simple_token_authentication 1.5.1 → 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +23 -24
  3. data/Rakefile +31 -11
  4. data/doc/README.md +18 -0
  5. data/lib/simple_token_authentication.rb +39 -0
  6. data/lib/simple_token_authentication/acts_as_token_authenticatable.rb +18 -7
  7. data/lib/simple_token_authentication/acts_as_token_authentication_handler.rb +12 -123
  8. data/lib/simple_token_authentication/adapter.rb +7 -0
  9. data/lib/simple_token_authentication/adapters/active_record_adapter.rb +14 -0
  10. data/lib/simple_token_authentication/adapters/rails_adapter.rb +14 -0
  11. data/lib/simple_token_authentication/configuration.rb +25 -0
  12. data/lib/simple_token_authentication/entities_manager.rb +10 -0
  13. data/lib/simple_token_authentication/entity.rb +64 -0
  14. data/lib/simple_token_authentication/fallback_authentication_handler.rb +11 -0
  15. data/lib/simple_token_authentication/sign_in_handler.rb +19 -0
  16. data/lib/simple_token_authentication/token_authentication_handler.rb +138 -0
  17. data/lib/simple_token_authentication/token_comparator.rb +13 -0
  18. data/lib/simple_token_authentication/token_generator.rb +9 -0
  19. data/lib/simple_token_authentication/version.rb +1 -1
  20. data/spec/configuration/action_controller_callbacks_options_spec.rb +53 -0
  21. data/spec/configuration/fallback_to_devise_option_spec.rb +128 -0
  22. data/spec/configuration/header_names_option_spec.rb +454 -0
  23. data/spec/configuration/sign_in_token_option_spec.rb +92 -0
  24. data/spec/lib/simple_token_authentication/acts_as_token_authenticatable_spec.rb +108 -0
  25. data/spec/lib/simple_token_authentication/acts_as_token_authentication_handler_spec.rb +127 -0
  26. data/spec/lib/simple_token_authentication/adapter_spec.rb +21 -0
  27. data/spec/lib/simple_token_authentication/adapters/active_record_adapter_spec.rb +21 -0
  28. data/spec/lib/simple_token_authentication/adapters/rails_adapter_spec.rb +21 -0
  29. data/spec/lib/simple_token_authentication/configuration_spec.rb +121 -0
  30. data/spec/lib/simple_token_authentication/entities_manager_spec.rb +67 -0
  31. data/spec/lib/simple_token_authentication/entity_spec.rb +190 -0
  32. data/spec/lib/simple_token_authentication/fallback_authentication_handler_spec.rb +24 -0
  33. data/spec/lib/simple_token_authentication/sign_in_handler_spec.rb +43 -0
  34. data/spec/lib/simple_token_authentication/token_authentication_handler_spec.rb +250 -0
  35. data/spec/lib/simple_token_authentication/token_comparator_spec.rb +19 -0
  36. data/spec/lib/simple_token_authentication/token_generator_spec.rb +19 -0
  37. data/spec/lib/simple_token_authentication_spec.rb +86 -0
  38. data/spec/spec_helper.rb +13 -0
  39. data/spec/support/dummy_classes_helper.rb +80 -0
  40. data/spec/support/spec_for_adapter.rb +6 -0
  41. data/spec/support/spec_for_authentication_handler_interface.rb +8 -0
  42. data/spec/support/spec_for_configuration_option_interface.rb +28 -0
  43. data/spec/support/spec_for_entities_manager_interface.rb +8 -0
  44. data/spec/support/spec_for_sign_in_handler_interface.rb +8 -0
  45. data/spec/support/spec_for_token_comparator_interface.rb +8 -0
  46. data/spec/support/spec_for_token_generator_interface.rb +8 -0
  47. data/spec/support/specs_for_token_authentication_handler_interface.rb +8 -0
  48. metadata +80 -132
  49. data/lib/tasks/cucumber.rake +0 -65
  50. data/spec/dummy/README.rdoc +0 -28
  51. data/spec/dummy/Rakefile +0 -6
  52. data/spec/dummy/app/assets/javascripts/application.js +0 -13
  53. data/spec/dummy/app/assets/stylesheets/application.css +0 -13
  54. data/spec/dummy/app/controllers/application_controller.rb +0 -5
  55. data/spec/dummy/app/helpers/application_helper.rb +0 -2
  56. data/spec/dummy/app/views/layouts/application.html.erb +0 -14
