sorcery 0.1.4 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +4 -2
- data/Gemfile.lock +16 -13
- data/README.rdoc +30 -27
- data/Rakefile +5 -0
- data/VERSION +1 -1
- data/lib/sorcery/controller/submodules/activity_logging.rb +20 -7
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +9 -2
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +8 -3
- data/lib/sorcery/controller/submodules/oauth/oauth1.rb +26 -0
- data/lib/sorcery/controller/submodules/oauth/oauth2.rb +24 -0
- data/lib/sorcery/controller/submodules/oauth/providers/facebook.rb +64 -0
- data/lib/sorcery/controller/submodules/oauth/providers/twitter.rb +61 -0
- data/lib/sorcery/controller/submodules/oauth.rb +92 -0
- data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
- data/lib/sorcery/controller/submodules/session_timeout.rb +6 -1
- data/lib/sorcery/controller.rb +29 -17
- data/lib/sorcery/engine.rb +9 -2
- data/lib/sorcery/model/submodules/activity_logging.rb +12 -7
- data/lib/sorcery/model/submodules/brute_force_protection.rb +11 -4
- data/lib/sorcery/model/submodules/oauth.rb +53 -0
- data/lib/sorcery/model/submodules/remember_me.rb +5 -3
- data/lib/sorcery/model/submodules/reset_password.rb +16 -13
- data/lib/sorcery/model/submodules/user_activation.rb +38 -19
- data/lib/sorcery/model/temporary_token.rb +22 -0
- data/lib/sorcery/model.rb +10 -3
- data/lib/sorcery/test_helpers.rb +84 -0
- data/lib/sorcery.rb +12 -0
- data/sorcery.gemspec +69 -40
- data/spec/Gemfile +3 -2
- data/spec/Gemfile.lock +15 -2
- data/spec/rails3/app_root/.rspec +1 -0
- data/spec/rails3/{Gemfile → app_root/Gemfile} +5 -3
- data/spec/rails3/{Gemfile.lock → app_root/Gemfile.lock} +25 -2
- data/spec/rails3/app_root/app/controllers/application_controller.rb +42 -1
- data/spec/rails3/app_root/app/models/authentication.rb +3 -0
- data/spec/rails3/app_root/app/models/user.rb +4 -1
- data/spec/rails3/app_root/config/application.rb +1 -3
- data/spec/rails3/app_root/config/routes.rb +1 -10
- data/spec/rails3/app_root/db/migrate/activation/20101224223622_add_activation_to_users.rb +6 -4
- data/spec/rails3/app_root/db/migrate/core/20101224223620_create_users.rb +4 -4
- data/spec/rails3/app_root/db/migrate/oauth/20101224223628_create_authentications.rb +14 -0
- data/spec/rails3/{controller_activity_logging_spec.rb → app_root/spec/controller_activity_logging_spec.rb} +13 -13
- data/spec/rails3/{controller_brute_force_protection_spec.rb → app_root/spec/controller_brute_force_protection_spec.rb} +16 -6
- data/spec/rails3/{controller_http_basic_auth_spec.rb → app_root/spec/controller_http_basic_auth_spec.rb} +3 -3
- data/spec/rails3/app_root/spec/controller_oauth2_spec.rb +117 -0
- data/spec/rails3/app_root/spec/controller_oauth_spec.rb +117 -0
- data/spec/rails3/{controller_remember_me_spec.rb → app_root/spec/controller_remember_me_spec.rb} +4 -4
- data/spec/rails3/{controller_session_timeout_spec.rb → app_root/spec/controller_session_timeout_spec.rb} +4 -4
- data/spec/rails3/{controller_spec.rb → app_root/spec/controller_spec.rb} +20 -13
- data/spec/rails3/app_root/spec/spec_helper.orig.rb +27 -0
- data/spec/rails3/app_root/spec/spec_helper.rb +61 -0
- data/spec/rails3/{user_activation_spec.rb → app_root/spec/user_activation_spec.rb} +60 -20
- data/spec/rails3/{user_activity_logging_spec.rb → app_root/spec/user_activity_logging_spec.rb} +4 -4
- data/spec/rails3/{user_brute_force_protection_spec.rb → app_root/spec/user_brute_force_protection_spec.rb} +7 -7
