simple_token_authentication 1.13.0 → 1.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +13 -5
- data/Appraisals +11 -1
- data/CHANGELOG.md +13 -0
- data/gemfiles/rails_4_devise_3.gemfile +3 -0
- data/gemfiles/rails_4_devise_3.gemfile.lock +163 -0
- data/gemfiles/rails_4_devise_4.gemfile.lock +159 -0
- data/gemfiles/rails_5_devise_4.gemfile +7 -0
- data/gemfiles/rails_5_devise_4.gemfile.lock +156 -0
- data/gemfiles/ruby_1.9.3_rails_3.2.gemfile +2 -0
- data/gemfiles/ruby_1.9.3_rails_3.2.gemfile.lock +150 -0
- data/lib/simple_token_authentication.rb +9 -1
- data/lib/simple_token_authentication/sign_in_handler.rb +1 -1
- data/lib/simple_token_authentication/token_authentication_handler.rb +7 -1
- data/lib/simple_token_authentication/version.rb +1 -1
- data/spec/configuration/action_controller_callbacks_options_spec.rb +87 -4
- data/spec/configuration/fallback_to_devise_option_spec.rb +128 -4
- data/spec/configuration/header_names_option_spec.rb +4 -2
- data/spec/configuration/sign_in_token_option_spec.rb +8 -3
- data/spec/configuration/skip_devise_trackable_option_spec.rb +11 -7
- data/spec/lib/simple_token_authentication/sign_in_handler_spec.rb +10 -3
- data/spec/lib/simple_token_authentication/token_authentication_handler_spec.rb +173 -1
- metadata +51 -42
@@ -0,0 +1,150 @@
|
|
1
|
+
PATH
|
2
|
+
remote: ../
|
3
|
+
specs:
|
4
|
+
simple_token_authentication (1.14.0)
|
5
|
+
actionmailer (>= 3.2.6, < 6)
|
6
|
+
actionpack (>= 3.2.6, < 6)
|
7
|
+
devise (>= 3.2, < 6)
|
8
|
+
|
9
|
+
GEM
|
10
|
+
remote: https://rubygems.org/
|
11
|
+
specs:
|
12
|
+
actionmailer (3.2.22.2)
|
13
|
+
actionpack (= 3.2.22.2)
|
14
|
+
mail (~> 2.5.4)
|
15
|
+
actionpack (3.2.22.2)
|
16
|
+
activemodel (= 3.2.22.2)
|
17
|
+
activesupport (= 3.2.22.2)
|
18
|
+
builder (~> 3.0.0)
|
19
|
+
erubis (~> 2.7.0)
|
20
|
+
journey (~> 1.0.4)
|
21
|
+
rack (~> 1.4.5)
|
22
|
+
rack-cache (~> 1.2)
|
23
|
+
rack-test (~> 0.6.1)
|
24
|
+
sprockets (~> 2.2.1)
|
25
|
+
activemodel (3.2.22.2)
|
26
|
+
activesupport (= 3.2.22.2)
|
27
|
+
builder (~> 3.0.0)
|
28
|
+
activerecord (3.2.22.2)
|
29
|
+
activemodel (= 3.2.22.2)
|
30
|
+
activesupport (= 3.2.22.2)
|
31
|
+
arel (~> 3.0.2)
|
32
|
+
tzinfo (~> 0.3.29)
|
33
|
+
activesupport (3.2.22.2)
|
34
|
+
i18n (~> 0.6, >= 0.6.4)
|
35
|
+
multi_json (~> 1.0)
|
36
|
+
appraisal (2.1.0)
|
37
|
+
bundler
|
38
|
+
rake
|
39
|
+
thor (>= 0.14.0)
|
40
|
+
arel (3.0.3)
|
41
|
+
bcrypt (3.1.11)
|
42
|
+
builder (3.0.4)
|
43
|
+
coderay (1.1.1)
|
44
|
+
devise (3.5.10)
|
45
|
+
bcrypt (~> 3.0)
|
46
|
+
orm_adapter (~> 0.1)
|
47
|
+
railties (>= 3.2.6, < 5)
|
48
|
+
responders
|
49
|
+
thread_safe (~> 0.1)