  57. data/spec/dummy/bin/bundle +0 -3
  58. data/spec/dummy/bin/rails +0 -4
  59. data/spec/dummy/bin/rake +0 -4
  60. data/spec/dummy/config.ru +0 -4
  61. data/spec/dummy/config/application.rb +0 -24
  62. data/spec/dummy/config/boot.rb +0 -5
  63. data/spec/dummy/config/database.yml +0 -25
  64. data/spec/dummy/config/environment.rb +0 -5
  65. data/spec/dummy/config/environments/development.rb +0 -29
  66. data/spec/dummy/config/environments/production.rb +0 -80
  67. data/spec/dummy/config/environments/test.rb +0 -36
  68. data/spec/dummy/config/initializers/backtrace_silencers.rb +0 -7
  69. data/spec/dummy/config/initializers/filter_parameter_logging.rb +0 -4
  70. data/spec/dummy/config/initializers/inflections.rb +0 -16
  71. data/spec/dummy/config/initializers/mime_types.rb +0 -5
  72. data/spec/dummy/config/initializers/secret_token.rb +0 -12
  73. data/spec/dummy/config/initializers/session_store.rb +0 -3
  74. data/spec/dummy/config/initializers/wrap_parameters.rb +0 -14
  75. data/spec/dummy/config/locales/en.yml +0 -23
  76. data/spec/dummy/config/routes.rb +0 -56
  77. data/spec/dummy/public/404.html +0 -58
  78. data/spec/dummy/public/422.html +0 -58
  79. data/spec/dummy/public/500.html +0 -57
  80. data/spec/dummy/public/favicon.ico +0 -0
@@ -0,0 +1,67 @@
1
+ require 'spec_helper'
2
+
3
+ describe SimpleTokenAuthentication::EntitiesManager do
4
+
5
+ # The 'model' argument is quite vague, as it is for Entity;
6
+ # let's do nothing to solve that undefinition for now.
7
+
8
+ it_behaves_like 'an entities manager'
9
+
10
+ describe '#find_or_create_entity' do
11
+
12
+ before(:each) do
13
+ entity = double()
14
+ allow(entity).to receive(:new).and_return('an Entity instance')
15
+ stub_const('SimpleTokenAuthentication::Entity', entity)
16
+
17
+ super_user = double()
18
+ allow(super_user).to receive(:name) # any Ruby class has a name
19
+ stub_const('SuperUser', super_user)
20
+ end
21
+
22
+ context 'when a model is provided for the first time' do
23
+
24
+ it 'creates an Entity instance for the model', private: true do
25
+ expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
26
+ expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
27
+ end
28
+
29
+ context 'even if Entity instances for other models exist', private: true do
30
+
31
+ before(:each) do
32
+ # define another model
33
+ admin = double()
34
+ allow(admin).to receive(:name).and_return('Admin')
35
+ stub_const('Admin', admin)
36
+ # ensure its Entity instance exists
37
+ subject.find_or_create_entity(Admin)
38
+ allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
39
+ end
40
+
41
+ it 'creates an Entity instance for the model', private: true do
42
+ expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
43
+ expect(subject.find_or_create_entity(SuperUser)).to eq 'some new Entity instance'
44
+ end
45
+ end
46
+ end
47
+
48
+ context 'when an Entity instance for that model already exists' do
49
+
50
+ before(:each) do
51
+ allow(SuperUser).to receive(:name).and_return('SuperUser')
52
+ subject.find_or_create_entity(SuperUser)
53
+
54
+ allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
55
+ end
56
+
57
+ it 'returns that Entity instance', private: true do
58
+ expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
59
+ end
60
+
61
+ it 'does not create a new Entity instance', private: true do
62
+ expect(SimpleTokenAuthentication::Entity).not_to receive(:new).with(SuperUser)
63
+ subject.find_or_create_entity(SuperUser)
64
+ end
65
+ end
66
+ end
67
+ end
@@ -0,0 +1,190 @@
1
+ require 'spec_helper'
2
+
3
+ describe SimpleTokenAuthentication::Entity do
4
+
5
+ before(:each) do
6
+ user = double()
7
+ allow(user).to receive(:name).and_return('SuperUser')
8
+ stub_const('SuperUser', user)
9
+
10