- data/spec/rails3/app_root/spec/user_oauth_spec.rb +39 -0
- data/spec/rails3/{user_remember_me_spec.rb → app_root/spec/user_remember_me_spec.rb} +4 -4
- data/spec/rails3/{user_reset_password_spec.rb → app_root/spec/user_reset_password_spec.rb} +21 -41
- data/spec/rails3/{user_spec.rb → app_root/spec/user_spec.rb} +68 -38
- metadata +127 -58
- data/spec/rails3/app_root/test/fixtures/users.yml +0 -9
- data/spec/rails3/app_root/test/performance/browsing_test.rb +0 -9
- data/spec/rails3/app_root/test/test_helper.rb +0 -13
- data/spec/rails3/app_root/test/unit/user_test.rb +0 -8
- data/spec/rails3/spec_helper.rb +0 -135
- /data/spec/rails3/{Rakefile → app_root/Rakefile} +0 -0
|
@@ -12,7 +12,7 @@ describe ApplicationController do
|
|
|
12
12
|
# ----------------- ACTIVITY LOGGING -----------------------
|
|
13
13
|
describe ApplicationController, "with activity logging features" do
|
|
14
14
|
before(:all) do
|
|
15
|
-
|
|
15
|
+
sorcery_reload!([:activity_logging])
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
before(:each) do
|
|
@@ -23,12 +23,12 @@ describe ApplicationController do
|
|
|
23
23
|
User.delete_all
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
-
it "should respond to '
|
|
27
|
-
subject.should respond_to(:
|
|
26
|
+
it "should respond to 'current_users'" do
|
|
27
|
+
subject.should respond_to(:current_users)
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
it "'
|
|
31
|
-
subject.
|
|
30
|
+
it "'current_users' should be empty when no users are logged in" do
|
|
31
|
+
subject.current_users.size.should == 0
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it "should log login time on login" do
|
|
@@ -56,14 +56,14 @@ describe ApplicationController do
|
|
|
56
56
|
User.first.last_activity_at.to_s(:db).should <= (now+2).to_s(:db)
|
|
57
57
|
end
|
|
58
58
|
|
|
59
|
-
it "'
|
|
59
|
+
it "'current_users' should hold the user object when 1 user is logged in" do
|
|
60
60
|
login_user
|
|
61
61
|
get :some_action
|
|
62
|
-
subject.
|
|
63
|
-
subject.
|
|
62
|
+
subject.current_users.size.should == 1
|
|
63
|
+
subject.current_users[0].should == @user
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
it "'
|
|
66
|
+
it "'current_users' should show all current_users, whether they have logged out before or not." do
|
|
67
67
|
user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
|
|
68
68
|
login_user(user1)
|
|
69
69
|
get :some_action
|
|
@@ -75,10 +75,10 @@ describe ApplicationController do
|
|
|
75
75
|
user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
|
|
76
76
|
login_user(user3)
|
|
77
77
|
get :some_action
|
|
78
|
-
subject.
|
|
79
|
-
subject.
|
|
80
|
-
subject.
|
|
81
|
-
subject.
|
|
78
|
+
subject.current_users.size.should == 3
|
|
79
|
+
subject.current_users[0].should == user1
|
|
80
|
+
subject.current_users[1].should == user2
|
|
81
|
+
subject.current_users[2].should == user3
|
|
82
82
|
end
|
|
83
83
|
end
|
|
84
84
|
end
|
|
@@ -12,13 +12,13 @@ describe ApplicationController do
|
|
|
12
12
|
# ----------------- SESSION TIMEOUT -----------------------
|
|
13
13
|
describe ApplicationController, "with brute force protection features" do
|
|
14
14
|
before(:all) do
|
|
15
|
-
|
|
15
|
+
sorcery_reload!([:brute_force_protection])
|
|
16
16
|
create_new_user
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
after(:each) do
|
|
20
20
|
Sorcery::Controller::Config.reset!
