RubyGems - simple_auth - Versions diffs - 1.5.0 → 2.0.0 - Mend

simple_auth 1.5.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

checksums.yaml +4 -4
data/.rspec +1 -1
data/.travis.yml +11 -0
data/CHANGELOG.md +5 -0
data/Gemfile +0 -2
data/Gemfile.lock +102 -79
data/README.md +243 -0
data/Rakefile +15 -0
data/gemfiles/rails_3_1.gemfile +5 -0
data/gemfiles/rails_3_1.gemfile.lock +151 -0
data/gemfiles/rails_3_2.gemfile +5 -0
data/gemfiles/rails_3_2.gemfile.lock +149 -0
data/gemfiles/rails_4_0.gemfile +4 -0
data/gemfiles/rails_4_0.gemfile.lock +140 -0
data/gemfiles/rails_4_1.gemfile +4 -0
data/gemfiles/rails_4_1.gemfile.lock +146 -0
data/lib/simple_auth.rb +1 -6
data/lib/simple_auth/action_controller.rb +14 -10
data/lib/simple_auth/active_record.rb +86 -0
data/lib/simple_auth/compat.rb +2 -0
data/lib/simple_auth/compat/active_record.rb +31 -0
data/lib/simple_auth/compat/config.rb +17 -0
data/lib/simple_auth/config.rb +0 -20
data/lib/simple_auth/exceptions.rb +0 -1
data/lib/simple_auth/railtie.rb +1 -1
data/lib/simple_auth/rspec.rb +2 -2
data/lib/simple_auth/session.rb +1 -1
data/lib/simple_auth/version.rb +2 -2
data/simple_auth.gemspec +4 -4
data/spec/controllers/redirect_logged_user_spec.rb +16 -16
data/spec/controllers/require_logged_user_spec.rb +34 -34
data/spec/schema.rb +5 -1
data/spec/simple_auth/active_record_spec.rb +104 -2
data/spec/simple_auth/compat_spec.rb +31 -0
data/spec/simple_auth/config_spec.rb +8 -27
data/spec/simple_auth/helper_spec.rb +7 -7
data/spec/simple_auth/session_spec.rb +76 -76
data/spec/spec_helper.rb +2 -168
data/spec/support/app/models/customer.rb +3 -0
data/templates/initializer.rb +0 -8
metadata +62 -33
data/README.markdown +0 -202
data/lib/simple_auth/orm/active_record.rb +0 -80
data/lib/simple_auth/orm/base.rb +0 -89
data/lib/simple_auth/orm/mongo_mapper.rb +0 -62
data/spec/simple_auth/mongo_mapper_spec.rb +0 -10
data/spec/support/app/models/account.rb +0 -6

data/spec/controllers/redirect_logged_user_spec.rb CHANGED Viewed

@@ -12,7 +12,7 @@ describe ApplicationController do
   context "redirecting logged users" do
     context "using hash" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => { :controller => "dashboard" }
         def index
@@ -20,17 +20,17 @@ describe ApplicationController do
         end
       end
-      it "should redirect logged users" do
+      it "redirects logged users" do
         session[:user_id] = user.id
         get :index
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
     context "using block" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => proc { dashboard_path }
         def index
@@ -38,17 +38,17 @@ describe ApplicationController do
         end
       end
-      it "should redirect logged users" do
+      it "redirects logged users" do
         session[:user_id] = user.id
         get :index
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
     context "using configuration" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user
         def index
@@ -56,18 +56,18 @@ describe ApplicationController do
         end
       end
-      it "should redirect logged users" do
+      it "redirects logged users" do
         SimpleAuth::Config.logged_url = proc { dashboard_path }
         session[:user_id] = user.id
         get :index
-        response.code.should match(/302/)
-        response.should redirect_to("/dashboard")
+        expect(response.code).to match(/302/)
+        expect(response).to redirect_to("/dashboard")
       end
     end
     context "when unlogged" do
-      controller do
+      controller ApplicationController do
         redirect_logged_user :to => { :controller => "dashboard" }
         def index
@@ -75,12 +75,12 @@ describe ApplicationController do
         end
       end
-      it "should render page" do
+      it "renders page" do
         session[:user_id] = nil
         get :index
-        response.code.should match(/200/)
-        response.body.should == "Rendered"
+        expect(response.code).to match(/200/)
+        expect(response.body).to eq("Rendered")
       end
     end
   end