|
50
|
+
warden (~> 1.2.3)
|
51
|
+
diff-lcs (1.2.5)
|
52
|
+
erubis (2.7.0)
|
53
|
+
hike (1.2.3)
|
54
|
+
i18n (0.7.0)
|
55
|
+
inch (0.7.1)
|
56
|
+
pry
|
57
|
+
sparkr (>= 0.2.0)
|
58
|
+
term-ansicolor
|
59
|
+
yard (~> 0.8.7.5)
|
60
|
+
journey (1.0.4)
|
61
|
+
json (1.8.3)
|
62
|
+
mail (2.5.4)
|
63
|
+
mime-types (~> 1.16)
|
64
|
+
treetop (~> 1.4.8)
|
65
|
+
method_source (0.8.2)
|
66
|
+
mime-types (1.25.1)
|
67
|
+
mongoid (3.1.7)
|
68
|
+
activemodel (~> 3.2)
|
69
|
+
moped (~> 1.4)
|
70
|
+
origin (~> 1.0)
|
71
|
+
tzinfo (~> 0.3.29)
|
72
|
+
moped (1.5.3)
|
73
|
+
multi_json (1.12.1)
|
74
|
+
origin (1.1.0)
|
75
|
+
orm_adapter (0.5.0)
|
76
|
+
polyglot (0.3.5)
|
77
|
+
pry (0.10.3)
|
78
|
+
coderay (~> 1.1.0)
|
79
|
+
method_source (~> 0.8.1)
|
80
|
+
slop (~> 3.4)
|
81
|
+
rack (1.4.7)
|
82
|
+
rack-cache (1.6.1)
|
83
|
+
rack (>= 0.4)
|
84
|
+
rack-ssl (1.3.4)
|
85
|
+
rack
|
86
|
+
rack-test (0.6.3)
|
87
|
+
rack (>= 1.0)
|
88
|
+
railties (3.2.22.2)
|
89
|
+
actionpack (= 3.2.22.2)
|
90
|
+
activesupport (= 3.2.22.2)
|
91
|
+
rack-ssl (~> 1.3.2)
|
92
|
+
rake (>= 0.8.7)
|
93
|
+
rdoc (~> 3.4)
|
94
|
+
thor (>= 0.14.6, < 2.0)
|
95
|
+
rake (11.2.2)
|
96
|
+
rdoc (3.12.2)
|
97
|
+
json (~> 1.4)
|
98
|
+
responders (1.1.2)
|
99
|
+
railties (>= 3.2, < 4.2)
|
100
|
+
rspec (3.5.0)
|
101
|
+
rspec-core (~> 3.5.0)
|
102
|
+
rspec-expectations (~> 3.5.0)
|
103
|
+
rspec-mocks (~> 3.5.0)
|
104
|
+
rspec-core (3.5.0)
|
105
|
+
rspec-support (~> 3.5.0)
|
106
|
+
rspec-expectations (3.5.0)
|
107
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
108
|
+
rspec-support (~> 3.5.0)
|
109
|
+
rspec-mocks (3.5.0)
|
110
|
+
diff-lcs (>= 1.2.0, < 2.0)
|
111
|
+
rspec-support (~> 3.5.0)
|
112
|
+
rspec-support (3.5.0)
|
113
|
+
slop (3.6.0)
|
114
|
+
sparkr (0.4.1)
|
115
|
+
sprockets (2.2.3)
|
116
|
+
hike (~> 1.2)
|
117
|
+
multi_json (~> 1.0)
|
118
|
+
rack (~> 1.0)
|
119
|
+
tilt (~> 1.1, != 1.3.0)
|
120
|
+
term-ansicolor (1.3.2)
|
121
|
+
tins (~> 1.0)
|
122
|
+
thor (0.19.1)
|
123
|
+
thread_safe (0.3.5)
|
124
|
+
tilt (1.4.1)
|
125
|
+
tins (1.6.0)
|
126
|
+
treetop (1.4.15)
|
127
|
+
polyglot
|
128
|
+
polyglot (>= 0.3.1)
|
129
|
+
tzinfo (0.3.51)
|
130
|
+
warden (1.2.6)
|
131
|
+
rack (>= 1.0)
|
132
|
+
yard (0.8.7.6)
|
133
|
+
|
134
|
+
PLATFORMS
|
135
|
+
ruby
|
136
|
+
|
137
|
+
DEPENDENCIES
|
138
|
+
actionmailer (>= 3.2.6, < 4)
|
139
|
+
actionpack (>= 3.2.6, < 4)
|
140
|
+
activerecord (>= 3.2.6, < 4)
|
141
|
+
appraisal (~> 2.0)
|
142
|
+
inch (~> 0.4)
|
143
|
+
mime-types (< 3)
|
144
|
+
mongoid (>= 3.1.0, < 7)
|
145
|
+
rspec (~> 3.0)
|
146
|
+
simple_token_authentication!