|
|
21
|
-
|
|
21
|
+
sorcery_controller_property_set(:user_class, User)
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
it "should count login retries" do
|
|
@@ -27,7 +27,7 @@ describe ApplicationController do
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
it "should reset the counter on a good login" do
|
|
30
|
-
|
|
30
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
|
|
31
31
|
3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
|
|
32
32
|
get :test_login, :username => 'gizmo', :password => 'secret'
|
|
33
33
|
User.find_by_username('gizmo').failed_logins_count.should == 0
|
|
@@ -35,14 +35,14 @@ describe ApplicationController do
|
|
|
35
35
|
|
|
36
36
|
it "should lock user when number of retries reached the limit" do
|
|
37
37
|
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
|
38
|
-
|
|
38
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
|
|
39
39
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
40
40
|
User.find_by_username('gizmo').lock_expires_at.should_not be_nil
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
it "should unlock after lock time period passes" do
|
|
44
|
-
|
|
45
|
-
|
|
44
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
45
|
+
sorcery_model_property_set(:login_lock_time_period, 0.2)
|
|
46
46
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
47
47
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
48
48
|
User.find_by_username('gizmo').lock_expires_at.should_not be_nil
|
|
@@ -51,5 +51,15 @@ describe ApplicationController do
|
|
|
51
51
|
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
|
52
52
|
end
|
|
53
53
|
|
|
54
|
+
it "should not unlock if time period is 0 (permanent lock)" do
|
|
55
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
56
|
+
sorcery_model_property_set(:login_lock_time_period, 0)
|
|
57
|
+
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
58
|
+
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
59
|
+
unlock_date = User.find_by_username('gizmo').lock_expires_at
|
|
60
|
+
sleep 1
|
|
61
|
+
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
62
|
+
User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
|
|
63
|
+
end
|
|
54
64
|
end
|
|
55
65
|
end
|
|
@@ -5,7 +5,7 @@ describe ApplicationController do
|
|
|
5
5
|
# ----------------- HTTP BASIC AUTH -----------------------
|
|
6
6
|
describe ApplicationController, "with http basic auth features" do
|
|
7
7
|
before(:all) do
|
|
8
|
-
|
|
8
|
+
sorcery_reload!([:http_basic_auth])
|
|
9
9
|
create_new_user
|
|
10
10
|
end
|
|
11
11
|
|
|
@@ -31,12 +31,12 @@ describe ApplicationController do
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
it "should allow configuration option 'controller_to_realm_map'" do
|
|
34
|
-
|
|
34
|
+
sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
|
|
35
35
|
Sorcery::Controller::Config.controller_to_realm_map.should == {"1" => "2"}
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
it "should display the correct realm name configured for the controller" do
|
|
39
|
-
|
|
39
|
+
sorcery_controller_property_set(:controller_to_realm_map, {"application" => "Salad"})
|
|
40
40
|
get :test_http_basic_auth
|
|
41
41
|
response.headers["WWW-Authenticate"].should == "Basic realm=\"Salad\""
|
|
42
42
|
end
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
|
|
3
|
+
def stub_all_oauth2_requests!
|
|
4
|
+
@client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
|
|
5
|
+
OAuth2::Client.stub!(:new).and_return(@client)
|
|
6
|
+
@acc_token = OAuth2::AccessToken.new(@client, "", "asd", nil, {})
|
|
7
|
+
@webby = @client.web_server
|
|
8
|
+
OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
|
|
9
|
+
@webby.stub!(:get_access_token).and_return(@acc_token)
|
|
10
|
+
@acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
describe ApplicationController do
|
|
14
|
+
before(:all) do
|
|
15
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/oauth")
|
|
16
|
+
sorcery_reload!([:oauth])
|
|
17
|
+
sorcery_controller_property_set(:oauth_providers, [:facebook])
|
|
18
|
+
sorcery_controller_oauth_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
19
|
+
sorcery_controller_oauth_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
20
|
+
sorcery_controller_oauth_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
after(:all) do
|
|
24
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/oauth")
|
|
25
|
+
end
|
|
26
|
+
# ----------------- OAuth -----------------------
|
|
27
|
+
describe ApplicationController, "with OAuth features" do
|
|
28
|
+
|
|
29
|
+
before(:each) do
|
|
30
|
+
stub_all_oauth2_requests!
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
after(:each) do
|
|
34
|
+
User.delete_all
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it "auth_at_provider redirects correctly" do
|
|
38
|
+
create_new_user
|
|
39
|
+
get :auth_at_provider_test2
|
|
40
|
+
response.should be_a_redirect
|
|
41
|
+
response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
it "'login_from_access_token' logins if user exists" do
|
|
45
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
46
|
+
create_new_external_user(:facebook)
|
|
47
|
+
get :test_login_from_access_token2
|
|
48
|
+
flash[:notice].should == "Success!"