data/spec/controllers/require_logged_user_spec.rb CHANGED Viewed

@@ -15,7 +15,7 @@ describe ApplicationController do
   end
   context "redirecting to requested page" do
-    controller do
+    controller ApplicationController do
       require_logged_user :to => "/login"
       def index
@@ -23,66 +23,66 @@ describe ApplicationController do
       end
     end
-    it "should keep other session data" do
+    it "keeps other session data" do
       session[:skip_intro] = true
       get :index
-      session[:skip_intro].should be_true
+      expect(session[:skip_intro]).to be_truthy
     end
-    it "should remove record id from session" do
+    it "removes record id from session" do
       session[:user_id] = 0
       get :index
-      session.should_not have_key(:user)
+      expect(session).not_to have_key(:user)
     end
-    it "should remove session id from session" do
+    it "removes session id from session" do
       session[:session_id] = "xSQR"
       get :index
-      session.should_not have_key(:session_id)
+      expect(session).not_to have_key(:session_id)
     end
-    it "should return the request url" do
+    it "returns the request url" do
       get :index, :some => "param"
-      controller.send(:return_to, "/dashboard").should == "/anonymous?some=param"
+      expect(controller.send(:return_to, "/dashboard")).to eq("/anonymous?some=param")
     end
-    it "should return the default url" do
-      controller.send(:return_to, "/dashboard").should == "/dashboard"
+    it "returns the default url" do
+      expect(controller.send(:return_to, "/dashboard")).to eq("/dashboard")
     end
-    it "should set return to" do
+    it "sets return to" do
       get :index, :some => "param"
-      session[:return_to].should == "/anonymous?some=param"
+      expect(session[:return_to]).to eq("/anonymous?some=param")
     end
-    it "should remove return to from session" do
+    it "removes return to from session" do
       get :index, :some => "param"
       controller.send(:return_to, "/dashboard")
-      session[:return_to].should be_nil
+      expect(session[:return_to]).to be_nil
     end
-    it "should set warning message" do
+    it "sets warning message" do
       get :index
-      flash[:alert].should == "You need to be logged"
+      expect(flash[:alert]).to eq("You need to be logged")
     end
-    it "should redirect when user is not authorized on controller level" do
+    it "redirects when user is not authorized on controller level" do
       session[:user_id] = user.id
-      @controller.should_receive(:authorized?).and_return(false)
+      expect(@controller).to receive(:authorized?).and_return(false)
       get :index
-      response.should redirect_to("/login")
+      expect(response).to redirect_to("/login")
     end
-    it "should redirect when session is not valid" do
+    it "redirects when session is not valid" do
       session[:user_id] = "invalid"
       get :index
-      response.should redirect_to("/login")
+      expect(response).to redirect_to("/login")
     end
     context "using hash" do
-      controller do
+      controller ApplicationController do
         require_logged_user :to => {:controller => "session", :action => "new"}
         def index
@@ -90,14 +90,14 @@ describe ApplicationController do
         end
       end
-      it "should be redirected" do
+      it "is redirected" do
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
     context "using block" do
-      controller do
+      controller ApplicationController do
         require_logged_user :to => proc { login_path }
         def index
@@ -105,14 +105,14 @@ describe ApplicationController do
         end
       end
-      it "should be redirected" do
+      it "is redirected" do
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
     context "using configuration" do
-      controller do
+      controller ApplicationController do
         require_logged_user
         def index
@@ -120,16 +120,16 @@ describe ApplicationController do
         end
       end
-      it "should be redirected" do
+      it "is redirected" do
         SimpleAuth::Config.login_url = "/login"
         get :index
-        response.should redirect_to("/login")
+        expect(response).to redirect_to("/login")
       end
     end
   end
   context "when logged" do
-    controller do
+    controller ApplicationController do
       require_logged_user
       def index
@@ -137,10 +137,10 @@ describe ApplicationController do
       end
     end
-    it "should render page" do
+    it "renders page" do
       session[:user_id] = user.id
       get :index
-      response.body.should == "Rendered"
+      expect(response.body).to eq("Rendered")
     end
   end
 end

data/spec/schema.rb CHANGED Viewed

@@ -1,5 +1,9 @@
 ActiveRecord::Schema.define(:version => 0) do
   create_table :users do |t|
-    t.string :email, :login, :password_hash, :password_salt, :username
+    t.string :email, :login, :password_digest, :username
+  end
+  create_table :customers do |t|
+    t.string :email, :login, :password_digest, :password_salt
   end
 end