+ @subject = SimpleTokenAuthentication::Entity.new(SuperUser)
11
+ end
12
+
13
+ it 'responds to :model', protected: true do
14
+ expect(@subject).to respond_to :model
15
+ end
16
+
17
+ it 'responds to :name', protected: true do
18
+ expect(@subject).to respond_to :name
19
+ end
20
+
21
+ it 'responds to :name_underscore', protected: true do
22
+ expect(@subject).to respond_to :name_underscore
23
+ end
24
+
25
+ it 'responds to :token_header_name', protected: true do
26
+ expect(@subject).to respond_to :token_header_name
27
+ end
28
+
29
+ it 'responds to :identifier_header_name', protected: true do
30
+ expect(@subject).to respond_to :identifier_header_name
31
+ end
32
+
33
+ it 'responds to :token_param_name', protected: true do
34
+ expect(@subject).to respond_to :token_param_name
35
+ end
36
+
37
+ it 'responds to :identifier_param_name', protected: true do
38
+ expect(@subject).to respond_to :identifier_param_name
39
+ end
40
+
41
+ it 'responds to :get_token_from_params_or_headers', protected: true do
42
+ expect(@subject).to respond_to :get_token_from_params_or_headers
43
+ end
44
+
45
+ it 'responds to :get_identifier_from_params_or_headers', protected: true do
46
+ expect(@subject).to respond_to :get_identifier_from_params_or_headers
47
+ end
48
+
49
+ describe '#model' do
50
+ it 'is a constant', protected: true do
51
+ expect(@subject.model).to eq SuperUser
52
+ end
53
+ end
54
+
55
+ describe '#name' do
56
+ it 'is a camelized String', protected: true do
57
+ expect(@subject.name).to be_instance_of String
58
+ expect(@subject.name).to eq @subject.name.camelize
59
+ end
60
+ end
61
+
62
+ describe '#name_underscore', protected: true do
63
+ it 'is an underscored String' do
64
+ expect(@subject.name_underscore).to be_instance_of String
65
+ expect(@subject.name_underscore).to eq @subject.name_underscore.underscore
66
+ end
67
+ end
68
+
69
+ describe '#token_header_name', protected: true do
70
+ it 'is a String' do
71
+ expect(@subject.token_header_name).to be_instance_of String
72
+ end
73
+
74
+ it 'defines a non-standard header field' do
75
+ expect(@subject.token_header_name[0..1]).to eq 'X-'
76
+ end
77
+ end
78
+
79
+ describe '#identifier_header_name', protected: true do
80
+ it 'is a String' do
81
+ expect(@subject.identifier_header_name).to be_instance_of String
82
+ end
83
+
84
+ it 'defines a non-standard header field' do
85
+ expect(@subject.identifier_header_name[0..1]).to eq 'X-'
86
+ end
87
+ end
88
+
89
+ describe '#token_param_name', protected: true do
90
+ it 'is a Symbol' do
91
+ expect(@subject.token_param_name).to be_instance_of Symbol
92
+ end
93
+ end
94
+
95
+ describe '#identifier_param_name', protected: true do
96
+ it 'is a Symbol' do
97
+ expect(@subject.identifier_param_name).to be_instance_of Symbol
98
+ end
99
+ end
100
+
101
+ describe '#get_token_from_params_or_headers', protected: true do
102
+
103
+ context 'when a token is present in params' do
104
+
105
+ before(:each) do
106
+ @controller = double()
107
+ allow(@controller).to receive(:params).and_return({ super_user_token: 'The_ToKeN' })
108
+ end
109
+
110
+ it 'returns that token (String)' do
111
+ expect(@subject.get_token_from_params_or_headers(@controller)).to be_instance_of String
112
+ expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
113
+ end
114
+
115
+ context 'and another token is present in the headers' do
116
+
117
+ before(:each) do
118
+ allow(@controller).to receive_message_chain(:request, :headers)
119
+ .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
120
+ end
121
+
122
+ it 'returns the params token' do
123
+ expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
124
+ end
125
+ end
126
+ end
127
+
128
+ context 'when no token is present in params' do
129
+
130
+ context 'and a token is present in the headers' do