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "'login_from_access_token' fails if user doesn't exist" do
|
|
52
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
53
|
+
create_new_user
|
|
54
|
+
get :test_login_from_access_token2
|
|
55
|
+
flash[:alert].should == "Failed!"
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
describe ApplicationController, "'create_from_provider!'" do
|
|
60
|
+
before(:each) do
|
|
61
|
+
stub_all_oauth2_requests!
|
|
62
|
+
User.delete_all
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
it "should create a new user" do
|
|
66
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
67
|
+
sorcery_controller_oauth_property_set(:facebook, :user_info_mapping, {:username => "name"})
|
|
68
|
+
lambda do
|
|
69
|
+
get :test_create_from_provider, :provider => "facebook"
|
|
70
|
+
end.should change(User, :count).by(1)
|
|
71
|
+
User.first.username.should == "Noam Ben Ari"
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
it "should support nested attributes" do
|
|
75
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
76
|
+
sorcery_controller_oauth_property_set(:facebook, :user_info_mapping, {:username => "hometown/name"})
|
|
77
|
+
lambda do
|
|
78
|
+
get :test_create_from_provider, :provider => "facebook"
|
|
79
|
+
end.should change(User, :count).by(1)
|
|
80
|
+
User.first.username.should == "Haifa, Israel"
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
describe ApplicationController, "OAuth with User Activation features" do
|
|
85
|
+
before(:all) do
|
|
86
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
|
|
87
|
+
sorcery_reload!([:user_activation,:oauth], :user_activation_mailer => ::SorceryMailer)
|
|
88
|
+
sorcery_controller_property_set(:oauth_providers, [:facebook])
|
|
89
|
+
sorcery_controller_oauth_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
90
|
+
sorcery_controller_oauth_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
91
|
+
sorcery_controller_oauth_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
after(:all) do
|
|
95
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
after(:each) do
|
|
99
|
+
User.delete_all
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
it "should not send activation email to external users" do
|
|
103
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
104
|
+
create_new_external_user(:facebook)
|
|
105
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
it "should not send external users an activation success email" do
|
|
109
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
110
|
+
create_new_external_user(:facebook)
|
|
111
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
112
|
+
@user.activate!
|
|
113
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
114
|
+
end
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
end
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
require 'ostruct'
|
|
3
|
+
|
|
4
|
+
def stub_all_oauth_requests!
|
|
5
|
+
@consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
|
|
6
|
+
OAuth::Consumer.stub!(:new).and_return(@consumer)
|
|
7
|
+
|
|
8
|
+
@req_token = OAuth::RequestToken.new(@consumer)
|
|
9
|
+
@consumer.stub!(:get_request_token).and_return(@req_token)
|
|
10
|
+
@acc_token = OAuth::AccessToken.new(@consumer)
|
|
11
|
+
@req_token.stub!(:get_access_token).and_return(@acc_token)
|
|
12
|
+
session[:request_token] = @req_token
|
|
13
|
+
response = OpenStruct.new()
|
|
14
|
+
response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
|
|
15
|
+
@acc_token.stub!(:get).and_return(response)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
describe ApplicationController do
|
|
19
|
+
before(:all) do
|
|
20
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/oauth")
|
|
21
|
+
sorcery_reload!([:oauth])
|
|
22
|
+
sorcery_controller_property_set(:oauth_providers, [:twitter])
|
|
23
|
+
sorcery_controller_oauth_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
|
|
24
|
+
sorcery_controller_oauth_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
25
|
+
sorcery_controller_oauth_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
after(:all) do
|
|
29
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/oauth")
|
|
30
|
+
end
|
|
31
|
+
# ----------------- OAuth -----------------------
|
|
32
|
+
describe ApplicationController, "'login_from_access_token'" do
|
|
33
|
+
|
|
34
|
+
before(:each) do
|
|
35
|
+
stub_all_oauth_requests!
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
after(:each) do
|
|
39
|
+
User.delete_all
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
it "auth_at_provider redirects correctly" do
|
|
43
|
+
create_new_user
|
|
44
|
+
get :auth_at_provider_test
|
|
45
|
+
response.should be_a_redirect
|
|
46
|
+
response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
it "logins if user exists" do
|
|
50
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
51
|
+
create_new_external_user(:twitter)
|
|
52
|
+
get :test_login_from_access_token, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
53
|
+
flash[:notice].should == "Success!"
