      )
+    end
+
+    subject { model.first }
+
+    it "requires password" do
+      user = User.create(password: nil)
+      expect(user.errors[:password]).not_to be_empty
+    end
+
+    it "authenticates using email" do
+      expect(model.authenticate("john@doe.com", "test")).to eq(subject)
+    end
+
+    it "authenticates using login" do
+      expect(model.authenticate("johndoe", "test")).to eq(subject)
+    end
+
+    it "authenticates using custom attribute" do
+      SimpleAuth::Config.credentials = [:username]
+      expect(model.authenticate("john", "test")).to eq(subject)
+    end
+
+    it "doesn't authenticate using invalid credential" do
+      expect(model.authenticate("invalid", "test")).to be_nil
+    end
+
+    it "doesn't authenticate using wrong password" do
+      expect(model.authenticate("johndoe", "invalid")).not_to be
+    end
+
+    it "returns nil when no user has been found" do
+      expect(model.find_by_credential("invalid")).to be_nil
+    end
+
+    it "raises error when no user has been found" do
+      expect {
+        model.find_by_credential!("invalid")
+      }.to raise_error(SimpleAuth::RecordNotFound)
+    end
+
+    it "returns user" do
+      expect(model.find_by_credential(subject.email)).to eq(subject)
+      expect(model.find_by_credential!(subject.email)).to eq(subject)
+    end
+  end
 end

data/spec/simple_auth/compat_spec.rb

@@ -0,0 +1,31 @@
+require "spec_helper"
+
+describe SimpleAuth, "compatibility mode" do
+  before do
+    SimpleAuth::Config.model = :customer
+    require "simple_auth/compat"
+    require "customer"
+  end
+
+  after do
+    mod = SimpleAuth::ActiveRecord::InstanceMethods
+    mod.send :remove_method, :password=
+    mod.send :remove_method, :password_confirmation=
+    mod.send :remove_method, :authenticate
+  end
+
+  it "finds user based on the hashing system" do
+    password_salt = SecureRandom.hex
+    password_hash = SimpleAuth::Config.crypter.call("test", password_salt)
+    password_digest = BCrypt::Password.create(password_hash, cost: BCrypt::Engine::MIN_COST)
+
+    ActiveRecord::Base.connection.execute <<-SQL
+    INSERT INTO customers
+      (email, login, password_digest, password_salt)
+    VALUES
+      ('john@example.org', 'johndoe', '#{password_digest}', '#{password_salt}')
+    SQL
+
+    expect(Customer.authenticate("johndoe", "test")).to be_a(Customer)
+  end
+end

data/spec/simple_auth/config_spec.rb

@@ -1,40 +1,21 @@
 require "spec_helper"
 
 describe SimpleAuth::Config do
-  it "should yield SimpleAuth::Config class" do
+  it "yields SimpleAuth::Config class" do
     SimpleAuth.setup do |config|
-      config.should == SimpleAuth::Config
+      expect(config).to eq(SimpleAuth::Config)
     end
   end
 
-  it "should use [:email, :login] as credential attributes" do
-    SimpleAuth::Config.credentials.should == [:email, :login]
+  it "uses [:email, :login] as credential attributes" do
+    expect(SimpleAuth::Config.credentials).to eq([:email, :login])
   end
 
-  it "should use User as default model" do
-    SimpleAuth::Config.model.should == :user
+  it "uses User as default model" do
+    expect(SimpleAuth::Config.model).to eq(:user)
   end
 
-  specify "crypter should expect 2 block arguments" do
-    SimpleAuth::Config.crypter.arity.should == 2
-  end
-
-  specify "salt should expect 1 block argument" do
-    SimpleAuth::Config.salt.arity.should == 1
-  end
-
-  specify "salt should return a 64-char long salt" do
-    SimpleAuth::Config.salt.call(nil).size.should == 64
-  end
-
-  specify "wipeout session should be disabled" do
-    SimpleAuth::Config.wipeout_session.should be_false
-  end
-
-  specify "deprecated reset_session accessor" do
-    Kernel.should_receive(:warn).twice
-
-    SimpleAuth::Config.reset_session = true
-    SimpleAuth::Config.reset_session
+  it "disables session wipeout" do
+    expect(SimpleAuth::Config.wipeout_session).to be_falsey
   end
 end