131
+
132
+ before(:each) do
133
+ @controller = double()
134
+ allow(@controller).to receive(:params).and_return({ super_user_token: '' })
135
+ allow(@controller).to receive_message_chain(:request, :headers)
136
+ .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
137
+ end
138
+
139
+ it 'returns the headers token' do
140
+ expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'HeAd3rs_ToKeN'
141
+ end
142
+ end
143
+ end
144
+ end
145
+
146
+ describe '#get_identifier_from_params_or_headers', protected: true do
147
+
148
+ context 'when an identifier is present in params' do
149
+
150
+ before(:each) do
151
+ @controller = double()
152
+ allow(@controller).to receive(:params).and_return({ super_user_email: 'alice@example.com' })
153
+ end
154
+
155
+ it 'returns that identifier (String)' do
156
+ expect(@subject.get_identifier_from_params_or_headers(@controller)).to be_instance_of String
157
+ expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
158
+ end
159
+
160
+ context 'and another identifier is present in the headers' do
161
+
162
+ before(:each) do
163
+ allow(@controller).to receive_message_chain(:request, :headers)
164
+ .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
165
+ end
166
+
167
+ it 'returns the params identifier' do
168
+ expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
169
+ end
170
+ end
171
+ end
172
+
173
+ context 'when no identifier is present in params' do
174
+
175
+ context 'and an identifier is present in the headers' do
176
+
177
+ before(:each) do
178
+ @controller = double()
179
+ allow(@controller).to receive(:params).and_return({ super_user_email: '' })
180
+ allow(@controller).to receive_message_chain(:request, :headers)
181
+ .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
182
+ end
183
+
184
+ it 'returns the headers identifier' do
185
+ expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'bob@example.com'
186
+ end
187
+ end
188
+ end
189
+ end
190
+ end
@@ -0,0 +1,24 @@
1
+ require 'spec_helper'
2
+
3
+ describe SimpleTokenAuthentication::FallbackAuthenticationHandler do
4
+
5
+ it_behaves_like 'an authentication handler'
6
+
7
+ describe '#authenticate_entity!' do
8
+
9
+ it 'delegates authentication to Devise::Controllers::Helpers through a controller', private: true do
10
+ controller = double()
11
+ allow(controller).to receive(:authenticate_user!).and_return('Devise response.')
12
+
13
+ entity = double()
14
+ allow(entity).to receive_message_chain(:name_underscore).and_return('user')
15
+
16
+ # delegating consists in sending the message
17
+ expect(controller).to receive(:authenticate_user!)
18
+ response = subject.authenticate_entity!(controller, entity)
19
+
20
+ # and returning the response
21
+ expect(response).to eq 'Devise response.'
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,43 @@
1
+ require 'spec_helper'
2
+
3
+ describe SimpleTokenAuthentication::SignInHandler do
4
+
5
+ it_behaves_like 'a sign in handler'
6
+
7
+ describe '#sign_in' do
8
+
9
+ it 'delegates sign in to Devise::Controllers::SignInOut#sign_in through a controller', private: true do
10
+ controller = double()
11
+ allow(controller).to receive(:sign_in).with(:record, option: 'some_value').and_return('Devise response.')
12
+ allow(controller).to receive(:env).and_return({})
13
+
14
+ # delegating consists in sending the message
15
+ expect(controller).to receive(:sign_in)
16
+ response = subject.sign_in(controller, :record, option: 'some_value')
17
+
18
+ # and returning the response
19
+ expect(response).to eq 'Devise response.'
20
+ end
21
+
22
+ it 'integrates with Devise trackable', protected: true do
23
+ controller = double()
24
+ allow(controller).to receive(:sign_in).with(:record)
25
+ allow(controller).to receive(:integrate_with_devise_trackable!)