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
it "'login_from_access_token' fails if user doesn't exist" do
|
|
57
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
58
|
+
create_new_user
|
|
59
|
+
get :test_login_from_access_token, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
60
|
+
flash[:alert].should == "Failed!"
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
describe ApplicationController, "'create_from_provider!'" do
|
|
65
|
+
before(:each) do
|
|
66
|
+
stub_all_oauth_requests!
|
|
67
|
+
User.delete_all
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
it "should create a new user" do
|
|
71
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
72
|
+
sorcery_controller_oauth_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
73
|
+
lambda do
|
|
74
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
75
|
+
end.should change(User, :count).by(1)
|
|
76
|
+
User.first.username.should == "nbenari"
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
it "should support nested attributes" do
|
|
80
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
81
|
+
sorcery_controller_oauth_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
|
|
82
|
+
lambda do
|
|
83
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
84
|
+
end.should change(User, :count).by(1)
|
|
85
|
+
User.first.username.should == "coming soon to sorcery gem: twitter and facebook authentication support."
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
describe ApplicationController, "OAuth with User Activation features" do
|
|
90
|
+
before(:all) do
|
|
91
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
|
|
92
|
+
sorcery_reload!([:user_activation,:oauth], :user_activation_mailer => ::SorceryMailer)
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
after(:all) do
|
|
96
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
after(:each) do
|
|
100
|
+
User.delete_all
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
it "should not send activation email to external users" do
|
|
104
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
105
|
+
create_new_external_user(:twitter)
|
|
106
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
it "should not send external users an activation success email" do
|
|
110
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
111
|
+
create_new_external_user(:twitter)
|
|
112
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
113
|
+
@user.activate!
|
|
114
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
data/spec/rails3/{controller_remember_me_spec.rb → app_root/spec/controller_remember_me_spec.rb}
RENAMED
|
@@ -6,7 +6,7 @@ describe ApplicationController do
|
|
|
6
6
|
describe ApplicationController, "with remember me features" do
|
|
7
7
|
before(:all) do
|
|
8
8
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/remember_me")
|
|
9
|
-
|
|
9
|
+
sorcery_reload!([:remember_me])
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
before(:each) do
|
|
@@ -25,7 +25,7 @@ describe ApplicationController do
|
|
|
25
25
|
|
|
26
26
|
it "should set cookie on remember_me!" do
|
|
27
27
|
post :test_login_with_remember, :username => 'gizmo', :password => 'secret'
|
|
28
|
-
cookies["remember_me_token"].should == assigns[:
|
|
28
|
+
cookies["remember_me_token"].should == assigns[:current_user].remember_me_token
|
|
29
29
|
end
|
|
30
30
|
|
|
31
31
|
it "should clear cookie on forget_me!" do
|
|
@@ -50,11 +50,11 @@ describe ApplicationController do
|
|
|
50
50
|
session[:user_id] = @user.id
|
|
51
51
|
subject.remember_me!
|
|
52
52
|
subject.instance_eval do
|
|
53
|
-
@
|
|
53
|
+
@current_user = nil
|
|
54
54
|
end
|
|
55
55
|
session[:user_id] = nil
|
|
56
56
|
get :test_login_from_cookie
|
|
57
|
-
assigns[:
|
|
57
|
+
assigns[:current_user].should == @user
|
|
58
58
|
end
|
|
59
59
|
|
|
60
60
|
it "should not remember_me! when not asked to" do
|
|
@@ -5,8 +5,8 @@ describe ApplicationController do
|
|
|
5
5
|
# ----------------- SESSION TIMEOUT -----------------------
|
|
6
6
|
describe ApplicationController, "with session timeout features" do
|
|
7
7
|
before(:all) do
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
sorcery_reload!([:session_timeout])
|
|
9
|
+
sorcery_controller_property_set(:session_timeout,0.5)
|
|
10
10
|
create_new_user
|
|
11
11
|
end
|
|
12
12
|
|
|
@@ -26,7 +26,7 @@ describe ApplicationController do
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
it "with 'session_timeout_from_last_action' should not logout if there was activity" do
|
|
29
|
-
|
|
29
|
+
sorcery_controller_property_set(:session_timeout_from_last_action, true)
|
|
30
30
|
login_user
|
|
31
31
|
sleep 0.3
|
|
32
32
|
get :test_should_be_logged_in
|
|
@@ -38,7 +38,7 @@ describe ApplicationController do
|
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
it "with 'session_timeout_from_last_action' should logout if there was no activity" do
|
|
41
|
-
|
|
41
|
+
sorcery_controller_property_set(:session_timeout_from_last_action, true)
|
|
42
42
|
login_user
|
|
43
43
|
sleep 0.6
|
|
44
44
|
get :test_should_be_logged_in
|
|
@@ -5,21 +5,21 @@ describe ApplicationController do
|
|
|
5
5
|
# ----------------- PLUGIN CONFIGURATION -----------------------
|
|
6
6
|
describe ApplicationController, "plugin configuration" do
|
|
7
7
|
before(:all) do
|
|
8
|
-
|
|
8
|
+
sorcery_reload!