|
147
|
+
tins (< 1.7.0)
|
148
|
+
|
149
|
+
BUNDLED WITH
|
150
|
+
1.11.2
|
@@ -1,3 +1,4 @@
|
|
1
|
+
require 'active_support/version'
|
1
2
|
require 'simple_token_authentication/acts_as_token_authenticatable'
|
2
3
|
require 'simple_token_authentication/acts_as_token_authentication_handler'
|
3
4
|
require 'simple_token_authentication/configuration'
|
@@ -46,7 +47,14 @@ module SimpleTokenAuthentication
|
|
46
47
|
end
|
47
48
|
|
48
49
|
def self.adapter_dependency_fulfilled? adapter_short_name
|
49
|
-
|
50
|
+
dependency = SimpleTokenAuthentication.adapters_dependencies[adapter_short_name]
|
51
|
+
|
52
|
+
if !respond_to?(:qualified_const_defined?) || (ActiveSupport.respond_to?(:version) && ActiveSupport.version.to_s =~ /^5\.0/)
|
53
|
+
# See https://github.com/gonzalo-bulnes/simple_token_authentication/pull/229/commits/74eda6c28cd0b45636c466de56f2dbaca5c5b629#r57507423
|
54
|
+
const_defined?(dependency)
|
55
|
+
else
|
56
|
+
qualified_const_defined?(dependency)
|
57
|
+
end
|
50
58
|
end
|
51
59
|
|
52
60
|
available_model_adapters = load_available_adapters SimpleTokenAuthentication.model_adapters
|
@@ -15,7 +15,7 @@ module SimpleTokenAuthentication
|
|
15
15
|
def integrate_with_devise_trackable!(controller)
|
16
16
|
# Sign in using token should not be tracked by Devise trackable
|
17
17
|
# See https://github.com/plataformatec/devise/issues/953
|
18
|
-
controller.env["devise.skip_trackable"] = SimpleTokenAuthentication.skip_devise_trackable
|
18
|
+
controller.request.env["devise.skip_trackable"] = SimpleTokenAuthentication.skip_devise_trackable
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
@@ -144,7 +144,13 @@ module SimpleTokenAuthentication
|
|
144
144
|
else
|
145
145
|
:"authenticate_#{entity.name_underscore}_from_token"
|
146
146
|
end
|
147
|
-
|
147
|
+
|
148
|
+
if respond_to?(:before_action)
|
149
|
+
# See https://github.com/rails/rails/commit/9d62e04838f01f5589fa50b0baa480d60c815e2c
|
150
|
+
before_action authenticate_method, options.slice(:only, :except, :if, :unless)
|
151
|
+
else
|
152
|
+
before_filter authenticate_method, options.slice(:only, :except, :if, :unless)
|
153
|
+
end
|
148
154
|
end
|
149
155
|
end
|
150
156
|
end
|
@@ -11,7 +11,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
|
|
11
11
|
define_test_subjects_for_extension_of(SimpleTokenAuthentication::ActsAsTokenAuthenticationHandler)
|
12
12
|
end
|
13
13
|
|
14
|
-
describe ':only option' do
|
14
|
+
describe ':only option', before_filter: true do
|
15
15
|
|
16
16
|
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
17
17
|
|
@@ -31,7 +31,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
|
|
31
31
|
end
|
32
32
|
end
|
33
33
|
|
34
|
-
describe ':except option' do
|
34
|
+
describe ':except option', before_filter: true do
|
35
35
|
|
36
36
|
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
37
37
|
|
@@ -51,7 +51,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
|
|
51
51
|
end
|
52
52
|
end
|
53
53
|
|
54
|
-
describe ':if option' do
|
54
|
+
describe ':if option', before_filter: true do
|
55
55
|
|
56
56
|
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
57
57
|
|
@@ -71,7 +71,7 @@ describe 'ActionController', action_controller_callbacks_options: true do
|
|
71
71
|
end
|
72
72
|
end
|
73
73
|
|
74
|
-
describe ':unless option' do
|
74
|
+
describe ':unless option', before_filter: true do
|
75
75
|
|
76
76
|
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
77
77
|
|
@@ -90,4 +90,87 @@ describe 'ActionController', action_controller_callbacks_options: true do
|
|
90
90
|
end
|
91
91
|