data/spec/simple_auth/active_record_spec.rb CHANGED Viewed

@@ -1,9 +1,111 @@
 require "spec_helper"
-describe SimpleAuth::Orm::ActiveRecord do
+describe SimpleAuth::ActiveRecord do
   let(:model) { User }
   let(:model_name) { :user }
   subject { model.new }
-  it_should_behave_like "orm"
+  before do
+    SimpleAuth::Config.model = model_name
+  end
+  context "configuration" do
+    it "sets credentials" do
+      model.authentication do |config|
+        config.credentials = ["uid"]
+      end
+      expect(SimpleAuth::Config.credentials).to eq(["uid"])
+    end
+    it "automatically sets model" do
+      model.authentication do |config|
+        config.model = nil
+      end
+      expect(SimpleAuth::Config.model).to eq(model_name)
+    end
+  end
+  context "new record" do
+    before do
+      expect(subject).not_to be_valid
+    end
+    it "requires password" do
+      expect(subject.errors[:password]).not_to be_empty
+    end
+    it "requires password to be at least 4-chars long" do
+      subject.password = "123"
+      expect(subject).not_to be_valid
+      expect(subject.errors[:password]).not_to be_empty
+    end
+    it "requires password confirmation", if: Rails::VERSION::STRING >= "4.0" do
+      user = User.create(password: "test", password_confirmation: "invalid")
+      expect(user.errors[:password_confirmation]).not_to be_empty
+    end
+    it "requires password confirmation", if: Rails::VERSION::STRING < "4.0" do
+      user = User.create(password: "test", password_confirmation: "invalid")
+      expect(user.errors[:password]).not_to be_empty
+    end
+  end
+  context "existing record" do
+    before do
+      model.delete_all
+      model.create(
+        :email => "john@doe.com",
+        :login => "johndoe",
+        :password => "test",
+        :password_confirmation => "test",
+        :username => "john"
+      )
+    end
+    subject { model.first }
+    it "requires password" do
+      user = User.create(password: nil)
+      expect(user.errors[:password]).not_to be_empty
+    end
+    it "authenticates using email" do
+      expect(model.authenticate("john@doe.com", "test")).to eq(subject)
+    end
+    it "authenticates using login" do
+      expect(model.authenticate("johndoe", "test")).to eq(subject)
+    end
+    it "authenticates using custom attribute" do
+      SimpleAuth::Config.credentials = [:username]
+      expect(model.authenticate("john", "test")).to eq(subject)
+    end
+    it "doesn't authenticate using invalid credential" do
+      expect(model.authenticate("invalid", "test")).to be_nil
+    end
+    it "doesn't authenticate using wrong password" do
+      expect(model.authenticate("johndoe", "invalid")).not_to be
+    end
+    it "returns nil when no user has been found" do
+      expect(model.find_by_credential("invalid")).to be_nil
+    end
+    it "raises error when no user has been found" do
+      expect {
+        model.find_by_credential!("invalid")
+      }.to raise_error(SimpleAuth::RecordNotFound)
+    end
+    it "returns user" do
+      expect(model.find_by_credential(subject.email)).to eq(subject)
+      expect(model.find_by_credential!(subject.email)).to eq(subject)
+    end
+  end
 end

data/spec/simple_auth/compat_spec.rb ADDED Viewed

@@ -0,0 +1,31 @@
+require "spec_helper"
+describe SimpleAuth, "compatibility mode" do
+  before do
+    SimpleAuth::Config.model = :customer
+    require "simple_auth/compat"
+    require "customer"
+  end
+  after do
+    mod = SimpleAuth::ActiveRecord::InstanceMethods
+    mod.send :remove_method, :password=
+    mod.send :remove_method, :password_confirmation=
+    mod.send :remove_method, :authenticate
+  end
+  it "finds user based on the hashing system" do
+    password_salt = SecureRandom.hex
+    password_hash = SimpleAuth::Config.crypter.call("test", password_salt)
+    password_digest = BCrypt::Password.create(password_hash, cost: BCrypt::Engine::MIN_COST)
+    ActiveRecord::Base.connection.execute <<-SQL
+    INSERT INTO customers
+      (email, login, password_digest, password_salt)
+    VALUES
+      ('john@example.org', 'johndoe', '#{password_digest}', '#{password_salt}')
+    SQL
+    expect(Customer.authenticate("johndoe", "test")).to be_a(Customer)
+  end
+end

data/spec/simple_auth/config_spec.rb CHANGED Viewed

@@ -1,40 +1,21 @@
 require "spec_helper"
 describe SimpleAuth::Config do
-  it "should yield SimpleAuth::Config class" do
+  it "yields SimpleAuth::Config class" do
     SimpleAuth.setup do |config|
-      config.should == SimpleAuth::Config
+      expect(config).to eq(SimpleAuth::Config)
     end
   end
-  it "should use [:email, :login] as credential attributes" do
-    SimpleAuth::Config.credentials.should == [:email, :login]
+  it "uses [:email, :login] as credential attributes" do
+    expect(SimpleAuth::Config.credentials).to eq([:email, :login])
   end
-  it "should use User as default model" do
-    SimpleAuth::Config.model.should == :user
+  it "uses User as default model" do
+    expect(SimpleAuth::Config.model).to eq(:user)
   end
-  specify "crypter should expect 2 block arguments" do
-    SimpleAuth::Config.crypter.arity.should == 2
-  end
-  specify "salt should expect 1 block argument" do
-    SimpleAuth::Config.salt.arity.should == 1
-  end
-  specify "salt should return a 64-char long salt" do
-    SimpleAuth::Config.salt.call(nil).size.should == 64
-  end
-  specify "wipeout session should be disabled" do
-    SimpleAuth::Config.wipeout_session.should be_false
-  end
-  specify "deprecated reset_session accessor" do
-    Kernel.should_receive(:warn).twice
-    SimpleAuth::Config.reset_session = true
-    SimpleAuth::Config.reset_session
+  it "disables session wipeout" do
+    expect(SimpleAuth::Config.wipeout_session).to be_falsey
   end
 end