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
after(:each) do
|
|
12
12
|
Sorcery::Controller::Config.reset!
|
|
13
|
-
|
|
13
|
+
sorcery_reload!
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
it "should enable configuration option 'user_class'" do
|
|
17
|
-
|
|
17
|
+
sorcery_controller_property_set(:user_class, TestUser)
|
|
18
18
|
Sorcery::Controller::Config.user_class.should equal(TestUser)
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
it "should enable configuration option 'not_authenticated_action'" do
|
|
22
|
-
|
|
22
|
+
sorcery_controller_property_set(:not_authenticated_action, :my_action)
|
|
23
23
|
Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
|
|
24
24
|
end
|
|
25
25
|
|
|
@@ -34,7 +34,7 @@ describe ApplicationController do
|
|
|
34
34
|
|
|
35
35
|
after(:each) do
|
|
36
36
|
Sorcery::Controller::Config.reset!
|
|
37
|
-
|
|
37
|
+
sorcery_controller_property_set(:user_class, User)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
it "should respond to the instance method login" do
|
|
@@ -49,8 +49,8 @@ describe ApplicationController do
|
|
|
49
49
|
should respond_to(:logged_in?)
|
|
50
50
|
end
|
|
51
51
|
|
|
52
|
-
it "should respond to the instance method
|
|
53
|
-
should respond_to(:
|
|
52
|
+
it "should respond to the instance method current_user" do
|
|
53
|
+
should respond_to(:current_user)
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
it "login(username,password) should return the user when success and set the session with user.id" do
|
|
@@ -82,15 +82,15 @@ describe ApplicationController do
|
|
|
82
82
|
subject.logged_in?.should be_false
|
|
83
83
|
end
|
|
84
84
|
|
|
85
|
-
it "
|
|
85
|
+
it "current_user should return the user instance if logged in" do
|
|
86
86
|
create_new_user
|
|
87
87
|
session[:user_id] = @user.id
|
|
88
|
-
subject.
|
|
88
|
+
subject.current_user.should == @user
|
|
89
89
|
end
|
|
90
90
|
|
|
91
|
-
it "
|
|
91
|
+
it "current_user should return false if not logged in" do
|
|
92
92
|
session[:user_id] = nil
|
|
93
|
-
subject.
|
|
93
|
+
subject.current_user.should == false
|
|
94
94
|
end
|
|
95
95
|
|
|
96
96
|
it "should respond to 'require_login'" do
|
|
@@ -99,17 +99,24 @@ describe ApplicationController do
|
|
|
99
99
|
|
|
100
100
|
it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
|
|
101
101
|
session[:user_id] = nil
|
|
102
|
-
|
|
102
|
+
sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
|
|
103
103
|
get :test_logout
|
|
104
104
|
response.body.should == "test_not_authenticated_action"
|
|
105
105
|
end
|
|
106
106
|
|
|
107
107
|
it "require_login before_filter should save the url that the user originally wanted" do
|
|
108
108
|
get :some_action
|
|
109
|
-
session[:
|
|
109
|
+
session[:return_to_url].should == "http://test.host/application/some_action"
|
|
110
110
|
response.should redirect_to("http://test.host/")
|
|
111
111
|
end
|
|
112
112
|
|
|
113
|
+
it "on successful login the user should be redirected to the url he originally wanted" do
|
|
114
|
+
session[:return_to_url] = "http://test.host/some_action"
|
|
115
|
+
post :test_return_to, :username => 'gizmo', :password => 'secret'
|
|
116
|
+
response.should redirect_to("http://test.host/some_action")
|
|
117
|
+
flash[:notice].should == "haha!"