end
|
92
92
|
end
|
93
|
+
|
94
|
+
context "which supports the :before_action hook", before_action: true do
|
95
|
+
|
96
|
+
describe ':only option' do
|
97
|
+
|
98
|
+
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
99
|
+
|
100
|
+
it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
|
101
|
+
some_class = @subjects.first
|
102
|
+
|
103
|
+
expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { only: ['some_action', :some_other_action] })
|
104
|
+
some_class.acts_as_token_authentication_handler_for User, only: ['some_action', :some_other_action]
|
105
|
+
end
|
106
|
+
|
107
|
+
it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
|
108
|
+
some_child_class = @subjects.last
|
109
|
+
|
110
|
+
expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { only: ['some_action', :some_other_action] })
|
111
|
+
some_child_class.acts_as_token_authentication_handler_for User, only: ['some_action', :some_other_action]
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
describe ':except option' do
|
117
|
+
|
118
|
+
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
119
|
+
|
120
|
+
it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
|
121
|
+
some_class = @subjects.first
|
122
|
+
|
123
|
+
expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { except: ['some_action', :some_other_action] })
|
124
|
+
some_class.acts_as_token_authentication_handler_for User, except: ['some_action', :some_other_action]
|
125
|
+
end
|
126
|
+
|
127
|
+
it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
|
128
|
+
some_child_class = @subjects.last
|
129
|
+
|
130
|
+
expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { except: ['some_action', :some_other_action] })
|
131
|
+
some_child_class.acts_as_token_authentication_handler_for User, except: ['some_action', :some_other_action]
|
132
|
+
end
|
133
|
+
end
|
134
|
+
end
|
135
|
+
|
136
|
+
describe ':if option' do
|
137
|
+
|
138
|
+
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
139
|
+
|
140
|
+
it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
|
141
|
+
some_class = @subjects.first
|
142
|
+
|
143
|
+
expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { if: lambda { |controller| 'some condition' } })
|
144
|
+
some_class.acts_as_token_authentication_handler_for User, if: lambda { |controller| 'some condition' }
|
145
|
+
end
|
146
|
+
|
147
|
+
it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
|
148
|
+
some_child_class = @subjects.last
|
149
|
+
|
150
|
+
expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { if: lambda { |controller| 'some condition' } })
|
151
|
+
some_child_class.acts_as_token_authentication_handler_for User, if: lambda { |controller| 'some condition' }
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
156
|
+
describe ':unless option' do
|
157
|
+
|
158
|
+
context 'when provided to `acts_as_token_authentication_hanlder_for`' do
|
159
|
+
|
160
|
+
it 'is applied to the corresponding callback (1)', rspec_3_error: true, private: true do
|
161
|
+
some_class = @subjects.first
|
162
|
+
|
163
|
+
expect(some_class).to receive(:before_action).with(:authenticate_user_from_token!, { unless: lambda { |controller| 'some condition' } })
|
164
|
+
some_class.acts_as_token_authentication_handler_for User, unless: lambda { |controller| 'some condition' }
|
165
|
+
end
|
166
|
+
|
167
|
+
it 'is applied to the corresponding callback (2)', rspec_3_error: true, private: true do
|
168
|
+
some_child_class = @subjects.last
|
169
|
+
|
170
|
+
expect(some_child_class).to receive(:before_action).with(:authenticate_user_from_token!, { unless: lambda { |controller| 'some condition' } })