26
+
27
+ expect(subject).to receive(:integrate_with_devise_trackable!).with(controller)
28
+ subject.sign_in(controller, :record)
29
+ end
30
+ end
31
+
32
+ describe '#integrate_with_devise_trackable!' do
33
+
34
+ it 'ensures Devise trackable statistics are kept clean', private: true do
35
+ controller = double()
36
+ env = double()
37
+ allow(controller).to receive(:env).and_return(env)
38
+ expect(env).to receive(:[]=).with('devise.skip_trackable', true)
39
+
40
+ subject.send :integrate_with_devise_trackable!, controller
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,250 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'Any class which includes SimpleTokenAuthentication::TokenAuthenticationHandler' do
4
+
5
+ let(:described_class) do
6
+ define_dummy_class_which_includes SimpleTokenAuthentication::TokenAuthenticationHandler
7
+ end
8
+
9
+ after(:each) do
10
+ # ensure_examples_independence
11
+ SimpleTokenAuthentication.send(:remove_const, :SomeClass)
12
+ end
13
+
14
+ it_behaves_like 'a token authentication handler'
15
+
16
+ let(:subject) { described_class }
17
+
18
+ describe '.handle_token_authentication_for' do
19
+
20
+ before(:each) do
21
+ double_user_model
22
+ end
23
+
24
+ it 'ensures token authentication is handled for a given (token authenticatable) model', public: true do
25
+ entities_manager = double()
26
+ allow(entities_manager).to receive(:find_or_create_entity).and_return('entity')
27
+
28
+ # skip steps which are not relevant in this example
29
+ allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
30
+ allow(subject).to receive(:entities_manager).and_return(entities_manager)
31
+ allow(subject).to receive(:set_token_authentication_hooks)
32
+ allow(subject).to receive(:define_token_authentication_helpers_for)
33
+
34
+ expect(subject).to receive(:set_token_authentication_hooks).with('entity', {option: 'value', fallback: 'default'})
35
+ subject.handle_token_authentication_for(User, {option: 'value'})
36
+ end
37
+
38
+ context 'when called multiple times' do
39
+
40
+ it 'ensures token authentication is handled for the given (token authenticatable) models', public: true do
41
+ double_super_admin_model
42
+ entities_manager = double()
43
+ allow(entities_manager).to receive(:find_or_create_entity).with(User).and_return('User entity')
44
+ allow(entities_manager).to receive(:find_or_create_entity).with(SuperAdmin).and_return('SuperAdmin entity')
45
+
46
+ # skip steps which are not relevant in this example
47
+ allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
48
+ allow(subject).to receive(:entities_manager).and_return(entities_manager)
49
+ allow(subject).to receive(:set_token_authentication_hooks)
50
+ allow(subject).to receive(:define_token_authentication_helpers_for)
51
+
52
+ expect(subject).to receive(:set_token_authentication_hooks).with('User entity', {option: 'value', fallback: 'default'})
53
+ expect(subject).to receive(:set_token_authentication_hooks).with('SuperAdmin entity', {option: 'some specific value', fallback: 'default'})
54
+ subject.handle_token_authentication_for(User, {option: 'value'})
55
+ subject.handle_token_authentication_for(SuperAdmin, {option: 'some specific value'})
56
+ end
57
+ end
58
+ end
59
+
60
+ describe '.entities_manager' do
61
+
62
+ before(:each) do
63
+ # The private tag is here to keep the following examples out of
64
+ # the public documentation.
65
+ subject.send :public_class_method, :entities_manager
66
+
67
+ allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
68
+ .and_return('a EntitiesManager instance')
69
+ end
70
+
71
+ context 'when called for the first time' do
72
+
73
+ it 'creates a new EntitiesManager instance', private: true do
74
+ expect(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
75
+ expect(subject.entities_manager).to eq 'a EntitiesManager instance'
76
+ end
77
+ end
78
+
79
+ context 'when a EntitiesManager instance was already created' do
80
+
81
+ before(:each) do
82
+ subject.entities_manager
83
+ # let's make any new EntitiesManager distinct from the first
84
+ allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
85
+ .and_return('another EntitiesManager instance')
86
+ end
87
+
88
+ it 'returns that instance', private: true do
89
+ expect(subject.entities_manager).to eq 'a EntitiesManager instance'
90
+ end
91
+
92
+ it 'does not create a new EntitiesManager instance', private: true do
93
+ expect(SimpleTokenAuthentication::EntitiesManager).not_to receive(:new)
94
+ expect(subject.entities_manager).not_to eq 'another EntitiesManager instance'
95
+ end
96
+ end
97
+ end
98
+
99
+ describe '.fallback_authentication_handler' do
100
+
101
+ before(:each) do
102
+ # The private tag is here to keep the following examples out of
103
+ # the public documentation.