|
|
118
|
+
end
|
|
119
|
+
|
|
113
120
|
end
|
|
114
121
|
|
|
115
122
|
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# This file is copied to spec/ when you run 'rails generate rspec:install'
|
|
2
|
+
ENV["RAILS_ENV"] ||= 'test'
|
|
3
|
+
require File.expand_path("../../config/environment", __FILE__)
|
|
4
|
+
require 'rspec/rails'
|
|
5
|
+
|
|
6
|
+
# Requires supporting ruby files with custom matchers and macros, etc,
|
|
7
|
+
# in spec/support/ and its subdirectories.
|
|
8
|
+
Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
|
|
9
|
+
|
|
10
|
+
RSpec.configure do |config|
|
|
11
|
+
# == Mock Framework
|
|
12
|
+
#
|
|
13
|
+
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
|
|
14
|
+
#
|
|
15
|
+
# config.mock_with :mocha
|
|
16
|
+
# config.mock_with :flexmock
|
|
17
|
+
# config.mock_with :rr
|
|
18
|
+
config.mock_with :rspec
|
|
19
|
+
|
|
20
|
+
# Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
|
|
21
|
+
config.fixture_path = "#{::Rails.root}/spec/fixtures"
|
|
22
|
+
|
|
23
|
+
# If you're not using ActiveRecord, or you'd prefer not to run each of your
|
|
24
|
+
# examples within a transaction, remove the following line or assign false
|
|
25
|
+
# instead of true.
|
|
26
|
+
config.use_transactional_fixtures = true
|
|
27
|
+
end
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
$: << File.join(File.dirname(__FILE__), '..', '..', 'lib' )
|
|
2
|
+
|
|
3
|
+
require 'simplecov'
|
|
4
|
+
SimpleCov.root File.join(File.dirname(__FILE__), "..", "..", "app_root" )
|
|
5
|
+
SimpleCov.start do
|
|
6
|
+
add_filter "/config/"
|
|
7
|
+
|
|
8
|
+
add_group 'Controllers', 'app/controllers'
|
|
9
|
+
add_group 'Models', 'app/models'
|
|
10
|
+
add_group 'Helpers', 'app/helpers'
|
|
11
|
+
add_group 'Libraries', 'lib'
|
|
12
|
+
add_group 'Plugins', 'vendor/plugins'
|
|
13
|
+
add_group 'Migrations', 'db/migrate'
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
require 'spork'
|
|
17
|
+
|
|
18
|
+
Spork.prefork do
|
|
19
|
+
# Set the default environment to sqlite3's in_memory database
|
|
20
|
+
ENV['RAILS_ENV'] ||= 'in_memory'
|
|
21
|
+
ENV['RAILS_ROOT'] = 'app_root'
|
|
22
|
+
|
|
23
|
+
# Load the Rails environment and testing framework
|
|
24
|
+
require "#{File.dirname(__FILE__)}/../config/environment"
|
|
25
|
+
#require "#{File.dirname(__FILE__)}/../../init" # for plugins
|
|
26
|
+
require 'rspec/rails'
|
|
27
|
+
|
|
28
|
+
RSpec.configure do |config|
|
|
29
|
+
config.use_transactional_fixtures = true
|
|
30
|
+
config.use_instantiated_fixtures = false
|
|
31
|
+
config.include RSpec::Rails::ControllerExampleGroup, :example_group => { :file_path => /controller(.)*_spec.rb$/ }
|
|
32
|
+
|
|
33
|
+
config.before(:suite) do
|
|
34
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/core")
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
config.after(:suite) do
|
|
38
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/core")
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
#----------------------------------------------------------------
|
|
43
|
+
# needed when running individual specs
|
|
44
|
+
require File.join(File.dirname(__FILE__), '..','app','models','user')
|
|
45
|
+
require File.join(File.dirname(__FILE__), '..','app','models','authentication')
|
|
46
|
+
|
|
47
|
+
class TestUser < ActiveRecord::Base
|
|
48
|
+
activate_sorcery!
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
class TestMailer < ActionMailer::Base
|
|
52
|
+
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
include ::Sorcery::TestHelpers
|
|
56
|
+
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
Spork.each_run do
|
|
60
|
+
# This code will be run each time you run your specs.
|
|
61
|
+
end
|