sorcery 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (75) hide show
  1. data/Gemfile +4 -3
  2. data/Gemfile.lock +16 -13
  3. data/LICENSE.txt +1 -1
  4. data/README.rdoc +77 -63
  5. data/Rakefile +7 -12
  6. data/VERSION +1 -1
  7. data/lib/sorcery/controller/submodules/activity_logging.rb +58 -0
  8. data/lib/sorcery/controller/submodules/brute_force_protection.rb +15 -69
  9. data/lib/sorcery/controller/submodules/http_basic_auth.rb +65 -0
  10. data/lib/sorcery/controller/submodules/oauth/oauth1.rb +25 -0
  11. data/lib/sorcery/controller/submodules/oauth/oauth2.rb +23 -0
  12. data/lib/sorcery/controller/submodules/oauth/providers/facebook.rb +64 -0
  13. data/lib/sorcery/controller/submodules/oauth/providers/twitter.rb +61 -0
  14. data/lib/sorcery/controller/submodules/oauth.rb +95 -0
  15. data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
  16. data/lib/sorcery/controller/submodules/session_timeout.rb +10 -2
  17. data/lib/sorcery/controller.rb +40 -22
  18. data/lib/sorcery/crypto_providers/bcrypt.rb +2 -6
  19. data/lib/sorcery/engine.rb +9 -2
  20. data/lib/sorcery/model/submodules/activity_logging.rb +40 -0
  21. data/lib/sorcery/model/submodules/brute_force_protection.rb +79 -0
  22. data/lib/sorcery/model/submodules/oauth.rb +53 -0
  23. data/lib/sorcery/model/submodules/remember_me.rb +6 -2
  24. data/lib/sorcery/model/submodules/reset_password.rb +96 -0
  25. data/lib/sorcery/model/submodules/user_activation.rb +44 -23
  26. data/lib/sorcery/model/temporary_token.rb +22 -0
  27. data/lib/sorcery/model.rb +22 -9
  28. data/lib/sorcery/test_helpers.rb +84 -0
  29. data/lib/sorcery.rb +17 -1
  30. data/sorcery.gemspec +250 -0
  31. data/spec/Gemfile +3 -2
  32. data/spec/Gemfile.lock +15 -2
  33. data/spec/rails3/app_root/.rspec +1 -0
  34. data/spec/rails3/{Gemfile → app_root/Gemfile} +6 -3
  35. data/spec/rails3/{Gemfile.lock → app_root/Gemfile.lock} +27 -2
  36. data/spec/rails3/app_root/app/controllers/application_controller.rb +48 -2
  37. data/spec/rails3/app_root/app/models/authentication.rb +3 -0
  38. data/spec/rails3/app_root/app/models/user.rb +4 -1
  39. data/spec/rails3/app_root/config/application.rb +1 -3
  40. data/spec/rails3/app_root/config/routes.rb +1 -9
  41. data/spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb +6 -4
  42. data/spec/rails3/app_root/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  43. data/spec/rails3/app_root/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  44. data/spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb +4 -4
  45. data/spec/rails3/app_root/db/migrate/oauth/20101224223628_create_authentications.rb +14 -0
  46. data/spec/rails3/app_root/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  47. data/spec/rails3/app_root/spec/controller_activity_logging_spec.rb +84 -0
  48. data/spec/rails3/app_root/spec/controller_brute_force_protection_spec.rb +65 -0
  49. data/spec/rails3/app_root/spec/controller_http_basic_auth_spec.rb +50 -0
  50. data/spec/rails3/app_root/spec/controller_oauth2_spec.rb +117 -0
  51. data/spec/rails3/app_root/spec/controller_oauth_spec.rb +117 -0
  52. data/spec/rails3/{controller_remember_me_spec.rb → app_root/spec/controller_remember_me_spec.rb} +4 -4
  53. data/spec/rails3/{controller_session_timeout_spec.rb → app_root/spec/controller_session_timeout_spec.rb} +5 -4
  54. data/spec/rails3/{controller_spec.rb → app_root/spec/controller_spec.rb} +23 -16
  55. data/spec/rails3/app_root/spec/spec_helper.orig.rb +27 -0
  56. data/spec/rails3/app_root/spec/spec_helper.rb +61 -0
  57. data/spec/rails3/{user_activation_spec.rb → app_root/spec/user_activation_spec.rb} +62 -22
  58. data/spec/rails3/app_root/spec/user_activity_logging_spec.rb +36 -0
  59. data/spec/rails3/app_root/spec/user_brute_force_protection_spec.rb +76 -0
  60. data/spec/rails3/app_root/spec/user_oauth_spec.rb +39 -0
  61. data/spec/rails3/{user_remember_me_spec.rb → app_root/spec/user_remember_me_spec.rb} +4 -4
  62. data/spec/rails3/app_root/spec/user_reset_password_spec.rb +178 -0
  63. data/spec/rails3/{user_spec.rb → app_root/spec/user_spec.rb} +75 -41
  64. metadata +147 -102
  65. data/features/support/env.rb +0 -13
  66. data/lib/sorcery/model/submodules/password_reset.rb +0 -64
  67. data/spec/rails3/app_root/db/migrate/password_reset/20101224223622_add_password_reset_to_users.rb +0 -9
  68. data/spec/rails3/app_root/test/fixtures/users.yml +0 -9
  69. data/spec/rails3/app_root/test/performance/browsing_test.rb +0 -9
  70. data/spec/rails3/app_root/test/test_helper.rb +0 -13
  71. data/spec/rails3/app_root/test/unit/user_test.rb +0 -8
  72. data/spec/rails3/controller_brute_force_protection_spec.rb +0 -72
  73. data/spec/rails3/spec_helper.rb +0 -115
  74. data/spec/rails3/user_password_reset_spec.rb +0 -76
  75. /data/spec/rails3/{Rakefile → app_root/Rakefile} +0 -0
@@ -1,9 +1,9 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
- require File.expand_path(File.dirname(__FILE__) + '/app_root/app/mailers/sorcery_mailer')
2
+ require File.expand_path(File.dirname(__FILE__) + '/../app/mailers/sorcery_mailer')
3
3
 