104
+ subject.send :public_class_method, :fallback_authentication_handler
105
+
106
+ allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
107
+ .and_return('a FallbackAuthenticationHandler instance')
108
+ end
109
+
110
+ context 'when called for the first time' do
111
+
112
+ it 'creates a new FallbackAuthenticationHandler instance', private: true do
113
+ expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
114
+ expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
115
+ end
116
+ end
117
+
118
+ context 'when a FallbackAuthenticationHandler instance was already created' do
119
+
120
+ before(:each) do
121
+ subject.fallback_authentication_handler
122
+ # let's make any new FallbackAuthenticationHandler distinct from the first
123
+ allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
124
+ .and_return('another FallbackAuthenticationHandler instance')
125
+ end
126
+
127
+ it 'returns that instance', private: true do
128
+ expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
129
+ end
130
+
131
+ it 'does not create a new FallbackAuthenticationHandler instance', private: true do
132
+ expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).not_to receive(:new)
133
+ expect(subject.fallback_authentication_handler).not_to eq 'another FallbackAuthenticationHandler instance'
134
+ end
135
+ end
136
+ end
137
+
138
+ describe 'and which supports the :before_filter hook' do
139
+
140
+ before(:each) do
141
+ allow(subject).to receive(:before_filter)
142
+ end
143
+
144
+ # User
145
+
146
+ context 'and which handles token authentication for User' do
147
+
148
+ before(:each) do
149
+ double_user_model
150
+ end
151
+
152
+ it 'ensures its instances require user to authenticate from token or any Devise strategy before any action', public: true do
153
+ expect(subject).to receive(:before_filter).with(:authenticate_user_from_token!, {})
154
+ subject.handle_token_authentication_for User
155
+ end
156
+
157
+ context 'and disables the fallback to Devise authentication' do
158
+
159
+ let(:options) do
160
+ { fallback_to_devise: false }
161
+ end
162
+
163
+ it 'ensures its instances require user to authenticate from token before any action', public: true do
164
+ expect(subject).to receive(:before_filter).with(:authenticate_user_from_token, {})
165
+ subject.handle_token_authentication_for User, options
166
+ end
167
+ end
168
+
169
+ describe 'instance' do
170
+
171
+ before(:each) do
172
+ double_user_model
173
+
174
+ subject.class_eval do
175
+ handle_token_authentication_for User
176
+ end
177
+ end
178
+
179
+ it 'responds to :authenticate_user_from_token', protected: true do
180
+ expect(subject.new).to respond_to :authenticate_user_from_token
181
+ end
182
+
183
+ it 'responds to :authenticate_user_from_token!', protected: true do
184
+ expect(subject.new).to respond_to :authenticate_user_from_token!
185
+ end
186
+
187
+ it 'does not respond to :authenticate_super_admin_from_token', protected: true do
188
+ expect(subject.new).not_to respond_to :authenticate_super_admin_from_token
189
+ end
190
+
191
+ it 'does not respond to :authenticate_super_admin_from_token!', protected: true do
192
+ expect(subject.new).not_to respond_to :authenticate_super_admin_from_token!
193
+ end
194
+ end
195
+ end
196
+
197
+ # SuperAdmin
198
+
199
+ context 'and which handles token authentication for SuperAdmin' do
200
+
201
+ before(:each) do
202
+ double_super_admin_model
203
+ end
204
+
205
+ it 'ensures its instances require super_admin to authenticate from token or any Devise strategy before any action', public: true do
206
+ expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token!, {})
207
+ subject.handle_token_authentication_for SuperAdmin
208
+ end
209
+
210
+ context 'and disables the fallback to Devise authentication' do
211
+
212
+ let(:options) do
213
+ { fallback_to_devise: false }
214
+ end
215
+
216
+ it 'ensures its instances require super_admin to authenticate from token before any action', public: true do
217
+ expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token, {})
218
+ subject.handle_token_authentication_for SuperAdmin, options
219
+ end
220
+ end
221
+
222
+ describe 'instance' do
223
+
224
+ before(:each) do
225
+ double_super_admin_model
226
+
227
+ subject.class_eval do
228
+ handle_token_authentication_for SuperAdmin
229
+ end
230
+ end
231
+
232
+ it 'responds to :authenticate_super_admin_from_token', protected: true do
233
+ expect(subject.new).to respond_to :authenticate_super_admin_from_token
234
+ end
235
+
236
+ it 'responds to :authenticate_super_admin_from_token!', protected: true do
237
+ expect(subject.new).to respond_to :authenticate_super_admin_from_token!
238
+ end
239
+
240
+ it 'does not respond to :authenticate_user_from_token', protected: true do
241
+ expect(subject.new).not_to respond_to :authenticate_user_from_token
242
+ end
243
+
244
+ it 'does not respond to :authenticate_user_from_token!', protected: true do
245
+ expect(subject.new).not_to respond_to :authenticate_user_from_token!
246
+ end
247
+ end
248
+ end
249
+ end
250
+ end