|
171
|
+
some_child_class.acts_as_token_authentication_handler_for User, unless: lambda { |controller| 'some condition' }
|
172
|
+
end
|
173
|
+
end
|
174
|
+
end
|
175
|
+
end
|
93
176
|
end
|
@@ -19,7 +19,7 @@ describe 'Simple Token Authentication' do
|
|
19
19
|
|
20
20
|
context 'when true' do
|
21
21
|
|
22
|
-
it 'delegates authentication to Devise strategies', protected: true do
|
22
|
+
it 'delegates authentication to Devise strategies', protected: true, before_filter: true do
|
23
23
|
@controller = @controller_class.new
|
24
24
|
allow(@controller).to receive(:params)
|
25
25
|
allow(@controller).to receive(:find_record_from_identifier)
|
@@ -39,7 +39,7 @@ describe 'Simple Token Authentication' do
|
|
39
39
|
|
40
40
|
context 'when false' do
|
41
41
|
|
42
|
-
it 'does nothing after token authentication fails', protected: true do
|
42
|
+
it 'does nothing after token authentication fails', protected: true, before_filter: true do
|
43
43
|
@controller = @controller_class.new
|
44
44
|
allow(@controller).to receive(:params)
|
45
45
|
allow(@controller).to receive(:find_record_from_identifier)
|
@@ -59,7 +59,7 @@ describe 'Simple Token Authentication' do
|
|
59
59
|
|
60
60
|
context 'when omitted' do
|
61
61
|
|
62
|
-
it 'delegates authentication to Devise strategies', protected: true do
|
62
|
+
it 'delegates authentication to Devise strategies', protected: true, before_filter: true do
|
63
63
|
@controller = @controller_class.new
|
64
64
|
allow(@controller).to receive(:params)
|
65
65
|
allow(@controller).to receive(:find_record_from_identifier)
|
@@ -85,7 +85,7 @@ describe 'Simple Token Authentication' do
|
|
85
85
|
allow(admin).to receive(:name).and_return('Admin')
|
86
86
|
end
|
87
87
|
|
88
|
-
context 'when false for User and true for Admin' do
|
88
|
+
context 'when false for User and true for Admin', before_filter: true do
|
89
89
|
|
90
90
|
before(:each) do
|
91
91
|
@controller = @controller_class.new
|
@@ -124,5 +124,129 @@ describe 'Simple Token Authentication' do
|
|
124
124
|
end
|
125
125
|
end
|
126
126
|
end
|
127
|
+
|
128
|
+
context "when the token authenticatable supports the :before_action hook", before_action: true do
|
129
|
+
|
130
|
+
describe 'determines what to do if token authentication fails' do
|
131
|
+
|
132
|
+
before(:each) do
|
133
|
+
user = double()
|
134
|
+
stub_const('User', user)
|
135
|
+
allow(user).to receive(:name).and_return('User')
|
136
|
+
|
137
|
+
# given a controller class which acts as token authentication handler
|
138
|
+
@controller_class = Class.new
|
139
|
+
allow(@controller_class).to receive(:before_action)
|
140
|
+
@controller_class.send :extend, SimpleTokenAuthentication::ActsAsTokenAuthenticationHandler
|
141
|
+
end
|
142
|
+
|
143
|
+
context 'when true' do
|
144
|
+
|
145
|
+
it 'delegates authentication to Devise strategies', protected: true do
|
146
|
+
@controller = @controller_class.new
|
147
|
+
allow(@controller).to receive(:params)
|
148
|
+
allow(@controller).to receive(:find_record_from_identifier)
|
149
|
+
|
150
|
+
# sets :authenticate_user_from_token! (bang) in the before_action
|
151
|
+
expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token!, {})
|
152
|
+
|
153
|
+
# when falling back to Devise is enabled
|
154
|
+
@controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: true
|
155
|
+
|
156
|
+
# when the hook is triggered
|
157
|
+
# Devise strategies take control of authentication
|
158
|
+
expect(@controller).to receive(:authenticate_user!)