4
4
  describe "User with no submodules (core)" do
5
5
  before(:all) do
6
- plugin_model_configure
6
+ sorcery_reload!
7
7
  end
8
8
 
9
9
  describe User, "when app has plugin loaded" do
@@ -36,55 +36,55 @@ describe "User with no submodules (core)" do
36
36
  end
37
37
 
38
38
  it "should enable configuration option 'username_attribute_name'" do
39
- plugin_set_model_config_property(:username_attribute_name, :email)
39
+ sorcery_model_property_set(:username_attribute_name, :email)
40
40
  User.sorcery_config.username_attribute_name.should equal(:email)
41
41
  end
42
42
 
43
43
  it "should enable configuration option 'password_attribute_name'" do
44
- plugin_set_model_config_property(:password_attribute_name, :mypassword)
44
+ sorcery_model_property_set(:password_attribute_name, :mypassword)
45
45
  User.sorcery_config.password_attribute_name.should equal(:mypassword)
46
46
  end
47
47
 
48
48
  it "should enable configuration option 'email_attribute_name'" do
49
- plugin_set_model_config_property(:email_attribute_name, :my_email)
49
+ sorcery_model_property_set(:email_attribute_name, :my_email)
50
50
  User.sorcery_config.email_attribute_name.should equal(:my_email)
51
51
  end
52
52
 
53
53
  it "should enable configuration option 'crypted_password_attribute_name'" do
54
- plugin_set_model_config_property(:crypted_password_attribute_name, :password)
54
+ sorcery_model_property_set(:crypted_password_attribute_name, :password)
55
55
  User.sorcery_config.crypted_password_attribute_name.should equal(:password)
56
56
  end
57
57
 
58
58
  it "should enable configuration option 'salt_attribute_name'" do
59
- plugin_set_model_config_property(:salt_attribute_name, :my_salt)
59
+ sorcery_model_property_set(:salt_attribute_name, :my_salt)
60
60
  User.sorcery_config.salt_attribute_name.should equal(:my_salt)
61
61
  end
62
62
 
63
63
  it "should enable configuration option 'encryption_algorithm'" do
64
- plugin_set_model_config_property(:encryption_algorithm, :none)
64
+ sorcery_model_property_set(:encryption_algorithm, :none)
65
65
  User.sorcery_config.encryption_algorithm.should equal(:none)
66
66
  end
67
67
 
68
68
  it "should enable configuration option 'encryption_key'" do
69
- plugin_set_model_config_property(:encryption_key, 'asdadas424234242')
69
+ sorcery_model_property_set(:encryption_key, 'asdadas424234242')
70
70
  User.sorcery_config.encryption_key.should == 'asdadas424234242'
71
71
  end
72
72
 
73
73
  it "should enable configuration option 'custom_encryption_provider'" do
74
- plugin_set_model_config_property(:encryption_algorithm, :custom)
75
- plugin_set_model_config_property(:custom_encryption_provider, Array)
74
+ sorcery_model_property_set(:encryption_algorithm, :custom)
75
+ sorcery_model_property_set(:custom_encryption_provider, Array)
76
76
  User.sorcery_config.custom_encryption_provider.should equal(Array)
77
77
  end
78
78
 
79
79
  it "should enable configuration option 'salt_join_token'" do
80
80
  salt_join_token = "--%%*&-"
81
- plugin_set_model_config_property(:salt_join_token, salt_join_token)
81
+ sorcery_model_property_set(:salt_join_token, salt_join_token)
82
82
  User.sorcery_config.salt_join_token.should equal(salt_join_token)
83
83
  end
84
84
 
85
85
  it "should enable configuration option 'stretches'" do
86
86
  stretches = 15
87
- plugin_set_model_config_property(:stretches, stretches)
87
+ sorcery_model_property_set(:stretches, stretches)
88
88
  User.sorcery_config.stretches.should equal(stretches)
89
89
  end
90
90
 
@@ -93,7 +93,7 @@ describe "User with no submodules (core)" do
93
93
  # ----------------- PLUGIN ACTIVATED -----------------------
94
94
  describe User, "when activated with sorcery" do
95
95
  before(:all) do
96
- plugin_model_configure
96
+ sorcery_reload!()
97
97
  end
98
98
 
99
99
  before(:each) do
@@ -124,7 +124,7 @@ describe "User with no submodules (core)" do
124
124
  describe User, "registration" do
125
125
 
126
126
  before(:all) do
127
- plugin_model_configure()
127
+ sorcery_reload!()
128
128
  end
129
129
 
130
130
  before(:each) do
@@ -137,7 +137,7 @@ describe "User with no submodules (core)" do
137
137
 
138
138
  it "should encrypt password when a new user is saved" do
139
139
  create_new_user
140
- @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('secret',@user.salt)
140
+ User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
141
141
  end
142
142
 
143
143
  it "should clear the virtual password field if the encryption process worked" do
@@ -159,9 +159,9 @@ describe "User with no submodules (core)" do
159
159
  it "should not clear the virtual password field if save failed due to exception" do
160
160
  create_new_user
161
161
  @user.password = 'blupush'
162
- @user.email = nil
162
+ @user.username = nil
163
163
  begin
164
- @user.save # triggers SQL exception since email field is defined not null.
164
+ @user.save # triggers SQL exception since username field is defined not null.
165
165
  rescue
166
166
  end
167
167
  @user.password.should_not be_nil
@@ -171,14 +171,14 @@ describe "User with no submodules (core)" do
171
171
  create_new_user
172
172
  @user.email = "blup@bla.com"
173
173
  @user.save!
174
- @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('secret',@user.salt)
174
+ User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
175
175
  end
176
176
 
177
177
  it "should replace the crypted_password in case a new password is set" do
178
178
  create_new_user
179
179
  @user.password = 'new_secret'
180
180
  @user.save!
181
- @user.send(User.sorcery_config.crypted_password_attribute_name).should == User.encrypt('new_secret',@user.salt)
181
+ User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
182
182
  end
183
183
 
184
184
  end
@@ -186,7 +186,7 @@ describe "User with no submodules (core)" do
186
186
  # ----------------- PASSWORD ENCRYPTION -----------------------
187
187
  describe User, "special encryption cases" do
188
188
  before(:all) do
189
- plugin_model_configure()
189
+ sorcery_reload!()
190
190
  @text = "Some Text!"
191
191
  end
192
192
 
@@ -199,7 +199,7 @@ describe "User with no submodules (core)" do
199
199
  end
200
200
 
201
201
  it "should work with no password encryption" do
202
- plugin_set_model_config_property(:encryption_algorithm, :none)
202
+ sorcery_model_property_set(:encryption_algorithm, :none)
203
203
  create_new_user
204
204
  User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
205
205
  end
@@ -209,67 +209,71 @@ describe "User with no submodules (core)" do
209
209
  def self.encrypt(*tokens)
210
210
  tokens.flatten.join('').gsub(/e/,'A')
211
211
  end
212
+
213
+ def self.matches?(crypted,*tokens)
214
+ crypted = encrypt(*tokens)
215
+ end
212
216
  end
213
- plugin_set_model_config_property(:encryption_algorithm, :custom)
214
- plugin_set_model_config_property(:custom_encryption_provider, MyCrypto)
217
+ sorcery_model_property_set(:encryption_algorithm, :custom)
218
+ sorcery_model_property_set(:custom_encryption_provider, MyCrypto)
215
219
  create_new_user
216
220
  User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
217
221
  end
218
222
 