|
159
|
+
@controller.authenticate_user_from_token! # bang
|
160
|
+
end
|
161
|
+
end
|
162
|
+
|
163
|
+
context 'when false' do
|
164
|
+
|
165
|
+
it 'does nothing after token authentication fails', protected: true do
|
166
|
+
@controller = @controller_class.new
|
167
|
+
allow(@controller).to receive(:params)
|
168
|
+
allow(@controller).to receive(:find_record_from_identifier)
|
169
|
+
|
170
|
+
# sets :authenticate_user_from_token (non-bang) in the before_action
|
171
|
+
expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token, {})
|
172
|
+
|
173
|
+
# when falling back to Devise is enabled
|
174
|
+
@controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: false
|
175
|
+
|
176
|
+
# when the hook is triggered
|
177
|
+
# Devise strategies do not take control of authentication
|
178
|
+
expect(@controller).not_to receive(:authenticate_user!)
|
179
|
+
@controller.authenticate_user_from_token # non-bang
|
180
|
+
end
|
181
|
+
end
|
182
|
+
|
183
|
+
context 'when omitted' do
|
184
|
+
|
185
|
+
it 'delegates authentication to Devise strategies', protected: true do
|
186
|
+
@controller = @controller_class.new
|
187
|
+
allow(@controller).to receive(:params)
|
188
|
+
allow(@controller).to receive(:find_record_from_identifier)
|
189
|
+
|
190
|
+
# sets :authenticate_user_from_token! (bang) in the before_action
|
191
|
+
expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token!, {})
|
192
|
+
|
193
|
+
# when falling back to Devise is enabled
|
194
|
+
@controller_class.acts_as_token_authentication_handler_for User
|
195
|
+
|
196
|
+
# when the hook is triggered
|
197
|
+
# Devise strategies take control of authentication
|
198
|
+
expect(@controller).to receive(:authenticate_user!)
|
199
|
+
@controller.authenticate_user_from_token! # bang
|
200
|
+
end
|
201
|
+
end
|
202
|
+
|
203
|
+
describe 'in a per-model (token authenticatable) way' do
|
204
|
+
|
205
|
+
before(:each) do
|
206
|
+
admin = double()
|
207
|
+
stub_const('Admin', admin)
|
208
|
+
allow(admin).to receive(:name).and_return('Admin')
|
209
|
+
end
|
210
|
+
|
211
|
+
context 'when false for User and true for Admin' do
|
212
|
+
|
213
|
+
before(:each) do
|
214
|
+
@controller = @controller_class.new
|
215
|
+
allow(@controller).to receive(:params)
|
216
|
+
allow(@controller).to receive(:find_record_from_identifier)
|
217
|
+
|
218
|
+
# sets :authenticate_user_from_token (non-bang) in the before_action
|
219
|
+
expect(@controller_class).to receive(:before_action).with(:authenticate_user_from_token, {})
|
220
|
+
# sets :authenticate_admin_from_token! (bang) in the before_action
|
221
|
+
expect(@controller_class).to receive(:before_action).with(:authenticate_admin_from_token!, {})
|
222
|
+
|
223
|
+
# when falling back to Devise is enabled for Admin but not User
|
224
|
+
@controller_class.acts_as_token_authentication_handler_for User, fallback_to_devise: false
|
225
|
+
@controller_class.acts_as_token_authentication_handler_for Admin, fallback_to_devise: true
|
226
|
+
end
|
227
|
+
|
228
|
+
context 'after no user suceeds token authentication' do
|
229
|
+
|
230
|
+
it 'does nothing', protected: true do
|
231
|
+
# when the user hook is triggered
|
232
|
+
# Devise strategies do not take control of authentication
|
233
|
+
expect(@controller).not_to receive(:authenticate_user!)
|
234
|
+
@controller.authenticate_user_from_token
|
235
|
+
end
|
236
|
+
end
|
237
|
+
|
238
|
+
context 'after no admin succeeds token authentication' do
|
239
|
+
|
240
|
+
it 'does delegate authentication to Devise', protected: true do
|
241
|
+
# when the admin hook is triggered
|
242
|
+
# Devise strategies do take control of authentication
|
243
|
+
expect(@controller).to receive(:authenticate_admin!)
|
244
|
+
@controller.authenticate_admin_from_token!
|
245
|
+
end
|
246
|
+
end
|
247
|
+
end
|
248
|
+
end
|
249
|
+
end
|
250
|
+
end
|
127
251
|
end
|
128
252
|
end
|