219
223
  it "if encryption algo is aes256, it should set key to crypto provider" do
220
- plugin_set_model_config_property(:encryption_algorithm, :aes256)
221
- plugin_set_model_config_property(:encryption_key, nil)
224
+ sorcery_model_property_set(:encryption_algorithm, :aes256)
225
+ sorcery_model_property_set(:encryption_key, nil)
222
226
  expect{User.encrypt(@text)}.to raise_error(ArgumentError)
223
- plugin_set_model_config_property(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
227
+ sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
224
228
  expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
225
229
  end
226
230
 
227
231
  it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
228
- plugin_set_model_config_property(:encryption_key, nil)
229
- plugin_set_model_config_property(:encryption_algorithm, :none)
230
- plugin_set_model_config_property(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
231
- plugin_set_model_config_property(:encryption_algorithm, :aes256)
232
+ sorcery_model_property_set(:encryption_key, nil)
233
+ sorcery_model_property_set(:encryption_algorithm, :none)
234
+ sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
235
+ sorcery_model_property_set(:encryption_algorithm, :aes256)
232
236
  expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
233
237
  end
234
238
 
235
239
  it "if encryption algo is md5 it should work" do
236
- plugin_set_model_config_property(:encryption_algorithm, :md5)
240
+ sorcery_model_property_set(:encryption_algorithm, :md5)
237
241
  User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
238
242
  end
239
243
 
240
244
  it "if encryption algo is sha1 it should work" do
241
- plugin_set_model_config_property(:encryption_algorithm, :sha1)
245
+ sorcery_model_property_set(:encryption_algorithm, :sha1)
242
246
  User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
243
247
  end
244
248
 
245
249
  it "if encryption algo is sha256 it should work" do
246
- plugin_set_model_config_property(:encryption_algorithm, :sha256)
250
+ sorcery_model_property_set(:encryption_algorithm, :sha256)
247
251
  User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
248
252
  end
249
253
 
250
254
  it "if encryption algo is sha512 it should work" do
251
- plugin_set_model_config_property(:encryption_algorithm, :sha512)
255
+ sorcery_model_property_set(:encryption_algorithm, :sha512)
252
256
  User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
253
257
  end
254
258
 
255
259
  it "salt should be random for each user and saved in db" do
256
- plugin_set_model_config_property(:salt_attribute_name, :salt)
260
+ sorcery_model_property_set(:salt_attribute_name, :salt)
257
261
  create_new_user
258
262
  @user.salt.should_not be_nil
259
263
  end
260
264
 
261
265
  it "if salt is set should use it to encrypt" do
262
- plugin_set_model_config_property(:salt_attribute_name, :salt)
263
- plugin_set_model_config_property(:encryption_algorithm, :sha512)
266
+ sorcery_model_property_set(:salt_attribute_name, :salt)
267
+ sorcery_model_property_set(:encryption_algorithm, :sha512)
264
268
  create_new_user
265
269
  @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
266
270
  @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
267
271
  end
268
272
 
269
273
  it "if salt_join_token is set should use it to encrypt" do
270
- plugin_set_model_config_property(:salt_attribute_name, :salt)
271
- plugin_set_model_config_property(:salt_join_token, "-@=>")
272
- plugin_set_model_config_property(:encryption_algorithm, :sha512)
274
+ sorcery_model_property_set(:salt_attribute_name, :salt)
275
+ sorcery_model_property_set(:salt_join_token, "-@=>")
276
+ sorcery_model_property_set(:encryption_algorithm, :sha512)
273
277
  create_new_user
274
278
  @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
275
279
  Sorcery::CryptoProviders::SHA512.join_token = ""
@@ -279,5 +283,35 @@ describe "User with no submodules (core)" do
279
283
  end
280
284
 
281
285
  end
286
+
287
+ describe User, "external users" do
288
+ before(:all) do
289
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/oauth")
290
+ sorcery_reload!()
291
+ end
292
+
293
+ after(:all) do
294
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/oauth")
295
+ end
296
+
297
+ before(:each) do
298
+ User.delete_all
299
+ end
300
+
301
+ it "should respond to 'external?'" do
302
+ create_new_user
303
+ @user.should respond_to(:external?)
304
+ end
305
+
306
+ it "external? should be false for regular users" do
307
+ create_new_user
308
+ @user.external?.should be_false
309
+ end
310
+
311
+ it "external? should be true for external users" do
312
+ create_new_external_user(:twitter)
313
+ @user.external?.should be_true
314
+ end
315
+ end
282
316
 
283
317
  end